EnumCertificates
Security and signatures
Description
Enumerates every certificate in a Windows system certificate store and returns its metadata. Each entry carries the Subject and Issuer simple-display names, the serial number (uppercase hex, MSB first), the NotBefore/NotAfter validity window, a HasPrivateKey flag (required for signing), a Qualified flag (true when the cert carries the eIDAS QCStatements extension, OID 0.4.0.1862.1.7, detected via a built-in DER decoder), and a CertHandle (the raw PCCERT_CONTEXT).
The CertHandle is valid only for the duration of the call; callers that want to keep a handle for later signing must duplicate it via CertDuplicateCertificateContext and then pass it to SetSignProcessCertFromStoreByHandle.
Syntax
Delphi
Function TPDFlib.EnumCertificates(Const StoreName: WideString; UseMachineStore: Boolean; Out Certs: Array Of TPDFlibCertificateInfo): Integer;
Parameters
| StoreName | The Windows system store name ("MY", "Root", "CA", ...) |
|---|---|
| UseMachineStore | True for CERT_SYSTEM_STORE_LOCAL_MACHINE, False for CERT_SYSTEM_STORE_CURRENT_USER |
| Certs | Caller-allocated array filled with certificate metadata up to its length |
Return values
| >= 0 | The number of certificates written into Certs (may be less than the store size if the array is too small) |
|---|