Put a great god this code each annotation, I learn Java, c is not very good-CodePudding

/* * * *
*
*
*
* */
# include & lt; Openssl/bio. H>
# include & lt; Openssl/x509. H>
# include & lt; Openssl/pkcs7. H>
# include & lt; Openssl/x509_vfy. H>
# include & lt; Openssl/ossl_typ. H>
# include "jni. H"
# include "ntsc_log. H"
# include & lt; Openssl/pem. H>

//int ntsc_verify_x509_certificate (X509 * userCert, X509 * rootCert);
Int ntsc_verify_x509_certificate (X509 * userCert, X509 * rootCert, X509_CRL * pCrlCert);
X509 * ntsc_get_root_certficate (const char * pRootCertPath);
PKCS7 * ntsc_get_app_certficate (const char * pAppCertName);
X509_CRL * ntsc_get_crl_certficate (const char * pCrlCertName);

Env JNIEXPORT jboolean certVerify (JNIEnv *, jobject thiz, jstring appCertName, jstring rootCertName, jstring crlCertName)
{

Const char * pAppCertName=NULL;
Const char * pRootCertName=NULL;
Const char * pCrlCertName=NULL;
Char * modulus=NULL;
X509 * pAppX509Cert=NULL;
X509 * pRootCert=NULL;
X509_CRL * pX509CrlCert=NULL;

PAppCertName=(* env) - & gt; GetStringUTFChars (env, appCertName, 0);
PRootCertName=(* env) - & gt; GetStringUTFChars (env, rootCertName, 0);
PCrlCertName=(* env) - & gt; GetStringUTFChars (env, crlCertName, 0);

If ((NULL==pAppCertName) | | (NULL==pRootCertName) | | (NULL==pCrlCertName))
{
LOGE (" certVerify param is null!" );
return 0;
}

PKCS7 * pAppPK7Cert=ntsc_get_app_certficate (pAppCertName);
If (NULL==pAppPK7Cert)
{
(* env) - & gt; ReleaseStringUTFChars (env, appCertName pAppCertName);
(* env) - & gt; ReleaseStringUTFChars (env, rootCertName pRootCertName);
return 0;
}

PAppX509Cert=sk_X509_pop (pAppPK7Cert - & gt; D.s ign - & gt; Cert);
PRootCert=ntsc_get_root_certficate (pRootCertName);
PX509CrlCert=ntsc_get_crl_certficate (pCrlCertName);

If (NULL==pX509CrlCert)
{
LOGE (" pX509Cert is null!" );
return 0;
}

Int result=ntsc_verify_x509_certificate (pAppX509Cert pRootCert, pX509CrlCert);

//LOGD (" -- -- & gt; % d ", result);

If (NULL!=pX509CrlCert)
{
X509_CRL_free (pX509CrlCert);
PX509CrlCert=NULL;
}

If (NULL!=pRootCert)
{
X509_free (pRootCert);
PRootCert=NULL;
PAppX509Cert=NULL;
}

If (NULL!=pAppPK7Cert)
{
PKCS7_free (pAppPK7Cert);
PAppPK7Cert=NULL;
}

/* free */memory
(* env) - & gt; ReleaseStringUTFChars (env, appCertName pAppCertName);
(* env) - & gt; ReleaseStringUTFChars (env, rootCertName pRootCertName);
(* env) - & gt; ReleaseStringUTFChars (env, crlCertName pCrlCertName);

Return result (==1)? 1-0.
}

/* * *
*
* ntsc_get_app_certficate ()
*
* */

X509_CRL * ntsc_get_crl_certficate (const char * pCrlCertName)
{

X509_CRL * pCrlCert=NULL;
If (NULL==pCrlCertName)
{
LOGE (" ntsc_get_crl_certficate input param is null \ n ");
return NULL;
}

The FILE * fp.
if (! (fp=fopen (pCrlCertName, "rb")))
{
Fprintf (stderr, "Error reading input the CRL file \ n");
LOGE (" ntsc_get_crl_certficate Error reading input the CRL file \ n ");
return NULL;
}

PCrlCert=d2i_X509_CRL_fp (fp, NULL);

The fclose (fp);

Return pCrlCert;
}

/* * *
*
* ntsc_get_app_certficate ()
*
* */

PKCS7 * ntsc_get_app_certficate (const char * pAppCertName)
{
If (NULL==pAppCertName)
{
LOGE (" ntsc_get_app_certficate input param is null \ n ");
return NULL;
}

The FILE * fp.
if (! (fp=fopen (pAppCertName, "rb")))
{
Fprintf (stderr, "Error reading input pkcs7 file \ n");
LOGE (" ntsc_get_app_certficate Error reading input pkcs7 file \ n ");
return NULL;
}

PKCS7 * PKCS7=d2i_PKCS7_fp (fp, NULL);
//X509 * cert=sk_X509_pop (pkcs7 - & gt; D.s ign - & gt; Cert);

The fclose (fp);

Return pkcs7;

}

X509 * ntsc_get_root_certficate (const char * pRootCertPath)
{
X509 * pRootCert=NULL;
BIO * pBIO=NULL;

If (NULL==pRootCertPath)
{
return NULL;
}

PBIO=BIO_new_file (pRootCertPath, "r");
PRootCert=PEM_read_bio_X509 (pBIO, NULL, NULL, NULL);

BIO_free (pBIO);
//X509_free (pRootCert);

Return pRootCert;
}

Int ntsc_verify_x509_certificate (X509 * userCert, X509 * rootCert, X509_CRL * pCrlCert)
{

X509_STORE * pCertChain=NULL;//to store the root certificate chain
X509_STORE_CTX * pXStoreCtx=NULL;
X509 * pRootCert=NULL;
X509 * pUserCert=NULL;
Int res=1;

nullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnull