Commit 3bf9c165 authored by Juan Lang's avatar Juan Lang Committed by Alexandre Julliard

Correct a test that incorrectly showed signed certs couldn't be added

to a mem store. Support signed certs in mem stores. Correct use of a freed pointer.
parent d57b7ac4
...@@ -981,10 +981,16 @@ static PWINE_CERT_CONTEXT CRYPT_CreateCertificateContext( ...@@ -981,10 +981,16 @@ static PWINE_CERT_CONTEXT CRYPT_CreateCertificateContext(
TRACE("(%08lx, %p, %ld)\n", dwCertEncodingType, pbCertEncoded, TRACE("(%08lx, %p, %ld)\n", dwCertEncodingType, pbCertEncoded,
cbCertEncoded); cbCertEncoded);
ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED, /* First try to decode it as a signed cert. */
pbCertEncoded, cbCertEncoded, ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT, pbCertEncoded,
CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL, cbCertEncoded, CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
(BYTE *)&certInfo, &size); (BYTE *)&certInfo, &size);
/* Failing that, try it as an unsigned cert */
if (!ret)
ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED,
pbCertEncoded, cbCertEncoded,
CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
(BYTE *)&certInfo, &size);
if (ret) if (ret)
{ {
BYTE *data = NULL; BYTE *data = NULL;
...@@ -1020,7 +1026,6 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context) ...@@ -1020,7 +1026,6 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context)
HeapFree(GetProcessHeap(), 0, context->cert.pbCertEncoded); HeapFree(GetProcessHeap(), 0, context->cert.pbCertEncoded);
LocalFree(context->cert.pCertInfo); LocalFree(context->cert.pCertInfo);
HeapFree(GetProcessHeap(), 0, context);
DeleteCriticalSection(&context->cs); DeleteCriticalSection(&context->cs);
LIST_FOR_EACH_ENTRY_SAFE(prop, next, &context->extendedProperties, LIST_FOR_EACH_ENTRY_SAFE(prop, next, &context->extendedProperties,
WINE_CERT_PROPERTY, entry) WINE_CERT_PROPERTY, entry)
...@@ -1029,6 +1034,7 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context) ...@@ -1029,6 +1034,7 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context)
HeapFree(GetProcessHeap(), 0, prop->pbData); HeapFree(GetProcessHeap(), 0, prop->pbData);
HeapFree(GetProcessHeap(), 0, prop); HeapFree(GetProcessHeap(), 0, prop);
} }
HeapFree(GetProcessHeap(), 0, context);
} }
PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType, PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType,
......
...@@ -148,13 +148,26 @@ static void testMemStore(void) ...@@ -148,13 +148,26 @@ static void testMemStore(void)
CRYPT_E_ASN1_CORRUPT), CRYPT_E_ASN1_CORRUPT),
"Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT, got %08lx\n", "Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT, got %08lx\n",
GetLastError()); GetLastError());
/* add a signed cert (this also fails) */ /* add a "signed" cert--the signature isn't a real signature, so this adds
ok(!ret && (GetLastError() == CRYPT_E_ASN1_EOD || GetLastError() == * without any check of the signature's validity
CRYPT_E_ASN1_CORRUPT), */
"Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT, got %08lx\n",
GetLastError());
ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING,
signedBigCert, sizeof(signedBigCert) - 1, CERT_STORE_ADD_ALWAYS, &context); signedBigCert, sizeof(signedBigCert), CERT_STORE_ADD_ALWAYS, &context);
ok(ret, "CertAddEncodedCertificateToStore failed: %08lx\n", GetLastError());
ok(context != NULL, "Expected a valid cert context\n");
if (context)
{
ok(context->cbCertEncoded == sizeof(signedBigCert),
"Expected cert of %d bytes, got %ld\n", sizeof(signedBigCert),
context->cbCertEncoded);
ok(!memcmp(context->pbCertEncoded, signedBigCert,
sizeof(signedBigCert)), "Unexpected encoded cert in context\n");
/* remove it, the rest of the tests will work on an unsigned cert */
ret = CertDeleteCertificateFromStore(context);
ok(ret, "CertDeleteCertificateFromStore failed: %08lx\n",
GetLastError());
CertFreeCertificateContext(context);
}
/* add a cert to store1 */ /* add a cert to store1 */
ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, bigCert, ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, bigCert,
sizeof(bigCert) - 1, CERT_STORE_ADD_ALWAYS, &context); sizeof(bigCert) - 1, CERT_STORE_ADD_ALWAYS, &context);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment