我使用visual studio 2013和windows 7 32bit。
我想通过证书的根和链来验证数字签名。
所以我在certcreatecertificatechainengine()中得到0x80070057错误代码。
bool result = false;
HCERTCHAINENGINE hChainEngine;
CERT_CHAIN_ENGINE_CONFIG ChainConfig;
PCCERT_CHAIN_CONTEXT pChainContext;
//PCCERT_CHAIN_CONTEXT pDupContext;
HCERTSTORE hCertStore;
//PCCERT_CONTEXT pCertContext = NULL;
CERT_ENHKEY_USAGE EnhkeyUsage;
CERT_USAGE_MATCH CertUsage;
CERT_CHAIN_PARA ChainPara;
DWORD dwFlags = 0;
//LPWSTR pszNameString;
//---------------------------------------------------------
// Initialize data structures.
EnhkeyUsage.cUsageIdentifier = 0;
EnhkeyUsage.rgpszUsageIdentifier = NULL;
CertUsage.dwType = USAGE_MATCH_TYPE_AND;
CertUsage.Usage = EnhkeyUsage;
ChainPara.cbSize = sizeof(CERT_CHAIN_PARA);
ChainPara.RequestedUsage = CertUsage;
ChainConfig.cbSize = sizeof(CERT_CHAIN_ENGINE_CONFIG) * 4;
ChainConfig.hRestrictedRoot = NULL;
ChainConfig.hRestrictedTrust = NULL;
ChainConfig.hRestrictedOther = NULL;
ChainConfig.cAdditionalStore = 0;
ChainConfig.rghAdditionalStore = nullptr;
ChainConfig.dwFlags = CERT_CHAIN_CACHE_END_CERT;
ChainConfig.dwUrlRetrievalTimeout = 0;
ChainConfig.MaximumCachedCertificates = 0;
ChainConfig.CycleDetectionModulus = 0;
ChainConfig.hExclusiveRoot = NULL;
ChainConfig.hExclusiveTrustedPeople = NULL;
ChainConfig.dwExclusiveFlags = 0;
//---------------------------------------------------------
// Create the non default certificate chain engine.
if (!CertCreateCertificateChainEngine(
&ChainConfig,
&hChainEngine))
{
DWORD err = GetLastError();
MessageBox(NULL, L"The engine creation function failed.", L"Error ", MB_OK);
return false;
}
我也看到这篇文章:
但我找不到解决方案。