https://bugs.freedesktop.org/show_bug.cgi?id=87030
--- Comment #7 from Tor Lillqvist <t...@iki.fi> --- For what it's worth, I distilled the code for signing down to a minimal freestanding test program, and get the same error, "CryptSignHash failed: Keyset does not exist". (Build with "cl -MD sign.c" in a "VS2013 x64 Native Tools Command Prompt".) #include <cassert> #include <iostream> #include <windows.h> #include <wincrypt.h> #define SAL_WARN(tag,stream) std::cerr << stream << std::endl #define SAL_INFO(tag,stream) std::cerr << stream << std::endl #define OUString(s) s static char *WindowsError(DWORD nErrorCode) { LPSTR pMsgBuf; if (FormatMessageA(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM, NULL, nErrorCode, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPSTR)&pMsgBuf, 0, NULL) == 0) return "unknown"; if (pMsgBuf[strlen(pMsgBuf)-1] == '\n') pMsgBuf[strlen(pMsgBuf)-1] = '\0'; return pMsgBuf; } static bool foo () { HCERTSTORE hCertStore = CertOpenSystemStore(NULL, "MY"); if (!hCertStore) { SAL_WARN("vcl.pdfwriter", "CertOpenSystemStore failed: " << WindowsError(GetLastError())); return false; } PCCERT_CONTEXT pCertContext = CertFindCertificateInStore(hCertStore, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, 0, CERT_FIND_SUBJECT_STR, (const void*) L"collabora-dev-softto...@wilhelmtux.ch" , NULL); if (pCertContext == NULL) { SAL_WARN("vcl.pdfwriter", "CertFindCertificateInStore failed: " << WindowsError(GetLastError())); return false; } DWORD nProperty(0); bool first(true); while ((nProperty = CertEnumCertificateContextProperties(pCertContext, nProperty)) != 0) { if (first) SAL_INFO("vcl.pdfwriter", "Certificate context properties:"); first = false; #if 0 DWORD nSize(0); if (!CertGetCertificateContextProperty(pCertContext, nProperty, NULL, &nSize)) SAL_INFO("vcl.pdfwriter", " " << "(missing?) " << std::hex << nProperty); else { boost::scoped_array<char> aData(new char[nSize]); if (!CertGetCertificateContextProperty(pCertContext, nProperty, aData.get(), &nSize)) SAL_INFO("vcl.pdfwriter", " " << "(missing?) " << std::hex:: << nProperty); else SAL_INFO("vcl.pdfwriter", " " << CertificatePropertyNameAndData(nProperty, aData, nSize)); } #else SAL_INFO("vcl.pdfwriter", " " << nProperty); #endif } HCRYPTPROV hCryptProvider; if (!CryptAcquireContext(&hCryptProvider, NULL, MS_ENH_RSA_AES_PROV, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) { SAL_WARN("vcl.pdfwriter", "CryptAcquireContext failed: " << WindowsError(GetLastError())); CertFreeCertificateContext(pCertContext); return false; } HCRYPTHASH hHash; if (!CryptCreateHash(hCryptProvider, CALG_SHA1, 0, 0, &hHash)) { SAL_WARN("vcl.pdfwriter", "CryptCreateHash failed: " << WindowsError(GetLastError())); CryptReleaseContext(hCryptProvider, 0); CertFreeCertificateContext(pCertContext); return false; } DWORD nHashSize; DWORD nHashSizeLen(sizeof(DWORD)); if (!CryptGetHashParam(hHash, HP_HASHSIZE, reinterpret_cast<BYTE *>(&nHashSize), &nHashSizeLen, 0)) { SAL_WARN("vcl.pdfwriter", "CryptGetHashParam failed: " << WindowsError(GetLastError())); CryptDestroyHash(hHash); CryptReleaseContext(hCryptProvider, 0); CertFreeCertificateContext(pCertContext); return false; } assert(nHashSizeLen == sizeof(DWORD)); assert(nHashSize == 20); //FIXME: Check if SHA1 is calculated from the correct byterange if (!CryptHashData(hHash, reinterpret_cast<const BYTE *>(foo), 2000, 0)) { SAL_WARN("vcl.pdfwriter", "CryptHashData failed: " << WindowsError(GetLastError())); CryptDestroyHash(hHash); CryptReleaseContext(hCryptProvider, 0); CertFreeCertificateContext(pCertContext); return false; } #if 0 // We don't actualy need the hash bytes unsigned char aHash[20]; if (!CryptGetHashParam(hHash, HP_HASHVAL, aHash, &nHashSize, 0)) { SAL_WARN("vcl.pdfwriter", "CryptGetHashParam failed: " << WindowsError(GetLastError())); CryptDestroyHash(hHash); CryptReleaseContext(hCryptProvider, 0); CertFreeCertificateContext(pCertContext); return false; } if (nHashSize != 20) { SAL_WARN("vcl.pdfwriter", "CryptGetHashParam returned unexpected size hash value: " << nHashSize); CryptDestroyHash(hHash); CryptReleaseContext(hCryptProvider, 0); CertFreeCertificateContext(pCertContext); return false; } #endif HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey; DWORD nKeySpecType; BOOL bMustFree; if (!CryptAcquireCertificatePrivateKey(pCertContext, 0, NULL, &hCryptProvOrNCryptKey, &nKeySpecType, &bMustFree)) { SAL_WARN("vcl.pdfwriter", "CryptAcquireCertificatePrivateKey failed: " << WindowsError(GetLastError())); CryptDestroyHash(hHash); CryptReleaseContext(hCryptProvider, 0); CertFreeCertificateContext(pCertContext); return false; } SAL_INFO("vcl.pdfwriter", "Certificate has private key that is " << (nKeySpecType == AT_KEYEXCHANGE ? OUString("for key exchange") : (nKeySpecType == AT_SIGNATURE ? OUString("for signatures") : (nKeySpecType == CERT_NCRYPT_KEY_SPEC ? OUString("a CNG key, whatever that is") : OUString("unknown type"))))); DWORD nSigLen(0); if (!CryptSignHash(hHash, nKeySpecType, NULL, CRYPT_NOHASHOID, NULL, &nSigLen)) { SAL_WARN("vcl.pdfwriter", "CryptSignHash failed: " << WindowsError(GetLastError())); CryptDestroyHash(hHash); CryptReleaseContext(hCryptProvider, 0); CertFreeCertificateContext(pCertContext); return false; } auto pSig(new BYTE[nSigLen]); if (!CryptSignHash(hHash, nKeySpecType, NULL, CRYPT_NOHASHOID, pSig, &nSigLen)) { SAL_WARN("vcl.pdfwriter", "CryptSignHash failed: " << WindowsError(GetLastError())); CryptDestroyHash(hHash); CryptReleaseContext(hCryptProvider, 0); CertFreeCertificateContext(pCertContext); return false; } // Release resources CryptDestroyHash(hHash); CryptReleaseContext(hCryptProvider, 0); CertFreeCertificateContext(pCertContext); return true; } int main (int argc, char **argv) { return foo() ? 0 : 1; } -- You are receiving this mail because: You are the assignee for the bug.
_______________________________________________ Libreoffice-bugs mailing list Libreoffice-bugs@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs