[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Re: How to decide if there is a private key
From: "Ryan M. Hurst" <rmh () WINDOWS ! MICROSOFT ! COM>
Date: 2003-06-06 15:07:02
[Download RAW message or body]
Probably overkill but its OK.
From: H. Mur
Sent: Fri 6/6/2003 4:29 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: How to decide if there is a private key
Thanks Ryan,
this works fine. I additionally check if the CRYPT_KEY_PROV_INFO ->
pwszProvName and CRYPT_KEY_PROV_INFO -> pwszContainerName exists. If the
certs has a CRYPT_KEY_PROV_INFO but no pwszProvName or no pwszContainerName
then I assume that there is no private key. Is this okay or is this an
overkill?
Thanks to all for the help,
Johann
"Ryan M. Hurst" <rmh@WINDOWS.MICROSOFT.COM>@DISCUSS.MICROSOFT.COM> on
05.06.2003 19:17:46
Please respond to Microsoft Cryptographic API
<CryptoAPI@DISCUSS.MICROSOFT.COM>
Sent by: Microsoft Cryptographic API <CryptoAPI@DISCUSS.MICROSOFT.COM>
To: CryptoAPI@DISCUSS.MICROSOFT.COM
cc:
Subject: Re: How to decide if there is a private key
Oh, any you can see if a certificate has a private key associated with
it by checking if there is a KEY_PROV_INFO property on the certificate.
Ryan
-----Original Message-----
From: Microsoft Cryptographic API
[mailto:CryptoAPI@DISCUSS.MICROSOFT.COM] On Behalf Of H. Mur
Sent: Thursday, June 05, 2003 1:19 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: How to decide if there is a private key
Hi,
I have following situations.
#1: A user imports some certificate from a p12-file and therefore it
also
has the corresponding private key.
#2: The same user also imports the very same certificate a second time
but
now from a cer-file. So, no private key this time.
#3: Both certificate are in differents store (AddressBook and My)
(Okay, I know that this sounds very strange, but I really know people
who
did it exactly this way)
When I start the MMC-snapin for certificate management and examine these
two certificate then MMC tells me that it has a private key for the
first
certificate but it has no private key for the second certificate. Great!
My problem:
My application gets as input the subject / serial / issuer of a
certificate. Then it enumerates all stores and searches for this
certificate in every single store. It can happen that at first it finds
the
certificate that was imported via the cer-file and has therefore no
private
key. Because my application depends on the private key I try to check if
the found certificate has a corresponding private key.
But I could not succeed in this:
CryptAcquireCertificatePrivateKey() reports a correspondig private key
even
if I found the "wrong" certificate
CryptFindCertificateProvInfo() and CryptGetUserKey() also report a
private
key for the "wrong" certificate.
What function should I use in order to get the same result as in the
MMC-snapin?
Any help is appreciated!
Thanks,
Johann
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic