//----------------------------------------------------------------------------
// HrFindCertificateBySubjectName
//
//----------------------------------------------------------------------------
static HRESULT HrFindCertificateBySubjectName(string wszStore, string wszSubject, out SafePCCERT_CONTEXT ppcCert)
{
ppcCert = default;
//-------------------------------------------------------------------
// Open the certificate store to be searched.
using var hStoreHandle = CertOpenStore(
CertStoreProvider.CERT_STORE_PROV_SYSTEM, // the store provider type
0, // the encoding type is not needed
default, // use the default HCRYPTPROV
CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER, // set the store location in a registry location
wszStore); // the store name
if (hStoreHandle.IsInvalid)
{
return((HRESULT)Win32Error.GetLastError());
}
//-------------------------------------------------------------------
// Get a certificate that has the specified Subject Name
ppcCert = CertFindCertificateInStore(hStoreHandle,
CertEncodingType.X509_ASN_ENCODING, // Use X509_ASN_ENCODING
0, // No dwFlags needed
CertFindType.CERT_FIND_SUBJECT_STR, // Find a certificate with a subject that matches the string in the next parameter
wszSubject, // The Unicode string to be found in a certificate's subject
default); // NULL for the first call to the function; In all subsequent calls, it is the last pointer returned by the function
if (ppcCert.IsInvalid)
{
return((HRESULT)Win32Error.GetLastError());
}
return(HRESULT.S_OK);
}
/*****************************************************************************
* wmain
*
*****************************************************************************/
static int Main(string[] args)
{
HRESULT hr = HRESULT.S_OK;
SafeHCERTSTORE hStoreHandle = default;
string wszStoreName = "MY"; // by default, MY
string wszContainerName = "SAMPLE";
uint dwBits = 0;
string wszKeyAlgName = "RSA"; //
string[] rgwszCNGAlgs = new string[] { "SHA1", "RSA" };
SafeNCRYPT_KEY_HANDLE hCNGKey = default;
SafePCCERT_CONTEXT pCertContext = default;
CRYPTOAPI_BLOB SubjectName = default;
int i;
//
// options
//
for (i = 0; i < args.Length; i++)
{
if (string.Compare(args[i], "/?") == 0 || string.Compare(args[i], "-?") == 0)
{
Usage("CreateCert.exe");
goto CleanUp;
}
if (args[i][0] != '-')
{
break;
}
if (string.Compare(args[i], "-s") == 0)
{
if (i + 1 >= args.Length)
{
hr = HRESULT.E_INVALIDARG;
goto CleanUp;
}
wszStoreName = args[++i];
}
else
if (string.Compare(args[i], "-c") == 0)
{
if (i + 1 >= args.Length)
{
hr = HRESULT.E_INVALIDARG;
goto CleanUp;
}
wszContainerName = args[++i];
}
else
if (string.Compare(args[i], "-k") == 0)
{
if (i + 1 >= args.Length)
{
hr = HRESULT.E_INVALIDARG;
goto CleanUp;
}
wszKeyAlgName = args[++i];
}
else
if (string.Compare(args[i], "-h") == 0)
{
if (i + 1 >= args.Length)
{
hr = HRESULT.E_INVALIDARG;
goto CleanUp;
}
rgwszCNGAlgs[0] = args[++i];
}
else
if (string.Compare(args[i], "-l") == 0)
{
if (i + 1 >= args.Length)
{
hr = HRESULT.E_INVALIDARG;
goto CleanUp;
}
dwBits = uint.Parse(args[++i]);
}
}
if (i >= args.Length)
{
hr = HRESULT.E_INVALIDARG;
goto CleanUp;
}
var wszSubject = args[i];
//
// Find the Signature algorithm
//
var pOidInfo = CryptFindOIDInfo(CryptOIDInfoFlags.CRYPT_OID_INFO_NAME_KEY, wszKeyAlgName, OIDGroupId.CRYPT_PUBKEY_ALG_OID_GROUP_ID);
if (default == pOidInfo)
{
Console.Write("FAILED: Unable to find Public Key algorithm: '{0}'.\n", wszKeyAlgName);
hr = HRESULT.CRYPT_E_UNKNOWN_ALGO;
goto CleanUp;
}
var oidInfo = (CRYPT_OID_INFO)pOidInfo;
if (!string.IsNullOrEmpty(oidInfo.pwszCNGExtraAlgid))
{
rgwszCNGAlgs[1] = oidInfo.pwszCNGExtraAlgid;
}
else
{
rgwszCNGAlgs[1] = oidInfo.pwszCNGAlgid;
}
using (var pAlgs = SafeLocalHandle.CreateFromStringList(rgwszCNGAlgs, StringListPackMethod.Packed, CharSet.Unicode))
pOidInfo = CryptFindOIDInfo(CryptOIDInfoFlags.CRYPT_OID_INFO_CNG_SIGN_KEY, pAlgs, OIDGroupId.CRYPT_SIGN_ALG_OID_GROUP_ID);
if (default == pOidInfo)
{
Console.Write("FAILED: Unable to find signature algorithm: '{0}:{1}'\n", rgwszCNGAlgs[0], rgwszCNGAlgs[1]);
hr = HRESULT.CRYPT_E_UNKNOWN_ALGO;
goto CleanUp;
}
var SignatureAlgorithm = new CRYPT_ALGORITHM_IDENTIFIER {
pszObjId = ((CRYPT_OID_INFO)pOidInfo).pszOID
};
//-------------------------------------------------------------------
// Open a system store, in this case, the My store.
hStoreHandle = CertOpenStore(CertStoreProvider.CERT_STORE_PROV_SYSTEM, 0, default, CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER, wszStoreName);
//----------------------------------------------------------------------------
// HrFindCertificateBySubjectName
//
//----------------------------------------------------------------------------
static HRESULT HrFindCertificateBySubjectName(string wszStore, string wszSubject, out SafePCCERT_CONTEXT ppcCert)
{
ppcCert = default;
//-------------------------------------------------------------------
// Open the certificate store to be searched.
using var hStoreHandle = CertOpenStore(CertStoreProvider.CERT_STORE_PROV_SYSTEM, 0, default, CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER, wszStore);
if (hStoreHandle.IsInvalid)
{
return((HRESULT)Win32Error.GetLastError());
}
//-------------------------------------------------------------------
// Get a certificate that has the specified Subject Name
ppcCert = CertFindCertificateInStore(hStoreHandle, CertEncodingType.X509_ASN_ENCODING, 0, CertFindType.CERT_FIND_SUBJECT_STR, wszSubject, default);
if (ppcCert.IsInvalid)
{
return((HRESULT)Win32Error.GetLastError());
}
return(HRESULT.S_OK);
}
