diff options
| author | Hugo Beauzée-Luyssen <hugo@beauzee.fr> | 2018-12-13 17:31:29 +0100 |
|---|---|---|
| committer | Hugo Beauzée-Luyssen <hugo@beauzee.fr> | 2018-12-19 09:46:43 +0100 |
| commit | fd91542eb82c61feeb3b9483afa6ab303b6ef1b7 (patch) | |
| tree | 80ef0d33b01de54ada60ace386ec692635b323b0 | |
| parent | 62f162f64c23a5e6b872ff8ee540d375b7e27168 (diff) | |
| download | gnutls-fd91542eb82c61feeb3b9483afa6ab303b6ef1b7.tar.gz | |
win32: Use CertOpenStore instead of CertOpenSystemStore
CertOpenSystemStore is not available when building for windows store.
Both functions are available since windows XP, so there is no
compatibility change.
CertOpenSystemStore documentation states "Only current user certificates
are accessible using this method, not the local machine store." hence we
pass CERT_SYSTEM_STORE_CURRENT_USER.
We also use the wide chars variants, in the event the ansi ones are
silently rejected by windows store applications (which is not
documented, but which I strongly suspect)
This is equivalent to Wine's implementation of CertOpenSystemStore:
https://github.com/wine-mirror/wine/blob/master/dlls/crypt32/store.c#L904
| -rw-r--r-- | lib/system/certs.c | 4 | ||||
| -rw-r--r-- | lib/system/keys-win.c | 8 | ||||
| -rw-r--r-- | tests/windows/crypt32.c | 9 |
3 files changed, 15 insertions, 6 deletions
diff --git a/lib/system/certs.c b/lib/system/certs.c index 53eb561d00..f9090f1e74 100644 --- a/lib/system/certs.c +++ b/lib/system/certs.c @@ -161,9 +161,9 @@ int add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags, gnutls_datum_t data; if (i == 0) - store = CertOpenSystemStore(0, "ROOT"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER , L"ROOT"); else - store = CertOpenSystemStore(0, "CA"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"CA"); if (store == NULL) return GNUTLS_E_FILE_ERROR; diff --git a/lib/system/keys-win.c b/lib/system/keys-win.c index eac511b975..abd3608474 100644 --- a/lib/system/keys-win.c +++ b/lib/system/keys-win.c @@ -647,7 +647,7 @@ int _gnutls_privkey_import_system_url(gnutls_privkey_t pkey, const char *url) blob.cbData = id_size; blob.pbData = id; - store = CertOpenSystemStore(0, "MY"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if (store == NULL) { gnutls_assert(); ret = GNUTLS_E_FILE_ERROR; @@ -884,7 +884,7 @@ int _gnutls_x509_crt_import_system_url(gnutls_x509_crt_t crt, const char *url) blob.cbData = id_size; blob.pbData = id; - store = CertOpenSystemStore(0, "MY"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if (store == NULL) { gnutls_assert(); ret = GNUTLS_E_FILE_ERROR; @@ -1132,7 +1132,7 @@ gnutls_system_key_iter_get_info(gnutls_system_key_iter_t * iter, if (*iter == NULL) return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); - (*iter)->store = CertOpenSystemStore(0, "MY"); + (*iter)->store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if ((*iter)->store == NULL) { gnutls_free(*iter); *iter = NULL; @@ -1205,7 +1205,7 @@ int gnutls_system_key_delete(const char *cert_url, const char *key_url) blob.cbData = id_size; blob.pbData = id; - store = CertOpenSystemStore(0, "MY"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if (store != NULL) { do { cert = CertFindCertificateInStore(store, diff --git a/tests/windows/crypt32.c b/tests/windows/crypt32.c index 11325f7beb..6987f1faf9 100644 --- a/tests/windows/crypt32.c +++ b/tests/windows/crypt32.c @@ -57,6 +57,15 @@ HCERTSTORE WINAPI CertOpenSystemStore( } __declspec(dllexport) +HCERTSTORE WINAPI CertOpenStore( + LPCSTR lpszStoreProvider, DWORD dwEncodingType, + HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, + const void *pvPara) +{ + return VALID_PTR; +} + +__declspec(dllexport) BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags) { assert_int_nequal(hCertStore, VALID_PTR); |