Correct a test that incorrectly showed signed certs couldn't be added

to a mem store. Support signed certs in mem stores. Correct use of a freed pointer.
2024-11-29 06:30:37 +00:00 · 2005-09-03 15:02:57 +00:00 · 2005-09-03 15:02:57 +00:00 · 3bf9c165fa
commit 3bf9c165fa
parent d57b7ac4e2
2 changed files with 29 additions and 10 deletions
--- a/dlls/crypt32/cert.c
+++ b/dlls/crypt32/cert.c
@ -981,10 +981,16 @@ static PWINE_CERT_CONTEXT CRYPT_CreateCertificateContext(
    TRACE("(%08lx, %p, %ld)\n", dwCertEncodingType, pbCertEncoded,
     cbCertEncoded);

-    ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED,
-     pbCertEncoded, cbCertEncoded,
-     CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
+    /* First try to decode it as a signed cert. */
+    ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT, pbCertEncoded,
+     cbCertEncoded, CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
     (BYTE *)&certInfo, &size);
+    /* Failing that, try it as an unsigned cert */
+    if (!ret)
+        ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED,
+         pbCertEncoded, cbCertEncoded,
+         CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
+         (BYTE *)&certInfo, &size);
    if (ret)
    {
        BYTE *data = NULL;
@ -1020,7 +1026,6 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context)

    HeapFree(GetProcessHeap(), 0, context->cert.pbCertEncoded);
    LocalFree(context->cert.pCertInfo);
-    HeapFree(GetProcessHeap(), 0, context);
    DeleteCriticalSection(&context->cs);
    LIST_FOR_EACH_ENTRY_SAFE(prop, next, &context->extendedProperties,
     WINE_CERT_PROPERTY, entry)
@ -1029,6 +1034,7 @@ static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context)
        HeapFree(GetProcessHeap(), 0, prop->pbData);
        HeapFree(GetProcessHeap(), 0, prop);
    }
+    HeapFree(GetProcessHeap(), 0, context);
 }

 PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType,
--- a/dlls/crypt32/tests/cert.c
+++ b/dlls/crypt32/tests/cert.c
@ -148,13 +148,26 @@ static void testMemStore(void)
     CRYPT_E_ASN1_CORRUPT),
     "Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT, got %08lx\n",
     GetLastError());
-    /* add a signed cert (this also fails) */
-    ok(!ret && (GetLastError() == CRYPT_E_ASN1_EOD || GetLastError() ==
-     CRYPT_E_ASN1_CORRUPT),
-     "Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT, got %08lx\n",
-     GetLastError());
+    /* add a "signed" cert--the signature isn't a real signature, so this adds
+     * without any check of the signature's validity
+     */
    ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING,
-     signedBigCert, sizeof(signedBigCert) - 1, CERT_STORE_ADD_ALWAYS, &context);
+     signedBigCert, sizeof(signedBigCert), CERT_STORE_ADD_ALWAYS, &context);
+    ok(ret, "CertAddEncodedCertificateToStore failed: %08lx\n", GetLastError());
+    ok(context != NULL, "Expected a valid cert context\n");
+    if (context)
+    {
+        ok(context->cbCertEncoded == sizeof(signedBigCert),
+         "Expected cert of %d bytes, got %ld\n", sizeof(signedBigCert),
+         context->cbCertEncoded);
+        ok(!memcmp(context->pbCertEncoded, signedBigCert,
+         sizeof(signedBigCert)), "Unexpected encoded cert in context\n");
+        /* remove it, the rest of the tests will work on an unsigned cert */
+        ret = CertDeleteCertificateFromStore(context);
+        ok(ret, "CertDeleteCertificateFromStore failed: %08lx\n",
+         GetLastError());
+        CertFreeCertificateContext(context);
+    }
    /* add a cert to store1 */
    ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, bigCert,
     sizeof(bigCert) - 1, CERT_STORE_ADD_ALWAYS, &context);