rsaenh: Add support for retrieving the security descriptor on key containers.

dlls/advapi32/tests/crypt.c

@@ -1140,6 +1140,37 @@ static void test_SystemFunction036(void)
     ok(ret == TRUE, "Expected SystemFunction036 to return TRUE, got %d\n", ret);
 }
 
+static void test_container_sd(void)
+{
+    HCRYPTPROV prov;
+    SECURITY_DESCRIPTOR *sd;
+    DWORD len;
+    BOOL ret;
+
+    ret = CryptAcquireContextA(&prov, "winetest", "Microsoft Enhanced Cryptographic Provider v1.0",
+                               PROV_RSA_FULL, CRYPT_MACHINE_KEYSET|CRYPT_NEWKEYSET);
+    ok(ret, "got %u\n", GetLastError());
+
+    len = 0;
+    SetLastError(0xdeadbeef);
+    ret = CryptGetProvParam(prov, PP_KEYSET_SEC_DESCR, NULL, &len, OWNER_SECURITY_INFORMATION);
+    ok(ret, "got %u\n", GetLastError());
+    ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "got %u\n", GetLastError());
+    ok(len, "expected len > 0\n");
+
+    sd = HeapAlloc(GetProcessHeap(), 0, len);
+    ret = CryptGetProvParam(prov, PP_KEYSET_SEC_DESCR, (BYTE *)sd, &len, OWNER_SECURITY_INFORMATION);
+    ok(ret, "got %u\n", GetLastError());
+    HeapFree(GetProcessHeap(), 0, sd);
+
+    ret = CryptReleaseContext(prov, 0);
+    ok(ret, "got %u\n", GetLastError());
+
+    ret = CryptAcquireContextA(&prov, "winetest", "Microsoft Enhanced Cryptographic Provider v1.0",
+                               PROV_RSA_FULL, CRYPT_MACHINE_KEYSET|CRYPT_DELETEKEYSET);
+    ok(ret, "got %u\n", GetLastError());
+}
+
 START_TEST(crypt)
 {
     init_function_pointers();
@@ -1151,6 +1182,7 @@ START_TEST(crypt)
 	test_incorrect_api_usage();
 	test_verify_sig();
 	test_machine_guid();
+	test_container_sd();
 	clean_up_environment();
     }
 	

dlls/rsaenh/rsaenh.c

@@ -38,6 +38,7 @@
 #include "implglue.h"
 #include "objbase.h"
 #include "rpcproxy.h"
+#include "aclapi.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
@@ -3674,6 +3675,7 @@ BOOL WINAPI RSAENH_CPGetKeyParam(HCRYPTPROV hProv, HCRYPTKEY hKey, DWORD dwParam
  *   - PP_SIG_KEYSIZE_INC: RSA signature keywidth granularity in bits.
  *   - PP_KEYX_KEYSIZE_INC: RSA key-exchange keywidth granularity in bits.
  *   - PP_ENUMALGS{_EX}: Query provider capabilities.
+ *   - PP_KEYSET_SEC_DESCR: Retrieve security descriptor on container.
  */
 BOOL WINAPI RSAENH_CPGetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, 
                                   DWORD *pdwDataLen, DWORD dwFlags)
@@ -3834,6 +3836,34 @@ BOOL WINAPI RSAENH_CPGetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData,
         case PP_CRYPT_COUNT_KEY_USE: /* Asked for by IE About dialog */
             return copy_param(pbData, pdwDataLen, abWTF, sizeof(abWTF));
 
+        case PP_KEYSET_SEC_DESCR:
+        {
+            SECURITY_DESCRIPTOR *sd;
+            DWORD err, len, flags = (pKeyContainer->dwFlags & CRYPT_MACHINE_KEYSET);
+
+            if (!open_container_key(pKeyContainer->szName, flags, &hKey))
+            {
+                SetLastError(NTE_BAD_KEYSET);
+                return FALSE;
+            }
+
+            err = GetSecurityInfo(hKey, SE_REGISTRY_KEY, dwFlags, NULL, NULL, NULL, NULL, (void **)&sd);
+            RegCloseKey(hKey);
+            if (err)
+            {
+                SetLastError(err);
+                return FALSE;
+            }
+
+            len = GetSecurityDescriptorLength(sd);
+            if (*pdwDataLen >= len) memcpy(pbData, sd, len);
+            else SetLastError(ERROR_INSUFFICIENT_BUFFER);
+            *pdwDataLen = len;
+
+            LocalFree(sd);
+            return TRUE;
+        }
+
         default:
             /* MSDN: Unknown parameter number in dwParam */
             SetLastError(NTE_BAD_TYPE);