[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Problem with CertGetCertificateChain()
From:       Indraneel Sarkar <ISARKAR () NOVELL ! COM>
Date:       2002-11-13 17:58:45
[Download RAW message or body]

Hi,

We are experiencing a problem with CertGetCertificateChain() after installing SP1 on WindowsXP.
Here's the code snippet:

//
// declarations...
//
CERT_CHAIN_PARA chainPara;
PCCERT_CONTEXT          pCertCtx;
PCCERT_CHAIN_CONTEXT    pChainCtx;

//
// code to ensure pCertCtx is valid...
// Note: CERT_CHAIN_PARA_HAS_EXTRA_FIELDS is NOT defined
//

chainPara.cbSize = sizeof(CERT_CHAIN_PARA);
chainPara.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND;
chainPara.RequestedUsage.Usage.cUsageIdentifier = 0;
chainPara.RequestedUsage.Usage.rgpszUsageIdentifier = NULL;

if (CertGetCertificateChain(HCCE_LOCAL_MACHINE,
                        pCertCtx,
                        NULL, // use current system time
                        NULL, // no additional store
                        &chainPara,
                        CERT_CHAIN_REVOCATION_CHECK_END_CERT|CERT_CHAIN_CACHE_END_CERT,
                        NULL,
                        &pChainCtx)
        == FALSE)
{
        // handle error
}

On Windows XP systems without SP1, this code works fine. However, on systems
with SP1 applied, this call causes calling thread to die (terminate). Works fine with 
Windows2000 SP2. Can anyone clarify if CertGetCertificateChain() behaviour has
changed?

Thanks,
-Indraneel

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]