diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-12-20 19:40:48 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-12-20 19:40:48 +0000 |
commit | 5d03564cccd2c10c41252ea468d4a098bd08e9c1 (patch) | |
tree | 26b5f12d844d1df0ecc4a2a606885391bdd30dbf | |
parent | 435437ad94723612deb1e238379d457b2456d83f (diff) | |
parent | ac34af7160c866b7e2354d2d197e63af48e479d8 (diff) | |
download | gnutls-5d03564cccd2c10c41252ea468d4a098bd08e9c1.tar.gz |
Merge branch 'use_CertOpenStore' into 'master'
win32: Use CertOpenStore instead of CertOpenSystemStore
See merge request gnutls/gnutls!839
-rw-r--r-- | lib/system/certs.c | 4 | ||||
-rw-r--r-- | lib/system/keys-win.c | 8 | ||||
-rw-r--r-- | tests/Makefile.am | 4 | ||||
-rw-r--r-- | tests/win-certopenstore.c | 70 | ||||
-rw-r--r-- | tests/windows/crypt32.c | 9 |
5 files changed, 89 insertions, 6 deletions
diff --git a/lib/system/certs.c b/lib/system/certs.c index 53eb561d00..f9090f1e74 100644 --- a/lib/system/certs.c +++ b/lib/system/certs.c @@ -161,9 +161,9 @@ int add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags, gnutls_datum_t data; if (i == 0) - store = CertOpenSystemStore(0, "ROOT"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER , L"ROOT"); else - store = CertOpenSystemStore(0, "CA"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"CA"); if (store == NULL) return GNUTLS_E_FILE_ERROR; diff --git a/lib/system/keys-win.c b/lib/system/keys-win.c index ab4f6aaa0d..c189a5d8fd 100644 --- a/lib/system/keys-win.c +++ b/lib/system/keys-win.c @@ -651,7 +651,7 @@ int _gnutls_privkey_import_system_url(gnutls_privkey_t pkey, const char *url) blob.cbData = id_size; blob.pbData = id; - store = CertOpenSystemStore(0, "MY"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if (store == NULL) { gnutls_assert(); ret = GNUTLS_E_FILE_ERROR; @@ -889,7 +889,7 @@ int _gnutls_x509_crt_import_system_url(gnutls_x509_crt_t crt, const char *url) blob.cbData = id_size; blob.pbData = id; - store = CertOpenSystemStore(0, "MY"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if (store == NULL) { gnutls_assert(); ret = GNUTLS_E_FILE_ERROR; @@ -1137,7 +1137,7 @@ gnutls_system_key_iter_get_info(gnutls_system_key_iter_t * iter, if (*iter == NULL) return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); - (*iter)->store = CertOpenSystemStore(0, "MY"); + (*iter)->store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if ((*iter)->store == NULL) { gnutls_free(*iter); *iter = NULL; @@ -1210,7 +1210,7 @@ int gnutls_system_key_delete(const char *cert_url, const char *key_url) blob.cbData = id_size; blob.pbData = id; - store = CertOpenSystemStore(0, "MY"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if (store != NULL) { do { cert = CertFindCertificateInStore(store, diff --git a/tests/Makefile.am b/tests/Makefile.am index 7bc98df743..043aefc01d 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -486,6 +486,10 @@ else TESTS_ENVIRONMENT += WINDOWS=1 +win32_certopenstore_SOURCES = win-certopenstore.c +win32_certopenstore_LDADD = $(LDADD) -lcrypt32 +ctests += win32-certopenstore + endif cpptests = diff --git a/tests/win-certopenstore.c b/tests/win-certopenstore.c new file mode 100644 index 0000000000..162defa4e3 --- /dev/null +++ b/tests/win-certopenstore.c @@ -0,0 +1,70 @@ +/* + * Copyright (C) 2018 Hugo Beauzée-Luyssen + * + * Author: Hugo Beauzée-Luyssen + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* + * This test verifies the assumptions about CertOpenStore and + * CertOpenSystemStore to be equivalent when passed some specific flags + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#ifndef _WIN32 +#error "This test shouldn't have been included" +#endif + +#include <windows.h> +#include <wincrypt.h> +#include <assert.h> + +void doit(void) +{ + HCERTSTORE hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER , L"ROOT"); + assert(hStore != NULL); + HCERTSTORE hSystemStore = CertOpenSystemStore(0, "ROOT"); + assert(hSystemStore != NULL); + + PCCERT_CONTEXT prevCtx = NULL; + PCCERT_CONTEXT ctx = NULL; + PCCERT_CONTEXT sysPrevCtx = NULL; + PCCERT_CONTEXT sysCtx = NULL; + + while (1) + { + ctx = CertEnumCertificatesInStore(hStore, prevCtx); + sysCtx = CertEnumCertificatesInStore(hSystemStore, sysPrevCtx); + if (ctx == NULL || sysCtx == NULL) + break; + if (CertCompareIntegerBlob(&ctx->pCertInfo->SerialNumber, + &sysCtx->pCertInfo->SerialNumber) != TRUE) + assert(0); + + prevCtx = ctx; + sysPrevCtx = sysCtx; + } + assert(ctx == NULL && sysCtx == NULL); + + CertCloseStore(hStore, 0); + CertCloseStore(hSystemStore, 0); +} + diff --git a/tests/windows/crypt32.c b/tests/windows/crypt32.c index 11325f7beb..6987f1faf9 100644 --- a/tests/windows/crypt32.c +++ b/tests/windows/crypt32.c @@ -57,6 +57,15 @@ HCERTSTORE WINAPI CertOpenSystemStore( } __declspec(dllexport) +HCERTSTORE WINAPI CertOpenStore( + LPCSTR lpszStoreProvider, DWORD dwEncodingType, + HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, + const void *pvPara) +{ + return VALID_PTR; +} + +__declspec(dllexport) BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags) { assert_int_nequal(hCertStore, VALID_PTR); |