调用cryptlib接口3DES对称加密、信封加密、数字签名等

[cpp]  view plain  copy

 print ?

 #include
 #include
 #include "Base.h" //提供base64转码功能
 using namespace std;
 #include "cryptlib.h"

 int main()
 {
     cryptInit();
         //cryptlib调用前必须执行init，调用完必须执行end
     cryptEnd();

     return 0;
 }
 /**
 *
 *cryptlib产生自签名证书
 *
 **/
 void GenerateKey(){
     int* keyset;
     keyset = (int*)malloc(sizeof(int*)); //密钥库上下文
     int* cryptContext;
     cryptContext = (int*)malloc(sizeof(int*)); //加密上下文
     int* cryptCertificate;
     cryptCertificate = (int*)malloc(sizeof(int*)); //证书上下文
     int status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, "D:\\Private key file.p15", CRYPT_KEYOPT_CREATE);//创建密钥库，（CRYPT_KEYOPT_CREATE）
     status = cryptCreateContext(cryptContext,CRYPT_UNUSED, CRYPT_ALGO_RSA);//RSA算法的密钥上下文
     status = cryptSetAttributeString(*cryptContext, CRYPT_CTXINFO_LABEL, "test1",5);//密钥标签
     status = cryptGenerateKey(*cryptContext);
     status = cryptAddPrivateKey(*keyset, *cryptContext, "1234");//向密钥库添加私钥
     status = cryptCreateCert(cryptCertificate,CRYPT_UNUSED, CRYPT_CERTTYPE_CERTIFICATE);//创建证书
     status = cryptSetAttribute(*cryptCertificate, CRYPT_CERTINFO_XYZZY, 1);//设置为简单证书
     /* Add the public key and certificate owner name and sign the
     certificate with the private key */
     status = cryptSetAttribute(*cryptCertificate, CRYPT_CERTINFO_SUBJECTPUBLICKEYINFO, *cryptContext);//证书公钥绑定
     status = cryptSetAttributeString(*cryptCertificate, CRYPT_CERTINFO_COMMONNAME, "test1",5);//证书CN
     status = cryptSignCert(*cryptCertificate, *cryptContext);//使用私钥自签发证书
     status =  cryptAddPublicKey(*keyset, *cryptCertificate);//向证书添加公钥
     status = cryptDestroyCert(*cryptCertificate);
     status = cryptDestroyContext(*cryptContext);
     status = cryptKeysetClose(*keyset);
 }
 /**
 *
 *从指定密钥库中获取私钥，并签名与验证
 *
 **/
 void signature(){
     /*访问密钥库，获取私钥*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     int* sigKeyContext;
     sigKeyContext = (int*)malloc(sizeof(int*));
     int status = 0;
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, "D:\\Private key file.p15", CRYPT_KEYOPT_READONLY);//读取密钥库，（CRYPT_KEYOPT_READONLY）
     status = cryptGetPrivateKey(*keyset,sigKeyContext, CRYPT_KEYID_NAME, "test1", "1234");//通过标签和保护密钥获取私钥
     CRYPT_CONTEXT  hashContext;

     void *signature;

     int signatureLength;



     status = cryptCreateContext( &hashContext, CRYPT_UNUSED, CRYPT_ALGO_MD5 );//创建hash上下文

     /* 对数据做摘要 */

     status = cryptEncrypt( hashContext, "1234", 4 );

     status = cryptEncrypt( hashContext, "1234", 0 );

     /* 为签名值分配空间 */
     int signatureMaxLength;
     cryptCreateSignature( NULL, 0, &signatureMaxLength, *sigKeyContext, hashContext );

     signature = malloc( signatureMaxLength );

     /*使用私钥对摘要进行签名*/
     status = cryptCreateSignature( signature, signatureMaxLength, &signatureLength, *sigKeyContext, hashContext );


     status = cryptDestroyContext( hashContext );





     /* 创建hash上下文 */

     status = cryptCreateContext( &hashContext, CRYPT_UNUSED, CRYPT_ALGO_MD5 );

     /* 对数据做摘要 */

     status = cryptEncrypt( hashContext, "1234", 4 );

     status = cryptEncrypt( hashContext, "1234", 0 );

     /* 使用公钥验证签名 */

     status = cryptCheckSignature( signature, signatureLength, *sigKeyContext, hashContext );

     status = cryptDestroyContext( hashContext );


 }
 /**
 *
 *导出指定密钥库中的公钥
 *
 **/
 void ExportKey(){
     /*访问密钥库，获取公钥*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     int* sigKeyContext;
     sigKeyContext = (int*)malloc(sizeof(int*));
     int status = 0;
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, "D:\\Private key file.p15", CRYPT_KEYOPT_READONLY);
     status = cryptGetPublicKey(*keyset,sigKeyContext, CRYPT_KEYID_NAME, "test1");//通过标签获取公钥
     CRYPT_CONTEXT pubKeyContext, cryptContext;

     void *encryptedKey;

     int encryptedKeyLength,encryptedKeyMaxLength;
     /* 生成保护密钥 */

     status = cryptCreateContext( &cryptContext, CRYPT_UNUSED, CRYPT_ALGO_3DES );

     status = cryptGenerateKey( cryptContext );
     status = cryptExportKey( NULL, 0, &encryptedKeyMaxLength, *sigKeyContext, cryptContext ); //获取公钥大小

     encryptedKey = malloc( encryptedKeyMaxLength );

     status = cryptExportKey( encryptedKey, encryptedKeyMaxLength, &encryptedKeyLength, *sigKeyContext, cryptContext );//导出公钥

     cout<<(char*) encryptedKey<



 }
 /**
 *
 *3DES对称加密
 *
 **/
 void encrypt(string text,string pwd,string iv,BYTE* result,int* length){
     CRYPT_CONTEXT context;
     int status = cryptCreateContext(&context,CRYPT_UNUSED,CRYPT_ALGO_3DES);
     status  = cryptSetAttributeString(context,CRYPT_CTXINFO_IV,iv.c_str(),iv.size()); //初始向量

     status = cryptSetAttributeString(context,CRYPT_CTXINFO_KEY,pwd.c_str(),pwd.size());//密钥

     int keysize;
     status = cryptGetAttribute(context,CRYPT_CTXINFO_KEYSIZE,&keysize);
     if (text.size() % keysize > 0){
         *length = text.size() + keysize - text.size() % keysize;

     }
     else{
         *length = text.size();

     }
     for(int i =0 ;i
         result[i] = text[i];  //存储到BYTE数组中
     }
     status = cryptEncrypt(context,result,*length);//加密处理
     for(int i = 0 ; i < *length ; i++)
     {
         printf("%x ",result[i]);
     }
     status = cryptDestroyContext(context);
     if(status!=0) cout<<"fail"<
 }
 void decrypt(BYTE* enc , int* length,string pwd,string iv){
     CRYPT_CONTEXT context;
     int status = cryptCreateContext(&context,CRYPT_UNUSED,CRYPT_ALGO_3DES);
     status  = cryptSetAttributeString(context,CRYPT_CTXINFO_IV,iv.c_str(),iv.size());
     status = cryptSetAttributeString(context,CRYPT_CTXINFO_KEY,pwd.c_str(),pwd.size());
     int keysize;
     status = cryptGetAttribute(context,CRYPT_CTXINFO_KEYSIZE,&keysize);
     status  = cryptDecrypt(context,enc,*length);
     status  = cryptDestroyContext(context);
 }
 /**
 *   公钥加密信封,返回base64编码字符串
 */
 string envelop(string text,string keyFile){
     BYTE* message;
     message = new BYTE[text.size()];
     for(int i=0;i
         message[i]=text[i];
     }
     int messageLength = text.size();
     /*访问密钥库，获取公钥*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     int* pubKeyContext;
     pubKeyContext = (int*)malloc(sizeof(int*));
     int status = 0;
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, keyFile.c_str(), CRYPT_KEYOPT_READONLY);
     status = cryptGetPublicKey(*keyset,pubKeyContext, CRYPT_KEYID_NAME, "test1");

     CRYPT_ENVELOPE cryptEnvelope;

     int bytesCopied;

     status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED, CRYPT_FORMAT_CRYPTLIB );

     /* Add the public key */

     status = cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_PUBLICKEY, *pubKeyContext );

     /* Add the data size information and data, wrap up the processing, and pop out the processed data */

     status = cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_DATASIZE, messageLength );

     status = cryptPushData( cryptEnvelope, message, messageLength, &bytesCopied );

     status = cryptFlushData( cryptEnvelope );
     BYTE* envelopedData;
     envelopedData = new BYTE[1000];
     int envelopedDataBufferSize = 1000;
     status = cryptPopData( cryptEnvelope, envelopedData, envelopedDataBufferSize, &bytesCopied );

     status = cryptDestroyEnvelope( cryptEnvelope );
     string base64Result = base64_encode(envelopedData,bytesCopied);
     cout<
     return base64Result;
 }
 string develop(string env,string keyFile){
     BYTE* message;
     string debase = base64_decode(env);
     message = new BYTE[debase.size()];
     for(int i=0;i
         message[i] = debase[i];
     }
     int* privKeyContext;
     privKeyContext = (int*)malloc(sizeof(int*));
     int messageLength = debase.size();
     message[messageLength]='\0';
     CRYPT_ENVELOPE cryptEnvelope;
     int bytesCopied, status;
     /*访问密钥库*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE,keyFile.c_str(), CRYPT_KEYOPT_READONLY);
     status = cryptGetPrivateKey(*keyset,privKeyContext, CRYPT_KEYID_NAME, "test1", "1234");

     status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED, CRYPT_FORMAT_AUTO );

     /* Push in the enveloped data and the private decryption key required to de-envelope it, and pop out the recovered message */

     status = cryptPushData( cryptEnvelope, message, messageLength, &bytesCopied );

     status = cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_PRIVATEKEY, *privKeyContext );

     status = cryptFlushData( cryptEnvelope );
     BYTE* result;
     result = new BYTE[1000];
     int resultLength = 1000;
     status = cryptPopData( cryptEnvelope, result, resultLength, &bytesCopied );

     status = cryptDestroyEnvelope( cryptEnvelope );


     cout<<(char*)result<
     string r  =  string((char*)result);
     return r;
 }
 string exportCert(string keyFile){
     /*访问密钥库，获取公钥*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     int* certContext;
     certContext = (int*)malloc(sizeof(int*));
     int status = 0;
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, keyFile.c_str(), CRYPT_KEYOPT_READONLY);
     status = cryptGetPublicKey(*keyset,certContext, CRYPT_KEYID_NAME, "test1");

     void *certificate;

     int certLength;
     int certMaxLength;
     status = cryptExportCert( NULL, 0, &certMaxLength,CRYPT_CERTFORMAT_CERTIFICATE
         , *certContext );

     /* Allocate memory for the encoded certificate */

     certificate = malloc( certMaxLength );

     /* Export the encoded certificate from the certificate object */

     status = cryptExportCert( certificate, certMaxLength, &certLength, CRYPT_CERTFORMAT_CERTIFICATE
         , *certContext );
     unsigned char* certChar = (unsigned char*)certificate;
     certChar[certLength]='\0';
     string cert_base64 = base64_encode(certChar,certLength);
     return cert_base64;

 }
 void importCert(string cert_base64){
     CRYPT_CERTIFICATE cryptCertificate;
     int status;
     string certStr = base64_decode(cert_base64);
     /* Import the certificate object from the encoded certificate */
     BYTE* cert;
     int certLength = certStr.size();
     cert = new BYTE[certLength];
     for(int i = 0 ; i
         cert[i] = certStr[i];
     }
     cert[certLength]='\0';
     status = cryptImportCert( cert, certLength, CRYPT_UNUSED, &cryptCertificate );


 }

[cpp]  view plain  copy

 print ?

 #include
 #include
 #include "Base.h" //提供base64转码功能
 using namespace std;
 #include "cryptlib.h"

 int main()
 {
     cryptInit();
         //cryptlib调用前必须执行init，调用完必须执行end
     cryptEnd();

     return 0;
 }
 /**
 *
 *cryptlib产生自签名证书
 *
 **/
 void GenerateKey(){
     int* keyset;
     keyset = (int*)malloc(sizeof(int*)); //密钥库上下文
     int* cryptContext;
     cryptContext = (int*)malloc(sizeof(int*)); //加密上下文
     int* cryptCertificate;
     cryptCertificate = (int*)malloc(sizeof(int*)); //证书上下文
     int status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, "D:\\Private key file.p15", CRYPT_KEYOPT_CREATE);//创建密钥库，（CRYPT_KEYOPT_CREATE）
     status = cryptCreateContext(cryptContext,CRYPT_UNUSED, CRYPT_ALGO_RSA);//RSA算法的密钥上下文
     status = cryptSetAttributeString(*cryptContext, CRYPT_CTXINFO_LABEL, "test1",5);//密钥标签
     status = cryptGenerateKey(*cryptContext);
     status = cryptAddPrivateKey(*keyset, *cryptContext, "1234");//向密钥库添加私钥
     status = cryptCreateCert(cryptCertificate,CRYPT_UNUSED, CRYPT_CERTTYPE_CERTIFICATE);//创建证书
     status = cryptSetAttribute(*cryptCertificate, CRYPT_CERTINFO_XYZZY, 1);//设置为简单证书
     /* Add the public key and certificate owner name and sign the
     certificate with the private key */
     status = cryptSetAttribute(*cryptCertificate, CRYPT_CERTINFO_SUBJECTPUBLICKEYINFO, *cryptContext);//证书公钥绑定
     status = cryptSetAttributeString(*cryptCertificate, CRYPT_CERTINFO_COMMONNAME, "test1",5);//证书CN
     status = cryptSignCert(*cryptCertificate, *cryptContext);//使用私钥自签发证书
     status =  cryptAddPublicKey(*keyset, *cryptCertificate);//向证书添加公钥
     status = cryptDestroyCert(*cryptCertificate);
     status = cryptDestroyContext(*cryptContext);
     status = cryptKeysetClose(*keyset);
 }
 /**
 *
 *从指定密钥库中获取私钥，并签名与验证
 *
 **/
 void signature(){
     /*访问密钥库，获取私钥*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     int* sigKeyContext;
     sigKeyContext = (int*)malloc(sizeof(int*));
     int status = 0;
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, "D:\\Private key file.p15", CRYPT_KEYOPT_READONLY);//读取密钥库，（CRYPT_KEYOPT_READONLY）
     status = cryptGetPrivateKey(*keyset,sigKeyContext, CRYPT_KEYID_NAME, "test1", "1234");//通过标签和保护密钥获取私钥
     CRYPT_CONTEXT  hashContext;

     void *signature;

     int signatureLength;



     status = cryptCreateContext( &hashContext, CRYPT_UNUSED, CRYPT_ALGO_MD5 );//创建hash上下文

     /* 对数据做摘要 */

     status = cryptEncrypt( hashContext, "1234", 4 );

     status = cryptEncrypt( hashContext, "1234", 0 );

     /* 为签名值分配空间 */
     int signatureMaxLength;
     cryptCreateSignature( NULL, 0, &signatureMaxLength, *sigKeyContext, hashContext );

     signature = malloc( signatureMaxLength );

     /*使用私钥对摘要进行签名*/
     status = cryptCreateSignature( signature, signatureMaxLength, &signatureLength, *sigKeyContext, hashContext );


     status = cryptDestroyContext( hashContext );





     /* 创建hash上下文 */

     status = cryptCreateContext( &hashContext, CRYPT_UNUSED, CRYPT_ALGO_MD5 );

     /* 对数据做摘要 */

     status = cryptEncrypt( hashContext, "1234", 4 );

     status = cryptEncrypt( hashContext, "1234", 0 );

     /* 使用公钥验证签名 */

     status = cryptCheckSignature( signature, signatureLength, *sigKeyContext, hashContext );

     status = cryptDestroyContext( hashContext );


 }
 /**
 *
 *导出指定密钥库中的公钥
 *
 **/
 void ExportKey(){
     /*访问密钥库，获取公钥*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     int* sigKeyContext;
     sigKeyContext = (int*)malloc(sizeof(int*));
     int status = 0;
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, "D:\\Private key file.p15", CRYPT_KEYOPT_READONLY);
     status = cryptGetPublicKey(*keyset,sigKeyContext, CRYPT_KEYID_NAME, "test1");//通过标签获取公钥
     CRYPT_CONTEXT pubKeyContext, cryptContext;

     void *encryptedKey;

     int encryptedKeyLength,encryptedKeyMaxLength;
     /* 生成保护密钥 */

     status = cryptCreateContext( &cryptContext, CRYPT_UNUSED, CRYPT_ALGO_3DES );

     status = cryptGenerateKey( cryptContext );
     status = cryptExportKey( NULL, 0, &encryptedKeyMaxLength, *sigKeyContext, cryptContext ); //获取公钥大小

     encryptedKey = malloc( encryptedKeyMaxLength );

     status = cryptExportKey( encryptedKey, encryptedKeyMaxLength, &encryptedKeyLength, *sigKeyContext, cryptContext );//导出公钥

     cout<<(char*) encryptedKey<



 }
 /**
 *
 *3DES对称加密
 *
 **/
 void encrypt(string text,string pwd,string iv,BYTE* result,int* length){
     CRYPT_CONTEXT context;
     int status = cryptCreateContext(&context,CRYPT_UNUSED,CRYPT_ALGO_3DES);
     status  = cryptSetAttributeString(context,CRYPT_CTXINFO_IV,iv.c_str(),iv.size()); //初始向量

     status = cryptSetAttributeString(context,CRYPT_CTXINFO_KEY,pwd.c_str(),pwd.size());//密钥

     int keysize;
     status = cryptGetAttribute(context,CRYPT_CTXINFO_KEYSIZE,&keysize);
     if (text.size() % keysize > 0){
         *length = text.size() + keysize - text.size() % keysize;

     }
     else{
         *length = text.size();

     }
     for(int i =0 ;i
         result[i] = text[i];  //存储到BYTE数组中
     }
     status = cryptEncrypt(context,result,*length);//加密处理
     for(int i = 0 ; i < *length ; i++)
     {
         printf("%x ",result[i]);
     }
     status = cryptDestroyContext(context);
     if(status!=0) cout<<"fail"<
 }
 void decrypt(BYTE* enc , int* length,string pwd,string iv){
     CRYPT_CONTEXT context;
     int status = cryptCreateContext(&context,CRYPT_UNUSED,CRYPT_ALGO_3DES);
     status  = cryptSetAttributeString(context,CRYPT_CTXINFO_IV,iv.c_str(),iv.size());
     status = cryptSetAttributeString(context,CRYPT_CTXINFO_KEY,pwd.c_str(),pwd.size());
     int keysize;
     status = cryptGetAttribute(context,CRYPT_CTXINFO_KEYSIZE,&keysize);
     status  = cryptDecrypt(context,enc,*length);
     status  = cryptDestroyContext(context);
 }
 /**
 *   公钥加密信封,返回base64编码字符串
 */
 string envelop(string text,string keyFile){
     BYTE* message;
     message = new BYTE[text.size()];
     for(int i=0;i
         message[i]=text[i];
     }
     int messageLength = text.size();
     /*访问密钥库，获取公钥*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     int* pubKeyContext;
     pubKeyContext = (int*)malloc(sizeof(int*));
     int status = 0;
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, keyFile.c_str(), CRYPT_KEYOPT_READONLY);
     status = cryptGetPublicKey(*keyset,pubKeyContext, CRYPT_KEYID_NAME, "test1");

     CRYPT_ENVELOPE cryptEnvelope;

     int bytesCopied;

     status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED, CRYPT_FORMAT_CRYPTLIB );

     /* Add the public key */

     status = cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_PUBLICKEY, *pubKeyContext );

     /* Add the data size information and data, wrap up the processing, and pop out the processed data */

     status = cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_DATASIZE, messageLength );

     status = cryptPushData( cryptEnvelope, message, messageLength, &bytesCopied );

     status = cryptFlushData( cryptEnvelope );
     BYTE* envelopedData;
     envelopedData = new BYTE[1000];
     int envelopedDataBufferSize = 1000;
     status = cryptPopData( cryptEnvelope, envelopedData, envelopedDataBufferSize, &bytesCopied );

     status = cryptDestroyEnvelope( cryptEnvelope );
     string base64Result = base64_encode(envelopedData,bytesCopied);
     cout<
     return base64Result;
 }
 string develop(string env,string keyFile){
     BYTE* message;
     string debase = base64_decode(env);
     message = new BYTE[debase.size()];
     for(int i=0;i
         message[i] = debase[i];
     }
     int* privKeyContext;
     privKeyContext = (int*)malloc(sizeof(int*));
     int messageLength = debase.size();
     message[messageLength]='\0';
     CRYPT_ENVELOPE cryptEnvelope;
     int bytesCopied, status;
     /*访问密钥库*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE,keyFile.c_str(), CRYPT_KEYOPT_READONLY);
     status = cryptGetPrivateKey(*keyset,privKeyContext, CRYPT_KEYID_NAME, "test1", "1234");

     status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED, CRYPT_FORMAT_AUTO );

     /* Push in the enveloped data and the private decryption key required to de-envelope it, and pop out the recovered message */

     status = cryptPushData( cryptEnvelope, message, messageLength, &bytesCopied );

     status = cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_PRIVATEKEY, *privKeyContext );

     status = cryptFlushData( cryptEnvelope );
     BYTE* result;
     result = new BYTE[1000];
     int resultLength = 1000;
     status = cryptPopData( cryptEnvelope, result, resultLength, &bytesCopied );

     status = cryptDestroyEnvelope( cryptEnvelope );


     cout<<(char*)result<
     string r  =  string((char*)result);
     return r;
 }
 string exportCert(string keyFile){
     /*访问密钥库，获取公钥*/
     int* keyset;
     keyset = (int*)malloc(sizeof(int*));
     int* certContext;
     certContext = (int*)malloc(sizeof(int*));
     int status = 0;
     status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, keyFile.c_str(), CRYPT_KEYOPT_READONLY);
     status = cryptGetPublicKey(*keyset,certContext, CRYPT_KEYID_NAME, "test1");

     void *certificate;

     int certLength;
     int certMaxLength;
     status = cryptExportCert( NULL, 0, &certMaxLength,CRYPT_CERTFORMAT_CERTIFICATE
         , *certContext );

     /* Allocate memory for the encoded certificate */

     certificate = malloc( certMaxLength );

     /* Export the encoded certificate from the certificate object */

     status = cryptExportCert( certificate, certMaxLength, &certLength, CRYPT_CERTFORMAT_CERTIFICATE
         , *certContext );
     unsigned char* certChar = (unsigned char*)certificate;
     certChar[certLength]='\0';
     string cert_base64 = base64_encode(certChar,certLength);
     return cert_base64;

 }
 void importCert(string cert_base64){
     CRYPT_CERTIFICATE cryptCertificate;
     int status;
     string certStr = base64_decode(cert_base64);
     /* Import the certificate object from the encoded certificate */
     BYTE* cert;
     int certLength = certStr.size();
     cert = new BYTE[certLength];
     for(int i = 0 ; i
         cert[i] = certStr[i];
     }
     cert[certLength]='\0';
     status = cryptImportCert( cert, certLength, CRYPT_UNUSED, &cryptCertificate );


 }