PCCERT_CONTEXT SSL_SOCKET :: CreateOurCertificate() { // CertCreateSelfSignCertificate(0,&SubjectName,0,0,0,0,0,0); HRESULT hr = 0; HCRYPTPROV hProv = NULL; PCCERT_CONTEXT p = 0; HCRYPTKEY hKey = 0; CERT_NAME_BLOB sib = { 0 }; BOOL AX = 0; // Step by step to create our own certificate try { // Create the subject char cb[1000] = {0}; sib.pbData = (BYTE*)cb; sib.cbData = 1000; wchar_t* szSubject= L"CN=Certificate"; if (!CertStrToName(CRYPT_ASN_ENCODING, szSubject,0,0,sib.pbData,&sib.cbData,NULL)) throw; // Acquire Context wchar_t* pszKeyContainerName = L"Container"; if (!CryptAcquireContext(&hProv,pszKeyContainerName,MS_DEF_PROV,PROV_RSA_FULL,CRYPT_NEWKEYSET | CRYPT_MACHINE_KEYSET)) { hr = GetLastError(); if (GetLastError() == NTE_EXISTS) { if (!CryptAcquireContext(&hProv,pszKeyContainerName,MS_DEF_PROV,PROV_RSA_FULL,CRYPT_MACHINE_KEYSET)) { throw; } } else throw; } // Generate KeyPair if (!CryptGenKey(hProv, AT_KEYEXCHANGE, CRYPT_EXPORTABLE, &hKey)) throw; // Generate the certificate CRYPT_KEY_PROV_INFO kpi = {0}; kpi.pwszContainerName = pszKeyContainerName; kpi.pwszProvName = MS_DEF_PROV; kpi.dwProvType = PROV_RSA_FULL; kpi.dwFlags = CERT_SET_KEY_CONTEXT_PROP_ID; kpi.dwKeySpec = AT_KEYEXCHANGE; SYSTEMTIME et; GetSystemTime(&et); et.wYear += 1; CERT_EXTENSIONS exts = {0}; p = CertCreateSelfSignCertificate(hProv,&sib,0,&kpi,NULL,NULL,&et,&exts); AX = CryptFindCertificateKeyProvInfo(p,CRYPT_FIND_MACHINE_KEYSET_FLAG,NULL) ; /* hCS = CertOpenStore(CERT_STORE_PROV_MEMORY,0,0,CERT_STORE_CREATE_NEW_FLAG,0); AX = CertAddCertificateContextToStore(hCS,p,CERT_STORE_ADD_NEW,0); AX = CryptFindCertificateKeyProvInfo(p,CRYPT_FIND_MACHINE_KEYSET_FLAG,NULL);*/ } catch(...) { } if (hKey) CryptDestroyKey(hKey); hKey = 0; if (hProv) CryptReleaseContext(hProv,0); hProv = 0; return p; }
::PCCERT_CONTEXT acquire () { HRESULT hr = 0; HCRYPTPROV hProv = NULL; PCCERT_CONTEXT p = 0; HCRYPTKEY hKey = 0; CERT_NAME_BLOB sib = { 0 }; BOOL AX = 0; try { char cb[1000] = {0}; sib.pbData = (BYTE*)cb; sib.cbData = 1000; wchar_t* szSubject= L"CN=Certificate"; if (!CertStrToNameW(CRYPT_ASN_ENCODING, szSubject,0,0,sib.pbData,&sib.cbData,NULL)) throw; wchar_t* pszKeyContainerName = L"Container"; if (!CryptAcquireContextW(&hProv,pszKeyContainerName,MS_DEF_PROV_W,PROV_RSA_FULL,CRYPT_NEWKEYSET | CRYPT_MACHINE_KEYSET)) { hr = GetLastError(); if (GetLastError() == NTE_EXISTS) { if (!CryptAcquireContextW(&hProv,pszKeyContainerName,MS_DEF_PROV_W,PROV_RSA_FULL,CRYPT_MACHINE_KEYSET)) { throw; } } else throw; } if (!CryptGenKey(hProv, AT_KEYEXCHANGE, CRYPT_EXPORTABLE, &hKey)) throw; CRYPT_KEY_PROV_INFO kpi = {0}; kpi.pwszContainerName = pszKeyContainerName; kpi.pwszProvName = MS_DEF_PROV_W; kpi.dwProvType = PROV_RSA_FULL; kpi.dwFlags = CERT_SET_KEY_CONTEXT_PROP_ID; kpi.dwKeySpec = AT_KEYEXCHANGE; SYSTEMTIME et; GetSystemTime(&et); et.wYear += 1; CERT_EXTENSIONS exts = {0}; p = CertCreateSelfSignCertificate(hProv,&sib,0,&kpi,NULL,NULL,&et,&exts); AX = CryptFindCertificateKeyProvInfo(p,CRYPT_FIND_MACHINE_KEYSET_FLAG,NULL) ; } catch(...) { } // cleanup. if (hKey) CryptDestroyKey(hKey); hKey = 0; if (hProv) CryptReleaseContext(hProv,0); hProv = 0; // return certificate. return (p); }