wintrust: Fail to load a certificate from a PE file if the certificate entry isn't a known type.

497b67db · Juan Lang · Alexandre Julliard · d69b00d6 · 497b67db
Commit 497b67db authored Dec 05, 2009 by Juan Lang Committed by Alexandre Julliard Dec 07, 2009
Hide whitespace changes
Inline Side-by-side

Showing with 14 additions and 2 deletions

crypt.c dlls/wintrust/crypt.c +14 -2

No files found.
--- a/dlls/wintrust/crypt.c
+++ b/dlls/wintrust/crypt.c
@@ -1028,7 +1028,18 @@ static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
        /* app hasn't passed buffer, just get the length */
        ret = ImageGetCertificateHeader(pSubjectInfo->hFile, dwIndex, &cert);
        if (ret)
-            *pcbSignedDataMsg = cert.dwLength;
+        {
+            switch (cert.wCertificateType)
+            {
+            case WIN_CERT_TYPE_X509:
+            case WIN_CERT_TYPE_PKCS_SIGNED_DATA:
+                *pcbSignedDataMsg = cert.dwLength;
+                break;
+            default:
+                WARN("unknown certificate type %d\n", cert.wCertificateType);
+                ret = FALSE;
+            }
+        }
    }
    else
    {
@@ -1065,9 +1076,10 @@ static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
                *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
                break;
            default:
-                FIXME("don't know what to do for encoding type %d\n",
+                WARN("don't know what to do for encoding type %d\n",
                 pCert->wCertificateType);
                *pdwEncodingType = 0;
+                ret = FALSE;
            }
        }
    }