[SANTUARIO-461] Internal key store should be deleted on any CryptoAcquireContext() error - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: C++ 1.7.2, C++ 1.7.3
Fix Version/s: C++ 2.0.0
Component/s: C++
Labels:
None
Environment:
Windows 10, VS2015 Update 3

Description

In the WinCAPICryptoProvider constructor, if CryptAcquireContext fails when obtaining the internal key store, it only calls CryptAcquireContext again with the CRYPT_DELETEKEYSET option if the error encountered was NTE_BAD_KEYSET. We have seen this API fail with error NTE_KEYSET_ENTRY_BAD as well, but in that case, the key store is not deleted and the initialization fails. Why not just call CryptAcquireContext with the CRYPT_DELETEKEYSET option if any error is encountered (not just NTE_BAD_KEYSET) since the code block tries to subsequently re-create the key store anyway?

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

WinCAPICryptoProvider.cpp
05/Jan/17 20:31
9 kB
Craig Brett

Activity

People

Assignee:: Scott Cantor

Reporter:: Craig Brett

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 05/Jan/17 19:52

Updated:: 27/Jun/18 15:28

Resolved:: 01/Sep/17 23:33