RubyGems - win32-certstore - Versions diffs - 0.1.0 → 0.1.3 - Mend

win32-certstore 0.1.0 → 0.1.3

Files changed (12) hide show

checksums.yaml +5 -5
data/README.md +228 -225
data/lib/win32/certstore.rb +1 -1
data/lib/win32/certstore/mixin/assertions.rb +90 -90
data/lib/win32/certstore/mixin/crypto.rb +203 -203
data/lib/win32/certstore/mixin/helper.rb +50 -50
data/lib/win32/certstore/mixin/shell_out.rb +105 -104
data/lib/win32/certstore/mixin/string.rb +71 -71
data/lib/win32/certstore/mixin/unicode.rb +50 -50
data/lib/win32/certstore/store_base.rb +215 -214
data/lib/win32/certstore/version.rb +6 -6
metadata +3 -3

@@ -118,7 +118,7 @@ module Win32
     end
     def self.finalize(certstore_handler)
-      proc { puts "DESTROY OBJECT #{certstore_handler}" }
+      proc { "#{certstore_handler}" }
     end
     # To close all open certificate store at the end

data/lib/win32/certstore/mixin/assertions.rb CHANGED

@@ -1,90 +1,90 @@
-#
-# Author:: Piyush Awasthi (<piyush.awasthi@msystechnologies.com>)
-# Copyright:: Copyright (c) 2017 Chef Software, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-require "openssl"
-module Win32
-  class Certstore
-    module Mixin
-      module Assertions
-        # Validate certificate store name
-        def validate_store(store_name)
-          unless valid_store_name.include?(store_name&.upcase)
-            raise ArgumentError, "Invalid Certificate Store."
-          end
-        end
-        # Validate certificate type
-        def validate_certificate(cert_file_path)
-          unless !cert_file_path.nil? && File.extname(cert_file_path) =~ /.cer|.crt|.pfx|.der/
-            raise ArgumentError, "Invalid Certificate format."
-          end
-        end
-        # Validate certificate Object
-        def validate_certificate_obj(cert_obj)
-          unless cert_obj.class == OpenSSL::X509::Certificate
-            raise ArgumentError, "Invalid Certificate object."
-          end
-        end
-        # Validate thumbprint
-        def validate_thumbprint(cert_thumbprint)
-          if cert_thumbprint.nil? || cert_thumbprint.strip.empty?
-            raise ArgumentError, "Invalid certificate thumbprint."
-          end
-        end
-        # Validate certificate name not nil/empty
-        def validate!(token)
-          raise ArgumentError, "Invalid search token" if !token || token.strip.empty?
-        end
-        # Common System call errors
-        def lookup_error(failed_operation = nil)
-          error_no = FFI::LastError.error
-          case error_no
-          when 1223
-            raise SystemCallError.new("The operation was canceled by the user", error_no)
-          when -2146885628
-            raise SystemCallError.new("Cannot find object or property", error_no)
-          when -2146885629
-            raise SystemCallError.new("An error occurred while reading or writing to a file.", error_no)
-          when -2146881269
-            raise SystemCallError.new("ASN1 bad tag value met. -- Is the certificate in DER format?", error_no)
-          when -2146881278
-            raise SystemCallError.new("ASN1 unexpected end of data.", error_no)
-          when -2147024891
-            raise SystemCallError.new("System.UnauthorizedAccessException, Access denied..", error_no)
-          else
-            raise SystemCallError.new("Unable to #{failed_operation} certificate.", error_no)
-          end
-        end
-        private
-        # These Are Valid certificate store name
-        # CA -> Certification authority certificates.
-        # MY -> A certificate store that holds certificates with associated private keys.
-        # ROOT -> Root certificates.
-        # SPC -> Software Publisher Certificate.
-        def valid_store_name
-          %w{MY CA ROOT SPC}
-        end
-      end
-    end
-  end
-end
+#
+# Author:: Piyush Awasthi (<piyush.awasthi@msystechnologies.com>)
+# Copyright:: Copyright (c) 2017 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require "openssl"
+module Win32
+  class Certstore
+    module Mixin
+      module Assertions
+        # Validate certificate store name
+        def validate_store(store_name)
+          unless valid_store_name.include?(store_name.to_s.upcase)
+            raise ArgumentError, "Invalid Certificate Store."
+          end
+        end
+        # Validate certificate type
+        def validate_certificate(cert_file_path)
+          unless !cert_file_path.nil? && File.extname(cert_file_path) =~ /.cer|.crt|.pfx|.der/
+            raise ArgumentError, "Invalid Certificate format."
+          end
+        end
+        # Validate certificate Object
+        def validate_certificate_obj(cert_obj)
+          unless cert_obj.class == OpenSSL::X509::Certificate
+            raise ArgumentError, "Invalid Certificate object."
+          end
+        end
+        # Validate thumbprint
+        def validate_thumbprint(cert_thumbprint)
+          if cert_thumbprint.nil? || cert_thumbprint.strip.empty?
+            raise ArgumentError, "Invalid certificate thumbprint."
+          end
+        end
+        # Validate certificate name not nil/empty
+        def validate!(token)
+          raise ArgumentError, "Invalid search token" if !token || token.strip.empty?
+        end
+        # Common System call errors
+        def lookup_error(failed_operation = nil)
+          error_no = FFI::LastError.error
+          case error_no
+          when 1223
+            raise SystemCallError.new("The operation was canceled by the user", error_no)
+          when -2146885628
+            raise SystemCallError.new("Cannot find object or property", error_no)
+          when -2146885629
+            raise SystemCallError.new("An error occurred while reading or writing to a file.", error_no)
+          when -2146881269
+            raise SystemCallError.new("ASN1 bad tag value met. -- Is the certificate in DER format?", error_no)
+          when -2146881278
+            raise SystemCallError.new("ASN1 unexpected end of data.", error_no)
+          when -2147024891
+            raise SystemCallError.new("System.UnauthorizedAccessException, Access denied..", error_no)
+          else
+            raise SystemCallError.new("Unable to #{failed_operation} certificate.", error_no)
+          end
+        end
+        private
+        # These Are Valid certificate store name
+        # CA -> Certification authority certificates.
+        # MY -> A certificate store that holds certificates with associated private keys.
+        # ROOT -> Root certificates.
+        # SPC -> Software Publisher Certificate.
+        def valid_store_name
+          %w{MY CA ROOT AUTHROOT DISALLOWED SPC TRUST TRUSTEDPEOPLE TRUSTEDPUBLISHER CLIENTAUTHISSUER TRUSTEDDEVICES SMARTCARDROOT WEBHOSTING REMOTE\ DESKTOP}
+        end
+      end
+    end
+  end
+end

data/lib/win32/certstore/mixin/crypto.rb CHANGED

@@ -1,203 +1,203 @@
-#
-# Author:: Nimisha Sharad (<nimisha.sharad@msystechnologies.com>)
-# Copyright:: Copyright (c) 2017 Chef Software, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-require "ffi"
-module Win32
-  class Certstore
-    module Mixin
-      module Crypto
-        extend FFI::Library
-        ffi_lib "Crypt32"
-        ffi_convention :stdcall
-        # Attempts to use FFI's attach_function method to link a native Win32
-        # function into the calling module.  If this fails a dummy method is
-        # defined which when called, raises a helpful exception to the end-user.
-        module FFI::Library
-          def safe_attach_function(win32_func, *args)
-            attach_function(win32_func.to_sym, *args)
-          rescue FFI::NotFoundError
-            define_method(win32_func.to_sym) do |*margs|
-              raise NotImplementedError, "This version of Windows does not implement the Win32 function [#{win32_func}]."
-            end
-          end
-        end
-        ###############################################
-        # Win32 API Constants
-        ###############################################
-        CERT_CLOSE_STORE_CHECK_FLAG                         = 0
-        CERT_CLOSE_STORE_FORCE_FLAG                         = 1
-        # cert encoding flags.
-        CRYPT_ASN_ENCODING                                  = 0x00000001
-        CRYPT_NDR_ENCODING                                  = 0x00000002
-        X509_ASN_ENCODING                                   = 0x00000001
-        X509_NDR_ENCODING                                   = 0x00000002
-        PKCS_7_ASN_ENCODING                                 = 0x00010000
-        PKCS_7_NDR_ENCODING                                 = 0x00020000
-        PKCS_7_OR_X509_ASN_ENCODING                         = (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
-        # Certificate Display Format
-        CERT_NAME_EMAIL_TYPE                                = 1
-        CERT_NAME_RDN_TYPE                                  = 2
-        CERT_NAME_ATTR_TYPE                                 = 3
-        CERT_NAME_SIMPLE_DISPLAY_TYPE                       = 4
-        CERT_NAME_FRIENDLY_DISPLAY_TYPE                     = 5
-        CERT_NAME_DNS_TYPE                                  = 6
-        CERT_NAME_URL_TYPE                                  = 7
-        CERT_NAME_UPN_TYPE                                  = 8
-        # Retrieve Certificates flag
-        CERT_FIND_SUBJECT_STR                               = 0x00080007
-        CERT_FIND_ISSUER_STR                                = 0x00080004
-        # List Certificates Flag
-        CERT_NAME_ISSUER_FLAG                               = 0x1
-        CERT_NAME_DISABLE_IE4_UTF8_FLAG                     = 0x00010000
-        CERT_NAME_SEARCH_ALL_NAMES_FLAG                     = 0x2
-        CERT_NAME_STR_ENABLE_PUNYCODE_FLAG                  = 0x00200000
-        # Define ffi pointer
-        HCERTSTORE                                          = FFI::TypeDefs[:pointer]
-        HCRYPTPROV_LEGACY                                   = FFI::TypeDefs[:pointer]
-        PCCERT_CONTEXT                                      = FFI::TypeDefs[:pointer]
-        BYTE                                                = FFI::TypeDefs[:pointer]
-        DWORD                                               = FFI::TypeDefs[:uint32]
-        BLOB                                                = FFI::TypeDefs[:ulong]
-        LPSTR                                               = FFI::TypeDefs[:pointer]
-        LPCTSTR                                             = FFI::TypeDefs[:pointer]
-        BOOL                                                = FFI::TypeDefs[:bool]
-        INT_PTR                                             = FFI::TypeDefs[:int]
-        LONG                                                = FFI::TypeDefs[:long]
-        LPVOID                                              = FFI::TypeDefs[:pointer]
-        LPTSTR                                              = FFI::TypeDefs[:pointer]
-        LMSTR                                               = FFI::TypeDefs[:pointer]
-        PWSTR                                               = FFI::TypeDefs[:pointer]
-        LPFILETIME                                          = FFI::TypeDefs[:pointer]
-        PCERT_INFO                                          = FFI::TypeDefs[:pointer]
-        PCTL_USAGE                                          = FFI::TypeDefs[:pointer]
-        PCTL_VERIFY_USAGE_PARA                              = FFI::TypeDefs[:pointer]
-        PCTL_VERIFY_USAGE_STATUS                            = FFI::TypeDefs[:pointer]
-        class FILETIME < FFI::Struct
-          layout :dwLowDateTime, DWORD,
-                 :dwHighDateTime, DWORD
-        end
-        class CRYPT_INTEGER_BLOB < FFI::Struct
-          layout :cbData, DWORD, # Count, in bytes, of data
-                 :pbData, :pointer # Pointer to data buffer
-        end
-        class CRYPT_NAME_BLOB < FFI::Struct
-          layout :cbData, DWORD, # Count, in bytes, of data
-                 :pbData, :pointer # Pointer to data buffer
-          def initialize(str = nil)
-            super(nil)
-            if str
-              self[:pbData] = FFI::MemoryPointer.new(2, 128)
-            end
-          end
-        end
-        class CERT_EXTENSION < FFI::Struct
-          layout :pszObjId, LPTSTR,
-                 :fCritical, BOOL,
-                 :Value, CRYPT_INTEGER_BLOB
-        end
-        class CRYPT_BIT_BLOB < FFI::Struct
-          layout :cbData, DWORD,
-                 :pbData, BYTE,
-                 :cUnusedBits, DWORD
-        end
-        class CRYPT_ALGORITHM_IDENTIFIER < FFI::Struct
-          layout :pszObjId, LPSTR,
-                 :Parameters, CRYPT_INTEGER_BLOB
-        end
-        class CERT_PUBLIC_KEY_INFO < FFI::Struct
-          layout :Algorithm, CRYPT_ALGORITHM_IDENTIFIER,
-                 :PublicKey, CRYPT_BIT_BLOB
-        end
-        class CERT_INFO < FFI::Struct
-          layout :dwVersion, DWORD,
-               :SerialNumber, CRYPT_INTEGER_BLOB,
-               :SignatureAlgorithm, CRYPT_ALGORITHM_IDENTIFIER,
-               :Issuer, CRYPT_NAME_BLOB,
-               :NotBefore, FILETIME,
-               :NotAfter, FILETIME,
-               :Subject, CRYPT_NAME_BLOB,
-               :SubjectPublicKeyInfo, CERT_PUBLIC_KEY_INFO,
-               :IssuerUniqueId, CRYPT_BIT_BLOB,
-               :SubjectUniqueId, CRYPT_BIT_BLOB,
-               :cExtension, DWORD,
-               :rgExtension, CERT_EXTENSION
-        end
-        class CERT_CONTEXT < FFI::Struct
-          layout :dwCertEncodingType, DWORD,
-                 :pbCertEncoded, BYTE,
-                 :cbCertEncoded, DWORD,
-                 :pCertInfo, CERT_INFO,
-                 :hCertStore, HCERTSTORE
-        end
-        ###############################################################################
-        # Windows Function
-        # To know description about below windows function
-        # Search Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa376560
-        ###############################################################################
-        # To opens the most common system certificate store
-        safe_attach_function :CertOpenSystemStoreW, [HCRYPTPROV_LEGACY, LPCTSTR], HCERTSTORE
-        # To close the already open certificate store
-        safe_attach_function :CertCloseStore, [HCERTSTORE, DWORD], BOOL
-        # To create encoded certificate context
-        safe_attach_function :CertCreateCertificateContext, [DWORD, BYTE, DWORD], PCCERT_CONTEXT
-        # To retrieves certificates in a certificate store
-        safe_attach_function :CertEnumCertificatesInStore, [HCERTSTORE, PCCERT_CONTEXT], PCCERT_CONTEXT
-        # To get certificate name
-        safe_attach_function :CertGetNameStringW, [PCCERT_CONTEXT, DWORD, DWORD, LPVOID, LPTSTR, DWORD], DWORD
-        # To find all of the property identifiers for the specified certificate.
-        safe_attach_function :CertEnumCertificateContextProperties, [PCCERT_CONTEXT, DWORD], DWORD
-        # Clean up
-        safe_attach_function :CertFreeCertificateContext, [PCCERT_CONTEXT], BOOL
-        # Add certificate file in certificate store.
-        safe_attach_function :CertAddSerializedElementToStore, [HCERTSTORE, :pointer, DWORD, DWORD, DWORD, DWORD, LMSTR, LPVOID], BOOL
-        # Add certification to certification store - Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa376015(v=vs.85).aspx
-        safe_attach_function :CertAddEncodedCertificateToStore, [HCERTSTORE, DWORD, PWSTR, DWORD, INT_PTR, PCCERT_CONTEXT], BOOL
-        safe_attach_function :CertSerializeCertificateStoreElement, [PCCERT_CONTEXT, DWORD, :pointer, DWORD], BOOL
-        # Duplicates a certificate context by incrementing its reference count
-        safe_attach_function :CertDuplicateCertificateContext, [PCCERT_CONTEXT], PCCERT_CONTEXT
-        # Delete certification from certification store
-        safe_attach_function :CertDeleteCertificateFromStore, [PCCERT_CONTEXT], BOOL
-        # To retrieve specific certificates from certificate store
-        safe_attach_function :CertFindCertificateInStore, [HCERTSTORE, DWORD, DWORD, DWORD, LPVOID, PCCERT_CONTEXT], PCCERT_CONTEXT
-        safe_attach_function :PFXExportCertStoreEx, [HCERTSTORE, CRYPT_INTEGER_BLOB, LPCTSTR, LPVOID, DWORD], BOOL
-      end
-    end
-  end
-end
+#
+# Author:: Nimisha Sharad (<nimisha.sharad@msystechnologies.com>)
+# Copyright:: Copyright (c) 2017 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require "ffi"
+module Win32
+  class Certstore
+    module Mixin
+      module Crypto
+        extend FFI::Library
+        ffi_lib "Crypt32"
+        ffi_convention :stdcall
+        # Attempts to use FFI's attach_function method to link a native Win32
+        # function into the calling module.  If this fails a dummy method is
+        # defined which when called, raises a helpful exception to the end-user.
+        module FFI::Library
+          def safe_attach_function(win32_func, *args)
+            attach_function(win32_func.to_sym, *args)
+          rescue FFI::NotFoundError
+            define_method(win32_func.to_sym) do |*margs|
+              raise NotImplementedError, "This version of Windows does not implement the Win32 function [#{win32_func}]."
+            end
+          end
+        end
+        ###############################################
+        # Win32 API Constants
+        ###############################################
+        CERT_CLOSE_STORE_CHECK_FLAG                         = 0
+        CERT_CLOSE_STORE_FORCE_FLAG                         = 1
+        # cert encoding flags.
+        CRYPT_ASN_ENCODING                                  = 0x00000001
+        CRYPT_NDR_ENCODING                                  = 0x00000002
+        X509_ASN_ENCODING                                   = 0x00000001
+        X509_NDR_ENCODING                                   = 0x00000002
+        PKCS_7_ASN_ENCODING                                 = 0x00010000
+        PKCS_7_NDR_ENCODING                                 = 0x00020000
+        PKCS_7_OR_X509_ASN_ENCODING                         = (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
+        # Certificate Display Format
+        CERT_NAME_EMAIL_TYPE                                = 1
+        CERT_NAME_RDN_TYPE                                  = 2
+        CERT_NAME_ATTR_TYPE                                 = 3
+        CERT_NAME_SIMPLE_DISPLAY_TYPE                       = 4
+        CERT_NAME_FRIENDLY_DISPLAY_TYPE                     = 5
+        CERT_NAME_DNS_TYPE                                  = 6
+        CERT_NAME_URL_TYPE                                  = 7
+        CERT_NAME_UPN_TYPE                                  = 8
+        # Retrieve Certificates flag
+        CERT_FIND_SUBJECT_STR                               = 0x00080007
+        CERT_FIND_ISSUER_STR                                = 0x00080004
+        # List Certificates Flag
+        CERT_NAME_ISSUER_FLAG                               = 0x1
+        CERT_NAME_DISABLE_IE4_UTF8_FLAG                     = 0x00010000
+        CERT_NAME_SEARCH_ALL_NAMES_FLAG                     = 0x2
+        CERT_NAME_STR_ENABLE_PUNYCODE_FLAG                  = 0x00200000
+        # Define ffi pointer
+        HCERTSTORE                                          = FFI::TypeDefs[:pointer]
+        HCRYPTPROV_LEGACY                                   = FFI::TypeDefs[:pointer]
+        PCCERT_CONTEXT                                      = FFI::TypeDefs[:pointer]
+        BYTE                                                = FFI::TypeDefs[:pointer]
+        DWORD                                               = FFI::TypeDefs[:uint32]
+        BLOB                                                = FFI::TypeDefs[:ulong]
+        LPSTR                                               = FFI::TypeDefs[:pointer]
+        LPCTSTR                                             = FFI::TypeDefs[:pointer]
+        BOOL                                                = FFI::TypeDefs[:bool]
+        INT_PTR                                             = FFI::TypeDefs[:int]
+        LONG                                                = FFI::TypeDefs[:long]
+        LPVOID                                              = FFI::TypeDefs[:pointer]
+        LPTSTR                                              = FFI::TypeDefs[:pointer]
+        LMSTR                                               = FFI::TypeDefs[:pointer]
+        PWSTR                                               = FFI::TypeDefs[:pointer]
+        LPFILETIME                                          = FFI::TypeDefs[:pointer]
+        PCERT_INFO                                          = FFI::TypeDefs[:pointer]
+        PCTL_USAGE                                          = FFI::TypeDefs[:pointer]
+        PCTL_VERIFY_USAGE_PARA                              = FFI::TypeDefs[:pointer]
+        PCTL_VERIFY_USAGE_STATUS                            = FFI::TypeDefs[:pointer]
+        class FILETIME < FFI::Struct
+          layout :dwLowDateTime, DWORD,
+                 :dwHighDateTime, DWORD
+        end
+        class CRYPT_INTEGER_BLOB < FFI::Struct
+          layout :cbData, DWORD, # Count, in bytes, of data
+                 :pbData, :pointer # Pointer to data buffer
+        end
+        class CRYPT_NAME_BLOB < FFI::Struct
+          layout :cbData, DWORD, # Count, in bytes, of data
+                 :pbData, :pointer # Pointer to data buffer
+          def initialize(str = nil)
+            super(nil)
+            if str
+              self[:pbData] = FFI::MemoryPointer.new(2, 128)
+            end
+          end
+        end
+        class CERT_EXTENSION < FFI::Struct
+          layout :pszObjId, LPTSTR,
+                 :fCritical, BOOL,
+                 :Value, CRYPT_INTEGER_BLOB
+        end
+        class CRYPT_BIT_BLOB < FFI::Struct
+          layout :cbData, DWORD,
+                 :pbData, BYTE,
+                 :cUnusedBits, DWORD
+        end
+        class CRYPT_ALGORITHM_IDENTIFIER < FFI::Struct
+          layout :pszObjId, LPSTR,
+                 :Parameters, CRYPT_INTEGER_BLOB
+        end
+        class CERT_PUBLIC_KEY_INFO < FFI::Struct
+          layout :Algorithm, CRYPT_ALGORITHM_IDENTIFIER,
+                 :PublicKey, CRYPT_BIT_BLOB
+        end
+        class CERT_INFO < FFI::Struct
+          layout :dwVersion, DWORD,
+               :SerialNumber, CRYPT_INTEGER_BLOB,
+               :SignatureAlgorithm, CRYPT_ALGORITHM_IDENTIFIER,
+               :Issuer, CRYPT_NAME_BLOB,
+               :NotBefore, FILETIME,
+               :NotAfter, FILETIME,
+               :Subject, CRYPT_NAME_BLOB,
+               :SubjectPublicKeyInfo, CERT_PUBLIC_KEY_INFO,
+               :IssuerUniqueId, CRYPT_BIT_BLOB,
+               :SubjectUniqueId, CRYPT_BIT_BLOB,
+               :cExtension, DWORD,
+               :rgExtension, CERT_EXTENSION
+        end
+        class CERT_CONTEXT < FFI::Struct
+          layout :dwCertEncodingType, DWORD,
+                 :pbCertEncoded, BYTE,
+                 :cbCertEncoded, DWORD,
+                 :pCertInfo, CERT_INFO,
+                 :hCertStore, HCERTSTORE
+        end
+        ###############################################################################
+        # Windows Function
+        # To know description about below windows function
+        # Search Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa376560
+        ###############################################################################
+        # To opens the most common system certificate store
+        safe_attach_function :CertOpenSystemStoreW, [HCRYPTPROV_LEGACY, LPCTSTR], HCERTSTORE
+        # To close the already open certificate store
+        safe_attach_function :CertCloseStore, [HCERTSTORE, DWORD], BOOL
+        # To create encoded certificate context
+        safe_attach_function :CertCreateCertificateContext, [DWORD, BYTE, DWORD], PCCERT_CONTEXT
+        # To retrieves certificates in a certificate store
+        safe_attach_function :CertEnumCertificatesInStore, [HCERTSTORE, PCCERT_CONTEXT], PCCERT_CONTEXT
+        # To get certificate name
+        safe_attach_function :CertGetNameStringW, [PCCERT_CONTEXT, DWORD, DWORD, LPVOID, LPTSTR, DWORD], DWORD
+        # To find all of the property identifiers for the specified certificate.
+        safe_attach_function :CertEnumCertificateContextProperties, [PCCERT_CONTEXT, DWORD], DWORD
+        # Clean up
+        safe_attach_function :CertFreeCertificateContext, [PCCERT_CONTEXT], BOOL
+        # Add certificate file in certificate store.
+        safe_attach_function :CertAddSerializedElementToStore, [HCERTSTORE, :pointer, DWORD, DWORD, DWORD, DWORD, LMSTR, LPVOID], BOOL
+        # Add certification to certification store - Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa376015(v=vs.85).aspx
+        safe_attach_function :CertAddEncodedCertificateToStore, [HCERTSTORE, DWORD, PWSTR, DWORD, INT_PTR, PCCERT_CONTEXT], BOOL
+        safe_attach_function :CertSerializeCertificateStoreElement, [PCCERT_CONTEXT, DWORD, :pointer, DWORD], BOOL
+        # Duplicates a certificate context by incrementing its reference count
+        safe_attach_function :CertDuplicateCertificateContext, [PCCERT_CONTEXT], PCCERT_CONTEXT
+        # Delete certification from certification store
+        safe_attach_function :CertDeleteCertificateFromStore, [PCCERT_CONTEXT], BOOL
+        # To retrieve specific certificates from certificate store
+        safe_attach_function :CertFindCertificateInStore, [HCERTSTORE, DWORD, DWORD, DWORD, LPVOID, PCCERT_CONTEXT], PCCERT_CONTEXT
+        safe_attach_function :PFXExportCertStoreEx, [HCERTSTORE, CRYPT_INTEGER_BLOB, LPCTSTR, LPVOID, DWORD], BOOL
+      end
+    end
+  end
+end