dlls/crypt32/store.c

   1 /*
   2  * Copyright 2002 Mike McCormack for CodeWeavers
   3  * Copyright 2004-2006 Juan Lang
   4  *
   5  * This library is free software; you can redistribute it and/or
   6  * modify it under the terms of the GNU Lesser General Public
   7  * License as published by the Free Software Foundation; either
   8  * version 2.1 of the License, or (at your option) any later version.
   9  *
  10  * This library is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13  * Lesser General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU Lesser General Public
  16  * License along with this library; if not, write to the Free Software
  17  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  18  *
  19  * FIXME:
  20  * - The concept of physical stores and locations isn't implemented.  (This
  21  *   doesn't mean registry stores et al aren't implemented.  See the PSDK for
  22  *   registering and enumerating physical stores and locations.)
  23  * - Many flags, options and whatnot are unimplemented.
  24  */
  25
  26 #include <assert.h>
  27 #include <stdarg.h>
  28 #include "windef.h"
  29 #include "winbase.h"
  30 #include "winnls.h"
  31 #include "winreg.h"
  32 #include "winternl.h"
  33 #include "winuser.h"
  34 #include "wincrypt.h"
  35 #include "wine/debug.h"
  36 #include "crypt32_private.h"
  37
  38 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
  39
  40 static const WINE_CONTEXT_INTERFACE gCertInterface = {
  41     (CreateContextFunc)CertCreateCertificateContext,
  42     (AddContextToStoreFunc)CertAddCertificateContextToStore,
  43     (AddEncodedContextToStoreFunc)CertAddEncodedCertificateToStore,
  44     (EnumContextsInStoreFunc)CertEnumCertificatesInStore,
  45     (EnumPropertiesFunc)CertEnumCertificateContextProperties,
  46     (GetContextPropertyFunc)CertGetCertificateContextProperty,
  47     (SetContextPropertyFunc)CertSetCertificateContextProperty,
  48     (SerializeElementFunc)CertSerializeCertificateStoreElement,
  49     (DeleteContextFunc)CertDeleteCertificateFromStore,
  50 };
  51 const WINE_CONTEXT_INTERFACE *pCertInterface = &gCertInterface;
  52
  53 static const WINE_CONTEXT_INTERFACE gCRLInterface = {
  54     (CreateContextFunc)CertCreateCRLContext,
  55     (AddContextToStoreFunc)CertAddCRLContextToStore,
  56     (AddEncodedContextToStoreFunc)CertAddEncodedCRLToStore,
  57     (EnumContextsInStoreFunc)CertEnumCRLsInStore,
  58     (EnumPropertiesFunc)CertEnumCRLContextProperties,
  59     (GetContextPropertyFunc)CertGetCRLContextProperty,
  60     (SetContextPropertyFunc)CertSetCRLContextProperty,
  61     (SerializeElementFunc)CertSerializeCRLStoreElement,
  62     (DeleteContextFunc)CertDeleteCRLFromStore,
  63 };
  64 const WINE_CONTEXT_INTERFACE *pCRLInterface = &gCRLInterface;
  65
  66 static const WINE_CONTEXT_INTERFACE gCTLInterface = {
  67     (CreateContextFunc)CertCreateCTLContext,
  68     (AddContextToStoreFunc)CertAddCTLContextToStore,
  69     (AddEncodedContextToStoreFunc)CertAddEncodedCTLToStore,
  70     (EnumContextsInStoreFunc)CertEnumCTLsInStore,
  71     (EnumPropertiesFunc)CertEnumCTLContextProperties,
  72     (GetContextPropertyFunc)CertGetCTLContextProperty,
  73     (SetContextPropertyFunc)CertSetCTLContextProperty,
  74     (SerializeElementFunc)CertSerializeCTLStoreElement,
  75     (DeleteContextFunc)CertDeleteCTLFromStore,
  76 };
  77 const WINE_CONTEXT_INTERFACE *pCTLInterface = &gCTLInterface;
  78
  79 typedef struct _WINE_MEMSTORE
  80 {
  81     WINECRYPT_CERTSTORE hdr;
  82     CRITICAL_SECTION cs;
  83     struct list certs;
  84     struct list crls;
  85     struct list ctls;
  86 } WINE_MEMSTORE;
  87
  88 void CRYPT_InitStore(WINECRYPT_CERTSTORE *store, DWORD dwFlags, CertStoreType type, const store_vtbl_t *vtbl)
  89 {
  90     store->ref = 1;
  91     store->dwMagic = WINE_CRYPTCERTSTORE_MAGIC;
  92     store->type = type;
  93     store->dwOpenFlags = dwFlags;
  94     store->vtbl = vtbl;
  95     store->properties = NULL;
  96 }
  97
  98 void CRYPT_FreeStore(WINECRYPT_CERTSTORE *store)
  99 {
 100     if (store->properties)
 101         ContextPropertyList_Free(store->properties);
 102     store->dwMagic = 0;
 103     CryptMemFree(store);
 104 }
 105
 106 BOOL WINAPI I_CertUpdateStore(HCERTSTORE store1, HCERTSTORE store2, DWORD unk0,
 107  DWORD unk1)
 108 {
 109     static BOOL warned = FALSE;
 110     const WINE_CONTEXT_INTERFACE * const interfaces[] = { pCertInterface,
 111      pCRLInterface, pCTLInterface };
 112     DWORD i;
 113
 114     TRACE("(%p, %p, %08lx, %08lx)\n", store1, store2, unk0, unk1);
 115     if (!warned)
 116     {
 117         FIXME("semi-stub\n");
 118         warned = TRUE;
 119     }
 120
 121     /* Poor-man's resync:  empty first store, then add everything from second
 122      * store to it.
 123      */
 124     for (i = 0; i < ARRAY_SIZE(interfaces); i++)
 125     {
 126         const void *context;
 127
 128         do {
 129             context = interfaces[i]->enumContextsInStore(store1, NULL);
 130             if (context)
 131                 interfaces[i]->deleteFromStore(context);
 132         } while (context);
 133         do {
 134             context = interfaces[i]->enumContextsInStore(store2, context);
 135             if (context)
 136                 interfaces[i]->addContextToStore(store1, context,
 137                  CERT_STORE_ADD_ALWAYS, NULL);
 138         } while (context);
 139     }
 140     return TRUE;
 141 }
 142
 143 static BOOL MemStore_addContext(WINE_MEMSTORE *store, struct list *list, context_t *orig_context,
 144  context_t *existing, context_t **ret_context, BOOL use_link)
 145 {
 146     context_t *context;
 147
 148     context = orig_context->vtbl->clone(orig_context, &store->hdr, use_link);
 149     if (!context)
 150         return FALSE;
 151
 152     TRACE("adding %p\n", context);
 153     EnterCriticalSection(&store->cs);
 154     if (existing) {
 155         context->u.entry.prev = existing->u.entry.prev;
 156         context->u.entry.next = existing->u.entry.next;
 157         context->u.entry.prev->next = &context->u.entry;
 158         context->u.entry.next->prev = &context->u.entry;
 159         list_init(&existing->u.entry);
 160         if(!existing->ref)
 161             Context_Release(existing);
 162     }else {
 163         list_add_head(list, &context->u.entry);
 164     }
 165     LeaveCriticalSection(&store->cs);
 166
 167     if(ret_context)
 168         *ret_context = context;
 169     else
 170         Context_Release(context);
 171     return TRUE;
 172 }
 173
 174 static context_t *MemStore_enumContext(WINE_MEMSTORE *store, struct list *list, context_t *prev)
 175 {
 176     struct list *next;
 177     context_t *ret;
 178
 179     EnterCriticalSection(&store->cs);
 180     if (prev) {
 181         next = list_next(list, &prev->u.entry);
 182         Context_Release(prev);
 183     }else {
 184         next = list_next(list, list);
 185     }
 186     LeaveCriticalSection(&store->cs);
 187
 188     if (!next) {
 189         SetLastError(CRYPT_E_NOT_FOUND);
 190         return NULL;
 191     }
 192
 193     ret = LIST_ENTRY(next, context_t, u.entry);
 194     Context_AddRef(ret);
 195     return ret;
 196 }
 197
 198 static BOOL MemStore_deleteContext(WINE_MEMSTORE *store, context_t *context)
 199 {
 200     BOOL in_list = FALSE;
 201
 202     EnterCriticalSection(&store->cs);
 203     if (!list_empty(&context->u.entry)) {
 204         list_remove(&context->u.entry);
 205         list_init(&context->u.entry);
 206         in_list = TRUE;
 207     }
 208     LeaveCriticalSection(&store->cs);
 209
 210     if(in_list && !context->ref)
 211         Context_Free(context);
 212     return TRUE;
 213 }
 214
 215 static void free_contexts(struct list *list)
 216 {
 217     context_t *context, *next;
 218
 219     LIST_FOR_EACH_ENTRY_SAFE(context, next, list, context_t, u.entry)
 220     {
 221         TRACE("freeing %p\n", context);
 222         list_remove(&context->u.entry);
 223         Context_Free(context);
 224     }
 225 }
 226
 227 static void MemStore_releaseContext(WINECRYPT_CERTSTORE *store, context_t *context)
 228 {
 229     /* Free the context only if it's not in a list. Otherwise it may be reused later. */
 230     if(list_empty(&context->u.entry))
 231         Context_Free(context);
 232 }
 233
 234 static BOOL MemStore_addCert(WINECRYPT_CERTSTORE *store, context_t *cert,
 235  context_t *toReplace, context_t **ppStoreContext, BOOL use_link)
 236 {
 237     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 238
 239     TRACE("(%p, %p, %p, %p)\n", store, cert, toReplace, ppStoreContext);
 240     return MemStore_addContext(ms, &ms->certs, cert, toReplace, ppStoreContext, use_link);
 241 }
 242
 243 static context_t *MemStore_enumCert(WINECRYPT_CERTSTORE *store, context_t *prev)
 244 {
 245     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 246
 247     TRACE("(%p, %p)\n", store, prev);
 248
 249     return MemStore_enumContext(ms, &ms->certs, prev);
 250 }
 251
 252 static BOOL MemStore_deleteCert(WINECRYPT_CERTSTORE *store, context_t *context)
 253 {
 254     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 255
 256     TRACE("(%p, %p)\n", store, context);
 257
 258     return MemStore_deleteContext(ms, context);
 259 }
 260
 261 static BOOL MemStore_addCRL(WINECRYPT_CERTSTORE *store, context_t *crl,
 262  context_t *toReplace, context_t **ppStoreContext, BOOL use_link)
 263 {
 264     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 265
 266     TRACE("(%p, %p, %p, %p)\n", store, crl, toReplace, ppStoreContext);
 267
 268     return MemStore_addContext(ms, &ms->crls, crl, toReplace, ppStoreContext, use_link);
 269 }
 270
 271 static context_t *MemStore_enumCRL(WINECRYPT_CERTSTORE *store, context_t *prev)
 272 {
 273     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 274
 275     TRACE("(%p, %p)\n", store, prev);
 276
 277     return MemStore_enumContext(ms, &ms->crls, prev);
 278 }
 279
 280 static BOOL MemStore_deleteCRL(WINECRYPT_CERTSTORE *store, context_t *context)
 281 {
 282     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 283
 284     TRACE("(%p, %p)\n", store, context);
 285
 286     return MemStore_deleteContext(ms, context);
 287 }
 288
 289 static BOOL MemStore_addCTL(WINECRYPT_CERTSTORE *store, context_t *ctl,
 290  context_t *toReplace, context_t **ppStoreContext, BOOL use_link)
 291 {
 292     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 293
 294     TRACE("(%p, %p, %p, %p)\n", store, ctl, toReplace, ppStoreContext);
 295
 296     return MemStore_addContext(ms, &ms->ctls, ctl, toReplace, ppStoreContext, use_link);
 297 }
 298
 299 static context_t *MemStore_enumCTL(WINECRYPT_CERTSTORE *store, context_t *prev)
 300 {
 301     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 302
 303     TRACE("(%p, %p)\n", store, prev);
 304
 305     return MemStore_enumContext(ms, &ms->ctls, prev);
 306 }
 307
 308 static BOOL MemStore_deleteCTL(WINECRYPT_CERTSTORE *store, context_t *context)
 309 {
 310     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 311
 312     TRACE("(%p, %p)\n", store, context);
 313
 314     return MemStore_deleteContext(ms, context);
 315 }
 316
 317 static void MemStore_addref(WINECRYPT_CERTSTORE *store)
 318 {
 319     LONG ref = InterlockedIncrement(&store->ref);
 320     TRACE("ref = %ld\n", ref);
 321 }
 322
 323 static DWORD MemStore_release(WINECRYPT_CERTSTORE *cert_store, DWORD flags)
 324 {
 325     WINE_MEMSTORE *store = (WINE_MEMSTORE*)cert_store;
 326     LONG ref;
 327
 328     if(flags & ~CERT_CLOSE_STORE_CHECK_FLAG)
 329         FIXME("Unimplemented flags %lx\n", flags);
 330
 331     ref = InterlockedDecrement(&store->hdr.ref);
 332     TRACE("(%p) ref=%ld\n", store, ref);
 333     if(ref)
 334         return (flags & CERT_CLOSE_STORE_CHECK_FLAG) ? CRYPT_E_PENDING_CLOSE : ERROR_SUCCESS;
 335
 336     free_contexts(&store->certs);
 337     free_contexts(&store->crls);
 338     free_contexts(&store->ctls);
 339     store->cs.DebugInfo->Spare[0] = 0;
 340     DeleteCriticalSection(&store->cs);
 341     CRYPT_FreeStore(&store->hdr);
 342     return ERROR_SUCCESS;
 343 }
 344
 345 static BOOL MemStore_control(WINECRYPT_CERTSTORE *store, DWORD dwFlags,
 346  DWORD dwCtrlType, void const *pvCtrlPara)
 347 {
 348     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 349     return FALSE;
 350 }
 351
 352 static const store_vtbl_t MemStoreVtbl = {
 353     MemStore_addref,
 354     MemStore_release,
 355     MemStore_releaseContext,
 356     MemStore_control,
 357     {
 358         MemStore_addCert,
 359         MemStore_enumCert,
 360         MemStore_deleteCert
 361     }, {
 362         MemStore_addCRL,
 363         MemStore_enumCRL,
 364         MemStore_deleteCRL
 365     }, {
 366         MemStore_addCTL,
 367         MemStore_enumCTL,
 368         MemStore_deleteCTL
 369     }
 370 };
 371
 372 static WINECRYPT_CERTSTORE *CRYPT_MemOpenStore(HCRYPTPROV hCryptProv,
 373  DWORD dwFlags, const void *pvPara)
 374 {
 375     WINE_MEMSTORE *store;
 376
 377     TRACE("(%Id, %08lx, %p)\n", hCryptProv, dwFlags, pvPara);
 378
 379     if (dwFlags & CERT_STORE_DELETE_FLAG)
 380     {
 381         SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 382         store = NULL;
 383     }
 384     else
 385     {
 386         store = CryptMemAlloc(sizeof(WINE_MEMSTORE));
 387         if (store)
 388         {
 389             memset(store, 0, sizeof(WINE_MEMSTORE));
 390             CRYPT_InitStore(&store->hdr, dwFlags, StoreTypeMem, &MemStoreVtbl);
 391             InitializeCriticalSection(&store->cs);
 392             store->cs.DebugInfo->Spare[0] = (DWORD_PTR)(__FILE__ ": ContextList.cs");
 393             list_init(&store->certs);
 394             list_init(&store->crls);
 395             list_init(&store->ctls);
 396             /* Mem store doesn't need crypto provider, so close it */
 397             if (hCryptProv && !(dwFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG))
 398                 CryptReleaseContext(hCryptProv, 0);
 399         }
 400     }
 401     return (WINECRYPT_CERTSTORE*)store;
 402 }
 403
 404 static WINECRYPT_CERTSTORE *CRYPT_SysRegOpenStoreW(HCRYPTPROV hCryptProv,
 405  DWORD dwFlags, const void *pvPara)
 406 {
 407     LPCWSTR storeName = pvPara;
 408     LPWSTR storePath;
 409     WINECRYPT_CERTSTORE *store = NULL;
 410     HKEY root;
 411     LPCWSTR base;
 412
 413     TRACE("(%Id, %08lx, %s)\n", hCryptProv, dwFlags,
 414      debugstr_w(pvPara));
 415
 416     if (!pvPara)
 417     {
 418         SetLastError(E_INVALIDARG);
 419         return NULL;
 420     }
 421
 422     switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
 423     {
 424     case CERT_SYSTEM_STORE_LOCAL_MACHINE:
 425         root = HKEY_LOCAL_MACHINE;
 426         base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
 427         /* If the HKLM\Root certs are requested, expressing system certs into the registry */
 428         if (!lstrcmpiW(storeName, L"Root"))
 429             CRYPT_ImportSystemRootCertsToReg();
 430         break;
 431     case CERT_SYSTEM_STORE_CURRENT_USER:
 432         root = HKEY_CURRENT_USER;
 433         base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
 434         break;
 435     case CERT_SYSTEM_STORE_CURRENT_SERVICE:
 436         /* hklm\Software\Microsoft\Cryptography\Services\servicename\
 437          * SystemCertificates
 438          */
 439         FIXME("CERT_SYSTEM_STORE_CURRENT_SERVICE, %s: stub\n",
 440          debugstr_w(storeName));
 441         return NULL;
 442     case CERT_SYSTEM_STORE_SERVICES:
 443         /* hklm\Software\Microsoft\Cryptography\Services\servicename\
 444          * SystemCertificates
 445          */
 446         FIXME("CERT_SYSTEM_STORE_SERVICES, %s: stub\n",
 447          debugstr_w(storeName));
 448         return NULL;
 449     case CERT_SYSTEM_STORE_USERS:
 450         /* hku\user sid\Software\Microsoft\SystemCertificates */
 451         FIXME("CERT_SYSTEM_STORE_USERS, %s: stub\n",
 452          debugstr_w(storeName));
 453         return NULL;
 454     case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
 455         root = HKEY_CURRENT_USER;
 456         base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
 457         break;
 458     case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
 459         root = HKEY_LOCAL_MACHINE;
 460         base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
 461         break;
 462     case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
 463         /* hklm\Software\Microsoft\EnterpriseCertificates */
 464         FIXME("CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE, %s: stub\n",
 465          debugstr_w(storeName));
 466         return NULL;
 467     default:
 468         SetLastError(E_INVALIDARG);
 469         return NULL;
 470     }
 471
 472     storePath = CryptMemAlloc((lstrlenW(base) + lstrlenW(storeName) + 2) *
 473      sizeof(WCHAR));
 474     if (storePath)
 475     {
 476         LONG rc;
 477         HKEY key;
 478         REGSAM sam = dwFlags & CERT_STORE_READONLY_FLAG ? KEY_READ :
 479             KEY_ALL_ACCESS;
 480
 481         wsprintfW(storePath, L"%s\\%s", base, storeName);
 482         if (dwFlags & CERT_STORE_OPEN_EXISTING_FLAG)
 483             rc = RegOpenKeyExW(root, storePath, 0, sam, &key);
 484         else
 485         {
 486             DWORD disp;
 487
 488             rc = RegCreateKeyExW(root, storePath, 0, NULL, 0, sam, NULL,
 489                                  &key, &disp);
 490             if (!rc && dwFlags & CERT_STORE_CREATE_NEW_FLAG &&
 491                 disp == REG_OPENED_EXISTING_KEY)
 492             {
 493                 RegCloseKey(key);
 494                 rc = ERROR_FILE_EXISTS;
 495             }
 496         }
 497         if (!rc)
 498         {
 499             store = CRYPT_RegOpenStore(hCryptProv, dwFlags, key);
 500             RegCloseKey(key);
 501         }
 502         else
 503             SetLastError(rc);
 504         CryptMemFree(storePath);
 505     }
 506     return store;
 507 }
 508
 509 static WINECRYPT_CERTSTORE *CRYPT_SysRegOpenStoreA(HCRYPTPROV hCryptProv,
 510  DWORD dwFlags, const void *pvPara)
 511 {
 512     int len;
 513     WINECRYPT_CERTSTORE *ret = NULL;
 514
 515     TRACE("(%Id, %08lx, %s)\n", hCryptProv, dwFlags,
 516      debugstr_a(pvPara));
 517
 518     if (!pvPara)
 519     {
 520         SetLastError(ERROR_FILE_NOT_FOUND);
 521         return NULL;
 522     }
 523     len = MultiByteToWideChar(CP_ACP, 0, pvPara, -1, NULL, 0);
 524     if (len)
 525     {
 526         LPWSTR storeName = CryptMemAlloc(len * sizeof(WCHAR));
 527
 528         if (storeName)
 529         {
 530             MultiByteToWideChar(CP_ACP, 0, pvPara, -1, storeName, len);
 531             ret = CRYPT_SysRegOpenStoreW(hCryptProv, dwFlags, storeName);
 532             CryptMemFree(storeName);
 533         }
 534     }
 535     return ret;
 536 }
 537
 538 static WINECRYPT_CERTSTORE *CRYPT_SysOpenStoreW(HCRYPTPROV hCryptProv,
 539  DWORD dwFlags, const void *pvPara)
 540 {
 541     HCERTSTORE store = 0;
 542     BOOL ret;
 543
 544     TRACE("(%Id, %08lx, %s)\n", hCryptProv, dwFlags,
 545      debugstr_w(pvPara));
 546
 547     if (!pvPara)
 548     {
 549         SetLastError(ERROR_FILE_NOT_FOUND);
 550         return NULL;
 551     }
 552     /* This returns a different error than system registry stores if the
 553      * location is invalid.
 554      */
 555     switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
 556     {
 557     case CERT_SYSTEM_STORE_LOCAL_MACHINE:
 558     case CERT_SYSTEM_STORE_CURRENT_USER:
 559     case CERT_SYSTEM_STORE_CURRENT_SERVICE:
 560     case CERT_SYSTEM_STORE_SERVICES:
 561     case CERT_SYSTEM_STORE_USERS:
 562     case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
 563     case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
 564     case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
 565         ret = TRUE;
 566         break;
 567     default:
 568         SetLastError(ERROR_FILE_NOT_FOUND);
 569         ret = FALSE;
 570     }
 571     if (ret)
 572     {
 573         HCERTSTORE regStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W,
 574          0, 0, dwFlags, pvPara);
 575
 576         if (regStore)
 577         {
 578             store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
 579              CERT_STORE_CREATE_NEW_FLAG, NULL);
 580             CertAddStoreToCollection(store, regStore,
 581              dwFlags & CERT_STORE_READONLY_FLAG ? 0 :
 582              CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
 583             CertCloseStore(regStore, 0);
 584             /* CERT_SYSTEM_STORE_CURRENT_USER returns both the HKCU and HKLM
 585              * stores.
 586              */
 587             if ((dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK) ==
 588              CERT_SYSTEM_STORE_CURRENT_USER)
 589             {
 590                 dwFlags &= ~CERT_SYSTEM_STORE_CURRENT_USER;
 591                 dwFlags |= CERT_SYSTEM_STORE_LOCAL_MACHINE;
 592                 regStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W, 0,
 593                  0, dwFlags, pvPara);
 594                 if (regStore)
 595                 {
 596                     CertAddStoreToCollection(store, regStore,
 597                      dwFlags & CERT_STORE_READONLY_FLAG ? 0 :
 598                      CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
 599                     CertCloseStore(regStore, 0);
 600                 }
 601             }
 602             /* System store doesn't need crypto provider, so close it */
 603             if (hCryptProv && !(dwFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG))
 604                 CryptReleaseContext(hCryptProv, 0);
 605         }
 606     }
 607     return store;
 608 }
 609
 610 static WINECRYPT_CERTSTORE *CRYPT_SysOpenStoreA(HCRYPTPROV hCryptProv,
 611  DWORD dwFlags, const void *pvPara)
 612 {
 613     int len;
 614     WINECRYPT_CERTSTORE *ret = NULL;
 615
 616     TRACE("(%Id, %08lx, %s)\n", hCryptProv, dwFlags,
 617      debugstr_a(pvPara));
 618
 619     if (!pvPara)
 620     {
 621         SetLastError(ERROR_FILE_NOT_FOUND);
 622         return NULL;
 623     }
 624     len = MultiByteToWideChar(CP_ACP, 0, pvPara, -1, NULL, 0);
 625     if (len)
 626     {
 627         LPWSTR storeName = CryptMemAlloc(len * sizeof(WCHAR));
 628
 629         if (storeName)
 630         {
 631             MultiByteToWideChar(CP_ACP, 0, pvPara, -1, storeName, len);
 632             ret = CRYPT_SysOpenStoreW(hCryptProv, dwFlags, storeName);
 633             CryptMemFree(storeName);
 634         }
 635     }
 636     return ret;
 637 }
 638
 639 static void WINAPI CRYPT_MsgCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
 640 {
 641     HCRYPTMSG msg = hCertStore;
 642
 643     TRACE("(%p, %08lx)\n", msg, dwFlags);
 644     CryptMsgClose(msg);
 645 }
 646
 647 static void *msgProvFuncs[] = {
 648     CRYPT_MsgCloseStore,
 649 };
 650
 651 static WINECRYPT_CERTSTORE *CRYPT_MsgOpenStore(HCRYPTPROV hCryptProv,
 652  DWORD dwFlags, const void *pvPara)
 653 {
 654     WINECRYPT_CERTSTORE *store = NULL;
 655     HCRYPTMSG msg = (HCRYPTMSG)pvPara;
 656     WINECRYPT_CERTSTORE *memStore;
 657
 658     TRACE("(%Id, %08lx, %p)\n", hCryptProv, dwFlags, pvPara);
 659
 660     memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
 661      CERT_STORE_CREATE_NEW_FLAG, NULL);
 662     if (memStore)
 663     {
 664         BOOL ret;
 665         DWORD size, count, i;
 666
 667         size = sizeof(count);
 668         ret = CryptMsgGetParam(msg, CMSG_CERT_COUNT_PARAM, 0, &count, &size);
 669         for (i = 0; ret && i < count; i++)
 670         {
 671             size = 0;
 672             ret = CryptMsgGetParam(msg, CMSG_CERT_PARAM, i, NULL, &size);
 673             if (ret)
 674             {
 675                 LPBYTE buf = CryptMemAlloc(size);
 676
 677                 if (buf)
 678                 {
 679                     ret = CryptMsgGetParam(msg, CMSG_CERT_PARAM, i, buf, &size);
 680                     if (ret)
 681                         ret = CertAddEncodedCertificateToStore(memStore,
 682                          X509_ASN_ENCODING, buf, size, CERT_STORE_ADD_ALWAYS,
 683                          NULL);
 684                     CryptMemFree(buf);
 685                 }
 686             }
 687         }
 688         size = sizeof(count);
 689         ret = CryptMsgGetParam(msg, CMSG_CRL_COUNT_PARAM, 0, &count, &size);
 690         for (i = 0; ret && i < count; i++)
 691         {
 692             size = 0;
 693             ret = CryptMsgGetParam(msg, CMSG_CRL_PARAM, i, NULL, &size);
 694             if (ret)
 695             {
 696                 LPBYTE buf = CryptMemAlloc(size);
 697
 698                 if (buf)
 699                 {
 700                     ret = CryptMsgGetParam(msg, CMSG_CRL_PARAM, i, buf, &size);
 701                     if (ret)
 702                         ret = CertAddEncodedCRLToStore(memStore,
 703                          X509_ASN_ENCODING, buf, size, CERT_STORE_ADD_ALWAYS,
 704                          NULL);
 705                     CryptMemFree(buf);
 706                 }
 707             }
 708         }
 709         if (ret)
 710         {
 711             CERT_STORE_PROV_INFO provInfo = { 0 };
 712
 713             provInfo.cbSize = sizeof(provInfo);
 714             provInfo.cStoreProvFunc = ARRAY_SIZE(msgProvFuncs);
 715             provInfo.rgpvStoreProvFunc = msgProvFuncs;
 716             provInfo.hStoreProv = CryptMsgDuplicate(msg);
 717             store = CRYPT_ProvCreateStore(dwFlags, memStore, &provInfo);
 718             /* Msg store doesn't need crypto provider, so close it */
 719             if (hCryptProv && !(dwFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG))
 720                 CryptReleaseContext(hCryptProv, 0);
 721         }
 722         else
 723             CertCloseStore(memStore, 0);
 724     }
 725     TRACE("returning %p\n", store);
 726     return store;
 727 }
 728
 729 static WINECRYPT_CERTSTORE *CRYPT_PKCSOpenStore(HCRYPTPROV hCryptProv,
 730  DWORD dwFlags, const void *pvPara)
 731 {
 732     HCRYPTMSG msg;
 733     WINECRYPT_CERTSTORE *store = NULL;
 734     const CRYPT_DATA_BLOB *data = pvPara;
 735     BOOL ret;
 736     DWORD msgOpenFlags = dwFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG ? 0 :
 737      CMSG_CRYPT_RELEASE_CONTEXT_FLAG;
 738
 739     TRACE("(%Id, %08lx, %p)\n", hCryptProv, dwFlags, pvPara);
 740
 741     msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, msgOpenFlags, CMSG_SIGNED,
 742      hCryptProv, NULL, NULL);
 743     ret = CryptMsgUpdate(msg, data->pbData, data->cbData, TRUE);
 744     if (!ret)
 745     {
 746         CryptMsgClose(msg);
 747         msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, msgOpenFlags, 0,
 748          hCryptProv, NULL, NULL);
 749         ret = CryptMsgUpdate(msg, data->pbData, data->cbData, TRUE);
 750         if (ret)
 751         {
 752             DWORD type, size = sizeof(type);
 753
 754             /* Only signed messages are allowed, check type */
 755             ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, &type, &size);
 756             if (ret && type != CMSG_SIGNED)
 757             {
 758                 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
 759                 ret = FALSE;
 760             }
 761         }
 762     }
 763     if (ret)
 764         store = CRYPT_MsgOpenStore(0, dwFlags, msg);
 765     CryptMsgClose(msg);
 766     TRACE("returning %p\n", store);
 767     return store;
 768 }
 769
 770 static WINECRYPT_CERTSTORE *CRYPT_SerializedOpenStore(HCRYPTPROV hCryptProv,
 771  DWORD dwFlags, const void *pvPara)
 772 {
 773     HCERTSTORE store;
 774     const CRYPT_DATA_BLOB *data = pvPara;
 775
 776     TRACE("(%Id, %08lx, %p)\n", hCryptProv, dwFlags, pvPara);
 777
 778     if (dwFlags & CERT_STORE_DELETE_FLAG)
 779     {
 780         SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 781         return NULL;
 782     }
 783
 784     store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
 785      CERT_STORE_CREATE_NEW_FLAG, NULL);
 786     if (store)
 787     {
 788         if (!CRYPT_ReadSerializedStoreFromBlob(data, store))
 789         {
 790             CertCloseStore(store, 0);
 791             store = NULL;
 792         }
 793     }
 794     TRACE("returning %p\n", store);
 795     return (WINECRYPT_CERTSTORE*)store;
 796 }
 797
 798 static WINECRYPT_CERTSTORE *CRYPT_PhysOpenStoreW(HCRYPTPROV hCryptProv,
 799  DWORD dwFlags, const void *pvPara)
 800 {
 801     if (dwFlags & CERT_SYSTEM_STORE_RELOCATE_FLAG)
 802         FIXME("(%Id, %08lx, %p): stub\n", hCryptProv, dwFlags, pvPara);
 803     else
 804         FIXME("(%Id, %08lx, %s): stub\n", hCryptProv, dwFlags,
 805          debugstr_w(pvPara));
 806     return NULL;
 807 }
 808
 809 HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider,
 810  DWORD dwMsgAndCertEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags,
 811  const void* pvPara)
 812 {
 813     WINECRYPT_CERTSTORE *hcs;
 814     StoreOpenFunc openFunc = NULL;
 815
 816     TRACE("(%s, %08lx, %08Ix, %08lx, %p)\n", debugstr_a(lpszStoreProvider),
 817           dwMsgAndCertEncodingType, hCryptProv, dwFlags, pvPara);
 818
 819     if (IS_INTOID(lpszStoreProvider))
 820     {
 821         switch (LOWORD(lpszStoreProvider))
 822         {
 823         case LOWORD(CERT_STORE_PROV_MSG):
 824             openFunc = CRYPT_MsgOpenStore;
 825             break;
 826         case LOWORD(CERT_STORE_PROV_MEMORY):
 827             openFunc = CRYPT_MemOpenStore;
 828             break;
 829         case LOWORD(CERT_STORE_PROV_FILE):
 830             openFunc = CRYPT_FileOpenStore;
 831             break;
 832         case LOWORD(CERT_STORE_PROV_PKCS7):
 833             openFunc = CRYPT_PKCSOpenStore;
 834             break;
 835         case LOWORD(CERT_STORE_PROV_SERIALIZED):
 836             openFunc = CRYPT_SerializedOpenStore;
 837             break;
 838         case LOWORD(CERT_STORE_PROV_REG):
 839             openFunc = CRYPT_RegOpenStore;
 840             break;
 841         case LOWORD(CERT_STORE_PROV_FILENAME_A):
 842             openFunc = CRYPT_FileNameOpenStoreA;
 843             break;
 844         case LOWORD(CERT_STORE_PROV_FILENAME_W):
 845             openFunc = CRYPT_FileNameOpenStoreW;
 846             break;
 847         case LOWORD(CERT_STORE_PROV_COLLECTION):
 848             openFunc = CRYPT_CollectionOpenStore;
 849             break;
 850         case LOWORD(CERT_STORE_PROV_SYSTEM_A):
 851             openFunc = CRYPT_SysOpenStoreA;
 852             break;
 853         case LOWORD(CERT_STORE_PROV_SYSTEM_W):
 854             openFunc = CRYPT_SysOpenStoreW;
 855             break;
 856         case LOWORD(CERT_STORE_PROV_SYSTEM_REGISTRY_A):
 857             openFunc = CRYPT_SysRegOpenStoreA;
 858             break;
 859         case LOWORD(CERT_STORE_PROV_SYSTEM_REGISTRY_W):
 860             openFunc = CRYPT_SysRegOpenStoreW;
 861             break;
 862         case LOWORD(CERT_STORE_PROV_PHYSICAL_W):
 863             openFunc = CRYPT_PhysOpenStoreW;
 864             break;
 865         default:
 866             if (LOWORD(lpszStoreProvider))
 867                 FIXME("unimplemented type %d\n", LOWORD(lpszStoreProvider));
 868         }
 869     }
 870     else if (!stricmp(lpszStoreProvider, sz_CERT_STORE_PROV_MEMORY))
 871         openFunc = CRYPT_MemOpenStore;
 872     else if (!stricmp(lpszStoreProvider, sz_CERT_STORE_PROV_FILENAME_W))
 873         openFunc = CRYPT_FileOpenStore;
 874     else if (!stricmp(lpszStoreProvider, sz_CERT_STORE_PROV_SYSTEM))
 875         openFunc = CRYPT_SysOpenStoreW;
 876     else if (!stricmp(lpszStoreProvider, sz_CERT_STORE_PROV_PKCS7))
 877         openFunc = CRYPT_PKCSOpenStore;
 878     else if (!stricmp(lpszStoreProvider, sz_CERT_STORE_PROV_SERIALIZED))
 879         openFunc = CRYPT_SerializedOpenStore;
 880     else if (!stricmp(lpszStoreProvider, sz_CERT_STORE_PROV_COLLECTION))
 881         openFunc = CRYPT_CollectionOpenStore;
 882     else if (!stricmp(lpszStoreProvider, sz_CERT_STORE_PROV_SYSTEM_REGISTRY))
 883         openFunc = CRYPT_SysRegOpenStoreW;
 884     else
 885     {
 886         FIXME("unimplemented type %s\n", lpszStoreProvider);
 887         openFunc = NULL;
 888     }
 889
 890     if (!openFunc)
 891         hcs = CRYPT_ProvOpenStore(lpszStoreProvider, dwMsgAndCertEncodingType,
 892          hCryptProv, dwFlags, pvPara);
 893     else
 894         hcs = openFunc(hCryptProv, dwFlags, pvPara);
 895     return hcs;
 896 }
 897
 898 HCERTSTORE WINAPI CertOpenSystemStoreA(HCRYPTPROV_LEGACY hProv,
 899  LPCSTR szSubSystemProtocol)
 900 {
 901     if (!szSubSystemProtocol)
 902     {
 903         SetLastError(E_INVALIDARG);
 904         return 0;
 905     }
 906     return CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, hProv,
 907      CERT_SYSTEM_STORE_CURRENT_USER, szSubSystemProtocol);
 908 }
 909
 910 HCERTSTORE WINAPI CertOpenSystemStoreW(HCRYPTPROV_LEGACY hProv,
 911  LPCWSTR szSubSystemProtocol)
 912 {
 913     if (!szSubSystemProtocol)
 914     {
 915         SetLastError(E_INVALIDARG);
 916         return 0;
 917     }
 918     return CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, hProv,
 919      CERT_SYSTEM_STORE_CURRENT_USER, szSubSystemProtocol);
 920 }
 921
 922 PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore(HCERTSTORE hCertStore, PCCERT_CONTEXT pPrev)
 923 {
 924     cert_t *prev = pPrev ? cert_from_ptr(pPrev) : NULL, *ret;
 925     WINECRYPT_CERTSTORE *hcs = hCertStore;
 926
 927     TRACE("(%p, %p)\n", hCertStore, pPrev);
 928     if (!hCertStore)
 929         ret = NULL;
 930     else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
 931         ret = NULL;
 932     else
 933         ret = (cert_t*)hcs->vtbl->certs.enumContext(hcs, prev ? &prev->base : NULL);
 934     return ret ? &ret->ctx : NULL;
 935 }
 936
 937 BOOL WINAPI CertDeleteCertificateFromStore(PCCERT_CONTEXT pCertContext)
 938 {
 939     WINECRYPT_CERTSTORE *hcs;
 940
 941     TRACE("(%p)\n", pCertContext);
 942
 943     if (!pCertContext)
 944         return TRUE;
 945
 946     hcs = pCertContext->hCertStore;
 947
 948     if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
 949         return FALSE;
 950
 951     return hcs->vtbl->certs.delete(hcs, &cert_from_ptr(pCertContext)->base);
 952 }
 953
 954 BOOL WINAPI CertAddCRLContextToStore(HCERTSTORE hCertStore,
 955  PCCRL_CONTEXT pCrlContext, DWORD dwAddDisposition,
 956  PCCRL_CONTEXT* ppStoreContext)
 957 {
 958     WINECRYPT_CERTSTORE *store = hCertStore;
 959     BOOL ret = TRUE;
 960     PCCRL_CONTEXT toAdd = NULL, existing = NULL;
 961
 962     TRACE("(%p, %p, %08lx, %p)\n", hCertStore, pCrlContext,
 963      dwAddDisposition, ppStoreContext);
 964
 965     /* Weird case to pass a test */
 966     if (dwAddDisposition == 0)
 967     {
 968         SetLastError(STATUS_ACCESS_VIOLATION);
 969         return FALSE;
 970     }
 971     if (dwAddDisposition != CERT_STORE_ADD_ALWAYS)
 972     {
 973         existing = CertFindCRLInStore(hCertStore, 0, 0, CRL_FIND_EXISTING,
 974          pCrlContext, NULL);
 975     }
 976
 977     switch (dwAddDisposition)
 978     {
 979     case CERT_STORE_ADD_ALWAYS:
 980         toAdd = CertDuplicateCRLContext(pCrlContext);
 981         break;
 982     case CERT_STORE_ADD_NEW:
 983         if (existing)
 984         {
 985             TRACE("found matching CRL, not adding\n");
 986             SetLastError(CRYPT_E_EXISTS);
 987             ret = FALSE;
 988         }
 989         else
 990             toAdd = CertDuplicateCRLContext(pCrlContext);
 991         break;
 992     case CERT_STORE_ADD_NEWER:
 993         if (existing)
 994         {
 995             LONG newer = CompareFileTime(&existing->pCrlInfo->ThisUpdate,
 996              &pCrlContext->pCrlInfo->ThisUpdate);
 997
 998             if (newer < 0)
 999                 toAdd = CertDuplicateCRLContext(pCrlContext);
1000             else
1001             {
1002                 TRACE("existing CRL is newer, not adding\n");
1003                 SetLastError(CRYPT_E_EXISTS);
1004                 ret = FALSE;
1005             }
1006         }
1007         else
1008             toAdd = CertDuplicateCRLContext(pCrlContext);
1009         break;
1010     case CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES:
1011         if (existing)
1012         {
1013             LONG newer = CompareFileTime(&existing->pCrlInfo->ThisUpdate,
1014              &pCrlContext->pCrlInfo->ThisUpdate);
1015
1016             if (newer < 0)
1017             {
1018                 toAdd = CertDuplicateCRLContext(pCrlContext);
1019                 Context_CopyProperties(toAdd, existing);
1020             }
1021             else
1022             {
1023                 TRACE("existing CRL is newer, not adding\n");
1024                 SetLastError(CRYPT_E_EXISTS);
1025                 ret = FALSE;
1026             }
1027         }
1028         else
1029             toAdd = CertDuplicateCRLContext(pCrlContext);
1030         break;
1031     case CERT_STORE_ADD_REPLACE_EXISTING:
1032         toAdd = CertDuplicateCRLContext(pCrlContext);
1033         break;
1034     case CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES:
1035         toAdd = CertDuplicateCRLContext(pCrlContext);
1036         if (existing)
1037             Context_CopyProperties(toAdd, existing);
1038         break;
1039     case CERT_STORE_ADD_USE_EXISTING:
1040         if (existing)
1041         {
1042             Context_CopyProperties(existing, pCrlContext);
1043             if (ppStoreContext)
1044                 *ppStoreContext = CertDuplicateCRLContext(existing);
1045         }
1046         else
1047             toAdd = CertDuplicateCRLContext(pCrlContext);
1048         break;
1049     default:
1050         FIXME("Unimplemented add disposition %ld\n", dwAddDisposition);
1051         ret = FALSE;
1052     }
1053
1054     if (toAdd)
1055     {
1056         if (store) {
1057             context_t *ret_context;
1058             ret = store->vtbl->crls.addContext(store, context_from_ptr(toAdd),
1059              existing ? context_from_ptr(existing) : NULL, ppStoreContext ? &ret_context : NULL, FALSE);
1060             if (ret && ppStoreContext)
1061                 *ppStoreContext = context_ptr(ret_context);
1062         }else if (ppStoreContext) {
1063             *ppStoreContext = CertDuplicateCRLContext(toAdd);
1064         }
1065         CertFreeCRLContext(toAdd);
1066     }
1067     if (existing)
1068         CertFreeCRLContext(existing);
1069
1070     TRACE("returning %d\n", ret);
1071     return ret;
1072 }
1073
1074 BOOL WINAPI CertDeleteCRLFromStore(PCCRL_CONTEXT pCrlContext)
1075 {
1076     WINECRYPT_CERTSTORE *hcs;
1077     BOOL ret;
1078
1079     TRACE("(%p)\n", pCrlContext);
1080
1081     if (!pCrlContext)
1082         return TRUE;
1083
1084     hcs = pCrlContext->hCertStore;
1085
1086     if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
1087         return FALSE;
1088
1089     ret = hcs->vtbl->crls.delete(hcs, &crl_from_ptr(pCrlContext)->base);
1090     if (ret)
1091         ret = CertFreeCRLContext(pCrlContext);
1092     return ret;
1093 }
1094
1095 PCCRL_CONTEXT WINAPI CertEnumCRLsInStore(HCERTSTORE hCertStore, PCCRL_CONTEXT pPrev)
1096 {
1097     crl_t *ret, *prev = pPrev ? crl_from_ptr(pPrev) : NULL;
1098     WINECRYPT_CERTSTORE *hcs = hCertStore;
1099
1100     TRACE("(%p, %p)\n", hCertStore, pPrev);
1101     if (!hCertStore)
1102         ret = NULL;
1103     else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
1104         ret = NULL;
1105     else
1106         ret = (crl_t*)hcs->vtbl->crls.enumContext(hcs, prev ? &prev->base : NULL);
1107     return ret ? &ret->ctx : NULL;
1108 }
1109
1110 HCERTSTORE WINAPI CertDuplicateStore(HCERTSTORE hCertStore)
1111 {
1112     WINECRYPT_CERTSTORE *hcs = hCertStore;
1113
1114     TRACE("(%p)\n", hCertStore);
1115
1116     if (hcs && hcs->dwMagic == WINE_CRYPTCERTSTORE_MAGIC)
1117         hcs->vtbl->addref(hcs);
1118     return hCertStore;
1119 }
1120
1121 BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
1122 {
1123     WINECRYPT_CERTSTORE *hcs = hCertStore;
1124     DWORD res;
1125
1126     TRACE("(%p, %08lx)\n", hCertStore, dwFlags);
1127
1128     if( ! hCertStore )
1129         return TRUE;
1130
1131     if ( hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC )
1132         return FALSE;
1133
1134     res = hcs->vtbl->release(hcs, dwFlags);
1135     if (res != ERROR_SUCCESS) {
1136         SetLastError(res);
1137         return FALSE;
1138     }
1139
1140     return TRUE;
1141 }
1142
1143 BOOL WINAPI CertControlStore(HCERTSTORE hCertStore, DWORD dwFlags,
1144  DWORD dwCtrlType, void const *pvCtrlPara)
1145 {
1146     WINECRYPT_CERTSTORE *hcs = hCertStore;
1147     BOOL ret;
1148
1149     TRACE("(%p, %08lx, %ld, %p)\n", hCertStore, dwFlags, dwCtrlType,
1150      pvCtrlPara);
1151
1152     if (!hcs)
1153         ret = FALSE;
1154     else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
1155         ret = FALSE;
1156     else
1157     {
1158         if (hcs->vtbl->control)
1159             ret = hcs->vtbl->control(hcs, dwFlags, dwCtrlType, pvCtrlPara);
1160         else
1161             ret = TRUE;
1162     }
1163     return ret;
1164 }
1165
1166 BOOL WINAPI CertGetStoreProperty(HCERTSTORE hCertStore, DWORD dwPropId,
1167  void *pvData, DWORD *pcbData)
1168 {
1169     WINECRYPT_CERTSTORE *store = hCertStore;
1170     BOOL ret = FALSE;
1171
1172     TRACE("(%p, %ld, %p, %p)\n", hCertStore, dwPropId, pvData, pcbData);
1173
1174     switch (dwPropId)
1175     {
1176     case CERT_ACCESS_STATE_PROP_ID:
1177         if (!pvData)
1178         {
1179             *pcbData = sizeof(DWORD);
1180             ret = TRUE;
1181         }
1182         else if (*pcbData < sizeof(DWORD))
1183         {
1184             SetLastError(ERROR_MORE_DATA);
1185             *pcbData = sizeof(DWORD);
1186         }
1187         else
1188         {
1189             DWORD state = 0;
1190
1191             if (store->type != StoreTypeMem &&
1192              !(store->dwOpenFlags & CERT_STORE_READONLY_FLAG))
1193                 state |= CERT_ACCESS_STATE_WRITE_PERSIST_FLAG;
1194             *(DWORD *)pvData = state;
1195             ret = TRUE;
1196         }
1197         break;
1198     default:
1199         if (store->properties)
1200         {
1201             CRYPT_DATA_BLOB blob;
1202
1203             ret = ContextPropertyList_FindProperty(store->properties, dwPropId,
1204              &blob);
1205             if (ret)
1206             {
1207                 if (!pvData)
1208                     *pcbData = blob.cbData;
1209                 else if (*pcbData < blob.cbData)
1210                 {
1211                     SetLastError(ERROR_MORE_DATA);
1212                     *pcbData = blob.cbData;
1213                     ret = FALSE;
1214                 }
1215                 else
1216                 {
1217                     memcpy(pvData, blob.pbData, blob.cbData);
1218                     *pcbData = blob.cbData;
1219                 }
1220             }
1221             else
1222                 SetLastError(CRYPT_E_NOT_FOUND);
1223         }
1224         else
1225             SetLastError(CRYPT_E_NOT_FOUND);
1226     }
1227     return ret;
1228 }
1229
1230 BOOL WINAPI CertSetStoreProperty(HCERTSTORE hCertStore, DWORD dwPropId,
1231  DWORD dwFlags, const void *pvData)
1232 {
1233     WINECRYPT_CERTSTORE *store = hCertStore;
1234     BOOL ret = FALSE;
1235
1236     TRACE("(%p, %ld, %08lx, %p)\n", hCertStore, dwPropId, dwFlags, pvData);
1237
1238     if (!store->properties)
1239         store->properties = ContextPropertyList_Create();
1240     switch (dwPropId)
1241     {
1242     case CERT_ACCESS_STATE_PROP_ID:
1243         SetLastError(E_INVALIDARG);
1244         break;
1245     default:
1246         if (pvData)
1247         {
1248             const CRYPT_DATA_BLOB *blob = pvData;
1249
1250             ret = ContextPropertyList_SetProperty(store->properties, dwPropId,
1251              blob->pbData, blob->cbData);
1252         }
1253         else
1254         {
1255             ContextPropertyList_RemoveProperty(store->properties, dwPropId);
1256             ret = TRUE;
1257         }
1258     }
1259     return ret;
1260 }
1261
1262 static LONG CRYPT_OpenParentStore(DWORD dwFlags,
1263     void *pvSystemStoreLocationPara, HKEY *key)
1264 {
1265     HKEY root;
1266     LPCWSTR base;
1267
1268     TRACE("(%08lx, %p)\n", dwFlags, pvSystemStoreLocationPara);
1269
1270     switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
1271     {
1272     case CERT_SYSTEM_STORE_LOCAL_MACHINE:
1273         root = HKEY_LOCAL_MACHINE;
1274         base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
1275         break;
1276     case CERT_SYSTEM_STORE_CURRENT_USER:
1277         root = HKEY_CURRENT_USER;
1278         base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
1279         break;
1280     case CERT_SYSTEM_STORE_CURRENT_SERVICE:
1281         /* hklm\Software\Microsoft\Cryptography\Services\servicename\
1282          * SystemCertificates
1283          */
1284         FIXME("CERT_SYSTEM_STORE_CURRENT_SERVICE\n");
1285         return ERROR_FILE_NOT_FOUND;
1286     case CERT_SYSTEM_STORE_SERVICES:
1287         /* hklm\Software\Microsoft\Cryptography\Services\servicename\
1288          * SystemCertificates
1289          */
1290         FIXME("CERT_SYSTEM_STORE_SERVICES\n");
1291         return ERROR_FILE_NOT_FOUND;
1292     case CERT_SYSTEM_STORE_USERS:
1293         /* hku\user sid\Software\Microsoft\SystemCertificates */
1294         FIXME("CERT_SYSTEM_STORE_USERS\n");
1295         return ERROR_FILE_NOT_FOUND;
1296     case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
1297         root = HKEY_CURRENT_USER;
1298         base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
1299         break;
1300     case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
1301         root = HKEY_LOCAL_MACHINE;
1302         base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
1303         break;
1304     case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
1305         /* hklm\Software\Microsoft\EnterpriseCertificates */
1306         FIXME("CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE\n");
1307         return ERROR_FILE_NOT_FOUND;
1308     default:
1309         return ERROR_FILE_NOT_FOUND;
1310     }
1311
1312     return RegOpenKeyExW(root, base, 0, KEY_READ, key);
1313 }
1314
1315 BOOL WINAPI CertEnumSystemStore(DWORD dwFlags, void *pvSystemStoreLocationPara,
1316     void *pvArg, PFN_CERT_ENUM_SYSTEM_STORE pfnEnum)
1317 {
1318     BOOL ret = FALSE;
1319     LONG rc;
1320     HKEY key;
1321     CERT_SYSTEM_STORE_INFO info = { sizeof(info) };
1322
1323     TRACE("(%08lx, %p, %p, %p)\n", dwFlags, pvSystemStoreLocationPara, pvArg,
1324         pfnEnum);
1325
1326     rc = CRYPT_OpenParentStore(dwFlags, pvArg, &key);
1327     if (!rc)
1328     {
1329         DWORD index = 0;
1330
1331         ret = TRUE;
1332         do {
1333             WCHAR name[MAX_PATH];
1334             DWORD size = ARRAY_SIZE(name);
1335
1336             rc = RegEnumKeyExW(key, index++, name, &size, NULL, NULL, NULL,
1337                 NULL);
1338             if (!rc)
1339                 ret = pfnEnum(name, dwFlags, &info, NULL, pvArg);
1340         } while (ret && !rc);
1341         if (ret && rc != ERROR_NO_MORE_ITEMS)
1342             SetLastError(rc);
1343     }
1344     else
1345         SetLastError(rc);
1346     /* Include root store for the local machine location (it isn't in the
1347      * registry)
1348      */
1349     if (ret && (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK) ==
1350      CERT_SYSTEM_STORE_LOCAL_MACHINE)
1351         ret = pfnEnum(L"Root", dwFlags, &info, NULL, pvArg);
1352     return ret;
1353 }
1354
1355 BOOL WINAPI CertEnumPhysicalStore(const void *pvSystemStore, DWORD dwFlags,
1356  void *pvArg, PFN_CERT_ENUM_PHYSICAL_STORE pfnEnum)
1357 {
1358     if (dwFlags & CERT_SYSTEM_STORE_RELOCATE_FLAG)
1359         FIXME("(%p, %08lx, %p, %p): stub\n", pvSystemStore, dwFlags, pvArg,
1360          pfnEnum);
1361     else
1362         FIXME("(%s, %08lx, %p, %p): stub\n", debugstr_w(pvSystemStore),
1363          dwFlags, pvArg,
1364          pfnEnum);
1365     return FALSE;
1366 }
1367
1368 BOOL WINAPI CertRegisterPhysicalStore(const void *pvSystemStore, DWORD dwFlags,
1369  LPCWSTR pwszStoreName, PCERT_PHYSICAL_STORE_INFO pStoreInfo, void *pvReserved)
1370 {
1371     if (dwFlags & CERT_SYSTEM_STORE_RELOCATE_FLAG)
1372         FIXME("(%p, %08lx, %s, %p, %p): stub\n", pvSystemStore, dwFlags,
1373          debugstr_w(pwszStoreName), pStoreInfo, pvReserved);
1374     else
1375         FIXME("(%s, %08lx, %s, %p, %p): stub\n", debugstr_w(pvSystemStore),
1376          dwFlags, debugstr_w(pwszStoreName), pStoreInfo, pvReserved);
1377     return FALSE;
1378 }
1379
1380 BOOL WINAPI CertUnregisterPhysicalStore(const void *pvSystemStore, DWORD dwFlags,
1381  LPCWSTR pwszStoreName)
1382 {
1383     FIXME("(%p, %08lx, %s): stub\n", pvSystemStore, dwFlags, debugstr_w(pwszStoreName));
1384     return TRUE;
1385 }
1386
1387 BOOL WINAPI CertRegisterSystemStore(const void *pvSystemStore, DWORD dwFlags,
1388   PCERT_SYSTEM_STORE_INFO pStoreInfo, void *pvReserved)
1389 {
1390     HCERTSTORE hstore;
1391
1392     if (dwFlags & CERT_SYSTEM_STORE_RELOCATE_FLAG )
1393     {
1394         FIXME("(%p, %08lx, %p, %p): flag not supported\n", pvSystemStore, dwFlags, pStoreInfo, pvReserved);
1395         return FALSE;
1396     }
1397
1398     TRACE("(%s, %08lx, %p, %p)\n", debugstr_w(pvSystemStore), dwFlags, pStoreInfo, pvReserved);
1399
1400     hstore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W, 0, 0, dwFlags, pvSystemStore);
1401     if (hstore)
1402     {
1403         CertCloseStore(hstore, 0);
1404         return TRUE;
1405     }
1406
1407     return FALSE;
1408 }
1409
1410 BOOL WINAPI CertUnregisterSystemStore(const void *pvSystemStore, DWORD dwFlags)
1411 {
1412     HCERTSTORE hstore;
1413
1414     if (dwFlags & CERT_SYSTEM_STORE_RELOCATE_FLAG)
1415     {
1416         FIXME("(%p, %08lx): flag not supported\n", pvSystemStore, dwFlags);
1417         return FALSE;
1418     }
1419     TRACE("(%s, %08lx)\n", debugstr_w(pvSystemStore), dwFlags);
1420
1421     hstore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W, 0, 0, dwFlags | CERT_STORE_OPEN_EXISTING_FLAG, pvSystemStore);
1422     if (hstore == NULL)
1423         return FALSE;
1424
1425     hstore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W, 0, 0, dwFlags | CERT_STORE_DELETE_FLAG, pvSystemStore);
1426     if (hstore == NULL && GetLastError() == 0)
1427         return TRUE;
1428
1429     return FALSE;
1430 }
1431
1432 static void EmptyStore_addref(WINECRYPT_CERTSTORE *store)
1433 {
1434     TRACE("(%p)\n", store);
1435 }
1436
1437 static DWORD EmptyStore_release(WINECRYPT_CERTSTORE *store, DWORD flags)
1438 {
1439     TRACE("(%p)\n", store);
1440     return E_UNEXPECTED;
1441 }
1442
1443 static void EmptyStore_releaseContext(WINECRYPT_CERTSTORE *store, context_t *context)
1444 {
1445     Context_Free(context);
1446 }
1447
1448 static BOOL EmptyStore_add(WINECRYPT_CERTSTORE *store, context_t *context,
1449  context_t *replace, context_t **ret_context, BOOL use_link)
1450 {
1451     TRACE("(%p, %p, %p, %p)\n", store, context, replace, ret_context);
1452
1453     /* FIXME: We should clone the context */
1454     if(ret_context) {
1455         Context_AddRef(context);
1456         *ret_context = context;
1457     }
1458
1459     return TRUE;
1460 }
1461
1462 static context_t *EmptyStore_enum(WINECRYPT_CERTSTORE *store, context_t *prev)
1463 {
1464     TRACE("(%p, %p)\n", store, prev);
1465
1466     SetLastError(CRYPT_E_NOT_FOUND);
1467     return NULL;
1468 }
1469
1470 static BOOL EmptyStore_delete(WINECRYPT_CERTSTORE *store, context_t *context)
1471 {
1472     return TRUE;
1473 }
1474
1475 static BOOL EmptyStore_control(WINECRYPT_CERTSTORE *store, DWORD flags, DWORD ctrl_type, void const *ctrl_para)
1476 {
1477     TRACE("()\n");
1478
1479     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
1480     return FALSE;
1481 }
1482
1483 static const store_vtbl_t EmptyStoreVtbl = {
1484     EmptyStore_addref,
1485     EmptyStore_release,
1486     EmptyStore_releaseContext,
1487     EmptyStore_control,
1488     {
1489         EmptyStore_add,
1490         EmptyStore_enum,
1491         EmptyStore_delete
1492     }, {
1493         EmptyStore_add,
1494         EmptyStore_enum,
1495         EmptyStore_delete
1496     }, {
1497         EmptyStore_add,
1498         EmptyStore_enum,
1499         EmptyStore_delete
1500     }
1501 };
1502
1503 WINECRYPT_CERTSTORE empty_store;
1504
1505 void init_empty_store(void)
1506 {
1507     CRYPT_InitStore(&empty_store, CERT_STORE_READONLY_FLAG, StoreTypeEmpty, &EmptyStoreVtbl);
1508 }