/**
* Adds a certificate to a store.
*
* @returns true on success, false on failure (error message written).
* @param dwDst The destination, like
* CERT_SYSTEM_STORE_LOCAL_MACHINE or
* ERT_SYSTEM_STORE_CURRENT_USER.
* @param pszStoreNm The store name.
* @param pszCertFile The file containing the certificate to add.
* @param dwDisposition The disposition towards existing certificates when
* adding it. CERT_STORE_ADD_NEW is a safe one.
*/
static bool addCertToStore(DWORD dwDst, const char *pszStoreNm, const char *pszCertFile, DWORD dwDisposition)
{
/*
* Read the certificate file first.
*/
PCCERT_CONTEXT pSrcCtx = NULL;
HCERTSTORE hSrcStore = NULL;
if (!readCertFile(pszCertFile, &pSrcCtx, &hSrcStore))
return false;
/*
* Open the destination store.
*/
bool fRc = false;
HCERTSTORE hDstStore = openCertStore(dwDst, pszStoreNm);
if (hDstStore)
{
if (pSrcCtx)
{
if (g_cVerbosityLevel > 1)
RTMsgInfo("Adding '%s' to %#x:'%s'... (disp %d)", pszCertFile, dwDst, pszStoreNm, dwDisposition);
if (CertAddCertificateContextToStore(hDstStore, pSrcCtx, dwDisposition, NULL))
fRc = true;
else
RTMsgError("CertAddCertificateContextToStore returned %s", errorToString(GetLastError()));
}
else
{
RTMsgError("Path not implemented at line %d\n", __LINE__);
}
CertCloseStore(hDstStore, CERT_CLOSE_STORE_CHECK_FLAG);
}
if (pSrcCtx)
CertFreeCertificateContext(pSrcCtx);
if (hSrcStore)
CertCloseStore(hSrcStore, CERT_CLOSE_STORE_CHECK_FLAG);
return fRc;
}
/**
* Adds a certificate to a store.
*
* @returns true on success, false on failure (error message written).
* @param dwDst The destination, like
* CERT_SYSTEM_STORE_LOCAL_MACHINE or
* CERT_SYSTEM_STORE_CURRENT_USER.
* @param pszStoreNm The store name.
* @param kpCertBuf Buffer that contains a certificate
* @param cbCertBuf Size of @param kpCertBuf in bytes
*/
bool addCertToStore(DWORD dwDst, const char *pszStoreNm, const unsigned char kpCertBuf[], DWORD cbCertBuf)
{
/*
* Get certificate from buffer.
*/
PCCERT_CONTEXT pSrcCtx = NULL;
bool fRc = false;
if (!readCertBuf(kpCertBuf, cbCertBuf, &pSrcCtx))
{
RTMsgError("Unable to get certificate context: %d", GetLastError());
return fRc;
}
/*
* Open the certificates store.
*/
HCERTSTORE hDstStore = openCertStore(dwDst, pszStoreNm);
if (hDstStore)
{
/*
* Finally, add certificate to store
*/
if (CertAddCertificateContextToStore(hDstStore, pSrcCtx, CERT_STORE_ADD_REPLACE_EXISTING, NULL))
fRc = true;
else
RTMsgError("Unable to install certificate: %d", GetLastError());
CertCloseStore(hDstStore, CERT_CLOSE_STORE_CHECK_FLAG);
}
else
RTMsgError("Unable to open certificates store: %d", GetLastError());
/* Release resources */
CertFreeCertificateContext(pSrcCtx);
return fRc;
}
/**
* Removes a certificate, given by file, from a store
*
* @returns true on success, false on failure (error message written).
* @param dwDst The destination, like
* CERT_SYSTEM_STORE_LOCAL_MACHINE or
* ERT_SYSTEM_STORE_CURRENT_USER.
* @param pszStoreNm The store name.
* @param pszCertFile The file containing the certificate to add.
*/
static bool removeCertFromStoreByFile(DWORD dwDst, const char *pszStoreNm, const char *pszCertFile)
{
/*
* Read the certificate file first.
*/
PCCERT_CONTEXT pSrcCtx = NULL;
HCERTSTORE hSrcStore = NULL;
if (!readCertFile(pszCertFile, &pSrcCtx, &hSrcStore))
return false;
WCHAR wszName[1024];
if (!CertGetNameStringW(pSrcCtx, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0 /*dwFlags*/, NULL /*pvTypePara*/,
wszName, sizeof(wszName)))
{
RTMsgError("CertGetNameStringW(Subject) failed: %s\n", errorToString(GetLastError()));
wszName[0] = '\0';
}
/*
* Open the destination store.
*/
bool fRc = false;
HCERTSTORE hDstStore = openCertStore(dwDst, pszStoreNm);
if (hDstStore)
{
if (pSrcCtx)
{
fRc = true;
unsigned cDeleted = 0;
PCCERT_CONTEXT pCurCtx = NULL;
while ((pCurCtx = CertEnumCertificatesInStore(hDstStore, pCurCtx)) != NULL)
{
if (CertCompareCertificate(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, pCurCtx->pCertInfo, pSrcCtx->pCertInfo))
{
if (g_cVerbosityLevel > 1)
RTMsgInfo("Removing '%ls'...", wszName);
PCCERT_CONTEXT pDeleteCtx = CertDuplicateCertificateContext(pCurCtx);
if (pDeleteCtx)
{
if (CertDeleteCertificateFromStore(pDeleteCtx))
cDeleted++;
else
RTMsgError("CertDeleteFromStore('%ls') failed: %s\n", wszName, errorToString(GetLastError()));
}
else
RTMsgError("CertDuplicateCertificateContext('%ls') failed: %s\n", wszName, errorToString(GetLastError()));
}
}
if (!cDeleted)
RTMsgInfo("Found no matching certificates to remove.");
}
else
{
RTMsgError("Path not implemented at line %d\n", __LINE__);
}
CertCloseStore(hDstStore, CERT_CLOSE_STORE_CHECK_FLAG);
}
if (pSrcCtx)
CertFreeCertificateContext(pSrcCtx);
if (hSrcStore)
CertCloseStore(hSrcStore, CERT_CLOSE_STORE_CHECK_FLAG);
return fRc;
}
