crypt32(5/7): Test and correct finding a subject certificate

Tue Aug 7 17:02:40 CDT 2007

--Juan
-------------- next part --------------
From 771d1cc17a6f2050758ac63c627a839204f5f9ae Mon Sep 17 00:00:00 2001
From: Juan Lang <juanlang at juan.corp.google.com>
Date: Tue, 7 Aug 2007 13:15:00 -0700
Subject: [PATCH] Test and correct finding a subject certificate
---
 dlls/crypt32/cert.c       |    8 +++++++-
 dlls/crypt32/tests/cert.c |   22 ++++++++++++++++++++++
 2 files changed, 29 insertions(+), 1 deletions(-)

diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c
index 5e5bed8..ea1d261 100644
--- a/dlls/crypt32/cert.c
+++ b/dlls/crypt32/cert.c
@@ -906,9 +906,15 @@ static BOOL compare_cert_by_subject_cert
  DWORD dwType, DWORD dwFlags, const void *pvPara)
 {
     CERT_INFO *pCertInfo = (CERT_INFO *)pvPara;
+    BOOL ret;
 
-    return CertCompareCertificateName(pCertContext->dwCertEncodingType,
+    ret = CertCompareCertificateName(pCertContext->dwCertEncodingType,
      &pCertInfo->Issuer, &pCertContext->pCertInfo->Subject);
+    if (ret && pCertInfo->SerialNumber.cbData)
+        ret = CertCompareIntegerBlob(&pCertContext->pCertInfo->SerialNumber,
+         &pCertInfo->SerialNumber);
+    TRACE("returning %d\n", ret);
+    return ret;
 }
 
 static BOOL compare_cert_by_cert_id(PCCERT_CONTEXT pCertContext, DWORD dwType,
diff --git a/dlls/crypt32/tests/cert.c b/dlls/crypt32/tests/cert.c
index ab668ae..af58b5f 100644
--- a/dlls/crypt32/tests/cert.c
+++ b/dlls/crypt32/tests/cert.c
@@ -604,6 +604,7 @@ static void testFindCert(void)
     BOOL ret;
     CERT_INFO certInfo = { 0 };
     CRYPT_HASH_BLOB blob;
+    BYTE otherSerialNumber[] = { 2 };
 
     store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
      CERT_STORE_CREATE_NEW_FLAG, NULL);
@@ -685,6 +686,27 @@ static void testFindCert(void)
          CERT_FIND_SUBJECT_CERT, &certInfo.Subject, context);
         ok(context == NULL, "Expected one cert only\n");
     }
+    /* The above search matched even though no serial number is set.  A
+     * non-matching serial number will not match.
+     */
+    certInfo.SerialNumber.pbData = otherSerialNumber;
+    certInfo.SerialNumber.cbData = sizeof(otherSerialNumber);
+    context = CertFindCertificateInStore(store, X509_ASN_ENCODING, 0,
+     CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
+    ok(context == NULL, "Expected no match\n");
+    /* A matching serial number will match. */
+    certInfo.SerialNumber.pbData = serialNum;
+    certInfo.SerialNumber.cbData = sizeof(serialNum);
+    context = CertFindCertificateInStore(store, X509_ASN_ENCODING, 0,
+     CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
+    ok(context != NULL, "CertFindCertificateInStore failed: %08x\n",
+     GetLastError());
+    if (context)
+    {
+        context = CertFindCertificateInStore(store, X509_ASN_ENCODING, 0,
+         CERT_FIND_SUBJECT_CERT, &certInfo.Subject, context);
+        ok(context == NULL, "Expected one cert only\n");
+    }
 
     /* The nice thing about hashes, they're unique */
     blob.pbData = bigCertHash;
-- 
1.4.1
