0

I am trying to add a crl to my cert store using Win32 api CertAddCRLContextToStore in C#. The below code is not working and failing while trying to parse the crl content to CRL_CONTEXT. Can we do this in any other way? Or am I missing something in my code?

    private const int CERT_STORE_PROV_SYSTEM = 10;
    private const int CERT_SYSTEM_STORE_LOCAL_MACHINE = (2 << 16);

    public const int CERT_QUERY_OBJECT_FILE = 0x00000001;
    public const int CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED = 1 << 8;
    public const int CERT_QUERY_FORMAT_FLAG_BINARY = 1 << 1;
    public const int CERT_STORE_ADD_REPLACE_EXISTING = 1 << 3;

    [DllImport("CRYPT32.DLL", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern IntPtr CertOpenStore(
      int storeProvider,
      int encodingType,
      IntPtr hcryptProv,
      int flags,
      string pvPara);

    [DllImport("CRYPT32.DLL", EntryPoint = "CryptQueryObject", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern bool CryptQueryObject(
        int dwObjectType,
        [MarshalAs(UnmanagedType.LPWStr)] String pvObject,
        int dwExpectedContentTypeFlags,
        int dwExpectedFormatTypeFlags,
        int dwFlags,
        IntPtr pdwMsgAndCertEncodingType,
        IntPtr pdwContentType,
        IntPtr pdwFormatType,
        IntPtr phCertStore,
        IntPtr phMsg,
        ref IntPtr ppvContext);

    [DllImport("crypt32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    private static extern bool CertAddCRLContextToStore(
      IntPtr hCertStore,
      IntPtr pCertContext,
      uint dwAddDisposition,
      IntPtr ppStoreContext);

    IntPtr hLocalCertStore = CertOpenStore(
              CERT_STORE_PROV_SYSTEM,
              0,
              IntPtr.Zero,
              CERT_SYSTEM_STORE_LOCAL_MACHINE,
              "CA");

    IntPtr pvContext = IntPtr.Zero;
    bool queryResult = CryptQueryObject(
            CERT_QUERY_OBJECT_FILE,
            @"sample.crl",
            CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED,
            CERT_QUERY_FORMAT_FLAG_BINARY,
            0,
            IntPtr.Zero,
            IntPtr.Zero,
            IntPtr.Zero,
            IntPtr.Zero,
            IntPtr.Zero,
            ref pvContext
        );

    // FAILS HERE 
    if (!queryResult)
    {
        throw new Exception("CryptQueryObject error #" + Marshal.GetLastWin32Error());
    }

    bool addResult = CertAddCRLContextToStore(
        hLocalCertStore, pvContext, CERT_STORE_ADD_REPLACE_EXISTING, IntPtr.Zero);

    if (!addResult)
    {
        throw new Exception("CryptQueryObject error #" + Marshal.GetLastWin32Error());
    }

The code fails with the error

-2146885623. "Cannot find the requested object"

saravanan
  • 398
  • 4
  • 13
  • I'm sorry I can't reproduce this problem, it may be related to your certificate. You can refer to: [“CryptographicException: Cannot find the requested object” while the certificate file exists](https://stackoverflow.com/questions/32715811/cryptographicexception-cannot-find-the-requested-object-while-the-certificate) and [CryptographicException "Cannot find the requested object."](https://social.msdn.microsoft.com/Forums/silverlight/en-US/44d5549a-c9cd-4360-9e60-42e1efbdf976/cryptographicexception-quotcannot-find-the-requested-objectquot?forum=silverlightnet) – Zeus Jun 03 '21 at 03:00
  • I am not trying for a certificate here. I need to import a CRL file. I used the sample crl file available here https://www.edulib.com/keystores-manager/resources/doc/html/CERTivity/ch04s08.html – saravanan Jun 03 '21 at 05:16
  • I can't reproduce the error. This may be related to the file you imported. Have you tried other files to test the API? – Zeus Jun 03 '21 at 09:19

0 Answers0