I'm trying to use CertEnumCertificatesInStore() in the CryptoAPI to iterate through all the root certificates and encode them into PEM files for use with OpenSSL. I've found a few examples of this so it seems to be possible, however, the PCCERT_CONTEXT I get back for each certificate has an invalid pointer for pbCertEncoded and cbCertEncoded (buffer size) is always 0, but I do not feel this should be the case as examples use the encoded buffer to convert the certificate into other formats. Has anyone else run into this issue of getting an empty buffer or can see a step i'm missing?
I've verified I am actually getting the certificates with the CryptUIDlgViewContext() function. I feel like I'm missing something very basic. Basic code below:
HCERTSTORE hStore = CertOpenSystemStore(NULL, L"ROOT");
for ( PCCERT_CONTEXT pCertContext = CertEnumCertificatesInStore(hStore, NULL); pCertContext != NULL; pCertContext = CertEnumCertificatesInStore(hStore, pCertContext) )
{
// This shows the certificates fine
CryptUIDlgViewContext(CERT_STORE_CERTIFICATE_CONTEXT, pCertContext, NULL, NULL, 0, NULL)
// but
// pCertContext->pbCertEncoded is a Bad Ptr and
// pCertContext->cbCertEncoded is always 0
// If i try
TCHAR *OutString = NULL;
DWORD Size = 0;
DWORD lastError;
BOOL success = CryptBinaryToString(pCertContext->pbCertEncoded, pCertContext->cbCertEncoded, CRYPT_STRING_BASE64,OutString, &Size);
if( !success )
{
// I get a invalid parameter error here.
lastError = GetLastError();
}
}
