cryptui: Choose appropriate destination store for a cert.

ab9a53f6 · Juan Lang · Alexandre Julliard · 4b66952b · ab9a53f6 · ab9a53f6
Commit ab9a53f6 authored Oct 24, 2008 by Juan Lang Committed by Alexandre Julliard Oct 27, 2008
Hide whitespace changes
Inline Side-by-side

Showing with 74 additions and 9 deletions

main.c dlls/cryptui/main.c +71 -3

cryptui.c dlls/cryptui/tests/cryptui.c +3 -6

No files found.
--- a/dlls/cryptui/main.c
+++ b/dlls/cryptui/main.c
@@ -139,10 +139,79 @@ static PCCERT_CONTEXT make_cert_from_file(LPCWSTR fileName)
    return cert;
 }
+/* Decodes a cert's basic constraints extension (either szOID_BASIC_CONSTRAINTS
+ * or szOID_BASIC_CONSTRAINTS2, whichever is present) to determine if it
+ * should be a CA.  If neither extension is present, returns
+ * defaultIfNotSpecified.
+ */
+static BOOL is_ca_cert(PCCERT_CONTEXT cert, BOOL defaultIfNotSpecified)
+{
+    BOOL isCA = defaultIfNotSpecified;
+    PCERT_EXTENSION ext = CertFindExtension(szOID_BASIC_CONSTRAINTS,
+     cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
+    if (ext)
+    {
+        CERT_BASIC_CONSTRAINTS_INFO *info;
+        DWORD size = 0;
+        if (CryptDecodeObjectEx(X509_ASN_ENCODING, szOID_BASIC_CONSTRAINTS,
+         ext->Value.pbData, ext->Value.cbData, CRYPT_DECODE_ALLOC_FLAG,
+         NULL, (LPBYTE)&info, &size))
+        {
+            if (info->SubjectType.cbData == 1)
+                isCA = info->SubjectType.pbData[0] & CERT_CA_SUBJECT_FLAG;
+            LocalFree(info);
+        }
+    }
+    else
+    {
+        ext = CertFindExtension(szOID_BASIC_CONSTRAINTS2,
+         cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
+        if (ext)
+        {
+            CERT_BASIC_CONSTRAINTS2_INFO info;
+            DWORD size = sizeof(CERT_BASIC_CONSTRAINTS2_INFO);
+            if (CryptDecodeObjectEx(X509_ASN_ENCODING,
+             szOID_BASIC_CONSTRAINTS2, ext->Value.pbData, ext->Value.cbData,
+             0, NULL, &info, &size))
+                isCA = info.fCA;
+        }
+    }
+    return isCA;
+}
+static inline BOOL is_cert_self_signed(PCCERT_CONTEXT cert)
+{
+    return CertCompareCertificateName(cert->dwCertEncodingType,
+     &cert->pCertInfo->Subject, &cert->pCertInfo->Issuer);
+}
+static HCERTSTORE choose_store_for_cert(PCCERT_CONTEXT cert)
+{
+    static const WCHAR Root[] = {'R','o','o','t',0};
+    static const WCHAR AddressBook[] = { 'A','d','d','r','e','s','s',
+     'B','o','o','k',0 };
+    static const WCHAR CA[] = { 'C','A',0 };
+    LPCWSTR storeName;
+    if (is_ca_cert(cert, TRUE))
+    {
+        if (is_cert_self_signed(cert))
+            storeName = Root;
+        else
+            storeName = CA;
+    }
+    else
+        storeName = AddressBook;
+    return CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0,
+     CERT_SYSTEM_STORE_CURRENT_USER, storeName);
+}
 BOOL WINAPI CryptUIWizImport(DWORD dwFlags, HWND hwndParent, LPCWSTR pwszWizardTitle,
                             PCCRYPTUI_WIZ_IMPORT_SRC_INFO pImportSrc, HCERTSTORE hDestCertStore)
 {
-    static const WCHAR Root[] = {'R','o','o','t',0};
    BOOL ret;
    HCERTSTORE store;
    const CERT_CONTEXT *cert;
@@ -187,8 +256,7 @@ BOOL WINAPI CryptUIWizImport(DWORD dwFlags, HWND hwndParent, LPCWSTR pwszWizardT
    if (hDestCertStore) store = hDestCertStore;
    else
    {
-        FIXME("certificate store should be determined dynamically, picking Root store\n");
+        if (!(store = choose_store_for_cert(cert)))
-        if (!(store = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, Root)))
        {
            WARN("unable to open certificate store\n");
            CertFreeCertificateContext(cert);

--- a/dlls/cryptui/tests/cryptui.c
+++ b/dlls/cryptui/tests/cryptui.c
@@ -396,7 +396,6 @@ static void test_crypt_ui_wiz_import(void)
    info.u.pCertContext = CertCreateCertificateContext(X509_ASN_ENCODING,
     iTunesCert3, sizeof(iTunesCert3));
    ret = pCryptUIWizImport(CRYPTUI_WIZ_NO_UI, 0, NULL, &info, NULL);
-    todo_wine
    ok(ret, "CryptUIWizImport failed: %08x\n", GetLastError());
    if (ret)
    {
@@ -408,7 +407,7 @@ static void test_crypt_ui_wiz_import(void)
        if (addressBook)
        {
            find_and_delete_cert_in_store(addressBook, "AddressBook",
-             info.u.pCertContext, "iTunesCert3", TRUE);
+             info.u.pCertContext, "iTunesCert3", FALSE);
            CertCloseStore(addressBook, 0);
        }
    }
@@ -446,7 +445,6 @@ static void test_crypt_ui_wiz_import(void)
    info.u.pCertContext = CertCreateCertificateContext(X509_ASN_ENCODING,
     iTunesCert1, sizeof(iTunesCert1));
    ret = pCryptUIWizImport(CRYPTUI_WIZ_NO_UI, 0, NULL, &info, NULL);
-    todo_wine
    ok(ret, "CryptUIWizImport failed: %08x\n", GetLastError());
    if (ret)
    {
@@ -458,7 +456,7 @@ static void test_crypt_ui_wiz_import(void)
        if (addressBook)
        {
            find_and_delete_cert_in_store(addressBook, "AddressBook",
-             info.u.pCertContext, "iTunesCert1", TRUE);
+             info.u.pCertContext, "iTunesCert1", FALSE);
            CertCloseStore(addressBook, 0);
        }
    }
@@ -467,7 +465,6 @@ static void test_crypt_ui_wiz_import(void)
    info.u.pCertContext = CertCreateCertificateContext(X509_ASN_ENCODING,
     iTunesCert2, sizeof(iTunesCert2));
    ret = pCryptUIWizImport(CRYPTUI_WIZ_NO_UI, 0, NULL, &info, NULL);
-    todo_wine
    ok(ret, "CryptUIWizImport failed: %08x\n", GetLastError());
    if (ret)
    {
@@ -478,7 +475,7 @@ static void test_crypt_ui_wiz_import(void)
        if (ca)
        {
            find_and_delete_cert_in_store(ca, "CA",
-             info.u.pCertContext, "iTunesCert2", TRUE);
+             info.u.pCertContext, "iTunesCert2", FALSE);
            CertCloseStore(ca, 0);
        }
    }