-
Notifications
You must be signed in to change notification settings - Fork 790
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
win32crypt.CryptQueryObject not populating CertContext correctly when using AKV .cer file #1859
Comments
This is due to the commented code at pywin32/win32/src/win32crypt/win32cryptmodule.cpp Lines 1097 to 1111 in 3ac6ddc
I'm getting an auth error trying to get them, but if I can get access and verify they work I can probably fix at least one of the cases commented out. It would be ideal if you know how to get a cert to test the other commented case too! |
(oh, and ideally permission to check the certs into the repo so I can add a test) |
Ah yea didn't realize that link didn't work but good catch on the commented-out bits. You should be able to download them from: You should be good to check them in for testing as they were solely made for this repro. |
(custom2.cer) When calling this function with a locally generated .cer file, it properly fully populates the dictionary as such
{'MsgAndCertEncodingType': 1, 'ContentType': 1, 'FormatType': 1, 'CertStore': <PyCERTSTORE object at 0x000002860D6F9E00>, 'Msg': None, 'Context': <PyCERT_CONTEXT object at 0x000002860D6F9DD0>}
(PEM_67ae84c1718440f4a89ace79a22e262d.cer) When a certificate is generated from Azure Key Vault and then downloaded as a .cer, the given output does not populate its context instead just having what is likely the pointer.
{'MsgAndCertEncodingType': 1, 'ContentType': 1, 'FormatType': 2, 'CertStore': <PyCERTSTORE object at 0x0000020ABC8C3A90>, 'Msg': None, 'Context': 2245136194336}
I have provided cert.py and the two certificates mentioned at https://teststoragebrklein.blob.core.windows.net/pywin32crypto?sp=r&st=2022-04-13T21:29:17Z&se=2022-05-01T05:29:17Z&spr=https&sv=2020-08-04&sr=c&sig=ySVJ82Fr0oE48wV8y0JyeQDeb52yWmWIYHdUkAueFDc%3D
Additionally wrote a simple C# solution also utilizing C interop which works fine which makes me think this is either a pywin32 or python issue.
Python 3.8.6
python -m pip freeze
pypiwin32==223
pywin32==303
The text was updated successfully, but these errors were encountered: