Solved

code sample: CertGetNameStringW CryptQueryObject

Posted on 2002-07-02
10
3,122 Views
Last Modified: 2009-12-16
I need a Delphi code sample for this function:
 CertGetNameStringW
 CryptQueryObject

(Perhaps you can simple translate this C source:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=ut69uoT1BHA.2380%40tkmsftngp04&rnum=2 )

Thank you!
0
Comment
Question by:Kann
  • 6
  • 3
10 Comments
 
LVL 3

Expert Comment

by:raidos
ID: 7124405
I suggest you try using this:
http://codecentral.borland.com/codecentral/ccweb.exe/listing?id=17597

Regards
//raidos
0
 
LVL 8

Expert Comment

by:TOndrej
ID: 7124526
Here's one example of CertGetNameStringW:

program crypttest;

{$APPTYPE CONSOLE}

uses
  SysUtils,
  JwaWinCrypt; // download from http://delphi-jedi.org or http://members.chello.nl/m.vanbrakel2

procedure DisplayCertContext(CertContext: PCertContext);
var
  CertName: array[0..255] of WideChar;
begin
  Writeln;
  if CertGetNameStringW(CertContext, CERT_NAME_EMAIL_TYPE, 0, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Subject CERT_NAME_EMAIL_TYPE: ''', CertName, '''');
  if CertGetNameStringW(CertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Subject CERT_NAME_SIMPLE_DISPLAY_TYPE: ''', CertName, '''');
  if CertGetNameStringW(CertContext, CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Subject CERT_NAME_FRIENDLY_DISPLAY_TYPE: ''', CertName, '''');

  if CertGetNameStringW(CertContext, CERT_NAME_EMAIL_TYPE, CERT_NAME_ISSUER_FLAG, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Issuer CERT_NAME_EMAIL_TYPE: ''', CertName, '''');
  if CertGetNameStringW(CertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Issuer CERT_NAME_SIMPLE_DISPLAY_TYPE: ''', CertName, '''');
  if CertGetNameStringW(CertContext, CERT_NAME_FRIENDLY_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Issuer CERT_NAME_FRIENDLY_DISPLAY_TYPE: ''', CertName, '''');
end;

var
  StoreName: array[0..255] of Char;
  Store: HCERTSTORE;
  CertContext: PCertContext;

begin
  try
    Writeln('Enter certificate store name:');
    Readln(StoreName);
    if (StoreName <> 'CA') and (StoreName <> 'MY') and (StoreName <> 'ROOT') and (StoreName <> 'SPC') then
      raise Exception.Create('Valid certificate store names are: ''CA'', ''MY'', ''ROOT'' and ''SPC''');

    Store := CertOpenSystemStore(0, StoreName);
    if Store = nil then
      RaiseLastOSError;
    try
      CertContext := CertEnumCertificatesInStore(Store, nil);
      while CertContext <> nil do
      begin
        DisplayCertContext(CertContext);

        CertContext := CertEnumCertificatesInStore(Store, CertContext);
      end;
    finally
      CertCloseStore(Store, 0);
    end;
  except
    on E: Exception do
      ShowException(E, ExceptAddr);
  end;
end.

0
 
LVL 8

Accepted Solution

by:
TOndrej earned 400 total points
ID: 7124528
A very loose translation of the above-mentioned sample:

program crypttest2;

{$APPTYPE CONSOLE}

uses
  SysUtils,
  Windows,
  JwaWinCrypt; // download from http://delphi-jedi.org or http://members.chello.nl/m.vanbrakel2

procedure DisplayCertContext(CertContext: PCertContext);
... same as in the previous example
end;

var
  FileName: string;
  ContentType: DWORD = 0;
  Store: HCERTSTORE;
  Msg: HCRYPTMSG;
  DataSize: Cardinal = 0;
  SignerInfo: PCmsgSignerInfo;
  CertInfo: TCertInfo;
  CertContext: PCertContext;

begin
  try
    FileName := ParamStr(1);
    if FileName = '' then
      raise Exception.Create('No file name specified');

    if not CryptQueryObject(CERT_QUERY_OBJECT_FILE, @FileName[1], CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
      CERT_QUERY_FORMAT_FLAG_BINARY, 0, nil, @ContentType, nil, @Store, @Msg, nil) then
      RaiseLastOSError;
    try
      if ContentType <> CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED then
        raise Exception.Create('Unexpected content type');

      if not CryptMsgGetParam(Msg, CMSG_SIGNER_INFO_PARAM, 0, nil, DataSize) then
        RaiseLastOSError;
      SignerInfo := AllocMem(DataSize);
      try
        if not CryptMsgGetParam(Msg, CMSG_SIGNER_INFO_PARAM, 0, SignerInfo, DataSize) then
          RaiseLastOSError;

        // find signer's cert in store
        FillChar(CertInfo, SizeOf(TCertInfo), 0);
        CertInfo.Issuer := SignerInfo^.Issuer;
        CertInfo.SerialNumber := SignerInfo^.SerialNumber;

        CertContext := CertFindCertificateInStore(Store, X509_ASN_ENCODING or PKCS_7_ASN_ENCODING, 0,
          CERT_FIND_SUBJECT_CERT, @CertInfo, nil);
        if CertContext = nil then
          RaiseLastOSError;

        DisplayCertContext(CertContext);
      finally
        FreeMem(SignerInfo);
      end;
    finally
      CertCloseStore(Store, 0);
      CryptMsgClose(Msg);
    end;
  except
    on E: Exception do
      ShowException(E, ExceptAddr);
  end;
end.
0
 

Author Comment

by:Kann
ID: 7124763
TOndrej, thank you! You will get the points.
Perhaps you can help me: I get on error message in crypttest2:
CryptQueryObject() fails allways and the error "system can not find the file" (GetLastError=2147942402).

0
 
LVL 8

Expert Comment

by:TOndrej
ID: 7124787
It seems the system cannot find the file you specified on the command line.

One reason for this could be that the file path contains spaces. (Command line parameters are separated by spaces, so the executable gets in fact several parameters.) If that's your case you'll have to enclose the path in quotes, e.g.
crypttest2 "C:\Program Files\MyDir\bin\MyApp.exe"

That way the OS will pass the whole string including spaces to the executable as one single parameter.

HTH
TOndrej
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:Kann
ID: 7125027
I inserted the source line:
 FileName:='C:\signed.exe';
and
 FileName:='"C:\signed.exe"';
and
 FileName:='signed.exe';
but I get allways this error. (The file really exists.)
Do you get this error?
0
 
LVL 8

Expert Comment

by:TOndrej
ID: 7125180
I've never tried the code because I couldn't quickly find a signed executable to check.

Looking at the documentation, it seems that FileName should be a wide string.
Change the declaration of FileName to:

var
  FileName: WideString;

and see if it helps.
0
 
LVL 8

Expert Comment

by:TOndrej
ID: 7126110
OK, I've finally downloaded some signed executables from Microsoft so I could try out the code. I've found two mistakes in the original posting.

Please make the following two fixes:

1. "File not found"
(As I've suggested before) Change the declaration of FileName to WideString:

var
  FileName: WideString;

2. "Unexpected content type"
Change the ContentType check line (replace  CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED with CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED):

  if ContentType <> CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED then
    raise Exception.Create('Unexpected content type');

This should solve the problems.

HTH
TOndrej
0
 

Author Comment

by:Kann
ID: 7126195
Thank you!
0
 
LVL 8

Expert Comment

by:TOndrej
ID: 7126202
Glad to help.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Introduction The parallel port is a very commonly known port, it was widely used to connect a printer to the PC, if you look at the back of your computer, for those who don't have newer computers, there will be a port with 25 pins and a small print…
In this tutorial I will show you how to use the Windows Speech API in Delphi. I will only cover basic functions such as text to speech and controlling the speed of the speech. SAPI Installation First you need to install the SAPI type library, th…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now