使用非託管C++訪問X509證書存儲

Question

有誰知道我將如何使用非託管 C++，即通過指紋從X509證書存儲中查詢證書，來執行與下面的C＃代碼等價的操作？

 var store = new X509Store(StoreName.My, StoreLocation.LocalMachine); 

     store.Open(OpenFlags.ReadOnly); 

     var allCerts = store.Certificates; 

     foreach (var certificate in from X509Certificate2 certificate in allCerts 
            where certificate.Thumbprint != null 
             && certificate.Thumbprint.Equals(thumbprint, StringComparison.OrdinalIgnoreCase) 
            select certificate) 
     { 
      return certificate; 
     } 

在此先感謝

戴夫

Answer 1

爲了完成你想要什麼，你都不得不考慮在Win32 CryptAPI庫。它不會像.NET一樣簡單。看看CertOpenStore和CertFindCertificateInStore。

您需要打開一個證書存儲並將其傳遞到CertFindCertificateStore，創建一個結構來存放您想用來查找證書的任何標準。您可以使用序列號，簽名等

HCERTSTORE hSysStore = NULL; 
    PCCERT_CONTEXT pDesiredCert = NULL; 
if(hSysStore = CertOpenStore(
    CERT_STORE_PROV_SYSTEM,   // The store provider type 
    0,        // The encoding type is 
            // not needed 
    NULL,       // Use the default HCRYPTPROV 
    CERT_SYSTEM_STORE_CURRENT_USER, // Set the store location in a 
            // registry location 
    L"MY"       // The store name as a Unicode 
            // string 
    )) 
{ 
    //We have our store, let's do stuff with it 
    if (pDesiredCert = CertFindCertificateInStore(.....) { ..... } 
} 
else 
{ 
    //Error stuff 
} 

您需要#include <Wincrypt.h>和#include <windows.h>