Click here to Skip to main content
12,694,691 members (32,555 online)

C / C++ / MFC

 
AnswerRe: calculator Pin
Jibesh15-Feb-13 23:03
memberJibesh15-Feb-13 23:03 
AnswerRe: calculator Pin
ProgramFOX17-Feb-13 5:42
member ProgramFOX17-Feb-13 5:42 
AnswerRe: calculator Pin
庄伟东17-Feb-13 16:30
member庄伟东17-Feb-13 16:30 
QuestionHo to add auto scroll feature on Dialog box? Pin
VCProgrammer15-Feb-13 21:11
groupVCProgrammer15-Feb-13 21:11 
AnswerRe: Ho to add auto scroll feature on Dialog box? Pin
Richard MacCutchan15-Feb-13 23:21
mvpRichard MacCutchan15-Feb-13 23:21 
GeneralRe: Ho to add auto scroll feature on Dialog box? Pin
VCProgrammer17-Feb-13 18:30
groupVCProgrammer17-Feb-13 18:30 
AnswerRe: Ho to add auto scroll feature on Dialog box? Pin
Flaviu217-Feb-13 20:54
memberFlaviu217-Feb-13 20:54 
QuestionClient Certificates in WinHTTP Pin
basementman15-Feb-13 10:27
memberbasementman15-Feb-13 10:27 
I need to send a client certificate with a web request (via SSL). This client cert is just a public key. I am trying to replicate the Request.ClientCertificates.Add(Cert); .NET method using C++/WinHTTP. I am loading the .cer file successfully and setting the CERT_CONTEXT via WinHttpSetOption/WINHTTP_OPTION_CLIENT_CERT_CONTEXT. This call succeeds, but when I call WinHttpSendRequest, it fails with ERROR_WINHTTP_CLIENT_CERT_NO_PRIVATE_KEY (12185).

So, the question is, how do I send a client cert public key to the server, as the ClientCertificates.Add method does in .NET? Code snippet sample below:


BOOL HTTPCallEx::SendHTTPRequest(int iVerb /*=HTTPCALL_GET*/, LPCTSTR cpUID /*=NULL*/, LPCTSTR cpPWD /*=NULL*/)
 {
   WCHAR wcaVerb[16];
   WCHAR wcaResource[1024];
 
  m_dwLastError = 0;
 
  switch (iVerb)
     {
       case HTTPCALL_POST:
         lstrcpyW(wcaVerb,L"POST");
         break;
 
      case HTTPCALL_HEAD:
         lstrcpyW(wcaVerb,L"HEAD");
         break;
         
      case HTTPCALL_PUT:
         lstrcpyW(wcaVerb,L"PUT");
         break;
 
      case HTTPCALL_DELETE:
         lstrcpyW(wcaVerb,L"DELETE");
         break;
 
      case HTTPCALL_OPTIONS:
         lstrcpyW(wcaVerb,L"OPTIONS");
         break;
 
      case HTTPCALL_TRACE:
         lstrcpyW(wcaVerb,L"TRACE");
         break;
       case HTTPCALL_CONNECT:
         lstrcpyW(wcaVerb,L"CONNECT");
         break;
         
      case HTTPCALL_GET:
       default:
         lstrcpyW(wcaVerb,L"GET");
         break;
     }
 
#ifdef UNICODE
   _tcscpy(wcaResource,m_caResource);
 #else
   MultiByteToWideChar(CP_UTF8,0,m_caResource,-1,wcaResource,1024);
 #endif
 
  m_hRequest = WinHttpOpenRequest(m_hConnect,wcaVerb,wcaResource,NULL,WINHTTP_NO_REFERER,WINHTTP_DEFAULT_ACCEPT_TYPES,(m_bSSL ? WINHTTP_FLAG_SECURE : 0));
 
  if (!m_hRequest)
     {
       m_dwLastError = ::GetLastError();
       return FALSE;
     }
 
  if (cpUID && *cpUID)
     {
       WCHAR wcaUID[512];
       WCHAR wcaPWD[512];
       
#ifdef UNICODE
       _tcscpy(wcaUID,cpUID);
 #else
       MultiByteToWideChar(CP_UTF8,0,cpUID,-1,wcaUID,512);
 #endif
 
      if (cpPWD && *cpPWD)
 #ifdef UNICODE
         _tcscpy(wcaPWD,cpPWD);
 #else
         MultiByteToWideChar(CP_UTF8,0,cpPWD,-1,wcaPWD,512);
 #endif
       else
         wcaPWD[0] = 0;
       
      if (!WinHttpSetCredentials(m_hRequest,
                                  WINHTTP_AUTH_TARGET_SERVER,
                                  WINHTTP_AUTH_SCHEME_BASIC,
                                  wcaUID,
                                  wcaPWD,
                                  NULL))
         {
           m_dwLastError = ::GetLastError();
           return FALSE;
         }
     }
     
  if (m_dwRequestTimeout)
     {
       if (!WinHttpSetOption(m_hRequest,WINHTTP_OPTION_RECEIVE_TIMEOUT,&m_dwRequestTimeout,sizeof(m_dwRequestTimeout)))
         {
           m_dwLastError = ::GetLastError();
           return FALSE;
         }
     }
     
  // Set certificate
   if (m_pCertCtxt)
     {
 
      // disable for now, to get  this working...
 
      DWORD dwFlags = SECURITY_FLAG_IGNORE_CERT_CN_INVALID |
                       SECURITY_FLAG_IGNORE_CERT_DATE_INVALID |
                       SECURITY_FLAG_IGNORE_UNKNOWN_CA |
                       SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE;
                       
      WinHttpSetOption(m_hRequest,WINHTTP_OPTION_SECURITY_FLAGS,&dwFlags,sizeof(dwFlags));
 
      if (!WinHttpSetOption(m_hRequest,WINHTTP_OPTION_CLIENT_CERT_CONTEXT,(void *)m_pCertCtxt,sizeof(CERT_CONTEXT)))
         {
           if (m_pCertCtxt)
             m_dwLastError = ::GetLastError();
           else
             m_dwLastError = 50000;
             
          return FALSE;
         }
     }
 

  if (m_oCustomHeaders.GetSize() > 0)
     {
       CString cHeader;
       WCHAR wcaHeaderBuf[2048];
 
      for (int iLup = 0; iLup < m_oCustomHeaders.GetSize(); iLup++)
         {
           cHeader = m_oCustomHeaders.GetAt(iLup);
 
#ifdef UNICODE
           _tcscpy(wcaHeaderBuf,(LPCTSTR)cHeader);
 #else
           MultiByteToWideChar(CP_UTF8,0,(LPCSTR)cHeader,-1,wcaHeaderBuf,2048);
 #endif
           
          WinHttpAddRequestHeaders(m_hRequest,wcaHeaderBuf,lstrlenW(wcaHeaderBuf),WINHTTP_ADDREQ_FLAG_ADD);
         }
     }
 

  DWORD dwContentLength = 0;
   if ((iVerb == HTTPCALL_POST || iVerb == HTTPCALL_PUT) && m_cpPostData)
     {
       if (m_iPostDataLen < 0)
         dwContentLength = (DWORD)strlen(m_cpPostData);
       else
         dwContentLength = (DWORD)m_iPostDataLen;
     }
 
  if (!WinHttpSendRequest(m_hRequest,WINHTTP_NO_ADDITIONAL_HEADERS,NULL,(LPVOID)(m_cpPostData ? m_cpPostData : ""),dwContentLength,dwContentLength,0))
     {
 >>>>> THIS FAILS HERE WITH ERROR_WINHTTP_CLIENT_CERT_NO_PRIVATE_KEY (12185)    
      m_dwLastError = ::GetLastError();
       return FALSE;
     }
 
  if (!WinHttpReceiveResponse(m_hRequest,NULL))
     {
       m_dwLastError = ::GetLastError();
       return FALSE;
     }
 
  TCHAR caBuf[81];
 
  caBuf[0] = 0;
   int iBufSize = sizeof(caBuf)/sizeof(TCHAR);
   if (!GetStandardHeader(WINHTTP_QUERY_STATUS_CODE,caBuf,&iBufSize))
     {
       m_dwLastError = ::GetLastError();
       return FALSE;
     }
 
  m_dwHTTPStatus = _ttol(caBuf);
 
  caBuf[0] = 0;
   iBufSize = sizeof(caBuf)/sizeof(TCHAR);
   if (!GetStandardHeader(WINHTTP_QUERY_CONTENT_LENGTH,caBuf,&iBufSize))  // no content-length is ok, I guess, for chunked transfers...
     m_dwContentLength = 0;
   else
     m_dwContentLength = _ttol(caBuf);
 
  return TRUE;
 }


As usual, this is on a deadline, so any help is greatly appreciated! Certificate loading is shown below:


BOOL LoadCertificate(ApplicationInstance *pAppInst)
 {
   BOOL bRetval = FALSE;
   
  int iThreadCount = (int)pAppInst->m_pLightningServer->m_wNumWorkerThreads;
   TCHAR caCertFilePath[256];
   
  caCertFilePath[0] = 0;
   if (!pAppInst->GetUserTagValue(_T("CertFilePath"),caCertFilePath,sizeof(caCertFilePath)/sizeof(TCHAR)))
     _tcscpy(caCertFilePath,_T("c:\\webapps\\test.cer"));
 

  theApp.m_hStore = CertOpenStore(CERT_STORE_PROV_FILENAME,
                                   X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
                                   NULL,
                                   CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG,
                                   caCertFilePath);
   if (theApp.m_hStore)
     {
       PCCERT_CONTEXT *pCertList = new (PCCERT_CONTEXT[iThreadCount]);
       if (pCertList)
         {
           for (int iCert = 0; iCert < iThreadCount; iCert++)
             pCertList[iCert] = NULL;
           
          pAppInst->SetUserPtr((void *)pCertList);
 /*
           PCCERT_CONTEXT pCertCtxt = CertFindCertificateInStore(theApp.m_hStore,
                                                                 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
                                                                 0,
                                                                 CERT_FIND_ANY,
                                                                 NULL,
                                                                 NULL
                                                                );
 */
  PCCERT_CONTEXT pCertCtxt = CertFindCertificateInStore(theApp.m_hStore,
              X509_ASN_ENCODING,
              0,
              CERT_FIND_SUBJECT_STR,
              (LPVOID)_T("test.myserver.com"), //Subject string in the certificate.
              NULL );
  
           if (pCertCtxt)                        
            {
               pCertList[0] = pCertCtxt;
               for (int iLup = 1; iLup < iThreadCount; iLup++)
                 pCertList[iLup] = CertDuplicateCertificateContext(pCertCtxt);
                 
              bRetval = TRUE;
             }       
          else
             {
               pAppInst->m_pLightningServer->WriteErrorLog(-3,_T("APPINIT: Error Getting CERT_CONTEXT From Store"),caCertFilePath,NULL,FALSE);
             }
         }
       else
         {
           pAppInst->m_pLightningServer->WriteErrorLog(-2,_T("APPINIT: Error MemAlloc CERT_CONTEXT Array"),NULL,NULL,FALSE);
         }
     }
   else
     {
       DWORD dwError = GetLastError();
       TCHAR caErrBuf[1024];
       _stprintf(caErrBuf,_T("APPINIT: Error Opening Cert Store [%d]..."),dwError);
       ::FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM,
                       NULL,
                       dwError,
                       MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), 
                      caErrBuf+_tcslen(caErrBuf),
                       sizeof(caErrBuf)/sizeof(TCHAR)-40,
                       NULL);
       
      pAppInst->m_pLightningServer->WriteErrorLog(-1,caErrBuf,caCertFilePath,NULL,FALSE);
     }
 
  return bRetval;
 }
 

 onwards and upwards... 

QuestionPossible to resolve the question ... in a short time Pin
Haiathem alhmoud15-Feb-13 8:48
memberHaiathem alhmoud15-Feb-13 8:48 
AnswerRe: Possible to resolve the question ... in a short time Pin
jeron115-Feb-13 9:08
memberjeron115-Feb-13 9:08 
AnswerRe: Possible to resolve the question ... in a short time Pin
DavidCrow16-Feb-13 15:56
memberDavidCrow16-Feb-13 15:56 
QuestionWindows 8 Modified Windows API List... Pin
Blake Miller15-Feb-13 8:35
memberBlake Miller15-Feb-13 8:35 
AnswerRe: Windows 8 Modified Windows API List... Pin
Richard MacCutchan15-Feb-13 23:18
mvpRichard MacCutchan15-Feb-13 23:18 
Question_IID_IXMLHTTPRequest linker error Pin
Member 981141114-Feb-13 20:48
memberMember 981141114-Feb-13 20:48 
AnswerRe: _IID_IXMLHTTPRequest linker error Pin
Richard MacCutchan15-Feb-13 0:09
mvpRichard MacCutchan15-Feb-13 0:09 
AnswerRe: _IID_IXMLHTTPRequest linker error Pin
DavidCrow15-Feb-13 6:31
memberDavidCrow15-Feb-13 6:31 
QuestionMCF Pin
FranksLIC14-Feb-13 11:55
groupFranksLIC14-Feb-13 11:55 
AnswerRe: MCF Pin
Jibesh14-Feb-13 12:12
memberJibesh14-Feb-13 12:12 
AnswerRe: MCF Pin
jeron114-Feb-13 13:01
memberjeron114-Feb-13 13:01 
AnswerRe: MCF Pin
Maximilien15-Feb-13 2:20
memberMaximilien15-Feb-13 2:20 
AnswerRe: MCF Pin
SCProrammer15-Feb-13 6:56
memberSCProrammer15-Feb-13 6:56 
QuestionHosting .net window in MFC dialog Pin
Yunaless14-Feb-13 5:06
memberYunaless14-Feb-13 5:06 
QuestionCView::OnDraw - related question Pin
tagopi13-Feb-13 23:29
membertagopi13-Feb-13 23:29 
AnswerRe: CView::OnDraw - related question Pin
Sivaraman Dhamodharan14-Feb-13 0:26
memberSivaraman Dhamodharan14-Feb-13 0:26 
GeneralRe: CView::OnDraw - related question Pin
tagopi14-Feb-13 0:40
membertagopi14-Feb-13 0:40 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.


Advertise | Privacy | Mobile
Web01 | 2.8.170118.1 | Last Updated 18 Jan 2017
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid