crypt32: Add support for CRYPT_MACHINE_KEYSET in PFXImportCertStore.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=49857Signed-off-by: Hans Leidekker <hans@codeweavers.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>

crypt32: Add support for CRYPT_MACHINE_KEYSET in PFXImportCertStore.
547508e3 · Hans Leidekker · Alexandre Julliard · b9f1ec8c · 547508e3 · 547508e3
Commit 547508e3 authored Sep 23, 2020 by Hans Leidekker Committed by Alexandre Julliard Sep 23, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 6 deletions

pfx.c dlls/crypt32/pfx.c +9 -6

store.c dlls/crypt32/tests/store.c +10 -0

No files found.
--- a/dlls/crypt32/pfx.c
+++ b/dlls/crypt32/pfx.c
@@ -138,7 +138,7 @@ static HCRYPTPROV import_key( gnutls_x509_privkey_t key, DWORD flags )
    HCRYPTPROV prov = 0;
    HCRYPTKEY cryptkey;
    BYTE *buf, *src, *dst;
-    DWORD size;
+    DWORD size, acquire_flags;
    if ((ret = pgnutls_x509_privkey_get_pk_algorithm2( key, &bitlen )) < 0)
    {
@@ -208,17 +208,20 @@ static HCRYPTPROV import_key( gnutls_x509_privkey_t key, DWORD flags )
    else src = d.data;
    for (i = bitlen / 8 - 1; i >= 0; i--) *dst++ = src[i];
-    if (!CryptAcquireContextW( &prov, NULL, MS_ENHANCED_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET ))
+    acquire_flags = (flags & CRYPT_MACHINE_KEYSET) | CRYPT_NEWKEYSET;
+    if (!CryptAcquireContextW( &prov, NULL, MS_ENHANCED_PROV_W, PROV_RSA_FULL, acquire_flags ))
    {
        if (GetLastError() != NTE_EXISTS) goto done;
-        if (!CryptAcquireContextW( &prov, NULL, MS_ENHANCED_PROV_W, PROV_RSA_FULL, 0 ))
+        acquire_flags &= ~CRYPT_NEWKEYSET;
+        if (!CryptAcquireContextW( &prov, NULL, MS_ENHANCED_PROV_W, PROV_RSA_FULL, acquire_flags ))
        {
            WARN( "CryptAcquireContextW failed %08x\n", GetLastError() );
            goto done;
        }
    }
-    if (!CryptImportKey( prov, buf, size, 0, flags, &cryptkey ))
+    if (!CryptImportKey( prov, buf, size, 0, flags & CRYPT_EXPORTABLE, &cryptkey ))
    {
        WARN( "CryptImportKey failed %08x\n", GetLastError() );
        CryptReleaseContext( prov, 0 );
@@ -346,7 +349,7 @@ HCERTSTORE WINAPI PFXImportCertStore( CRYPT_DATA_BLOB *pfx, const WCHAR *passwor
        SetLastError( ERROR_INVALID_PARAMETER );
        return NULL;
    }
-    if (flags & ~(CRYPT_EXPORTABLE|CRYPT_USER_KEYSET|PKCS12_NO_PERSIST_KEY))
+    if (flags & ~(CRYPT_EXPORTABLE|CRYPT_USER_KEYSET|CRYPT_MACHINE_KEYSET|PKCS12_NO_PERSIST_KEY))
    {
        FIXME( "flags %08x not supported\n", flags );
        return NULL;
@@ -373,7 +376,7 @@ HCERTSTORE WINAPI PFXImportCertStore( CRYPT_DATA_BLOB *pfx, const WCHAR *passwor
        goto error;
    }
-    if (!(prov = import_key( key, flags & CRYPT_EXPORTABLE ))) goto error;
+    if (!(prov = import_key( key, flags ))) goto error;
    if (!(store = CertOpenStore( CERT_STORE_PROV_MEMORY, 0, 0, 0, NULL )))
    {
        WARN( "CertOpenStore failed %08x\n", GetLastError() );

--- a/dlls/crypt32/tests/store.c
+++ b/dlls/crypt32/tests/store.c
@@ -3348,6 +3348,16 @@ static void test_PFXImportCertStore(void)
    ok(ret, "got %u\n", GetLastError());
    CertFreeCertificateContext( cert );
    CertCloseStore( store, 0 );
+    /* CRYPT_MACHINE_KEYSET */
+    store = PFXImportCertStore( &pfx, NULL, CRYPT_MACHINE_KEYSET );
+    ok( store != NULL, "got %u\n", GetLastError() );
+    cert = CertFindCertificateInStore( store, X509_ASN_ENCODING, 0, CERT_FIND_ANY, NULL, NULL );
+    ok( cert != NULL, "got %08x\n", GetLastError() );
+    CertFreeCertificateContext( cert );
+    CertCloseStore( store, 0 );
 }
 static void test_CryptQueryObject(void)