2 * crypt32 cert store function tests
4 * Copyright 2005-2006 Juan Lang
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
29 //#include <winerror.h>
32 #include <wine/test.h>
34 /* The following aren't defined in wincrypt.h, as they're "reserved" */
35 #define CERT_CERT_PROP_ID 32
36 #define CERT_CRL_PROP_ID 33
37 #define CERT_CTL_PROP_ID 34
39 struct CertPropIDHeader
46 static const BYTE emptyCert
[] = { 0x30, 0x00 };
47 static const BYTE bigCert
[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
48 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
49 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22,
50 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30,
51 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
52 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30,
53 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20,
54 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01,
55 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
56 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 };
57 static const BYTE signedBigCert
[] = {
58 0x30, 0x81, 0x93, 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06, 0x00, 0x30,
59 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a,
60 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22, 0x18, 0x0f,
61 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30,
62 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30,
63 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06,
64 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61,
65 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01, 0x00, 0xa3,
66 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
67 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
68 0x00, 0x03, 0x11, 0x00, 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08, 0x07,
69 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
70 static const BYTE serializedCert
[] = { 0x20, 0x00, 0x00, 0x00,
71 0x01, 0x00, 0x00, 0x00, 0x7c, 0x00, 0x00, 0x00, 0x30, 0x7a, 0x02, 0x01, 0x01,
72 0x30, 0x02, 0x06, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
73 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67,
74 0x00, 0x30, 0x22, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31,
75 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31,
76 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15,
77 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75,
78 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06,
79 0x00, 0x03, 0x01, 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
80 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02,
82 static const BYTE signedCRL
[] = { 0x30, 0x45, 0x30, 0x2c, 0x30, 0x02, 0x06,
83 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
84 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x18, 0x0f,
85 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30,
86 0x30, 0x5a, 0x30, 0x02, 0x06, 0x00, 0x03, 0x11, 0x00, 0x0f, 0x0e, 0x0d, 0x0c,
87 0x0b, 0x0a, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
88 static const BYTE bigCert2
[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
89 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
90 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22,
91 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30,
92 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
93 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30,
94 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20,
95 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01,
96 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
97 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 };
98 static const BYTE signedCTLWithCTLInnerContent
[] = {
99 0x30,0x82,0x01,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,
100 0xa0,0x82,0x01,0x00,0x30,0x81,0xfd,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,
101 0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x30,0x06,0x09,
102 0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x23,0x30,0x21,0x30,0x00,
103 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
104 0x30,0x5a,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,
105 0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,
106 0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,
107 0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
108 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,0x3b,0x30,0x18,0x06,0x09,0x2a,0x86,
109 0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,0x0b,0x06,0x09,0x2b,0x06,0x01,0x04,
110 0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
111 0x01,0x09,0x04,0x31,0x12,0x04,0x10,0x54,0x71,0xbc,0xe1,0x56,0x31,0xa2,0xf9,
112 0x65,0x70,0x34,0xf8,0xe2,0xe9,0xb4,0xf4,0x30,0x04,0x06,0x00,0x05,0x00,0x04,
113 0x40,0x2f,0x1b,0x9f,0x5a,0x4a,0x15,0x73,0xfa,0xb1,0x93,0x3d,0x09,0x52,0xdf,
114 0x6b,0x98,0x4b,0x13,0x5e,0xe7,0xbf,0x65,0xf4,0x9c,0xc2,0xb1,0x77,0x09,0xb1,
115 0x66,0x4d,0x72,0x0d,0xb1,0x1a,0x50,0x20,0xe0,0x57,0xa2,0x39,0xc7,0xcd,0x7f,
116 0x8e,0xe7,0x5f,0x76,0x2b,0xd1,0x6a,0x82,0xb3,0x30,0x25,0x61,0xf6,0x25,0x23,
117 0x57,0x6c,0x0b,0x47,0xb8 };
120 static BOOL (WINAPI
*pCertAddStoreToCollection
)(HCERTSTORE
,HCERTSTORE
,DWORD
,DWORD
);
121 static BOOL (WINAPI
*pCertControlStore
)(HCERTSTORE
,DWORD
,DWORD
,void const*);
122 static PCCRL_CONTEXT (WINAPI
*pCertEnumCRLsInStore
)(HCERTSTORE
,PCCRL_CONTEXT
);
123 static BOOL (WINAPI
*pCertEnumSystemStore
)(DWORD
,void*,void*,PFN_CERT_ENUM_SYSTEM_STORE
);
124 static BOOL (WINAPI
*pCertGetStoreProperty
)(HCERTSTORE
,DWORD
,void*,DWORD
*);
125 static void (WINAPI
*pCertRemoveStoreFromCollection
)(HCERTSTORE
,HCERTSTORE
);
126 static BOOL (WINAPI
*pCertSetStoreProperty
)(HCERTSTORE
,DWORD
,DWORD
,const void*);
127 static BOOL (WINAPI
*pCertAddCertificateLinkToStore
)(HCERTSTORE
,PCCERT_CONTEXT
,DWORD
,PCCERT_CONTEXT
*);
128 static BOOL (WINAPI
*pCertRegisterSystemStore
)(const void*,DWORD
,void*,void*);
129 static BOOL (WINAPI
*pCertUnregisterSystemStore
)(const void*,DWORD
);
131 #define test_store_is_empty(store) _test_store_is_empty(__LINE__,store)
132 static void _test_store_is_empty(unsigned line
, HCERTSTORE store
)
134 const CERT_CONTEXT
*cert
;
136 cert
= CertEnumCertificatesInStore(store
, NULL
);
137 ok_(__FILE__
,line
)(!cert
&& GetLastError() == CRYPT_E_NOT_FOUND
, "store is not empty\n");
140 static void testMemStore(void)
142 HCERTSTORE store1
, store2
;
143 PCCERT_CONTEXT context
;
148 store1
= CertOpenStore(0, 0, 0, 0, NULL
);
149 ok(!store1
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
150 "Expected ERROR_FILE_NOT_FOUND, got %d\n", GetLastError());
152 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
153 CERT_STORE_DELETE_FLAG
, NULL
);
154 ok(!store1
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
155 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %d\n", GetLastError());
158 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
159 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
160 ok(store1
!= NULL
, "CertOpenStore failed: %d\n", GetLastError());
161 /* open existing doesn't */
162 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
163 CERT_STORE_OPEN_EXISTING_FLAG
, NULL
);
164 ok(store2
!= NULL
, "CertOpenStore failed: %d\n", GetLastError());
165 ok(store1
!= store2
, "Expected different stores\n");
167 /* add a bogus (empty) cert */
169 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
, emptyCert
,
170 sizeof(emptyCert
), CERT_STORE_ADD_ALWAYS
, &context
);
171 /* Windows returns CRYPT_E_ASN1_EOD or OSS_DATA_ERROR, but accept
172 * CRYPT_E_ASN1_CORRUPT as well (because matching errors is tough in this
175 GLE
= GetLastError();
176 ok(!ret
&& (GLE
== CRYPT_E_ASN1_EOD
|| GLE
== CRYPT_E_ASN1_CORRUPT
||
177 GLE
== OSS_DATA_ERROR
),
178 "Expected CRYPT_E_ASN1_EOD or CRYPT_E_ASN1_CORRUPT or OSS_DATA_ERROR, got %08x\n",
180 /* add a "signed" cert--the signature isn't a real signature, so this adds
181 * without any check of the signature's validity
183 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
184 signedBigCert
, sizeof(signedBigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
185 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
186 ok(context
!= NULL
, "Expected a valid cert context\n");
189 ok(context
->cbCertEncoded
== sizeof(signedBigCert
),
190 "Wrong cert size %d\n", context
->cbCertEncoded
);
191 ok(!memcmp(context
->pbCertEncoded
, signedBigCert
,
192 sizeof(signedBigCert
)), "Unexpected encoded cert in context\n");
193 /* remove it, the rest of the tests will work on an unsigned cert */
194 ret
= CertDeleteCertificateFromStore(context
);
195 ok(ret
, "CertDeleteCertificateFromStore failed: %08x\n",
198 /* try adding a "signed" CRL as a cert */
199 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
200 signedCRL
, sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, &context
);
201 GLE
= GetLastError();
202 ok(!ret
&& (GLE
== CRYPT_E_ASN1_BADTAG
|| GLE
== CRYPT_E_ASN1_CORRUPT
||
203 GLE
== OSS_DATA_ERROR
),
204 "Expected CRYPT_E_ASN1_BADTAG or CRYPT_E_ASN1_CORRUPT or OSS_DATA_ERROR, got %08x\n",
206 /* add a cert to store1 */
207 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
, bigCert
,
208 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
209 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
210 ok(context
!= NULL
, "Expected a valid cert context\n");
216 ok(context
->cbCertEncoded
== sizeof(bigCert
),
217 "Wrong cert size %d\n", context
->cbCertEncoded
);
218 ok(!memcmp(context
->pbCertEncoded
, bigCert
, sizeof(bigCert
)),
219 "Unexpected encoded cert in context\n");
220 ok(context
->hCertStore
== store1
, "Unexpected store\n");
222 /* check serializing this element */
224 ret = CertSerializeCertificateStoreElement(NULL, 0, NULL, NULL);
225 ret = CertSerializeCertificateStoreElement(context, 0, NULL, NULL);
226 ret = CertSerializeCertificateStoreElement(NULL, 0, NULL, &size);
228 /* apparently flags are ignored */
229 ret
= CertSerializeCertificateStoreElement(context
, 1, NULL
, &size
);
230 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
232 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
235 ret
= CertSerializeCertificateStoreElement(context
, 0, buf
, &size
);
236 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n", GetLastError());
237 ok(size
== sizeof(serializedCert
), "Wrong size %d\n", size
);
238 ok(!memcmp(serializedCert
, buf
, size
),
239 "Unexpected serialized cert\n");
240 HeapFree(GetProcessHeap(), 0, buf
);
243 ret
= CertFreeCertificateContext(context
);
244 ok(ret
, "CertFreeCertificateContext failed: %08x\n", GetLastError());
246 /* verify the cert's in store1 */
247 context
= CertEnumCertificatesInStore(store1
, NULL
);
248 ok(context
!= NULL
, "Expected a valid context\n");
249 context
= CertEnumCertificatesInStore(store1
, context
);
250 ok(!context
&& GetLastError() == CRYPT_E_NOT_FOUND
,
251 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
252 /* verify store2 (the "open existing" mem store) is still empty */
253 context
= CertEnumCertificatesInStore(store2
, NULL
);
254 ok(!context
, "Expected an empty store\n");
255 /* delete the cert from store1, and check it's empty */
256 context
= CertEnumCertificatesInStore(store1
, NULL
);
259 /* Deleting a bitwise copy crashes with an access to an uninitialized
260 * pointer, so a cert context has some special data out there in memory
263 memcpy(©, context, sizeof(copy));
264 ret = CertDeleteCertificateFromStore(©);
266 PCCERT_CONTEXT copy
= CertDuplicateCertificateContext(context
);
268 ok(copy
!= NULL
, "CertDuplicateCertificateContext failed: %08x\n",
270 ret
= CertDeleteCertificateFromStore(context
);
271 ok(ret
, "CertDeleteCertificateFromStore failed: %08x\n",
273 /* try deleting a copy */
274 ret
= CertDeleteCertificateFromStore(copy
);
275 ok(ret
, "CertDeleteCertificateFromStore failed: %08x\n",
277 /* check that the store is empty */
278 context
= CertEnumCertificatesInStore(store1
, NULL
);
279 ok(!context
, "Expected an empty store\n");
282 /* close an empty store */
283 ret
= CertCloseStore(NULL
, 0);
284 ok(ret
, "CertCloseStore failed: %d\n", GetLastError());
285 ret
= CertCloseStore(store1
, 0);
286 ok(ret
, "CertCloseStore failed: %d\n", GetLastError());
287 ret
= CertCloseStore(store2
, 0);
288 ok(ret
, "CertCloseStore failed: %d\n", GetLastError());
290 /* This seems nonsensical, but you can open a read-only mem store, only
293 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
294 CERT_STORE_READONLY_FLAG
, NULL
);
295 ok(store1
!= NULL
, "CertOpenStore failed: %d\n", GetLastError());
296 /* yep, this succeeds */
297 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
, bigCert
,
298 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
299 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
300 ok(context
!= NULL
, "Expected a valid cert context\n");
303 ok(context
->cbCertEncoded
== sizeof(bigCert
),
304 "Wrong cert size %d\n", context
->cbCertEncoded
);
305 ok(!memcmp(context
->pbCertEncoded
, bigCert
, sizeof(bigCert
)),
306 "Unexpected encoded cert in context\n");
307 ok(context
->hCertStore
== store1
, "Unexpected store\n");
308 ret
= CertDeleteCertificateFromStore(context
);
309 ok(ret
, "CertDeleteCertificateFromStore failed: %08x\n",
312 CertCloseStore(store1
, 0);
315 static void compareStore(HCERTSTORE store
, LPCSTR name
, const BYTE
*pb
,
319 CRYPT_DATA_BLOB blob
= { 0, NULL
};
321 ret
= CertSaveStore(store
, X509_ASN_ENCODING
, CERT_STORE_SAVE_AS_STORE
,
322 CERT_STORE_SAVE_TO_MEMORY
, &blob
, 0);
323 ok(ret
, "CertSaveStore failed: %08x\n", GetLastError());
325 ok(blob
.cbData
== cb
, "%s: expected size %d, got %d\n", name
, cb
,
327 blob
.pbData
= HeapAlloc(GetProcessHeap(), 0, blob
.cbData
);
330 ret
= CertSaveStore(store
, X509_ASN_ENCODING
, CERT_STORE_SAVE_AS_STORE
,
331 CERT_STORE_SAVE_TO_MEMORY
, &blob
, 0);
332 ok(ret
, "CertSaveStore failed: %08x\n", GetLastError());
334 ok(!memcmp(pb
, blob
.pbData
, cb
), "%s: unexpected value\n", name
);
335 HeapFree(GetProcessHeap(), 0, blob
.pbData
);
339 static const BYTE serializedStoreWithCert
[] = {
340 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x20,0x00,0x00,0x00,0x01,0x00,0x00,
341 0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,
342 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
343 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,
344 0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,
345 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,
346 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
347 0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,
348 0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,
349 0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x00,0x00,0x00,0x00,0x00,0x00,
350 0x00,0x00,0x00,0x00,0x00,0x00 };
357 WCHAR store_name
[16];
358 const WCHAR
*base_reg_path
;
359 } reg_store_saved_certs
[] = {
360 { HKEY_LOCAL_MACHINE
, CERT_SYSTEM_STORE_LOCAL_MACHINE
, FALSE
,
361 {'R','O','O','T',0}, CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH
},
362 { HKEY_LOCAL_MACHINE
, CERT_SYSTEM_STORE_LOCAL_MACHINE
, FALSE
,
363 {'M','Y',0}, CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH
},
364 { HKEY_LOCAL_MACHINE
, CERT_SYSTEM_STORE_LOCAL_MACHINE
, FALSE
,
365 {'C','A',0}, CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH
},
366 /* Adding to HKCU\Root triggers safety warning. */
367 { HKEY_CURRENT_USER
, CERT_SYSTEM_STORE_CURRENT_USER
, TRUE
,
368 {'M','Y',0}, CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH
},
369 { HKEY_CURRENT_USER
, CERT_SYSTEM_STORE_CURRENT_USER
, FALSE
,
370 {'C','A',0}, CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH
}
373 /* Testing whether system stores are available for adding new certs
374 * and checking directly in the registry whether they are actually saved or deleted.
375 * Windows treats HKCU\My (at least) as a special case and uses AppData directory
376 * for storing certs, not registry.
378 static void testRegStoreSavedCerts(void)
380 static const WCHAR fmt
[] =
381 { '%','s','\\','%','s','\\','%','s','\\','%','s',0},
383 { 'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r','t','i','f','i','c','a','t','e','s',0},
385 {'C','e','r','t','i','f','i','c','a','t','e','s',0},
387 '6','E','3','0','9','0','7','1','5','F','D','9','2','3',
388 '5','6','E','B','A','E','2','5','4','0','E','6','2','2',
389 'D','A','1','9','2','6','0','2','A','6','0','8',0};
390 PCCERT_CONTEXT cert1
, cert2
;
394 WCHAR key_name
[MAX_PATH
], appdata_path
[MAX_PATH
];
399 for (i
= 0; i
< sizeof(reg_store_saved_certs
) / sizeof(reg_store_saved_certs
[0]); i
++)
403 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
,0,0,
404 reg_store_saved_certs
[i
].cert_store
, reg_store_saved_certs
[i
].store_name
);
406 err
= GetLastError();
409 ok (err
== ERROR_ACCESS_DENIED
, "Failed to create store at %d (%08x)\n", i
, err
);
410 skip("Insufficient privileges for the test %d\n", i
);
413 ok (store
!=NULL
, "Failed to open the store at %d, %x", i
, GetLastError());
414 cert1
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
, sizeof(bigCert
));
415 ok (cert1
!= NULL
, "Create cert context failed at %d, %x\n", i
, GetLastError());
416 ret
= CertAddCertificateContextToStore(store
, cert1
, CERT_STORE_ADD_REPLACE_EXISTING
, NULL
);
417 ok (ret
, "Adding to the store failed at %d, %x\n", i
, GetLastError());
418 CertFreeCertificateContext(cert1
);
419 CertCloseStore(store
, 0);
421 wsprintfW(key_name
, fmt
, reg_store_saved_certs
[i
].base_reg_path
,
422 reg_store_saved_certs
[i
].store_name
, certs
, bigCert_hash
);
424 if (!reg_store_saved_certs
[i
].appdata_file
)
426 res
= RegOpenKeyExW(reg_store_saved_certs
[i
].key
, key_name
, 0, KEY_ALL_ACCESS
, &key
);
427 ok (!res
, "The cert hasn't been saved at %d, %x\n", i
, GetLastError());
428 if (!res
) RegCloseKey(key
);
431 pathres
= SHGetFolderPathW(NULL
, CSIDL_APPDATA
, NULL
, 0, appdata_path
);
433 "Failed to get app data path at %d (%x)\n", pathres
, GetLastError());
436 PathAppendW(appdata_path
, ms_certs
);
437 PathAppendW(appdata_path
, reg_store_saved_certs
[i
].store_name
);
438 PathAppendW(appdata_path
, certs
);
439 PathAppendW(appdata_path
, bigCert_hash
);
441 cert_file
= CreateFileW(appdata_path
, GENERIC_READ
, 0, NULL
,
442 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
443 todo_wine
ok (cert_file
!= INVALID_HANDLE_VALUE
,
444 "Cert was not saved in AppData at %d (%x)\n", i
, GetLastError());
445 CloseHandle(cert_file
);
449 /* deleting cert from store */
450 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
,0,0,
451 reg_store_saved_certs
[i
].cert_store
, reg_store_saved_certs
[i
].store_name
);
452 ok (store
!=NULL
, "Failed to open the store at %d, %x", i
, GetLastError());
454 cert1
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
, sizeof(bigCert
));
455 ok (cert1
!= NULL
, "Create cert context failed at %d, %x\n", i
, GetLastError());
457 cert2
= CertFindCertificateInStore(store
, X509_ASN_ENCODING
, 0,
458 CERT_FIND_EXISTING
, cert1
, NULL
);
459 ok (cert2
!= NULL
, "Failed to find cert in the store at %d, %x\n", i
, GetLastError());
461 ret
= CertDeleteCertificateFromStore(cert2
);
462 ok (ret
, "Failed to delete certificate from store at %d, %x\n", i
, GetLastError());
464 CertFreeCertificateContext(cert1
);
465 CertFreeCertificateContext(cert2
);
466 CertCloseStore(store
, 0);
468 res
= RegOpenKeyExW(reg_store_saved_certs
[i
].key
, key_name
, 0, KEY_ALL_ACCESS
, &key
);
469 ok (res
, "The cert's registry entry should be absent at %i, %x\n", i
, GetLastError());
470 if (!res
) RegCloseKey(key
);
472 if (reg_store_saved_certs
[i
].appdata_file
)
474 cert_file
= CreateFileW(appdata_path
, GENERIC_READ
, 0, NULL
,
475 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
476 ok (cert_file
== INVALID_HANDLE_VALUE
,
477 "Cert should have been absent in AppData %d\n", i
);
479 CloseHandle(cert_file
);
485 * This test checks that certificate falls into correct store of a collection
486 * depending on the access flags and priorities.
488 static void testStoresInCollection(void)
490 PCCERT_CONTEXT cert1
, cert2
, tcert1
;
491 HCERTSTORE collection
, ro_store
, rw_store
, rw_store_2
, tstore
;
492 static const WCHAR WineTestRO_W
[] = { 'W','i','n','e','T','e','s','t','_','R','O',0 },
493 WineTestRW_W
[] = { 'W','i','n','e','T','e','s','t','_','R','W',0 },
494 WineTestRW2_W
[]= { 'W','i','n','e','T','e','s','t','_','R','W','2',0 };
497 if (!pCertAddStoreToCollection
)
499 win_skip("CertAddStoreToCollection() is not available\n");
502 collection
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
503 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
504 ok(collection
!= NULL
, "Failed to init collection store, last error %x\n", GetLastError());
505 /* Add read-only store to collection with very high priority*/
506 ro_store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
, 0, 0,
507 CERT_SYSTEM_STORE_CURRENT_USER
, WineTestRO_W
);
508 ok(ro_store
!= NULL
, "Failed to init ro store %x\n", GetLastError());
510 ret
= CertAddStoreToCollection(collection
, ro_store
, 0, 1000);
511 ok (ret
, "Failed to add read-only store to collection %x\n", GetLastError());
513 cert1
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
, sizeof(bigCert
));
514 ok (cert1
!= NULL
, "Create cert context failed %x\n", GetLastError());
515 ret
= CertAddCertificateContextToStore(collection
, cert1
, CERT_STORE_ADD_ALWAYS
, NULL
);
516 ok (!ret
, "Added cert to collection with single read-only store %x\n", GetLastError());
518 /* Add read-write store to collection with the lowest priority*/
519 rw_store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
, 0, 0,
520 CERT_SYSTEM_STORE_CURRENT_USER
, WineTestRW_W
);
521 ok (rw_store
!= NULL
, "Failed to open rw store %x\n", GetLastError());
522 ret
= CertAddStoreToCollection(collection
, rw_store
, CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
523 ok (ret
, "Failed to add rw store to collection %x\n", GetLastError());
524 /** Adding certificate to collection should fall into rw store,
525 * even though prioirty of the ro_store is higher */
526 ret
= CertAddCertificateContextToStore(collection
, cert1
, CERT_STORE_ADD_REPLACE_EXISTING
, NULL
);
527 ok (ret
, "Failed to add cert to the collection %x\n", GetLastError());
529 tcert1
= CertEnumCertificatesInStore(ro_store
, NULL
);
530 ok (!tcert1
, "Read-only ro_store contains cert\n");
532 tcert1
= CertEnumCertificatesInStore(rw_store
, NULL
);
533 ok (cert1
&& tcert1
->cbCertEncoded
== cert1
->cbCertEncoded
,
534 "Unexpected cert in the rw store\n");
535 CertFreeCertificateContext(tcert1
);
537 tcert1
= CertEnumCertificatesInStore(collection
, NULL
);
538 ok (tcert1
&& tcert1
->cbCertEncoded
== cert1
->cbCertEncoded
,
539 "Unexpected cert in the collection\n");
540 CertFreeCertificateContext(tcert1
);
542 /** adding one more rw store with higher priority*/
543 rw_store_2
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
, 0, 0,
544 CERT_SYSTEM_STORE_CURRENT_USER
, WineTestRW2_W
);
545 ok (rw_store_2
!= NULL
, "Failed to init second rw store %x\n", GetLastError());
546 ret
= CertAddStoreToCollection(collection
, rw_store_2
, CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 50);
547 ok (ret
, "Failed to add rw_store_2 to collection %x\n",GetLastError());
549 cert2
= CertCreateCertificateContext(X509_ASN_ENCODING
, signedBigCert
, sizeof(signedBigCert
));
550 ok (cert2
!= NULL
, "Failed to create cert context %x \n", GetLastError());
551 ret
= CertAddCertificateContextToStore(collection
, cert2
, CERT_STORE_ADD_REPLACE_EXISTING
, NULL
);
552 ok (ret
, "Failed to add cert3 to the store %x\n",GetLastError());
554 /** checking certificates in the stores */
555 tcert1
= CertEnumCertificatesInStore(ro_store
, 0);
556 ok (tcert1
== NULL
, "Read-only store not empty\n");
558 tcert1
= CertEnumCertificatesInStore(rw_store
, NULL
);
559 ok (tcert1
&& tcert1
->cbCertEncoded
== cert1
->cbCertEncoded
,
560 "Unexpected cert in the rw_store\n");
561 CertFreeCertificateContext(tcert1
);
563 tcert1
= CertEnumCertificatesInStore(rw_store_2
, NULL
);
564 ok (tcert1
&& tcert1
->cbCertEncoded
== cert2
->cbCertEncoded
,
565 "Unexpected cert in the rw_store_2\n");
566 CertFreeCertificateContext(tcert1
);
568 /** checking certificates in the collection */
569 tcert1
= CertEnumCertificatesInStore(collection
, NULL
);
570 ok (tcert1
&& tcert1
->cbCertEncoded
== cert2
->cbCertEncoded
,
571 "cert2 expected in the collection got %p, %x\n",tcert1
, GetLastError());
572 tcert1
= CertEnumCertificatesInStore(collection
, tcert1
);
573 ok (tcert1
&& tcert1
->cbCertEncoded
== cert1
->cbCertEncoded
,
574 "cert1 expected in the collection got %p, %x\n",tcert1
, GetLastError());
575 tcert1
= CertEnumCertificatesInStore(collection
, tcert1
);
576 ok (tcert1
==NULL
,"Unexpected cert in the collection %p %x\n",tcert1
, GetLastError());
578 /* checking whether certs had been saved */
579 tstore
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
,0,0,
580 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, WineTestRW_W
);
581 ok (tstore
!=NULL
, "Failed to open existing rw store\n");
582 tcert1
= CertEnumCertificatesInStore(tstore
, NULL
);
584 ok(tcert1
&& tcert1
->cbCertEncoded
== cert1
->cbCertEncoded
, "cert1 wasn't saved\n");
585 CertFreeCertificateContext(tcert1
);
586 CertCloseStore(tstore
,0);
588 tstore
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
,0,0,
589 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, WineTestRW2_W
);
590 ok (tstore
!=NULL
, "Failed to open existing rw2 store\n");
591 tcert1
= CertEnumCertificatesInStore(tstore
, NULL
);
593 ok (tcert1
&& tcert1
->cbCertEncoded
== cert2
->cbCertEncoded
, "cert2 wasn't saved\n");
594 CertFreeCertificateContext(tcert1
);
595 CertCloseStore(tstore
,0);
597 CertCloseStore(collection
,0);
598 CertCloseStore(ro_store
,0);
599 CertCloseStore(rw_store
,0);
600 CertCloseStore(rw_store_2
,0);
602 /* reopening registry stores to check whether certs had been saved */
603 rw_store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
,0,0,
604 CERT_SYSTEM_STORE_CURRENT_USER
, WineTestRW_W
);
605 tcert1
= CertEnumCertificatesInStore(rw_store
, NULL
);
606 ok (tcert1
&& tcert1
->cbCertEncoded
== cert1
->cbCertEncoded
,
607 "Unexpected cert in store %p\n", tcert1
);
608 CertFreeCertificateContext(tcert1
);
609 CertCloseStore(rw_store
,0);
611 rw_store_2
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
,0,0,
612 CERT_SYSTEM_STORE_CURRENT_USER
, WineTestRW2_W
);
613 tcert1
= CertEnumCertificatesInStore(rw_store_2
, NULL
);
614 ok (tcert1
&& tcert1
->cbCertEncoded
== cert2
->cbCertEncoded
,
615 "Unexpected cert in store %p\n", tcert1
);
616 CertFreeCertificateContext(tcert1
);
617 CertCloseStore(rw_store_2
,0);
619 CertFreeCertificateContext(cert1
);
620 CertFreeCertificateContext(cert2
);
621 CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
,0,0,
622 CERT_STORE_DELETE_FLAG
|CERT_SYSTEM_STORE_CURRENT_USER
,WineTestRO_W
);
623 CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
,0,0,
624 CERT_STORE_DELETE_FLAG
|CERT_SYSTEM_STORE_CURRENT_USER
,WineTestRW_W
);
625 CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W
,0,0,
626 CERT_STORE_DELETE_FLAG
|CERT_SYSTEM_STORE_CURRENT_USER
,WineTestRW2_W
);
630 static void testCollectionStore(void)
632 HCERTSTORE store1
, store2
, collection
, collection2
;
633 PCCERT_CONTEXT context
;
635 static const WCHAR szPrefix
[] = { 'c','e','r',0 };
636 static const WCHAR szDot
[] = { '.',0 };
637 WCHAR filename
[MAX_PATH
];
640 if (!pCertAddStoreToCollection
)
642 win_skip("CertAddStoreToCollection() is not available\n");
646 collection
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
647 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
649 /* Try adding a cert to any empty collection */
650 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
651 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
652 ok(!ret
&& GetLastError() == E_ACCESSDENIED
,
653 "Expected E_ACCESSDENIED, got %08x\n", GetLastError());
655 /* Create and add a cert to a memory store */
656 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
657 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
658 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
659 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
660 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
661 /* Add the memory store to the collection, without allowing adding */
662 ret
= pCertAddStoreToCollection(collection
, store1
, 0, 0);
663 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
664 /* Verify the cert is in the collection */
665 context
= CertEnumCertificatesInStore(collection
, NULL
);
666 ok(context
!= NULL
, "Expected a valid context\n");
669 ok(context
->hCertStore
== collection
, "Unexpected store\n");
670 CertFreeCertificateContext(context
);
672 /* Check that adding to the collection isn't allowed */
673 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
674 bigCert2
, sizeof(bigCert2
), CERT_STORE_ADD_ALWAYS
, NULL
);
675 ok(!ret
&& GetLastError() == E_ACCESSDENIED
,
676 "Expected E_ACCESSDENIED, got %08x\n", GetLastError());
678 /* Create a new memory store */
679 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
680 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
681 /* Try adding a store to a non-collection store */
682 ret
= pCertAddStoreToCollection(store1
, store2
,
683 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
684 ok(!ret
&& GetLastError() == E_INVALIDARG
,
685 "Expected E_INVALIDARG, got %08x\n", GetLastError());
686 /* Try adding some bogus stores */
687 /* This crashes in Windows
688 ret = pCertAddStoreToCollection(0, store2,
689 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
691 /* This "succeeds"... */
692 ret
= pCertAddStoreToCollection(collection
, 0,
693 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
694 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
695 /* while this crashes.
696 ret = pCertAddStoreToCollection(collection, 1,
697 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
700 /* Add it to the collection, this time allowing adding */
701 ret
= pCertAddStoreToCollection(collection
, store2
,
702 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
703 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
704 /* Check that adding to the collection is allowed */
705 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
706 bigCert2
, sizeof(bigCert2
), CERT_STORE_ADD_ALWAYS
, NULL
);
707 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
708 /* Now check that it was actually added to store2 */
709 context
= CertEnumCertificatesInStore(store2
, NULL
);
710 ok(context
!= NULL
, "Expected a valid context\n");
713 ok(context
->hCertStore
== store2
, "Unexpected store\n");
714 CertFreeCertificateContext(context
);
716 /* Check that the collection has both bigCert and bigCert2. bigCert comes
717 * first because store1 was added first.
719 context
= CertEnumCertificatesInStore(collection
, NULL
);
720 ok(context
!= NULL
, "Expected a valid context\n");
723 ok(context
->hCertStore
== collection
, "Unexpected store\n");
724 ok(context
->cbCertEncoded
== sizeof(bigCert
),
725 "Wrong size %d\n", context
->cbCertEncoded
);
726 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
727 "Unexpected cert\n");
728 context
= CertEnumCertificatesInStore(collection
, context
);
729 ok(context
!= NULL
, "Expected a valid context\n");
732 ok(context
->hCertStore
== collection
, "Unexpected store\n");
733 ok(context
->cbCertEncoded
== sizeof(bigCert2
),
734 "Wrong size %d\n", context
->cbCertEncoded
);
735 ok(!memcmp(context
->pbCertEncoded
, bigCert2
,
736 context
->cbCertEncoded
), "Unexpected cert\n");
737 context
= CertEnumCertificatesInStore(collection
, context
);
738 ok(!context
, "Unexpected cert\n");
741 /* close store2, and check that the collection is unmodified */
742 CertCloseStore(store2
, 0);
743 context
= CertEnumCertificatesInStore(collection
, NULL
);
744 ok(context
!= NULL
, "Expected a valid context\n");
747 ok(context
->hCertStore
== collection
, "Unexpected store\n");
748 ok(context
->cbCertEncoded
== sizeof(bigCert
),
749 "Wrong size %d\n", context
->cbCertEncoded
);
750 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
751 "Unexpected cert\n");
752 context
= CertEnumCertificatesInStore(collection
, context
);
753 ok(context
!= NULL
, "Expected a valid context\n");
756 ok(context
->hCertStore
== collection
, "Unexpected store\n");
757 ok(context
->cbCertEncoded
== sizeof(bigCert2
),
758 "Wrong size %d\n", context
->cbCertEncoded
);
759 ok(!memcmp(context
->pbCertEncoded
, bigCert2
,
760 context
->cbCertEncoded
), "Unexpected cert\n");
761 context
= CertEnumCertificatesInStore(collection
, context
);
762 ok(!context
, "Unexpected cert\n");
766 /* Adding a collection to a collection is legal */
767 collection2
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
768 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
769 ret
= pCertAddStoreToCollection(collection2
, collection
,
770 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
771 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
772 /* check the contents of collection2 */
773 context
= CertEnumCertificatesInStore(collection2
, NULL
);
774 ok(context
!= NULL
, "Expected a valid context\n");
777 ok(context
->hCertStore
== collection2
, "Unexpected store\n");
778 ok(context
->cbCertEncoded
== sizeof(bigCert
),
779 "Wrong size %d\n", context
->cbCertEncoded
);
780 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
781 "Unexpected cert\n");
782 context
= CertEnumCertificatesInStore(collection2
, context
);
783 ok(context
!= NULL
, "Expected a valid context\n");
786 ok(context
->hCertStore
== collection2
, "Unexpected store\n");
787 ok(context
->cbCertEncoded
== sizeof(bigCert2
),
788 "Wrong size %d\n", context
->cbCertEncoded
);
789 ok(!memcmp(context
->pbCertEncoded
, bigCert2
,
790 context
->cbCertEncoded
), "Unexpected cert\n");
791 context
= CertEnumCertificatesInStore(collection2
, context
);
792 ok(!context
, "Unexpected cert\n");
796 /* I'd like to test closing the collection in the middle of enumeration,
797 * but my tests have been inconsistent. The first time calling
798 * CertEnumCertificatesInStore on a closed collection succeeded, while the
799 * second crashed. So anything appears to be fair game.
800 * I'd also like to test removing a store from a collection in the middle
801 * of an enumeration, but my tests in Windows have been inconclusive.
802 * In one scenario it worked. In another scenario, about a third of the
803 * time this leads to "random" crashes elsewhere in the code. This
804 * probably means this is not allowed.
807 CertCloseStore(store1
, 0);
808 CertCloseStore(collection
, 0);
809 CertCloseStore(collection2
, 0);
811 /* Add the same cert to two memory stores, then put them in a collection */
812 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
813 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
814 ok(store1
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
815 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
816 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
817 ok(store2
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
819 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
820 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
821 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
822 ret
= CertAddEncodedCertificateToStore(store2
, X509_ASN_ENCODING
,
823 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
824 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
825 collection
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
826 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
827 ok(collection
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
829 ret
= pCertAddStoreToCollection(collection
, store1
,
830 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
831 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
832 ret
= pCertAddStoreToCollection(collection
, store2
,
833 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
834 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
836 /* Check that the collection has two copies of the same cert */
837 context
= CertEnumCertificatesInStore(collection
, NULL
);
838 ok(context
!= NULL
, "Expected a valid context\n");
841 ok(context
->hCertStore
== collection
, "Unexpected store\n");
842 ok(context
->cbCertEncoded
== sizeof(bigCert
),
843 "Wrong size %d\n", context
->cbCertEncoded
);
844 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
845 "Unexpected cert\n");
846 context
= CertEnumCertificatesInStore(collection
, context
);
847 ok(context
!= NULL
, "Expected a valid context\n");
850 ok(context
->hCertStore
== collection
, "Unexpected store\n");
851 ok(context
->cbCertEncoded
== sizeof(bigCert
),
852 "Wrong size %d\n", context
->cbCertEncoded
);
853 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
854 "Unexpected cert\n");
855 context
= CertEnumCertificatesInStore(collection
, context
);
856 ok(context
== NULL
, "Unexpected cert\n");
860 /* The following would check whether I can delete an identical cert, rather
861 * than one enumerated from the store. It crashes, so that means I must
862 * only call CertDeleteCertificateFromStore with contexts enumerated from
864 context = CertCreateCertificateContext(X509_ASN_ENCODING, bigCert,
866 ok(context != NULL, "CertCreateCertificateContext failed: %08x\n",
870 ret = CertDeleteCertificateFromStore(collection, context);
871 printf("ret is %d, GetLastError is %08x\n", ret, GetLastError());
872 CertFreeCertificateContext(context);
876 /* Now check deleting from the collection. */
877 context
= CertEnumCertificatesInStore(collection
, NULL
);
878 ok(context
!= NULL
, "Expected a valid context\n");
881 CertDeleteCertificateFromStore(context
);
882 /* store1 should now be empty */
883 context
= CertEnumCertificatesInStore(store1
, NULL
);
884 ok(!context
, "Unexpected cert\n");
885 /* and there should be one certificate in the collection */
886 context
= CertEnumCertificatesInStore(collection
, NULL
);
887 ok(context
!= NULL
, "Expected a valid cert\n");
890 ok(context
->hCertStore
== collection
, "Unexpected store\n");
891 ok(context
->cbCertEncoded
== sizeof(bigCert
),
892 "Wrong size %d\n", context
->cbCertEncoded
);
893 ok(!memcmp(context
->pbCertEncoded
, bigCert
, context
->cbCertEncoded
),
894 "Unexpected cert\n");
896 context
= CertEnumCertificatesInStore(collection
, context
);
897 ok(context
== NULL
, "Unexpected cert\n");
900 if (!pCertRemoveStoreFromCollection
)
902 win_skip("CertRemoveStoreFromCollection() is not available\n");
906 /* Finally, test removing stores from the collection. No return
907 * value, so it's a bit funny to test.
910 * pCertRemoveStoreFromCollection(NULL, NULL);
912 /* This "succeeds," no crash, no last error set */
913 SetLastError(0xdeadbeef);
914 pCertRemoveStoreFromCollection(store2
, collection
);
915 ok(GetLastError() == 0xdeadbeef,
916 "Didn't expect an error to be set: %08x\n", GetLastError());
918 /* After removing store2, the collection should be empty */
919 SetLastError(0xdeadbeef);
920 pCertRemoveStoreFromCollection(collection
, store2
);
921 ok(GetLastError() == 0xdeadbeef,
922 "Didn't expect an error to be set: %08x\n", GetLastError());
923 context
= CertEnumCertificatesInStore(collection
, NULL
);
924 ok(!context
, "Unexpected cert\n");
927 CertCloseStore(collection
, 0);
928 CertCloseStore(store2
, 0);
929 CertCloseStore(store1
, 0);
931 /* Test adding certificates to and deleting certificates from collections.
933 store1
= CertOpenSystemStoreA(0, "My");
934 collection
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
935 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
937 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
938 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
939 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
940 CertDeleteCertificateFromStore(context
);
942 pCertAddStoreToCollection(collection
, store1
,
943 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
945 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
946 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &context
);
947 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
948 CertDeleteCertificateFromStore(context
);
950 CertCloseStore(collection
, 0);
951 CertCloseStore(store1
, 0);
953 /* Test whether a collection store can be committed */
954 if (!pCertControlStore
)
956 win_skip("CertControlStore() is not available\n");
959 collection
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
960 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
962 SetLastError(0xdeadbeef);
963 ret
= pCertControlStore(collection
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
964 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
966 /* Adding a mem store that can't be committed prevents a successful commit.
968 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
969 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
970 pCertAddStoreToCollection(collection
, store1
, 0, 0);
971 SetLastError(0xdeadbeef);
972 ret
= pCertControlStore(collection
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
973 ok(!ret
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
974 "expected ERROR_CALL_NOT_IMPLEMENTED, got %d\n", GetLastError());
975 pCertRemoveStoreFromCollection(collection
, store1
);
976 CertCloseStore(store1
, 0);
978 /* Test adding a cert to a collection with a file store, committing the
979 * change to the collection, and comparing the resulting file.
981 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename
))
984 DeleteFileW(filename
);
985 file
= CreateFileW(filename
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
986 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
987 if (file
== INVALID_HANDLE_VALUE
)
990 store1
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
991 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
992 ok(store1
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
994 pCertAddStoreToCollection(collection
, store1
,
995 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
996 CertCloseStore(store1
, 0);
998 ret
= CertAddEncodedCertificateToStore(collection
, X509_ASN_ENCODING
,
999 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1000 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
1002 ret
= pCertControlStore(collection
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1003 ok(ret
, "CertControlStore failed: %d\n", ret
);
1004 compareStore(collection
, "serialized store with cert",
1005 serializedStoreWithCert
, sizeof(serializedStoreWithCert
), FALSE
);
1006 CertCloseStore(collection
, 0);
1008 DeleteFileW(filename
);
1011 /* Looks for the property with ID propID in the buffer buf. Returns a pointer
1012 * to its header if found, NULL if not.
1014 static const struct CertPropIDHeader
*findPropID(const BYTE
*buf
, DWORD size
,
1017 const struct CertPropIDHeader
*ret
= NULL
;
1018 BOOL failed
= FALSE
;
1020 while (size
&& !ret
&& !failed
)
1022 if (size
< sizeof(struct CertPropIDHeader
))
1026 const struct CertPropIDHeader
*hdr
=
1027 (const struct CertPropIDHeader
*)buf
;
1029 size
-= sizeof(struct CertPropIDHeader
);
1030 buf
+= sizeof(struct CertPropIDHeader
);
1033 else if (hdr
->propID
== propID
)
1045 static void testRegStore(void)
1047 static const char tempKey
[] = "Software\\Wine\\CryptTemp";
1053 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0, 0, NULL
);
1054 GLE
= GetLastError();
1055 ok(!store
&& (GLE
== ERROR_INVALID_HANDLE
|| GLE
== ERROR_BADKEY
),
1056 "Expected ERROR_INVALID_HANDLE or ERROR_BADKEY, got %d\n", GLE
);
1057 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0, 0, key
);
1058 GLE
= GetLastError();
1059 ok(!store
&& (GLE
== ERROR_INVALID_HANDLE
|| GLE
== ERROR_BADKEY
),
1060 "Expected ERROR_INVALID_HANDLE or ERROR_BADKEY, got %d\n", GLE
);
1062 /* Opening up any old key works.. */
1063 key
= HKEY_CURRENT_USER
;
1064 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0, 0, key
);
1065 /* Not sure if this is a bug in DuplicateHandle, marking todo_wine for now
1067 todo_wine
ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
1068 CertCloseStore(store
, 0);
1070 /* It looks like the remainder pretty much needs CertControlStore() */
1071 if (!pCertControlStore
)
1073 win_skip("CertControlStore() is not available\n");
1077 rc
= RegCreateKeyExA(HKEY_CURRENT_USER
, tempKey
, 0, NULL
, 0, KEY_ALL_ACCESS
,
1079 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
1085 static const char certificates
[] = "Certificates\\";
1086 char subKeyName
[sizeof(certificates
) + 20 * 2 + 1], *ptr
;
1088 PCCERT_CONTEXT context
;
1090 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0, 0, key
);
1091 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
1092 /* Add a certificate. It isn't persisted right away, since it's only
1093 * added to the cache..
1095 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1096 bigCert2
, sizeof(bigCert2
), CERT_STORE_ADD_ALWAYS
, NULL
);
1097 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
1099 /* so flush the cache to force a commit.. */
1100 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1101 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
1102 /* and check that the expected subkey was written. */
1103 size
= sizeof(hash
);
1104 ret
= CryptHashCertificate(0, 0, 0, bigCert2
, sizeof(bigCert2
),
1106 ok(ret
, "CryptHashCertificate failed: %d\n", GetLastError());
1107 strcpy(subKeyName
, certificates
);
1108 for (i
= 0, ptr
= subKeyName
+ sizeof(certificates
) - 1; i
< size
;
1110 sprintf(ptr
, "%02X", hash
[i
]);
1111 rc
= RegCreateKeyExA(key
, subKeyName
, 0, NULL
, 0, KEY_ALL_ACCESS
, NULL
,
1113 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
1119 RegQueryValueExA(subKey
, "Blob", NULL
, NULL
, NULL
, &size
);
1120 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
1123 rc
= RegQueryValueExA(subKey
, "Blob", NULL
, NULL
, buf
, &size
);
1124 ok(!rc
, "RegQueryValueExA failed: %d\n", rc
);
1127 const struct CertPropIDHeader
*hdr
;
1129 /* Both the hash and the cert should be present */
1130 hdr
= findPropID(buf
, size
, CERT_CERT_PROP_ID
);
1131 ok(hdr
!= NULL
, "Expected to find a cert property\n");
1134 ok(hdr
->cb
== sizeof(bigCert2
),
1135 "Wrong size %d of cert property\n", hdr
->cb
);
1136 ok(!memcmp((const BYTE
*)hdr
+ sizeof(*hdr
), bigCert2
,
1137 hdr
->cb
), "Unexpected cert in cert property\n");
1139 hdr
= findPropID(buf
, size
, CERT_HASH_PROP_ID
);
1140 ok(hdr
!= NULL
, "Expected to find a hash property\n");
1143 ok(hdr
->cb
== sizeof(hash
),
1144 "Wrong size %d of hash property\n", hdr
->cb
);
1145 ok(!memcmp((const BYTE
*)hdr
+ sizeof(*hdr
), hash
,
1146 hdr
->cb
), "Unexpected hash in cert property\n");
1149 HeapFree(GetProcessHeap(), 0, buf
);
1151 RegCloseKey(subKey
);
1154 /* Remove the existing context */
1155 context
= CertEnumCertificatesInStore(store
, NULL
);
1156 ok(context
!= NULL
, "Expected a cert context\n");
1158 CertDeleteCertificateFromStore(context
);
1159 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1160 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
1162 /* Add a serialized cert with a bogus hash directly to the registry */
1163 memset(hash
, 0, sizeof(hash
));
1164 strcpy(subKeyName
, certificates
);
1165 for (i
= 0, ptr
= subKeyName
+ sizeof(certificates
) - 1;
1166 i
< sizeof(hash
); i
++, ptr
+= 2)
1167 sprintf(ptr
, "%02X", hash
[i
]);
1168 rc
= RegCreateKeyExA(key
, subKeyName
, 0, NULL
, 0, KEY_ALL_ACCESS
, NULL
,
1170 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
1173 BYTE buf
[sizeof(struct CertPropIDHeader
) * 2 + sizeof(hash
) +
1174 sizeof(bigCert
)], *ptr
;
1175 DWORD certCount
= 0;
1176 struct CertPropIDHeader
*hdr
;
1178 hdr
= (struct CertPropIDHeader
*)buf
;
1179 hdr
->propID
= CERT_HASH_PROP_ID
;
1181 hdr
->cb
= sizeof(hash
);
1182 ptr
= buf
+ sizeof(*hdr
);
1183 memcpy(ptr
, hash
, sizeof(hash
));
1184 ptr
+= sizeof(hash
);
1185 hdr
= (struct CertPropIDHeader
*)ptr
;
1186 hdr
->propID
= CERT_CERT_PROP_ID
;
1188 hdr
->cb
= sizeof(bigCert
);
1189 ptr
+= sizeof(*hdr
);
1190 memcpy(ptr
, bigCert
, sizeof(bigCert
));
1192 rc
= RegSetValueExA(subKey
, "Blob", 0, REG_BINARY
, buf
,
1194 ok(!rc
, "RegSetValueExA failed: %d\n", rc
);
1196 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_RESYNC
, NULL
);
1197 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
1199 /* Make sure the bogus hash cert gets loaded. */
1203 context
= CertEnumCertificatesInStore(store
, context
);
1206 } while (context
!= NULL
);
1207 ok(certCount
== 1, "Expected 1 certificates, got %d\n", certCount
);
1209 RegCloseKey(subKey
);
1212 /* Add another serialized cert directly to the registry, this time
1213 * under the correct key name (named with the correct hash value).
1215 size
= sizeof(hash
);
1216 ret
= CryptHashCertificate(0, 0, 0, bigCert2
,
1217 sizeof(bigCert2
), hash
, &size
);
1218 ok(ret
, "CryptHashCertificate failed: %d\n", GetLastError());
1219 strcpy(subKeyName
, certificates
);
1220 for (i
= 0, ptr
= subKeyName
+ sizeof(certificates
) - 1;
1221 i
< sizeof(hash
); i
++, ptr
+= 2)
1222 sprintf(ptr
, "%02X", hash
[i
]);
1223 rc
= RegCreateKeyExA(key
, subKeyName
, 0, NULL
, 0, KEY_ALL_ACCESS
, NULL
,
1225 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
1228 BYTE buf
[sizeof(struct CertPropIDHeader
) * 2 + sizeof(hash
) +
1229 sizeof(bigCert2
)], *ptr
;
1230 DWORD certCount
= 0;
1231 PCCERT_CONTEXT context
;
1232 struct CertPropIDHeader
*hdr
;
1234 /* First try with a bogus hash... */
1235 hdr
= (struct CertPropIDHeader
*)buf
;
1236 hdr
->propID
= CERT_HASH_PROP_ID
;
1238 hdr
->cb
= sizeof(hash
);
1239 ptr
= buf
+ sizeof(*hdr
);
1240 memset(ptr
, 0, sizeof(hash
));
1241 ptr
+= sizeof(hash
);
1242 hdr
= (struct CertPropIDHeader
*)ptr
;
1243 hdr
->propID
= CERT_CERT_PROP_ID
;
1245 hdr
->cb
= sizeof(bigCert2
);
1246 ptr
+= sizeof(*hdr
);
1247 memcpy(ptr
, bigCert2
, sizeof(bigCert2
));
1249 rc
= RegSetValueExA(subKey
, "Blob", 0, REG_BINARY
, buf
,
1251 ok(!rc
, "RegSetValueExA failed: %d\n", rc
);
1253 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_RESYNC
, NULL
);
1254 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
1256 /* and make sure just one cert still gets loaded. */
1260 context
= CertEnumCertificatesInStore(store
, context
);
1263 } while (context
!= NULL
);
1264 ok(certCount
== 1 ||
1265 broken(certCount
== 2) /* NT4 */ ,
1266 "Expected 1 certificates, got %d\n", certCount
);
1268 /* Try again with the correct hash... */
1269 ptr
= buf
+ sizeof(*hdr
);
1270 memcpy(ptr
, hash
, sizeof(hash
));
1272 rc
= RegSetValueExA(subKey
, "Blob", 0, REG_BINARY
, buf
,
1274 ok(!rc
, "RegSetValueExA failed: %d\n", rc
);
1276 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_RESYNC
, NULL
);
1277 ok(ret
, "CertControlStore failed: %08x\n", GetLastError());
1279 /* and make sure two certs get loaded. */
1283 context
= CertEnumCertificatesInStore(store
, context
);
1286 } while (context
!= NULL
);
1287 ok(certCount
== 2, "Expected 2 certificates, got %d\n", certCount
);
1289 RegCloseKey(subKey
);
1291 CertCloseStore(store
, 0);
1292 /* Is delete allowed on a reg store? */
1293 store
= CertOpenStore(CERT_STORE_PROV_REG
, 0, 0,
1294 CERT_STORE_DELETE_FLAG
, key
);
1295 ok(store
== NULL
, "Expected NULL return from CERT_STORE_DELETE_FLAG\n");
1296 ok(GetLastError() == 0, "CertOpenStore failed: %08x\n",
1301 /* The CertOpenStore with CERT_STORE_DELETE_FLAG above will delete the
1302 * contents of the key, but not the key itself.
1304 rc
= RegCreateKeyExA(HKEY_CURRENT_USER
, tempKey
, 0, NULL
, 0, KEY_ALL_ACCESS
,
1306 ok(!rc
, "RegCreateKeyExA failed: %d\n", rc
);
1307 ok(disp
== REG_OPENED_EXISTING_KEY
,
1308 "Expected REG_OPENED_EXISTING_KEY, got %d\n", disp
);
1312 rc
= RegDeleteKeyA(HKEY_CURRENT_USER
, tempKey
);
1315 HMODULE shlwapi
= LoadLibraryA("shlwapi");
1317 /* Use shlwapi's SHDeleteKeyA to _really_ blow away the key,
1318 * otherwise subsequent tests will fail.
1322 DWORD (WINAPI
*pSHDeleteKeyA
)(HKEY
, LPCSTR
);
1324 pSHDeleteKeyA
= (void*)GetProcAddress(shlwapi
, "SHDeleteKeyA");
1326 pSHDeleteKeyA(HKEY_CURRENT_USER
, tempKey
);
1327 FreeLibrary(shlwapi
);
1333 static const char MyA
[] = { 'M','y',0,0 };
1334 static const WCHAR MyW
[] = { 'M','y',0 };
1335 static const WCHAR BogusW
[] = { 'B','o','g','u','s',0 };
1336 static const WCHAR BogusPathW
[] = { 'S','o','f','t','w','a','r','e','\\',
1337 'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r',
1338 't','i','f','i','c','a','t','e','s','\\','B','o','g','u','s',0 };
1340 static void testSystemRegStore(void)
1342 HCERTSTORE store
, memStore
;
1344 /* Check with a UNICODE name */
1345 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1346 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, MyW
);
1347 /* Not all OSes support CERT_STORE_PROV_SYSTEM_REGISTRY, so don't continue
1348 * testing if they don't.
1353 /* Check that it isn't a collection store */
1354 memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1355 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1358 if (pCertAddStoreToCollection
)
1360 BOOL ret
= pCertAddStoreToCollection(store
, memStore
, 0, 0);
1361 ok(!ret
&& GetLastError() == E_INVALIDARG
,
1362 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1364 CertCloseStore(memStore
, 0);
1366 CertCloseStore(store
, 0);
1368 /* Check opening a bogus store */
1369 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1370 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, BogusW
);
1371 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1372 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1373 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1374 CERT_SYSTEM_STORE_CURRENT_USER
, BogusW
);
1375 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
1377 CertCloseStore(store
, 0);
1378 /* Now check whether deleting is allowed */
1379 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1380 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_DELETE_FLAG
, BogusW
);
1381 ok(!store
, "CertOpenStore failed: %08x\n", GetLastError());
1382 RegDeleteKeyW(HKEY_CURRENT_USER
, BogusPathW
);
1384 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0, 0, NULL
);
1385 ok(!store
&& GetLastError() == E_INVALIDARG
,
1386 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1387 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1388 CERT_SYSTEM_STORE_LOCAL_MACHINE
| CERT_SYSTEM_STORE_CURRENT_USER
, MyA
);
1389 ok(!store
&& GetLastError() == E_INVALIDARG
,
1390 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1391 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1392 CERT_SYSTEM_STORE_LOCAL_MACHINE
| CERT_SYSTEM_STORE_CURRENT_USER
, MyW
);
1393 ok(!store
&& GetLastError() == E_INVALIDARG
,
1394 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1395 /* The name is expected to be UNICODE, check with an ASCII name */
1396 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
1397 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, MyA
);
1398 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1399 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1402 static void testSystemStore(void)
1404 static const WCHAR baskslashW
[] = { '\\',0 };
1406 WCHAR keyName
[MAX_PATH
];
1410 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0, 0, NULL
);
1411 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1412 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1413 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1414 CERT_SYSTEM_STORE_LOCAL_MACHINE
| CERT_SYSTEM_STORE_CURRENT_USER
, MyA
);
1415 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1416 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1417 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1418 CERT_SYSTEM_STORE_LOCAL_MACHINE
| CERT_SYSTEM_STORE_CURRENT_USER
, MyW
);
1419 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1420 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1421 /* The name is expected to be UNICODE, first check with an ASCII name */
1422 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1423 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, MyA
);
1424 ok(!store
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
1425 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1426 /* Create the expected key */
1427 lstrcpyW(keyName
, CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH
);
1428 lstrcatW(keyName
, baskslashW
);
1429 lstrcatW(keyName
, MyW
);
1430 rc
= RegCreateKeyExW(HKEY_CURRENT_USER
, keyName
, 0, NULL
, 0, KEY_READ
,
1432 ok(!rc
, "RegCreateKeyEx failed: %d\n", rc
);
1435 /* Check opening with a UNICODE name, specifying the create new flag */
1436 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1437 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_CREATE_NEW_FLAG
, MyW
);
1438 ok(!store
&& GetLastError() == ERROR_FILE_EXISTS
,
1439 "Expected ERROR_FILE_EXISTS, got %08x\n", GetLastError());
1440 /* Now check opening with a UNICODE name, this time opening existing */
1441 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1442 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, MyW
);
1443 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
1446 HCERTSTORE memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1447 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1449 /* Check that it's a collection store */
1452 if (pCertAddStoreToCollection
)
1454 BOOL ret
= pCertAddStoreToCollection(store
, memStore
, 0, 0);
1455 /* FIXME: this'll fail on NT4, but what error will it give? */
1456 ok(ret
, "CertAddStoreToCollection failed: %08x\n", GetLastError());
1458 CertCloseStore(memStore
, 0);
1460 CertCloseStore(store
, 0);
1463 /* Check opening a bogus store */
1464 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1465 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_OPEN_EXISTING_FLAG
, BogusW
);
1466 ok(!store
, "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1467 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1468 CERT_SYSTEM_STORE_CURRENT_USER
, BogusW
);
1469 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
1471 CertCloseStore(store
, 0);
1472 /* Now check whether deleting is allowed */
1473 store
= CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
1474 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_DELETE_FLAG
, BogusW
);
1475 ok(!store
, "Didn't expect a store to be returned when deleting\n");
1476 RegDeleteKeyW(HKEY_CURRENT_USER
, BogusPathW
);
1479 static const BYTE serializedStoreWithCertAndCRL
[] = {
1480 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x20,0x00,0x00,0x00,0x01,0x00,0x00,
1481 0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,
1482 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1483 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,
1484 0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,
1485 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,
1486 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
1487 0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,
1488 0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,
1489 0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x21,0x00,0x00,0x00,0x01,0x00,
1490 0x00,0x00,0x47,0x00,0x00,0x00,0x30,0x45,0x30,0x2c,0x30,0x02,0x06,0x00,0x30,
1491 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1492 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1493 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00,0x03,0x11,
1494 0x00,0x0f,0x0e,0x0d,0x0c,0x0b,0x0a,0x09,0x08,0x07,0x06,0x05,0x04,0x03,0x02,
1495 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
1497 static void testFileStore(void)
1499 static const WCHAR szPrefix
[] = { 'c','e','r',0 };
1500 static const WCHAR szDot
[] = { '.',0 };
1501 WCHAR filename
[MAX_PATH
];
1504 PCCERT_CONTEXT cert
;
1507 if (!pCertControlStore
)
1509 win_skip("CertControlStore() is not available\n");
1513 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0, 0, NULL
);
1514 ok(!store
&& GetLastError() == ERROR_INVALID_HANDLE
,
1515 "Expected ERROR_INVALID_HANDLE, got %08x\n", GetLastError());
1517 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename
))
1520 DeleteFileW(filename
);
1521 file
= CreateFileW(filename
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
1522 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
1523 if (file
== INVALID_HANDLE_VALUE
)
1526 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0, CERT_STORE_DELETE_FLAG
,
1528 ok(!store
&& GetLastError() == E_INVALIDARG
,
1529 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1530 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1531 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
| CERT_STORE_READONLY_FLAG
, file
);
1532 ok(!store
&& GetLastError() == E_INVALIDARG
,
1533 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1535 /* A "read-only" file store.. */
1536 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1537 CERT_STORE_OPEN_EXISTING_FLAG
| CERT_STORE_READONLY_FLAG
, file
);
1538 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1543 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1544 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1545 /* apparently allows adding certificates.. */
1546 ok(ret
, "CertAddEncodedCertificateToStore failed: %d\n", ret
);
1547 /* but not commits.. */
1548 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1549 ok(!ret
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
1550 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1551 /* It still has certs in memory.. */
1552 cert
= CertEnumCertificatesInStore(store
, NULL
);
1553 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1555 CertFreeCertificateContext(cert
);
1556 /* but the file size is still 0. */
1557 size
= GetFileSize(file
, NULL
);
1558 ok(size
== 0, "Expected size 0, got %d\n", size
);
1559 CertCloseStore(store
, 0);
1562 /* The create new flag is allowed.. */
1563 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1564 CERT_STORE_CREATE_NEW_FLAG
, file
);
1565 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1568 /* but without the commit enable flag, commits don't happen. */
1569 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1570 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1571 ok(ret
, "CertAddEncodedCertificateToStore failed: %d\n", ret
);
1572 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1573 ok(!ret
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
1574 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1575 CertCloseStore(store
, 0);
1577 /* as is the open existing flag. */
1578 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1579 CERT_STORE_OPEN_EXISTING_FLAG
, file
);
1580 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1583 /* but without the commit enable flag, commits don't happen. */
1584 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1585 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1586 ok(ret
, "CertAddEncodedCertificateToStore failed: %d\n", ret
);
1587 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1588 ok(!ret
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
1589 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
1590 CertCloseStore(store
, 0);
1592 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1593 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
1594 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1598 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1599 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1600 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
1602 /* with commits enabled, commit is allowed */
1603 ret
= pCertControlStore(store
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
1604 ok(ret
, "CertControlStore failed: %d\n", ret
);
1605 compareStore(store
, "serialized store with cert",
1606 serializedStoreWithCert
, sizeof(serializedStoreWithCert
), FALSE
);
1607 CertCloseStore(store
, 0);
1609 file
= CreateFileW(filename
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
1610 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
1611 if (file
== INVALID_HANDLE_VALUE
)
1613 store
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
1614 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
1615 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1619 ret
= CertAddEncodedCRLToStore(store
, X509_ASN_ENCODING
, signedCRL
,
1620 sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, NULL
);
1621 ok(ret
, "CertAddEncodedCRLToStore failed: %08x\n", GetLastError());
1622 compareStore(store
, "serialized store with cert and CRL",
1623 serializedStoreWithCertAndCRL
, sizeof(serializedStoreWithCertAndCRL
),
1625 CertCloseStore(store
, 0);
1628 DeleteFileW(filename
);
1631 static BOOL
initFileFromData(LPCWSTR filename
, const BYTE
*pb
, DWORD cb
)
1633 HANDLE file
= CreateFileW(filename
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
1634 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
1637 if (file
!= INVALID_HANDLE_VALUE
)
1641 ret
= WriteFile(file
, pb
, cb
, &written
, NULL
);
1649 static const BYTE base64SPC
[] =
1650 "MIICJQYJKoZIhvcNAQcCoIICFjCCAhICAQExADALBgkqhkiG9w0BBwGgggH6MIIB"
1651 "9jCCAV+gAwIBAgIQnP8+EF4opr9OxH7h4uBPWTANBgkqhkiG9w0BAQQFADAUMRIw"
1652 "EAYDVQQDEwlKdWFuIExhbmcwHhcNMDgxMjEyMTcxMDE0WhcNMzkxMjMxMjM1OTU5"
1653 "WjAUMRIwEAYDVQQDEwlKdWFuIExhbmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ"
1654 "AoGBALCgNjyNvOic0FOfjxvi43HbM+D5joDkhiGSXe+gbZlf8f16k07kkObFEunz"
1655 "mdB5coscmA7gyqiWNN4ZUyr2cA3lCbnpGPA/0IblyyOcuGIFmmCzeZaVa5ZG6xZP"
1656 "K7L7o+73Qo6jXVbGhBGnMZ7Q9sAn6s2933olnStnejnqwV0NAgMBAAGjSTBHMEUG"
1657 "A1UdAQQ+MDyAEFKbKEdXYyx+CWKcV6vxM6ShFjAUMRIwEAYDVQQDEwlKdWFuIExh"
1658 "bmeCEJz/PhBeKKa/TsR+4eLgT1kwDQYJKoZIhvcNAQEEBQADgYEALpkgLgW3mEaK"
1659 "idPQ3iPJYLG0Ub1wraqEl9bd42hrhzIdcDzlQgxnm8/5cHYVxIF/C20x/HJplb1R"
1660 "G6U1ipFe/q8byWD/9JpiBKMGPi9YlUTgXHfS9d4S/QWO1h9Z7KeipBYhoslQpHXu"
1661 "y9bUr8Adqi6SzgHpCnMu53dxgxUD1r4xAA==";
1662 /* Same as base64SPC, but as a wide-char string */
1663 static const WCHAR utf16Base64SPC
[] = {
1664 'M','I','I','C','J','Q','Y','J','K','o','Z','I','h','v','c','N','A',
1665 'Q','c','C','o','I','I','C','F','j','C','C','A','h','I','C','A','Q',
1666 'E','x','A','D','A','L','B','g','k','q','h','k','i','G','9','w','0',
1667 'B','B','w','G','g','g','g','H','6','M','I','I','B','9','j','C','C',
1668 'A','V','+','g','A','w','I','B','A','g','I','Q','n','P','8','+','E',
1669 'F','4','o','p','r','9','O','x','H','7','h','4','u','B','P','W','T',
1670 'A','N','B','g','k','q','h','k','i','G','9','w','0','B','A','Q','Q',
1671 'F','A','D','A','U','M','R','I','w','E','A','Y','D','V','Q','Q','D',
1672 'E','w','l','K','d','W','F','u','I','E','x','h','b','m','c','w','H',
1673 'h','c','N','M','D','g','x','M','j','E','y','M','T','c','x','M','D',
1674 'E','0','W','h','c','N','M','z','k','x','M','j','M','x','M','j','M',
1675 '1','O','T','U','5','W','j','A','U','M','R','I','w','E','A','Y','D',
1676 'V','Q','Q','D','E','w','l','K','d','W','F','u','I','E','x','h','b',
1677 'm','c','w','g','Z','8','w','D','Q','Y','J','K','o','Z','I','h','v',
1678 'c','N','A','Q','E','B','B','Q','A','D','g','Y','0','A','M','I','G',
1679 'J','A','o','G','B','A','L','C','g','N','j','y','N','v','O','i','c',
1680 '0','F','O','f','j','x','v','i','4','3','H','b','M','+','D','5','j',
1681 'o','D','k','h','i','G','S','X','e','+','g','b','Z','l','f','8','f',
1682 '1','6','k','0','7','k','k','O','b','F','E','u','n','z','m','d','B',
1683 '5','c','o','s','c','m','A','7','g','y','q','i','W','N','N','4','Z',
1684 'U','y','r','2','c','A','3','l','C','b','n','p','G','P','A','/','0',
1685 'I','b','l','y','y','O','c','u','G','I','F','m','m','C','z','e','Z',
1686 'a','V','a','5','Z','G','6','x','Z','P','K','7','L','7','o','+','7',
1687 '3','Q','o','6','j','X','V','b','G','h','B','G','n','M','Z','7','Q',
1688 '9','s','A','n','6','s','2','9','3','3','o','l','n','S','t','n','e',
1689 'j','n','q','w','V','0','N','A','g','M','B','A','A','G','j','S','T',
1690 'B','H','M','E','U','G','A','1','U','d','A','Q','Q','+','M','D','y',
1691 'A','E','F','K','b','K','E','d','X','Y','y','x','+','C','W','K','c',
1692 'V','6','v','x','M','6','S','h','F','j','A','U','M','R','I','w','E',
1693 'A','Y','D','V','Q','Q','D','E','w','l','K','d','W','F','u','I','E',
1694 'x','h','b','m','e','C','E','J','z','/','P','h','B','e','K','K','a',
1695 '/','T','s','R','+','4','e','L','g','T','1','k','w','D','Q','Y','J',
1696 'K','o','Z','I','h','v','c','N','A','Q','E','E','B','Q','A','D','g',
1697 'Y','E','A','L','p','k','g','L','g','W','3','m','E','a','K','i','d',
1698 'P','Q','3','i','P','J','Y','L','G','0','U','b','1','w','r','a','q',
1699 'E','l','9','b','d','4','2','h','r','h','z','I','d','c','D','z','l',
1700 'Q','g','x','n','m','8','/','5','c','H','Y','V','x','I','F','/','C',
1701 '2','0','x','/','H','J','p','l','b','1','R','G','6','U','1','i','p',
1702 'F','e','/','q','8','b','y','W','D','/','9','J','p','i','B','K','M',
1703 'G','P','i','9','Y','l','U','T','g','X','H','f','S','9','d','4','S',
1704 '/','Q','W','O','1','h','9','Z','7','K','e','i','p','B','Y','h','o',
1705 's','l','Q','p','H','X','u','y','9','b','U','r','8','A','d','q','i',
1706 '6','S','z','g','H','p','C','n','M','u','5','3','d','x','g','x','U',
1707 'D','1','r','4','x','A','A','=','=',0 };
1709 static void testFileNameStore(void)
1711 static const WCHAR szPrefix
[] = { 'c','e','r',0 };
1712 static const WCHAR spcPrefix
[] = { 's','p','c',0 };
1713 static const WCHAR szDot
[] = { '.',0 };
1714 WCHAR filename
[MAX_PATH
];
1721 /* Crashes on NT4 */
1722 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0, 0, NULL
);
1723 GLE
= GetLastError();
1724 ok(!store
&& (GLE
== ERROR_PATH_NOT_FOUND
|| GLE
== ERROR_INVALID_PARAMETER
),
1725 "Expected ERROR_PATH_NOT_FOUND or ERROR_INVALID_PARAMETER, got %08x\n",
1729 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename
))
1731 DeleteFileW(filename
);
1733 /* The two flags are mutually exclusive */
1734 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1735 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
| CERT_STORE_READONLY_FLAG
, filename
);
1736 ok(!store
&& GetLastError() == E_INVALIDARG
,
1737 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1739 /* In all of the following tests, the encoding type seems to be ignored */
1740 if (initFileFromData(filename
, bigCert
, sizeof(bigCert
)))
1742 PCCERT_CONTEXT cert
;
1745 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1746 CERT_STORE_READONLY_FLAG
, filename
);
1747 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1749 cert
= CertEnumCertificatesInStore(store
, NULL
);
1750 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1752 cert
= CertEnumCertificatesInStore(store
, cert
);
1753 ok(!cert
, "Expected only one cert\n");
1754 if (pCertEnumCRLsInStore
)
1756 crl
= pCertEnumCRLsInStore(store
, NULL
);
1757 ok(!crl
, "Expected no CRLs\n");
1760 CertCloseStore(store
, 0);
1761 DeleteFileW(filename
);
1763 if (initFileFromData(filename
, serializedStoreWithCert
,
1764 sizeof(serializedStoreWithCert
)))
1766 PCCERT_CONTEXT cert
;
1769 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1770 CERT_STORE_READONLY_FLAG
, filename
);
1771 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1773 cert
= CertEnumCertificatesInStore(store
, NULL
);
1774 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1776 cert
= CertEnumCertificatesInStore(store
, cert
);
1777 ok(!cert
, "Expected only one cert\n");
1778 if (pCertEnumCRLsInStore
)
1780 crl
= pCertEnumCRLsInStore(store
, NULL
);
1781 ok(!crl
, "Expected no CRLs\n");
1784 CertCloseStore(store
, 0);
1785 DeleteFileW(filename
);
1787 if (initFileFromData(filename
, serializedStoreWithCertAndCRL
,
1788 sizeof(serializedStoreWithCertAndCRL
)))
1790 PCCERT_CONTEXT cert
;
1793 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1794 CERT_STORE_READONLY_FLAG
, filename
);
1795 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1797 cert
= CertEnumCertificatesInStore(store
, NULL
);
1798 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1800 cert
= CertEnumCertificatesInStore(store
, cert
);
1801 ok(!cert
, "Expected only one cert\n");
1802 if (pCertEnumCRLsInStore
)
1804 crl
= pCertEnumCRLsInStore(store
, NULL
);
1805 ok(crl
!= NULL
, "CertEnumCRLsInStore failed: %08x\n", GetLastError());
1806 crl
= pCertEnumCRLsInStore(store
, crl
);
1807 ok(!crl
, "Expected only one CRL\n");
1810 CertCloseStore(store
, 0);
1811 /* Don't delete it this time, the next test uses it */
1813 /* Now that the file exists, we can open it read-only */
1814 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1815 CERT_STORE_READONLY_FLAG
, filename
);
1816 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1817 CertCloseStore(store
, 0);
1818 DeleteFileW(filename
);
1820 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1821 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
| CERT_STORE_CREATE_NEW_FLAG
, filename
);
1822 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1825 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1826 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1827 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
1829 compareStore(store
, "serialized store with cert",
1830 serializedStoreWithCert
, sizeof(serializedStoreWithCert
), FALSE
);
1831 CertCloseStore(store
, 0);
1833 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1834 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, filename
);
1835 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1838 ret
= CertAddEncodedCRLToStore(store
, X509_ASN_ENCODING
,
1839 signedCRL
, sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, NULL
);
1840 ok(ret
, "CertAddEncodedCRLToStore failed: %08x\n", GetLastError());
1841 compareStore(store
, "serialized store with cert and CRL",
1842 serializedStoreWithCertAndCRL
, sizeof(serializedStoreWithCertAndCRL
),
1844 CertCloseStore(store
, 0);
1846 DeleteFileW(filename
);
1848 if (!GetTempFileNameW(szDot
, spcPrefix
, 0, filename
))
1850 DeleteFileW(filename
);
1852 if (initFileFromData(filename
, base64SPC
, sizeof(base64SPC
)))
1854 PCCERT_CONTEXT cert
;
1857 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1858 CERT_STORE_READONLY_FLAG
, filename
);
1859 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1861 cert
= CertEnumCertificatesInStore(store
, NULL
);
1862 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1864 cert
= CertEnumCertificatesInStore(store
, cert
);
1865 ok(!cert
, "Expected only one cert\n");
1866 if (pCertEnumCRLsInStore
)
1868 crl
= pCertEnumCRLsInStore(store
, NULL
);
1869 ok(!crl
, "Expected no CRLs\n");
1872 CertCloseStore(store
, 0);
1873 DeleteFileW(filename
);
1875 if (initFileFromData(filename
, (BYTE
*)utf16Base64SPC
,
1876 sizeof(utf16Base64SPC
)))
1878 PCCERT_CONTEXT cert
;
1881 store
= CertOpenStore(CERT_STORE_PROV_FILENAME_W
, 0, 0,
1882 CERT_STORE_READONLY_FLAG
, filename
);
1883 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1885 cert
= CertEnumCertificatesInStore(store
, NULL
);
1886 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
1888 cert
= CertEnumCertificatesInStore(store
, cert
);
1889 ok(!cert
, "Expected only one cert\n");
1890 if (pCertEnumCRLsInStore
)
1892 crl
= pCertEnumCRLsInStore(store
, NULL
);
1893 ok(!crl
, "Expected no CRLs\n");
1896 CertCloseStore(store
, 0);
1897 DeleteFileW(filename
);
1901 static const BYTE signedContent
[] = {
1902 0x30,0x81,0xb2,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0,
1903 0x81,0xa4,0x30,0x81,0xa1,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,
1904 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,
1905 0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,
1906 0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,
1907 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1908 0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1909 0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,
1910 0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,
1911 0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,
1912 0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,
1913 0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,
1915 static const BYTE signedWithCertAndCrlBareContent
[] = {
1916 0x30,0x82,0x01,0x4f,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,
1917 0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,
1918 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0xa0,
1919 0x7c,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
1920 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1921 0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
1922 0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1923 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
1924 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1925 0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,
1926 0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,
1927 0x01,0xff,0x02,0x01,0x01,0xa1,0x2e,0x30,0x2c,0x30,0x02,0x06,0x00,0x30,0x15,
1928 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
1929 0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
1930 0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x31,0x77,0x30,0x75,0x02,0x01,0x01,
1931 0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,
1932 0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,
1933 0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,
1934 0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,
1935 0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,
1936 0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,
1937 0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,
1938 0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1939 static const BYTE hashContent
[] = {
1940 0x30,0x47,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x05,0xa0,0x3a,
1941 0x30,0x38,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1942 0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
1943 0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x04,0x10,0x08,0xd6,0xc0,
1944 0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
1945 static const BYTE hashBareContent
[] = {
1946 0x30,0x38,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1947 0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
1948 0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x04,0x10,0x08,0xd6,0xc0,
1949 0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
1951 static void testMessageStore(void)
1954 HCRYPTMSG msg
= CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING
, 0, 0, 0, NULL
,
1956 CRYPT_DATA_BLOB blob
= { sizeof(signedWithCertAndCrlBareContent
),
1957 (LPBYTE
)signedWithCertAndCrlBareContent
};
1962 store = CertOpenStore(CERT_STORE_PROV_MSG, 0, 0, 0, NULL);
1964 SetLastError(0xdeadbeef);
1965 store
= CertOpenStore(CERT_STORE_PROV_MSG
, 0, 0, 0, msg
);
1966 ok(!store
&& GetLastError() == CRYPT_E_INVALID_MSG_TYPE
,
1967 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
1968 CryptMsgUpdate(msg
, signedContent
, sizeof(signedContent
), TRUE
);
1969 store
= CertOpenStore(CERT_STORE_PROV_MSG
, 0, 0, 0, msg
);
1970 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
1973 PCCERT_CONTEXT cert
= NULL
;
1974 PCCRL_CONTEXT crl
= NULL
;
1978 cert
= CertEnumCertificatesInStore(store
, cert
);
1982 ok(count
== 0, "Expected 0 certificates, got %d\n", count
);
1984 if (pCertEnumCRLsInStore
)
1988 crl
= pCertEnumCRLsInStore(store
, crl
);
1992 ok(count
== 0, "Expected 0 CRLs, got %d\n", count
);
1995 /* Can add certs to a message store */
1996 ret
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
,
1997 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, NULL
);
1998 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
2002 cert
= CertEnumCertificatesInStore(store
, cert
);
2006 ok(count
== 1, "Expected 1 certificate, got %d\n", count
);
2008 CertCloseStore(store
, 0);
2010 /* but the added certs weren't actually added to the message */
2011 size
= sizeof(count
);
2012 ret
= CryptMsgGetParam(msg
, CMSG_CERT_COUNT_PARAM
, 0, &count
, &size
);
2013 ok(ret
, "CryptMsgGetParam failed: %08x\n", GetLastError());
2014 ok(count
== 0, "Expected 0 certificates, got %d\n", count
);
2018 store = CertOpenStore(CERT_STORE_PROV_PKCS7, 0, 0, 0, NULL);
2020 store
= CertOpenStore(CERT_STORE_PROV_PKCS7
, 0, 0, 0, &blob
);
2021 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2025 PCCERT_CONTEXT cert
= NULL
;
2026 PCCRL_CONTEXT crl
= NULL
;
2029 cert
= CertEnumCertificatesInStore(store
, cert
);
2033 ok(count
== 1, "Expected 1 certificate, got %d\n", count
);
2035 if (pCertEnumCRLsInStore
)
2039 crl
= pCertEnumCRLsInStore(store
, crl
);
2043 ok(count
== 1, "Expected 1 CRL, got %d\n", count
);
2045 CertCloseStore(store
, 0);
2047 /* Encoding appears to be ignored */
2048 store
= CertOpenStore(CERT_STORE_PROV_PKCS7
, X509_ASN_ENCODING
, 0, 0,
2050 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2052 CertCloseStore(store
, 0);
2053 /* Messages other than signed messages aren't allowed */
2054 blob
.cbData
= sizeof(hashContent
);
2055 blob
.pbData
= (LPBYTE
)hashContent
;
2056 SetLastError(0xdeadbeef);
2057 store
= CertOpenStore(CERT_STORE_PROV_PKCS7
, 0, 0, 0, &blob
);
2058 ok(!store
&& GetLastError() == CRYPT_E_INVALID_MSG_TYPE
,
2059 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
2060 blob
.cbData
= sizeof(hashBareContent
);
2061 blob
.pbData
= (LPBYTE
)hashBareContent
;
2062 SetLastError(0xdeadbeef);
2063 store
= CertOpenStore(CERT_STORE_PROV_PKCS7
, 0, 0, 0, &blob
);
2065 (GetLastError() == CRYPT_E_ASN1_BADTAG
||
2066 broken(GetLastError() == OSS_DATA_ERROR
)), /* NT4 */
2067 "Expected CRYPT_E_ASN1_BADTAG, got %08x\n", GetLastError());
2070 static void testSerializedStore(void)
2073 CRYPT_DATA_BLOB blob
;
2078 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0, 0, NULL
);
2079 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0,
2080 CERT_STORE_DELETE_FLAG
, NULL
);
2082 blob
.cbData
= sizeof(serializedStoreWithCert
);
2083 blob
.pbData
= (BYTE
*)serializedStoreWithCert
;
2084 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0,
2085 CERT_STORE_DELETE_FLAG
, &blob
);
2086 ok(!store
&& GetLastError() == ERROR_CALL_NOT_IMPLEMENTED
,
2087 "Expected ERROR_CALL_NOT_IMPLEMENTED, got %08x\n", GetLastError());
2088 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0, 0, &blob
);
2089 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2092 PCCERT_CONTEXT cert
;
2095 cert
= CertEnumCertificatesInStore(store
, NULL
);
2096 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
2098 cert
= CertEnumCertificatesInStore(store
, cert
);
2099 ok(!cert
, "Expected only one cert\n");
2100 if (pCertEnumCRLsInStore
)
2102 crl
= pCertEnumCRLsInStore(store
, NULL
);
2103 ok(!crl
, "Expected no CRLs\n");
2105 CertCloseStore(store
, 0);
2107 blob
.cbData
= sizeof(serializedStoreWithCertAndCRL
);
2108 blob
.pbData
= (BYTE
*)serializedStoreWithCertAndCRL
;
2109 store
= CertOpenStore(CERT_STORE_PROV_SERIALIZED
, 0, 0, 0, &blob
);
2110 ok(store
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2113 PCCERT_CONTEXT cert
;
2116 cert
= CertEnumCertificatesInStore(store
, NULL
);
2117 ok(cert
!= NULL
, "CertEnumCertificatesInStore failed: %08x\n",
2119 cert
= CertEnumCertificatesInStore(store
, cert
);
2120 ok(!cert
, "Expected only one cert\n");
2121 if (pCertEnumCRLsInStore
)
2123 crl
= pCertEnumCRLsInStore(store
, NULL
);
2124 ok(crl
!= NULL
, "CertEnumCRLsInStore failed: %08x\n",
2126 crl
= pCertEnumCRLsInStore(store
, crl
);
2127 ok(!crl
, "Expected only one CRL\n");
2129 CertCloseStore(store
, 0);
2133 static void testCertOpenSystemStore(void)
2137 store
= CertOpenSystemStoreW(0, NULL
);
2138 ok(!store
&& GetLastError() == E_INVALIDARG
,
2139 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2140 /* This succeeds, and on WinXP at least, the Bogus key is created under
2141 * HKCU (but not under HKLM, even when run as an administrator.)
2143 store
= CertOpenSystemStoreW(0, BogusW
);
2144 ok(store
!= 0, "CertOpenSystemStore failed: %08x\n", GetLastError());
2146 CertCloseStore(store
, 0);
2147 /* Delete it so other tests succeed next time around */
2148 CertOpenStore(CERT_STORE_PROV_SYSTEM
, 0, 0,
2149 CERT_SYSTEM_STORE_CURRENT_USER
| CERT_STORE_DELETE_FLAG
, BogusW
);
2150 RegDeleteKeyW(HKEY_CURRENT_USER
, BogusPathW
);
2158 } reg_system_store_test_data
[] = {
2159 { CERT_SYSTEM_STORE_CURRENT_USER
, TRUE
, 0},
2160 /* Following tests could require administrator privileges and thus could be skipped */
2161 { CERT_SYSTEM_STORE_CURRENT_SERVICE
, TRUE
, 1},
2162 { CERT_SYSTEM_STORE_LOCAL_MACHINE
, TRUE
, 0},
2163 { CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY
, TRUE
, 0},
2164 { CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY
, TRUE
, 0},
2165 { CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE
, TRUE
, 1}
2168 static void testCertRegisterSystemStore(void)
2173 static const WCHAR WineTestW
[] = {'W','i','n','e','T','e','s','t',0};
2174 const CERT_CONTEXT
*cert
, *cert2
;
2177 if (!pCertRegisterSystemStore
|| !pCertUnregisterSystemStore
)
2179 win_skip("CertRegisterSystemStore() or CertUnregisterSystemStore() is not available\n");
2183 for (i
= 0; i
< sizeof(reg_system_store_test_data
) / sizeof(reg_system_store_test_data
[0]); i
++) {
2184 cur_flag
= reg_system_store_test_data
[i
].cert_store
;
2185 ret
= pCertRegisterSystemStore(WineTestW
, cur_flag
, NULL
, NULL
);
2188 err
= GetLastError();
2189 if (err
== ERROR_ACCESS_DENIED
)
2191 win_skip("Insufficient privileges for the flag %08x test\n", cur_flag
);
2195 todo_wine_if (reg_system_store_test_data
[i
].todo
)
2196 ok (ret
== reg_system_store_test_data
[i
].expected
,
2197 "Store registration (dwFlags=%08x) failed, last error %x\n", cur_flag
, err
);
2200 skip("Nothing to test without registered store at %08x\n", cur_flag
);
2204 hstore
= CertOpenStore(CERT_STORE_PROV_SYSTEM_W
, 0, 0, CERT_STORE_OPEN_EXISTING_FLAG
| cur_flag
, WineTestW
);
2205 ok (hstore
!= NULL
, "Opening just registered store at %08x failed, last error %x\n", cur_flag
, GetLastError());
2207 cert
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
, sizeof(bigCert
));
2208 ok (cert
!= NULL
, "Failed creating cert at %08x, last error: %x\n", cur_flag
, GetLastError());
2211 ret
= CertAddCertificateContextToStore(hstore
, cert
, CERT_STORE_ADD_NEW
, NULL
);
2212 ok (ret
, "Failed to add cert at %08x, last error: %x\n", cur_flag
, GetLastError());
2214 cert2
= CertEnumCertificatesInStore(hstore
, NULL
);
2215 ok (cert2
!= NULL
&& cert2
->cbCertEncoded
== cert
->cbCertEncoded
,
2216 "Unexpected cert encoded size at %08x, last error: %x\n", cur_flag
, GetLastError());
2218 ret
= CertDeleteCertificateFromStore(cert2
);
2219 ok (ret
, "Failed to delete certificate from the new store at %08x, last error: %x\n", cur_flag
, GetLastError());
2221 CertFreeCertificateContext(cert
);
2224 ret
= CertCloseStore(hstore
, 0);
2225 ok (ret
, "CertCloseStore failed at %08x, last error %x", cur_flag
, GetLastError());
2227 ret
= pCertUnregisterSystemStore(WineTestW
, cur_flag
);
2228 todo_wine_if (reg_system_store_test_data
[i
].todo
)
2229 ok( ret
== reg_system_store_test_data
[i
].expected
,
2230 "Unregistering failed at %08x, last error %d\n", cur_flag
, GetLastError());
2235 struct EnumSystemStoreInfo
2241 static BOOL CALLBACK
enumSystemStoreCB(const void *systemStore
, DWORD dwFlags
,
2242 PCERT_SYSTEM_STORE_INFO pStoreInfo
, void *pvReserved
, void *pvArg
)
2244 struct EnumSystemStoreInfo
*info
= pvArg
;
2250 static void testCertEnumSystemStore(void)
2253 struct EnumSystemStoreInfo info
= { FALSE
, 0 };
2255 if (!pCertEnumSystemStore
)
2257 win_skip("CertEnumSystemStore() is not available\n");
2261 SetLastError(0xdeadbeef);
2262 ret
= pCertEnumSystemStore(0, NULL
, NULL
, NULL
);
2263 ok(!ret
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
2264 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
2266 ret = pCertEnumSystemStore(CERT_SYSTEM_STORE_LOCAL_MACHINE, NULL, NULL,
2270 SetLastError(0xdeadbeef);
2271 ret
= pCertEnumSystemStore(CERT_SYSTEM_STORE_LOCAL_MACHINE
, NULL
, &info
,
2273 /* Callback returning FALSE stops enumeration */
2274 ok(!ret
, "Expected CertEnumSystemStore to stop\n");
2275 ok(info
.storeCount
== 0 || info
.storeCount
== 1,
2276 "Expected 0 or 1 stores\n");
2279 info
.storeCount
= 0;
2280 ret
= pCertEnumSystemStore(CERT_SYSTEM_STORE_LOCAL_MACHINE
, NULL
, &info
,
2282 ok(ret
, "CertEnumSystemStore failed: %08x\n", GetLastError());
2283 /* There should always be at least My, Root, and CA stores */
2284 ok(info
.storeCount
== 0 || info
.storeCount
>= 3,
2285 "Expected at least 3 stores\n");
2288 static void testStoreProperty(void)
2292 DWORD propID
, size
= 0, state
;
2293 CRYPT_DATA_BLOB blob
;
2295 if (!pCertGetStoreProperty
|| !pCertSetStoreProperty
)
2297 win_skip("CertGet/SetStoreProperty() is not available\n");
2302 ret = pCertGetStoreProperty(NULL, 0, NULL, NULL);
2303 ret = pCertGetStoreProperty(NULL, 0, NULL, &size);
2304 ret = pCertGetStoreProperty(store, 0, NULL, NULL);
2307 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2308 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2309 /* Check a missing prop ID */
2310 SetLastError(0xdeadbeef);
2311 ret
= pCertGetStoreProperty(store
, 0, NULL
, &size
);
2312 ok(!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
,
2313 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2314 /* Contrary to MSDN, CERT_ACCESS_STATE_PROP_ID is supported for stores.. */
2315 size
= sizeof(state
);
2316 ret
= pCertGetStoreProperty(store
, CERT_ACCESS_STATE_PROP_ID
, &state
, &size
);
2317 ok(ret
, "CertGetStoreProperty failed for CERT_ACCESS_STATE_PROP_ID: %08x\n",
2319 ok(!state
, "Expected a non-persisted store\n");
2320 /* and CERT_STORE_LOCALIZED_NAME_PROP_ID isn't supported by default. */
2322 ret
= pCertGetStoreProperty(store
, CERT_STORE_LOCALIZED_NAME_PROP_ID
, NULL
,
2324 ok(!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
,
2325 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2326 /* Delete an arbitrary property on a store */
2327 ret
= pCertSetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, 0, NULL
);
2328 ok(ret
, "CertSetStoreProperty failed: %08x\n", GetLastError());
2329 /* Set an arbitrary property on a store */
2330 blob
.pbData
= (LPBYTE
)&state
;
2331 blob
.cbData
= sizeof(state
);
2332 ret
= pCertSetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, 0, &blob
);
2333 ok(ret
, "CertSetStoreProperty failed: %08x\n", GetLastError());
2334 /* Get an arbitrary property that's been set */
2335 ret
= pCertGetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, NULL
, &size
);
2336 ok(ret
, "CertGetStoreProperty failed: %08x\n", GetLastError());
2337 ok(size
== sizeof(state
), "Unexpected data size %d\n", size
);
2338 ret
= pCertGetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, &propID
, &size
);
2339 ok(ret
, "CertGetStoreProperty failed: %08x\n", GetLastError());
2340 ok(propID
== state
, "CertGetStoreProperty got the wrong value\n");
2341 /* Delete it again */
2342 ret
= pCertSetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, 0, NULL
);
2343 ok(ret
, "CertSetStoreProperty failed: %08x\n", GetLastError());
2344 /* And check that it's missing */
2345 SetLastError(0xdeadbeef);
2346 ret
= pCertGetStoreProperty(store
, CERT_FIRST_USER_PROP_ID
, NULL
, &size
);
2347 ok(!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
,
2348 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2349 CertCloseStore(store
, 0);
2351 /* Recheck on the My store.. */
2352 store
= CertOpenSystemStoreW(0, MyW
);
2353 size
= sizeof(state
);
2354 ret
= pCertGetStoreProperty(store
, CERT_ACCESS_STATE_PROP_ID
, &state
, &size
);
2355 ok(ret
, "CertGetStoreProperty failed for CERT_ACCESS_STATE_PROP_ID: %08x\n",
2357 ok(state
, "Expected a persisted store\n");
2358 SetLastError(0xdeadbeef);
2360 ret
= pCertGetStoreProperty(store
, CERT_STORE_LOCALIZED_NAME_PROP_ID
, NULL
,
2362 ok(!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
,
2363 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2364 CertCloseStore(store
, 0);
2367 static void testAddSerialized(void)
2371 BYTE buf
[sizeof(struct CertPropIDHeader
) * 2 + 20 + sizeof(bigCert
)] =
2374 struct CertPropIDHeader
*hdr
;
2375 PCCERT_CONTEXT context
;
2377 ret
= CertAddSerializedElementToStore(0, NULL
, 0, 0, 0, 0, NULL
, NULL
);
2378 ok(!ret
&& GetLastError() == ERROR_END_OF_MEDIA
,
2379 "Expected ERROR_END_OF_MEDIA, got %08x\n", GetLastError());
2381 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2382 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2383 ok(store
!= 0, "CertOpenStore failed: %08x\n", GetLastError());
2385 ret
= CertAddSerializedElementToStore(store
, NULL
, 0, 0, 0, 0, NULL
, NULL
);
2386 ok(!ret
&& GetLastError() == ERROR_END_OF_MEDIA
,
2387 "Expected ERROR_END_OF_MEDIA, got %08x\n", GetLastError());
2389 /* Test with an empty property */
2390 hdr
= (struct CertPropIDHeader
*)buf
;
2391 hdr
->propID
= CERT_CERT_PROP_ID
;
2394 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0, 0,
2396 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2397 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2398 /* Test with a bad size in property header */
2399 hdr
->cb
= sizeof(bigCert
) - 1;
2400 memcpy(buf
+ sizeof(struct CertPropIDHeader
), bigCert
, sizeof(bigCert
));
2401 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0, 0,
2403 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2404 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2405 ret
= CertAddSerializedElementToStore(store
, buf
,
2406 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), 0, 0, 0, NULL
,
2408 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2409 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2410 ret
= CertAddSerializedElementToStore(store
, buf
,
2411 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2413 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2414 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2415 /* Kosher size in property header, but no context type */
2416 hdr
->cb
= sizeof(bigCert
);
2417 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0, 0,
2419 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2420 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2421 ret
= CertAddSerializedElementToStore(store
, buf
,
2422 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), 0, 0, 0, NULL
,
2424 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2425 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2426 ret
= CertAddSerializedElementToStore(store
, buf
,
2427 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2429 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2430 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2431 /* With a bad context type */
2432 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0,
2433 CERT_STORE_CRL_CONTEXT_FLAG
, NULL
, NULL
);
2434 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2435 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2436 ret
= CertAddSerializedElementToStore(store
, buf
,
2437 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), 0, 0,
2438 CERT_STORE_CRL_CONTEXT_FLAG
, NULL
, NULL
);
2439 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2440 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2441 ret
= CertAddSerializedElementToStore(store
, buf
,
2442 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2443 0, CERT_STORE_CRL_CONTEXT_FLAG
, NULL
, NULL
);
2444 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2445 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2446 /* Bad unknown field, good type */
2448 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
), 0, 0,
2449 CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2450 ok(!ret
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
2451 "Expected ERROR_FILE_NOT_FOUND got %08x\n", GetLastError());
2452 ret
= CertAddSerializedElementToStore(store
, buf
,
2453 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), 0, 0,
2454 CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2455 ok(!ret
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
2456 "Expected ERROR_FILE_NOT_FOUND got %08x\n", GetLastError());
2457 ret
= CertAddSerializedElementToStore(store
, buf
,
2458 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2459 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2460 ok(!ret
&& GetLastError() == ERROR_FILE_NOT_FOUND
,
2461 "Expected ERROR_FILE_NOT_FOUND got %08x\n", GetLastError());
2462 /* Most everything okay, but bad add disposition */
2465 ret = CertAddSerializedElementToStore(store, buf, sizeof(buf), 0, 0,
2466 CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2468 ret = CertAddSerializedElementToStore(store, buf,
2469 sizeof(struct CertPropIDHeader) + sizeof(bigCert), 0, 0,
2470 CERT_STORE_CERTIFICATE_CONTEXT_FLAG, NULL, NULL);
2472 /* Everything okay, but buffer's too big */
2473 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
),
2474 CERT_STORE_ADD_NEW
, 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2475 ok(ret
, "CertAddSerializedElementToStore failed: %08x\n", GetLastError());
2476 /* Everything okay, check it's not re-added */
2477 ret
= CertAddSerializedElementToStore(store
, buf
,
2478 sizeof(struct CertPropIDHeader
) + sizeof(bigCert
), CERT_STORE_ADD_NEW
,
2479 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
, NULL
);
2480 ok(!ret
&& GetLastError() == CRYPT_E_EXISTS
,
2481 "Expected CRYPT_E_EXISTS, got %08x\n", GetLastError());
2483 context
= CertEnumCertificatesInStore(store
, NULL
);
2484 ok(context
!= NULL
, "Expected a cert\n");
2486 CertDeleteCertificateFromStore(context
);
2488 /* Try adding with a bogus hash. Oddly enough, it succeeds, and the hash,
2489 * when queried, is the real hash rather than the bogus hash.
2491 hdr
= (struct CertPropIDHeader
*)(buf
+ sizeof(struct CertPropIDHeader
) +
2493 hdr
->propID
= CERT_HASH_PROP_ID
;
2495 hdr
->cb
= sizeof(hash
);
2496 memset(hash
, 0xc, sizeof(hash
));
2497 memcpy((LPBYTE
)hdr
+ sizeof(struct CertPropIDHeader
), hash
, sizeof(hash
));
2498 ret
= CertAddSerializedElementToStore(store
, buf
, sizeof(buf
),
2499 CERT_STORE_ADD_NEW
, 0, CERT_STORE_CERTIFICATE_CONTEXT_FLAG
, NULL
,
2500 (const void **)&context
);
2501 ok(ret
, "CertAddSerializedElementToStore failed: %08x\n", GetLastError());
2504 BYTE hashVal
[20], realHash
[20];
2505 DWORD size
= sizeof(hashVal
);
2507 ret
= CryptHashCertificate(0, 0, 0, bigCert
, sizeof(bigCert
),
2509 ok(ret
, "CryptHashCertificate failed: %08x\n", GetLastError());
2510 ret
= CertGetCertificateContextProperty(context
, CERT_HASH_PROP_ID
,
2512 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n",
2514 ok(!memcmp(hashVal
, realHash
, size
), "Unexpected hash\n");
2515 CertFreeCertificateContext(context
);
2518 CertCloseStore(store
, 0);
2521 static const BYTE serializedCertWithFriendlyName
[] = {
2522 0x0b,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x12,0x00,0x00,0x00,0x57,0x00,0x69,
2523 0x00,0x6e,0x00,0x65,0x00,0x54,0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x00,0x00,
2524 0x20,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,
2525 0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,
2526 0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,
2527 0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,
2528 0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,
2529 0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,
2530 0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,
2531 0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,
2532 0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,
2534 static const BYTE serializedStoreWithCertWithFriendlyName
[] = {
2535 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x0b,0x00,0x00,0x00,0x01,0x00,0x00,
2536 0x00,0x12,0x00,0x00,0x00,0x57,0x00,0x69,0x00,0x6e,0x00,0x65,0x00,0x54,0x00,
2537 0x65,0x00,0x73,0x00,0x74,0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x00,
2538 0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,
2539 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
2540 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,
2541 0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,
2542 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,
2543 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
2544 0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,
2545 0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,
2546 0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x00,0x00,0x00,0x00,0x00,0x00,
2547 0x00,0x00,0x00,0x00,0x00,0x00 };
2548 static const BYTE serializedStoreWithCertAndHash
[] = {
2549 0x00,0x00,0x00,0x00,0x43,0x45,0x52,0x54,0x03,0x00,0x00,0x00,0x01,0x00,0x00,
2550 0x00,0x14,0x00,0x00,0x00,0x6e,0x30,0x90,0x71,0x5f,0xd9,0x23,0x56,0xeb,0xae,
2551 0x25,0x40,0xe6,0x22,0xda,0x19,0x26,0x02,0xa6,0x08,0x20,0x00,0x00,0x00,0x01,
2552 0x00,0x00,0x00,0x7c,0x00,0x00,0x00,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,
2553 0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,
2554 0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,
2555 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,
2556 0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,
2557 0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,
2558 0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,
2559 0x01,0x00,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,
2560 0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01,0x00,0x00,0x00,0x00,
2561 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
2563 static void delete_test_key(void)
2565 HKEY root_key
, test_key
;
2566 static const WCHAR SysCertW
[] = {'S','o','f','t','w','a','r','e','\\','M','i','c','r','o','s','o','f','t','\\',
2567 'S','y','s','t','e','m','C','e','r','t','i','f','i','c','a','t','e','s',0};
2568 static const WCHAR WineTestW
[] = {'W','i','n','e','T','e','s','t',0};
2569 WCHAR subkey_name
[32];
2570 DWORD num_subkeys
, subkey_name_len
;
2573 if (RegOpenKeyExW(HKEY_CURRENT_USER
, SysCertW
, 0, KEY_READ
, &root_key
))
2575 if (RegOpenKeyExW(root_key
, WineTestW
, 0, KEY_READ
, &test_key
))
2577 RegCloseKey(root_key
);
2580 RegQueryInfoKeyW(test_key
, NULL
, NULL
, NULL
, &num_subkeys
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
);
2581 for (idx
= num_subkeys
; idx
-- > 0;)
2583 subkey_name_len
= sizeof(subkey_name
)/sizeof(WCHAR
);
2584 RegEnumKeyExW(test_key
, idx
, subkey_name
, &subkey_name_len
, NULL
, NULL
, NULL
, NULL
);
2585 RegDeleteKeyW(test_key
, subkey_name
);
2587 RegCloseKey(test_key
);
2588 RegDeleteKeyW(root_key
, WineTestW
);
2589 RegCloseKey(root_key
);
2592 static void testAddCertificateLink(void)
2595 HCERTSTORE store1
, store2
;
2596 PCCERT_CONTEXT source
, linked
;
2599 CERT_NAME_BLOB blob
;
2600 static const WCHAR szPrefix
[] = { 'c','e','r',0 };
2601 static const WCHAR szDot
[] = { '.',0 };
2602 static const WCHAR WineTestW
[] = { 'W','i','n','e','T','e','s','t',0 };
2603 WCHAR filename1
[MAX_PATH
], filename2
[MAX_PATH
];
2606 if (!pCertAddCertificateLinkToStore
)
2608 win_skip("CertAddCertificateLinkToStore not found\n");
2614 /* Crashes, i.e. the store is dereferenced without checking. */
2615 ret
= pCertAddCertificateLinkToStore(NULL
, NULL
, 0, NULL
);
2618 /* Adding a certificate link to a store requires a valid add disposition */
2619 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2620 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2621 SetLastError(0xdeadbeef);
2622 ret
= pCertAddCertificateLinkToStore(store1
, NULL
, 0, NULL
);
2623 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2624 "expected E_INVALIDARG, got %08x\n", GetLastError());
2625 source
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
,
2627 SetLastError(0xdeadbeef);
2628 ret
= pCertAddCertificateLinkToStore(store1
, source
, 0, NULL
);
2629 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2630 "expected E_INVALIDARG, got %08x\n", GetLastError());
2631 ret
= pCertAddCertificateLinkToStore(store1
, source
, CERT_STORE_ADD_ALWAYS
,
2633 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2636 /* Crashes, i.e. the source certificate is dereferenced without
2637 * checking when a valid add disposition is given.
2639 ret
= pCertAddCertificateLinkToStore(store1
, NULL
, CERT_STORE_ADD_ALWAYS
,
2642 CertCloseStore(store1
, 0);
2644 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2645 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2646 ret
= pCertAddCertificateLinkToStore(store1
, source
, CERT_STORE_ADD_ALWAYS
,
2648 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2651 ok(linked
->hCertStore
== store1
, "unexpected store\n");
2652 ret
= CertSerializeCertificateStoreElement(linked
, 0, NULL
, &size
);
2653 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2655 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2658 ret
= CertSerializeCertificateStoreElement(linked
, 0, buf
, &size
);
2659 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2661 /* The serialized linked certificate is identical to the serialized
2662 * original certificate.
2664 ok(size
== sizeof(serializedCert
), "Wrong size %d\n", size
);
2665 ok(!memcmp(serializedCert
, buf
, size
),
2666 "Unexpected serialized cert\n");
2667 HeapFree(GetProcessHeap(), 0, buf
);
2669 /* Set a friendly name on the source certificate... */
2670 blob
.pbData
= (LPBYTE
)WineTestW
;
2671 blob
.cbData
= sizeof(WineTestW
);
2672 ret
= CertSetCertificateContextProperty(source
,
2673 CERT_FRIENDLY_NAME_PROP_ID
, 0, &blob
);
2674 ok(ret
, "CertSetCertificateContextProperty failed: %08x\n",
2676 /* and the linked certificate has the same friendly name. */
2677 ret
= CertGetCertificateContextProperty(linked
,
2678 CERT_FRIENDLY_NAME_PROP_ID
, NULL
, &size
);
2679 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n",
2681 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2684 ret
= CertGetCertificateContextProperty(linked
,
2685 CERT_FRIENDLY_NAME_PROP_ID
, buf
, &size
);
2686 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n",
2688 ok(!lstrcmpW((LPCWSTR
)buf
, WineTestW
),
2689 "unexpected friendly name\n");
2690 HeapFree(GetProcessHeap(), 0, buf
);
2692 CertFreeCertificateContext(linked
);
2694 CertFreeCertificateContext(source
);
2695 CertCloseStore(store1
, 0);
2697 /* Test adding a cert to a file store, committing the change to the store,
2698 * and creating a link to the resulting cert.
2700 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename1
))
2703 DeleteFileW(filename1
);
2704 file
= CreateFileW(filename1
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
2705 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
2706 if (file
== INVALID_HANDLE_VALUE
)
2709 store1
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
2710 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
2711 ok(store1
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2714 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
2715 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &source
);
2716 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
2719 /* Test adding a link to a memory store. */
2720 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
2721 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2722 ret
= pCertAddCertificateLinkToStore(store2
, source
, CERT_STORE_ADD_ALWAYS
,
2724 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2727 ok(linked
->hCertStore
== store2
, "unexpected store\n");
2728 ret
= CertSerializeCertificateStoreElement(linked
, 0, NULL
, &size
);
2729 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2731 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2734 ret
= CertSerializeCertificateStoreElement(linked
, 0, buf
, &size
);
2735 /* The serialized linked certificate is identical to the serialized
2736 * original certificate.
2738 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n", GetLastError());
2739 ok(size
== sizeof(serializedCert
), "Wrong size %d\n", size
);
2740 ok(!memcmp(serializedCert
, buf
, size
),
2741 "Unexpected serialized cert\n");
2742 HeapFree(GetProcessHeap(), 0, buf
);
2744 /* Set a friendly name on the source certificate... */
2745 blob
.pbData
= (LPBYTE
)WineTestW
;
2746 blob
.cbData
= sizeof(WineTestW
);
2747 ret
= CertSetCertificateContextProperty(source
,
2748 CERT_FRIENDLY_NAME_PROP_ID
, 0, &blob
);
2749 ok(ret
, "CertSetCertificateContextProperty failed: %08x\n",
2751 /* and the linked certificate has the same friendly name. */
2752 ret
= CertGetCertificateContextProperty(linked
,
2753 CERT_FRIENDLY_NAME_PROP_ID
, NULL
, &size
);
2754 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n",
2756 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2759 ret
= CertGetCertificateContextProperty(linked
,
2760 CERT_FRIENDLY_NAME_PROP_ID
, buf
, &size
);
2761 ok(ret
, "CertGetCertificateContextProperty failed: %08x\n", GetLastError());
2762 ok(!lstrcmpW((LPCWSTR
)buf
, WineTestW
),
2763 "unexpected friendly name\n");
2764 HeapFree(GetProcessHeap(), 0, buf
);
2766 CertFreeCertificateContext(linked
);
2768 CertCloseStore(store2
, 0);
2770 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename2
))
2773 DeleteFileW(filename2
);
2774 file
= CreateFileW(filename2
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
2775 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
2776 if (file
== INVALID_HANDLE_VALUE
)
2779 store2
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
2780 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
2781 ok(store2
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2783 /* Test adding a link to a file store. */
2784 ret
= pCertAddCertificateLinkToStore(store2
, source
, CERT_STORE_ADD_ALWAYS
,
2786 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2789 ok(linked
->hCertStore
== store2
, "unexpected store\n");
2790 ret
= CertSerializeCertificateStoreElement(linked
, 0, NULL
, &size
);
2791 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2793 buf
= HeapAlloc(GetProcessHeap(), 0, size
);
2796 ret
= CertSerializeCertificateStoreElement(linked
, 0, buf
, &size
);
2797 ok(ret
, "CertSerializeCertificateStoreElement failed: %08x\n",
2799 /* The serialized linked certificate now contains the friendly
2802 ok(size
== sizeof(serializedCertWithFriendlyName
),
2803 "Wrong size %d\n", size
);
2804 ok(!memcmp(serializedCertWithFriendlyName
, buf
, size
),
2805 "Unexpected serialized cert\n");
2806 HeapFree(GetProcessHeap(), 0, buf
);
2808 CertFreeCertificateContext(linked
);
2809 compareStore(store2
, "file store -> file store",
2810 serializedStoreWithCertWithFriendlyName
,
2811 sizeof(serializedStoreWithCertWithFriendlyName
), FALSE
);
2813 CertCloseStore(store2
, 0);
2814 DeleteFileW(filename2
);
2816 CertFreeCertificateContext(source
);
2818 CertCloseStore(store1
, 0);
2819 DeleteFileW(filename1
);
2821 /* Test adding a link to a system store (which is a collection store.) */
2822 store1
= CertOpenSystemStoreA(0, "My");
2823 source
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
,
2825 SetLastError(0xdeadbeef);
2826 ret
= pCertAddCertificateLinkToStore(store1
, source
, CERT_STORE_ADD_ALWAYS
,
2828 ok(!ret
&& GetLastError() == E_INVALIDARG
,
2829 "expected E_INVALIDARG, got %08x\n", GetLastError());
2830 CertFreeCertificateContext(source
);
2832 /* Test adding a link to a file store, where the linked certificate is
2833 * in a system store.
2835 ret
= CertAddEncodedCertificateToStore(store1
, X509_ASN_ENCODING
,
2836 bigCert
, sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &source
);
2837 ok(ret
, "CertAddEncodedCertificateToStore failed: %08x\n",
2839 if (!GetTempFileNameW(szDot
, szPrefix
, 0, filename1
))
2842 DeleteFileW(filename1
);
2843 file
= CreateFileW(filename1
, GENERIC_READ
| GENERIC_WRITE
, 0, NULL
,
2844 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
2845 if (file
== INVALID_HANDLE_VALUE
)
2848 store2
= CertOpenStore(CERT_STORE_PROV_FILE
, 0, 0,
2849 CERT_FILE_STORE_COMMIT_ENABLE_FLAG
, file
);
2850 ok(store2
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2853 ret
= pCertAddCertificateLinkToStore(store2
, source
, CERT_STORE_ADD_ALWAYS
,
2855 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2858 ok(linked
->hCertStore
== store2
, "unexpected store\n");
2859 ret
= pCertControlStore(store2
, 0, CERT_STORE_CTRL_COMMIT
, NULL
);
2860 ok(ret
, "CertControlStore failed: %d\n", ret
);
2861 compareStore(store2
, "file store -> system store",
2862 serializedStoreWithCertAndHash
,
2863 sizeof(serializedStoreWithCertAndHash
), TRUE
);
2864 CertFreeCertificateContext(linked
);
2867 CertCloseStore(store2
, 0);
2868 DeleteFileW(filename1
);
2870 /* Test adding a link to a registry store, where the linked certificate is
2871 * in a system store.
2873 store2
= CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY
, 0, 0,
2874 CERT_SYSTEM_STORE_CURRENT_USER
, WineTestW
);
2875 ok(store2
!= NULL
, "CertOpenStore failed: %08x\n", GetLastError());
2876 ret
= pCertAddCertificateLinkToStore(store2
, source
, CERT_STORE_ADD_ALWAYS
,
2878 ok(ret
, "CertAddCertificateLinkToStore failed: %08x\n", GetLastError());
2881 ok(linked
->hCertStore
== store2
, "unexpected store\n");
2882 CertDeleteCertificateFromStore(linked
);
2884 CertCloseStore(store2
, 0);
2886 CertFreeCertificateContext(source
);
2887 CertCloseStore(store1
, 0);
2892 static DWORD
countCertsInStore(HCERTSTORE store
)
2894 PCCERT_CONTEXT cert
= NULL
;
2898 cert
= CertEnumCertificatesInStore(store
, cert
);
2905 static DWORD
countCRLsInStore(HCERTSTORE store
)
2907 PCCRL_CONTEXT crl
= NULL
;
2911 crl
= pCertEnumCRLsInStore(store
, crl
);
2918 static void testEmptyStore(void)
2920 const CERT_CONTEXT
*cert
, *cert2
, *cert3
;
2921 const CRL_CONTEXT
*crl
;
2922 const CTL_CONTEXT
*ctl
;
2926 cert
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert
, sizeof(bigCert
));
2927 ok(cert
!= NULL
, "CertCreateCertificateContext failed\n");
2928 ok(cert
->hCertStore
!= NULL
, "cert->hCertStore == NULL\n");
2929 if(!cert
->hCertStore
) {
2930 CertFreeCertificateContext(cert
);
2934 test_store_is_empty(cert
->hCertStore
);
2936 cert2
= CertCreateCertificateContext(X509_ASN_ENCODING
, bigCert2
, sizeof(bigCert2
));
2937 ok(cert2
!= NULL
, "CertCreateCertificateContext failed\n");
2938 ok(cert2
->hCertStore
== cert
->hCertStore
, "Unexpected hCertStore\n");
2940 test_store_is_empty(cert2
->hCertStore
);
2942 res
= CertAddCertificateContextToStore(cert
->hCertStore
, cert2
, CERT_STORE_ADD_NEW
, &cert3
);
2943 ok(res
, "CertAddCertificateContextToStore failed\n");
2945 ok(cert3
&& cert3
!= cert2
, "Unexpected cert3\n");
2946 ok(cert3
->hCertStore
== cert
->hCertStore
, "Unexpected hCertStore\n");
2948 test_store_is_empty(cert
->hCertStore
);
2950 res
= CertDeleteCertificateFromStore(cert3
);
2951 ok(res
, "CertDeleteCertificateContextFromStore failed\n");
2952 ok(cert3
->hCertStore
== cert
->hCertStore
, "Unexpected hCertStore\n");
2954 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
2955 ok(store
!= NULL
, "CertOpenStore failed\n");
2957 res
= CertAddCertificateContextToStore(store
, cert2
, CERT_STORE_ADD_NEW
, &cert3
);
2958 ok(res
, "CertAddCertificateContextToStore failed\n");
2959 ok(cert3
&& cert3
!= cert2
, "Unexpected cert3\n");
2960 ok(cert3
->hCertStore
== store
, "Unexpected hCertStore\n");
2962 res
= CertDeleteCertificateFromStore(cert3
);
2963 ok(res
, "CertDeleteCertificateContextFromStore failed\n");
2964 ok(cert3
->hCertStore
== store
, "Unexpected hCertStore\n");
2966 CertCloseStore(store
, 0);
2968 res
= CertCloseStore(cert
->hCertStore
, CERT_CLOSE_STORE_CHECK_FLAG
);
2969 ok(!res
&& GetLastError() == E_UNEXPECTED
, "CertCloseStore returned: %x(%x)\n", res
, GetLastError());
2971 res
= CertCloseStore(cert
->hCertStore
, 0);
2972 ok(!res
&& GetLastError() == E_UNEXPECTED
, "CertCloseStore returned: %x(%x)\n", res
, GetLastError());
2974 CertFreeCertificateContext(cert2
);
2976 crl
= CertCreateCRLContext(X509_ASN_ENCODING
, signedCRL
, sizeof(signedCRL
));
2977 ok(crl
!= NULL
, "CertCreateCRLContext failed\n");
2978 ok(crl
->hCertStore
== cert
->hCertStore
, "unexpected hCertStore\n");
2980 CertFreeCRLContext(crl
);
2982 ctl
= CertCreateCTLContext(X509_ASN_ENCODING
, signedCTLWithCTLInnerContent
, sizeof(signedCTLWithCTLInnerContent
));
2983 ok(ctl
!= NULL
, "CertCreateCTLContext failed\n");
2984 ok(ctl
->hCertStore
== cert
->hCertStore
, "unexpected hCertStore\n");
2986 CertFreeCTLContext(ctl
);
2988 CertFreeCertificateContext(cert
);
2991 static void testCloseStore(void)
2993 const CERT_CONTEXT
*cert
;
2994 const CRL_CONTEXT
*crl
;
2995 const CTL_CONTEXT
*ctl
;
2996 HCERTSTORE store
, store2
;
2999 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
3000 ok(store
!= NULL
, "CertOpenStore failed\n");
3002 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
3003 ok(res
, "CertCloseStore failed\n");
3005 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
3006 ok(store
!= NULL
, "CertOpenStore failed\n");
3008 store2
= CertDuplicateStore(store
);
3009 ok(store2
!= NULL
, "CertCloneStore failed\n");
3010 ok(store2
== store
, "unexpected store2\n");
3012 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
3013 ok(!res
&& GetLastError() == CRYPT_E_PENDING_CLOSE
, "CertCloseStore failed\n");
3015 res
= CertCloseStore(store2
, CERT_CLOSE_STORE_CHECK_FLAG
);
3016 ok(res
, "CertCloseStore failed\n");
3018 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
3019 ok(store
!= NULL
, "CertOpenStore failed\n");
3021 res
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
, bigCert
,
3022 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &cert
);
3023 ok(res
, "CertAddEncodedCertificateToStore failed\n");
3025 /* There is still a reference from cert */
3026 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
3027 ok(!res
&& GetLastError() == CRYPT_E_PENDING_CLOSE
, "CertCloseStore failed\n");
3029 res
= CertFreeCertificateContext(cert
);
3030 ok(res
, "CertFreeCertificateContext failed\n");
3032 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
3033 ok(store
!= NULL
, "CertOpenStore failed\n");
3035 res
= CertAddEncodedCRLToStore(store
, X509_ASN_ENCODING
, signedCRL
,
3036 sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, &crl
);
3037 ok(res
, "CertAddEncodedCRLToStore failed\n");
3039 /* There is still a reference from CRL */
3040 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
3041 ok(!res
&& GetLastError() == CRYPT_E_PENDING_CLOSE
, "CertCloseStore failed\n");
3043 res
= CertFreeCRLContext(crl
);
3044 ok(res
, "CertFreeCRLContext failed\n");
3046 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
3047 ok(store
!= NULL
, "CertOpenStore failed\n");
3049 res
= CertAddEncodedCTLToStore(store
, X509_ASN_ENCODING
, signedCTLWithCTLInnerContent
,
3050 sizeof(signedCTLWithCTLInnerContent
), CERT_STORE_ADD_ALWAYS
, &ctl
);
3051 ok(res
, "CertAddEncodedCTLToStore failed\n");
3053 /* There is still a reference from CTL */
3054 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
3055 ok(!res
&& GetLastError() == CRYPT_E_PENDING_CLOSE
, "CertCloseStore returned: %x(%u)\n", res
, GetLastError());
3057 res
= CertFreeCTLContext(ctl
);
3058 ok(res
, "CertFreeCTLContext failed\n");
3060 /* Add all kinds of contexts, then release external references and make sure that store is properly closed. */
3061 store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0, CERT_STORE_CREATE_NEW_FLAG
, NULL
);
3062 ok(store
!= NULL
, "CertOpenStore failed\n");
3064 res
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
, bigCert
,
3065 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &cert
);
3066 ok(res
, "CertAddEncodedCertificateToStore failed\n");
3068 res
= CertAddEncodedCRLToStore(store
, X509_ASN_ENCODING
, signedCRL
,
3069 sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, &crl
);
3070 ok(res
, "CertAddEncodedCRLToStore failed\n");
3072 res
= CertAddEncodedCTLToStore(store
, X509_ASN_ENCODING
, signedCTLWithCTLInnerContent
,
3073 sizeof(signedCTLWithCTLInnerContent
), CERT_STORE_ADD_ALWAYS
, &ctl
);
3074 ok(res
, "CertAddEncodedCTLToStore failed\n");
3076 CertFreeCertificateContext(cert
);
3077 CertFreeCRLContext(crl
);
3078 CertFreeCTLContext(ctl
);
3080 res
= CertCloseStore(store
, CERT_CLOSE_STORE_CHECK_FLAG
);
3081 ok(res
, "CertCloseStore failed\n");
3084 static void test_I_UpdateStore(void)
3086 HMODULE lib
= GetModuleHandleA("crypt32");
3087 BOOL (WINAPI
*pI_CertUpdatestore
)(HCERTSTORE
, HCERTSTORE
, DWORD
, DWORD
) =
3088 (void *)GetProcAddress(lib
, "I_CertUpdateStore");
3090 HCERTSTORE store1
, store2
;
3091 PCCERT_CONTEXT cert
;
3094 if (!pI_CertUpdatestore
)
3096 win_skip("No I_CertUpdateStore\n");
3099 store1
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
3100 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
3101 store2
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
3102 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
3105 ret = pI_CertUpdatestore(NULL, NULL, 0, 0);
3106 ret = pI_CertUpdatestore(store1, NULL, 0, 0);
3107 ret = pI_CertUpdatestore(NULL, store2, 0, 0);
3109 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
3110 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
3112 CertAddEncodedCertificateToStore(store2
, X509_ASN_ENCODING
, bigCert
,
3113 sizeof(bigCert
), CERT_STORE_ADD_ALWAYS
, &cert
);
3114 /* I_CertUpdateStore adds the contexts from store2 to store1 */
3115 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
3116 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
3117 certs
= countCertsInStore(store1
);
3118 ok(certs
== 1, "Expected 1 cert, got %d\n", certs
);
3119 /* Calling it a second time has no effect */
3120 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
3121 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
3122 certs
= countCertsInStore(store1
);
3123 ok(certs
== 1, "Expected 1 cert, got %d\n", certs
);
3125 /* The last parameters to I_CertUpdateStore appear to be ignored */
3126 ret
= pI_CertUpdatestore(store1
, store2
, 1, 0);
3127 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
3128 ret
= pI_CertUpdatestore(store1
, store2
, 0, 1);
3129 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
3131 CertAddEncodedCRLToStore(store2
, X509_ASN_ENCODING
, signedCRL
,
3132 sizeof(signedCRL
), CERT_STORE_ADD_ALWAYS
, NULL
);
3134 /* I_CertUpdateStore also adds the CRLs from store2 to store1 */
3135 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
3136 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
3137 certs
= countCertsInStore(store1
);
3138 ok(certs
== 1, "Expected 1 cert, got %d\n", certs
);
3139 if (pCertEnumCRLsInStore
)
3141 certs
= countCRLsInStore(store1
);
3142 ok(certs
== 1, "Expected 1 CRL, got %d\n", certs
);
3145 CertDeleteCertificateFromStore(cert
);
3146 /* If a context is deleted from store2, I_CertUpdateStore deletes it
3149 ret
= pI_CertUpdatestore(store1
, store2
, 0, 0);
3150 ok(ret
, "I_CertUpdateStore failed: %08x\n", GetLastError());
3151 certs
= countCertsInStore(store1
);
3152 ok(certs
== 0, "Expected 0 certs, got %d\n", certs
);
3154 CertCloseStore(store1
, 0);
3155 CertCloseStore(store2
, 0);
3162 hdll
= GetModuleHandleA("Crypt32.dll");
3163 pCertAddStoreToCollection
= (void*)GetProcAddress(hdll
, "CertAddStoreToCollection");
3164 pCertControlStore
= (void*)GetProcAddress(hdll
, "CertControlStore");
3165 pCertEnumCRLsInStore
= (void*)GetProcAddress(hdll
, "CertEnumCRLsInStore");
3166 pCertEnumSystemStore
= (void*)GetProcAddress(hdll
, "CertEnumSystemStore");
3167 pCertGetStoreProperty
= (void*)GetProcAddress(hdll
, "CertGetStoreProperty");
3168 pCertRemoveStoreFromCollection
= (void*)GetProcAddress(hdll
, "CertRemoveStoreFromCollection");
3169 pCertSetStoreProperty
= (void*)GetProcAddress(hdll
, "CertSetStoreProperty");
3170 pCertAddCertificateLinkToStore
= (void*)GetProcAddress(hdll
, "CertAddCertificateLinkToStore");
3171 pCertRegisterSystemStore
= (void*)GetProcAddress(hdll
, "CertRegisterSystemStore");
3172 pCertUnregisterSystemStore
= (void*)GetProcAddress(hdll
, "CertUnregisterSystemStore");
3174 /* various combinations of CertOpenStore */
3176 testCollectionStore();
3177 testStoresInCollection();
3180 testRegStoreSavedCerts();
3182 testSystemRegStore();
3185 testFileNameStore();
3187 testSerializedStore();
3190 testCertRegisterSystemStore();
3192 testCertOpenSystemStore();
3193 testCertEnumSystemStore();
3194 testStoreProperty();
3196 testAddSerialized();
3197 testAddCertificateLink();
3201 test_I_UpdateStore();