projects / reactos.git / blob
? search:


84188f881aaaedbb212ed011c32c12f9fef6df8d
[reactos.git] / dll / win32 / wintrust / crypt.c
1 /*
2 * WinTrust Cryptography functions
3 *
4 * Copyright 2006 James Hawkins
5 * Copyright 2000-2002 Stuart Caie
6 * Copyright 2002 Patrik Stridvall
7 * Copyright 2003 Greg Turner
8 * Copyright 2008 Juan Lang
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
23 */
24
25 #include <stdarg.h>
26 #include <stdio.h>
27 #include "windef.h"
28 #include "winbase.h"
29 #include "wintrust.h"
30 #include "mscat.h"
31 #include "mssip.h"
32 #include "imagehlp.h"
33 #include "winternl.h"
34
35 #include "wine/debug.h"
36 #include "wine/unicode.h"
37
38 WINE_DEFAULT_DEBUG_CHANNEL(wintrust);
39
40 #define CATADMIN_MAGIC 0x43415441 /* 'CATA' */
41 #define CRYPTCAT_MAGIC 0x43415443 /* 'CATC' */
42 #define CATINFO_MAGIC 0x43415449 /* 'CATI' */
43
44 struct cryptcat
45 {
46 DWORD magic;
47 HCRYPTMSG msg;
48 DWORD encoding;
49 CTL_INFO *inner;
50 DWORD inner_len;
51 GUID subject;
52 DWORD attr_count;
53 CRYPTCATATTRIBUTE *attr;
54 };
55
56 struct catadmin
57 {
58 DWORD magic;
59 WCHAR path[MAX_PATH];
60 HANDLE find;
61 };
62
63 struct catinfo
64 {
65 DWORD magic;
66 WCHAR file[MAX_PATH];
67 };
68
69 static HCATINFO create_catinfo(const WCHAR *filename)
70 {
71 struct catinfo *ci;
72
73 if (!(ci = HeapAlloc(GetProcessHeap(), 0, sizeof(*ci))))
74 {
75 SetLastError(ERROR_OUTOFMEMORY);
76 return INVALID_HANDLE_VALUE;
77 }
78 strcpyW(ci->file, filename);
79 ci->magic = CATINFO_MAGIC;
80 return ci;
81 }
82
83 /***********************************************************************
84 * CryptCATAdminAcquireContext (WINTRUST.@)
85 *
86 * Get a catalog administrator context handle.
87 *
88 * PARAMS
89 * catAdmin [O] Pointer to the context handle.
90 * sys [I] Pointer to a GUID for the needed subsystem.
91 * dwFlags [I] Reserved.
92 *
93 * RETURNS
94 * Success: TRUE. catAdmin contains the context handle.
95 * Failure: FALSE.
96 *
97 */
98 BOOL WINAPI CryptCATAdminAcquireContext(HCATADMIN *catAdmin,
99 const GUID *sys, DWORD dwFlags)
100 {
101 static const WCHAR catroot[] =
102 {'\\','c','a','t','r','o','o','t',0};
103 static const WCHAR fmt[] =
104 {'%','s','\\','{','%','0','8','x','-','%','0','4','x','-','%','0',
105 '4','x','-','%','0','2','x','%','0','2','x','-','%','0','2','x',
106 '%','0','2','x','%','0','2','x','%','0','2','x','%','0','2','x',
107 '%','0','2','x','}',0};
108 static const GUID defsys =
109 {0x127d0a1d,0x4ef2,0x11d1,{0x86,0x08,0x00,0xc0,0x4f,0xc2,0x95,0xee}};
110
111 WCHAR catroot_dir[MAX_PATH];
112 struct catadmin *ca;
113
114 TRACE("%p %s %x\n", catAdmin, debugstr_guid(sys), dwFlags);
115
116 if (!catAdmin || dwFlags)
117 {
118 SetLastError(ERROR_INVALID_PARAMETER);
119 return FALSE;
120 }
121 if (!(ca = HeapAlloc(GetProcessHeap(), 0, sizeof(*ca))))
122 {
123 SetLastError(ERROR_OUTOFMEMORY);
124 return FALSE;
125 }
126
127 GetSystemDirectoryW(catroot_dir, MAX_PATH);
128 strcatW(catroot_dir, catroot);
129
130 /* create the directory if it doesn't exist */
131 CreateDirectoryW(catroot_dir, NULL);
132
133 if (!sys) sys = &defsys;
134 sprintfW(ca->path, fmt, catroot_dir, sys->Data1, sys->Data2,
135 sys->Data3, sys->Data4[0], sys->Data4[1], sys->Data4[2],
136 sys->Data4[3], sys->Data4[4], sys->Data4[5], sys->Data4[6],
137 sys->Data4[7]);
138
139 /* create the directory if it doesn't exist */
140 CreateDirectoryW(ca->path, NULL);
141
142 ca->magic = CATADMIN_MAGIC;
143 ca->find = INVALID_HANDLE_VALUE;
144
145 *catAdmin = ca;
146 return TRUE;
147 }
148
149 /***********************************************************************
150 * CryptCATAdminAddCatalog (WINTRUST.@)
151 */
152 HCATINFO WINAPI CryptCATAdminAddCatalog(HCATADMIN catAdmin, PWSTR catalogFile,
153 PWSTR selectBaseName, DWORD flags)
154 {
155 static const WCHAR slashW[] = {'\\',0};
156 struct catadmin *ca = catAdmin;
157 struct catinfo *ci;
158 WCHAR *target;
159 DWORD len;
160
161 TRACE("%p %s %s %d\n", catAdmin, debugstr_w(catalogFile),
162 debugstr_w(selectBaseName), flags);
163
164 if (!selectBaseName)
165 {
166 FIXME("NULL basename not handled\n");
167 SetLastError(ERROR_INVALID_PARAMETER);
168 return NULL;
169 }
170 if (!ca || ca->magic != CATADMIN_MAGIC || !catalogFile || flags)
171 {
172 SetLastError(ERROR_INVALID_PARAMETER);
173 return NULL;
174 }
175
176 len = strlenW(ca->path) + strlenW(selectBaseName) + 2;
177 if (!(target = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR))))
178 {
179 SetLastError(ERROR_OUTOFMEMORY);
180 return NULL;
181 }
182 strcpyW(target, ca->path);
183 strcatW(target, slashW);
184 strcatW(target, selectBaseName);
185
186 if (!CopyFileW(catalogFile, target, FALSE))
187 {
188 HeapFree(GetProcessHeap(), 0, target);
189 return NULL;
190 }
191 SetFileAttributesW(target, FILE_ATTRIBUTE_SYSTEM);
192
193 if (!(ci = HeapAlloc(GetProcessHeap(), 0, sizeof(*ci))))
194 {
195 HeapFree(GetProcessHeap(), 0, target);
196 SetLastError(ERROR_OUTOFMEMORY);
197 return NULL;
198 }
199 ci->magic = CATINFO_MAGIC;
200 strcpyW(ci->file, target);
201
202 HeapFree(GetProcessHeap(), 0, target);
203 return ci;
204 }
205
206 /***********************************************************************
207 * CryptCATAdminCalcHashFromFileHandle (WINTRUST.@)
208 */
209 BOOL WINAPI CryptCATAdminCalcHashFromFileHandle(HANDLE hFile, DWORD* pcbHash,
210 BYTE* pbHash, DWORD dwFlags )
211 {
212 BOOL ret = FALSE;
213
214 TRACE("%p %p %p %x\n", hFile, pcbHash, pbHash, dwFlags);
215
216 if (!hFile || !pcbHash || dwFlags)
217 {
218 SetLastError(ERROR_INVALID_PARAMETER);
219 return FALSE;
220 }
221 if (*pcbHash < 20)
222 {
223 *pcbHash = 20;
224 SetLastError(ERROR_INSUFFICIENT_BUFFER);
225 return TRUE;
226 }
227
228 *pcbHash = 20;
229 if (pbHash)
230 {
231 HCRYPTPROV prov;
232 HCRYPTHASH hash;
233 DWORD bytes_read;
234 BYTE *buffer;
235
236 if (!(buffer = HeapAlloc(GetProcessHeap(), 0, 4096)))
237 {
238 SetLastError(ERROR_OUTOFMEMORY);
239 return FALSE;
240 }
241 ret = CryptAcquireContextW(&prov, NULL, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
242 if (!ret)
243 {
244 HeapFree(GetProcessHeap(), 0, buffer);
245 return FALSE;
246 }
247 ret = CryptCreateHash(prov, CALG_SHA1, 0, 0, &hash);
248 if (!ret)
249 {
250 HeapFree(GetProcessHeap(), 0, buffer);
251 CryptReleaseContext(prov, 0);
252 return FALSE;
253 }
254 while ((ret = ReadFile(hFile, buffer, 4096, &bytes_read, NULL)) && bytes_read)
255 {
256 CryptHashData(hash, buffer, bytes_read, 0);
257 }
258 if (ret) ret = CryptGetHashParam(hash, HP_HASHVAL, pbHash, pcbHash, 0);
259
260 HeapFree(GetProcessHeap(), 0, buffer);
261 CryptDestroyHash(hash);
262 CryptReleaseContext(prov, 0);
263 }
264 return ret;
265 }
266
267 /***********************************************************************
268 * CryptCATAdminEnumCatalogFromHash (WINTRUST.@)
269 */
270 HCATINFO WINAPI CryptCATAdminEnumCatalogFromHash(HCATADMIN hCatAdmin, BYTE* pbHash,
271 DWORD cbHash, DWORD dwFlags,
272 HCATINFO* phPrevCatInfo )
273 {
274 static const WCHAR slashW[] = {'\\',0};
275 static const WCHAR globW[] = {'\\','*','.','c','a','t',0};
276
277 struct catadmin *ca = hCatAdmin;
278 WIN32_FIND_DATAW data;
279 HCATINFO prev = NULL;
280 HCRYPTPROV prov;
281 DWORD size;
282 BOOL ret;
283
284 TRACE("%p %p %d %x %p\n", hCatAdmin, pbHash, cbHash, dwFlags, phPrevCatInfo);
285
286 if (!ca || ca->magic != CATADMIN_MAGIC || !pbHash || cbHash != 20 || dwFlags)
287 {
288 SetLastError(ERROR_INVALID_PARAMETER);
289 return NULL;
290 }
291 if (phPrevCatInfo) prev = *phPrevCatInfo;
292
293 ret = CryptAcquireContextW(&prov, NULL, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
294 if (!ret) return NULL;
295
296 if (!prev)
297 {
298 WCHAR *path;
299
300 size = strlenW(ca->path) * sizeof(WCHAR) + sizeof(globW);
301 if (!(path = HeapAlloc(GetProcessHeap(), 0, size)))
302 {
303 CryptReleaseContext(prov, 0);
304 SetLastError(ERROR_OUTOFMEMORY);
305 return NULL;
306 }
307 strcpyW(path, ca->path);
308 strcatW(path, globW);
309
310 FindClose(ca->find);
311 ca->find = FindFirstFileW(path, &data);
312
313 HeapFree(GetProcessHeap(), 0, path);
314 if (ca->find == INVALID_HANDLE_VALUE)
315 {
316 CryptReleaseContext(prov, 0);
317 return NULL;
318 }
319 }
320 else if (!FindNextFileW(ca->find, &data))
321 {
322 CryptCATAdminReleaseCatalogContext(hCatAdmin, prev, 0);
323 CryptReleaseContext(prov, 0);
324 return NULL;
325 }
326
327 while (1)
328 {
329 WCHAR *filename;
330 CRYPTCATMEMBER *member = NULL;
331 struct catinfo *ci;
332 HANDLE hcat;
333
334 size = (strlenW(ca->path) + strlenW(data.cFileName) + 2) * sizeof(WCHAR);
335 if (!(filename = HeapAlloc(GetProcessHeap(), 0, size)))
336 {
337 SetLastError(ERROR_OUTOFMEMORY);
338 return NULL;
339 }
340 strcpyW(filename, ca->path);
341 strcatW(filename, slashW);
342 strcatW(filename, data.cFileName);
343
344 hcat = CryptCATOpen(filename, CRYPTCAT_OPEN_EXISTING, prov, 0, 0);
345 if (hcat == INVALID_HANDLE_VALUE)
346 {
347 WARN("couldn't open %s (%u)\n", debugstr_w(filename), GetLastError());
348 continue;
349 }
350 while ((member = CryptCATEnumerateMember(hcat, member)))
351 {
352 if (member->pIndirectData->Digest.cbData != cbHash)
353 {
354 WARN("amount of hash bytes differs: %u/%u\n", member->pIndirectData->Digest.cbData, cbHash);
355 continue;
356 }
357 if (!memcmp(member->pIndirectData->Digest.pbData, pbHash, cbHash))
358 {
359 TRACE("file %s matches\n", debugstr_w(data.cFileName));
360
361 CryptCATClose(hcat);
362 CryptReleaseContext(prov, 0);
363 if (!phPrevCatInfo)
364 {
365 FindClose(ca->find);
366 ca->find = INVALID_HANDLE_VALUE;
367 }
368 ci = create_catinfo(filename);
369 HeapFree(GetProcessHeap(), 0, filename);
370 return ci;
371 }
372 }
373 CryptCATClose(hcat);
374 HeapFree(GetProcessHeap(), 0, filename);
375
376 if (!FindNextFileW(ca->find, &data))
377 {
378 FindClose(ca->find);
379 ca->find = INVALID_HANDLE_VALUE;
380 CryptReleaseContext(prov, 0);
381 return NULL;
382 }
383 }
384 return NULL;
385 }
386
387 /***********************************************************************
388 * CryptCATAdminReleaseCatalogContext (WINTRUST.@)
389 *
390 * Release a catalog context handle.
391 *
392 * PARAMS
393 * hCatAdmin [I] Context handle.
394 * hCatInfo [I] Catalog handle.
395 * dwFlags [I] Reserved.
396 *
397 * RETURNS
398 * Success: TRUE.
399 * Failure: FALSE.
400 *
401 */
402 BOOL WINAPI CryptCATAdminReleaseCatalogContext(HCATADMIN hCatAdmin,
403 HCATINFO hCatInfo,
404 DWORD dwFlags)
405 {
406 struct catinfo *ci = hCatInfo;
407 struct catadmin *ca = hCatAdmin;
408
409 TRACE("%p %p %x\n", hCatAdmin, hCatInfo, dwFlags);
410
411 if (!ca || ca->magic != CATADMIN_MAGIC || !ci || ci->magic != CATINFO_MAGIC)
412 {
413 SetLastError(ERROR_INVALID_PARAMETER);
414 return FALSE;
415 }
416 ci->magic = 0;
417 return HeapFree(GetProcessHeap(), 0, ci);
418 }
419
420 /***********************************************************************
421 * CryptCATAdminReleaseContext (WINTRUST.@)
422 *
423 * Release a catalog administrator context handle.
424 *
425 * PARAMS
426 * catAdmin [I] Context handle.
427 * dwFlags [I] Reserved.
428 *
429 * RETURNS
430 * Success: TRUE.
431 * Failure: FALSE.
432 *
433 */
434 BOOL WINAPI CryptCATAdminReleaseContext(HCATADMIN hCatAdmin, DWORD dwFlags )
435 {
436 struct catadmin *ca = hCatAdmin;
437
438 TRACE("%p %x\n", hCatAdmin, dwFlags);
439
440 if (!ca || ca->magic != CATADMIN_MAGIC)
441 {
442 SetLastError(ERROR_INVALID_PARAMETER);
443 return FALSE;
444 }
445 if (ca->find != INVALID_HANDLE_VALUE) FindClose(ca->find);
446 ca->magic = 0;
447 return HeapFree(GetProcessHeap(), 0, ca);
448 }
449
450 /***********************************************************************
451 * CryptCATAdminRemoveCatalog (WINTRUST.@)
452 *
453 * Remove a catalog file.
454 *
455 * PARAMS
456 * catAdmin [I] Context handle.
457 * pwszCatalogFile [I] Catalog file.
458 * dwFlags [I] Reserved.
459 *
460 * RETURNS
461 * Success: TRUE.
462 * Failure: FALSE.
463 *
464 */
465 BOOL WINAPI CryptCATAdminRemoveCatalog(HCATADMIN hCatAdmin, LPCWSTR pwszCatalogFile, DWORD dwFlags)
466 {
467 struct catadmin *ca = hCatAdmin;
468
469 TRACE("%p %s %x\n", hCatAdmin, debugstr_w(pwszCatalogFile), dwFlags);
470
471 if (!ca || ca->magic != CATADMIN_MAGIC)
472 {
473 SetLastError(ERROR_INVALID_PARAMETER);
474 return FALSE;
475 }
476
477 /* Only delete when there is a filename and no path */
478 if (pwszCatalogFile && pwszCatalogFile[0] != 0 &&
479 !strchrW(pwszCatalogFile, '\\') && !strchrW(pwszCatalogFile, '/') &&
480 !strchrW(pwszCatalogFile, ':'))
481 {
482 static const WCHAR slashW[] = {'\\',0};
483 WCHAR *target;
484 DWORD len;
485
486 len = strlenW(ca->path) + strlenW(pwszCatalogFile) + 2;
487 if (!(target = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR))))
488 {
489 SetLastError(ERROR_OUTOFMEMORY);
490 return FALSE;
491 }
492 strcpyW(target, ca->path);
493 strcatW(target, slashW);
494 strcatW(target, pwszCatalogFile);
495
496 DeleteFileW(target);
497
498 HeapFree(GetProcessHeap(), 0, target);
499 }
500
501 return TRUE;
502 }
503
504 /***********************************************************************
505 * CryptCATAdminResolveCatalogPath (WINTRUST.@)
506 */
507 BOOL WINAPI CryptCATAdminResolveCatalogPath(HCATADMIN hcatadmin, WCHAR *catalog_file,
508 CATALOG_INFO *info, DWORD flags)
509 {
510 static const WCHAR slashW[] = {'\\',0};
511 struct catadmin *ca = hcatadmin;
512
513 TRACE("%p %s %p %x\n", hcatadmin, debugstr_w(catalog_file), info, flags);
514
515 if (!ca || ca->magic != CATADMIN_MAGIC || !info || info->cbStruct != sizeof(*info) || flags)
516 {
517 SetLastError(ERROR_INVALID_PARAMETER);
518 return FALSE;
519 }
520 strcpyW(info->wszCatalogFile, ca->path);
521 strcatW(info->wszCatalogFile, slashW);
522 strcatW(info->wszCatalogFile, catalog_file);
523
524 return TRUE;
525 }
526
527 /***********************************************************************
528 * CryptCATClose (WINTRUST.@)
529 */
530 BOOL WINAPI CryptCATClose(HANDLE hCatalog)
531 {
532 struct cryptcat *cc = hCatalog;
533
534 TRACE("(%p)\n", hCatalog);
535
536 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
537 {
538 SetLastError(ERROR_INVALID_PARAMETER);
539 return FALSE;
540 }
541 HeapFree(GetProcessHeap(), 0, cc->attr);
542 HeapFree(GetProcessHeap(), 0, cc->inner);
543 CryptMsgClose(cc->msg);
544
545 cc->magic = 0;
546 HeapFree(GetProcessHeap(), 0, cc);
547 return TRUE;
548 }
549
550 /***********************************************************************
551 * CryptCATGetAttrInfo (WINTRUST.@)
552 */
553 CRYPTCATATTRIBUTE * WINAPI CryptCATGetAttrInfo(HANDLE hCatalog, CRYPTCATMEMBER *member, LPWSTR tag)
554 {
555 struct cryptcat *cc = hCatalog;
556
557 FIXME("%p, %p, %s\n", hCatalog, member, debugstr_w(tag));
558
559 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
560 {
561 SetLastError(ERROR_INVALID_PARAMETER);
562 return NULL;
563 }
564 SetLastError(CRYPT_E_NOT_FOUND);
565 return NULL;
566 }
567
568 /***********************************************************************
569 * CryptCATGetCatAttrInfo (WINTRUST.@)
570 */
571 CRYPTCATATTRIBUTE * WINAPI CryptCATGetCatAttrInfo(HANDLE hCatalog, LPWSTR tag)
572 {
573 struct cryptcat *cc = hCatalog;
574
575 FIXME("%p, %s\n", hCatalog, debugstr_w(tag));
576
577 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
578 {
579 SetLastError(ERROR_INVALID_PARAMETER);
580 return NULL;
581 }
582 SetLastError(CRYPT_E_NOT_FOUND);
583 return NULL;
584 }
585
586 CRYPTCATMEMBER * WINAPI CryptCATGetMemberInfo(HANDLE hCatalog, LPWSTR tag)
587 {
588 struct cryptcat *cc = hCatalog;
589
590 FIXME("%p, %s\n", hCatalog, debugstr_w(tag));
591
592 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
593 {
594 SetLastError(ERROR_INVALID_PARAMETER);
595 return NULL;
596 }
597 SetLastError(CRYPT_E_NOT_FOUND);
598 return NULL;
599 }
600
601 /***********************************************************************
602 * CryptCATEnumerateAttr (WINTRUST.@)
603 */
604 CRYPTCATATTRIBUTE * WINAPI CryptCATEnumerateAttr(HANDLE hCatalog, CRYPTCATMEMBER *member, CRYPTCATATTRIBUTE *prev)
605 {
606 struct cryptcat *cc = hCatalog;
607
608 FIXME("%p, %p, %p\n", hCatalog, member, prev);
609
610 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
611 {
612 SetLastError(ERROR_INVALID_PARAMETER);
613 return NULL;
614 }
615 SetLastError(CRYPT_E_NOT_FOUND);
616 return NULL;
617 }
618
619 /***********************************************************************
620 * CryptCATEnumerateCatAttr (WINTRUST.@)
621 */
622 CRYPTCATATTRIBUTE * WINAPI CryptCATEnumerateCatAttr(HANDLE hCatalog, CRYPTCATATTRIBUTE *prev)
623 {
624 struct cryptcat *cc = hCatalog;
625
626 FIXME("%p, %p\n", hCatalog, prev);
627
628 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
629 {
630 SetLastError(ERROR_INVALID_PARAMETER);
631 return NULL;
632 }
633 SetLastError(CRYPT_E_NOT_FOUND);
634 return NULL;
635 }
636
637 /***********************************************************************
638 * CryptCATEnumerateMember (WINTRUST.@)
639 */
640 CRYPTCATMEMBER * WINAPI CryptCATEnumerateMember(HANDLE hCatalog, CRYPTCATMEMBER *prev)
641 {
642 struct cryptcat *cc = hCatalog;
643 CRYPTCATMEMBER *member = prev;
644 CTL_ENTRY *entry;
645 DWORD size, i;
646
647 TRACE("%p, %p\n", hCatalog, prev);
648
649 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
650 {
651 SetLastError(ERROR_INVALID_PARAMETER);
652 return NULL;
653 }
654
655 /* dumping the contents makes me think that dwReserved is the iteration number */
656 if (!member)
657 {
658 if (!(member = HeapAlloc(GetProcessHeap(), 0, sizeof(*member))))
659 {
660 SetLastError(ERROR_OUTOFMEMORY);
661 return NULL;
662 }
663 member->cbStruct = sizeof(*member);
664 member->pwszFileName = member->pwszReferenceTag = NULL;
665 member->dwReserved = 0;
666 member->hReserved = NULL;
667 member->gSubjectType = cc->subject;
668 member->fdwMemberFlags = 0;
669 member->pIndirectData = NULL;
670 member->dwCertVersion = cc->inner->dwVersion;
671 }
672 else member->dwReserved++;
673
674 if (member->dwReserved >= cc->inner->cCTLEntry)
675 {
676 SetLastError(ERROR_INVALID_PARAMETER);
677 goto error;
678 }
679
680 /* list them backwards, like native */
681 entry = &cc->inner->rgCTLEntry[cc->inner->cCTLEntry - member->dwReserved - 1];
682
683 member->sEncodedIndirectData.cbData = member->sEncodedMemberInfo.cbData = 0;
684 member->sEncodedIndirectData.pbData = member->sEncodedMemberInfo.pbData = NULL;
685 HeapFree(GetProcessHeap(), 0, member->pIndirectData);
686 member->pIndirectData = NULL;
687
688 for (i = 0; i < entry->cAttribute; i++)
689 {
690 CRYPT_ATTRIBUTE *attr = entry->rgAttribute + i;
691
692 if (attr->cValue != 1)
693 {
694 ERR("Can't handle attr->cValue of %u\n", attr->cValue);
695 continue;
696 }
697 if (!strcmp(attr->pszObjId, CAT_MEMBERINFO_OBJID))
698 {
699 CAT_MEMBERINFO *mi;
700 BOOL ret;
701
702 member->sEncodedMemberInfo.cbData = attr->rgValue->cbData;
703 member->sEncodedMemberInfo.pbData = attr->rgValue->pbData;
704
705 CryptDecodeObject(cc->encoding, CAT_MEMBERINFO_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, NULL, &size);
706
707 if (!(mi = HeapAlloc(GetProcessHeap(), 0, size)))
708 {
709 SetLastError(ERROR_OUTOFMEMORY);
710 goto error;
711 }
712 ret = CryptDecodeObject(cc->encoding, CAT_MEMBERINFO_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, mi, &size);
713 if (ret)
714 {
715 UNICODE_STRING guid;
716
717 member->dwCertVersion = mi->dwCertVersion;
718 RtlInitUnicodeString(&guid, mi->pwszSubjGuid);
719 if (RtlGUIDFromString(&guid, &member->gSubjectType))
720 {
721 HeapFree(GetProcessHeap(), 0, mi);
722 goto error;
723 }
724 }
725 HeapFree(GetProcessHeap(), 0, mi);
726 if (!ret) goto error;
727 }
728 else if (!strcmp(attr->pszObjId, SPC_INDIRECT_DATA_OBJID))
729 {
730 /* SPC_INDIRECT_DATA_CONTENT is equal to SIP_INDIRECT_DATA */
731
732 member->sEncodedIndirectData.cbData = attr->rgValue->cbData;
733 member->sEncodedIndirectData.pbData = attr->rgValue->pbData;
734
735 CryptDecodeObject(cc->encoding, SPC_INDIRECT_DATA_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, NULL, &size);
736
737 if (!(member->pIndirectData = HeapAlloc(GetProcessHeap(), 0, size)))
738 {
739 SetLastError(ERROR_OUTOFMEMORY);
740 goto error;
741 }
742 CryptDecodeObject(cc->encoding, SPC_INDIRECT_DATA_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, member->pIndirectData, &size);
743 }
744 else
745 /* this object id should probably be handled in CryptCATEnumerateAttr */
746 FIXME("unhandled object id \"%s\"\n", attr->pszObjId);
747 }
748
749 if (!member->sEncodedMemberInfo.cbData || !member->sEncodedIndirectData.cbData)
750 {
751 ERR("Corrupted catalog entry?\n");
752 SetLastError(CRYPT_E_ATTRIBUTES_MISSING);
753 goto error;
754 }
755 size = (2 * member->pIndirectData->Digest.cbData + 1) * sizeof(WCHAR);
756 if (member->pwszReferenceTag)
757 member->pwszReferenceTag = HeapReAlloc(GetProcessHeap(), 0, member->pwszReferenceTag, size);
758 else
759 member->pwszReferenceTag = HeapAlloc(GetProcessHeap(), 0, size);
760
761 if (!member->pwszReferenceTag)
762 {
763 SetLastError(ERROR_OUTOFMEMORY);
764 goto error;
765 }
766 /* FIXME: reference tag is usually the file hash but doesn't have to be */
767 for (i = 0; i < member->pIndirectData->Digest.cbData; i++)
768 {
769 DWORD sub;
770
771 sub = member->pIndirectData->Digest.pbData[i] >> 4;
772 member->pwszReferenceTag[i * 2] = (sub < 10 ? '0' + sub : 'A' + sub - 10);
773 sub = member->pIndirectData->Digest.pbData[i] & 0xf;
774 member->pwszReferenceTag[i * 2 + 1] = (sub < 10 ? '0' + sub : 'A' + sub - 10);
775 }
776 member->pwszReferenceTag[i * 2] = 0;
777 return member;
778
779 error:
780 HeapFree(GetProcessHeap(), 0, member->pIndirectData);
781 HeapFree(GetProcessHeap(), 0, member->pwszReferenceTag);
782 HeapFree(GetProcessHeap(), 0, member);
783 return NULL;
784 }
785
786 static CTL_INFO *decode_inner_content(HANDLE hmsg, DWORD encoding, DWORD *len)
787 {
788 DWORD size;
789 LPSTR oid = NULL;
790 BYTE *buffer = NULL;
791 CTL_INFO *inner = NULL;
792
793 if (!CryptMsgGetParam(hmsg, CMSG_INNER_CONTENT_TYPE_PARAM, 0, NULL, &size)) return NULL;
794 if (!(oid = HeapAlloc(GetProcessHeap(), 0, size)))
795 {
796 SetLastError(ERROR_OUTOFMEMORY);
797 return NULL;
798 }
799 if (!CryptMsgGetParam(hmsg, CMSG_INNER_CONTENT_TYPE_PARAM, 0, oid, &size)) goto out;
800 if (!CryptMsgGetParam(hmsg, CMSG_CONTENT_PARAM, 0, NULL, &size)) goto out;
801 if (!(buffer = HeapAlloc(GetProcessHeap(), 0, size)))
802 {
803 SetLastError(ERROR_OUTOFMEMORY);
804 goto out;
805 }
806 if (!CryptMsgGetParam(hmsg, CMSG_CONTENT_PARAM, 0, buffer, &size)) goto out;
807 if (!CryptDecodeObject(encoding, oid, buffer, size, 0, NULL, &size)) goto out;
808 if (!(inner = HeapAlloc(GetProcessHeap(), 0, size)))
809 {
810 SetLastError(ERROR_OUTOFMEMORY);
811 goto out;
812 }
813 if (!CryptDecodeObject(encoding, oid, buffer, size, 0, inner, &size)) goto out;
814 *len = size;
815
816 out:
817 HeapFree(GetProcessHeap(), 0, oid);
818 HeapFree(GetProcessHeap(), 0, buffer);
819 return inner;
820 }
821
822 /***********************************************************************
823 * CryptCATCatalogInfoFromContext (WINTRUST.@)
824 */
825 BOOL WINAPI CryptCATCatalogInfoFromContext(HCATINFO hcatinfo, CATALOG_INFO *info, DWORD flags)
826 {
827 struct catinfo *ci = hcatinfo;
828
829 TRACE("%p, %p, %x\n", hcatinfo, info, flags);
830
831 if (!hcatinfo || hcatinfo == INVALID_HANDLE_VALUE || ci->magic != CATINFO_MAGIC ||
832 flags || !info || info->cbStruct != sizeof(*info))
833 {
834 SetLastError(ERROR_INVALID_PARAMETER);
835 return FALSE;
836 }
837 strcpyW(info->wszCatalogFile, ci->file);
838 return TRUE;
839 }
840
841 /***********************************************************************
842 * CryptCATOpen (WINTRUST.@)
843 */
844 HANDLE WINAPI CryptCATOpen(LPWSTR pwszFileName, DWORD fdwOpenFlags, HCRYPTPROV hProv,
845 DWORD dwPublicVersion, DWORD dwEncodingType)
846 {
847 HANDLE file, hmsg;
848 BYTE *buffer = NULL;
849 DWORD size, flags = OPEN_EXISTING;
850 struct cryptcat *cc;
851
852 TRACE("%s, %x, %lx, %x, %x\n", debugstr_w(pwszFileName), fdwOpenFlags,
853 hProv, dwPublicVersion, dwEncodingType);
854
855 if (!pwszFileName)
856 {
857 SetLastError(ERROR_INVALID_PARAMETER);
858 return INVALID_HANDLE_VALUE;
859 }
860
861 if (!dwEncodingType) dwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
862
863 if (fdwOpenFlags & CRYPTCAT_OPEN_ALWAYS) flags |= OPEN_ALWAYS;
864 if (fdwOpenFlags & CRYPTCAT_OPEN_CREATENEW) flags |= CREATE_NEW;
865
866 file = CreateFileW(pwszFileName, GENERIC_READ, FILE_SHARE_READ, NULL, flags, 0, NULL);
867 if (file == INVALID_HANDLE_VALUE) return INVALID_HANDLE_VALUE;
868
869 size = GetFileSize(file, NULL);
870 if (!(buffer = HeapAlloc(GetProcessHeap(), 0, size)))
871 {
872 CloseHandle(file);
873 SetLastError(ERROR_OUTOFMEMORY);
874 return INVALID_HANDLE_VALUE;
875 }
876 if (!(hmsg = CryptMsgOpenToDecode(dwEncodingType, 0, 0, hProv, NULL, NULL)))
877 {
878 CloseHandle(file);
879 HeapFree(GetProcessHeap(), 0, buffer);
880 return INVALID_HANDLE_VALUE;
881 }
882 if (!ReadFile(file, buffer, size, &size, NULL) || !CryptMsgUpdate(hmsg, buffer, size, TRUE))
883 {
884 CloseHandle(file);
885 HeapFree(GetProcessHeap(), 0, buffer);
886 CryptMsgClose(hmsg);
887 return INVALID_HANDLE_VALUE;
888 }
889 HeapFree(GetProcessHeap(), 0, buffer);
890 CloseHandle(file);
891
892 size = sizeof(DWORD);
893 if (!(cc = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*cc))))
894 {
895 CryptMsgClose(hmsg);
896 SetLastError(ERROR_OUTOFMEMORY);
897 return INVALID_HANDLE_VALUE;
898 }
899
900 cc->msg = hmsg;
901 cc->encoding = dwEncodingType;
902 if (CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_COUNT_PARAM, 0, &cc->attr_count, &size))
903 {
904 DWORD i, sum = 0;
905 BYTE *p;
906
907 for (i = 0; i < cc->attr_count; i++)
908 {
909 if (!CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_PARAM, i, NULL, &size))
910 {
911 CryptMsgClose(hmsg);
912 HeapFree(GetProcessHeap(), 0, cc);
913 return INVALID_HANDLE_VALUE;
914 }
915 sum += size;
916 }
917 if (!(cc->attr = HeapAlloc(GetProcessHeap(), 0, sizeof(*cc->attr) * cc->attr_count + sum)))
918 {
919 CryptMsgClose(hmsg);
920 HeapFree(GetProcessHeap(), 0, cc);
921 SetLastError(ERROR_OUTOFMEMORY);
922 return INVALID_HANDLE_VALUE;
923 }
924 p = (BYTE *)(cc->attr + cc->attr_count);
925 for (i = 0; i < cc->attr_count; i++)
926 {
927 if (!CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_PARAM, i, NULL, &size))
928 {
929 CryptMsgClose(hmsg);
930 HeapFree(GetProcessHeap(), 0, cc->attr);
931 HeapFree(GetProcessHeap(), 0, cc);
932 return INVALID_HANDLE_VALUE;
933 }
934 if (!CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_PARAM, i, p, &size))
935 {
936 CryptMsgClose(hmsg);
937 HeapFree(GetProcessHeap(), 0, cc->attr);
938 HeapFree(GetProcessHeap(), 0, cc);
939 return INVALID_HANDLE_VALUE;
940 }
941 p += size;
942 }
943 cc->inner = decode_inner_content(hmsg, dwEncodingType, &cc->inner_len);
944 if (!cc->inner || !CryptSIPRetrieveSubjectGuid(pwszFileName, NULL, &cc->subject))
945 {
946 CryptMsgClose(hmsg);
947 HeapFree(GetProcessHeap(), 0, cc->attr);
948 HeapFree(GetProcessHeap(), 0, cc->inner);
949 HeapFree(GetProcessHeap(), 0, cc);
950 return INVALID_HANDLE_VALUE;
951 }
952 cc->magic = CRYPTCAT_MAGIC;
953 return cc;
954 }
955 HeapFree(GetProcessHeap(), 0, cc);
956 return INVALID_HANDLE_VALUE;
957 }
958
959 /***********************************************************************
960 * CryptSIPCreateIndirectData (WINTRUST.@)
961 */
962 BOOL WINAPI CryptSIPCreateIndirectData(SIP_SUBJECTINFO* pSubjectInfo, DWORD* pcbIndirectData,
963 SIP_INDIRECT_DATA* pIndirectData)
964 {
965 FIXME("(%p %p %p) stub\n", pSubjectInfo, pcbIndirectData, pIndirectData);
966
967 return FALSE;
968 }
969
970
971 /***********************************************************************
972 * CryptCATCDFClose (WINTRUST.@)
973 */
974 BOOL WINAPI CryptCATCDFClose(CRYPTCATCDF *pCDF)
975 {
976 FIXME("(%p) stub\n", pCDF);
977
978 return FALSE;
979 }
980
981 /***********************************************************************
982 * CryptCATCDFEnumCatAttributes (WINTRUST.@)
983 */
984 CRYPTCATATTRIBUTE * WINAPI CryptCATCDFEnumCatAttributes(CRYPTCATCDF *pCDF,
985 CRYPTCATATTRIBUTE *pPrevAttr,
986 PFN_CDF_PARSE_ERROR_CALLBACK pfnParseError)
987 {
988 FIXME("(%p %p %p) stub\n", pCDF, pPrevAttr, pfnParseError);
989
990 return NULL;
991 }
992
993 /***********************************************************************
994 * CryptCATCDFEnumMembersByCDFTagEx (WINTRUST.@)
995 */
996 LPWSTR WINAPI CryptCATCDFEnumMembersByCDFTagEx(CRYPTCATCDF *pCDF, LPWSTR pwszPrevCDFTag,
997 PFN_CDF_PARSE_ERROR_CALLBACK pfnParseError,
998 CRYPTCATMEMBER **ppMember, BOOL fContinueOnError,
999 LPVOID pvReserved)
1000 {
1001 FIXME("(%p %s %p %p %d %p) stub\n", pCDF, debugstr_w(pwszPrevCDFTag), pfnParseError,
1002 ppMember, fContinueOnError, pvReserved);
1003
1004 return NULL;
1005 }
1006
1007 /***********************************************************************
1008 * CryptCATCDFOpen (WINTRUST.@)
1009 */
1010 CRYPTCATCDF * WINAPI CryptCATCDFOpen(LPWSTR pwszFilePath,
1011 PFN_CDF_PARSE_ERROR_CALLBACK pfnParseError)
1012 {
1013 FIXME("(%s %p) stub\n", debugstr_w(pwszFilePath), pfnParseError);
1014
1015 return NULL;
1016 }
1017
1018 static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
1019 DWORD *pdwEncodingType, DWORD dwIndex, DWORD *pcbSignedDataMsg,
1020 BYTE *pbSignedDataMsg)
1021 {
1022 BOOL ret;
1023 WIN_CERTIFICATE *pCert = NULL;
1024 HANDLE file;
1025
1026 TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1027 pcbSignedDataMsg, pbSignedDataMsg);
1028
1029 if(pSubjectInfo->hFile && pSubjectInfo->hFile!=INVALID_HANDLE_VALUE)
1030 file = pSubjectInfo->hFile;
1031 else
1032 {
1033 file = CreateFileW(pSubjectInfo->pwsFileName, GENERIC_READ,
1034 FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
1035 if(file == INVALID_HANDLE_VALUE)
1036 return FALSE;
1037 }
1038
1039 if (!pbSignedDataMsg)
1040 {
1041 WIN_CERTIFICATE cert;
1042
1043 /* app hasn't passed buffer, just get the length */
1044 ret = ImageGetCertificateHeader(file, dwIndex, &cert);
1045 if (ret)
1046 {
1047 switch (cert.wCertificateType)
1048 {
1049 case WIN_CERT_TYPE_X509:
1050 case WIN_CERT_TYPE_PKCS_SIGNED_DATA:
1051 *pcbSignedDataMsg = cert.dwLength;
1052 break;
1053 default:
1054 WARN("unknown certificate type %d\n", cert.wCertificateType);
1055 ret = FALSE;
1056 }
1057 }
1058 }
1059 else
1060 {
1061 DWORD len = 0;
1062
1063 ret = ImageGetCertificateData(file, dwIndex, NULL, &len);
1064 if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
1065 goto error;
1066 pCert = HeapAlloc(GetProcessHeap(), 0, len);
1067 if (!pCert)
1068 {
1069 ret = FALSE;
1070 goto error;
1071 }
1072 ret = ImageGetCertificateData(file, dwIndex, pCert, &len);
1073 if (!ret)
1074 goto error;
1075 pCert->dwLength -= FIELD_OFFSET(WIN_CERTIFICATE, bCertificate);
1076 if (*pcbSignedDataMsg < pCert->dwLength)
1077 {
1078 *pcbSignedDataMsg = pCert->dwLength;
1079 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1080 ret = FALSE;
1081 }
1082 else
1083 {
1084 memcpy(pbSignedDataMsg, pCert->bCertificate, pCert->dwLength);
1085 *pcbSignedDataMsg = pCert->dwLength;
1086 switch (pCert->wCertificateType)
1087 {
1088 case WIN_CERT_TYPE_X509:
1089 *pdwEncodingType = X509_ASN_ENCODING;
1090 break;
1091 case WIN_CERT_TYPE_PKCS_SIGNED_DATA:
1092 *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
1093 break;
1094 default:
1095 WARN("don't know what to do for encoding type %d\n",
1096 pCert->wCertificateType);
1097 *pdwEncodingType = 0;
1098 ret = FALSE;
1099 }
1100 }
1101 }
1102 error:
1103 if(pSubjectInfo->hFile != file)
1104 CloseHandle(file);
1105 HeapFree(GetProcessHeap(), 0, pCert);
1106 return ret;
1107 }
1108
1109 static BOOL WINTRUST_PutSignedMsgToPEFile(SIP_SUBJECTINFO* pSubjectInfo, DWORD pdwEncodingType,
1110 DWORD* pdwIndex, DWORD cbSignedDataMsg, BYTE* pbSignedDataMsg)
1111 {
1112 WIN_CERTIFICATE *cert;
1113 HANDLE file;
1114 DWORD size;
1115 BOOL ret;
1116
1117 if(pSubjectInfo->hFile && pSubjectInfo->hFile!=INVALID_HANDLE_VALUE)
1118 file = pSubjectInfo->hFile;
1119 else
1120 {
1121 file = CreateFileW(pSubjectInfo->pwsFileName, GENERIC_READ|GENERIC_WRITE,
1122 FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
1123 if(file == INVALID_HANDLE_VALUE)
1124 return FALSE;
1125 }
1126
1127 /* int aligned WIN_CERTIFICATE structure with cbSignedDataMsg+1 bytes of data */
1128 size = FIELD_OFFSET(WIN_CERTIFICATE, bCertificate[cbSignedDataMsg+4]) & (~3);
1129 cert = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, size);
1130 if(!cert)
1131 return FALSE;
1132
1133 cert->dwLength = size;
1134 cert->wRevision = WIN_CERT_REVISION_2_0;
1135 cert->wCertificateType = WIN_CERT_TYPE_PKCS_SIGNED_DATA;
1136 memcpy(cert->bCertificate, pbSignedDataMsg, cbSignedDataMsg);
1137 ret = ImageAddCertificate(file, cert, pdwIndex);
1138
1139 HeapFree(GetProcessHeap(), 0, cert);
1140 if(file != pSubjectInfo->hFile)
1141 CloseHandle(file);
1142 return ret;
1143 }
1144
1145 /* structure offsets */
1146 #define cfhead_Signature (0x00)
1147 #define cfhead_CabinetSize (0x08)
1148 #define cfhead_MinorVersion (0x18)
1149 #define cfhead_MajorVersion (0x19)
1150 #define cfhead_Flags (0x1E)
1151 #define cfhead_SIZEOF (0x24)
1152 #define cfheadext_HeaderReserved (0x00)
1153 #define cfheadext_SIZEOF (0x04)
1154 #define cfsigninfo_CertOffset (0x04)
1155 #define cfsigninfo_CertSize (0x08)
1156 #define cfsigninfo_SIZEOF (0x0C)
1157
1158 /* flags */
1159 #define cfheadRESERVE_PRESENT (0x0004)
1160
1161 /* endian-neutral reading of little-endian data */
1162 #define EndGetI32(a) ((((a)[3])<<24)|(((a)[2])<<16)|(((a)[1])<<8)|((a)[0]))
1163 #define EndGetI16(a) ((((a)[1])<<8)|((a)[0]))
1164
1165 /* For documentation purposes only: this is the structure in the reserved
1166 * area of a signed cabinet file. The cert offset indicates where in the
1167 * cabinet file the signature resides, and the count indicates its size.
1168 */
1169 typedef struct _CAB_SIGNINFO
1170 {
1171 WORD unk0; /* always 0? */
1172 WORD unk1; /* always 0x0010? */
1173 DWORD dwCertOffset;
1174 DWORD cbCertBlock;
1175 } CAB_SIGNINFO, *PCAB_SIGNINFO;
1176
1177 static BOOL WINTRUST_GetSignedMsgFromCabFile(SIP_SUBJECTINFO *pSubjectInfo,
1178 DWORD *pdwEncodingType, DWORD dwIndex, DWORD *pcbSignedDataMsg,
1179 BYTE *pbSignedDataMsg)
1180 {
1181 int header_resv;
1182 LONG base_offset, cabsize;
1183 USHORT flags;
1184 BYTE buf[64];
1185 DWORD cert_offset, cert_size, dwRead;
1186
1187 TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1188 pcbSignedDataMsg, pbSignedDataMsg);
1189
1190 /* get basic offset & size info */
1191 base_offset = SetFilePointer(pSubjectInfo->hFile, 0L, NULL, SEEK_CUR);
1192
1193 if (SetFilePointer(pSubjectInfo->hFile, 0, NULL, SEEK_END) == INVALID_SET_FILE_POINTER)
1194 {
1195 TRACE("seek error\n");
1196 return FALSE;
1197 }
1198
1199 cabsize = SetFilePointer(pSubjectInfo->hFile, 0L, NULL, SEEK_CUR);
1200 if ((cabsize == -1) || (base_offset == -1) ||
1201 (SetFilePointer(pSubjectInfo->hFile, 0, NULL, SEEK_SET) == INVALID_SET_FILE_POINTER))
1202 {
1203 TRACE("seek error\n");
1204 return FALSE;
1205 }
1206
1207 /* read in the CFHEADER */
1208 if (!ReadFile(pSubjectInfo->hFile, buf, cfhead_SIZEOF, &dwRead, NULL) ||
1209 dwRead != cfhead_SIZEOF)
1210 {
1211 TRACE("reading header failed\n");
1212 return FALSE;
1213 }
1214
1215 /* check basic MSCF signature */
1216 if (EndGetI32(buf+cfhead_Signature) != 0x4643534d)
1217 {
1218 WARN("cabinet signature not present\n");
1219 return FALSE;
1220 }
1221
1222 /* Ignore the number of folders and files and the set and cabinet IDs */
1223
1224 /* check the header revision */
1225 if ((buf[cfhead_MajorVersion] > 1) ||
1226 (buf[cfhead_MajorVersion] == 1 && buf[cfhead_MinorVersion] > 3))
1227 {
1228 WARN("cabinet format version > 1.3\n");
1229 return FALSE;
1230 }
1231
1232 /* pull the flags out */
1233 flags = EndGetI16(buf+cfhead_Flags);
1234
1235 if (!(flags & cfheadRESERVE_PRESENT))
1236 {
1237 TRACE("no header present, not signed\n");
1238 return FALSE;
1239 }
1240
1241 if (!ReadFile(pSubjectInfo->hFile, buf, cfheadext_SIZEOF, &dwRead, NULL) ||
1242 dwRead != cfheadext_SIZEOF)
1243 {
1244 ERR("bunk reserve-sizes?\n");
1245 return FALSE;
1246 }
1247
1248 header_resv = EndGetI16(buf+cfheadext_HeaderReserved);
1249 if (!header_resv)
1250 {
1251 TRACE("no header_resv, not signed\n");
1252 return FALSE;
1253 }
1254 else if (header_resv < cfsigninfo_SIZEOF)
1255 {
1256 TRACE("header_resv too small, not signed\n");
1257 return FALSE;
1258 }
1259
1260 if (header_resv > 60000)
1261 {
1262 WARN("WARNING; header reserved space > 60000\n");
1263 }
1264
1265 if (!ReadFile(pSubjectInfo->hFile, buf, cfsigninfo_SIZEOF, &dwRead, NULL) ||
1266 dwRead != cfsigninfo_SIZEOF)
1267 {
1268 ERR("couldn't read reserve\n");
1269 return FALSE;
1270 }
1271
1272 cert_offset = EndGetI32(buf+cfsigninfo_CertOffset);
1273 TRACE("cert_offset: %d\n", cert_offset);
1274 cert_size = EndGetI32(buf+cfsigninfo_CertSize);
1275 TRACE("cert_size: %d\n", cert_size);
1276
1277 /* The redundant checks are to avoid wraparound */
1278 if (cert_offset > cabsize || cert_size > cabsize ||
1279 cert_offset + cert_size > cabsize)
1280 {
1281 WARN("offset beyond file, not attempting to read\n");
1282 return FALSE;
1283 }
1284
1285 SetFilePointer(pSubjectInfo->hFile, base_offset, NULL, SEEK_SET);
1286 if (!pbSignedDataMsg)
1287 {
1288 *pcbSignedDataMsg = cert_size;
1289 return TRUE;
1290 }
1291 if (*pcbSignedDataMsg < cert_size)
1292 {
1293 *pcbSignedDataMsg = cert_size;
1294 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1295 return FALSE;
1296 }
1297 if (SetFilePointer(pSubjectInfo->hFile, cert_offset, NULL, SEEK_SET) == INVALID_SET_FILE_POINTER)
1298 {
1299 ERR("couldn't seek to cert location\n");
1300 return FALSE;
1301 }
1302 if (!ReadFile(pSubjectInfo->hFile, pbSignedDataMsg, cert_size, &dwRead,
1303 NULL) || dwRead != cert_size)
1304 {
1305 ERR("couldn't read cert\n");
1306 SetFilePointer(pSubjectInfo->hFile, base_offset, NULL, SEEK_SET);
1307 return FALSE;
1308 }
1309 /* The encoding of the files I've seen appears to be in ASN.1
1310 * format, and there isn't a field indicating the type, so assume it
1311 * always is.
1312 */
1313 *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
1314 /* Restore base offset */
1315 SetFilePointer(pSubjectInfo->hFile, base_offset, NULL, SEEK_SET);
1316 return TRUE;
1317 }
1318
1319 static BOOL WINTRUST_GetSignedMsgFromCatFile(SIP_SUBJECTINFO *pSubjectInfo,
1320 DWORD *pdwEncodingType, DWORD dwIndex, DWORD *pcbSignedDataMsg,
1321 BYTE *pbSignedDataMsg)
1322 {
1323 BOOL ret;
1324
1325 TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1326 pcbSignedDataMsg, pbSignedDataMsg);
1327
1328 if (!pbSignedDataMsg)
1329 {
1330 *pcbSignedDataMsg = GetFileSize(pSubjectInfo->hFile, NULL);
1331 ret = TRUE;
1332 }
1333 else
1334 {
1335 DWORD len = GetFileSize(pSubjectInfo->hFile, NULL);
1336
1337 if (*pcbSignedDataMsg < len)
1338 {
1339 *pcbSignedDataMsg = len;
1340 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1341 ret = FALSE;
1342 }
1343 else
1344 {
1345 ret = ReadFile(pSubjectInfo->hFile, pbSignedDataMsg, len,
1346 pcbSignedDataMsg, NULL);
1347 if (ret)
1348 *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
1349 }
1350 }
1351 return ret;
1352 }
1353
1354 /* GUIDs used by CryptSIPGetSignedDataMsg and CryptSIPPutSignedDataMsg */
1355 static const GUID unknown = { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,
1356 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
1357 static const GUID cabGUID = { 0xC689AABA, 0x8E78, 0x11D0, { 0x8C,0x47,
1358 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
1359 static const GUID catGUID = { 0xDE351A43, 0x8E59, 0x11D0, { 0x8C,0x47,
1360 0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
1361
1362 /***********************************************************************
1363 * CryptSIPGetSignedDataMsg (WINTRUST.@)
1364 */
1365 BOOL WINAPI CryptSIPGetSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo, DWORD* pdwEncodingType,
1366 DWORD dwIndex, DWORD* pcbSignedDataMsg, BYTE* pbSignedDataMsg)
1367 {
1368 BOOL ret;
1369
1370 TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1371 pcbSignedDataMsg, pbSignedDataMsg);
1372
1373 if(!pSubjectInfo)
1374 {
1375 SetLastError(ERROR_INVALID_PARAMETER);
1376 return FALSE;
1377 }
1378
1379 if (!memcmp(pSubjectInfo->pgSubjectType, &unknown, sizeof(unknown)))
1380 ret = WINTRUST_GetSignedMsgFromPEFile(pSubjectInfo, pdwEncodingType,
1381 dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
1382 else if (!memcmp(pSubjectInfo->pgSubjectType, &cabGUID, sizeof(cabGUID)))
1383 ret = WINTRUST_GetSignedMsgFromCabFile(pSubjectInfo, pdwEncodingType,
1384 dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
1385 else if (!memcmp(pSubjectInfo->pgSubjectType, &catGUID, sizeof(catGUID)))
1386 ret = WINTRUST_GetSignedMsgFromCatFile(pSubjectInfo, pdwEncodingType,
1387 dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
1388 else
1389 {
1390 FIXME("unimplemented for subject type %s\n",
1391 debugstr_guid(pSubjectInfo->pgSubjectType));
1392 ret = FALSE;
1393 }
1394
1395 TRACE("returning %d\n", ret);
1396 return ret;
1397 }
1398
1399 /***********************************************************************
1400 * CryptSIPPutSignedDataMsg (WINTRUST.@)
1401 */
1402 BOOL WINAPI CryptSIPPutSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo, DWORD pdwEncodingType,
1403 DWORD* pdwIndex, DWORD cbSignedDataMsg, BYTE* pbSignedDataMsg)
1404 {
1405 TRACE("(%p %d %p %d %p)\n", pSubjectInfo, pdwEncodingType, pdwIndex,
1406 cbSignedDataMsg, pbSignedDataMsg);
1407
1408 if(!pSubjectInfo) {
1409 SetLastError(ERROR_INVALID_PARAMETER);
1410 return FALSE;
1411 }
1412
1413 if(!memcmp(pSubjectInfo->pgSubjectType, &unknown, sizeof(unknown)))
1414 return WINTRUST_PutSignedMsgToPEFile(pSubjectInfo, pdwEncodingType,
1415 pdwIndex, cbSignedDataMsg, pbSignedDataMsg);
1416 else
1417 FIXME("unimplemented for subject type %s\n",
1418 debugstr_guid(pSubjectInfo->pgSubjectType));
1419
1420 return FALSE;
1421 }
1422
1423 /***********************************************************************
1424 * CryptSIPRemoveSignedDataMsg (WINTRUST.@)
1425 */
1426 BOOL WINAPI CryptSIPRemoveSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo,
1427 DWORD dwIndex)
1428 {
1429 FIXME("(%p %d) stub\n", pSubjectInfo, dwIndex);
1430
1431 return FALSE;
1432 }
1433
1434 /***********************************************************************
1435 * CryptSIPVerifyIndirectData (WINTRUST.@)
1436 */
1437 BOOL WINAPI CryptSIPVerifyIndirectData(SIP_SUBJECTINFO* pSubjectInfo,
1438 SIP_INDIRECT_DATA* pIndirectData)
1439 {
1440 FIXME("(%p %p) stub\n", pSubjectInfo, pIndirectData);
1441
1442 return FALSE;
1443 }
A free Windows-compatible Operating System