示例 C 程序:列出存储中的证书
以下示例代码列出了系统证书 存储中的所有证书 ,以及使用者的名称以及其中每个 证书的所有证书上下文 属性。 该示例从用户获取证书存储的名称,因此可用于列出任何系统证书存储的内容。 此外,此示例演示如何使用两个新 UI 函数,一个显示证书,另一个 UI 允许用户从存储中的证书列表中选择证书。
此示例代码演示了以下任务和 CryptoAPI 函数:
- 使用 CertOpenSystemStore 打开系统存储。
- 在循环中,使用 CertEnumCertificatesInStore 枚举打开存储中的所有证书。
- 使用 CryptUIDlgViewContext 显示证书。
- 使用 CertGetNameString 获取证书使用者的名称。
- 在循环中,使用 CertEnumCertificateContextProperties 获取与证书关联的所有属性的属性标识符。
- 使用 CertGetCertificateContextProperty 获取每个属性。
- 显示存储中的证书列表,并允许用户使用 CryptUIDlgSelectCertificateFromStore 选择其中一个证书。
- 使用 CertCloseStore 关闭证书存储。
此示例使用 函数 MyHandleError。 此示例中包含此函数的代码。
此函数和其他辅助函数的代码也列在常规用途函数下。
以下示例演示如何枚举和显示存储中的证书。 若要编译此示例,必须将编译器配置为使用多字节字符集。
#include <stdio.h>
#include <windows.h>
#include <wincrypt.h>
#include <cryptuiapi.h>
#include <tchar.h>
#pragma comment (lib, "crypt32.lib")
#pragma comment (lib, "cryptui.lib")
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
void MyHandleError(char *s);
void main(void)
{
//-------------------------------------------------------------------
// Copyright (C) Microsoft. All rights reserved.
// This program lists all of the certificates in a system certificate
// store and all of the property identifier numbers of those
// certificates. It also demonstrates the use of two
// UI functions. One, CryptUIDlgSelectCertificateFromStore,
// displays the certificates in a store
// and allows the user to select one of them,
// The other, CryptUIDlgViewContext,
// displays the contents of a single certificate.
//-------------------------------------------------------------------
// Declare and initialize variables.
HCERTSTORE hCertStore;
PCCERT_CONTEXT pCertContext=NULL;
char pszNameString[256];
char pszStoreName[256];
void* pvData;
DWORD cbData;
DWORD dwPropId = 0;
// Zero must be used on the first
// call to the function. After that,
// the last returned property identifier is passed.
//-------------------------------------------------------------------
// Begin processing and Get the name of the system certificate store
// to be enumerated. Output here is to stderr so that the program
// can be run from the command line and stdout can be redirected
// to a file.
fprintf(stderr,"Please enter the store name:");
gets_s(pszStoreName, sizeof(pszStoreName));
fprintf(stderr,"The store name is %s.\n",pszStoreName);
//-------------------------------------------------------------------
// Open a system certificate store.
if ( hCertStore = CertOpenSystemStore(
NULL,
pszStoreName))
{
fprintf(stderr,"The %s store has been opened. \n",
pszStoreName);
}
else
{
// If the store was not opened, exit to an error routine.
MyHandleError("The store was not opened.");
}
//-------------------------------------------------------------------
// Use CertEnumCertificatesInStore to get the certificates
// from the open store. pCertContext must be reset to
// NULL to retrieve the first certificate in the store.
// pCertContext = NULL;
while(pCertContext= CertEnumCertificatesInStore(
hCertStore,
pCertContext))
{
//-------------------------------------------------------------------
// A certificate was retrieved. Continue.
//-------------------------------------------------------------------
// Display the certificate.
if ( CryptUIDlgViewContext(
CERT_STORE_CERTIFICATE_CONTEXT,
pCertContext,
NULL,
NULL,
0,
NULL))
{
// printf("OK\n");
}
else
{
MyHandleError("UI failed.");
}
if(CertGetNameString(
pCertContext,
CERT_NAME_SIMPLE_DISPLAY_TYPE,
0,
NULL,
pszNameString,
128))
{
printf("\nCertificate for %s \n",pszNameString);
}
else
fprintf(stderr,"CertGetName failed. \n");
//-------------------------------------------------------------------
// Loop to find all of the property identifiers for the specified
// certificate. The loop continues until
// CertEnumCertificateContextProperties returns zero.
while(dwPropId = CertEnumCertificateContextProperties(
pCertContext, // The context whose properties are to be listed.
dwPropId)) // Number of the last property found.
// This must be zero to find the first
// property identifier.
{
//-------------------------------------------------------------------
// When the loop is executed, a property identifier has been found.
// Print the property number.
printf("Property # %d found->", dwPropId);
//-------------------------------------------------------------------
// Indicate the kind of property found.
switch(dwPropId)
{
case CERT_FRIENDLY_NAME_PROP_ID:
{
printf("Display name: ");
break;
}
case CERT_SIGNATURE_HASH_PROP_ID:
{
printf("Signature hash identifier ");
break;
}
case CERT_KEY_PROV_HANDLE_PROP_ID:
{
printf("KEY PROVE HANDLE");
break;
}
case CERT_KEY_PROV_INFO_PROP_ID:
{
printf("KEY PROV INFO PROP ID ");
break;
}
case CERT_SHA1_HASH_PROP_ID:
{
printf("SHA1 HASH identifier");
break;
}
case CERT_MD5_HASH_PROP_ID:
{
printf("md5 hash identifier ");
break;
}
case CERT_KEY_CONTEXT_PROP_ID:
{
printf("KEY CONTEXT PROP identifier");
break;
}
case CERT_KEY_SPEC_PROP_ID:
{
printf("KEY SPEC PROP identifier");
break;
}
case CERT_ENHKEY_USAGE_PROP_ID:
{
printf("ENHKEY USAGE PROP identifier");
break;
}
case CERT_NEXT_UPDATE_LOCATION_PROP_ID:
{
printf("NEXT UPDATE LOCATION PROP identifier");
break;
}
case CERT_PVK_FILE_PROP_ID:
{
printf("PVK FILE PROP identifier ");
break;
}
case CERT_DESCRIPTION_PROP_ID:
{
printf("DESCRIPTION PROP identifier ");
break;
}
case CERT_ACCESS_STATE_PROP_ID:
{
printf("ACCESS STATE PROP identifier ");
break;
}
case CERT_SMART_CARD_DATA_PROP_ID:
{
printf("SMART_CARD DATA PROP identifier ");
break;
}
case CERT_EFS_PROP_ID:
{
printf("EFS PROP identifier ");
break;
}
case CERT_FORTEZZA_DATA_PROP_ID:
{
printf("FORTEZZA DATA PROP identifier ");
break;
}
case CERT_ARCHIVED_PROP_ID:
{
printf("ARCHIVED PROP identifier ");
break;
}
case CERT_KEY_IDENTIFIER_PROP_ID:
{
printf("KEY IDENTIFIER PROP identifier ");
break;
}
case CERT_AUTO_ENROLL_PROP_ID:
{
printf("AUTO ENROLL identifier. ");
break;
}
} // End switch.
//-------------------------------------------------------------------
// Retrieve information on the property by first getting the
// property size.
// For more information, see CertGetCertificateContextProperty.
if(CertGetCertificateContextProperty(
pCertContext,
dwPropId ,
NULL,
&cbData))
{
// Continue.
}
else
{
// If the first call to the function failed,
// exit to an error routine.
MyHandleError("Call #1 to GetCertContextProperty failed.");
}
//-------------------------------------------------------------------
// The call succeeded. Use the size to allocate memory
// for the property.
if(pvData = (void*)malloc(cbData))
{
// Memory is allocated. Continue.
}
else
{
// If memory allocation failed, exit to an error routine.
MyHandleError("Memory allocation failed.");
}
//----------------------------------------------------------------
// Allocation succeeded. Retrieve the property data.
if(CertGetCertificateContextProperty(
pCertContext,
dwPropId,
pvData,
&cbData))
{
// The data has been retrieved. Continue.
}
else
{
// If an error occurred in the second call,
// exit to an error routine.
MyHandleError("Call #2 failed.");
}
//---------------------------------------------------------------
// Show the results.
printf("The Property Content is %d \n", pvData);
//----------------------------------------------------------------
// Free the certificate context property memory.
free(pvData);
} // End inner while.
} // End outer while.
//-------------------------------------------------------------------
// Select a new certificate by using the user interface.
if(!(pCertContext = CryptUIDlgSelectCertificateFromStore(
hCertStore,
NULL,
NULL,
NULL,
CRYPTUI_SELECT_LOCATION_COLUMN,
0,
NULL)))
{
MyHandleError("Select UI failed." );
}
//-------------------------------------------------------------------
// Clean up.
CertFreeCertificateContext(pCertContext);
CertCloseStore(hCertStore,0);
printf("The function completed successfully. \n");
} // End of main.
void MyHandleError(LPTSTR psz)
{
_ftprintf(stderr, TEXT("An error occurred in the program. \n"));
_ftprintf(stderr, TEXT("%s\n"), psz);
_ftprintf(stderr, TEXT("Error number %x.\n"), GetLastError());
_ftprintf(stderr, TEXT("Program terminating. \n"));
exit(1);
} // End of MyHandleError.