CryptQueryObject

[This is preliminary documentation and subject to change.]

The CryptQueryObject function takes a CERT_BLOB or a file name and returns the information about the content of the blob or the file.

#include <wincrypt.h>
BOOL WINAPI CryptQueryObject(
  DWORD dwObjectType,                // in
  const void *pvObject,              // in
  DWORD dwExpectedContentTypeFlags,  // in
  DWORD dwExpectedFormatTypeFlags,   // in
  DWORD dwFlags,                     // in
  DWORD *pdwMsgAndCertEncodingType,  // out
  DWORD *pdwContentType,             // out
  DWORD *pdwFormatType,              // out
  HCERTSTORE *phCertStore,           // out
  HCRYPTMSG *phMsg,                  // out
  const void **ppvContext            // out
);

Parameters

dwObjectType

Indicates the type of the pvObject. It should be one of the following:

ObjectType	Description
CERT_QUERY_OBJECT_FILE	Get the information about a file
CERT_QUERY_OBJECT_BLOB	Get the information about a blob

If the dwObjectType is not correct for the object, program behavior is unspecified.

pvObject

Pointer to the object to be queried.

If dwObjectType is CERT_QUERY_OBJECT_FILE, pvObject is a LPWSTR. If dwObjectType is CERT_QUERY_OBJECT_BLOB, pvObject is a PCERT_BLOB.

If the pvObject does not point to the correct type specified by dwObjectType, program behavior is unspecified.

dwExpectedContentTypeFlags

Indicates the expected content type. Can be one of the following:

Expected Content Type Flag Name	Content type
CERT_QUERY_CONTENT_FLAG_ALL	any type
CERT_QUERY_CONTENT_FLAG_CERT	single certificate
CERT_QUERY_CONTENT_FLAG_CTL	single CTL
CERT_QUERY_CONTENT_FLAG_CRL	single CRL
CERT_QUERY_CONTENT_FLAG_ SERIALIZED_STORE	serialized store
CERT_QUERY_CONTENT_FLAG_ SERIALIZED_CERT	serialized single certificate
CERT_QUERY_CONTENT_FLAG_ SERIALIZED_CTL	serialized single CTL
CERT_QUERY_CONTENT_FLAG_ SERIALIZED_CRL	serialized single CRL
CERT_QUERY_CONTENT_FLAG_ PKCS7_SIGNED	PKCS#7 signed message
CERT_QUERY_CONTENT_FLAG_ PKCS7_UNSIGNED	PKCS#7 unsigned message
CERT_QUERY_CONTENT_FLAG_ PKCS7_SIGNED_EMBED	embedded PKCS7 signed message
CERT_QUERY_CONTENT_FLAG_PKCS10	PKCS#10
CERT_QUERY_CONTENT_FLAG_PFX	PFX BLOB

If the dwExpectedContentTypeFlags is not correct for the type specified by pdwContentType, the function will return a FALSE.

dwExpectedFormatTypeFlags

Indicates the expected format type. Can be one of the following:

Expected Format Type Flags Name	Format type
CERT_QUERY_FORMAT_FLAG_ALL	any format
CERT_QUERY_FORMAT_FLAG_BINARY	binary format
CERT_QUERY_FORMAT_FLAG_BASE64_ ENCODED	base64 encoded

If the dwExpectedFormatTypeFlags is not correct for the type specified by pdwFormatType, the function will return a FALSE.

dwFlags

Flag values. This parameter is reserved for future use and should always be set to 0.

pdwMsgAndCertEncodingType

Pointer to the type of encoding used in the message. If no output is wanted, set pdwMsgAndCertEncodingType to NULL. The returned encoding type will be any combination of the following:

Encoding Type	value
X509_ASN_ENCODING	0x00000001
PKCS_7_ASN_ENCODING	0x00010000

pdwContentType

Pointer to the returned encoding type of the content. If no output is wanted, set pdwContentType to NULL. The returned encoding type may be any one of the following:

Content Type	value
CERT_QUERY_CONTENT_CERT	1
CERT_QUERY_CONTENT_CTL	2
CERT_QUERY_CONTENT_CRL	3
CERT_QUERY_CONTENT_SERIALIZED_STORE	4
CERT_QUERY_CONTENT_SERIALIZED_CERT	5
CERT_QUERY_CONTENT_SERIALIZED_CTL	6
CERT_QUERY_CONTENT_SERIALIZED_CRL	7
CERT_QUERY_CONTENT_PKCS7_SIGNED	8
CERT_QUERY_CONTENT_PKCS7_UNSIGNED	9
CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED	10
CERT_QUERY_CONTENT_PKCS10	11
CERT_QUERY_CONTENT_PFX	12

pdwFormatType

Pointer to the returned format type of the content. If no output is wanted, set pdwFormatType to NULL. The returned format type may be any one of the following:

Format Type	value
CERT_QUERY_FORMAT_BINARY	1
CERT_QUERY_FORMAT_BASE64_ENCODED	2

phCertStore

*phCertStore is a NULL unless dwContentType is one of the content types in the following table. If dwContentType is one of these content types, phCertStore is a pointer to a handle to a certificate store that includes all of the certificates, CRLs, and CTLs in the object.

The caller should free *phCertStore via CertCloseStore.

If no output is wanted, set phCertStore to NULL.

Content Type value

CERT_QUERY_CONTENT_CERT 1

CERT_QUERY_CONTENT_CTL 2

CERT_QUERY_CONTENT_CRL 3

CERT_QUERY_CONTENT_SERIALIZED_STORE 4

CERT_QUERY_CONTENT_SERIALIZED_CERT 5

CERT_QUERY_CONTENT_SERIALIZED_CTL 6

CERT_QUERY_CONTENT_SERIALIZED_CRL 7

CERT_QUERY_CONTENT_PKCS7_SIGNED 8

CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED 10

phMsg

*phMsg is a NULL unless dwContentType is one of the content types in the following table. If dwContentType is one of these content types, phMsg is a pointer to a handle to an opened message.

The caller should free *phMsg via CryptMsgClose.

If no output is wanted, set phMsg to NULL.

dwContentType value

CERT_QUERY_CONTENT_PKCS7_SIGNED 8

CERT_QUERY_CONTENT_PKCS7_UNSIGNED 9

CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED 10

ppvContext

dwContentType	value
CERT_QUERY_CONTENT_PKCS7_SIGNED	8
CERT_QUERY_CONTENT_PKCS7_UNSIGNED	9
CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED	10

Pointer to the context pointer. The context is dependent upon dwContentType. The following table contains the types contained at pvContext. The caller should free the pvContext via the function shown in the table.

If no output is wanted, set ppvContext to NULL.

pvContext	dwContentType	free pvContext via
PCCERT_ CONTEXT	CERT_QUERY_ CONTENT_CERT	CertFreeCertificate Context
PCCERT_ CONTEXT	CERT_QUERY_ CONTENT_ SERIALIZED_CERT	CertFreeCertificate Context
PCCTL_ CONTEXT	CERT_QUERY_ CONTENT_CTL	CertFreeCTLContext
PCCTL_ CONTEXT	CERT_QUERY_ CONTENT_ SERIALIZED_CTL	CertFreeCTLContext
PCCRL_ CONTEXT	CERT_QUERY_ CONTENT_CRL	CertFreeCRLContext
PCCRL_ CONTEXT	CERT_QUERY_ CONTENT_ SERIALIZED_CRL	CertFreeCRLContext

Return Values

If the function succeeds, the return value is TRUE. If it fails, the return value is FALSE. To retrieve extended error information, use the GetLastError function.

Example

// EXAMPLE CODE FOR USING CryptQueryObject().
// Assume that a pointer to the CERT_BLOB
// (pvObject) is already known.

// Set up the variables.
DWORD dwObjectType;               // Type of the object
const CERT_BLOB *pvObject;        // Pointer to a CERT_BLOB-
                                  //   initialized elsewhere
DWORD dwExpectedContentTypeFlags; // Content type
DWORD dwExpectedFormatTypeFlags;  // Format flags
DWORD dwFlags;                    // Flag value- set to 0
DWORD dwMsgAndCertEncodingType;
DWORD dwContentType;
DWORD dwFormatType;
HCERTSTORE hCertStore;
HCRYPTMSG hMsg;
const void *pvContext;            // Using PCCERT_CONTEXT because
                                  //   this is expecting a content
                                  //   type of CERT_QUERY_CONTENT_CERT
BOOL fResult;                     // Return value- True if function
                                  //   successful False if function
                                  //   fails

// Function call to CryptQueryObject
fResult= CryptQueryObject(
           CERT_QUERY_OBJECT_BLOB,// in- object type- open a blob
           pvObject,              // in- object- because dwObjectType
                                  //   is a blob, this is a pointer to
                                  //   a blob- initialized elsewhere
           CERT_QUERY_CONTENT_FLAG_CERT,
                                  // in- content flag- single
                                  //   certificate
           CERT_QUERY_FORMAT_BINARY, // in- format flag- binary format
           0,                        // in- dwFlags set to 0
           &dwMsgAndCertEncodingType,// out, optional
           &dwContentType,           // out, optional- this example
                                     //   should be
                                     //   CERT_QUERY_CONTENT_CERT
           &dwFormatType,            // out, optional
           &hCertStore,              // out, optional
           &hMsg,                    // out, optional- in this example
                                     //   output will be a NULL
           &pvContext);              // out, optional

cout<< "CryptQueryObject;"<< endl
    << "fResult = "<< fResult<< endl<< endl;
if (fResult) {              // returned value is TRUE
                            //   CryptQueryObject is successful
    cout<< "the encoding type (dwMsgAndCertEncodingType) is "
        << dwMsgAndCertEncodingType<< endl
        << "the content type (dwContentType) is "<< dwContentType
        << endl
        << "the format type (dwFormatType) is "<< dwFormatType<< endl
        << "the certificate store (hCertStore) is at "<< hCertStore
        << endl
        << "the message (hMsg) is "<< hMsg<< endl
        << "the context (pvContext) is "<< pvContext<< " bytes "
        << endl;
    }

else {                      // returned value is FALSE
     cout<< "CryptQueryObject failed" << endl 
         << "error code = "<< GetLastError()<< endl;
}
CryptMsgClose(              // free memory
     hMsg);
CertCloseStore(             // free memory
     hCertStore,
     CERT_CLOSE_STORE_FORCE_FLAG);
CertFreeCertificateContext( // free memory
     (PCCERT_CONTEXT)pvContext);
                            // PCCERT_CONTEXT because this is a
                            //  CERT_QUERY_CONTENT_CERT

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later (or version 4.0 with IE 3.02 or later).
  Windows: Unsupported.
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.