Hello! I need to perform OPM communication. I asked a question here but get no response. Being an MSDN subscriber, I ask the question here hoping to get a feedback. The main problem I am having right now is extracting public key from the leaf certificate in the OPM chain, implementation of function GetPublicKeyFromCertificate from an example: // Get the public key from the certificate. (Not shown.) hr = GetPublicKeyFromCertificate( pbCertificate, cbCertificate, &pKey ); I try to do it with CryptDecodeObject, but it says ASN1 tag is bad in SubjectPublicKeyInfo of CERT_INFO structure: // Need to verify certificates signatures // This loop starts on the root certificate and goes to the leaf DWORD chain_size = opm_chain_context_ptr->rgpChain[0]->cElement; PCERT_PUBLIC_KEY_INFO signer_public_key = &opm_chain_context_ptr->rgpChain[0]->rgpElement[0/*leaf*/]->pCertContext->pCertInfo->SubjectPublicKeyInfo; // Get Public key from certificate DWORD pubkey_decoded_size; BYTE *pubkey_decoded = NULL; BOOL crypt_decode_res = FALSE; PCERT_PUBLIC_KEY_INFO pubkey = signer_public_key; DWORD pubkey_len = sizeof(CERT_PUBLIC_KEY_INFO); crypt_decode_res = CryptDecodeObject(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, X509_PUBLIC_KEY_INFO, (BYTE*) pubkey, pubkey_len, CRYPT_DECODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG, NULL, &pubkey_decoded_size); if (!crypt_decode_res) { HRESULT decode_hr = __HRESULT_FROM_WIN32(GetLastError()); return decode_hr; } pubkey_decoded = reinterpret_cast<BYTE*>(malloc(pubkey_decoded_size)); crypt_decode_res = CryptDecodeObject(X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, (BYTE*) pubkey, pubkey_len, 0, pubkey_decoded, &pubkey_decoded_size); if (!crypt_decode_res) { HRESULT decode_hr = __HRESULT_FROM_WIN32(GetLastError()); return decode_hr; } DWORD decoded_key_size; crypt_decode_res = CryptDecodeObject(X509_ASN_ENCODING, RSA_CSP_PUBLICKEYBLOB, ((CERT_PUBLIC_KEY_INFO*) pubkey_decoded)->PublicKey.pbData, ((CERT_PUBLIC_KEY_INFO*) pubkey_decoded)->PublicKey.cbData, 0, NULL, &decoded_key_size); if (!crypt_decode_res) { HRESULT decode_hr = __HRESULT_FROM_WIN32(GetLastError()); return decode_hr; } struct RSAPublicKey1024 { PUBLICKEYSTRUC publickeystruc; RSAPUBKEY rsapubkey; BYTE modulus[1024/8]; }; assert(decoded_key_size == sizeof(RSAPublicKey1024)); RSAPublicKey1024 rsa_pub_key; crypt_decode_res = CryptDecodeObject(X509_ASN_ENCODING, RSA_CSP_PUBLICKEYBLOB, ((CERT_PUBLIC_KEY_INFO*) pubkey_decoded)->PublicKey.pbData, ((CERT_PUBLIC_KEY_INFO*) pubkey_decoded)->PublicKey.cbData, 0, reinterpret_cast<BYTE*>(&rsa_pub_key), &decoded_key_size); if (!crypt_decode_res) { HRESULT decode_hr = __HRESULT_FROM_WIN32(GetLastError()); return decode_hr; } How can I extract public key for ImportRsaPublicKey function? It seems I need to extract these elements: struct RSAPublicKey1024 { PUBLICKEYSTRUC publickeystruc; RSAPUBKEY rsapubkey; BYTE modulus[1024/8]; };

Hi, This is the TechNet Forum for questions regarding Window 7 security which mainly focus on security issues in Windows 7. For better assistance please ask for help in the MSDN Forums: http://social.msdn.microsoft.com/Forums/en-US/categories Since you are a subscriber MSDN, If you don't get an answer from the community in select MSDN Forums, Microsoft engineers will answer it within two business days. Thanks for understanding Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, I asked the question in the MSDN forums (here and here) following your advice. 8 days have passed, but I still got no response! Could you please ask the appropriate people to take a look and suggest something on the issues described there. Maybe you could give someone's contacts who can consult me? Thank you very much!

Hi, Sorry for the delay! I see the thread http://social.msdn.microsoft.com/Forums/en-US/windowsdirectshowdevelopment/thread/b6ad4310-724e-4e20-aac2-4f57f06215eb had been replied. Hope your problem has been solved. Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, Fortuatelly I've found myself the place where I was wrong: just wrong data was passed to CryptDecodeObject. Though I posted a question in about 5 places here, nothing helpfull replyed. :) Anyway, thanks for your help.