Example Code for Fundamental Certificate Store Operations

Example Code for Fundamental Certificate Store Operations.

This code demonstrates the following tasks:
Opening and closing stores in memory.
Opening and closing a system store.
Finding a certificates in a store that meets some criteria.
Adding the retrieved certificate to a store in memory.
Saving the store in memory to a file on disk.
#define _WIN32_WINNT 0x0400
#include <stdio.h>
#include <windows.h>
#include <wincrypt.h>
#define MY_ENCODING_TYPE  (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)

//********************************************************************
// Create a new certificate store in memory, retrieve a
// certificate from the system store and add it to the new
// store, and then save the new store to disk.

void main(void)
{
//********************************************************************
// Declare the variables.
HCERTSTORE      hSystemStoreHandle;        // The system store handle.
HCERTSTORE      hTempStoreHandle;          // A memory store handle.
PCCERT_CONTEXT  DesiredCert = NULL;
HANDLE          hStoreFileHandle = NULL;
LPCSTR          pszFileName = "TestStor.sto";

//*******************************************************************
// Open a new certificate store in memory.

if(hTempStoreHandle = CertOpenStore(
      CERT_STORE_PROV_MEMORY,    // A memory store
      0,                         // Not needed for a memory store.
      NULL,                      // Use the default provider.
      0,                         // No flags
      NULL))                     // Not needed
   printf("Opened a memory store. \n");
else
{
   printf( "Error opening a memory store. \n");
   goto handle_error;
}
// If successful, hTempStoreHandle is the cert store handle.

//********************************************************************
// Open the MY system store using CertOpenStore

if(hSystemStoreHandle = CertOpenStore(
     CERT_STORE_PROV_SYSTEM, // The system store will be a 
                             // virtual store.
      0,                     // Encoding type not need with this PROV.
      NULL,                  // Accept the default HCRYPTPROV.  
      CERT_SYSTEM_STORE_CURRENT_USER,
                             // Set the system store location in the
                             // registry.
      L"MY"))                // Could have used other predefined 
                             // system stores
                             // including CA or Root
   printf("Opened the MY system store. \n");
else
{
   printf( "Could not open the MY system store. \n");
   goto handle_error;
}
// If the call was successful, hStoreHandle is now the handle of
// a system cert store.

//********************************************************************// Get a certificate that has the string "Microsoft" in its subject. 

if(DesiredCert=CertFindCertificateInStore(
      hSystemStoreHandle,
      MY_ENCODING_TYPE,            // Use X509_ASN_ENCODING
      0,
      CERT_FIND_SUBJECT_STR,
      L"Microsoft",
      DesiredCert))
   printf("The desired certificate was found. \n");
else
{
   printf("Could not find the desired certificate. \n");
   goto handle_error;
}
// If the call was successful, DesiredCert is a pointer to a certificate.

//********************************************************************
// Add the system certificate to the new store in memory.

if(CertAddCertificateContextToStore(
      hTempStoreHandle,           // The store handle.
      DesiredCert,                // The pointer to a certificate.
      CERT_STORE_ADD_USE_EXISTING,
      NULL
      ))
   printf("Added a certificate to the memory store. \n");
else
{
   printf("Could not add the certificate to the memory store. \n");
   goto handle_error;
}

//********************************************************************
// Create a file to save the new store and certificate into.

if(hStoreFileHandle = CreateFile(
      pszFileName,        // File path
      GENERIC_WRITE,      // Access mode
      0,                  // Share Mode
      NULL,               // Security 
      CREATE_ALWAYS,      // How to create
      FILE_ATTRIBUTE_NORMAL,
                          // File Attributes
      NULL))              // Template
   printf("Created a new file on disk. \n");
else
{
   printf("Could not create a file on disk. \n");
   goto handle_error;
}
// If the call was successful, hStoreFileHandle is the required file handle.

//********************************************************************
// Save the store and certificate to a file.

if( CertSaveStore(
      hTempStoreHandle,    // Store handle
      0,                   // Unused
      CERT_STORE_SAVE_AS_STORE,
      CERT_STORE_SAVE_TO_FILE,
      hStoreFileHandle,    // This is the handle of an open disk file.
      0))
   printf("Saved the memory store to disk. \n");
else
{
   printf("Could not save the memory store to disk. \n");
   goto handle_error;
}

//********************************************************************
// Do any other processing here.

//********************************************************************
// Clean up memory and end.
handle_error:
if(DesiredCert != NULL)
   CertFreeCertificateContext(DesiredCert);
if(hTempStoreHandle != NULL)
   CertCloseStore(
      hTempStoreHandle, 
      CERT_CLOSE_STORE_CHECK_FLAG);
if(hSystemStoreHandle != NULL)
   CertCloseStore(
      hSystemStoreHandle, 
      CERT_CLOSE_STORE_CHECK_FLAG);
if(hStoreFileHandle != NULL)
   CloseHandle(hStoreFileHandle);
printf("All of the stores and files are closed. \n");
return;
}