#include "CAService.h"#include <math.h>#include <openssl/md5.h>#include <Base64.h>#include <Digest.h>CAService casrv;void help(){	cout<<"---------CAService function : "<<endl;	cout<<"           1.Sign itself"<<endl;	cout<<"           2.Create user certificate"<<endl;	cout<<"           3.Revocate user certificate"<<endl;	cout<<"           4.Show information of users certificate issued"<<endl;	cout<<"           5.Get CRL"<<endl;	cout<<"           6.Handle RA request"<<endl;//	cout<<"           7.Update certificate"<<endl;//	cout<<"           8.Export certificate from certlist"<<endl;//	cout<<"           9.Disable a cert"<<endl;//	cout<<"           10.update cert status"<<endl;	cout<<"           7.Print cert content"<<endl;	cout<<"           8.Recover cert status"<<endl;	cout<<"           9.verify user's cert"<<endl;//	cout<<"---------Command : ca [env|initial|cuc|ruc|show|crl|listen|update|export|dcert|verify]"<<endl;	cout<<"---------Command : ca [env|initial|cuc|ruc|show|crl|listen|dcert|verify]"<<endl;//	cout<<"---------Command : ca [env_init|initial|cuc|ruc|show|crl|listen|update|export]"<<endl;	cout<<"---------example :"<<endl;	cout<<"           1.Sign itself ----> ca initial"<<endl;	cout<<"           2.Create usr certificate ----> ca cuc"<<endl;	cout<<"           3.Revocate user certification ----> ca ruc"<<endl;	cout<<"           4.Show information of users certifications issued ----> ca show"<<endl;	cout<<"           5.Get CRL ----> ca crl"<<endl;	cout<<"           6.Handle RA request ----> ca listen"<<endl;//	cout<<"           7.Update certificate ----> ca update"<<endl;//	cout<<"           8.Export certificate from certlist ----> ca export certlist.pem"<<endl;//	cout<<"           9.Disable a cert ----> ca dcert"<<endl;//	cout<<"           10.Update cert status ----> ca ucert"<<endl;	cout<<"           7.Print cert content ----> ca print"<<endl;	cout<<"           8.Recover cert status ----> ca dcert"<<endl;	cout<<"           9.verify user's cert ----> ca verify"<<endl;	cout<<"*********Comment :"<<endl;	cout<<"           if CA service is first used , please initial necessary environment"<<endl;	cout<<"           command : ca env"<<endl;	cout<<endl;	cout<<endl;	}void show(){	casrv.showInformation();}void freeResource(char* src){	if (src) {		free(src), src=NULL;	}}void initializeCA(){	struct stuSUBJECT rootinfo;	int days=0, bits=days;	int type = 0;	char* certFile = (char*) calloc(1,512);	char* priFile = (char*) calloc(1,512);	char countryName[4];	char province[4];	char localityName[12];	char organizationName[48];	char organizationalUnitName[24];	char commonName[12];	char mail[24];	char title[12];	char description[12];	char givenName[12];	char initials[12];	char name[12];	char surname[12];	char address[12];	cout<<"country name (china:cn USA:us):";	cin >> countryName;/*	cout<<"province : ";	cin >> province;	cout<<"locality : ";	cin >> localityName;*/	cout<<"organizationalUnit : ";	cin >> organizationName;	cout<<"organizationalUnitName : ";	cin >> organizationalUnitName;/*	cout<<"surname : ";	cin >> surname;*/	cout<<"common name : ";	cin >> commonName;	cout<<"email : ";	cin >> mail;/*	cout<<"title : ";	cin >> title;*/	memcpy(rootinfo.countryName, countryName, sizeof(countryName));	memcpy(rootinfo.province, province, sizeof(province));	memcpy(rootinfo.localityName, localityName, sizeof(localityName));	memcpy(rootinfo.organizationName, organizationName, sizeof(organizationName));	memcpy(rootinfo.organizationalUnitName, organizationalUnitName, sizeof(organizationalUnitName));	memcpy(rootinfo.commonName, commonName, sizeof(commonName));	memcpy(rootinfo.mail, mail, sizeof(mail));	memcpy(rootinfo.title, title, sizeof(title));	memcpy(rootinfo.surname, surname, sizeof(surname));	char *outMsg = (char*)calloc(1, 1024);	casrv.issueRootCertificate(outMsg, &rootinfo, 			atoi(casrv.readCAconfig("System", "keyLength").c_str()),			atoi(casrv.readCAconfig("System", "validPeriod").c_str()),			casrv.readCAconfig("System", "rootCertPath").c_str(),			casrv.readCAconfig("System", "rootKeyPath").c_str());	freeResource(certFile);	freeResource(priFile);	freeResource(outMsg);}void createUserCert(){	char *outfile = (char*)calloc(1,100);	char *outlist = (char*)calloc(1,100);	char *req = (char*)calloc(1, 100);	assert(outfile!=NULL);	assert(outlist!=NULL);	assert(req!=NULL);		cout << "please input following data : " <<endl;	cout << "reqest file name (default): ";	cin >> req;	cout << "cert type(user=0, gateway=1,administrator=3,operator=4) : ";	char type[10];	cin >> type;	cout << "output cert name: ";	cin >> outfile;	if (!strcmp(req, "default")) {		strcpy(req, "certreq.pem");	}		cout << "cert list name: ";	cin >> outlist;	if (atoi(type)==1) {		casrv.issueTerminalCertificate(outfile, req, GW_CERTIFICATE, outlist);	}	else if (atoi(type) == 0) {		casrv.issueTerminalCertificate(outfile, req, USER_CERTIFICATE, outlist);		}	else {		cout << "-------------> parameter error !" << endl;	}	if (outfile) delete outfile, outfile=NULL;	if (outlist) delete outlist, outlist=NULL;	if (req) delete req, req=NULL;}void listen(){	while (1) {		sleep(1);		CONTENT msg=casrv.getMessageCA();		casrv.sendMessageCA(msg);	}		casrv.freeComm();}void updateUserCertificate(){}void removeUserCertificate(){	int ch = 'y';	while (ch=='y') {		cout << "SerialNumber to be revoked : ";		char serialNumber[10];		memset(serialNumber, 0, 10);		cin>>serialNumber;		long tmp = atol(serialNumber);		if (!tmp) {			cout << "Invalid serialnumber , serialNumber can't equal to zero"<<endl;			ch = 0;		}		else {			cout << "Is this serialNumber to be revoked : "<<tmp<<" ,right (y/n) : ";			cin >> ch;		}		if (tolower(ch)=='y') {			casrv.removeUserCertificate(serialNumber);			ch = 0;		}		else {			cout << "Continue (y/n) ? ";			cin >> ch;			ch = tolower(ch);		}	}}void dcert(){	int ch = 'y';	while (ch=='y') {		cout << "SerialNumber to be recovered : ";		char serialNumber[10];		memset(serialNumber, 0, 10);		cin >> serialNumber ;		long tmp = atol(serialNumber);		if (!tmp) {			cout << "Invalid serialnumber , serialNumber can't equal to zero"<<endl;			ch = 0;		}		else {			cout << "Is this serialNumber to be recovered : "<<tmp<<" ,right (y/n) : ";			cin >> ch;		}		if (tolower(ch)=='y') {			casrv.deleteCertFromCRL(serialNumber);			ch = 0;		}		else {			cout << "Continue (y/n) ? ";			cin >> ch;			ch = tolower(ch);		}	}}void getCRL(){	char ch=0;	cout<<"would you want to save result to file (y/n) :";	cin >>ch;	if (ch=='y') {		cout<<"Filepath :";		char* filepath = (char*)calloc(1, 512);		assert(filepath!=NULL);		cin >> filepath;		FILE *fd=NULL;		if ((fd=fopen(filepath, "wb"))==NULL) {			cout<<"filepath : \""<<filepath<<"\" is not exist"<<endl;			return ;		}		string crl=casrv.getCRL();		if (crl!="") {			fwrite(crl.c_str(), crl.length(), 1, fd);		}		else {			cout << "reading crl fail ."<<endl;		}		fclose(fd);	}	else {		cout << casrv.getCRL()<<endl;	}}void disableCert(){	char* serialNumber=(char*)calloc(1, 10);	char* tmp = (char*)calloc(1, 10);	char ch=0;		assert(serialNumber!=NULL);	assert(tmp!=NULL);	while (1) {		cout<< "please input cert information "<<endl;		cout<< "cert serialnumber : ";		cin>> serialNumber;			long number = atol(serialNumber);		if (number>=pow(2.0, 32) || number<0) {			cout<<"to be unlawful serialnumber, please retry"<<endl;			getchar();			system("clear");			continue;		}			cout<< "is this cert to be disabled \" "<<serialNumber<< "\"(y/n)";		cin >>ch;			if (tolower(ch)=='y') {			casrv.insertCRL(serialNumber);			break;		}		else if (tolower(ch)=='n') {			cout<<"try to it (y/n) ?";			cin >> ch ;			if (tolower(ch)=='n') {				break;			}			for(int i=0;i<4;i++) {				cout<<endl;			}					}	}		if (serialNumber) free(serialNumber), serialNumber=NULL;	if (tmp) free(tmp), tmp=NULL;}void ucert(){	char* serialNumber=(char*)calloc(1, 10);	char* tmp = (char*)calloc(1, 10);	char ch=0;		assert(serialNumber!=NULL);	assert(tmp!=NULL);	while (1) {		cout<< "please input cert information "<<endl;		cout<< "cert serialnumber : ";		cin>> serialNumber;			long number = atol(serialNumber);		if (number>=pow(2.0, 32) || number<0) {			cout<<"to be unlawful serialnumber, please retry"<<endl;			getchar();			system("clear");			continue;		}			cout<< "is this cert to be updated\" "<<serialNumber<< "\"(y/n)";		cin >>ch;			if (tolower(ch)=='y') {			cout<<"do you want how to handle (0: del, 1:update)";			ch = 0;			cin>>ch;			if (ch==0x30) {				casrv.updateCRL(serialNumber);			}			else if (ch==0x31) {				casrv.updateCRL(serialNumber, "update");			}			else {				cout<<"input is unlawful, retry it (y/n)";				cin>>ch;				if (ch=='y') {					continue;				}							}			break;		}		else if (tolower(ch)=='n') {			cout<<"try to it (y/n) ?";			cin >> ch ;			if (tolower(ch)=='n') {				break;			}			for(int i=0;i<4;i++) {				cout<<endl;			}					}	}		if (serialNumber) free(serialNumber), serialNumber=NULL;	if (tmp) free(tmp), tmp=NULL;}void exportCertificateFromCertList(){	char* infile = (char*)calloc(1,512);	cout << "please input cert list path : ";	cin >> infile;	assert( infile!=NULL );	casrv.exportCertificateFromCertList(infile);	if (infile) free(infile), infile=NULL;}void initializeEnvironment(){	casrv.initializeEnvironment();}void initial(){	system("clear");	cout<<"*******************************************"<<endl;	cout<<"*                                         *"<<endl;	cout<<"*                                         *"<<endl;	cout<<"*          Welcome to use BOCO            *"<<endl;	cout<<"*                                         *"<<endl;	cout<<"*              Cert System                *"<<endl;	cout<<"*                                         *"<<endl;	cout<<"*******************************************"<<endl;	for(int i=0;i<3;i++)		cout<<endl;}void print(){	char* infile = (char*)calloc(1,512);	assert(infile!=NULL);	cout<<"Cert absolute path : ";	cin >> infile;	casrv.print(infile);		if (infile) free(infile), infile=NULL;}bool identify(){	cout << "Please input administrator information "<<endl;	char name[512];	char pwd[512];	unsigned char md5[MD5_DIGEST_LENGTH];	assert(name!=NULL);	assert(pwd!=NULL);	memset(name, 0, 512);	memset(pwd, 0, 512);		cout << "Name :";	cin >> name;	cout << "Password :";	cin >> pwd;	if (strcmp(casrv.readCAconfig("Shell", "Username").c_str(), name)) {		return false;	}	MD5_CTX c;	MD5_Init(&c);	unsigned char password[20]={0};	memcpy(password, pwd, strlen(pwd));	MD5_Update(&c, password, strlen(pwd));	MD5_Final(md5, &c);	EVP_ENCODE_CTX ctx;	EVP_EncodeInit(&ctx);	int len = 64;	unsigned char tmp[64];	EVP_EncodeUpdate(&ctx,tmp, &len, md5, 16);	EVP_EncodeFinal(&ctx, tmp, &len);		memset(pwd, 0, 512);	memcpy(pwd, tmp, len-1);	const char* cmp = casrv.readCAconfig("Shell", "Password").c_str();	if (strcmp(pwd, cmp)) {				cout << "pwd : "<<pwd<< "   len : " << strlen(pwd)<<endl;		for(int i=0; i<len;i++) 			printf("%02x", pwd[i]);		cout << "pwd : "<<cmp<< "   len : " << strlen(cmp)<<endl;		return false;	}	return true;}bool locateFile(char* filepath){	return casrv.locateFile(filepath);}void verify(){//	cout << "Absolute path of cert : ";	cout << "Cert path : ";	char path[512],filepath[512];	memset(path, 0, 512);	memset(filepath, 0, 512);	cin >> path ;	strcpy(filepath, path);	if (!locateFile(path)) {		return ;	}	string cert="";	FILE* fd=fopen(filepath, "r");	assert(fd != NULL);	while(!feof(fd)) {		char buf[512];		memset(buf, 0, 512);		fgets(buf, 512, fd);		cert.append(buf);	}	fclose(fd);	cout << casrv.verifyCertificate(cert) <<endl;}void hash(){	Digest di;	cout<<"password : ";	char password[50];	memset(password, 0, 50);	cin >> password;	Base64 b;	int len = 0;	unsigned char hash[50]={0};	memcpy(hash, password, strlen(password));	unsigned char *pt = di.hashString(hash, strlen(password));	pt = b.encode(pt, 16, &len);	memset(password, 0, 50);	memcpy(password, pt, len);	cout<< "hash : "<<password<<endl;}int main(int argc, char** argv){	system("clear");/*	if (!identify()) {		cout << "fatal error, you can't continue to use ." <<endl;		return 0;	}*/		initial();	if (argc==1) {		help();	}	else if (argc==2) {		if (!casrv.initializeConnect()) {			cout <<"to initialize connect fail "<<endl;			return 0;		}		if (!strcmp(argv[1], "help") || !strcmp(argv[1], "h")) {			help();		}		else if (!strcmp(argv[1], "listen")) {/*				pid_t pid = fork();				if (pid == -1 ){					cout << "it is fail to create process ." <<endl;				}				else if (!pid) {*/					listen();//				}		}		else if (!strcmp(argv[1], "initial")) {			initializeCA();		}		else if (!strcmp(argv[1], "ruc")) {			removeUserCertificate();		}		else if (!strcmp(argv[1], "crl")) {			getCRL();		}		else if (!strcmp(argv[1], "update")) {			updateUserCertificate();		}		else if (!strcmp(argv[1], "cuc")) {			createUserCert();		}		else if (!strcmp(argv[1], "export")) {			exportCertificateFromCertList();		}		else if (!strcmp(argv[1], "env")) {			initializeEnvironment();		}		else if (!strcmp(argv[1], "ucert")) {			ucert();		}		else if (!strcmp(argv[1], "dcert")) {			dcert();		}		else if (!strcmp(argv[1], "print")) {			print();		}		else if (!strcmp(argv[1], "hash")) {			hash();		}		else if (!strcmp(argv[1], "show")) {			show();		}		else if (!strcmp(argv[1], "verify")) {			verify();		}		casrv.shutdownConnect();	}	else {		cout << "********************************"<<endl;		cout << "*        usage is error        *"<<endl;		cout << "********************************"<<endl;		cout << endl;		cout << "please use command, \'ca -h\', to get help"<<endl;	}		return 1;}