Commit 23f789fb authored by Juan Lang's avatar Juan Lang Committed by Alexandre Julliard

cryptui: Check for type mismatches in CryptUIWizImport.

parent 1accec56
......@@ -63,6 +63,8 @@ STRINGTABLE DISCARDABLE
IDS_CERTIFICATE_PURPOSE_EXISTS "The OID you entered already exists."
IDS_SELECT_STORE_TITLE "Select Certificate Store"
IDS_SELECT_STORE "Please select a certificate store."
IDS_IMPORT_WIZARD "Certificate Import Wizard"
IDS_IMPORT_TYPE_MISMATCH "The file contains objects that do not match the given criteria. Please select another file."
IDS_PURPOSE_SERVER_AUTH "Ensures the identify of a remote computer"
IDS_PURPOSE_CLIENT_AUTH "Proves your identity to a remote computer"
IDS_PURPOSE_CODE_SIGNING "Ensures software came from software publisher\nProtects software from alteration after publication"
......
......@@ -60,6 +60,8 @@
#define IDS_CERTIFICATE_PURPOSE_EXISTS 1040
#define IDS_SELECT_STORE_TITLE 1041
#define IDS_SELECT_STORE 1042
#define IDS_IMPORT_WIZARD 1043
#define IDS_IMPORT_TYPE_MISMATCH 1044
#define IDS_PURPOSE_SERVER_AUTH 1100
#define IDS_PURPOSE_CLIENT_AUTH 1101
......
......@@ -3468,6 +3468,71 @@ static BOOL import_cert(PCCERT_CONTEXT cert, HCERTSTORE hDestCertStore)
return ret;
}
/* Checks type, a type such as CERT_QUERY_CONTENT_CERT returned by
* CryptQueryObject, against the allowed types. Returns TRUE if the
* type is allowed, FALSE otherwise.
*/
static BOOL check_context_type(DWORD dwFlags, DWORD type)
{
BOOL ret;
if (dwFlags &
(CRYPTUI_WIZ_IMPORT_ALLOW_CERT | CRYPTUI_WIZ_IMPORT_ALLOW_CRL |
CRYPTUI_WIZ_IMPORT_ALLOW_CTL))
{
switch (type)
{
case CERT_QUERY_CONTENT_CERT:
case CERT_QUERY_CONTENT_SERIALIZED_CERT:
ret = dwFlags & CRYPTUI_WIZ_IMPORT_ALLOW_CERT;
break;
case CERT_QUERY_CONTENT_CRL:
case CERT_QUERY_CONTENT_SERIALIZED_CRL:
ret = dwFlags & CRYPTUI_WIZ_IMPORT_ALLOW_CRL;
break;
case CERT_QUERY_CONTENT_CTL:
case CERT_QUERY_CONTENT_SERIALIZED_CTL:
ret = dwFlags & CRYPTUI_WIZ_IMPORT_ALLOW_CTL;
break;
default:
/* The remaining types contain more than one type, so allow
* any combination.
*/
ret = TRUE;
}
}
else
{
/* No allowed types specified, so any type is allowed */
ret = TRUE;
}
if (!ret)
SetLastError(E_INVALIDARG);
return ret;
}
static void import_warn_type_mismatch(DWORD dwFlags, HWND hwnd, LPCWSTR szTitle)
{
if (!(dwFlags & CRYPTUI_WIZ_NO_UI))
{
WCHAR title[MAX_STRING_LEN], error[MAX_STRING_LEN];
LPCWSTR pTitle;
if (szTitle)
pTitle = szTitle;
else
{
LoadStringW(hInstance, IDS_IMPORT_WIZARD, title,
sizeof(title) / sizeof(title[0]));
pTitle = title;
}
LoadStringW(hInstance, IDS_IMPORT_TYPE_MISMATCH, error,
sizeof(error) / sizeof(error[0]));
MessageBoxW(hwnd, error, pTitle, MB_ICONERROR | MB_OK);
}
}
BOOL WINAPI CryptUIWizImport(DWORD dwFlags, HWND hwndParent, LPCWSTR pwszWizardTitle,
PCCRYPTUI_WIZ_IMPORT_SRC_INFO pImportSrc, HCERTSTORE hDestCertStore)
{
......@@ -3501,7 +3566,10 @@ BOOL WINAPI CryptUIWizImport(DWORD dwFlags, HWND hwndParent, LPCWSTR pwszWizardT
}
break;
case CRYPTUI_WIZ_IMPORT_SUBJECT_CERT_CONTEXT:
ret = import_cert(pImportSrc->u.pCertContext, hDestCertStore);
if ((ret = check_context_type(dwFlags, CERT_QUERY_CONTENT_CERT)))
ret = import_cert(pImportSrc->u.pCertContext, hDestCertStore);
else
import_warn_type_mismatch(dwFlags, hwndParent, pwszWizardTitle);
break;
default:
FIXME("source type not implemented: %u\n", pImportSrc->dwSubjectChoice);
......
......@@ -377,7 +377,6 @@ static void test_crypt_ui_wiz_import(void)
SetLastError(0xdeadbeef);
ret = pCryptUIWizImport(CRYPTUI_WIZ_NO_UI | CRYPTUI_WIZ_IMPORT_ALLOW_CRL,
0, NULL, &info, NULL);
todo_wine
ok(!ret && GetLastError() == E_INVALIDARG,
"expected E_INVALIDARG, got %08x\n", GetLastError());
CertFreeCertificateContext(info.u.pCertContext);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment