CertCreateCertificateContext

The CertCreateCertificateContext function creates a certificate context from an encoded certificate. The created context is not put into a certificate store. It makes a copy of the encoded certificate within the created context.

#include <wincrypt.h>
PCCERT_CONTEXT WINAPI CertCreateCertificateContext(
  DWORD dwCertEncodingType,                // in
  const BYTE *pbCertEncoded,               // in
  DWORD cbCertEncoded                      // in
);

Parameters

dwCertEncodingType
The type of encoding used on the certificate. Currently defined certificate encoding types are shown in the following table:
Encoding type Value
X509_ASN_ENCODING 0x00000001

pbCertEncoded
A pointer to the encoded certificate from which the context is to be created.
cbCertEncoded
The size, in bytes, of the encoded certificate.

Return Values

If unable to decode and create the certificate context, NULL is returned. Otherwise, a pointer to a read-only CERT_CONTEXT is returned.

Call GetLastError to see the reason for any failures. This function has the following error codes:

Error code Description
E_INVALIDARG Invalid certificate encoding type. Currently only X509_ASN_ENCODING is supported.
CRYPT_E_OSS_ERROR ASN.1 decoding error. Note, to get the OSS error subtract CRYPT_E_OSS_ERROR from the returned error and see asn1code.h for details on the error.

Remarks

The CERT_CONTEXT must be freed by calling CertFreeCertificateContext. CertDuplicateCertificateContext can be called to make a duplicate. CertSetCertificateContextProperty and CertGetCertificateContextProperty can be called to store and read properties for the certificate.

Example

// handle_error() is a function defined in a separate file.
HCERTSTORE      hStoreHandle;
PCCERT_CONTEXT  pDesiredCert = NULL;
PCCERT_CONTEXT  pCertContext = NULL; 

// Open a system store to get a certificate.
if(hStoreHandle = CertOpenSystemStore(0,"MY")))
printf("System store open. Continue.\n");
else
handle_error("The store was not opened.");
// Find the first certificate in the system store.
if(pDesiredCert= CertEnumCertificatesInStore(
hStoreHandle,pDesiredCert))
printf("A certificate has been retrieved. Continue.\n");
else
handle_error("No certificate retrieved. The store may be empty.");
if(pCertContext = CertCreateCertificateContext(
   X509_ASN_ENCODING,             // The encoding type.
   pDesiredCert->pbCertEncoded,   // The encoded data from
                                  // the certificate retrieved.
pDesiredCert->cbCertEncoded))  // The length of the encoded data.
printf("A new certificate as been created. Continue. \n");
else
handle_error("A new certificate could not be created.");
// The function succeeded. The new certificate context was created
// and is pointed to by pCertContext.
// Use the certificate context as necessary.
// Free memory.
CertFreeCertificateContext(pCertContext);
printf("The program ran to completion. \n");

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
  Windows: Requires Windows 95 OSR2 or later.
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.

See Also

CertCreateCRLContext, CertCreateCTLContext