如何通过CryptoAPI从Windows证书存储区将证书导出为Base64字符串 [英] How to export certificate from Windows certificate store via CryptoAPI as Base64 string

问题描述

我已经按照以下C＃代码执行了我在主题中所要求的操作：

i've got following C# code for doing what i asked for in subject:

public static void ExportCertificatesToFile(string FileName)
{
    stringBuilder builder = new StringBuilder();

    X509Store storeMy = new X509Store(StoreName.My);
    storeMy.Open(OpenFlags.ReadOnly);

    foreach (X509Certificate2 cert in storeMy.Certificates)
    {
        builder.AppendLine("-----BEGIN CERTIFICATE-----");   
              builder.AppendLine(Convert.ToBase64String(cert.Export(X509ContentType.Cert),  Base64FormattingOptions.InsertLineBreaks));
        builder.AppendLine("-----END CERTIFICATE-----");
    }

    storeMy.Close();

    File.WriteAllText(FileName, builder.ToString());
}

我确实想使用CryptoAPI（JwaWinCrypt.pas）与Delphi归档b $ b我尝试了以下代码：

Exactly that i want to archieve with Delphi using CryptoAPI (JwaWinCrypt.pas) I've tried following code:

procedure TForm1.Button1Click(Sender: TObject);
var
  hStore: HCERTSTORE;
  CertContext: PCertContext;
  pszString: PAnsiChar;
  pchString: Cardinal;
begin
  hStore := CertOpenSystemStore(0, PChar('MY'));

  try
    CertContext := CertEnumCertificatesInStore(hStore, nil);
    while CertContext <> nil do
    begin
      pszString := '';
      pchString := 0;
      CryptBinaryToString(CertContext.pbCertEncoded, CertContext.cbCertEncoded,  CRYPT_STRING_BASE64, pszString, pchString);

      ShowMessage(StrPas(pszString));

      CertContext := CertEnumCertificatesInStore(hStore, CertContext);
    end;
  finally
    CertCloseStore(hStore, 0);
  end;
end;

问题是ShowMessage不显示任何内容，字符串为空。
有人知道我做错了什么吗？

Problem is that ShowMessage shows nothing, the string is empty. Has someone an idea what i do wrong?

推荐答案

CryptBinaryToString 表示关于 pszString 参数。

指向接收转换后的字符串的缓冲区的指针。要计算为分配返回的字符串而必须分配的字符数，请将此参数设置为NULL。该函数会将所需数量的字符（包括终止NULL字符）放置在pcchString指向的值中。

A pointer to a buffer that receives the converted string. To calculate the number of characters that must be allocated to hold the returned string, set this parameter to NULL. The function will place the required number of characters, including the terminating NULL character, in the value pointed to by pcchString.

分配缓冲区，以便API函数可以填充它。您没有这样做。为了继续进行，您必须仔细阅读文档并遵守API的要求。

You are obliged to allocate the buffer so that the API function can populate it. You are failing to do so. In order to proceed you must read the documentation carefully and abide by the requirements of the API.

因此，您需要这样调用函数：

So you need to call the function like this:

szString: AnsiString;
....
chString := 0;
CryptBinaryToString(CertContext.pbCertEncoded, CertContext.cbCertEncoded,  
    CRYPT_STRING_BASE64, nil, chString);
SetLength(szString, chString-1);
CryptBinaryToString(CertContext.pbCertEncoded, CertContext.cbCertEncoded,  
    CRYPT_STRING_BASE64, PAnsiChar(szString), chString);

还应该检查 CryptBinaryToString 检测故障。为简便起见，我省略了它。

You should also check the return value of CryptBinaryToString to detect failures. I omitted that for brevity.

我还假设您的是ANSI Delphi。我以为是因为您使用了 PAnsiChar 。

I'm also assuming that yours is an ANSI Delphi. I assumed that because you used PAnsiChar.

这篇关于如何通过CryptoAPI从Windows证书存储区将证书导出为Base64字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！