e6ca94c7c17f85fab67972b3dd6b7687b47ceb3d
[reactos.git] / reactos / dll / win32 / crypt32 / decode.c
1 /*
2 * Copyright 2005 Juan Lang
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 *
18 * This file implements ASN.1 DER decoding of a limited set of types.
19 * It isn't a full ASN.1 implementation. Microsoft implements BER
20 * encoding of many of the basic types in msasn1.dll, but that interface is
21 * undocumented, so I implement them here.
22 *
23 * References:
24 * "A Layman's Guide to a Subset of ASN.1, BER, and DER", by Burton Kaliski
25 * (available online, look for a PDF copy as the HTML versions tend to have
26 * translation errors.)
27 *
28 * RFC3280, http://www.faqs.org/rfcs/rfc3280.html
29 *
30 * MSDN, especially:
31 * http://msdn.microsoft.com/library/en-us/seccrypto/security/constants_for_cryptencodeobject_and_cryptdecodeobject.asp
32 */
33
34 #include <assert.h>
35 #include <stdarg.h>
36 #include <stdio.h>
37 #include <stdlib.h>
38
39 #define NONAMELESSUNION
40
41 #include "windef.h"
42 #include "winbase.h"
43 #include "excpt.h"
44 #include "wincrypt.h"
45 #include "winnls.h"
46 #include "winreg.h"
47 #include "snmp.h"
48 #include "wine/debug.h"
49 #include "wine/exception.h"
50 #include "crypt32_private.h"
51
52 /* This is a bit arbitrary, but to set some limit: */
53 #define MAX_ENCODED_LEN 0x02000000
54
55 #define ASN_FLAGS_MASK 0xe0
56 #define ASN_TYPE_MASK 0x1f
57
58 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
59
60 struct GenericArray
61 {
62 DWORD cItems;
63 BYTE *rgItems;
64 };
65
66 typedef BOOL (WINAPI *CryptDecodeObjectFunc)(DWORD, LPCSTR, const BYTE *,
67 DWORD, DWORD, void *, DWORD *);
68 typedef BOOL (WINAPI *CryptDecodeObjectExFunc)(DWORD, LPCSTR, const BYTE *,
69 DWORD, DWORD, PCRYPT_DECODE_PARA, void *, DWORD *);
70
71 /* Prototypes for built-in decoders. They follow the Ex style prototypes.
72 * The dwCertEncodingType and lpszStructType are ignored by the built-in
73 * functions, but the parameters are retained to simplify CryptDecodeObjectEx,
74 * since it must call functions in external DLLs that follow these signatures.
75 */
76 static BOOL WINAPI CRYPT_AsnDecodeChoiceOfTime(DWORD dwCertEncodingType,
77 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
78 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
79 static BOOL WINAPI CRYPT_AsnDecodePubKeyInfoInternal(DWORD dwCertEncodingType,
80 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
81 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
82 /* Like CRYPT_AsnDecodeExtensions, except assumes rgExtension is set ahead of
83 * time, doesn't do memory allocation, and doesn't do exception handling.
84 * (This isn't intended to be the externally-called one.)
85 */
86 static BOOL WINAPI CRYPT_AsnDecodeExtensionsInternal(DWORD dwCertEncodingType,
87 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
88 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
89 /* Assumes algo->Parameters.pbData is set ahead of time. Internal func. */
90 static BOOL WINAPI CRYPT_AsnDecodeAlgorithmId(DWORD dwCertEncodingType,
91 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
92 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
93 /* Internal function */
94 static BOOL WINAPI CRYPT_AsnDecodeBool(DWORD dwCertEncodingType,
95 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
96 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
97 /* Assumes the CRYPT_DATA_BLOB's pbData member has been initialized */
98 static BOOL WINAPI CRYPT_AsnDecodeOctetsInternal(DWORD dwCertEncodingType,
99 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
100 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
101 /* Like CRYPT_AsnDecodeBits, but assumes the CRYPT_INTEGER_BLOB's pbData
102 * member has been initialized, doesn't do exception handling, and doesn't do
103 * memory allocation.
104 */
105 static BOOL WINAPI CRYPT_AsnDecodeBitsInternal(DWORD dwCertEncodingType,
106 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
107 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
108 static BOOL WINAPI CRYPT_AsnDecodeBits(DWORD dwCertEncodingType,
109 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
110 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
111 static BOOL WINAPI CRYPT_AsnDecodeInt(DWORD dwCertEncodingType,
112 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
113 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
114 /* Like CRYPT_AsnDecodeInteger, but assumes the CRYPT_INTEGER_BLOB's pbData
115 * member has been initialized, doesn't do exception handling, and doesn't do
116 * memory allocation. Also doesn't check tag, assumes the caller has checked
117 * it.
118 */
119 static BOOL WINAPI CRYPT_AsnDecodeIntegerInternal(DWORD dwCertEncodingType,
120 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
121 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
122 /* Like CRYPT_AsnDecodeInteger, but unsigned. */
123 static BOOL WINAPI CRYPT_AsnDecodeUnsignedIntegerInternal(
124 DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded,
125 DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
126 void *pvStructInfo, DWORD *pcbStructInfo);
127
128 BOOL WINAPI CryptDecodeObject(DWORD dwCertEncodingType, LPCSTR lpszStructType,
129 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo,
130 DWORD *pcbStructInfo)
131 {
132 static HCRYPTOIDFUNCSET set = NULL;
133 BOOL ret = FALSE;
134 CryptDecodeObjectFunc pCryptDecodeObject;
135 HCRYPTOIDFUNCADDR hFunc;
136
137 TRACE("(0x%08x, %s, %p, %d, 0x%08x, %p, %p)\n", dwCertEncodingType,
138 debugstr_a(lpszStructType), pbEncoded, cbEncoded, dwFlags,
139 pvStructInfo, pcbStructInfo);
140
141 if (!pvStructInfo && !pcbStructInfo)
142 {
143 SetLastError(ERROR_INVALID_PARAMETER);
144 return FALSE;
145 }
146
147 /* Try registered DLL first.. */
148 if (!set)
149 set = CryptInitOIDFunctionSet(CRYPT_OID_DECODE_OBJECT_FUNC, 0);
150 CryptGetOIDFunctionAddress(set, dwCertEncodingType, lpszStructType, 0,
151 (void **)&pCryptDecodeObject, &hFunc);
152 if (pCryptDecodeObject)
153 {
154 ret = pCryptDecodeObject(dwCertEncodingType, lpszStructType,
155 pbEncoded, cbEncoded, dwFlags, pvStructInfo, pcbStructInfo);
156 CryptFreeOIDFunctionAddress(hFunc, 0);
157 }
158 else
159 {
160 /* If not, use CryptDecodeObjectEx */
161 ret = CryptDecodeObjectEx(dwCertEncodingType, lpszStructType, pbEncoded,
162 cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo);
163 }
164 return ret;
165 }
166
167 /* Gets the number of length bytes from the given (leading) length byte */
168 #define GET_LEN_BYTES(b) ((b) <= 0x7f ? 1 : 1 + ((b) & 0x7f))
169
170 /* Helper function to get the encoded length of the data starting at pbEncoded,
171 * where pbEncoded[0] is the tag. If the data are too short to contain a
172 * length or if the length is too large for cbEncoded, sets an appropriate
173 * error code and returns FALSE.
174 */
175 static BOOL WINAPI CRYPT_GetLen(const BYTE *pbEncoded, DWORD cbEncoded,
176 DWORD *len)
177 {
178 BOOL ret;
179
180 if (cbEncoded <= 1)
181 {
182 SetLastError(CRYPT_E_ASN1_CORRUPT);
183 ret = FALSE;
184 }
185 else if (pbEncoded[1] <= 0x7f)
186 {
187 if (pbEncoded[1] + 1 > cbEncoded)
188 {
189 SetLastError(CRYPT_E_ASN1_EOD);
190 ret = FALSE;
191 }
192 else
193 {
194 *len = pbEncoded[1];
195 ret = TRUE;
196 }
197 }
198 else
199 {
200 BYTE lenLen = GET_LEN_BYTES(pbEncoded[1]);
201
202 if (lenLen > sizeof(DWORD) + 1)
203 {
204 SetLastError(CRYPT_E_ASN1_LARGE);
205 ret = FALSE;
206 }
207 else if (lenLen + 2 > cbEncoded)
208 {
209 SetLastError(CRYPT_E_ASN1_CORRUPT);
210 ret = FALSE;
211 }
212 else
213 {
214 DWORD out = 0;
215
216 pbEncoded += 2;
217 while (--lenLen)
218 {
219 out <<= 8;
220 out |= *pbEncoded++;
221 }
222 if (out + lenLen + 1 > cbEncoded)
223 {
224 SetLastError(CRYPT_E_ASN1_EOD);
225 ret = FALSE;
226 }
227 else
228 {
229 *len = out;
230 ret = TRUE;
231 }
232 }
233 }
234 return ret;
235 }
236
237 /* Helper function to check *pcbStructInfo, set it to the required size, and
238 * optionally to allocate memory. Assumes pvStructInfo is not NULL.
239 * If CRYPT_DECODE_ALLOC_FLAG is set in dwFlags, *pvStructInfo will be set to a
240 * pointer to the newly allocated memory.
241 */
242 static BOOL CRYPT_DecodeEnsureSpace(DWORD dwFlags,
243 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo,
244 DWORD bytesNeeded)
245 {
246 BOOL ret = TRUE;
247
248 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
249 {
250 if (pDecodePara && pDecodePara->pfnAlloc)
251 *(BYTE **)pvStructInfo = pDecodePara->pfnAlloc(bytesNeeded);
252 else
253 *(BYTE **)pvStructInfo = LocalAlloc(0, bytesNeeded);
254 if (!*(BYTE **)pvStructInfo)
255 ret = FALSE;
256 else
257 *pcbStructInfo = bytesNeeded;
258 }
259 else if (*pcbStructInfo < bytesNeeded)
260 {
261 *pcbStructInfo = bytesNeeded;
262 SetLastError(ERROR_MORE_DATA);
263 ret = FALSE;
264 }
265 return ret;
266 }
267
268 /* tag:
269 * The expected tag of the item. If tag is 0, decodeFunc is called
270 * regardless of the tag value seen.
271 * offset:
272 * A sequence is decoded into a struct. The offset member is the
273 * offset of this item within that struct.
274 * decodeFunc:
275 * The decoder function to use. If this is NULL, then the member isn't
276 * decoded, but minSize space is reserved for it.
277 * minSize:
278 * The minimum amount of space occupied after decoding. You must set this.
279 * optional:
280 * If true, and the tag doesn't match the expected tag for this item,
281 * or the decodeFunc fails with CRYPT_E_ASN1_BADTAG, then minSize space is
282 * filled with 0 for this member.
283 * hasPointer, pointerOffset, minSize:
284 * If the item has dynamic data, set hasPointer to TRUE, pointerOffset to
285 * the offset within the (outer) struct of the data pointer (or to the
286 * first data pointer, if more than one exist).
287 * size:
288 * Used by CRYPT_AsnDecodeSequence, not for your use.
289 */
290 struct AsnDecodeSequenceItem
291 {
292 BYTE tag;
293 DWORD offset;
294 CryptDecodeObjectExFunc decodeFunc;
295 DWORD minSize;
296 BOOL optional;
297 BOOL hasPointer;
298 DWORD pointerOffset;
299 DWORD size;
300 };
301
302 static BOOL CRYPT_AsnDecodeSequenceItems(DWORD dwCertEncodingType,
303 struct AsnDecodeSequenceItem items[], DWORD cItem, const BYTE *pbEncoded,
304 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, BYTE *nextData)
305 {
306 BOOL ret;
307 DWORD i;
308 const BYTE *ptr;
309
310 ptr = pbEncoded + 1 + GET_LEN_BYTES(pbEncoded[1]);
311 for (i = 0, ret = TRUE; ret && i < cItem; i++)
312 {
313 if (cbEncoded - (ptr - pbEncoded) != 0)
314 {
315 DWORD nextItemLen;
316
317 if ((ret = CRYPT_GetLen(ptr, cbEncoded - (ptr - pbEncoded),
318 &nextItemLen)))
319 {
320 BYTE nextItemLenBytes = GET_LEN_BYTES(ptr[1]);
321
322 if (ptr[0] == items[i].tag || !items[i].tag)
323 {
324 if (nextData && pvStructInfo && items[i].hasPointer)
325 {
326 TRACE("Setting next pointer to %p\n",
327 nextData);
328 *(BYTE **)((BYTE *)pvStructInfo +
329 items[i].pointerOffset) = nextData;
330 }
331 if (items[i].decodeFunc)
332 {
333 if (pvStructInfo)
334 TRACE("decoding item %d\n", i);
335 else
336 TRACE("sizing item %d\n", i);
337 ret = items[i].decodeFunc(dwCertEncodingType,
338 NULL, ptr, 1 + nextItemLenBytes + nextItemLen,
339 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL,
340 pvStructInfo ? (BYTE *)pvStructInfo + items[i].offset
341 : NULL, &items[i].size);
342 if (ret)
343 {
344 if (nextData && items[i].hasPointer &&
345 items[i].size > items[i].minSize)
346 {
347 nextData += items[i].size - items[i].minSize;
348 /* align nextData to DWORD boundaries */
349 if (items[i].size % sizeof(DWORD))
350 nextData += sizeof(DWORD) - items[i].size %
351 sizeof(DWORD);
352 }
353 /* Account for alignment padding */
354 if (items[i].size % sizeof(DWORD))
355 items[i].size += sizeof(DWORD) -
356 items[i].size % sizeof(DWORD);
357 ptr += 1 + nextItemLenBytes + nextItemLen;
358 }
359 else if (items[i].optional &&
360 GetLastError() == CRYPT_E_ASN1_BADTAG)
361 {
362 TRACE("skipping optional item %d\n", i);
363 items[i].size = items[i].minSize;
364 SetLastError(NOERROR);
365 ret = TRUE;
366 }
367 else
368 TRACE("item %d failed: %08x\n", i,
369 GetLastError());
370 }
371 else
372 items[i].size = items[i].minSize;
373 }
374 else if (items[i].optional)
375 {
376 TRACE("skipping optional item %d\n", i);
377 items[i].size = items[i].minSize;
378 }
379 else
380 {
381 TRACE("tag %02x doesn't match expected %02x\n",
382 ptr[0], items[i].tag);
383 SetLastError(CRYPT_E_ASN1_BADTAG);
384 ret = FALSE;
385 }
386 }
387 }
388 else if (items[i].optional)
389 {
390 TRACE("missing optional item %d, skipping\n", i);
391 items[i].size = items[i].minSize;
392 }
393 else
394 {
395 TRACE("not enough bytes for item %d, failing\n", i);
396 SetLastError(CRYPT_E_ASN1_CORRUPT);
397 ret = FALSE;
398 }
399 }
400 if (cbEncoded - (ptr - pbEncoded) != 0)
401 {
402 TRACE("%d remaining bytes, failing\n", cbEncoded -
403 (ptr - pbEncoded));
404 SetLastError(CRYPT_E_ASN1_CORRUPT);
405 ret = FALSE;
406 }
407 return ret;
408 }
409
410 /* This decodes an arbitrary sequence into a contiguous block of memory
411 * (basically, a struct.) Each element being decoded is described by a struct
412 * AsnDecodeSequenceItem, see above.
413 * startingPointer is an optional pointer to the first place where dynamic
414 * data will be stored. If you know the starting offset, you may pass it
415 * here. Otherwise, pass NULL, and one will be inferred from the items.
416 * Each item decoder is never called with CRYPT_DECODE_ALLOC_FLAG set.
417 * If any undecoded data are left over, fails with CRYPT_E_ASN1_CORRUPT.
418 */
419 static BOOL CRYPT_AsnDecodeSequence(DWORD dwCertEncodingType,
420 struct AsnDecodeSequenceItem items[], DWORD cItem, const BYTE *pbEncoded,
421 DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
422 void *pvStructInfo, DWORD *pcbStructInfo, void *startingPointer)
423 {
424 BOOL ret;
425
426 TRACE("%p, %d, %p, %d, %08x, %p, %p, %d, %p\n", items, cItem, pbEncoded,
427 cbEncoded, dwFlags, pDecodePara, pvStructInfo, *pcbStructInfo,
428 startingPointer);
429
430 if (pbEncoded[0] == ASN_SEQUENCE)
431 {
432 DWORD dataLen;
433
434 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
435 {
436 DWORD i;
437
438 ret = CRYPT_AsnDecodeSequenceItems(dwFlags, items, cItem, pbEncoded,
439 cbEncoded, dwFlags, NULL, NULL);
440 if (ret)
441 {
442 DWORD bytesNeeded = 0, structSize = 0;
443
444 for (i = 0; i < cItem; i++)
445 {
446 bytesNeeded += items[i].size;
447 structSize += items[i].minSize;
448 }
449 if (!pvStructInfo)
450 *pcbStructInfo = bytesNeeded;
451 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags,
452 pDecodePara, pvStructInfo, pcbStructInfo, bytesNeeded)))
453 {
454 BYTE *nextData;
455
456 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
457 pvStructInfo = *(BYTE **)pvStructInfo;
458 if (startingPointer)
459 nextData = (BYTE *)startingPointer;
460 else
461 nextData = (BYTE *)pvStructInfo + structSize;
462 memset(pvStructInfo, 0, structSize);
463 ret = CRYPT_AsnDecodeSequenceItems(dwFlags, items, cItem,
464 pbEncoded, cbEncoded, dwFlags, pvStructInfo, nextData);
465 }
466 }
467 }
468 }
469 else
470 {
471 SetLastError(CRYPT_E_ASN1_BADTAG);
472 ret = FALSE;
473 }
474 TRACE("returning %d (%08x)\n", ret, GetLastError());
475 return ret;
476 }
477
478 /* tag:
479 * The expected tag of the entire encoded array (usually a variant
480 * of ASN_SETOF or ASN_SEQUENCEOF.)
481 * decodeFunc:
482 * used to decode each item in the array
483 * itemSize:
484 * is the minimum size of each decoded item
485 * hasPointer:
486 * indicates whether each item has a dynamic pointer
487 * pointerOffset:
488 * indicates the offset within itemSize at which the pointer exists
489 */
490 struct AsnArrayDescriptor
491 {
492 BYTE tag;
493 CryptDecodeObjectExFunc decodeFunc;
494 DWORD itemSize;
495 BOOL hasPointer;
496 DWORD pointerOffset;
497 };
498
499 struct AsnArrayItemSize
500 {
501 DWORD encodedLen;
502 DWORD size;
503 };
504
505 /* Decodes an array of like types into a struct GenericArray.
506 * The layout and decoding of the array are described by a struct
507 * AsnArrayDescriptor.
508 */
509 static BOOL CRYPT_AsnDecodeArray(const struct AsnArrayDescriptor *arrayDesc,
510 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
511 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo,
512 void *startingPointer)
513 {
514 BOOL ret = TRUE;
515
516 TRACE("%p, %p, %d, %08x, %p, %p, %d, %p\n", arrayDesc, pbEncoded,
517 cbEncoded, dwFlags, pDecodePara, pvStructInfo, *pcbStructInfo,
518 startingPointer);
519
520 if (pbEncoded[0] == arrayDesc->tag)
521 {
522 DWORD dataLen;
523
524 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
525 {
526 DWORD bytesNeeded, cItems = 0;
527 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
528 /* There can be arbitrarily many items, but there is often only one.
529 */
530 struct AsnArrayItemSize itemSize = { 0 }, *itemSizes = &itemSize;
531
532 bytesNeeded = sizeof(struct GenericArray);
533 if (dataLen)
534 {
535 const BYTE *ptr;
536
537 for (ptr = pbEncoded + 1 + lenBytes; ret &&
538 ptr - pbEncoded - 1 - lenBytes < dataLen; )
539 {
540 DWORD itemLenBytes, itemDataLen, size;
541
542 itemLenBytes = GET_LEN_BYTES(ptr[1]);
543 /* Each item decoded may not tolerate extraneous bytes, so
544 * get the length of the next element and pass it directly.
545 */
546 ret = CRYPT_GetLen(ptr, cbEncoded - (ptr - pbEncoded),
547 &itemDataLen);
548 if (ret)
549 ret = arrayDesc->decodeFunc(X509_ASN_ENCODING, 0, ptr,
550 1 + itemLenBytes + itemDataLen,
551 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, NULL,
552 &size);
553 if (ret)
554 {
555 DWORD nextLen;
556
557 cItems++;
558 if (itemSizes != &itemSize)
559 itemSizes = CryptMemRealloc(itemSizes,
560 cItems * sizeof(struct AsnArrayItemSize));
561 else
562 {
563 itemSizes =
564 CryptMemAlloc(
565 cItems * sizeof(struct AsnArrayItemSize));
566 if (itemSizes)
567 memcpy(itemSizes, &itemSize, sizeof(itemSize));
568 }
569 if (itemSizes)
570 {
571 itemSizes[cItems - 1].encodedLen = 1 + itemLenBytes
572 + itemDataLen;
573 itemSizes[cItems - 1].size = size;
574 bytesNeeded += size;
575 ret = CRYPT_GetLen(ptr,
576 cbEncoded - (ptr - pbEncoded), &nextLen);
577 if (ret)
578 ptr += nextLen + 1 + GET_LEN_BYTES(ptr[1]);
579 }
580 else
581 ret = FALSE;
582 }
583 }
584 }
585 if (ret)
586 {
587 if (!pvStructInfo)
588 *pcbStructInfo = bytesNeeded;
589 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags,
590 pDecodePara, pvStructInfo, pcbStructInfo, bytesNeeded)))
591 {
592 DWORD i;
593 BYTE *nextData;
594 const BYTE *ptr;
595 struct GenericArray *array;
596
597 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
598 pvStructInfo = *(BYTE **)pvStructInfo;
599 array = (struct GenericArray *)pvStructInfo;
600 array->cItems = cItems;
601 if (startingPointer)
602 array->rgItems = startingPointer;
603 else
604 array->rgItems = (BYTE *)array +
605 sizeof(struct GenericArray);
606 nextData = (BYTE *)array->rgItems +
607 array->cItems * arrayDesc->itemSize;
608 for (i = 0, ptr = pbEncoded + 1 + lenBytes; ret &&
609 i < cItems && ptr - pbEncoded - 1 - lenBytes <
610 dataLen; i++)
611 {
612 if (arrayDesc->hasPointer)
613 *(BYTE **)(array->rgItems + i * arrayDesc->itemSize
614 + arrayDesc->pointerOffset) = nextData;
615 ret = arrayDesc->decodeFunc(X509_ASN_ENCODING, 0, ptr,
616 itemSizes[i].encodedLen,
617 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL,
618 array->rgItems + i * arrayDesc->itemSize,
619 &itemSizes[i].size);
620 if (ret)
621 {
622 DWORD nextLen;
623
624 nextData += itemSizes[i].size - arrayDesc->itemSize;
625 ret = CRYPT_GetLen(ptr,
626 cbEncoded - (ptr - pbEncoded), &nextLen);
627 if (ret)
628 ptr += nextLen + 1 + GET_LEN_BYTES(ptr[1]);
629 }
630 }
631 }
632 }
633 if (itemSizes != &itemSize)
634 CryptMemFree(itemSizes);
635 }
636 }
637 else
638 {
639 SetLastError(CRYPT_E_ASN1_BADTAG);
640 ret = FALSE;
641 }
642 return ret;
643 }
644
645 /* Decodes a DER-encoded BLOB into a CRYPT_DER_BLOB struct pointed to by
646 * pvStructInfo. The BLOB must be non-empty, otherwise the last error is set
647 * to CRYPT_E_ASN1_CORRUPT.
648 * Warning: assumes the CRYPT_DER_BLOB pointed to by pvStructInfo has pbData
649 * set!
650 */
651 static BOOL WINAPI CRYPT_AsnDecodeDerBlob(DWORD dwCertEncodingType,
652 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
653 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
654 {
655 BOOL ret;
656 DWORD dataLen;
657
658 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
659 {
660 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
661 DWORD bytesNeeded = sizeof(CRYPT_DER_BLOB);
662
663 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
664 bytesNeeded += 1 + lenBytes + dataLen;
665
666 if (!pvStructInfo)
667 *pcbStructInfo = bytesNeeded;
668 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
669 pvStructInfo, pcbStructInfo, bytesNeeded)))
670 {
671 CRYPT_DER_BLOB *blob;
672
673 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
674 pvStructInfo = *(BYTE **)pvStructInfo;
675 blob = (CRYPT_DER_BLOB *)pvStructInfo;
676 blob->cbData = 1 + lenBytes + dataLen;
677 if (blob->cbData)
678 {
679 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
680 blob->pbData = (BYTE *)pbEncoded;
681 else
682 {
683 assert(blob->pbData);
684 memcpy(blob->pbData, pbEncoded, blob->cbData);
685 }
686 }
687 else
688 {
689 SetLastError(CRYPT_E_ASN1_CORRUPT);
690 ret = FALSE;
691 }
692 }
693 }
694 return ret;
695 }
696
697 /* Like CRYPT_AsnDecodeBitsInternal, but swaps the bytes */
698 static BOOL WINAPI CRYPT_AsnDecodeBitsSwapBytes(DWORD dwCertEncodingType,
699 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
700 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
701 {
702 BOOL ret;
703
704 TRACE("(%p, %d, 0x%08x, %p, %p, %d)\n", pbEncoded, cbEncoded, dwFlags,
705 pDecodePara, pvStructInfo, *pcbStructInfo);
706
707 /* Can't use the CRYPT_DECODE_NOCOPY_FLAG, because we modify the bytes in-
708 * place.
709 */
710 ret = CRYPT_AsnDecodeBitsInternal(dwCertEncodingType, lpszStructType,
711 pbEncoded, cbEncoded, dwFlags & ~CRYPT_DECODE_NOCOPY_FLAG, pDecodePara,
712 pvStructInfo, pcbStructInfo);
713 if (ret && pvStructInfo)
714 {
715 CRYPT_BIT_BLOB *blob = (CRYPT_BIT_BLOB *)pvStructInfo;
716
717 if (blob->cbData)
718 {
719 DWORD i;
720 BYTE temp;
721
722 for (i = 0; i < blob->cbData / 2; i++)
723 {
724 temp = blob->pbData[i];
725 blob->pbData[i] = blob->pbData[blob->cbData - i - 1];
726 blob->pbData[blob->cbData - i - 1] = temp;
727 }
728 }
729 }
730 TRACE("returning %d (%08x)\n", ret, GetLastError());
731 return ret;
732 }
733
734 static BOOL WINAPI CRYPT_AsnDecodeCertSignedContent(DWORD dwCertEncodingType,
735 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
736 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
737 {
738 BOOL ret = TRUE;
739
740 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
741 pDecodePara, pvStructInfo, *pcbStructInfo);
742
743 __TRY
744 {
745 struct AsnDecodeSequenceItem items[] = {
746 { 0, offsetof(CERT_SIGNED_CONTENT_INFO, ToBeSigned),
747 CRYPT_AsnDecodeDerBlob, sizeof(CRYPT_DER_BLOB), FALSE, TRUE,
748 offsetof(CERT_SIGNED_CONTENT_INFO, ToBeSigned.pbData), 0 },
749 { ASN_SEQUENCEOF, offsetof(CERT_SIGNED_CONTENT_INFO,
750 SignatureAlgorithm), CRYPT_AsnDecodeAlgorithmId,
751 sizeof(CRYPT_ALGORITHM_IDENTIFIER), FALSE, TRUE,
752 offsetof(CERT_SIGNED_CONTENT_INFO, SignatureAlgorithm.pszObjId), 0 },
753 { ASN_BITSTRING, offsetof(CERT_SIGNED_CONTENT_INFO, Signature),
754 CRYPT_AsnDecodeBitsSwapBytes, sizeof(CRYPT_BIT_BLOB), FALSE, TRUE,
755 offsetof(CERT_SIGNED_CONTENT_INFO, Signature.pbData), 0 },
756 };
757
758 if (dwFlags & CRYPT_DECODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG)
759 items[2].decodeFunc = CRYPT_AsnDecodeBitsInternal;
760 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
761 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
762 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
763 }
764 __EXCEPT_PAGE_FAULT
765 {
766 SetLastError(STATUS_ACCESS_VIOLATION);
767 ret = FALSE;
768 }
769 __ENDTRY
770
771 TRACE("Returning %d (%08x)\n", ret, GetLastError());
772 return ret;
773 }
774
775 /* Internal function */
776 static BOOL WINAPI CRYPT_AsnDecodeCertVersion(DWORD dwCertEncodingType,
777 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
778 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
779 {
780 BOOL ret;
781 DWORD dataLen;
782
783 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
784 {
785 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
786
787 ret = CRYPT_AsnDecodeInt(dwCertEncodingType, X509_INTEGER,
788 pbEncoded + 1 + lenBytes, dataLen, dwFlags, pDecodePara,
789 pvStructInfo, pcbStructInfo);
790 }
791 return ret;
792 }
793
794 static BOOL WINAPI CRYPT_AsnDecodeValidity(DWORD dwCertEncodingType,
795 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
796 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
797 {
798 BOOL ret;
799
800 struct AsnDecodeSequenceItem items[] = {
801 { 0, offsetof(CERT_PRIVATE_KEY_VALIDITY, NotBefore),
802 CRYPT_AsnDecodeChoiceOfTime, sizeof(FILETIME), FALSE, FALSE, 0 },
803 { 0, offsetof(CERT_PRIVATE_KEY_VALIDITY, NotAfter),
804 CRYPT_AsnDecodeChoiceOfTime, sizeof(FILETIME), FALSE, FALSE, 0 },
805 };
806
807 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
808 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
809 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
810 return ret;
811 }
812
813 /* Internal function */
814 static BOOL WINAPI CRYPT_AsnDecodeCertExtensions(DWORD dwCertEncodingType,
815 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
816 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
817 {
818 BOOL ret;
819 DWORD dataLen;
820
821 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
822 {
823 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
824
825 ret = CRYPT_AsnDecodeExtensionsInternal(dwCertEncodingType,
826 X509_EXTENSIONS, pbEncoded + 1 + lenBytes, dataLen, dwFlags,
827 pDecodePara, pvStructInfo, pcbStructInfo);
828 }
829 return ret;
830 }
831
832 static BOOL WINAPI CRYPT_AsnDecodeCertInfo(DWORD dwCertEncodingType,
833 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
834 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
835 {
836 BOOL ret = TRUE;
837 struct AsnDecodeSequenceItem items[] = {
838 { ASN_CONTEXT | ASN_CONSTRUCTOR, offsetof(CERT_INFO, dwVersion),
839 CRYPT_AsnDecodeCertVersion, sizeof(DWORD), TRUE, FALSE, 0, 0 },
840 { ASN_INTEGER, offsetof(CERT_INFO, SerialNumber),
841 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB), FALSE,
842 TRUE, offsetof(CERT_INFO, SerialNumber.pbData), 0 },
843 { ASN_SEQUENCEOF, offsetof(CERT_INFO, SignatureAlgorithm),
844 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
845 FALSE, TRUE, offsetof(CERT_INFO, SignatureAlgorithm.pszObjId), 0 },
846 { 0, offsetof(CERT_INFO, Issuer), CRYPT_AsnDecodeDerBlob,
847 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CERT_INFO,
848 Issuer.pbData) },
849 { ASN_SEQUENCEOF, offsetof(CERT_INFO, NotBefore),
850 CRYPT_AsnDecodeValidity, sizeof(CERT_PRIVATE_KEY_VALIDITY), FALSE,
851 FALSE, 0 },
852 { 0, offsetof(CERT_INFO, Subject), CRYPT_AsnDecodeDerBlob,
853 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CERT_INFO,
854 Subject.pbData) },
855 { ASN_SEQUENCEOF, offsetof(CERT_INFO, SubjectPublicKeyInfo),
856 CRYPT_AsnDecodePubKeyInfoInternal, sizeof(CERT_PUBLIC_KEY_INFO),
857 FALSE, TRUE, offsetof(CERT_INFO,
858 SubjectPublicKeyInfo.Algorithm.Parameters.pbData), 0 },
859 { ASN_BITSTRING, offsetof(CERT_INFO, IssuerUniqueId),
860 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), TRUE, TRUE,
861 offsetof(CERT_INFO, IssuerUniqueId.pbData), 0 },
862 { ASN_BITSTRING, offsetof(CERT_INFO, SubjectUniqueId),
863 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), TRUE, TRUE,
864 offsetof(CERT_INFO, SubjectUniqueId.pbData), 0 },
865 { ASN_CONTEXT | ASN_CONSTRUCTOR | 3, offsetof(CERT_INFO, cExtension),
866 CRYPT_AsnDecodeCertExtensions, sizeof(CERT_EXTENSIONS), TRUE, TRUE,
867 offsetof(CERT_INFO, rgExtension), 0 },
868 };
869
870 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
871 pDecodePara, pvStructInfo, *pcbStructInfo);
872
873 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
874 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
875 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
876
877 TRACE("Returning %d (%08x)\n", ret, GetLastError());
878 return ret;
879 }
880
881 static BOOL WINAPI CRYPT_AsnDecodeCert(DWORD dwCertEncodingType,
882 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
883 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
884 {
885 BOOL ret = TRUE;
886
887 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
888 pDecodePara, pvStructInfo, *pcbStructInfo);
889
890 __TRY
891 {
892 PCERT_SIGNED_CONTENT_INFO signedCert = NULL;
893 DWORD size = 0;
894
895 /* First try to decode it as a signed cert. */
896 ret = CRYPT_AsnDecodeCertSignedContent(dwCertEncodingType, X509_CERT,
897 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL,
898 (BYTE *)&signedCert, &size);
899 if (ret)
900 {
901 size = 0;
902 ret = CRYPT_AsnDecodeCertInfo(dwCertEncodingType,
903 X509_CERT_TO_BE_SIGNED, signedCert->ToBeSigned.pbData,
904 signedCert->ToBeSigned.cbData, dwFlags, pDecodePara, pvStructInfo,
905 pcbStructInfo);
906 LocalFree(signedCert);
907 }
908 /* Failing that, try it as an unsigned cert */
909 if (!ret)
910 {
911 size = 0;
912 ret = CRYPT_AsnDecodeCertInfo(dwCertEncodingType,
913 X509_CERT_TO_BE_SIGNED, pbEncoded, cbEncoded, dwFlags,
914 pDecodePara, pvStructInfo, pcbStructInfo);
915 }
916 }
917 __EXCEPT_PAGE_FAULT
918 {
919 SetLastError(STATUS_ACCESS_VIOLATION);
920 ret = FALSE;
921 }
922 __ENDTRY
923
924 TRACE("Returning %d (%08x)\n", ret, GetLastError());
925 return ret;
926 }
927
928 static BOOL WINAPI CRYPT_AsnDecodeCRLEntry(DWORD dwCertEncodingType,
929 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
930 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
931 {
932 BOOL ret;
933 struct AsnDecodeSequenceItem items[] = {
934 { ASN_INTEGER, offsetof(CRL_ENTRY, SerialNumber),
935 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB), FALSE, TRUE,
936 offsetof(CRL_ENTRY, SerialNumber.pbData), 0 },
937 { 0, offsetof(CRL_ENTRY, RevocationDate), CRYPT_AsnDecodeChoiceOfTime,
938 sizeof(FILETIME), FALSE, FALSE, 0 },
939 { ASN_SEQUENCEOF, offsetof(CRL_ENTRY, cExtension),
940 CRYPT_AsnDecodeExtensionsInternal, sizeof(CERT_EXTENSIONS), TRUE, TRUE,
941 offsetof(CRL_ENTRY, rgExtension), 0 },
942 };
943 PCRL_ENTRY entry = (PCRL_ENTRY)pvStructInfo;
944
945 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags, entry,
946 *pcbStructInfo);
947
948 ret = CRYPT_AsnDecodeSequence(X509_ASN_ENCODING, items,
949 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
950 NULL, entry, pcbStructInfo, entry ? entry->SerialNumber.pbData : NULL);
951 return ret;
952 }
953
954 /* Warning: assumes pvStructInfo is a struct GenericArray whose rgItems has
955 * been set prior to calling.
956 */
957 static BOOL WINAPI CRYPT_AsnDecodeCRLEntries(DWORD dwCertEncodingType,
958 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
959 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
960 {
961 BOOL ret;
962 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
963 CRYPT_AsnDecodeCRLEntry, sizeof(CRL_ENTRY), TRUE,
964 offsetof(CRL_ENTRY, SerialNumber.pbData) };
965 struct GenericArray *entries = (struct GenericArray *)pvStructInfo;
966
967 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
968 pDecodePara, pvStructInfo, *pcbStructInfo);
969
970 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
971 pDecodePara, pvStructInfo, pcbStructInfo,
972 entries ? entries->rgItems : NULL);
973 TRACE("Returning %d (%08x)\n", ret, GetLastError());
974 return ret;
975 }
976
977 static BOOL WINAPI CRYPT_AsnDecodeCRLInfo(DWORD dwCertEncodingType,
978 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
979 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
980 {
981 struct AsnDecodeSequenceItem items[] = {
982 { ASN_INTEGER, offsetof(CRL_INFO, dwVersion),
983 CRYPT_AsnDecodeInt, sizeof(DWORD), TRUE, FALSE, 0, 0 },
984 { ASN_SEQUENCEOF, offsetof(CRL_INFO, SignatureAlgorithm),
985 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
986 FALSE, TRUE, offsetof(CRL_INFO, SignatureAlgorithm.pszObjId), 0 },
987 { 0, offsetof(CRL_INFO, Issuer), CRYPT_AsnDecodeDerBlob,
988 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CRL_INFO,
989 Issuer.pbData) },
990 { 0, offsetof(CRL_INFO, ThisUpdate), CRYPT_AsnDecodeChoiceOfTime,
991 sizeof(FILETIME), FALSE, FALSE, 0 },
992 { 0, offsetof(CRL_INFO, NextUpdate), CRYPT_AsnDecodeChoiceOfTime,
993 sizeof(FILETIME), TRUE, FALSE, 0 },
994 { ASN_SEQUENCEOF, offsetof(CRL_INFO, cCRLEntry),
995 CRYPT_AsnDecodeCRLEntries, sizeof(struct GenericArray), TRUE, TRUE,
996 offsetof(CRL_INFO, rgCRLEntry), 0 },
997 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CRL_INFO, cExtension),
998 CRYPT_AsnDecodeCertExtensions, sizeof(CERT_EXTENSIONS), TRUE, TRUE,
999 offsetof(CRL_INFO, rgExtension), 0 },
1000 };
1001 BOOL ret = TRUE;
1002
1003 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1004 pDecodePara, pvStructInfo, *pcbStructInfo);
1005
1006 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
1007 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
1008 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
1009
1010 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1011 return ret;
1012 }
1013
1014 static BOOL WINAPI CRYPT_AsnDecodeCRL(DWORD dwCertEncodingType,
1015 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1016 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1017 {
1018 BOOL ret = TRUE;
1019
1020 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1021 pDecodePara, pvStructInfo, *pcbStructInfo);
1022
1023 __TRY
1024 {
1025 PCERT_SIGNED_CONTENT_INFO signedCrl = NULL;
1026 DWORD size = 0;
1027
1028 /* First try to decode it as a signed crl. */
1029 ret = CRYPT_AsnDecodeCertSignedContent(dwCertEncodingType, X509_CERT,
1030 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL,
1031 (BYTE *)&signedCrl, &size);
1032 if (ret)
1033 {
1034 size = 0;
1035 ret = CRYPT_AsnDecodeCRLInfo(dwCertEncodingType,
1036 X509_CERT_CRL_TO_BE_SIGNED, signedCrl->ToBeSigned.pbData,
1037 signedCrl->ToBeSigned.cbData, dwFlags, pDecodePara,
1038 pvStructInfo, pcbStructInfo);
1039 LocalFree(signedCrl);
1040 }
1041 /* Failing that, try it as an unsigned crl */
1042 if (!ret)
1043 {
1044 size = 0;
1045 ret = CRYPT_AsnDecodeCRLInfo(dwCertEncodingType,
1046 X509_CERT_CRL_TO_BE_SIGNED, pbEncoded, cbEncoded,
1047 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo);
1048 }
1049 }
1050 __EXCEPT_PAGE_FAULT
1051 {
1052 SetLastError(STATUS_ACCESS_VIOLATION);
1053 ret = FALSE;
1054 }
1055 __ENDTRY
1056
1057 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1058 return ret;
1059 }
1060
1061 static BOOL WINAPI CRYPT_AsnDecodeOidInternal(DWORD dwCertEncodingType,
1062 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1063 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1064 {
1065 BOOL ret = TRUE;
1066
1067 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1068 pDecodePara, pvStructInfo, *pcbStructInfo);
1069
1070 if (pbEncoded[0] == ASN_OBJECTIDENTIFIER)
1071 {
1072 DWORD dataLen;
1073
1074 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1075 {
1076 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1077 DWORD bytesNeeded = sizeof(LPSTR);
1078
1079 if (dataLen)
1080 {
1081 /* The largest possible string for the first two components
1082 * is 2.175 (= 2 * 40 + 175 = 255), so this is big enough.
1083 */
1084 char firstTwo[6];
1085 const BYTE *ptr;
1086
1087 snprintf(firstTwo, sizeof(firstTwo), "%d.%d",
1088 pbEncoded[1 + lenBytes] / 40,
1089 pbEncoded[1 + lenBytes] - (pbEncoded[1 + lenBytes] / 40)
1090 * 40);
1091 bytesNeeded += strlen(firstTwo) + 1;
1092 for (ptr = pbEncoded + 2 + lenBytes; ret &&
1093 ptr - pbEncoded - 1 - lenBytes < dataLen; )
1094 {
1095 /* large enough for ".4000000" */
1096 char str[9];
1097 int val = 0;
1098
1099 while (ptr - pbEncoded - 1 - lenBytes < dataLen &&
1100 (*ptr & 0x80))
1101 {
1102 val <<= 7;
1103 val |= *ptr & 0x7f;
1104 ptr++;
1105 }
1106 if (ptr - pbEncoded - 1 - lenBytes >= dataLen ||
1107 (*ptr & 0x80))
1108 {
1109 SetLastError(CRYPT_E_ASN1_CORRUPT);
1110 ret = FALSE;
1111 }
1112 else
1113 {
1114 val <<= 7;
1115 val |= *ptr++;
1116 snprintf(str, sizeof(str), ".%d", val);
1117 bytesNeeded += strlen(str);
1118 }
1119 }
1120 }
1121 if (!pvStructInfo)
1122 *pcbStructInfo = bytesNeeded;
1123 else if (*pcbStructInfo < bytesNeeded)
1124 {
1125 *pcbStructInfo = bytesNeeded;
1126 SetLastError(ERROR_MORE_DATA);
1127 ret = FALSE;
1128 }
1129 else
1130 {
1131 if (dataLen)
1132 {
1133 const BYTE *ptr;
1134 LPSTR pszObjId = *(LPSTR *)pvStructInfo;
1135
1136 *pszObjId = 0;
1137 sprintf(pszObjId, "%d.%d", pbEncoded[1 + lenBytes] / 40,
1138 pbEncoded[1 + lenBytes] - (pbEncoded[1 + lenBytes] /
1139 40) * 40);
1140 pszObjId += strlen(pszObjId);
1141 for (ptr = pbEncoded + 2 + lenBytes; ret &&
1142 ptr - pbEncoded - 1 - lenBytes < dataLen; )
1143 {
1144 int val = 0;
1145
1146 while (ptr - pbEncoded - 1 - lenBytes < dataLen &&
1147 (*ptr & 0x80))
1148 {
1149 val <<= 7;
1150 val |= *ptr & 0x7f;
1151 ptr++;
1152 }
1153 val <<= 7;
1154 val |= *ptr++;
1155 sprintf(pszObjId, ".%d", val);
1156 pszObjId += strlen(pszObjId);
1157 }
1158 }
1159 else
1160 *(LPSTR *)pvStructInfo = NULL;
1161 *pcbStructInfo = bytesNeeded;
1162 }
1163 }
1164 }
1165 return ret;
1166 }
1167
1168 /* Warning: assumes pvStructInfo is a CERT_EXTENSION whose pszObjId is set
1169 * ahead of time!
1170 */
1171 static BOOL WINAPI CRYPT_AsnDecodeExtension(DWORD dwCertEncodingType,
1172 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1173 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1174 {
1175 struct AsnDecodeSequenceItem items[] = {
1176 { ASN_OBJECTIDENTIFIER, offsetof(CERT_EXTENSION, pszObjId),
1177 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), FALSE, TRUE,
1178 offsetof(CERT_EXTENSION, pszObjId), 0 },
1179 { ASN_BOOL, offsetof(CERT_EXTENSION, fCritical), CRYPT_AsnDecodeBool,
1180 sizeof(BOOL), TRUE, FALSE, 0, 0 },
1181 { ASN_OCTETSTRING, offsetof(CERT_EXTENSION, Value),
1182 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_OBJID_BLOB), FALSE, TRUE,
1183 offsetof(CERT_EXTENSION, Value.pbData) },
1184 };
1185 BOOL ret = TRUE;
1186 PCERT_EXTENSION ext = (PCERT_EXTENSION)pvStructInfo;
1187
1188 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags, ext,
1189 *pcbStructInfo);
1190
1191 if (ext)
1192 TRACE("ext->pszObjId is %p\n", ext->pszObjId);
1193 ret = CRYPT_AsnDecodeSequence(X509_ASN_ENCODING, items,
1194 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags, NULL,
1195 ext, pcbStructInfo, ext ? ext->pszObjId : NULL);
1196 if (ext)
1197 TRACE("ext->pszObjId is %p (%s)\n", ext->pszObjId,
1198 debugstr_a(ext->pszObjId));
1199 TRACE("returning %d (%08x)\n", ret, GetLastError());
1200 return ret;
1201 }
1202
1203 static BOOL WINAPI CRYPT_AsnDecodeExtensionsInternal(DWORD dwCertEncodingType,
1204 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1205 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1206 {
1207 BOOL ret = TRUE;
1208 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1209 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
1210 offsetof(CERT_EXTENSION, pszObjId) };
1211 PCERT_EXTENSIONS exts = (PCERT_EXTENSIONS)pvStructInfo;
1212
1213 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1214 pDecodePara, pvStructInfo, *pcbStructInfo);
1215
1216 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
1217 pDecodePara, pvStructInfo, pcbStructInfo, exts ? exts->rgExtension : NULL);
1218 return ret;
1219 }
1220
1221 static BOOL WINAPI CRYPT_AsnDecodeExtensions(DWORD dwCertEncodingType,
1222 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1223 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1224 {
1225 BOOL ret = TRUE;
1226
1227 __TRY
1228 {
1229 ret = CRYPT_AsnDecodeExtensionsInternal(dwCertEncodingType,
1230 lpszStructType, pbEncoded, cbEncoded,
1231 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, NULL, pcbStructInfo);
1232 if (ret && pvStructInfo)
1233 {
1234 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
1235 pcbStructInfo, *pcbStructInfo);
1236 if (ret)
1237 {
1238 CERT_EXTENSIONS *exts;
1239
1240 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1241 pvStructInfo = *(BYTE **)pvStructInfo;
1242 exts = (CERT_EXTENSIONS *)pvStructInfo;
1243 exts->rgExtension = (CERT_EXTENSION *)((BYTE *)exts +
1244 sizeof(CERT_EXTENSIONS));
1245 ret = CRYPT_AsnDecodeExtensionsInternal(dwCertEncodingType,
1246 lpszStructType, pbEncoded, cbEncoded,
1247 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pvStructInfo,
1248 pcbStructInfo);
1249 }
1250 }
1251 }
1252 __EXCEPT_PAGE_FAULT
1253 {
1254 SetLastError(STATUS_ACCESS_VIOLATION);
1255 ret = FALSE;
1256 }
1257 __ENDTRY
1258 return ret;
1259 }
1260
1261 /* Warning: this assumes the address of value->Value.pbData is already set, in
1262 * order to avoid overwriting memory. (In some cases, it may change it, if it
1263 * doesn't copy anything to memory.) Be sure to set it correctly!
1264 */
1265 static BOOL WINAPI CRYPT_AsnDecodeNameValueInternal(DWORD dwCertEncodingType,
1266 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1267 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1268 {
1269 BOOL ret = TRUE;
1270 DWORD dataLen;
1271 CERT_NAME_VALUE *value = (CERT_NAME_VALUE *)pvStructInfo;
1272
1273 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1274 {
1275 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1276 DWORD bytesNeeded = sizeof(CERT_NAME_VALUE), valueType;
1277
1278 switch (pbEncoded[0])
1279 {
1280 case ASN_OCTETSTRING:
1281 valueType = CERT_RDN_OCTET_STRING;
1282 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1283 bytesNeeded += dataLen;
1284 break;
1285 case ASN_NUMERICSTRING:
1286 valueType = CERT_RDN_NUMERIC_STRING;
1287 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1288 bytesNeeded += dataLen;
1289 break;
1290 case ASN_PRINTABLESTRING:
1291 valueType = CERT_RDN_PRINTABLE_STRING;
1292 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1293 bytesNeeded += dataLen;
1294 break;
1295 case ASN_IA5STRING:
1296 valueType = CERT_RDN_IA5_STRING;
1297 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1298 bytesNeeded += dataLen;
1299 break;
1300 case ASN_T61STRING:
1301 valueType = CERT_RDN_T61_STRING;
1302 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1303 bytesNeeded += dataLen;
1304 break;
1305 case ASN_VIDEOTEXSTRING:
1306 valueType = CERT_RDN_VIDEOTEX_STRING;
1307 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1308 bytesNeeded += dataLen;
1309 break;
1310 case ASN_GRAPHICSTRING:
1311 valueType = CERT_RDN_GRAPHIC_STRING;
1312 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1313 bytesNeeded += dataLen;
1314 break;
1315 case ASN_VISIBLESTRING:
1316 valueType = CERT_RDN_VISIBLE_STRING;
1317 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1318 bytesNeeded += dataLen;
1319 break;
1320 case ASN_GENERALSTRING:
1321 valueType = CERT_RDN_GENERAL_STRING;
1322 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1323 bytesNeeded += dataLen;
1324 break;
1325 case ASN_UNIVERSALSTRING:
1326 FIXME("ASN_UNIVERSALSTRING: unimplemented\n");
1327 SetLastError(CRYPT_E_ASN1_BADTAG);
1328 return FALSE;
1329 case ASN_BMPSTRING:
1330 valueType = CERT_RDN_BMP_STRING;
1331 bytesNeeded += dataLen;
1332 break;
1333 case ASN_UTF8STRING:
1334 valueType = CERT_RDN_UTF8_STRING;
1335 bytesNeeded += MultiByteToWideChar(CP_UTF8, 0,
1336 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen, NULL, 0) * 2;
1337 break;
1338 default:
1339 SetLastError(CRYPT_E_ASN1_BADTAG);
1340 return FALSE;
1341 }
1342
1343 if (!value)
1344 *pcbStructInfo = bytesNeeded;
1345 else if (*pcbStructInfo < bytesNeeded)
1346 {
1347 *pcbStructInfo = bytesNeeded;
1348 SetLastError(ERROR_MORE_DATA);
1349 ret = FALSE;
1350 }
1351 else
1352 {
1353 *pcbStructInfo = bytesNeeded;
1354 value->dwValueType = valueType;
1355 if (dataLen)
1356 {
1357 DWORD i;
1358
1359 assert(value->Value.pbData);
1360 switch (pbEncoded[0])
1361 {
1362 case ASN_OCTETSTRING:
1363 case ASN_NUMERICSTRING:
1364 case ASN_PRINTABLESTRING:
1365 case ASN_IA5STRING:
1366 case ASN_T61STRING:
1367 case ASN_VIDEOTEXSTRING:
1368 case ASN_GRAPHICSTRING:
1369 case ASN_VISIBLESTRING:
1370 case ASN_GENERALSTRING:
1371 value->Value.cbData = dataLen;
1372 if (dataLen)
1373 {
1374 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1375 memcpy(value->Value.pbData,
1376 pbEncoded + 1 + lenBytes, dataLen);
1377 else
1378 value->Value.pbData = (LPBYTE)pbEncoded + 1 +
1379 lenBytes;
1380 }
1381 break;
1382 case ASN_BMPSTRING:
1383 {
1384 LPWSTR str = (LPWSTR)value->Value.pbData;
1385
1386 value->Value.cbData = dataLen;
1387 for (i = 0; i < dataLen / 2; i++)
1388 str[i] = (pbEncoded[1 + lenBytes + 2 * i] << 8) |
1389 pbEncoded[1 + lenBytes + 2 * i + 1];
1390 break;
1391 }
1392 case ASN_UTF8STRING:
1393 {
1394 LPWSTR str = (LPWSTR)value->Value.pbData;
1395
1396 value->Value.cbData = MultiByteToWideChar(CP_UTF8, 0,
1397 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen,
1398 str, bytesNeeded - sizeof(CERT_NAME_VALUE)) * 2;
1399 break;
1400 }
1401 }
1402 }
1403 else
1404 {
1405 value->Value.cbData = 0;
1406 value->Value.pbData = NULL;
1407 }
1408 }
1409 }
1410 return ret;
1411 }
1412
1413 static BOOL WINAPI CRYPT_AsnDecodeNameValue(DWORD dwCertEncodingType,
1414 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1415 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1416 {
1417 BOOL ret = TRUE;
1418
1419 __TRY
1420 {
1421 ret = CRYPT_AsnDecodeNameValueInternal(dwCertEncodingType,
1422 lpszStructType, pbEncoded, cbEncoded,
1423 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, NULL, pcbStructInfo);
1424 if (ret && pvStructInfo)
1425 {
1426 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
1427 pcbStructInfo, *pcbStructInfo);
1428 if (ret)
1429 {
1430 CERT_NAME_VALUE *value;
1431
1432 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1433 pvStructInfo = *(BYTE **)pvStructInfo;
1434 value = (CERT_NAME_VALUE *)pvStructInfo;
1435 value->Value.pbData = ((BYTE *)value + sizeof(CERT_NAME_VALUE));
1436 ret = CRYPT_AsnDecodeNameValueInternal(dwCertEncodingType,
1437 lpszStructType, pbEncoded, cbEncoded,
1438 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pvStructInfo,
1439 pcbStructInfo);
1440 }
1441 }
1442 }
1443 __EXCEPT_PAGE_FAULT
1444 {
1445 SetLastError(STATUS_ACCESS_VIOLATION);
1446 ret = FALSE;
1447 }
1448 __ENDTRY
1449 return ret;
1450 }
1451
1452 static BOOL WINAPI CRYPT_AsnDecodeUnicodeNameValueInternal(
1453 DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded,
1454 DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
1455 void *pvStructInfo, DWORD *pcbStructInfo)
1456 {
1457 BOOL ret = TRUE;
1458 DWORD dataLen;
1459 CERT_NAME_VALUE *value = (CERT_NAME_VALUE *)pvStructInfo;
1460
1461 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1462 {
1463 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1464 DWORD bytesNeeded = sizeof(CERT_NAME_VALUE), valueType;
1465
1466 switch (pbEncoded[0])
1467 {
1468 case ASN_NUMERICSTRING:
1469 valueType = CERT_RDN_NUMERIC_STRING;
1470 bytesNeeded += dataLen * 2;
1471 break;
1472 case ASN_PRINTABLESTRING:
1473 valueType = CERT_RDN_PRINTABLE_STRING;
1474 bytesNeeded += dataLen * 2;
1475 break;
1476 case ASN_IA5STRING:
1477 valueType = CERT_RDN_IA5_STRING;
1478 bytesNeeded += dataLen * 2;
1479 break;
1480 case ASN_T61STRING:
1481 valueType = CERT_RDN_T61_STRING;
1482 bytesNeeded += dataLen * 2;
1483 break;
1484 case ASN_VIDEOTEXSTRING:
1485 valueType = CERT_RDN_VIDEOTEX_STRING;
1486 bytesNeeded += dataLen * 2;
1487 break;
1488 case ASN_GRAPHICSTRING:
1489 valueType = CERT_RDN_GRAPHIC_STRING;
1490 bytesNeeded += dataLen * 2;
1491 break;
1492 case ASN_VISIBLESTRING:
1493 valueType = CERT_RDN_VISIBLE_STRING;
1494 bytesNeeded += dataLen * 2;
1495 break;
1496 case ASN_GENERALSTRING:
1497 valueType = CERT_RDN_GENERAL_STRING;
1498 bytesNeeded += dataLen * 2;
1499 break;
1500 case ASN_UNIVERSALSTRING:
1501 valueType = CERT_RDN_UNIVERSAL_STRING;
1502 bytesNeeded += dataLen / 2;
1503 break;
1504 case ASN_BMPSTRING:
1505 valueType = CERT_RDN_BMP_STRING;
1506 bytesNeeded += dataLen;
1507 break;
1508 case ASN_UTF8STRING:
1509 valueType = CERT_RDN_UTF8_STRING;
1510 bytesNeeded += MultiByteToWideChar(CP_UTF8, 0,
1511 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen, NULL, 0) * 2;
1512 break;
1513 default:
1514 SetLastError(CRYPT_E_ASN1_BADTAG);
1515 return FALSE;
1516 }
1517
1518 if (!value)
1519 *pcbStructInfo = bytesNeeded;
1520 else if (*pcbStructInfo < bytesNeeded)
1521 {
1522 *pcbStructInfo = bytesNeeded;
1523 SetLastError(ERROR_MORE_DATA);
1524 ret = FALSE;
1525 }
1526 else
1527 {
1528 *pcbStructInfo = bytesNeeded;
1529 value->dwValueType = valueType;
1530 if (dataLen)
1531 {
1532 DWORD i;
1533 LPWSTR str = (LPWSTR)value->Value.pbData;
1534
1535 assert(value->Value.pbData);
1536 switch (pbEncoded[0])
1537 {
1538 case ASN_NUMERICSTRING:
1539 case ASN_PRINTABLESTRING:
1540 case ASN_IA5STRING:
1541 case ASN_T61STRING:
1542 case ASN_VIDEOTEXSTRING:
1543 case ASN_GRAPHICSTRING:
1544 case ASN_VISIBLESTRING:
1545 case ASN_GENERALSTRING:
1546 value->Value.cbData = dataLen * 2;
1547 for (i = 0; i < dataLen; i++)
1548 str[i] = pbEncoded[1 + lenBytes + i];
1549 break;
1550 case ASN_UNIVERSALSTRING:
1551 value->Value.cbData = dataLen / 2;
1552 for (i = 0; i < dataLen / 4; i++)
1553 str[i] = (pbEncoded[1 + lenBytes + 2 * i + 2] << 8)
1554 | pbEncoded[1 + lenBytes + 2 * i + 3];
1555 break;
1556 case ASN_BMPSTRING:
1557 value->Value.cbData = dataLen;
1558 for (i = 0; i < dataLen / 2; i++)
1559 str[i] = (pbEncoded[1 + lenBytes + 2 * i] << 8) |
1560 pbEncoded[1 + lenBytes + 2 * i + 1];
1561 break;
1562 case ASN_UTF8STRING:
1563 value->Value.cbData = MultiByteToWideChar(CP_UTF8, 0,
1564 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen,
1565 str, bytesNeeded - sizeof(CERT_NAME_VALUE)) * 2;
1566 break;
1567 }
1568 }
1569 else
1570 {
1571 value->Value.cbData = 0;
1572 value->Value.pbData = NULL;
1573 }
1574 }
1575 }
1576 return ret;
1577 }
1578
1579 static BOOL WINAPI CRYPT_AsnDecodeUnicodeNameValue(DWORD dwCertEncodingType,
1580 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1581 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1582 {
1583 BOOL ret = TRUE;
1584
1585 __TRY
1586 {
1587 ret = CRYPT_AsnDecodeUnicodeNameValueInternal(dwCertEncodingType,
1588 lpszStructType, pbEncoded, cbEncoded,
1589 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, NULL, pcbStructInfo);
1590 if (ret && pvStructInfo)
1591 {
1592 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
1593 pcbStructInfo, *pcbStructInfo);
1594 if (ret)
1595 {
1596 CERT_NAME_VALUE *value;
1597
1598 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1599 pvStructInfo = *(BYTE **)pvStructInfo;
1600 value = (CERT_NAME_VALUE *)pvStructInfo;
1601 value->Value.pbData = ((BYTE *)value + sizeof(CERT_NAME_VALUE));
1602 ret = CRYPT_AsnDecodeUnicodeNameValueInternal(
1603 dwCertEncodingType, lpszStructType, pbEncoded, cbEncoded,
1604 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pvStructInfo,
1605 pcbStructInfo);
1606 }
1607 }
1608 }
1609 __EXCEPT_PAGE_FAULT
1610 {
1611 SetLastError(STATUS_ACCESS_VIOLATION);
1612 ret = FALSE;
1613 }
1614 __ENDTRY
1615 return ret;
1616 }
1617
1618 static BOOL WINAPI CRYPT_AsnDecodeRdnAttr(DWORD dwCertEncodingType,
1619 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1620 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1621 {
1622 BOOL ret;
1623 struct AsnDecodeSequenceItem items[] = {
1624 { ASN_OBJECTIDENTIFIER, offsetof(CERT_RDN_ATTR, pszObjId),
1625 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), FALSE, TRUE,
1626 offsetof(CERT_RDN_ATTR, pszObjId), 0 },
1627 { 0, offsetof(CERT_RDN_ATTR, dwValueType),
1628 CRYPT_AsnDecodeNameValueInternal, sizeof(CERT_NAME_VALUE),
1629 FALSE, TRUE, offsetof(CERT_RDN_ATTR, Value.pbData), 0 },
1630 };
1631 CERT_RDN_ATTR *attr = (CERT_RDN_ATTR *)pvStructInfo;
1632
1633 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1634 pvStructInfo, *pcbStructInfo);
1635
1636 if (attr)
1637 TRACE("attr->pszObjId is %p\n", attr->pszObjId);
1638 ret = CRYPT_AsnDecodeSequence(X509_ASN_ENCODING, items,
1639 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags, NULL,
1640 attr, pcbStructInfo, attr ? attr->pszObjId : NULL);
1641 if (attr)
1642 {
1643 TRACE("attr->pszObjId is %p (%s)\n", attr->pszObjId,
1644 debugstr_a(attr->pszObjId));
1645 TRACE("attr->dwValueType is %d\n", attr->dwValueType);
1646 }
1647 TRACE("returning %d (%08x)\n", ret, GetLastError());
1648 return ret;
1649 }
1650
1651 static BOOL WINAPI CRYPT_AsnDecodeRdn(DWORD dwCertEncodingType,
1652 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1653 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1654 {
1655 BOOL ret = TRUE;
1656 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
1657 CRYPT_AsnDecodeRdnAttr, sizeof(CERT_RDN_ATTR), TRUE,
1658 offsetof(CERT_RDN_ATTR, pszObjId) };
1659 PCERT_RDN rdn = (PCERT_RDN)pvStructInfo;
1660
1661 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
1662 pDecodePara, pvStructInfo, pcbStructInfo, rdn ? rdn->rgRDNAttr : NULL);
1663 return ret;
1664 }
1665
1666 static BOOL WINAPI CRYPT_AsnDecodeName(DWORD dwCertEncodingType,
1667 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1668 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1669 {
1670 BOOL ret = TRUE;
1671
1672 __TRY
1673 {
1674 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1675 CRYPT_AsnDecodeRdn, sizeof(CERT_RDN), TRUE,
1676 offsetof(CERT_RDN, rgRDNAttr) };
1677
1678 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
1679 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
1680 }
1681 __EXCEPT_PAGE_FAULT
1682 {
1683 SetLastError(STATUS_ACCESS_VIOLATION);
1684 ret = FALSE;
1685 }
1686 __ENDTRY
1687 return ret;
1688 }
1689
1690 static BOOL WINAPI CRYPT_AsnDecodeUnicodeRdnAttr(DWORD dwCertEncodingType,
1691 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1692 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1693 {
1694 BOOL ret;
1695 struct AsnDecodeSequenceItem items[] = {
1696 { ASN_OBJECTIDENTIFIER, offsetof(CERT_RDN_ATTR, pszObjId),
1697 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), FALSE, TRUE,
1698 offsetof(CERT_RDN_ATTR, pszObjId), 0 },
1699 { 0, offsetof(CERT_RDN_ATTR, dwValueType),
1700 CRYPT_AsnDecodeUnicodeNameValueInternal, sizeof(CERT_NAME_VALUE),
1701 FALSE, TRUE, offsetof(CERT_RDN_ATTR, Value.pbData), 0 },
1702 };
1703 CERT_RDN_ATTR *attr = (CERT_RDN_ATTR *)pvStructInfo;
1704
1705 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1706 pvStructInfo, *pcbStructInfo);
1707
1708 if (attr)
1709 TRACE("attr->pszObjId is %p\n", attr->pszObjId);
1710 ret = CRYPT_AsnDecodeSequence(X509_ASN_ENCODING, items,
1711 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags, NULL,
1712 attr, pcbStructInfo, attr ? attr->pszObjId : NULL);
1713 if (attr)
1714 {
1715 TRACE("attr->pszObjId is %p (%s)\n", attr->pszObjId,
1716 debugstr_a(attr->pszObjId));
1717 TRACE("attr->dwValueType is %d\n", attr->dwValueType);
1718 }
1719 TRACE("returning %d (%08x)\n", ret, GetLastError());
1720 return ret;
1721 }
1722
1723 static BOOL WINAPI CRYPT_AsnDecodeUnicodeRdn(DWORD dwCertEncodingType,
1724 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1725 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1726 {
1727 BOOL ret = TRUE;
1728 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
1729 CRYPT_AsnDecodeUnicodeRdnAttr, sizeof(CERT_RDN_ATTR), TRUE,
1730 offsetof(CERT_RDN_ATTR, pszObjId) };
1731 PCERT_RDN rdn = (PCERT_RDN)pvStructInfo;
1732
1733 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
1734 pDecodePara, pvStructInfo, pcbStructInfo, rdn ? rdn->rgRDNAttr : NULL);
1735 return ret;
1736 }
1737
1738 static BOOL WINAPI CRYPT_AsnDecodeUnicodeName(DWORD dwCertEncodingType,
1739 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1740 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1741 {
1742 BOOL ret = TRUE;
1743
1744 __TRY
1745 {
1746 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1747 CRYPT_AsnDecodeUnicodeRdn, sizeof(CERT_RDN), TRUE,
1748 offsetof(CERT_RDN, rgRDNAttr) };
1749
1750 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
1751 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
1752 }
1753 __EXCEPT_PAGE_FAULT
1754 {
1755 SetLastError(STATUS_ACCESS_VIOLATION);
1756 ret = FALSE;
1757 }
1758 __ENDTRY
1759 return ret;
1760 }
1761
1762 static BOOL WINAPI CRYPT_AsnDecodeCopyBytes(DWORD dwCertEncodingType,
1763 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1764 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1765 {
1766 BOOL ret = TRUE;
1767 DWORD bytesNeeded = sizeof(CRYPT_OBJID_BLOB);
1768
1769 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1770 pDecodePara, pvStructInfo, *pcbStructInfo);
1771
1772 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1773 bytesNeeded += cbEncoded;
1774 if (!pvStructInfo)
1775 *pcbStructInfo = bytesNeeded;
1776 else if (*pcbStructInfo < bytesNeeded)
1777 {
1778 SetLastError(ERROR_MORE_DATA);
1779 *pcbStructInfo = bytesNeeded;
1780 ret = FALSE;
1781 }
1782 else
1783 {
1784 PCRYPT_OBJID_BLOB blob = (PCRYPT_OBJID_BLOB)pvStructInfo;
1785
1786 *pcbStructInfo = bytesNeeded;
1787 blob->cbData = cbEncoded;
1788 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
1789 blob->pbData = (LPBYTE)pbEncoded;
1790 else
1791 {
1792 assert(blob->pbData);
1793 memcpy(blob->pbData, pbEncoded, blob->cbData);
1794 }
1795 }
1796 return ret;
1797 }
1798
1799 static BOOL WINAPI CRYPT_AsnDecodeAlgorithmId(DWORD dwCertEncodingType,
1800 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1801 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1802 {
1803 CRYPT_ALGORITHM_IDENTIFIER *algo =
1804 (CRYPT_ALGORITHM_IDENTIFIER *)pvStructInfo;
1805 BOOL ret = TRUE;
1806 struct AsnDecodeSequenceItem items[] = {
1807 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_ALGORITHM_IDENTIFIER, pszObjId),
1808 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), FALSE, TRUE,
1809 offsetof(CRYPT_ALGORITHM_IDENTIFIER, pszObjId), 0 },
1810 { 0, offsetof(CRYPT_ALGORITHM_IDENTIFIER, Parameters),
1811 CRYPT_AsnDecodeCopyBytes, sizeof(CRYPT_OBJID_BLOB), TRUE, TRUE,
1812 offsetof(CRYPT_ALGORITHM_IDENTIFIER, Parameters.pbData), 0 },
1813 };
1814
1815 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1816 pDecodePara, pvStructInfo, *pcbStructInfo);
1817
1818 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
1819 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
1820 pDecodePara, pvStructInfo, pcbStructInfo, algo ? algo->pszObjId : NULL);
1821 if (ret && pvStructInfo)
1822 {
1823 TRACE("pszObjId is %p (%s)\n", algo->pszObjId,
1824 debugstr_a(algo->pszObjId));
1825 }
1826 return ret;
1827 }
1828
1829 static BOOL WINAPI CRYPT_AsnDecodePubKeyInfoInternal(DWORD dwCertEncodingType,
1830 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1831 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1832 {
1833 BOOL ret = TRUE;
1834 struct AsnDecodeSequenceItem items[] = {
1835 { ASN_SEQUENCEOF, offsetof(CERT_PUBLIC_KEY_INFO, Algorithm),
1836 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
1837 FALSE, TRUE, offsetof(CERT_PUBLIC_KEY_INFO,
1838 Algorithm.pszObjId) },
1839 { ASN_BITSTRING, offsetof(CERT_PUBLIC_KEY_INFO, PublicKey),
1840 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), FALSE, TRUE,
1841 offsetof(CERT_PUBLIC_KEY_INFO, PublicKey.pbData) },
1842 };
1843 PCERT_PUBLIC_KEY_INFO info = (PCERT_PUBLIC_KEY_INFO)pvStructInfo;
1844
1845 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
1846 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
1847 pDecodePara, pvStructInfo, pcbStructInfo, info ?
1848 info->Algorithm.Parameters.pbData : NULL);
1849 return ret;
1850 }
1851
1852 static BOOL WINAPI CRYPT_AsnDecodePubKeyInfo(DWORD dwCertEncodingType,
1853 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1854 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1855 {
1856 BOOL ret = TRUE;
1857
1858 __TRY
1859 {
1860 DWORD bytesNeeded;
1861
1862 if ((ret = CRYPT_AsnDecodePubKeyInfoInternal(dwCertEncodingType,
1863 lpszStructType, pbEncoded, cbEncoded,
1864 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, NULL, &bytesNeeded)))
1865 {
1866 if (!pvStructInfo)
1867 *pcbStructInfo = bytesNeeded;
1868 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
1869 pvStructInfo, pcbStructInfo, bytesNeeded)))
1870 {
1871 PCERT_PUBLIC_KEY_INFO info;
1872
1873 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1874 pvStructInfo = *(BYTE **)pvStructInfo;
1875 info = (PCERT_PUBLIC_KEY_INFO)pvStructInfo;
1876 info->Algorithm.Parameters.pbData = (BYTE *)pvStructInfo +
1877 sizeof(CERT_PUBLIC_KEY_INFO);
1878 ret = CRYPT_AsnDecodePubKeyInfoInternal(dwCertEncodingType,
1879 lpszStructType, pbEncoded, cbEncoded,
1880 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pvStructInfo,
1881 &bytesNeeded);
1882 }
1883 }
1884 }
1885 __EXCEPT_PAGE_FAULT
1886 {
1887 SetLastError(STATUS_ACCESS_VIOLATION);
1888 ret = FALSE;
1889 }
1890 __ENDTRY
1891 return ret;
1892 }
1893
1894 static BOOL WINAPI CRYPT_AsnDecodeBool(DWORD dwCertEncodingType,
1895 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1896 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1897 {
1898 BOOL ret;
1899
1900 if (cbEncoded < 3)
1901 {
1902 SetLastError(CRYPT_E_ASN1_CORRUPT);
1903 return FALSE;
1904 }
1905 if (GET_LEN_BYTES(pbEncoded[1]) > 1)
1906 {
1907 SetLastError(CRYPT_E_ASN1_CORRUPT);
1908 return FALSE;
1909 }
1910 if (pbEncoded[1] > 1)
1911 {
1912 SetLastError(CRYPT_E_ASN1_CORRUPT);
1913 return FALSE;
1914 }
1915 if (!pvStructInfo)
1916 {
1917 *pcbStructInfo = sizeof(BOOL);
1918 ret = TRUE;
1919 }
1920 else if (*pcbStructInfo < sizeof(BOOL))
1921 {
1922 *pcbStructInfo = sizeof(BOOL);
1923 SetLastError(ERROR_MORE_DATA);
1924 ret = FALSE;
1925 }
1926 else
1927 {
1928 *(BOOL *)pvStructInfo = pbEncoded[2] ? TRUE : FALSE;
1929 ret = TRUE;
1930 }
1931 TRACE("returning %d (%08x)\n", ret, GetLastError());
1932 return ret;
1933 }
1934
1935 static BOOL WINAPI CRYPT_AsnDecodeAltNameEntry(DWORD dwCertEncodingType,
1936 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1937 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1938 {
1939 PCERT_ALT_NAME_ENTRY entry = (PCERT_ALT_NAME_ENTRY)pvStructInfo;
1940 DWORD dataLen, lenBytes, bytesNeeded = sizeof(CERT_ALT_NAME_ENTRY);
1941 BOOL ret;
1942
1943 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1944 pDecodePara, pvStructInfo, *pcbStructInfo);
1945
1946 if (cbEncoded < 2)
1947 {
1948 SetLastError(CRYPT_E_ASN1_CORRUPT);
1949 return FALSE;
1950 }
1951 if ((pbEncoded[0] & ASN_FLAGS_MASK) != ASN_CONTEXT)
1952 {
1953 SetLastError(CRYPT_E_ASN1_BADTAG);
1954 return FALSE;
1955 }
1956 lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1957 if (1 + lenBytes > cbEncoded)
1958 {
1959 SetLastError(CRYPT_E_ASN1_CORRUPT);
1960 return FALSE;
1961 }
1962 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1963 {
1964 switch (pbEncoded[0] & ASN_TYPE_MASK)
1965 {
1966 case 1: /* rfc822Name */
1967 case 2: /* dNSName */
1968 case 6: /* uniformResourceIdentifier */
1969 bytesNeeded += (dataLen + 1) * sizeof(WCHAR);
1970 break;
1971 case 7: /* iPAddress */
1972 bytesNeeded += dataLen;
1973 break;
1974 case 8: /* registeredID */
1975 /* FIXME: decode as OID */
1976 case 0: /* otherName */
1977 case 4: /* directoryName */
1978 FIXME("stub\n");
1979 SetLastError(CRYPT_E_ASN1_BADTAG);
1980 ret = FALSE;
1981 break;
1982 case 3: /* x400Address, unimplemented */
1983 case 5: /* ediPartyName, unimplemented */
1984 SetLastError(CRYPT_E_ASN1_BADTAG);
1985 ret = FALSE;
1986 break;
1987 default:
1988 SetLastError(CRYPT_E_ASN1_CORRUPT);
1989 ret = FALSE;
1990 }
1991 if (ret)
1992 {
1993 if (!entry)
1994 *pcbStructInfo = bytesNeeded;
1995 else if (*pcbStructInfo < bytesNeeded)
1996 {
1997 *pcbStructInfo = bytesNeeded;
1998 SetLastError(ERROR_MORE_DATA);
1999 ret = FALSE;
2000 }
2001 else
2002 {
2003 *pcbStructInfo = bytesNeeded;
2004 /* MS used values one greater than the asn1 ones.. sigh */
2005 entry->dwAltNameChoice = (pbEncoded[0] & 0x7f) + 1;
2006 switch (pbEncoded[0] & ASN_TYPE_MASK)
2007 {
2008 case 1: /* rfc822Name */
2009 case 2: /* dNSName */
2010 case 6: /* uniformResourceIdentifier */
2011 {
2012 DWORD i;
2013
2014 for (i = 0; i < dataLen; i++)
2015 entry->u.pwszURL[i] =
2016 (WCHAR)pbEncoded[1 + lenBytes + i];
2017 entry->u.pwszURL[i] = 0;
2018 TRACE("URL is %p (%s)\n", entry->u.pwszURL,
2019 debugstr_w(entry->u.pwszURL));
2020 break;
2021 }
2022 case 7: /* iPAddress */
2023 /* The next data pointer is in the pwszURL spot, that is,
2024 * the first 4 bytes. Need to move it to the next spot.
2025 */
2026 entry->u.IPAddress.pbData = (LPBYTE)entry->u.pwszURL;
2027 entry->u.IPAddress.cbData = dataLen;
2028 memcpy(entry->u.IPAddress.pbData, pbEncoded + 1 + lenBytes,
2029 dataLen);
2030 break;
2031 }
2032 }
2033 }
2034 }
2035 return ret;
2036 }
2037
2038 static BOOL WINAPI CRYPT_AsnDecodeAltNameInternal(DWORD dwCertEncodingType,
2039 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2040 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2041 {
2042 BOOL ret = TRUE;
2043 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2044 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), TRUE,
2045 offsetof(CERT_ALT_NAME_ENTRY, u.pwszURL) };
2046 PCERT_ALT_NAME_INFO info = (PCERT_ALT_NAME_INFO)pvStructInfo;
2047
2048 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2049 pDecodePara, pvStructInfo, *pcbStructInfo);
2050
2051 if (info)
2052 TRACE("info->rgAltEntry is %p\n", info->rgAltEntry);
2053 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
2054 pDecodePara, pvStructInfo, pcbStructInfo, info ? info->rgAltEntry : NULL);
2055 return ret;
2056 }
2057
2058 static BOOL WINAPI CRYPT_AsnDecodeAuthorityKeyId(DWORD dwCertEncodingType,
2059 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2060 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2061 {
2062 BOOL ret;
2063
2064 __TRY
2065 {
2066 struct AsnDecodeSequenceItem items[] = {
2067 { ASN_CONTEXT | 0, offsetof(CERT_AUTHORITY_KEY_ID_INFO, KeyId),
2068 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_DATA_BLOB),
2069 TRUE, TRUE, offsetof(CERT_AUTHORITY_KEY_ID_INFO, KeyId.pbData), 0 },
2070 { ASN_CONTEXT | ASN_CONSTRUCTOR| 1,
2071 offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertIssuer),
2072 CRYPT_AsnDecodeOctetsInternal, sizeof(CERT_NAME_BLOB), TRUE, TRUE,
2073 offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertIssuer.pbData), 0 },
2074 { ASN_CONTEXT | 2, offsetof(CERT_AUTHORITY_KEY_ID_INFO,
2075 CertSerialNumber), CRYPT_AsnDecodeIntegerInternal,
2076 sizeof(CRYPT_INTEGER_BLOB), TRUE, TRUE,
2077 offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertSerialNumber.pbData), 0 },
2078 };
2079
2080 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
2081 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
2082 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
2083 }
2084 __EXCEPT_PAGE_FAULT
2085 {
2086 SetLastError(STATUS_ACCESS_VIOLATION);
2087 ret = FALSE;
2088 }
2089 __ENDTRY
2090 return ret;
2091 }
2092
2093 static BOOL WINAPI CRYPT_AsnDecodeAltName(DWORD dwCertEncodingType,
2094 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2095 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2096 {
2097 BOOL ret = TRUE;
2098
2099 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2100 pDecodePara, pvStructInfo, *pcbStructInfo);
2101
2102 __TRY
2103 {
2104 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2105 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), TRUE,
2106 offsetof(CERT_ALT_NAME_ENTRY, u.pwszURL) };
2107
2108 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
2109 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
2110 }
2111 __EXCEPT_PAGE_FAULT
2112 {
2113 SetLastError(STATUS_ACCESS_VIOLATION);
2114 ret = FALSE;
2115 }
2116 __ENDTRY
2117 return ret;
2118 }
2119
2120 struct PATH_LEN_CONSTRAINT
2121 {
2122 BOOL fPathLenConstraint;
2123 DWORD dwPathLenConstraint;
2124 };
2125
2126 static BOOL WINAPI CRYPT_AsnDecodePathLenConstraint(DWORD dwCertEncodingType,
2127 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2128 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2129 {
2130 BOOL ret = TRUE;
2131
2132 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2133 pvStructInfo, *pcbStructInfo);
2134
2135 if (cbEncoded)
2136 {
2137 if (pbEncoded[0] == ASN_INTEGER)
2138 {
2139 DWORD bytesNeeded = sizeof(struct PATH_LEN_CONSTRAINT);
2140
2141 if (!pvStructInfo)
2142 *pcbStructInfo = bytesNeeded;
2143 else if (*pcbStructInfo < bytesNeeded)
2144 {
2145 SetLastError(ERROR_MORE_DATA);
2146 *pcbStructInfo = bytesNeeded;
2147 ret = FALSE;
2148 }
2149 else
2150 {
2151 struct PATH_LEN_CONSTRAINT *constraint =
2152 (struct PATH_LEN_CONSTRAINT *)pvStructInfo;
2153 DWORD size = sizeof(constraint->dwPathLenConstraint);
2154
2155 ret = CRYPT_AsnDecodeInt(dwCertEncodingType, X509_INTEGER,
2156 pbEncoded, cbEncoded, 0, NULL,
2157 &constraint->dwPathLenConstraint, &size);
2158 if (ret)
2159 constraint->fPathLenConstraint = TRUE;
2160 TRACE("got an int, dwPathLenConstraint is %d\n",
2161 constraint->dwPathLenConstraint);
2162 }
2163 }
2164 else
2165 {
2166 SetLastError(CRYPT_E_ASN1_CORRUPT);
2167 ret = FALSE;
2168 }
2169 }
2170 TRACE("returning %d (%08x)\n", ret, GetLastError());
2171 return ret;
2172 }
2173
2174 static BOOL WINAPI CRYPT_AsnDecodeSubtreeConstraints(DWORD dwCertEncodingType,
2175 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2176 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2177 {
2178 BOOL ret;
2179 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2180 CRYPT_AsnDecodeCopyBytes, sizeof(CERT_NAME_BLOB), TRUE,
2181 offsetof(CERT_NAME_BLOB, pbData) };
2182 struct GenericArray *entries = (struct GenericArray *)pvStructInfo;
2183
2184 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2185 pDecodePara, pvStructInfo, *pcbStructInfo);
2186
2187 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
2188 pDecodePara, pvStructInfo, pcbStructInfo,
2189 entries ? entries->rgItems : NULL);
2190 TRACE("Returning %d (%08x)\n", ret, GetLastError());
2191 return ret;
2192 }
2193
2194 static BOOL WINAPI CRYPT_AsnDecodeBasicConstraints(DWORD dwCertEncodingType,
2195 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2196 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2197 {
2198 BOOL ret;
2199
2200 __TRY
2201 {
2202 struct AsnDecodeSequenceItem items[] = {
2203 { ASN_BITSTRING, offsetof(CERT_BASIC_CONSTRAINTS_INFO, SubjectType),
2204 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), FALSE, TRUE,
2205 offsetof(CERT_BASIC_CONSTRAINTS_INFO, SubjectType.pbData), 0 },
2206 { ASN_INTEGER, offsetof(CERT_BASIC_CONSTRAINTS_INFO,
2207 fPathLenConstraint), CRYPT_AsnDecodePathLenConstraint,
2208 sizeof(struct PATH_LEN_CONSTRAINT), TRUE, FALSE, 0, 0 },
2209 { ASN_SEQUENCEOF, offsetof(CERT_BASIC_CONSTRAINTS_INFO,
2210 cSubtreesConstraint), CRYPT_AsnDecodeSubtreeConstraints,
2211 sizeof(struct GenericArray), TRUE, TRUE,
2212 offsetof(CERT_BASIC_CONSTRAINTS_INFO, rgSubtreesConstraint), 0 },
2213 };
2214
2215 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
2216 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
2217 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
2218 }
2219 __EXCEPT_PAGE_FAULT
2220 {
2221 SetLastError(STATUS_ACCESS_VIOLATION);
2222 ret = FALSE;
2223 }
2224 __ENDTRY
2225 return ret;
2226 }
2227
2228 static BOOL WINAPI CRYPT_AsnDecodeBasicConstraints2(DWORD dwCertEncodingType,
2229 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2230 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2231 {
2232 BOOL ret;
2233
2234 __TRY
2235 {
2236 struct AsnDecodeSequenceItem items[] = {
2237 { ASN_BOOL, offsetof(CERT_BASIC_CONSTRAINTS2_INFO, fCA),
2238 CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE, FALSE, 0, 0 },
2239 { ASN_INTEGER, offsetof(CERT_BASIC_CONSTRAINTS2_INFO,
2240 fPathLenConstraint), CRYPT_AsnDecodePathLenConstraint,
2241 sizeof(struct PATH_LEN_CONSTRAINT), TRUE, FALSE, 0, 0 },
2242 };
2243
2244 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
2245 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
2246 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
2247 }
2248 __EXCEPT_PAGE_FAULT
2249 {
2250 SetLastError(STATUS_ACCESS_VIOLATION);
2251 ret = FALSE;
2252 }
2253 __ENDTRY
2254 return ret;
2255 }
2256
2257 #define RSA1_MAGIC 0x31415352
2258
2259 struct DECODED_RSA_PUB_KEY
2260 {
2261 DWORD pubexp;
2262 CRYPT_INTEGER_BLOB modulus;
2263 };
2264
2265 static BOOL WINAPI CRYPT_AsnDecodeRsaPubKey(DWORD dwCertEncodingType,
2266 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2267 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2268 {
2269 BOOL ret;
2270
2271 __TRY
2272 {
2273 struct AsnDecodeSequenceItem items[] = {
2274 { ASN_INTEGER, offsetof(struct DECODED_RSA_PUB_KEY, modulus),
2275 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
2276 FALSE, TRUE, offsetof(struct DECODED_RSA_PUB_KEY, modulus.pbData),
2277 0 },
2278 { ASN_INTEGER, offsetof(struct DECODED_RSA_PUB_KEY, pubexp),
2279 CRYPT_AsnDecodeInt, sizeof(DWORD), FALSE, FALSE, 0, 0 },
2280 };
2281 struct DECODED_RSA_PUB_KEY *decodedKey = NULL;
2282 DWORD size = 0;
2283
2284 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
2285 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded,
2286 CRYPT_DECODE_ALLOC_FLAG, NULL, &decodedKey, &size, NULL);
2287 if (ret)
2288 {
2289 DWORD bytesNeeded = sizeof(BLOBHEADER) + sizeof(RSAPUBKEY) +
2290 decodedKey->modulus.cbData;
2291
2292 if (!pvStructInfo)
2293 {
2294 *pcbStructInfo = bytesNeeded;
2295 ret = TRUE;
2296 }
2297 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2298 pvStructInfo, pcbStructInfo, bytesNeeded)))
2299 {
2300 BLOBHEADER *hdr;
2301 RSAPUBKEY *rsaPubKey;
2302
2303 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2304 pvStructInfo = *(BYTE **)pvStructInfo;
2305 hdr = (BLOBHEADER *)pvStructInfo;
2306 hdr->bType = PUBLICKEYBLOB;
2307 hdr->bVersion = CUR_BLOB_VERSION;
2308 hdr->reserved = 0;
2309 hdr->aiKeyAlg = CALG_RSA_KEYX;
2310 rsaPubKey = (RSAPUBKEY *)((BYTE *)pvStructInfo +
2311 sizeof(BLOBHEADER));
2312 rsaPubKey->magic = RSA1_MAGIC;
2313 rsaPubKey->pubexp = decodedKey->pubexp;
2314 rsaPubKey->bitlen = decodedKey->modulus.cbData * 8;
2315 memcpy((BYTE *)pvStructInfo + sizeof(BLOBHEADER) +
2316 sizeof(RSAPUBKEY), decodedKey->modulus.pbData,
2317 decodedKey->modulus.cbData);
2318 }
2319 LocalFree(decodedKey);
2320 }
2321 }
2322 __EXCEPT_PAGE_FAULT
2323 {
2324 SetLastError(STATUS_ACCESS_VIOLATION);
2325 ret = FALSE;
2326 }
2327 __ENDTRY
2328 return ret;
2329 }
2330
2331 static BOOL WINAPI CRYPT_AsnDecodeOctetsInternal(DWORD dwCertEncodingType,
2332 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2333 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2334 {
2335 BOOL ret;
2336 DWORD bytesNeeded, dataLen;
2337
2338 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2339 pDecodePara, pvStructInfo, *pcbStructInfo);
2340
2341 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2342 {
2343 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2344 bytesNeeded = sizeof(CRYPT_DATA_BLOB);
2345 else
2346 bytesNeeded = dataLen + sizeof(CRYPT_DATA_BLOB);
2347 if (!pvStructInfo)
2348 *pcbStructInfo = bytesNeeded;
2349 else if (*pcbStructInfo < bytesNeeded)
2350 {
2351 SetLastError(ERROR_MORE_DATA);
2352 *pcbStructInfo = bytesNeeded;
2353 ret = FALSE;
2354 }
2355 else
2356 {
2357 CRYPT_DATA_BLOB *blob;
2358 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2359
2360 blob = (CRYPT_DATA_BLOB *)pvStructInfo;
2361 blob->cbData = dataLen;
2362 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2363 blob->pbData = (BYTE *)pbEncoded + 1 + lenBytes;
2364 else
2365 {
2366 assert(blob->pbData);
2367 if (blob->cbData)
2368 memcpy(blob->pbData, pbEncoded + 1 + lenBytes,
2369 blob->cbData);
2370 }
2371 }
2372 }
2373 return ret;
2374 }
2375
2376 static BOOL WINAPI CRYPT_AsnDecodeOctets(DWORD dwCertEncodingType,
2377 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2378 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2379 {
2380 BOOL ret;
2381
2382 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2383 pDecodePara, pvStructInfo, *pcbStructInfo);
2384
2385 __TRY
2386 {
2387 DWORD bytesNeeded;
2388
2389 if (!cbEncoded)
2390 {
2391 SetLastError(CRYPT_E_ASN1_CORRUPT);
2392 ret = FALSE;
2393 }
2394 else if (pbEncoded[0] != ASN_OCTETSTRING)
2395 {
2396 SetLastError(CRYPT_E_ASN1_BADTAG);
2397 ret = FALSE;
2398 }
2399 else if ((ret = CRYPT_AsnDecodeOctetsInternal(dwCertEncodingType,
2400 lpszStructType, pbEncoded, cbEncoded,
2401 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, NULL, &bytesNeeded)))
2402 {
2403 if (!pvStructInfo)
2404 *pcbStructInfo = bytesNeeded;
2405 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2406 pvStructInfo, pcbStructInfo, bytesNeeded)))
2407 {
2408 CRYPT_DATA_BLOB *blob;
2409
2410 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2411 pvStructInfo = *(BYTE **)pvStructInfo;
2412 blob = (CRYPT_DATA_BLOB *)pvStructInfo;
2413 blob->pbData = (BYTE *)pvStructInfo + sizeof(CRYPT_DATA_BLOB);
2414 ret = CRYPT_AsnDecodeOctetsInternal(dwCertEncodingType,
2415 lpszStructType, pbEncoded, cbEncoded,
2416 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pvStructInfo,
2417 &bytesNeeded);
2418 }
2419 }
2420 }
2421 __EXCEPT_PAGE_FAULT
2422 {
2423 SetLastError(STATUS_ACCESS_VIOLATION);
2424 ret = FALSE;
2425 }
2426 __ENDTRY
2427 return ret;
2428 }
2429
2430 static BOOL WINAPI CRYPT_AsnDecodeBitsInternal(DWORD dwCertEncodingType,
2431 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2432 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2433 {
2434 BOOL ret;
2435
2436 TRACE("(%p, %d, 0x%08x, %p, %p, %d)\n", pbEncoded, cbEncoded, dwFlags,
2437 pDecodePara, pvStructInfo, *pcbStructInfo);
2438
2439 if (pbEncoded[0] == ASN_BITSTRING)
2440 {
2441 DWORD bytesNeeded, dataLen;
2442
2443 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2444 {
2445 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2446 bytesNeeded = sizeof(CRYPT_BIT_BLOB);
2447 else
2448 bytesNeeded = dataLen - 1 + sizeof(CRYPT_BIT_BLOB);
2449 if (!pvStructInfo)
2450 *pcbStructInfo = bytesNeeded;
2451 else if (*pcbStructInfo < bytesNeeded)
2452 {
2453 *pcbStructInfo = bytesNeeded;
2454 SetLastError(ERROR_MORE_DATA);
2455 ret = FALSE;
2456 }
2457 else
2458 {
2459 CRYPT_BIT_BLOB *blob;
2460
2461 blob = (CRYPT_BIT_BLOB *)pvStructInfo;
2462 blob->cbData = dataLen - 1;
2463 blob->cUnusedBits = *(pbEncoded + 1 +
2464 GET_LEN_BYTES(pbEncoded[1]));
2465 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2466 {
2467 blob->pbData = (BYTE *)pbEncoded + 2 +
2468 GET_LEN_BYTES(pbEncoded[1]);
2469 }
2470 else
2471 {
2472 assert(blob->pbData);
2473 if (blob->cbData)
2474 {
2475 BYTE mask = 0xff << blob->cUnusedBits;
2476
2477 memcpy(blob->pbData, pbEncoded + 2 +
2478 GET_LEN_BYTES(pbEncoded[1]), blob->cbData);
2479 blob->pbData[blob->cbData - 1] &= mask;
2480 }
2481 }
2482 }
2483 }
2484 }
2485 else
2486 {
2487 SetLastError(CRYPT_E_ASN1_BADTAG);
2488 ret = FALSE;
2489 }
2490 TRACE("returning %d (%08x)\n", ret, GetLastError());
2491 return ret;
2492 }
2493
2494 static BOOL WINAPI CRYPT_AsnDecodeBits(DWORD dwCertEncodingType,
2495 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2496 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2497 {
2498 BOOL ret;
2499
2500 TRACE("(%p, %d, 0x%08x, %p, %p, %p)\n", pbEncoded, cbEncoded, dwFlags,
2501 pDecodePara, pvStructInfo, pcbStructInfo);
2502
2503 __TRY
2504 {
2505 DWORD bytesNeeded;
2506
2507 if ((ret = CRYPT_AsnDecodeBitsInternal(dwCertEncodingType,
2508 lpszStructType, pbEncoded, cbEncoded,
2509 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, NULL, &bytesNeeded)))
2510 {
2511 if (!pvStructInfo)
2512 *pcbStructInfo = bytesNeeded;
2513 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2514 pvStructInfo, pcbStructInfo, bytesNeeded)))
2515 {
2516 CRYPT_BIT_BLOB *blob;
2517
2518 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2519 pvStructInfo = *(BYTE **)pvStructInfo;
2520 blob = (CRYPT_BIT_BLOB *)pvStructInfo;
2521 blob->pbData = (BYTE *)pvStructInfo + sizeof(CRYPT_BIT_BLOB);
2522 ret = CRYPT_AsnDecodeBitsInternal(dwCertEncodingType,
2523 lpszStructType, pbEncoded, cbEncoded,
2524 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pvStructInfo,
2525 &bytesNeeded);
2526 }
2527 }
2528 }
2529 __EXCEPT_PAGE_FAULT
2530 {
2531 SetLastError(STATUS_ACCESS_VIOLATION);
2532 ret = FALSE;
2533 }
2534 __ENDTRY
2535 TRACE("returning %d (%08x)\n", ret, GetLastError());
2536 return ret;
2537 }
2538
2539 static BOOL WINAPI CRYPT_AsnDecodeInt(DWORD dwCertEncodingType,
2540 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2541 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2542 {
2543 BOOL ret;
2544
2545 if (!pvStructInfo)
2546 {
2547 *pcbStructInfo = sizeof(int);
2548 return TRUE;
2549 }
2550 __TRY
2551 {
2552 BYTE buf[sizeof(CRYPT_INTEGER_BLOB) + sizeof(int)];
2553 CRYPT_INTEGER_BLOB *blob = (CRYPT_INTEGER_BLOB *)buf;
2554 DWORD size = sizeof(buf);
2555
2556 blob->pbData = buf + sizeof(CRYPT_INTEGER_BLOB);
2557 if (pbEncoded[0] != ASN_INTEGER)
2558 {
2559 SetLastError(CRYPT_E_ASN1_BADTAG);
2560 ret = FALSE;
2561 }
2562 else
2563 ret = CRYPT_AsnDecodeIntegerInternal(dwCertEncodingType,
2564 X509_MULTI_BYTE_INTEGER, pbEncoded, cbEncoded, 0, NULL, &buf,
2565 &size);
2566 if (ret)
2567 {
2568 if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2569 pvStructInfo, pcbStructInfo, sizeof(int))))
2570 {
2571 int val, i;
2572
2573 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2574 pvStructInfo = *(BYTE **)pvStructInfo;
2575 if (blob->pbData[blob->cbData - 1] & 0x80)
2576 {
2577 /* initialize to a negative value to sign-extend */
2578 val = -1;
2579 }
2580 else
2581 val = 0;
2582 for (i = 0; i < blob->cbData; i++)
2583 {
2584 val <<= 8;
2585 val |= blob->pbData[blob->cbData - i - 1];
2586 }
2587 memcpy(pvStructInfo, &val, sizeof(int));
2588 }
2589 }
2590 else if (GetLastError() == ERROR_MORE_DATA)
2591 SetLastError(CRYPT_E_ASN1_LARGE);
2592 }
2593 __EXCEPT_PAGE_FAULT
2594 {
2595 SetLastError(STATUS_ACCESS_VIOLATION);
2596 ret = FALSE;
2597 }
2598 __ENDTRY
2599 return ret;
2600 }
2601
2602 static BOOL WINAPI CRYPT_AsnDecodeIntegerInternal(DWORD dwCertEncodingType,
2603 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2604 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2605 {
2606 BOOL ret;
2607 DWORD bytesNeeded, dataLen;
2608
2609 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2610 {
2611 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2612
2613 bytesNeeded = dataLen + sizeof(CRYPT_INTEGER_BLOB);
2614 if (!pvStructInfo)
2615 *pcbStructInfo = bytesNeeded;
2616 else if (*pcbStructInfo < bytesNeeded)
2617 {
2618 *pcbStructInfo = bytesNeeded;
2619 SetLastError(ERROR_MORE_DATA);
2620 ret = FALSE;
2621 }
2622 else
2623 {
2624 CRYPT_INTEGER_BLOB *blob = (CRYPT_INTEGER_BLOB *)pvStructInfo;
2625
2626 blob->cbData = dataLen;
2627 assert(blob->pbData);
2628 if (blob->cbData)
2629 {
2630 DWORD i;
2631
2632 for (i = 0; i < blob->cbData; i++)
2633 {
2634 blob->pbData[i] = *(pbEncoded + 1 + lenBytes +
2635 dataLen - i - 1);
2636 }
2637 }
2638 }
2639 }
2640 return ret;
2641 }
2642
2643 static BOOL WINAPI CRYPT_AsnDecodeInteger(DWORD dwCertEncodingType,
2644 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2645 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2646 {
2647 BOOL ret;
2648
2649 __TRY
2650 {
2651 DWORD bytesNeeded;
2652
2653 if (pbEncoded[0] != ASN_INTEGER)
2654 {
2655 SetLastError(CRYPT_E_ASN1_BADTAG);
2656 ret = FALSE;
2657 }
2658 else
2659 ret = CRYPT_AsnDecodeIntegerInternal(dwCertEncodingType,
2660 lpszStructType, pbEncoded, cbEncoded,
2661 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, NULL, NULL, &bytesNeeded);
2662 if (ret)
2663 {
2664 if (!pvStructInfo)
2665 *pcbStructInfo = bytesNeeded;
2666 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2667 pvStructInfo, pcbStructInfo, bytesNeeded)))
2668 {
2669 CRYPT_INTEGER_BLOB *blob;
2670
2671 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2672 pvStructInfo = *(BYTE **)pvStructInfo;
2673 blob = (CRYPT_INTEGER_BLOB *)pvStructInfo;
2674 blob->pbData = (BYTE *)pvStructInfo +
2675 sizeof(CRYPT_INTEGER_BLOB);
2676 ret = CRYPT_AsnDecodeIntegerInternal(dwCertEncodingType,
2677 lpszStructType, pbEncoded, cbEncoded,
2678 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, NULL, pvStructInfo,
2679 &bytesNeeded);
2680 }
2681 }
2682 }
2683 __EXCEPT_PAGE_FAULT
2684 {
2685 SetLastError(STATUS_ACCESS_VIOLATION);
2686 ret = FALSE;
2687 }
2688 __ENDTRY
2689 return ret;
2690 }
2691
2692 static BOOL WINAPI CRYPT_AsnDecodeUnsignedIntegerInternal(
2693 DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded,
2694 DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
2695 void *pvStructInfo, DWORD *pcbStructInfo)
2696 {
2697 BOOL ret;
2698
2699 if (pbEncoded[0] == ASN_INTEGER)
2700 {
2701 DWORD bytesNeeded, dataLen;
2702
2703 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2704 {
2705 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2706
2707 bytesNeeded = dataLen + sizeof(CRYPT_INTEGER_BLOB);
2708 if (!pvStructInfo)
2709 *pcbStructInfo = bytesNeeded;
2710 else if (*pcbStructInfo < bytesNeeded)
2711 {
2712 *pcbStructInfo = bytesNeeded;
2713 SetLastError(ERROR_MORE_DATA);
2714 ret = FALSE;
2715 }
2716 else
2717 {
2718 CRYPT_INTEGER_BLOB *blob = (CRYPT_INTEGER_BLOB *)pvStructInfo;
2719
2720 blob->cbData = dataLen;
2721 assert(blob->pbData);
2722 /* remove leading zero byte if it exists */
2723 if (blob->cbData && *(pbEncoded + 1 + lenBytes) == 0)
2724 {
2725 blob->cbData--;
2726 blob->pbData++;
2727 }
2728 if (blob->cbData)
2729 {
2730 DWORD i;
2731
2732 for (i = 0; i < blob->cbData; i++)
2733 {
2734 blob->pbData[i] = *(pbEncoded + 1 + lenBytes +
2735 dataLen - i - 1);
2736 }
2737 }
2738 }
2739 }
2740 }
2741 else
2742 {
2743 SetLastError(CRYPT_E_ASN1_BADTAG);
2744 ret = FALSE;
2745 }
2746 return ret;
2747 }
2748
2749 static BOOL WINAPI CRYPT_AsnDecodeUnsignedInteger(DWORD dwCertEncodingType,
2750 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2751 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2752 {
2753 BOOL ret;
2754
2755 __TRY
2756 {
2757 DWORD bytesNeeded;
2758
2759 if ((ret = CRYPT_AsnDecodeUnsignedIntegerInternal(dwCertEncodingType,
2760 lpszStructType, pbEncoded, cbEncoded,
2761 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, NULL, NULL, &bytesNeeded)))
2762 {
2763 if (!pvStructInfo)
2764 *pcbStructInfo = bytesNeeded;
2765 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2766 pvStructInfo, pcbStructInfo, bytesNeeded)))
2767 {
2768 CRYPT_INTEGER_BLOB *blob;
2769
2770 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2771 pvStructInfo = *(BYTE **)pvStructInfo;
2772 blob = (CRYPT_INTEGER_BLOB *)pvStructInfo;
2773 blob->pbData = (BYTE *)pvStructInfo +
2774 sizeof(CRYPT_INTEGER_BLOB);
2775 ret = CRYPT_AsnDecodeUnsignedIntegerInternal(dwCertEncodingType,
2776 lpszStructType, pbEncoded, cbEncoded,
2777 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, NULL, pvStructInfo,
2778 &bytesNeeded);
2779 }
2780 }
2781 }
2782 __EXCEPT_PAGE_FAULT
2783 {
2784 SetLastError(STATUS_ACCESS_VIOLATION);
2785 ret = FALSE;
2786 }
2787 __ENDTRY
2788 return ret;
2789 }
2790
2791 static BOOL WINAPI CRYPT_AsnDecodeEnumerated(DWORD dwCertEncodingType,
2792 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2793 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2794 {
2795 BOOL ret;
2796
2797 if (!pvStructInfo)
2798 {
2799 *pcbStructInfo = sizeof(int);
2800 return TRUE;
2801 }
2802 __TRY
2803 {
2804 if (pbEncoded[0] == ASN_ENUMERATED)
2805 {
2806 unsigned int val = 0, i;
2807
2808 if (cbEncoded <= 1)
2809 {
2810 SetLastError(CRYPT_E_ASN1_EOD);
2811 ret = FALSE;
2812 }
2813 else if (pbEncoded[1] == 0)
2814 {
2815 SetLastError(CRYPT_E_ASN1_CORRUPT);
2816 ret = FALSE;
2817 }
2818 else
2819 {
2820 /* A little strange looking, but we have to accept a sign byte:
2821 * 0xffffffff gets encoded as 0a 05 00 ff ff ff ff. Also,
2822 * assuming a small length is okay here, it has to be in short
2823 * form.
2824 */
2825 if (pbEncoded[1] > sizeof(unsigned int) + 1)
2826 {
2827 SetLastError(CRYPT_E_ASN1_LARGE);
2828 return FALSE;
2829 }
2830 for (i = 0; i < pbEncoded[1]; i++)
2831 {
2832 val <<= 8;
2833 val |= pbEncoded[2 + i];
2834 }
2835 if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2836 pvStructInfo, pcbStructInfo, sizeof(unsigned int))))
2837 {
2838 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2839 pvStructInfo = *(BYTE **)pvStructInfo;
2840 memcpy(pvStructInfo, &val, sizeof(unsigned int));
2841 }
2842 }
2843 }
2844 else
2845 {
2846 SetLastError(CRYPT_E_ASN1_BADTAG);
2847 ret = FALSE;
2848 }
2849 }
2850 __EXCEPT_PAGE_FAULT
2851 {
2852 SetLastError(STATUS_ACCESS_VIOLATION);
2853 ret = FALSE;
2854 }
2855 __ENDTRY
2856 return ret;
2857 }
2858
2859 /* Modifies word, pbEncoded, and len, and magically sets a value ret to FALSE
2860 * if it fails.
2861 */
2862 #define CRYPT_TIME_GET_DIGITS(pbEncoded, len, numDigits, word) \
2863 do { \
2864 BYTE i; \
2865 \
2866 (word) = 0; \
2867 for (i = 0; (len) > 0 && i < (numDigits); i++, (len)--) \
2868 { \
2869 if (!isdigit(*(pbEncoded))) \
2870 { \
2871 SetLastError(CRYPT_E_ASN1_CORRUPT); \
2872 ret = FALSE; \
2873 } \
2874 else \
2875 { \
2876 (word) *= 10; \
2877 (word) += *(pbEncoded)++ - '0'; \
2878 } \
2879 } \
2880 } while (0)
2881
2882 static BOOL CRYPT_AsnDecodeTimeZone(const BYTE *pbEncoded, DWORD len,
2883 SYSTEMTIME *sysTime)
2884 {
2885 BOOL ret;
2886
2887 __TRY
2888 {
2889 ret = TRUE;
2890 if (len >= 3 && (*pbEncoded == '+' || *pbEncoded == '-'))
2891 {
2892 WORD hours, minutes = 0;
2893 BYTE sign = *pbEncoded++;
2894
2895 len--;
2896 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, hours);
2897 if (ret && hours >= 24)
2898 {
2899 SetLastError(CRYPT_E_ASN1_CORRUPT);
2900 ret = FALSE;
2901 }
2902 else if (len >= 2)
2903 {
2904 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, minutes);
2905 if (ret && minutes >= 60)
2906 {
2907 SetLastError(CRYPT_E_ASN1_CORRUPT);
2908 ret = FALSE;
2909 }
2910 }
2911 if (ret)
2912 {
2913 if (sign == '+')
2914 {
2915 sysTime->wHour += hours;
2916 sysTime->wMinute += minutes;
2917 }
2918 else
2919 {
2920 if (hours > sysTime->wHour)
2921 {
2922 sysTime->wDay--;
2923 sysTime->wHour = 24 - (hours - sysTime->wHour);
2924 }
2925 else
2926 sysTime->wHour -= hours;
2927 if (minutes > sysTime->wMinute)
2928 {
2929 sysTime->wHour--;
2930 sysTime->wMinute = 60 - (minutes - sysTime->wMinute);
2931 }
2932 else
2933 sysTime->wMinute -= minutes;
2934 }
2935 }
2936 }
2937 }
2938 __EXCEPT_PAGE_FAULT
2939 {
2940 SetLastError(STATUS_ACCESS_VIOLATION);
2941 ret = FALSE;
2942 }
2943 __ENDTRY
2944 return ret;
2945 }
2946
2947 #define MIN_ENCODED_TIME_LENGTH 10
2948
2949 static BOOL WINAPI CRYPT_AsnDecodeUtcTime(DWORD dwCertEncodingType,
2950 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2951 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2952 {
2953 BOOL ret;
2954
2955 if (!pvStructInfo)
2956 {
2957 *pcbStructInfo = sizeof(FILETIME);
2958 return TRUE;
2959 }
2960 __TRY
2961 {
2962 ret = TRUE;
2963 if (pbEncoded[0] == ASN_UTCTIME)
2964 {
2965 if (cbEncoded <= 1)
2966 {
2967 SetLastError(CRYPT_E_ASN1_EOD);
2968 ret = FALSE;
2969 }
2970 else if (pbEncoded[1] > 0x7f)
2971 {
2972 /* long-form date strings really can't be valid */
2973 SetLastError(CRYPT_E_ASN1_CORRUPT);
2974 ret = FALSE;
2975 }
2976 else
2977 {
2978 SYSTEMTIME sysTime = { 0 };
2979 BYTE len = pbEncoded[1];
2980
2981 if (len < MIN_ENCODED_TIME_LENGTH)
2982 {
2983 SetLastError(CRYPT_E_ASN1_CORRUPT);
2984 ret = FALSE;
2985 }
2986 else
2987 {
2988 pbEncoded += 2;
2989 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wYear);
2990 if (sysTime.wYear >= 50)
2991 sysTime.wYear += 1900;
2992 else
2993 sysTime.wYear += 2000;
2994 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMonth);
2995 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wDay);
2996 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wHour);
2997 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMinute);
2998 if (ret && len > 0)
2999 {
3000 if (len >= 2 && isdigit(*pbEncoded) &&
3001 isdigit(*(pbEncoded + 1)))
3002 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
3003 sysTime.wSecond);
3004 else if (isdigit(*pbEncoded))
3005 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 1,
3006 sysTime.wSecond);
3007 if (ret)
3008 ret = CRYPT_AsnDecodeTimeZone(pbEncoded, len,
3009 &sysTime);
3010 }
3011 if (ret && (ret = CRYPT_DecodeEnsureSpace(dwFlags,
3012 pDecodePara, pvStructInfo, pcbStructInfo,
3013 sizeof(FILETIME))))
3014 {
3015 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3016 pvStructInfo = *(BYTE **)pvStructInfo;
3017 ret = SystemTimeToFileTime(&sysTime,
3018 (FILETIME *)pvStructInfo);
3019 }
3020 }
3021 }
3022 }
3023 else
3024 {
3025 SetLastError(CRYPT_E_ASN1_BADTAG);
3026 ret = FALSE;
3027 }
3028 }
3029 __EXCEPT_PAGE_FAULT
3030 {
3031 SetLastError(STATUS_ACCESS_VIOLATION);
3032 ret = FALSE;
3033 }
3034 __ENDTRY
3035 return ret;
3036 }
3037
3038 static BOOL WINAPI CRYPT_AsnDecodeGeneralizedTime(DWORD dwCertEncodingType,
3039 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3040 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3041 {
3042 BOOL ret;
3043
3044 if (!pvStructInfo)
3045 {
3046 *pcbStructInfo = sizeof(FILETIME);
3047 return TRUE;
3048 }
3049 __TRY
3050 {
3051 ret = TRUE;
3052 if (pbEncoded[0] == ASN_GENERALTIME)
3053 {
3054 if (cbEncoded <= 1)
3055 {
3056 SetLastError(CRYPT_E_ASN1_EOD);
3057 ret = FALSE;
3058 }
3059 else if (pbEncoded[1] > 0x7f)
3060 {
3061 /* long-form date strings really can't be valid */
3062 SetLastError(CRYPT_E_ASN1_CORRUPT);
3063 ret = FALSE;
3064 }
3065 else
3066 {
3067 BYTE len = pbEncoded[1];
3068
3069 if (len < MIN_ENCODED_TIME_LENGTH)
3070 {
3071 SetLastError(CRYPT_E_ASN1_CORRUPT);
3072 ret = FALSE;
3073 }
3074 else
3075 {
3076 SYSTEMTIME sysTime = { 0 };
3077
3078 pbEncoded += 2;
3079 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 4, sysTime.wYear);
3080 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMonth);
3081 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wDay);
3082 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wHour);
3083 if (ret && len > 0)
3084 {
3085 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
3086 sysTime.wMinute);
3087 if (ret && len > 0)
3088 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
3089 sysTime.wSecond);
3090 if (ret && len > 0 && (*pbEncoded == '.' ||
3091 *pbEncoded == ','))
3092 {
3093 BYTE digits;
3094
3095 pbEncoded++;
3096 len--;
3097 /* workaround macro weirdness */
3098 digits = min(len, 3);
3099 CRYPT_TIME_GET_DIGITS(pbEncoded, len, digits,
3100 sysTime.wMilliseconds);
3101 }
3102 if (ret)
3103 ret = CRYPT_AsnDecodeTimeZone(pbEncoded, len,
3104 &sysTime);
3105 }
3106 if (ret && (ret = CRYPT_DecodeEnsureSpace(dwFlags,
3107 pDecodePara, pvStructInfo, pcbStructInfo,
3108 sizeof(FILETIME))))
3109 {
3110 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3111 pvStructInfo = *(BYTE **)pvStructInfo;
3112 ret = SystemTimeToFileTime(&sysTime,
3113 (FILETIME *)pvStructInfo);
3114 }
3115 }
3116 }
3117 }
3118 else
3119 {
3120 SetLastError(CRYPT_E_ASN1_BADTAG);
3121 ret = FALSE;
3122 }
3123 }
3124 __EXCEPT_PAGE_FAULT
3125 {
3126 SetLastError(STATUS_ACCESS_VIOLATION);
3127 ret = FALSE;
3128 }
3129 __ENDTRY
3130 return ret;
3131 }
3132
3133 static BOOL WINAPI CRYPT_AsnDecodeChoiceOfTime(DWORD dwCertEncodingType,
3134 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3135 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3136 {
3137 BOOL ret;
3138
3139 __TRY
3140 {
3141 if (pbEncoded[0] == ASN_UTCTIME)
3142 ret = CRYPT_AsnDecodeUtcTime(dwCertEncodingType, lpszStructType,
3143 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3144 pcbStructInfo);
3145 else if (pbEncoded[0] == ASN_GENERALTIME)
3146 ret = CRYPT_AsnDecodeGeneralizedTime(dwCertEncodingType,
3147 lpszStructType, pbEncoded, cbEncoded, dwFlags, pDecodePara,
3148 pvStructInfo, pcbStructInfo);
3149 else
3150 {
3151 SetLastError(CRYPT_E_ASN1_BADTAG);
3152 ret = FALSE;
3153 }
3154 }
3155 __EXCEPT_PAGE_FAULT
3156 {
3157 SetLastError(STATUS_ACCESS_VIOLATION);
3158 ret = FALSE;
3159 }
3160 __ENDTRY
3161 return ret;
3162 }
3163
3164 static BOOL WINAPI CRYPT_AsnDecodeSequenceOfAny(DWORD dwCertEncodingType,
3165 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3166 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3167 {
3168 BOOL ret = TRUE;
3169
3170 __TRY
3171 {
3172 if (pbEncoded[0] == ASN_SEQUENCEOF)
3173 {
3174 DWORD bytesNeeded, dataLen, remainingLen, cValue;
3175
3176 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
3177 {
3178 BYTE lenBytes;
3179 const BYTE *ptr;
3180
3181 lenBytes = GET_LEN_BYTES(pbEncoded[1]);
3182 bytesNeeded = sizeof(CRYPT_SEQUENCE_OF_ANY);
3183 cValue = 0;
3184 ptr = pbEncoded + 1 + lenBytes;
3185 remainingLen = dataLen;
3186 while (ret && remainingLen)
3187 {
3188 DWORD nextLen;
3189
3190 ret = CRYPT_GetLen(ptr, remainingLen, &nextLen);
3191 if (ret)
3192 {
3193 DWORD nextLenBytes = GET_LEN_BYTES(ptr[1]);
3194
3195 remainingLen -= 1 + nextLenBytes + nextLen;
3196 ptr += 1 + nextLenBytes + nextLen;
3197 bytesNeeded += sizeof(CRYPT_DER_BLOB);
3198 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
3199 bytesNeeded += 1 + nextLenBytes + nextLen;
3200 cValue++;
3201 }
3202 }
3203 if (ret)
3204 {
3205 CRYPT_SEQUENCE_OF_ANY *seq;
3206 BYTE *nextPtr;
3207 DWORD i;
3208
3209 if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
3210 pvStructInfo, pcbStructInfo, bytesNeeded)))
3211 {
3212 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3213 pvStructInfo = *(BYTE **)pvStructInfo;
3214 seq = (CRYPT_SEQUENCE_OF_ANY *)pvStructInfo;
3215 seq->cValue = cValue;
3216 seq->rgValue = (CRYPT_DER_BLOB *)((BYTE *)seq +
3217 sizeof(*seq));
3218 nextPtr = (BYTE *)seq->rgValue +
3219 cValue * sizeof(CRYPT_DER_BLOB);
3220 ptr = pbEncoded + 1 + lenBytes;
3221 remainingLen = dataLen;
3222 i = 0;
3223 while (ret && remainingLen)
3224 {
3225 DWORD nextLen;
3226
3227 ret = CRYPT_GetLen(ptr, remainingLen, &nextLen);
3228 if (ret)
3229 {
3230 DWORD nextLenBytes = GET_LEN_BYTES(ptr[1]);
3231
3232 seq->rgValue[i].cbData = 1 + nextLenBytes +
3233 nextLen;
3234 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
3235 seq->rgValue[i].pbData = (BYTE *)ptr;
3236 else
3237 {
3238 seq->rgValue[i].pbData = nextPtr;
3239 memcpy(nextPtr, ptr, 1 + nextLenBytes +
3240 nextLen);
3241 nextPtr += 1 + nextLenBytes + nextLen;
3242 }
3243 remainingLen -= 1 + nextLenBytes + nextLen;
3244 ptr += 1 + nextLenBytes + nextLen;
3245 i++;
3246 }
3247 }
3248 }
3249 }
3250 }
3251 }
3252 else
3253 {
3254 SetLastError(CRYPT_E_ASN1_BADTAG);
3255 ret = FALSE;
3256 }
3257 }
3258 __EXCEPT_PAGE_FAULT
3259 {
3260 SetLastError(STATUS_ACCESS_VIOLATION);
3261 ret = FALSE;
3262 }
3263 __ENDTRY
3264 return ret;
3265 }
3266
3267 static BOOL WINAPI CRYPT_AsnDecodeDistPointName(DWORD dwCertEncodingType,
3268 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3269 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3270 {
3271 BOOL ret;
3272
3273 if (pbEncoded[0] == (ASN_CONTEXT | ASN_CONSTRUCTOR | 0))
3274 {
3275 DWORD bytesNeeded, dataLen;
3276
3277 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
3278 {
3279 struct AsnArrayDescriptor arrayDesc = {
3280 ASN_CONTEXT | ASN_CONSTRUCTOR | 0, CRYPT_AsnDecodeAltNameEntry,
3281 sizeof(CERT_ALT_NAME_ENTRY), TRUE,
3282 offsetof(CERT_ALT_NAME_ENTRY, u.pwszURL) };
3283 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
3284
3285 if (dataLen)
3286 {
3287 DWORD nameLen;
3288
3289 ret = CRYPT_AsnDecodeArray(&arrayDesc,
3290 pbEncoded + 1 + lenBytes, cbEncoded - 1 - lenBytes,
3291 0, NULL, NULL, &nameLen, NULL);
3292 bytesNeeded = sizeof(CRL_DIST_POINT_NAME) + nameLen;
3293 }
3294 else
3295 bytesNeeded = sizeof(CRL_DIST_POINT_NAME);
3296 if (!pvStructInfo)
3297 *pcbStructInfo = bytesNeeded;
3298 else if (*pcbStructInfo < bytesNeeded)
3299 {
3300 *pcbStructInfo = bytesNeeded;
3301 SetLastError(ERROR_MORE_DATA);
3302 ret = FALSE;
3303 }
3304 else
3305 {
3306 CRL_DIST_POINT_NAME *name = (CRL_DIST_POINT_NAME *)pvStructInfo;
3307
3308 if (dataLen)
3309 {
3310 name->dwDistPointNameChoice = CRL_DIST_POINT_FULL_NAME;
3311 ret = CRYPT_AsnDecodeArray(&arrayDesc,
3312 pbEncoded + 1 + lenBytes, cbEncoded - 1 - lenBytes,
3313 0, NULL, &name->u.FullName, pcbStructInfo,
3314 name->u.FullName.rgAltEntry);
3315 }
3316 else
3317 name->dwDistPointNameChoice = CRL_DIST_POINT_NO_NAME;
3318 }
3319 }
3320 }
3321 else
3322 {
3323 SetLastError(CRYPT_E_ASN1_BADTAG);
3324 ret = FALSE;
3325 }
3326 return ret;
3327 }
3328
3329 static BOOL WINAPI CRYPT_AsnDecodeDistPoint(DWORD dwCertEncodingType,
3330 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3331 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3332 {
3333 struct AsnDecodeSequenceItem items[] = {
3334 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CRL_DIST_POINT,
3335 DistPointName), CRYPT_AsnDecodeDistPointName,
3336 sizeof(CRL_DIST_POINT_NAME), TRUE, TRUE, offsetof(CRL_DIST_POINT,
3337 DistPointName.u.FullName.rgAltEntry), 0 },
3338 { ASN_CONTEXT | 1, offsetof(CRL_DIST_POINT, ReasonFlags),
3339 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), TRUE, TRUE,
3340 offsetof(CRL_DIST_POINT, ReasonFlags.pbData), 0 },
3341 { ASN_CONTEXT | ASN_CONSTRUCTOR | 2, offsetof(CRL_DIST_POINT, CRLIssuer),
3342 CRYPT_AsnDecodeAltNameInternal, sizeof(CERT_ALT_NAME_INFO), TRUE, TRUE,
3343 offsetof(CRL_DIST_POINT, CRLIssuer.rgAltEntry), 0 },
3344 };
3345 BOOL ret;
3346
3347 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
3348 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded,
3349 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3350 return ret;
3351 }
3352
3353 static BOOL WINAPI CRYPT_AsnDecodeCRLDistPoints(DWORD dwCertEncodingType,
3354 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3355 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3356 {
3357 BOOL ret;
3358
3359 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3360 pDecodePara, pvStructInfo, *pcbStructInfo);
3361
3362 __TRY
3363 {
3364 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3365 CRYPT_AsnDecodeDistPoint, sizeof(CRL_DIST_POINT), TRUE,
3366 offsetof(CRL_DIST_POINT, DistPointName.u.FullName.rgAltEntry) };
3367
3368 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
3369 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3370 }
3371 __EXCEPT_PAGE_FAULT
3372 {
3373 SetLastError(STATUS_ACCESS_VIOLATION);
3374 ret = FALSE;
3375 }
3376 __ENDTRY
3377 return ret;
3378 }
3379
3380 static BOOL WINAPI CRYPT_AsnDecodeEnhancedKeyUsage(DWORD dwCertEncodingType,
3381 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3382 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3383 {
3384 BOOL ret;
3385
3386 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3387 pDecodePara, pvStructInfo, *pcbStructInfo);
3388
3389 __TRY
3390 {
3391 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3392 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), TRUE, 0 };
3393
3394 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
3395 pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3396 }
3397 __EXCEPT_PAGE_FAULT
3398 {
3399 SetLastError(STATUS_ACCESS_VIOLATION);
3400 ret = FALSE;
3401 }
3402 __ENDTRY
3403 return ret;
3404 }
3405
3406 static BOOL WINAPI CRYPT_AsnDecodeIssuingDistPoint(DWORD dwCertEncodingType,
3407 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3408 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3409 {
3410 BOOL ret;
3411
3412 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3413 pDecodePara, pvStructInfo, *pcbStructInfo);
3414
3415 __TRY
3416 {
3417 struct AsnDecodeSequenceItem items[] = {
3418 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CRL_ISSUING_DIST_POINT,
3419 DistPointName), CRYPT_AsnDecodeDistPointName,
3420 sizeof(CRL_DIST_POINT_NAME), TRUE, TRUE,
3421 offsetof(CRL_ISSUING_DIST_POINT,
3422 DistPointName.u.FullName.rgAltEntry), 0 },
3423 { ASN_CONTEXT | 1, offsetof(CRL_ISSUING_DIST_POINT,
3424 fOnlyContainsUserCerts), CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE,
3425 FALSE, 0 },
3426 { ASN_CONTEXT | 2, offsetof(CRL_ISSUING_DIST_POINT,
3427 fOnlyContainsCACerts), CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE,
3428 FALSE, 0 },
3429 { ASN_CONTEXT | 3, offsetof(CRL_ISSUING_DIST_POINT,
3430 OnlySomeReasonFlags), CRYPT_AsnDecodeBitsInternal,
3431 sizeof(CRYPT_BIT_BLOB), TRUE, TRUE, offsetof(CRL_ISSUING_DIST_POINT,
3432 OnlySomeReasonFlags.pbData), 0 },
3433 { ASN_CONTEXT | 4, offsetof(CRL_ISSUING_DIST_POINT,
3434 fIndirectCRL), CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE, FALSE, 0 },
3435 };
3436
3437 ret = CRYPT_AsnDecodeSequence(dwCertEncodingType, items,
3438 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded,
3439 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3440 }
3441 __EXCEPT_PAGE_FAULT
3442 {
3443 SetLastError(STATUS_ACCESS_VIOLATION);
3444 ret = FALSE;
3445 }
3446 __ENDTRY
3447 return ret;
3448 }
3449
3450 BOOL WINAPI CryptDecodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType,
3451 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3452 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3453 {
3454 static HCRYPTOIDFUNCSET set = NULL;
3455 BOOL ret = FALSE;
3456 CryptDecodeObjectExFunc decodeFunc = NULL;
3457 HCRYPTOIDFUNCADDR hFunc = NULL;
3458
3459 TRACE("(0x%08x, %s, %p, %d, 0x%08x, %p, %p, %p)\n",
3460 dwCertEncodingType, debugstr_a(lpszStructType), pbEncoded,
3461 cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo);
3462
3463 if (!pvStructInfo && !pcbStructInfo)
3464 {
3465 SetLastError(ERROR_INVALID_PARAMETER);
3466 return FALSE;
3467 }
3468 if ((dwCertEncodingType & CERT_ENCODING_TYPE_MASK) != X509_ASN_ENCODING
3469 && (dwCertEncodingType & CMSG_ENCODING_TYPE_MASK) != PKCS_7_ASN_ENCODING)
3470 {
3471 SetLastError(ERROR_FILE_NOT_FOUND);
3472 return FALSE;
3473 }
3474 if (!cbEncoded)
3475 {
3476 SetLastError(CRYPT_E_ASN1_EOD);
3477 return FALSE;
3478 }
3479 if (cbEncoded > MAX_ENCODED_LEN)
3480 {
3481 SetLastError(CRYPT_E_ASN1_LARGE);
3482 return FALSE;
3483 }
3484
3485 SetLastError(NOERROR);
3486 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG && pvStructInfo)
3487 *(BYTE **)pvStructInfo = NULL;
3488 if (!HIWORD(lpszStructType))
3489 {
3490 switch (LOWORD(lpszStructType))
3491 {
3492 case (WORD)X509_CERT:
3493 decodeFunc = CRYPT_AsnDecodeCertSignedContent;
3494 break;
3495 case (WORD)X509_CERT_TO_BE_SIGNED:
3496 decodeFunc = CRYPT_AsnDecodeCert;
3497 break;
3498 case (WORD)X509_CERT_CRL_TO_BE_SIGNED:
3499 decodeFunc = CRYPT_AsnDecodeCRL;
3500 break;
3501 case (WORD)X509_EXTENSIONS:
3502 decodeFunc = CRYPT_AsnDecodeExtensions;
3503 break;
3504 case (WORD)X509_NAME_VALUE:
3505 decodeFunc = CRYPT_AsnDecodeNameValue;
3506 break;
3507 case (WORD)X509_NAME:
3508 decodeFunc = CRYPT_AsnDecodeName;
3509 break;
3510 case (WORD)X509_PUBLIC_KEY_INFO:
3511 decodeFunc = CRYPT_AsnDecodePubKeyInfo;
3512 break;
3513 case (WORD)X509_AUTHORITY_KEY_ID:
3514 decodeFunc = CRYPT_AsnDecodeAuthorityKeyId;
3515 break;
3516 case (WORD)X509_ALTERNATE_NAME:
3517 decodeFunc = CRYPT_AsnDecodeAltName;
3518 break;
3519 case (WORD)X509_BASIC_CONSTRAINTS:
3520 decodeFunc = CRYPT_AsnDecodeBasicConstraints;
3521 break;
3522 case (WORD)X509_BASIC_CONSTRAINTS2:
3523 decodeFunc = CRYPT_AsnDecodeBasicConstraints2;
3524 break;
3525 case (WORD)RSA_CSP_PUBLICKEYBLOB:
3526 decodeFunc = CRYPT_AsnDecodeRsaPubKey;
3527 break;
3528 case (WORD)X509_UNICODE_NAME:
3529 decodeFunc = CRYPT_AsnDecodeUnicodeName;
3530 break;
3531 case (WORD)X509_UNICODE_NAME_VALUE:
3532 decodeFunc = CRYPT_AsnDecodeUnicodeNameValue;
3533 break;
3534 case (WORD)X509_OCTET_STRING:
3535 decodeFunc = CRYPT_AsnDecodeOctets;
3536 break;
3537 case (WORD)X509_BITS:
3538 case (WORD)X509_KEY_USAGE:
3539 decodeFunc = CRYPT_AsnDecodeBits;
3540 break;
3541 case (WORD)X509_INTEGER:
3542 decodeFunc = CRYPT_AsnDecodeInt;
3543 break;
3544 case (WORD)X509_MULTI_BYTE_INTEGER:
3545 decodeFunc = CRYPT_AsnDecodeInteger;
3546 break;
3547 case (WORD)X509_MULTI_BYTE_UINT:
3548 decodeFunc = CRYPT_AsnDecodeUnsignedInteger;
3549 break;
3550 case (WORD)X509_ENUMERATED:
3551 decodeFunc = CRYPT_AsnDecodeEnumerated;
3552 break;
3553 case (WORD)X509_CHOICE_OF_TIME:
3554 decodeFunc = CRYPT_AsnDecodeChoiceOfTime;
3555 break;
3556 case (WORD)X509_SEQUENCE_OF_ANY:
3557 decodeFunc = CRYPT_AsnDecodeSequenceOfAny;
3558 break;
3559 case (WORD)PKCS_UTC_TIME:
3560 decodeFunc = CRYPT_AsnDecodeUtcTime;
3561 break;
3562 case (WORD)X509_CRL_DIST_POINTS:
3563 decodeFunc = CRYPT_AsnDecodeCRLDistPoints;
3564 break;
3565 case (WORD)X509_ENHANCED_KEY_USAGE:
3566 decodeFunc = CRYPT_AsnDecodeEnhancedKeyUsage;
3567 break;
3568 case (WORD)X509_ISSUING_DIST_POINT: