You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Scott Cantor (JIRA)" <ji...@apache.org> on 2017/09/01 23:34:00 UTC
[jira] [Resolved] (SANTUARIO-461) Internal key store should be
deleted on any CryptoAcquireContext() error
[ https://issues.apache.org/jira/browse/SANTUARIO-461?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Scott Cantor resolved SANTUARIO-461.
------------------------------------
Resolution: Fixed
Fix Version/s: (was: C++ 1.7.4)
C++ 2.0.0
r1807016
Note that the 2.0 release will officially deprecate the WinCAPI support pending someone offering to maintain it.
> Internal key store should be deleted on any CryptoAcquireContext() error
> -------------------------------------------------------------------------
>
> Key: SANTUARIO-461
> URL: https://issues.apache.org/jira/browse/SANTUARIO-461
> Project: Santuario
> Issue Type: Improvement
> Components: C++
> Affects Versions: C++ 1.7.2, C++ 1.7.3
> Environment: Windows 10, VS2015 Update 3
> Reporter: Craig Brett
> Assignee: Scott Cantor
> Priority: Minor
> Fix For: C++ 2.0.0
>
> Attachments: WinCAPICryptoProvider.cpp
>
>
> In the WinCAPICryptoProvider constructor, if CryptAcquireContext fails when obtaining the internal key store, it only calls CryptAcquireContext again with the CRYPT_DELETEKEYSET option if the error encountered was NTE_BAD_KEYSET. We have seen this API fail with error NTE_KEYSET_ENTRY_BAD as well, but in that case, the key store is not deleted and the initialization fails. Why not just call CryptAcquireContext with the CRYPT_DELETEKEYSET option if any error is encountered (not just NTE_BAD_KEYSET) since the code block tries to subsequently re-create the key store anyway?
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)