locked
CertGetCertificateContextProperty & CertSetCertificateContextProperty RRS feed

  • Question

  • Hi,

    I am trying to use CertGetCertificateContextProperty to get CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID to read the OID's and use the CertSetCertificateContextProperty to add OID's that are missing.

    I have imported the required DLL's.

    Could someone provide sample code of how to get the values and put them in the structures. The CERT_POLICIES_INFO and CERT_POLICY_INFO structures have been defined. Also how do I use CryptDecodeObject and CryptEncodeObject.


    • Edited by Paul Caesar Tuesday, April 17, 2012 12:06 AM
    • Moved by Alan_chen Tuesday, April 17, 2012 3:28 AM (From:Visual C# General)
    • Moved by Yi Feng Li Wednesday, April 18, 2012 5:07 AM (From:Visual C++ Language)
    Monday, April 16, 2012 11:55 PM

Answers

  • This issue has been resolved, I was miss understanding the documentation. What I needed to do was first Decode the Data to get the Policy Structure.
    • Marked as answer by Paul Caesar Thursday, April 19, 2012 11:38 PM
    Thursday, April 19, 2012 11:38 PM

All replies

  • This was placed under c# as c# was the programming language being used, please move back.
    Tuesday, April 17, 2012 11:32 AM
  • Hi Paul,

    Is your issue about calling some Win32 functions via P/Invoke?
    If so could you provide some code snippet for us to know your current progress?
    Thanks for your understanding.

    Have a nice day,

    Leo Liu [MSFT]
    MSDN Community Support | Feedback to us

    Wednesday, April 18, 2012 8:30 AM
  • Hi,

    I can call the functions ok, just can't work out how to extract the data from the pointers. The documentation reads "Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter."

    "Returns a pointer to an encoded CERT_POLICIES_INFO structure that contains the application policies...."

    "This property can be decoded by using the CryptDecodeObject function..."

    The CERT_POLICIES_INFO structure is only a size 16 but pcbData is 63 and this is what has confused me.

    /// <summary>
    /// The CERT_POLICIES_INFO structure contains an array of CERT_POLICY_INFO.
    /// </summary>
    
    [StructLayout ( LayoutKind . Sequential )]
    
    public struct CERT_POLICIES_INFO
    {
    	/// <summary>
    	/// Number of elements in the rgPolicyInfo array.
    	/// </summary>
    		
    	public Int32 cPolicyInfo;
    		
    	/// <summary>
    	/// Array of CERT_POLICY_INFO structures.
    	/// </summary>
    	/// <seealso cref="CERT_POLICY_INFO"/>
    		
    	public IntPtr rgPolicyInfo;
    }

    /// <summary>
    /// The CERT_POLICY_INFO structure contains an object identifier (OID) specifying a policy and an optional array of policy qualifiers.
    /// </summary>
    
    [StructLayout ( LayoutKind . Sequential )]
    
    public struct CERT_POLICY_INFO
    {
    	/// <summary>
    	/// Object identifier (OID) string specifying the policy.
    	/// </summary>
    
    	[MarshalAs ( UnmanagedType . LPStr )]
    
    	public string pszPolicyIdentifier;
    
    	/// <summary>
    	/// Number of elements in the rgPolicyQualifier array.
    	/// </summary>
    
    	public Int32 cPolicyQualifier;
    
    	/// <summary>
    	/// Array of CERT_POLICY_QUALIFIER_INFO structures.
    	/// </summary>
    	/// <seealso cref="CERT_POLICY_QUALIFIER_INFO"/>
    
    	public IntPtr rgPolicyQualifier;
    }

    /// <summary>
    /// The CertGetCertificateContextProperty function retrieves the information contained in an extended property of a certificate context.
    /// </summary>
    /// <param name="pCertContext">A pointer to the CERT_CONTEXT structure of the certificate that contains the property to be retrieved.</param>
    /// <param name="dwPropId">The property to be retrieved.</param>
    /// <param name="pvData">A pointer to a buffer to receive the data as determined by dwPropId.</param>
    /// <param name="pcbData">A pointer to a DWORD value that specifies the size, in bytes, of the buffer pointed to by the pvData parameter.</param>
    /// <returns>If the function succeeds, the function returns TRUE.</returns>
    
    [DllImport ( "CRYPT32.DLL" , EntryPoint = "CertGetCertificateContextProperty" , CharSet = CharSet . Auto , SetLastError = true )]
    [return: MarshalAs ( UnmanagedType . Bool )]
    		
    public static extern Boolean CertGetCertificateContextProperty ( [In] IntPtr pCertContext , [In] Int32 dwPropId , [Out] IntPtr pvData , [In , Out] ref Int32 pcbData );

    /// <summary>
    /// The CertSetCertificateContextProperty function sets an extended property for a specified certificate context.
    /// </summary>
    /// <param name="pCertContext">A pointer to a CERT_CONTEXT structure.</param>
    /// <param name="dwPropId">The property to be set. The value of dwPropId determines the type and content of the pvData parameter.</param>
    /// <param name="dwFlags">CERT_STORE_NO_CRYPT_RELEASE_FLAG can be set for the CERT_KEY_PROV_HANDLE_PROP_ID or CERT_KEY_CONTEXT_PROP_ID dwPropId properties.</param>
    /// <param name="pvData">A pointer to a data type determined by the value of dwPropId.</param>
    /// <returns>If the function succeeds, the function returns TRUE. If the function fails, the function returns FALSE. For extended error information, call GetLastError.</returns>
    
    [DllImport ( "CRYPT32.DLL" , EntryPoint = "CertGetCertificateContextProperty" , CharSet = CharSet . Auto , SetLastError = true )]
    public static extern Boolean CertSetCertificateContextProperty ( [In] IntPtr pCertContext , [In] Int32 dwPropId , [In] Int32 dwFlags , [In] IntPtr pvData );

    if ( Imports . CertGetCertificateContextProperty ( hCertCntxt , Constants . CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID , IntPtr . Zero , ref size ) )

    Above is whats left of my code after trying diffrent things.
    Wednesday, April 18, 2012 11:37 AM
  • This issue has been resolved, I was miss understanding the documentation. What I needed to do was first Decode the Data to get the Policy Structure.
    • Marked as answer by Paul Caesar Thursday, April 19, 2012 11:38 PM
    Thursday, April 19, 2012 11:38 PM