/// <summary>5.2.1 获取证书集 2011-12-19
/// </summary>
/// <param name="StoreLocation">SECUINTER_LOCAL_MACHINE_STORE = 0;SECUINTER_CURRENT_USER_STORE= 1;</param>
/// <param name="StoreName">SECUINTER_MY_STORE=0(个人);SECUINTER_OTHER_STORE:1(其他人);SECUINTER_CA_STORE= 2;SECUINTER_ROOT_STORE= 3;</param>
/// <param name="certType">SECUINTER_CERTTYPE_ALL= 0;SECUINTER_CERTTYPE_SIGN= 1;SECUINTER_CERTTYPE_ENV= 2;</param>
/// <param name="netcaType">SECUINTER_NETCA_ALL= 0;SECUINTER_NETCA_YES= 1;SECUINTER_NETCA_NO= 2;SECUINTER_NETCA_OTHER=3</param>
/// <returns></returns>
public static SecuInter.X509Certificates getX509Certificates(
SECUINTER_STORE_LOCATION StoreLocation, SECUINTER_STORE_NAME StoreName, int certType, int netcaType)
{
SecuInter.Store oMyStore = new SecuInter.Store();
SecuInter.X509Certificates oMyCerts = new SecuInter.X509Certificates();
SecuInter.Utilities oUtil = new Utilities();
SecuInter.Store oMyStore2 = oUtil.CreateStoreObject();
try
{
oMyStore.Open(StoreLocation, StoreName);
}
catch (Exception)
{
throw new Exception("打开证书库失败");
}
SecuInter.X509Certificates certs = (SecuInter.X509Certificates)oMyStore.X509Certificates;
oMyStore.Close();
oMyStore = null;
IEnumerator oEnum = certs.GetEnumerator();
while (oEnum.MoveNext())
{
SecuInter.X509Certificate oCert = (SecuInter.X509Certificate)oEnum.Current;
String issuer = oCert.get_Issuer(SECUINTER_NAMESTRING_TYPE.SECUINTER_X500_NAMESTRING);
if (certType == SECUINTER_CERTTYPE_ALL)
{
if (netcaType == SECUINTER_NETCA_ALL)
{
oMyCerts.Add(oCert);
}
else if (netcaType == SECUINTER_NETCA_YES)
{
if (issuer.IndexOf("CN=NETCA") >= 0)
{
oMyCerts.Add(oCert);
}
}
else if (netcaType == SECUINTER_NETCA_NO)
{
if (issuer.IndexOf("CN=NETCA") < 0)
{
oMyCerts.Add(oCert);
}
}
//限制可以使用NETCA证书和其他CA证书
else if (netcaType == SECUINTER_NETCA_OTHER)
{
for (int j = 0; j < CASTR.Length; j++)
{
if (issuer.IndexOf(CASTR[j]) >= 0)
{
oMyCerts.Add(oCert);
}
}
}
}
else if (certType == SECUINTER_CERTTYPE_SIGN)
{
if (netcaType == SECUINTER_NETCA_ALL)
{
if (oCert.KeyUsage == 3)
{
oMyCerts.Add(oCert);
}
if (oCert.KeyUsage == -1)
{
oMyCerts.Add(oCert);
}
}
else if (netcaType == SECUINTER_NETCA_YES)
{
if (issuer.IndexOf("CN=NETCA") >= 0)
{
if (oCert.KeyUsage == 3)
{
oMyCerts.Add(oCert);
}
if (oCert.KeyUsage == -1)
{
oMyCerts.Add(oCert);
}
}
}
else if (netcaType == SECUINTER_NETCA_NO)
{
if (issuer.IndexOf("CN=NETCA") < 0)
{
if (oCert.KeyUsage == 3)
{
oMyCerts.Add(oCert);
}
if (oCert.KeyUsage == -1)
{
oMyCerts.Add(oCert);
}
}
}
//限制可以使用NETCA证书和其他CA证书
else if (netcaType == SECUINTER_NETCA_OTHER)
{
for (int j = 0; j < CASTR.Length; j++)
{
if (issuer.IndexOf(CASTR[j]) >= 0)
{
if (oCert.KeyUsage == 3)
{
oMyCerts.Add(oCert);
}
if (oCert.KeyUsage == -1)
{
oMyCerts.Add(oCert);
}
}
}
}
}
else if (certType == SECUINTER_CERTTYPE_ENV)
{
if (netcaType == SECUINTER_NETCA_ALL)
{
if (oCert.KeyUsage == 12)
{
oMyCerts.Add(oCert);
}
if (oCert.KeyUsage == -1)
{
oMyCerts.Add(oCert);
}
}
else if (netcaType == SECUINTER_NETCA_YES)
{
if (issuer.IndexOf("CN=NETCA") >= 0)
{
if (oCert.KeyUsage == 12)
{
oMyCerts.Add(oCert);
}
if (oCert.KeyUsage == -1)
{
oMyCerts.Add(oCert);
}
}
}
else if (netcaType == SECUINTER_NETCA_NO)
{
if (issuer.IndexOf("CN=NETCA") < 0)
{
if (oCert.KeyUsage == 12)
{
oMyCerts.Add(oCert);
}
if (oCert.KeyUsage == -1)
{
oMyCerts.Add(oCert);
}
}
}
//限制可以使用NETCA证书和其他CA证书
else if (netcaType == SECUINTER_NETCA_OTHER)
{
for (int j = 0; j < CASTR.Length; j++)
{
if (issuer.IndexOf(CASTR[j]) >= 0)
{
if (oCert.KeyUsage == 12)
{
oMyCerts.Add(oCert);
}
if (oCert.KeyUsage == -1)
{
oMyCerts.Add(oCert);
}
}
}
}
}
}//END FOR
return(oMyCerts);
}
/// <summary>5.2.5 获取证书信息*** 2012-10-29 Update
///
/// </summary>
/// <param name="oCert"></param>
/// <param name="type"></param>
/// <returns></returns>
public static String getX509CertificateInfo(SecuInter.X509Certificate oCert, int type)
{
if (oCert == null)
{
throw new Exception("证书为空!");
}
if (type == 0)//获取证书BASE64格式编码字符串 2012-12-03 modify luhanmin
{
String certHeader = "-----BEGIN CERTIFICATE-----\r\n";
String certEnd = "-----END CERTIFICATE-----\r\n";
String certPem = oCert.get_Encoded(SECUINTER_CERT_ENCODE_TYPE.SECUINTER_CERT_ENCODE_PEM).ToString();
if (certPem.IndexOf(certHeader) >= 0)
{
certPem = certPem.Substring(certHeader.Length, certPem.Length - certHeader.Length);
certPem = certPem.Substring(0, certPem.Length - certEnd.Length);
}
return(certPem);
}
if (type == 1)//证书姆印
{
SecuInter.Utilities oUtil = new SecuInter.Utilities();
return(oUtil.BinaryToHex(oCert.get_Thumbprint(SECUINTER_HASH_ALGORITHM.SECUINTER_SHA1_ALGORITHM)).ToUpper());
}
else if (type == 2)//证书序列号
{
return(oCert.SerialNumber);
}
else if (type == 3)//证书Subject
{
return(oCert.get_Subject(SECUINTER_NAMESTRING_TYPE.SECUINTER_X500_NAMESTRING));
}
else if (type == 4)//证书颁发者Subject
{
return(oCert.get_Issuer(SECUINTER_NAMESTRING_TYPE.SECUINTER_X500_NAMESTRING));
}
else if (type == 5)//证书有效期起
{
return(oCert.ValidFromDate.ToString());
}
else if (type == 6)//证书有效期止
{
return(oCert.ValidToDate.ToString());
}
else if (type == 7)//KeyUsage 密钥用法
{
return(oCert.KeyUsage.ToString());
}
else if (type == 9)//UsrCertNO:证书绑定值;(系统改造时,建议采用该值)
{
if (getX509CertificateInfo(oCert, 21).Equals("1"))
{
String rt = getX509CertificateInfo(oCert, 23);//取证书唯一标识
if (String.IsNullOrEmpty(rt))
{
rt = getX509CertificateInfo(oCert, 36);//取证书证件号码扩展域信息
if (String.IsNullOrEmpty(rt))
{
rt = getX509CertificateInfo(oCert, 1);//取证书姆印
}
}
return(rt);
}
if (getX509CertificateInfo(oCert, 21).Equals("2"))
{
return(getX509CertificateInfo(oCert, 51));
}
}
else if (type == 10)//OldUsrCertNo:旧的用户证书绑定值;(证书更新后的原有9的取值)
{
if (getX509CertificateInfo(oCert, 21).Equals("1"))
{
String rt = getX509CertificateInfo(oCert, 23);//取证书唯一标识
if (String.IsNullOrEmpty(rt))
{
rt = getX509CertificateInfo(oCert, 36);//取证书证件号码扩展域信息
if (String.IsNullOrEmpty(rt))
{
rt = getX509CertificateInfo(oCert, 31);//取证书旧姆印
}
}
return(rt);
}
if (getX509CertificateInfo(oCert, 21).Equals("2"))
{
return(getX509CertificateInfo(oCert, 51));
}
}
else if (type == 11)//证书主题名称;有CN项取CN项值;无CN项,取O的值
{
if (String.IsNullOrEmpty(getX509CertificateInfo(oCert, 12)))
{
return(getX509CertificateInfo(oCert, 13));
}
else
{
return(getX509CertificateInfo(oCert, 12));
}
}
else if (type == 12)//Subject中的CN项(人名)
{
String subject = getX509CertificateInfo(oCert, 3);
return(parseDN(subject, "CN"));
//return oCert.GetInfo(SECUINTER_CERT_INFO_TYPE.SECUINTER_CERT_INFO_SUBJECT_SIMPLE_NAME);
}
else if (type == 13)//Subject中的O项(人名)
{
String subject = getX509CertificateInfo(oCert, 3);
return(parseDN(subject, "O"));
}
else if (type == 14)//Subject中的地址(L项)
{
String subject = getX509CertificateInfo(oCert, 3);
return(parseDN(subject, "L"));
}
else if (type == 15)//证书颁发者的Email
{
return(oCert.GetInfo(SECUINTER_CERT_INFO_TYPE.SECUINTER_CERT_INFO_SUBJECT_EMAIL));
}
else if (type == 16)//Subject中的部门名(OU项)
{
String subject = getX509CertificateInfo(oCert, 3);
return(parseDN(subject, "OU"));
}
else if (type == 17)//用户国家名(C项)
{
String subject = getX509CertificateInfo(oCert, 3);
// oCert.GetUTF8ExtValue(
return(parseDN(subject, "C"));
}
else if (type == 18)//用户省州名(S项)
{
String subject = getX509CertificateInfo(oCert, 3);
return(parseDN(subject, "S"));
}
else if (type == 21)//CA ID
{
for (int i = 0; i < CASTR.Length; i++)
{
if (getX509CertificateInfo(oCert, 4).IndexOf(CASTR[i]) > 0)
{
return("" + (i + 1));
}
}
return("0");
}
else if (type == 22)//证书类型
{
return("0");
}
else if (type == 23)//证书唯一标识(一般为客户号等)
{
if (getX509CertificateInfo(oCert, 21).Equals("1"))
{
return("");
}
if (getX509CertificateInfo(oCert, 21).Equals("2"))
{
return(getX509CertificateInfo(oCert, 51));
}
}
else if (type == 31)//证书旧姆印
{
try
{
SecuInter.Utilities oUtil = new SecuInter.Utilities();
return(oUtil.BinaryToHex(oCert.get_PrevCertThumbprint(SECUINTER_HASH_ALGORITHM.SECUINTER_SHA1_ALGORITHM)).ToUpper());
}
catch (Exception)
{
return("");
}
}
else if (type == 32)//纳税人编码
{
try
{
return(oCert.GetInfo(SECUINTER_CERT_INFO_TYPE.SECUINTER_CERT_INFO_TAXPAYERID));
}
catch (Exception)
{
return("");
}
}
else if (type == 33)//组织机构代码号
{
try
{
return(oCert.GetInfo(SECUINTER_CERT_INFO_TYPE.SECUINTER_CERT_INFO_ORGANIZATIONCODE));
}
catch (Exception)
{
return("");
}
}
else if (type == 34)//税务登记号
{
try
{
return(oCert.GetInfo(SECUINTER_CERT_INFO_TYPE.SECUINTER_CERT_INFO_TAXATIONNUMBER));
}
catch (Exception)
{
return("");
}
}
else if (type == 35)//证书来源地
{
try
{
return(oCert.GetInfo(SECUINTER_CERT_INFO_TYPE.SECUINTER_CERT_INFO_CERTSOURCE));
}
catch (Exception)
{
return("");
}
}
else if (type == 36)//证书证件号码扩展域
{
try
{
//注意选择不同项目
//第1个表达式为 NETCA通用定义OID
//第1个表达式为 深圳项目中采用(3家CA都采用此做唯一标识) 2.16.156.112548
String rt = oCert.GetUTF8ExtValue("1.3.6.1.4.1.18760.1.12.11");
//String rt = oCert.GetUTF8ExtValue("2.16.156.112548");
return(rt);
}
catch (Exception)
{
return("");
}
}
else if (type == 51)//GDCA 证书信任号
{
try
{
return("GDCA 未实现");
//return oCert.GetUTF8ExtValue("1.2.156.0.2.1");
}
catch (Exception)
{
return("");
}
}
return("");
}
