[PATCH] crypt32: CryptAcquireCertificatePrivateKey should look up certificate in the user's store if the provided certificate is not linked to a provider.
Dmitry Timoshkov
dmitry at baikal.ru
Wed Feb 6 01:25:49 CST 2019
Under Windows passing to CryptAcquireCertificatePrivateKey() a certificate
retrieved from the key container using CryptGetKeyParam(KP_CERTIFICATE) +
CertCreateCertificateContext() works although such a certificate doesn't
have assigned properties at all. In order this to work Windows probably
looks up an original certificate in the user's private store.
Signed-off-by: Dmitry Timoshkov <dmitry at baikal.ru>
---
dlls/crypt32/cert.c | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c
index e1c7c54340..02693b96d0 100644
--- a/dlls/crypt32/cert.c
+++ b/dlls/crypt32/cert.c
@@ -886,6 +886,7 @@ BOOL WINAPI CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT pCert,
PCRYPT_KEY_PROV_INFO info = NULL;
CERT_KEY_CONTEXT keyContext;
DWORD size;
+ PCCERT_CONTEXT cert_in_store = NULL;
TRACE("(%p, %08x, %p, %p, %p, %p)\n", pCert, dwFlags, pvReserved,
phCryptProv, pdwKeySpec, pfCallerFreeProv);
@@ -896,6 +897,34 @@ BOOL WINAPI CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT pCert,
ret = CertGetCertificateContextProperty(pCert,
CERT_KEY_PROV_INFO_PROP_ID, 0, &size);
+
+ if (!ret)
+ {
+ static const WCHAR myW[] = { 'M','y',0 };
+ HCERTSTORE hstore;
+
+ hstore = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0,
+ CERT_SYSTEM_STORE_CURRENT_USER, myW);
+ if (hstore)
+ {
+ cert_in_store = CertFindCertificateInStore(hstore, pCert->dwCertEncodingType, 0,
+ CERT_FIND_EXISTING, pCert, NULL);
+ if (cert_in_store)
+ {
+ ret = CertGetCertificateContextProperty(cert_in_store, CERT_KEY_PROV_INFO_PROP_ID, 0, &size);
+ if (ret)
+ pCert = cert_in_store;
+ else
+ {
+ CertFreeCertificateContext(cert_in_store);
+ cert_in_store = NULL;
+ }
+ }
+
+ CertCloseStore(hstore, 0);
+ }
+ }
+
if (ret)
{
info = HeapAlloc(GetProcessHeap(), 0, size);
@@ -949,6 +978,8 @@ BOOL WINAPI CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT pCert,
}
}
HeapFree(GetProcessHeap(), 0, info);
+ if (cert_in_store)
+ CertFreeCertificateContext(cert_in_store);
return ret;
}
--
2.20.1
More information about the wine-devel
mailing list