Juan Lang : crypt32: Correct self-signed cert creation.

Alexandre Julliard julliard at wine.codeweavers.com
Fri Jul 14 10:50:40 CDT 2006


Module: wine
Branch: refs/heads/master
Commit: 78f59dd7e970ac1bc83192ceca3020e7c50807a3
URL:    http://source.winehq.org/git/?p=wine.git;a=commit;h=78f59dd7e970ac1bc83192ceca3020e7c50807a3

Author: Juan Lang <juan_lang at yahoo.com>
Date:   Thu Jul 13 23:06:49 2006 -0700

crypt32: Correct self-signed cert creation.

- use correct function names for rpcrt functions
- use CryptGenRandom to create unique serial numbers

---

 dlls/crypt32/cert.c |   22 ++++++++++++----------
 1 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c
index 851c8c5..b5d510d 100644
--- a/dlls/crypt32/cert.c
+++ b/dlls/crypt32/cert.c
@@ -1826,6 +1826,7 @@ static PCCERT_CONTEXT CRYPT_CreateSigned
 }
 
 /* Copies data from the parameters into info, where:
+ * pSerialNumber: The serial number.  Must not be NULL.
  * pSubjectIssuerBlob: Specifies both the subject and issuer for info.
  *                     Must not be NULL
  * pSignatureAlgorithm: Optional.
@@ -1836,23 +1837,22 @@ static PCCERT_CONTEXT CRYPT_CreateSigned
  * pubKey: The public key of the certificate.  Must not be NULL.
  * pExtensions: Extensions to be included with the certificate.  Optional.
  */
-static void CRYPT_MakeCertInfo(PCERT_INFO info,
+static void CRYPT_MakeCertInfo(PCERT_INFO info, PCRYPT_DATA_BLOB pSerialNumber,
  PCERT_NAME_BLOB pSubjectIssuerBlob,
  PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, PSYSTEMTIME pStartTime,
  PSYSTEMTIME pEndTime, PCERT_PUBLIC_KEY_INFO pubKey,
  PCERT_EXTENSIONS pExtensions)
 {
-    /* FIXME: what serial number to use? */
-    static const BYTE serialNum[] = { 1 };
     static CHAR oid[] = szOID_RSA_SHA1RSA;
 
     assert(info);
+    assert(pSerialNumber);
     assert(pSubjectIssuerBlob);
     assert(pubKey);
 
     info->dwVersion = CERT_V3;
-    info->SerialNumber.cbData = sizeof(serialNum);
-    info->SerialNumber.pbData = (LPBYTE)serialNum;
+    info->SerialNumber.cbData = pSerialNumber->cbData;
+    info->SerialNumber.pbData = pSerialNumber->pbData;
     if (pSignatureAlgorithm)
         memcpy(&info->SignatureAlgorithm, pSignatureAlgorithm,
          sizeof(info->SignatureAlgorithm));
@@ -1910,9 +1910,9 @@ static HCRYPTPROV CRYPT_CreateKeyProv(vo
         UuidCreateFunc uuidCreate = (UuidCreateFunc)GetProcAddress(rpcrt,
          "UuidCreate");
         UuidToStringFunc uuidToString = (UuidToStringFunc)GetProcAddress(rpcrt,
-         "UuidToString");
+         "UuidToStringA");
         RpcStringFreeFunc rpcStringFree = (RpcStringFreeFunc)GetProcAddress(
-         rpcrt, "RpcStringFree");
+         rpcrt, "RpcStringFreeA");
 
         if (uuidCreate && uuidToString && rpcStringFree)
         {
@@ -1978,10 +1978,12 @@ PCCERT_CONTEXT WINAPI CertCreateSelfSign
         {
             CERT_INFO info = { 0 };
             CRYPT_DER_BLOB blob = { 0, NULL };
-            BOOL ret;
+            BYTE serial[16];
+            CRYPT_DATA_BLOB serialBlob = { sizeof(serial), serial };
 
-            CRYPT_MakeCertInfo(&info, pSubjectIssuerBlob, pSignatureAlgorithm,
-             pStartTime, pEndTime, pubKey, pExtensions);
+            CryptGenRandom(hProv, sizeof(serial), serial);
+            CRYPT_MakeCertInfo(&info, &serialBlob, pSubjectIssuerBlob,
+             pSignatureAlgorithm, pStartTime, pEndTime, pubKey, pExtensions);
             ret = CryptEncodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED,
              &info, CRYPT_ENCODE_ALLOC_FLAG, NULL, (BYTE *)&blob.pbData,
              &blob.cbData);




More information about the wine-cvs mailing list