CPKIFCAPITrustStore2 Class Reference
#include <PKIFCAPITrustStore2.h>
Detailed Description
The CPKIFCAPITrustStore2 class can be used to retrieve trust anchors from a Microsoft CAPI certificate store. It implements one PKI-related interface: IPKIFTrustCache. Each instance of this class is associated with a specific Microsoft CAPI certificate store. The constructor takes two parameters that are used to specify which certificate store is associated with an instance of this class. The default constructor parameters are:
CERT_SYSTEM_STORE_CURRENT_USER
"Root"
These parameters are passed to the Windows CertOpenStore function upon initialization. Consult Microsoft MSDN documentation for details on various options that may be used to target an alternative certificate store. Typically, this class is not used directly by applications and is primarily intended for as a colleague associated with a cache mediator used by the path builder.TSP-enforcing: No
Definition at line 40 of file PKIFCAPITrustStore2.h.
Public Member Functions | |
| CPKIFCAPITrustStore2 (int sysStoRegLoc=CERT_SYSTEM_STORE_CURRENT_USER, const char *store=g_defCACCAPITrustStore) | |
| virtual | ~CPKIFCAPITrustStore2 (void) |
| void | Initialize (void) |
| bool | GetTrustRoots (const CPKIFNamePtr &subDN, IPKIFTrustAnchorList &root) |
| void | FindCertificates (IPKIFSearchCriteria *searchCriteria, CPKIFCertificateList &certList, PKIInfoSource source=ALL) |
Constructor & Destructor Documentation
| CPKIFCAPITrustStore2::CPKIFCAPITrustStore2 | ( | int | sysStoRegLoc = CERT_SYSTEM_STORE_CURRENT_USER, |
|
| const char * | store = g_defCACCAPITrustStore | |||
| ) |
Interface: External
This function creates and initializes CPKIFCAPITrustStore2 objects. The parameters determine which certificate store is associated with an instance of CPKIFCAPITrustStore2. The default certificate store is the "Root" store associated with the current Windows user. For Windows services using PKIF, the sysStoRegLoc parameter should be set to CERT_SYSTEM_STORE_LOCAL_MACHINE and the store parameter can be left to the default value. Consult Microsoft MSDN documentation for details on various options that may be used to target an alternative certificate store.
This function does not attempt to open the certificate store identified by the parameters. An attempt to open the store will be made when the Initialize function is called, which occurs when an instance of CPKIFCAPITrustStore2 is passed to the AddColleague function of a mediator class (presumably the CPKIFCacheMediator2 class).
- Returns:
- None
- Parameters:
-
sysStoRegLoc [in] An integer indicating which certificate store is associated with an instance of CPKIFCAPITrustRootCRLRepository2. store [in] An NULL terminated string indicating which certificate store is associated with an instance of CPKIFCAPITrustRootCRLRepository2.
Definition at line 65 of file PKIFCAPITrustStore2.cpp.
References LOG_STRING_DEBUG, and TOOLKIT_SR_CAPITRUSTSTORE.
| CPKIFCAPITrustStore2::~CPKIFCAPITrustStore2 | ( | void | ) | [virtual] |
Interface: External
This function destroys CPKIFCAPITrustStore2 objects
- Returns:
- None
Definition at line 94 of file PKIFCAPITrustStore2.cpp.
References LOG_STRING_DEBUG, and TOOLKIT_SR_CAPITRUSTSTORE.
Member Function Documentation
| void CPKIFCAPITrustStore2::Initialize | ( | void | ) | [virtual] |
Interface: External
This function initializes an instance for use in a collection of IPKIFColleague objects held by a mediator. Initialization includes attempting to open the certificate store specified by the constructor parameters. If the store cannot be opened an exception indicating CACHE_CERT_STORE_OPEN_FAILED will be raised. This function may generate an exception containing the following error code CACHE_CERT_STORE_OPEN_FAILED.
- Returns:
- None
- Exceptions:
-
CPKIFCacheException(CACHE_CERT_STORE_OPEN_FAILED)
Reimplemented from IPKIFColleague.
Definition at line 122 of file PKIFCAPITrustStore2.cpp.
References CACHE_CERT_STORE_OPEN_FAILED, COMMON_ALREADY_INITIALIZED, LOG_STRING_DEBUG, LOG_STRING_WARN, RAISE_CACHE_EXCEPTION, and TOOLKIT_SR_CAPITRUSTSTORE.
| bool CPKIFCAPITrustStore2::GetTrustRoots | ( | const CPKIFNamePtr & | subDN, | |
| IPKIFTrustAnchorList & | rootList | |||
| ) | [virtual] |
Interface: External
This function appends pointers to trust roots that are issued to subDN to rootList. This function will search the trust anchor store identified by the parameters passed to the constructor.
- Returns:
- True if at least one trust anchor was found matching the specific distinguished name; false if no trust anchors were found.
- Exceptions:
-
CPKIFCacheException(COMMON_NOT_INITIALIZED)
Implements IPKIFTrustCache.
Definition at line 153 of file PKIFCAPITrustStore2.cpp.
References CACHE_PARSE_ERROR, COMMON_NOT_INITIALIZED, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, LOG_STRING_ERROR, LOG_STRING_INFO, RAISE_CACHE_EXCEPTION, GottaMatch< T >::SetRHS(), and TOOLKIT_SR_CAPITRUSTSTORE.
| void CPKIFCAPITrustStore2::FindCertificates | ( | IPKIFSearchCriteria * | searchCriteria, | |
| CPKIFCertificateList & | certList, | |||
| PKIInfoSource | source = ALL | |||
| ) | [virtual] |
- Parameters:
-
searchCriteria [in] Pointer to a searchCriteria interface certList [out] List of certificates that match the specified search criteria source [in] PKIInfoSource value indicating the locations to search
Implements IPKIFCertSearch.
Definition at line 276 of file PKIFCAPITrustStore2.cpp.
References ALLCERTS, atob(), CACHE_PARSE_ERROR, COMMON_INVALID_INPUT, CPKIFIssuerNameAndSerialNumberBasedSearch::GetIssuerName(), CPKIFKeyIDBasedSearch::GetKeyID(), IPKIFSearchCriteria::GetSearchType(), CPKIFIssuerNameAndSerialNumberBasedSearch::GetSerialNumber(), CPKIFNameBasedSearch::GetStringName(), ISSUERNAME, ISSUERSERIAL, KEYID, LOG_STRING_DEBUG, LOG_STRING_ERROR, PKIFDelete(), PKIFENUMS::REMOTE, ReverseBytes(), GottaMatch< T >::SetRHS(), StrToName(), SUBJECTNAME, and TOOLKIT_SR_CAPIUSERREPOSITORY.
The documentation for this class was generated from the following files:
