| ||||
| ||||
| у меня на машине установлен 1 сертификат, а при проверке var CAPICOM_CURRENT_USER_STORE = 1; var CAPICOM_STORE_OPEN_READ_ONLY = 0; var Store = new ActiveXObject("CAPICOM.Store"); Store.Open(CAPICOM_CURRENT_USER_STORE, "My", CAPICOM_STORE_OPEN_READ_ONLY); var cert = Store.Certificates; значение cert.Count равно 0 В чем может быть причина такого несоответствия? | ||||
| Ответы: | ||||
| ||||
| Установлен ли он в MY единственный сертификат? Запустите пример или через манагер сертификатов посмотрите. <html> <head> <title>CAPICOM - Store Sample</title> <% ’****************************************************************************** ’ ’ THIS CODE AND INformATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, ’ EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED ’ WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. ’ ’ Copyright (C) 1999- 2002. Microsoft Corporation. All rights reserved. ’ ’****************************************************************************** ’ ’ Store.html ’ ’ This is a JScript sample that illustrates how to use features introduced in ’ CAPICOM to manage and view your certificate stores as well as check the ’ validity of certificates. ’ ’ Note: For simplicity, this script does not handle all exceptions. ’ ’****************************************************************************** %> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <object id="oCAPICOM" classid="clsid:A996E48C-D3DC-4244-89F7-AFA33EC60679" codebase="capicom.cab#version=2,0,0,0"> </object> <script language="jscript"> // CAPICOM constants var CAPICOM_CERTIFICATE_FIND_SHA1_HASH = 0; var CAPICOM_CURRENT_USER_STORE = 2; var CAPICOM_STORE_OPEN_READ_ONLY = 0; var CAPICOM_INFO_SUBJECT_SIMPLE_NAME = 0; var CAPICOM_INFO_ISSUER_SIMPLE_NAME = 1; var CAPICOM_INFO_SUBJECT_EMAIL_NAME = 2; var CAPICOM_INFO_ISSUER_EMAIL_NAME = 3; var CAPICOM_CHECK_NONE = 0; var CAPICOM_CHECK_TRUSTED_ROOT = 1; var CAPICOM_CHECK_TIME_VALIDITY = 2; var CAPICOM_CHECK_SIGNATURE_VALIDITY = 4; var CAPICOM_CHECK_ONLINE_REVOCATION_STATUS = 8; var CAPICOM_CHECK_OFFLINE_REVOCATION_STATUS = 16; var CAPICOM_TRUST_IS_NOT_TIME_VALID = 1; var CAPICOM_TRUST_IS_NOT_TIME_NESTED = 2; var CAPICOM_TRUST_IS_REVOKED = 4; var CAPICOM_TRUST_IS_NOT_SIGNATURE_VALID = 8; var CAPICOM_TRUST_IS_NOT_VALID_FOR_USAGE = 16; var CAPICOM_TRUST_IS_UNTRUSTED_ROOT = 32; var CAPICOM_TRUST_REVOCATION_STATUS_UNKNOWN = 64; var CAPICOM_TRUST_IS_CYCLIC = 128; var CAPICOM_TRUST_IS_PARTIAL_CHAIN = 65536; var CAPICOM_TRUST_CTL_IS_NOT_TIME_VALID = 131072; var CAPICOM_TRUST_CTL_IS_NOT_SIGNATURE_VALID = 262144; var CAPICOM_TRUST_CTL_IS_NOT_VALID_FOR_USAGE = 524288; function IsCAPICOMInstalled() { if(typeof(oCAPICOM) == "object") { if( (oCAPICOM.object != null) ) { // We found CAPICOM! return true; } } } function FindCertificateByThumbprint(szThumbprint) { // instantiate the CAPICOM objects var MyStore = new ActiveXObject("CAPICOM.Store"); var AddrStore = new ActiveXObject("CAPICOM.Store"); var CAStore = new ActiveXObject("CAPICOM.Store"); var RootStore = new ActiveXObject("CAPICOM.Store"); var FoundCertificates = new ActiveXObject("CAPICOM.Certificates"); // open the store objects try { MyStore.Open(CAPICOM_CURRENT_USER_STORE, "My", CAPICOM_STORE_OPEN_READ_ONLY); AddrStore.Open(CAPICOM_CURRENT_USER_STORE, "AddressBook", CAPICOM_STORE_OPEN_READ_ONLY); CAStore.Open(CAPICOM_CURRENT_USER_STORE, "CA", CAPICOM_STORE_OPEN_READ_ONLY); RootStore.Open(CAPICOM_CURRENT_USER_STORE, "Root", CAPICOM_STORE_OPEN_READ_ONLY); } catch (e) { alert("An error occurred while opening your certificate stores, aborting"); return false; } // this may take a second so lets update the user with what we are doing window.status="Finding Certificate with the Thumbprint of " + szThumbprint + "."; // create an array of all of the stores MyStores = new Array(MyStore, AddrStore, CAStore, RootStore); // enumerate through the stores for (iStore = 0; iStore <= (MyStores.length -1); iStore++) { // look for our thumbprint in this store var Certificates = MyStores[iStore].Certificates.Find(CAPICOM_CERTIFICATE_FIND_SHA1_HASH, szThumbprint); // enumerate through each of the certificates we found (if any) for (iCert = 1; iCert <= (Certificates.Count); iCert++) { FoundCertificates.Add(Certificates.Item(iCert)); } } // update the status window.status=""; // return the certificate if (typeof(FoundCertificates) == "object") { return FoundCertificates; } } function displayCert(szThumbprint) { // find the certificate specified! var Certificates = FindCertificateByThumbprint(szThumbprint); window.status="Displaying Certificate...."; Certificates.Item(1).Display(); window.status=""; } function checkCertStatus(szThumbprint) { if (IsCAPICOMInstalled) { // find the certificate specified! var Certificates = FindCertificateByThumbprint(szThumbprint); var Certificate = Certificates.Item(1); window.status="Checking Certificate Status...."; // CAPICOM exposes Certificate status checking through IsValid, the CheckFlag parameter // allows you to specify the items you want to have checked for you. Certificate.IsValid().CheckFlag = (CAPICOM_CHECK_TRUSTED_ROOT | CAPICOM_CHECK_TIME_VALIDITY | CAPICOM_CHECK_SIGNATURE_VALIDITY | CAPICOM_CHECK_ONLINE_REVOCATION_STATUS); if (Certificate.IsValid().Result == true) { // clear the status window window.status=""; alert("CryptoAPI believes \"" + Certificate.GetInfo(CAPICOM_INFO_SUBJECT_SIMPLE_NAME) + "\" to be trustworthy."); } else { var Chain = new ActiveXObject("CAPICOM.Chain"); Chain.Build(Certificate) // clear the status window window.status=""; if (CAPICOM_TRUST_IS_NOT_SIGNATURE_VALID & Chain.Status) { alert("CryptoAPI found a problem with the signature on ’" + Certificate.GetInfo(CAPICOM_INFO_SUBJECT_SIMPLE_NAME) + "’"); return false; } if ((CAPICOM_TRUST_IS_UNTRUSTED_ROOT & Chain.Status) || (CAPICOM_TRUST_IS_PARTIAL_CHAIN & Chain.Status)) { alert("CryptoAPI was unable to chain ’" + Certificate.GetInfo(CAPICOM_INFO_SUBJECT_SIMPLE_NAME) + "’ to a trusted authority"); return false; } if (CAPICOM_TRUST_IS_CYCLIC & Chain.Status) { alert("CAPICOM_TRUST_IS_CYCLIC"); return false; } if (CAPICOM_TRUST_CTL_IS_NOT_TIME_VALID & Chain.Status) { alert("CAPICOM_TRUST_CTL_IS_NOT_TIME_VALID"); return false; } if (CAPICOM_TRUST_CTL_IS_NOT_SIGNATURE_VALID & Chain.Status) { alert("CAPICOM_TRUST_CTL_IS_NOT_SIGNATURE_VALID"); return false; } if (CAPICOM_TRUST_CTL_IS_NOT_VALID_FOR_USAGE & Chain.Status) { alert("CAPICOM_TRUST_CTL_IS_NOT_VALID_FOR_USAGE"); return false; } if (CAPICOM_TRUST_IS_NOT_TIME_VALID & Chain.Status) { alert("CAPICOM_TRUST_IS_NOT_TIME_VALID"); return false; } if (CAPICOM_TRUST_IS_NOT_TIME_NESTED & Chain.Status) { alert("CAPICOM_TRUST_IS_NOT_TIME_NESTED"); return false; } if (CAPICOM_TRUST_IS_NOT_VALID_FOR_USAGE & Chain.Status) { alert("CAPICOM_TRUST_IS_NOT_VALID_FOR_USAGE"); return false; } if (CAPICOM_TRUST_IS_REVOKED & Chain.Status) { alert("CryptoAPI determined that ’" + Certificate.GetInfo(CAPICOM_INFO_SUBJECT_SIMPLE_NAME) + "’ or one of its issuers was revoked."); return false; } if (CAPICOM_TRUST_REVOCATION_STATUS_UNKNOWN & Chain.Status) { alert("CryptoAPI was unable to determine the certificate status for ’" + Certificate.GetInfo(CAPICOM_INFO_SUBJECT_SIMPLE_NAME) + "’"); return false; } } } } function populateCertificateList(szStore) { window.status="Populating Certificate Store...."; // Instantiate the objects we will be using... if( typeof(Store) != "object" ) { var Store = new ActiveXObject("CAPICOM.Store"); } // To populate the certificates on in the specified store we first need to open the store, // with CryptoAPI stores are multi-dimensional, by that I mean that you have machine based // stores, user based stores, etc; within these "physical" stores within these are logical stores, // these include: // * My (Certificates that you have associated keys) // * AddressBook (Also known as others, these are usually people you correspond with) // * CA (Intermediate CAs, Intermediates are not trusted; instead they are used to chain to trusted CAs) // * Root (Trusted CAs, These are the CAs that you have chosen to directly trust) // // When we open the store we will do so using the least-privilege model, since we only need to read // that is all we will ask for. All users on windows can read their personal user store. Store.Open(CAPICOM_CURRENT_USER_STORE, szStore, CAPICOM_STORE_OPEN_READ_ONLY); // Create the enumeration object so we can see what certificates are available. var Certificates = Store.Certificates; //begin constructing table szHTML = " <table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"CertTable\">"; szHTML = szHTML +" <tr><th>x</th><th>Subject</th><th>Issuer</th></tr>"; // Enumerate through each of the certificates in the store.. for (i = 1; i <= (Certificates.Count); i++) { szHTML = szHTML +" <tr><td class=\"checkCert\" onMouseOver=\"this.style.color=’#FF0000’;this.style.cursor = ’hand’\" onMouseOut=\"this.style.color=’#000000’\"><a OnClick=\"checkCertStatus(’" + Certificates.Item(i).Thumbprint + "’)\">x</a></td><td class=\"CertSubject\" onMouseOver=\"this.style.color=’#FF0000’;this.style.cursor = ’hand’\" onMouseOut=\"this.style.color=’#000000’\"><a OnClick=\"displayCert(’" + Certificates.Item(i).Thumbprint + "’)\">" + Certificates.Item(i).GetInfo(CAPICOM_INFO_SUBJECT_SIMPLE_NAME) +"</a></td><td class=\"CertIssuer\">" + Certificates.Item(i).GetInfo(CAPICOM_INFO_ISSUER_SIMPLE_NAME) +"</td></tr>"; } // end table szHTML = szHTML +" </table>"; szHTML = szHTML +" </td>"; szHTML = szHTML +" </tr>"; szHTML = szHTML +"</table>"; // update the div datadiv.innerHTML=szHTML; // Clean up Store = null; Certificates = null; window.status=""; } function init() { // The installation of CAPICOM is dependant on various security permissions on the host pc // some of these permissions include: // * read and create permissions to the HKR key in the registry (to register the object) // * read permissions to the capicom.dll on the file system // // If a user does not have said permissions you will not be able to Instantiate the object // as such your code will not work. So prior to utilizing any of the objects implemented // by CAPICOM we will check to see if it has been installed. if (IsCAPICOMInstalled() != true) { // Alert the that CAPICOM was not able to be installed alert("CAPICOM could not be loaded, possibly due to insufficient access privileges on this machine."); } else { populateCertificateList("My"); } } </script> </head> <body OnLoad="init()"> <style type="text/css"> TABLE {font-family:tahoma,sans-serif; font-size:11px;border:0px} TABLE.CertTable TD {border-bottom:solid #93BEE2 1px} TABLE.CertTable TH {background-color:#336699;text-align:left} TABLE.CertTable TR {background-color:#FFF7E5;text-align:left} TD.CheckCert {text-decoration:underline} TD.CertSubject {text-decoration:underline} TD.CertIssuer {text-decoration:none} </style> <table ID="tblStoreMenu"> <tr> <td> <input value="Personal" type="button" onclick="populateCertificateList(’My’)" ID="btnMyStore" NAME="btnMyStore" /> </td> <td> <input value="Others" type="button" onclick="populateCertificateList(’AddressBook’)" ID="btnAddrBookStore" NAME="btnAddrBookStore" /> </td> <td> <input value="Intermediate CAs" type="button" onclick="populateCertificateList(’CA’)" ID="btnCAStore" NAME="btnCAStore" /> </td> <td> <input value="Root CAs" type="button" onclick="populateCertificateList(’Root’)" ID="btnRootStore" NAME="btnRootStore" /> </td> </tr> </table> <div id="datadiv"></div> </body> </html> | ||||
| ||||
| и еще одна проблема : должно быть var CAPICOM_CURRENT_USER_STORE = 2; 1 - это CAPICOM_LOCAL_MACHINE_STORE, где скорее всего ничего нет | ||||
LadyShack