CERT_PHYSICAL_STORE_INFO

The CERT_PHYSICAL_STORE_INFO structure contains the information on physical certificate stores. The Open fields in this structure are passed directly to CertOpenStore to open the physical store.

typedef struct _CERT_PHYSICAL_STORE_INFO{
    DWORD               cbSize;
    LPSTR               pszOpenStoreProvider;
    DWORD               dwOpenEncodingType;
    DWORD               dwOpenFlags;
    CRYPT_DATA_BLOB     OpenParameters;         // REG_BINARY
    DWORD               dwFlags;                // REG_DWORD
    DWORD               dwPriority;             // REG_DWORD
} CERT_PHYSICAL_STORE_INFO, *PCERT_PHYSICAL_STORE_INFO;
 

Members

cbSize
Set by CertOpenStore to the size of this structure.
pszOpenStoreProvider
See description of store provider in the documentation for CertOpenStore.

Pointer to a string that determines the store provider type. Predefined store provider types are in the documentation for CertOpenStore. Additional store providers may be installed or registered via CryptInstallOIDFunctionAddress or CryptRegisterOIDFunction. For additional information, see Extending CertOpenStore Functionality.

dwOpenEncodingType
This member is applicable only when CERT_STORE_PROV_MSG, CERT_STORE_PROV_PKCS7, or CERT_STORE_PROV_FILENAME is passed in lpszStoreProvider. Otherwise, this member is unused. The LOWORD specifies the encoding type of certificates CRLs, and CTLs. The HIWORD specifies the encoding type of the message.

Both a certificate and a message encoding type are required. They are specified by combining the two encoding types with a bitwise OR operation, as in the following example:

X509_ASN_ENCODING | PKCS_7_ASN_ENCODING

Currently defined encoding types are:
Encoding type Value
X509_ASN_ENCODING 0x00000001
PKCS_7_ASN_ENCODING 0x00010000

dwOpenFlags
If a system store is opened via the SERVICES or USERS store location, the dwOpenFlags store location is set to CERT_SYSTEM_STORE_USERS or CERT_SYSTEM_STORE_SERVICES.
OpenParameters
If a system store is opened via the SERVICES or USERS store location and the physical store is CERT_SYSTEM_STORE_CURRENT_USER or CERT_SYSTEM_STORE_CURRENT_SERVICE, the ServiceName is placed in front of the OpenParameters.

If a physical store is opened remotely and a SYSTEM, SYSTEM_REGISTRY or PHYSICAL provider type is used, the \\ComputerName is implicitly placed in front of the OpenParameters.

dwFlags
The following dwFlags for CERT_PHYSICAL_STORE_INFO are defined in wincrypt.h:
CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
This flag is to enable the adding of a context to the store.
CERT_PHYSICAL_STORE_OPEN_DISABLE_FLAG
This flag is set by CertRegisterPhysicalStore. By default, all system stores located in the registry have an implicit SystemRegistry physical store that is opened. To disable the opening of this store, the SystemRegistry physical store corresponding to the System store must be registered with CERT_PHYSICAL_STORE_OPEN_DISABLE_FLAG set or a physical store named ".Default" may be registered with CertRegisterPhysicalStore.
CERT_PHYSICAL_STORE_REMOTE_OPEN_DISABLE_FLAG
When this flag is set, remote opens of the physical store are disabled.
CERT_PHYSICAL_STORE_INSERT_COMPUTER_NAME_ENABLE_FLAG
When this flag is set , a \\ComputerName is placed in front of other provider types.
CERT_SYSTEM_STORE_RELOCATE_FLAG
When this flag is set in the dwFlags member, CertOpenStore can be open a store relative to a user specified HKEY instead of one of the predefined HKEY constants. For example, HKEY_CURRENT_USER can be replaced with a user specified HKEY. When CERT_SYSTEM_STORE_RELOCATE_FLAG is set, the pvPara passed to CertOpenStore points to a CERT_SYSTEM_STORE_RELOCATE_PARA data structure instead of pointing to the store name as a null terminated unicode or ASCII string.
dwPriority
When a system store is opened, its physical stores are ordered according to their dwPriority settings. A higher dwPriority indicates higher priority. dwPriority is passed to CertAddStoreToCollection.