git.oblomov.eu Git - wine/blob - dlls/crypt32/store.c

   1 /*
   2  * Copyright 2002 Mike McCormack for CodeWeavers
   3  * Copyright 2004-2006 Juan Lang
   4  *
   5  * This library is free software; you can redistribute it and/or
   6  * modify it under the terms of the GNU Lesser General Public
   7  * License as published by the Free Software Foundation; either
   8  * version 2.1 of the License, or (at your option) any later version.
   9  *
  10  * This library is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13  * Lesser General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU Lesser General Public
  16  * License along with this library; if not, write to the Free Software
  17  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  18  *
  19  * FIXME:
  20  * - The concept of physical stores and locations isn't implemented.  (This
  21  *   doesn't mean registry stores et al aren't implemented.  See the PSDK for
  22  *   registering and enumerating physical stores and locations.)
  23  * - Many flags, options and whatnot are unimplemented.
  24  */
  25
  26 #include "config.h"
  27 #include "wine/port.h"
  28
  29 #include <assert.h>
  30 #include <stdarg.h>
  31 #include "windef.h"
  32 #include "winbase.h"
  33 #include "winnls.h"
  34 #include "winreg.h"
  35 #include "winuser.h"
  36 #include "wincrypt.h"
  37 #include "wine/debug.h"
  38 #include "wine/list.h"
  39 #include "wine/exception.h"
  40 #include "crypt32_private.h"
  41
  42 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
  43
  44 static const WINE_CONTEXT_INTERFACE gCertInterface = {
  45     (CreateContextFunc)CertCreateCertificateContext,
  46     (AddContextToStoreFunc)CertAddCertificateContextToStore,
  47     (AddEncodedContextToStoreFunc)CertAddEncodedCertificateToStore,
  48     (DuplicateContextFunc)CertDuplicateCertificateContext,
  49     (EnumContextsInStoreFunc)CertEnumCertificatesInStore,
  50     (EnumPropertiesFunc)CertEnumCertificateContextProperties,
  51     (GetContextPropertyFunc)CertGetCertificateContextProperty,
  52     (SetContextPropertyFunc)CertSetCertificateContextProperty,
  53     (SerializeElementFunc)CertSerializeCertificateStoreElement,
  54     (FreeContextFunc)CertFreeCertificateContext,
  55     (DeleteContextFunc)CertDeleteCertificateFromStore,
  56 };
  57 PCWINE_CONTEXT_INTERFACE pCertInterface = &gCertInterface;
  58
  59 static const WINE_CONTEXT_INTERFACE gCRLInterface = {
  60     (CreateContextFunc)CertCreateCRLContext,
  61     (AddContextToStoreFunc)CertAddCRLContextToStore,
  62     (AddEncodedContextToStoreFunc)CertAddEncodedCRLToStore,
  63     (DuplicateContextFunc)CertDuplicateCRLContext,
  64     (EnumContextsInStoreFunc)CertEnumCRLsInStore,
  65     (EnumPropertiesFunc)CertEnumCRLContextProperties,
  66     (GetContextPropertyFunc)CertGetCRLContextProperty,
  67     (SetContextPropertyFunc)CertSetCRLContextProperty,
  68     (SerializeElementFunc)CertSerializeCRLStoreElement,
  69     (FreeContextFunc)CertFreeCRLContext,
  70     (DeleteContextFunc)CertDeleteCRLFromStore,
  71 };
  72 PCWINE_CONTEXT_INTERFACE pCRLInterface = &gCRLInterface;
  73
  74 static const WINE_CONTEXT_INTERFACE gCTLInterface = {
  75     (CreateContextFunc)CertCreateCTLContext,
  76     (AddContextToStoreFunc)CertAddCTLContextToStore,
  77     (AddEncodedContextToStoreFunc)CertAddEncodedCTLToStore,
  78     (DuplicateContextFunc)CertDuplicateCTLContext,
  79     (EnumContextsInStoreFunc)CertEnumCTLsInStore,
  80     (EnumPropertiesFunc)CertEnumCTLContextProperties,
  81     (GetContextPropertyFunc)CertGetCTLContextProperty,
  82     (SetContextPropertyFunc)CertSetCTLContextProperty,
  83     (SerializeElementFunc)CertSerializeCTLStoreElement,
  84     (FreeContextFunc)CertFreeCTLContext,
  85     (DeleteContextFunc)CertDeleteCTLFromStore,
  86 };
  87 PCWINE_CONTEXT_INTERFACE pCTLInterface = &gCTLInterface;
  88
  89 typedef struct _WINE_MEMSTORE
  90 {
  91     WINECRYPT_CERTSTORE hdr;
  92     struct ContextList *certs;
  93     struct ContextList *crls;
  94     struct ContextList *ctls;
  95 } WINE_MEMSTORE, *PWINE_MEMSTORE;
  96
  97 void CRYPT_InitStore(WINECRYPT_CERTSTORE *store, DWORD dwFlags,
  98  CertStoreType type)
  99 {
 100     store->ref = 1;
 101     store->dwMagic = WINE_CRYPTCERTSTORE_MAGIC;
 102     store->type = type;
 103     store->dwOpenFlags = dwFlags;
 104     store->properties = NULL;
 105 }
 106
 107 void CRYPT_FreeStore(PWINECRYPT_CERTSTORE store)
 108 {
 109     if (store->properties)
 110         ContextPropertyList_Free(store->properties);
 111     CryptMemFree(store);
 112 }
 113
 114 BOOL WINAPI I_CertUpdateStore(HCERTSTORE store1, HCERTSTORE store2, DWORD unk0,
 115  DWORD unk1)
 116 {
 117     static BOOL warned = FALSE;
 118     const WINE_CONTEXT_INTERFACE * const interfaces[] = { pCertInterface,
 119      pCRLInterface, pCTLInterface };
 120     DWORD i;
 121
 122     TRACE("(%p, %p, %08x, %08x)\n", store1, store2, unk0, unk1);
 123     if (!warned)
 124     {
 125         FIXME("semi-stub\n");
 126         warned = TRUE;
 127     }
 128
 129     /* Poor-man's resync:  empty first store, then add everything from second
 130      * store to it.
 131      */
 132     for (i = 0; i < sizeof(interfaces) / sizeof(interfaces[0]); i++)
 133     {
 134         const void *context;
 135
 136         do {
 137             context = interfaces[i]->enumContextsInStore(store1, NULL);
 138             if (context)
 139                 interfaces[i]->deleteFromStore(context);
 140         } while (context);
 141         do {
 142             context = interfaces[i]->enumContextsInStore(store2, context);
 143             if (context)
 144                 interfaces[i]->addContextToStore(store1, context,
 145                  CERT_STORE_ADD_ALWAYS, NULL);
 146         } while (context);
 147     }
 148     return TRUE;
 149 }
 150
 151 static BOOL CRYPT_MemAddCert(PWINECRYPT_CERTSTORE store, void *cert,
 152  void *toReplace, const void **ppStoreContext)
 153 {
 154     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 155     PCERT_CONTEXT context;
 156
 157     TRACE("(%p, %p, %p, %p)\n", store, cert, toReplace, ppStoreContext);
 158
 159     context = ContextList_Add(ms->certs, cert, toReplace);
 160     if (context)
 161     {
 162         context->hCertStore = store;
 163         if (ppStoreContext)
 164             *ppStoreContext = CertDuplicateCertificateContext(context);
 165     }
 166     return context ? TRUE : FALSE;
 167 }
 168
 169 static void *CRYPT_MemEnumCert(PWINECRYPT_CERTSTORE store, void *pPrev)
 170 {
 171     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 172     void *ret;
 173
 174     TRACE("(%p, %p)\n", store, pPrev);
 175
 176     ret = ContextList_Enum(ms->certs, pPrev);
 177     if (!ret)
 178         SetLastError(CRYPT_E_NOT_FOUND);
 179
 180     TRACE("returning %p\n", ret);
 181     return ret;
 182 }
 183
 184 static BOOL CRYPT_MemDeleteCert(PWINECRYPT_CERTSTORE store, void *pCertContext)
 185 {
 186     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 187     BOOL ret;
 188
 189     if (ContextList_Remove(ms->certs, pCertContext))
 190         ret = CertFreeCertificateContext(pCertContext);
 191     else
 192         ret = TRUE;
 193     return ret;
 194 }
 195
 196 static BOOL CRYPT_MemAddCrl(PWINECRYPT_CERTSTORE store, void *crl,
 197  void *toReplace, const void **ppStoreContext)
 198 {
 199     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 200     PCRL_CONTEXT context;
 201
 202     TRACE("(%p, %p, %p, %p)\n", store, crl, toReplace, ppStoreContext);
 203
 204     context = ContextList_Add(ms->crls, crl, toReplace);
 205     if (context)
 206     {
 207         context->hCertStore = store;
 208         if (ppStoreContext)
 209             *ppStoreContext = CertDuplicateCRLContext(context);
 210     }
 211     return context ? TRUE : FALSE;
 212 }
 213
 214 static void *CRYPT_MemEnumCrl(PWINECRYPT_CERTSTORE store, void *pPrev)
 215 {
 216     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 217     void *ret;
 218
 219     TRACE("(%p, %p)\n", store, pPrev);
 220
 221     ret = ContextList_Enum(ms->crls, pPrev);
 222     if (!ret)
 223         SetLastError(CRYPT_E_NOT_FOUND);
 224
 225     TRACE("returning %p\n", ret);
 226     return ret;
 227 }
 228
 229 static BOOL CRYPT_MemDeleteCrl(PWINECRYPT_CERTSTORE store, void *pCrlContext)
 230 {
 231     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 232     BOOL ret;
 233
 234     if (ContextList_Remove(ms->crls, pCrlContext))
 235         ret = CertFreeCRLContext(pCrlContext);
 236     else
 237         ret = TRUE;
 238     return ret;
 239 }
 240
 241 static BOOL CRYPT_MemAddCtl(PWINECRYPT_CERTSTORE store, void *ctl,
 242  void *toReplace, const void **ppStoreContext)
 243 {
 244     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 245     PCTL_CONTEXT context;
 246
 247     TRACE("(%p, %p, %p, %p)\n", store, ctl, toReplace, ppStoreContext);
 248
 249     context = ContextList_Add(ms->ctls, ctl, toReplace);
 250     if (context)
 251     {
 252         context->hCertStore = store;
 253         if (ppStoreContext)
 254             *ppStoreContext = CertDuplicateCTLContext(context);
 255     }
 256     return context ? TRUE : FALSE;
 257 }
 258
 259 static void *CRYPT_MemEnumCtl(PWINECRYPT_CERTSTORE store, void *pPrev)
 260 {
 261     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 262     void *ret;
 263
 264     TRACE("(%p, %p)\n", store, pPrev);
 265
 266     ret = ContextList_Enum(ms->ctls, pPrev);
 267     if (!ret)
 268         SetLastError(CRYPT_E_NOT_FOUND);
 269
 270     TRACE("returning %p\n", ret);
 271     return ret;
 272 }
 273
 274 static BOOL CRYPT_MemDeleteCtl(PWINECRYPT_CERTSTORE store, void *pCtlContext)
 275 {
 276     WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
 277     BOOL ret;
 278
 279     if (ContextList_Remove(ms->ctls, pCtlContext))
 280         ret = CertFreeCTLContext(pCtlContext);
 281     else
 282         ret = TRUE;
 283     return ret;
 284 }
 285
 286 static BOOL WINAPI CRYPT_MemControl(HCERTSTORE hCertStore, DWORD dwFlags,
 287  DWORD dwCtrlType, void const *pvCtrlPara)
 288 {
 289     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 290     return FALSE;
 291 }
 292
 293 static void WINAPI CRYPT_MemCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
 294 {
 295     WINE_MEMSTORE *store = hCertStore;
 296
 297     TRACE("(%p, %08x)\n", store, dwFlags);
 298     if (dwFlags)
 299         FIXME("Unimplemented flags: %08x\n", dwFlags);
 300
 301     ContextList_Free(store->certs);
 302     ContextList_Free(store->crls);
 303     ContextList_Free(store->ctls);
 304     CRYPT_FreeStore((PWINECRYPT_CERTSTORE)store);
 305 }
 306
 307 static WINECRYPT_CERTSTORE *CRYPT_MemOpenStore(HCRYPTPROV hCryptProv,
 308  DWORD dwFlags, const void *pvPara)
 309 {
 310     PWINE_MEMSTORE store;
 311
 312     TRACE("(%ld, %08x, %p)\n", hCryptProv, dwFlags, pvPara);
 313
 314     if (dwFlags & CERT_STORE_DELETE_FLAG)
 315     {
 316         SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 317         store = NULL;
 318     }
 319     else
 320     {
 321         store = CryptMemAlloc(sizeof(WINE_MEMSTORE));
 322         if (store)
 323         {
 324             memset(store, 0, sizeof(WINE_MEMSTORE));
 325             CRYPT_InitStore(&store->hdr, dwFlags, StoreTypeMem);
 326             store->hdr.closeStore          = CRYPT_MemCloseStore;
 327             store->hdr.certs.addContext    = CRYPT_MemAddCert;
 328             store->hdr.certs.enumContext   = CRYPT_MemEnumCert;
 329             store->hdr.certs.deleteContext = CRYPT_MemDeleteCert;
 330             store->hdr.crls.addContext     = CRYPT_MemAddCrl;
 331             store->hdr.crls.enumContext    = CRYPT_MemEnumCrl;
 332             store->hdr.crls.deleteContext  = CRYPT_MemDeleteCrl;
 333             store->hdr.ctls.addContext     = CRYPT_MemAddCtl;
 334             store->hdr.ctls.enumContext    = CRYPT_MemEnumCtl;
 335             store->hdr.ctls.deleteContext  = CRYPT_MemDeleteCtl;
 336             store->hdr.control             = CRYPT_MemControl;
 337             store->certs = ContextList_Create(pCertInterface,
 338              sizeof(CERT_CONTEXT));
 339             store->crls = ContextList_Create(pCRLInterface,
 340              sizeof(CRL_CONTEXT));
 341             store->ctls = ContextList_Create(pCTLInterface,
 342              sizeof(CTL_CONTEXT));
 343             /* Mem store doesn't need crypto provider, so close it */
 344             if (hCryptProv && !(dwFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG))
 345                 CryptReleaseContext(hCryptProv, 0);
 346         }
 347     }
 348     return (PWINECRYPT_CERTSTORE)store;
 349 }
 350
 351 static const WCHAR rootW[] = { 'R','o','o','t',0 };
 352
 353 static PWINECRYPT_CERTSTORE CRYPT_SysRegOpenStoreW(HCRYPTPROV hCryptProv,
 354  DWORD dwFlags, const void *pvPara)
 355 {
 356     static const WCHAR fmt[] = { '%','s','\\','%','s',0 };
 357     LPCWSTR storeName = pvPara;
 358     LPWSTR storePath;
 359     PWINECRYPT_CERTSTORE store = NULL;
 360     HKEY root;
 361     LPCWSTR base;
 362
 363     TRACE("(%ld, %08x, %s)\n", hCryptProv, dwFlags,
 364      debugstr_w(pvPara));
 365
 366     if (!pvPara)
 367     {
 368         SetLastError(E_INVALIDARG);
 369         return NULL;
 370     }
 371     /* FIXME:  In Windows, the root store (even the current user location) is
 372      * protected:  adding to it or removing from it present a user interface,
 373      * and the keys are owned by the system process, not the current user.
 374      * Wine's registry doesn't implement access controls, so a similar
 375      * mechanism isn't possible yet.
 376      */
 377     if ((dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK) ==
 378      CERT_SYSTEM_STORE_LOCAL_MACHINE && !lstrcmpiW(storeName, rootW))
 379         return CRYPT_RootOpenStore(hCryptProv, dwFlags);
 380
 381     switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
 382     {
 383     case CERT_SYSTEM_STORE_LOCAL_MACHINE:
 384         root = HKEY_LOCAL_MACHINE;
 385         base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
 386         break;
 387     case CERT_SYSTEM_STORE_CURRENT_USER:
 388         root = HKEY_CURRENT_USER;
 389         base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
 390         break;
 391     case CERT_SYSTEM_STORE_CURRENT_SERVICE:
 392         /* hklm\Software\Microsoft\Cryptography\Services\servicename\
 393          * SystemCertificates
 394          */
 395         FIXME("CERT_SYSTEM_STORE_CURRENT_SERVICE, %s: stub\n",
 396          debugstr_w(storeName));
 397         return NULL;
 398     case CERT_SYSTEM_STORE_SERVICES:
 399         /* hklm\Software\Microsoft\Cryptography\Services\servicename\
 400          * SystemCertificates
 401          */
 402         FIXME("CERT_SYSTEM_STORE_SERVICES, %s: stub\n",
 403          debugstr_w(storeName));
 404         return NULL;
 405     case CERT_SYSTEM_STORE_USERS:
 406         /* hku\user sid\Software\Microsoft\SystemCertificates */
 407         FIXME("CERT_SYSTEM_STORE_USERS, %s: stub\n",
 408          debugstr_w(storeName));
 409         return NULL;
 410     case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
 411         root = HKEY_CURRENT_USER;
 412         base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
 413         break;
 414     case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
 415         root = HKEY_LOCAL_MACHINE;
 416         base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
 417         break;
 418     case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
 419         /* hklm\Software\Microsoft\EnterpriseCertificates */
 420         FIXME("CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE, %s: stub\n",
 421          debugstr_w(storeName));
 422         return NULL;
 423     default:
 424         SetLastError(E_INVALIDARG);
 425         return NULL;
 426     }
 427
 428     storePath = CryptMemAlloc((lstrlenW(base) + lstrlenW(storeName) + 2) *
 429      sizeof(WCHAR));
 430     if (storePath)
 431     {
 432         LONG rc;
 433         HKEY key;
 434         REGSAM sam = dwFlags & CERT_STORE_READONLY_FLAG ? KEY_READ :
 435             KEY_ALL_ACCESS;
 436
 437         wsprintfW(storePath, fmt, base, storeName);
 438         if (dwFlags & CERT_STORE_OPEN_EXISTING_FLAG)
 439             rc = RegOpenKeyExW(root, storePath, 0, sam, &key);
 440         else
 441         {
 442             DWORD disp;
 443
 444             rc = RegCreateKeyExW(root, storePath, 0, NULL, 0, sam, NULL,
 445                                  &key, &disp);
 446             if (!rc && dwFlags & CERT_STORE_CREATE_NEW_FLAG &&
 447                 disp == REG_OPENED_EXISTING_KEY)
 448             {
 449                 RegCloseKey(key);
 450                 rc = ERROR_FILE_EXISTS;
 451             }
 452         }
 453         if (!rc)
 454         {
 455             store = CRYPT_RegOpenStore(hCryptProv, dwFlags, key);
 456             RegCloseKey(key);
 457         }
 458         else
 459             SetLastError(rc);
 460         CryptMemFree(storePath);
 461     }
 462     return store;
 463 }
 464
 465 static PWINECRYPT_CERTSTORE CRYPT_SysRegOpenStoreA(HCRYPTPROV hCryptProv,
 466  DWORD dwFlags, const void *pvPara)
 467 {
 468     int len;
 469     PWINECRYPT_CERTSTORE ret = NULL;
 470
 471     TRACE("(%ld, %08x, %s)\n", hCryptProv, dwFlags,
 472      debugstr_a(pvPara));
 473
 474     if (!pvPara)
 475     {
 476         SetLastError(ERROR_FILE_NOT_FOUND);
 477         return NULL;
 478     }
 479     len = MultiByteToWideChar(CP_ACP, 0, pvPara, -1, NULL, 0);
 480     if (len)
 481     {
 482         LPWSTR storeName = CryptMemAlloc(len * sizeof(WCHAR));
 483
 484         if (storeName)
 485         {
 486             MultiByteToWideChar(CP_ACP, 0, pvPara, -1, storeName, len);
 487             ret = CRYPT_SysRegOpenStoreW(hCryptProv, dwFlags, storeName);
 488             CryptMemFree(storeName);
 489         }
 490     }
 491     return ret;
 492 }
 493
 494 static PWINECRYPT_CERTSTORE CRYPT_SysOpenStoreW(HCRYPTPROV hCryptProv,
 495  DWORD dwFlags, const void *pvPara)
 496 {
 497     HCERTSTORE store = 0;
 498     BOOL ret;
 499
 500     TRACE("(%ld, %08x, %s)\n", hCryptProv, dwFlags,
 501      debugstr_w(pvPara));
 502
 503     if (!pvPara)
 504     {
 505         SetLastError(ERROR_FILE_NOT_FOUND);
 506         return NULL;
 507     }
 508     /* This returns a different error than system registry stores if the
 509      * location is invalid.
 510      */
 511     switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
 512     {
 513     case CERT_SYSTEM_STORE_LOCAL_MACHINE:
 514     case CERT_SYSTEM_STORE_CURRENT_USER:
 515     case CERT_SYSTEM_STORE_CURRENT_SERVICE:
 516     case CERT_SYSTEM_STORE_SERVICES:
 517     case CERT_SYSTEM_STORE_USERS:
 518     case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
 519     case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
 520     case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
 521         ret = TRUE;
 522         break;
 523     default:
 524         SetLastError(ERROR_FILE_NOT_FOUND);
 525         ret = FALSE;
 526     }
 527     if (ret)
 528     {
 529         HCERTSTORE regStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W,
 530          0, 0, dwFlags, pvPara);
 531
 532         if (regStore)
 533         {
 534             store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
 535              CERT_STORE_CREATE_NEW_FLAG, NULL);
 536             CertAddStoreToCollection(store, regStore,
 537              dwFlags & CERT_STORE_READONLY_FLAG ? 0 :
 538              CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
 539             CertCloseStore(regStore, 0);
 540             /* CERT_SYSTEM_STORE_CURRENT_USER returns both the HKCU and HKLM
 541              * stores.
 542              */
 543             if ((dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK) ==
 544              CERT_SYSTEM_STORE_CURRENT_USER)
 545             {
 546                 dwFlags &= ~CERT_SYSTEM_STORE_CURRENT_USER;
 547                 dwFlags |= CERT_SYSTEM_STORE_LOCAL_MACHINE;
 548                 regStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W, 0,
 549                  0, dwFlags, pvPara);
 550                 if (regStore)
 551                 {
 552                     CertAddStoreToCollection(store, regStore,
 553                      dwFlags & CERT_STORE_READONLY_FLAG ? 0 :
 554                      CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
 555                     CertCloseStore(regStore, 0);
 556                 }
 557             }
 558             /* System store doesn't need crypto provider, so close it */
 559             if (hCryptProv && !(dwFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG))
 560                 CryptReleaseContext(hCryptProv, 0);
 561         }
 562     }
 563     return store;
 564 }
 565
 566 static PWINECRYPT_CERTSTORE CRYPT_SysOpenStoreA(HCRYPTPROV hCryptProv,
 567  DWORD dwFlags, const void *pvPara)
 568 {
 569     int len;
 570     PWINECRYPT_CERTSTORE ret = NULL;
 571
 572     TRACE("(%ld, %08x, %s)\n", hCryptProv, dwFlags,
 573      debugstr_a(pvPara));
 574
 575     if (!pvPara)
 576     {
 577         SetLastError(ERROR_FILE_NOT_FOUND);
 578         return NULL;
 579     }
 580     len = MultiByteToWideChar(CP_ACP, 0, pvPara, -1, NULL, 0);
 581     if (len)
 582     {
 583         LPWSTR storeName = CryptMemAlloc(len * sizeof(WCHAR));
 584
 585         if (storeName)
 586         {
 587             MultiByteToWideChar(CP_ACP, 0, pvPara, -1, storeName, len);
 588             ret = CRYPT_SysOpenStoreW(hCryptProv, dwFlags, storeName);
 589             CryptMemFree(storeName);
 590         }
 591     }
 592     return ret;
 593 }
 594
 595 static void WINAPI CRYPT_MsgCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
 596 {
 597     HCRYPTMSG msg = hCertStore;
 598
 599     TRACE("(%p, %08x)\n", msg, dwFlags);
 600     CryptMsgClose(msg);
 601 }
 602
 603 static void *msgProvFuncs[] = {
 604     CRYPT_MsgCloseStore,
 605 };
 606
 607 static PWINECRYPT_CERTSTORE CRYPT_MsgOpenStore(HCRYPTPROV hCryptProv,
 608  DWORD dwFlags, const void *pvPara)
 609 {
 610     PWINECRYPT_CERTSTORE store = NULL;
 611     HCRYPTMSG msg = (HCRYPTMSG)pvPara;
 612     PWINECRYPT_CERTSTORE memStore;
 613
 614     TRACE("(%ld, %08x, %p)\n", hCryptProv, dwFlags, pvPara);
 615
 616     memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
 617      CERT_STORE_CREATE_NEW_FLAG, NULL);
 618     if (memStore)
 619     {
 620         BOOL ret;
 621         DWORD size, count, i;
 622
 623         size = sizeof(count);
 624         ret = CryptMsgGetParam(msg, CMSG_CERT_COUNT_PARAM, 0, &count, &size);
 625         for (i = 0; ret && i < count; i++)
 626         {
 627             size = 0;
 628             ret = CryptMsgGetParam(msg, CMSG_CERT_PARAM, i, NULL, &size);
 629             if (ret)
 630             {
 631                 LPBYTE buf = CryptMemAlloc(size);
 632
 633                 if (buf)
 634                 {
 635                     ret = CryptMsgGetParam(msg, CMSG_CERT_PARAM, i, buf, &size);
 636                     if (ret)
 637                         ret = CertAddEncodedCertificateToStore(memStore,
 638                          X509_ASN_ENCODING, buf, size, CERT_STORE_ADD_ALWAYS,
 639                          NULL);
 640                     CryptMemFree(buf);
 641                 }
 642             }
 643         }
 644         size = sizeof(count);
 645         ret = CryptMsgGetParam(msg, CMSG_CRL_COUNT_PARAM, 0, &count, &size);
 646         for (i = 0; ret && i < count; i++)
 647         {
 648             size = 0;
 649             ret = CryptMsgGetParam(msg, CMSG_CRL_PARAM, i, NULL, &size);
 650             if (ret)
 651             {
 652                 LPBYTE buf = CryptMemAlloc(size);
 653
 654                 if (buf)
 655                 {
 656                     ret = CryptMsgGetParam(msg, CMSG_CRL_PARAM, i, buf, &size);
 657                     if (ret)
 658                         ret = CertAddEncodedCRLToStore(memStore,
 659                          X509_ASN_ENCODING, buf, size, CERT_STORE_ADD_ALWAYS,
 660                          NULL);
 661                     CryptMemFree(buf);
 662                 }
 663             }
 664         }
 665         if (ret)
 666         {
 667             CERT_STORE_PROV_INFO provInfo = { 0 };
 668
 669             provInfo.cbSize = sizeof(provInfo);
 670             provInfo.cStoreProvFunc = sizeof(msgProvFuncs) /
 671              sizeof(msgProvFuncs[0]);
 672             provInfo.rgpvStoreProvFunc = msgProvFuncs;
 673             provInfo.hStoreProv = CryptMsgDuplicate(msg);
 674             store = CRYPT_ProvCreateStore(dwFlags, memStore, &provInfo);
 675             /* Msg store doesn't need crypto provider, so close it */
 676             if (hCryptProv && !(dwFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG))
 677                 CryptReleaseContext(hCryptProv, 0);
 678         }
 679         else
 680             CertCloseStore(memStore, 0);
 681     }
 682     TRACE("returning %p\n", store);
 683     return store;
 684 }
 685
 686 static PWINECRYPT_CERTSTORE CRYPT_PKCSOpenStore(HCRYPTPROV hCryptProv,
 687  DWORD dwFlags, const void *pvPara)
 688 {
 689     HCRYPTMSG msg;
 690     PWINECRYPT_CERTSTORE store = NULL;
 691     const CRYPT_DATA_BLOB *data = pvPara;
 692     BOOL ret;
 693     DWORD msgOpenFlags = dwFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG ? 0 :
 694      CMSG_CRYPT_RELEASE_CONTEXT_FLAG;
 695
 696     TRACE("(%ld, %08x, %p)\n", hCryptProv, dwFlags, pvPara);
 697
 698     msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, msgOpenFlags, CMSG_SIGNED,
 699      hCryptProv, NULL, NULL);
 700     ret = CryptMsgUpdate(msg, data->pbData, data->cbData, TRUE);
 701     if (!ret)
 702     {
 703         CryptMsgClose(msg);
 704         msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, msgOpenFlags, 0,
 705          hCryptProv, NULL, NULL);
 706         ret = CryptMsgUpdate(msg, data->pbData, data->cbData, TRUE);
 707         if (ret)
 708         {
 709             DWORD type, size = sizeof(type);
 710
 711             /* Only signed messages are allowed, check type */
 712             ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, &type, &size);
 713             if (ret && type != CMSG_SIGNED)
 714             {
 715                 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
 716                 ret = FALSE;
 717             }
 718         }
 719     }
 720     if (ret)
 721         store = CRYPT_MsgOpenStore(0, dwFlags, msg);
 722     CryptMsgClose(msg);
 723     TRACE("returning %p\n", store);
 724     return store;
 725 }
 726
 727 static PWINECRYPT_CERTSTORE CRYPT_PhysOpenStoreW(HCRYPTPROV hCryptProv,
 728  DWORD dwFlags, const void *pvPara)
 729 {
 730     if (dwFlags & CERT_SYSTEM_STORE_RELOCATE_FLAG)
 731         FIXME("(%ld, %08x, %p): stub\n", hCryptProv, dwFlags, pvPara);
 732     else
 733         FIXME("(%ld, %08x, %s): stub\n", hCryptProv, dwFlags,
 734          debugstr_w(pvPara));
 735     return NULL;
 736 }
 737
 738 HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider,
 739  DWORD dwMsgAndCertEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags,
 740  const void* pvPara)
 741 {
 742     WINECRYPT_CERTSTORE *hcs;
 743     StoreOpenFunc openFunc = NULL;
 744
 745     TRACE("(%s, %08x, %08lx, %08x, %p)\n", debugstr_a(lpszStoreProvider),
 746           dwMsgAndCertEncodingType, hCryptProv, dwFlags, pvPara);
 747
 748     if (IS_INTOID(lpszStoreProvider))
 749     {
 750         switch (LOWORD(lpszStoreProvider))
 751         {
 752         case LOWORD(CERT_STORE_PROV_MSG):
 753             openFunc = CRYPT_MsgOpenStore;
 754             break;
 755         case LOWORD(CERT_STORE_PROV_MEMORY):
 756             openFunc = CRYPT_MemOpenStore;
 757             break;
 758         case LOWORD(CERT_STORE_PROV_FILE):
 759             openFunc = CRYPT_FileOpenStore;
 760             break;
 761         case LOWORD(CERT_STORE_PROV_PKCS7):
 762             openFunc = CRYPT_PKCSOpenStore;
 763             break;
 764         case LOWORD(CERT_STORE_PROV_REG):
 765             openFunc = CRYPT_RegOpenStore;
 766             break;
 767         case LOWORD(CERT_STORE_PROV_FILENAME_A):
 768             openFunc = CRYPT_FileNameOpenStoreA;
 769             break;
 770         case LOWORD(CERT_STORE_PROV_FILENAME_W):
 771             openFunc = CRYPT_FileNameOpenStoreW;
 772             break;
 773         case LOWORD(CERT_STORE_PROV_COLLECTION):
 774             openFunc = CRYPT_CollectionOpenStore;
 775             break;
 776         case LOWORD(CERT_STORE_PROV_SYSTEM_A):
 777             openFunc = CRYPT_SysOpenStoreA;
 778             break;
 779         case LOWORD(CERT_STORE_PROV_SYSTEM_W):
 780             openFunc = CRYPT_SysOpenStoreW;
 781             break;
 782         case LOWORD(CERT_STORE_PROV_SYSTEM_REGISTRY_A):
 783             openFunc = CRYPT_SysRegOpenStoreA;
 784             break;
 785         case LOWORD(CERT_STORE_PROV_SYSTEM_REGISTRY_W):
 786             openFunc = CRYPT_SysRegOpenStoreW;
 787             break;
 788         case LOWORD(CERT_STORE_PROV_PHYSICAL_W):
 789             openFunc = CRYPT_PhysOpenStoreW;
 790             break;
 791         default:
 792             if (LOWORD(lpszStoreProvider))
 793                 FIXME("unimplemented type %d\n", LOWORD(lpszStoreProvider));
 794         }
 795     }
 796     else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_MEMORY))
 797         openFunc = CRYPT_MemOpenStore;
 798     else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_FILENAME_W))
 799         openFunc = CRYPT_FileOpenStore;
 800     else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_SYSTEM))
 801         openFunc = CRYPT_SysOpenStoreW;
 802     else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_COLLECTION))
 803         openFunc = CRYPT_CollectionOpenStore;
 804     else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_SYSTEM_REGISTRY))
 805         openFunc = CRYPT_SysRegOpenStoreW;
 806     else
 807     {
 808         FIXME("unimplemented type %s\n", lpszStoreProvider);
 809         openFunc = NULL;
 810     }
 811
 812     if (!openFunc)
 813         hcs = CRYPT_ProvOpenStore(lpszStoreProvider, dwMsgAndCertEncodingType,
 814          hCryptProv, dwFlags, pvPara);
 815     else
 816         hcs = openFunc(hCryptProv, dwFlags, pvPara);
 817     return hcs;
 818 }
 819
 820 HCERTSTORE WINAPI CertOpenSystemStoreA(HCRYPTPROV_LEGACY hProv,
 821  LPCSTR szSubSystemProtocol)
 822 {
 823     if (!szSubSystemProtocol)
 824     {
 825         SetLastError(E_INVALIDARG);
 826         return 0;
 827     }
 828     return CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, hProv,
 829      CERT_SYSTEM_STORE_CURRENT_USER, szSubSystemProtocol);
 830 }
 831
 832 HCERTSTORE WINAPI CertOpenSystemStoreW(HCRYPTPROV_LEGACY hProv,
 833  LPCWSTR szSubSystemProtocol)
 834 {
 835     if (!szSubSystemProtocol)
 836     {
 837         SetLastError(E_INVALIDARG);
 838         return 0;
 839     }
 840     return CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, hProv,
 841      CERT_SYSTEM_STORE_CURRENT_USER, szSubSystemProtocol);
 842 }
 843
 844 #define CertContext_CopyProperties(to, from) \
 845  Context_CopyProperties((to), (from), sizeof(CERT_CONTEXT))
 846
 847 BOOL WINAPI CertAddCertificateContextToStore(HCERTSTORE hCertStore,
 848  PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition,
 849  PCCERT_CONTEXT *ppStoreContext)
 850 {
 851     PWINECRYPT_CERTSTORE store = hCertStore;
 852     BOOL ret = TRUE;
 853     PCCERT_CONTEXT toAdd = NULL, existing = NULL;
 854
 855     TRACE("(%p, %p, %08x, %p)\n", hCertStore, pCertContext,
 856      dwAddDisposition, ppStoreContext);
 857
 858     switch (dwAddDisposition)
 859     {
 860     case CERT_STORE_ADD_ALWAYS:
 861         break;
 862     case CERT_STORE_ADD_NEW:
 863     case CERT_STORE_ADD_REPLACE_EXISTING:
 864     case CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES:
 865     case CERT_STORE_ADD_USE_EXISTING:
 866     case CERT_STORE_ADD_NEWER:
 867     case CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES:
 868     {
 869         BYTE hashToAdd[20];
 870         DWORD size = sizeof(hashToAdd);
 871
 872         ret = CertGetCertificateContextProperty(pCertContext, CERT_HASH_PROP_ID,
 873          hashToAdd, &size);
 874         if (ret)
 875         {
 876             CRYPT_HASH_BLOB blob = { sizeof(hashToAdd), hashToAdd };
 877
 878             existing = CertFindCertificateInStore(hCertStore,
 879              pCertContext->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob,
 880              NULL);
 881         }
 882         break;
 883     }
 884     default:
 885         FIXME("Unimplemented add disposition %d\n", dwAddDisposition);
 886         SetLastError(E_INVALIDARG);
 887         ret = FALSE;
 888     }
 889
 890     switch (dwAddDisposition)
 891     {
 892     case CERT_STORE_ADD_ALWAYS:
 893         toAdd = CertDuplicateCertificateContext(pCertContext);
 894         break;
 895     case CERT_STORE_ADD_NEW:
 896         if (existing)
 897         {
 898             TRACE("found matching certificate, not adding\n");
 899             SetLastError(CRYPT_E_EXISTS);
 900             ret = FALSE;
 901         }
 902         else
 903             toAdd = CertDuplicateCertificateContext(pCertContext);
 904         break;
 905     case CERT_STORE_ADD_REPLACE_EXISTING:
 906         toAdd = CertDuplicateCertificateContext(pCertContext);
 907         break;
 908     case CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES:
 909         toAdd = CertDuplicateCertificateContext(pCertContext);
 910         if (existing)
 911             CertContext_CopyProperties(toAdd, existing);
 912         break;
 913     case CERT_STORE_ADD_USE_EXISTING:
 914         if (existing)
 915         {
 916             CertContext_CopyProperties(existing, pCertContext);
 917             if (ppStoreContext)
 918                 *ppStoreContext = CertDuplicateCertificateContext(existing);
 919         }
 920         else
 921             toAdd = CertDuplicateCertificateContext(pCertContext);
 922         break;
 923     case CERT_STORE_ADD_NEWER:
 924         if (existing)
 925         {
 926             if (CompareFileTime(&existing->pCertInfo->NotBefore,
 927              &pCertContext->pCertInfo->NotBefore) >= 0)
 928             {
 929                 TRACE("existing certificate is newer, not adding\n");
 930                 SetLastError(CRYPT_E_EXISTS);
 931                 ret = FALSE;
 932             }
 933             else
 934                 toAdd = CertDuplicateCertificateContext(pCertContext);
 935         }
 936         else
 937             toAdd = CertDuplicateCertificateContext(pCertContext);
 938         break;
 939     case CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES:
 940         if (existing)
 941         {
 942             if (CompareFileTime(&existing->pCertInfo->NotBefore,
 943              &pCertContext->pCertInfo->NotBefore) >= 0)
 944             {
 945                 TRACE("existing certificate is newer, not adding\n");
 946                 SetLastError(CRYPT_E_EXISTS);
 947                 ret = FALSE;
 948             }
 949             else
 950             {
 951                 toAdd = CertDuplicateCertificateContext(pCertContext);
 952                 CertContext_CopyProperties(toAdd, existing);
 953             }
 954         }
 955         else
 956             toAdd = CertDuplicateCertificateContext(pCertContext);
 957         break;
 958     }
 959
 960     if (toAdd)
 961     {
 962         if (store)
 963             ret = store->certs.addContext(store, (void *)toAdd,
 964              (void *)existing, (const void **)ppStoreContext);
 965         else if (ppStoreContext)
 966             *ppStoreContext = CertDuplicateCertificateContext(toAdd);
 967         CertFreeCertificateContext(toAdd);
 968     }
 969     CertFreeCertificateContext(existing);
 970
 971     TRACE("returning %d\n", ret);
 972     return ret;
 973 }
 974
 975 PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore(HCERTSTORE hCertStore,
 976  PCCERT_CONTEXT pPrev)
 977 {
 978     WINECRYPT_CERTSTORE *hcs = hCertStore;
 979     PCCERT_CONTEXT ret;
 980
 981     TRACE("(%p, %p)\n", hCertStore, pPrev);
 982     if (!hCertStore)
 983         ret = NULL;
 984     else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
 985         ret = NULL;
 986     else
 987         ret = (PCCERT_CONTEXT)hcs->certs.enumContext(hcs, (void *)pPrev);
 988     return ret;
 989 }
 990
 991 BOOL WINAPI CertDeleteCertificateFromStore(PCCERT_CONTEXT pCertContext)
 992 {
 993     BOOL ret;
 994
 995     TRACE("(%p)\n", pCertContext);
 996
 997     if (!pCertContext)
 998         ret = TRUE;
 999     else if (!pCertContext->hCertStore)
1000         ret = CertFreeCertificateContext(pCertContext);
1001     else
1002     {
1003         PWINECRYPT_CERTSTORE hcs = pCertContext->hCertStore;
1004
1005         if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
1006             ret = FALSE;
1007         else
1008             ret = hcs->certs.deleteContext(hcs, (void *)pCertContext);
1009         if (ret)
1010             ret = CertFreeCertificateContext(pCertContext);
1011     }
1012     return ret;
1013 }
1014
1015 #define CrlContext_CopyProperties(to, from) \
1016  Context_CopyProperties((to), (from), sizeof(CRL_CONTEXT))
1017
1018 BOOL WINAPI CertAddCRLContextToStore(HCERTSTORE hCertStore,
1019  PCCRL_CONTEXT pCrlContext, DWORD dwAddDisposition,
1020  PCCRL_CONTEXT* ppStoreContext)
1021 {
1022     PWINECRYPT_CERTSTORE store = hCertStore;
1023     BOOL ret = TRUE;
1024     PCCRL_CONTEXT toAdd = NULL, existing = NULL;
1025
1026     TRACE("(%p, %p, %08x, %p)\n", hCertStore, pCrlContext,
1027      dwAddDisposition, ppStoreContext);
1028
1029     /* Weird case to pass a test */
1030     if (dwAddDisposition == 0)
1031     {
1032         SetLastError(STATUS_ACCESS_VIOLATION);
1033         return FALSE;
1034     }
1035     if (dwAddDisposition != CERT_STORE_ADD_ALWAYS)
1036     {
1037         existing = CertFindCRLInStore(hCertStore, 0, 0, CRL_FIND_EXISTING,
1038          pCrlContext, NULL);
1039     }
1040
1041     switch (dwAddDisposition)
1042     {
1043     case CERT_STORE_ADD_ALWAYS:
1044         toAdd = CertDuplicateCRLContext(pCrlContext);
1045         break;
1046     case CERT_STORE_ADD_NEW:
1047         if (existing)
1048         {
1049             TRACE("found matching CRL, not adding\n");
1050             SetLastError(CRYPT_E_EXISTS);
1051             ret = FALSE;
1052         }
1053         else
1054             toAdd = CertDuplicateCRLContext(pCrlContext);
1055         break;
1056     case CERT_STORE_ADD_NEWER:
1057         if (existing)
1058         {
1059             LONG newer = CompareFileTime(&existing->pCrlInfo->ThisUpdate,
1060              &pCrlContext->pCrlInfo->ThisUpdate);
1061
1062             if (newer < 0)
1063                 toAdd = CertDuplicateCRLContext(pCrlContext);
1064             else
1065             {
1066                 TRACE("existing CRL is newer, not adding\n");
1067                 SetLastError(CRYPT_E_EXISTS);
1068                 ret = FALSE;
1069             }
1070         }
1071         else
1072             toAdd = CertDuplicateCRLContext(pCrlContext);
1073         break;
1074     case CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES:
1075         if (existing)
1076         {
1077             LONG newer = CompareFileTime(&existing->pCrlInfo->ThisUpdate,
1078              &pCrlContext->pCrlInfo->ThisUpdate);
1079
1080             if (newer < 0)
1081             {
1082                 toAdd = CertDuplicateCRLContext(pCrlContext);
1083                 CrlContext_CopyProperties(toAdd, existing);
1084             }
1085             else
1086             {
1087                 TRACE("existing CRL is newer, not adding\n");
1088                 SetLastError(CRYPT_E_EXISTS);
1089                 ret = FALSE;
1090             }
1091         }
1092         else
1093             toAdd = CertDuplicateCRLContext(pCrlContext);
1094         break;
1095     case CERT_STORE_ADD_REPLACE_EXISTING:
1096         toAdd = CertDuplicateCRLContext(pCrlContext);
1097         break;
1098     case CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES:
1099         toAdd = CertDuplicateCRLContext(pCrlContext);
1100         if (existing)
1101             CrlContext_CopyProperties(toAdd, existing);
1102         break;
1103     case CERT_STORE_ADD_USE_EXISTING:
1104         if (existing)
1105         {
1106             CrlContext_CopyProperties(existing, pCrlContext);
1107             if (ppStoreContext)
1108                 *ppStoreContext = CertDuplicateCRLContext(existing);
1109         }
1110         else
1111             toAdd = CertDuplicateCRLContext(pCrlContext);
1112         break;
1113     default:
1114         FIXME("Unimplemented add disposition %d\n", dwAddDisposition);
1115         ret = FALSE;
1116     }
1117
1118     if (toAdd)
1119     {
1120         if (store)
1121             ret = store->crls.addContext(store, (void *)toAdd,
1122              (void *)existing, (const void **)ppStoreContext);
1123         else if (ppStoreContext)
1124             *ppStoreContext = CertDuplicateCRLContext(toAdd);
1125         CertFreeCRLContext(toAdd);
1126     }
1127     CertFreeCRLContext(existing);
1128
1129     TRACE("returning %d\n", ret);
1130     return ret;
1131 }
1132
1133 BOOL WINAPI CertDeleteCRLFromStore(PCCRL_CONTEXT pCrlContext)
1134 {
1135     BOOL ret;
1136
1137     TRACE("(%p)\n", pCrlContext);
1138
1139     if (!pCrlContext)
1140         ret = TRUE;
1141     else if (!pCrlContext->hCertStore)
1142         ret = CertFreeCRLContext(pCrlContext);
1143     else
1144     {
1145         PWINECRYPT_CERTSTORE hcs = pCrlContext->hCertStore;
1146
1147         if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
1148             ret = FALSE;
1149         else
1150             ret = hcs->crls.deleteContext(hcs, (void *)pCrlContext);
1151         if (ret)
1152             ret = CertFreeCRLContext(pCrlContext);
1153     }
1154     return ret;
1155 }
1156
1157 PCCRL_CONTEXT WINAPI CertEnumCRLsInStore(HCERTSTORE hCertStore,
1158  PCCRL_CONTEXT pPrev)
1159 {
1160     WINECRYPT_CERTSTORE *hcs = hCertStore;
1161     PCCRL_CONTEXT ret;
1162
1163     TRACE("(%p, %p)\n", hCertStore, pPrev);
1164     if (!hCertStore)
1165         ret = NULL;
1166     else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
1167         ret = NULL;
1168     else
1169         ret = (PCCRL_CONTEXT)hcs->crls.enumContext(hcs, (void *)pPrev);
1170     return ret;
1171 }
1172
1173 HCERTSTORE WINAPI CertDuplicateStore(HCERTSTORE hCertStore)
1174 {
1175     WINECRYPT_CERTSTORE *hcs = hCertStore;
1176
1177     TRACE("(%p)\n", hCertStore);
1178
1179     if (hcs && hcs->dwMagic == WINE_CRYPTCERTSTORE_MAGIC)
1180         InterlockedIncrement(&hcs->ref);
1181     return hCertStore;
1182 }
1183
1184 BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
1185 {
1186     WINECRYPT_CERTSTORE *hcs = hCertStore;
1187
1188     TRACE("(%p, %08x)\n", hCertStore, dwFlags);
1189
1190     if( ! hCertStore )
1191         return TRUE;
1192
1193     if ( hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC )
1194         return FALSE;
1195
1196     if (hcs->ref <= 0)
1197         ERR("%p's ref count is %d\n", hcs, hcs->ref);
1198     if (InterlockedDecrement(&hcs->ref) == 0)
1199     {
1200         TRACE("%p's ref count is 0, freeing\n", hcs);
1201         hcs->dwMagic = 0;
1202         hcs->closeStore(hcs, dwFlags);
1203     }
1204     else
1205         TRACE("%p's ref count is %d\n", hcs, hcs->ref);
1206     return TRUE;
1207 }
1208
1209 BOOL WINAPI CertControlStore(HCERTSTORE hCertStore, DWORD dwFlags,
1210  DWORD dwCtrlType, void const *pvCtrlPara)
1211 {
1212     WINECRYPT_CERTSTORE *hcs = hCertStore;
1213     BOOL ret;
1214
1215     TRACE("(%p, %08x, %d, %p)\n", hCertStore, dwFlags, dwCtrlType,
1216      pvCtrlPara);
1217
1218     if (!hcs)
1219         ret = FALSE;
1220     else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
1221         ret = FALSE;
1222     else
1223     {
1224         if (hcs->control)
1225             ret = hcs->control(hCertStore, dwFlags, dwCtrlType, pvCtrlPara);
1226         else
1227             ret = TRUE;
1228     }
1229     return ret;
1230 }
1231
1232 BOOL WINAPI CertGetStoreProperty(HCERTSTORE hCertStore, DWORD dwPropId,
1233  void *pvData, DWORD *pcbData)
1234 {
1235     PWINECRYPT_CERTSTORE store = hCertStore;
1236     BOOL ret = FALSE;
1237
1238     TRACE("(%p, %d, %p, %p)\n", hCertStore, dwPropId, pvData, pcbData);
1239
1240     switch (dwPropId)
1241     {
1242     case CERT_ACCESS_STATE_PROP_ID:
1243         if (!pvData)
1244         {
1245             *pcbData = sizeof(DWORD);
1246             ret = TRUE;
1247         }
1248         else if (*pcbData < sizeof(DWORD))
1249         {
1250             SetLastError(ERROR_MORE_DATA);
1251             *pcbData = sizeof(DWORD);
1252         }
1253         else
1254         {
1255             DWORD state = 0;
1256
1257             if (store->type != StoreTypeMem &&
1258              !(store->dwOpenFlags & CERT_STORE_READONLY_FLAG))
1259                 state |= CERT_ACCESS_STATE_WRITE_PERSIST_FLAG;
1260             *(DWORD *)pvData = state;
1261             ret = TRUE;
1262         }
1263         break;
1264     default:
1265         if (store->properties)
1266         {
1267             CRYPT_DATA_BLOB blob;
1268
1269             ret = ContextPropertyList_FindProperty(store->properties, dwPropId,
1270              &blob);
1271             if (ret)
1272             {
1273                 if (!pvData)
1274                     *pcbData = blob.cbData;
1275                 else if (*pcbData < blob.cbData)
1276                 {
1277                     SetLastError(ERROR_MORE_DATA);
1278                     *pcbData = blob.cbData;
1279                     ret = FALSE;
1280                 }
1281                 else
1282                 {
1283                     memcpy(pvData, blob.pbData, blob.cbData);
1284                     *pcbData = blob.cbData;
1285                 }
1286             }
1287             else
1288                 SetLastError(CRYPT_E_NOT_FOUND);
1289         }
1290         else
1291             SetLastError(CRYPT_E_NOT_FOUND);
1292     }
1293     return ret;
1294 }
1295
1296 BOOL WINAPI CertSetStoreProperty(HCERTSTORE hCertStore, DWORD dwPropId,
1297  DWORD dwFlags, const void *pvData)
1298 {
1299     PWINECRYPT_CERTSTORE store = hCertStore;
1300     BOOL ret = FALSE;
1301
1302     TRACE("(%p, %d, %08x, %p)\n", hCertStore, dwPropId, dwFlags, pvData);
1303
1304     if (!store->properties)
1305         store->properties = ContextPropertyList_Create();
1306     switch (dwPropId)
1307     {
1308     case CERT_ACCESS_STATE_PROP_ID:
1309         SetLastError(E_INVALIDARG);
1310         break;
1311     default:
1312         if (pvData)
1313         {
1314             const CRYPT_DATA_BLOB *blob = pvData;
1315
1316             ret = ContextPropertyList_SetProperty(store->properties, dwPropId,
1317              blob->pbData, blob->cbData);
1318         }
1319         else
1320         {
1321             ContextPropertyList_RemoveProperty(store->properties, dwPropId);
1322             ret = TRUE;
1323         }
1324     }
1325     return ret;
1326 }
1327
1328 static LONG CRYPT_OpenParentStore(DWORD dwFlags,
1329     void *pvSystemStoreLocationPara, HKEY *key)
1330 {
1331     HKEY root;
1332     LPCWSTR base;
1333
1334     TRACE("(%08x, %p)\n", dwFlags, pvSystemStoreLocationPara);
1335
1336     switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
1337     {
1338     case CERT_SYSTEM_STORE_LOCAL_MACHINE:
1339         root = HKEY_LOCAL_MACHINE;
1340         base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
1341         break;
1342     case CERT_SYSTEM_STORE_CURRENT_USER:
1343         root = HKEY_CURRENT_USER;
1344         base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
1345         break;
1346     case CERT_SYSTEM_STORE_CURRENT_SERVICE:
1347         /* hklm\Software\Microsoft\Cryptography\Services\servicename\
1348          * SystemCertificates
1349          */
1350         FIXME("CERT_SYSTEM_STORE_CURRENT_SERVICE\n");
1351         return ERROR_FILE_NOT_FOUND;
1352     case CERT_SYSTEM_STORE_SERVICES:
1353         /* hklm\Software\Microsoft\Cryptography\Services\servicename\
1354          * SystemCertificates
1355          */
1356         FIXME("CERT_SYSTEM_STORE_SERVICES\n");
1357         return ERROR_FILE_NOT_FOUND;
1358     case CERT_SYSTEM_STORE_USERS:
1359         /* hku\user sid\Software\Microsoft\SystemCertificates */
1360         FIXME("CERT_SYSTEM_STORE_USERS\n");
1361         return ERROR_FILE_NOT_FOUND;
1362     case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
1363         root = HKEY_CURRENT_USER;
1364         base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
1365         break;
1366     case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
1367         root = HKEY_LOCAL_MACHINE;
1368         base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
1369         break;
1370     case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
1371         /* hklm\Software\Microsoft\EnterpriseCertificates */
1372         FIXME("CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE\n");
1373         return ERROR_FILE_NOT_FOUND;
1374     default:
1375         return ERROR_FILE_NOT_FOUND;
1376     }
1377
1378     return RegOpenKeyExW(root, base, 0, KEY_READ, key);
1379 }
1380
1381 BOOL WINAPI CertEnumSystemStore(DWORD dwFlags, void *pvSystemStoreLocationPara,
1382     void *pvArg, PFN_CERT_ENUM_SYSTEM_STORE pfnEnum)
1383 {
1384     BOOL ret = FALSE;
1385     LONG rc;
1386     HKEY key;
1387     CERT_SYSTEM_STORE_INFO info = { sizeof(info) };
1388
1389     TRACE("(%08x, %p, %p, %p)\n", dwFlags, pvSystemStoreLocationPara, pvArg,
1390         pfnEnum);
1391
1392     rc = CRYPT_OpenParentStore(dwFlags, pvArg, &key);
1393     if (!rc)
1394     {
1395         DWORD index = 0;
1396
1397         ret = TRUE;
1398         do {
1399             WCHAR name[MAX_PATH];
1400             DWORD size = sizeof(name) / sizeof(name[0]);
1401
1402             rc = RegEnumKeyExW(key, index++, name, &size, NULL, NULL, NULL,
1403                 NULL);
1404             if (!rc)
1405                 ret = pfnEnum(name, dwFlags, &info, NULL, pvArg);
1406         } while (ret && !rc);
1407         if (ret && rc != ERROR_NO_MORE_ITEMS)
1408             SetLastError(rc);
1409     }
1410     else
1411         SetLastError(rc);
1412     /* Include root store for the local machine location (it isn't in the
1413      * registry)
1414      */
1415     if (ret && (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK) ==
1416      CERT_SYSTEM_STORE_LOCAL_MACHINE)
1417         ret = pfnEnum(rootW, dwFlags, &info, NULL, pvArg);
1418     return ret;
1419 }
1420
1421 BOOL WINAPI CertEnumPhysicalStore(const void *pvSystemStore, DWORD dwFlags,
1422  void *pvArg, PFN_CERT_ENUM_PHYSICAL_STORE pfnEnum)
1423 {
1424     if (dwFlags & CERT_SYSTEM_STORE_RELOCATE_FLAG)
1425         FIXME("(%p, %08x, %p, %p): stub\n", pvSystemStore, dwFlags, pvArg,
1426          pfnEnum);
1427     else
1428         FIXME("(%s, %08x, %p, %p): stub\n", debugstr_w(pvSystemStore),
1429          dwFlags, pvArg,
1430          pfnEnum);
1431     return FALSE;
1432 }