Example C Program: Registering Physical and System Certificate Stores
Physical stores may be made more or less permanent members of a system store. When a physical store is a member of a system store, operations on the system store such as finding a certificate will look in all of the physical stores that are registered as members of the system store. A physical store can be removed from membership in a system store by using an unregister function.
This example shows the following tasks and CryptoAPI functions:
- Registering (creating) a new system store using CertRegisterSystemStore.
- Opening a newly created system store using CertOpenStore.
- Registering a physical store as a member of a system store using CertRegisterPhysicalStore.
- Unregistering (deleting) a system store using CertUnregisterSystemStore.
This example also demonstrates the creation and deletion of system stores.
// This example uses CertRegisterSystemStore. #pragma comment(lib, "crypt32.lib") // Copyright (C) Microsoft. All rights reserved. #include <stdio.h> #include <windows.h> #include <Wincrypt.h> #define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING) void MyHandleError(char *s); void main() { // Declare and initialize variables. HCERTSTORE hSystemStore; DWORD dwFlags= CERT_SYSTEM_STORE_CURRENT_USER; LPCWSTR pvSystemName= L"NEWSTORE"; // For this setting of // dwFlags, the store name may // be prefixed with a user name. CERT_PHYSICAL_STORE_INFO PhysicalStoreInfo; BYTE fResponse = 'n'; if(CertRegisterSystemStore( pvSystemName, dwFlags, NULL, NULL)) printf("System store %S is registered. \n",pvSystemName); else printf("The system store did not register. \n"); // Open the NEWSTORE as a system store. if(hSystemStore = CertOpenStore( CERT_STORE_PROV_SYSTEM, // the store provider type 0, // the encoding type is not needed NULL, // use the default HCRYPTPROV CERT_SYSTEM_STORE_CURRENT_USER, // set the store location in a registry // location pvSystemName )) // the store name as a Unicode string { printf("The new store has been opened as a system store.\n"); } else { printf("The new store was not opened as a system store.\n"); } if(hSystemStore) { if(CertCloseStore(hSystemStore,0)) { printf("The system store has been closed.\n"); } else { printf("The system store could not be closed.\n"); } } else { printf("The system store did not need to be closed.\n"); } // Initialize PhysicalStoreInfo. PhysicalStoreInfo.cbSize=sizeof(CERT_PHYSICAL_STORE_INFO); PhysicalStoreInfo.pszOpenStoreProvider=(LPSTR) CERT_STORE_PROV_FILENAME; PhysicalStoreInfo.dwFlags=CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG; // Replace the path below with one that is appropriate for you. PhysicalStoreInfo.OpenParameters.pbData = (BYTE *) L"C:\\temp\\mystore"; PhysicalStoreInfo.OpenParameters.cbData = (wcslen((LPWSTR) PhysicalStoreInfo.OpenParameters.pbData) + 1) * sizeof(WCHAR); PhysicalStoreInfo.dwPriority=1; PhysicalStoreInfo.dwOpenEncodingType=MY_ENCODING_TYPE; // Register the physical store. if(CertRegisterPhysicalStore( L"NEWSTORE", dwFlags, L"TESTOR.STO", &PhysicalStoreInfo, NULL )) { printf("Physical store is registered. \n"); } else { printf("The physical store was not registered.\n"); } // Next, unregister the store. printf("Would you like to unregister the %S store? (y/n) " ,pvSystemName); scanf_s("%c",&fResponse); if(fResponse=='y') { if(CertUnregisterSystemStore( pvSystemName, dwFlags)) { printf("System store %S has been unregistered.\n" ,pvSystemName); } else { printf("The system store was not unregistered.\n"); } } } // end main // This example uses the function MyHandleError, a simple error // handling function, to print an error message to // the standard error (stderr) file and exit the program. // For most applications, replace this function with one // that does more extensive error reporting. void MyHandleError(char *s) { fprintf(stderr,"An error occurred in running the program. \n"); fprintf(stderr,"%s\n",s); fprintf(stderr, "Error number %x.\n", GetLastError()); fprintf(stderr, "Program terminating. \n"); exit(1); } // end of MyHandleError