[PATCH] crypt32: CryptAcquireCertificatePrivateKey should look up certificate in the user's store if the provided certificate is not linked to a provider.

Wed Feb 6 01:25:49 CST 2019

Under Windows passing to CryptAcquireCertificatePrivateKey() a certificate
retrieved from the key container using CryptGetKeyParam(KP_CERTIFICATE) +
CertCreateCertificateContext() works although such a certificate doesn't
have assigned properties at all. In order this to work Windows probably
looks up an original certificate in the user's private store.

Signed-off-by: Dmitry Timoshkov <dmitry at baikal.ru>
---
 dlls/crypt32/cert.c | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c
index e1c7c54340..02693b96d0 100644
--- a/dlls/crypt32/cert.c
+++ b/dlls/crypt32/cert.c
@@ -886,6 +886,7 @@ BOOL WINAPI CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT pCert,
     PCRYPT_KEY_PROV_INFO info = NULL;
     CERT_KEY_CONTEXT keyContext;
     DWORD size;
+    PCCERT_CONTEXT cert_in_store = NULL;
 
     TRACE("(%p, %08x, %p, %p, %p, %p)\n", pCert, dwFlags, pvReserved,
      phCryptProv, pdwKeySpec, pfCallerFreeProv);
@@ -896,6 +897,34 @@ BOOL WINAPI CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT pCert,
 
         ret = CertGetCertificateContextProperty(pCert,
          CERT_KEY_PROV_INFO_PROP_ID, 0, &size);
+
+        if (!ret)
+        {
+            static const WCHAR myW[] = { 'M','y',0 };
+            HCERTSTORE hstore;
+
+            hstore = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0,
+                                   CERT_SYSTEM_STORE_CURRENT_USER, myW);
+            if (hstore)
+            {
+                cert_in_store = CertFindCertificateInStore(hstore, pCert->dwCertEncodingType, 0,
+                                                           CERT_FIND_EXISTING, pCert, NULL);
+                if (cert_in_store)
+                {
+                    ret = CertGetCertificateContextProperty(cert_in_store, CERT_KEY_PROV_INFO_PROP_ID, 0, &size);
+                    if (ret)
+                        pCert = cert_in_store;
+                    else
+                    {
+                        CertFreeCertificateContext(cert_in_store);
+                        cert_in_store = NULL;
+                    }
+                }
+
+                CertCloseStore(hstore, 0);
+            }
+        }
+
         if (ret)
         {
             info = HeapAlloc(GetProcessHeap(), 0, size);
@@ -949,6 +978,8 @@ BOOL WINAPI CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT pCert,
         }
     }
     HeapFree(GetProcessHeap(), 0, info);
+    if (cert_in_store)
+        CertFreeCertificateContext(cert_in_store);
     return ret;
 }
 
-- 
2.20.1


