https://issues.apache.org/jira/browse/SANTUARIO-378
git-svn-id: https://svn.apache.org/repos/asf/santuario/xml-security-cpp/trunk@1655511 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/xsec/enc/WinCAPI/WinCAPICryptoProvider.cpp b/xsec/enc/WinCAPI/WinCAPICryptoProvider.cpp
index 3daf6bf..8069a0c 100644
--- a/xsec/enc/WinCAPI/WinCAPICryptoProvider.cpp
+++ b/xsec/enc/WinCAPI/WinCAPICryptoProvider.cpp
@@ -71,7 +71,7 @@
PROV_RSA_AES,
CRYPT_VERIFYCONTEXT))
{
- // Check of we maybe don't understand AES
+ // Check if we maybe don't understand AES
DWORD error = GetLastError();
if (error == NTE_PROV_TYPE_NOT_DEF || error == 0) {
@@ -130,8 +130,13 @@
m_provRSAType,
dwFlags | CRYPT_NEWKEYSET)) {
- throw XSECException(XSECException::InternalError,
- "WinCAPICryptoProvider() - Error obtaining generating internal key store for PROV_RSA_FULL");
+ // Prevents failure on mandatory profiles, see SANTUARIO-378.
+ if (GetLastError() != NTE_TEMPORARY_PROFILE) {
+ throw XSECException(XSECException::InternalError,
+ "WinCAPICryptoProvider() - Error obtaining generating internal key store for PROV_RSA_FULL");
+ } else {
+ m_provApacheKeyStore = NULL;
+ }
}
else {
HCRYPTKEY k;
@@ -162,7 +167,9 @@
CryptReleaseContext(m_provRSA, 0);
CryptReleaseContext(m_provDSS, 0);
- CryptReleaseContext(m_provApacheKeyStore, 0);
+ if (m_provApacheKeyStore) {
+ CryptReleaseContext(m_provApacheKeyStore, 0);
+ }
}