Juan Lang : crypt32: Test and correct finding a subject certificate. - wine-commits

8 Aug 2007

Module: wine
Branch: master
Commit: bcbf5dcee337d83540c188a6572974ead74219cd
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=bcbf5dcee337d83540c188a657...
Author: Juan Lang juan.lang@gmail.com
Date:   Tue Aug  7 13:15:00 2007 -0700
crypt32: Test and correct finding a subject certificate.
---
dlls/crypt32/cert.c       |    8 +++++++-
 dlls/crypt32/tests/cert.c |   22 ++++++++++++++++++++++
 2 files changed, 29 insertions(+), 1 deletions(-)

diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c
index 5e5bed8..ea1d261 100644
--- a/dlls/crypt32/cert.c
+++ b/dlls/crypt32/cert.c
@@ -906,9 +906,15 @@ static BOOL compare_cert_by_subject_cert(PCCERT_CONTEXT pCertContext,
  DWORD dwType, DWORD dwFlags, const void *pvPara)
 {
     CERT_INFO *pCertInfo = (CERT_INFO *)pvPara;
+    BOOL ret;
-    return CertCompareCertificateName(pCertContext->dwCertEncodingType,
+    ret = CertCompareCertificateName(pCertContext->dwCertEncodingType,
      &pCertInfo->Issuer, &pCertContext->pCertInfo->Subject);
+    if (ret && pCertInfo->SerialNumber.cbData)
+        ret = CertCompareIntegerBlob(&pCertContext->pCertInfo->SerialNumber,
+         &pCertInfo->SerialNumber);
+    TRACE("returning %d\n", ret);
+    return ret;
 }
static BOOL compare_cert_by_cert_id(PCCERT_CONTEXT pCertContext, DWORD dwType,
diff --git a/dlls/crypt32/tests/cert.c b/dlls/crypt32/tests/cert.c
index ab668ae..af58b5f 100644
--- a/dlls/crypt32/tests/cert.c
+++ b/dlls/crypt32/tests/cert.c
@@ -604,6 +604,7 @@ static void testFindCert(void)
     BOOL ret;
     CERT_INFO certInfo = { 0 };
     CRYPT_HASH_BLOB blob;
+    BYTE otherSerialNumber[] = { 2 };
store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
      CERT_STORE_CREATE_NEW_FLAG, NULL);
@@ -685,6 +686,27 @@ static void testFindCert(void)
          CERT_FIND_SUBJECT_CERT, &certInfo.Subject, context);
         ok(context == NULL, "Expected one cert only\n");
     }
+    /* The above search matched even though no serial number is set.  A
+     * non-matching serial number will not match.
+     */
+    certInfo.SerialNumber.pbData = otherSerialNumber;
+    certInfo.SerialNumber.cbData = sizeof(otherSerialNumber);
+    context = CertFindCertificateInStore(store, X509_ASN_ENCODING, 0,
+     CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
+    ok(context == NULL, "Expected no match\n");
+    /* A matching serial number will match. */
+    certInfo.SerialNumber.pbData = serialNum;
+    certInfo.SerialNumber.cbData = sizeof(serialNum);
+    context = CertFindCertificateInStore(store, X509_ASN_ENCODING, 0,
+     CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
+    ok(context != NULL, "CertFindCertificateInStore failed: %08x\n",
+     GetLastError());
+    if (context)
+    {
+        context = CertFindCertificateInStore(store, X509_ASN_ENCODING, 0,
+         CERT_FIND_SUBJECT_CERT, &certInfo.Subject, context);
+        ok(context == NULL, "Expected one cert only\n");
+    }
/* The nice thing about hashes, they're unique */
     blob.pbData = bigCertHash;

    