Swiftdiff options
Diffstat (limited to 'Swiften/TLS/CAPICertificate.cpp')
| -rw-r--r-- | Swiften/TLS/CAPICertificate.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Swiften/TLS/CAPICertificate.cpp b/Swiften/TLS/CAPICertificate.cpp index a6725c9..0dc3009 100644 --- a/Swiften/TLS/CAPICertificate.cpp +++ b/Swiften/TLS/CAPICertificate.cpp @@ -6,71 +6,71 @@ #pragma once #include <Swiften/TLS/CAPICertificate.h> #include <Swiften/StringCodecs/Hexify.h> #include <boost/algorithm/string/predicate.hpp> // Size of the SHA1 hash #define SHA1_HASH_LEN 20 namespace Swift { CAPICertificate::CAPICertificate(const std::string& capiUri) : valid_(false), uri_(capiUri), certStoreHandle_(0), certStore_(), certName_() { setUri(capiUri); } CAPICertificate::~CAPICertificate() { if (certStoreHandle_) { CertCloseStore(certStoreHandle_, 0); } } bool CAPICertificate::isNull() const { return uri_.empty() || !valid_; } const std::string& CAPICertificate::getCertStoreName() const { return certStore_; } const std::string& CAPICertificate::getCertName() const { return certName_; } -static PCCERT_CONTEXT findCertificateInStore (HCERTSTORE certStoreHandle, const std::string &certName) { +PCCERT_CONTEXT findCertificateInStore (HCERTSTORE certStoreHandle, const std::string &certName) { PCCERT_CONTEXT pCertContext = NULL; if (!boost::iequals(certName.substr(0, 5), "sha1:")) { // Find client certificate. Note that this sample just searches for a // certificate that contains the user name somewhere in the subject name. pCertContext = CertFindCertificateInStore(certStoreHandle, X509_ASN_ENCODING, 0, // dwFindFlags CERT_FIND_SUBJECT_STR_A, certName.c_str(), // *pvFindPara NULL ); // pPrevCertContext return pCertContext; } std::string hexstring = certName.substr(5); ByteArray byteArray = Hexify::unhexify(hexstring); CRYPT_HASH_BLOB HashBlob; if (byteArray.size() != SHA1_HASH_LEN) { return NULL; } HashBlob.cbData = SHA1_HASH_LEN; HashBlob.pbData = static_cast<BYTE *>(vecptr(byteArray)); // Find client certificate. Note that this sample just searches for a // certificate that contains the user name somewhere in the subject name. pCertContext = CertFindCertificateInStore(certStoreHandle, X509_ASN_ENCODING, 0, // dwFindFlags CERT_FIND_HASH, &HashBlob, NULL ); // pPrevCertContext @@ -81,71 +81,71 @@ static PCCERT_CONTEXT findCertificateInStore (HCERTSTORE certStoreHandle, const void CAPICertificate::setUri (const std::string& capiUri) { valid_ = false; /* Syntax: "certstore:" <cert_store> ":" <hash> ":" <hash_of_cert> */ if (!boost::iequals(capiUri.substr(0, 10), "certstore:")) { return; } /* Substring of subject: uses "storename" */ std::string capi_identity = capiUri.substr(10); std::string new_certStore_name; size_t pos = capi_identity.find_first_of (':'); if (pos == std::string::npos) { /* Using the default certificate store */ new_certStore_name = "MY"; certName_ = capi_identity; } else { new_certStore_name = capi_identity.substr(0, pos); certName_ = capi_identity.substr(pos + 1); } PCCERT_CONTEXT pCertContext = NULL; if (certStoreHandle_ != NULL) { if (new_certStore_name != certStore_) { CertCloseStore(certStoreHandle_, 0); certStoreHandle_ = NULL; } } if (certStoreHandle_ == NULL) { - certStoreHandle_ = CertOpenSystemStore(0, certStore_.c_str()); + certStoreHandle_ = CertOpenSystemStore(0, new_certStore_name.c_str()); if (!certStoreHandle_) { return; } } certStore_ = new_certStore_name; pCertContext = findCertificateInStore (certStoreHandle_, certName_); if (!pCertContext) { return; } /* Now verify that we can have access to the corresponding private key */ DWORD len; CRYPT_KEY_PROV_INFO *pinfo; HCRYPTPROV hprov; HCRYPTKEY key; if (!CertGetCertificateContextProperty(pCertContext, CERT_KEY_PROV_INFO_PROP_ID, NULL, &len)) { CertFreeCertificateContext(pCertContext); return; } pinfo = static_cast<CRYPT_KEY_PROV_INFO *>(malloc(len)); if (!pinfo) { CertFreeCertificateContext(pCertContext); return; } |