http://bugs.winehq.org/show_bug.cgi?id=58342
--- Comment #8 from Lars Loe madbyte@tuta.io --- (In reply to Hans Leidekker from comment #4)
(In reply to Dmitry Timoshkov from comment #3)
(In reply to Hans Leidekker from comment #2)
Created attachment 78727 [details] patch
Right, we're returning NULL for this unsupported flag but we could ignore it since it's just a preference. Something like this patch may help.
Shouldn't 'if (flags == PKCS12_PREFER_CNG_KSP)' be 'if (flags & PKCS12_PREFER_CNG_KSP)' instead?
That would accept combinations of PKCS12_PREFER_CNG_KSP and unsupported flags.
Tried your patch file with latest wine-git.
Nothing changed for cert generation, same crash log as posted above.
On cert import I get further then before, but now GnuTLS fails with:
01ac:fixme:crypt:PFXImportCertStore ignoring PKCS12_PREFER_CNG_KSP 01ac:trace:crypt:gnutls_log <3> ASSERT: ../../../lib/x509/pkcs7-crypt.c[_gnutls_pkcs_raw_decrypt_data]:1234 01ac:trace:crypt:gnutls_log <3> ASSERT: ../../../lib/x509/privkey_pkcs8.c[pkcs8_key_decrypt]:780 01ac:trace:crypt:gnutls_log <3> ASSERT: ../../../lib/x509/privkey_pkcs8.c[gnutls_x509_privkey_import_pkcs8]:1752 01ac:trace:crypt:gnutls_log <3> ASSERT: ../../../lib/x509/pkcs12.c[gnutls_pkcs12_simple_parse]:1752 GnuTLS error: Decryption failed. System.Security.Cryptography.CryptographicException: Success. at System.Security.Cryptography.X509Certificates.X509CertificateLoader.ImportPfx(ReadOnlySpan`1 data, ReadOnlySpan`1 password, X509KeyStorageFlags keyStorageFlags)
I assume this needs to be reported to the GnuTLS project instead?