[xmlsec] fix key name conversion to unicode problem
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] fix key name conversion to unicode problem
- Date: Thu, 22 Apr 2010 05:59:13 +0000 (UTC)
commit d71057b1dc18706e89104b933e85554e14e89700
Author: Aleksey Sanin <aleksey aleksey com>
Date: Wed Apr 21 22:58:54 2010 -0700
fix key name conversion to unicode problem
src/mscrypto/app.c | 71 +++++++++++++++++++++++-------------
src/mscrypto/keysstore.c | 90 +++++++++++++++++++++++++++------------------
win32/mycfg.bat | 2 +-
3 files changed, 100 insertions(+), 63 deletions(-)
---
diff --git a/src/mscrypto/app.c b/src/mscrypto/app.c
index c629347..dc3227c 100644
--- a/src/mscrypto/app.c
+++ b/src/mscrypto/app.c
@@ -29,6 +29,45 @@
# include "xmlsec-mingw.h"
#endif
+
+static LPWSTR
+xmlSecMSCryptoConvertLocaleToUnicode(const char* str) {
+ LPWSTR res = NULL;
+ int len;
+ int ret;
+
+ xmlSecAssert2(str != NULL, NULL);
+
+ /* call MultiByteToWideChar first to get the buffer size */
+ ret = MultiByteToWideChar(CP_ACP, 0, str, -1, NULL, 0);
+ if(ret <= 0) {
+ return(NULL);
+ }
+ len = ret;
+
+ /* allocate buffer */
+ res = (LPWSTR)xmlMalloc(sizeof(WCHAR) * len);
+ if(res == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+
+ /* convert */
+ ret = MultiByteToWideChar(CP_ACP, 0, str, -1, res, len);
+ if(ret <= 0) {
+ xmlFree(res);
+ return(NULL);
+ }
+
+ /* done */
+ return(res);
+}
+
+
/* I don't see any other way then to use a global var to get the
* config info to the mscrypto keysstore :( WK
*/
@@ -554,7 +593,6 @@ xmlSecMSCryptoAppPkcs12LoadMemory(const xmlSecByte* data,
const char *pwd,
void* pwdCallback ATTRIBUTE_UNUSED,
void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
- int ret, len;
CRYPT_DATA_BLOB pfx;
HCERTSTORE hCertStore = NULL;
PCCERT_CONTEXT tmpcert = NULL;
@@ -563,6 +601,7 @@ xmlSecMSCryptoAppPkcs12LoadMemory(const xmlSecByte* data,
xmlSecKeyDataPtr x509Data = NULL;
xmlSecKeyDataPtr keyData = NULL;
xmlSecKeyPtr key = NULL;
+ int ret;
xmlSecAssert2(data != NULL, NULL);
xmlSecAssert2(dataSize > 1, NULL);
@@ -582,33 +621,13 @@ xmlSecMSCryptoAppPkcs12LoadMemory(const xmlSecByte* data,
goto done;
}
- len = MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, pwd, -1, NULL, 0);
- if(len <= 0) {
+ wcPwd = xmlSecMSCryptoConvertLocaleToUnicode(pwd);
+ if (wcPwd == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- "MultiByteToWideChar",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
- }
-
- wcPwd = (WCHAR *)xmlMalloc((len + 1) * sizeof(WCHAR));
- if(wcPwd == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- "len=%d", len);
- goto done;
- }
-
- ret = MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, pwd, -1, wcPwd, len);
- if (ret <= 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "MultiByteToWideChar",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ "xmlSecMSCryptoConvertLocaleToUnicode",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "wcPwd");
goto done;
}
diff --git a/src/mscrypto/keysstore.c b/src/mscrypto/keysstore.c
index 1e977cf..2533f22 100644
--- a/src/mscrypto/keysstore.c
+++ b/src/mscrypto/keysstore.c
@@ -302,12 +302,50 @@ xmlSecMSCryptoKeysStoreFinalize(xmlSecKeyStorePtr store) {
xmlSecKeyStoreDestroy(*ss);
}
+static LPWSTR
+xmlSecMSCryptoConvertUtf8ToUnicode(const xmlChar* str) {
+ LPWSTR res = NULL;
+ int len;
+ int ret;
+
+ xmlSecAssert2(str != NULL, NULL);
+
+ /* call MultiByteToWideChar first to get the buffer size */
+ ret = MultiByteToWideChar(CP_UTF8, 0, str, -1, NULL, 0);
+ if(ret <= 0) {
+ return(NULL);
+ }
+ len = ret;
+
+ /* allocate buffer */
+ res = (LPWSTR)xmlMalloc(sizeof(WCHAR) * len);
+ if(res == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+
+ /* convert */
+ ret = MultiByteToWideChar(CP_UTF8, 0, str, -1, res, len);
+ if(ret <= 0) {
+ xmlFree(res);
+ return(NULL);
+ }
+
+ /* done */
+ return(res);
+}
+
static PCCERT_CONTEXT
xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name,
xmlSecKeyInfoCtxPtr keyInfoCtx) {
const char* storeName;
HCERTSTORE hStoreHandle = NULL;
PCCERT_CONTEXT pCertContext = NULL;
+ LPWSTR wcName = NULL;
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), NULL);
xmlSecAssert2(name != NULL, NULL);
@@ -329,32 +367,26 @@ xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name,
return(NULL);
}
- /* first attempt: search by cert id == name */
- if(pCertContext == NULL) {
- size_t len = xmlStrlen(name) + 1;
- wchar_t * lpCertID;
-
- /* aleksey todo: shouldn't we call MultiByteToWideChar first to get the buffer size? */
- lpCertID = (wchar_t *)xmlMalloc(sizeof(wchar_t) * len);
- if(lpCertID == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ wcName = xmlSecMSCryptoConvertUtf8ToUnicode(name);
+ if(wcName == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+ "xmlSecMSCryptoConvertUtf8ToUnicode",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "wcName");
CertCloseStore(hStoreHandle, 0);
return(NULL);
}
- MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, name, -1, lpCertID, len);
-
+
+ /* first attempt: search by cert id == name */
+ if(pCertContext == NULL) {
pCertContext = CertFindCertificateInStore(
hStoreHandle,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
0,
CERT_FIND_SUBJECT_STR,
- lpCertID,
+ wcName,
NULL);
- xmlFree(lpCertID);
}
/* We don't give up easily, now try to fetch the cert with a full blown
@@ -415,24 +447,11 @@ xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name,
* Try ro find certificate with name="Friendly Name"
*/
if (NULL == pCertContext) {
- DWORD dwPropSize;
+ DWORD dwPropSize;
PBYTE pbFriendlyName;
PCCERT_CONTEXT pCertCtxIter = NULL;
- size_t len = xmlStrlen(name) + 1;
- wchar_t * lpFName;
- lpFName = (wchar_t *)xmlMalloc(sizeof(wchar_t) * len);
- if(lpFName == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- CertCloseStore(hStoreHandle, 0);
- return(NULL);
- }
- MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, name, -1, lpFName, len);
-
+
while (pCertCtxIter = CertEnumCertificatesInStore(hStoreHandle, pCertCtxIter)) {
if (TRUE != CertGetCertificateContextProperty(pCertCtxIter,
CERT_FRIENDLY_NAME_PROP_ID,
@@ -448,7 +467,7 @@ xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name,
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
- xmlFree(lpFName);
+ xmlFree(wcName);
CertCloseStore(hStoreHandle, 0);
return(NULL);
}
@@ -461,15 +480,13 @@ xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name,
}
/* Compare FriendlyName to name */
- if (!wcscmp(lpFName, (const wchar_t *)pbFriendlyName)) {
+ if (!wcscmp(wcName, (const wchar_t *)pbFriendlyName)) {
pCertContext = pCertCtxIter;
xmlFree(pbFriendlyName);
break;
}
xmlFree(pbFriendlyName);
}
-
- xmlFree(lpFName);
}
/* We could do the following here:
@@ -484,6 +501,7 @@ xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name,
/* aleksey todo: is it a right idea to close store if we have a handle to
* a cert in this store? */
+ xmlFree(wcName);
CertCloseStore(hStoreHandle, 0);
return(pCertContext);
}
diff --git a/win32/mycfg.bat b/win32/mycfg.bat
index bf75ff0..c4994c7 100644
--- a/win32/mycfg.bat
+++ b/win32/mycfg.bat
@@ -11,7 +11,7 @@ REM
SET PREFIX=C:\cygwin\home\local
SET XMLSEC_INCLUDE=%PREFIX%\include;%PREFIX%\include\mozilla;%PREFIX%\include\mozilla\nspr;%PREFIX%\include\mozilla\nss;%MSSDK_INCLUDE%
SET XMLSEC_LIB=%PREFIX%\lib;%MSSDK_LIB%
-SET XMLSEC_OPTIONS=static=no iconv=no nt4=yes debug=yes xslt=yes crypto=openssl=098,mscrypto
+SET XMLSEC_OPTIONS=static=no iconv=no nt4=yes debug=yes xslt=yes crypto=mscrypto
del /F Makefile configure.txt
cscript configure.js prefix=%PREFIX% %XMLSEC_OPTIONS% include=%XMLSEC_INCLUDE% lib=%XMLSEC_LIB%
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
