From: Benoît Legat <benoit.legat@gmail.com> --- dlls/crypt32/pfx.c | 31 ++----------------------------- dlls/crypt32/unixlib.c | 19 +++++++++++-------- 2 files changed, 13 insertions(+), 37 deletions(-) diff --git a/dlls/crypt32/pfx.c b/dlls/crypt32/pfx.c index 0b92761a802..3d0caaf8cdd 100644 --- a/dlls/crypt32/pfx.c +++ b/dlls/crypt32/pfx.c @@ -440,35 +440,8 @@ BOOL WINAPI PFXExportCertStoreEx( HCERTSTORE store, CRYPT_DATA_BLOB *pfx, const } } - if (!cert && !key_blob) - { - /* Empty store: return a minimal valid PKCS#12 (version 3, empty content). */ - static const BYTE empty_pfx[] = { - 0x30, 0x15, /* SEQUENCE */ - 0x02, 0x01, 0x03, /* INTEGER 3 (version) */ - 0x30, 0x10, /* SEQUENCE (authSafe) */ - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, /* OID 1.2.840.113549.1.7.1 */ - 0xf7, 0x0d, 0x01, 0x07, 0x01, - 0xa0, 0x03, 0x04, 0x01, 0x00, /* [0] OCTET STRING (empty) */ - }; - if (!pfx->pbData) - { - pfx->cbData = sizeof(empty_pfx); - return TRUE; - } - if (pfx->cbData < sizeof(empty_pfx)) - { - SetLastError( ERROR_MORE_DATA ); - pfx->cbData = sizeof(empty_pfx); - return FALSE; - } - memcpy( pfx->pbData, empty_pfx, sizeof(empty_pfx) ); - pfx->cbData = sizeof(empty_pfx); - return TRUE; - } - - params.cert_data = cert->pbCertEncoded; - params.cert_size = cert->cbCertEncoded; + params.cert_data = cert ? cert->pbCertEncoded : NULL; + params.cert_size = cert ? cert->cbCertEncoded : 0; params.key_blob = key_blob; params.key_blob_size = key_blob ? key_blob_size : 0; params.password = password; diff --git a/dlls/crypt32/unixlib.c b/dlls/crypt32/unixlib.c index fe7b48750c5..569de5fcaaf 100644 --- a/dlls/crypt32/unixlib.c +++ b/dlls/crypt32/unixlib.c @@ -551,17 +551,20 @@ static NTSTATUS export_cert_store( void *args ) if (params->password && !(pwd = password_to_ascii( params->password ))) return STATUS_NO_MEMORY; - /* Import the certificate. */ - if ((ret = pgnutls_x509_crt_init( &crt )) < 0) goto error; + /* Create cert bag (always initialized, even for empty stores). */ + if ((ret = pgnutls_pkcs12_bag_init( &cert_bag )) < 0) goto error; + + /* Import the certificate if provided. */ + if (params->cert_data && params->cert_size) { - gnutls_datum_t cert_datum = { (unsigned char *)params->cert_data, params->cert_size }; - if ((ret = pgnutls_x509_crt_import( crt, &cert_datum, GNUTLS_X509_FMT_DER )) < 0) goto error; + if ((ret = pgnutls_x509_crt_init( &crt )) < 0) goto error; + { + gnutls_datum_t cert_datum = { (unsigned char *)params->cert_data, params->cert_size }; + if ((ret = pgnutls_x509_crt_import( crt, &cert_datum, GNUTLS_X509_FMT_DER )) < 0) goto error; + } + if ((ret = pgnutls_pkcs12_bag_set_crt( cert_bag, crt )) < 0) goto error; } - /* Create cert bag. */ - if ((ret = pgnutls_pkcs12_bag_init( &cert_bag )) < 0) goto error; - if ((ret = pgnutls_pkcs12_bag_set_crt( cert_bag, crt )) < 0) goto error; - /* Import private key from BCRYPT_RSAKEY_BLOB if provided. */ if (params->key_blob && params->key_blob_size) { -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/10532