Juan Lang : crypt32: Correct self-signed cert creation.
Alexandre Julliard
julliard at wine.codeweavers.com
Fri Jul 14 10:50:40 CDT 2006
Module: wine
Branch: refs/heads/master
Commit: 78f59dd7e970ac1bc83192ceca3020e7c50807a3
URL: http://source.winehq.org/git/?p=wine.git;a=commit;h=78f59dd7e970ac1bc83192ceca3020e7c50807a3
Author: Juan Lang <juan_lang at yahoo.com>
Date: Thu Jul 13 23:06:49 2006 -0700
crypt32: Correct self-signed cert creation.
- use correct function names for rpcrt functions
- use CryptGenRandom to create unique serial numbers
---
dlls/crypt32/cert.c | 22 ++++++++++++----------
1 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c
index 851c8c5..b5d510d 100644
--- a/dlls/crypt32/cert.c
+++ b/dlls/crypt32/cert.c
@@ -1826,6 +1826,7 @@ static PCCERT_CONTEXT CRYPT_CreateSigned
}
/* Copies data from the parameters into info, where:
+ * pSerialNumber: The serial number. Must not be NULL.
* pSubjectIssuerBlob: Specifies both the subject and issuer for info.
* Must not be NULL
* pSignatureAlgorithm: Optional.
@@ -1836,23 +1837,22 @@ static PCCERT_CONTEXT CRYPT_CreateSigned
* pubKey: The public key of the certificate. Must not be NULL.
* pExtensions: Extensions to be included with the certificate. Optional.
*/
-static void CRYPT_MakeCertInfo(PCERT_INFO info,
+static void CRYPT_MakeCertInfo(PCERT_INFO info, PCRYPT_DATA_BLOB pSerialNumber,
PCERT_NAME_BLOB pSubjectIssuerBlob,
PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, PSYSTEMTIME pStartTime,
PSYSTEMTIME pEndTime, PCERT_PUBLIC_KEY_INFO pubKey,
PCERT_EXTENSIONS pExtensions)
{
- /* FIXME: what serial number to use? */
- static const BYTE serialNum[] = { 1 };
static CHAR oid[] = szOID_RSA_SHA1RSA;
assert(info);
+ assert(pSerialNumber);
assert(pSubjectIssuerBlob);
assert(pubKey);
info->dwVersion = CERT_V3;
- info->SerialNumber.cbData = sizeof(serialNum);
- info->SerialNumber.pbData = (LPBYTE)serialNum;
+ info->SerialNumber.cbData = pSerialNumber->cbData;
+ info->SerialNumber.pbData = pSerialNumber->pbData;
if (pSignatureAlgorithm)
memcpy(&info->SignatureAlgorithm, pSignatureAlgorithm,
sizeof(info->SignatureAlgorithm));
@@ -1910,9 +1910,9 @@ static HCRYPTPROV CRYPT_CreateKeyProv(vo
UuidCreateFunc uuidCreate = (UuidCreateFunc)GetProcAddress(rpcrt,
"UuidCreate");
UuidToStringFunc uuidToString = (UuidToStringFunc)GetProcAddress(rpcrt,
- "UuidToString");
+ "UuidToStringA");
RpcStringFreeFunc rpcStringFree = (RpcStringFreeFunc)GetProcAddress(
- rpcrt, "RpcStringFree");
+ rpcrt, "RpcStringFreeA");
if (uuidCreate && uuidToString && rpcStringFree)
{
@@ -1978,10 +1978,12 @@ PCCERT_CONTEXT WINAPI CertCreateSelfSign
{
CERT_INFO info = { 0 };
CRYPT_DER_BLOB blob = { 0, NULL };
- BOOL ret;
+ BYTE serial[16];
+ CRYPT_DATA_BLOB serialBlob = { sizeof(serial), serial };
- CRYPT_MakeCertInfo(&info, pSubjectIssuerBlob, pSignatureAlgorithm,
- pStartTime, pEndTime, pubKey, pExtensions);
+ CryptGenRandom(hProv, sizeof(serial), serial);
+ CRYPT_MakeCertInfo(&info, &serialBlob, pSubjectIssuerBlob,
+ pSignatureAlgorithm, pStartTime, pEndTime, pubKey, pExtensions);
ret = CryptEncodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED,
&info, CRYPT_ENCODE_ALLOC_FLAG, NULL, (BYTE *)&blob.pbData,
&blob.cbData);
More information about the wine-cvs
mailing list