[PATCH v5 0/3] MR2403: crypt32: Add some CertGetNameStringW fallback cases

When called with CERT_NAME_ATTR_TYPE and pvTypePara=NULL, Windows did the first of email, CN, OU, or O while Wine just did email. --- dlls/crypt32/str.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/dlls/crypt32/str.c b/dlls/crypt32/str.c index d74df308e4a..42046369652 100644 --- a/dlls/crypt32/str.c +++ b/dlls/crypt32/str.c @@ -965,11 +965,22 @@ static DWORD cert_get_name_from_rdn_attr(DWORD encodingType, if (CryptDecodeObjectEx(encodingType, X509_NAME, name->pbData, name->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, &nameInfo, &bytes)) { - PCERT_RDN_ATTR nameAttr; + PCERT_RDN_ATTR nameAttr = NULL;

- if (!oid) - oid = szOID_RSA_emailAddr; - nameAttr = CertFindRDNAttr(oid, nameInfo); + if (oid) + nameAttr = CertFindRDNAttr(oid, nameInfo); + else + { + static const LPCSTR attributeOIDs[] = + { + szOID_RSA_emailAddr, szOID_COMMON_NAME, + szOID_ORGANIZATIONAL_UNIT_NAME, szOID_ORGANIZATION_NAME + }; + DWORD i; + + for (i = 0; !nameAttr && i < ARRAY_SIZE(attributeOIDs); i++) + nameAttr = CertFindRDNAttr(attributeOIDs[i], nameInfo); + } if (nameAttr) ret = rdn_value_to_strW(nameAttr->dwValueType, &nameAttr->Value, pszNameString, cchNameString, TRUE);

-- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/2403

Tyson Whitehead

11:16 a.m.

New subject: [PATCH v5 3/3] crypt32: Document fields in original test certificate

From: Tyson Whitehead twhitehead@gmail.com

--- dlls/crypt32/tests/str.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+)

diff --git a/dlls/crypt32/tests/str.c b/dlls/crypt32/tests/str.c index fd4ed957e40..9e4ca37bcd6 100644 --- a/dlls/crypt32/tests/str.c +++ b/dlls/crypt32/tests/str.c @@ -66,6 +66,27 @@ static BYTE bin12[] = { 0x20, 0x61, 0x62, 0x63, 0x20 }; static BYTE bin13[] = { 0x22, 0x64, 0x65, 0x66, 0x22 }; static BYTE bin14[] = { 0x31, 0x3b, 0x33 };

+/* +Certificate: + Data: + Version: 1 (0x0) + Serial Number: + e3:5a:10:f1:fc:4b:f3:a2 + Signature Algorithm: md5WithRSAEncryption + Issuer: C = US, ST = Minnesota, L = Minneapolis, O = CodeWeavers, OU = Wine Development, CN = localhost, emailAddress = aric@codeweavers.com + Validity + Not Before: Jan 25 13:57:24 2006 GMT + Not After : Feb 24 13:57:24 2006 GMT + Subject: C = US, ST = Minnesota, L = Minneapolis, O = CodeWeavers, OU = Wine Development, CN = localhost, emailAddress = aric@codeweavers.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: +... + Exponent: 65537 (0x10001) + Signature Algorithm: md5WithRSAEncryption +... +*/ static const BYTE cert[] = {0x30,0x82,0x2,0xbb,0x30,0x82,0x2,0x24,0x2,0x9,0x0,0xe3,0x5a,0x10,0xf1,0xfc, 0x4b,0xf3,0xa2,0x30,0xd,0x6,0x9,0x2a,0x86,0x48,0x86,0xf7,0xd,0x1,0x1,0x4,0x5,

-- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/2403

Tyson Whitehead

11:16 a.m.

New subject: [PATCH v5 2/3] crypt32: Test for CertGetNameStringW fallback cases

From: Tyson Whitehead twhitehead@gmail.com

--- dlls/crypt32/tests/str.c | 72 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+)

diff --git a/dlls/crypt32/tests/str.c b/dlls/crypt32/tests/str.c index 29a948ed0e9..fd4ed957e40 100644 --- a/dlls/crypt32/tests/str.c +++ b/dlls/crypt32/tests/str.c @@ -113,6 +113,70 @@ static const BYTE cert[] = 0x65,0xd3,0xce,0xae,0x26,0x19,0x3,0x2e,0x4f,0x78,0xa5,0xa,0x97,0x7e,0x4f,0xc4, 0x91,0x8a,0xf8,0x5,0xef,0x5b,0x3b,0x49,0xbf,0x5f,0x2b};

+/* +Certificate: + Data: + Version: 1 (0x0) + Serial Number: + 59:9e:db:44:80:da:6c:92:f9:38:be:d8:fe:7a:20:77:57:c7:71:5b + Signature Algorithm: md5WithRSAEncryption + Issuer: C = US, ST = Minnesota, L = Minneapolis, O = CodeWeavers, OU = Wine Development, CN = localhost + Validity + Not Before: Mar 17 22:20:44 2023 GMT + Not After : Apr 16 22:20:44 2023 GMT + Subject: C = US, ST = Minnesota, L = Minneapolis, O = CodeWeavers, OU = Wine Development, CN = localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: +... + Exponent: 65537 (0x10001) + Signature Algorithm: md5WithRSAEncryption +... +*/ +static const BYTE cert_no_email[] = { + 0x30,0x82,0x02,0x7a,0x30,0x82,0x01,0xe3,0x02,0x14,0x59,0x9e,0xdb,0x44,0x80,0xda, + 0x6c,0x92,0xf9,0x38,0xbe,0xd8,0xfe,0x7a,0x20,0x77,0x57,0xc7,0x71,0x5b,0x30,0x0d, + 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x04,0x05,0x00,0x30,0x7c,0x31, + 0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10, + 0x06,0x03,0x55,0x04,0x08,0x0c,0x09,0x4d,0x69,0x6e,0x6e,0x65,0x73,0x6f,0x74,0x61, + 0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x07,0x0c,0x0b,0x4d,0x69,0x6e,0x6e,0x65, + 0x61,0x70,0x6f,0x6c,0x69,0x73,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x0a,0x0c, + 0x0b,0x43,0x6f,0x64,0x65,0x57,0x65,0x61,0x76,0x65,0x72,0x73,0x31,0x19,0x30,0x17, + 0x06,0x03,0x55,0x04,0x0b,0x0c,0x10,0x57,0x69,0x6e,0x65,0x20,0x44,0x65,0x76,0x65, + 0x6c,0x6f,0x70,0x6d,0x65,0x6e,0x74,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03, + 0x0c,0x09,0x6c,0x6f,0x63,0x61,0x6c,0x68,0x6f,0x73,0x74,0x30,0x1e,0x17,0x0d,0x32, + 0x33,0x30,0x33,0x31,0x37,0x32,0x32,0x32,0x30,0x34,0x34,0x5a,0x17,0x0d,0x32,0x33, + 0x30,0x34,0x31,0x36,0x32,0x32,0x32,0x30,0x34,0x34,0x5a,0x30,0x7c,0x31,0x0b,0x30, + 0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,0x06,0x03, + 0x55,0x04,0x08,0x0c,0x09,0x4d,0x69,0x6e,0x6e,0x65,0x73,0x6f,0x74,0x61,0x31,0x14, + 0x30,0x12,0x06,0x03,0x55,0x04,0x07,0x0c,0x0b,0x4d,0x69,0x6e,0x6e,0x65,0x61,0x70, + 0x6f,0x6c,0x69,0x73,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x0a,0x0c,0x0b,0x43, + 0x6f,0x64,0x65,0x57,0x65,0x61,0x76,0x65,0x72,0x73,0x31,0x19,0x30,0x17,0x06,0x03, + 0x55,0x04,0x0b,0x0c,0x10,0x57,0x69,0x6e,0x65,0x20,0x44,0x65,0x76,0x65,0x6c,0x6f, + 0x70,0x6d,0x65,0x6e,0x74,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03,0x0c,0x09, + 0x6c,0x6f,0x63,0x61,0x6c,0x68,0x6f,0x73,0x74,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, + 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30, + 0x81,0x89,0x02,0x81,0x81,0x00,0xc4,0xdd,0x00,0xa7,0xdb,0xec,0x95,0x68,0xee,0xf0, + 0x3f,0xed,0xb2,0xcb,0x6f,0xf4,0x34,0x2f,0xbe,0x13,0xa9,0x24,0x95,0xf3,0xca,0x3c, + 0x2b,0xd3,0x41,0x7c,0x32,0xe7,0x95,0x4e,0xdd,0xef,0xcc,0x45,0x0d,0xf2,0x71,0x42, + 0x12,0x78,0xb1,0x17,0x88,0xf4,0x12,0xba,0x92,0x2d,0x5c,0xfc,0x2c,0x8a,0x53,0xbf, + 0xee,0x23,0x3f,0x7b,0x11,0x46,0x5e,0x1d,0xb8,0xff,0xa3,0x70,0x5c,0x5f,0x6b,0xa8, + 0x3c,0x47,0x75,0xa5,0x3a,0x80,0x61,0x15,0x10,0x56,0x57,0x1f,0x82,0x6a,0xb2,0xb8, + 0xdc,0x3a,0xe0,0x1c,0x9c,0x83,0xd9,0x11,0x26,0xa6,0xb6,0x85,0x0a,0x27,0x45,0xb7, + 0xff,0xfa,0x26,0xbd,0x11,0x29,0x23,0x59,0xaa,0x19,0x77,0x3f,0x86,0x32,0x9f,0x48, + 0x43,0x4f,0xd0,0x03,0x7a,0x09,0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a, + 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x04,0x05,0x00,0x03,0x81,0x81,0x00,0xa3,0xf0, + 0x23,0xfc,0x80,0x05,0xac,0x76,0x26,0xbb,0xfc,0x79,0x03,0x10,0xa0,0xfb,0x7a,0x3e, + 0xf9,0xa7,0xdd,0xb1,0x9e,0x7c,0x22,0x83,0xa6,0xee,0x77,0x88,0xa2,0x74,0x64,0x35, + 0x4f,0x66,0x82,0x88,0x4a,0x83,0xc9,0xda,0x7e,0xc4,0xa0,0xd1,0xfb,0xe1,0x3e,0x22, + 0x1e,0xa8,0xdc,0x1b,0xd4,0xda,0x64,0x63,0xfc,0x1b,0x61,0x4f,0x52,0x1b,0xab,0x61, + 0x05,0xcd,0xb8,0x2d,0xb0,0x73,0xa7,0x5d,0x78,0xff,0x3f,0x4d,0x12,0x3a,0x38,0x69, + 0xc4,0x9f,0x77,0x35,0xce,0xe2,0xf9,0xd6,0x23,0x47,0xc2,0x15,0xff,0xbf,0x3e,0x65, + 0xf3,0xc0,0x0a,0x58,0x76,0x10,0x8e,0xd5,0xa9,0x30,0x3e,0x25,0x4b,0x6d,0xb7,0xb2, + 0x64,0x96,0x0e,0x27,0x88,0x55,0xfc,0xaa,0x18,0x65,0x2a,0xe9,0xf4,0x23 +}; + /* Certificate: Data: @@ -961,6 +1025,14 @@ static void test_CertGetNameString(void)

CertFreeCertificateContext(context);

+ context = CertCreateCertificateContext(X509_ASN_ENCODING, cert_no_email, + sizeof(cert_no_email)); + ok(!!context, "CertCreateCertificateContext failed, err %lu\n", GetLastError()); + + test_CertGetNameString_value(context, CERT_NAME_ATTR_TYPE, 0, NULL, localhost); + + CertFreeCertificateContext(context); + ok(cert_v3[CERT_V3_SAN_OID_OFFSET] == 0x55, "Incorrect CERT_V3_SAN_OID_OFFSET.\n"); ok(cert_v3[CERT_V3_IAN_OID_OFFSET] == 0x55, "Incorrect CERT_V3_IAN_OID_OFFSET.\n"); cert_v3[CERT_V3_SAN_OID_OFFSET + 2] = 7; /* legacy OID_SUBJECT_ALT_NAME */

-- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/2403

Tyson Whitehead (＠twhitehead)

11:16 a.m.

On Wed Mar 15 08:03:56 2023 +0000, Hans Leidekker wrote:

...

Thanks for the patch. Could you add a test to crypt32/tests/str.c? At least one fallback case would be good to have.

Not a problem.

I added and pushed a test case last night. After sleeping on it, updated it this morning with a more self-documenting name for the new certificate variable.

Added a snippet of the `openssl x509 -text` output for `cert` too so all three (`cert`, `cert_no_email`, and `cert_v3`) are now commented as to their contents.

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/2403#note_27244

Tyson Whitehead (＠twhitehead)

11:34 a.m.

Thanks Hans. That was a very fast review and turn around. Much appreciated. :thumbsup:

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/2403#note_27273

688

Age (days ago)

688

Last active (days ago)

wine-gitlab@winehq.org

6 comments

3 participants

tags (0)

participants (3)

Hans Leidekker (＠hans)
Tyson Whitehead
Tyson Whitehead (＠twhitehead)