CNG替代CryptQueryObject [英] CNG replacement for CryptQueryObject

问题描述

我对尝试从数字签名中读取字段感兴趣。我有调用CryptQueryObject，然后CryptMsgGetParam来获取某些字段，最后是CertFindCertificateInStore来加载证书的代码。

I'm interested in trying to read fields out of a digital signature. I have code that calls CryptQueryObject, then CryptMsgGetParam to get some fields and finally CertFindCertificateInStore to load the certificate.

有没有关于如何使用下一代密码学API的提示？微软告诉我CryptQueryObject已弃用，但没有指向它的替换。

Any hints on how to do this using the Cryptography Next Generation APIs? Microsoft tells me CryptQueryObject is deprecated but doesn't point to its replacement.

推荐答案

CryptDecodeObject [Ex] 未标记为已弃用。

您可以通过在具有不同循环的循环中调用 CryptDecodeObjectEx 来模仿检测Blob类型的逻辑。

You can emulate the logic of detecting the blob type by calling CryptDecodeObjectEx in a loop with different object types to see which one doesn't error out.

也就是说，如果您使用 CryptQueryObject 来 >分析文件/数据块（而不是检测其类型），您很清楚这是什么，请查看您的数据块在> https://docs.microsoft.com/zh-cn/windows/ win32 / seccrypto / constants-for-cryptencodeobject-and-cryptdecodeobject

That said, if you use CryptQueryObject to parse a file/data block (as opposed to detecting its type), and you have a good idea what that is, see if there's a subject type constant for your data block under https://docs.microsoft.com/en-us/windows/win32/seccrypto/constants-for-cryptencodeobject-and-cryptdecodeobject

通常，处理ASN.1数据结构（证书，CSR，不推荐使用CRL等），并且在CNG API中没有对应的内容。也许这是被误认为已弃用。

In general, CryptoAPI functions that deal with ASN.1 data structures (certs, CSRs, CRLs and the like) are not deprecated and have no counterpart in CNG API. Maybe this one was marked as deprecated by mistake.

这篇关于CNG替代CryptQueryObject的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！