Uploaded image for project: 'Santuario'
  1. Santuario
  2. SANTUARIO-461

Internal key store should be deleted on any CryptoAcquireContext() error

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: C++ 1.7.2, C++ 1.7.3
    • Fix Version/s: C++ 2.0.0
    • Component/s: C++
    • Labels:
      None
    • Environment:
      Windows 10, VS2015 Update 3

      Description

      In the WinCAPICryptoProvider constructor, if CryptAcquireContext fails when obtaining the internal key store, it only calls CryptAcquireContext again with the CRYPT_DELETEKEYSET option if the error encountered was NTE_BAD_KEYSET. We have seen this API fail with error NTE_KEYSET_ENTRY_BAD as well, but in that case, the key store is not deleted and the initialization fails. Why not just call CryptAcquireContext with the CRYPT_DELETEKEYSET option if any error is encountered (not just NTE_BAD_KEYSET) since the code block tries to subsequently re-create the key store anyway?

        Attachments

        1. WinCAPICryptoProvider.cpp
          9 kB
          Craig Brett

          Activity

            People

            • Assignee:
              scantor Scott Cantor
              Reporter:
              cbrett Craig Brett
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: