From 8e74c8953a60c128491026ce66d988c382a6c86c Mon Sep 17 00:00:00 2001 From: Hans Leidekker Date: Thu, 19 Sep 2013 16:23:42 +0200 Subject: [PATCH] rsaenh: Add support for retrieving the security descriptor on key containers. --- dlls/advapi32/tests/crypt.c | 32 ++++++++++++++++++++++++++++++++ dlls/rsaenh/rsaenh.c | 30 ++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+) diff --git a/dlls/advapi32/tests/crypt.c b/dlls/advapi32/tests/crypt.c index 768dd3be344..dc10cce097f 100644 --- a/dlls/advapi32/tests/crypt.c +++ b/dlls/advapi32/tests/crypt.c @@ -1140,6 +1140,37 @@ static void test_SystemFunction036(void) ok(ret == TRUE, "Expected SystemFunction036 to return TRUE, got %d\n", ret); } +static void test_container_sd(void) +{ + HCRYPTPROV prov; + SECURITY_DESCRIPTOR *sd; + DWORD len; + BOOL ret; + + ret = CryptAcquireContextA(&prov, "winetest", "Microsoft Enhanced Cryptographic Provider v1.0", + PROV_RSA_FULL, CRYPT_MACHINE_KEYSET|CRYPT_NEWKEYSET); + ok(ret, "got %u\n", GetLastError()); + + len = 0; + SetLastError(0xdeadbeef); + ret = CryptGetProvParam(prov, PP_KEYSET_SEC_DESCR, NULL, &len, OWNER_SECURITY_INFORMATION); + ok(ret, "got %u\n", GetLastError()); + ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "got %u\n", GetLastError()); + ok(len, "expected len > 0\n"); + + sd = HeapAlloc(GetProcessHeap(), 0, len); + ret = CryptGetProvParam(prov, PP_KEYSET_SEC_DESCR, (BYTE *)sd, &len, OWNER_SECURITY_INFORMATION); + ok(ret, "got %u\n", GetLastError()); + HeapFree(GetProcessHeap(), 0, sd); + + ret = CryptReleaseContext(prov, 0); + ok(ret, "got %u\n", GetLastError()); + + ret = CryptAcquireContextA(&prov, "winetest", "Microsoft Enhanced Cryptographic Provider v1.0", + PROV_RSA_FULL, CRYPT_MACHINE_KEYSET|CRYPT_DELETEKEYSET); + ok(ret, "got %u\n", GetLastError()); +} + START_TEST(crypt) { init_function_pointers(); @@ -1151,6 +1182,7 @@ START_TEST(crypt) test_incorrect_api_usage(); test_verify_sig(); test_machine_guid(); + test_container_sd(); clean_up_environment(); } diff --git a/dlls/rsaenh/rsaenh.c b/dlls/rsaenh/rsaenh.c index b4e4b3578f3..df2db4208b1 100644 --- a/dlls/rsaenh/rsaenh.c +++ b/dlls/rsaenh/rsaenh.c @@ -38,6 +38,7 @@ #include "implglue.h" #include "objbase.h" #include "rpcproxy.h" +#include "aclapi.h" WINE_DEFAULT_DEBUG_CHANNEL(crypt); @@ -3674,6 +3675,7 @@ BOOL WINAPI RSAENH_CPGetKeyParam(HCRYPTPROV hProv, HCRYPTKEY hKey, DWORD dwParam * - PP_SIG_KEYSIZE_INC: RSA signature keywidth granularity in bits. * - PP_KEYX_KEYSIZE_INC: RSA key-exchange keywidth granularity in bits. * - PP_ENUMALGS{_EX}: Query provider capabilities. + * - PP_KEYSET_SEC_DESCR: Retrieve security descriptor on container. */ BOOL WINAPI RSAENH_CPGetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags) @@ -3834,6 +3836,34 @@ BOOL WINAPI RSAENH_CPGetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, case PP_CRYPT_COUNT_KEY_USE: /* Asked for by IE About dialog */ return copy_param(pbData, pdwDataLen, abWTF, sizeof(abWTF)); + case PP_KEYSET_SEC_DESCR: + { + SECURITY_DESCRIPTOR *sd; + DWORD err, len, flags = (pKeyContainer->dwFlags & CRYPT_MACHINE_KEYSET); + + if (!open_container_key(pKeyContainer->szName, flags, &hKey)) + { + SetLastError(NTE_BAD_KEYSET); + return FALSE; + } + + err = GetSecurityInfo(hKey, SE_REGISTRY_KEY, dwFlags, NULL, NULL, NULL, NULL, (void **)&sd); + RegCloseKey(hKey); + if (err) + { + SetLastError(err); + return FALSE; + } + + len = GetSecurityDescriptorLength(sd); + if (*pdwDataLen >= len) memcpy(pbData, sd, len); + else SetLastError(ERROR_INSUFFICIENT_BUFFER); + *pdwDataLen = len; + + LocalFree(sd); + return TRUE; + } + default: /* MSDN: Unknown parameter number in dwParam */ SetLastError(NTE_BAD_TYPE);