none
CertOpenStore and CertEnumCertificatesInStore trying to get Certificates on CERT_SYSTEM_STORE_LOCAL_MACHINE RRS feed

  • Question

  • .Net Framework 1.1 on Visual Studio 2003

    Running into an issue where prior to my laptop being re-imaged I was able to use the below code to pull all the certificates in the Local Machine MY store.  Now, it seems I cannot pull anything from the CertOpenStore method all times it comes back as zero which results in an error when the CertEnumCertificatesInStore method is called.

    These certificates are pfx and I can see them in the Local Computer Personal Certificate Store.  By all accounts I have everything configured the same prior to the re-image but now I cannot run the application.  I have also ran winhttpcertcfg

    winhttpcertcfg -g -c LOCAL_MACHINE\MY -s "[cert name]" -a ASPNET
    winhttpcertcfg -g -c LOCAL_MACHINE\MY -s "[cert name]" -a "Network Service"
    winhttpcertcfg -g -c LOCAL_MACHINE\MY -s "[cert name]" -a "Authenticated Users"
    winhttpcertcfg -g -c LOCAL_MACHINE\MY -s "[cert name]" -a IUSR_[laptop name]
    winhttpcertcfg -g -c LOCAL_MACHINE\MY -s "[cert name]" -a [user name]

    Below is the code I have for my search class.

    Any suggestions would be greatly appreciated.

     

     

    using System;
    using System.Net;
    using System.Net.Sockets;
    using System.IO;
    using System.Text;
    using System.Security.Cryptography;
    using System.Security.Cryptography.X509Certificates;
    using System.Runtime.InteropServices;
    
    namespace _509SearchCSharp
    {
    	/// <summary>
    	/// Summary description for X509CertificateSearch.
    	/// </summary>
    	public class X509CertificateSearch
    	{
    
    		private static int CERT_STORE_PROV_SYSTEM = 10;
    		private static int CERT_SYSTEM_STORE_CURRENT_USER = (1 << 16);
    		private static int CERT_SYSTEM_STORE_LOCAL_MACHINE = (2 << 16);
    
    		[DllImport("CRYPT32", EntryPoint="CertOpenStore", CharSet=CharSet.Unicode, SetLastError=true)]
    		public static extern IntPtr CertOpenStore(
    			int storeProvider, int encodingType,
    			int hcryptProv, int flags, string pvPara);
    
    		[DllImport("CRYPT32", EntryPoint="CertEnumCertificatesInStore", CharSet=CharSet.Unicode, SetLastError=true)]
    		public static extern IntPtr CertEnumCertificatesInStore(
    			IntPtr storeProvider,
    			IntPtr prevCertContext);
    
    		[DllImport("CRYPT32", EntryPoint="CertCloseStore", CharSet=CharSet.Unicode, SetLastError=true)]
    		public static extern bool CertCloseStore(
    			IntPtr storeProvider,
    			int flags);
    		
    		X509CertificateCollection m_certs;
    
    		public X509CertificateSearch()
    		{
    			m_certs = new X509CertificateCollection();
    		}
    
    		public int Init()
    		{
    
    
    			IntPtr storeHandle;
    
    			storeHandle = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, "MY");
    			IntPtr currentCertContext;
    			currentCertContext = CertEnumCertificatesInStore(storeHandle, (IntPtr)0);
    			int i = 0;
    			while (currentCertContext != (IntPtr)0) 
    			{
    				m_certs.Insert(i++, new X509Certificate(currentCertContext));
    				currentCertContext = CertEnumCertificatesInStore(storeHandle, currentCertContext);
    			}
    			CertCloseStore(storeHandle, 0);
    
    			return m_certs.Count;
    		}
    
    		public X509Certificate this [int index]
    		{
    			get 
    			{
    				// Check the index limits.
    				if (index < 0 || index > m_certs.Count)
    					return null;
    				else
    					return m_certs[index];
    			}
    		}
    		public X509Certificate FindCertificate(string name)
    		{
    			for(int i=0;i<m_certs.Count;i++)
    			{
    				if(m_certs[i].GetName().Equals("CN=" + name))
    				{
    					return m_certs[i];
    				}
    				//MessageBox.Show("Certificate name: " + m_certs[i].GetName());
    					
    
    			}
    	
    			return null;
    
    		}
    
    
    
    
    	}
    }

     

    • Moved by Harry Zhu Friday, May 14, 2010 4:59 AM I'm moving the thread relating to security. (From:Visual C# General)
    Tuesday, May 11, 2010 3:32 PM

Answers

  • Hi,

       The code seems fine. If the code hasn't changed, the reason should lie in the environment. Could you double check if everything is exactly the same as before the re-imaging?


    Please mark the right answer at right time.
    Thanks,
    Sam
    • Marked as answer by SamAgain Sunday, May 23, 2010 11:06 AM
    Tuesday, May 18, 2010 6:17 AM

All replies

  • Hi,

       The code seems fine. If the code hasn't changed, the reason should lie in the environment. Could you double check if everything is exactly the same as before the re-imaging?


    Please mark the right answer at right time.
    Thanks,
    Sam
    • Marked as answer by SamAgain Sunday, May 23, 2010 11:06 AM
    Tuesday, May 18, 2010 6:17 AM
  • We temporarily mark a reply, please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Please mark the right answer at right time.
    Thanks,
    Sam
    Sunday, May 23, 2010 11:06 AM
  • I got bit by this today. See link which helped me figure it out.

    VS2010, WinCrypt.h defines:

    #define CERT_STORE_PROV_SYSTEM_A            ((LPCSTR) 9)
    #define CERT_STORE_PROV_SYSTEM_W            ((LPCSTR) 10)
    #define CERT_STORE_PROV_SYSTEM              CERT_STORE_PROV_SYSTEM_W

    I assume your project did not define UNICODE. CertOpenStore diligently looked in the UNICODE area which had 0 certs.

    I added the #ifdef below to my CertOpenStore call. 

    HCERTSTORE hStore = CertOpenStore(
    #ifndef UNICODE
                        CERT_STORE_PROV_SYSTEM_A,
    #else                     
                        CERT_STORE_PROV_SYSTEM_W,
    #endif
                        0,
                        (HCRYPTPROV_LEGACY)NULL,
                        CERT_STORE_READONLY_FLAG | 
                         CERT_SYSTEM_STORE_CURRENT_USER, 
                        _T("Root"));
    


    Friday, October 20, 2017 6:08 PM