crypt32: Added support for HCCE_LOCAL_MACHINE.

ca2e1c16 · Jacek Caban · Alexandre Julliard · 786c0c2d · ca2e1c16 · ca2e1c16
Commit ca2e1c16 authored Mar 04, 2014 by Jacek Caban Committed by Alexandre Julliard Mar 04, 2014
Showing with 32 additions and 10 deletions

chain.c dlls/crypt32/chain.c +23 -8

crypt32_private.h dlls/crypt32/crypt32_private.h +1 -1

rootstore.c dlls/crypt32/rootstore.c +1 -1

chain.c dlls/crypt32/tests/chain.c +7 -0

No files found.
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -112,7 +112,7 @@ static BOOL CRYPT_CheckRestrictedRoot(HCERTSTORE store)
    return ret;
 }

-HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root, const CERT_CHAIN_ENGINE_CONFIG *config)
+HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root, DWORD system_store, const CERT_CHAIN_ENGINE_CONFIG *config)
 {
    CertificateChainEngine *engine;
    HCERTSTORE worldStores[4];
@@ -127,7 +127,7 @@ HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root, const CERT_CHAIN_ENGIN
        else if (config->hRestrictedRoot)
            root = CertDuplicateStore(config->hRestrictedRoot);
        else
-            root = CertOpenSystemStoreW(0, rootW);
+            root = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0, system_store, rootW);
        if(!root)
            return NULL;
    }
@@ -142,9 +142,9 @@ HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root, const CERT_CHAIN_ENGIN
    engine->hRoot = root;
    engine->hWorld = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0, CERT_STORE_CREATE_NEW_FLAG, NULL);
    worldStores[0] = CertDuplicateStore(engine->hRoot);
-    worldStores[1] = CertOpenSystemStoreW(0, caW);
-    worldStores[2] = CertOpenSystemStoreW(0, myW);
-    worldStores[3] = CertOpenSystemStoreW(0, trustW);
+    worldStores[1] = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0, system_store, caW);
+    worldStores[2] = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0, system_store, myW);
+    worldStores[3] = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0, system_store, trustW);

    CRYPT_AddStoresToCollection(engine->hWorld,  sizeof(worldStores) / sizeof(worldStores[0]), worldStores);
    CRYPT_AddStoresToCollection(engine->hWorld,  config->cAdditionalStore, config->rghAdditionalStore);
@@ -161,7 +161,7 @@ HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root, const CERT_CHAIN_ENGIN
    return engine;
 }

-static CertificateChainEngine *default_cu_engine;
+static CertificateChainEngine *default_cu_engine, *default_lm_engine;

 static CertificateChainEngine *get_chain_engine(HCERTCHAINENGINE handle, BOOL allow_default)
 {
@@ -172,7 +172,7 @@ static CertificateChainEngine *get_chain_engine(HCERTCHAINENGINE handle, BOOL al
            return NULL;

        if(!default_cu_engine) {
-            handle = CRYPT_CreateChainEngine(NULL, &config);
+            handle = CRYPT_CreateChainEngine(NULL, CERT_SYSTEM_STORE_CURRENT_USER, &config);
            InterlockedCompareExchangePointer((void**)&default_cu_engine, handle, NULL);
            if(default_cu_engine != handle)
                CertFreeCertificateChainEngine(handle);
@@ -181,6 +181,20 @@ static CertificateChainEngine *get_chain_engine(HCERTCHAINENGINE handle, BOOL al
        return default_cu_engine;
    }

+    if(handle == HCCE_LOCAL_MACHINE) {
+        if(!allow_default)
+            return NULL;
+
+        if(!default_cu_engine) {
+            handle = CRYPT_CreateChainEngine(NULL, CERT_SYSTEM_STORE_LOCAL_MACHINE, &config);
+            InterlockedCompareExchangePointer((void**)&default_lm_engine, handle, NULL);
+            if(default_lm_engine != handle)
+                CertFreeCertificateChainEngine(handle);
+        }
+
+        return default_cu_engine;
+    }
+
    return (CertificateChainEngine*)handle;
 }

@@ -228,7 +242,7 @@ BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
        return FALSE;
    }

-    *phChainEngine = CRYPT_CreateChainEngine(NULL, pConfig);
+    *phChainEngine = CRYPT_CreateChainEngine(NULL, CERT_SYSTEM_STORE_CURRENT_USER, pConfig);
    return *phChainEngine != NULL;
 }

@@ -241,6 +255,7 @@ void WINAPI CertFreeCertificateChainEngine(HCERTCHAINENGINE hChainEngine)
 void default_chain_engine_free(void)
 {
    free_chain_engine(default_cu_engine);
+    free_chain_engine(default_lm_engine);
 }

 typedef struct _CertificateChain

--- a/dlls/crypt32/crypt32_private.h
+++ b/dlls/crypt32/crypt32_private.h
@@ -342,7 +342,7 @@ WINECRYPT_CERTSTORE *CRYPT_RootOpenStore(HCRYPTPROV hCryptProv, DWORD dwFlags) D
 * the root store.  Instead, it uses root, and assumes the caller has done any
 * checking necessary.
 */
-HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE, const CERT_CHAIN_ENGINE_CONFIG*) DECLSPEC_HIDDEN;
+HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE, DWORD, const CERT_CHAIN_ENGINE_CONFIG*) DECLSPEC_HIDDEN;

 /* Helper function for store reading functions and
 * CertAddSerializedElementToStore.  Returns a context of the appropriate type

--- a/dlls/crypt32/rootstore.c
+++ b/dlls/crypt32/rootstore.c
@@ -245,7 +245,7 @@ static void check_and_store_certs(HCERTSTORE from, HCERTSTORE to)
    TRACE("\n");

    CertDuplicateStore(to);
-    engine = CRYPT_CreateChainEngine(to, &chainEngineConfig);
+    engine = CRYPT_CreateChainEngine(to, CERT_SYSTEM_STORE_CURRENT_USER, &chainEngineConfig);
    if (engine)
    {
        PCCERT_CONTEXT cert = NULL;

--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@@ -4041,6 +4041,13 @@ static void testGetCertChain(void)
    test_name_blob(&simple_chain->rgpElement[2]->pCertContext->pCertInfo->Subject, "US, GeoTrust Inc., GeoTrust Global CA");

    pCertFreeCertificateChain(chain);
+
+    /* Test HCCE_LOCAL_MACHINE */
+    ret = CertGetCertificateChain(HCCE_LOCAL_MACHINE, cert, &fileTime, store, &para, 0, NULL, &chain);
+    ok(ret, "CertGetCertificateChain failed: %u\n", GetLastError());
+    pCertFreeCertificateChain(chain);
+
+    CertFreeCertificateContext(cert);
    CertCloseStore(store, 0);
 }