code sample: CertGetNameStringW CryptQueryObject

I need a Delphi code sample for this function:
 CertGetNameStringW
 CryptQueryObject

(Perhaps you can simple translate this C source:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=ut69uoT1BHA.2380%40tkmsftngp04&rnum=2 )

Thank you!
KannAsked:
Who is Participating?
 
TOndrejCommented:
A very loose translation of the above-mentioned sample:

program crypttest2;

{$APPTYPE CONSOLE}

uses
  SysUtils,
  Windows,
  JwaWinCrypt; // download from http://delphi-jedi.org or http://members.chello.nl/m.vanbrakel2

procedure DisplayCertContext(CertContext: PCertContext);
... same as in the previous example
end;

var
  FileName: string;
  ContentType: DWORD = 0;
  Store: HCERTSTORE;
  Msg: HCRYPTMSG;
  DataSize: Cardinal = 0;
  SignerInfo: PCmsgSignerInfo;
  CertInfo: TCertInfo;
  CertContext: PCertContext;

begin
  try
    FileName := ParamStr(1);
    if FileName = '' then
      raise Exception.Create('No file name specified');

    if not CryptQueryObject(CERT_QUERY_OBJECT_FILE, @FileName[1], CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
      CERT_QUERY_FORMAT_FLAG_BINARY, 0, nil, @ContentType, nil, @Store, @Msg, nil) then
      RaiseLastOSError;
    try
      if ContentType <> CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED then
        raise Exception.Create('Unexpected content type');

      if not CryptMsgGetParam(Msg, CMSG_SIGNER_INFO_PARAM, 0, nil, DataSize) then
        RaiseLastOSError;
      SignerInfo := AllocMem(DataSize);
      try
        if not CryptMsgGetParam(Msg, CMSG_SIGNER_INFO_PARAM, 0, SignerInfo, DataSize) then
          RaiseLastOSError;

        // find signer's cert in store
        FillChar(CertInfo, SizeOf(TCertInfo), 0);
        CertInfo.Issuer := SignerInfo^.Issuer;
        CertInfo.SerialNumber := SignerInfo^.SerialNumber;

        CertContext := CertFindCertificateInStore(Store, X509_ASN_ENCODING or PKCS_7_ASN_ENCODING, 0,
          CERT_FIND_SUBJECT_CERT, @CertInfo, nil);
        if CertContext = nil then
          RaiseLastOSError;

        DisplayCertContext(CertContext);
      finally
        FreeMem(SignerInfo);
      end;
    finally
      CertCloseStore(Store, 0);
      CryptMsgClose(Msg);
    end;
  except
    on E: Exception do
      ShowException(E, ExceptAddr);
  end;
end.
0
 
raidosCommented:
I suggest you try using this:
http://codecentral.borland.com/codecentral/ccweb.exe/listing?id=17597

Regards
//raidos
0
 
TOndrejCommented:
Here's one example of CertGetNameStringW:

program crypttest;

{$APPTYPE CONSOLE}

uses
  SysUtils,
  JwaWinCrypt; // download from http://delphi-jedi.org or http://members.chello.nl/m.vanbrakel2

procedure DisplayCertContext(CertContext: PCertContext);
var
  CertName: array[0..255] of WideChar;
begin
  Writeln;
  if CertGetNameStringW(CertContext, CERT_NAME_EMAIL_TYPE, 0, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Subject CERT_NAME_EMAIL_TYPE: ''', CertName, '''');
  if CertGetNameStringW(CertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Subject CERT_NAME_SIMPLE_DISPLAY_TYPE: ''', CertName, '''');
  if CertGetNameStringW(CertContext, CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Subject CERT_NAME_FRIENDLY_DISPLAY_TYPE: ''', CertName, '''');

  if CertGetNameStringW(CertContext, CERT_NAME_EMAIL_TYPE, CERT_NAME_ISSUER_FLAG, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Issuer CERT_NAME_EMAIL_TYPE: ''', CertName, '''');
  if CertGetNameStringW(CertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Issuer CERT_NAME_SIMPLE_DISPLAY_TYPE: ''', CertName, '''');
  if CertGetNameStringW(CertContext, CERT_NAME_FRIENDLY_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, nil,
    CertName, 256) = 0 then
    RaiseLastOSError;
  Writeln('Issuer CERT_NAME_FRIENDLY_DISPLAY_TYPE: ''', CertName, '''');
end;

var
  StoreName: array[0..255] of Char;
  Store: HCERTSTORE;
  CertContext: PCertContext;

begin
  try
    Writeln('Enter certificate store name:');
    Readln(StoreName);
    if (StoreName <> 'CA') and (StoreName <> 'MY') and (StoreName <> 'ROOT') and (StoreName <> 'SPC') then
      raise Exception.Create('Valid certificate store names are: ''CA'', ''MY'', ''ROOT'' and ''SPC''');

    Store := CertOpenSystemStore(0, StoreName);
    if Store = nil then
      RaiseLastOSError;
    try
      CertContext := CertEnumCertificatesInStore(Store, nil);
      while CertContext <> nil do
      begin
        DisplayCertContext(CertContext);

        CertContext := CertEnumCertificatesInStore(Store, CertContext);
      end;
    finally
      CertCloseStore(Store, 0);
    end;
  except
    on E: Exception do
      ShowException(E, ExceptAddr);
  end;
end.

0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

 
KannAuthor Commented:
TOndrej, thank you! You will get the points.
Perhaps you can help me: I get on error message in crypttest2:
CryptQueryObject() fails allways and the error "system can not find the file" (GetLastError=2147942402).

0
 
TOndrejCommented:
It seems the system cannot find the file you specified on the command line.

One reason for this could be that the file path contains spaces. (Command line parameters are separated by spaces, so the executable gets in fact several parameters.) If that's your case you'll have to enclose the path in quotes, e.g.
crypttest2 "C:\Program Files\MyDir\bin\MyApp.exe"

That way the OS will pass the whole string including spaces to the executable as one single parameter.

HTH
TOndrej
0
 
KannAuthor Commented:
I inserted the source line:
 FileName:='C:\signed.exe';
and
 FileName:='"C:\signed.exe"';
and
 FileName:='signed.exe';
but I get allways this error. (The file really exists.)
Do you get this error?
0
 
TOndrejCommented:
I've never tried the code because I couldn't quickly find a signed executable to check.

Looking at the documentation, it seems that FileName should be a wide string.
Change the declaration of FileName to:

var
  FileName: WideString;

and see if it helps.
0
 
TOndrejCommented:
OK, I've finally downloaded some signed executables from Microsoft so I could try out the code. I've found two mistakes in the original posting.

Please make the following two fixes:

1. "File not found"
(As I've suggested before) Change the declaration of FileName to WideString:

var
  FileName: WideString;

2. "Unexpected content type"
Change the ContentType check line (replace  CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED with CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED):

  if ContentType <> CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED then
    raise Exception.Create('Unexpected content type');

This should solve the problems.

HTH
TOndrej
0
 
KannAuthor Commented:
Thank you!
0
 
TOndrejCommented:
Glad to help.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.