Because yes. net security, so you have to run the following examples on vc7 (today I am running on vc6, there are a lot of errors), the above describes some of the basics of cryptapi, I will not follow the msdn below. The following topics are hashing, signing data, creating and inserting ing enveloped data messages and encrypting and decrypting. for more information about these topics, see. Focuses on Certificate operations. However, cryptui. dll is only available in the Windows 2003 Server version.
1. decode the cert_info structure.
Given a certificate, the first step is to call the certcreatecertificatecontext function to decode the certificate blob. When this function is called, a duplicate of the encoding certificate is generated, and a cert_conetxt structure and a cert_info structure are created. A certificate_context contains an original certificate blob, A cert_conetxt structure, and a cert_info structure. Next, let's take a look at the cert_conetxt and cert_info structure (wincrypt. h ):
Typedef struct _ cert_context {
DWORD dwcertencodingtype;
Byte * pbcertencoded;
DWORD cbcertencoded;
Pcert_info pcertinfo;
Hcertstore;
} Cert_context, * pcert_context;
Typedef const cert_context * pccert_context;
Typedef struct _ cert_info {
DWORD dwversion;
Crypt_integer_blob serialnumber;
Crypt_algorithm_identifier signaturealgorithm;
Cert_name_blob issuer;
Filetime notbefore;
Filetime notafter;
Cert_name_blob subject;
Cert_public_key_info subjectpublickeyinfo;
Crypt_bit_blob issueruniqueid;
Crypt_bit_blob subjectuniqueid;
DWORD cextension;
Pcert_extension rgextension;
} Cert_info, * pcert_info;
Typedef struct _ cert_extensions {
DWORD cextension;
Pcert_extension rgextension;
} Cert_extensions, * pcert_extensions;
From the above three structures, we can clearly see the certificate storage process. (The specific parameter meanings can be determined by the parameter name)
2. encode a cert_info Structure
The encoding and decoding processes are the opposite. The following example shows how to add the issuer to the cert_info structure.
1. Create a string containing the issuer's name.
2. Create an array of cert_rdn_attr structures. After initialization, it can contain the created string.
3. Create a cert_rdn structure array that contains the previously initialized cert_rdn_attr structure.
4. Create a cert_name_info structure pointing to the pointer to the array of the cert_rdn structure just created
5. Call the cryptencodeobject function to obtain the Blob length after the output encoding.
6. allocate memory space for BLOB
7. Call the cryptencodeobject function again to write the encoding information
8. Set issuer. cbdata in the cert_info structure to the length obtained in step 1 and set issuer. pbdata to the address obtained in step 2. Now the issuer is in the cert_info structure.
Add an encoded extension information to the cert_info structure.
1. Initialize an extended information structure.
2. Call cryptencodeobject to obtain the required space.
3. Allocate space
4. Call cryptencodeobject again to obtain the encoded information.
5. Create a cert_extension structure array.
6. initialize cert_extension and add the encoded information to cert_extension.
7. initialize the rgextension of the cert_info structure and point it to the cert_extension structure array.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
