'Using CertFindCertificateInStore with CERT_FIND_CERT_ID'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Using CertFindCertificateInStore with CERT_FIND_CERT_ID
From:       Joe Steele <steele () ADOBE ! COM>
Date:       2001-11-20 18:55:20
[Download RAW message or body]


Has anyone successfully used CertFindCertificateInStore() with the
CERT_FIND_CERT_ID find type?  I have tried MANY different ways of creating
the CERT_ID structure and nothing seems to work.

Here's the scenario:

// given this
HCERTSTORE hStore = /* store handle created elsewhere */;
PCCERT_CONTEXT cert = NULL;
CERT_ID id;
id.dwIdChoice = CERT_ID_ISSUER_SERIAL_NUMBER;
id.IssuerSerialNumber.Issuer.pbData = /* my raw issuer CN (Unicode) */;
id.IssuerSerialNumber.Issuer.cbData = /* my raw issuer length */;
id.IssuerSerialNumber.SerialNumber.pbData = /* my raw serial number */;
id.IssuerSerialNumber.SerialNumber.cbData = /* my raw serial number length
*/;

// Method#1: this finds a cert
cert = CertFindCertificateInStore(
        hStore,
        X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
        0,
        CERT_FIND_ISSUER_STR,
        id.IssuerSerialNumber.Issuer.pbData,
        cert );
if( cert && memcmp(
        found->pCertInfo->SerialNumber.pbData,
        id.IssuerSerialNumber.SerialNumber.pbData,
        id.IssuerSerialNumber.SerialNumber.cbData) == 0 )
{
        // I found a matching cert!
}

// Method#2: this does not!!
cert = CertFindCertificateInStore(
        hStore,
        X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
        0,
        CERT_FIND_CERT_ID,
        &id,
        cert );
if( cert )
{
        // I never get here :-(
}

In the long run, I am going with the first method anyway (because
CERT_FIND_CERT_ID is not supported on Win9x), but this really bothers me.
Any clues?

BTW, I am using a test certificate issued by Verisign and using the
Microsoft Enhanced CSP, so there should not be any wierdness there.

Joe Steele

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic