wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

engines/e_capi.c: adhere to CryptAcquireContextW unconditionally.

Browse source 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Andy Polyakov 2017-03-26 17:39:14 +02:00
parent 8f0e5888ea
commit 3a5b64b2f0
1 changed files with 29 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

66
engines/e_capi.c
View file

@ -474,7 +474,7 @@ static int capi_init(ENGINE *e)
/* See if we support AES CSP */ /* See if we support AES CSP */
if (CryptAcquireContext(&hprov, NULL, NULL, PROV_RSA_AES, if (CryptAcquireContextW(&hprov, NULL, NULL, PROV_RSA_AES,
CRYPT_VERIFYCONTEXT)) { CRYPT_VERIFYCONTEXT)) {
use_aes_csp = 1; use_aes_csp = 1;
CryptReleaseContext(hprov, 0); CryptReleaseContext(hprov, 0);
@ -1179,26 +1179,24 @@ static int capi_list_containers(CAPI_CTX *ctx, BIO *out)
HCRYPTPROV hprov; HCRYPTPROV hprov;
DWORD err, idx, flags, buflen = 0, clen; DWORD err, idx, flags, buflen = 0, clen;
LPSTR cname; LPSTR cname;
LPTSTR cspname = NULL; LPWSTR cspname = NULL;
CAPI_trace(ctx, "Listing containers CSP=%s, type = %d\n", ctx->cspname, CAPI_trace(ctx, "Listing containers CSP=%s, type = %d\n", ctx->cspname,
ctx->csptype); ctx->csptype);
if (ctx->cspname && sizeof(TCHAR) != sizeof(char)) { if (ctx->cspname != NULL) {
if ((clen = MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, if ((clen = MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1,
NULL, 0))) { NULL, 0))) {
cspname = alloca(clen * sizeof(WCHAR)); cspname = alloca(clen * sizeof(WCHAR));
MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, (WCHAR *)cspname, MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, (WCHAR *)cspname,
clen); clen);
} }
if (!cspname) { if (cspname == NULL) {
CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE); CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE);
capi_addlasterror(); capi_addlasterror();
return 0; return 0;
} }
} else {
cspname = (TCHAR *)ctx->cspname;
} }
if (!CryptAcquireContext(&hprov, NULL, cspname, ctx->csptype, if (!CryptAcquireContextW(&hprov, NULL, cspname, ctx->csptype,
CRYPT_VERIFYCONTEXT)) { CRYPT_VERIFYCONTEXT)) {
CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS,
CAPI_R_CRYPTACQUIRECONTEXT_ERROR); CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
@ -1460,8 +1458,8 @@ static PCCERT_CONTEXT capi_find_cert(CAPI_CTX *ctx, const char *id,
} }
} }
static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const TCHAR *contname, static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const WCHAR *contname,
TCHAR *provname, DWORD ptype, DWORD keyspec) WCHAR *provname, DWORD ptype, DWORD keyspec)
{ {
DWORD dwFlags = 0; DWORD dwFlags = 0;
CAPI_KEY *key = OPENSSL_malloc(sizeof(*key)); CAPI_KEY *key = OPENSSL_malloc(sizeof(*key));
@ -1478,8 +1476,8 @@ static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const TCHAR *contname,
contname, provname, ptype); contname, provname, ptype);
} else if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) { } else if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) {
/* above 'if' is optimization to minimize malloc-ations */ /* above 'if' is optimization to minimize malloc-ations */
char *_contname = wide_to_asc((WCHAR *)contname); char *_contname = wide_to_asc(contname);
char *_provname = wide_to_asc((WCHAR *)provname); char *_provname = wide_to_asc(provname);
CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n",
_contname, _provname, ptype); _contname, _provname, ptype);
@ -1488,7 +1486,8 @@ static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const TCHAR *contname,
} }
if (ctx->store_flags & CERT_SYSTEM_STORE_LOCAL_MACHINE) if (ctx->store_flags & CERT_SYSTEM_STORE_LOCAL_MACHINE)
dwFlags = CRYPT_MACHINE_KEYSET; dwFlags = CRYPT_MACHINE_KEYSET;
if (!CryptAcquireContext(&key->hprov, contname, provname, ptype, dwFlags)) { if (!CryptAcquireContextW(&key->hprov, contname, provname, ptype,
dwFlags)) {
CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR); CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
capi_addlasterror(); capi_addlasterror();
goto err; goto err;
@ -1512,27 +1511,14 @@ static CAPI_KEY *capi_get_cert_key(CAPI_CTX *ctx, PCCERT_CONTEXT cert)
{ {
CAPI_KEY *key = NULL; CAPI_KEY *key = NULL;
CRYPT_KEY_PROV_INFO *pinfo = NULL; CRYPT_KEY_PROV_INFO *pinfo = NULL;
char *provname = NULL, *contname = NULL;
pinfo = capi_get_prov_info(ctx, cert);
if (!pinfo)
goto err;
if (sizeof(TCHAR) != sizeof(char))
key = capi_get_key(ctx, (TCHAR *)pinfo->pwszContainerName,
(TCHAR *)pinfo->pwszProvName,
pinfo->dwProvType, pinfo->dwKeySpec);
else {
provname = wide_to_asc(pinfo->pwszProvName);
contname = wide_to_asc(pinfo->pwszContainerName);
if (!provname || !contname)
goto err;
key = capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname,
pinfo->dwProvType, pinfo->dwKeySpec);
}
err: pinfo = capi_get_prov_info(ctx, cert);
if (pinfo != NULL)
key = capi_get_key(ctx, pinfo->pwszContainerName, pinfo->pwszProvName,
pinfo->dwProvType, pinfo->dwKeySpec);
OPENSSL_free(pinfo); OPENSSL_free(pinfo);
OPENSSL_free(provname);
OPENSSL_free(contname);
return key; return key;
} }
@ -1541,6 +1527,7 @@ CAPI_KEY *capi_find_key(CAPI_CTX *ctx, const char *id)
PCCERT_CONTEXT cert; PCCERT_CONTEXT cert;
HCERTSTORE hstore; HCERTSTORE hstore;
CAPI_KEY *key = NULL; CAPI_KEY *key = NULL;
switch (ctx->lookup_method) { switch (ctx->lookup_method) {
case CAPI_LU_SUBSTR: case CAPI_LU_SUBSTR:
case CAPI_LU_FNAME: case CAPI_LU_FNAME:
@ -1556,7 +1543,7 @@ CAPI_KEY *capi_find_key(CAPI_CTX *ctx, const char *id)
break; break;
case CAPI_LU_CONTNAME: case CAPI_LU_CONTNAME:
if (sizeof(TCHAR) != sizeof(char)) { {
WCHAR *contname, *provname; WCHAR *contname, *provname;
DWORD len; DWORD len;
@ -1568,10 +1555,7 @@ CAPI_KEY *capi_find_key(CAPI_CTX *ctx, const char *id)
(provname = alloca(len * sizeof(WCHAR)), (provname = alloca(len * sizeof(WCHAR)),
MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1,
provname, len))) provname, len)))
key = capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname, key = capi_get_key(ctx, contname, provname,
ctx->csptype, ctx->keytype);
} else {
key = capi_get_key(ctx, (TCHAR *)id, (TCHAR *)ctx->cspname,
ctx->csptype, ctx->keytype); ctx->csptype, ctx->keytype);
} }
break; break;
@ -1631,18 +1615,14 @@ static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type,
CAPI_trace(ctx, "capi_ctx_set_provname, name=%s, type=%d\n", pname, type); CAPI_trace(ctx, "capi_ctx_set_provname, name=%s, type=%d\n", pname, type);
if (check) { if (check) {
HCRYPTPROV hprov; HCRYPTPROV hprov;
LPTSTR name = NULL; LPWSTR name = NULL;
if (sizeof(TCHAR) != sizeof(char)) {
DWORD len; DWORD len;
if ((len = MultiByteToWideChar(CP_ACP, 0, pname, -1, NULL, 0))) { if ((len = MultiByteToWideChar(CP_ACP, 0, pname, -1, NULL, 0))) {
name = alloca(len * sizeof(WCHAR)); name = alloca(len * sizeof(WCHAR));
MultiByteToWideChar(CP_ACP, 0, pname, -1, (WCHAR *)name, len); MultiByteToWideChar(CP_ACP, 0, pname, -1, (WCHAR *)name, len);
} }
} else { if (name == NULL || !CryptAcquireContextW(&hprov, NULL, name, type,
name = (TCHAR *)pname;
}
if (!name || !CryptAcquireContext(&hprov, NULL, name, type,
CRYPT_VERIFYCONTEXT)) { CRYPT_VERIFYCONTEXT)) {
CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME,
CAPI_R_CRYPTACQUIRECONTEXT_ERROR); CAPI_R_CRYPTACQUIRECONTEXT_ERROR);