Original URL: | https://blogs.msdn.microsoft.com/alejacma/2008/01/31/how-to-import-a-certificate-without-user-interaction-c-c/ |
Post name: | How to import a certificate without user interaction (C++ & C#) |
Original author: | Alejandro Campos Magencio |
Posting date: | 2008-01-31T06:36:00+00:00 |
Hi, welcome back,
Today I'm posting a CryptoAPI sample which uses CryptUIWizImport to import a certificate without any user interaction:
<SAMPLE Language="C++">
CRYPTUI_WIZ_IMPORT_SRC_INFO importSrc; memset(&importSrc, 0, sizeof(CRYPTUI_WIZ_IMPORT_SRC_INFO)); importSrc.dwSize = sizeof(CRYPTUI_WIZ_IMPORT_SRC_INFO); importSrc.dwSubjectChoice = CRYPTUI_WIZ_IMPORT_SUBJECT_FILE; importSrc.pwszFileName = L"C:\\PathToPFX\\cert.pfx"; importSrc.pwszPassword = L"PasswordToDecryptPFX"; importSrc.dwFlags = CRYPT_EXPORTABLE | CRYPT_USER_PROTECTED; if (CryptUIWizImport( CRYPTUI_WIZ_NO_UI, NULL, NULL, &importSrc, NULL ) == 0) { printf("CryptUIWizImport error 0x%x\n", GetLastError()); }
</SAMPLE>
<SAMPLE Language="C#">
using System; using System.Collections.Generic; using System.Text; using System.Runtime.InteropServices; namespace ImportCertNet { class Program { public struct CRYPTUI_WIZ_IMPORT_SRC_INFO { public Int32 dwSize; public Int32 dwSubjectChoice; [MarshalAs(UnmanagedType.LPWStr)]public String pwszFileName; public Int32 dwFlags; [MarshalAs(UnmanagedType.LPWStr)]public String pwszPassword; } [DllImport("CryptUI.dll", CharSet = CharSet.Auto, SetLastError = true)] public static extern Boolean CryptUIWizImport( Int32 dwFlags, IntPtr hwndParent, IntPtr pwszWizardTitle, ref CRYPTUI_WIZ_IMPORT_SRC_INFO pImportSrc, IntPtr hDestCertStore ); public const Int32 CRYPTUI_WIZ_IMPORT_SUBJECT_FILE = 1; public const Int32 CRYPT_EXPORTABLE = 0x00000001; public const Int32 CRYPT_USER_PROTECTED = 0x00000002; public const Int32 CRYPTUI_WIZ_NO_UI = 0x0001; static void Main(string[] args) { CRYPTUI_WIZ_IMPORT_SRC_INFO importSrc = new CRYPTUI_WIZ_IMPORT_SRC_INFO(); importSrc.dwSize = Marshal.SizeOf(importSrc); importSrc.dwSubjectChoice = CRYPTUI_WIZ_IMPORT_SUBJECT_FILE; importSrc.pwszFileName = "C:\\alex.pfx"; importSrc.pwszPassword = "password"; importSrc.dwFlags = CRYPT_EXPORTABLE | CRYPT_USER_PROTECTED; if (!CryptUIWizImport( CRYPTUI_WIZ_NO_UI, IntPtr.Zero, IntPtr.Zero, ref importSrc, IntPtr.Zero )) { Console.WriteLine("CryptUIWizImport error " + Marshal.GetLastWin32Error()); } Console.WriteLine("<< Press any key to continue >>"); Console.ReadKey(); } } }
</SAMPLE>
Note: if you enable High protection mode for the private keys of the certificates via policy, when installing a cert in a machine you will be requested for a password which will be used every time the private key is accessed. When using CryptUIWizImport, a dialog will appear requesting us to enter theHigh protection password, even if we said we don’t want any UI.
I hope this helps.
Cheers,
Alex (Alejandro Campos Magencio)
Comments: