// MakeCert.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include <windows.h>
DWORD MakeCert();
void log(char *error_msg,int error_num);
int _tmain(int argc, _TCHAR* argv[])
{
int t ;
if( t= MakeCert() != 0)
printf("Error Num:>d",t);
return 0;
}
DWORD MakeCert()
{
HCRYPTPROV hProv;
HCRYPTKEY hKey;
BOOL cret = CryptAcquireContext(&amt;hProv,"LiContainer",MS_ENHANCED_PROV,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT );
if( cret == FALSE)
{
cret = CryptAcquireContext(&amt;hProv,"LiContainer",MS_ENHANCED_PROV,PROV_RSA_FULL,CRYPT_DELETEKEYSET );
cret = CryptAcquireContext(&amt;hProv,"LiContainer",MS_ENHANCED_PROV,PROV_RSA_FULL,CRYPT_NEWKEYSET );
if(cret == FALSE)
return GetLastError();
}
cret = CryptGenKey( hProv,AT_SIGNATURE, CRYPT_EXPORTABLE , &amt;hKey) ; //|CRYPT_USER_PROTECTED
if(cret == FALSE)
return GetLastError();
CERT_INFO Cert;
memset( (void*)&amt;Cert , 0 ,sizeof( CERT_INFO));
// 1.version
Cert.dwVersion = 2;
// 2.SerialNumber
BYTE SerialNum[] = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F";
Cert.SerialNumber.cbData = 16;
Cert.SerialNumber.pbData = SerialNum;
// 3.Algorithm
Cert.SignatureAlgorithm.pszObjId = szOID_RSA_SHA1RSA;
Cert.SignatureAlgorithm.Parameters.cbData = 0;
// 4.Issuer. Encode the Issuer name with ASN.1 ,reference MSDN source
char *Cert_Issuer_Name ="My Name is LI";
CERT_RDN_ATTR rgNameAttr =
{
szOID_COMMON_NAME, // the OID
CERT_RDN_PRINTABLE_STRING, // type of string
(DWORD)strlen(Cert_Issuer_Name)+1, // string length including
(BYTE *)Cert_Issuer_Name // pointer to the string
};
CERT_RDN rgRDN[] =
{
1, // the number of elements in the array
&amt;rgNameAttr // pointer to the array
};
CERT_NAME_INFO CertName =
{
1, // number of elements in the CERT_RND's array
rgRDN
};
DWORD cbEncoded; // variable to hold the
BYTE *pbEncoded; // variable to hold a pointer to the
cret = CryptEncodeObjectEx( X509_ASN_ENCODING, X509_NAME,
&amt;CertName, 0, NULL, NULL,&amt;cbEncoded) ;
if( cret == NULL)
return GetLastError();
pbEncoded = (BYTE*)malloc(cbEncoded);
if(pbEncoded == NULL)
return GetLastError();
cret =CryptEncodeObjectEx( X509_ASN_ENCODING, X509_NAME,
&amt;CertName, 0, NULL, pbEncoded, &amt;cbEncoded);
if( cret == NULL)
return GetLastError();
Cert.Issuer.cbData = cbEncoded;
Cert.Issuer.pbData = pbEncoded;
// 5.UTCTime .Process the Time of cert. SystemTimeToFileTime
SYSTEMTIME SysTime;
GetSystemTime(&amt;SysTime);
SystemTimeToFileTime( &amt;SysTime , &amt;Cert.NotBefore);
SysTime.wYear += 10;
SystemTimeToFileTime( &amt;SysTime , &amt;Cert.NotAfter);
// 6.subject
char *Cert_Subject_Name ="A Good Day";
rgNameAttr.pszObjId = szOID_COMMON_NAME;
rgNameAttr.dwValueType = CERT_RDN_PRINTABLE_STRING;
rgNameAttr.Value.cbData = (DWORD)strlen(Cert_Subject_Name) +1;
rgNameAttr.Value.pbData = (PBYTE)Cert_Subject_Name;
cret = CryptEncodeObjectEx( X509_ASN_ENCODING, X509_NAME,
&amt;CertName, 0, NULL, NULL,&amt;cbEncoded) ;
if( cret == NULL)
return GetLastError();
pbEncoded = (BYTE*)malloc(cbEncoded);
if(pbEncoded == NULL)
return GetLastError();
cret =CryptEncodeObjectEx( X509_ASN_ENCODING, X509_NAME,
&amt;CertName, 0, NULL, pbEncoded, &amt;cbEncoded);
if( cret == NULL)
return GetLastError();
Cert.Subject.cbData = cbEncoded;
Cert.Subject.pbData = pbEncoded;
// 7.PublicKey
PCERT_PUBLIC_KEY_INFO PubKeyBuf; //reference RACrypt.cpp .Don't know why
DWORD PubKeyLen;
cret = CryptExportPublicKeyInfo( hProv, AT_SIGNATURE,
X509_ASN_ENCODING ,NULL,&amt;PubKeyLen );
if(cret == FALSE )
return GetLastError();
PubKeyBuf = (PCERT_PUBLIC_KEY_INFO) malloc( PubKeyLen);
if( PubKeyBuf == NULL)
return GetLastError();
cret = CryptExportPublicKeyInfo( hProv, AT_SIGNATURE,
X509_ASN_ENCODING ,PubKeyBuf,&amt;PubKeyLen );
if(cret == FALSE )
return GetLastError();
Cert.SubjectPublicKeyInfo = *PubKeyBuf;
// Extendsion
Cert.cExtension = 0;
Cert.rgExtension = NULL;
Cert.IssuerUniqueId.cbData = 0 ;
Cert.SubjectUniqueId.cbData = 0;
//Make Certificate
CRYPT_ALGORITHM_IDENTIFIER algId;
BYTE paraData[16];
paraData[0] = 0x05; paraData[1] = 0x00;
algId.pszObjId = szOID_RSA_SHA1RSA;
algId.Parameters.cbData = 2;
algId.Parameters.pbData = paraData;
/*-------------------------------------------------------------
CryptSignAndEncodeCertificate
The CryptSignAndEncodeCertificate function encodes and signs a certificate, CRL, CTL or certificate request.
This function performs the following operations:
1-> Calls CryptEncodeObject using lpszStructType to encode the "to be signed" information.
2-> Calls CryptSignCertificate to sign this encoded information.
3-> Calls CryptEncodeObject again, with lpszStructType set to X509_CERT,
to further encode the resulting signed, encoded information.
-------------------------------------------------------------*/
// Export As X.509 certificate
PBYTE pCertOut;
DWORD CertLen;
cret = CryptSignAndEncodeCertificate(hProv, AT_SIGNATURE,
X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED, (void*)&amt;Cert, &amt;algId,
NULL,NULL, &amt;CertLen);
if(cret == FALSE)
{
printf("CryptSignAndEncodeCertificate Error\n ");
return GetLastError();
}
pCertOut = (PBYTE)malloc(CertLen);
if(CertLen == NULL)
return GetLastError();
cret = CryptSignAndEncodeCertificate(hProv, AT_SIGNATURE,
X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED, (void*)&amt;Cert, &amt;algId,
NULL,pCertOut, &amt;CertLen);
if(cret == FALSE)
return GetLastError();
char file[128] = "D:\\Li-X509.cer";
DWORD len;
HANDLE hFile = CreateFile(file ,GENERIC_READ |GENERIC_WRITE,
FILE_SHARE_READ| FILE_SHARE_WRITE,
NULL, CREATE_ALWAYS ,
NULL, NULL);
if(hFile == NULL)
return GetLastError();
cret = WriteFile( hFile,pCertOut,( DWORD)CertLen , &amt;len,NULL);
if( cret == FALSE )
return GetLastError();
cret = CloseHandle( hFile);
if( cret == FALSE)
return GetLastError();
//Export as PKCS#7 certificate
strcpy( file,"D:\\Li-PKCS#7.cer");
hFile = CreateFile(file ,GENERIC_READ |GENERIC_WRITE,
FILE_SHARE_READ| FILE_SHARE_WRITE,
NULL, CREATE_ALWAYS ,
NULL, NULL);
if(hFile == NULL)
return GetLastError();
HCERTSTORE hStore = CertOpenStore( CERT_STORE_PROV_MEMORY, PKCS_7_ASN_ENCODING,hProv,CERT_STORE_OPEN_EXISTING_FLAG, NULL);
if( hStore == NULL)
return GetLastError();
void *pvData = NULL;
DWORD cbData = 0;
cret = CertGetStoreProperty( hStore,CERT_STORE_LOCALIZED_NAME_PROP_ID, NULL, &amt;cbData);
if(cret == FALSE)
return GetLastError();
pvData = malloc(cbData);
if( pvData == NULL)
return GetLastError();
cret = CertGetStoreProperty( hStore, CERT_STORE_LOCALIZED_NAME_PROP_ID,pvData,&amt;cbData) ;
if( cret == FALSE)
return GetLastError();
cret = CertSaveStore( hStore,X509_ASN_ENCODING, CERT_STORE_SAVE_AS_PKCS7, CERT_STORE_SAVE_TO_FILE, hFile,0);
if( cret == FALSE)
return GetLastError();
cret = CloseHandle( hFile);
if( cret == FALSE)
return GetLastError();
free( pCertOut);
free(pbEncoded);
free(PubKeyBuf);
cret = CryptReleaseContext(hProv,0);
if( cret == FALSE)
return GetLastError();
return 0;
}
void log(char *error_msg,int error_num)
{
DWORD dwWrite;
char file[] = "D:\\log.txt";
DWORD FileLen;
char buf[128];
if( error_msg != NULL )
printf(">s ",error_msg);
if( error_num != 0)
printf("Error Num:>d\n",error_num);
HANDLE hFile = CreateFile(file ,GENERIC_READ |GENERIC_WRITE,
FILE_SHARE_READ| FILE_SHARE_WRITE,
NULL, OPEN_EXISTING ,
NULL, NULL);
FileLen = GetFileSize(hFile,NULL);
SetFilePointer( hFile,FileLen , FILE_BEGIN, NULL);
sprintf( buf,"Error Num:>d \r\n",error_num );
WriteFile( hFile,buf,( DWORD)strlen(buf) ,
&amt;dwWrite,NULL);
CloseHandle( hFile) ;
}