Sample Code (C++) - Scan Certificate Expiration Date Remotely

It is hard to find a tool to check certificate expiration date on a remote machine without logon locally. Here is my code to accomplish this job:

// to build: cl scancert.cpp -link crypt32.lib
//------------------------------------------------------

#include <windows.h>
#include <wincrypt.h>
#include <stdlib.h>
#include <stdio.h>
#include <shlwapi.h>
const char *s1 = "\\my";
void listlocalcertstore(char const * const s);

void main(int argc, char** argv)
{
if (argc != 2) {
printf("Usage %s servername\n", argv[0]);
exit(1);
}
char *s2 = (char*)malloc( (strlen(s1) + strlen(argv[1]) +1) * sizeof(char));
if( s2 == NULL) {
printf("Can not allocate memory on s2\n");
exit(1);
}
strcpy(s2, argv[1]);
strcat (s2, s1);

   char *s0 = (char*)malloc( (3 + strlen(s2)) * sizeof(char));

   if( s0 == NULL) {
printf("Can not allocate memory on s0\n");
exit(1);
}
strcpy(s0,"\\\\");
strcat (s0, s2);
listlocalcertstore(s0);
free(s2);
free(s0);
}

void HandleError(char *s);

void listlocalcertstore(char const * const pszStoreName) {
HANDLE hStoreHandle;
PCCERT_CONTEXT pCertContext=NULL;
PCCERT_CONTEXT pDupCertContext;
PCERT_PUBLIC_KEY_INFO pOldPubKey = NULL;
PCERT_PUBLIC_KEY_INFO pNewPubKey;
char pszNameString[256];
wchar_t pwszStoreName[256];
swprintf(pwszStoreName, L"%S", pszStoreName);
hStoreHandle = CertOpenStore(
CERT_STORE_PROV_SYSTEM,
0,
NULL,
CERT_SYSTEM_STORE_LOCAL_MACHINE,
pwszStoreName
);

   if(hStoreHandle)
{
// printf("The %s store has been opened. \n", pszStoreName);
}
else
{
HandleError("The store was not opened.");
}

   /* Find the certificates in the system store. */

   while(pCertContext = CertEnumCertificatesInStore(hStoreHandle, pCertContext)) {
/* Get and display the name of subject of the certificate. */
if(CertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, pszNameString, 128)) {
printf("\nCertificate: %s \n",pszNameString);
}
else
{
HandleError("CertGetName failed.");
}

      if(CertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, pszNameString, 128)) {
// printf("Issuer %s \n",pszNameString);
}
else
{
HandleError("CertGetName failed.");
}

      FILETIME expirytime;
SYSTEMTIME systime;
expirytime = pCertContext->pCertInfo->NotAfter;
FileTimeToSystemTime(&expirytime, &systime);
printf("Expiry date: %d %d %d\n", systime.wYear, systime.wMonth, systime.wDay);
}
CertCloseStore(hStoreHandle, 0);
}

void printError(DWORD messageId) {
LPSTR pBuf;

   if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM, NULL, messageId, 0, (LPSTR) &pBuf, 0, NULL)) {
fprintf(stderr, "%s\n", pBuf);
LocalFree(pBuf);
}
else
{
fprintf(stderr, "Error %d (0x%x)\n", messageId);
}
}

void HandleError(char *s)
{
DWORD dwErr = GetLastError();
fprintf(stderr,"An error occurred in running the program. \n");
fprintf(stderr,"%s\n",s);
fprintf(stderr, "Error number %x.\n", dwErr);
printError(dwErr);
fprintf(stderr, "Program terminating. \n");
exit(1);
}

Comments

  • Anonymous
    January 01, 2003
    thanks