使用“api-monitor工具”及应用程序读取smart card 信息
来源:互联网 发布:免费的电话录音软件 编辑:程序博客网 时间:2024/05/10 15:03
采用工具:api-monitor(下载地址:点击打开链接)
使用步骤:
1、运行mstsc。
2、运行apimonitor-x86.exe,如下图所示,定位要监视的应用程序。
3、然后点击mstsc的编辑项
4、当mstsc列出所有凭据时,此时可以看到调用了API的情况:
二、API分析
1、
CertCreateCertificateContext Function
The CertCreateCertificateContext function creates a certificatecontextfrom an encoded certificate. The created context is not persisted(不变的) to a certificate store. The function makes a copy of the encoded certificate within the created context.
PCCERT_CONTEXT WINAPI CertCreateCertificateContext( __in DWORD dwCertEncodingType, __in const BYTE* pbCertEncoded, __in DWORD cbCertEncoded);
Parameters
- dwCertEncodingType
Specifies the type of encoding used. It is always acceptable to specify both the certificate andmessage encoding types by combining them with a bitwise-OR operation as shown in the following example:
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING
Currently defined encoding types are:
- X509_ASN_ENCODING
- PKCS_7_ASN_ENCODING
- pbCertEncoded
A pointer to a buffer that contains the encoded certificate from which the context is to be created.
- cbCertEncoded
The size, in bytes, of the pbCertEncoded buffer.
Return Value
If the function succeeds, the function returns a pointer to a read-only CERT_CONTEXT. When you have finished using the certificate context, free it by calling theCertFreeCertificateContext function.
If the function is unable to decode and create the certificate context, it returns NULL. For extended error information, callGetLastError. Some possible error codes follow.
E_INVALIDARG
A certificate encoding type that is not valid was specified. Currently, only the X509_ASN_ENCODING type is supported.
If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information about these errors, seeASN.1 Encoding/Decoding Return Values.
Remarks
The CERT_CONTEXT must be freed by calling CertFreeCertificateContext.CertDuplicateCertificateContext can be called to make a duplicate.CertSetCertificateContextProperty andCertGetCertificateContextProperty can be called to store and read properties for the certificate.
Example Code [C++]
The following example shows creating a certificate context from an encoded certificate. The created context is not put in a certificate store. For another example that uses this function, seeExample C Program: Certificate Store Operations.
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)PCCERT_CONTEXT pCertContext = NULL; //------------------------------------------------------------------ // Create a new certificate from the encoded part of// an available certificate. pDesiredCert is a previously// assigned PCCERT_CONTEXT variable.if(pCertContext = CertCreateCertificateContext( MY_ENCODING_TYPE, // The encoding type pDesiredCert->pbCertEncoded, // The encoded data from // the certificate retrieved pDesiredCert->cbCertEncoded)) // The length of the encoded data{ printf("A new certificate as been created.\n"); // Use the certificate context as needed. // ... // When finished, free the certificate context. CertFreeCertificateContext(pCertContext);}else{ printf("A new certificate could not be created.\n"); exit(1);}
CertAddCertificateContextToStore Function
The CertAddCertificateContextToStore function adds a certificate context to the certificate store.
Syntax
BOOL WINAPI CertAddCertificateContextToStore( __in HCERTSTORE hCertStore, __in PCCERT_CONTEXT pCertContext, __in DWORD dwAddDisposition, __out_opt PCCERT_CONTEXT* ppStoreContext);
Parameters
- hCertStore
Handle of a certificate store.
- pCertContext
A pointer to the CERT_CONTEXT structure to be added to the store.
- dwAddDisposition
Specifies the action to take if a matching certificate or a link to a matching certificate already exists in the store. Currently defined disposition values and their uses are as follows.
Value Meaning CERT_STORE_ADD_ALWAYS
The function makes no check for an existing matching certificate or link to a matching certificate. A new certificate is always added to the store. This can lead to duplicates in a store.
CERT_STORE_ADD_NEW
If a matching certificate or a link to a matching certificate exists, the operation fails.GetLastError returns the CRYPT_E_EXISTS code.
CERT_STORE_ADD_REPLACE_EXISTING
If a link to a matching certificate exists, that existing certificate or link is deleted and a new certificate is created and added to the store. If a matching certificate or a link to a matching certificate does not exist, a new link is added.
CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES
If a matching certificate exists in the store, the existing context is deleted before creating and adding the new context. The new added context inherits properties from the existing certificate.
CERT_STORE_ADD_USE_EXISTING
If a matching certificate or a link to a matching certificate exists, that existing certificate or link is used and properties from the new certificate are added. The function does not fail, but it does not add a new context. IfppCertContext is not NULL, the existing context is duplicated.
If a matching certificate or a link to a matching certificate does not exist, a new certificate is added.
- ppStoreContext
A pointer to a pointer to the copy to be made of the certificate that was added to the store.
The ppStoreContext parameter can be NULL, indicating that the calling application does not require a copy of the added certificate. If a copy is made, it must be freed by usingCertFreeCertificateContext.
Return Value
If the function succeeds, the return value is TRUE.
If the function fails, the return value is FALSE. For extended error information, callGetLastError. Some possible error codes follow.
CertEnumCertificatesInStore Function
The CertEnumCertificatesInStore function retrieves the first or next certificate in a certificate store. Used in a loop, this function can retrieve in sequence all certificates in a certificate store.
Syntax
PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore( __in HCERTSTORE hCertStore, __in PCCERT_CONTEXT pPrevCertContext);
Parameters
- hCertStore
A handle of a certificate store.
- pPrevCertContext
A pointer to the CERT_CONTEXT of the previouscertificate context found.
This parameter must be NULL to begin the enumeration and get the first certificate in the store. Successive certificates are enumerated by settingpPrevCertContext to the pointer returned by a previous call to the function. This function frees theCERT_CONTEXT referenced by non-NULL values of this parameter.
For logical stores, including collection stores, a duplicate of the pCertContext returned by this function cannot be used to begin a new subsequence of enumerations because the duplicated certificate loses the initial enumerationstate. The enumeration skips any certificate previously deleted byCertDeleteCertificateFromStore.
Return Value
If the function succeeds, the function returns a pointer to the next CERT_CONTEXT in the store. If no more certificates exist in the store, the function returns NULL.
For extended error information, call GetLastError. Some possible error codes follow.
Remarks
The returned pointer is freed when passed as the pPrevCertContext parameter on a subsequent call. Otherwise, the pointer must be freed by callingCertFreeCertificateContext. A non-NULLpPrevCertContext passed toCertEnumCertificatesInStore is always freed even for an error.
A duplicate of the currently enumerated certificate can be made by calling CertDuplicateCertificateContext.
Example Code [C++]
The following example lists the certificate contexts in the certificate store. For another example that uses this function, seeExample C Program: Deleting Certificates from a Certificate Store.
void TestCertEnumCertificatesInStore(){// Declare and initialize variables.HANDLE hStoreHandle = NULL;PCCERT_CONTEXT pCertContext = NULL; char * pszStoreName = "CA";//--------------------------------------------------------------------// Open a system certificate store.if (hStoreHandle = CertOpenSystemStore(NULL, pszStoreName)){printf("The %s store has been opened. \n", pszStoreName);}else{printf("The store was not opened.\n");exit(1);}//-------------------------------------------------------------------// Find the certificates in the system store. while(pCertContext= CertEnumCertificatesInStore(hStoreHandle,pCertContext)) // on the first call to the function,// this parameter is NULL // on all subsequent calls, // this parameter is the last pointer // returned by the function{//----------------------------------------------------------------// Do whatever is needed for a current certificate.// ...} // End of while.//--------------------------------------------------------------------// Clean up.if (!CertCloseStore(hStoreHandle,0)){printf("Failed CertCloseStore\n");exit(1);}}
1、可以读到smart card 的PIN码、域名、用户名(读到的是UTF8编码的)。
使用的API是:GetCerfication
读到信息后可以调用凭据组件中使用的GetSerial函数来获得更多信息。
2、
3、
4、
- 使用“api-monitor工具”及应用程序读取smart card 信息
- Smart Card 测试工具
- 智能卡(Smart Card)服务修复工具(解决无法读取外接设备的问题)
- Smart Card
- android studio 应用程序内存分析工具,Android Monitor使用
- API Monitor的使用
- API Monitor(API监控工具)
- API Monitor(API监控工具)
- 我要Smart Card
- Smart Card 开发记录
- Smart Card Subsystem Architecture
- Understanding Smart Card Timing
- JSR 268 (Java Smart Card I/O API) 呈交 JCP
- Windows Vista Smart Card Infrastructure
- 使用MPXJ API读取MS PROJECT MPP文件信息
- API monitor
- redis: jedis API使用及工具类
- Android性能优化学习(二)内存泄露分析工具Android Monitor 及MAT使用
- iOS开发之判断具体当前网络类型(2G网络还是3G网络)
- jquery $(document).ready() 与window.onload的区别
- c++ 出现1.#IND、1.#INF
- oracle触发器 包 存储过程啊的问题
- rcp(插件开发) swt中画水平or垂直 直线的方法
- 使用“api-monitor工具”及应用程序读取smart card 信息
- 【黑马程序员】9. 骑士飞行棋
- Win32 下 如何发送Http请求
- 解决PowerDesigner中DBMS设置的问题-创建物理模型时DBMS选项为空
- Hibernate工作流程
- 史上最浅显易懂的Git教程!
- Android系统深度游
- 使用PowerDesigner 15对现有数据库进行反向工程(图解教程二) by Yulh
- SVN常用命令