#define CERT_SYSTEM_STORE_CURRENT_USER 0x00010000
#endif
+#ifndef ALG_SID_SHA_256
+ #define ALG_SID_SHA_256 12
+#endif
+#ifndef ALG_SID_SHA_384
+ #define ALG_SID_SHA_384 13
+#endif
+#ifndef ALG_SID_SHA_512
+ #define ALG_SID_SHA_512 14
+#endif
+
+#ifndef CALG_SHA_256
+ #define CALG_SHA_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256)
+#endif
+#ifndef CALG_SHA_384
+ #define CALG_SHA_384 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_384)
+#endif
+#ifndef CALG_SHA_512
+ #define CALG_SHA_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_512)
+#endif
+
#include <openssl/engine.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
}
ctx = ENGINE_get_ex_data(e, capi_idx);
out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (out == NULL)
+ {
+ CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_FILE_OPEN_ERROR);
+ return 0;
+ }
switch (cmd)
{
case CAPI_CMD_LIST_CSPS:
if (i < 1 || i > 3)
{
CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_INVALID_LOOKUP_METHOD);
+ BIO_free(out);
return 0;
}
ctx->lookup_method = i;
/* Convert the signature type to a CryptoAPI algorithm ID */
switch(dtype)
{
+ case NID_sha256:
+ alg = CALG_SHA_256;
+ break;
+
+ case NID_sha384:
+ alg = CALG_SHA_384;
+ break;
+
+ case NID_sha512:
+ alg = CALG_SHA_512;
+ break;
+
case NID_sha1:
alg = CALG_SHA1;
break;
if (!ctx || (ctx->debug_level < level) || (!ctx->debug_file))
return;
out = BIO_new_file(ctx->debug_file, "a+");
+ if (out == NULL)
+ {
+ CAPIerr(CAPI_F_CAPI_VTRACE, CAPI_R_FILE_OPEN_ERROR);
+ return;
+ }
BIO_vprintf(out, format, argptr);
BIO_free(out);
}
capi_adderror(err);
return 0;
}
- if (sizeof(TCHAR) != sizeof(char))
- name = alloca(len);
- else
- name = OPENSSL_malloc(len);
+ name = OPENSSL_malloc(len);
+ if (name == NULL)
+ {
+ CAPIerr(CAPI_F_CAPI_GET_PROVNAME, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
if (!CryptEnumProviders(idx, NULL, 0, ptype, name, &len))
{
err = GetLastError();
+ OPENSSL_free(name);
if (err == ERROR_NO_MORE_ITEMS)
return 2;
CAPIerr(CAPI_F_CAPI_GET_PROVNAME, CAPI_R_CRYPTENUMPROVIDERS_ERROR);
return 0;
}
if (sizeof(TCHAR) != sizeof(char))
+ {
*pname = wide_to_asc((WCHAR *)name);
+ OPENSSL_free(name);
+ if (*pname == NULL)
+ return 0;
+ }
else
*pname = (char *)name;
CAPI_trace(ctx, "capi_get_provname, returned name=%s, type=%d\n", *pname, *ptype);
if (!CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID, NULL, &dlen))
return NULL;
wfname = OPENSSL_malloc(dlen);
+ if (wfname == NULL)
+ return NULL;
if (CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID, wfname, &dlen))
{
char *fname = wide_to_asc(wfname);
static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const TCHAR *contname, TCHAR *provname, DWORD ptype, DWORD keyspec)
{
CAPI_KEY *key;
+ DWORD dwFlags = 0;
key = OPENSSL_malloc(sizeof(CAPI_KEY));
+ if (key == NULL)
+ return NULL;
if (sizeof(TCHAR)==sizeof(char))
CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n",
contname, provname, ptype);
if (_provname) OPENSSL_free(_provname);
if (_contname) OPENSSL_free(_contname);
}
- if (!CryptAcquireContext(&key->hprov, contname, provname, ptype, 0))
+ if(ctx->store_flags & CERT_SYSTEM_STORE_LOCAL_MACHINE)
+ dwFlags = CRYPT_MACHINE_KEYSET;
+ if (!CryptAcquireContext(&key->hprov, contname, provname, ptype, dwFlags))
{
CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
capi_addlasterror();