Sysadmins LV
Vadims Podāns
Vadims Podāns
  • I work at
PKI Solutions
Microsoft Most Valuable Professional: Windows PowerShell
Protected by Copyscape DMCA Takedown Notice Search Tool

Retired Microsoft Blog disclaimer

This directory is a mirror of retired "Decrypt My World" MSDN blog and is provided as is. All posting authorship and copyrights belong to respective authors.

How to import a certificate without user interaction (C++ & C#)

Original URL: https://blogs.msdn.microsoft.com/alejacma/2008/01/31/how-to-import-a-certificate-without-user-interaction-c-c/
Post name: How to import a certificate without user interaction (C++ & C#)
Original author: Alejandro Campos Magencio
Posting date: 2008-01-31T06:36:00+00:00

 

Hi, welcome back,

 

Today I'm posting a CryptoAPI sample which uses CryptUIWizImport to import a certificate without any user interaction:

 

 

<SAMPLE Language="C++">

CRYPTUI_WIZ_IMPORT_SRC_INFO importSrc;

memset(&importSrc, 0, sizeof(CRYPTUI_WIZ_IMPORT_SRC_INFO));

importSrc.dwSize = sizeof(CRYPTUI_WIZ_IMPORT_SRC_INFO);

importSrc.dwSubjectChoice = CRYPTUI_WIZ_IMPORT_SUBJECT_FILE;

importSrc.pwszFileName = L"C:\\PathToPFX\\cert.pfx";

importSrc.pwszPassword = L"PasswordToDecryptPFX";

importSrc.dwFlags = CRYPT_EXPORTABLE | CRYPT_USER_PROTECTED;



if (CryptUIWizImport(

  CRYPTUI_WIZ_NO_UI,

  NULL,

  NULL,

  &importSrc,

NULL

) == 0)

{

  printf("CryptUIWizImport error 0x%x\n", GetLastError());

}
 

</SAMPLE>

 

<SAMPLE Language="C#">

using System;

using System.Collections.Generic;

using System.Text;

using System.Runtime.InteropServices;



namespace ImportCertNet

{

 class Program

 {

 public struct CRYPTUI_WIZ_IMPORT_SRC_INFO

 {

 public Int32 dwSize;

 public Int32 dwSubjectChoice;

 [MarshalAs(UnmanagedType.LPWStr)]public String pwszFileName;

 public Int32 dwFlags;

 [MarshalAs(UnmanagedType.LPWStr)]public String pwszPassword;

 }



 [DllImport("CryptUI.dll", CharSet = CharSet.Auto, SetLastError = true)]

 public static extern Boolean CryptUIWizImport(

 Int32 dwFlags,

 IntPtr hwndParent,

 IntPtr pwszWizardTitle,

 ref CRYPTUI_WIZ_IMPORT_SRC_INFO pImportSrc,

 IntPtr hDestCertStore

 );



 public const Int32 CRYPTUI_WIZ_IMPORT_SUBJECT_FILE = 1;

 public const Int32 CRYPT_EXPORTABLE = 0x00000001;

 public const Int32 CRYPT_USER_PROTECTED = 0x00000002;

 public const Int32 CRYPTUI_WIZ_NO_UI = 0x0001;



 static void Main(string[] args)

 {

  CRYPTUI_WIZ_IMPORT_SRC_INFO importSrc = new CRYPTUI_WIZ_IMPORT_SRC_INFO();

  importSrc.dwSize = Marshal.SizeOf(importSrc);

  importSrc.dwSubjectChoice = CRYPTUI_WIZ_IMPORT_SUBJECT_FILE;

  importSrc.pwszFileName = "C:\\alex.pfx";

  importSrc.pwszPassword = "password";

  importSrc.dwFlags = CRYPT_EXPORTABLE | CRYPT_USER_PROTECTED;



  if (!CryptUIWizImport(

 CRYPTUI_WIZ_NO_UI,

  IntPtr.Zero,

  IntPtr.Zero,

  ref importSrc,

  IntPtr.Zero

  ))

  {

  Console.WriteLine("CryptUIWizImport error " + Marshal.GetLastWin32Error());

  }



  Console.WriteLine("<< Press any key to continue >>");

  Console.ReadKey();

 }

 }

}
 

</SAMPLE>

 

 

Note: if you enable High protection mode for the private keys of the certificates via policy, when installing a cert in a machine you will be requested for a password which will be used every time the private key is accessed. When using CryptUIWizImport, a dialog will appear requesting us to enter theHigh protection password, even if we said we don’t want any UI.

 

I hope this helps.

 

Cheers,

 

 

Alex (Alejandro Campos Magencio)

 

Share this article:

Comments:

Comments are closed.