From fd91542eb82c61feeb3b9483afa6ab303b6ef1b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20Beauz=C3=A9e-Luyssen?= Date: Thu, 13 Dec 2018 17:31:29 +0100 Subject: win32: Use CertOpenStore instead of CertOpenSystemStore CertOpenSystemStore is not available when building for windows store. Both functions are available since windows XP, so there is no compatibility change. CertOpenSystemStore documentation states "Only current user certificates are accessible using this method, not the local machine store." hence we pass CERT_SYSTEM_STORE_CURRENT_USER. We also use the wide chars variants, in the event the ansi ones are silently rejected by windows store applications (which is not documented, but which I strongly suspect) This is equivalent to Wine's implementation of CertOpenSystemStore: https://github.com/wine-mirror/wine/blob/master/dlls/crypt32/store.c#L904 --- lib/system/certs.c | 4 ++-- lib/system/keys-win.c | 8 ++++---- tests/windows/crypt32.c | 9 +++++++++ 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/lib/system/certs.c b/lib/system/certs.c index 53eb561d00..f9090f1e74 100644 --- a/lib/system/certs.c +++ b/lib/system/certs.c @@ -161,9 +161,9 @@ int add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags, gnutls_datum_t data; if (i == 0) - store = CertOpenSystemStore(0, "ROOT"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER , L"ROOT"); else - store = CertOpenSystemStore(0, "CA"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"CA"); if (store == NULL) return GNUTLS_E_FILE_ERROR; diff --git a/lib/system/keys-win.c b/lib/system/keys-win.c index eac511b975..abd3608474 100644 --- a/lib/system/keys-win.c +++ b/lib/system/keys-win.c @@ -647,7 +647,7 @@ int _gnutls_privkey_import_system_url(gnutls_privkey_t pkey, const char *url) blob.cbData = id_size; blob.pbData = id; - store = CertOpenSystemStore(0, "MY"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if (store == NULL) { gnutls_assert(); ret = GNUTLS_E_FILE_ERROR; @@ -884,7 +884,7 @@ int _gnutls_x509_crt_import_system_url(gnutls_x509_crt_t crt, const char *url) blob.cbData = id_size; blob.pbData = id; - store = CertOpenSystemStore(0, "MY"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if (store == NULL) { gnutls_assert(); ret = GNUTLS_E_FILE_ERROR; @@ -1132,7 +1132,7 @@ gnutls_system_key_iter_get_info(gnutls_system_key_iter_t * iter, if (*iter == NULL) return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); - (*iter)->store = CertOpenSystemStore(0, "MY"); + (*iter)->store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if ((*iter)->store == NULL) { gnutls_free(*iter); *iter = NULL; @@ -1205,7 +1205,7 @@ int gnutls_system_key_delete(const char *cert_url, const char *key_url) blob.cbData = id_size; blob.pbData = id; - store = CertOpenSystemStore(0, "MY"); + store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY"); if (store != NULL) { do { cert = CertFindCertificateInStore(store, diff --git a/tests/windows/crypt32.c b/tests/windows/crypt32.c index 11325f7beb..6987f1faf9 100644 --- a/tests/windows/crypt32.c +++ b/tests/windows/crypt32.c @@ -56,6 +56,15 @@ HCERTSTORE WINAPI CertOpenSystemStore( return VALID_PTR; } +__declspec(dllexport) +HCERTSTORE WINAPI CertOpenStore( + LPCSTR lpszStoreProvider, DWORD dwEncodingType, + HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, + const void *pvPara) +{ + return VALID_PTR; +} + __declspec(dllexport) BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags) { -- cgit v1.2.1