I have to find CRL distribution point URL from a certificate. I managed to get obtain context (CERT_CONTEXT) of a certificate.
From this, how do I find CRL URL? To obtain publickeylength, there was a function CertGetPublicKeyLength. Similary is there anyway to find CRL Distribution point?
是的,我找到了答案!您可以使用CryptGetObjectUrl()来获取它。我想发布代码片段,因为它肯定会对某人有所帮助。
DWORD pcbUrlArray,pcbUrlInfo;
if(CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,pCert,CRYPT_GET_URL_FROM_PROPERTY | CRYPT_GET_URL_FROM_EXTENSION,NULL,&pcbUrlArray,NULL,&pcbUrlInfo,0))
{
PCRYPT_URL_ARRAY urlArray = (PCRYPT_URL_ARRAY)malloc(pcbUrlArray * sizeof(CRYPT_URL_ARRAY));
PCRYPT_URL_INFO urlInfo = (PCRYPT_URL_INFO)malloc(pcbUrlInfo * sizeof(CRYPT_URL_INFO));
if(CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,pCert,CRYPT_GET_URL_FROM_PROPERTY | CRYPT_GET_URL_FROM_EXTENSION,urlArray,&pcbUrlArray,urlInfo,&pcbUrlInfo,0))
{
for(int i=0;i<urlArray->cUrl;i++)
wcout<<urlArray->rgwszUrl[i]<<endl;
}
}
基本上你通过
WinHttpQueryOption( hRequest,WINHTTP_OPTION_SERVER_CERT_CONTEXT,&pCert,&dwLen);