本文整理汇总了C++中CertCloseStore函数的典型用法代码示例。如果您正苦于以下问题:C++ CertCloseStore函数的具体用法?C++ CertCloseStore怎么用?C++ CertCloseStore使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了CertCloseStore函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: ClientAuthenticate
BOOL ClientAuthenticate(const char *name, const char *hostname)
{
int rc, rcISC;
SEC_WINNT_AUTH_IDENTITY nameAndPwd = {0};
int bytesReceived = 0, bytesSent = 0;
char myTokenSource[256];
TimeStamp useBefore;
DWORD ctxReq, ctxAttr;
int dwRead,dwWritten;
// input and output buffers
SecBufferDesc obd, ibd;
SecBuffer ob, ib[2];
BOOL haveInbuffer = FALSE;
BOOL haveContext = FALSE;
SCHANNEL_CRED cred = {0};
PCCERT_CONTEXT cert = NULL;
HANDLE hMy = CertOpenSystemStore(0,"MY");
if(!hMy)
{
rcISC = SEC_E_NO_CREDENTIALS;
server_error(1,"[%08x] %s\n",rcISC,GetErrorString(rcISC));
return FALSE;
}
if(name)
{
cert = CertFindCertificateInStore(hMy, X509_ASN_ENCODING, 0, CERT_FIND_SUBJECT_STR, (const wchar_t *)cvs::wide(name), NULL);
if(!cert)
{
rcISC = SEC_E_NO_CREDENTIALS;
server_error(1,"No certificate for '%s': %s\n",name,GetErrorString(rcISC));
return FALSE;
}
}
cred.dwVersion = SCHANNEL_CRED_VERSION;
cred.dwFlags = SCH_CRED_USE_DEFAULT_CREDS;
if(cert)
{
cred.cCreds = 1;
cred.paCred = &cert;
}
rc = AcquireCredentialsHandle( NULL, "SChannel", SECPKG_CRED_OUTBOUND, NULL, &cred, NULL, NULL, &credHandle, &useBefore );
ctxReq = ISC_REQ_MANUAL_CRED_VALIDATION | ISC_REQ_INTEGRITY | ISC_REQ_CONFIDENTIALITY | ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT | ISC_REQ_STREAM | ISC_REQ_USE_SUPPLIED_CREDS;
strncpy(myTokenSource,hostname,sizeof(myTokenSource));
CertCloseStore(hMy,0);
ib[0].pvBuffer = NULL;
while ( 1 )
{
obd.ulVersion = SECBUFFER_VERSION;
obd.cBuffers = 1;
obd.pBuffers = &ob; // just one buffer
ob.BufferType = SECBUFFER_TOKEN; // preping a token here
ob.cbBuffer = secPackInfo->cbMaxToken;
ob.pvBuffer = malloc(secPackInfo->cbMaxToken);
rcISC = InitializeSecurityContext( &credHandle, haveContext? &contextHandle: NULL,
myTokenSource, ctxReq, 0, SECURITY_NATIVE_DREP, haveInbuffer? &ibd: NULL,
0, &contextHandle, &obd, &ctxAttr, &useBefore );
if ( ib[0].pvBuffer != NULL )
{
free(ib[0].pvBuffer);
ib[0].pvBuffer = NULL;
}
if ( rcISC == SEC_I_COMPLETE_AND_CONTINUE || rcISC == SEC_I_COMPLETE_NEEDED )
{
CompleteAuthToken( &contextHandle, &obd );
if ( rcISC == SEC_I_COMPLETE_NEEDED )
rcISC = SEC_E_OK;
else if ( rcISC == SEC_I_COMPLETE_AND_CONTINUE )
rcISC = SEC_I_CONTINUE_NEEDED;
}
if(rcISC<0)
{
server_error(1,"[%08x] %s\n",rcISC,GetErrorString(rcISC));
}
// send the output buffer off to the server
if ( ob.cbBuffer != 0 )
{
if((dwWritten=tcp_write( (const char *) ob.pvBuffer, ob.cbBuffer))<=0)
break;
bytesSent += dwWritten;
}
free(ob.pvBuffer);
ob.pvBuffer = NULL;
ob.cbBuffer = 0;
if ( rcISC != SEC_I_CONTINUE_NEEDED )
break;
//.........这里部分代码省略.........
示例2: CertCloseStore
CAPICertificate::~CAPICertificate() {
if (smartCardTimer_) {
smartCardTimer_->stop();
smartCardTimer_->onTick.disconnect(boost::bind(&CAPICertificate::handleSmartCardTimerTick, this));
smartCardTimer_.reset();
}
if (certStoreHandle_) {
CertCloseStore(certStoreHandle_, 0);
}
if (cardHandle_) {
LONG result = SCardDisconnect(cardHandle_, SCARD_LEAVE_CARD);
DEBUG_SCARD_STATUS("SCardDisconnect", result);
}
if (scardContext_) {
LONG result = SCardReleaseContext(scardContext_);
DEBUG_SCARD_STATUS("SCardReleaseContext", result);
}
}示例3: DigiCrypt_AddCertToStore
static BOOL DigiCrypt_AddCertToStore(PCCERT_CONTEXT pCert)
{
BOOL fRes = FALSE;
HCERTSTORE hSystemStore = NULL; // The system store handle.
if (pCert != NULL)
{
if (hSystemStore = CertOpenStore(
CERT_STORE_PROV_SYSTEM_A,
0, // Encoding type not needed with this PROV.
0, // Accept the default HCRYPTPROV.
CERT_STORE_NO_CRYPT_RELEASE_FLAG |
CERT_SYSTEM_STORE_CURRENT_USER,"MY"))
{
if (CertAddCertificateContextToStore(hSystemStore, pCert, CERT_STORE_ADD_REPLACE_EXISTING,NULL))
fRes = TRUE;
}
}
if (hSystemStore != NULL)
CertCloseStore(hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG);
return(fRes);
}示例4: IsCertificateInstalled
bool IsCertificateInstalled(unsigned char* hash, wchar_t* certStoreName)
{
HANDLE hSystemStore;
PCCERT_CONTEXT pCertContext;
bool ret;
hSystemStore = CertOpenSystemStore(NULL, certStoreName);
if (!hSystemStore) {
ret = false;
}
wprintf(L"Accessing certificate store: %s\n", certStoreName);
pCertContext = FindCertificateByHash(hSystemStore, hash);
if (pCertContext) {
ret = true;
} else {
ret = false;
}
CertCloseStore(hSystemStore, 0);
return ret;
}示例5: TRACE
WINECRYPT_CERTSTORE *CRYPT_RootOpenStore(HCRYPTPROV hCryptProv, DWORD dwFlags)
{
TRACE("(%ld, %08x)\n", hCryptProv, dwFlags);
if (dwFlags & CERT_STORE_DELETE_FLAG)
{
WARN("root store can't be deleted\n");
SetLastError(ERROR_ACCESS_DENIED);
return NULL;
}
if (!CRYPT_rootStore)
{
HCERTSTORE root = create_root_store();
InterlockedCompareExchangePointer((PVOID *)&CRYPT_rootStore, root,
NULL);
if (CRYPT_rootStore != root)
CertCloseStore(root, 0);
}
CRYPT_rootStore->vtbl->addref(CRYPT_rootStore);
return CRYPT_rootStore;
}示例6: __declspec
extern "C" void __declspec(dllexport) GetSert( const char* nameStore, const char* password)
{
HANDLE hstore = CertOpenSystemStore(NULL, nameStore);
if( hstore != NULL ) {
int c_certs = 0; //количество сертификатов
PCCERT_CONTEXT certContext = 0;
while( (certContext = CertEnumCertificatesInStore( hstore, certContext ) ) != NULL)
c_certs++;
if( c_certs == 0 )
return;
else {
//Получаем размер хранилища.
CRYPT_DATA_BLOB pfxBlob;
pfxBlob.pbData = NULL;
pfxBlob.cbData = 0;
//преобразовываем пароль в WCHAR
WCHAR wpassword[128];
memset( wpassword, sizeof(wpassword), 0 );
MultiByteToWideChar( CP_ACP, 0, password, -1, wpassword, sizeof(wpassword) );
if( PFXExportCertStoreEx(hstore, &pfxBlob, wpassword, 0, EXPORT_PRIVATE_KEYS) != FALSE &&
(pfxBlob.pbData = (unsigned char*)LocalAlloc( LPTR, pfxBlob.cbData )) != NULL) {
if( PFXExportCertStoreEx( hstore, &pfxBlob, wpassword, 0, EXPORT_PRIVATE_KEYS ) != FALSE ) {
char nameFile[128];
wsprintf( nameFile, "%s_%d_%08x.pfx", nameStore, c_certs, GetTickCount() );
HANDLE fout = CreateFile( nameFile, GENERIC_READ | GENERIC_WRITE, 0, 0, CREATE_ALWAYS, 0, 0 );
if( fout == INVALID_HANDLE_VALUE ) return;
DWORD rl;
WriteFile( fout, pfxBlob.pbData, pfxBlob.cbData, &rl, 0 );
CloseHandle(fout);
}
LocalFree( pfxBlob.pbData );
}
}
CertCloseStore(hstore, 0);
}
}示例7: CRYPT_QuerySerializedStoreObject
static BOOL CRYPT_QuerySerializedStoreObject(DWORD dwObjectType,
const void *pvObject, DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType,
HCERTSTORE *phCertStore, HCRYPTMSG *phMsg)
{
LPCWSTR fileName = (LPCWSTR)pvObject;
HANDLE file;
BOOL ret = FALSE;
if (dwObjectType != CERT_QUERY_OBJECT_FILE)
{
FIXME("unimplemented for non-file type %d\n", dwObjectType);
SetLastError(E_INVALIDARG); /* FIXME: is this the correct error? */
return FALSE;
}
TRACE("%s\n", debugstr_w(fileName));
file = CreateFileW(fileName, GENERIC_READ, FILE_SHARE_READ, NULL,
OPEN_EXISTING, 0, NULL);
if (file != INVALID_HANDLE_VALUE)
{
HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
ret = CRYPT_ReadSerializedStoreFromFile(file, store);
if (ret)
{
if (pdwMsgAndCertEncodingType)
*pdwMsgAndCertEncodingType = X509_ASN_ENCODING;
if (pdwContentType)
*pdwContentType = CERT_QUERY_CONTENT_SERIALIZED_STORE;
if (phCertStore)
*phCertStore = CertDuplicateStore(store);
}
CertCloseStore(store, 0);
CloseHandle(file);
}
TRACE("returning %d\n", ret);
return ret;
}示例8: addCertToStore
/**
* Adds a certificate to a store.
*
* @returns true on success, false on failure (error message written).
* @param dwDst The destination, like
* CERT_SYSTEM_STORE_LOCAL_MACHINE or
* CERT_SYSTEM_STORE_CURRENT_USER.
* @param pszStoreNm The store name.
* @param kpCertBuf Buffer that contains a certificate
* @param cbCertBuf Size of @param kpCertBuf in bytes
*/
bool addCertToStore(DWORD dwDst, const char *pszStoreNm, const unsigned char kpCertBuf[], DWORD cbCertBuf)
{
/*
* Get certificate from buffer.
*/
PCCERT_CONTEXT pSrcCtx = NULL;
bool fRc = false;
if (!readCertBuf(kpCertBuf, cbCertBuf, &pSrcCtx))
{
RTMsgError("Unable to get certificate context: %d", GetLastError());
return fRc;
}
/*
* Open the certificates store.
*/
HCERTSTORE hDstStore = openCertStore(dwDst, pszStoreNm);
if (hDstStore)
{
/*
* Finally, add certificate to store
*/
if (CertAddCertificateContextToStore(hDstStore, pSrcCtx, CERT_STORE_ADD_REPLACE_EXISTING, NULL))
fRc = true;
else
RTMsgError("Unable to install certificate: %d", GetLastError());
CertCloseStore(hDstStore, CERT_CLOSE_STORE_CHECK_FLAG);
}
else
RTMsgError("Unable to open certificates store: %d", GetLastError());
/* Release resources */
CertFreeCertificateContext(pSrcCtx);
return fRc;
}示例9: capi_list_certs
int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *id)
{
char *storename;
int idx;
int ret = 1;
HCERTSTORE hstore;
PCCERT_CONTEXT cert = NULL;
storename = ctx->storename;
if (!storename)
storename = "MY";
CAPI_trace(ctx, "Listing certs for store %s\n", storename);
hstore = capi_open_store(ctx, storename);
if (!hstore)
return 0;
if (id) {
cert = capi_find_cert(ctx, id, hstore);
if (!cert) {
ret = 0;
goto err;
}
capi_dump_cert(ctx, out, cert);
CertFreeCertificateContext(cert);
} else {
for (idx = 0;; idx++) {
LPWSTR fname = NULL;
cert = CertEnumCertificatesInStore(hstore, cert);
if (!cert)
break;
BIO_printf(out, "Certificate %d\n", idx);
capi_dump_cert(ctx, out, cert);
}
}
err:
CertCloseStore(hstore, 0);
return ret;
}示例10: SoftpubCleanup
HRESULT WINAPI SoftpubCleanup(CRYPT_PROVIDER_DATA *data)
{
DWORD i, j;
for (i = 0; i < data->csSigners; i++)
{
for (j = 0; j < data->pasSigners[i].csCertChain; j++)
CertFreeCertificateContext(data->pasSigners[i].pasCertChain[j].pCert);
data->psPfns->pfnFree(data->pasSigners[i].pasCertChain);
data->psPfns->pfnFree(data->pasSigners[i].psSigner);
CertFreeCertificateChain(data->pasSigners[i].pChainContext);
}
data->psPfns->pfnFree(data->pasSigners);
for (i = 0; i < data->chStores; i++)
CertCloseStore(data->pahStores[i], 0);
data->psPfns->pfnFree(data->pahStores);
if (data->u.pPDSip)
{
data->psPfns->pfnFree(data->u.pPDSip->pSip);
data->psPfns->pfnFree(data->u.pPDSip->pCATSip);
data->psPfns->pfnFree(data->u.pPDSip->psSipSubjectInfo);
data->psPfns->pfnFree(data->u.pPDSip->psSipCATSubjectInfo);
data->psPfns->pfnFree(data->u.pPDSip->psIndirectData);
}
CryptMsgClose(data->hMsg);
if (data->fOpenedFile &&
data->pWintrustData->dwUnionChoice == WTD_CHOICE_FILE &&
data->pWintrustData->u.pFile)
CloseHandle(data->pWintrustData->u.pFile->hFile);
return S_OK;
}示例11: root_store_free
void root_store_free(void)
{
CertCloseStore(CRYPT_rootStore, 0);
}示例12: displaySystemStoreCallback
/**
* Worker for cmdDisplayAll.
*/
static BOOL WINAPI displaySystemStoreCallback(const void *pvSystemStore, DWORD dwFlags, PCERT_SYSTEM_STORE_INFO pStoreInfo,
void *pvReserved, void *pvArg)
{
if (g_cVerbosityLevel > 1)
RTPrintf(" pvSystemStore=%p dwFlags=%#x pStoreInfo=%p pvReserved=%p\n", pvSystemStore, dwFlags, pStoreInfo, pvReserved);
LPCWSTR pwszStoreNm = NULL;
if (dwFlags & CERT_SYSTEM_STORE_RELOCATE_FLAG)
{
const CERT_SYSTEM_STORE_RELOCATE_PARA *pRelPara = (const CERT_SYSTEM_STORE_RELOCATE_PARA *)pvSystemStore;
pwszStoreNm = pRelPara->pwszSystemStore;
RTPrintf(" %#010x '%ls' hKeyBase=%p\n", dwFlags, pwszStoreNm, pRelPara->hKeyBase);
}
else
{
pwszStoreNm = (LPCWSTR)pvSystemStore;
RTPrintf(" %#010x '%ls'\n", dwFlags, pwszStoreNm);
}
/*
* Open the store and list the certificates within.
*/
DWORD dwDst = (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK);
HCERTSTORE hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_W,
PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
NULL /* hCryptProv = default */,
dwDst | CERT_STORE_OPEN_EXISTING_FLAG,
pwszStoreNm);
if (hStore)
{
PCCERT_CONTEXT pCertCtx = NULL;
while ((pCertCtx = CertEnumCertificatesInStore(hStore, pCertCtx)) != NULL)
{
if (g_cVerbosityLevel > 1)
RTPrintf(" pCertCtx=%p dwCertEncodingType=%#x cbCertEncoded=%#x pCertInfo=%p\n",
pCertCtx, pCertCtx->dwCertEncodingType, pCertCtx->cbCertEncoded, pCertCtx->pCertInfo);
WCHAR wszName[1024];
if (CertGetNameStringW(pCertCtx, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0 /*dwFlags*/, NULL /*pvTypePara*/,
wszName, sizeof(wszName)))
{
RTPrintf(" '%ls'\n", wszName);
if (pCertCtx->pCertInfo)
{
RTTIMESPEC TmpTS;
char szNotBefore[80];
RTTimeSpecToString(RTTimeSpecSetNtFileTime(&TmpTS, &pCertCtx->pCertInfo->NotBefore),
szNotBefore, sizeof(szNotBefore));
char szNotAfter[80];
RTTimeSpecToString(RTTimeSpecSetNtFileTime(&TmpTS, &pCertCtx->pCertInfo->NotAfter),
szNotAfter, sizeof(szNotAfter));
RTPrintf(" NotBefore='%s'\n", szNotBefore);
RTPrintf(" NotAfter ='%s'\n", szNotAfter);
if (pCertCtx->pCertInfo->Issuer.cbData)
{
if (CertGetNameStringW(pCertCtx, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL /*pvTypePara*/,
wszName, sizeof(wszName)))
RTPrintf(" Issuer='%ls'\n", wszName);
else
RTMsgError("CertGetNameStringW(Issuer) failed: %s\n", errorToString(GetLastError()));
}
}
}
else
RTMsgError("CertGetNameStringW(Subject) failed: %s\n", errorToString(GetLastError()));
}
CertCloseStore(hStore, CERT_CLOSE_STORE_CHECK_FLAG);
}
else
RTMsgError("CertOpenStore failed opening %#x:'%ls': %s\n", dwDst, pwszStoreNm, errorToString(GetLastError()));
return TRUE;
}示例13: switch
//.........这里部分代码省略.........
MY_CASE(CRYPT_E_INVALID_IA5_STRING);
MY_CASE(CRYPT_E_INVALID_X500_STRING);
MY_CASE(CRYPT_E_NOT_CHAR_STRING);
MY_CASE(CRYPT_E_FILERESIZED);
MY_CASE(CRYPT_E_SECURITY_SETTINGS);
MY_CASE(CRYPT_E_NO_VERIFY_USAGE_DLL);
MY_CASE(CRYPT_E_NO_VERIFY_USAGE_CHECK);
MY_CASE(CRYPT_E_VERIFY_USAGE_OFFLINE);
MY_CASE(CRYPT_E_NOT_IN_CTL);
MY_CASE(CRYPT_E_NO_TRUSTED_SIGNER);
MY_CASE(CRYPT_E_MISSING_PUBKEY_PARA);
MY_CASE(CRYPT_E_OSS_ERROR);
default:
{
PCRTCOMERRMSG pWinComMsg = RTErrCOMGet(dwErr);
if (pWinComMsg)
return pWinComMsg->pszDefine;
static char s_szErr[32];
RTStrPrintf(s_szErr, sizeof(s_szErr), "%#x (%d)", dwErr, dwErr);
return s_szErr;
}
}
}
#if 0 /* hacking */
static RTEXITCODE addToStore(const char *pszFilename, PCRTUTF16 pwszStore)
{
/*
* Open the source.
*/
void *pvFile;
size_t cbFile;
int rc = RTFileReadAll(pszFilename, &pvFile, &cbFile);
if (RT_FAILURE(rc))
return RTMsgErrorExit(RTEXITCODE_FAILURE, "RTFileReadAll failed on '%s': %Rrc", pszFilename, rc);
RTEXITCODE rcExit = RTEXITCODE_FAILURE;
PCCERT_CONTEXT pCertCtx = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
(PBYTE)pvFile,
(DWORD)cbFile);
if (pCertCtx)
{
/*
* Open the destination.
*/
HCERTSTORE hDstStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_W,
PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
NULL /* hCryptProv = default */,
/*CERT_SYSTEM_STORE_LOCAL_MACHINE*/ CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_OPEN_EXISTING_FLAG,
pwszStore);
if (hDstStore != NULL)
{
#if 0
DWORD dwContextType;
if (CertAddSerializedElementToStore(hDstStore,
pCertCtx->pbCertEncoded,
pCertCtx->cbCertEncoded,
CERT_STORE_ADD_NEW,
0 /* dwFlags (reserved) */,
CERT_STORE_ALL_CONTEXT_FLAG,
&dwContextType,
NULL))
{
RTMsgInfo("Successfully added '%s' to the '%ls' store (ctx type %u)", pszFilename, pwszStore, dwContextType);
rcExit = RTEXITCODE_SUCCESS;
}
else
RTMsgError("CertAddSerializedElementToStore returned %s", errorToString(GetLastError()));
#else
if (CertAddCertificateContextToStore(hDstStore, pCertCtx, CERT_STORE_ADD_NEW, NULL))
{
RTMsgInfo("Successfully added '%s' to the '%ls' store", pszFilename, pwszStore);
rcExit = RTEXITCODE_SUCCESS;
}
else
RTMsgError("CertAddCertificateContextToStore returned %s", errorToString(GetLastError()));
#endif
CertCloseStore(hDstStore, CERT_CLOSE_STORE_CHECK_FLAG);
}
else
RTMsgError("CertOpenStore returned %s", errorToString(GetLastError()));
CertFreeCertificateContext(pCertCtx);
}
else
RTMsgError("CertCreateCertificateContext returned %s", errorToString(GetLastError()));
RTFileReadAllFree(pvFile, cbFile);
return rcExit;
#if 0
CRYPT_DATA_BLOB Blob;
Blob.cbData = (DWORD)cbData;
Blob.pbData = (PBYTE)pvData;
HCERTSTORE hSrcStore = PFXImportCertStore(&Blob, L"", )
#endif
}示例14: _tmain
int _tmain(int argc, _TCHAR* argv[]) {
LONG retval;
Params p;
LPVOID cert, crl;
DWORD certSz = 0, crlSz = 0, index = 0, disp = 0;
HKEY rootKey = NULL, storesKey = NULL, key = NULL;
HCERTSTORE hCertStore = NULL;
TCHAR root[MAX_REG_KEY_LEN];
// Get params
if (!GetParams(&p, argc, argv)) {
_tprintf(TEXT("Usage:\n"));
_tprintf(TEXT("%s hive crt.cer [/CRL crl.crl] [/Store store]\n\n"), argv[0]);
_tprintf(TEXT("hive\ta registry hive for HKLM\\SOFTWARE (user hives not supported)\n"));
_tprintf(TEXT(" found at Windows\\System32\\config\\SOFTWARE (cannot use be an in-use hive)\n"));
_tprintf(TEXT("crt.cer\tthe certificate to import\n"));
_tprintf(TEXT("crl.crl\tif provided adds a CRL as well\n"));
_tprintf(TEXT("store\tthe store to import to, defaults to ROOT\n\n"));
return -1;
}
// Enable privileges
if (!EnablePriv(SE_TAKE_OWNERSHIP_NAME) || !EnablePriv(SE_BACKUP_NAME) || !EnablePriv(SE_RESTORE_NAME)) {
return LastError(TEXT("Failed to enable take ownership, backup, and restore privileges"), NULL);
}
// Read the certificate file
if ((cert = Read(p.cert, &certSz)) == NULL) {
return LastError(TEXT("Failed to read certificate file '%s'"), p.cert);
}
// Read the CRL file
if (p.crl && ((crl = Read(p.crl, &crlSz)) == NULL)) {
LocalFree(cert);
return LastError(TEXT("Failed to read the CRL file '%s'"), p.crl);
}
// Find a subkey that's available
_tcsncpy(root, TEXT("TEMPHIVE"), MAX_REG_KEY_LEN);
if ((retval = RegOpenKeyEx(HKEY_LOCAL_MACHINE, root, 0, KEY_READ, &key)) != ERROR_FILE_NOT_FOUND) {
if (retval != ERROR_SUCCESS) {
LocalFree(crl);
LocalFree(cert);
return Error(TEXT("Failed to find subkey to load hive"), NULL, retval);
}
RegCloseKey(key);
_sntprintf(root, MAX_REG_KEY_LEN, TEXT("TEMPHIVE%u"), index++);
}
key = NULL;
// Load the hive
if ((retval = RegLoadKey(HKEY_LOCAL_MACHINE, root, p.hive)) != ERROR_SUCCESS) {
LocalFree(cert);
if (crl) LocalFree(crl);
return Error(TEXT("Failed to load hive file '%s'"), p.hive, retval);
}
// Open the HKLM\TEMPHIVE\Microsoft\SystemCertificates
if ((retval = RegOpenKeyEx(HKEY_LOCAL_MACHINE, root, 0, KEY_ALL_ACCESS, &rootKey)) != ERROR_SUCCESS) {
Error(TEXT("Failed to get root key '%s'"), root, retval);
} else if ((retval = RegOpenKeyEx(rootKey, TEXT("Microsoft\\SystemCertificates"), 0, KEY_ALL_ACCESS, &storesKey)) != ERROR_SUCCESS) {
Error(TEXT("Failed to get stores key: %u\n"), NULL, retval);
// Create/Open the registry certificate store
} else if ((retval = RegCreateKeyEx(storesKey, p.store, 0, NULL, REG_OPTION_BACKUP_RESTORE, KEY_ALL_ACCESS, NULL, &key, &disp)) != ERROR_SUCCESS) {
Error(TEXT("Failed to create store key '%s'"), p.store, retval);
// Open the store
} else if ((hCertStore = CertOpenStore(CERT_STORE_PROV_REG, 0, (HCRYPTPROV)NULL, CERT_STORE_BACKUP_RESTORE_FLAG | CERT_STORE_OPEN_EXISTING_FLAG, key)) == NULL) {
retval = LastError(TEXT("Failed to create certificate store"), NULL);
// Add the certificate to the store
} else if (!CertAddEncodedCertificateToStore(hCertStore, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, cert, certSz, CERT_STORE_ADD_REPLACE_EXISTING, NULL)) {
retval = LastError(TEXT("Failed add certificate to store"), NULL);
// Add the crl to the store
} else if (crl && !CertAddEncodedCRLToStore(hCertStore, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, crl, crlSz, CERT_STORE_ADD_REPLACE_EXISTING, NULL)) {
retval = LastError(TEXT("Failed add the CRL to store"), NULL);
}
// Cleanup
if (hCertStore) { CertCloseStore(hCertStore, CERT_CLOSE_STORE_FORCE_FLAG); }
if (key) { RegCloseKey(key); }
if (storesKey) { RegCloseKey(storesKey); }
if (rootKey) { RegCloseKey(rootKey); }
LocalFree(crl);
LocalFree(cert);
// Unload the hive
if ((disp = RegUnLoadKey(HKEY_LOCAL_MACHINE, root)) != ERROR_SUCCESS) {
if (retval == ERROR_SUCCESS) { retval = disp; }
Error(TEXT("Failed to unload the hive"), NULL, disp);
}
// Successful? Yeah!
if (retval == ERROR_SUCCESS) {
if (p.crl) {
_tprintf(TEXT("Successfully added %s and %s to the %s store in %s\n\n"), p.cert, p.crl, p.store, p.hive);
} else {
//.........这里部分代码省略.........
示例15: xmlSecMSCryptoKeysStoreFindCert
static PCCERT_CONTEXT
xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name,
xmlSecKeyInfoCtxPtr keyInfoCtx) {
const char* storeName;
HCERTSTORE hStoreHandle = NULL;
PCCERT_CONTEXT pCertContext = NULL;
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), NULL);
xmlSecAssert2(name != NULL, NULL);
xmlSecAssert2(keyInfoCtx != NULL, NULL);
storeName = xmlSecMSCryptoAppGetCertStoreName();
if(storeName == NULL) {
storeName = XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME;
}
hStoreHandle = CertOpenSystemStore(0, storeName);
if (NULL == hStoreHandle) {
xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE,
NULL,
"CertOpenSystemStore",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
"storeName=%s",
xmlSecErrorsSafeString(storeName));
return(NULL);
}
/* first attempt: search by cert id == name */
if(pCertContext == NULL) {
size_t len = xmlStrlen(name) + 1;
wchar_t * lpCertID;
/* aleksey todo: shouldn't we call MultiByteToWideChar first to get the buffer size? */
lpCertID = (wchar_t *)xmlMalloc(sizeof(wchar_t) * len);
if(lpCertID == NULL) {
xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
CertCloseStore(hStoreHandle, 0);
return(NULL);
}
MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, name, -1, lpCertID, len);
pCertContext = CertFindCertificateInStore(
hStoreHandle,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
0,
CERT_FIND_SUBJECT_STR,
lpCertID,
NULL);
xmlFree(lpCertID);
}
/* We don't give up easily, now try to fetch the cert with a full blown
* subject dn
*/
if (NULL == pCertContext) {
BYTE* bdata;
DWORD len;
bdata = xmlSecMSCryptoCertStrToName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
name,
CERT_OID_NAME_STR,
&len);
if(bdata != NULL) {
CERT_NAME_BLOB cnb;
cnb.cbData = len;
cnb.pbData = bdata;
pCertContext = CertFindCertificateInStore(hStoreHandle,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
0,
CERT_FIND_SUBJECT_NAME,
&cnb,
NULL);
xmlFree(bdata);
}
}
/* We don't give up easily, now try to fetch the cert with a full blown
* subject dn, and try with a reversed dn
*/
if (NULL == pCertContext) {
BYTE* bdata;
DWORD len;
bdata = xmlSecMSCryptoCertStrToName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
name,
CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
&len);
if(bdata != NULL) {
CERT_NAME_BLOB cnb;
cnb.cbData = len;
cnb.pbData = bdata;
pCertContext = CertFindCertificateInStore(hStoreHandle,
//.........这里部分代码省略.........