X509 CertExtensions inside CertMgr MMC Snap In

Question

5.00/5 (1 vote)

See more:

I'm in the process of creating a bunch of attribute certificates, using custom X509 extensions, that all works; this is just the background

When those certificates are displayed in the MMC Certificate Snapin, the OID's of my attributes aren't registered, so under the Certificate Details tab, my extensions are displayed as OID numbers and binary data - ugly

Anyone now how I go about registering a custom OID parser for the MMC snapin please?

Posted 29-Aug-11 18:14pm

barneyman

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

cariolihome · Accepted Answer · 2011-08-30T10:24:00

Solution 1

Try to extend functionality of CryptDecodeObject function (http://msdn.microsoft.com/en-us/library/aa379871(v=vs.85).aspx[^]).
For this You have to register custom OID decoding function in registry key
HKLM\Software\Microsoft\Cryptography\OID\EncodingType1\CryptDllDecodeObject\YourOID

Posted 30-Aug-11 10:24am

cariolihome

Comments

barneyman 30-Aug-11 20:15pm

thank you very much - I was stumbling towards there :)

I'll post up what I had to do in full when I've got it working

barneyman 30-Aug-11 21:11pm

Results:

To have the OID string (1.3.6.1.4.1..) replaced by the 'friendly name' of the extension, make a call to CryptRegisterOIDInfo()
This will add to HKLM\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptDLLFindOIDInfo

Caveat here, making this call in a 32bit app under a 64OS will make the mods to WOW6432node, which the cert snapin (being native 64bit) won't find

To format the extension data within the Certificate Details tab, use the CryptRegisterOIDFunction function, with the CRYPT_OID_FORMAT_OBJECT_FUNC flag

Export the named function from a DLL, using a DEF file, and WINAPI fn modifier - it shares the same signature as CryptFormatObject; it expects wide strings

To test/debug simply call CryptFormatObject on your own OID, crypt.dll will defer to your registered function

cariolihome 31-Aug-11 3:19am

Thanks for the detailed description :)