//---------------------------------------------------------------------------- // HrFindCertificateBySubjectName // //---------------------------------------------------------------------------- static HRESULT HrFindCertificateBySubjectName(string wszStore, string wszSubject, out SafePCCERT_CONTEXT ppcCert) { ppcCert = default; //------------------------------------------------------------------- // Open the certificate store to be searched. using var hStoreHandle = CertOpenStore( CertStoreProvider.CERT_STORE_PROV_SYSTEM, // the store provider type 0, // the encoding type is not needed default, // use the default HCRYPTPROV CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER, // set the store location in a registry location wszStore); // the store name if (hStoreHandle.IsInvalid) { return((HRESULT)Win32Error.GetLastError()); } //------------------------------------------------------------------- // Get a certificate that has the specified Subject Name ppcCert = CertFindCertificateInStore(hStoreHandle, CertEncodingType.X509_ASN_ENCODING, // Use X509_ASN_ENCODING 0, // No dwFlags needed CertFindType.CERT_FIND_SUBJECT_STR, // Find a certificate with a subject that matches the string in the next parameter wszSubject, // The Unicode string to be found in a certificate's subject default); // NULL for the first call to the function; In all subsequent calls, it is the last pointer returned by the function if (ppcCert.IsInvalid) { return((HRESULT)Win32Error.GetLastError()); } return(HRESULT.S_OK); }
/***************************************************************************** * wmain * *****************************************************************************/ static int Main(string[] args) { HRESULT hr = HRESULT.S_OK; SafeHCERTSTORE hStoreHandle = default; string wszStoreName = "MY"; // by default, MY string wszContainerName = "SAMPLE"; uint dwBits = 0; string wszKeyAlgName = "RSA"; // string[] rgwszCNGAlgs = new string[] { "SHA1", "RSA" }; SafeNCRYPT_KEY_HANDLE hCNGKey = default; SafePCCERT_CONTEXT pCertContext = default; CRYPTOAPI_BLOB SubjectName = default; int i; // // options // for (i = 0; i < args.Length; i++) { if (string.Compare(args[i], "/?") == 0 || string.Compare(args[i], "-?") == 0) { Usage("CreateCert.exe"); goto CleanUp; } if (args[i][0] != '-') { break; } if (string.Compare(args[i], "-s") == 0) { if (i + 1 >= args.Length) { hr = HRESULT.E_INVALIDARG; goto CleanUp; } wszStoreName = args[++i]; } else if (string.Compare(args[i], "-c") == 0) { if (i + 1 >= args.Length) { hr = HRESULT.E_INVALIDARG; goto CleanUp; } wszContainerName = args[++i]; } else if (string.Compare(args[i], "-k") == 0) { if (i + 1 >= args.Length) { hr = HRESULT.E_INVALIDARG; goto CleanUp; } wszKeyAlgName = args[++i]; } else if (string.Compare(args[i], "-h") == 0) { if (i + 1 >= args.Length) { hr = HRESULT.E_INVALIDARG; goto CleanUp; } rgwszCNGAlgs[0] = args[++i]; } else if (string.Compare(args[i], "-l") == 0) { if (i + 1 >= args.Length) { hr = HRESULT.E_INVALIDARG; goto CleanUp; } dwBits = uint.Parse(args[++i]); } } if (i >= args.Length) { hr = HRESULT.E_INVALIDARG; goto CleanUp; } var wszSubject = args[i]; // // Find the Signature algorithm // var pOidInfo = CryptFindOIDInfo(CryptOIDInfoFlags.CRYPT_OID_INFO_NAME_KEY, wszKeyAlgName, OIDGroupId.CRYPT_PUBKEY_ALG_OID_GROUP_ID); if (default == pOidInfo) { Console.Write("FAILED: Unable to find Public Key algorithm: '{0}'.\n", wszKeyAlgName); hr = HRESULT.CRYPT_E_UNKNOWN_ALGO; goto CleanUp; } var oidInfo = (CRYPT_OID_INFO)pOidInfo; if (!string.IsNullOrEmpty(oidInfo.pwszCNGExtraAlgid)) { rgwszCNGAlgs[1] = oidInfo.pwszCNGExtraAlgid; } else { rgwszCNGAlgs[1] = oidInfo.pwszCNGAlgid; } using (var pAlgs = SafeLocalHandle.CreateFromStringList(rgwszCNGAlgs, StringListPackMethod.Packed, CharSet.Unicode)) pOidInfo = CryptFindOIDInfo(CryptOIDInfoFlags.CRYPT_OID_INFO_CNG_SIGN_KEY, pAlgs, OIDGroupId.CRYPT_SIGN_ALG_OID_GROUP_ID); if (default == pOidInfo) { Console.Write("FAILED: Unable to find signature algorithm: '{0}:{1}'\n", rgwszCNGAlgs[0], rgwszCNGAlgs[1]); hr = HRESULT.CRYPT_E_UNKNOWN_ALGO; goto CleanUp; } var SignatureAlgorithm = new CRYPT_ALGORITHM_IDENTIFIER { pszObjId = ((CRYPT_OID_INFO)pOidInfo).pszOID }; //------------------------------------------------------------------- // Open a system store, in this case, the My store. hStoreHandle = CertOpenStore(CertStoreProvider.CERT_STORE_PROV_SYSTEM, 0, default, CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER, wszStoreName);
//---------------------------------------------------------------------------- // HrFindCertificateBySubjectName // //---------------------------------------------------------------------------- static HRESULT HrFindCertificateBySubjectName(string wszStore, string wszSubject, out SafePCCERT_CONTEXT ppcCert) { ppcCert = default; //------------------------------------------------------------------- // Open the certificate store to be searched. using var hStoreHandle = CertOpenStore(CertStoreProvider.CERT_STORE_PROV_SYSTEM, 0, default, CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER, wszStore); if (hStoreHandle.IsInvalid) { return((HRESULT)Win32Error.GetLastError()); } //------------------------------------------------------------------- // Get a certificate that has the specified Subject Name ppcCert = CertFindCertificateInStore(hStoreHandle, CertEncodingType.X509_ASN_ENCODING, 0, CertFindType.CERT_FIND_SUBJECT_STR, wszSubject, default); if (ppcCert.IsInvalid) { return((HRESULT)Win32Error.GetLastError()); } return(HRESULT.S_OK); }