Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Intresting error when using CertCreateCertificateContext API

252 views
Skip to first unread message

Pallav singh

unread,
Jun 30, 2009, 4:40:03 PM6/30/09
to
Hi All ,
I have a certificate file that I am trying to add to the
store on the computer.

I have tried to implement functions present in MSDN in a couple of
different manners.
First way was to read the certificate into a Byte buffer. Once that
was done, I tried to call the CertCreateCertificateContext function.
This function always will fail, and give an error # 2148086027. When I
referenced this, it gave me "ASN1 bad tag value met". The second way i
tried was to use the certaddserializedElementToStore function. Upon
trying to do this, i get error number 2148081668, which references to
a read write error of some form. I have tried toying around with the
byte arrays as well as using different stores, but so far nothing has
worked. I have also tried another program that was posted somewhere on
this site. He uses a different method of reading the file, but ends up
with the same error that I get. I have tried a couple of different
certificates with the program, and still no success.

Here is the Source code. Its a little pre-school... I know. I'm still
a New B.
// Certificate Program.cpp : Defines the entry point for the console
application.

#include <iostream>
#include <stdio.h>
#include <string>
#include "windows.h"
#include <tchar.h>
#include "Wincrypt.h"

//LIBs
//#pragma comment (lib, "Advapi32.lib")
#pragma comment (lib, "crypt32.lib")

//Definitions
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)

//Headers
bool AddCertificateToStore();
int SecondAddCertToStore();

///////////////////////////////////////////////////////////////////////

int _tmain(int argc, _TCHAR* argv[])
{
using namespace std;
int choice = 1;
while(choice != 0)
{
cout << "\n****************************************"<<endl;
cout << " Welcome to the Certificate Program"<<endl;
cout << "****************************************"<<endl;
cout << "\nChoose from the following\n\t0. Exit\n\t1. Add Certificate
to Store.\n\t2. The other guys program"<<endl;
cin >> choice;
if(choice == 1)
{
//Run Cert
if(!AddCertificateToStore())
{
cout<< "Failed to add Certificate to Store"<<endl;
}

}
else if( choice == 2 )
{
if( SecondAddCertToStore() == 0 )
{
cout << "Failed " << endl;
}
}
else
{
cout<<"\nBAD INPUT!!!"<<endl;
}
}
return 0;
}

bool AddCertificateToStore()
{
//this function gets a pointer to a certificate,
//the name of the local store on the machine,
//and then trys to add the certificate to the sore.
using namespace std;

HCERTSTORE hSystemStore = 0; // system store handle
LPCSTR storeName1 = "CA"; // Note: Not Entirely sure if this store
will remain persistant
HANDLE fHandle = 0;
string fName;
WIN32_FILE_ATTRIBUTE_DATA attributes;


//Open the SystemStore
if( hSystemStore = CertOpenSystemStore( NULL, storeName1 ) )
{
cout << "\nSuccuessfully Opened the System Store" <<endl;
}
else
{
cout << "\nUnable to open the System Store" <<endl;
return false;
}

//..........................................................................
//By this point, a handle to the system store has been successfully
obtained


//Now Prompt the user for a file name

cout << "Please Enter the location of the file, and hit Enter."
<<endl;
cin >> fName;

//Establish a handle to the file
fHandle = CreateFile( fName.c_str(), GENERIC_READ, FILE_SHARE_READ,
NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL );

if( fHandle != INVALID_HANDLE_VALUE )
{
//good handle @ this point
//get file length

if( GetFileAttributesEx( fName.c_str(), GetFileExInfoStandard,
&attributes ) )
{
// NOTE: There are both nFileSizeHigh and nFileSizeLow and both
// are DWORDs. Not sure which one to return or to combine them.
BYTE* pByte = new BYTE[attributes.nFileSizeLow + 1];

DWORD bytesRead = 0;

if( ReadFile( fHandle, pByte, attributes.nFileSizeLow, &bytesRead,
NULL ) )
{
pByte[bytesRead] = '\0';

cout << "File Read! Continuing function" << endl;
//.......................................................................................
//the file is now read.

//Try to use the CCCC function to create a certificate context.

cout << "\n Trying to use the CertCreateCertificateContext Function."
<< endl;

PCCERT_CONTEXT pCertCon1 = NULL;
pCertCon1 = CertCreateCertificateContext(MY_ENCODING_TYPE,
pByte,
attributes.nFileSizeLow);
if( pCertCon1 != NULL )
{
cout << "Sussessfully created PCert" << endl;
}
else
{
DWORD err = GetLastError();
cout << "Error Code PCert: " << err << endl;
cout << "CCCC Failed" << endl;
}

//Now try to Use the serialization function
//........................................................................................

cout << "\n Trying to use the CertAddSerializedElementToStore
Fucntion" << endl;

//if( CertAddSerializedElementToStore( hSystemStore, pByte, bytesRead
+ 1, CERT_STORE_ADD_ALWAYS, 0,
//CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL ) )
if(CertAddCertificateContextToStore
(hSystemStore,pCertCon1,CERT_STORE_ADD_ALWAYS,NULL))
{
cout << "Certificate Successfully Created "<< endl;
}
else
{

DWORD error = GetLastError();

if( error == E_INVALIDARG )
{
cout << "Invalid Argument" << endl;
}

if( error == CRYPT_E_EXISTS )
{
cout << "Certificate Already Exists" << endl;
}

cout << "Error in Serialised function. \nError Number: " << error <<
endl;
cout << "Error in adding Certificate"<<endl;
cout << "Number of Bytes: "<<attributes.nFileSizeLow<<endl;

}
}
}

CloseHandle(fHandle);
}
else
{
cout << "File Not Found! Closing Store"<<endl;
}

//Close the store.
if( CertCloseStore( hSystemStore, 0 ) )
{
cout << storeName1 <<" Certificate Store Closed" << endl;
}
else
{
cout << "\nCould not close " << storeName1 << " Certificate Store" <<
endl;
}

/*
HWND handleToParentWindow;
LPCTSTR lpOperation,
LPCTSTR lpFile,
LPCTSTR lpParameters,
LPCTSTR lpDirectory,
INT nShowCmd

ShellExecute(
*/

return true;
}

int SecondAddCertToStore()
{
using namespace std;

HCERTSTORE pfxStore = 0;
HCERTSTORE myStore = 0;
HCERTSTORE hFileStore = 0;
HANDLE hsection = 0;
void* pfx = NULL;
HANDLE hfile = INVALID_HANDLE_VALUE;
PCCERT_CONTEXT pctx = NULL;

// Get path of the CA certificate from the edit box
cout << "Please Enter the location of the file, and hit Enter."
<<endl;
string fName;
cin >> fName;


// Open it...
hfile = CreateFile(fName.c_str(), FILE_READ_DATA,
FILE_SHARE_READ, NULL,
OPEN_EXISTING, NULL, NULL);

// FOR WINDOWS 98 ....
// hfile = CreateFile(m_pathCA, GENERIC_READ, FILE_SHARE_READ, 0,
OPEN_EXISTING, 0, 0);

if (INVALID_HANDLE_VALUE == hfile)
{
printf("\nCertificate not found. Check that the path indicated is
correct.");
return 0;
}

hsection = CreateFileMapping(hfile, NULL, PAGE_READONLY, 0, 0, 0);

if (!hsection)
{
printf("\nError in 'CreateFileMapping'");
//FreeHandles(hfile, hsection, hFileStore, pfx, pctx, pfxStore,
myStore);
return 0;
}

pfx = MapViewOfFile(hsection, FILE_MAP_READ, 0, 0, 0);

if (!pfx)
{
printf("\nError in 'MapViewOfFile'");//, MB_ICONERROR);
//FreeHandles(hfile, hsection, hFileStore, pfx, pctx, pfxStore,
myStore);
return 0;
}

pctx = CertCreateCertificateContext(MY_ENCODING_TYPE,
(BYTE*)pfx,
GetFileSize(hfile,0));

if(pctx == NULL)
{
printf("Error in 'CertCreateCertificateContext'");//, MB_ICONERROR);
//FreeHandles(hfile, hsection, hFileStore, pfx, pctx, pfxStore,
myStore);

DWORD error = GetLastError();

if( error == E_INVALIDARG )
{
cout << "Mod detected an invalid argument" << endl;
}

cout << "\n Error Code: " << error << endl;

return 0;
}

// we open the store for the CA
hFileStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
CERT_STORE_OPEN_EXISTING_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE,
L"Root" );

if (!hFileStore)
{
printf("Error in 'CertOpenStore'");//, MB_ICONERROR);
//FreeHandles(hfile, hsection, hFileStore, pfx, pctx, pfxStore,
myStore);
return 0;
}

if(!CertAddCertificateContextToStore(hFileStore, pctx,
CERT_STORE_ADD_NEW, 0))
{
/*
DWORD err = GetLastError();

if (CRYPT_E_EXISTS == err)
{
if(AfxMessageBox("An equivalent previous personal certificate already
exists. Overwrite ? (Yes/No)", MB_YESNO) == IDYES)
{
if (!CertAddCertificateContextToStore(hFileStore, pctx,
CERT_STORE_ADD_REPLACE_EXISTING, 0))
{
AfxMessageBox("Error in 'CertAddCertificateContextToStore'",
MB_ICONERROR);
FreeHandles(hfile, hsection, hFileStore, pfx, pctx, pfxStore,
myStore);
return 0;

}
}
}
*/
}
else
{
//AfxMessageBox("Error in 'CertAddCertificateContextToStore'",
MB_ICONERROR);
//FreeHandles(hfile, hsection, hFileStore, pfx, pctx, pfxStore,
myStore);
return 0;
}

return 1;
}


Please help me out ................................

Igor Tandetnik

unread,
Jul 10, 2009, 2:40:17 PM7/10/09
to
Pallav singh <singh....@gmail.com> wrote:
> I have a certificate file that I am trying to add to the
> store on the computer.

You may want to ask in microsoft.public.security.crypto. Your question
doesn't seem to have anything to do with Standard Template Library
(STL) - the topic of this group.
--
With best wishes,
Igor Tandetnik

With sufficient thrust, pigs fly just fine. However, this is not
necessarily a good idea. It is hard to be sure where they are going to
land, and it could be dangerous sitting under them as they fly
overhead. -- RFC 1925


0 new messages