lsh123 · lsh123 · Feb 23, 2023 · Feb 23, 2023 · Feb 23, 2023
diff --git a/src/gnutls/app.c b/src/gnutls/app.c
@@ -270,38 +270,64 @@ xmlSecGnuTLSAppKeyCertLoad(xmlSecKeyPtr key, const char* filename,
  */
 int
 xmlSecGnuTLSAppKeyCertLoadMemory(xmlSecKeyPtr key,
-                                 const xmlSecByte* data,
-                                 xmlSecSize dataSize,
-                                 xmlSecKeyDataFormat format) {
-    gnutls_x509_crt_t cert;
+    const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format)
+{
+    gnutls_x509_crt_t cert = NULL;
+    gnutls_x509_crt_t keyCert = NULL;
     xmlSecKeyDataPtr keyData;
     int ret;
+    int res = -1;
 
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(dataSize > 0, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
+    /* read cert and make a copy for the keyCert */
+    cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
+    if(cert == NULL) {
+        xmlSecInternalError("xmlSecGnuTLSX509CertRead", NULL);
+        goto done;
+    }
+
+    keyCert = xmlSecGnuTLSX509CertDup(cert);
+    if(keyCert == NULL) {
+        xmlSecInternalError("xmlSecGnuTLSX509CertDup", NULL);
+        goto done;
+    }
+
+    /* add both cert and keyCert to the keyData */
     keyData = xmlSecKeyEnsureData(key, xmlSecGnuTLSKeyDataX509Id);
     if(keyData == NULL) {
         xmlSecInternalError("xmlSecKeyEnsureData", NULL);
-        return(-1);
+        goto done;
     }
 
-    cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
-    if(cert == NULL) {
-        xmlSecInternalError("xmlSecGnuTLSX509CertRead", NULL);
-        return(-1);
+    ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(keyData, keyCert);
+    if(ret < 0) {
+        xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptKeyCert", NULL);
+        goto done;
     }
+    keyCert = NULL; /* owned by keyData now */
 
     ret = xmlSecGnuTLSKeyDataX509AdoptCert(keyData, cert);
     if(ret < 0) {
         xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert", NULL);
-        gnutls_x509_crt_deinit(cert);
-        return(-1);
+        goto done;
     }
+    cert = NULL; /* owned by key data now */
 
-    return(0);
+    /* success */
+    res = 0;
+
+done:
+    if(cert != NULL) {
+        gnutls_x509_crt_deinit(cert);
+    }
+    if(keyCert != NULL) {
+        gnutls_x509_crt_deinit(keyCert);
+    }
+    return(res);
 }
 
 /**
@@ -640,20 +666,27 @@ xmlSecGnuTLSAppKeyFromCertLoadMemory(const xmlSecByte* data, xmlSecSize dataSize
     xmlSecKeyDataPtr keyData = NULL;
     xmlSecKeyDataPtr x509Data = NULL;
     gnutls_x509_crt_t cert = NULL;
+    gnutls_x509_crt_t keyCert = NULL;
     xmlSecKeyPtr res = NULL;
     int ret;
 
     xmlSecAssert2(data != NULL, NULL);
     xmlSecAssert2(dataSize > 0, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
 
-    /* read cert */
+    /* read cert and make a copy for keyCert */
     cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
     if(cert == NULL) {
         xmlSecInternalError("xmlSecGnuTLSX509CertRead", NULL);
         goto done;
     }
 
+    keyCert = xmlSecGnuTLSX509CertDup(cert);
+    if(keyCert == NULL) {
+        xmlSecInternalError("xmlSecGnuTLSX509CertDup", NULL);
+        goto done;
+    }
+
     /* create key */
     key = xmlSecKeyCreate();
     if(key == NULL) {
@@ -682,11 +715,20 @@ xmlSecGnuTLSAppKeyFromCertLoadMemory(const xmlSecByte* data, xmlSecSize dataSize
         xmlSecInternalError("xmlSecKeyEnsureData", NULL);
         goto done;
     }
-    ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(x509Data, cert);
+
+    /* add cert and key cert */
+    ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(x509Data, keyCert);
     if(ret < 0) {
         xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptKeyCert", NULL);
         goto done;
     }
+    keyCert = NULL; /* owned by x509Data now */
+
+    ret = xmlSecGnuTLSKeyDataX509AdoptCert(x509Data, cert);
+    if(ret < 0) {
+        xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert", NULL);
+        goto done;
+    }
     cert = NULL; /* owned by x509Data now */
 
     /* success */
@@ -697,6 +739,9 @@ xmlSecGnuTLSAppKeyFromCertLoadMemory(const xmlSecByte* data, xmlSecSize dataSize
     if(cert != NULL) {
         gnutls_x509_crt_deinit(cert);
     }
+    if(keyCert != NULL) {
+        gnutls_x509_crt_deinit(keyCert);
+    }
     if(keyData != NULL) {
         xmlSecKeyDataDestroy(keyData);
     }

diff --git a/src/mscng/app.c b/src/mscng/app.c
@@ -191,7 +191,8 @@ xmlSecKeyPtr
 xmlSecMSCngAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format,
                             const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
     PCCERT_CONTEXT pCert = NULL;
-    PCCERT_CONTEXT tmpcert = NULL;
+    PCCERT_CONTEXT pCertChain = NULL;
+    PCCERT_CONTEXT pKeyCert = NULL;
     xmlSecKeyDataPtr x509Data = NULL;
     xmlSecKeyDataPtr keyData = NULL;
     xmlSecKeyPtr key = NULL;
@@ -206,74 +207,89 @@ xmlSecMSCngAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecK
     UNREFERENCED_PARAMETER(pwdCallback);
     UNREFERENCED_PARAMETER(pwdCallbackCtx);
 
+    /* read cert and make a copy for cert chain and keyCert */
     XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, dwDataSize, goto done, NULL);
     pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dwDataSize);
     if(pCert == NULL) {
         xmlSecMSCngLastError("CertCreateCertificateContext", NULL);
         goto done;
     }
 
-    x509Data = xmlSecKeyDataCreate(xmlSecMSCngKeyDataX509Id);
-    if(x509Data == NULL) {
-        xmlSecInternalError("xmlSecKeyDataCreate", NULL);
+    pCertChain = CertDuplicateCertificateContext(pCert);
+    if(pCertChain == NULL) {
+        xmlSecMSCngLastError("CertDuplicateCertificateContext", NULL);
         goto done;
     }
 
-    tmpcert = CertDuplicateCertificateContext(pCert);
-    if(tmpcert == NULL) {
-        xmlSecMSCngLastError("CertDuplicateCertificateContext",
-            xmlSecKeyDataGetName(x509Data));
+    pKeyCert = CertDuplicateCertificateContext(pCert);
+    if(pKeyCert == NULL) {
+        xmlSecMSCngLastError("CertDuplicateCertificateContext", NULL);
         goto done;
     }
 
-    ret = xmlSecMSCngKeyDataX509AdoptKeyCert(x509Data, tmpcert);
-    if(ret < 0) {
-        xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptKeyCert",
+    /* create key */
+    key = xmlSecKeyCreate();
+    if(key == NULL) {
+        xmlSecInternalError("xmlSecKeyCreate",
             xmlSecKeyDataGetName(x509Data));
         goto done;
     }
-    tmpcert = NULL;
 
     keyData = xmlSecMSCngCertAdopt(pCert, xmlSecKeyDataTypePublic);
     if(keyData == NULL) {
-        xmlSecInternalError("xmlSecMSCngCertAdopt",
-            xmlSecKeyDataGetName(x509Data));
+        xmlSecInternalError("xmlSecMSCngCertAdopt", NULL);
         goto done;
     }
-    pCert = NULL;
+    pCert = NULL;  /* owned by keyData now */
 
-    key = xmlSecKeyCreate();
-    if(key == NULL) {
-        xmlSecInternalError("xmlSecKeyCreate",
-            xmlSecKeyDataGetName(x509Data));
+    ret = xmlSecKeySetValue(key, keyData);
+    if(ret < 0) {
+        xmlSecInternalError("xmlSecKeySetValue", NULL);
+        goto done;
+    }
+    keyData = NULL;
+
+   /* add cert and keyCert to x509 data and add it to the key */
+    x509Data = xmlSecKeyDataCreate(xmlSecMSCngKeyDataX509Id);
+    if(x509Data == NULL) {
+        xmlSecInternalError("xmlSecKeyDataCreate", NULL);
         goto done;
     }
 
-    ret = xmlSecKeySetValue(key, keyData);
+    ret = xmlSecMSCngKeyDataX509AdoptKeyCert(x509Data, pKeyCert);
     if(ret < 0) {
-        xmlSecInternalError("xmlSecKeySetValue",
-            xmlSecKeyDataGetName(x509Data));
+        xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptKeyCert", NULL);
         goto done;
     }
-    keyData = NULL;
+    pKeyCert = NULL; /* owned by x509Data data now */
+
+    ret = xmlSecMSCngKeyDataX509AdoptCert(x509Data, pCertChain);
+    if(ret < 0) {
+        xmlSecInternalError("xmlSecMSCngKeyDataX509AdoptCert", NULL);
+        goto done;
+    }
+    pCertChain = NULL; /* owned by x509Data data now */
 
     ret = xmlSecKeyAdoptData(key, x509Data);
     if(ret < 0) {
-        xmlSecInternalError("xmlSecKeyAdoptData",
-            xmlSecKeyDataGetName(x509Data));
+        xmlSecInternalError("xmlSecKeyAdoptData", NULL);
         goto done;
     }
     x509Data = NULL;
 
     /* success */
     res = key;
     key = NULL;
+
 done:
     if(pCert != NULL) {
         CertFreeCertificateContext(pCert);
     }
-    if(tmpcert != NULL) {
-        CertFreeCertificateContext(tmpcert);
+    if(pCertChain != NULL) {
+        CertFreeCertificateContext(pCertChain);
+    }
+    if(pKeyCert != NULL) {
+        CertFreeCertificateContext(pKeyCert);
     }
     if(x509Data != NULL) {
         xmlSecKeyDataDestroy(x509Data);

diff --git a/src/mscrypto/app.c b/src/mscrypto/app.c
@@ -368,7 +368,7 @@ xmlSecMSCryptoAppKeyCertLoad(xmlSecKeyPtr key, const char* filename,
 int
 xmlSecMSCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize,
                                    xmlSecKeyDataFormat format) {
-    PCCERT_CONTEXT pCert;
+    PCCERT_CONTEXT pCert, pKeyCert;
     xmlSecKeyDataPtr kdata;
     DWORD dwDataSize;
     int ret;
@@ -389,19 +389,39 @@ xmlSecMSCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xml
     case xmlSecKeyDataFormatDer:
     case xmlSecKeyDataFormatCertDer:
         XMLSEC_SAFE_CAST_SIZE_TO_ULONG(dataSize, dwDataSize, return(-1), NULL);
+
+        /* read cert and make a copy for key cert */
         pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dwDataSize);
         if (NULL == pCert) {
             xmlSecInternalError2("CertCreateCertificateContext", xmlSecKeyDataGetName(kdata),
                 "format=" XMLSEC_ENUM_FMT, XMLSEC_ENUM_CAST(format));
             return(-1);
         }
+        pKeyCert = CertDuplicateCertificateContext(pCert);
+        if(pKeyCert == NULL) {
+            xmlSecMSCryptoError("CertDuplicateCertificateContext", xmlSecKeyDataGetName(kdata));
+            CertFreeCertificateContext(pCert);
+            return(-1);
+        }
 
+        /* add cert and key cert */
         ret = xmlSecMSCryptoKeyDataX509AdoptCert(kdata, pCert);
         if(ret < 0) {
             xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptCert", xmlSecKeyDataGetName(kdata));
             CertFreeCertificateContext(pCert);
+            CertFreeCertificateContext(pKeyCert);
             return(-1);
         }
+        pCert = NULL; /* owned by kdata */
+
+        ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(kdata, pKeyCert);
+        if(ret < 0) {
+            xmlSecInternalError("xmlSecMSCryptoKeyDataX509AdoptKeyCert", xmlSecKeyDataGetName(kdata));
+            CertFreeCertificateContext(pKeyCert);
+            return(-1);
+        }
+        pKeyCert = NULL; /* owned by kdata */
+
         break;
     default:
         xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, xmlSecKeyDataGetName(kdata),