Example C Program: Registering Physical and System Certificate Stores
Physical stores may be made more or less permanent members of a system store. When a physical store is a member of a system store, operations on the system store such as finding a certificate will look in all of the physical stores that are registered as members of the system store. A physical store can be removed from membership in a system store by using an unregister function.
This example shows the following tasks and CryptoAPI functions:
- Registering (creating) a new system store using CertRegisterSystemStore.
- Opening a newly created system store using CertOpenStore.
- Registering a physical store as a member of a system store using CertRegisterPhysicalStore.
- Unregistering (deleting) a system store using CertUnregisterSystemStore.
This example also demonstrates the creation and deletion of system stores.
// This example uses CertRegisterSystemStore.
#pragma comment(lib, "crypt32.lib")
// Copyright (C) Microsoft. All rights reserved.
#include <stdio.h>
#include <windows.h>
#include <Wincrypt.h>
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
void MyHandleError(char *s);
void main()
{
// Declare and initialize variables.
HCERTSTORE hSystemStore;
DWORD dwFlags= CERT_SYSTEM_STORE_CURRENT_USER;
LPCWSTR pvSystemName= L"NEWSTORE"; // For this setting of
// dwFlags, the store name may
// be prefixed with a user name.
CERT_PHYSICAL_STORE_INFO PhysicalStoreInfo;
BYTE fResponse = 'n';
if(CertRegisterSystemStore(
pvSystemName,
dwFlags,
NULL,
NULL))
printf("System store %S is registered. \n",pvSystemName);
else
printf("The system store did not register. \n");
// Open the NEWSTORE as a system store.
if(hSystemStore = CertOpenStore(
CERT_STORE_PROV_SYSTEM, // the store provider type
0, // the encoding type is not needed
NULL, // use the default HCRYPTPROV
CERT_SYSTEM_STORE_CURRENT_USER,
// set the store location in a registry
// location
pvSystemName )) // the store name as a Unicode string
{
printf("The new store has been opened as a system store.\n");
}
else
{
printf("The new store was not opened as a system store.\n");
}
if(hSystemStore)
{
if(CertCloseStore(hSystemStore,0))
{
printf("The system store has been closed.\n");
}
else
{
printf("The system store could not be closed.\n");
}
}
else
{
printf("The system store did not need to be closed.\n");
}
// Initialize PhysicalStoreInfo.
PhysicalStoreInfo.cbSize=sizeof(CERT_PHYSICAL_STORE_INFO);
PhysicalStoreInfo.pszOpenStoreProvider=(LPSTR)
CERT_STORE_PROV_FILENAME;
PhysicalStoreInfo.dwFlags=CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG;
// Replace the path below with one that is appropriate for you.
PhysicalStoreInfo.OpenParameters.pbData =
(BYTE *) L"C:\\temp\\mystore";
PhysicalStoreInfo.OpenParameters.cbData =
(wcslen((LPWSTR) PhysicalStoreInfo.OpenParameters.pbData) + 1) *
sizeof(WCHAR);
PhysicalStoreInfo.dwPriority=1;
PhysicalStoreInfo.dwOpenEncodingType=MY_ENCODING_TYPE;
// Register the physical store.
if(CertRegisterPhysicalStore(
L"NEWSTORE",
dwFlags,
L"TESTOR.STO",
&PhysicalStoreInfo,
NULL
))
{
printf("Physical store is registered. \n");
}
else
{
printf("The physical store was not registered.\n");
}
// Next, unregister the store.
printf("Would you like to unregister the %S store? (y/n) "
,pvSystemName);
scanf_s("%c",&fResponse);
if(fResponse=='y')
{
if(CertUnregisterSystemStore(
pvSystemName,
dwFlags))
{
printf("System store %S has been unregistered.\n"
,pvSystemName);
}
else
{
printf("The system store was not unregistered.\n");
}
}
} // end main
// This example uses the function MyHandleError, a simple error
// handling function, to print an error message to
// the standard error (stderr) file and exit the program.
// For most applications, replace this function with one
// that does more extensive error reporting.
void MyHandleError(char *s)
{
fprintf(stderr,"An error occurred in running the program. \n");
fprintf(stderr,"%s\n",s);
fprintf(stderr, "Error number %x.\n", GetLastError());
fprintf(stderr, "Program terminating. \n");
exit(1);
} // end of MyHandleError