Win32::OLE and CAPICOM to find a certificate in certificate store will raise exception

[danielhe99@gmail.com]

Hi,

I am trying to use win32::OLE to access certificate store via CAPICOM.
If certificates in the store meet the searching criteria, the
certificates object
method "find" works, but if no certificate meets the searching
criteria, it will raise
an error message:
OLE exception from "<Unknown Source>": The Data is invalid.

How to solve the problem or catch the exception in Perl script?

Thanks!

===== test case =======
#!c:/Perl/bin/perl.exe -w
#Test store->certificates->Find

use strict;
use Win32::OLE;

# CAPICOM constant definitions
use constant {
# Store Location
#
[url]http://msdn.microsoft.com/library/en-us/security/security/capicom_store_location.asp[/url]
CAPICOM_LOCAL_MACHINE_STORE => 1,
CAPICOM_CURRENT_USER_STORE => 2,
# Store Open Mode
#
[url]http://msdn.microsoft.com/library/en-us/security/security/capicom_store_open_mode.asp[/url]
CAPICOM_STORE_OPEN_READ_ONLY => 0,
# key storage flags
#
[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/certificate_load.asp[/url]
CAPICOM_KEY_STORAGE_DEFAULT => 0,
# The Find method returns a Certificates object that contains all
certificates that
# match the specified search criteria. This method was introduced
in CAPICOM 2.0. see:
#
[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/certificates_find.asp[/url]
CAPICOM_CERTIFICATE_FIND_SHA1_HASH => 0,
};

# Search the certificate with the thumbprint SHA1 in local certificate
store.
my $SHA1 = "0000000049d8650d2515111709ee1b4800000000";

Win32::OLE->Option ('Warn' => 3);

# Create a new Store object, and use it to open the store. See
#
<http://msdn.microsoft.com/library/en-us/security/security/store.asp>.
my $Store = Win32::OLE->new('CAPICOM.Store', sub {$_[0]->Close();})
or die "Oops, cannot start CAPICOM";
$Store->Open (CAPICOM_LOCAL_MACHINE_STORE, 'ROOT',
CAPICOM_STORE_OPEN_READ_ONLY);

# TEST the certificates->find function
# if no certificate is found, this program will hangup after several
tries!
# here 10 tries, should print out 10 times "continue searching..." if
no exception.
for(1...10)
{
$Store->Certificates->Find(CAPICOM_CERTIFICATE_FIND_SHA1_HASH,
$SHA1);
print "continue searching...\n";
}
print "\nCompleted.\n";


# perl version
#
# This is perl, v5.8.8 built for MSWin32-x86-multi-thread
# (with 25 registered patches, see perl -V for more detail)
#
# Copyright 1987-2006, Larry Wall
#
# Binary build 817 [257965] provided by ActiveState
[url]http://www.ActiveState.com[/url]
# Built Mar 20 2006 17:54:25

[harryfmudd [AT] comcast [DOT] net]

[email]danielhe99@gmail.com[/email] wrote:

> Hi,
>
> I am trying to use win32::OLE to access certificate store via CAPICOM.
> If certificates in the store meet the searching criteria, the
> certificates object
> method "find" works, but if no certificate meets the searching
> criteria, it will raise
> an error message:
> OLE exception from "<Unknown Source>": The Data is invalid.
>
> How to solve the problem or catch the exception in Perl script?
>
> Thanks!
>
> ===== test case =======
> #!c:/Perl/bin/perl.exe -w
> #Test store->certificates->Find
>
> use strict;
> use Win32::OLE;
>
> # CAPICOM constant definitions
> use constant {
> # Store Location
> #
> [url]http://msdn.microsoft.com/library/en-us/security/security/capicom_store_location.asp[/url]
> CAPICOM_LOCAL_MACHINE_STORE => 1,
> CAPICOM_CURRENT_USER_STORE => 2,
> # Store Open Mode
> #
> [url]http://msdn.microsoft.com/library/en-us/security/security/capicom_store_open_mode.asp[/url]
> CAPICOM_STORE_OPEN_READ_ONLY => 0,
> # key storage flags
> #
> [url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/certificate_load.asp[/url]
> CAPICOM_KEY_STORAGE_DEFAULT => 0,
> # The Find method returns a Certificates object that contains all
> certificates that
> # match the specified search criteria. This method was introduced
> in CAPICOM 2.0. see:
> #
> [url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/certificates_find.asp[/url]
> CAPICOM_CERTIFICATE_FIND_SHA1_HASH => 0,
> };
>
> # Search the certificate with the thumbprint SHA1 in local certificate
> store.
> my $SHA1 = "0000000049d8650d2515111709ee1b4800000000";
>
> Win32::OLE->Option ('Warn' => 3);
>
> # Create a new Store object, and use it to open the store. See
> #
> <http://msdn.microsoft.com/library/en-us/security/security/store.asp>.
> my $Store = Win32::OLE->new('CAPICOM.Store', sub {$_[0]->Close();})
> or die "Oops, cannot start CAPICOM";
> $Store->Open (CAPICOM_LOCAL_MACHINE_STORE, 'ROOT',
> CAPICOM_STORE_OPEN_READ_ONLY);
>
> # TEST the certificates->find function
> # if no certificate is found, this program will hangup after several
> tries!
> # here 10 tries, should print out 10 times "continue searching..." if
> no exception.
> for(1...10)
> {
> $Store->Certificates->Find(CAPICOM_CERTIFICATE_FIND_SHA1_HASH,
> $SHA1);
> print "continue searching...\n";
> }
> print "\nCompleted.\n";
>
>
> # perl version
> #
> # This is perl, v5.8.8 built for MSWin32-x86-multi-thread
> # (with 25 registered patches, see perl -V for more detail)
> #
> # Copyright 1987-2006, Larry Wall
> #
> # Binary build 817 [257965] provided by ActiveState
> [url]http://www.ActiveState.com[/url]
> # Built Mar 20 2006 17:54:25
>

I'm not sure what catching thrown exceptions has to do with Perl
modules. Have you read the documentation on the 'eval' built-in?

Nit-pick: do you mean the 'Find' function? There does not appear to be
an invocation of 'find' in your code.

Tom Wyant