问题描述
大家好
我想导入证书& pfx(pkcs#12)将文件转换为加密硬件令牌。
I want to Import a certificate & pfx (pkcs#12) file into a cryptographic hardware token.
我正在使用Visual C ++ 2008编程并在Windows 7中使用CryptoAPI。
I'm programming with Visual C++ 2008 and using CryptoAPI in windows 7.
有两个名为"CryptImportKey"的API。和"CryptExportKey"和"CryptExportKey"。将公钥或私钥或会话密钥导入和导出到CSP(加密服务提供商),但没有任何API可以导入证书和密钥。 pfx进入CSP!
There is two API's called "CryptImportKey" and "CryptExportKey" to import and export public or private or session keys into a CSP (Cryptographic Service Provider) but there is not any API to import a cert & pfx into a CSP!
以下是将pfx文件导入内存中的证书库的代码的一部分,但我不知道如何将此证书库转移到CSP中(实际上,使用它的CSP进入令牌)?
Here is part of my code to import pfx file to a cert store in memory, but I don't know how should I transfer this cert store into the CSP (indeed, into the token with it's CSP)?
int main()
{
CRYPT_DATA_BLOB data;
// load key-pair from disk to memory.
FILE *fIn;
errno_t err;
if( (err = fopen_s(&fIn, "C:\\my.pfx", "rb")) !=0 )
MyHandleError("File my.pfx Not Found!!\n");
else
printf( "The file 'my.pfx' was opened\n" );
if(fseek(fIn, 0, SEEK_END))
{
fclose(fIn);
MyHandleError("Error in fseek1!!\n");
}
if((data.cbData = ftell(fIn)) == -1)
{
fclose(fIn);
MyHandleError("Error in ftell!!\n");
}
if(fseek(fIn, 0, SEEK_SET))
{
fclose(fIn);
MyHandleError("Error in fseek2!!\n");
}
if(!(data.pbData = (BYTE*)malloc(data.cbData)))
MyHandleError("The data.pbData malloc operation failed. \n");
int nread = fread(data.pbData, 1, data.cbData, fIn);
if (nread == 0)
MyHandleError("Error in fread!!\n");
if (nread == data.cbData)
printf("The pfx file is read successfully.\n");
fclose(fIn);
// Convert key-pair data to the in-memory certificate store
WCHAR pszPassword[] = TEXT("bahareh");
HCERTSTORE hCertStore = PFXImportCertStore(&data, pszPassword, 0);
SecureZeroMemory(pszPassword, sizeof(pszPassword));
if (!hCertStore)
{
printf("Password is empty1.\n");
hCertStore = PFXImportCertStore(&data, L"", 0);
}
if (!hCertStore)
{
printf("Password is empty2.\n");
hCertStore = PFXImportCertStore(&data, NULL, 0);
}
...
你能帮我这个吗?
TIA
推荐答案
根据你的描述,我想移动这个帖子到"Windows桌面论坛的应用程序安全性"为了更好的支持。
According to your description, I'd like to move this thread to "Application Security for Windows Desktop Forum" for better support.
感谢您的理解和积极参与MSDN论坛。
Thanks for your understanding and active participation in the MSDN Forum.
祝你好运,
这篇关于如何将证书和pkcs#12文件导入加密提供程序?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!