C #. Net Digital Certificate read certificates in PKCS12 format

Source: Internet
Author: User
Tags crypt pkcs12 pfx file

With the promulgation of the Electronic Signature Law, digital certificates are widely used. In general applications, we install PKCS12 certificates in the system. Select an appropriate certificate when accessing an application (such as a webpage or email. We can also use programming to directly read the Certificate file. The following describes how to use. Net to read digital certificates.

 

To read a certificate in PKCS12 format, we need to call the API. In the Win32 class, we declare the reference of these Apis:

1 using system;
2 using system. runtime. interopservices;
3
4 namespace x509cert
5 {
6
7 public class Win32
8 {
9 Public const uint crypt_user_keyset = 0x00001000;
10 public const uint cert_key_prov_info_prop_id = 0x00000002;
11 Public const uint crypt_deletekeyset = 0x00000010;
12
13 [dllimport ("crypt32.dll", setlasterror = true)]
14 public static extern intptr pfximportcertstore (ref crypt_data_blob ppfx, [financialas (unmanagedtype. lpwstr)] string szpassword, uint dwflags );
15
16 [dllimport ("crypt32.dll", entrypoint = "certenumcertificatesinstore", charset = charset. Auto, setlasterror = true)]
17 public static extern intptr certenumcertificatesinstore (intptr storeprovider, intptr prevcertcontext );
18
19 [dllimport ("crypt32.dll", charset = charset. Auto, setlasterror = true)]
20 public static extern bool certgetcertificatecontextproperty (intptr pcertcontext, uint dwpropid, intptr pvdata, ref uint parse data );
21
22 [dllimport ("advapi32.dll", entrypoint = "cryptacquirecontext", charset = charset. Auto, setlasterror = true)]
23 public static extern bool cryptacquirecontext (ref intptr phprov, string szcontainer, string szprovider, uint dwprovtype, uint dwflags );
24
25 [structlayout (layoutkind. Sequential)]
26 public struct crypt_data_blob {
27 public int cbdata;
28 public intptr pbdata;
29}
30
31 [structlayout (layoutkind. Sequential)]
32 public struct crypt_key_prov_info {
33
34 [financialas (unmanagedtype. lpwstr)]
35 Public String containername;
36
37 [financialas (unmanagedtype. lpwstr)]
38 public string provname;
39
40 public uint provtype;
41
42 Public uint flags;
43
44 public uint provparam;
45
46 Public intptr rgprovparam;
47
48 Public uint keyspec;
49
50}
51
52 public Win32 ()
53 {
54 //
55 // todo: add the constructor logic here
56 //
57}
58}
59}
60

Then write a read method in the CERT class to read the certificate. Note: The pfx file may contain several certificates.

 

1 using system;
2 using system. IO;
3 using system. runtime. interopservices;
4 using system. Security. cryptography. x509certificates;
5
6 namespace x509cert
7 {
8/** // <summary>
9 // a summary of cert.
10 /// </Summary>
11 public class cert
12 {
13 public CERT ()
14 {
15 //
16 // todo: add the constructor logic here
17 //
18}
19 public static system. Security. cryptography. x509certificates. x509certificate [] Read (string filename, string password ){
20
21 // open the Certificate file and read it into a byte array.
22 filestream stream = new filestream (filename, filemode. Open );
23 byte [] buffer = new byte [stream. Length];
24 stream. Read (buffer, 0, buffer. Length );
25 stream. Close ();
26
27 // declare and instantiate win32.crypt _ data_blob to copy the byte array to its pbdata attribute. Assign the length of the byte array to the cbdata attribute.
28 win32.crypt _ data_blob cryptdata = new win32.crypt _ data_blob ();
29 cryptdata. cbdata = buffer. length;
30 cryptdata. pbdata = marshal. allochglobal (cryptdata. cbdata );
31 marshal. Copy (buffer, 0, cryptdata. pbdata, buffer. Length );
32 intptr hmemstore = win32.pfximportcertstore (ref cryptdata, "1234", win32.crypt _ user_keyset );
33 marshal. freehglobal (cryptdata. pbdata );
34
35 uint provinfosize = 0;
36 win32.crypt _ key_prov_info certinfo = new win32.crypt _ key_prov_info ();
37
38 system. Collections. arraylist certs = new system. Collections. arraylist ();
39
40 intptr certhandle = intptr. zero;
41 while (certhandle = win32.certenumcertificatesinstore (hmemstore, certhandle ))! = Intptr. Zero ){
42
43 If (win32.certgetcertificatecontextproperty (certhandle, win32.cert _ key_prov_info_prop_id, intptr. Zero, ref provinfosize )){
44
45 intptr info = marshal. allochglobal (INT) provinfosize );
46
47 If (win32.certgetcertificatecontextproperty (certhandle, win32.cert _ key_prov_info_prop_id, info, ref provinfosize )){
48 certinfo = (win32.crypt _ key_prov_info) Marshal. ptrtostructure (Info, typeof (win32.crypt _ key_prov_info ));
49
50 certs. Add (New x509certificate (certhandle ));
51}
52 marshal. freehglobal (Info );
53
54}
55}
56
57 marshal. freehglobal (hmemstore );
58
59 intptr hcryptprov = intptr. zero;
60 if (! Win32.cryptacquirecontext (ref hcryptprov, certinfo. containername, certinfo. provname, certinfo. provtype, win32.crypt _ deletekeyset ))
61 throw new exception ("memory release error ");
62 Return (x509certificate []) certs. toarray (typeof (x509certificate ));
63
64}
65}
66}
67

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.