You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Craig Brett (JIRA)" <ji...@apache.org> on 2017/01/05 19:52:58 UTC
[jira] [Created] (SANTUARIO-461) Internal key store should be
deleted on any CryptoAcquireContext() error
Craig Brett created SANTUARIO-461:
-------------------------------------
Summary: Internal key store should be deleted on any CryptoAcquireContext() error
Key: SANTUARIO-461
URL: https://issues.apache.org/jira/browse/SANTUARIO-461
Project: Santuario
Issue Type: Improvement
Components: C++
Affects Versions: C++ 1.7.2, C++ 1.7.3
Environment: Windows 10, VS2015 Update 3
Reporter: Craig Brett
Assignee: Scott Cantor
Priority: Minor
Fix For: C++ 1.7.4
In the WinCAPICryptoProvider constructor, if CryptAcquireContext fails when obtaining the internal key store, it only calls CryptAcquireContext again with the CRYPT_DELETEKEYSET option if the error encountered was NTE_BAD_KEYSET. We have seen this API fail with error NTE_KEYSET_ENTRY_BAD as well, but in that case, the key store is not deleted and the initialization fails. Why not just call CryptAcquireContext with the CRYPT_DELETEKEYSET option if any error is encountered (not just NTE_BAD_KEYSET) since the code block tries to subsequently re-create the key store anyway?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)