Export (0) Print
Expand All
Expand Minimize

CertCreateCertificateContext function

The CertCreateCertificateContext function creates a certificate context from an encoded certificate. The created context is not persisted to a certificate store. The function makes a copy of the encoded certificate within the created context.

Syntax


PCCERT_CONTEXT WINAPI CertCreateCertificateContext(
  _In_  DWORD dwCertEncodingType,
  _In_  const BYTE *pbCertEncoded,
  _In_  DWORD cbCertEncoded
);

Parameters

dwCertEncodingType [in]

Specifies the type of encoding used. It is always acceptable to specify both the certificate and message encoding types by combining them with a bitwise-OR operation as shown in the following example:

X509_ASN_ENCODING | PKCS_7_ASN_ENCODING

Currently defined encoding types are:

  • X509_ASN_ENCODING
  • PKCS_7_ASN_ENCODING
pbCertEncoded [in]

A pointer to a buffer that contains the encoded certificate from which the context is to be created.

cbCertEncoded [in]

The size, in bytes, of the pbCertEncoded buffer.

Return value

If the function succeeds, the function returns a pointer to a read-only CERT_CONTEXT. When you have finished using the certificate context, free it by calling the CertFreeCertificateContext function.

If the function is unable to decode and create the certificate context, it returns NULL. For extended error information, call GetLastError. Some possible error codes follow.

Return codeDescription
E_INVALIDARG

A certificate encoding type that is not valid was specified. Currently, only the X509_ASN_ENCODING type is supported.

 

If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information about these errors, see ASN.1 Encoding/Decoding Return Values.

Remarks

The CERT_CONTEXT must be freed by calling CertFreeCertificateContext. CertDuplicateCertificateContext can be called to make a duplicate. CertSetCertificateContextProperty and CertGetCertificateContextProperty can be called to store and read properties for the certificate.

Examples

The following example shows creating a certificate context from an encoded certificate. The created context is not put in a certificate store. For another example that uses this function, see Example C Program: Certificate Store Operations.


#include <windows.h>
#include <stdio.h>
#include <Wincrypt.h>

#define MY_ENCODING_TYPE  (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)

void main()
{
	PCCERT_CONTEXT  pCertContext = NULL; 

	//------------------------------------------------------------------ 
	//  Create a new certificate from the encoded part of
	//  an available certificate. pDesiredCert is a previously
	//  assigned PCCERT_CONTEXT variable.
	if(pCertContext = CertCreateCertificateContext(
		MY_ENCODING_TYPE,              // The encoding type
		pDesiredCert->pbCertEncoded,   // The encoded data from
									   // the certificate retrieved
		pDesiredCert->cbCertEncoded))  // The length of the encoded data
	{
		printf("A new certificate has been created.\n");
	 
		// Use the certificate context as needed.
		// ...

		// When finished, free the certificate context.
		CertFreeCertificateContext(pCertContext);
	}
	else
	{
		printf("A new certificate could not be created.\n");
		exit(1);
	}
}

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Wincrypt.h

Library

Crypt32.lib

DLL

Crypt32.dll

See also

Certificate Functions
CERT_CONTEXT
CertCreateCRLContext
CertCreateCTLContext
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertSetCertificateContextProperty

 

 

Community Additions

ADD
Show:
© 2014 Microsoft