wintrust: Fail to load a certificate from a PE file if the certificate entry isn't a known type.

2009-12-05 19:17:25 -08:00 · 2009-12-05 19:17:25 -08:00 · 497b67dbf6
parent d69b00d630
commit 497b67dbf6
1 changed files with 14 additions and 2 deletions
--- a/dlls/wintrust/crypt.c
+++ b/dlls/wintrust/crypt.c
@ -1028,7 +1028,18 @@ static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
        /* app hasn't passed buffer, just get the length */
        ret = ImageGetCertificateHeader(pSubjectInfo->hFile, dwIndex, &cert);
        if (ret)
-            *pcbSignedDataMsg = cert.dwLength;
+        {
+            switch (cert.wCertificateType)
+            {
+            case WIN_CERT_TYPE_X509:
+            case WIN_CERT_TYPE_PKCS_SIGNED_DATA:
+                *pcbSignedDataMsg = cert.dwLength;
+                break;
+            default:
+                WARN("unknown certificate type %d\n", cert.wCertificateType);
+                ret = FALSE;
+            }
+        }
    }
    else
    {
@ -1065,9 +1076,10 @@ static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
                *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
                break;
            default:
-                FIXME("don't know what to do for encoding type %d\n",
+                WARN("don't know what to do for encoding type %d\n",
                 pCert->wCertificateType);
                *pdwEncodingType = 0;
+                ret = FALSE;
            }
        }
    }