search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
crypt32: Move context interface definition to common header.
[wine/hacks.git] / dlls / crypt32 / store.c
blob6559ae087a34a3fe78a6e5b12f94ad92a05467d1
1 /*
2 * Copyright 2002 Mike McCormack for CodeWeavers
3 * Copyright 2004-2006 Juan Lang
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 *
19 * FIXME:
20 * - As you can see in the stubs below, support for CRLs and CTLs is missing.
21 * Mostly this should be copy-paste work, and some code (e.g. extended
22 * properties) could be shared between them.
23 * - The concept of physical stores and locations isn't implemented. (This
24 * doesn't mean registry stores et al aren't implemented. See the PSDK for
25 * registering and enumerating physical stores and locations.)
26 * - Many flags, options and whatnot are unimplemented.
27 */
28
29 #include <assert.h>
30 #include <stdarg.h>
31 #include "windef.h"
32 #include "winbase.h"
33 #include "winnls.h"
34 #include "winreg.h"
35 #include "winuser.h"
36 #include "wincrypt.h"
37 #include "wine/debug.h"
38 #include "wine/list.h"
39 #include "excpt.h"
40 #include "wine/exception.h"
41 #include "crypt32_private.h"
42
43 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
44
45 #define WINE_CRYPTCERTSTORE_MAGIC 0x74726563
46
47 static const WINE_CONTEXT_INTERFACE gCertInterface = {
48 (CreateContextFunc)CertCreateCertificateContext,
49 (AddContextToStoreFunc)CertAddCertificateContextToStore,
50 (AddEncodedContextToStoreFunc)CertAddEncodedCertificateToStore,
51 (DuplicateContextFunc)CertDuplicateCertificateContext,
52 (EnumContextsInStoreFunc)CertEnumCertificatesInStore,
53 (GetContextPropertyFunc)CertGetCertificateContextProperty,
54 (SetContextPropertyFunc)CertSetCertificateContextProperty,
55 (SerializeElementFunc)CertSerializeCertificateStoreElement,
56 (FreeContextFunc)CertFreeCertificateContext,
57 (DeleteContextFunc)CertDeleteCertificateFromStore,
58 };
59 PCWINE_CONTEXT_INTERFACE pCertInterface = &gCertInterface;
60
61 static const WINE_CONTEXT_INTERFACE gCRLInterface = {
62 (CreateContextFunc)CertCreateCRLContext,
63 (AddContextToStoreFunc)CertAddCRLContextToStore,
64 (AddEncodedContextToStoreFunc)CertAddEncodedCRLToStore,
65 (DuplicateContextFunc)CertDuplicateCRLContext,
66 (EnumContextsInStoreFunc)CertEnumCRLsInStore,
67 (GetContextPropertyFunc)CertGetCRLContextProperty,
68 (SetContextPropertyFunc)CertSetCRLContextProperty,
69 (SerializeElementFunc)CertSerializeCRLStoreElement,
70 (FreeContextFunc)CertFreeCRLContext,
71 (DeleteContextFunc)CertDeleteCRLFromStore,
72 };
73 PCWINE_CONTEXT_INTERFACE pCRLInterface = &gCRLInterface;
74
75 static const WINE_CONTEXT_INTERFACE gCTLInterface = {
76 (CreateContextFunc)CertCreateCTLContext,
77 (AddContextToStoreFunc)CertAddCTLContextToStore,
78 (AddEncodedContextToStoreFunc)CertAddEncodedCTLToStore,
79 (DuplicateContextFunc)CertDuplicateCTLContext,
80 (EnumContextsInStoreFunc)CertEnumCTLsInStore,
81 (GetContextPropertyFunc)CertGetCTLContextProperty,
82 (SetContextPropertyFunc)CertSetCTLContextProperty,
83 (SerializeElementFunc)CertSerializeCTLStoreElement,
84 (FreeContextFunc)CertFreeCTLContext,
85 (DeleteContextFunc)CertDeleteCTLFromStore,
86 };
87 PCWINE_CONTEXT_INTERFACE pCTLInterface = &gCTLInterface;
88
89 struct WINE_CRYPTCERTSTORE;
90
91 typedef struct WINE_CRYPTCERTSTORE * (*StoreOpenFunc)(HCRYPTPROV hCryptProv,
92 DWORD dwFlags, const void *pvPara);
93
94 struct _WINE_CERT_CONTEXT;
95
96 /* Called to enumerate the next certificate in a store. */
97 typedef struct _WINE_CERT_CONTEXT * (*EnumCertFunc)
98 (struct WINE_CRYPTCERTSTORE *store, struct _WINE_CERT_CONTEXT *pPrev);
99
100 /* Called to add a certificate context to a store. If toReplace is not NULL,
101 * context replaces toReplace in the store, and access checks should not be
102 * performed. Otherwise context is a new context, and it should only be
103 * added if the store allows it. If ppStoreContext is not NULL, the added
104 * context should be returned in *ppStoreContext.
105 */
106 typedef BOOL (*AddCertFunc)(struct WINE_CRYPTCERTSTORE *store,
107 struct _WINE_CERT_CONTEXT *context, struct _WINE_CERT_CONTEXT *toReplace,
108 PCCERT_CONTEXT *ppStoreContext);
109
110 typedef enum _CertStoreType {
111 StoreTypeMem,
112 StoreTypeCollection,
113 StoreTypeProvider,
114 } CertStoreType;
115
116 /* A cert store is polymorphic through the use of function pointers. A type
117 * is still needed to distinguish collection stores from other types.
118 * On the function pointers:
119 * - closeStore is called when the store's ref count becomes 0
120 * - control is optional, but should be implemented by any store that supports
121 * persistence
122 */
123 typedef struct WINE_CRYPTCERTSTORE
124 {
125 DWORD dwMagic;
126 LONG ref;
127 DWORD dwOpenFlags;
128 HCRYPTPROV cryptProv;
129 CertStoreType type;
130 PFN_CERT_STORE_PROV_CLOSE closeStore;
131 AddCertFunc addCert;
132 EnumCertFunc enumCert;
133 PFN_CERT_STORE_PROV_DELETE_CERT deleteCert;
134 PFN_CERT_STORE_PROV_CONTROL control; /* optional */
135 } WINECRYPT_CERTSTORE, *PWINECRYPT_CERTSTORE;
136
137 typedef enum _ContextType {
138 ContextTypeData,
139 ContextTypeLink,
140 } ContextType;
141
142 /* A certificate context. This is the base type, and the two real types
143 * (data and link) derive from it. Each one can be cast to a PCCERT_CONTEXT.
144 */
145 typedef struct _WINE_CERT_CONTEXT
146 {
147 CERT_CONTEXT cert;
148 LONG ref;
149 ContextType type;
150 } WINE_CERT_CONTEXT, *PWINE_CERT_CONTEXT;
151 typedef const struct _WINE_CERT_CONTEXT *PCWINE_CERT_CONTEXT;
152
153 typedef struct _WINE_CERT_CONTEXT_DATA
154 {
155 CERT_CONTEXT cert;
156 LONG ref;
157 ContextType type; /* always ContextTypeData */
158 PCONTEXT_PROPERTY_LIST properties;
159 } WINE_CERT_CONTEXT_DATA, *PWINE_CERT_CONTEXT_DATA;
160 typedef const struct _WINE_CERT_CONTEXT_DATA PCWINE_CERT_CONTEXT_DATA;
161
162 typedef struct _WINE_CERT_CONTEXT_LINK
163 {
164 CERT_CONTEXT cert;
165 LONG ref;
166 ContextType type; /* always ContextTypeLink */
167 PWINE_CERT_CONTEXT linked;
168 } WINE_CERT_CONTEXT_LINK, *PWINE_CERT_CONTEXT_LINK;
169 typedef const struct _WINE_CERT_CONTEXT_LINK PCWINE_CERT_CONTEXT_LINK;
170
171 /* A mem store has a list of these. They're also returned by the mem store
172 * during enumeration.
173 */
174 typedef struct _WINE_CERT_LIST_ENTRY
175 {
176 WINE_CERT_CONTEXT_LINK cert;
177 struct list entry;
178 } WINE_CERT_LIST_ENTRY, *PWINE_CERT_LIST_ENTRY;
179
180 typedef struct _WINE_MEMSTORE
181 {
182 WINECRYPT_CERTSTORE hdr;
183 CRITICAL_SECTION cs;
184 struct list certs;
185 } WINE_MEMSTORE, *PWINE_MEMSTORE;
186
187 typedef struct _WINE_HASH_TO_DELETE
188 {
189 BYTE hash[20];
190 struct list entry;
191 } WINE_HASH_TO_DELETE, *PWINE_HASH_TO_DELETE;
192
193 typedef struct _WINE_REGSTOREINFO
194 {
195 DWORD dwOpenFlags;
196 HCRYPTPROV cryptProv;
197 PWINECRYPT_CERTSTORE memStore;
198 HKEY key;
199 BOOL dirty;
200 CRITICAL_SECTION cs;
201 struct list certsToDelete;
202 } WINE_REGSTOREINFO, *PWINE_REGSTOREINFO;
203
204 typedef struct _WINE_STORE_LIST_ENTRY
205 {
206 PWINECRYPT_CERTSTORE store;
207 DWORD dwUpdateFlags;
208 DWORD dwPriority;
209 struct list entry;
210 } WINE_STORE_LIST_ENTRY, *PWINE_STORE_LIST_ENTRY;
211
212 /* Returned by a collection store during enumeration.
213 * Note: relies on the list entry being valid after use, which a number of
214 * conditions might make untrue (reentrancy, closing a collection store before
215 * continuing an enumeration on it, ...). The tests seem to indicate this
216 * sort of unsafety is okay, since Windows isn't well-behaved in these
217 * scenarios either.
218 */
219 typedef struct _WINE_COLLECTION_CERT_CONTEXT
220 {
221 WINE_CERT_CONTEXT_LINK cert;
222 PWINE_STORE_LIST_ENTRY storeEntry;
223 } WINE_COLLECTION_CERT_CONTEXT, *PWINE_COLLECTION_CERT_CONTEXT;
224
225 typedef struct _WINE_COLLECTIONSTORE
226 {
227 WINECRYPT_CERTSTORE hdr;
228 CRITICAL_SECTION cs;
229 struct list stores;
230 } WINE_COLLECTIONSTORE, *PWINE_COLLECTIONSTORE;
231
232 typedef struct _WINE_PROVIDERSTORE
233 {
234 WINECRYPT_CERTSTORE hdr;
235 DWORD dwStoreProvFlags;
236 PWINECRYPT_CERTSTORE memStore;
237 HCERTSTOREPROV hStoreProv;
238 PFN_CERT_STORE_PROV_CLOSE provCloseStore;
239 PFN_CERT_STORE_PROV_WRITE_CERT provWriteCert;
240 PFN_CERT_STORE_PROV_DELETE_CERT provDeleteCert;
241 PFN_CERT_STORE_PROV_CONTROL provControl;
242 } WINE_PROVIDERSTORE, *PWINE_PROVIDERSTORE;
243
244 /* Internal version of CertGetCertificateContextProperty that gets properties
245 * directly from the context (or the context it's linked to, depending on its
246 * type.) Doesn't handle special-case properties, since they are handled by
247 * CertGetCertificateContextProperty, and are particular to the store in which
248 * the property exists (which is separate from the context.)
249 */
250 static BOOL WINAPI CertContext_GetProperty(PWINE_CERT_CONTEXT context,
251 DWORD dwPropId, void *pvData, DWORD *pcbData);
252
253 /* Internal version of CertSetCertificateContextProperty that sets properties
254 * directly on the context (or the context it's linked to, depending on its
255 * type.) Doesn't handle special cases, since they're handled by
256 * CertSetCertificateContextProperty anyway.
257 */
258 static BOOL WINAPI CertContext_SetProperty(PWINE_CERT_CONTEXT context,
259 DWORD dwPropId, DWORD dwFlags, const void *pvData);
260
261 static void CRYPT_InitStore(WINECRYPT_CERTSTORE *store, HCRYPTPROV hCryptProv,
262 DWORD dwFlags, CertStoreType type)
263 {
264 store->ref = 1;
265 store->dwMagic = WINE_CRYPTCERTSTORE_MAGIC;
266 store->type = type;
267 if (!hCryptProv)
268 {
269 hCryptProv = CRYPT_GetDefaultProvider();
270 dwFlags |= CERT_STORE_NO_CRYPT_RELEASE_FLAG;
271 }
272 store->cryptProv = hCryptProv;
273 store->dwOpenFlags = dwFlags;
274 }
275
276 /* Initializes the reference ref to point to context, and increments context's
277 * reference count. Also sets the hCertStore member of the reference to store.
278 */
279 static void CRYPT_InitCertRef(PWINE_CERT_CONTEXT_LINK ref,
280 PWINE_CERT_CONTEXT context, HCERTSTORE store)
281 {
282 TRACE("(%p, %p)\n", ref, context);
283 memcpy(&ref->cert, context, sizeof(ref->cert));
284 ref->ref = 1;
285 ref->type = ContextTypeLink;
286 ref->linked = context;
287 InterlockedIncrement(&context->ref);
288 TRACE("%p's ref count is %ld\n", context, context->ref);
289 ref->cert.hCertStore = store;
290 }
291
292 static BOOL CRYPT_MemAddCert(PWINECRYPT_CERTSTORE store,
293 PWINE_CERT_CONTEXT cert, PWINE_CERT_CONTEXT toReplace,
294 PCCERT_CONTEXT *ppStoreContext)
295 {
296 WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
297 PWINE_CERT_LIST_ENTRY entry = CryptMemAlloc(sizeof(WINE_CERT_LIST_ENTRY));
298 BOOL ret;
299
300 TRACE("(%p, %p, %p, %p)\n", store, cert, toReplace, ppStoreContext);
301
302 if (entry)
303 {
304 PWINE_CERT_LIST_ENTRY existing = (PWINE_CERT_LIST_ENTRY)toReplace;
305
306 TRACE("adding %p\n", entry);
307 CRYPT_InitCertRef(&entry->cert, (PWINE_CERT_CONTEXT)cert, store);
308 EnterCriticalSection(&ms->cs);
309 if (existing)
310 {
311 entry->entry.prev = existing->entry.prev;
312 entry->entry.next = existing->entry.next;
313 entry->entry.prev->next = &entry->entry;
314 entry->entry.next->prev = &entry->entry;
315 existing->entry.prev = existing->entry.next = &existing->entry;
316 CertFreeCertificateContext((PCCERT_CONTEXT)existing);
317 }
318 else
319 list_add_tail(&ms->certs, &entry->entry);
320 LeaveCriticalSection(&ms->cs);
321 if (ppStoreContext)
322 *ppStoreContext =
323 CertDuplicateCertificateContext((PCCERT_CONTEXT)entry);
324 ret = TRUE;
325 }
326 else
327 ret = FALSE;
328 TRACE("returning %d\n", ret);
329 return ret;
330 }
331
332 static PWINE_CERT_CONTEXT CRYPT_MemEnumCert(PWINECRYPT_CERTSTORE store,
333 PWINE_CERT_CONTEXT pPrev)
334 {
335 WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
336 PWINE_CERT_LIST_ENTRY prevEntry = (PWINE_CERT_LIST_ENTRY)pPrev;
337 PWINE_CERT_CONTEXT ret;
338 struct list *listNext;
339
340 TRACE("(%p, %p)\n", store, pPrev);
341 EnterCriticalSection(&ms->cs);
342 if (prevEntry)
343 {
344 listNext = list_next(&ms->certs, &prevEntry->entry);
345 CertFreeCertificateContext((PCCERT_CONTEXT)pPrev);
346 }
347 else
348 listNext = list_next(&ms->certs, &ms->certs);
349 if (listNext)
350 ret = (PWINE_CERT_CONTEXT)CertDuplicateCertificateContext(
351 (PCCERT_CONTEXT)LIST_ENTRY(listNext, WINE_CERT_LIST_ENTRY, entry));
352 else
353 {
354 SetLastError(CRYPT_E_NOT_FOUND);
355 ret = NULL;
356 }
357 LeaveCriticalSection(&ms->cs);
358
359 TRACE("returning %p\n", ret);
360 return ret;
361 }
362
363 static BOOL WINAPI CRYPT_MemDeleteCert(HCERTSTORE hCertStore,
364 PCCERT_CONTEXT pCertContext, DWORD dwFlags)
365 {
366 WINE_MEMSTORE *store = (WINE_MEMSTORE *)hCertStore;
367 PWINE_CERT_LIST_ENTRY cert = (PWINE_CERT_LIST_ENTRY)pCertContext;
368 BOOL ret;
369
370 /* The passed-in context is itself a list entry, so just remove it. */
371 EnterCriticalSection(&store->cs);
372 list_remove(&cert->entry);
373 ret = CertFreeCertificateContext(pCertContext);
374 LeaveCriticalSection(&store->cs);
375 return ret;
376 }
377
378 static void CRYPT_MemEmptyStore(PWINE_MEMSTORE store)
379 {
380 PWINE_CERT_LIST_ENTRY cert, next;
381
382 EnterCriticalSection(&store->cs);
383 LIST_FOR_EACH_ENTRY_SAFE(cert, next, &store->certs, WINE_CERT_LIST_ENTRY,
384 entry)
385 {
386 TRACE("removing %p\n", cert);
387 list_remove(&cert->entry);
388 CertFreeCertificateContext((PCCERT_CONTEXT)cert);
389 }
390 LeaveCriticalSection(&store->cs);
391 }
392
393 static void WINAPI CRYPT_MemCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
394 {
395 WINE_MEMSTORE *store = (WINE_MEMSTORE *)hCertStore;
396
397 TRACE("(%p, %08lx)\n", store, dwFlags);
398 if (dwFlags)
399 FIXME("Unimplemented flags: %08lx\n", dwFlags);
400
401 CRYPT_MemEmptyStore(store);
402 DeleteCriticalSection(&store->cs);
403 CryptMemFree(store);
404 }
405
406 static WINECRYPT_CERTSTORE *CRYPT_MemOpenStore(HCRYPTPROV hCryptProv,
407 DWORD dwFlags, const void *pvPara)
408 {
409 PWINE_MEMSTORE store;
410
411 TRACE("(%ld, %08lx, %p)\n", hCryptProv, dwFlags, pvPara);
412
413 if (dwFlags & CERT_STORE_DELETE_FLAG)
414 {
415 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
416 store = NULL;
417 }
418 else
419 {
420 store = CryptMemAlloc(sizeof(WINE_MEMSTORE));
421 if (store)
422 {
423 memset(store, 0, sizeof(WINE_MEMSTORE));
424 CRYPT_InitStore(&store->hdr, hCryptProv, dwFlags, StoreTypeMem);
425 store->hdr.closeStore = CRYPT_MemCloseStore;
426 store->hdr.addCert = CRYPT_MemAddCert;
427 store->hdr.enumCert = CRYPT_MemEnumCert;
428 store->hdr.deleteCert = CRYPT_MemDeleteCert;
429 store->hdr.control = NULL;
430 InitializeCriticalSection(&store->cs);
431 list_init(&store->certs);
432 }
433 }
434 return (PWINECRYPT_CERTSTORE)store;
435 }
436
437 static PWINE_COLLECTION_CERT_CONTEXT CRYPT_CollectionCreateContextFromChild(
438 PWINE_COLLECTIONSTORE store, PWINE_STORE_LIST_ENTRY storeEntry,
439 PWINE_CERT_CONTEXT child)
440 {
441 PWINE_COLLECTION_CERT_CONTEXT ret =
442 CryptMemAlloc(sizeof(WINE_COLLECTION_CERT_CONTEXT));
443
444 if (ret)
445 {
446 CRYPT_InitCertRef((PWINE_CERT_CONTEXT_LINK)ret, child, store);
447 /* The child has already been addref'd, and CRYPT_InitCertRef does
448 * again, so free child once to get the ref count right. (Not doing so
449 * will leak memory if the caller calls CertFreeCertificateContext
450 * rather than CertEnumCertificatesInStore.)
451 */
452 CertFreeCertificateContext((PCCERT_CONTEXT)child);
453 ret->storeEntry = storeEntry;
454 }
455 else
456 CertFreeCertificateContext((PCCERT_CONTEXT)child);
457 return ret;
458 }
459
460 static BOOL CRYPT_CollectionAddCert(PWINECRYPT_CERTSTORE store,
461 PWINE_CERT_CONTEXT cert, PWINE_CERT_CONTEXT toReplace,
462 PCCERT_CONTEXT *ppStoreContext)
463 {
464 BOOL ret;
465 PCCERT_CONTEXT childContext = NULL;
466 PWINE_STORE_LIST_ENTRY storeEntry = NULL;
467
468 TRACE("(%p, %p, %p, %p)\n", store, cert, toReplace, ppStoreContext);
469
470 ret = FALSE;
471 if (toReplace)
472 {
473 PWINE_COLLECTION_CERT_CONTEXT existing =
474 (PWINE_COLLECTION_CERT_CONTEXT)toReplace;
475
476 storeEntry = existing->storeEntry;
477 ret = storeEntry->store->addCert(storeEntry->store, cert,
478 existing->cert.linked, &childContext);
479 }
480 else
481 {
482 PWINE_COLLECTIONSTORE cs = (PWINE_COLLECTIONSTORE)store;
483 PWINE_STORE_LIST_ENTRY entry, next;
484
485 EnterCriticalSection(&cs->cs);
486 LIST_FOR_EACH_ENTRY_SAFE(entry, next, &cs->stores,
487 WINE_STORE_LIST_ENTRY, entry)
488 {
489 if (entry->dwUpdateFlags & CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG)
490 {
491 storeEntry = entry;
492 ret = entry->store->addCert(entry->store, cert, NULL,
493 &childContext);
494 break;
495 }
496 }
497 LeaveCriticalSection(&cs->cs);
498 if (!storeEntry)
499 SetLastError(E_ACCESSDENIED);
500 }
501 if (ppStoreContext && childContext)
502 {
503 *ppStoreContext =
504 (PCCERT_CONTEXT)CRYPT_CollectionCreateContextFromChild(
505 (PWINE_COLLECTIONSTORE)store, storeEntry,
506 (PWINE_CERT_CONTEXT)childContext);
507 }
508 CertFreeCertificateContext(childContext);
509 return ret;
510 }
511
512 static void WINAPI CRYPT_CollectionCloseStore(HCERTSTORE store, DWORD dwFlags)
513 {
514 PWINE_COLLECTIONSTORE cs = (PWINE_COLLECTIONSTORE)store;
515 PWINE_STORE_LIST_ENTRY entry, next;
516
517 TRACE("(%p, %08lx)\n", store, dwFlags);
518
519 LIST_FOR_EACH_ENTRY_SAFE(entry, next, &cs->stores, WINE_STORE_LIST_ENTRY,
520 entry)
521 {
522 TRACE("closing %p\n", entry);
523 CertCloseStore((HCERTSTORE)entry->store, dwFlags);
524 CryptMemFree(entry);
525 }
526 DeleteCriticalSection(&cs->cs);
527 CryptMemFree(cs);
528 }
529
530 /* Advances a collection enumeration by one cert, if possible, where advancing
531 * means:
532 * - calling the current store's enumeration function once, and returning
533 * the enumerated cert if one is returned
534 * - moving to the next store if the current store has no more items, and
535 * recursively calling itself to get the next item.
536 * Returns NULL if the collection contains no more items or on error.
537 * Assumes the collection store's lock is held.
538 */
539 static PWINE_COLLECTION_CERT_CONTEXT CRYPT_CollectionAdvanceEnum(
540 PWINE_COLLECTIONSTORE store, PWINE_STORE_LIST_ENTRY storeEntry,
541 PWINE_COLLECTION_CERT_CONTEXT pPrev)
542 {
543 PWINE_COLLECTION_CERT_CONTEXT ret;
544 PWINE_CERT_CONTEXT child;
545 struct list *storeNext = list_next(&store->stores, &storeEntry->entry);
546
547 TRACE("(%p, %p, %p)\n", store, storeEntry, pPrev);
548
549 if (pPrev)
550 {
551 /* Ref-counting funny business: "duplicate" (addref) the child, because
552 * the CertFreeCertificateContext(pPrev) below can cause the ref count
553 * to become negative. See comment in
554 * CRYPT_CollectionCreateContextFromChild as well.
555 */
556 child = ((PWINE_COLLECTION_CERT_CONTEXT)pPrev)->cert.linked;
557 CertDuplicateCertificateContext((PCCERT_CONTEXT)child);
558 child = storeEntry->store->enumCert((HCERTSTORE)storeEntry->store,
559 child);
560 CertFreeCertificateContext((PCCERT_CONTEXT)pPrev);
561 pPrev = NULL;
562 }
563 else
564 child = storeEntry->store->enumCert((HCERTSTORE)storeEntry->store,
565 NULL);
566 if (child)
567 ret = CRYPT_CollectionCreateContextFromChild(store, storeEntry, child);
568 else
569 {
570 if (storeNext)
571 {
572 storeEntry = LIST_ENTRY(storeNext, WINE_STORE_LIST_ENTRY, entry);
573 ret = CRYPT_CollectionAdvanceEnum(store, storeEntry, NULL);
574 }
575 else
576 {
577 SetLastError(CRYPT_E_NOT_FOUND);
578 ret = NULL;
579 }
580 }
581 TRACE("returning %p\n", ret);
582 return ret;
583 }
584
585 static PWINE_CERT_CONTEXT CRYPT_CollectionEnumCert(PWINECRYPT_CERTSTORE store,
586 PWINE_CERT_CONTEXT pPrev)
587 {
588 PWINE_COLLECTIONSTORE cs = (PWINE_COLLECTIONSTORE)store;
589 PWINE_COLLECTION_CERT_CONTEXT prevEntry =
590 (PWINE_COLLECTION_CERT_CONTEXT)pPrev, ret;
591
592 TRACE("(%p, %p)\n", store, pPrev);
593
594 if (prevEntry)
595 {
596 EnterCriticalSection(&cs->cs);
597 ret = CRYPT_CollectionAdvanceEnum(cs, prevEntry->storeEntry, prevEntry);
598 LeaveCriticalSection(&cs->cs);
599 }
600 else
601 {
602 EnterCriticalSection(&cs->cs);
603 if (!list_empty(&cs->stores))
604 {
605 PWINE_STORE_LIST_ENTRY storeEntry;
606
607 storeEntry = LIST_ENTRY(cs->stores.next, WINE_STORE_LIST_ENTRY,
608 entry);
609 ret = CRYPT_CollectionAdvanceEnum(cs, storeEntry, NULL);
610 }
611 else
612 {
613 SetLastError(CRYPT_E_NOT_FOUND);
614 ret = NULL;
615 }
616 LeaveCriticalSection(&cs->cs);
617 }
618 TRACE("returning %p\n", ret);
619 return (PWINE_CERT_CONTEXT)ret;
620 }
621
622 static BOOL WINAPI CRYPT_CollectionDeleteCert(HCERTSTORE hCertStore,
623 PCCERT_CONTEXT pCertContext, DWORD dwFlags)
624 {
625 PWINE_COLLECTION_CERT_CONTEXT context =
626 (PWINE_COLLECTION_CERT_CONTEXT)pCertContext;
627 BOOL ret;
628
629 TRACE("(%p, %p, %08lx)\n", hCertStore, pCertContext, dwFlags);
630
631 ret = CertDeleteCertificateFromStore((PCCERT_CONTEXT)context->cert.linked);
632 return ret;
633 }
634
635 static WINECRYPT_CERTSTORE *CRYPT_CollectionOpenStore(HCRYPTPROV hCryptProv,
636 DWORD dwFlags, const void *pvPara)
637 {
638 PWINE_COLLECTIONSTORE store;
639
640 if (dwFlags & CERT_STORE_DELETE_FLAG)
641 {
642 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
643 store = NULL;
644 }
645 else
646 {
647 store = CryptMemAlloc(sizeof(WINE_COLLECTIONSTORE));
648 if (store)
649 {
650 memset(store, 0, sizeof(WINE_COLLECTIONSTORE));
651 CRYPT_InitStore(&store->hdr, hCryptProv, dwFlags,
652 StoreTypeCollection);
653 store->hdr.closeStore = CRYPT_CollectionCloseStore;
654 store->hdr.addCert = CRYPT_CollectionAddCert;
655 store->hdr.enumCert = CRYPT_CollectionEnumCert;
656 store->hdr.deleteCert = CRYPT_CollectionDeleteCert;
657 InitializeCriticalSection(&store->cs);
658 list_init(&store->stores);
659 }
660 }
661 return (PWINECRYPT_CERTSTORE)store;
662 }
663
664 static void WINAPI CRYPT_ProvCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
665 {
666 PWINE_PROVIDERSTORE store = (PWINE_PROVIDERSTORE)hCertStore;
667
668 TRACE("(%p, %08lx)\n", store, dwFlags);
669
670 if (store->provCloseStore)
671 store->provCloseStore(store->hStoreProv, dwFlags);
672 if (!(store->dwStoreProvFlags & CERT_STORE_PROV_EXTERNAL_FLAG))
673 CertCloseStore(store->memStore, dwFlags);
674 CryptMemFree(store);
675 }
676
677 static BOOL CRYPT_ProvAddCert(PWINECRYPT_CERTSTORE store,
678 PWINE_CERT_CONTEXT cert, PWINE_CERT_CONTEXT toReplace,
679 PCCERT_CONTEXT *ppStoreContext)
680 {
681 PWINE_PROVIDERSTORE ps = (PWINE_PROVIDERSTORE)store;
682 BOOL ret;
683
684 TRACE("(%p, %p, %p, %p)\n", store, cert, toReplace, ppStoreContext);
685
686 if (toReplace)
687 ret = ps->memStore->addCert(ps->memStore, cert, toReplace,
688 ppStoreContext);
689 else
690 {
691 if (ps->hdr.dwOpenFlags & CERT_STORE_READONLY_FLAG)
692 {
693 SetLastError(ERROR_ACCESS_DENIED);
694 ret = FALSE;
695 }
696 else
697 {
698 ret = TRUE;
699 if (ps->provWriteCert)
700 ret = ps->provWriteCert(ps->hStoreProv, (PCCERT_CONTEXT)cert,
701 CERT_STORE_PROV_WRITE_ADD_FLAG);
702 if (ret)
703 ret = ps->memStore->addCert(ps->memStore, cert, NULL,
704 ppStoreContext);
705 }
706 }
707 /* dirty trick: replace the returned context's hCertStore with
708 * store.
709 */
710 if (ppStoreContext)
711 (*(PCERT_CONTEXT *)ppStoreContext)->hCertStore = store;
712 return ret;
713 }
714
715 static PWINE_CERT_CONTEXT CRYPT_ProvEnumCert(PWINECRYPT_CERTSTORE store,
716 PWINE_CERT_CONTEXT pPrev)
717 {
718 PWINE_PROVIDERSTORE ps = (PWINE_PROVIDERSTORE)store;
719 PWINE_CERT_CONTEXT ret;
720
721 ret = ps->memStore->enumCert(ps->memStore, pPrev);
722 if (ret)
723 {
724 /* same dirty trick: replace the returned context's hCertStore with
725 * store.
726 */
727 ret->cert.hCertStore = store;
728 }
729 return ret;
730 }
731
732 static BOOL WINAPI CRYPT_ProvDeleteCert(HCERTSTORE hCertStore,
733 PCCERT_CONTEXT cert, DWORD dwFlags)
734 {
735 PWINE_PROVIDERSTORE store = (PWINE_PROVIDERSTORE)hCertStore;
736 BOOL ret = TRUE;
737
738 TRACE("(%p, %p, %08lx)\n", hCertStore, cert, dwFlags);
739
740 if (store->provDeleteCert)
741 ret = store->provDeleteCert(store->hStoreProv, cert, dwFlags);
742 if (ret)
743 ret = store->memStore->deleteCert(store->memStore, cert, dwFlags);
744 return ret;
745 }
746
747 static BOOL WINAPI CRYPT_ProvControl(HCERTSTORE hCertStore, DWORD dwFlags,
748 DWORD dwCtrlType, void const *pvCtrlPara)
749 {
750 PWINE_PROVIDERSTORE store = (PWINE_PROVIDERSTORE)hCertStore;
751 BOOL ret = TRUE;
752
753 TRACE("(%p, %08lx, %ld, %p)\n", hCertStore, dwFlags, dwCtrlType,
754 pvCtrlPara);
755
756 if (store->provControl)
757 ret = store->provControl(store->hStoreProv, dwFlags, dwCtrlType,
758 pvCtrlPara);
759 return ret;
760 }
761
762 static PWINECRYPT_CERTSTORE CRYPT_ProvCreateStore(HCRYPTPROV hCryptProv,
763 DWORD dwFlags, PWINECRYPT_CERTSTORE memStore, PCERT_STORE_PROV_INFO pProvInfo)
764 {
765 PWINE_PROVIDERSTORE ret = (PWINE_PROVIDERSTORE)CryptMemAlloc(
766 sizeof(WINE_PROVIDERSTORE));
767
768 if (ret)
769 {
770 CRYPT_InitStore(&ret->hdr, hCryptProv, dwFlags,
771 StoreTypeProvider);
772 ret->dwStoreProvFlags = pProvInfo->dwStoreProvFlags;
773 if (ret->dwStoreProvFlags & CERT_STORE_PROV_EXTERNAL_FLAG)
774 {
775 CertCloseStore(memStore, 0);
776 ret->memStore = NULL;
777 }
778 else
779 ret->memStore = memStore;
780 ret->hStoreProv = pProvInfo->hStoreProv;
781 ret->hdr.closeStore = CRYPT_ProvCloseStore;
782 ret->hdr.addCert = CRYPT_ProvAddCert;
783 ret->hdr.enumCert = CRYPT_ProvEnumCert;
784 ret->hdr.deleteCert = CRYPT_ProvDeleteCert;
785 ret->hdr.control = CRYPT_ProvControl;
786 if (pProvInfo->cStoreProvFunc > CERT_STORE_PROV_CLOSE_FUNC)
787 ret->provCloseStore =
788 pProvInfo->rgpvStoreProvFunc[CERT_STORE_PROV_CLOSE_FUNC];
789 else
790 ret->provCloseStore = NULL;
791 if (pProvInfo->cStoreProvFunc >
792 CERT_STORE_PROV_WRITE_CERT_FUNC)
793 ret->provWriteCert = pProvInfo->rgpvStoreProvFunc[
794 CERT_STORE_PROV_WRITE_CERT_FUNC];
795 else
796 ret->provWriteCert = NULL;
797 if (pProvInfo->cStoreProvFunc >
798 CERT_STORE_PROV_DELETE_CERT_FUNC)
799 ret->provDeleteCert = pProvInfo->rgpvStoreProvFunc[
800 CERT_STORE_PROV_DELETE_CERT_FUNC];
801 else
802 ret->provDeleteCert = NULL;
803 if (pProvInfo->cStoreProvFunc >
804 CERT_STORE_PROV_CONTROL_FUNC)
805 ret->provControl = pProvInfo->rgpvStoreProvFunc[
806 CERT_STORE_PROV_CONTROL_FUNC];
807 else
808 ret->provControl = NULL;
809 }
810 return (PWINECRYPT_CERTSTORE)ret;
811 }
812
813 static PWINECRYPT_CERTSTORE CRYPT_ProvOpenStore(LPCSTR lpszStoreProvider,
814 DWORD dwEncodingType, HCRYPTPROV hCryptProv, DWORD dwFlags, const void *pvPara)
815 {
816 static HCRYPTOIDFUNCSET set = NULL;
817 PFN_CERT_DLL_OPEN_STORE_PROV_FUNC provOpenFunc;
818 HCRYPTOIDFUNCADDR hFunc;
819 PWINECRYPT_CERTSTORE ret = NULL;
820
821 if (!set)
822 set = CryptInitOIDFunctionSet(CRYPT_OID_OPEN_STORE_PROV_FUNC, 0);
823 CryptGetOIDFunctionAddress(set, dwEncodingType, lpszStoreProvider, 0,
824 (void **)&provOpenFunc, &hFunc);
825 if (provOpenFunc)
826 {
827 CERT_STORE_PROV_INFO provInfo = { 0 };
828
829 provInfo.cbSize = sizeof(provInfo);
830 if (dwFlags & CERT_STORE_DELETE_FLAG)
831 provOpenFunc(lpszStoreProvider, dwEncodingType, hCryptProv,
832 dwFlags, pvPara, NULL, &provInfo);
833 else
834 {
835 HCERTSTORE memStore;
836
837 memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
838 CERT_STORE_CREATE_NEW_FLAG, NULL);
839 if (memStore)
840 {
841 if (provOpenFunc(lpszStoreProvider, dwEncodingType, hCryptProv,
842 dwFlags, pvPara, memStore, &provInfo))
843 ret = CRYPT_ProvCreateStore(hCryptProv, dwFlags, memStore,
844 &provInfo);
845 else
846 CertCloseStore(memStore, 0);
847 }
848 }
849 CryptFreeOIDFunctionAddress(hFunc, 0);
850 }
851 else
852 SetLastError(ERROR_FILE_NOT_FOUND);
853 return ret;
854 }
855
856 static void CRYPT_HashToStr(LPBYTE hash, LPWSTR asciiHash)
857 {
858 static const WCHAR fmt[] = { '%','0','2','X',0 };
859 DWORD i;
860
861 assert(hash);
862 assert(asciiHash);
863
864 for (i = 0; i < 20; i++)
865 wsprintfW(asciiHash + i * 2, fmt, hash[i]);
866 }
867
868 static const WCHAR CertsW[] = { 'C','e','r','t','i','f','i','c','a','t','e','s',
869 0 };
870 static const WCHAR CRLsW[] = { 'C','R','L','s',0 };
871 static const WCHAR CTLsW[] = { 'C','T','L','s',0 };
872 static const WCHAR BlobW[] = { 'B','l','o','b',0 };
873
874 static void CRYPT_RegReadSerializedFromReg(PWINE_REGSTOREINFO store, HKEY key,
875 DWORD contextType)
876 {
877 LONG rc;
878 DWORD index = 0;
879 WCHAR subKeyName[MAX_PATH];
880
881 do {
882 DWORD size = sizeof(subKeyName) / sizeof(WCHAR);
883
884 rc = RegEnumKeyExW(key, index++, subKeyName, &size, NULL, NULL, NULL,
885 NULL);
886 if (!rc)
887 {
888 HKEY subKey;
889
890 rc = RegOpenKeyExW(key, subKeyName, 0, KEY_READ, &subKey);
891 if (!rc)
892 {
893 LPBYTE buf = NULL;
894
895 size = 0;
896 rc = RegQueryValueExW(subKey, BlobW, NULL, NULL, NULL, &size);
897 if (!rc)
898 buf = CryptMemAlloc(size);
899 if (buf)
900 {
901 rc = RegQueryValueExW(subKey, BlobW, NULL, NULL, buf,
902 &size);
903 if (!rc)
904 {
905 const void *context;
906 DWORD addedType;
907
908 TRACE("Adding cert with hash %s\n",
909 debugstr_w(subKeyName));
910 context = CRYPT_ReadSerializedElement(buf, size,
911 contextType, &addedType);
912 if (context)
913 {
914 const WINE_CONTEXT_INTERFACE *contextInterface;
915 BYTE hash[20];
916
917 switch (addedType)
918 {
919 case CERT_STORE_CERTIFICATE_CONTEXT:
920 contextInterface = &gCertInterface;
921 break;
922 case CERT_STORE_CRL_CONTEXT:
923 contextInterface = &gCRLInterface;
924 break;
925 case CERT_STORE_CTL_CONTEXT:
926 contextInterface = &gCTLInterface;
927 break;
928 default:
929 contextInterface = NULL;
930 }
931 if (contextInterface)
932 {
933 size = sizeof(hash);
934 if (contextInterface->getProp(context,
935 CERT_HASH_PROP_ID, hash, &size))
936 {
937 WCHAR asciiHash[20 * 2 + 1];
938
939 CRYPT_HashToStr(hash, asciiHash);
940 TRACE("comparing %s\n",
941 debugstr_w(asciiHash));
942 TRACE("with %s\n", debugstr_w(subKeyName));
943 if (!lstrcmpW(asciiHash, subKeyName))
944 {
945 TRACE("hash matches, adding\n");
946 contextInterface->addContextToStore(
947 store->memStore, context,
948 CERT_STORE_ADD_REPLACE_EXISTING, NULL);
949 }
950 else
951 TRACE("hash doesn't match, ignoring\n");
952 }
953 contextInterface->free(context);
954 }
955 }
956 }
957 CryptMemFree(buf);
958 }
959 RegCloseKey(subKey);
960 }
961 /* Ignore intermediate errors, continue enumerating */
962 rc = ERROR_SUCCESS;
963 }
964 } while (!rc);
965 }
966
967 static void CRYPT_RegReadFromReg(PWINE_REGSTOREINFO store)
968 {
969 static const WCHAR *subKeys[] = { CertsW, CRLsW, CTLsW };
970 static const DWORD contextFlags[] = { CERT_STORE_CERTIFICATE_CONTEXT_FLAG,
971 CERT_STORE_CRL_CONTEXT_FLAG, CERT_STORE_CTL_CONTEXT_FLAG };
972 DWORD i;
973
974 for (i = 0; i < sizeof(subKeys) / sizeof(subKeys[0]); i++)
975 {
976 HKEY key;
977 LONG rc;
978
979 rc = RegCreateKeyExW(store->key, subKeys[i], 0, NULL, 0, KEY_READ, NULL,
980 &key, NULL);
981 if (!rc)
982 {
983 CRYPT_RegReadSerializedFromReg(store, key, contextFlags[i]);
984 RegCloseKey(key);
985 }
986 }
987 }
988
989 /* Hash is assumed to be 20 bytes in length (a SHA-1 hash) */
990 static BOOL CRYPT_WriteSerializedToReg(HKEY key, LPBYTE hash, LPBYTE buf,
991 DWORD len)
992 {
993 WCHAR asciiHash[20 * 2 + 1];
994 LONG rc;
995 HKEY subKey;
996 BOOL ret;
997
998 CRYPT_HashToStr(hash, asciiHash);
999 rc = RegCreateKeyExW(key, asciiHash, 0, NULL, 0, KEY_ALL_ACCESS, NULL,
1000 &subKey, NULL);
1001 if (!rc)
1002 {
1003 rc = RegSetValueExW(subKey, BlobW, 0, REG_BINARY, buf, len);
1004 RegCloseKey(subKey);
1005 }
1006 if (!rc)
1007 ret = TRUE;
1008 else
1009 {
1010 SetLastError(rc);
1011 ret = FALSE;
1012 }
1013 return ret;
1014 }
1015
1016 static BOOL CRYPT_SerializeContextsToReg(HKEY key,
1017 const WINE_CONTEXT_INTERFACE *contextInterface, HCERTSTORE memStore)
1018 {
1019 const void *context = NULL;
1020 BOOL ret;
1021
1022 do {
1023 context = contextInterface->enumContextsInStore(memStore, context);
1024 if (context)
1025 {
1026 BYTE hash[20];
1027 DWORD hashSize = sizeof(hash);
1028
1029 ret = contextInterface->getProp(context, CERT_HASH_PROP_ID, hash,
1030 &hashSize);
1031 if (ret)
1032 {
1033 DWORD size = 0;
1034 LPBYTE buf = NULL;
1035
1036 ret = contextInterface->serialize(context, 0, NULL, &size);
1037 if (size)
1038 buf = CryptMemAlloc(size);
1039 if (buf)
1040 {
1041 ret = contextInterface->serialize(context, 0, buf, &size);
1042 if (ret)
1043 ret = CRYPT_WriteSerializedToReg(key, hash, buf, size);
1044 }
1045 CryptMemFree(buf);
1046 }
1047 }
1048 else
1049 ret = TRUE;
1050 } while (ret && context != NULL);
1051 if (context)
1052 contextInterface->free(context);
1053 return ret;
1054 }
1055
1056 static BOOL CRYPT_RegWriteToReg(PWINE_REGSTOREINFO store)
1057 {
1058 static const WCHAR *subKeys[] = { CertsW, CRLsW, CTLsW };
1059 static const WINE_CONTEXT_INTERFACE *interfaces[] = { &gCertInterface,
1060 &gCRLInterface, &gCTLInterface };
1061 struct list *listToDelete[] = { &store->certsToDelete, NULL, NULL };
1062 BOOL ret = TRUE;
1063 DWORD i;
1064
1065 for (i = 0; ret && i < sizeof(subKeys) / sizeof(subKeys[0]); i++)
1066 {
1067 HKEY key;
1068 LONG rc = RegCreateKeyExW(store->key, subKeys[i], 0, NULL, 0,
1069 KEY_ALL_ACCESS, NULL, &key, NULL);
1070
1071 if (!rc)
1072 {
1073 if (listToDelete[i])
1074 {
1075 PWINE_HASH_TO_DELETE toDelete, next;
1076 WCHAR asciiHash[20 * 2 + 1];
1077
1078 EnterCriticalSection(&store->cs);
1079 LIST_FOR_EACH_ENTRY_SAFE(toDelete, next, listToDelete[i],
1080 WINE_HASH_TO_DELETE, entry)
1081 {
1082 LONG rc;
1083
1084 CRYPT_HashToStr(toDelete->hash, asciiHash);
1085 TRACE("Removing %s\n", debugstr_w(asciiHash));
1086 rc = RegDeleteKeyW(key, asciiHash);
1087 if (rc != ERROR_SUCCESS && rc != ERROR_FILE_NOT_FOUND)
1088 {
1089 SetLastError(rc);
1090 ret = FALSE;
1091 }
1092 list_remove(&toDelete->entry);
1093 CryptMemFree(toDelete);
1094 }
1095 LeaveCriticalSection(&store->cs);
1096 }
1097 ret = CRYPT_SerializeContextsToReg(key, interfaces[i],
1098 store->memStore);
1099 RegCloseKey(key);
1100 }
1101 else
1102 {
1103 SetLastError(rc);
1104 ret = FALSE;
1105 }
1106 }
1107 return ret;
1108 }
1109
1110 /* If force is true or the registry store is dirty, writes the contents of the
1111 * store to the registry.
1112 */
1113 static BOOL CRYPT_RegFlushStore(PWINE_REGSTOREINFO store, BOOL force)
1114 {
1115 BOOL ret;
1116
1117 TRACE("(%p, %d)\n", store, force);
1118
1119 if (store->dirty || force)
1120 ret = CRYPT_RegWriteToReg(store);
1121 else
1122 ret = TRUE;
1123 return ret;
1124 }
1125
1126 static void WINAPI CRYPT_RegCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
1127 {
1128 PWINE_REGSTOREINFO store = (PWINE_REGSTOREINFO)hCertStore;
1129
1130 TRACE("(%p, %08lx)\n", store, dwFlags);
1131 if (dwFlags)
1132 FIXME("Unimplemented flags: %08lx\n", dwFlags);
1133
1134 CRYPT_RegFlushStore(store, FALSE);
1135 RegCloseKey(store->key);
1136 DeleteCriticalSection(&store->cs);
1137 CryptMemFree(store);
1138 }
1139
1140 static BOOL WINAPI CRYPT_RegWriteCert(HCERTSTORE hCertStore,
1141 PCCERT_CONTEXT cert, DWORD dwFlags)
1142 {
1143 PWINE_REGSTOREINFO store = (PWINE_REGSTOREINFO)hCertStore;
1144 BOOL ret;
1145
1146 TRACE("(%p, %p, %ld)\n", hCertStore, cert, dwFlags);
1147
1148 if (dwFlags & CERT_STORE_PROV_WRITE_ADD_FLAG)
1149 {
1150 store->dirty = TRUE;
1151 ret = TRUE;
1152 }
1153 else
1154 ret = FALSE;
1155 return ret;
1156 }
1157
1158 static BOOL WINAPI CRYPT_RegDeleteCert(HCERTSTORE hCertStore,
1159 PCCERT_CONTEXT pCertContext, DWORD dwFlags)
1160 {
1161 PWINE_REGSTOREINFO store = (PWINE_REGSTOREINFO)hCertStore;
1162 BOOL ret;
1163
1164 TRACE("(%p, %p, %08lx)\n", store, pCertContext, dwFlags);
1165
1166 if (store->dwOpenFlags & CERT_STORE_READONLY_FLAG)
1167 {
1168 SetLastError(ERROR_ACCESS_DENIED);
1169 ret = FALSE;
1170 }
1171 else
1172 {
1173 PWINE_HASH_TO_DELETE toDelete =
1174 CryptMemAlloc(sizeof(WINE_HASH_TO_DELETE));
1175
1176 if (toDelete)
1177 {
1178 DWORD size = sizeof(toDelete->hash);
1179
1180 ret = CertGetCertificateContextProperty(pCertContext,
1181 CERT_HASH_PROP_ID, toDelete->hash, &size);
1182 if (ret)
1183 {
1184 EnterCriticalSection(&store->cs);
1185 list_add_tail(&store->certsToDelete, &toDelete->entry);
1186 LeaveCriticalSection(&store->cs);
1187 }
1188 else
1189 {
1190 CryptMemFree(toDelete);
1191 ret = FALSE;
1192 }
1193 }
1194 else
1195 ret = FALSE;
1196 if (ret)
1197 store->dirty = TRUE;
1198 }
1199 return ret;
1200 }
1201
1202 static BOOL WINAPI CRYPT_RegControl(HCERTSTORE hCertStore, DWORD dwFlags,
1203 DWORD dwCtrlType, void const *pvCtrlPara)
1204 {
1205 PWINE_REGSTOREINFO store = (PWINE_REGSTOREINFO)hCertStore;
1206 BOOL ret;
1207
1208 TRACE("(%p, %08lx, %ld, %p)\n", hCertStore, dwFlags, dwCtrlType,
1209 pvCtrlPara);
1210
1211 switch (dwCtrlType)
1212 {
1213 case CERT_STORE_CTRL_RESYNC:
1214 CRYPT_RegFlushStore(store, FALSE);
1215 CRYPT_MemEmptyStore((PWINE_MEMSTORE)store->memStore);
1216 CRYPT_RegReadFromReg(store);
1217 ret = TRUE;
1218 break;
1219 case CERT_STORE_CTRL_COMMIT:
1220 ret = CRYPT_RegFlushStore(store,
1221 dwFlags & CERT_STORE_CTRL_COMMIT_FORCE_FLAG);
1222 break;
1223 default:
1224 FIXME("%ld: stub\n", dwCtrlType);
1225 ret = FALSE;
1226 }
1227 return ret;
1228 }
1229
1230 /* Copied from shlwapi's SHDeleteKeyW, and reformatted to match this file. */
1231 static DWORD CRYPT_RecurseDeleteKey(HKEY hKey, LPCWSTR lpszSubKey)
1232 {
1233 DWORD dwRet, dwKeyCount = 0, dwMaxSubkeyLen = 0, dwSize, i;
1234 WCHAR szNameBuf[MAX_PATH], *lpszName = szNameBuf;
1235 HKEY hSubKey = 0;
1236
1237 TRACE("(hkey=%p,%s)\n", hKey, debugstr_w(lpszSubKey));
1238
1239 dwRet = RegOpenKeyExW(hKey, lpszSubKey, 0, KEY_READ, &hSubKey);
1240 if (!dwRet)
1241 {
1242 /* Find how many subkeys there are */
1243 dwRet = RegQueryInfoKeyW(hSubKey, NULL, NULL, NULL, &dwKeyCount,
1244 &dwMaxSubkeyLen, NULL, NULL, NULL, NULL, NULL, NULL);
1245 if (!dwRet)
1246 {
1247 dwMaxSubkeyLen++;
1248 if (dwMaxSubkeyLen > sizeof(szNameBuf)/sizeof(WCHAR))
1249 {
1250 /* Name too big: alloc a buffer for it */
1251 lpszName = CryptMemAlloc(dwMaxSubkeyLen*sizeof(WCHAR));
1252 }
1253
1254 if (!lpszName)
1255 dwRet = ERROR_NOT_ENOUGH_MEMORY;
1256 else
1257 {
1258 /* Recursively delete all the subkeys */
1259 for (i = 0; i < dwKeyCount && !dwRet; i++)
1260 {
1261 dwSize = dwMaxSubkeyLen;
1262 dwRet = RegEnumKeyExW(hSubKey, i, lpszName, &dwSize, NULL,
1263 NULL, NULL, NULL);
1264 if (!dwRet)
1265 dwRet = CRYPT_RecurseDeleteKey(hSubKey, lpszName);
1266 }
1267
1268 if (lpszName != szNameBuf)
1269 {
1270 /* Free buffer if allocated */
1271 CryptMemFree(lpszName);
1272 }
1273 }
1274 }
1275
1276 RegCloseKey(hSubKey);
1277 if (!dwRet)
1278 dwRet = RegDeleteKeyW(hKey, lpszSubKey);
1279 }
1280 return dwRet;
1281 }
1282
1283 static void *regProvFuncs[] = {
1284 CRYPT_RegCloseStore,
1285 NULL, /* CERT_STORE_PROV_READ_CERT_FUNC */
1286 CRYPT_RegWriteCert,
1287 CRYPT_RegDeleteCert,
1288 NULL, /* CERT_STORE_PROV_SET_CERT_PROPERTY_FUNC */
1289 NULL, /* CERT_STORE_PROV_READ_CRL_FUNC */
1290 NULL, /* CERT_STORE_PROV_WRITE_CRL_FUNC */
1291 NULL, /* CERT_STORE_PROV_DELETE_CRL_FUNC */
1292 NULL, /* CERT_STORE_PROV_SET_CRL_PROPERTY_FUNC */
1293 NULL, /* CERT_STORE_PROV_READ_CTL_FUNC */
1294 NULL, /* CERT_STORE_PROV_WRITE_CTL_FUNC */
1295 NULL, /* CERT_STORE_PROV_DELETE_CTL_FUNC */
1296 NULL, /* CERT_STORE_PROV_SET_CTL_PROPERTY_FUNC */
1297 CRYPT_RegControl,
1298 };
1299
1300 static WINECRYPT_CERTSTORE *CRYPT_RegOpenStore(HCRYPTPROV hCryptProv,
1301 DWORD dwFlags, const void *pvPara)
1302 {
1303 PWINECRYPT_CERTSTORE store = NULL;
1304
1305 TRACE("(%ld, %08lx, %p)\n", hCryptProv, dwFlags, pvPara);
1306
1307 if (dwFlags & CERT_STORE_DELETE_FLAG)
1308 {
1309 DWORD rc = CRYPT_RecurseDeleteKey((HKEY)pvPara, CertsW);
1310
1311 if (rc == ERROR_SUCCESS || rc == ERROR_NO_MORE_ITEMS)
1312 rc = CRYPT_RecurseDeleteKey((HKEY)pvPara, CRLsW);
1313 if (rc == ERROR_SUCCESS || rc == ERROR_NO_MORE_ITEMS)
1314 rc = CRYPT_RecurseDeleteKey((HKEY)pvPara, CTLsW);
1315 if (rc == ERROR_NO_MORE_ITEMS)
1316 rc = ERROR_SUCCESS;
1317 SetLastError(rc);
1318 }
1319 else
1320 {
1321 HKEY key;
1322
1323 if (DuplicateHandle(GetCurrentProcess(), (HANDLE)pvPara,
1324 GetCurrentProcess(), (LPHANDLE)&key,
1325 dwFlags & CERT_STORE_READONLY_FLAG ? KEY_READ : KEY_ALL_ACCESS,
1326 TRUE, 0))
1327 {
1328 PWINECRYPT_CERTSTORE memStore;
1329
1330 memStore = CRYPT_MemOpenStore(hCryptProv, dwFlags, NULL);
1331 if (memStore)
1332 {
1333 PWINE_REGSTOREINFO regInfo = CryptMemAlloc(
1334 sizeof(WINE_REGSTOREINFO));
1335
1336 if (regInfo)
1337 {
1338 CERT_STORE_PROV_INFO provInfo = { 0 };
1339
1340 regInfo->dwOpenFlags = dwFlags;
1341 regInfo->cryptProv = hCryptProv;
1342 regInfo->memStore = memStore;
1343 regInfo->key = key;
1344 InitializeCriticalSection(&regInfo->cs);
1345 list_init(&regInfo->certsToDelete);
1346 CRYPT_RegReadFromReg(regInfo);
1347 regInfo->dirty = FALSE;
1348 provInfo.cbSize = sizeof(provInfo);
1349 provInfo.cStoreProvFunc = sizeof(regProvFuncs) /
1350 sizeof(regProvFuncs[0]);
1351 provInfo.rgpvStoreProvFunc = regProvFuncs;
1352 provInfo.hStoreProv = regInfo;
1353 store = CRYPT_ProvCreateStore(hCryptProv, dwFlags, memStore,
1354 &provInfo);
1355 }
1356 }
1357 }
1358 }
1359 TRACE("returning %p\n", store);
1360 return store;
1361 }
1362
1363 /* FIXME: this isn't complete for the Root store, in which the top-level
1364 * self-signed CA certs reside. Adding a cert to the Root store should present
1365 * the user with a dialog indicating the consequences of doing so, and asking
1366 * the user to confirm whether the cert should be added.
1367 */
1368 static PWINECRYPT_CERTSTORE CRYPT_SysRegOpenStoreW(HCRYPTPROV hCryptProv,
1369 DWORD dwFlags, const void *pvPara)
1370 {
1371 static const WCHAR fmt[] = { '%','s','\\','%','s',0 };
1372 LPCWSTR storeName = (LPCWSTR)pvPara;
1373 LPWSTR storePath;
1374 PWINECRYPT_CERTSTORE store = NULL;
1375 HKEY root;
1376 LPCWSTR base;
1377 BOOL ret;
1378
1379 TRACE("(%ld, %08lx, %s)\n", hCryptProv, dwFlags,
1380 debugstr_w((LPCWSTR)pvPara));
1381
1382 if (!pvPara)
1383 {
1384 SetLastError(E_INVALIDARG);
1385 return NULL;
1386 }
1387
1388 ret = TRUE;
1389 switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
1390 {
1391 case CERT_SYSTEM_STORE_LOCAL_MACHINE:
1392 root = HKEY_LOCAL_MACHINE;
1393 base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
1394 break;
1395 case CERT_SYSTEM_STORE_CURRENT_USER:
1396 root = HKEY_CURRENT_USER;
1397 base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
1398 break;
1399 case CERT_SYSTEM_STORE_CURRENT_SERVICE:
1400 /* hklm\Software\Microsoft\Cryptography\Services\servicename\
1401 * SystemCertificates
1402 */
1403 FIXME("CERT_SYSTEM_STORE_CURRENT_SERVICE, %s: stub\n",
1404 debugstr_w(storeName));
1405 return NULL;
1406 case CERT_SYSTEM_STORE_SERVICES:
1407 /* hklm\Software\Microsoft\Cryptography\Services\servicename\
1408 * SystemCertificates
1409 */
1410 FIXME("CERT_SYSTEM_STORE_SERVICES, %s: stub\n",
1411 debugstr_w(storeName));
1412 return NULL;
1413 case CERT_SYSTEM_STORE_USERS:
1414 /* hku\user sid\Software\Microsoft\SystemCertificates */
1415 FIXME("CERT_SYSTEM_STORE_USERS, %s: stub\n",
1416 debugstr_w(storeName));
1417 return NULL;
1418 case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
1419 root = HKEY_CURRENT_USER;
1420 base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
1421 break;
1422 case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
1423 root = HKEY_LOCAL_MACHINE;
1424 base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
1425 break;
1426 case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
1427 /* hklm\Software\Microsoft\EnterpriseCertificates */
1428 FIXME("CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE, %s: stub\n",
1429 debugstr_w(storeName));
1430 return NULL;
1431 default:
1432 SetLastError(E_INVALIDARG);
1433 return NULL;
1434 }
1435
1436 storePath = CryptMemAlloc((lstrlenW(base) + lstrlenW(storeName) + 2) *
1437 sizeof(WCHAR));
1438 if (storePath)
1439 {
1440 LONG rc;
1441 HKEY key;
1442 REGSAM sam = dwFlags & CERT_STORE_READONLY_FLAG ? KEY_READ :
1443 KEY_ALL_ACCESS;
1444
1445 wsprintfW(storePath, fmt, base, storeName);
1446 if (dwFlags & CERT_STORE_OPEN_EXISTING_FLAG)
1447 rc = RegOpenKeyExW(root, storePath, 0, sam, &key);
1448 else
1449 {
1450 DWORD disp;
1451
1452 rc = RegCreateKeyExW(root, storePath, 0, NULL, 0, sam, NULL,
1453 &key, &disp);
1454 if (!rc && dwFlags & CERT_STORE_CREATE_NEW_FLAG &&
1455 disp == REG_OPENED_EXISTING_KEY)
1456 {
1457 RegCloseKey(key);
1458 rc = ERROR_FILE_EXISTS;
1459 }
1460 }
1461 if (!rc)
1462 {
1463 store = CRYPT_RegOpenStore(hCryptProv, dwFlags, key);
1464 RegCloseKey(key);
1465 }
1466 else
1467 SetLastError(rc);
1468 CryptMemFree(storePath);
1469 }
1470 return store;
1471 }
1472
1473 static PWINECRYPT_CERTSTORE CRYPT_SysRegOpenStoreA(HCRYPTPROV hCryptProv,
1474 DWORD dwFlags, const void *pvPara)
1475 {
1476 int len;
1477 PWINECRYPT_CERTSTORE ret = NULL;
1478
1479 TRACE("(%ld, %08lx, %s)\n", hCryptProv, dwFlags,
1480 debugstr_a((LPCSTR)pvPara));
1481
1482 if (!pvPara)
1483 {
1484 SetLastError(ERROR_FILE_NOT_FOUND);
1485 return NULL;
1486 }
1487 len = MultiByteToWideChar(CP_ACP, 0, (LPCSTR)pvPara, -1, NULL, 0);
1488 if (len)
1489 {
1490 LPWSTR storeName = CryptMemAlloc(len * sizeof(WCHAR));
1491
1492 if (storeName)
1493 {
1494 MultiByteToWideChar(CP_ACP, 0, (LPCSTR)pvPara, -1, storeName, len);
1495 ret = CRYPT_SysRegOpenStoreW(hCryptProv, dwFlags, storeName);
1496 CryptMemFree(storeName);
1497 }
1498 }
1499 return ret;
1500 }
1501
1502 static PWINECRYPT_CERTSTORE CRYPT_SysOpenStoreW(HCRYPTPROV hCryptProv,
1503 DWORD dwFlags, const void *pvPara)
1504 {
1505 HCERTSTORE store = 0;
1506 BOOL ret;
1507
1508 TRACE("(%ld, %08lx, %s)\n", hCryptProv, dwFlags,
1509 debugstr_w((LPCWSTR)pvPara));
1510
1511 if (!pvPara)
1512 {
1513 SetLastError(ERROR_FILE_NOT_FOUND);
1514 return NULL;
1515 }
1516 /* This returns a different error than system registry stores if the
1517 * location is invalid.
1518 */
1519 switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
1520 {
1521 case CERT_SYSTEM_STORE_LOCAL_MACHINE:
1522 case CERT_SYSTEM_STORE_CURRENT_USER:
1523 case CERT_SYSTEM_STORE_CURRENT_SERVICE:
1524 case CERT_SYSTEM_STORE_SERVICES:
1525 case CERT_SYSTEM_STORE_USERS:
1526 case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
1527 case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
1528 case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
1529 ret = TRUE;
1530 break;
1531 default:
1532 SetLastError(ERROR_FILE_NOT_FOUND);
1533 ret = FALSE;
1534 }
1535 if (ret)
1536 {
1537 HCERTSTORE regStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W,
1538 0, hCryptProv, dwFlags, pvPara);
1539
1540 if (regStore)
1541 {
1542 store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
1543 CERT_STORE_CREATE_NEW_FLAG, NULL);
1544 CertAddStoreToCollection(store, regStore,
1545 dwFlags & CERT_STORE_READONLY_FLAG ? 0 :
1546 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1547 CertCloseStore(regStore, 0);
1548 /* CERT_SYSTEM_STORE_CURRENT_USER returns both the HKCU and HKLM
1549 * stores.
1550 */
1551 if ((dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK) ==
1552 CERT_SYSTEM_STORE_CURRENT_USER)
1553 {
1554 dwFlags &= ~CERT_SYSTEM_STORE_CURRENT_USER;
1555 dwFlags |= CERT_SYSTEM_STORE_LOCAL_MACHINE;
1556 regStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W, 0,
1557 hCryptProv, dwFlags, pvPara);
1558 if (regStore)
1559 {
1560 CertAddStoreToCollection(store, regStore,
1561 dwFlags & CERT_STORE_READONLY_FLAG ? 0 :
1562 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1563 CertCloseStore(regStore, 0);
1564 }
1565 }
1566 }
1567 }
1568 return (PWINECRYPT_CERTSTORE)store;
1569 }
1570
1571 static PWINECRYPT_CERTSTORE CRYPT_SysOpenStoreA(HCRYPTPROV hCryptProv,
1572 DWORD dwFlags, const void *pvPara)
1573 {
1574 int len;
1575 PWINECRYPT_CERTSTORE ret = NULL;
1576
1577 TRACE("(%ld, %08lx, %s)\n", hCryptProv, dwFlags,
1578 debugstr_a((LPCSTR)pvPara));
1579
1580 if (!pvPara)
1581 {
1582 SetLastError(ERROR_FILE_NOT_FOUND);
1583 return NULL;
1584 }
1585 len = MultiByteToWideChar(CP_ACP, 0, (LPCSTR)pvPara, -1, NULL, 0);
1586 if (len)
1587 {
1588 LPWSTR storeName = CryptMemAlloc(len * sizeof(WCHAR));
1589
1590 if (storeName)
1591 {
1592 MultiByteToWideChar(CP_ACP, 0, (LPCSTR)pvPara, -1, storeName, len);
1593 ret = CRYPT_SysOpenStoreW(hCryptProv, dwFlags, storeName);
1594 CryptMemFree(storeName);
1595 }
1596 }
1597 return ret;
1598 }
1599
1600 HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider,
1601 DWORD dwMsgAndCertEncodingType, HCRYPTPROV hCryptProv, DWORD dwFlags,
1602 const void* pvPara)
1603 {
1604 WINECRYPT_CERTSTORE *hcs;
1605 StoreOpenFunc openFunc = NULL;
1606
1607 TRACE("(%s, %08lx, %08lx, %08lx, %p)\n", debugstr_a(lpszStoreProvider),
1608 dwMsgAndCertEncodingType, hCryptProv, dwFlags, pvPara);
1609
1610 if (!HIWORD(lpszStoreProvider))
1611 {
1612 switch (LOWORD(lpszStoreProvider))
1613 {
1614 case (int)CERT_STORE_PROV_MEMORY:
1615 openFunc = CRYPT_MemOpenStore;
1616 break;
1617 case (int)CERT_STORE_PROV_REG:
1618 openFunc = CRYPT_RegOpenStore;
1619 break;
1620 case (int)CERT_STORE_PROV_COLLECTION:
1621 openFunc = CRYPT_CollectionOpenStore;
1622 break;
1623 case (int)CERT_STORE_PROV_SYSTEM_A:
1624 openFunc = CRYPT_SysOpenStoreA;
1625 break;
1626 case (int)CERT_STORE_PROV_SYSTEM_W:
1627 openFunc = CRYPT_SysOpenStoreW;
1628 break;
1629 case (int)CERT_STORE_PROV_SYSTEM_REGISTRY_A:
1630 openFunc = CRYPT_SysRegOpenStoreA;
1631 break;
1632 case (int)CERT_STORE_PROV_SYSTEM_REGISTRY_W:
1633 openFunc = CRYPT_SysRegOpenStoreW;
1634 break;
1635 default:
1636 if (LOWORD(lpszStoreProvider))
1637 FIXME("unimplemented type %d\n", LOWORD(lpszStoreProvider));
1638 }
1639 }
1640 else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_MEMORY))
1641 openFunc = CRYPT_MemOpenStore;
1642 else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_SYSTEM))
1643 openFunc = CRYPT_SysOpenStoreW;
1644 else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_COLLECTION))
1645 openFunc = CRYPT_CollectionOpenStore;
1646 else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_SYSTEM_REGISTRY))
1647 openFunc = CRYPT_SysRegOpenStoreW;
1648 else
1649 {
1650 FIXME("unimplemented type %s\n", lpszStoreProvider);
1651 openFunc = NULL;
1652 }
1653
1654 if (!openFunc)
1655 hcs = CRYPT_ProvOpenStore(lpszStoreProvider, dwMsgAndCertEncodingType,
1656 hCryptProv, dwFlags, pvPara);
1657 else
1658 hcs = openFunc(hCryptProv, dwFlags, pvPara);
1659 return (HCERTSTORE)hcs;
1660 }
1661
1662 HCERTSTORE WINAPI CertOpenSystemStoreA(HCRYPTPROV hProv,
1663 LPCSTR szSubSystemProtocol)
1664 {
1665 if (!szSubSystemProtocol)
1666 {
1667 SetLastError(E_INVALIDARG);
1668 return 0;
1669 }
1670 return CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, hProv,
1671 CERT_SYSTEM_STORE_CURRENT_USER, szSubSystemProtocol);
1672 }
1673
1674 HCERTSTORE WINAPI CertOpenSystemStoreW(HCRYPTPROV hProv,
1675 LPCWSTR szSubSystemProtocol)
1676 {
1677 if (!szSubSystemProtocol)
1678 {
1679 SetLastError(E_INVALIDARG);
1680 return 0;
1681 }
1682 return CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, hProv,
1683 CERT_SYSTEM_STORE_CURRENT_USER, szSubSystemProtocol);
1684 }
1685
1686 BOOL WINAPI CertSaveStore(HCERTSTORE hCertStore, DWORD dwMsgAndCertEncodingType,
1687 DWORD dwSaveAs, DWORD dwSaveTo, void* pvSaveToPara, DWORD dwFlags)
1688 {
1689 FIXME("(%p,%ld,%ld,%ld,%p,%08lx) stub!\n", hCertStore,
1690 dwMsgAndCertEncodingType, dwSaveAs, dwSaveTo, pvSaveToPara, dwFlags);
1691 return TRUE;
1692 }
1693
1694 PCCRL_CONTEXT WINAPI CertCreateCRLContext( DWORD dwCertEncodingType,
1695 const BYTE* pbCrlEncoded, DWORD cbCrlEncoded)
1696 {
1697 PCRL_CONTEXT pcrl;
1698 BYTE* data;
1699
1700 TRACE("%08lx %p %08lx\n", dwCertEncodingType, pbCrlEncoded, cbCrlEncoded);
1701
1702 /* FIXME: semi-stub, need to use CryptDecodeObjectEx to decode the CRL. */
1703 pcrl = CryptMemAlloc( sizeof (CRL_CONTEXT) );
1704 if( !pcrl )
1705 return NULL;
1706
1707 data = CryptMemAlloc( cbCrlEncoded );
1708 if( !data )
1709 {
1710 CryptMemFree( pcrl );
1711 return NULL;
1712 }
1713
1714 pcrl->dwCertEncodingType = dwCertEncodingType;
1715 pcrl->pbCrlEncoded = data;
1716 pcrl->cbCrlEncoded = cbCrlEncoded;
1717 pcrl->pCrlInfo = NULL;
1718 pcrl->hCertStore = 0;
1719
1720 return pcrl;
1721 }
1722
1723 PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType,
1724 const BYTE *pbCertEncoded, DWORD cbCertEncoded)
1725 {
1726 PWINE_CERT_CONTEXT_DATA cert = NULL;
1727 BOOL ret;
1728 PCERT_SIGNED_CONTENT_INFO signedCert = NULL;
1729 PCERT_INFO certInfo = NULL;
1730 DWORD size = 0;
1731
1732 TRACE("(%08lx, %p, %ld)\n", dwCertEncodingType, pbCertEncoded,
1733 cbCertEncoded);
1734
1735 /* First try to decode it as a signed cert. */
1736 ret = CryptDecodeObjectEx(dwCertEncodingType, X509_CERT, pbCertEncoded,
1737 cbCertEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, (BYTE *)&signedCert, &size);
1738 if (ret)
1739 {
1740 size = 0;
1741 ret = CryptDecodeObjectEx(dwCertEncodingType, X509_CERT_TO_BE_SIGNED,
1742 signedCert->ToBeSigned.pbData, signedCert->ToBeSigned.cbData,
1743 CRYPT_DECODE_ALLOC_FLAG, NULL, (BYTE *)&certInfo, &size);
1744 LocalFree(signedCert);
1745 }
1746 /* Failing that, try it as an unsigned cert */
1747 if (!ret)
1748 {
1749 size = 0;
1750 ret = CryptDecodeObjectEx(dwCertEncodingType, X509_CERT_TO_BE_SIGNED,
1751 pbCertEncoded, cbCertEncoded,
1752 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
1753 (BYTE *)&certInfo, &size);
1754 }
1755 if (ret)
1756 {
1757 BYTE *data = NULL;
1758
1759 cert = CryptMemAlloc(sizeof(WINE_CERT_CONTEXT_DATA));
1760 if (!cert)
1761 goto end;
1762 data = CryptMemAlloc(cbCertEncoded);
1763 if (!data)
1764 {
1765 CryptMemFree(cert);
1766 cert = NULL;
1767 goto end;
1768 }
1769 memcpy(data, pbCertEncoded, cbCertEncoded);
1770 cert->cert.dwCertEncodingType = dwCertEncodingType;
1771 cert->cert.pbCertEncoded = data;
1772 cert->cert.cbCertEncoded = cbCertEncoded;
1773 cert->cert.pCertInfo = certInfo;
1774 cert->cert.hCertStore = 0;
1775 cert->ref = 1;
1776 cert->type = ContextTypeData;
1777 cert->properties = ContextPropertyList_Create();
1778 }
1779
1780 end:
1781 return (PCCERT_CONTEXT)cert;
1782 }
1783
1784 /* If context is a link, follows it to its linked context (recursively, if
1785 * necessary) and returns the data context associated with the link.
1786 * Otherwise just returns context.
1787 */
1788 static inline PWINE_CERT_CONTEXT_DATA CertContext_GetDataContext(
1789 PWINE_CERT_CONTEXT context)
1790 {
1791 PWINE_CERT_CONTEXT ptr = context;
1792
1793 while (ptr && ptr->type == ContextTypeLink)
1794 ptr = ((PWINE_CERT_CONTEXT_LINK)ptr)->linked;
1795 return (ptr && ptr->type == ContextTypeData) ?
1796 (PWINE_CERT_CONTEXT_DATA)ptr : NULL;
1797 }
1798
1799 DWORD WINAPI CertEnumCertificateContextProperties(PCCERT_CONTEXT pCertContext,
1800 DWORD dwPropId)
1801 {
1802 PWINE_CERT_CONTEXT_DATA linked = CertContext_GetDataContext(
1803 (PWINE_CERT_CONTEXT)pCertContext);
1804 DWORD ret;
1805
1806 TRACE("(%p, %ld)\n", pCertContext, dwPropId);
1807
1808 if (linked)
1809 ret = ContextPropertyList_EnumPropIDs(linked->properties, dwPropId);
1810 else
1811 ret = 0;
1812 return ret;
1813 }
1814
1815 static BOOL CertContext_GetHashProp(PWINE_CERT_CONTEXT context, DWORD dwPropId,
1816 ALG_ID algID, const BYTE *toHash, DWORD toHashLen, void *pvData,
1817 DWORD *pcbData)
1818 {
1819 BOOL ret = CryptHashCertificate(0, algID, 0, toHash, toHashLen, pvData,
1820 pcbData);
1821 if (ret)
1822 {
1823 CRYPT_DATA_BLOB blob = { *pcbData, pvData };
1824
1825 ret = CertContext_SetProperty(context, dwPropId, 0, &blob);
1826 }
1827 return ret;
1828 }
1829
1830 static BOOL WINAPI CertContext_GetProperty(PWINE_CERT_CONTEXT context,
1831 DWORD dwPropId, void *pvData, DWORD *pcbData)
1832 {
1833 PWINE_CERT_CONTEXT_DATA linked = CertContext_GetDataContext(context);
1834 BOOL ret;
1835 CRYPT_DATA_BLOB blob;
1836
1837 TRACE("(%p, %ld, %p, %p)\n", context, dwPropId, pvData, pcbData);
1838
1839 if (linked)
1840 ret = ContextPropertyList_FindProperty(linked->properties, dwPropId,
1841 &blob);
1842 else
1843 ret = FALSE;
1844 if (ret)
1845 {
1846 if (!pvData)
1847 {
1848 *pcbData = blob.cbData;
1849 ret = TRUE;
1850 }
1851 else if (*pcbData < blob.cbData)
1852 {
1853 SetLastError(ERROR_MORE_DATA);
1854 *pcbData = blob.cbData;
1855 }
1856 else
1857 {
1858 memcpy(pvData, blob.pbData, blob.cbData);
1859 *pcbData = blob.cbData;
1860 ret = TRUE;
1861 }
1862 }
1863 else
1864 {
1865 /* Implicit properties */
1866 switch (dwPropId)
1867 {
1868 case CERT_SHA1_HASH_PROP_ID:
1869 ret = CertContext_GetHashProp(context, dwPropId, CALG_SHA1,
1870 context->cert.pbCertEncoded, context->cert.cbCertEncoded, pvData,
1871 pcbData);
1872 break;
1873 case CERT_MD5_HASH_PROP_ID:
1874 ret = CertContext_GetHashProp(context, dwPropId, CALG_MD5,
1875 context->cert.pbCertEncoded, context->cert.cbCertEncoded, pvData,
1876 pcbData);
1877 break;
1878 case CERT_SUBJECT_NAME_MD5_HASH_PROP_ID:
1879 ret = CertContext_GetHashProp(context, dwPropId, CALG_MD5,
1880 context->cert.pCertInfo->Subject.pbData,
1881 context->cert.pCertInfo->Subject.cbData,
1882 pvData, pcbData);
1883 break;
1884 case CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID:
1885 ret = CertContext_GetHashProp(context, dwPropId, CALG_MD5,
1886 context->cert.pCertInfo->SubjectPublicKeyInfo.PublicKey.pbData,
1887 context->cert.pCertInfo->SubjectPublicKeyInfo.PublicKey.cbData,
1888 pvData, pcbData);
1889 break;
1890 case CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID:
1891 ret = CertContext_GetHashProp(context, dwPropId, CALG_MD5,
1892 context->cert.pCertInfo->SerialNumber.pbData,
1893 context->cert.pCertInfo->SerialNumber.cbData,
1894 pvData, pcbData);
1895 break;
1896 case CERT_SIGNATURE_HASH_PROP_ID:
1897 FIXME("CERT_SIGNATURE_HASH_PROP_ID unimplemented\n");
1898 SetLastError(CRYPT_E_NOT_FOUND);
1899 break;
1900 default:
1901 SetLastError(CRYPT_E_NOT_FOUND);
1902 }
1903 }
1904 TRACE("returning %d\n", ret);
1905 return ret;
1906 }
1907
1908 /* info is assumed to be a CRYPT_KEY_PROV_INFO, followed by its container name,
1909 * provider name, and any provider parameters, in a contiguous buffer, but
1910 * where info's pointers are assumed to be invalid. Upon return, info's
1911 * pointers point to the appropriate memory locations.
1912 */
1913 static void CRYPT_FixKeyProvInfoPointers(PCRYPT_KEY_PROV_INFO info)
1914 {
1915 DWORD i, containerLen, provNameLen;
1916 LPBYTE data = (LPBYTE)info + sizeof(CRYPT_KEY_PROV_INFO);
1917
1918 info->pwszContainerName = (LPWSTR)data;
1919 containerLen = (lstrlenW(info->pwszContainerName) + 1) * sizeof(WCHAR);
1920 data += containerLen;
1921
1922 info->pwszProvName = (LPWSTR)data;
1923 provNameLen = (lstrlenW(info->pwszProvName) + 1) * sizeof(WCHAR);
1924 data += provNameLen;
1925
1926 info->rgProvParam = (PCRYPT_KEY_PROV_PARAM)data;
1927 data += info->cProvParam * sizeof(CRYPT_KEY_PROV_PARAM);
1928
1929 for (i = 0; i < info->cProvParam; i++)
1930 {
1931 info->rgProvParam[i].pbData = data;
1932 data += info->rgProvParam[i].cbData;
1933 }
1934 }
1935
1936 BOOL WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT pCertContext,
1937 DWORD dwPropId, void *pvData, DWORD *pcbData)
1938 {
1939 BOOL ret;
1940
1941 TRACE("(%p, %ld, %p, %p)\n", pCertContext, dwPropId, pvData, pcbData);
1942
1943 switch (dwPropId)
1944 {
1945 case 0:
1946 case CERT_CERT_PROP_ID:
1947 case CERT_CRL_PROP_ID:
1948 case CERT_CTL_PROP_ID:
1949 SetLastError(E_INVALIDARG);
1950 ret = FALSE;
1951 break;
1952 case CERT_ACCESS_STATE_PROP_ID:
1953 if (!pvData)
1954 {
1955 *pcbData = sizeof(DWORD);
1956 ret = TRUE;
1957 }
1958 else if (*pcbData < sizeof(DWORD))
1959 {
1960 SetLastError(ERROR_MORE_DATA);
1961 *pcbData = sizeof(DWORD);
1962 ret = FALSE;
1963 }
1964 else
1965 {
1966 DWORD state = 0;
1967
1968 if (pCertContext->hCertStore)
1969 {
1970 PWINECRYPT_CERTSTORE store =
1971 (PWINECRYPT_CERTSTORE)pCertContext->hCertStore;
1972
1973 if (!(store->dwOpenFlags & CERT_STORE_READONLY_FLAG))
1974 state |= CERT_ACCESS_STATE_WRITE_PERSIST_FLAG;
1975 }
1976 *(DWORD *)pvData = state;
1977 ret = TRUE;
1978 }
1979 break;
1980 case CERT_KEY_PROV_INFO_PROP_ID:
1981 ret = CertContext_GetProperty((PWINE_CERT_CONTEXT)pCertContext,
1982 dwPropId, pvData, pcbData);
1983 if (ret && pvData)
1984 CRYPT_FixKeyProvInfoPointers((PCRYPT_KEY_PROV_INFO)pvData);
1985 break;
1986 default:
1987 ret = CertContext_GetProperty((PWINE_CERT_CONTEXT)pCertContext,
1988 dwPropId, pvData, pcbData);
1989 }
1990
1991 TRACE("returning %d\n", ret);
1992 return ret;
1993 }
1994
1995 /* Copies key provider info from from into to, where to is assumed to be a
1996 * contiguous buffer of memory large enough for from and all its associated
1997 * data, but whose pointers are uninitialized.
1998 * Upon return, to contains a contiguous copy of from, packed in the following
1999 * order:
2000 * - CRYPT_KEY_PROV_INFO
2001 * - pwszContainerName
2002 * - pwszProvName
2003 * - rgProvParam[0]...
2004 */
2005 static void CRYPT_CopyKeyProvInfo(PCRYPT_KEY_PROV_INFO to,
2006 PCRYPT_KEY_PROV_INFO from)
2007 {
2008 DWORD i;
2009 LPBYTE nextData = (LPBYTE)to + sizeof(CRYPT_KEY_PROV_INFO);
2010
2011 to->pwszContainerName = (LPWSTR)nextData;
2012 lstrcpyW(to->pwszContainerName, from->pwszContainerName);
2013 nextData += (lstrlenW(from->pwszContainerName) + 1) * sizeof(WCHAR);
2014 to->pwszProvName = (LPWSTR)nextData;
2015 lstrcpyW(to->pwszProvName, from->pwszProvName);
2016 nextData += (lstrlenW(from->pwszProvName) + 1) * sizeof(WCHAR);
2017 to->dwProvType = from->dwProvType;
2018 to->dwFlags = from->dwFlags;
2019 to->cProvParam = from->cProvParam;
2020 to->rgProvParam = (PCRYPT_KEY_PROV_PARAM)nextData;
2021 nextData += to->cProvParam * sizeof(CRYPT_KEY_PROV_PARAM);
2022 to->dwKeySpec = from->dwKeySpec;
2023 for (i = 0; i < to->cProvParam; i++)
2024 {
2025 memcpy(&to->rgProvParam[i], &from->rgProvParam[i],
2026 sizeof(CRYPT_KEY_PROV_PARAM));
2027 to->rgProvParam[i].pbData = nextData;
2028 memcpy(to->rgProvParam[i].pbData, from->rgProvParam[i].pbData,
2029 from->rgProvParam[i].cbData);
2030 nextData += from->rgProvParam[i].cbData;
2031 }
2032 }
2033
2034 static BOOL CertContext_SetKeyProvInfoProperty(PWINE_CERT_CONTEXT_DATA linked,
2035 PCRYPT_KEY_PROV_INFO info)
2036 {
2037 BOOL ret;
2038 LPBYTE buf = NULL;
2039 DWORD size = sizeof(CRYPT_KEY_PROV_INFO), i, containerSize, provNameSize;
2040
2041 containerSize = (lstrlenW(info->pwszContainerName) + 1) * sizeof(WCHAR);
2042 provNameSize = (lstrlenW(info->pwszProvName) + 1) * sizeof(WCHAR);
2043 size += containerSize + provNameSize;
2044 for (i = 0; i < info->cProvParam; i++)
2045 size += sizeof(CRYPT_KEY_PROV_PARAM) + info->rgProvParam[i].cbData;
2046 buf = CryptMemAlloc(size);
2047 if (buf)
2048 {
2049 CRYPT_CopyKeyProvInfo((PCRYPT_KEY_PROV_INFO)buf, info);
2050 ret = ContextPropertyList_SetProperty(linked->properties,
2051 CERT_KEY_PROV_INFO_PROP_ID, buf, size);
2052 CryptMemFree(buf);
2053 }
2054 else
2055 ret = FALSE;
2056 return ret;
2057 }
2058
2059 static BOOL WINAPI CertContext_SetProperty(PWINE_CERT_CONTEXT context,
2060 DWORD dwPropId, DWORD dwFlags, const void *pvData)
2061 {
2062 PWINE_CERT_CONTEXT_DATA linked = CertContext_GetDataContext(context);
2063 BOOL ret;
2064
2065 TRACE("(%p, %ld, %08lx, %p)\n", context, dwPropId, dwFlags, pvData);
2066
2067 if (!linked)
2068 ret = FALSE;
2069 else if (!pvData)
2070 {
2071 ContextPropertyList_RemoveProperty(linked->properties, dwPropId);
2072 ret = TRUE;
2073 }
2074 else
2075 {
2076 switch (dwPropId)
2077 {
2078 case CERT_AUTO_ENROLL_PROP_ID:
2079 case CERT_CTL_USAGE_PROP_ID: /* same as CERT_ENHKEY_USAGE_PROP_ID */
2080 case CERT_DESCRIPTION_PROP_ID:
2081 case CERT_FRIENDLY_NAME_PROP_ID:
2082 case CERT_HASH_PROP_ID:
2083 case CERT_KEY_IDENTIFIER_PROP_ID:
2084 case CERT_MD5_HASH_PROP_ID:
2085 case CERT_NEXT_UPDATE_LOCATION_PROP_ID:
2086 case CERT_PUBKEY_ALG_PARA_PROP_ID:
2087 case CERT_PVK_FILE_PROP_ID:
2088 case CERT_SIGNATURE_HASH_PROP_ID:
2089 case CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID:
2090 case CERT_SUBJECT_NAME_MD5_HASH_PROP_ID:
2091 case CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID:
2092 case CERT_ENROLLMENT_PROP_ID:
2093 case CERT_CROSS_CERT_DIST_POINTS_PROP_ID:
2094 case CERT_RENEWAL_PROP_ID:
2095 {
2096 PCRYPT_DATA_BLOB blob = (PCRYPT_DATA_BLOB)pvData;
2097
2098 ret = ContextPropertyList_SetProperty(linked->properties, dwPropId,
2099 blob->pbData, blob->cbData);
2100 break;
2101 }
2102 case CERT_DATE_STAMP_PROP_ID:
2103 ret = ContextPropertyList_SetProperty(linked->properties, dwPropId,
2104 (LPBYTE)pvData, sizeof(FILETIME));
2105 break;
2106 case CERT_KEY_PROV_INFO_PROP_ID:
2107 ret = CertContext_SetKeyProvInfoProperty(linked,
2108 (PCRYPT_KEY_PROV_INFO)pvData);
2109 break;
2110 default:
2111 FIXME("%ld: stub\n", dwPropId);
2112 ret = FALSE;
2113 }
2114 }
2115 TRACE("returning %d\n", ret);
2116 return ret;
2117 }
2118
2119 BOOL WINAPI CertSetCertificateContextProperty(PCCERT_CONTEXT pCertContext,
2120 DWORD dwPropId, DWORD dwFlags, const void *pvData)
2121 {
2122 BOOL ret;
2123
2124 TRACE("(%p, %ld, %08lx, %p)\n", pCertContext, dwPropId, dwFlags, pvData);
2125
2126 /* Handle special cases for "read-only"/invalid prop IDs. Windows just
2127 * crashes on most of these, I'll be safer.
2128 */
2129 switch (dwPropId)
2130 {
2131 case 0:
2132 case CERT_ACCESS_STATE_PROP_ID:
2133 case CERT_CERT_PROP_ID:
2134 case CERT_CRL_PROP_ID:
2135 case CERT_CTL_PROP_ID:
2136 SetLastError(E_INVALIDARG);
2137 return FALSE;
2138 }
2139 ret = CertContext_SetProperty((PWINE_CERT_CONTEXT)pCertContext, dwPropId,
2140 dwFlags, pvData);
2141 TRACE("returning %d\n", ret);
2142 return ret;
2143 }
2144
2145 PCCERT_CONTEXT WINAPI CertDuplicateCertificateContext(
2146 PCCERT_CONTEXT pCertContext)
2147 {
2148 PWINE_CERT_CONTEXT context = (PWINE_CERT_CONTEXT)pCertContext;
2149
2150 TRACE("(%p)\n", pCertContext);
2151 InterlockedIncrement(&context->ref);
2152 return pCertContext;
2153 }
2154
2155 static void CertContext_CopyProperties(PCCERT_CONTEXT to, PCCERT_CONTEXT from)
2156 {
2157 PWINE_CERT_CONTEXT_DATA toData, fromData;
2158
2159 toData = CertContext_GetDataContext((PWINE_CERT_CONTEXT)to);
2160 fromData = CertContext_GetDataContext((PWINE_CERT_CONTEXT)from);
2161 ContextPropertyList_Copy(toData->properties, fromData->properties);
2162 }
2163
2164 BOOL WINAPI CertAddCertificateContextToStore(HCERTSTORE hCertStore,
2165 PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition,
2166 PCCERT_CONTEXT *ppStoreContext)
2167 {
2168 PWINECRYPT_CERTSTORE store = (PWINECRYPT_CERTSTORE)hCertStore;
2169 BOOL ret = TRUE;
2170 PCCERT_CONTEXT toAdd = NULL, existing = NULL;
2171
2172 TRACE("(%p, %p, %08lx, %p)\n", hCertStore, pCertContext,
2173 dwAddDisposition, ppStoreContext);
2174
2175 if (dwAddDisposition != CERT_STORE_ADD_ALWAYS)
2176 {
2177 BYTE hashToAdd[20];
2178 DWORD size = sizeof(hashToAdd);
2179
2180 ret = CertContext_GetProperty((PWINE_CERT_CONTEXT)pCertContext,
2181 CERT_HASH_PROP_ID, hashToAdd, &size);
2182 if (ret)
2183 {
2184 CRYPT_HASH_BLOB blob = { sizeof(hashToAdd), hashToAdd };
2185
2186 existing = CertFindCertificateInStore(hCertStore,
2187 pCertContext->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob,
2188 NULL);
2189 }
2190 }
2191
2192 switch (dwAddDisposition)
2193 {
2194 case CERT_STORE_ADD_ALWAYS:
2195 toAdd = CertDuplicateCertificateContext(pCertContext);
2196 break;
2197 case CERT_STORE_ADD_NEW:
2198 if (existing)
2199 {
2200 TRACE("found matching certificate, not adding\n");
2201 SetLastError(CRYPT_E_EXISTS);
2202 ret = FALSE;
2203 }
2204 else
2205 toAdd = CertDuplicateCertificateContext(pCertContext);
2206 break;
2207 case CERT_STORE_ADD_REPLACE_EXISTING:
2208 toAdd = CertDuplicateCertificateContext(pCertContext);
2209 break;
2210 case CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES:
2211 toAdd = CertDuplicateCertificateContext(pCertContext);
2212 if (existing)
2213 CertContext_CopyProperties(toAdd, existing);
2214 break;
2215 case CERT_STORE_ADD_USE_EXISTING:
2216 if (existing)
2217 CertContext_CopyProperties(existing, pCertContext);
2218 break;
2219 default:
2220 FIXME("Unimplemented add disposition %ld\n", dwAddDisposition);
2221 ret = FALSE;
2222 }
2223
2224 if (toAdd)
2225 {
2226 ret = store->addCert(store, (PWINE_CERT_CONTEXT)toAdd,
2227 (PWINE_CERT_CONTEXT)existing, ppStoreContext);
2228 CertFreeCertificateContext(toAdd);
2229 }
2230 CertFreeCertificateContext(existing);
2231
2232 TRACE("returning %d\n", ret);
2233 return ret;
2234 }
2235
2236 BOOL WINAPI CertAddEncodedCertificateToStore(HCERTSTORE hCertStore,
2237 DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded,
2238 DWORD dwAddDisposition, PCCERT_CONTEXT *ppCertContext)
2239 {
2240 WINECRYPT_CERTSTORE *hcs = (WINECRYPT_CERTSTORE *)hCertStore;
2241 BOOL ret;
2242
2243 TRACE("(%p, %08lx, %p, %ld, %08lx, %p)\n", hCertStore, dwCertEncodingType,
2244 pbCertEncoded, cbCertEncoded, dwAddDisposition, ppCertContext);
2245
2246 if (!hcs)
2247 ret = FALSE;
2248 else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2249 ret = FALSE;
2250 else
2251 {
2252 PCCERT_CONTEXT cert = CertCreateCertificateContext(
2253 dwCertEncodingType, pbCertEncoded, cbCertEncoded);
2254
2255 if (cert)
2256 {
2257 ret = CertAddCertificateContextToStore(hCertStore,
2258 cert, dwAddDisposition, ppCertContext);
2259 CertFreeCertificateContext(cert);
2260 }
2261 else
2262 ret = FALSE;
2263 }
2264 return ret;
2265 }
2266
2267 PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore(HCERTSTORE hCertStore,
2268 PCCERT_CONTEXT pPrev)
2269 {
2270 WINECRYPT_CERTSTORE *hcs = (WINECRYPT_CERTSTORE *)hCertStore;
2271 PCCERT_CONTEXT ret;
2272
2273 TRACE("(%p, %p)\n", hCertStore, pPrev);
2274 if (!hCertStore)
2275 ret = NULL;
2276 else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2277 ret = NULL;
2278 else
2279 ret = (PCCERT_CONTEXT)hcs->enumCert(hcs, (PWINE_CERT_CONTEXT)pPrev);
2280 return ret;
2281 }
2282
2283 BOOL WINAPI CertDeleteCertificateFromStore(PCCERT_CONTEXT pCertContext)
2284 {
2285 BOOL ret;
2286
2287 TRACE("(%p)\n", pCertContext);
2288
2289 if (!pCertContext)
2290 ret = TRUE;
2291 else if (!pCertContext->hCertStore)
2292 {
2293 ret = TRUE;
2294 CertFreeCertificateContext(pCertContext);
2295 }
2296 else
2297 {
2298 PWINECRYPT_CERTSTORE hcs =
2299 (PWINECRYPT_CERTSTORE)pCertContext->hCertStore;
2300
2301 if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2302 ret = FALSE;
2303 else
2304 ret = hcs->deleteCert(hcs, pCertContext, 0);
2305 CertFreeCertificateContext(pCertContext);
2306 }
2307 return ret;
2308 }
2309
2310 BOOL WINAPI CertAddEncodedCRLToStore(HCERTSTORE hCertStore,
2311 DWORD dwCertEncodingType, const BYTE *pbCrlEncoded, DWORD cbCrlEncoded,
2312 DWORD dwAddDisposition, PCCRL_CONTEXT *ppCrlContext)
2313 {
2314 FIXME("(%p, %08lx, %p, %ld, %08lx, %p): stub\n", hCertStore,
2315 dwCertEncodingType, pbCrlEncoded, cbCrlEncoded, dwAddDisposition,
2316 ppCrlContext);
2317 return FALSE;
2318 }
2319
2320 BOOL WINAPI CertAddCRLContextToStore( HCERTSTORE hCertStore,
2321 PCCRL_CONTEXT pCrlContext, DWORD dwAddDisposition,
2322 PCCRL_CONTEXT* ppStoreContext )
2323 {
2324 FIXME("%p %p %08lx %p\n", hCertStore, pCrlContext,
2325 dwAddDisposition, ppStoreContext);
2326 return TRUE;
2327 }
2328
2329 PCCRL_CONTEXT WINAPI CertDuplicateCRLContext(PCCRL_CONTEXT pCrlContext)
2330 {
2331 FIXME("(%p): stub\n", pCrlContext);
2332 return pCrlContext;
2333 }
2334
2335 BOOL WINAPI CertFreeCRLContext( PCCRL_CONTEXT pCrlContext)
2336 {
2337 FIXME("%p\n", pCrlContext );
2338
2339 return TRUE;
2340 }
2341
2342 BOOL WINAPI CertDeleteCRLFromStore(PCCRL_CONTEXT pCrlContext)
2343 {
2344 FIXME("(%p): stub\n", pCrlContext);
2345 return TRUE;
2346 }
2347
2348 PCCRL_CONTEXT WINAPI CertEnumCRLsInStore(HCERTSTORE hCertStore,
2349 PCCRL_CONTEXT pPrev)
2350 {
2351 FIXME("(%p, %p): stub\n", hCertStore, pPrev);
2352 return NULL;
2353 }
2354
2355 PCCTL_CONTEXT WINAPI CertCreateCTLContext(DWORD dwCertEncodingType,
2356 const BYTE* pbCtlEncoded, DWORD cbCtlEncoded)
2357 {
2358 FIXME("(%08lx, %p, %08lx): stub\n", dwCertEncodingType, pbCtlEncoded,
2359 cbCtlEncoded);
2360 return NULL;
2361 }
2362
2363 BOOL WINAPI CertAddEncodedCTLToStore(HCERTSTORE hCertStore,
2364 DWORD dwMsgAndCertEncodingType, const BYTE *pbCtlEncoded, DWORD cbCtlEncoded,
2365 DWORD dwAddDisposition, PCCTL_CONTEXT *ppCtlContext)
2366 {
2367 FIXME("(%p, %08lx, %p, %ld, %08lx, %p): stub\n", hCertStore,
2368 dwMsgAndCertEncodingType, pbCtlEncoded, cbCtlEncoded, dwAddDisposition,
2369 ppCtlContext);
2370 return FALSE;
2371 }
2372
2373 BOOL WINAPI CertAddCTLContextToStore(HCERTSTORE hCertStore,
2374 PCCTL_CONTEXT pCtlContext, DWORD dwAddDisposition,
2375 PCCTL_CONTEXT* ppStoreContext)
2376 {
2377 FIXME("(%p, %p, %08lx, %p): stub\n", hCertStore, pCtlContext,
2378 dwAddDisposition, ppStoreContext);
2379 return TRUE;
2380 }
2381
2382 PCCTL_CONTEXT WINAPI CertDuplicateCTLContext(PCCTL_CONTEXT pCtlContext)
2383 {
2384 FIXME("(%p): stub\n", pCtlContext );
2385 return pCtlContext;
2386 }
2387
2388 BOOL WINAPI CertFreeCTLContext(PCCTL_CONTEXT pCtlContext)
2389 {
2390 FIXME("(%p): stub\n", pCtlContext );
2391 return TRUE;
2392 }
2393
2394 BOOL WINAPI CertDeleteCTLFromStore(PCCTL_CONTEXT pCtlContext)
2395 {
2396 FIXME("(%p): stub\n", pCtlContext);
2397 return TRUE;
2398 }
2399
2400 PCCTL_CONTEXT WINAPI CertEnumCTLsInStore(HCERTSTORE hCertStore,
2401 PCCTL_CONTEXT pPrev)
2402 {
2403 FIXME("(%p, %p): stub\n", hCertStore, pPrev);
2404 return NULL;
2405 }
2406
2407 HCERTSTORE WINAPI CertDuplicateStore(HCERTSTORE hCertStore)
2408 {
2409 WINECRYPT_CERTSTORE *hcs = (WINECRYPT_CERTSTORE *)hCertStore;
2410
2411 TRACE("(%p)\n", hCertStore);
2412
2413 if (hcs && hcs->dwMagic == WINE_CRYPTCERTSTORE_MAGIC)
2414 InterlockedIncrement(&hcs->ref);
2415 return hCertStore;
2416 }
2417
2418 BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
2419 {
2420 WINECRYPT_CERTSTORE *hcs = (WINECRYPT_CERTSTORE *) hCertStore;
2421
2422 TRACE("(%p, %08lx)\n", hCertStore, dwFlags);
2423
2424 if( ! hCertStore )
2425 return TRUE;
2426
2427 if ( hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC )
2428 return FALSE;
2429
2430 if (InterlockedDecrement(&hcs->ref) == 0)
2431 {
2432 TRACE("%p's ref count is 0, freeing\n", hcs);
2433 hcs->dwMagic = 0;
2434 if (!(hcs->dwOpenFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG))
2435 CryptReleaseContext(hcs->cryptProv, 0);
2436 hcs->closeStore(hcs, dwFlags);
2437 }
2438 else
2439 TRACE("%p's ref count is %ld\n", hcs, hcs->ref);
2440 return TRUE;
2441 }
2442
2443 BOOL WINAPI CertControlStore(HCERTSTORE hCertStore, DWORD dwFlags,
2444 DWORD dwCtrlType, void const *pvCtrlPara)
2445 {
2446 WINECRYPT_CERTSTORE *hcs = (WINECRYPT_CERTSTORE *)hCertStore;
2447 BOOL ret;
2448
2449 TRACE("(%p, %08lx, %ld, %p)\n", hCertStore, dwFlags, dwCtrlType,
2450 pvCtrlPara);
2451
2452 if (!hcs)
2453 ret = FALSE;
2454 else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2455 ret = FALSE;
2456 else
2457 {
2458 if (hcs->control)
2459 ret = hcs->control(hCertStore, dwFlags, dwCtrlType, pvCtrlPara);
2460 else
2461 ret = TRUE;
2462 }
2463 return ret;
2464 }
2465
2466 BOOL WINAPI CertGetCRLContextProperty(PCCRL_CONTEXT pCRLContext,
2467 DWORD dwPropId, void *pvData, DWORD *pcbData)
2468 {
2469 FIXME("(%p, %ld, %p, %p): stub\n", pCRLContext, dwPropId, pvData, pcbData);
2470 return FALSE;
2471 }
2472
2473 BOOL WINAPI CertSetCRLContextProperty(PCCRL_CONTEXT pCRLContext,
2474 DWORD dwPropId, DWORD dwFlags, const void *pvData)
2475 {
2476 FIXME("(%p, %ld, %08lx, %p): stub\n", pCRLContext, dwPropId, dwFlags,
2477 pvData);
2478 return FALSE;
2479 }
2480
2481 BOOL WINAPI CertGetCTLContextProperty(PCCTL_CONTEXT pCTLContext,
2482 DWORD dwPropId, void *pvData, DWORD *pcbData)
2483 {
2484 FIXME("(%p, %ld, %p, %p): stub\n", pCTLContext, dwPropId, pvData, pcbData);
2485 return FALSE;
2486 }
2487
2488 BOOL WINAPI CertSetCTLContextProperty(PCCTL_CONTEXT pCTLContext,
2489 DWORD dwPropId, DWORD dwFlags, const void *pvData)
2490 {
2491 FIXME("(%p, %ld, %08lx, %p): stub\n", pCTLContext, dwPropId, dwFlags,
2492 pvData);
2493 return FALSE;
2494 }
2495
2496 static void CertDataContext_Free(PWINE_CERT_CONTEXT_DATA context)
2497 {
2498 CryptMemFree(context->cert.pbCertEncoded);
2499 LocalFree(context->cert.pCertInfo);
2500 ContextPropertyList_Free(context->properties);
2501 CryptMemFree(context);
2502 }
2503
2504 static void CertLinkContext_Free(PWINE_CERT_CONTEXT_LINK context)
2505 {
2506 CertFreeCertificateContext((PCCERT_CONTEXT)context->linked);
2507 CryptMemFree(context);
2508 }
2509
2510 static void CertContext_Release(PWINE_CERT_CONTEXT context)
2511 {
2512 if (InterlockedDecrement(&context->ref) == 0)
2513 {
2514 TRACE("freeing %p\n", context);
2515 switch (context->type)
2516 {
2517 case ContextTypeData:
2518 CertDataContext_Free((PWINE_CERT_CONTEXT_DATA)context);
2519 break;
2520 case ContextTypeLink:
2521 CertLinkContext_Free((PWINE_CERT_CONTEXT_LINK)context);
2522 break;
2523 default:
2524 assert(0);
2525 }
2526 }
2527 else
2528 TRACE("%p's ref count is %ld\n", context, context->ref);
2529 }
2530
2531 BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
2532 {
2533 TRACE("(%p)\n", pCertContext);
2534
2535 if (pCertContext)
2536 CertContext_Release((PWINE_CERT_CONTEXT)pCertContext);
2537 return TRUE;
2538 }
2539
2540 typedef BOOL (*CertCompareFunc)(PCCERT_CONTEXT pCertContext, DWORD dwType,
2541 DWORD dwFlags, const void *pvPara);
2542
2543 static BOOL compare_cert_any(PCCERT_CONTEXT pCertContext, DWORD dwType,
2544 DWORD dwFlags, const void *pvPara)
2545 {
2546 return TRUE;
2547 }
2548
2549 static BOOL compare_cert_by_md5_hash(PCCERT_CONTEXT pCertContext, DWORD dwType,
2550 DWORD dwFlags, const void *pvPara)
2551 {
2552 BOOL ret;
2553 BYTE hash[16];
2554 DWORD size = sizeof(hash);
2555
2556 ret = CertGetCertificateContextProperty(pCertContext,
2557 CERT_MD5_HASH_PROP_ID, hash, &size);
2558 if (ret)
2559 {
2560 const CRYPT_HASH_BLOB *pHash = (const CRYPT_HASH_BLOB *)pvPara;
2561
2562 if (size == pHash->cbData)
2563 ret = !memcmp(pHash->pbData, hash, size);
2564 else
2565 ret = FALSE;
2566 }
2567 return ret;
2568 }
2569
2570 static BOOL compare_cert_by_sha1_hash(PCCERT_CONTEXT pCertContext, DWORD dwType,
2571 DWORD dwFlags, const void *pvPara)
2572 {
2573 BOOL ret;
2574 BYTE hash[20];
2575 DWORD size = sizeof(hash);
2576
2577 ret = CertGetCertificateContextProperty(pCertContext,
2578 CERT_SHA1_HASH_PROP_ID, hash, &size);
2579 if (ret)
2580 {
2581 const CRYPT_HASH_BLOB *pHash = (const CRYPT_HASH_BLOB *)pvPara;
2582
2583 if (size == pHash->cbData)
2584 ret = !memcmp(pHash->pbData, hash, size);
2585 else
2586 ret = FALSE;
2587 }
2588 return ret;
2589 }
2590
2591 static BOOL compare_cert_by_name(PCCERT_CONTEXT pCertContext, DWORD dwType,
2592 DWORD dwFlags, const void *pvPara)
2593 {
2594 const CERT_NAME_BLOB *blob = (const CERT_NAME_BLOB *)pvPara, *toCompare;
2595 BOOL ret;
2596
2597 if (dwType & CERT_INFO_SUBJECT_FLAG)
2598 toCompare = &pCertContext->pCertInfo->Subject;
2599 else
2600 toCompare = &pCertContext->pCertInfo->Issuer;
2601 if (toCompare->cbData == blob->cbData)
2602 ret = !memcmp(toCompare->pbData, blob->pbData, blob->cbData);
2603 else
2604 ret = FALSE;
2605 return ret;
2606 }
2607
2608 static BOOL compare_cert_by_subject_cert(PCCERT_CONTEXT pCertContext,
2609 DWORD dwType, DWORD dwFlags, const void *pvPara)
2610 {
2611 const CERT_INFO *pCertInfo = (const CERT_INFO *)pvPara;
2612 BOOL ret;
2613
2614 if (pCertInfo->Issuer.cbData == pCertContext->pCertInfo->Subject.cbData)
2615 ret = !memcmp(pCertInfo->Issuer.pbData,
2616 pCertContext->pCertInfo->Subject.pbData, pCertInfo->Issuer.cbData);
2617 else
2618 ret = FALSE;
2619 return ret;
2620 }
2621
2622 static BOOL compare_cert_by_issuer(PCCERT_CONTEXT pCertContext,
2623 DWORD dwType, DWORD dwFlags, const void *pvPara)
2624 {
2625 return compare_cert_by_subject_cert(pCertContext, dwType, dwFlags,
2626 ((PCCERT_CONTEXT)pvPara)->pCertInfo);
2627 }
2628
2629 PCCERT_CONTEXT WINAPI CertFindCertificateInStore(HCERTSTORE hCertStore,
2630 DWORD dwCertEncodingType, DWORD dwFlags, DWORD dwType,
2631 const void *pvPara, PCCERT_CONTEXT pPrevCertContext)
2632 {
2633 PCCERT_CONTEXT ret;
2634 CertCompareFunc compare;
2635
2636 TRACE("(%p, %ld, %ld, %ld, %p, %p)\n", hCertStore, dwCertEncodingType,
2637 dwFlags, dwType, pvPara, pPrevCertContext);
2638
2639 switch (dwType >> CERT_COMPARE_SHIFT)
2640 {
2641 case CERT_COMPARE_ANY:
2642 compare = compare_cert_any;
2643 break;
2644 case CERT_COMPARE_MD5_HASH:
2645 compare = compare_cert_by_md5_hash;
2646 break;
2647 case CERT_COMPARE_SHA1_HASH:
2648 compare = compare_cert_by_sha1_hash;
2649 break;
2650 case CERT_COMPARE_NAME:
2651 compare = compare_cert_by_name;
2652 break;
2653 case CERT_COMPARE_SUBJECT_CERT:
2654 compare = compare_cert_by_subject_cert;
2655 break;
2656 case CERT_COMPARE_ISSUER_OF:
2657 compare = compare_cert_by_issuer;
2658 break;
2659 default:
2660 FIXME("find type %08lx unimplemented\n", dwType);
2661 compare = NULL;
2662 }
2663
2664 if (compare)
2665 {
2666 BOOL matches = FALSE;
2667
2668 ret = pPrevCertContext;
2669 do {
2670 ret = CertEnumCertificatesInStore(hCertStore, ret);
2671 if (ret)
2672 matches = compare(ret, dwType, dwFlags, pvPara);
2673 } while (ret != NULL && !matches);
2674 if (!ret)
2675 SetLastError(CRYPT_E_NOT_FOUND);
2676 }
2677 else
2678 {
2679 SetLastError(CRYPT_E_NOT_FOUND);
2680 ret = NULL;
2681 }
2682 return ret;
2683 }
2684
2685 PCCERT_CONTEXT WINAPI CertGetSubjectCertificateFromStore(HCERTSTORE hCertStore,
2686 DWORD dwCertEncodingType, PCERT_INFO pCertId)
2687 {
2688 TRACE("(%p, %08lx, %p)\n", hCertStore, dwCertEncodingType, pCertId);
2689
2690 if (!pCertId)
2691 {
2692 SetLastError(E_INVALIDARG);
2693 return NULL;
2694 }
2695 return CertFindCertificateInStore(hCertStore, dwCertEncodingType, 0,
2696 CERT_FIND_SUBJECT_CERT, pCertId, NULL);
2697 }
2698
2699 PCCERT_CONTEXT WINAPI CertGetIssuerCertificateFromStore(HCERTSTORE hCertStore,
2700 PCCERT_CONTEXT pSubjectContext, PCCERT_CONTEXT pPrevIssuerContext,
2701 DWORD *pdwFlags)
2702 {
2703 static const DWORD supportedFlags = CERT_STORE_REVOCATION_FLAG |
2704 CERT_STORE_SIGNATURE_FLAG | CERT_STORE_TIME_VALIDITY_FLAG;
2705 PCCERT_CONTEXT ret;
2706
2707 TRACE("(%p, %p, %p, %08lx)\n", hCertStore, pSubjectContext,
2708 pPrevIssuerContext, *pdwFlags);
2709
2710 if (*pdwFlags & ~supportedFlags)
2711 {
2712 SetLastError(E_INVALIDARG);
2713 return NULL;
2714 }
2715 ret = CertFindCertificateInStore(hCertStore,
2716 pSubjectContext->dwCertEncodingType, 0, CERT_FIND_ISSUER_OF,
2717 pSubjectContext, pPrevIssuerContext);
2718 if (ret)
2719 {
2720 if (*pdwFlags & CERT_STORE_REVOCATION_FLAG)
2721 {
2722 FIXME("revocation check requires CRL support\n");
2723 *pdwFlags |= CERT_STORE_NO_CRL_FLAG;
2724 }
2725 if (*pdwFlags & CERT_STORE_TIME_VALIDITY_FLAG)
2726 {
2727 if (0 == CertVerifyTimeValidity(NULL, pSubjectContext->pCertInfo))
2728 *pdwFlags &= ~CERT_STORE_TIME_VALIDITY_FLAG;
2729 }
2730 if (*pdwFlags & CERT_STORE_SIGNATURE_FLAG)
2731 {
2732 if (CryptVerifyCertificateSignatureEx(0,
2733 pSubjectContext->dwCertEncodingType,
2734 CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT, (void *)pSubjectContext,
2735 CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, (void *)ret, 0, NULL))
2736 *pdwFlags &= ~CERT_STORE_SIGNATURE_FLAG;
2737 }
2738 }
2739
2740 return ret;
2741 }
2742
2743 BOOL WINAPI CertAddStoreToCollection(HCERTSTORE hCollectionStore,
2744 HCERTSTORE hSiblingStore, DWORD dwUpdateFlags, DWORD dwPriority)
2745 {
2746 PWINE_COLLECTIONSTORE collection = (PWINE_COLLECTIONSTORE)hCollectionStore;
2747 WINECRYPT_CERTSTORE *sibling = (WINECRYPT_CERTSTORE *)hSiblingStore;
2748 PWINE_STORE_LIST_ENTRY entry;
2749 BOOL ret;
2750
2751 TRACE("(%p, %p, %08lx, %ld)\n", hCollectionStore, hSiblingStore,
2752 dwUpdateFlags, dwPriority);
2753
2754 if (!collection || !sibling)
2755 return TRUE;
2756 if (collection->hdr.dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2757 {
2758 SetLastError(E_INVALIDARG);
2759 return FALSE;
2760 }
2761 if (collection->hdr.type != StoreTypeCollection)
2762 {
2763 SetLastError(E_INVALIDARG);
2764 return FALSE;
2765 }
2766 if (sibling->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2767 {
2768 SetLastError(E_INVALIDARG);
2769 return FALSE;
2770 }
2771
2772 entry = CryptMemAlloc(sizeof(WINE_STORE_LIST_ENTRY));
2773 if (entry)
2774 {
2775 InterlockedIncrement(&sibling->ref);
2776 TRACE("sibling %p's ref count is %ld\n", sibling, sibling->ref);
2777 entry->store = sibling;
2778 entry->dwUpdateFlags = dwUpdateFlags;
2779 entry->dwPriority = dwPriority;
2780 list_init(&entry->entry);
2781 TRACE("%p: adding %p, priority %ld\n", collection, entry, dwPriority);
2782 EnterCriticalSection(&collection->cs);
2783 if (dwPriority)
2784 {
2785 PWINE_STORE_LIST_ENTRY cursor;
2786 BOOL added = FALSE;
2787
2788 LIST_FOR_EACH_ENTRY(cursor, &collection->stores,
2789 WINE_STORE_LIST_ENTRY, entry)
2790 {
2791 if (cursor->dwPriority < dwPriority)
2792 {
2793 list_add_before(&cursor->entry, &entry->entry);
2794 added = TRUE;
2795 break;
2796 }
2797 }
2798 if (!added)
2799 list_add_tail(&collection->stores, &entry->entry);
2800 }
2801 else
2802 list_add_tail(&collection->stores, &entry->entry);
2803 LeaveCriticalSection(&collection->cs);
2804 ret = TRUE;
2805 }
2806 else
2807 ret = FALSE;
2808 return ret;
2809 }
2810
2811 void WINAPI CertRemoveStoreFromCollection(HCERTSTORE hCollectionStore,
2812 HCERTSTORE hSiblingStore)
2813 {
2814 PWINE_COLLECTIONSTORE collection = (PWINE_COLLECTIONSTORE)hCollectionStore;
2815 WINECRYPT_CERTSTORE *sibling = (WINECRYPT_CERTSTORE *)hSiblingStore;
2816 PWINE_STORE_LIST_ENTRY store, next;
2817
2818 TRACE("(%p, %p)\n", hCollectionStore, hSiblingStore);
2819
2820 if (!collection || !sibling)
2821 return;
2822 if (collection->hdr.dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2823 {
2824 SetLastError(E_INVALIDARG);
2825 return;
2826 }
2827 if (collection->hdr.type != StoreTypeCollection)
2828 return;
2829 if (sibling->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2830 {
2831 SetLastError(E_INVALIDARG);
2832 return;
2833 }
2834 EnterCriticalSection(&collection->cs);
2835 LIST_FOR_EACH_ENTRY_SAFE(store, next, &collection->stores,
2836 WINE_STORE_LIST_ENTRY, entry)
2837 {
2838 if (store->store == sibling)
2839 {
2840 list_remove(&store->entry);
2841 CertCloseStore(store->store, 0);
2842 CryptMemFree(store);
2843 break;
2844 }
2845 }
2846 LeaveCriticalSection(&collection->cs);
2847 }
useful hacks and other patches not (yet) suitable for mainline