void KeyShare::CheckPath()
{
QDir key_path(_path, "*.pub");
foreach(const QString &key_name, key_path.entryList()) {
QString path = _path + "/" + key_name;
QFile key_file(path);
key_file.open(QIODevice::ReadOnly);
QSharedPointer<QSslCertificate> cert(new QSslCertificate(&key_file, QSsl::Der));
QSslKey pubkey = cert->publicKey();
QSharedPointer<AsymmetricKey> key(new DsaPublicKey(pubkey.toDer()));
if(!key->IsValid()) {
qDebug() << "Invalid key:" << path;
continue;
}
QString name = key_name.left(key_name.length() - 4);
AddCertificate(name, cert);
}
}
static HRESULT InstallCertificatePackage(
__in HCERTSTORE hStore,
__in BOOL fUserCertificateStore,
__in LPCWSTR wzName,
__in_opt BYTE* rgbData,
__in DWORD cbData,
__in BOOL fVital,
__in_opt LPCWSTR wzPFXPassword
)
{
HRESULT hr = S_OK;
HCERTSTORE hPfxCertStore = NULL;
PCCERT_CONTEXT pCertContext = NULL;
CERT_BLOB blob = { 0 };
DWORD dwKeyset = fUserCertificateStore ? CRYPT_USER_KEYSET : CRYPT_MACHINE_KEYSET;
DWORD dwEncodingType;
DWORD dwContentType;
DWORD dwFormatType;
LPWSTR pwzUniqueName = NULL;
int iUniqueId = 0;
// Figure out what type of blob (certificate or PFX) we're dealing with here.
blob.pbData = rgbData;
blob.cbData = cbData;
if (!::CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &blob, CERT_QUERY_CONTENT_FLAG_ALL, CERT_QUERY_FORMAT_FLAG_ALL, 0, &dwEncodingType, &dwContentType, &dwFormatType, NULL, NULL, (LPCVOID*)&pCertContext))
{
ExitWithLastError1(hr, "Failed to parse the certificate blob: %ls", wzName);
}
hr = StrAllocFormatted(&pwzUniqueName, L"%s_wixCert_%d", wzName, ++iUniqueId);
ExitOnFailure(hr, "Failed to format unique name");
if (!pCertContext)
{
// If we have a PFX blob, get the first certificate out of the PFX and use that instead of the PFX.
if (dwContentType & CERT_QUERY_CONTENT_PFX)
{
ExitOnNull(wzPFXPassword, hr, E_INVALIDARG, "Failed to import PFX blob because no password was provided");
// If we fail and our password is blank, also try passing in NULL for the password (according to the docs)
hPfxCertStore = ::PFXImportCertStore((CRYPT_DATA_BLOB*)&blob, wzPFXPassword, dwKeyset);
if (NULL == hPfxCertStore && !*wzPFXPassword)
{
hPfxCertStore = ::PFXImportCertStore((CRYPT_DATA_BLOB*)&blob, NULL, dwKeyset);
}
ExitOnNullWithLastError(hPfxCertStore, hr, "Failed to open PFX file.");
// Install all certificates in the PFX
for (pCertContext = ::CertEnumCertificatesInStore(hPfxCertStore, pCertContext);
pCertContext;
pCertContext = ::CertEnumCertificatesInStore(hPfxCertStore, pCertContext))
{
hr = AddCertificate(hStore, pCertContext, pwzUniqueName, fVital);
MessageExitOnFailure(hr, msierrCERTFailedAdd, "Failed to add certificate to the store.");
hr = StrAllocFormatted(&pwzUniqueName, L"%s_wixCert_%d", wzName, ++iUniqueId);
ExitOnFailure(hr, "Failed to format unique name");
}
}
else
{
hr = E_UNEXPECTED;
ExitOnFailure(hr, "Unexpected certificate type processed.");
}
}
else
{
hr = AddCertificate(hStore, pCertContext, pwzUniqueName, fVital);
MessageExitOnFailure(hr, msierrCERTFailedAdd, "Failed to add certificate to the store.");
}
hr = WcaProgressMessage(COST_CERT_ADD, FALSE);
ExitOnFailure(hr, "Failed to send install progress message.");
LExit:
ReleaseStr(pwzUniqueName);
if (pCertContext)
{
::CertFreeCertificateContext(pCertContext);
}
// Close the stores after the context's are released.
if (hPfxCertStore)
{
if (!::CertCloseStore(hPfxCertStore, CERT_CLOSE_STORE_CHECK_FLAG))
{
WcaLog(LOGMSG_VERBOSE, "PFX cert store was closed but not all resources were freed. Error 0x%x", GetLastError());
}
}
return hr;
}
