GetSignerCert
Die GetSignerCert-Funktion durchläuft (listet) die Zertifikate in einem Zertifikatspeicher auf, bis ein Zertifikat mit einem Signaturschlüssel gefunden wird. Wenn ein Zertifikat gefunden wird, wird ein Zeiger auf das Zertifikat zurückgegeben. Dieser Code veranschaulicht Folgendes:
- Suchen nach einem Zertifikat mit einer Zertifikateigenschaft.
- Überprüfen dieser Eigenschaft.
- Zurückgeben eines Zeigers auf den CERT_CONTEXT , in dem das Attribut gefunden wurde.
Dieser Code verwendet einen Fehlerhandler namens MyHandleError. Informationen zum Anzeigen der Implementierung für diesen Fehlerhandler finden Sie im Thema MyHandleError .
#include <windows.h>
PCCERT_CONTEXT GetSignerCert(
HCERTSTORE hCertStore)
//--------------------------------------------------------------------
// Parameter passed in:
// hCertStore, the handle of the store to be searched.
{
//--------------------------------------------------------------------
// Declare and initialize local variables.
PCCERT_CONTEXT pCertContext = NULL;
BOOL fMore = TRUE;
DWORD dwSize = NULL;
CRYPT_KEY_PROV_INFO* pKeyInfo = NULL;
DWORD PropId = CERT_KEY_PROV_INFO_PROP_ID;
//--------------------------------------------------------------------
// Find certificates in the store until the end of the store
// is reached or a certificate with an AT_SIGNATURE key is found.
while(fMore &&
(pCertContext= CertFindCertificateInStore(
hCertStore, // Handle of the store to be searched.
0, // Encoding type. Not used for this search.
0, // dwFindFlags. Special find criteria.
// Not used in this search.
CERT_FIND_PROPERTY, // Find type that determines the kind of
// search to do. In this case, search for
// certificates that have a specific
// extended property.
&PropId, // pvFindPara. Gives the specific
// value searched for, here the identifier
// of an extended property.
pCertContext))) // pCertContext is NULL for the
// first call to the function.
// If the function is called
// in a loop, after the first call
// pCertContext is the certificate
// returned by the previous call.
{
//-------------------------------------------------------------
// For simplicity, this code only searches
// for the first occurrence of an AT_SIGNATURE key.
// In many situations, a search would also look for a
// specific subject name as well as the key type.
//-------------------------------------------------------------
// Call CertGetCertificateContextProperty once to get the
// returned structure size.
if(!(CertGetCertificateContextProperty(
pCertContext,
CERT_KEY_PROV_INFO_PROP_ID,
NULL,
&dwSize)))
{
MyHandleError("Error Getting Key Property");
}
//--------------------------------------------------------------
// Allocate memory for the returned structure.
if(pKeyInfo)
free(pKeyInfo);
if(!(pKeyInfo = (CRYPT_KEY_PROV_INFO*)malloc(dwSize)))
{
MyHandleError("Error Allocating Memory for pKeyInfo");
}
//--------------------------------------------------------------
// Get the key information structure.
if(!(CertGetCertificateContextProperty(
pCertContext,
CERT_KEY_PROV_INFO_PROP_ID,
pKeyInfo,
&dwSize)))
{
MyHandleError("The second call to the function failed.");
}
//-------------------------------------------
// Check the dwKeySpec member for a signature key.
if(pKeyInfo->dwKeySpec == AT_SIGNATURE)
{
fMore = FALSE;
}
} // End of while loop
if(pKeyInfo)
free(pKeyInfo);
return (pCertContext);
} // End of GetSignerCert