search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
crypt32: Add tests of committing a collection store.
[wine/testsucceed.git] / dlls / crypt32 / tests / store.c
blobff39d71b838bb704ec18f54e3e21c286833e4a2d
1 /*
2 * crypt32 cert store function tests
3 *
4 * Copyright 2005-2006 Juan Lang
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20
21 #include <assert.h>
22 #include <stdio.h>
23 #include <stdarg.h>
24 #include <windef.h>
25 #include <winbase.h>
26 #include <winreg.h>
27 #include <winerror.h>
28 #include <wincrypt.h>
29
30 #include "wine/test.h"
31
32 /* The following aren't defined in wincrypt.h, as they're "reserved" */
33 #define CERT_CERT_PROP_ID 32
34 #define CERT_CRL_PROP_ID 33
35 #define CERT_CTL_PROP_ID 34
36
37 struct CertPropIDHeader
38 {
39 DWORD propID;
40 DWORD unknown1;
41 DWORD cb;
42 };
43
44 static const BYTE emptyCert[] = { 0x30, 0x00 };
45 static const BYTE bigCert[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
46 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
47 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22,
48 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30,
49 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
50 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30,
51 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20,
52 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01,
53 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
54 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 };
55 static const BYTE signedBigCert[] = {
56 0x30, 0x81, 0x93, 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06, 0x00, 0x30,
57 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a,
58 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22, 0x18, 0x0f,
59 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30,
60 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30,
61 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06,
62 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61,
63 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01, 0x00, 0xa3,
64 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
65 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
66 0x00, 0x03, 0x11, 0x00, 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08, 0x07,
67 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
68 static const BYTE serializedCert[] = { 0x20, 0x00, 0x00, 0x00,
69 0x01, 0x00, 0x00, 0x00, 0x7c, 0x00, 0x00, 0x00, 0x30, 0x7a, 0x02, 0x01, 0x01,
70 0x30, 0x02, 0x06, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
71 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67,
72 0x00, 0x30, 0x22, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31,
73 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31,
74 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15,
75 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75,
76 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06,
77 0x00, 0x03, 0x01, 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
78 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02,
79 0x01, 0x01 };
80 static const BYTE signedCRL[] = { 0x30, 0x45, 0x30, 0x2c, 0x30, 0x02, 0x06,
81 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
82 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x18, 0x0f,
83 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30,
84 0x30, 0x5a, 0x30, 0x02, 0x06, 0x00, 0x03, 0x11, 0x00, 0x0f, 0x0e, 0x0d, 0x0c,
85 0x0b, 0x0a, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
86 static const BYTE bigCert2[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
87 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
88 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22,
89 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30,
90 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
91 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30,
92 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20,
93 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01,
94 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
95 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 };
96
97
98 static BOOL (WINAPI *pCertAddStoreToCollection)(HCERTSTORE,HCERTSTORE,DWORD,DWORD);
99 static BOOL (WINAPI *pCertControlStore)(HCERTSTORE,DWORD,DWORD,void const*);
100 static PCCRL_CONTEXT (WINAPI *pCertEnumCRLsInStore)(HCERTSTORE,PCCRL_CONTEXT);
101 static BOOL (WINAPI *pCertEnumSystemStore)(DWORD,void*,void*,PFN_CERT_ENUM_SYSTEM_STORE);
102 static BOOL (WINAPI *pCertGetStoreProperty)(HCERTSTORE,DWORD,void*,DWORD*);
103 static void (WINAPI *pCertRemoveStoreFromCollection)(HCERTSTORE,HCERTSTORE);
104 static BOOL (WINAPI *pCertSetStoreProperty)(HCERTSTORE,DWORD,DWORD,const void*);
105
106 static void testMemStore(void)
107 {
108 HCERTSTORE store1, store2;
109 PCCERT_CONTEXT context;
110 BOOL ret;
111 DWORD GLE;
112
113 /* NULL provider */
114 store1 = CertOpenStore(0, 0, 0, 0, NULL);
115 ok(!store1 && GetLastError() == ERROR_FILE_NOT_FOUND,
116 "Expected ERROR_FILE_NOT_FOUND, got %d\n", GetLastError());
117 /* weird flags */
118 store1 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
119 CERT_STORE_DELETE_FLAG, NULL);
120 ok(!store1 && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED,
121 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %d\n", GetLastError());
122
123 /* normal */
124 store1 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
125 CERT_STORE_CREATE_NEW_FLAG, NULL);
126 ok(store1 != NULL, "CertOpenStore failed: %d\n", GetLastError());
127 /* open existing doesn't */
128 store2 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
129 CERT_STORE_OPEN_EXISTING_FLAG, NULL);
130 ok(store2 != NULL, "CertOpenStore failed: %d\n", GetLastError());
131 ok(store1 != store2, "Expected different stores\n");
132
133 /* add a bogus (empty) cert */
134 context = NULL;
135 ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, emptyCert,
136 sizeof(emptyCert), CERT_STORE_ADD_ALWAYS, &context);
137 /* Windows returns CRYPT_E_ASN1_EOD or OSS_DATA_ERROR, but accept
138 * CRYPT_E_ASN1_CORRUPT as well (because matching errors is tough in this
139 * case)
140 */
141 GLE = GetLastError();
142 ok(!ret && (GLE == CRYPT_E_ASN1_EOD || GLE == CRYPT_E_ASN1_CORRUPT ||
143 GLE == OSS_DATA_ERROR),
144 "Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT or OSS_DATA_ERROR, got %08x\n",
145 GLE);
146 /* add a "signed" cert--the signature isn't a real signature, so this adds
147 * without any check of the signature's validity
148 */
149 ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING,
150 signedBigCert, sizeof(signedBigCert), CERT_STORE_ADD_ALWAYS, &context);
151 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
152 ok(context != NULL, "Expected a valid cert context\n");
153 if (context)
154 {
155 ok(context->cbCertEncoded == sizeof(signedBigCert),
156 "Wrong cert size %d\n", context->cbCertEncoded);
157 ok(!memcmp(context->pbCertEncoded, signedBigCert,
158 sizeof(signedBigCert)), "Unexpected encoded cert in context\n");
159 /* remove it, the rest of the tests will work on an unsigned cert */
160 ret = CertDeleteCertificateFromStore(context);
161 ok(ret, "CertDeleteCertificateFromStore failed: %08x\n",
162 GetLastError());
163 }
164 /* try adding a "signed" CRL as a cert */
165 ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING,
166 signedCRL, sizeof(signedCRL), CERT_STORE_ADD_ALWAYS, &context);
167 GLE = GetLastError();
168 ok(!ret && (GLE == CRYPT_E_ASN1_BADTAG || GLE == CRYPT_E_ASN1_CORRUPT ||
169 GLE == OSS_DATA_ERROR),
170 "Expected CRYPT_E_ASN1_BADTAG or CRYPT_E_ASN1_CORRUPT or OSS_DATA_ERROR, got %08x\n",
171 GLE);
172 /* add a cert to store1 */
173 ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, bigCert,
174 sizeof(bigCert), CERT_STORE_ADD_ALWAYS, &context);
175 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
176 ok(context != NULL, "Expected a valid cert context\n");
177 if (context)
178 {
179 DWORD size;
180 BYTE *buf;
181
182 ok(context->cbCertEncoded == sizeof(bigCert),
183 "Wrong cert size %d\n", context->cbCertEncoded);
184 ok(!memcmp(context->pbCertEncoded, bigCert, sizeof(bigCert)),
185 "Unexpected encoded cert in context\n");
186 ok(context->hCertStore == store1, "Unexpected store\n");
187
188 /* check serializing this element */
189 /* These crash
190 ret = CertSerializeCertificateStoreElement(NULL, 0, NULL, NULL);
191 ret = CertSerializeCertificateStoreElement(context, 0, NULL, NULL);
192 ret = CertSerializeCertificateStoreElement(NULL, 0, NULL, &size);
193 */
194 /* apparently flags are ignored */
195 ret = CertSerializeCertificateStoreElement(context, 1, NULL, &size);
196 ok(ret, "CertSerializeCertificateStoreElement failed: %08x\n",
197 GetLastError());
198 buf = HeapAlloc(GetProcessHeap(), 0, size);
199 if (buf)
200 {
201 ret = CertSerializeCertificateStoreElement(context, 0, buf, &size);
202 ok(size == sizeof(serializedCert), "Wrong size %d\n", size);
203 ok(!memcmp(serializedCert, buf, size),
204 "Unexpected serialized cert\n");
205 HeapFree(GetProcessHeap(), 0, buf);
206 }
207
208 ret = CertFreeCertificateContext(context);
209 ok(ret, "CertFreeCertificateContext failed: %08x\n", GetLastError());
210 }
211 /* verify the cert's in store1 */
212 context = CertEnumCertificatesInStore(store1, NULL);
213 ok(context != NULL, "Expected a valid context\n");
214 context = CertEnumCertificatesInStore(store1, context);
215 ok(!context && GetLastError() == CRYPT_E_NOT_FOUND,
216 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
217 /* verify store2 (the "open existing" mem store) is still empty */
218 context = CertEnumCertificatesInStore(store2, NULL);
219 ok(!context, "Expected an empty store\n");
220 /* delete the cert from store1, and check it's empty */
221 context = CertEnumCertificatesInStore(store1, NULL);
222 if (context)
223 {
224 /* Deleting a bitwise copy crashes with an access to an uninitialized
225 * pointer, so a cert context has some special data out there in memory
226 * someplace
227 CERT_CONTEXT copy;
228 memcpy(&copy, context, sizeof(copy));
229 ret = CertDeleteCertificateFromStore(&copy);
230 */
231 PCCERT_CONTEXT copy = CertDuplicateCertificateContext(context);
232
233 ok(copy != NULL, "CertDuplicateCertificateContext failed: %08x\n",
234 GetLastError());
235 ret = CertDeleteCertificateFromStore(context);
236 ok(ret, "CertDeleteCertificateFromStore failed: %08x\n",
237 GetLastError());
238 /* try deleting a copy */
239 ret = CertDeleteCertificateFromStore(copy);
240 ok(ret, "CertDeleteCertificateFromStore failed: %08x\n",
241 GetLastError());
242 /* check that the store is empty */
243 context = CertEnumCertificatesInStore(store1, NULL);
244 ok(!context, "Expected an empty store\n");
245 }
246
247 /* close an empty store */
248 ret = CertCloseStore(NULL, 0);
249 ok(ret, "CertCloseStore failed: %d\n", GetLastError());
250 ret = CertCloseStore(store1, 0);
251 ok(ret, "CertCloseStore failed: %d\n", GetLastError());
252 ret = CertCloseStore(store2, 0);
253 ok(ret, "CertCloseStore failed: %d\n", GetLastError());
254
255 /* This seems nonsensical, but you can open a read-only mem store, only
256 * it isn't read-only
257 */
258 store1 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
259 CERT_STORE_READONLY_FLAG, NULL);
260 ok(store1 != NULL, "CertOpenStore failed: %d\n", GetLastError());
261 /* yep, this succeeds */
262 ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING, bigCert,
263 sizeof(bigCert), CERT_STORE_ADD_ALWAYS, &context);
264 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
265 ok(context != NULL, "Expected a valid cert context\n");
266 if (context)
267 {
268 ok(context->cbCertEncoded == sizeof(bigCert),
269 "Wrong cert size %d\n", context->cbCertEncoded);
270 ok(!memcmp(context->pbCertEncoded, bigCert, sizeof(bigCert)),
271 "Unexpected encoded cert in context\n");
272 ok(context->hCertStore == store1, "Unexpected store\n");
273 ret = CertDeleteCertificateFromStore(context);
274 ok(ret, "CertDeleteCertificateFromStore failed: %08x\n",
275 GetLastError());
276 }
277 CertCloseStore(store1, 0);
278 }
279
280 static void compareFile(LPCWSTR filename, const BYTE *pb, DWORD cb)
281 {
282 HANDLE h;
283 BYTE buf[200];
284 BOOL ret;
285 DWORD cbRead = 0, totalRead = 0;
286
287 h = CreateFileW(filename, GENERIC_READ, 0, NULL, OPEN_EXISTING,
288 FILE_ATTRIBUTE_NORMAL, NULL);
289 if (h == INVALID_HANDLE_VALUE)
290 return;
291 do {
292 ret = ReadFile(h, buf, sizeof(buf), &cbRead, NULL);
293 if (ret && cbRead)
294 {
295 ok(totalRead + cbRead <= cb, "Expected total count %d, see %d\n",
296 cb, totalRead + cbRead);
297 ok(!memcmp(pb + totalRead, buf, cbRead),
298 "Unexpected data in file\n");
299 totalRead += cbRead;
300 }
301 } while (ret && cbRead);
302 CloseHandle(h);
303 }
304
305 static const BYTE serializedStoreWithCert[] = {
306 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x20,0x00,0x00,0x00,0x01,0x00,0x00,
307 0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,
308 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
309 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,
310 0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,
311 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,
312 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
313 0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,
314 0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,
315 0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x00,0x00,0x00,0x00,0x00,0x00,
316 0x00,0x00,0x00,0x00,0x00,0x00 };
317
318 static void testCollectionStore(void)
319 {
320 HCERTSTORE store1, store2, collection, collection2;
321 PCCERT_CONTEXT context;
322 BOOL ret;
323 static const WCHAR szPrefix[] = { 'c','e','r',0 };
324 static const WCHAR szDot[] = { '.',0 };
325 WCHAR filename[MAX_PATH];
326 HANDLE file;
327
328 if (!pCertAddStoreToCollection)
329 {
330 win_skip("CertAddStoreToCollection() is not available\n");
331 return;
332 }
333
334 collection = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
335 CERT_STORE_CREATE_NEW_FLAG, NULL);
336
337 /* Try adding a cert to any empty collection */
338 ret = CertAddEncodedCertificateToStore(collection, X509_ASN_ENCODING,
339 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
340 ok(!ret && GetLastError() == E_ACCESSDENIED,
341 "Expected E_ACCESSDENIED, got %08x\n", GetLastError());
342
343 /* Create and add a cert to a memory store */
344 store1 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
345 CERT_STORE_CREATE_NEW_FLAG, NULL);
346 ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING,
347 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
348 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
349 /* Add the memory store to the collection, without allowing adding */
350 ret = pCertAddStoreToCollection(collection, store1, 0, 0);
351 ok(ret, "CertAddStoreToCollection failed: %08x\n", GetLastError());
352 /* Verify the cert is in the collection */
353 context = CertEnumCertificatesInStore(collection, NULL);
354 ok(context != NULL, "Expected a valid context\n");
355 if (context)
356 {
357 ok(context->hCertStore == collection, "Unexpected store\n");
358 CertFreeCertificateContext(context);
359 }
360 /* Check that adding to the collection isn't allowed */
361 ret = CertAddEncodedCertificateToStore(collection, X509_ASN_ENCODING,
362 bigCert2, sizeof(bigCert2), CERT_STORE_ADD_ALWAYS, NULL);
363 ok(!ret && GetLastError() == E_ACCESSDENIED,
364 "Expected E_ACCESSDENIED, got %08x\n", GetLastError());
365
366 /* Create a new memory store */
367 store2 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
368 CERT_STORE_CREATE_NEW_FLAG, NULL);
369 /* Try adding a store to a non-collection store */
370 ret = pCertAddStoreToCollection(store1, store2,
371 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
372 ok(!ret && GetLastError() == E_INVALIDARG,
373 "Expected E_INVALIDARG, got %08x\n", GetLastError());
374 /* Try adding some bogus stores */
375 /* This crashes in Windows
376 ret = pCertAddStoreToCollection(0, store2,
377 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
378 */
379 /* This "succeeds"... */
380 ret = pCertAddStoreToCollection(collection, 0,
381 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
382 ok(ret, "CertAddStoreToCollection failed: %08x\n", GetLastError());
383 /* while this crashes.
384 ret = pCertAddStoreToCollection(collection, 1,
385 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
386 */
387
388 /* Add it to the collection, this time allowing adding */
389 ret = pCertAddStoreToCollection(collection, store2,
390 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
391 ok(ret, "CertAddStoreToCollection failed: %08x\n", GetLastError());
392 /* Check that adding to the collection is allowed */
393 ret = CertAddEncodedCertificateToStore(collection, X509_ASN_ENCODING,
394 bigCert2, sizeof(bigCert2), CERT_STORE_ADD_ALWAYS, NULL);
395 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
396 /* Now check that it was actually added to store2 */
397 context = CertEnumCertificatesInStore(store2, NULL);
398 ok(context != NULL, "Expected a valid context\n");
399 if (context)
400 {
401 ok(context->hCertStore == store2, "Unexpected store\n");
402 CertFreeCertificateContext(context);
403 }
404 /* Check that the collection has both bigCert and bigCert2. bigCert comes
405 * first because store1 was added first.
406 */
407 context = CertEnumCertificatesInStore(collection, NULL);
408 ok(context != NULL, "Expected a valid context\n");
409 if (context)
410 {
411 ok(context->hCertStore == collection, "Unexpected store\n");
412 ok(context->cbCertEncoded == sizeof(bigCert),
413 "Wrong size %d\n", context->cbCertEncoded);
414 ok(!memcmp(context->pbCertEncoded, bigCert, context->cbCertEncoded),
415 "Unexpected cert\n");
416 context = CertEnumCertificatesInStore(collection, context);
417 ok(context != NULL, "Expected a valid context\n");
418 if (context)
419 {
420 ok(context->hCertStore == collection, "Unexpected store\n");
421 ok(context->cbCertEncoded == sizeof(bigCert2),
422 "Wrong size %d\n", context->cbCertEncoded);
423 ok(!memcmp(context->pbCertEncoded, bigCert2,
424 context->cbCertEncoded), "Unexpected cert\n");
425 context = CertEnumCertificatesInStore(collection, context);
426 ok(!context, "Unexpected cert\n");
427 }
428 }
429 /* close store2, and check that the collection is unmodified */
430 CertCloseStore(store2, 0);
431 context = CertEnumCertificatesInStore(collection, NULL);
432 ok(context != NULL, "Expected a valid context\n");
433 if (context)
434 {
435 ok(context->hCertStore == collection, "Unexpected store\n");
436 ok(context->cbCertEncoded == sizeof(bigCert),
437 "Wrong size %d\n", context->cbCertEncoded);
438 ok(!memcmp(context->pbCertEncoded, bigCert, context->cbCertEncoded),
439 "Unexpected cert\n");
440 context = CertEnumCertificatesInStore(collection, context);
441 ok(context != NULL, "Expected a valid context\n");
442 if (context)
443 {
444 ok(context->hCertStore == collection, "Unexpected store\n");
445 ok(context->cbCertEncoded == sizeof(bigCert2),
446 "Wrong size %d\n", context->cbCertEncoded);
447 ok(!memcmp(context->pbCertEncoded, bigCert2,
448 context->cbCertEncoded), "Unexpected cert\n");
449 context = CertEnumCertificatesInStore(collection, context);
450 ok(!context, "Unexpected cert\n");
451 }
452 }
453
454 /* Adding a collection to a collection is legal */
455 collection2 = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
456 CERT_STORE_CREATE_NEW_FLAG, NULL);
457 ret = pCertAddStoreToCollection(collection2, collection,
458 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
459 ok(ret, "CertAddStoreToCollection failed: %08x\n", GetLastError());
460 /* check the contents of collection2 */
461 context = CertEnumCertificatesInStore(collection2, NULL);
462 ok(context != NULL, "Expected a valid context\n");
463 if (context)
464 {
465 ok(context->hCertStore == collection2, "Unexpected store\n");
466 ok(context->cbCertEncoded == sizeof(bigCert),
467 "Wrong size %d\n", context->cbCertEncoded);
468 ok(!memcmp(context->pbCertEncoded, bigCert, context->cbCertEncoded),
469 "Unexpected cert\n");
470 context = CertEnumCertificatesInStore(collection2, context);
471 ok(context != NULL, "Expected a valid context\n");
472 if (context)
473 {
474 ok(context->hCertStore == collection2, "Unexpected store\n");
475 ok(context->cbCertEncoded == sizeof(bigCert2),
476 "Wrong size %d\n", context->cbCertEncoded);
477 ok(!memcmp(context->pbCertEncoded, bigCert2,
478 context->cbCertEncoded), "Unexpected cert\n");
479 context = CertEnumCertificatesInStore(collection2, context);
480 ok(!context, "Unexpected cert\n");
481 }
482 }
483
484 /* I'd like to test closing the collection in the middle of enumeration,
485 * but my tests have been inconsistent. The first time calling
486 * CertEnumCertificatesInStore on a closed collection succeeded, while the
487 * second crashed. So anything appears to be fair game.
488 * I'd also like to test removing a store from a collection in the middle
489 * of an enumeration, but my tests in Windows have been inconclusive.
490 * In one scenario it worked. In another scenario, about a third of the
491 * time this leads to "random" crashes elsewhere in the code. This
492 * probably means this is not allowed.
493 */
494
495 CertCloseStore(store1, 0);
496 CertCloseStore(collection, 0);
497 CertCloseStore(collection2, 0);
498
499 /* Add the same cert to two memory stores, then put them in a collection */
500 store1 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
501 CERT_STORE_CREATE_NEW_FLAG, NULL);
502 ok(store1 != 0, "CertOpenStore failed: %08x\n", GetLastError());
503 store2 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
504 CERT_STORE_CREATE_NEW_FLAG, NULL);
505 ok(store2 != 0, "CertOpenStore failed: %08x\n", GetLastError());
506
507 ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING,
508 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
509 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
510 ret = CertAddEncodedCertificateToStore(store2, X509_ASN_ENCODING,
511 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
512 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
513 collection = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
514 CERT_STORE_CREATE_NEW_FLAG, NULL);
515 ok(collection != 0, "CertOpenStore failed: %08x\n", GetLastError());
516
517 ret = pCertAddStoreToCollection(collection, store1,
518 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
519 ok(ret, "CertAddStoreToCollection failed: %08x\n", GetLastError());
520 ret = pCertAddStoreToCollection(collection, store2,
521 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
522 ok(ret, "CertAddStoreToCollection failed: %08x\n", GetLastError());
523
524 /* Check that the collection has two copies of the same cert */
525 context = CertEnumCertificatesInStore(collection, NULL);
526 ok(context != NULL, "Expected a valid context\n");
527 if (context)
528 {
529 ok(context->hCertStore == collection, "Unexpected store\n");
530 ok(context->cbCertEncoded == sizeof(bigCert),
531 "Wrong size %d\n", context->cbCertEncoded);
532 ok(!memcmp(context->pbCertEncoded, bigCert, context->cbCertEncoded),
533 "Unexpected cert\n");
534 context = CertEnumCertificatesInStore(collection, context);
535 ok(context != NULL, "Expected a valid context\n");
536 if (context)
537 {
538 ok(context->hCertStore == collection, "Unexpected store\n");
539 ok(context->cbCertEncoded == sizeof(bigCert),
540 "Wrong size %d\n", context->cbCertEncoded);
541 ok(!memcmp(context->pbCertEncoded, bigCert, context->cbCertEncoded),
542 "Unexpected cert\n");
543 context = CertEnumCertificatesInStore(collection, context);
544 ok(context == NULL, "Unexpected cert\n");
545 }
546 }
547
548 /* The following would check whether I can delete an identical cert, rather
549 * than one enumerated from the store. It crashes, so that means I must
550 * only call CertDeleteCertificateFromStore with contexts enumerated from
551 * the store.
552 context = CertCreateCertificateContext(X509_ASN_ENCODING, bigCert,
553 sizeof(bigCert));
554 ok(context != NULL, "CertCreateCertificateContext failed: %08x\n",
555 GetLastError());
556 if (context)
557 {
558 ret = CertDeleteCertificateFromStore(collection, context);
559 printf("ret is %d, GetLastError is %08x\n", ret, GetLastError());
560 CertFreeCertificateContext(context);
561 }
562 */
563
564 /* Now check deleting from the collection. */
565 context = CertEnumCertificatesInStore(collection, NULL);
566 ok(context != NULL, "Expected a valid context\n");
567 if (context)
568 {
569 CertDeleteCertificateFromStore(context);
570 /* store1 should now be empty */
571 context = CertEnumCertificatesInStore(store1, NULL);
572 ok(!context, "Unexpected cert\n");
573 /* and there should be one certificate in the collection */
574 context = CertEnumCertificatesInStore(collection, NULL);
575 ok(context != NULL, "Expected a valid cert\n");
576 if (context)
577 {
578 ok(context->hCertStore == collection, "Unexpected store\n");
579 ok(context->cbCertEncoded == sizeof(bigCert),
580 "Wrong size %d\n", context->cbCertEncoded);
581 ok(!memcmp(context->pbCertEncoded, bigCert, context->cbCertEncoded),
582 "Unexpected cert\n");
583 }
584 context = CertEnumCertificatesInStore(collection, context);
585 ok(context == NULL, "Unexpected cert\n");
586 }
587
588 if (!pCertRemoveStoreFromCollection)
589 {
590 win_skip("CertRemoveStoreFromCollection() is not available\n");
591 }
592 else
593 {
594 /* Finally, test removing stores from the collection. No return
595 * value, so it's a bit funny to test.
596 */
597 /* This crashes
598 * pCertRemoveStoreFromCollection(NULL, NULL);
599 */
600 /* This "succeeds," no crash, no last error set */
601 SetLastError(0xdeadbeef);
602 pCertRemoveStoreFromCollection(store2, collection);
603 ok(GetLastError() == 0xdeadbeef,
604 "Didn't expect an error to be set: %08x\n", GetLastError());
605
606 /* After removing store2, the collection should be empty */
607 SetLastError(0xdeadbeef);
608 pCertRemoveStoreFromCollection(collection, store2);
609 ok(GetLastError() == 0xdeadbeef,
610 "Didn't expect an error to be set: %08x\n", GetLastError());
611 context = CertEnumCertificatesInStore(collection, NULL);
612 ok(!context, "Unexpected cert\n");
613 }
614
615 CertCloseStore(collection, 0);
616 CertCloseStore(store2, 0);
617 CertCloseStore(store1, 0);
618
619 /* Test adding certificates to and deleting certificates from collections.
620 */
621 store1 = CertOpenSystemStoreA(0, "My");
622 collection = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
623 CERT_STORE_CREATE_NEW_FLAG, NULL);
624
625 ret = CertAddEncodedCertificateToStore(store1, X509_ASN_ENCODING,
626 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, &context);
627 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
628 CertDeleteCertificateFromStore(context);
629
630 CertAddStoreToCollection(collection, store1,
631 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
632
633 ret = CertAddEncodedCertificateToStore(collection, X509_ASN_ENCODING,
634 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, &context);
635 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
636 CertDeleteCertificateFromStore(context);
637
638 CertCloseStore(collection, 0);
639 CertCloseStore(store1, 0);
640
641 /* Test whether a collection store can be committed */
642 if (!pCertControlStore)
643 {
644 win_skip("CertControlStore() is not available\n");
645 return;
646 }
647 collection = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
648 CERT_STORE_CREATE_NEW_FLAG, NULL);
649
650 SetLastError(0xdeadbeef);
651 ret = pCertControlStore(collection, 0, CERT_STORE_CTRL_COMMIT, NULL);
652 ok(ret, "CertControlStore failed: %08x\n", GetLastError());
653
654 /* Adding a mem store that can't be committed prevents a successful commit.
655 */
656 store1 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
657 CERT_STORE_CREATE_NEW_FLAG, NULL);
658 pCertAddStoreToCollection(collection, store1, 0, 0);
659 SetLastError(0xdeadbeef);
660 ret = pCertControlStore(collection, 0, CERT_STORE_CTRL_COMMIT, NULL);
661 todo_wine
662 ok(!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED,
663 "expected ERROR_CALL_NOT_IMPLEMENTED, got %d\n", GetLastError());
664 pCertRemoveStoreFromCollection(collection, store1);
665 CertCloseStore(store1, 0);
666
667 /* Test adding a cert to a collection with a file store, committing the
668 * change to the collection, and comparing the resulting file.
669 */
670 if (!GetTempFileNameW(szDot, szPrefix, 0, filename))
671 return;
672
673 DeleteFileW(filename);
674 file = CreateFileW(filename, GENERIC_READ | GENERIC_WRITE, 0, NULL,
675 CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
676 if (file == INVALID_HANDLE_VALUE)
677 return;
678
679 store1 = CertOpenStore(CERT_STORE_PROV_FILE, 0, 0,
680 CERT_FILE_STORE_COMMIT_ENABLE_FLAG, file);
681 ok(store1 != NULL, "CertOpenStore failed: %08x\n", GetLastError());
682 CloseHandle(file);
683 pCertAddStoreToCollection(collection, store1,
684 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
685 CertCloseStore(store1, 0);
686
687 ret = CertAddEncodedCertificateToStore(collection, X509_ASN_ENCODING,
688 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
689 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
690 GetLastError());
691 ret = pCertControlStore(collection, 0, CERT_STORE_CTRL_COMMIT, NULL);
692 ok(ret, "CertControlStore failed: %d\n", ret);
693
694 CertCloseStore(collection, 0);
695
696 compareFile(filename, serializedStoreWithCert,
697 sizeof(serializedStoreWithCert));
698 DeleteFileW(filename);
699 }
700
701 /* Looks for the property with ID propID in the buffer buf. Returns a pointer
702 * to its header if found, NULL if not.
703 */
704 static const struct CertPropIDHeader *findPropID(const BYTE *buf, DWORD size,
705 DWORD propID)
706 {
707 const struct CertPropIDHeader *ret = NULL;
708 BOOL failed = FALSE;
709
710 while (size && !ret && !failed)
711 {
712 if (size < sizeof(struct CertPropIDHeader))
713 failed = TRUE;
714 else
715 {
716 const struct CertPropIDHeader *hdr =
717 (const struct CertPropIDHeader *)buf;
718
719 size -= sizeof(struct CertPropIDHeader);
720 buf += sizeof(struct CertPropIDHeader);
721 if (size < hdr->cb)
722 failed = TRUE;
723 else if (hdr->propID == propID)
724 ret = hdr;
725 else
726 {
727 buf += hdr->cb;
728 size -= hdr->cb;
729 }
730 }
731 }
732 return ret;
733 }
734
735 typedef DWORD (WINAPI *SHDeleteKeyAFunc)(HKEY, LPCSTR);
736
737 static void testRegStore(void)
738 {
739 static const char tempKey[] = "Software\\Wine\\CryptTemp";
740 HCERTSTORE store;
741 LONG rc;
742 HKEY key = NULL;
743 DWORD disp, GLE;
744
745 store = CertOpenStore(CERT_STORE_PROV_REG, 0, 0, 0, NULL);
746 GLE = GetLastError();
747 ok(!store && (GLE == ERROR_INVALID_HANDLE || GLE == ERROR_BADKEY),
748 "Expected ERROR_INVALID_HANDLE or ERROR_BADKEY, got %d\n", GLE);
749 store = CertOpenStore(CERT_STORE_PROV_REG, 0, 0, 0, key);
750 GLE = GetLastError();
751 ok(!store && (GLE == ERROR_INVALID_HANDLE || GLE == ERROR_BADKEY),
752 "Expected ERROR_INVALID_HANDLE or ERROR_BADKEY, got %d\n", GLE);
753
754 /* Opening up any old key works.. */
755 key = HKEY_CURRENT_USER;
756 store = CertOpenStore(CERT_STORE_PROV_REG, 0, 0, 0, key);
757 /* Not sure if this is a bug in DuplicateHandle, marking todo_wine for now
758 */
759 todo_wine ok(store != 0, "CertOpenStore failed: %08x\n", GetLastError());
760 CertCloseStore(store, 0);
761
762 /* It looks like the remainder pretty much needs CertControlStore() */
763 if (!pCertControlStore)
764 {
765 win_skip("CertControlStore() is not available\n");
766 return;
767 }
768
769 rc = RegCreateKeyExA(HKEY_CURRENT_USER, tempKey, 0, NULL, 0, KEY_ALL_ACCESS,
770 NULL, &key, NULL);
771 ok(!rc, "RegCreateKeyExA failed: %d\n", rc);
772 if (key)
773 {
774 BOOL ret;
775 BYTE hash[20];
776 DWORD size, i;
777 static const char certificates[] = "Certificates\\";
778 char subKeyName[sizeof(certificates) + 20 * 2 + 1], *ptr;
779 HKEY subKey;
780 PCCERT_CONTEXT context;
781
782 store = CertOpenStore(CERT_STORE_PROV_REG, 0, 0, 0, key);
783 ok(store != 0, "CertOpenStore failed: %08x\n", GetLastError());
784 /* Add a certificate. It isn't persisted right away, since it's only
785 * added to the cache..
786 */
787 ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
788 bigCert2, sizeof(bigCert2), CERT_STORE_ADD_ALWAYS, NULL);
789 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
790 GetLastError());
791 /* so flush the cache to force a commit.. */
792 ret = pCertControlStore(store, 0, CERT_STORE_CTRL_COMMIT, NULL);
793 ok(ret, "CertControlStore failed: %08x\n", GetLastError());
794 /* and check that the expected subkey was written. */
795 size = sizeof(hash);
796 ret = CryptHashCertificate(0, 0, 0, bigCert2, sizeof(bigCert2),
797 hash, &size);
798 ok(ret, "CryptHashCertificate failed: %d\n", GetLastError());
799 strcpy(subKeyName, certificates);
800 for (i = 0, ptr = subKeyName + sizeof(certificates) - 1; i < size;
801 i++, ptr += 2)
802 sprintf(ptr, "%02X", hash[i]);
803 rc = RegCreateKeyExA(key, subKeyName, 0, NULL, 0, KEY_ALL_ACCESS, NULL,
804 &subKey, NULL);
805 ok(!rc, "RegCreateKeyExA failed: %d\n", rc);
806 if (subKey)
807 {
808 LPBYTE buf;
809
810 size = 0;
811 RegQueryValueExA(subKey, "Blob", NULL, NULL, NULL, &size);
812 buf = HeapAlloc(GetProcessHeap(), 0, size);
813 if (buf)
814 {
815 rc = RegQueryValueExA(subKey, "Blob", NULL, NULL, buf, &size);
816 ok(!rc, "RegQueryValueExA failed: %d\n", rc);
817 if (!rc)
818 {
819 const struct CertPropIDHeader *hdr;
820
821 /* Both the hash and the cert should be present */
822 hdr = findPropID(buf, size, CERT_CERT_PROP_ID);
823 ok(hdr != NULL, "Expected to find a cert property\n");
824 if (hdr)
825 {
826 ok(hdr->cb == sizeof(bigCert2),
827 "Wrong size %d of cert property\n", hdr->cb);
828 ok(!memcmp((const BYTE *)hdr + sizeof(*hdr), bigCert2,
829 hdr->cb), "Unexpected cert in cert property\n");
830 }
831 hdr = findPropID(buf, size, CERT_HASH_PROP_ID);
832 ok(hdr != NULL, "Expected to find a hash property\n");
833 if (hdr)
834 {
835 ok(hdr->cb == sizeof(hash),
836 "Wrong size %d of hash property\n", hdr->cb);
837 ok(!memcmp((const BYTE *)hdr + sizeof(*hdr), hash,
838 hdr->cb), "Unexpected hash in cert property\n");
839 }
840 }
841 HeapFree(GetProcessHeap(), 0, buf);
842 }
843 RegCloseKey(subKey);
844 }
845
846 /* Remove the existing context */
847 context = CertEnumCertificatesInStore(store, NULL);
848 ok(context != NULL, "Expected a cert context\n");
849 if (context)
850 CertDeleteCertificateFromStore(context);
851 ret = pCertControlStore(store, 0, CERT_STORE_CTRL_COMMIT, NULL);
852 ok(ret, "CertControlStore failed: %08x\n", GetLastError());
853
854 /* Add a serialized cert with a bogus hash directly to the registry */
855 memset(hash, 0, sizeof(hash));
856 strcpy(subKeyName, certificates);
857 for (i = 0, ptr = subKeyName + sizeof(certificates) - 1;
858 i < sizeof(hash); i++, ptr += 2)
859 sprintf(ptr, "%02X", hash[i]);
860 rc = RegCreateKeyExA(key, subKeyName, 0, NULL, 0, KEY_ALL_ACCESS, NULL,
861 &subKey, NULL);
862 ok(!rc, "RegCreateKeyExA failed: %d\n", rc);
863 if (subKey)
864 {
865 BYTE buf[sizeof(struct CertPropIDHeader) * 2 + sizeof(hash) +
866 sizeof(bigCert)], *ptr;
867 DWORD certCount = 0;
868 struct CertPropIDHeader *hdr;
869
870 hdr = (struct CertPropIDHeader *)buf;
871 hdr->propID = CERT_HASH_PROP_ID;
872 hdr->unknown1 = 1;
873 hdr->cb = sizeof(hash);
874 ptr = buf + sizeof(*hdr);
875 memcpy(ptr, hash, sizeof(hash));
876 ptr += sizeof(hash);
877 hdr = (struct CertPropIDHeader *)ptr;
878 hdr->propID = CERT_CERT_PROP_ID;
879 hdr->unknown1 = 1;
880 hdr->cb = sizeof(bigCert);
881 ptr += sizeof(*hdr);
882 memcpy(ptr, bigCert, sizeof(bigCert));
883
884 rc = RegSetValueExA(subKey, "Blob", 0, REG_BINARY, buf,
885 sizeof(buf));
886 ok(!rc, "RegSetValueExA failed: %d\n", rc);
887
888 ret = pCertControlStore(store, 0, CERT_STORE_CTRL_RESYNC, NULL);
889 ok(ret, "CertControlStore failed: %08x\n", GetLastError());
890
891 /* Make sure the bogus hash cert gets loaded. */
892 certCount = 0;
893 context = NULL;
894 do {
895 context = CertEnumCertificatesInStore(store, context);
896 if (context)
897 certCount++;
898 } while (context != NULL);
899 ok(certCount == 1, "Expected 1 certificates, got %d\n", certCount);
900
901 RegCloseKey(subKey);
902 }
903
904 /* Add another serialized cert directly to the registry, this time
905 * under the correct key name (named with the correct hash value).
906 */
907 size = sizeof(hash);
908 ret = CryptHashCertificate(0, 0, 0, bigCert2,
909 sizeof(bigCert2), hash, &size);
910 ok(ret, "CryptHashCertificate failed: %d\n", GetLastError());
911 strcpy(subKeyName, certificates);
912 for (i = 0, ptr = subKeyName + sizeof(certificates) - 1;
913 i < sizeof(hash); i++, ptr += 2)
914 sprintf(ptr, "%02X", hash[i]);
915 rc = RegCreateKeyExA(key, subKeyName, 0, NULL, 0, KEY_ALL_ACCESS, NULL,
916 &subKey, NULL);
917 ok(!rc, "RegCreateKeyExA failed: %d\n", rc);
918 if (subKey)
919 {
920 BYTE buf[sizeof(struct CertPropIDHeader) * 2 + sizeof(hash) +
921 sizeof(bigCert2)], *ptr;
922 DWORD certCount = 0;
923 PCCERT_CONTEXT context;
924 struct CertPropIDHeader *hdr;
925
926 /* First try with a bogus hash... */
927 hdr = (struct CertPropIDHeader *)buf;
928 hdr->propID = CERT_HASH_PROP_ID;
929 hdr->unknown1 = 1;
930 hdr->cb = sizeof(hash);
931 ptr = buf + sizeof(*hdr);
932 memset(ptr, 0, sizeof(hash));
933 ptr += sizeof(hash);
934 hdr = (struct CertPropIDHeader *)ptr;
935 hdr->propID = CERT_CERT_PROP_ID;
936 hdr->unknown1 = 1;
937 hdr->cb = sizeof(bigCert2);
938 ptr += sizeof(*hdr);
939 memcpy(ptr, bigCert2, sizeof(bigCert2));
940
941 rc = RegSetValueExA(subKey, "Blob", 0, REG_BINARY, buf,
942 sizeof(buf));
943 ok(!rc, "RegSetValueExA failed: %d\n", rc);
944
945 ret = pCertControlStore(store, 0, CERT_STORE_CTRL_RESYNC, NULL);
946 ok(ret, "CertControlStore failed: %08x\n", GetLastError());
947
948 /* and make sure just one cert still gets loaded. */
949 certCount = 0;
950 context = NULL;
951 do {
952 context = CertEnumCertificatesInStore(store, context);
953 if (context)
954 certCount++;
955 } while (context != NULL);
956 ok(certCount == 1 ||
957 broken(certCount == 2), /* win9x */
958 "Expected 1 certificates, got %d\n", certCount);
959
960 /* Try again with the correct hash... */
961 ptr = buf + sizeof(*hdr);
962 memcpy(ptr, hash, sizeof(hash));
963
964 rc = RegSetValueExA(subKey, "Blob", 0, REG_BINARY, buf,
965 sizeof(buf));
966 ok(!rc, "RegSetValueExA failed: %d\n", rc);
967
968 ret = pCertControlStore(store, 0, CERT_STORE_CTRL_RESYNC, NULL);
969 ok(ret, "CertControlStore failed: %08x\n", GetLastError());
970
971 /* and make sure two certs get loaded. */
972 certCount = 0;
973 context = NULL;
974 do {
975 context = CertEnumCertificatesInStore(store, context);
976 if (context)
977 certCount++;
978 } while (context != NULL);
979 ok(certCount == 2, "Expected 2 certificates, got %d\n", certCount);
980
981 RegCloseKey(subKey);
982 }
983 CertCloseStore(store, 0);
984 /* Is delete allowed on a reg store? */
985 store = CertOpenStore(CERT_STORE_PROV_REG, 0, 0,
986 CERT_STORE_DELETE_FLAG, key);
987 ok(store == NULL, "Expected NULL return from CERT_STORE_DELETE_FLAG\n");
988 ok(GetLastError() == 0, "CertOpenStore failed: %08x\n",
989 GetLastError());
990
991 RegCloseKey(key);
992 }
993 /* The CertOpenStore with CERT_STORE_DELETE_FLAG above will delete the
994 * contents of the key, but not the key itself.
995 */
996 rc = RegCreateKeyExA(HKEY_CURRENT_USER, tempKey, 0, NULL, 0, KEY_ALL_ACCESS,
997 NULL, &key, &disp);
998 ok(!rc, "RegCreateKeyExA failed: %d\n", rc);
999 ok(disp == REG_OPENED_EXISTING_KEY,
1000 "Expected REG_OPENED_EXISTING_KEY, got %d\n", disp);
1001 if (!rc)
1002 {
1003 RegCloseKey(key);
1004 rc = RegDeleteKeyA(HKEY_CURRENT_USER, tempKey);
1005 if (rc)
1006 {
1007 HMODULE shlwapi = LoadLibraryA("shlwapi");
1008
1009 /* Use shlwapi's SHDeleteKeyA to _really_ blow away the key,
1010 * otherwise subsequent tests will fail.
1011 */
1012 if (shlwapi)
1013 {
1014 SHDeleteKeyAFunc pSHDeleteKeyA =
1015 (SHDeleteKeyAFunc)GetProcAddress(shlwapi, "SHDeleteKeyA");
1016
1017 if (pSHDeleteKeyA)
1018 pSHDeleteKeyA(HKEY_CURRENT_USER, tempKey);
1019 FreeLibrary(shlwapi);
1020 }
1021 }
1022 }
1023 }
1024
1025 static const char MyA[] = { 'M','y',0,0 };
1026 static const WCHAR MyW[] = { 'M','y',0 };
1027 static const WCHAR BogusW[] = { 'B','o','g','u','s',0 };
1028 static const WCHAR BogusPathW[] = { 'S','o','f','t','w','a','r','e','\\',
1029 'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r',
1030 't','i','f','i','c','a','t','e','s','\\','B','o','g','u','s',0 };
1031
1032 static void testSystemRegStore(void)
1033 {
1034 HCERTSTORE store, memStore;
1035
1036 /* Check with a UNICODE name */
1037 store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY, 0, 0,
1038 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_OPEN_EXISTING_FLAG, MyW);
1039 /* Not all OSes support CERT_STORE_PROV_SYSTEM_REGISTRY, so don't continue
1040 * testing if they don't.
1041 */
1042 if (!store)
1043 return;
1044
1045 /* Check that it isn't a collection store */
1046 memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1047 CERT_STORE_CREATE_NEW_FLAG, NULL);
1048 if (memStore)
1049 {
1050 if (pCertAddStoreToCollection)
1051 {
1052 BOOL ret = pCertAddStoreToCollection(store, memStore, 0, 0);
1053 ok(!ret && GetLastError() == E_INVALIDARG,
1054 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1055 }
1056 CertCloseStore(memStore, 0);
1057 }
1058 CertCloseStore(store, 0);
1059
1060 /* Check opening a bogus store */
1061 store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY, 0, 0,
1062 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_OPEN_EXISTING_FLAG, BogusW);
1063 ok(!store && GetLastError() == ERROR_FILE_NOT_FOUND,
1064 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1065 store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY, 0, 0,
1066 CERT_SYSTEM_STORE_CURRENT_USER, BogusW);
1067 ok(store != 0, "CertOpenStore failed: %08x\n", GetLastError());
1068 if (store)
1069 CertCloseStore(store, 0);
1070 /* Now check whether deleting is allowed */
1071 store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY, 0, 0,
1072 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_DELETE_FLAG, BogusW);
1073 RegDeleteKeyW(HKEY_CURRENT_USER, BogusPathW);
1074
1075 store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY, 0, 0, 0, NULL);
1076 ok(!store && GetLastError() == E_INVALIDARG,
1077 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1078 store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY, 0, 0,
1079 CERT_SYSTEM_STORE_LOCAL_MACHINE | CERT_SYSTEM_STORE_CURRENT_USER, MyA);
1080 ok(!store && GetLastError() == E_INVALIDARG,
1081 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1082 store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY, 0, 0,
1083 CERT_SYSTEM_STORE_LOCAL_MACHINE | CERT_SYSTEM_STORE_CURRENT_USER, MyW);
1084 ok(!store && GetLastError() == E_INVALIDARG,
1085 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1086 /* The name is expected to be UNICODE, check with an ASCII name */
1087 store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY, 0, 0,
1088 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_OPEN_EXISTING_FLAG, MyA);
1089 ok(!store && GetLastError() == ERROR_FILE_NOT_FOUND,
1090 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1091 }
1092
1093 static void testSystemStore(void)
1094 {
1095 static const WCHAR baskslashW[] = { '\\',0 };
1096 HCERTSTORE store;
1097 WCHAR keyName[MAX_PATH];
1098 HKEY key;
1099 LONG rc;
1100
1101 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, 0, NULL);
1102 ok(!store && GetLastError() == ERROR_FILE_NOT_FOUND,
1103 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1104 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
1105 CERT_SYSTEM_STORE_LOCAL_MACHINE | CERT_SYSTEM_STORE_CURRENT_USER, MyA);
1106 ok(!store && GetLastError() == ERROR_FILE_NOT_FOUND,
1107 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1108 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
1109 CERT_SYSTEM_STORE_LOCAL_MACHINE | CERT_SYSTEM_STORE_CURRENT_USER, MyW);
1110 ok(!store && GetLastError() == ERROR_FILE_NOT_FOUND,
1111 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1112 /* The name is expected to be UNICODE, first check with an ASCII name */
1113 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
1114 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_OPEN_EXISTING_FLAG, MyA);
1115 ok(!store && GetLastError() == ERROR_FILE_NOT_FOUND,
1116 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1117 /* Create the expected key */
1118 lstrcpyW(keyName, CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH);
1119 lstrcatW(keyName, baskslashW);
1120 lstrcatW(keyName, MyW);
1121 rc = RegCreateKeyExW(HKEY_CURRENT_USER, keyName, 0, NULL, 0, KEY_READ,
1122 NULL, &key, NULL);
1123 ok(!rc, "RegCreateKeyEx failed: %d\n", rc);
1124 if (!rc)
1125 RegCloseKey(key);
1126 /* Check opening with a UNICODE name, specifying the create new flag */
1127 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
1128 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_CREATE_NEW_FLAG, MyW);
1129 ok(!store && GetLastError() == ERROR_FILE_EXISTS,
1130 "Expected ERROR_FILE_EXISTS, got %08x\n", GetLastError());
1131 /* Now check opening with a UNICODE name, this time opening existing */
1132 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
1133 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_OPEN_EXISTING_FLAG, MyW);
1134 ok(store != 0, "CertOpenStore failed: %08x\n", GetLastError());
1135 if (store)
1136 {
1137 HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1138 CERT_STORE_CREATE_NEW_FLAG, NULL);
1139
1140 /* Check that it's a collection store */
1141 if (memStore)
1142 {
1143 if (pCertAddStoreToCollection)
1144 {
1145 BOOL ret = pCertAddStoreToCollection(store, memStore, 0, 0);
1146 /* FIXME: this'll fail on NT4, but what error will it give? */
1147 ok(ret, "CertAddStoreToCollection failed: %08x\n", GetLastError());
1148 }
1149 CertCloseStore(memStore, 0);
1150 }
1151 CertCloseStore(store, 0);
1152 }
1153
1154 /* Check opening a bogus store */
1155 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
1156 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_OPEN_EXISTING_FLAG, BogusW);
1157 ok((!store ||
1158 broken(store != 0)) && /* win9x */
1159 GetLastError() == ERROR_FILE_NOT_FOUND,
1160 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1161 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
1162 CERT_SYSTEM_STORE_CURRENT_USER, BogusW);
1163 ok(store != 0, "CertOpenStore failed: %08x\n", GetLastError());
1164 if (store)
1165 CertCloseStore(store, 0);
1166 /* Now check whether deleting is allowed */
1167 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
1168 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_DELETE_FLAG, BogusW);
1169 RegDeleteKeyW(HKEY_CURRENT_USER, BogusPathW);
1170 }
1171
1172 static const BYTE serializedStoreWithCertAndCRL[] = {
1173 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x20,0x00,0x00,0x00,0x01,0x00,0x00,
1174 0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,
1175 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1176 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,
1177 0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,
1178 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,
1179 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
1180 0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,
1181 0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,
1182 0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x21,0x00,0x00,0x00,0x01,0x00,
1183 0x00,0x00,0x47,0x00,0x00,0x00,0x30,0x45,0x30,0x2c,0x30,0x02,0x06,0x00,0x30,
1184 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1185 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1186 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00,0x03,0x11,
1187 0x00,0x0f,0x0e,0x0d,0x0c,0x0b,0x0a,0x09,0x08,0x07,0x06,0x05,0x04,0x03,0x02,
1188 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
1189
1190 static void testFileStore(void)
1191 {
1192 static const WCHAR szPrefix[] = { 'c','e','r',0 };
1193 static const WCHAR szDot[] = { '.',0 };
1194 WCHAR filename[MAX_PATH];
1195 HCERTSTORE store;
1196 BOOL ret;
1197 PCCERT_CONTEXT cert;
1198 HANDLE file;
1199
1200 if (!pCertControlStore)
1201 {
1202 win_skip("CertControlStore() is not available\n");
1203 return;
1204 }
1205
1206 store = CertOpenStore(CERT_STORE_PROV_FILE, 0, 0, 0, NULL);
1207 ok(!store && GetLastError() == ERROR_INVALID_HANDLE,
1208 "Expected ERROR_INVALID_HANDLE, got %08x\n", GetLastError());
1209
1210 if (!GetTempFileNameW(szDot, szPrefix, 0, filename))
1211 return;
1212
1213 DeleteFileW(filename);
1214 file = CreateFileW(filename, GENERIC_READ | GENERIC_WRITE, 0, NULL,
1215 CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
1216 if (file == INVALID_HANDLE_VALUE)
1217 return;
1218
1219 store = CertOpenStore(CERT_STORE_PROV_FILE, 0, 0, CERT_STORE_DELETE_FLAG,
1220 file);
1221 ok(!store && GetLastError() == E_INVALIDARG,
1222 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1223 store = CertOpenStore(CERT_STORE_PROV_FILE, 0, 0,
1224 CERT_FILE_STORE_COMMIT_ENABLE_FLAG | CERT_STORE_READONLY_FLAG, file);
1225 ok(!store && GetLastError() == E_INVALIDARG,
1226 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1227
1228 /* A "read-only" file store.. */
1229 store = CertOpenStore(CERT_STORE_PROV_FILE, 0, 0,
1230 CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, file);
1231 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1232 if (store)
1233 {
1234 DWORD size;
1235
1236 ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
1237 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
1238 /* apparently allows adding certificates.. */
1239 ok(ret, "CertAddEncodedCertificateToStore failed: %d\n", ret);
1240 /* but not commits.. */
1241 ret = pCertControlStore(store, 0, CERT_STORE_CTRL_COMMIT, NULL);
1242 ok(!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED,
1243 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1244 /* It still has certs in memory.. */
1245 cert = CertEnumCertificatesInStore(store, NULL);
1246 ok(cert != NULL, "CertEnumCertificatesInStore failed: %08x\n",
1247 GetLastError());
1248 CertFreeCertificateContext(cert);
1249 /* but the file size is still 0. */
1250 size = GetFileSize(file, NULL);
1251 ok(size == 0, "Expected size 0, got %d\n", size);
1252 CertCloseStore(store, 0);
1253 }
1254
1255 /* The create new flag is allowed.. */
1256 store = CertOpenStore(CERT_STORE_PROV_FILE, 0, 0,
1257 CERT_STORE_CREATE_NEW_FLAG, file);
1258 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1259 if (store)
1260 {
1261 /* but without the commit enable flag, commits don't happen. */
1262 ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
1263 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
1264 ok(ret, "CertAddEncodedCertificateToStore failed: %d\n", ret);
1265 ret = pCertControlStore(store, 0, CERT_STORE_CTRL_COMMIT, NULL);
1266 ok(!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED,
1267 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1268 CertCloseStore(store, 0);
1269 }
1270 /* as is the open existing flag. */
1271 store = CertOpenStore(CERT_STORE_PROV_FILE, 0, 0,
1272 CERT_STORE_OPEN_EXISTING_FLAG, file);
1273 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1274 if (store)
1275 {
1276 /* but without the commit enable flag, commits don't happen. */
1277 ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
1278 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
1279 ok(ret, "CertAddEncodedCertificateToStore failed: %d\n", ret);
1280 ret = pCertControlStore(store, 0, CERT_STORE_CTRL_COMMIT, NULL);
1281 ok(!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED,
1282 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1283 CertCloseStore(store, 0);
1284 }
1285 store = CertOpenStore(CERT_STORE_PROV_FILE, 0, 0,
1286 CERT_FILE_STORE_COMMIT_ENABLE_FLAG, file);
1287 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1288 if (store)
1289 {
1290 CloseHandle(file);
1291 ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
1292 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
1293 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1294 GetLastError());
1295 /* with commits enabled, commit is allowed */
1296 ret = pCertControlStore(store, 0, CERT_STORE_CTRL_COMMIT, NULL);
1297 ok(ret, "CertControlStore failed: %d\n", ret);
1298 compareFile(filename, serializedStoreWithCert,
1299 sizeof(serializedStoreWithCert));
1300 CertCloseStore(store, 0);
1301 }
1302 file = CreateFileW(filename, GENERIC_READ | GENERIC_WRITE, 0, NULL,
1303 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
1304 if (file == INVALID_HANDLE_VALUE)
1305 return;
1306 store = CertOpenStore(CERT_STORE_PROV_FILE, 0, 0,
1307 CERT_FILE_STORE_COMMIT_ENABLE_FLAG, file);
1308 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1309 if (store)
1310 {
1311 CloseHandle(file);
1312 ret = CertAddEncodedCRLToStore(store, X509_ASN_ENCODING, signedCRL,
1313 sizeof(signedCRL), CERT_STORE_ADD_ALWAYS, NULL);
1314 ok(ret, "CertAddEncodedCRLToStore failed: %08x\n", GetLastError());
1315 CertCloseStore(store, 0);
1316 compareFile(filename, serializedStoreWithCertAndCRL,
1317 sizeof(serializedStoreWithCertAndCRL));
1318 }
1319
1320 DeleteFileW(filename);
1321 }
1322
1323 static BOOL initFileFromData(LPCWSTR filename, const BYTE *pb, DWORD cb)
1324 {
1325 HANDLE file = CreateFileW(filename, GENERIC_READ | GENERIC_WRITE, 0, NULL,
1326 CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
1327 BOOL ret;
1328
1329 if (file != INVALID_HANDLE_VALUE)
1330 {
1331 DWORD written;
1332
1333 ret = WriteFile(file, pb, cb, &written, NULL);
1334 CloseHandle(file);
1335 }
1336 else
1337 ret = FALSE;
1338 return ret;
1339 }
1340
1341 static const BYTE base64SPC[] =
1342 "MIICJQYJKoZIhvcNAQcCoIICFjCCAhICAQExADALBgkqhkiG9w0BBwGgggH6MIIB"
1343 "9jCCAV+gAwIBAgIQnP8+EF4opr9OxH7h4uBPWTANBgkqhkiG9w0BAQQFADAUMRIw"
1344 "EAYDVQQDEwlKdWFuIExhbmcwHhcNMDgxMjEyMTcxMDE0WhcNMzkxMjMxMjM1OTU5"
1345 "WjAUMRIwEAYDVQQDEwlKdWFuIExhbmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ"
1346 "AoGBALCgNjyNvOic0FOfjxvi43HbM+D5joDkhiGSXe+gbZlf8f16k07kkObFEunz"
1347 "mdB5coscmA7gyqiWNN4ZUyr2cA3lCbnpGPA/0IblyyOcuGIFmmCzeZaVa5ZG6xZP"
1348 "K7L7o+73Qo6jXVbGhBGnMZ7Q9sAn6s2933olnStnejnqwV0NAgMBAAGjSTBHMEUG"
1349 "A1UdAQQ+MDyAEFKbKEdXYyx+CWKcV6vxM6ShFjAUMRIwEAYDVQQDEwlKdWFuIExh"
1350 "bmeCEJz/PhBeKKa/TsR+4eLgT1kwDQYJKoZIhvcNAQEEBQADgYEALpkgLgW3mEaK"
1351 "idPQ3iPJYLG0Ub1wraqEl9bd42hrhzIdcDzlQgxnm8/5cHYVxIF/C20x/HJplb1R"
1352 "G6U1ipFe/q8byWD/9JpiBKMGPi9YlUTgXHfS9d4S/QWO1h9Z7KeipBYhoslQpHXu"
1353 "y9bUr8Adqi6SzgHpCnMu53dxgxUD1r4xAA==";
1354 /* Same as base64SPC, but as a wide-char string */
1355 static const WCHAR utf16Base64SPC[] = {
1356 'M','I','I','C','J','Q','Y','J','K','o','Z','I','h','v','c','N','A',
1357 'Q','c','C','o','I','I','C','F','j','C','C','A','h','I','C','A','Q',
1358 'E','x','A','D','A','L','B','g','k','q','h','k','i','G','9','w','0',
1359 'B','B','w','G','g','g','g','H','6','M','I','I','B','9','j','C','C',
1360 'A','V','+','g','A','w','I','B','A','g','I','Q','n','P','8','+','E',
1361 'F','4','o','p','r','9','O','x','H','7','h','4','u','B','P','W','T',
1362 'A','N','B','g','k','q','h','k','i','G','9','w','0','B','A','Q','Q',
1363 'F','A','D','A','U','M','R','I','w','E','A','Y','D','V','Q','Q','D',
1364 'E','w','l','K','d','W','F','u','I','E','x','h','b','m','c','w','H',
1365 'h','c','N','M','D','g','x','M','j','E','y','M','T','c','x','M','D',
1366 'E','0','W','h','c','N','M','z','k','x','M','j','M','x','M','j','M',
1367 '1','O','T','U','5','W','j','A','U','M','R','I','w','E','A','Y','D',
1368 'V','Q','Q','D','E','w','l','K','d','W','F','u','I','E','x','h','b',
1369 'm','c','w','g','Z','8','w','D','Q','Y','J','K','o','Z','I','h','v',
1370 'c','N','A','Q','E','B','B','Q','A','D','g','Y','0','A','M','I','G',
1371 'J','A','o','G','B','A','L','C','g','N','j','y','N','v','O','i','c',
1372 '0','F','O','f','j','x','v','i','4','3','H','b','M','+','D','5','j',
1373 'o','D','k','h','i','G','S','X','e','+','g','b','Z','l','f','8','f',
1374 '1','6','k','0','7','k','k','O','b','F','E','u','n','z','m','d','B',
1375 '5','c','o','s','c','m','A','7','g','y','q','i','W','N','N','4','Z',
1376 'U','y','r','2','c','A','3','l','C','b','n','p','G','P','A','/','0',
1377 'I','b','l','y','y','O','c','u','G','I','F','m','m','C','z','e','Z',
1378 'a','V','a','5','Z','G','6','x','Z','P','K','7','L','7','o','+','7',
1379 '3','Q','o','6','j','X','V','b','G','h','B','G','n','M','Z','7','Q',
1380 '9','s','A','n','6','s','2','9','3','3','o','l','n','S','t','n','e',
1381 'j','n','q','w','V','0','N','A','g','M','B','A','A','G','j','S','T',
1382 'B','H','M','E','U','G','A','1','U','d','A','Q','Q','+','M','D','y',
1383 'A','E','F','K','b','K','E','d','X','Y','y','x','+','C','W','K','c',
1384 'V','6','v','x','M','6','S','h','F','j','A','U','M','R','I','w','E',
1385 'A','Y','D','V','Q','Q','D','E','w','l','K','d','W','F','u','I','E',
1386 'x','h','b','m','e','C','E','J','z','/','P','h','B','e','K','K','a',
1387 '/','T','s','R','+','4','e','L','g','T','1','k','w','D','Q','Y','J',
1388 'K','o','Z','I','h','v','c','N','A','Q','E','E','B','Q','A','D','g',
1389 'Y','E','A','L','p','k','g','L','g','W','3','m','E','a','K','i','d',
1390 'P','Q','3','i','P','J','Y','L','G','0','U','b','1','w','r','a','q',
1391 'E','l','9','b','d','4','2','h','r','h','z','I','d','c','D','z','l',
1392 'Q','g','x','n','m','8','/','5','c','H','Y','V','x','I','F','/','C',
1393 '2','0','x','/','H','J','p','l','b','1','R','G','6','U','1','i','p',
1394 'F','e','/','q','8','b','y','W','D','/','9','J','p','i','B','K','M',
1395 'G','P','i','9','Y','l','U','T','g','X','H','f','S','9','d','4','S',
1396 '/','Q','W','O','1','h','9','Z','7','K','e','i','p','B','Y','h','o',
1397 's','l','Q','p','H','X','u','y','9','b','U','r','8','A','d','q','i',
1398 '6','S','z','g','H','p','C','n','M','u','5','3','d','x','g','x','U',
1399 'D','1','r','4','x','A','A','=','=',0 };
1400
1401 static void testFileNameStore(void)
1402 {
1403 static const WCHAR szPrefix[] = { 'c','e','r',0 };
1404 static const WCHAR spcPrefix[] = { 's','p','c',0 };
1405 static const WCHAR szDot[] = { '.',0 };
1406 WCHAR filename[MAX_PATH];
1407 HCERTSTORE store;
1408 BOOL ret;
1409 DWORD GLE;
1410
1411 if (0)
1412 {
1413 /* Crashes on NT4 */
1414 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0, 0, NULL);
1415 GLE = GetLastError();
1416 ok(!store && (GLE == ERROR_PATH_NOT_FOUND || GLE == ERROR_INVALID_PARAMETER),
1417 "Expected ERROR_PATH_NOT_FOUND or ERROR_INVALID_PARAMETER, got %08x\n",
1418 GLE);
1419 }
1420
1421 if (!GetTempFileNameW(szDot, szPrefix, 0, filename))
1422 return;
1423 DeleteFileW(filename);
1424
1425 /* The two flags are mutually exclusive */
1426 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0,
1427 CERT_FILE_STORE_COMMIT_ENABLE_FLAG | CERT_STORE_READONLY_FLAG, filename);
1428 ok(!store && GetLastError() == E_INVALIDARG,
1429 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1430
1431 /* In all of the following tests, the encoding type seems to be ignored */
1432 if (initFileFromData(filename, bigCert, sizeof(bigCert)))
1433 {
1434 PCCERT_CONTEXT cert;
1435 PCCRL_CONTEXT crl;
1436
1437 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0,
1438 CERT_STORE_READONLY_FLAG, filename);
1439 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1440
1441 cert = CertEnumCertificatesInStore(store, NULL);
1442 ok(cert != NULL, "CertEnumCertificatesInStore failed: %08x\n",
1443 GetLastError());
1444 cert = CertEnumCertificatesInStore(store, cert);
1445 ok(!cert, "Expected only one cert\n");
1446 if (pCertEnumCRLsInStore)
1447 {
1448 crl = pCertEnumCRLsInStore(store, NULL);
1449 ok(!crl, "Expected no CRLs\n");
1450 }
1451
1452 CertCloseStore(store, 0);
1453 DeleteFileW(filename);
1454 }
1455 if (initFileFromData(filename, serializedStoreWithCert,
1456 sizeof(serializedStoreWithCert)))
1457 {
1458 PCCERT_CONTEXT cert;
1459 PCCRL_CONTEXT crl;
1460
1461 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0,
1462 CERT_STORE_READONLY_FLAG, filename);
1463 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1464
1465 cert = CertEnumCertificatesInStore(store, NULL);
1466 ok(cert != NULL, "CertEnumCertificatesInStore failed: %08x\n",
1467 GetLastError());
1468 cert = CertEnumCertificatesInStore(store, cert);
1469 ok(!cert, "Expected only one cert\n");
1470 if (pCertEnumCRLsInStore)
1471 {
1472 crl = pCertEnumCRLsInStore(store, NULL);
1473 ok(!crl, "Expected no CRLs\n");
1474 }
1475
1476 CertCloseStore(store, 0);
1477 DeleteFileW(filename);
1478 }
1479 if (initFileFromData(filename, serializedStoreWithCertAndCRL,
1480 sizeof(serializedStoreWithCertAndCRL)))
1481 {
1482 PCCERT_CONTEXT cert;
1483 PCCRL_CONTEXT crl;
1484
1485 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0,
1486 CERT_STORE_READONLY_FLAG, filename);
1487 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1488
1489 cert = CertEnumCertificatesInStore(store, NULL);
1490 ok(cert != NULL, "CertEnumCertificatesInStore failed: %08x\n",
1491 GetLastError());
1492 cert = CertEnumCertificatesInStore(store, cert);
1493 ok(!cert, "Expected only one cert\n");
1494 if (pCertEnumCRLsInStore)
1495 {
1496 crl = pCertEnumCRLsInStore(store, NULL);
1497 ok(crl != NULL, "CertEnumCRLsInStore failed: %08x\n", GetLastError());
1498 crl = pCertEnumCRLsInStore(store, crl);
1499 ok(!crl, "Expected only one CRL\n");
1500 }
1501
1502 CertCloseStore(store, 0);
1503 /* Don't delete it this time, the next test uses it */
1504 }
1505 /* Now that the file exists, we can open it read-only */
1506 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0,
1507 CERT_STORE_READONLY_FLAG, filename);
1508 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1509 CertCloseStore(store, 0);
1510 DeleteFileW(filename);
1511
1512 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0,
1513 CERT_FILE_STORE_COMMIT_ENABLE_FLAG | CERT_STORE_CREATE_NEW_FLAG, filename);
1514 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1515 if (store)
1516 {
1517 ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
1518 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
1519 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1520 GetLastError());
1521 CertCloseStore(store, 0);
1522 compareFile(filename, serializedStoreWithCert,
1523 sizeof(serializedStoreWithCert));
1524 }
1525 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0,
1526 CERT_FILE_STORE_COMMIT_ENABLE_FLAG, filename);
1527 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1528 if (store)
1529 {
1530 ret = CertAddEncodedCRLToStore(store, X509_ASN_ENCODING,
1531 signedCRL, sizeof(signedCRL), CERT_STORE_ADD_ALWAYS, NULL);
1532 ok(ret, "CertAddEncodedCRLToStore failed: %08x\n", GetLastError());
1533 CertCloseStore(store, 0);
1534 compareFile(filename, serializedStoreWithCertAndCRL,
1535 sizeof(serializedStoreWithCertAndCRL));
1536 }
1537 DeleteFileW(filename);
1538
1539 if (!GetTempFileNameW(szDot, spcPrefix, 0, filename))
1540 return;
1541 DeleteFileW(filename);
1542
1543 if (initFileFromData(filename, base64SPC, sizeof(base64SPC)))
1544 {
1545 PCCERT_CONTEXT cert;
1546 PCCRL_CONTEXT crl;
1547
1548 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0,
1549 CERT_STORE_READONLY_FLAG, filename);
1550 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1551
1552 cert = CertEnumCertificatesInStore(store, NULL);
1553 ok(cert != NULL, "CertEnumCertificatesInStore failed: %08x\n",
1554 GetLastError());
1555 cert = CertEnumCertificatesInStore(store, cert);
1556 ok(!cert, "Expected only one cert\n");
1557 if (pCertEnumCRLsInStore)
1558 {
1559 crl = pCertEnumCRLsInStore(store, NULL);
1560 ok(!crl, "Expected no CRLs\n");
1561 }
1562
1563 CertCloseStore(store, 0);
1564 DeleteFileW(filename);
1565 }
1566 if (initFileFromData(filename, (BYTE *)utf16Base64SPC,
1567 sizeof(utf16Base64SPC)))
1568 {
1569 PCCERT_CONTEXT cert;
1570 PCCRL_CONTEXT crl;
1571
1572 store = CertOpenStore(CERT_STORE_PROV_FILENAME_W, 0, 0,
1573 CERT_STORE_READONLY_FLAG, filename);
1574 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1575
1576 cert = CertEnumCertificatesInStore(store, NULL);
1577 ok(cert != NULL, "CertEnumCertificatesInStore failed: %08x\n",
1578 GetLastError());
1579 cert = CertEnumCertificatesInStore(store, cert);
1580 ok(!cert, "Expected only one cert\n");
1581 if (pCertEnumCRLsInStore)
1582 {
1583 crl = pCertEnumCRLsInStore(store, NULL);
1584 ok(!crl, "Expected no CRLs\n");
1585 }
1586
1587 CertCloseStore(store, 0);
1588 DeleteFileW(filename);
1589 }
1590 }
1591
1592 static const BYTE signedContent[] = {
1593 0x30,0x81,0xb2,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0,
1594 0x81,0xa4,0x30,0x81,0xa1,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,
1595 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,
1596 0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,
1597 0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,
1598 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1599 0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1600 0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,
1601 0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,
1602 0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,
1603 0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,
1604 0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,
1605 0x0d };
1606 static const BYTE signedWithCertAndCrlBareContent[] = {
1607 0x30,0x82,0x01,0x4f,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,
1608 0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,
1609 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0xa0,
1610 0x7c,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
1611 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1612 0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
1613 0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1614 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
1615 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1616 0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,
1617 0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,
1618 0x01,0xff,0x02,0x01,0x01,0xa1,0x2e,0x30,0x2c,0x30,0x02,0x06,0x00,0x30,0x15,
1619 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
1620 0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
1621 0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x31,0x77,0x30,0x75,0x02,0x01,0x01,
1622 0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,
1623 0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,
1624 0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,
1625 0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,
1626 0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,
1627 0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,
1628 0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,
1629 0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1630 static const BYTE hashContent[] = {
1631 0x30,0x47,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x05,0xa0,0x3a,
1632 0x30,0x38,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1633 0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
1634 0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x04,0x10,0x08,0xd6,0xc0,
1635 0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
1636 static const BYTE hashBareContent[] = {
1637 0x30,0x38,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1638 0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
1639 0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x04,0x10,0x08,0xd6,0xc0,
1640 0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
1641
1642 static void testMessageStore(void)
1643 {
1644 HCERTSTORE store;
1645 HCRYPTMSG msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL,
1646 NULL);
1647 CRYPT_DATA_BLOB blob = { sizeof(signedWithCertAndCrlBareContent),
1648 (LPBYTE)signedWithCertAndCrlBareContent };
1649 DWORD count, size;
1650 BOOL ret;
1651
1652 /* Crashes
1653 store = CertOpenStore(CERT_STORE_PROV_MSG, 0, 0, 0, NULL);
1654 */
1655 SetLastError(0xdeadbeef);
1656 store = CertOpenStore(CERT_STORE_PROV_MSG, 0, 0, 0, msg);
1657 ok(!store && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
1658 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
1659 CryptMsgUpdate(msg, signedContent, sizeof(signedContent), TRUE);
1660 store = CertOpenStore(CERT_STORE_PROV_MSG, 0, 0, 0, msg);
1661 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1662 if (store)
1663 {
1664 PCCERT_CONTEXT cert = NULL;
1665 PCCRL_CONTEXT crl = NULL;
1666
1667 count = 0;
1668 do {
1669 cert = CertEnumCertificatesInStore(store, cert);
1670 if (cert)
1671 count++;
1672 } while (cert);
1673 ok(count == 0, "Expected 0 certificates, got %d\n", count);
1674
1675 if (pCertEnumCRLsInStore)
1676 {
1677 count = 0;
1678 do {
1679 crl = pCertEnumCRLsInStore(store, crl);
1680 if (crl)
1681 count++;
1682 } while (crl);
1683 ok(count == 0, "Expected 0 CRLs, got %d\n", count);
1684 }
1685
1686 /* Can add certs to a message store */
1687 ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
1688 bigCert, sizeof(bigCert), CERT_STORE_ADD_ALWAYS, NULL);
1689 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1690 GetLastError());
1691 count = 0;
1692 do {
1693 cert = CertEnumCertificatesInStore(store, cert);
1694 if (cert)
1695 count++;
1696 } while (cert);
1697 ok(count == 1, "Expected 1 certificate, got %d\n", count);
1698
1699 CertCloseStore(store, 0);
1700 }
1701 /* but the added certs weren't actually added to the message */
1702 size = sizeof(count);
1703 ret = CryptMsgGetParam(msg, CMSG_CERT_COUNT_PARAM, 0, &count, &size);
1704 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
1705 ok(count == 0, "Expected 0 certificates, got %d\n", count);
1706 CryptMsgClose(msg);
1707
1708 /* Crashes
1709 store = CertOpenStore(CERT_STORE_PROV_PKCS7, 0, 0, 0, NULL);
1710 */
1711 store = CertOpenStore(CERT_STORE_PROV_PKCS7, 0, 0, 0, &blob);
1712 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1713 if (store)
1714 {
1715 DWORD count = 0;
1716 PCCERT_CONTEXT cert = NULL;
1717 PCCRL_CONTEXT crl = NULL;
1718
1719 do {
1720 cert = CertEnumCertificatesInStore(store, cert);
1721 if (cert)
1722 count++;
1723 } while (cert);
1724 ok(count == 1, "Expected 1 certificate, got %d\n", count);
1725
1726 if (pCertEnumCRLsInStore)
1727 {
1728 count = 0;
1729 do {
1730 crl = pCertEnumCRLsInStore(store, crl);
1731 if (crl)
1732 count++;
1733 } while (crl);
1734 ok(count == 1, "Expected 1 CRL, got %d\n", count);
1735 }
1736 CertCloseStore(store, 0);
1737 }
1738 /* Encoding appears to be ignored */
1739 store = CertOpenStore(CERT_STORE_PROV_PKCS7, X509_ASN_ENCODING, 0, 0,
1740 &blob);
1741 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1742 if (store)
1743 CertCloseStore(store, 0);
1744 /* Messages other than signed messages aren't allowed */
1745 blob.cbData = sizeof(hashContent);
1746 blob.pbData = (LPBYTE)hashContent;
1747 SetLastError(0xdeadbeef);
1748 store = CertOpenStore(CERT_STORE_PROV_PKCS7, 0, 0, 0, &blob);
1749 ok(!store && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
1750 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
1751 blob.cbData = sizeof(hashBareContent);
1752 blob.pbData = (LPBYTE)hashBareContent;
1753 SetLastError(0xdeadbeef);
1754 store = CertOpenStore(CERT_STORE_PROV_PKCS7, 0, 0, 0, &blob);
1755 ok(!store &&
1756 (GetLastError() == CRYPT_E_ASN1_BADTAG ||
1757 GetLastError() == OSS_DATA_ERROR), /* win9x */
1758 "Expected CRYPT_E_ASN1_BADTAG, got %08x\n", GetLastError());
1759 }
1760
1761 static void testCertOpenSystemStore(void)
1762 {
1763 HCERTSTORE store;
1764
1765 store = CertOpenSystemStoreW(0, NULL);
1766 ok(!store && GetLastError() == E_INVALIDARG,
1767 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1768 /* This succeeds, and on WinXP at least, the Bogus key is created under
1769 * HKCU (but not under HKLM, even when run as an administrator.)
1770 */
1771 store = CertOpenSystemStoreW(0, BogusW);
1772 ok(store != 0, "CertOpenSystemStore failed: %08x\n", GetLastError());
1773 if (store)
1774 CertCloseStore(store, 0);
1775 /* Delete it so other tests succeed next time around */
1776 store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0,
1777 CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_DELETE_FLAG, BogusW);
1778 RegDeleteKeyW(HKEY_CURRENT_USER, BogusPathW);
1779 }
1780
1781 struct EnumSystemStoreInfo
1782 {
1783 BOOL goOn;
1784 DWORD storeCount;
1785 };
1786
1787 static BOOL CALLBACK enumSystemStoreCB(const void *systemStore, DWORD dwFlags,
1788 PCERT_SYSTEM_STORE_INFO pStoreInfo, void *pvReserved, void *pvArg)
1789 {
1790 struct EnumSystemStoreInfo *info = pvArg;
1791
1792 info->storeCount++;
1793 return info->goOn;
1794 }
1795
1796 static void testCertEnumSystemStore(void)
1797 {
1798 BOOL ret;
1799 struct EnumSystemStoreInfo info = { FALSE, 0 };
1800
1801 if (!pCertEnumSystemStore)
1802 {
1803 win_skip("CertEnumSystemStore() is not available\n");
1804 return;
1805 }
1806
1807 SetLastError(0xdeadbeef);
1808 ret = pCertEnumSystemStore(0, NULL, NULL, NULL);
1809 ok(!ret && GetLastError() == ERROR_FILE_NOT_FOUND,
1810 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1811 /* Crashes
1812 ret = pCertEnumSystemStore(CERT_SYSTEM_STORE_LOCAL_MACHINE, NULL, NULL,
1813 NULL);
1814 */
1815
1816 SetLastError(0xdeadbeef);
1817 ret = pCertEnumSystemStore(CERT_SYSTEM_STORE_LOCAL_MACHINE, NULL, &info,
1818 enumSystemStoreCB);
1819 /* Callback returning FALSE stops enumeration */
1820 ok(!ret, "Expected CertEnumSystemStore to stop\n");
1821 ok(info.storeCount == 0 || info.storeCount == 1,
1822 "Expected 0 or 1 stores\n");
1823
1824 info.goOn = TRUE;
1825 info.storeCount = 0;
1826 ret = pCertEnumSystemStore(CERT_SYSTEM_STORE_LOCAL_MACHINE, NULL, &info,
1827 enumSystemStoreCB);
1828 ok(ret, "CertEnumSystemStore failed: %08x\n", GetLastError());
1829 /* There should always be at least My, Root, and CA stores */
1830 ok(info.storeCount == 0 || info.storeCount >= 3,
1831 "Expected at least 3 stores\n");
1832 }
1833
1834 static void testStoreProperty(void)
1835 {
1836 HCERTSTORE store;
1837 BOOL ret;
1838 DWORD propID, size = 0, state;
1839 CRYPT_DATA_BLOB blob;
1840
1841 if (!pCertGetStoreProperty || !pCertSetStoreProperty)
1842 {
1843 win_skip("CertGet/SetStoreProperty() is not available\n");
1844 return;
1845 }
1846
1847 /* Crash
1848 ret = pCertGetStoreProperty(NULL, 0, NULL, NULL);
1849 ret = pCertGetStoreProperty(NULL, 0, NULL, &size);
1850 ret = pCertGetStoreProperty(store, 0, NULL, NULL);
1851 */
1852
1853 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1854 CERT_STORE_CREATE_NEW_FLAG, NULL);
1855 /* Check a missing prop ID */
1856 SetLastError(0xdeadbeef);
1857 ret = pCertGetStoreProperty(store, 0, NULL, &size);
1858 ok(!ret && GetLastError() == CRYPT_E_NOT_FOUND,
1859 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1860 /* Contrary to MSDN, CERT_ACCESS_STATE_PROP_ID is supported for stores.. */
1861 size = sizeof(state);
1862 ret = pCertGetStoreProperty(store, CERT_ACCESS_STATE_PROP_ID, &state, &size);
1863 ok(ret, "CertGetStoreProperty failed for CERT_ACCESS_STATE_PROP_ID: %08x\n",
1864 GetLastError());
1865 ok(!state, "Expected a non-persisted store\n");
1866 /* and CERT_STORE_LOCALIZED_NAME_PROP_ID isn't supported by default. */
1867 size = 0;
1868 ret = pCertGetStoreProperty(store, CERT_STORE_LOCALIZED_NAME_PROP_ID, NULL,
1869 &size);
1870 ok(!ret && GetLastError() == CRYPT_E_NOT_FOUND,
1871 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1872 /* Delete an arbitrary property on a store */
1873 ret = pCertSetStoreProperty(store, CERT_FIRST_USER_PROP_ID, 0, NULL);
1874 ok(ret, "CertSetStoreProperty failed: %08x\n", GetLastError());
1875 /* Set an arbitrary property on a store */
1876 blob.pbData = (LPBYTE)&state;
1877 blob.cbData = sizeof(state);
1878 ret = pCertSetStoreProperty(store, CERT_FIRST_USER_PROP_ID, 0, &blob);
1879 ok(ret, "CertSetStoreProperty failed: %08x\n", GetLastError());
1880 /* Get an arbitrary property that's been set */
1881 ret = pCertGetStoreProperty(store, CERT_FIRST_USER_PROP_ID, NULL, &size);
1882 ok(ret, "CertGetStoreProperty failed: %08x\n", GetLastError());
1883 ok(size == sizeof(state), "Unexpected data size %d\n", size);
1884 ret = pCertGetStoreProperty(store, CERT_FIRST_USER_PROP_ID, &propID, &size);
1885 ok(ret, "CertGetStoreProperty failed: %08x\n", GetLastError());
1886 ok(propID == state, "CertGetStoreProperty got the wrong value\n");
1887 /* Delete it again */
1888 ret = pCertSetStoreProperty(store, CERT_FIRST_USER_PROP_ID, 0, NULL);
1889 ok(ret, "CertSetStoreProperty failed: %08x\n", GetLastError());
1890 /* And check that it's missing */
1891 SetLastError(0xdeadbeef);
1892 ret = pCertGetStoreProperty(store, CERT_FIRST_USER_PROP_ID, NULL, &size);
1893 ok(!ret && GetLastError() == CRYPT_E_NOT_FOUND,
1894 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1895 CertCloseStore(store, 0);
1896
1897 /* Recheck on the My store.. */
1898 store = CertOpenSystemStoreW(0, MyW);
1899 size = sizeof(state);
1900 ret = pCertGetStoreProperty(store, CERT_ACCESS_STATE_PROP_ID, &state, &size);
1901 ok(ret, "CertGetStoreProperty failed for CERT_ACCESS_STATE_PROP_ID: %08x\n",
1902 GetLastError());
1903 ok(state, "Expected a persisted store\n");
1904 SetLastError(0xdeadbeef);
1905 size = 0;
1906 ret = pCertGetStoreProperty(store, CERT_STORE_LOCALIZED_NAME_PROP_ID, NULL,
1907 &size);
1908 ok(!ret && GetLastError() == CRYPT_E_NOT_FOUND,
1909 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1910 CertCloseStore(store, 0);
1911 }
1912
1913 static void testAddSerialized(void)
1914 {
1915 BOOL ret;
1916 HCERTSTORE store;
1917 BYTE buf[sizeof(struct CertPropIDHeader) * 2 + 20 + sizeof(bigCert)] =
1918 { 0 };
1919 BYTE hash[20];
1920 struct CertPropIDHeader *hdr;
1921 PCCERT_CONTEXT context;
1922
1923 ret = CertAddSerializedElementToStore(0, NULL, 0, 0, 0, 0, NULL, NULL);
1924 ok(!ret && GetLastError() == ERROR_END_OF_MEDIA,
1925 "Expected ERROR_END_OF_MEDIA, got %08x\n", GetLastError());
1926
1927 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1928 CERT_STORE_CREATE_NEW_FLAG, NULL);
1929 ok(store != 0, "CertOpenStore failed: %08x\n", GetLastError());
1930
1931 ret = CertAddSerializedElementToStore(store, NULL, 0, 0, 0, 0, NULL, NULL);
1932 ok(!ret && GetLastError() == ERROR_END_OF_MEDIA,
1933 "Expected ERROR_END_OF_MEDIA, got %08x\n", GetLastError());
1934
1935 /* Test with an empty property */
1936 hdr = (struct CertPropIDHeader *)buf;
1937 hdr->propID = CERT_CERT_PROP_ID;
1938 hdr->unknown1 = 1;
1939 hdr->cb = 0;
1940 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf), 0, 0, 0,
1941 NULL, NULL);
1942 ok(!ret && GetLastError() == E_INVALIDARG,
1943 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1944 /* Test with a bad size in property header */
1945 hdr->cb = sizeof(bigCert) - 1;
1946 memcpy(buf + sizeof(struct CertPropIDHeader), bigCert, sizeof(bigCert));
1947 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf), 0, 0, 0,
1948 NULL, NULL);
1949 ok(!ret && GetLastError() == E_INVALIDARG,
1950 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1951 ret = CertAddSerializedElementToStore(store, buf,
1952 sizeof(struct CertPropIDHeader) + sizeof(bigCert), 0, 0, 0, NULL,
1953 NULL);
1954 ok(!ret && GetLastError() == E_INVALIDARG,
1955 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1956 ret = CertAddSerializedElementToStore(store, buf,
1957 sizeof(struct CertPropIDHeader) + sizeof(bigCert), CERT_STORE_ADD_NEW,
1958 0, 0, NULL, NULL);
1959 ok(!ret && GetLastError() == E_INVALIDARG,
1960 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1961 /* Kosher size in property header, but no context type */
1962 hdr->cb = sizeof(bigCert);
1963 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf), 0, 0, 0,
1964 NULL, NULL);
1965 ok(!ret && GetLastError() == E_INVALIDARG,
1966 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1967 ret = CertAddSerializedElementToStore(store, buf,
1968 sizeof(struct CertPropIDHeader) + sizeof(bigCert), 0, 0, 0, NULL,
1969 NULL);
1970 ok(!ret && GetLastError() == E_INVALIDARG,
1971 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1972 ret = CertAddSerializedElementToStore(store, buf,
1973 sizeof(struct CertPropIDHeader) + sizeof(bigCert), CERT_STORE_ADD_NEW,
1974 0, 0, NULL, NULL);
1975 ok(!ret && GetLastError() == E_INVALIDARG,
1976 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1977 /* With a bad context type */
1978 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf), 0, 0,
1979 CERT_STORE_CRL_CONTEXT_FLAG, NULL, NULL);
1980 ok(!ret && GetLastError() == E_INVALIDARG,
1981 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1982 ret = CertAddSerializedElementToStore(store, buf,
1983 sizeof(struct CertPropIDHeader) + sizeof(bigCert), 0, 0,
1984 CERT_STORE_CRL_CONTEXT_FLAG, NULL, NULL);
1985 ok(!ret && GetLastError() == E_INVALIDARG,
1986 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1987 ret = CertAddSerializedElementToStore(store, buf,
1988 sizeof(struct CertPropIDHeader) + sizeof(bigCert), CERT_STORE_ADD_NEW,
1989 0, CERT_STORE_CRL_CONTEXT_FLAG, NULL, NULL);
1990 ok(!ret && GetLastError() == E_INVALIDARG,
1991 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1992 /* Bad unknown field, good type */
1993 hdr->unknown1 = 2;
1994 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf), 0, 0,
1995 CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
1996 ok(!ret && GetLastError() == ERROR_FILE_NOT_FOUND,
1997 "Expected ERROR_FILE_NOT_FOUND got %08x\n", GetLastError());
1998 ret = CertAddSerializedElementToStore(store, buf,
1999 sizeof(struct CertPropIDHeader) + sizeof(bigCert), 0, 0,
2000 CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2001 ok(!ret && GetLastError() == ERROR_FILE_NOT_FOUND,
2002 "Expected ERROR_FILE_NOT_FOUND got %08x\n", GetLastError());
2003 ret = CertAddSerializedElementToStore(store, buf,
2004 sizeof(struct CertPropIDHeader) + sizeof(bigCert), CERT_STORE_ADD_NEW,
2005 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2006 ok(!ret && GetLastError() == ERROR_FILE_NOT_FOUND,
2007 "Expected ERROR_FILE_NOT_FOUND got %08x\n", GetLastError());
2008 /* Most everything okay, but bad add disposition */
2009 hdr->unknown1 = 1;
2010 /* This crashes
2011 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf), 0, 0,
2012 CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2013 * as does this
2014 ret = CertAddSerializedElementToStore(store, buf,
2015 sizeof(struct CertPropIDHeader) + sizeof(bigCert), 0, 0,
2016 CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2017 */
2018 /* Everything okay, but buffer's too big */
2019 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf),
2020 CERT_STORE_ADD_NEW, 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2021 ok(ret, "CertAddSerializedElementToStore failed: %08x\n", GetLastError());
2022 /* Everything okay, check it's not re-added */
2023 ret = CertAddSerializedElementToStore(store, buf,
2024 sizeof(struct CertPropIDHeader) + sizeof(bigCert), CERT_STORE_ADD_NEW,
2025 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2026 ok(!ret && GetLastError() == CRYPT_E_EXISTS,
2027 "Expected CRYPT_E_EXISTS, got %08x\n", GetLastError());
2028
2029 context = CertEnumCertificatesInStore(store, NULL);
2030 ok(context != NULL, "Expected a cert\n");
2031 if (context)
2032 CertDeleteCertificateFromStore(context);
2033
2034 /* Try adding with a bogus hash. Oddly enough, it succeeds, and the hash,
2035 * when queried, is the real hash rather than the bogus hash.
2036 */
2037 hdr = (struct CertPropIDHeader *)(buf + sizeof(struct CertPropIDHeader) +
2038 sizeof(bigCert));
2039 hdr->propID = CERT_HASH_PROP_ID;
2040 hdr->unknown1 = 1;
2041 hdr->cb = sizeof(hash);
2042 memset(hash, 0xc, sizeof(hash));
2043 memcpy((LPBYTE)hdr + sizeof(struct CertPropIDHeader), hash, sizeof(hash));
2044 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf),
2045 CERT_STORE_ADD_NEW, 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL,
2046 (const void **)&context);
2047 ok(ret, "CertAddSerializedElementToStore failed: %08x\n", GetLastError());
2048 if (context)
2049 {
2050 BYTE hashVal[20], realHash[20];
2051 DWORD size = sizeof(hashVal);
2052
2053 ret = CryptHashCertificate(0, 0, 0, bigCert, sizeof(bigCert),
2054 realHash, &size);
2055 ok(ret, "CryptHashCertificate failed: %08x\n", GetLastError());
2056 ret = CertGetCertificateContextProperty(context, CERT_HASH_PROP_ID,
2057 hashVal, &size);
2058 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
2059 GetLastError());
2060 ok(!memcmp(hashVal, realHash, size), "Unexpected hash\n");
2061 CertFreeCertificateContext(context);
2062 }
2063
2064 CertCloseStore(store, 0);
2065 }
2066
2067 static DWORD countCertsInStore(HCERTSTORE store)
2068 {
2069 PCCERT_CONTEXT cert = NULL;
2070 DWORD certs = 0;
2071
2072 do {
2073 cert = CertEnumCertificatesInStore(store, cert);
2074 if (cert)
2075 certs++;
2076 } while (cert);
2077 return certs;
2078 }
2079
2080 static DWORD countCRLsInStore(HCERTSTORE store)
2081 {
2082 PCCRL_CONTEXT crl = NULL;
2083 DWORD crls = 0;
2084
2085 do {
2086 crl = pCertEnumCRLsInStore(store, crl);
2087 if (crl)
2088 crls++;
2089 } while (crl);
2090 return crls;
2091 }
2092
2093 static void test_I_UpdateStore(void)
2094 {
2095 HMODULE lib = GetModuleHandleA("crypt32");
2096 BOOL (WINAPI *pI_CertUpdatestore)(HCERTSTORE, HCERTSTORE, DWORD, DWORD) =
2097 (void *)GetProcAddress(lib, "I_CertUpdateStore");
2098 BOOL ret;
2099 HCERTSTORE store1, store2;
2100 PCCERT_CONTEXT cert;
2101 DWORD certs;
2102
2103 if (!pI_CertUpdatestore)
2104 {
2105 win_skip("No I_CertUpdateStore\n");
2106 return;
2107 }
2108 store1 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
2109 CERT_STORE_CREATE_NEW_FLAG, NULL);
2110 store2 = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
2111 CERT_STORE_CREATE_NEW_FLAG, NULL);
2112
2113 /* Crash
2114 ret = pI_CertUpdatestore(NULL, NULL, 0, 0);
2115 ret = pI_CertUpdatestore(store1, NULL, 0, 0);
2116 ret = pI_CertUpdatestore(NULL, store2, 0, 0);
2117 */
2118 ret = pI_CertUpdatestore(store1, store2, 0, 0);
2119 ok(ret, "I_CertUpdateStore failed: %08x\n", GetLastError());
2120
2121 CertAddEncodedCertificateToStore(store2, X509_ASN_ENCODING, bigCert,
2122 sizeof(bigCert), CERT_STORE_ADD_ALWAYS, &cert);
2123 /* I_CertUpdateStore adds the contexts from store2 to store1 */
2124 ret = pI_CertUpdatestore(store1, store2, 0, 0);
2125 ok(ret, "I_CertUpdateStore failed: %08x\n", GetLastError());
2126 certs = countCertsInStore(store1);
2127 ok(certs == 1, "Expected 1 cert, got %d\n", certs);
2128 /* Calling it a second time has no effect */
2129 ret = pI_CertUpdatestore(store1, store2, 0, 0);
2130 ok(ret, "I_CertUpdateStore failed: %08x\n", GetLastError());
2131 certs = countCertsInStore(store1);
2132 ok(certs == 1, "Expected 1 cert, got %d\n", certs);
2133
2134 /* The last parameters to I_CertUpdateStore appear to be ignored */
2135 ret = pI_CertUpdatestore(store1, store2, 1, 0);
2136 ok(ret, "I_CertUpdateStore failed: %08x\n", GetLastError());
2137 ret = pI_CertUpdatestore(store1, store2, 0, 1);
2138 ok(ret, "I_CertUpdateStore failed: %08x\n", GetLastError());
2139
2140 CertAddEncodedCRLToStore(store2, X509_ASN_ENCODING, signedCRL,
2141 sizeof(signedCRL), CERT_STORE_ADD_ALWAYS, NULL);
2142
2143 /* I_CertUpdateStore also adds the CRLs from store2 to store1 */
2144 ret = pI_CertUpdatestore(store1, store2, 0, 0);
2145 ok(ret, "I_CertUpdateStore failed: %08x\n", GetLastError());
2146 certs = countCertsInStore(store1);
2147 ok(certs == 1, "Expected 1 cert, got %d\n", certs);
2148 if (pCertEnumCRLsInStore)
2149 {
2150 certs = countCRLsInStore(store1);
2151 ok(certs == 1, "Expected 1 CRL, got %d\n", certs);
2152 }
2153
2154 CertDeleteCertificateFromStore(cert);
2155 /* If a context is deleted from store2, I_CertUpdateStore deletes it
2156 * from store1
2157 */
2158 ret = pI_CertUpdatestore(store1, store2, 0, 0);
2159 ok(ret, "I_CertUpdateStore failed: %08x\n", GetLastError());
2160 certs = countCertsInStore(store1);
2161 ok(certs == 0, "Expected 0 certs, got %d\n", certs);
2162
2163 CertCloseStore(store1, 0);
2164 CertCloseStore(store2, 0);
2165 }
2166
2167 START_TEST(store)
2168 {
2169 HMODULE hdll;
2170
2171 hdll = GetModuleHandleA("Crypt32.dll");
2172 pCertAddStoreToCollection = (void*)GetProcAddress(hdll, "CertAddStoreToCollection");
2173 pCertControlStore = (void*)GetProcAddress(hdll, "CertControlStore");
2174 pCertEnumCRLsInStore = (void*)GetProcAddress(hdll, "CertEnumCRLsInStore");
2175 pCertEnumSystemStore = (void*)GetProcAddress(hdll, "CertEnumSystemStore");
2176 pCertGetStoreProperty = (void*)GetProcAddress(hdll, "CertGetStoreProperty");
2177 pCertRemoveStoreFromCollection = (void*)GetProcAddress(hdll, "CertRemoveStoreFromCollection");
2178 pCertSetStoreProperty = (void*)GetProcAddress(hdll, "CertSetStoreProperty");
2179
2180 /* various combinations of CertOpenStore */
2181 testMemStore();
2182 testCollectionStore();
2183 testRegStore();
2184 testSystemRegStore();
2185 testSystemStore();
2186 testFileStore();
2187 testFileNameStore();
2188 testMessageStore();
2189
2190 testCertOpenSystemStore();
2191 testCertEnumSystemStore();
2192 testStoreProperty();
2193
2194 testAddSerialized();
2195
2196 test_I_UpdateStore();
2197 }
Quick hack tree for wine patches julliard doesn't want to commit