| /* |
| * Copyright 2004-2006 Juan Lang |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation; either |
| * version 2.1 of the License, or (at your option) any later version. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General Public |
| * License along with this library; if not, write to the Free Software |
| * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
| */ |
| #include <stdarg.h> |
| #include "windef.h" |
| #include "winbase.h" |
| #include "wincrypt.h" |
| #include "wine/debug.h" |
| #include "excpt.h" |
| #include "wine/exception.h" |
| #include "crypt32_private.h" |
| |
| WINE_DEFAULT_DEBUG_CHANNEL(crypt); |
| |
| /* Some typedefs that make it easier to abstract which type of context we're |
| * working with. |
| */ |
| typedef const void *(WINAPI *CreateContextFunc)(DWORD dwCertEncodingType, |
| const BYTE *pbCertEncoded, DWORD cbCertEncoded); |
| typedef BOOL (WINAPI *AddContextToStoreFunc)(HCERTSTORE hCertStore, |
| const void *context, DWORD dwAddDisposition, const void **ppStoreContext); |
| typedef BOOL (WINAPI *AddEncodedContextToStoreFunc)(HCERTSTORE hCertStore, |
| DWORD dwCertEncodingType, const BYTE *pbEncoded, DWORD cbEncoded, |
| DWORD dwAddDisposition, const void **ppContext); |
| typedef const void *(WINAPI *EnumContextsInStoreFunc)(HCERTSTORE hCertStore, |
| const void *pPrevContext); |
| typedef BOOL (WINAPI *GetContextPropertyFunc)(const void *context, |
| DWORD dwPropID, void *pvData, DWORD *pcbData); |
| typedef BOOL (WINAPI *SetContextPropertyFunc)(const void *context, |
| DWORD dwPropID, DWORD dwFlags, const void *pvData); |
| typedef BOOL (WINAPI *SerializeElementFunc)(const void *context, DWORD dwFlags, |
| BYTE *pbElement, DWORD *pcbElement); |
| typedef BOOL (WINAPI *FreeContextFunc)(const void *context); |
| typedef BOOL (WINAPI *DeleteContextFunc)(const void *context); |
| |
| /* An abstract context (certificate, CRL, or CTL) interface */ |
| typedef struct _WINE_CONTEXT_INTERFACE |
| { |
| CreateContextFunc create; |
| AddContextToStoreFunc addContextToStore; |
| AddEncodedContextToStoreFunc addEncodedToStore; |
| EnumContextsInStoreFunc enumContextsInStore; |
| GetContextPropertyFunc getProp; |
| SetContextPropertyFunc setProp; |
| SerializeElementFunc serialize; |
| FreeContextFunc free; |
| DeleteContextFunc deleteFromStore; |
| } WINE_CONTEXT_INTERFACE, *PWINE_CONTEXT_INTERFACE; |
| |
| static const WINE_CONTEXT_INTERFACE gCertInterface = { |
| (CreateContextFunc)CertCreateCertificateContext, |
| (AddContextToStoreFunc)CertAddCertificateContextToStore, |
| (AddEncodedContextToStoreFunc)CertAddEncodedCertificateToStore, |
| (EnumContextsInStoreFunc)CertEnumCertificatesInStore, |
| (GetContextPropertyFunc)CertGetCertificateContextProperty, |
| (SetContextPropertyFunc)CertSetCertificateContextProperty, |
| (SerializeElementFunc)CertSerializeCertificateStoreElement, |
| (FreeContextFunc)CertFreeCertificateContext, |
| (DeleteContextFunc)CertDeleteCertificateFromStore, |
| }; |
| |
| static const WINE_CONTEXT_INTERFACE gCRLInterface = { |
| (CreateContextFunc)CertCreateCRLContext, |
| (AddContextToStoreFunc)CertAddCRLContextToStore, |
| (AddEncodedContextToStoreFunc)CertAddEncodedCRLToStore, |
| (EnumContextsInStoreFunc)CertEnumCRLsInStore, |
| (GetContextPropertyFunc)CertGetCRLContextProperty, |
| (SetContextPropertyFunc)CertSetCRLContextProperty, |
| (SerializeElementFunc)CertSerializeCRLStoreElement, |
| (FreeContextFunc)CertFreeCRLContext, |
| (DeleteContextFunc)CertDeleteCRLFromStore, |
| }; |
| |
| static const WINE_CONTEXT_INTERFACE gCTLInterface = { |
| (CreateContextFunc)CertCreateCTLContext, |
| (AddContextToStoreFunc)CertAddCTLContextToStore, |
| (AddEncodedContextToStoreFunc)CertAddEncodedCTLToStore, |
| (EnumContextsInStoreFunc)CertEnumCTLsInStore, |
| (GetContextPropertyFunc)CertGetCTLContextProperty, |
| (SetContextPropertyFunc)CertSetCTLContextProperty, |
| (SerializeElementFunc)CertSerializeCTLStoreElement, |
| (FreeContextFunc)CertFreeCTLContext, |
| (DeleteContextFunc)CertDeleteCTLFromStore, |
| }; |
| |
| /* An extended certificate property in serialized form is prefixed by this |
| * header. |
| */ |
| typedef struct _WINE_CERT_PROP_HEADER |
| { |
| DWORD propID; |
| DWORD unknown; /* always 1 */ |
| DWORD cb; |
| } WINE_CERT_PROP_HEADER, *PWINE_CERT_PROP_HEADER; |
| |
| BOOL WINAPI CertSerializeCRLStoreElement(PCCRL_CONTEXT pCrlContext, |
| DWORD dwFlags, BYTE *pbElement, DWORD *pcbElement) |
| { |
| FIXME("(%p, %08lx, %p, %p): stub\n", pCrlContext, dwFlags, pbElement, |
| pcbElement); |
| return FALSE; |
| } |
| |
| BOOL WINAPI CertSerializeCTLStoreElement(PCCTL_CONTEXT pCtlContext, |
| DWORD dwFlags, BYTE *pbElement, DWORD *pcbElement) |
| { |
| FIXME("(%p, %08lx, %p, %p): stub\n", pCtlContext, dwFlags, pbElement, |
| pcbElement); |
| return FALSE; |
| } |
| |
| BOOL WINAPI CertSerializeCertificateStoreElement(PCCERT_CONTEXT pCertContext, |
| DWORD dwFlags, BYTE *pbElement, DWORD *pcbElement) |
| { |
| BOOL ret; |
| |
| TRACE("(%p, %08lx, %p, %p)\n", pCertContext, dwFlags, pbElement, |
| pcbElement); |
| |
| if (pCertContext) |
| { |
| DWORD bytesNeeded = sizeof(WINE_CERT_PROP_HEADER) + |
| pCertContext->cbCertEncoded; |
| DWORD prop = 0; |
| |
| ret = TRUE; |
| do { |
| prop = CertEnumCertificateContextProperties(pCertContext, prop); |
| if (prop) |
| { |
| DWORD propSize = 0; |
| |
| ret = CertGetCertificateContextProperty(pCertContext, |
| prop, NULL, &propSize); |
| if (ret) |
| bytesNeeded += sizeof(WINE_CERT_PROP_HEADER) + propSize; |
| } |
| } while (ret && prop != 0); |
| |
| if (!pbElement) |
| { |
| *pcbElement = bytesNeeded; |
| ret = TRUE; |
| } |
| else if (*pcbElement < bytesNeeded) |
| { |
| *pcbElement = bytesNeeded; |
| SetLastError(ERROR_MORE_DATA); |
| ret = FALSE; |
| } |
| else |
| { |
| PWINE_CERT_PROP_HEADER hdr; |
| DWORD bufSize = 0; |
| LPBYTE buf = NULL; |
| |
| prop = 0; |
| do { |
| prop = CertEnumCertificateContextProperties(pCertContext, prop); |
| if (prop) |
| { |
| DWORD propSize = 0; |
| |
| ret = CertGetCertificateContextProperty(pCertContext, |
| prop, NULL, &propSize); |
| if (ret) |
| { |
| if (bufSize < propSize) |
| { |
| if (buf) |
| buf = CryptMemRealloc(buf, propSize); |
| else |
| buf = CryptMemAlloc(propSize); |
| bufSize = propSize; |
| } |
| if (buf) |
| { |
| ret = CertGetCertificateContextProperty( |
| pCertContext, prop, buf, &propSize); |
| if (ret) |
| { |
| hdr = (PWINE_CERT_PROP_HEADER)pbElement; |
| hdr->propID = prop; |
| hdr->unknown = 1; |
| hdr->cb = propSize; |
| pbElement += sizeof(WINE_CERT_PROP_HEADER); |
| if (propSize) |
| { |
| memcpy(pbElement, buf, propSize); |
| pbElement += propSize; |
| } |
| } |
| } |
| else |
| ret = FALSE; |
| } |
| } |
| } while (ret && prop != 0); |
| CryptMemFree(buf); |
| |
| hdr = (PWINE_CERT_PROP_HEADER)pbElement; |
| hdr->propID = CERT_CERT_PROP_ID; |
| hdr->unknown = 1; |
| hdr->cb = pCertContext->cbCertEncoded; |
| memcpy(pbElement + sizeof(WINE_CERT_PROP_HEADER), |
| pCertContext->pbCertEncoded, pCertContext->cbCertEncoded); |
| } |
| } |
| else |
| ret = FALSE; |
| return ret; |
| } |
| |
| /* Looks for the property with ID propID in the buffer buf. Returns a pointer |
| * to its header if a valid header is found, NULL if not. Valid means the |
| * length of thte property won't overrun buf, and the unknown field is 1. |
| */ |
| static const WINE_CERT_PROP_HEADER *CRYPT_findPropID(const BYTE *buf, |
| DWORD size, DWORD propID) |
| { |
| const WINE_CERT_PROP_HEADER *ret = NULL; |
| BOOL done = FALSE; |
| |
| while (size && !ret && !done) |
| { |
| if (size < sizeof(WINE_CERT_PROP_HEADER)) |
| { |
| SetLastError(CRYPT_E_FILE_ERROR); |
| done = TRUE; |
| } |
| else |
| { |
| const WINE_CERT_PROP_HEADER *hdr = |
| (const WINE_CERT_PROP_HEADER *)buf; |
| |
| size -= sizeof(WINE_CERT_PROP_HEADER); |
| buf += sizeof(WINE_CERT_PROP_HEADER); |
| if (size < hdr->cb) |
| { |
| SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER)); |
| done = TRUE; |
| } |
| else if (!hdr->propID) |
| { |
| /* assume a zero prop ID means the data are uninitialized, so |
| * stop looking. |
| */ |
| done = TRUE; |
| } |
| else if (hdr->unknown != 1) |
| { |
| SetLastError(ERROR_FILE_NOT_FOUND); |
| done = TRUE; |
| } |
| else if (hdr->propID == propID) |
| ret = hdr; |
| else |
| { |
| buf += hdr->cb; |
| size -= hdr->cb; |
| } |
| } |
| } |
| return ret; |
| } |
| |
| const void *CRYPT_ReadSerializedElement(const BYTE *pbElement, DWORD cbElement, |
| DWORD dwContextTypeFlags, DWORD *pdwContentType) |
| { |
| const void *context; |
| |
| TRACE("(%p, %ld, %08lx, %p)\n", pbElement, cbElement, dwContextTypeFlags, |
| pdwContentType); |
| |
| if (!cbElement) |
| { |
| SetLastError(ERROR_END_OF_MEDIA); |
| return NULL; |
| } |
| |
| __TRY |
| { |
| const WINE_CONTEXT_INTERFACE *contextInterface = NULL; |
| const WINE_CERT_PROP_HEADER *hdr = NULL; |
| DWORD type = 0; |
| BOOL ret; |
| |
| ret = TRUE; |
| context = NULL; |
| if (dwContextTypeFlags == CERT_STORE_ALL_CONTEXT_FLAG) |
| { |
| hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CERT_PROP_ID); |
| if (hdr) |
| type = CERT_STORE_CERTIFICATE_CONTEXT; |
| else |
| { |
| hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CRL_PROP_ID); |
| if (hdr) |
| type = CERT_STORE_CRL_CONTEXT; |
| else |
| { |
| hdr = CRYPT_findPropID(pbElement, cbElement, |
| CERT_CTL_PROP_ID); |
| if (hdr) |
| type = CERT_STORE_CTL_CONTEXT; |
| } |
| } |
| } |
| else if (dwContextTypeFlags & CERT_STORE_CERTIFICATE_CONTEXT_FLAG) |
| { |
| hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CERT_PROP_ID); |
| type = CERT_STORE_CERTIFICATE_CONTEXT; |
| } |
| else if (dwContextTypeFlags & CERT_STORE_CRL_CONTEXT_FLAG) |
| { |
| hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CRL_PROP_ID); |
| type = CERT_STORE_CRL_CONTEXT; |
| } |
| else if (dwContextTypeFlags & CERT_STORE_CTL_CONTEXT_FLAG) |
| { |
| hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CTL_PROP_ID); |
| type = CERT_STORE_CTL_CONTEXT; |
| } |
| |
| switch (type) |
| { |
| case CERT_STORE_CERTIFICATE_CONTEXT: |
| contextInterface = &gCertInterface; |
| break; |
| case CERT_STORE_CRL_CONTEXT: |
| contextInterface = &gCRLInterface; |
| break; |
| case CERT_STORE_CTL_CONTEXT: |
| contextInterface = &gCTLInterface; |
| break; |
| default: |
| SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER)); |
| ret = FALSE; |
| } |
| if (!hdr) |
| ret = FALSE; |
| |
| if (ret) |
| context = contextInterface->create(X509_ASN_ENCODING, |
| (BYTE *)hdr + sizeof(WINE_CERT_PROP_HEADER), hdr->cb); |
| if (ret && context) |
| { |
| BOOL noMoreProps = FALSE; |
| |
| while (!noMoreProps && ret) |
| { |
| if (cbElement < sizeof(WINE_CERT_PROP_HEADER)) |
| ret = FALSE; |
| else |
| { |
| const WINE_CERT_PROP_HEADER *hdr = |
| (const WINE_CERT_PROP_HEADER *)pbElement; |
| |
| TRACE("prop is %ld\n", hdr->propID); |
| cbElement -= sizeof(WINE_CERT_PROP_HEADER); |
| pbElement += sizeof(WINE_CERT_PROP_HEADER); |
| if (cbElement < hdr->cb) |
| { |
| SetLastError(HRESULT_FROM_WIN32( |
| ERROR_INVALID_PARAMETER)); |
| ret = FALSE; |
| } |
| else if (!hdr->propID) |
| { |
| /* Like in CRYPT_findPropID, stop if the propID is zero |
| */ |
| noMoreProps = TRUE; |
| } |
| else if (hdr->unknown != 1) |
| { |
| SetLastError(ERROR_FILE_NOT_FOUND); |
| ret = FALSE; |
| } |
| else if (hdr->propID != CERT_CERT_PROP_ID && |
| hdr->propID != CERT_CRL_PROP_ID && hdr->propID != |
| CERT_CTL_PROP_ID) |
| { |
| /* Have to create a blob for most types, but not |
| * for all.. arghh. |
| */ |
| switch (hdr->propID) |
| { |
| case CERT_AUTO_ENROLL_PROP_ID: |
| case CERT_CTL_USAGE_PROP_ID: |
| case CERT_DESCRIPTION_PROP_ID: |
| case CERT_FRIENDLY_NAME_PROP_ID: |
| case CERT_HASH_PROP_ID: |
| case CERT_KEY_IDENTIFIER_PROP_ID: |
| case CERT_MD5_HASH_PROP_ID: |
| case CERT_NEXT_UPDATE_LOCATION_PROP_ID: |
| case CERT_PUBKEY_ALG_PARA_PROP_ID: |
| case CERT_PVK_FILE_PROP_ID: |
| case CERT_SIGNATURE_HASH_PROP_ID: |
| case CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID: |
| case CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID: |
| case CERT_ENROLLMENT_PROP_ID: |
| case CERT_CROSS_CERT_DIST_POINTS_PROP_ID: |
| case CERT_RENEWAL_PROP_ID: |
| { |
| CRYPT_DATA_BLOB blob = { hdr->cb, |
| (LPBYTE)pbElement }; |
| |
| ret = contextInterface->setProp(context, |
| hdr->propID, 0, &blob); |
| break; |
| } |
| case CERT_DATE_STAMP_PROP_ID: |
| ret = contextInterface->setProp(context, |
| hdr->propID, 0, pbElement); |
| break; |
| default: |
| FIXME("prop ID %ld: stub\n", hdr->propID); |
| } |
| } |
| pbElement += hdr->cb; |
| cbElement -= hdr->cb; |
| if (!cbElement) |
| noMoreProps = TRUE; |
| } |
| } |
| if (ret) |
| { |
| if (pdwContentType) |
| *pdwContentType = type; |
| } |
| else |
| { |
| contextInterface->free(context); |
| context = NULL; |
| } |
| } |
| } |
| __EXCEPT_PAGE_FAULT |
| { |
| SetLastError(STATUS_ACCESS_VIOLATION); |
| context = NULL; |
| } |
| __ENDTRY |
| return context; |
| } |
| |
| BOOL WINAPI CertAddSerializedElementToStore(HCERTSTORE hCertStore, |
| const BYTE *pbElement, DWORD cbElement, DWORD dwAddDisposition, DWORD dwFlags, |
| DWORD dwContextTypeFlags, DWORD *pdwContentType, const void **ppvContext) |
| { |
| const void *context; |
| DWORD type; |
| BOOL ret; |
| |
| TRACE("(%p, %p, %ld, %08lx, %08lx, %08lx, %p, %p)\n", hCertStore, |
| pbElement, cbElement, dwAddDisposition, dwFlags, dwContextTypeFlags, |
| pdwContentType, ppvContext); |
| |
| /* Call the internal function, then delete the hashes. Tests show this |
| * function uses real hash values, not whatever's stored in the hash |
| * property. |
| */ |
| context = CRYPT_ReadSerializedElement(pbElement, cbElement, |
| dwContextTypeFlags, &type); |
| if (context) |
| { |
| const WINE_CONTEXT_INTERFACE *contextInterface = NULL; |
| |
| switch (type) |
| { |
| case CERT_STORE_CERTIFICATE_CONTEXT: |
| contextInterface = &gCertInterface; |
| break; |
| case CERT_STORE_CRL_CONTEXT: |
| contextInterface = &gCRLInterface; |
| break; |
| case CERT_STORE_CTL_CONTEXT: |
| contextInterface = &gCTLInterface; |
| break; |
| default: |
| SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER)); |
| } |
| if (contextInterface) |
| { |
| contextInterface->setProp(context, CERT_HASH_PROP_ID, 0, NULL); |
| contextInterface->setProp(context, CERT_MD5_HASH_PROP_ID, 0, NULL); |
| contextInterface->setProp(context, CERT_SIGNATURE_HASH_PROP_ID, 0, |
| NULL); |
| if (pdwContentType) |
| *pdwContentType = type; |
| ret = contextInterface->addContextToStore(hCertStore, context, |
| dwAddDisposition, ppvContext); |
| contextInterface->free(context); |
| } |
| else |
| ret = FALSE; |
| } |
| else |
| ret = FALSE; |
| return ret; |
| } |
