本文主要是介绍[C++]将PFX证书导入USB-KEY,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
网上找到的代码貌似都不太靠谱,于是自己写了一个,下面只公布主要的函数
void CImportPFXDlg::ImportPFX(LPCTSTR PFX_FILE, LPCTSTR PFX_PASS)
{//打开文件HANDLE hFile = NULL;hFile = ::CreateFile(PFX_FILE, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);if (hFile == INVALID_HANDLE_VALUE){::AfxMessageBox(_T("CreateFile Fail!"));return;}//分配内存DWORD dwSize = ::GetFileSize(hFile, NULL);BYTE *pP12 = NULL;if (!(pP12 = new BYTE[dwSize])){::CloseHandle(hFile);::AfxMessageBox(_T("new pP12 Fail!"));return;}//读取证书内容DWORD dwRead = 0;if (!::ReadFile(hFile, pP12, dwSize, &dwRead, NULL)){::CloseHandle(hFile);::AfxMessageBox(_T("ReadFile Fail!"));return;}//关闭文件::CloseHandle(hFile);//生成结构体CRYPT_DATA_BLOB CDB;CDB.cbData = dwSize;CDB.pbData = pP12;//将证书导入临时证书库HCERTSTORE hStore = NULL;if (!(hStore = PFXImportCertStore(&CDB, PFX_PASS, CRYPT_EXPORTABLE))){delete pP12; pP12 = NULL;::AfxMessageBox(_T("PFXImportCertStore Fail!"));return;}delete pP12; pP12 = NULL;//枚举临时证书库中导入的证书PCCERT_CONTEXT pCertContext = NULL;HCRYPTPROV hCertProv = NULL;HCRYPTKEY hKey = NULL;BYTE *pPK = NULL;HCRYPTKEY hPrvKey = NULL;HCRYPTPROV hProv = NULL;while (pCertContext = CertEnumCertificatesInStore(hStore, pCertContext)){//对比“颁发给”和“颁发者”是否一致(对于根证书是一致的,不要导入根证书)//if (!CertCompareCertificateName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,// &pCertContext->pCertInfo->Issuer,// &pCertContext->pCertInfo->Subject)){//获取私钥临时 CSP 句柄DWORD dwKeySpec = 0;if (!CryptAcquireCertificatePrivateKey(pCertContext,CRYPT_ACQUIRE_COMPARE_KEY_FLAG,NULL,&hCertProv,&dwKeySpec,NULL)){DWORD dwRet = GetLastError();::AfxMessageBox(_T("CryptAcquireCertificatePrivateKey Fail!"));goto cleanup;}//获取密钥对if (!CryptGetUserKey(hCertProv, ((m_cmbCertType.GetCurSel() == 0) ? AT_KEYEXCHANGE : AT_SIGNATURE), &hKey)){DWORD dwRet = GetLastError();::AfxMessageBox(_T("CryptGetUserKey Fail!"));goto cleanup;}//获取私钥长度DWORD dwPKSize = 0;if (!CryptExportKey(hKey, NULL, PRIVATEKEYBLOB, 0, NULL, &dwPKSize)){DWORD dwRet = GetLastError();::AfxMessageBox(_T("CryptExportKey dwPKSize Fail!"));goto cleanup;}//分配内存if (!(pPK = new BYTE[dwPKSize])){DWORD dwRet = GetLastError();::AfxMessageBox(_T("new pPK Fail!"));goto cleanup;}//导出私钥if (!CryptExportKey(hKey, NULL, PRIVATEKEYBLOB, 0, pPK, &dwPKSize)){DWORD dwRet = GetLastError();::AfxMessageBox(_T("CryptExportKey pPK Fail!"));goto cleanup;}//获取 UKEY 的 CSP 句柄//获取密钥容器名称CString csContainer;if (m_cmbContainer.GetCurSel() == 0) //新建密钥容器{m_edtContainer.GetWindowText(csContainer);if (!CryptAcquireContext(&hProv, (LPCTSTR)csContainer, CSP_NAME, PROV_RSA_FULL, CRYPT_NEWKEYSET)){DWORD dwRst = ::GetLastError();::AfxMessageBox(_T("CryptAcquireContext m_edtContainer Fail!"));goto cleanup;}}else //证书导入现有容器{m_cmbContainer.GetWindowText(csContainer);if (!CryptAcquireContext(&hProv, (LPCTSTR)csContainer, CSP_NAME, PROV_RSA_FULL, 0)){DWORD dwRst = ::GetLastError();::AfxMessageBox(_T("CryptAcquireContext m_cmbContainer Fail!"));goto cleanup;}}//将私钥导入到 CSP,并获取其句柄if (!CryptImportKey(hProv, pPK, dwPKSize, NULL, 0, &hPrvKey)){DWORD dwRst = ::GetLastError();::AfxMessageBox(_T("CryptImportKey Fail!"));goto cleanup;}//将证书导入到密钥容器if (!CryptSetKeyParam(hPrvKey, KP_CERTIFICATE, pCertContext->pbCertEncoded, 0)){DWORD dwRst = ::GetLastError();::AfxMessageBox(_T("CryptSetKeyParam Fail!"));goto cleanup;}break;}}cleanup://销毁私钥句柄CryptDestroyKey(hPrvKey);//关闭 UKEY 的 CSP 句柄CryptReleaseContext(hProv, 0);//释放私钥内存delete pPK; pPK = NULL;//销毁密钥对句柄CryptDestroyKey(hKey);//释放证书句柄CertFreeCertificateContext(pCertContext);//关闭临时证书库CertCloseStore(hStore, 0);
}
这篇关于[C++]将PFX证书导入USB-KEY的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
