diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c index d747574df63..84780cb789d 100644 --- a/dlls/crypt32/cert.c +++ b/dlls/crypt32/cert.c @@ -1902,29 +1902,43 @@ BOOL WINAPI CertAddEnhancedKeyUsageIdentifier(PCCERT_CONTEXT pCertContext, CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG, usage, &size); if (ret) { - PCERT_ENHKEY_USAGE newUsage = CryptMemAlloc(size + - sizeof(LPSTR) + strlen(pszUsageIdentifier) + 1); + DWORD i; + BOOL exists = FALSE; - if (newUsage) + /* Make sure usage doesn't already exist */ + for (i = 0; !exists && i < usage->cUsageIdentifier; i++) { - LPSTR nextOID; - DWORD i; + if (!strcmp(usage->rgpszUsageIdentifier[i], + pszUsageIdentifier)) + exists = TRUE; + } + if (!exists) + { + PCERT_ENHKEY_USAGE newUsage = CryptMemAlloc(size + + sizeof(LPSTR) + strlen(pszUsageIdentifier) + 1); - newUsage->rgpszUsageIdentifier = - (LPSTR *)((LPBYTE)newUsage + sizeof(CERT_ENHKEY_USAGE)); - nextOID = (LPSTR)((LPBYTE)newUsage->rgpszUsageIdentifier + - (usage->cUsageIdentifier + 1) * sizeof(LPSTR)); - for (i = 0; i < usage->cUsageIdentifier; i++) + if (newUsage) { + LPSTR nextOID; + + newUsage->rgpszUsageIdentifier = (LPSTR *) + ((LPBYTE)newUsage + sizeof(CERT_ENHKEY_USAGE)); + nextOID = (LPSTR)((LPBYTE)newUsage->rgpszUsageIdentifier + + (usage->cUsageIdentifier + 1) * sizeof(LPSTR)); + for (i = 0; i < usage->cUsageIdentifier; i++) + { + newUsage->rgpszUsageIdentifier[i] = nextOID; + strcpy(nextOID, usage->rgpszUsageIdentifier[i]); + nextOID += strlen(nextOID) + 1; + } newUsage->rgpszUsageIdentifier[i] = nextOID; - strcpy(nextOID, usage->rgpszUsageIdentifier[i]); - nextOID += strlen(nextOID) + 1; + strcpy(nextOID, pszUsageIdentifier); + newUsage->cUsageIdentifier = i + 1; + ret = CertSetEnhancedKeyUsage(pCertContext, newUsage); + CryptMemFree(newUsage); } - newUsage->rgpszUsageIdentifier[i] = nextOID; - strcpy(nextOID, pszUsageIdentifier); - newUsage->cUsageIdentifier = i + 1; - ret = CertSetEnhancedKeyUsage(pCertContext, newUsage); - CryptMemFree(newUsage); + else + ret = FALSE; } } CryptMemFree(usage); diff --git a/dlls/crypt32/tests/cert.c b/dlls/crypt32/tests/cert.c index 37a709b447b..0ab9334b0c2 100644 --- a/dlls/crypt32/tests/cert.c +++ b/dlls/crypt32/tests/cert.c @@ -2053,7 +2053,9 @@ static void testKeyUsage(void) if (pUsage->cUsageIdentifier) ok(!strcmp(pUsage->rgpszUsageIdentifier[0], oid), "Expected %s, got %s\n", oid, pUsage->rgpszUsageIdentifier[0]); - /* Yep, I can re-add the same usage identifier */ + /* Re-adding the same usage identifier succeeds, though it only adds + * a duplicate usage identifier on versions prior to Vista + */ ret = CertAddEnhancedKeyUsageIdentifier(context, oid); ok(ret, "CertAddEnhancedKeyUsageIdentifier failed: %08x\n", GetLastError()); @@ -2061,8 +2063,8 @@ static void testKeyUsage(void) ret = CertGetEnhancedKeyUsage(context, 0, pUsage, &size); ok(ret && GetLastError() == 0, "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError()); - ok(pUsage->cUsageIdentifier == 2, "Expected 2 identifiers, got %d\n", - pUsage->cUsageIdentifier); + ok(pUsage->cUsageIdentifier == 1 || pUsage->cUsageIdentifier == 2, + "Expected 1 or 2 identifiers, got %d\n", pUsage->cUsageIdentifier); if (pUsage->cUsageIdentifier) ok(!strcmp(pUsage->rgpszUsageIdentifier[0], oid), "Expected %s, got %s\n", oid, pUsage->rgpszUsageIdentifier[0]);