我正在尝试为我的应用程序创建客户端证书(用cpp编写)。执行 CertSetCertificateContextProperty 时,程序退出。它甚至不会引发任何错误。我无法调试它,因为这是Windows API。任何帮助将非常感激。 以下是我遵循的步骤:
步骤1:我生成的密钥对为:
if (!CryptGenKey(hCryptProv, AT_KEYEXCHANGE, CRYPT_EXPORTABLE, &hKey))
{
_tprintf(_T("CryptGenKey error 0x%x\n"), GetLastError());
return 1;
}
第2步:将私钥导出为:
if (!CryptExportKey(hKey, NULL, PRIVATEKEYBLOB, 0, pbPrivateKey, &dwPrivateKeyLen))
{
// Error
_tprintf(_T("CryptExportKey error 0x%x\n"), GetLastError());
return 1;
}
第3步:使用我的CA使用密钥对创建证书。 步骤4:将证书添加到证书存储中。 (我可以通过将商店中的所有证书作为价格来进行验证)
pctx = CertCreateCertificateContext(MY_ENCODING_TYPE,
(BYTE*)pfx,
GetFileSize(hfile, 0));
.....
if (CertAddCertificateContextToStore(hSystemStore, pctx, CERT_STORE_ADD_REPLACE_EXISTING, 0))
{
cout << "In AddCertToStoreWrapper: Certificate Successfully Added to the Cert store " << endl;
}
步骤4:将证书链接到步骤1中生成的密钥对。 (程序在此步骤中被杀死。
void LinkKeytoCert()
{
HCERTSTORE hCertStore = 0;
HANDLE hfile = 0;
HANDLE hsection = 0;
void* pfx = NULL;
PCCERT_CONTEXT pCertContext = NULL;
//Open the SystemStore
if (hCertStore = CertOpenSystemStore(NULL, L"MY")) // TODO: vs CertOpenStore
{
cout << "\nIn LinkKeytoCert: Succuessfully Opened the System Store" << endl;
}
else
{
cout << "\nIn LinkKeytoCert: Unable to open the System Store" << endl;
}
if (CertFindCertificateInStore(
hCertStore,
MY_ENCODING_TYPE, // Use X509_ASN_ENCODING
0, // No dwFlags needed
CERT_FIND_SUBJECT_STR, // Find a certificate with a
// subject that matches the
// string in the next parameter
L"damodar1", // The Unicode string to be found
// in a certificate's subject
pCertContext)) // NULL for the first call to the
// function
// In all subsequent
// calls, it is the last pointer
// returned by the function
{
cout << "In LinkKeytoCert: Found the certificate" << endl;
//=====================Linking the Cert and Key=====================================
wchar_t str1[] = L"AlejaCMa.EncryptDecrypt";
/*
const wchar_t *str2 = L"Hello ";
LPWSTR lpstrMyass = str1;
*/
CRYPT_KEY_PROV_INFO pData = { 0 };
pData.pwszContainerName = str1;
pData.dwProvType = PROV_RSA_FULL;
pData.dwKeySpec = AT_KEYEXCHANGE;
pData.dwFlags = CERT_SET_KEY_PROV_HANDLE_PROP_ID;
pData.pwszProvName = nullptr;
cout << "In LinkKeytoCert: Setting the link " << endl;
if (CertSetCertificateContextProperty(pCertContext, CERT_KEY_PROV_INFO_PROP_ID, 0, &pData)) //Program exit at this step. It doesn't even throws any error. I can't debug it as this is a Windows API.
{
cout << "CertSetCertificateContextProperty successful" << endl;
}
else
{
MyHandleError(TEXT("CertSetCertificateContextProperty failed."));
}
cout << "Successfully linked the certificate" << endl;
}
else
{
cout << "In LinkKeytoCert: Couldn't find the certificate" << endl;
}
//--------------------------------------------------------------------
// Free Memory and close the open store.
if (pCertContext)
{
CertFreeCertificateContext(pCertContext);
}
CertCloseStore(hCertStore, 0);
}