Module: wine Branch: master Commit: 23a042dd0611fd0cb8c2887f4b4b0d9a836a9237 URL: https://gitlab.winehq.org/wine/wine/-/commit/23a042dd0611fd0cb8c2887f4b4b0d9...
Author: Dmitry Timoshkov dmitry@baikal.ru Date: Mon Dec 18 14:21:39 2023 +0300
crypt32: Make CertFindCertificateInStore(CERT_FIND_ISSUER_NAME) work.
1. dwType (CERT_INFO_xxxx_FLAG) is not a mask. CERT_INFO_xxxx_FLAGs have values from 0 to 11, so for instance CERT_INFO_SUBJECT_FLAG is equal to 7 and CERT_INFO_ISSUER_FLAG is equal to 4. 2. CERT_COMPARE_xxxx have values from 0 to 10, so CERT_COMPARE_NAME is equal to 2 and CERT_COMPARE_SUBJECT_CERT is equal to 11, therefore combining CERT_COMPARE_NAME | CERT_COMPARE_SUBJECT_CERT doesn't make sense. 3. Because of 1 and 2 CertFindCertificateInStore(CERT_FIND_ISSUER_NAME) currently looks up a certificate by Subject instead of Issuer.
Fixing just one of the problems above leads to test failures. Existing tests work because they use a self-signed certificate where Issuer and Subject are the same.
Signed-off-by: Dmitry Timoshkov dmitry@baikal.ru
---
dlls/crypt32/cert.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c index 373805e858f..7b1edaa2236 100644 --- a/dlls/crypt32/cert.c +++ b/dlls/crypt32/cert.c @@ -1482,10 +1482,15 @@ static BOOL compare_cert_by_name(PCCERT_CONTEXT pCertContext, DWORD dwType, CERT_NAME_BLOB *blob = (CERT_NAME_BLOB *)pvPara, *toCompare; BOOL ret;
- if (dwType & CERT_INFO_SUBJECT_FLAG) + if ((dwType & CERT_COMPARE_MASK) == CERT_INFO_SUBJECT_FLAG) toCompare = &pCertContext->pCertInfo->Subject; - else + else if ((dwType & CERT_COMPARE_MASK) == CERT_INFO_ISSUER_FLAG) toCompare = &pCertContext->pCertInfo->Issuer; + else + { + ERR("dwType %08lx doesn't specify SUBJECT or ISSUER\n", dwType); + return FALSE; + } ret = CertCompareCertificateName(pCertContext->dwCertEncodingType, toCompare, blob); return ret; @@ -1735,7 +1740,7 @@ static PCCERT_CONTEXT find_cert_by_issuer(HCERTSTORE store, DWORD dwType, } else found = cert_compare_certs_in_store(store, prev, - compare_cert_by_name, CERT_COMPARE_NAME | CERT_COMPARE_SUBJECT_CERT, + compare_cert_by_name, CERT_FIND_SUBJECT_NAME, dwFlags, &subject->pCertInfo->Issuer); return found; } @@ -1747,7 +1752,7 @@ static BOOL compare_cert_by_name_str(PCCERT_CONTEXT pCertContext, DWORD len; BOOL ret = FALSE;
- if (dwType & CERT_INFO_SUBJECT_FLAG) + if ((dwType & CERT_COMPARE_MASK) == CERT_INFO_SUBJECT_FLAG) name = &pCertContext->pCertInfo->Subject; else name = &pCertContext->pCertInfo->Issuer;