2 * crypt32 cert store function tests
4 * Copyright 2005-2006 Juan Lang
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
30 #include "wine/test.h"
32 /* The following aren't defined in wincrypt.h, as they're "reserved" */
33 #define CERT_CERT_PROP_ID 32
34 #define CERT_CRL_PROP_ID 33
35 #define CERT_CTL_PROP_ID 34
37 struct CertPropIDHeader
44 static const BYTE emptyCert
[] = { 0x30, 0x00 };
45 static const BYTE bigCert
[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
46 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
47 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22,
48 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30,
49 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
50 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30,
51 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20,
52 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01,
53 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
54 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 };
55 static const BYTE signedBigCert
[] = {
56 0x30, 0x81, 0x93, 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06, 0x00, 0x30,
57 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a,
58 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22, 0x18, 0x0f,
59 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30,
60 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30,
61 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06,
62 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61,
63 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01, 0x00, 0xa3,
64 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
65 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
66 0x00, 0x03, 0x11, 0x00, 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08, 0x07,
67 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
68 static const BYTE serializedCert
[] = { 0x20, 0x00, 0x00, 0x00,
69 0x01, 0x00, 0x00, 0x00, 0x7c, 0x00, 0x00, 0x00, 0x30, 0x7a, 0x02, 0x01, 0x01,
70 0x30, 0x02, 0x06, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
71 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67,
72 0x00, 0x30, 0x22, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31,
73 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31,
74 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15,
75 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75,
76 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06,
77 0x00, 0x03, 0x01, 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
78 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02,
80 static const BYTE signedCRL
[] = { 0x30, 0x45, 0x30, 0x2c, 0x30, 0x02, 0x06,
81 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
82 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x18, 0x0f,
83 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30,
84 0x30, 0x5a, 0x30, 0x02, 0x06, 0x00, 0x03, 0x11, 0x00, 0x0f, 0x0e, 0x0d, 0x0c,
85 0x0b, 0x0a, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
86 static const BYTE bigCert2
[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
87 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
88 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22,
89 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30,
90 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
91 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30,
92 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20,
93 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01,
94 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
95 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 };
96 static const BYTE signedCTLWithCTLInnerContent
[] = {
97 0x30,0x82,0x01,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,
98 0xa0,0x82,0x01,0x00,0x30,0x81,0xfd,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,
99 0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x30,0x06,0x09,
100 0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x23,0x30,0x21,0x30,0x00,
101 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
102 0x30,0x5a,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,
103 0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,
104 0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,
105 0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
106 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,0x3b,0x30,0x18,0x06,0x09,0x2a,0x86,
107 0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,0x0b,0x06,0x09,0x2b,0x06,0x01,0x04,
108 0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
109 0x01,0x09,0x04,0x31,0x12,0x04,0x10,0x54,0x71,0xbc,0xe1,0x56,0x31,0xa2,0xf9,
110 0x65,0x70,0x34,0xf8,0xe2,0xe9,0xb4,0xf4,0x30,0x04,0x06,0x00,0x05,0x00,0x04,
111 0x40,0x2f,0x1b,0x9f,0x5a,0x4a,0x15,0x73,0xfa,0xb1,0x93,0x3d,0x09,0x52,0xdf,
112 0x6b,0x98,0x4b,0x13,0x5e,0xe7,0xbf,0x65,0xf4,0x9c,0xc2,0xb1,0x77,0x09,0xb1,
113 0x66,0x4d,0x72,0x0d,0xb1,0x1a,0x50,0x20,0xe0,0x57,0xa2,0x39,0xc7,0xcd,0x7f,
114 0x8e,0xe7,0x5f,0x76,0x2b,0xd1,0x6a,0x82,0xb3,0x30,0x25,0x61,0xf6,0x25,0x23,
115 0x57,0x6c,0x0b,0x47,0xb8 };
118 static BOOL (WINAPI
*pCertAddStoreToCollection
)(HCERTSTORE
,HCERTSTORE
,DWORD
,DWORD
);
119 static BOOL (WINAPI
*pCertControlStore
)(HCERTSTORE
,DWORD
,DWORD
,void const*);
120 static PCCRL_CONTEXT (WINAPI
*pCertEnumCRLsInStore
)(HCERTSTORE
,PCCRL_CONTEXT
);
121 static BOOL (WINAPI
*pCertEnumSystemStore
)(DWORD
,void*,void*,PFN_CERT_ENUM_SYSTEM_STORE
);
122 static BOOL (WINAPI
*pCertGetStoreProperty
)(HCERTSTORE
,DWORD
,void*,DWORD
*);
123 static void (WINAPI
*pCertRemoveStoreFromCollection
)(HCERTSTORE
,HCERTSTORE
);
124 static BOOL (WINAPI
*pCertSetStoreProperty
)(HCERTSTORE
,DWORD
,DWORD
,const void*);
125 static BOOL (WINAPI
*pCertAddCertificateLinkToStore
)(HCERTSTORE
,PCCERT_CONTEXT
,DWORD
,PCCERT_CONTEXT
*);
127 #define test_store_is_empty(store) _test_store_is_empty(__LINE__,store)
128 static void _test_store_is_empty(unsigned line
, HCERTSTORE store
)
130 const CERT_CONTEXT
*cert
;
132 cert
= CertEnumCertificatesInStore(store
, NULL
);
133 ok_(__FILE__
,line
)(!cert
&& GetLastError() == CRYPT_E_NOT_FOUND
, "store is not empty\n");
136 static void testMemStore(void)
138 HCERTSTORE store1
, store2
;
139 PCCERT_CONTEXT context
;
144 store1
= CertOpenStore(0, 0, 0, 0, NULL
);
145 ok(!store1
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
146 "Expected ERROR_FILE_NOT_FOUND, got %d\n", GetLastError());
148 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
149 CERT_STORE_DELETE_FLAG
, NULL
);
150 ok(!store1
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
151 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %d\n", GetLastError());
154 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
155 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
156 ok(store1
!= NULL
, "CertOpenStore failed: %d\n", GetLastError());
157 /* open existing doesn't */
158 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
159 CERT_STORE_OPEN_EXISTING_FLAG
, NULL
);
160 ok(store2
!= NULL
, "CertOpenStore failed: %d\n", GetLastError());
161 ok(store1
!= store2
, "Expected different stores\n");
163 /* add a bogus (empty) cert */
165 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
, emptyCert
,
166 sizeof(emptyCert
), CERT_STORE_ADD_ALWAYS
, &context
);
167 /* Windows returns CRYPT_E_ASN1_EOD or OSS_DATA_ERROR, but accept
168 * CRYPT_E_ASN1_CORRUPT as well (because matching errors is tough in this
171 GLE
= GetLastError();
172 ok(!ret
&& (GLE
== CRYPT_E_ASN1_EOD
|| GLE
== CRYPT_E_ASN1_CORRUPT
||
173 GLE
== OSS_DATA_ERROR
),
174 "Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT or OSS_DATA_ERROR, got %08x\n",
176 /* add a "signed" cert--the signature isn't a real signature, so this adds
177 * without any check of the signature's validity
179 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
180 signedBigCert
, sizeof(signedBigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
181 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
182 ok(context
!= NULL
, "Expected a valid cert context\n");
185 ok(context
->cbCertEncoded
== sizeof(signedBigCert
),
186 "Wrong cert size %d\n", context
->cbCertEncoded
);
187 ok(!memcmp(context
->pbCertEncoded
, signedBigCert
,
188 sizeof(signedBigCert
)), "Unexpected encoded cert in context\n");
189 /* remove it, the rest of the tests will work on an unsigned cert */
190 ret
= CertDeleteCertificateFromStore(context
);
191 ok(ret
, "CertDeleteCertificateFromStore failed: %08x\n",
194 /* try adding a "signed" CRL as a cert */
195 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
196 signedCRL
, sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, &context
);
197 GLE
= GetLastError();
198 ok(!ret
&& (GLE
== CRYPT_E_ASN1_BADTAG
|| GLE
== CRYPT_E_ASN1_CORRUPT
||
199 GLE
== OSS_DATA_ERROR
),
200 "Expected CRYPT_E_ASN1_BADTAG or CRYPT_E_ASN1_CORRUPT or OSS_DATA_ERROR, got %08x\n",
202 /* add a cert to store1 */
203 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
, bigCert
,
204 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
205 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
206 ok(context
!= NULL
, "Expected a valid cert context\n");
212 ok(context
->cbCertEncoded
== sizeof(bigCert
),
213 "Wrong cert size %d\n", context
->cbCertEncoded
);
214 ok(!memcmp(context
->pbCertEncoded
, bigCert
, sizeof(bigCert
)),
215 "Unexpected encoded cert in context\n");
216 ok(context
->hCertStore
== store1
, "Unexpected store\n");
218 /* check serializing this element */
220 ret = CertSerializeCertificateStoreElement(NULL, 0, NULL, NULL);
221 ret = CertSerializeCertificateStoreElement(context, 0, NULL, NULL);
222 ret = CertSerializeCertificateStoreElement(NULL, 0, NULL, &size);
224 /* apparently flags are ignored */
225 ret
= CertSerializeCertificateStoreElement(context
, 1, NULL
, &size
);
226 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
228 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
231 ret
= CertSerializeCertificateStoreElement(context
, 0, buf
, &size
);
232 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n", GetLastError());
233 ok(size
== sizeof(serializedCert
), "Wrong size %d\n", size
);
234 ok(!memcmp(serializedCert
, buf
, size
),
235 "Unexpected serialized cert\n");
236 HeapFree(GetProcessHeap(), 0, buf
);
239 ret
= CertFreeCertificateContext(context
);
240 ok(ret
, "CertFreeCertificateContext failed: %08x\n", GetLastError());
242 /* verify the cert's in store1 */
243 context
= CertEnumCertificatesInStore(store1
, NULL
);
244 ok(context
!= NULL
, "Expected a valid context\n");
245 context
= CertEnumCertificatesInStore(store1
, context
);
246 ok(!context
&& GetLastError() == CRYPT_E_NOT_FOUND
,
247 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
248 /* verify store2 (the "open existing" mem store) is still empty */
249 context
= CertEnumCertificatesInStore(store2
, NULL
);
250 ok(!context
, "Expected an empty store\n");
251 /* delete the cert from store1, and check it's empty */
252 context
= CertEnumCertificatesInStore(store1
, NULL
);
255 /* Deleting a bitwise copy crashes with an access to an uninitialized
256 * pointer, so a cert context has some special data out there in memory
259 memcpy(©, context, sizeof(copy));
260 ret = CertDeleteCertificateFromStore(©);
262 PCCERT_CONTEXT copy
= CertDuplicateCertificateContext(context
);
264 ok(copy
!= NULL
, "CertDuplicateCertificateContext failed: %08x\n",
266 ret
= CertDeleteCertificateFromStore(context
);
267 ok(ret
, "CertDeleteCertificateFromStore failed: %08x\n",
269 /* try deleting a copy */
270 ret
= CertDeleteCertificateFromStore(copy
);
271 ok(ret
, "CertDeleteCertificateFromStore failed: %08x\n",
273 /* check that the store is empty */
274 context
= CertEnumCertificatesInStore(store1
, NULL
);
275 ok(!context
, "Expected an empty store\n");
278 /* close an empty store */
279 ret
= CertCloseStore(NULL
, 0);
280 ok(ret
, "CertCloseStore failed: %d\n", GetLastError());
281 ret
= CertCloseStore(store1
, 0);
282 ok(ret
, "CertCloseStore failed: %d\n", GetLastError());
283 ret
= CertCloseStore(store2
, 0);
284 ok(ret
, "CertCloseStore failed: %d\n", GetLastError());
286 /* This seems nonsensical, but you can open a read-only mem store, only
289 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
290 CERT_STORE_READONLY_FLAG
, NULL
);
291 ok(store1
!= NULL
, "CertOpenStore failed: %d\n", GetLastError());
292 /* yep, this succeeds */
293 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
, bigCert
,
294 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
295 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
296 ok(context
!= NULL
, "Expected a valid cert context\n");
299 ok(context
->cbCertEncoded
== sizeof(bigCert
),
300 "Wrong cert size %d\n", context
->cbCertEncoded
);
301 ok(!memcmp(context
->pbCertEncoded
, bigCert
, sizeof(bigCert
)),
302 "Unexpected encoded cert in context\n");
303 ok(context
->hCertStore
== store1
, "Unexpected store\n");
304 ret
= CertDeleteCertificateFromStore(context
);
305 ok(ret
, "CertDeleteCertificateFromStore failed: %08x\n",
308 CertCloseStore(store1
, 0);
311 static void compareStore(HCERTSTORE store
, LPCSTR name
, const BYTE
*pb
,
315 CRYPT_DATA_BLOB blob
= { 0, NULL
};
317 ret
= CertSaveStore(store
, X509_ASN_ENCODING
, CERT_STORE_SAVE_AS_STORE
,
318 CERT_STORE_SAVE_TO_MEMORY
, &blob
, 0);
319 ok(ret
, "CertSaveStore failed: %08x\n", GetLastError());
322 ok(blob
.cbData
== cb
, "%s: expected size %d, got %d\n", name
, cb
,
325 ok(blob
.cbData
== cb
, "%s: expected size %d, got %d\n", name
, cb
,
327 blob
.pbData
= HeapAlloc(GetProcessHeap(), 0, blob
.cbData
);
330 ret
= CertSaveStore(store
, X509_ASN_ENCODING
, CERT_STORE_SAVE_AS_STORE
,
331 CERT_STORE_SAVE_TO_MEMORY
, &blob
, 0);
332 ok(ret
, "CertSaveStore failed: %08x\n", GetLastError());
335 ok(!memcmp(pb
, blob
.pbData
, cb
), "%s: unexpected value\n", name
);
337 ok(!memcmp(pb
, blob
.pbData
, cb
), "%s: unexpected value\n", name
);
338 HeapFree(GetProcessHeap(), 0, blob
.pbData
);
342 static const BYTE serializedStoreWithCert
[] = {
343 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x20,0x00,0x00,0x00,0x01,0x00,0x00,
344 0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,
345 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
346 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,
347 0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,
348 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,
349 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
350 0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,
351 0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,
352 0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x00,0x00,0x00,0x00,0x00,0x00,
353 0x00,0x00,0x00,0x00,0x00,0x00 };
355 static void testCollectionStore(void)
357 HCERTSTORE store1
, store2
, collection
, collection2
;
358 PCCERT_CONTEXT context
;
360 static const WCHAR szPrefix
[] = { 'c','e','r',0 };
361 static const WCHAR szDot
[] = { '.',0 };
362 WCHAR filename
[MAX_PATH
];
365 if (!pCertAddStoreToCollection
)
367 win_skip("CertAddStoreToCollection() is not available\n");
371 collection
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
372 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
374 /* Try adding a cert to any empty collection */
375 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
376 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
377 ok(!ret
&& GetLastError() == E_ACCESSDENIED
,
378 "Expected E_ACCESSDENIED, got %08x\n", GetLastError());
380 /* Create and add a cert to a memory store */
381 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
382 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
383 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
384 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
385 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
386 /* Add the memory store to the collection, without allowing adding */
387 ret
= pCertAddStoreToCollection(collection
, store1
, 0, 0);
388 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
389 /* Verify the cert is in the collection */
390 context
= CertEnumCertificatesInStore(collection
, NULL
);
391 ok(context
!= NULL
, "Expected a valid context\n");
394 ok(context
->hCertStore
== collection
, "Unexpected store\n");
395 CertFreeCertificateContext(context
);
397 /* Check that adding to the collection isn't allowed */
398 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
399 bigCert2
, sizeof(bigCert2
), CERT_STORE_ADD_ALWAYS
, NULL
);
400 ok(!ret
&& GetLastError() == E_ACCESSDENIED
,
401 "Expected E_ACCESSDENIED, got %08x\n", GetLastError());
403 /* Create a new memory store */
404 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
405 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
406 /* Try adding a store to a non-collection store */
407 ret
= pCertAddStoreToCollection(store1
, store2
,
408 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
409 ok(!ret
&& GetLastError() == E_INVALIDARG
,
410 "Expected E_INVALIDARG, got %08x\n", GetLastError());
411 /* Try adding some bogus stores */
412 /* This crashes in Windows
413 ret = pCertAddStoreToCollection(0, store2,
414 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
416 /* This "succeeds"... */
417 ret
= pCertAddStoreToCollection(collection
, 0,
418 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
419 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
420 /* while this crashes.
421 ret = pCertAddStoreToCollection(collection, 1,
422 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
425 /* Add it to the collection, this time allowing adding */
426 ret
= pCertAddStoreToCollection(collection
, store2
,
427 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
428 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
429 /* Check that adding to the collection is allowed */
430 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
431 bigCert2
, sizeof(bigCert2
), CERT_STORE_ADD_ALWAYS
, NULL
);
432 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
433 /* Now check that it was actually added to store2 */
434 context
= CertEnumCertificatesInStore(store2
, NULL
);
435 ok(context
!= NULL
, "Expected a valid context\n");
438 ok(context
->hCertStore
== store2
, "Unexpected store\n");
439 CertFreeCertificateContext(context
);
441 /* Check that the collection has both bigCert and bigCert2. bigCert comes
442 * first because store1 was added first.
444 context
= CertEnumCertificatesInStore(collection
, NULL
);
445 ok(context
!= NULL
, "Expected a valid context\n");
448 ok(context
->hCertStore
== collection
, "Unexpected store\n");
449 ok(context
->cbCertEncoded
== sizeof(bigCert
),
450 "Wrong size %d\n", context
->cbCertEncoded
);
451 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
452 "Unexpected cert\n");
453 context
= CertEnumCertificatesInStore(collection
, context
);
454 ok(context
!= NULL
, "Expected a valid context\n");
457 ok(context
->hCertStore
== collection
, "Unexpected store\n");
458 ok(context
->cbCertEncoded
== sizeof(bigCert2
),
459 "Wrong size %d\n", context
->cbCertEncoded
);
460 ok(!memcmp(context
->pbCertEncoded
, bigCert2
,
461 context
->cbCertEncoded
), "Unexpected cert\n");
462 context
= CertEnumCertificatesInStore(collection
, context
);
463 ok(!context
, "Unexpected cert\n");
466 /* close store2, and check that the collection is unmodified */
467 CertCloseStore(store2
, 0);
468 context
= CertEnumCertificatesInStore(collection
, NULL
);
469 ok(context
!= NULL
, "Expected a valid context\n");
472 ok(context
->hCertStore
== collection
, "Unexpected store\n");
473 ok(context
->cbCertEncoded
== sizeof(bigCert
),
474 "Wrong size %d\n", context
->cbCertEncoded
);
475 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
476 "Unexpected cert\n");
477 context
= CertEnumCertificatesInStore(collection
, context
);
478 ok(context
!= NULL
, "Expected a valid context\n");
481 ok(context
->hCertStore
== collection
, "Unexpected store\n");
482 ok(context
->cbCertEncoded
== sizeof(bigCert2
),
483 "Wrong size %d\n", context
->cbCertEncoded
);
484 ok(!memcmp(context
->pbCertEncoded
, bigCert2
,
485 context
->cbCertEncoded
), "Unexpected cert\n");
486 context
= CertEnumCertificatesInStore(collection
, context
);
487 ok(!context
, "Unexpected cert\n");
491 /* Adding a collection to a collection is legal */
492 collection2
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
493 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
494 ret
= pCertAddStoreToCollection(collection2
, collection
,
495 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
496 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
497 /* check the contents of collection2 */
498 context
= CertEnumCertificatesInStore(collection2
, NULL
);
499 ok(context
!= NULL
, "Expected a valid context\n");
502 ok(context
->hCertStore
== collection2
, "Unexpected store\n");
503 ok(context
->cbCertEncoded
== sizeof(bigCert
),
504 "Wrong size %d\n", context
->cbCertEncoded
);
505 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
506 "Unexpected cert\n");
507 context
= CertEnumCertificatesInStore(collection2
, context
);
508 ok(context
!= NULL
, "Expected a valid context\n");
511 ok(context
->hCertStore
== collection2
, "Unexpected store\n");
512 ok(context
->cbCertEncoded
== sizeof(bigCert2
),
513 "Wrong size %d\n", context
->cbCertEncoded
);
514 ok(!memcmp(context
->pbCertEncoded
, bigCert2
,
515 context
->cbCertEncoded
), "Unexpected cert\n");
516 context
= CertEnumCertificatesInStore(collection2
, context
);
517 ok(!context
, "Unexpected cert\n");
521 /* I'd like to test closing the collection in the middle of enumeration,
522 * but my tests have been inconsistent. The first time calling
523 * CertEnumCertificatesInStore on a closed collection succeeded, while the
524 * second crashed. So anything appears to be fair game.
525 * I'd also like to test removing a store from a collection in the middle
526 * of an enumeration, but my tests in Windows have been inconclusive.
527 * In one scenario it worked. In another scenario, about a third of the
528 * time this leads to "random" crashes elsewhere in the code. This
529 * probably means this is not allowed.
532 CertCloseStore(store1
, 0);
533 CertCloseStore(collection
, 0);
534 CertCloseStore(collection2
, 0);
536 /* Add the same cert to two memory stores, then put them in a collection */
537 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
538 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
539 ok(store1
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
540 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
541 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
542 ok(store2
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
544 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
545 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
546 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
547 ret
= CertAddEncodedCertificateToStore(store2
, X509_ASN_ENCODING
,
548 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
549 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
550 collection
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
551 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
552 ok(collection
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
554 ret
= pCertAddStoreToCollection(collection
, store1
,
555 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
556 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
557 ret
= pCertAddStoreToCollection(collection
, store2
,
558 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
559 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
561 /* Check that the collection has two copies of the same cert */
562 context
= CertEnumCertificatesInStore(collection
, NULL
);
563 ok(context
!= NULL
, "Expected a valid context\n");
566 ok(context
->hCertStore
== collection
, "Unexpected store\n");
567 ok(context
->cbCertEncoded
== sizeof(bigCert
),
568 "Wrong size %d\n", context
->cbCertEncoded
);
569 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
570 "Unexpected cert\n");
571 context
= CertEnumCertificatesInStore(collection
, context
);
572 ok(context
!= NULL
, "Expected a valid context\n");
575 ok(context
->hCertStore
== collection
, "Unexpected store\n");
576 ok(context
->cbCertEncoded
== sizeof(bigCert
),
577 "Wrong size %d\n", context
->cbCertEncoded
);
578 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
579 "Unexpected cert\n");
580 context
= CertEnumCertificatesInStore(collection
, context
);
581 ok(context
== NULL
, "Unexpected cert\n");
585 /* The following would check whether I can delete an identical cert, rather
586 * than one enumerated from the store. It crashes, so that means I must
587 * only call CertDeleteCertificateFromStore with contexts enumerated from
589 context = CertCreateCertificateContext(X509_ASN_ENCODING, bigCert,
591 ok(context != NULL, "CertCreateCertificateContext failed: %08x\n",
595 ret = CertDeleteCertificateFromStore(collection, context);
596 printf("ret is %d, GetLastError is %08x\n", ret, GetLastError());
597 CertFreeCertificateContext(context);
601 /* Now check deleting from the collection. */
602 context
= CertEnumCertificatesInStore(collection
, NULL
);
603 ok(context
!= NULL
, "Expected a valid context\n");
606 CertDeleteCertificateFromStore(context
);
607 /* store1 should now be empty */
608 context
= CertEnumCertificatesInStore(store1
, NULL
);
609 ok(!context
, "Unexpected cert\n");
610 /* and there should be one certificate in the collection */
611 context
= CertEnumCertificatesInStore(collection
, NULL
);
612 ok(context
!= NULL
, "Expected a valid cert\n");
615 ok(context
->hCertStore
== collection
, "Unexpected store\n");
616 ok(context
->cbCertEncoded
== sizeof(bigCert
),
617 "Wrong size %d\n", context
->cbCertEncoded
);
618 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
619 "Unexpected cert\n");
621 context
= CertEnumCertificatesInStore(collection
, context
);
622 ok(context
== NULL
, "Unexpected cert\n");
625 if (!pCertRemoveStoreFromCollection
)
627 win_skip("CertRemoveStoreFromCollection() is not available\n");
631 /* Finally, test removing stores from the collection. No return
632 * value, so it's a bit funny to test.
635 * pCertRemoveStoreFromCollection(NULL, NULL);
637 /* This "succeeds," no crash, no last error set */
638 SetLastError(0xdeadbeef);
639 pCertRemoveStoreFromCollection(store2
, collection
);
640 ok(GetLastError() == 0xdeadbeef,
641 "Didn't expect an error to be set: %08x\n", GetLastError());
643 /* After removing store2, the collection should be empty */
644 SetLastError(0xdeadbeef);
645 pCertRemoveStoreFromCollection(collection
, store2
);
646 ok(GetLastError() == 0xdeadbeef,
647 "Didn't expect an error to be set: %08x\n", GetLastError());
648 context
= CertEnumCertificatesInStore(collection
, NULL
);
649 ok(!context
, "Unexpected cert\n");
652 CertCloseStore(collection
, 0);
653 CertCloseStore(store2
, 0);
654 CertCloseStore(store1
, 0);
656 /* Test adding certificates to and deleting certificates from collections.
658 store1
= CertOpenSystemStoreA(0, "My");
659 collection
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
660 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
662 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
663 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
664 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
665 CertDeleteCertificateFromStore(context
);
667 pCertAddStoreToCollection(collection
, store1
,
668 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
670 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
671 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
672 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
673 CertDeleteCertificateFromStore(context
);
675 CertCloseStore(collection
, 0);
676 CertCloseStore(store1
, 0);
678 /* Test whether a collection store can be committed */
679 if (!pCertControlStore
)
681 win_skip("CertControlStore() is not available\n");
684 collection
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
685 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
687 SetLastError(0xdeadbeef);
688 ret
= pCertControlStore(collection
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
689 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
691 /* Adding a mem store that can't be committed prevents a successful commit.
693 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
694 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
695 pCertAddStoreToCollection(collection
, store1
, 0, 0);
696 SetLastError(0xdeadbeef);
697 ret
= pCertControlStore(collection
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
698 ok(!ret
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
699 "expected ERROR_CALL_NOT_IMPLEMENTED, got %d\n", GetLastError());
700 pCertRemoveStoreFromCollection(collection
, store1
);
701 CertCloseStore(store1
, 0);
703 /* Test adding a cert to a collection with a file store, committing the
704 * change to the collection, and comparing the resulting file.
706 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename
))
709 DeleteFileW(filename
);
710 file
= CreateFileW(filename
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
711 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
712 if (file
== INVALID_HANDLE_VALUE
)
715 store1
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
716 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
717 ok(store1
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
719 pCertAddStoreToCollection(collection
, store1
,
720 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
721 CertCloseStore(store1
, 0);
723 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
724 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
725 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
727 ret
= pCertControlStore(collection
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
728 ok(ret
, "CertControlStore failed: %d\n", ret
);
729 compareStore(collection
, "serialized store with cert",
730 serializedStoreWithCert
, sizeof(serializedStoreWithCert
), FALSE
);
731 CertCloseStore(collection
, 0);
733 DeleteFileW(filename
);
736 /* Looks for the property with ID propID in the buffer buf. Returns a pointer
737 * to its header if found, NULL if not.
739 static const struct CertPropIDHeader
*findPropID(const BYTE
*buf
, DWORD size
,
742 const struct CertPropIDHeader
*ret
= NULL
;
745 while (size
&& !ret
&& !failed
)
747 if (size
< sizeof(struct CertPropIDHeader
))
751 const struct CertPropIDHeader
*hdr
=
752 (const struct CertPropIDHeader
*)buf
;
754 size
-= sizeof(struct CertPropIDHeader
);
755 buf
+= sizeof(struct CertPropIDHeader
);
758 else if (hdr
->propID
== propID
)
770 static void testRegStore(void)
772 static const char tempKey
[] = "Software\\Wine\\CryptTemp";
778 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0, 0, NULL
);
779 GLE
= GetLastError();
780 ok(!store
&& (GLE
== ERROR_INVALID_HANDLE
|| GLE
== ERROR_BADKEY
),
781 "Expected ERROR_INVALID_HANDLE or ERROR_BADKEY, got %d\n", GLE
);
782 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0, 0, key
);
783 GLE
= GetLastError();
784 ok(!store
&& (GLE
== ERROR_INVALID_HANDLE
|| GLE
== ERROR_BADKEY
),
785 "Expected ERROR_INVALID_HANDLE or ERROR_BADKEY, got %d\n", GLE
);
787 /* Opening up any old key works.. */
788 key
= HKEY_CURRENT_USER
;
789 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0, 0, key
);
790 /* Not sure if this is a bug in DuplicateHandle, marking todo_wine for now
792 todo_wine
ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
793 CertCloseStore(store
, 0);
795 /* It looks like the remainder pretty much needs CertControlStore() */
796 if (!pCertControlStore
)
798 win_skip("CertControlStore() is not available\n");
802 rc
= RegCreateKeyExA(HKEY_CURRENT_USER
, tempKey
, 0, NULL
, 0, KEY_ALL_ACCESS
,
804 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
810 static const char certificates
[] = "Certificates\\";
811 char subKeyName
[sizeof(certificates
) + 20 * 2 + 1], *ptr
;
813 PCCERT_CONTEXT context
;
815 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0, 0, key
);
816 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
817 /* Add a certificate. It isn't persisted right away, since it's only
818 * added to the cache..
820 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
821 bigCert2
, sizeof(bigCert2
), CERT_STORE_ADD_ALWAYS
, NULL
);
822 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
824 /* so flush the cache to force a commit.. */
825 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
826 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
827 /* and check that the expected subkey was written. */
829 ret
= CryptHashCertificate(0, 0, 0, bigCert2
, sizeof(bigCert2
),
831 ok(ret
, "CryptHashCertificate failed: %d\n", GetLastError());
832 strcpy(subKeyName
, certificates
);
833 for (i
= 0, ptr
= subKeyName
+ sizeof(certificates
) - 1; i
< size
;
835 sprintf(ptr
, "%02X", hash
[i
]);
836 rc
= RegCreateKeyExA(key
, subKeyName
, 0, NULL
, 0, KEY_ALL_ACCESS
, NULL
,
838 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
844 RegQueryValueExA(subKey
, "Blob", NULL
, NULL
, NULL
, &size
);
845 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
848 rc
= RegQueryValueExA(subKey
, "Blob", NULL
, NULL
, buf
, &size
);
849 ok(!rc
, "RegQueryValueExA failed: %d\n", rc
);
852 const struct CertPropIDHeader
*hdr
;
854 /* Both the hash and the cert should be present */
855 hdr
= findPropID(buf
, size
, CERT_CERT_PROP_ID
);
856 ok(hdr
!= NULL
, "Expected to find a cert property\n");
859 ok(hdr
->cb
== sizeof(bigCert2
),
860 "Wrong size %d of cert property\n", hdr
->cb
);
861 ok(!memcmp((const BYTE
*)hdr
+ sizeof(*hdr
), bigCert2
,
862 hdr
->cb
), "Unexpected cert in cert property\n");
864 hdr
= findPropID(buf
, size
, CERT_HASH_PROP_ID
);
865 ok(hdr
!= NULL
, "Expected to find a hash property\n");
868 ok(hdr
->cb
== sizeof(hash
),
869 "Wrong size %d of hash property\n", hdr
->cb
);
870 ok(!memcmp((const BYTE
*)hdr
+ sizeof(*hdr
), hash
,
871 hdr
->cb
), "Unexpected hash in cert property\n");
874 HeapFree(GetProcessHeap(), 0, buf
);
879 /* Remove the existing context */
880 context
= CertEnumCertificatesInStore(store
, NULL
);
881 ok(context
!= NULL
, "Expected a cert context\n");
883 CertDeleteCertificateFromStore(context
);
884 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
885 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
887 /* Add a serialized cert with a bogus hash directly to the registry */
888 memset(hash
, 0, sizeof(hash
));
889 strcpy(subKeyName
, certificates
);
890 for (i
= 0, ptr
= subKeyName
+ sizeof(certificates
) - 1;
891 i
< sizeof(hash
); i
++, ptr
+= 2)
892 sprintf(ptr
, "%02X", hash
[i
]);
893 rc
= RegCreateKeyExA(key
, subKeyName
, 0, NULL
, 0, KEY_ALL_ACCESS
, NULL
,
895 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
898 BYTE buf
[sizeof(struct CertPropIDHeader
) * 2 + sizeof(hash
) +
899 sizeof(bigCert
)], *ptr
;
901 struct CertPropIDHeader
*hdr
;
903 hdr
= (struct CertPropIDHeader
*)buf
;
904 hdr
->propID
= CERT_HASH_PROP_ID
;
906 hdr
->cb
= sizeof(hash
);
907 ptr
= buf
+ sizeof(*hdr
);
908 memcpy(ptr
, hash
, sizeof(hash
));
910 hdr
= (struct CertPropIDHeader
*)ptr
;
911 hdr
->propID
= CERT_CERT_PROP_ID
;
913 hdr
->cb
= sizeof(bigCert
);
915 memcpy(ptr
, bigCert
, sizeof(bigCert
));
917 rc
= RegSetValueExA(subKey
, "Blob", 0, REG_BINARY
, buf
,
919 ok(!rc
, "RegSetValueExA failed: %d\n", rc
);
921 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_RESYNC
, NULL
);
922 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
924 /* Make sure the bogus hash cert gets loaded. */
928 context
= CertEnumCertificatesInStore(store
, context
);
931 } while (context
!= NULL
);
932 ok(certCount
== 1, "Expected 1 certificates, got %d\n", certCount
);
937 /* Add another serialized cert directly to the registry, this time
938 * under the correct key name (named with the correct hash value).
941 ret
= CryptHashCertificate(0, 0, 0, bigCert2
,
942 sizeof(bigCert2
), hash
, &size
);
943 ok(ret
, "CryptHashCertificate failed: %d\n", GetLastError());
944 strcpy(subKeyName
, certificates
);
945 for (i
= 0, ptr
= subKeyName
+ sizeof(certificates
) - 1;
946 i
< sizeof(hash
); i
++, ptr
+= 2)
947 sprintf(ptr
, "%02X", hash
[i
]);
948 rc
= RegCreateKeyExA(key
, subKeyName
, 0, NULL
, 0, KEY_ALL_ACCESS
, NULL
,
950 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
953 BYTE buf
[sizeof(struct CertPropIDHeader
) * 2 + sizeof(hash
) +
954 sizeof(bigCert2
)], *ptr
;
956 PCCERT_CONTEXT context
;
957 struct CertPropIDHeader
*hdr
;
959 /* First try with a bogus hash... */
960 hdr
= (struct CertPropIDHeader
*)buf
;
961 hdr
->propID
= CERT_HASH_PROP_ID
;
963 hdr
->cb
= sizeof(hash
);
964 ptr
= buf
+ sizeof(*hdr
);
965 memset(ptr
, 0, sizeof(hash
));
967 hdr
= (struct CertPropIDHeader
*)ptr
;
968 hdr
->propID
= CERT_CERT_PROP_ID
;
970 hdr
->cb
= sizeof(bigCert2
);
972 memcpy(ptr
, bigCert2
, sizeof(bigCert2
));
974 rc
= RegSetValueExA(subKey
, "Blob", 0, REG_BINARY
, buf
,
976 ok(!rc
, "RegSetValueExA failed: %d\n", rc
);
978 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_RESYNC
, NULL
);
979 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
981 /* and make sure just one cert still gets loaded. */
985 context
= CertEnumCertificatesInStore(store
, context
);
988 } while (context
!= NULL
);
990 broken(certCount
== 2) /* NT4 */ ,
991 "Expected 1 certificates, got %d\n", certCount
);
993 /* Try again with the correct hash... */
994 ptr
= buf
+ sizeof(*hdr
);
995 memcpy(ptr
, hash
, sizeof(hash
));
997 rc
= RegSetValueExA(subKey
, "Blob", 0, REG_BINARY
, buf
,
999 ok(!rc
, "RegSetValueExA failed: %d\n", rc
);
1001 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_RESYNC
, NULL
);
1002 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
1004 /* and make sure two certs get loaded. */
1008 context
= CertEnumCertificatesInStore(store
, context
);
1011 } while (context
!= NULL
);
1012 ok(certCount
== 2, "Expected 2 certificates, got %d\n", certCount
);
1014 RegCloseKey(subKey
);
1016 CertCloseStore(store
, 0);
1017 /* Is delete allowed on a reg store? */
1018 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0,
1019 CERT_STORE_DELETE_FLAG
, key
);
1020 ok(store
== NULL
, "Expected NULL return from CERT_STORE_DELETE_FLAG\n");
1021 ok(GetLastError() == 0, "CertOpenStore failed: %08x\n",
1026 /* The CertOpenStore with CERT_STORE_DELETE_FLAG above will delete the
1027 * contents of the key, but not the key itself.
1029 rc
= RegCreateKeyExA(HKEY_CURRENT_USER
, tempKey
, 0, NULL
, 0, KEY_ALL_ACCESS
,
1031 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
1032 ok(disp
== REG_OPENED_EXISTING_KEY
,
1033 "Expected REG_OPENED_EXISTING_KEY, got %d\n", disp
);
1037 rc
= RegDeleteKeyA(HKEY_CURRENT_USER
, tempKey
);
1040 HMODULE shlwapi
= LoadLibraryA("shlwapi");
1042 /* Use shlwapi's SHDeleteKeyA to _really_ blow away the key,
1043 * otherwise subsequent tests will fail.
1047 DWORD (WINAPI
*pSHDeleteKeyA
)(HKEY
, LPCSTR
);
1049 pSHDeleteKeyA
= (void*)GetProcAddress(shlwapi
, "SHDeleteKeyA");
1051 pSHDeleteKeyA(HKEY_CURRENT_USER
, tempKey
);
1052 FreeLibrary(shlwapi
);
1058 static const char MyA
[] = { 'M','y',0,0 };
1059 static const WCHAR MyW
[] = { 'M','y',0 };
1060 static const WCHAR BogusW
[] = { 'B','o','g','u','s',0 };
1061 static const WCHAR BogusPathW
[] = { 'S','o','f','t','w','a','r','e','\\',
1062 'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r',
1063 't','i','f','i','c','a','t','e','s','\\','B','o','g','u','s',0 };
1065 static void testSystemRegStore(void)
1067 HCERTSTORE store
, memStore
;
1069 /* Check with a UNICODE name */
1070 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1071 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, MyW
);
1072 /* Not all OSes support CERT_STORE_PROV_SYSTEM_REGISTRY, so don't continue
1073 * testing if they don't.
1078 /* Check that it isn't a collection store */
1079 memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1080 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1083 if (pCertAddStoreToCollection
)
1085 BOOL ret
= pCertAddStoreToCollection(store
, memStore
, 0, 0);
1086 ok(!ret
&& GetLastError() == E_INVALIDARG
,
1087 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1089 CertCloseStore(memStore
, 0);
1091 CertCloseStore(store
, 0);
1093 /* Check opening a bogus store */
1094 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1095 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, BogusW
);
1096 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1097 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1098 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1099 CERT_SYSTEM_STORE_CURRENT_USER
, BogusW
);
1100 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
1102 CertCloseStore(store
, 0);
1103 /* Now check whether deleting is allowed */
1104 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1105 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_DELETE_FLAG
, BogusW
);
1106 ok(!store
, "CertOpenStore failed: %08x\n", GetLastError());
1107 RegDeleteKeyW(HKEY_CURRENT_USER
, BogusPathW
);
1109 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0, 0, NULL
);
1110 ok(!store
&& GetLastError() == E_INVALIDARG
,
1111 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1112 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1113 CERT_SYSTEM_STORE_LOCAL_MACHINE
| CERT_SYSTEM_STORE_CURRENT_USER
, MyA
);
1114 ok(!store
&& GetLastError() == E_INVALIDARG
,
1115 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1116 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1117 CERT_SYSTEM_STORE_LOCAL_MACHINE
| CERT_SYSTEM_STORE_CURRENT_USER
, MyW
);
1118 ok(!store
&& GetLastError() == E_INVALIDARG
,
1119 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1120 /* The name is expected to be UNICODE, check with an ASCII name */
1121 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1122 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, MyA
);
1123 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1124 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1127 static void testSystemStore(void)
1129 static const WCHAR baskslashW
[] = { '\\',0 };
1131 WCHAR keyName
[MAX_PATH
];
1135 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0, 0, NULL
);
1136 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1137 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1138 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1139 CERT_SYSTEM_STORE_LOCAL_MACHINE
| CERT_SYSTEM_STORE_CURRENT_USER
, MyA
);
1140 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1141 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1142 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1143 CERT_SYSTEM_STORE_LOCAL_MACHINE
| CERT_SYSTEM_STORE_CURRENT_USER
, MyW
);
1144 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1145 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1146 /* The name is expected to be UNICODE, first check with an ASCII name */
1147 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1148 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, MyA
);
1149 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1150 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1151 /* Create the expected key */
1152 lstrcpyW(keyName
, CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH
);
1153 lstrcatW(keyName
, baskslashW
);
1154 lstrcatW(keyName
, MyW
);
1155 rc
= RegCreateKeyExW(HKEY_CURRENT_USER
, keyName
, 0, NULL
, 0, KEY_READ
,
1157 ok(!rc
, "RegCreateKeyEx failed: %d\n", rc
);
1160 /* Check opening with a UNICODE name, specifying the create new flag */
1161 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1162 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_CREATE_NEW_FLAG
, MyW
);
1163 ok(!store
&& GetLastError() == ERROR_FILE_EXISTS
,
1164 "Expected ERROR_FILE_EXISTS, got %08x\n", GetLastError());
1165 /* Now check opening with a UNICODE name, this time opening existing */
1166 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1167 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, MyW
);
1168 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
1171 HCERTSTORE memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1172 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1174 /* Check that it's a collection store */
1177 if (pCertAddStoreToCollection
)
1179 BOOL ret
= pCertAddStoreToCollection(store
, memStore
, 0, 0);
1180 /* FIXME: this'll fail on NT4, but what error will it give? */
1181 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
1183 CertCloseStore(memStore
, 0);
1185 CertCloseStore(store
, 0);
1188 /* Check opening a bogus store */
1189 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1190 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, BogusW
);
1191 ok(!store
, "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1192 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1193 CERT_SYSTEM_STORE_CURRENT_USER
, BogusW
);
1194 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
1196 CertCloseStore(store
, 0);
1197 /* Now check whether deleting is allowed */
1198 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1199 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_DELETE_FLAG
, BogusW
);
1200 ok(!store
, "Didn't expect a store to be returned when deleting\n");
1201 RegDeleteKeyW(HKEY_CURRENT_USER
, BogusPathW
);
1204 static const BYTE serializedStoreWithCertAndCRL
[] = {
1205 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x20,0x00,0x00,0x00,0x01,0x00,0x00,
1206 0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,
1207 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1208 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,
1209 0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,
1210 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,
1211 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
1212 0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,
1213 0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,
1214 0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x21,0x00,0x00,0x00,0x01,0x00,
1215 0x00,0x00,0x47,0x00,0x00,0x00,0x30,0x45,0x30,0x2c,0x30,0x02,0x06,0x00,0x30,
1216 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1217 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1218 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00,0x03,0x11,
1219 0x00,0x0f,0x0e,0x0d,0x0c,0x0b,0x0a,0x09,0x08,0x07,0x06,0x05,0x04,0x03,0x02,
1220 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
1222 static void testFileStore(void)
1224 static const WCHAR szPrefix
[] = { 'c','e','r',0 };
1225 static const WCHAR szDot
[] = { '.',0 };
1226 WCHAR filename
[MAX_PATH
];
1229 PCCERT_CONTEXT cert
;
1232 if (!pCertControlStore
)
1234 win_skip("CertControlStore() is not available\n");
1238 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0, 0, NULL
);
1239 ok(!store
&& GetLastError() == ERROR_INVALID_HANDLE
,
1240 "Expected ERROR_INVALID_HANDLE, got %08x\n", GetLastError());
1242 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename
))
1245 DeleteFileW(filename
);
1246 file
= CreateFileW(filename
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
1247 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
1248 if (file
== INVALID_HANDLE_VALUE
)
1251 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0, CERT_STORE_DELETE_FLAG
,
1253 ok(!store
&& GetLastError() == E_INVALIDARG
,
1254 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1255 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1256 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
| CERT_STORE_READONLY_FLAG
, file
);
1257 ok(!store
&& GetLastError() == E_INVALIDARG
,
1258 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1260 /* A "read-only" file store.. */
1261 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1262 CERT_STORE_OPEN_EXISTING_FLAG
| CERT_STORE_READONLY_FLAG
, file
);
1263 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1268 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1269 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1270 /* apparently allows adding certificates.. */
1271 ok(ret
, "CertAddEncodedCertificateToStore failed: %d\n", ret
);
1272 /* but not commits.. */
1273 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1274 ok(!ret
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
1275 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1276 /* It still has certs in memory.. */
1277 cert
= CertEnumCertificatesInStore(store
, NULL
);
1278 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1280 CertFreeCertificateContext(cert
);
1281 /* but the file size is still 0. */
1282 size
= GetFileSize(file
, NULL
);
1283 ok(size
== 0, "Expected size 0, got %d\n", size
);
1284 CertCloseStore(store
, 0);
1287 /* The create new flag is allowed.. */
1288 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1289 CERT_STORE_CREATE_NEW_FLAG
, file
);
1290 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1293 /* but without the commit enable flag, commits don't happen. */
1294 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1295 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1296 ok(ret
, "CertAddEncodedCertificateToStore failed: %d\n", ret
);
1297 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1298 ok(!ret
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
1299 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1300 CertCloseStore(store
, 0);
1302 /* as is the open existing flag. */
1303 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1304 CERT_STORE_OPEN_EXISTING_FLAG
, file
);
1305 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1308 /* but without the commit enable flag, commits don't happen. */
1309 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1310 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1311 ok(ret
, "CertAddEncodedCertificateToStore failed: %d\n", ret
);
1312 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1313 ok(!ret
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
1314 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1315 CertCloseStore(store
, 0);
1317 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1318 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
1319 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1323 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1324 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1325 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
1327 /* with commits enabled, commit is allowed */
1328 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1329 ok(ret
, "CertControlStore failed: %d\n", ret
);
1330 compareStore(store
, "serialized store with cert",
1331 serializedStoreWithCert
, sizeof(serializedStoreWithCert
), FALSE
);
1332 CertCloseStore(store
, 0);
1334 file
= CreateFileW(filename
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
1335 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
1336 if (file
== INVALID_HANDLE_VALUE
)
1338 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1339 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
1340 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1344 ret
= CertAddEncodedCRLToStore(store
, X509_ASN_ENCODING
, signedCRL
,
1345 sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, NULL
);
1346 ok(ret
, "CertAddEncodedCRLToStore failed: %08x\n", GetLastError());
1347 compareStore(store
, "serialized store with cert and CRL",
1348 serializedStoreWithCertAndCRL
, sizeof(serializedStoreWithCertAndCRL
),
1350 CertCloseStore(store
, 0);
1353 DeleteFileW(filename
);
1356 static BOOL
initFileFromData(LPCWSTR filename
, const BYTE
*pb
, DWORD cb
)
1358 HANDLE file
= CreateFileW(filename
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
1359 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
1362 if (file
!= INVALID_HANDLE_VALUE
)
1366 ret
= WriteFile(file
, pb
, cb
, &written
, NULL
);
1374 static const BYTE base64SPC
[] =
1375 "MIICJQYJKoZIhvcNAQcCoIICFjCCAhICAQExADALBgkqhkiG9w0BBwGgggH6MIIB"
1376 "9jCCAV+gAwIBAgIQnP8+EF4opr9OxH7h4uBPWTANBgkqhkiG9w0BAQQFADAUMRIw"
1377 "EAYDVQQDEwlKdWFuIExhbmcwHhcNMDgxMjEyMTcxMDE0WhcNMzkxMjMxMjM1OTU5"
1378 "WjAUMRIwEAYDVQQDEwlKdWFuIExhbmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ"
1379 "AoGBALCgNjyNvOic0FOfjxvi43HbM+D5joDkhiGSXe+gbZlf8f16k07kkObFEunz"
1380 "mdB5coscmA7gyqiWNN4ZUyr2cA3lCbnpGPA/0IblyyOcuGIFmmCzeZaVa5ZG6xZP"
1381 "K7L7o+73Qo6jXVbGhBGnMZ7Q9sAn6s2933olnStnejnqwV0NAgMBAAGjSTBHMEUG"
1382 "A1UdAQQ+MDyAEFKbKEdXYyx+CWKcV6vxM6ShFjAUMRIwEAYDVQQDEwlKdWFuIExh"
1383 "bmeCEJz/PhBeKKa/TsR+4eLgT1kwDQYJKoZIhvcNAQEEBQADgYEALpkgLgW3mEaK"
1384 "idPQ3iPJYLG0Ub1wraqEl9bd42hrhzIdcDzlQgxnm8/5cHYVxIF/C20x/HJplb1R"
1385 "G6U1ipFe/q8byWD/9JpiBKMGPi9YlUTgXHfS9d4S/QWO1h9Z7KeipBYhoslQpHXu"
1386 "y9bUr8Adqi6SzgHpCnMu53dxgxUD1r4xAA==";
1387 /* Same as base64SPC, but as a wide-char string */
1388 static const WCHAR utf16Base64SPC
[] = {
1389 'M','I','I','C','J','Q','Y','J','K','o','Z','I','h','v','c','N','A',
1390 'Q','c','C','o','I','I','C','F','j','C','C','A','h','I','C','A','Q',
1391 'E','x','A','D','A','L','B','g','k','q','h','k','i','G','9','w','0',
1392 'B','B','w','G','g','g','g','H','6','M','I','I','B','9','j','C','C',
1393 'A','V','+','g','A','w','I','B','A','g','I','Q','n','P','8','+','E',
1394 'F','4','o','p','r','9','O','x','H','7','h','4','u','B','P','W','T',
1395 'A','N','B','g','k','q','h','k','i','G','9','w','0','B','A','Q','Q',
1396 'F','A','D','A','U','M','R','I','w','E','A','Y','D','V','Q','Q','D',
1397 'E','w','l','K','d','W','F','u','I','E','x','h','b','m','c','w','H',
1398 'h','c','N','M','D','g','x','M','j','E','y','M','T','c','x','M','D',
1399 'E','0','W','h','c','N','M','z','k','x','M','j','M','x','M','j','M',
1400 '1','O','T','U','5','W','j','A','U','M','R','I','w','E','A','Y','D',
1401 'V','Q','Q','D','E','w','l','K','d','W','F','u','I','E','x','h','b',
1402 'm','c','w','g','Z','8','w','D','Q','Y','J','K','o','Z','I','h','v',
1403 'c','N','A','Q','E','B','B','Q','A','D','g','Y','0','A','M','I','G',
1404 'J','A','o','G','B','A','L','C','g','N','j','y','N','v','O','i','c',
1405 '0','F','O','f','j','x','v','i','4','3','H','b','M','+','D','5','j',
1406 'o','D','k','h','i','G','S','X','e','+','g','b','Z','l','f','8','f',
1407 '1','6','k','0','7','k','k','O','b','F','E','u','n','z','m','d','B',
1408 '5','c','o','s','c','m','A','7','g','y','q','i','W','N','N','4','Z',
1409 'U','y','r','2','c','A','3','l','C','b','n','p','G','P','A','/','0',
1410 'I','b','l','y','y','O','c','u','G','I','F','m','m','C','z','e','Z',
1411 'a','V','a','5','Z','G','6','x','Z','P','K','7','L','7','o','+','7',
1412 '3','Q','o','6','j','X','V','b','G','h','B','G','n','M','Z','7','Q',
1413 '9','s','A','n','6','s','2','9','3','3','o','l','n','S','t','n','e',
1414 'j','n','q','w','V','0','N','A','g','M','B','A','A','G','j','S','T',
1415 'B','H','M','E','U','G','A','1','U','d','A','Q','Q','+','M','D','y',
1416 'A','E','F','K','b','K','E','d','X','Y','y','x','+','C','W','K','c',
1417 'V','6','v','x','M','6','S','h','F','j','A','U','M','R','I','w','E',
1418 'A','Y','D','V','Q','Q','D','E','w','l','K','d','W','F','u','I','E',
1419 'x','h','b','m','e','C','E','J','z','/','P','h','B','e','K','K','a',
1420 '/','T','s','R','+','4','e','L','g','T','1','k','w','D','Q','Y','J',
1421 'K','o','Z','I','h','v','c','N','A','Q','E','E','B','Q','A','D','g',
1422 'Y','E','A','L','p','k','g','L','g','W','3','m','E','a','K','i','d',
1423 'P','Q','3','i','P','J','Y','L','G','0','U','b','1','w','r','a','q',
1424 'E','l','9','b','d','4','2','h','r','h','z','I','d','c','D','z','l',
1425 'Q','g','x','n','m','8','/','5','c','H','Y','V','x','I','F','/','C',
1426 '2','0','x','/','H','J','p','l','b','1','R','G','6','U','1','i','p',
1427 'F','e','/','q','8','b','y','W','D','/','9','J','p','i','B','K','M',
1428 'G','P','i','9','Y','l','U','T','g','X','H','f','S','9','d','4','S',
1429 '/','Q','W','O','1','h','9','Z','7','K','e','i','p','B','Y','h','o',
1430 's','l','Q','p','H','X','u','y','9','b','U','r','8','A','d','q','i',
1431 '6','S','z','g','H','p','C','n','M','u','5','3','d','x','g','x','U',
1432 'D','1','r','4','x','A','A','=','=',0 };
1434 static void testFileNameStore(void)
1436 static const WCHAR szPrefix
[] = { 'c','e','r',0 };
1437 static const WCHAR spcPrefix
[] = { 's','p','c',0 };
1438 static const WCHAR szDot
[] = { '.',0 };
1439 WCHAR filename
[MAX_PATH
];
1446 /* Crashes on NT4 */
1447 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0, 0, NULL
);
1448 GLE
= GetLastError();
1449 ok(!store
&& (GLE
== ERROR_PATH_NOT_FOUND
|| GLE
== ERROR_INVALID_PARAMETER
),
1450 "Expected ERROR_PATH_NOT_FOUND or ERROR_INVALID_PARAMETER, got %08x\n",
1454 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename
))
1456 DeleteFileW(filename
);
1458 /* The two flags are mutually exclusive */
1459 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1460 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
| CERT_STORE_READONLY_FLAG
, filename
);
1461 ok(!store
&& GetLastError() == E_INVALIDARG
,
1462 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1464 /* In all of the following tests, the encoding type seems to be ignored */
1465 if (initFileFromData(filename
, bigCert
, sizeof(bigCert
)))
1467 PCCERT_CONTEXT cert
;
1470 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1471 CERT_STORE_READONLY_FLAG
, filename
);
1472 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1474 cert
= CertEnumCertificatesInStore(store
, NULL
);
1475 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1477 cert
= CertEnumCertificatesInStore(store
, cert
);
1478 ok(!cert
, "Expected only one cert\n");
1479 if (pCertEnumCRLsInStore
)
1481 crl
= pCertEnumCRLsInStore(store
, NULL
);
1482 ok(!crl
, "Expected no CRLs\n");
1485 CertCloseStore(store
, 0);
1486 DeleteFileW(filename
);
1488 if (initFileFromData(filename
, serializedStoreWithCert
,
1489 sizeof(serializedStoreWithCert
)))
1491 PCCERT_CONTEXT cert
;
1494 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1495 CERT_STORE_READONLY_FLAG
, filename
);
1496 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1498 cert
= CertEnumCertificatesInStore(store
, NULL
);
1499 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1501 cert
= CertEnumCertificatesInStore(store
, cert
);
1502 ok(!cert
, "Expected only one cert\n");
1503 if (pCertEnumCRLsInStore
)
1505 crl
= pCertEnumCRLsInStore(store
, NULL
);
1506 ok(!crl
, "Expected no CRLs\n");
1509 CertCloseStore(store
, 0);
1510 DeleteFileW(filename
);
1512 if (initFileFromData(filename
, serializedStoreWithCertAndCRL
,
1513 sizeof(serializedStoreWithCertAndCRL
)))
1515 PCCERT_CONTEXT cert
;
1518 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1519 CERT_STORE_READONLY_FLAG
, filename
);
1520 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1522 cert
= CertEnumCertificatesInStore(store
, NULL
);
1523 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1525 cert
= CertEnumCertificatesInStore(store
, cert
);
1526 ok(!cert
, "Expected only one cert\n");
1527 if (pCertEnumCRLsInStore
)
1529 crl
= pCertEnumCRLsInStore(store
, NULL
);
1530 ok(crl
!= NULL
, "CertEnumCRLsInStore failed: %08x\n", GetLastError());
1531 crl
= pCertEnumCRLsInStore(store
, crl
);
1532 ok(!crl
, "Expected only one CRL\n");
1535 CertCloseStore(store
, 0);
1536 /* Don't delete it this time, the next test uses it */
1538 /* Now that the file exists, we can open it read-only */
1539 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1540 CERT_STORE_READONLY_FLAG
, filename
);
1541 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1542 CertCloseStore(store
, 0);
1543 DeleteFileW(filename
);
1545 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1546 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
| CERT_STORE_CREATE_NEW_FLAG
, filename
);
1547 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1550 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1551 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1552 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
1554 compareStore(store
, "serialized store with cert",
1555 serializedStoreWithCert
, sizeof(serializedStoreWithCert
), FALSE
);
1556 CertCloseStore(store
, 0);
1558 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1559 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, filename
);
1560 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1563 ret
= CertAddEncodedCRLToStore(store
, X509_ASN_ENCODING
,
1564 signedCRL
, sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, NULL
);
1565 ok(ret
, "CertAddEncodedCRLToStore failed: %08x\n", GetLastError());
1566 compareStore(store
, "serialized store with cert and CRL",
1567 serializedStoreWithCertAndCRL
, sizeof(serializedStoreWithCertAndCRL
),
1569 CertCloseStore(store
, 0);
1571 DeleteFileW(filename
);
1573 if (!GetTempFileNameW(szDot
, spcPrefix
, 0, filename
))
1575 DeleteFileW(filename
);
1577 if (initFileFromData(filename
, base64SPC
, sizeof(base64SPC
)))
1579 PCCERT_CONTEXT cert
;
1582 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1583 CERT_STORE_READONLY_FLAG
, filename
);
1584 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1586 cert
= CertEnumCertificatesInStore(store
, NULL
);
1587 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1589 cert
= CertEnumCertificatesInStore(store
, cert
);
1590 ok(!cert
, "Expected only one cert\n");
1591 if (pCertEnumCRLsInStore
)
1593 crl
= pCertEnumCRLsInStore(store
, NULL
);
1594 ok(!crl
, "Expected no CRLs\n");
1597 CertCloseStore(store
, 0);
1598 DeleteFileW(filename
);
1600 if (initFileFromData(filename
, (BYTE
*)utf16Base64SPC
,
1601 sizeof(utf16Base64SPC
)))
1603 PCCERT_CONTEXT cert
;
1606 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1607 CERT_STORE_READONLY_FLAG
, filename
);
1608 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1610 cert
= CertEnumCertificatesInStore(store
, NULL
);
1611 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1613 cert
= CertEnumCertificatesInStore(store
, cert
);
1614 ok(!cert
, "Expected only one cert\n");
1615 if (pCertEnumCRLsInStore
)
1617 crl
= pCertEnumCRLsInStore(store
, NULL
);
1618 ok(!crl
, "Expected no CRLs\n");
1621 CertCloseStore(store
, 0);
1622 DeleteFileW(filename
);
1626 static const BYTE signedContent
[] = {
1627 0x30,0x81,0xb2,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0,
1628 0x81,0xa4,0x30,0x81,0xa1,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,
1629 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,
1630 0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,
1631 0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,
1632 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1633 0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1634 0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,
1635 0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,
1636 0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,
1637 0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,
1638 0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,
1640 static const BYTE signedWithCertAndCrlBareContent
[] = {
1641 0x30,0x82,0x01,0x4f,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,
1642 0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,
1643 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0xa0,
1644 0x7c,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
1645 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1646 0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
1647 0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1648 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
1649 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1650 0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,
1651 0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,
1652 0x01,0xff,0x02,0x01,0x01,0xa1,0x2e,0x30,0x2c,0x30,0x02,0x06,0x00,0x30,0x15,
1653 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
1654 0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
1655 0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x31,0x77,0x30,0x75,0x02,0x01,0x01,
1656 0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,
1657 0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,
1658 0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,
1659 0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,
1660 0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,
1661 0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,
1662 0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,
1663 0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1664 static const BYTE hashContent
[] = {
1665 0x30,0x47,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x05,0xa0,0x3a,
1666 0x30,0x38,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1667 0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
1668 0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x04,0x10,0x08,0xd6,0xc0,
1669 0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
1670 static const BYTE hashBareContent
[] = {
1671 0x30,0x38,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1672 0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
1673 0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x04,0x10,0x08,0xd6,0xc0,
1674 0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
1676 static void testMessageStore(void)
1679 HCRYPTMSG msg
= CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING
, 0, 0, 0, NULL
,
1681 CRYPT_DATA_BLOB blob
= { sizeof(signedWithCertAndCrlBareContent
),
1682 (LPBYTE
)signedWithCertAndCrlBareContent
};
1687 store = CertOpenStore(CERT_STORE_PROV_MSG, 0, 0, 0, NULL);
1689 SetLastError(0xdeadbeef);
1690 store
= CertOpenStore(CERT_STORE_PROV_MSG
, 0, 0, 0, msg
);
1691 ok(!store
&& GetLastError() == CRYPT_E_INVALID_MSG_TYPE
,
1692 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
1693 CryptMsgUpdate(msg
, signedContent
, sizeof(signedContent
), TRUE
);
1694 store
= CertOpenStore(CERT_STORE_PROV_MSG
, 0, 0, 0, msg
);
1695 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1698 PCCERT_CONTEXT cert
= NULL
;
1699 PCCRL_CONTEXT crl
= NULL
;
1703 cert
= CertEnumCertificatesInStore(store
, cert
);
1707 ok(count
== 0, "Expected 0 certificates, got %d\n", count
);
1709 if (pCertEnumCRLsInStore
)
1713 crl
= pCertEnumCRLsInStore(store
, crl
);
1717 ok(count
== 0, "Expected 0 CRLs, got %d\n", count
);
1720 /* Can add certs to a message store */
1721 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1722 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1723 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
1727 cert
= CertEnumCertificatesInStore(store
, cert
);
1731 ok(count
== 1, "Expected 1 certificate, got %d\n", count
);
1733 CertCloseStore(store
, 0);
1735 /* but the added certs weren't actually added to the message */
1736 size
= sizeof(count
);
1737 ret
= CryptMsgGetParam(msg
, CMSG_CERT_COUNT_PARAM
, 0, &count
, &size
);
1738 ok(ret
, "CryptMsgGetParam failed: %08x\n", GetLastError());
1739 ok(count
== 0, "Expected 0 certificates, got %d\n", count
);
1743 store = CertOpenStore(CERT_STORE_PROV_PKCS7, 0, 0, 0, NULL);
1745 store
= CertOpenStore(CERT_STORE_PROV_PKCS7
, 0, 0, 0, &blob
);
1746 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1750 PCCERT_CONTEXT cert
= NULL
;
1751 PCCRL_CONTEXT crl
= NULL
;
1754 cert
= CertEnumCertificatesInStore(store
, cert
);
1758 ok(count
== 1, "Expected 1 certificate, got %d\n", count
);
1760 if (pCertEnumCRLsInStore
)
1764 crl
= pCertEnumCRLsInStore(store
, crl
);
1768 ok(count
== 1, "Expected 1 CRL, got %d\n", count
);
1770 CertCloseStore(store
, 0);
1772 /* Encoding appears to be ignored */
1773 store
= CertOpenStore(CERT_STORE_PROV_PKCS7
, X509_ASN_ENCODING
, 0, 0,
1775 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1777 CertCloseStore(store
, 0);
1778 /* Messages other than signed messages aren't allowed */
1779 blob
.cbData
= sizeof(hashContent
);
1780 blob
.pbData
= (LPBYTE
)hashContent
;
1781 SetLastError(0xdeadbeef);
1782 store
= CertOpenStore(CERT_STORE_PROV_PKCS7
, 0, 0, 0, &blob
);
1783 ok(!store
&& GetLastError() == CRYPT_E_INVALID_MSG_TYPE
,
1784 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
1785 blob
.cbData
= sizeof(hashBareContent
);
1786 blob
.pbData
= (LPBYTE
)hashBareContent
;
1787 SetLastError(0xdeadbeef);
1788 store
= CertOpenStore(CERT_STORE_PROV_PKCS7
, 0, 0, 0, &blob
);
1790 (GetLastError() == CRYPT_E_ASN1_BADTAG
||
1791 broken(GetLastError() == OSS_DATA_ERROR
)), /* NT4 */
1792 "Expected CRYPT_E_ASN1_BADTAG, got %08x\n", GetLastError());
1795 static void testSerializedStore(void)
1798 CRYPT_DATA_BLOB blob
;
1803 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0, 0, NULL
);
1804 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0,
1805 CERT_STORE_DELETE_FLAG
, NULL
);
1807 blob
.cbData
= sizeof(serializedStoreWithCert
);
1808 blob
.pbData
= (BYTE
*)serializedStoreWithCert
;
1809 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0,
1810 CERT_STORE_DELETE_FLAG
, &blob
);
1811 ok(!store
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
1812 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1813 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0, 0, &blob
);
1814 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1817 PCCERT_CONTEXT cert
;
1820 cert
= CertEnumCertificatesInStore(store
, NULL
);
1821 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1823 cert
= CertEnumCertificatesInStore(store
, cert
);
1824 ok(!cert
, "Expected only one cert\n");
1825 if (pCertEnumCRLsInStore
)
1827 crl
= pCertEnumCRLsInStore(store
, NULL
);
1828 ok(!crl
, "Expected no CRLs\n");
1830 CertCloseStore(store
, 0);
1832 blob
.cbData
= sizeof(serializedStoreWithCertAndCRL
);
1833 blob
.pbData
= (BYTE
*)serializedStoreWithCertAndCRL
;
1834 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0, 0, &blob
);
1835 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1838 PCCERT_CONTEXT cert
;
1841 cert
= CertEnumCertificatesInStore(store
, NULL
);
1842 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1844 cert
= CertEnumCertificatesInStore(store
, cert
);
1845 ok(!cert
, "Expected only one cert\n");
1846 if (pCertEnumCRLsInStore
)
1848 crl
= pCertEnumCRLsInStore(store
, NULL
);
1849 ok(crl
!= NULL
, "CertEnumCRLsInStore failed: %08x\n",
1851 crl
= pCertEnumCRLsInStore(store
, crl
);
1852 ok(!crl
, "Expected only one CRL\n");
1854 CertCloseStore(store
, 0);
1858 static void testCertOpenSystemStore(void)
1862 store
= CertOpenSystemStoreW(0, NULL
);
1863 ok(!store
&& GetLastError() == E_INVALIDARG
,
1864 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1865 /* This succeeds, and on WinXP at least, the Bogus key is created under
1866 * HKCU (but not under HKLM, even when run as an administrator.)
1868 store
= CertOpenSystemStoreW(0, BogusW
);
1869 ok(store
!= 0, "CertOpenSystemStore failed: %08x\n", GetLastError());
1871 CertCloseStore(store
, 0);
1872 /* Delete it so other tests succeed next time around */
1873 CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1874 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_DELETE_FLAG
, BogusW
);
1875 RegDeleteKeyW(HKEY_CURRENT_USER
, BogusPathW
);
1878 struct EnumSystemStoreInfo
1884 static BOOL CALLBACK
enumSystemStoreCB(const void *systemStore
, DWORD dwFlags
,
1885 PCERT_SYSTEM_STORE_INFO pStoreInfo
, void *pvReserved
, void *pvArg
)
1887 struct EnumSystemStoreInfo
*info
= pvArg
;
1893 static void testCertEnumSystemStore(void)
1896 struct EnumSystemStoreInfo info
= { FALSE
, 0 };
1898 if (!pCertEnumSystemStore
)
1900 win_skip("CertEnumSystemStore() is not available\n");
1904 SetLastError(0xdeadbeef);
1905 ret
= pCertEnumSystemStore(0, NULL
, NULL
, NULL
);
1906 ok(!ret
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1907 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1909 ret = pCertEnumSystemStore(CERT_SYSTEM_STORE_LOCAL_MACHINE, NULL, NULL,
1913 SetLastError(0xdeadbeef);
1914 ret
= pCertEnumSystemStore(CERT_SYSTEM_STORE_LOCAL_MACHINE
, NULL
, &info
,
1916 /* Callback returning FALSE stops enumeration */
1917 ok(!ret
, "Expected CertEnumSystemStore to stop\n");
1918 ok(info
.storeCount
== 0 || info
.storeCount
== 1,
1919 "Expected 0 or 1 stores\n");
1922 info
.storeCount
= 0;
1923 ret
= pCertEnumSystemStore(CERT_SYSTEM_STORE_LOCAL_MACHINE
, NULL
, &info
,
1925 ok(ret
, "CertEnumSystemStore failed: %08x\n", GetLastError());
1926 /* There should always be at least My, Root, and CA stores */
1927 ok(info
.storeCount
== 0 || info
.storeCount
>= 3,
1928 "Expected at least 3 stores\n");
1931 static void testStoreProperty(void)
1935 DWORD propID
, size
= 0, state
;
1936 CRYPT_DATA_BLOB blob
;
1938 if (!pCertGetStoreProperty
|| !pCertSetStoreProperty
)
1940 win_skip("CertGet/SetStoreProperty() is not available\n");
1945 ret = pCertGetStoreProperty(NULL, 0, NULL, NULL);
1946 ret = pCertGetStoreProperty(NULL, 0, NULL, &size);
1947 ret = pCertGetStoreProperty(store, 0, NULL, NULL);
1950 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1951 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1952 /* Check a missing prop ID */
1953 SetLastError(0xdeadbeef);
1954 ret
= pCertGetStoreProperty(store
, 0, NULL
, &size
);
1955 ok(!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
,
1956 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1957 /* Contrary to MSDN, CERT_ACCESS_STATE_PROP_ID is supported for stores.. */
1958 size
= sizeof(state
);
1959 ret
= pCertGetStoreProperty(store
, CERT_ACCESS_STATE_PROP_ID
, &state
, &size
);
1960 ok(ret
, "CertGetStoreProperty failed for CERT_ACCESS_STATE_PROP_ID: %08x\n",
1962 ok(!state
, "Expected a non-persisted store\n");
1963 /* and CERT_STORE_LOCALIZED_NAME_PROP_ID isn't supported by default. */
1965 ret
= pCertGetStoreProperty(store
, CERT_STORE_LOCALIZED_NAME_PROP_ID
, NULL
,
1967 ok(!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
,
1968 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1969 /* Delete an arbitrary property on a store */
1970 ret
= pCertSetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, 0, NULL
);
1971 ok(ret
, "CertSetStoreProperty failed: %08x\n", GetLastError());
1972 /* Set an arbitrary property on a store */
1973 blob
.pbData
= (LPBYTE
)&state
;
1974 blob
.cbData
= sizeof(state
);
1975 ret
= pCertSetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, 0, &blob
);
1976 ok(ret
, "CertSetStoreProperty failed: %08x\n", GetLastError());
1977 /* Get an arbitrary property that's been set */
1978 ret
= pCertGetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, NULL
, &size
);
1979 ok(ret
, "CertGetStoreProperty failed: %08x\n", GetLastError());
1980 ok(size
== sizeof(state
), "Unexpected data size %d\n", size
);
1981 ret
= pCertGetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, &propID
, &size
);
1982 ok(ret
, "CertGetStoreProperty failed: %08x\n", GetLastError());
1983 ok(propID
== state
, "CertGetStoreProperty got the wrong value\n");
1984 /* Delete it again */
1985 ret
= pCertSetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, 0, NULL
);
1986 ok(ret
, "CertSetStoreProperty failed: %08x\n", GetLastError());
1987 /* And check that it's missing */
1988 SetLastError(0xdeadbeef);
1989 ret
= pCertGetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, NULL
, &size
);
1990 ok(!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
,
1991 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1992 CertCloseStore(store
, 0);
1994 /* Recheck on the My store.. */
1995 store
= CertOpenSystemStoreW(0, MyW
);
1996 size
= sizeof(state
);
1997 ret
= pCertGetStoreProperty(store
, CERT_ACCESS_STATE_PROP_ID
, &state
, &size
);
1998 ok(ret
, "CertGetStoreProperty failed for CERT_ACCESS_STATE_PROP_ID: %08x\n",
2000 ok(state
, "Expected a persisted store\n");
2001 SetLastError(0xdeadbeef);
2003 ret
= pCertGetStoreProperty(store
, CERT_STORE_LOCALIZED_NAME_PROP_ID
, NULL
,
2005 ok(!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
,
2006 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2007 CertCloseStore(store
, 0);
2010 static void testAddSerialized(void)
2014 BYTE buf
[sizeof(struct CertPropIDHeader
) * 2 + 20 + sizeof(bigCert
)] =
2017 struct CertPropIDHeader
*hdr
;
2018 PCCERT_CONTEXT context
;
2020 ret
= CertAddSerializedElementToStore(0, NULL
, 0, 0, 0, 0, NULL
, NULL
);
2021 ok(!ret
&& GetLastError() == ERROR_END_OF_MEDIA
,
2022 "Expected ERROR_END_OF_MEDIA, got %08x\n", GetLastError());
2024 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2025 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2026 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
2028 ret
= CertAddSerializedElementToStore(store
, NULL
, 0, 0, 0, 0, NULL
, NULL
);
2029 ok(!ret
&& GetLastError() == ERROR_END_OF_MEDIA
,
2030 "Expected ERROR_END_OF_MEDIA, got %08x\n", GetLastError());
2032 /* Test with an empty property */
2033 hdr
= (struct CertPropIDHeader
*)buf
;
2034 hdr
->propID
= CERT_CERT_PROP_ID
;
2037 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0, 0,
2039 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2040 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2041 /* Test with a bad size in property header */
2042 hdr
->cb
= sizeof(bigCert
) - 1;
2043 memcpy(buf
+ sizeof(struct CertPropIDHeader
), bigCert
, sizeof(bigCert
));
2044 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0, 0,
2046 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2047 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2048 ret
= CertAddSerializedElementToStore(store
, buf
,
2049 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), 0, 0, 0, NULL
,
2051 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2052 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2053 ret
= CertAddSerializedElementToStore(store
, buf
,
2054 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2056 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2057 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2058 /* Kosher size in property header, but no context type */
2059 hdr
->cb
= sizeof(bigCert
);
2060 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0, 0,
2062 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2063 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2064 ret
= CertAddSerializedElementToStore(store
, buf
,
2065 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), 0, 0, 0, NULL
,
2067 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2068 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2069 ret
= CertAddSerializedElementToStore(store
, buf
,
2070 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2072 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2073 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2074 /* With a bad context type */
2075 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0,
2076 CERT_STORE_CRL_CONTEXT_FLAG
, NULL
, NULL
);
2077 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2078 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2079 ret
= CertAddSerializedElementToStore(store
, buf
,
2080 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), 0, 0,
2081 CERT_STORE_CRL_CONTEXT_FLAG
, NULL
, NULL
);
2082 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2083 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2084 ret
= CertAddSerializedElementToStore(store
, buf
,
2085 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2086 0, CERT_STORE_CRL_CONTEXT_FLAG
, NULL
, NULL
);
2087 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2088 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2089 /* Bad unknown field, good type */
2091 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0,
2092 CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2093 ok(!ret
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
2094 "Expected ERROR_FILE_NOT_FOUND got %08x\n", GetLastError());
2095 ret
= CertAddSerializedElementToStore(store
, buf
,
2096 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), 0, 0,
2097 CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2098 ok(!ret
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
2099 "Expected ERROR_FILE_NOT_FOUND got %08x\n", GetLastError());
2100 ret
= CertAddSerializedElementToStore(store
, buf
,
2101 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2102 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2103 ok(!ret
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
2104 "Expected ERROR_FILE_NOT_FOUND got %08x\n", GetLastError());
2105 /* Most everything okay, but bad add disposition */
2108 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf), 0, 0,
2109 CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2111 ret = CertAddSerializedElementToStore(store, buf,
2112 sizeof(struct CertPropIDHeader) + sizeof(bigCert), 0, 0,
2113 CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2115 /* Everything okay, but buffer's too big */
2116 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
),
2117 CERT_STORE_ADD_NEW
, 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2118 ok(ret
, "CertAddSerializedElementToStore failed: %08x\n", GetLastError());
2119 /* Everything okay, check it's not re-added */
2120 ret
= CertAddSerializedElementToStore(store
, buf
,
2121 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2122 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2123 ok(!ret
&& GetLastError() == CRYPT_E_EXISTS
,
2124 "Expected CRYPT_E_EXISTS, got %08x\n", GetLastError());
2126 context
= CertEnumCertificatesInStore(store
, NULL
);
2127 ok(context
!= NULL
, "Expected a cert\n");
2129 CertDeleteCertificateFromStore(context
);
2131 /* Try adding with a bogus hash. Oddly enough, it succeeds, and the hash,
2132 * when queried, is the real hash rather than the bogus hash.
2134 hdr
= (struct CertPropIDHeader
*)(buf
+ sizeof(struct CertPropIDHeader
) +
2136 hdr
->propID
= CERT_HASH_PROP_ID
;
2138 hdr
->cb
= sizeof(hash
);
2139 memset(hash
, 0xc, sizeof(hash
));
2140 memcpy((LPBYTE
)hdr
+ sizeof(struct CertPropIDHeader
), hash
, sizeof(hash
));
2141 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
),
2142 CERT_STORE_ADD_NEW
, 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
,
2143 (const void **)&context
);
2144 ok(ret
, "CertAddSerializedElementToStore failed: %08x\n", GetLastError());
2147 BYTE hashVal
[20], realHash
[20];
2148 DWORD size
= sizeof(hashVal
);
2150 ret
= CryptHashCertificate(0, 0, 0, bigCert
, sizeof(bigCert
),
2152 ok(ret
, "CryptHashCertificate failed: %08x\n", GetLastError());
2153 ret
= CertGetCertificateContextProperty(context
, CERT_HASH_PROP_ID
,
2155 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n",
2157 ok(!memcmp(hashVal
, realHash
, size
), "Unexpected hash\n");
2158 CertFreeCertificateContext(context
);
2161 CertCloseStore(store
, 0);
2164 static const BYTE serializedCertWithFriendlyName
[] = {
2165 0x0b,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x12,0x00,0x00,0x00,0x57,0x00,0x69,
2166 0x00,0x6e,0x00,0x65,0x00,0x54,0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x00,0x00,
2167 0x20,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,
2168 0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,
2169 0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,
2170 0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,
2171 0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,
2172 0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,
2173 0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,
2174 0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,
2175 0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,
2177 static const BYTE serializedStoreWithCertWithFriendlyName
[] = {
2178 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x0b,0x00,0x00,0x00,0x01,0x00,0x00,
2179 0x00,0x12,0x00,0x00,0x00,0x57,0x00,0x69,0x00,0x6e,0x00,0x65,0x00,0x54,0x00,
2180 0x65,0x00,0x73,0x00,0x74,0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x00,
2181 0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,
2182 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
2183 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,
2184 0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,
2185 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,
2186 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
2187 0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,
2188 0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,
2189 0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x00,0x00,0x00,0x00,0x00,0x00,
2190 0x00,0x00,0x00,0x00,0x00,0x00 };
2191 static const BYTE serializedStoreWithCertAndHash
[] = {
2192 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x03,0x00,0x00,0x00,0x01,0x00,0x00,
2193 0x00,0x14,0x00,0x00,0x00,0x6e,0x30,0x90,0x71,0x5f,0xd9,0x23,0x56,0xeb,0xae,
2194 0x25,0x40,0xe6,0x22,0xda,0x19,0x26,0x02,0xa6,0x08,0x20,0x00,0x00,0x00,0x01,
2195 0x00,0x00,0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,
2196 0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,
2197 0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,
2198 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,
2199 0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,
2200 0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,
2201 0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,
2202 0x01,0x00,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,
2203 0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x00,0x00,0x00,0x00,
2204 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
2206 static void testAddCertificateLink(void)
2209 HCERTSTORE store1
, store2
;
2210 PCCERT_CONTEXT source
, linked
;
2213 CERT_NAME_BLOB blob
;
2214 static const WCHAR szPrefix
[] = { 'c','e','r',0 };
2215 static const WCHAR szDot
[] = { '.',0 };
2216 static const WCHAR WineTestW
[] = { 'W','i','n','e','T','e','s','t',0 };
2217 WCHAR filename1
[MAX_PATH
], filename2
[MAX_PATH
];
2220 if (!pCertAddCertificateLinkToStore
)
2222 win_skip("CertAddCertificateLinkToStore not found\n");
2228 /* Crashes, i.e. the store is dereferenced without checking. */
2229 ret
= pCertAddCertificateLinkToStore(NULL
, NULL
, 0, NULL
);
2232 /* Adding a certificate link to a store requires a valid add disposition */
2233 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2234 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2235 SetLastError(0xdeadbeef);
2236 ret
= pCertAddCertificateLinkToStore(store1
, NULL
, 0, NULL
);
2237 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2238 "expected E_INVALIDARG, got %08x\n", GetLastError());
2239 source
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
,
2241 SetLastError(0xdeadbeef);
2242 ret
= pCertAddCertificateLinkToStore(store1
, source
, 0, NULL
);
2243 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2244 "expected E_INVALIDARG, got %08x\n", GetLastError());
2245 ret
= pCertAddCertificateLinkToStore(store1
, source
, CERT_STORE_ADD_ALWAYS
,
2247 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2250 /* Crashes, i.e. the source certificate is dereferenced without
2251 * checking when a valid add disposition is given.
2253 ret
= pCertAddCertificateLinkToStore(store1
, NULL
, CERT_STORE_ADD_ALWAYS
,
2256 CertCloseStore(store1
, 0);
2258 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2259 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2260 ret
= pCertAddCertificateLinkToStore(store1
, source
, CERT_STORE_ADD_ALWAYS
,
2262 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2265 ok(linked
->hCertStore
== store1
, "unexpected store\n");
2266 ret
= CertSerializeCertificateStoreElement(linked
, 0, NULL
, &size
);
2267 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2269 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2272 ret
= CertSerializeCertificateStoreElement(linked
, 0, buf
, &size
);
2273 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2275 /* The serialized linked certificate is identical to the serialized
2276 * original certificate.
2278 ok(size
== sizeof(serializedCert
), "Wrong size %d\n", size
);
2279 ok(!memcmp(serializedCert
, buf
, size
),
2280 "Unexpected serialized cert\n");
2281 HeapFree(GetProcessHeap(), 0, buf
);
2283 /* Set a friendly name on the source certificate... */
2284 blob
.pbData
= (LPBYTE
)WineTestW
;
2285 blob
.cbData
= sizeof(WineTestW
);
2286 ret
= CertSetCertificateContextProperty(source
,
2287 CERT_FRIENDLY_NAME_PROP_ID
, 0, &blob
);
2288 ok(ret
, "CertSetCertificateContextProperty failed: %08x\n",
2290 /* and the linked certificate has the same friendly name. */
2291 ret
= CertGetCertificateContextProperty(linked
,
2292 CERT_FRIENDLY_NAME_PROP_ID
, NULL
, &size
);
2293 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n",
2295 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2298 ret
= CertGetCertificateContextProperty(linked
,
2299 CERT_FRIENDLY_NAME_PROP_ID
, buf
, &size
);
2300 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n",
2302 ok(!lstrcmpW((LPCWSTR
)buf
, WineTestW
),
2303 "unexpected friendly name\n");
2304 HeapFree(GetProcessHeap(), 0, buf
);
2306 CertFreeCertificateContext(linked
);
2308 CertFreeCertificateContext(source
);
2309 CertCloseStore(store1
, 0);
2311 /* Test adding a cert to a file store, committing the change to the store,
2312 * and creating a link to the resulting cert.
2314 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename1
))
2317 DeleteFileW(filename1
);
2318 file
= CreateFileW(filename1
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
2319 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
2320 if (file
== INVALID_HANDLE_VALUE
)
2323 store1
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
2324 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
2325 ok(store1
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2328 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
2329 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &source
);
2330 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
2333 /* Test adding a link to a memory store. */
2334 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2335 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2336 ret
= pCertAddCertificateLinkToStore(store2
, source
, CERT_STORE_ADD_ALWAYS
,
2338 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2341 ok(linked
->hCertStore
== store2
, "unexpected store\n");
2342 ret
= CertSerializeCertificateStoreElement(linked
, 0, NULL
, &size
);
2343 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2345 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2348 ret
= CertSerializeCertificateStoreElement(linked
, 0, buf
, &size
);
2349 /* The serialized linked certificate is identical to the serialized
2350 * original certificate.
2352 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n", GetLastError());
2353 ok(size
== sizeof(serializedCert
), "Wrong size %d\n", size
);
2354 ok(!memcmp(serializedCert
, buf
, size
),
2355 "Unexpected serialized cert\n");
2356 HeapFree(GetProcessHeap(), 0, buf
);
2358 /* Set a friendly name on the source certificate... */
2359 blob
.pbData
= (LPBYTE
)WineTestW
;
2360 blob
.cbData
= sizeof(WineTestW
);
2361 ret
= CertSetCertificateContextProperty(source
,
2362 CERT_FRIENDLY_NAME_PROP_ID
, 0, &blob
);
2363 ok(ret
, "CertSetCertificateContextProperty failed: %08x\n",
2365 /* and the linked certificate has the same friendly name. */
2366 ret
= CertGetCertificateContextProperty(linked
,
2367 CERT_FRIENDLY_NAME_PROP_ID
, NULL
, &size
);
2368 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n",
2370 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2373 ret
= CertGetCertificateContextProperty(linked
,
2374 CERT_FRIENDLY_NAME_PROP_ID
, buf
, &size
);
2375 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n", GetLastError());
2376 ok(!lstrcmpW((LPCWSTR
)buf
, WineTestW
),
2377 "unexpected friendly name\n");
2378 HeapFree(GetProcessHeap(), 0, buf
);
2380 CertFreeCertificateContext(linked
);
2382 CertCloseStore(store2
, 0);
2384 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename2
))
2387 DeleteFileW(filename2
);
2388 file
= CreateFileW(filename2
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
2389 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
2390 if (file
== INVALID_HANDLE_VALUE
)
2393 store2
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
2394 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
2395 ok(store2
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2397 /* Test adding a link to a file store. */
2398 ret
= pCertAddCertificateLinkToStore(store2
, source
, CERT_STORE_ADD_ALWAYS
,
2400 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2403 ok(linked
->hCertStore
== store2
, "unexpected store\n");
2404 ret
= CertSerializeCertificateStoreElement(linked
, 0, NULL
, &size
);
2405 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2407 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2410 ret
= CertSerializeCertificateStoreElement(linked
, 0, buf
, &size
);
2411 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2413 /* The serialized linked certificate now contains the friendly
2416 ok(size
== sizeof(serializedCertWithFriendlyName
),
2417 "Wrong size %d\n", size
);
2418 ok(!memcmp(serializedCertWithFriendlyName
, buf
, size
),
2419 "Unexpected serialized cert\n");
2420 HeapFree(GetProcessHeap(), 0, buf
);
2422 CertFreeCertificateContext(linked
);
2423 compareStore(store2
, "file store -> file store",
2424 serializedStoreWithCertWithFriendlyName
,
2425 sizeof(serializedStoreWithCertWithFriendlyName
), FALSE
);
2427 CertCloseStore(store2
, 0);
2428 DeleteFileW(filename2
);
2430 CertFreeCertificateContext(source
);
2432 CertCloseStore(store1
, 0);
2433 DeleteFileW(filename1
);
2435 /* Test adding a link to a system store (which is a collection store.) */
2436 store1
= CertOpenSystemStoreA(0, "My");
2437 source
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
,
2439 SetLastError(0xdeadbeef);
2440 ret
= pCertAddCertificateLinkToStore(store1
, source
, CERT_STORE_ADD_ALWAYS
,
2442 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2443 "expected E_INVALIDARG, got %08x\n", GetLastError());
2444 CertFreeCertificateContext(source
);
2446 /* Test adding a link to a file store, where the linked certificate is
2447 * in a system store.
2449 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
2450 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &source
);
2451 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
2453 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename1
))
2456 DeleteFileW(filename1
);
2457 file
= CreateFileW(filename1
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
2458 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
2459 if (file
== INVALID_HANDLE_VALUE
)
2462 store2
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
2463 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
2464 ok(store2
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2467 ret
= pCertAddCertificateLinkToStore(store2
, source
, CERT_STORE_ADD_ALWAYS
,
2469 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2472 ok(linked
->hCertStore
== store2
, "unexpected store\n");
2473 ret
= pCertControlStore(store2
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
2474 ok(ret
, "CertControlStore failed: %d\n", ret
);
2475 compareStore(store2
, "file store -> system store",
2476 serializedStoreWithCertAndHash
,
2477 sizeof(serializedStoreWithCertAndHash
), TRUE
);
2478 CertFreeCertificateContext(linked
);
2481 CertCloseStore(store2
, 0);
2482 DeleteFileW(filename1
);
2484 /* Test adding a link to a registry store, where the linked certificate is
2485 * in a system store.
2487 store2
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
2488 CERT_SYSTEM_STORE_CURRENT_USER
, WineTestW
);
2489 ok(store2
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2490 ret
= pCertAddCertificateLinkToStore(store2
, source
, CERT_STORE_ADD_ALWAYS
,
2492 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2495 ok(linked
->hCertStore
== store2
, "unexpected store\n");
2496 CertDeleteCertificateFromStore(linked
);
2498 CertCloseStore(store2
, 0);
2500 CertFreeCertificateContext(source
);
2501 CertCloseStore(store1
, 0);
2504 static DWORD
countCertsInStore(HCERTSTORE store
)
2506 PCCERT_CONTEXT cert
= NULL
;
2510 cert
= CertEnumCertificatesInStore(store
, cert
);
2517 static DWORD
countCRLsInStore(HCERTSTORE store
)
2519 PCCRL_CONTEXT crl
= NULL
;
2523 crl
= pCertEnumCRLsInStore(store
, crl
);
2530 static void testEmptyStore(void)
2532 const CERT_CONTEXT
*cert
, *cert2
, *cert3
;
2533 const CRL_CONTEXT
*crl
;
2534 const CTL_CONTEXT
*ctl
;
2538 cert
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
, sizeof(bigCert
));
2539 ok(cert
!= NULL
, "CertCreateCertificateContext failed\n");
2540 ok(cert
->hCertStore
!= NULL
, "cert->hCertStore == NULL\n");
2541 if(!cert
->hCertStore
) {
2542 CertFreeCertificateContext(cert
);
2546 test_store_is_empty(cert
->hCertStore
);
2548 cert2
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert2
, sizeof(bigCert2
));
2549 ok(cert2
!= NULL
, "CertCreateCertificateContext failed\n");
2550 ok(cert2
->hCertStore
== cert
->hCertStore
, "Unexpected hCertStore\n");
2552 test_store_is_empty(cert2
->hCertStore
);
2554 res
= CertAddCertificateContextToStore(cert
->hCertStore
, cert2
, CERT_STORE_ADD_NEW
, &cert3
);
2555 ok(res
, "CertAddCertificateContextToStore failed\n");
2557 ok(cert3
&& cert3
!= cert2
, "Unexpected cert3\n");
2558 ok(cert3
->hCertStore
== cert
->hCertStore
, "Unexpected hCertStore\n");
2560 test_store_is_empty(cert
->hCertStore
);
2562 res
= CertDeleteCertificateFromStore(cert3
);
2563 ok(res
, "CertDeleteCertificateContextFromStore failed\n");
2564 ok(cert3
->hCertStore
== cert
->hCertStore
, "Unexpected hCertStore\n");
2566 CertFreeCertificateContext(cert3
);
2568 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2569 ok(store
!= NULL
, "CertOpenStore failed\n");
2571 res
= CertAddCertificateContextToStore(store
, cert2
, CERT_STORE_ADD_NEW
, &cert3
);
2572 ok(res
, "CertAddCertificateContextToStore failed\n");
2573 ok(cert3
&& cert3
!= cert2
, "Unexpected cert3\n");
2574 ok(cert3
->hCertStore
== store
, "Unexpected hCertStore\n");
2576 res
= CertDeleteCertificateFromStore(cert3
);
2577 ok(res
, "CertDeleteCertificateContextFromStore failed\n");
2578 ok(cert3
->hCertStore
== store
, "Unexpected hCertStore\n");
2580 CertFreeCertificateContext(cert3
);
2582 CertCloseStore(store
, 0);
2584 res
= CertCloseStore(cert
->hCertStore
, CERT_CLOSE_STORE_CHECK_FLAG
);
2585 ok(!res
&& GetLastError() == E_UNEXPECTED
, "CertCloseStore returned: %x(%x)\n", res
, GetLastError());
2587 res
= CertCloseStore(cert
->hCertStore
, 0);
2588 ok(!res
&& GetLastError() == E_UNEXPECTED
, "CertCloseStore returned: %x(%x)\n", res
, GetLastError());
2590 CertFreeCertificateContext(cert2
);
2592 crl
= CertCreateCRLContext(X509_ASN_ENCODING
, signedCRL
, sizeof(signedCRL
));
2593 ok(crl
!= NULL
, "CertCreateCRLContext failed\n");
2594 ok(crl
->hCertStore
== cert
->hCertStore
, "unexpected hCertStore\n");
2596 CertFreeCRLContext(crl
);
2598 ctl
= CertCreateCTLContext(X509_ASN_ENCODING
, signedCTLWithCTLInnerContent
, sizeof(signedCTLWithCTLInnerContent
));
2599 ok(ctl
!= NULL
, "CertCreateCTLContext failed\n");
2600 ok(ctl
->hCertStore
== cert
->hCertStore
, "unexpected hCertStore\n");
2602 CertFreeCTLContext(ctl
);
2604 CertFreeCertificateContext(cert
);
2607 static void testCloseStore(void)
2609 const CERT_CONTEXT
*cert
;
2610 const CRL_CONTEXT
*crl
;
2611 const CTL_CONTEXT
*ctl
;
2612 HCERTSTORE store
, store2
;
2615 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2616 ok(store
!= NULL
, "CertOpenStore failed\n");
2618 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
2619 ok(res
, "CertCloseStore failed\n");
2621 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2622 ok(store
!= NULL
, "CertOpenStore failed\n");
2624 store2
= CertDuplicateStore(store
);
2625 ok(store2
!= NULL
, "CertCloneStore failed\n");
2626 ok(store2
== store
, "unexpected store2\n");
2628 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
2629 ok(!res
&& GetLastError() == CRYPT_E_PENDING_CLOSE
, "CertCloseStore failed\n");
2631 res
= CertCloseStore(store2
, CERT_CLOSE_STORE_CHECK_FLAG
);
2632 ok(res
, "CertCloseStore failed\n");
2634 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2635 ok(store
!= NULL
, "CertOpenStore failed\n");
2637 res
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
, bigCert
,
2638 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &cert
);
2639 ok(res
, "CertAddEncodedCertificateToStore failed\n");
2641 /* There is still a reference from cert */
2642 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
2643 ok(!res
&& GetLastError() == CRYPT_E_PENDING_CLOSE
, "CertCloseStore failed\n");
2645 res
= CertFreeCertificateContext(cert
);
2646 ok(res
, "CertFreeCertificateContext failed\n");
2648 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2649 ok(store
!= NULL
, "CertOpenStore failed\n");
2651 res
= CertAddEncodedCRLToStore(store
, X509_ASN_ENCODING
, signedCRL
,
2652 sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, &crl
);
2653 ok(res
, "CertAddEncodedCRLToStore failed\n");
2655 /* There is still a reference from CRL */
2656 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
2657 ok(!res
&& GetLastError() == CRYPT_E_PENDING_CLOSE
, "CertCloseStore failed\n");
2659 res
= CertFreeCRLContext(crl
);
2660 ok(res
, "CertFreeCRLContext failed\n");
2662 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2663 ok(store
!= NULL
, "CertOpenStore failed\n");
2665 res
= CertAddEncodedCTLToStore(store
, X509_ASN_ENCODING
, signedCTLWithCTLInnerContent
,
2666 sizeof(signedCTLWithCTLInnerContent
), CERT_STORE_ADD_ALWAYS
, &ctl
);
2667 ok(res
, "CertAddEncodedCTLToStore failed\n");
2669 /* There is still a reference from CTL */
2670 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
2671 ok(!res
&& GetLastError() == CRYPT_E_PENDING_CLOSE
, "CertCloseStore returned: %x(%u)\n", res
, GetLastError());
2673 res
= CertFreeCTLContext(ctl
);
2674 ok(res
, "CertFreeCTLContext failed\n");
2676 /* Add all kinds of contexts, then release external references and make sure that store is properly closed. */
2677 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2678 ok(store
!= NULL
, "CertOpenStore failed\n");
2680 res
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
, bigCert
,
2681 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &cert
);
2682 ok(res
, "CertAddEncodedCertificateToStore failed\n");
2684 res
= CertAddEncodedCRLToStore(store
, X509_ASN_ENCODING
, signedCRL
,
2685 sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, &crl
);
2686 ok(res
, "CertAddEncodedCRLToStore failed\n");
2688 res
= CertAddEncodedCTLToStore(store
, X509_ASN_ENCODING
, signedCTLWithCTLInnerContent
,
2689 sizeof(signedCTLWithCTLInnerContent
), CERT_STORE_ADD_ALWAYS
, &ctl
);
2690 ok(res
, "CertAddEncodedCTLToStore failed\n");
2692 CertFreeCertificateContext(cert
);
2693 CertFreeCRLContext(crl
);
2694 CertFreeCTLContext(ctl
);
2696 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
2697 ok(res
, "CertCloseStore failed\n");
2700 static void test_I_UpdateStore(void)
2702 HMODULE lib
= GetModuleHandleA("crypt32");
2703 BOOL (WINAPI
*pI_CertUpdatestore
)(HCERTSTORE
, HCERTSTORE
, DWORD
, DWORD
) =
2704 (void *)GetProcAddress(lib
, "I_CertUpdateStore");
2706 HCERTSTORE store1
, store2
;
2707 PCCERT_CONTEXT cert
;
2710 if (!pI_CertUpdatestore
)
2712 win_skip("No I_CertUpdateStore\n");
2715 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2716 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2717 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2718 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2721 ret = pI_CertUpdatestore(NULL, NULL, 0, 0);
2722 ret = pI_CertUpdatestore(store1, NULL, 0, 0);
2723 ret = pI_CertUpdatestore(NULL, store2, 0, 0);
2725 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
2726 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
2728 CertAddEncodedCertificateToStore(store2
, X509_ASN_ENCODING
, bigCert
,
2729 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &cert
);
2730 /* I_CertUpdateStore adds the contexts from store2 to store1 */
2731 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
2732 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
2733 certs
= countCertsInStore(store1
);
2734 ok(certs
== 1, "Expected 1 cert, got %d\n", certs
);
2735 /* Calling it a second time has no effect */
2736 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
2737 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
2738 certs
= countCertsInStore(store1
);
2739 ok(certs
== 1, "Expected 1 cert, got %d\n", certs
);
2741 /* The last parameters to I_CertUpdateStore appear to be ignored */
2742 ret
= pI_CertUpdatestore(store1
, store2
, 1, 0);
2743 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
2744 ret
= pI_CertUpdatestore(store1
, store2
, 0, 1);
2745 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
2747 CertAddEncodedCRLToStore(store2
, X509_ASN_ENCODING
, signedCRL
,
2748 sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, NULL
);
2750 /* I_CertUpdateStore also adds the CRLs from store2 to store1 */
2751 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
2752 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
2753 certs
= countCertsInStore(store1
);
2754 ok(certs
== 1, "Expected 1 cert, got %d\n", certs
);
2755 if (pCertEnumCRLsInStore
)
2757 certs
= countCRLsInStore(store1
);
2758 ok(certs
== 1, "Expected 1 CRL, got %d\n", certs
);
2761 CertDeleteCertificateFromStore(cert
);
2762 /* If a context is deleted from store2, I_CertUpdateStore deletes it
2765 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
2766 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
2767 certs
= countCertsInStore(store1
);
2768 ok(certs
== 0, "Expected 0 certs, got %d\n", certs
);
2770 CertCloseStore(store1
, 0);
2771 CertCloseStore(store2
, 0);
2778 hdll
= GetModuleHandleA("Crypt32.dll");
2779 pCertAddStoreToCollection
= (void*)GetProcAddress(hdll
, "CertAddStoreToCollection");
2780 pCertControlStore
= (void*)GetProcAddress(hdll
, "CertControlStore");
2781 pCertEnumCRLsInStore
= (void*)GetProcAddress(hdll
, "CertEnumCRLsInStore");
2782 pCertEnumSystemStore
= (void*)GetProcAddress(hdll
, "CertEnumSystemStore");
2783 pCertGetStoreProperty
= (void*)GetProcAddress(hdll
, "CertGetStoreProperty");
2784 pCertRemoveStoreFromCollection
= (void*)GetProcAddress(hdll
, "CertRemoveStoreFromCollection");
2785 pCertSetStoreProperty
= (void*)GetProcAddress(hdll
, "CertSetStoreProperty");
2786 pCertAddCertificateLinkToStore
= (void*)GetProcAddress(hdll
, "CertAddCertificateLinkToStore");
2788 /* various combinations of CertOpenStore */
2790 testCollectionStore();
2792 testSystemRegStore();
2795 testFileNameStore();
2797 testSerializedStore();
2800 testCertOpenSystemStore();
2801 testCertEnumSystemStore();
2802 testStoreProperty();
2804 testAddSerialized();
2805 testAddCertificateLink();
2809 test_I_UpdateStore();