|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Unicode C) Import a PFX/P12 into the Windows Certificate StoresDemonstrates how to import the certificates contained in a .pfx/.p12 to the Windows certificate stores.
#include <C_CkCertW.h> #include <C_CkCertChainW.h> #include <C_CkCertStoreW.h> void ChilkatSample(void) { HCkCertW primaryCert; const wchar_t *pfxPassword; BOOL success; HCkCertChainW certChain; BOOL chainReachesRoot; HCkCertW cert; int i; int numCerts; HCkCertStoreW certStoreCU; HCkCertStoreW certStoreCA; HCkCertStoreW certStoreRootCA; BOOL readOnlyFlag; BOOL allSuccess; primaryCert = CkCertW_Create(); // Load a PFX file into a certificate object. // The cert object will contain the certificate from the PFX that has a private key. // The certs in the chain of authentication (if contained in the PFX) are also loaded, // and can be accessed by getting the certificate chain (see below). // If the PFX did not include the issuer certs in the chain of authentication, then Chilkat will // automatically try to construct the issuer chain from the CA and intermedicate CA certs // already installed on the Windows system. pfxPassword = L"myPfxPassword"; success = CkCertW_LoadPfxFile(primaryCert,L"qa_data/pfx/somePfx.p12",pfxPassword); if (success == FALSE) { wprintf(L"%s\n",CkCertW_lastErrorText(primaryCert)); CkCertW_Dispose(primaryCert); return; } certChain = CkCertW_GetCertChain(primaryCert); if (CkCertW_getLastMethodSuccess(primaryCert) == FALSE) { wprintf(L"%s\n",CkCertW_lastErrorText(primaryCert)); CkCertW_Dispose(primaryCert); return; } // If the certificate chain reaches the root CA cert, then the last cert in the chain // is the root CA cert. chainReachesRoot = CkCertChainW_getReachesRoot(certChain); if (chainReachesRoot == TRUE) { wprintf(L"The certificate chain reaches the root CA cert.\n"); } i = 0; numCerts = CkCertChainW_getNumCerts(certChain); while (i < numCerts) { cert = CkCertChainW_GetCert(certChain,i); wprintf(L"SubjectDN %d: %s\n",i,CkCertW_subjectDN(cert)); wprintf(L"IssuerDN %d: %s\n",i,CkCertW_issuerDN(cert)); wprintf(L"--\n"); CkCertW_Dispose(cert); i = i + 1; } // The primary cert having the private key will be imported into the Current User "My" certificate store. // Any intermediate root certificates will be imported into certificate store for intermediate certificate authorities. // The root CA cert will be imported into the Root CA cert store. // Let's open each of these 3 certificate stores.. certStoreCU = CkCertStoreW_Create(); certStoreCA = CkCertStoreW_Create(); certStoreRootCA = CkCertStoreW_Create(); readOnlyFlag = FALSE; // "CurrentUser" and "My" are the exact keywords to select your user account's certificate store. success = CkCertStoreW_OpenWindowsStore(certStoreCU,L"CurrentUser",L"My",readOnlyFlag); if (success == FALSE) { wprintf(L"Failed to open the CurrentUser/My certificate store for read/write.\n"); CkCertChainW_Dispose(certChain); CkCertW_Dispose(primaryCert); CkCertStoreW_Dispose(certStoreCU); CkCertStoreW_Dispose(certStoreCA); CkCertStoreW_Dispose(certStoreRootCA); return; } // Certificate store for intermediate certification authorities (CAs). success = CkCertStoreW_OpenWindowsStore(certStoreCA,L"CurrentUser",L"CertificationAuthority",readOnlyFlag); if (success == FALSE) { wprintf(L"Failed to open the CurrentUser/CertificationAuthority certificate store for read/write.\n"); CkCertChainW_Dispose(certChain); CkCertW_Dispose(primaryCert); CkCertStoreW_Dispose(certStoreCU); CkCertStoreW_Dispose(certStoreCA); CkCertStoreW_Dispose(certStoreRootCA); return; } // Certificate store for trusted root certification authorities (CAs). success = CkCertStoreW_OpenWindowsStore(certStoreRootCA,L"CurrentUser",L"Root",readOnlyFlag); if (success == FALSE) { wprintf(L"Failed to open the CurrentUser/Root certificate store for read/write.\n"); CkCertChainW_Dispose(certChain); CkCertW_Dispose(primaryCert); CkCertStoreW_Dispose(certStoreCU); CkCertStoreW_Dispose(certStoreCA); CkCertStoreW_Dispose(certStoreRootCA); return; } // Iterate over the certs in the chain and import each into the desired certificate store. allSuccess = TRUE; i = 0; while (i < numCerts) { cert = CkCertChainW_GetCert(certChain,i); if (i == 0) { // Import the primary certificate into the CurrentUser/My certificate store. success = CkCertStoreW_AddCertificate(certStoreCU,cert); if (success == FALSE) { wprintf(L"%s\n",CkCertStoreW_lastErrorText(certStoreCU)); allSuccess = FALSE; } } else { if ((i == (numCerts - 1)) && (chainReachesRoot == TRUE)) { // Add the root CA certificate to the CurrentUser/Root certificate store. // (Your application can obviously choose whether this should be done or not. Perhaps you prompt the user.) // Note: If the root CA cert is already present in the Windows certificate store, Windows will display // a dialog to ask if it should be deleted. Chilkat does not explicitly display dialogs. success = CkCertStoreW_AddCertificate(certStoreRootCA,cert); if (success == FALSE) { wprintf(L"%s\n",CkCertStoreW_lastErrorText(certStoreRootCA)); allSuccess = FALSE; } } else { // This is an intermediate CA certificate. success = CkCertStoreW_AddCertificate(certStoreCA,cert); if (success == FALSE) { wprintf(L"%s\n",CkCertStoreW_lastErrorText(certStoreCA)); allSuccess = FALSE; } } } if (success == FALSE) { wprintf(L"Failed to import certificate.\n"); } CkCertW_Dispose(cert); i = i + 1; } CkCertChainW_Dispose(certChain); wprintf(L"allSuccess = %d\n",allSuccess); CkCertW_Dispose(primaryCert); CkCertStoreW_Dispose(certStoreCU); CkCertStoreW_Dispose(certStoreCA); CkCertStoreW_Dispose(certStoreRootCA); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.