From 3bf9c165fa377ea547950eb75e628a1f7a3d3c07 Mon Sep 17 00:00:00 2001 From: Juan Lang Date: Sat, 3 Sep 2005 15:02:57 +0000 Subject: [PATCH] Correct a test that incorrectly showed signed certs couldn't be added to a mem store. Support signed certs in mem stores. Correct use of a freed pointer. --- dlls/crypt32/cert.c | 14 ++++++++++---- dlls/crypt32/tests/cert.c | 25 +++++++++++++++++++------ 2 files changed, 29 insertions(+), 10 deletions(-) diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c index 8660b7c4f07..2d91dc2fd69 100644 --- a/dlls/crypt32/cert.c +++ b/dlls/crypt32/cert.c @@ -981,10 +981,16 @@ static PWINE_CERT_CONTEXT CRYPT_CreateCertificateContext( TRACE("(%08lx, %p, %ld)\n", dwCertEncodingType, pbCertEncoded, cbCertEncoded); - ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED, - pbCertEncoded, cbCertEncoded, - CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL, + /* First try to decode it as a signed cert. */ + ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT, pbCertEncoded, + cbCertEncoded, CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL, (BYTE *)&certInfo, &size); + /* Failing that, try it as an unsigned cert */ + if (!ret) + ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED, + pbCertEncoded, cbCertEncoded, + CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL, + (BYTE *)&certInfo, &size); if (ret) { BYTE *data = NULL; @@ -1020,7 +1026,6 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context) HeapFree(GetProcessHeap(), 0, context->cert.pbCertEncoded); LocalFree(context->cert.pCertInfo); - HeapFree(GetProcessHeap(), 0, context); DeleteCriticalSection(&context->cs); LIST_FOR_EACH_ENTRY_SAFE(prop, next, &context->extendedProperties, WINE_CERT_PROPERTY, entry) @@ -1029,6 +1034,7 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context) HeapFree(GetProcessHeap(), 0, prop->pbData); HeapFree(GetProcessHeap(), 0, prop); } + HeapFree(GetProcessHeap(), 0, context); } PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType, diff --git a/dlls/crypt32/tests/cert.c b/dlls/crypt32/tests/cert.c index 9d969399b77..a3d008d4367 100644 --- a/dlls/crypt32/tests/cert.c +++ b/dlls/crypt32/tests/cert.c @@ -148,13 +148,26 @@ static void testMemStore(void) CRYPT_E_ASN1_CORRUPT), "Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT, got %08lx\n", GetLastError()); - /* add a signed cert (this also fails) */ - ok(!ret && (GetLastError() == CRYPT_E_ASN1_EOD || GetLastError() == - CRYPT_E_ASN1_CORRUPT), - "Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT, got %08lx\n", - GetLastError()); + /* add a "signed" cert--the signature isn't a real signature, so this adds + * without any check of the signature's validity + */ ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, - signedBigCert, sizeof(signedBigCert) - 1, CERT_STORE_ADD_ALWAYS, &context); + signedBigCert, sizeof(signedBigCert), CERT_STORE_ADD_ALWAYS, &context); + ok(ret, "CertAddEncodedCertificateToStore failed: %08lx\n", GetLastError()); + ok(context != NULL, "Expected a valid cert context\n"); + if (context) + { + ok(context->cbCertEncoded == sizeof(signedBigCert), + "Expected cert of %d bytes, got %ld\n", sizeof(signedBigCert), + context->cbCertEncoded); + ok(!memcmp(context->pbCertEncoded, signedBigCert, + sizeof(signedBigCert)), "Unexpected encoded cert in context\n"); + /* remove it, the rest of the tests will work on an unsigned cert */ + ret = CertDeleteCertificateFromStore(context); + ok(ret, "CertDeleteCertificateFromStore failed: %08lx\n", + GetLastError()); + CertFreeCertificateContext(context); + } /* add a cert to store1 */ ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, bigCert, sizeof(bigCert) - 1, CERT_STORE_ADD_ALWAYS, &context); -- 2.11.4.GIT