You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@santuario.apache.org by "Craig Brett (JIRA)" <ji...@apache.org> on 2017/01/05 19:52:58 UTC

[jira] [Created] (SANTUARIO-461) Internal key store should be deleted on any CryptoAcquireContext() error

Craig Brett created SANTUARIO-461:
-------------------------------------

             Summary: Internal key store should be deleted on any CryptoAcquireContext() error 
                 Key: SANTUARIO-461
                 URL: https://issues.apache.org/jira/browse/SANTUARIO-461
             Project: Santuario
          Issue Type: Improvement
          Components: C++
    Affects Versions: C++ 1.7.2, C++ 1.7.3
         Environment: Windows 10, VS2015 Update 3
            Reporter: Craig Brett
            Assignee: Scott Cantor
            Priority: Minor
             Fix For: C++ 1.7.4


In the WinCAPICryptoProvider constructor, if CryptAcquireContext fails when obtaining the internal key store, it only calls CryptAcquireContext again with the CRYPT_DELETEKEYSET option if the error encountered was NTE_BAD_KEYSET. We have seen this API fail with error NTE_KEYSET_ENTRY_BAD as well, but in that case, the key store is not deleted and the initialization fails. Why not just call CryptAcquireContext with the CRYPT_DELETEKEYSET option if any error is encountered (not just NTE_BAD_KEYSET) since the code block tries to subsequently re-create the key store anyway?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)