How to get the CSP name from a certificate containing the private key?

 

I was testing with some code to get the CSP name from a certificate containing the private key. A sample code is shown below:

// GetCSPFromCert.cpp : Defines the entry point for the console application. // #include "stdafx.h" #include <stdio.h> #include <windows.h> #include <wincrypt.h> #pragma comment(lib, "crypt32.lib") #define MY_ENCODING_TYPE  (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING) // Replace the following string with the subject of the signer // certificate. #define SIGNER_NAME L"shmisra" // Your certificate name. void MyHandleError(char *s); void main(int argc, char* argv[]) {     HCRYPTPROV hCryptProv;         // CSP handle     HCERTSTORE hStoreHandle;       // Store handle     PCCERT_CONTEXT pSignerCert;    // Signer certificate     DWORD dwKeySpec; //--------------------------------------------------------------- // Open the My system certificate store.     hStoreHandle = CertOpenStore(         CERT_STORE_PROV_SYSTEM,         0,         NULL,         CERT_SYSTEM_STORE_CURRENT_USER,         L"MY"); if(!hStoreHandle)     {         MyHandleError( "Could not open the MY system store.");     }     printf("Cert name: %s\n", argv[1]); //--------------------------------------------------------------- // Get a pointer to a signer's signature certificate.     pSignerCert = CertFindCertificateInStore(         hStoreHandle,         MY_ENCODING_TYPE,         0,         CERT_FIND_SUBJECT_STR,         SIGNER_NAME,         NULL); if (!pSignerCert)     {         MyHandleError("Cert not found.\n");     } //--------------------------------------------------------------- // Get a handle to a cryptographic provider. if( !(CryptAcquireCertificatePrivateKey(         pSignerCert,         0,         NULL,         &hCryptProv,         &dwKeySpec,         NULL)))     {         MyHandleError("CryptAcquireContext failed");     }     CHAR pszName[1000];     DWORD cbName; //--------------------------------------------------------------- // Read the name of the CSP.     cbName = 1000; if(CryptGetProvParam(         hCryptProv,         PP_NAME,         (BYTE*)pszName,         &cbName,         0))     {         _tprintf(TEXT("CryptGetProvParam succeeded.\n"));         printf("Provider name: %s\n", pszName);     } else     {         MyHandleError("Error reading CSP name.\n");     } //--------------------------------------------------------------- // Read the name of the key container.     cbName = 1000; if(CryptGetProvParam(         hCryptProv,         PP_CONTAINER,         (BYTE*)pszName,         &cbName,         0))     {         _tprintf(TEXT("CryptGetProvParam succeeded.\n"));         printf("Key Container name: %s\n", pszName);     } else     {         MyHandleError("Error reading key container name.\n");     }     CertCloseStore(hStoreHandle, CERT_CLOSE_STORE_FORCE_FLAG);     CryptReleaseContext(hCryptProv, 0); } //------------------------------------------------------------------- //  Define function MyHandleError void MyHandleError(char *s) {     fprintf(stderr,"An error occurred in running the program. \n");     fprintf(stderr,"%s\n",s);     fprintf(stderr,"Error number %x.\n",GetLastError());     fprintf(stderr,"Program terminating. \n");     exit(1); }

A screen shot of my Smart Card logon certificate is shown below:

For logon certificates, they are stored in the certificate store and you can access the key/ certificate using MS-CAPI.

References:

· https://msdn.microsoft.com/en-us/library/aa379885(VS.85).aspx

· https://msdn.microsoft.com/en-us/library/aa380196(VS.85).aspx

-Shamik

Comments

• Anonymous
  March 21, 2012
  thanks a lot for such a nice post.. keep posting.. http://www.webinpk.com

• Anonymous
  January 02, 2015
  That's great post. http://emoneypk.com