Retrieve all subject attribute values in a certificate

Question

Retrieve all subject attribute values in a certificate

I am currently using CertGetNameString to retrieve the values for each attribute of an object as follows:

 CertGetNameString(pCertificate, CERT_NAME_ATTR_TYPE, 0, szOID_ORGANIZATIONAL_UNIT_NAME, buf, _countof(buf));

However, some certificates that I found have several meanings for the name of the organizational unit (OU) and CertGetNameString , only the first can read. For example, this is the subject of an Adobe certificate:

 CN = Adobe Systems, Incorporated OU = Acrobat Engineering OU = Digital ID Class 3 - Microsoft Software Validation v2 O = Adobe Systems, Incorporated L = San Jose S = California C = US

How can I read all the values for OU (and other) attributes using CryptoAPI?

+4

c ++ windows certificate winapi cryptoapi

Andreas Magnusson Feb 29 '12 at 9:07

source share

1 answer

Andreas Magnusson · Accepted Answer · 2012-02-29T11:44:38+0000

Ok, found a solution. The correct API to use is CertNameToStr , for example:

  CertNameToStr(X509_ASN_ENCODING, &pCertificate->pCertInfo->Subject, CERT_X500_NAME_STR, buf, _countof(buf));

It will return a string such as:

 C=US, S=California, L=San Jose, O="Adobe Systems, Incorporated", OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Acrobat Engineering, CN="Adobe Systems, Incorporated"

You can then analyze if individual attribute values are required.

Retrieve all subject attribute values ​​in a certificate

More articles:

Retrieve all subject attribute values in a certificate