m_certificateStoreHandle = CertOpenStore( CERT_STORE_PROV_MEMORY, 0, NULL, 0, NU

1. m_certificateStoreHandle = CertOpenStore( CERT_STORE_PROV_MEMORY, 0, NULL, 0, NULL );
2.  
3. CertAddEncodedCertificateToStore( m_certificateStoreHandle,
4. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
5. reinterpret_cast< const BYTE * >( certificateData ),
6. dataSize,
7. CERT_STORE_ADD_REPLACE_EXISTING,
8. &m_clientCertificate )
9.  
10. HCRYPTPROV cryptProvider = NULL;
11. HCRYPTKEY cryptKey = NULL;
12. CryptAcquireContext( &cryptProvider, "MyTestKeyNumber123", NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET )
13.  
14. CryptImportKey( cryptProvider, reinterpret_cast< BYTE * >( privateKey ), keySize, 0, CRYPT_EXPORTABLE, &cryptKey )
15.  
16. char containerName[128];
17. DWORD containerNameSize = ARRAY_NUM_BYTES(containerName);
18. char providerName[128];
19. DWORD providerNameSize = ARRAY_NUM_BYTES(providerName);
20.  
21. CryptGetProvParam(cryptProvider, PP_CONTAINER, reinterpret_cast<byte *>(containerName), &containerNameSize, 0)
22. CryptGetProvParam(cryptProvider, PP_NAME, reinterpret_cast<byte *>(providerName), &providerNameSize, 0)
23.  
24. WCHAR containerNameWide[128];
25. convertCharToWChar(containerNameWide, containerName);
26. WCHAR providerNameWide[128];
27. convertCharToWChar(providerNameWide, providerName);
28.  
29. CRYPT_KEY_PROV_INFO privateKeyData;
30. neMemZero(&privateKeyData, sizeof(privateKeyData));
31. privateKeyData.pwszContainerName = containerNameWide;
32. privateKeyData.pwszProvName = providerNameWide;
33. privateKeyData.dwProvType = 0;
34. privateKeyData.dwFlags = CRYPT_SILENT;
35. privateKeyData.dwKeySpec = AT_KEYEXCHANGE;
36.  
37. if ( CertSetCertificateContextProperty( m_clientCertificate, CERT_KEY_PROV_INFO_PROP_ID, 0, &privateKeyData ) )
38.  
39. byte privateKeyBuffer[2048];
40. DWORD privateKeyBufferSize = ARRAY_NUM_BYTES(privateKeyBuffer);
41. memZero(privateKeyBuffer, privateKeyBufferSize);
42. if(CryptExportKey(cryptKey, 0, PRIVATEKEYBLOB, 0, privateKeyBuffer, &privateKeyBufferSize))
43. {
44. TRACE("Got private key!");
45. LOG_BUFFER(privateKeyBuffer, privateKeyBufferSize);
46. }
47.  
48. char certNameBuffer[128] = "";
49. char certUrlBuffer[128] = "";
50. CertGetNameString(testValue, CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL, certNameBuffer, ARRAY_NUM_BYTES(certNameBuffer));
51. CertGetNameString(testValue, CERT_NAME_URL_TYPE , 0, NULL, certUrlBuffer, ARRAY_NUM_BYTES(certUrlBuffer));
52. TRACE("SSL Certificate %s [%s]", certNameBuffer, certUrlBuffer);
53.  
54. HCRYPTPROV_OR_NCRYPT_KEY_HANDLE privateKey;
55. DWORD privateKeyType;
56. BOOL freeKeyAfter = false;
57. if(CryptAcquireCertificatePrivateKey(testValue, CRYPT_ACQUIRE_NO_HEALING, NULL, &privateKey, &privateKeyType, &freeKeyAfter))
58. {
59. HCRYPTPROV privateKeyProvider = static_cast<HCRYPTPROV>(privateKey);
60. HCRYPTKEY privateKeyHandle;
61. if(CryptGetUserKey(privateKeyProvider, privateKeyType, &privateKeyHandle))
62. {
63. NEbyte privateKeyBuffer[2048];
64. DWORD privateKeyBufferSize = NE_ARRAY_NUM_BYTES(privateKeyBuffer);
65. neMemZero(privateKeyBuffer, privateKeyBufferSize);
66. if(CryptExportKey(privateKeyHandle, 0, PRIVATEKEYBLOB, 0, privateKeyBuffer, &privateKeyBufferSize))
67. {
68. NE_TRACE("Got private key!");
69. HTTP_LOG_BUFFER(neGetGlobalTraceLog(), "Key", "", privateKeyBuffer, privateKeyBufferSize);
70. }
71.  
72. if ( !WinHttpSetOption( handle,
73. WINHTTP_OPTION_CLIENT_CERT_CONTEXT,
74. const_cast<PCERT_CONTEXT>(m_clientCertificate),
75. sizeof( CERT_CONTEXT ) ) )
76. {
77. HTTP_LOG_ERROR( getLog(), "Setting the client certificate failed with error code %x", GetLastError() );
78. }
79.  
80. m_clientCertificateStoreHandle = PFXImportCertStore(&pfxData, certificatePassword, 0);
81. if(NULL != m_clientCertificateStoreHandle)
82. {
83. m_clientCertificateHandle = CertFindCertificateInStore( m_clientCertificateStoreHandle, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, 0, CERT_FIND_ANY, NULL, NULL );
84. }