PFXImportCertStore
A version of this page is also available for
4/8/2010
This function imports a Personal Information Exchange (PFX) BLOB and returns the handle of a store containing certificates and any associated private keys.
PFX format is also known as Public-Key Cryptography Standards #12 (PKCS #12) format.
Syntax
HCERTSTORE WINAPI PFXImportCertStore(
CRYPT_DATA_BLOB* pPFX,
LPCWSTR szPassword,
DWORD dwFlags
);
Parameters
- pPFX
[in] Pointer to a CRYPT_DATA_BLOB structure containing a PFX packet with the exported and encrypted certificates and keys.
- szPassword
[in] String password used to decrypt and verify the PFX packet. This password must be exactly the same as the password that was used to encrypt the packet.
dwFlags
[in] Flag values can be set to the following.Flag value Description CRYPT_EXPORTABLE
Imported keys are marked as exportable If this flag is not used, calls to CryptExportKey with the key handle fail.
CRYPT_USER_PROTECTED
The user is to be notified through a dialog box or another method when certain actions are attempting to use this key. The precise behavior is specified by the Cryptographic Service Provider (CSP) that is being used. If the provider context was opened with the CRYPT_SILENT flag set, using this flag causes a failure and the last error is set to NTE_SILENT_CONTEXT.
CRYPT_MACHINE_KEYSET
The private keys are stored under local machine and not the current user.
CRYPT_USER_KEYSET
The private keys are stored under the current user and not the local machine even if the PFX BLOB specifies that they should go into local machine.
Return Value
If successful, this function returns the handle to a certificate store that contains the imported certificates, including available private keys. If the password parameter does not contain an exact match with the password used to encrypt the exported packet, or if there were any other problems decoding the PFX BLOB, the function returns NULL and an error code can be found by calling the GetLastError function.
The returned value HCERTSTORE is a temporary memory store that should be freed using CertCloseStore.
Remarks
When you have finished using szPassword, clear the password from memory by calling the SecureZeroMemory function.
Requirements
Header | wincrypt.h |
Library | crypt32.lib |
Windows Embedded CE | Windows CE 5.0 and later |
Windows Mobile | Windows Mobile Version 5.0 and later |