Hi Hans,
I know this patch already got committed.
+BOOL WINAPI CryptUIWizImport(DWORD dwFlags, HWND hwndParent, LPCWSTR pwszWizardTitle, + PCCRYPTUI_WIZ_IMPORT_SRC_INFO pImportSrc, HCERTSTORE hDestCertStore) +{ + static const WCHAR Root[] = {'R','o','o','t',0}; (snip) + if (!(cert = CertCreateCertificateContext(encoding, buffer, size))) + { + WARN("unable to create certificate context\n"); + HeapFree(GetProcessHeap(), 0, buffer); + return FALSE; + } + /* FIXME: verify certificate and determine store name dynamically */ + if (!(store = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, Root))) + { + WARN("unable to open certificate store\n"); + CertFreeCertificateContext(cert); + HeapFree(GetProcessHeap(), 0, buffer); + return FALSE; + } + ret = CertAddCertificateContextToStore(store, cert, CERT_STORE_ADD_REPLACE_EXISTING, NULL);
This doesn't look correct. Why are you always using the root store, and ignoring hDestCertStore? Even if you expect hDestCertStore to be NULL (in which case a default store may make sense), using the Root store seems like it won't do what the user wants. The certificate won't be persisted if it's added to the Root store, because the Root store is only read from the local system. When the process (Outlook) exits, the certificate will no longer exist.
It should be possible to add a test that shows which store the certificate should be added to, if nothing else to satisfy my doubt. --Juan