Correct a test that incorrectly showed signed certs couldn't be added
to a mem store. Support signed certs in mem stores. Correct use of a freed pointer.
This commit is contained in:
parent
d57b7ac4e2
commit
3bf9c165fa
|
@ -981,10 +981,16 @@ static PWINE_CERT_CONTEXT CRYPT_CreateCertificateContext(
|
|||
TRACE("(%08lx, %p, %ld)\n", dwCertEncodingType, pbCertEncoded,
|
||||
cbCertEncoded);
|
||||
|
||||
ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED,
|
||||
pbCertEncoded, cbCertEncoded,
|
||||
CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
|
||||
/* First try to decode it as a signed cert. */
|
||||
ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT, pbCertEncoded,
|
||||
cbCertEncoded, CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
|
||||
(BYTE *)&certInfo, &size);
|
||||
/* Failing that, try it as an unsigned cert */
|
||||
if (!ret)
|
||||
ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED,
|
||||
pbCertEncoded, cbCertEncoded,
|
||||
CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
|
||||
(BYTE *)&certInfo, &size);
|
||||
if (ret)
|
||||
{
|
||||
BYTE *data = NULL;
|
||||
|
@ -1020,7 +1026,6 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context)
|
|||
|
||||
HeapFree(GetProcessHeap(), 0, context->cert.pbCertEncoded);
|
||||
LocalFree(context->cert.pCertInfo);
|
||||
HeapFree(GetProcessHeap(), 0, context);
|
||||
DeleteCriticalSection(&context->cs);
|
||||
LIST_FOR_EACH_ENTRY_SAFE(prop, next, &context->extendedProperties,
|
||||
WINE_CERT_PROPERTY, entry)
|
||||
|
@ -1029,6 +1034,7 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context)
|
|||
HeapFree(GetProcessHeap(), 0, prop->pbData);
|
||||
HeapFree(GetProcessHeap(), 0, prop);
|
||||
}
|
||||
HeapFree(GetProcessHeap(), 0, context);
|
||||
}
|
||||
|
||||
PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType,
|
||||
|
|
|
@ -148,13 +148,26 @@ static void testMemStore(void)
|
|||
CRYPT_E_ASN1_CORRUPT),
|
||||
"Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT, got %08lx\n",
|
||||
GetLastError());
|
||||
/* add a signed cert (this also fails) */
|
||||
ok(!ret && (GetLastError() == CRYPT_E_ASN1_EOD || GetLastError() ==
|
||||
CRYPT_E_ASN1_CORRUPT),
|
||||
"Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT, got %08lx\n",
|
||||
GetLastError());
|
||||
/* add a "signed" cert--the signature isn't a real signature, so this adds
|
||||
* without any check of the signature's validity
|
||||
*/
|
||||
ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING,
|
||||
signedBigCert, sizeof(signedBigCert) - 1, CERT_STORE_ADD_ALWAYS, &context);
|
||||
signedBigCert, sizeof(signedBigCert), CERT_STORE_ADD_ALWAYS, &context);
|
||||
ok(ret, "CertAddEncodedCertificateToStore failed: %08lx\n", GetLastError());
|
||||
ok(context != NULL, "Expected a valid cert context\n");
|
||||
if (context)
|
||||
{
|
||||
ok(context->cbCertEncoded == sizeof(signedBigCert),
|
||||
"Expected cert of %d bytes, got %ld\n", sizeof(signedBigCert),
|
||||
context->cbCertEncoded);
|
||||
ok(!memcmp(context->pbCertEncoded, signedBigCert,
|
||||
sizeof(signedBigCert)), "Unexpected encoded cert in context\n");
|
||||
/* remove it, the rest of the tests will work on an unsigned cert */
|
||||
ret = CertDeleteCertificateFromStore(context);
|
||||
ok(ret, "CertDeleteCertificateFromStore failed: %08lx\n",
|
||||
GetLastError());
|
||||
CertFreeCertificateContext(context);
|
||||
}
|
||||
/* add a cert to store1 */
|
||||
ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, bigCert,
|
||||
sizeof(bigCert) - 1, CERT_STORE_ADD_ALWAYS, &context);
|
||||
|
|
Loading…
Reference in New Issue