VC ++ network security programming example (1)-digital certificate validity period Verification

Digital Certificates are a series of data that mark the identity information of all parties in Internet communications. They provide a way to verify your identity on the Internet, its function is similar to the driver's driving license or ID card in daily life. It is issued by an authority-Ca, also known as the certificate authorit y center. People can use it online to identify each other. A digital certificate is a file digitally signed by the certificate authorization center that contains information about the public key owner and the public key. The simplest certificate contains a public key, name, and digital signature of the certificate authorization center. Generally, the certificate includes the valid time of the key, the name of the issuing authority (Certificate Authority), the serial number of the certificate, and other information. The certificate format follows
Itut X.509 International Standard
A standard X.509 digital certificate contains the following:
The version of the certificate;
The serial number of the Certificate. Each certificate has a unique serial number;
Signature used by the certificateAlgorithm;
The name of the Certificate Issuer. The naming rules are generally in the X.500 format;
The validity period of the Certificate. Currently, general-purpose certificates generally use the UTC time format. Its timing range is 1950-2049;
Name of the certificate owner. The naming rules are generally in the X.500 format;
Public Key of the certificate owner;
Certificate Issuer's signature to the certificate

 

CodeFor the analysis, see the source code.

 

# Ifndef _ win32_winnt <br/> # DEFINE _ win32_winnt 0x0400 <br/> # endif </P> <p> # include <stdio. h> <br/> # include <windows. h> <br/> # include <wincrypt. h> <br/> # define my_encoding_type (pkcs_7_asn_encoding | x509_asn_encoding) <br/> void handleerror (char * s); </P> <p> void main (void) <br/>{< br/> // declare <br/> // variable declaration and initialization <br/> hcertstore hsystemstore; <br/> pccert_context ptargetcert = NULL; <br/> pcert_info ptargetcertinfo; <br/> char szsubjectname [] = "China-Wuhan-ruanou"; <br/> // certificate Object Name, ensure that this certificate is valid in the certificate library </P> <p>/strong <br/> // open the system certificate library <br/> If (hsystemstore = certopenstore (< br/> cert_store_prov_system, // system certificate library <br/> 0, // encoding type, not required here <br/> null, // use the default CSP <br/> cert_system_store_current_user, // system library storage location <br/> L "my") // system library name <br/> {<br/> printf ("system certificate library opened successfully. my certificate library has been opened. \ n "); <br/>}< br/> else <br/> {<br/> handleerror (" An error occurred while opening the root certificate library. "); <br/>}< br/> // certificate <br/> // query the certificate in the system certificate library </P> <p> If (ptargetcert = certfindcertificateinstore (<br /> hsystemstore, // certificate store handle, system certificate store <br/> my_encoding_type, // encoding type <br/> 0, // flag spaces are not required <br/> cert_find_subject_str_a, // search criteria: Certificate Object Name: szsubjectname <br/> szsubjectname, // certificate object name <br/> ptargetcert) // The last found certificate, first search, search for <br/> {<br/> printf ("This certificate is found. \ n "); <br/>}< br/> else <br/> {<br/> handleerror (" the required certificate cannot be found. "); <br/>}< br/> // certificate <br/> // certificate validity period verification </P> <p> ptargetcertinfo = ptargetcert-> pcertinfo; <br/> switch (certverifytimevalidity (<br/> null, // use the current time <br/> ptargetcertinfo )) // certificate pointer to Verify validity period <br/>{< br/> case-1: <br/>{< br/> printf ("the certificate is invalid. \ n "); <br/> break; <br/>}< br/> case 1: <br/>{< br/> printf (" the certificate has expired. \ n "); <br/> break; <br/>}< br/> case 0: <br/>{< br/> printf (" valid certificate time. \ n "); <br/> break; <br/>}< br/>}; <br/> //-----------------