[英]How do I extract the list of serial numbers from a Certificate Revocation List in C# without using third party libraries?
I've connected to a MS PKI Certificate Revocation List distribution point and obtained the CRL 我已连接到MS PKI证书吊销列表分发点,并获得了CRL
What's the most straightforward way to extract the list of serial numbers from the CRL without using third party libraries? 不使用第三方库从CRL中提取序列号列表的最直接方法是什么?
You will have to unroll the CRL by using unmanaged CryptoAPI functions (through p/invoke, of course). 您将必须使用非托管的CryptoAPI函数(当然是通过p / invoke)来展开CRL。 Generally, you will have to the following high-level step-by-step:
通常,您将必须执行以下高级操作:
Marshal.PtrToStructure
.NET method to convert pCrlInfo
pointer of CRL_CONTEXT
structure to CRL_INFO
structure. Marshal.PtrToStructure
.NET方法将CRL_CONTEXT
结构的pCrlInfo
指针转换为CRL_INFO
结构。 rgCRLEntry
is an array of pointers (array size is determined by cCRLEntry
member of CRL_INFO
). rgCRLEntry
是一个指针数组(数组大小由下式确定cCRLEntry
的构件CRL_INFO
)。 CRL_ENTRY
structure. CRL_ENTRY
结构的大小来循环访问此数组。 SerialNumber
member of CRL_ENTRY
is a byte array. CRL_ENTRY
SerialNumber
成员是一个字节数组。 You can directly use Marshal.Copy(IntPtr, Byte[], Int32, Int32)
method to copy unmanaged array to managed. Marshal.Copy(IntPtr, Byte[], Int32, Int32)
方法将非托管数组复制到托管。 This will give you serial number. Do not forget to release pointer to CRL_CONTEXT
structure by calling CertFreeCRLContext function when finished to prevent memory leaks. 完成操作以防止内存泄漏时,请不要忘记通过调用CertFreeCRLContext函数来释放指向
CRL_CONTEXT
结构的指针。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.