[CRYPT32] Sync with Wine Staging 3.3. CORE-14434
authorAmine Khaldi <amine.khaldi@reactos.org>
Fri, 9 Mar 2018 11:59:49 +0000 (12:59 +0100)
committerAmine Khaldi <amine.khaldi@reactos.org>
Fri, 9 Mar 2018 11:59:49 +0000 (12:59 +0100)
31 files changed:
dll/win32/crypt32/CMakeLists.txt
dll/win32/crypt32/base64.c
dll/win32/crypt32/cert.c
dll/win32/crypt32/chain.c
dll/win32/crypt32/collectionstore.c
dll/win32/crypt32/context.c
dll/win32/crypt32/crl.c
dll/win32/crypt32/crypt32.rc
dll/win32/crypt32/crypt32.spec
dll/win32/crypt32/crypt32_private.h
dll/win32/crypt32/cryptres.h
dll/win32/crypt32/ctl.c
dll/win32/crypt32/decode.c
dll/win32/crypt32/encode.c
dll/win32/crypt32/filestore.c
dll/win32/crypt32/main.c
dll/win32/crypt32/message.c
dll/win32/crypt32/msg.c
dll/win32/crypt32/object.c
dll/win32/crypt32/oid.c
dll/win32/crypt32/precomp.h [new file with mode: 0644]
dll/win32/crypt32/proplist.c
dll/win32/crypt32/protectdata.c
dll/win32/crypt32/provstore.c
dll/win32/crypt32/regstore.c
dll/win32/crypt32/rootstore.c
dll/win32/crypt32/serialize.c
dll/win32/crypt32/sip.c
dll/win32/crypt32/store.c
dll/win32/crypt32/str.c
media/doc/README.WINE

index 11539f7..6bef4c7 100644 (file)
@@ -35,7 +35,7 @@ list(APPEND SOURCE
     sip.c
     store.c
     str.c
-    crypt32_private.h)
+    precomp.h)
 
 add_library(crypt32 SHARED
     ${SOURCE}
@@ -46,6 +46,6 @@ add_library(crypt32 SHARED
 set_module_type(crypt32 win32dll)
 target_link_libraries(crypt32 wine ${PSEH_LIB} oldnames)
 add_delay_importlibs(crypt32 cryptnet)
-add_importlibs(crypt32 user32 advapi32 advapi32_vista msvcrt kernel32 ntdll)
-add_pch(crypt32 crypt32_private.h SOURCE)
+add_importlibs(crypt32 bcrypt user32 advapi32 advapi32_vista msvcrt kernel32 ntdll)
+add_pch(crypt32 precomp.h SOURCE)
 add_cd_file(TARGET crypt32 DESTINATION reactos/system32 FOR all)
index d3c6ecf..4a904d4 100644 (file)
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include "crypt32_private.h"
+#include <stdarg.h>
+#include "windef.h"
+#include "winbase.h"
+#include "winerror.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
+#include "wine/unicode.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
index 0cf885b..e379dc8 100644 (file)
  *
  */
 
+#include <assert.h>
+#include <stdarg.h>
+
+#define NONAMELESSUNION
+#include "ntstatus.h"
+#define WIN32_NO_STATUS
+#include "windef.h"
+#include "winbase.h"
+#include "wine/winternl.h"
+#define CRYPT_OID_INFO_HAS_EXTRA_FIELDS
+#include "wincrypt.h"
+#include "bcrypt.h"
+#include "winnls.h"
+#include "rpc.h"
+#include "wine/debug.h"
+#include "wine/unicode.h"
 #include "crypt32_private.h"
 
-#include <rpc.h>
-
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
 /* Internal version of CertGetCertificateContextProperty that gets properties
@@ -1875,7 +1889,7 @@ PCCERT_CONTEXT WINAPI CertGetIssuerCertificateFromStore(HCERTSTORE hCertStore,
             CertFreeCertificateContext(ret);
             ret = NULL;
         }
-        if (CRYPT_IsCertificateSelfSigned(pSubjectContext))
+        if (CRYPT_IsCertificateSelfSigned(pSubjectContext, NULL))
         {
             CertFreeCertificateContext(ret);
             ret = NULL;
@@ -2400,36 +2414,29 @@ BOOL WINAPI CryptVerifyCertificateSignature(HCRYPTPROV_LEGACY hCryptProv,
      CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY, pPublicKey, 0, NULL);
 }
 
-static BOOL CRYPT_VerifyCertSignatureFromPublicKeyInfo(HCRYPTPROV_LEGACY hCryptProv,
- DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pubKeyInfo,
const CERT_SIGNED_CONTENT_INFO *signedCert)
+static BOOL verify_signature_crypt(HCRYPTPROV_LEGACY hCryptProv,
   DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pubKeyInfo,
   const CERT_SIGNED_CONTENT_INFO *signedCert, PCCRYPT_OID_INFO info)
 {
-    BOOL ret;
-    HCRYPTKEY key;
-    PCCRYPT_OID_INFO info;
     ALG_ID pubKeyID, hashID;
+    HCRYPTHASH hash;
+    HCRYPTKEY key;
+    BOOL ret;
 
-    info = CryptFindOIDInfo(CRYPT_OID_INFO_OID_KEY,
-     signedCert->SignatureAlgorithm.pszObjId, 0);
-    if (!info || info->dwGroupId != CRYPT_SIGN_ALG_OID_GROUP_ID)
-    {
-        SetLastError(NTE_BAD_ALGID);
-        return FALSE;
-    }
     hashID = info->u.Algid;
     if (info->ExtraInfo.cbData >= sizeof(ALG_ID))
         pubKeyID = *(ALG_ID *)info->ExtraInfo.pbData;
     else
         pubKeyID = hashID;
+
     /* Load the default provider if necessary */
     if (!hCryptProv)
         hCryptProv = CRYPT_GetDefaultProvider();
+
     ret = CryptImportPublicKeyInfoEx(hCryptProv, dwCertEncodingType,
      pubKeyInfo, pubKeyID, 0, NULL, &key);
     if (ret)
     {
-        HCRYPTHASH hash;
-
         ret = CryptCreateHash(hCryptProv, hashID, 0, 0, &hash);
         if (ret)
         {
@@ -2445,6 +2452,270 @@ static BOOL CRYPT_VerifyCertSignatureFromPublicKeyInfo(HCRYPTPROV_LEGACY hCryptP
     return ret;
 }
 
+static BOOL calculate_hash_bcrypt(const WCHAR *algorithm,
+    const CERT_SIGNED_CONTENT_INFO *signedCert, BYTE **hash_value, DWORD *hash_len)
+{
+    BCRYPT_HASH_HANDLE hash = NULL;
+    BCRYPT_ALG_HANDLE alg = NULL;
+    NTSTATUS status;
+    DWORD size;
+    BOOL ret = FALSE;
+
+    if ((status = BCryptOpenAlgorithmProvider(&alg, algorithm, NULL, 0)))
+        goto done;
+
+    if ((status = BCryptCreateHash(alg, &hash, NULL, 0, NULL, 0, 0)))
+        goto done;
+
+    if ((status = BCryptHashData(hash, signedCert->ToBeSigned.pbData, signedCert->ToBeSigned.cbData, 0)))
+        goto done;
+
+    if ((status = BCryptGetProperty(hash, BCRYPT_HASH_LENGTH, (BYTE *)hash_len, sizeof(*hash_len), &size, 0)))
+        goto done;
+
+    if (!(*hash_value = CryptMemAlloc(*hash_len)))
+    {
+        status = STATUS_NO_MEMORY;
+        goto done;
+    }
+
+    if ((status = BCryptFinishHash(hash, *hash_value, *hash_len, 0)))
+    {
+        CryptMemFree(*hash_value);
+        goto done;
+    }
+
+    ret = TRUE;
+
+done:
+    if (hash) BCryptDestroyHash(hash);
+    if (alg)  BCryptCloseAlgorithmProvider(alg, 0);
+    if (status) SetLastError(RtlNtStatusToDosError(status));
+    return ret;
+}
+
+static BOOL import_bcrypt_pubkey_ecc(PCERT_PUBLIC_KEY_INFO pubKeyInfo, BCRYPT_KEY_HANDLE *key)
+{
+    DWORD blob_magic, ecckey_len, size;
+    NTSTATUS status = STATUS_SUCCESS;
+    BCRYPT_ECCKEY_BLOB *ecckey;
+    const WCHAR *sign_algo;
+    BCRYPT_ALG_HANDLE alg;
+    LPSTR *ecc_curve;
+
+    if (!pubKeyInfo->PublicKey.cbData)
+    {
+        SetLastError(NTE_BAD_ALGID);
+        return FALSE;
+    }
+
+    if (pubKeyInfo->PublicKey.pbData[0] != 0x4)
+    {
+        FIXME("Compressed ECC curves (%02x) not yet supported\n", pubKeyInfo->PublicKey.pbData[0]);
+        SetLastError(NTE_BAD_ALGID);
+        return FALSE;
+    }
+
+    if (!CryptDecodeObjectEx(X509_ASN_ENCODING, X509_OBJECT_IDENTIFIER,
+                             pubKeyInfo->Algorithm.Parameters.pbData,
+                             pubKeyInfo->Algorithm.Parameters.cbData,
+                             CRYPT_DECODE_ALLOC_FLAG, NULL, &ecc_curve, &size))
+        return FALSE;
+
+    if (!strcmp(*ecc_curve, szOID_ECC_CURVE_P256))
+    {
+        sign_algo = BCRYPT_ECDSA_P256_ALGORITHM;
+        blob_magic = BCRYPT_ECDSA_PUBLIC_P256_MAGIC;
+    }
+    else if(!strcmp(*ecc_curve, szOID_ECC_CURVE_P384))
+    {
+        sign_algo = BCRYPT_ECDSA_P384_ALGORITHM;
+        blob_magic = BCRYPT_ECDSA_PUBLIC_P384_MAGIC;
+    }
+    else
+    {
+        FIXME("Unsupported ecc curve type: %s\n", *ecc_curve);
+        sign_algo = NULL;
+        blob_magic = 0;
+    }
+    LocalFree(ecc_curve);
+
+    if (!sign_algo)
+    {
+        SetLastError(NTE_BAD_ALGID);
+        return FALSE;
+    }
+
+    if ((status = BCryptOpenAlgorithmProvider(&alg, sign_algo, NULL, 0)))
+    {
+        SetLastError(RtlNtStatusToDosError(status));
+        return FALSE;
+    }
+
+    ecckey_len = sizeof(BCRYPT_ECCKEY_BLOB) + pubKeyInfo->PublicKey.cbData - 1;
+    if (!(ecckey = CryptMemAlloc(ecckey_len)))
+    {
+        BCryptCloseAlgorithmProvider(alg, 0);
+        SetLastError(ERROR_OUTOFMEMORY);
+        return FALSE;
+    }
+
+    ecckey->dwMagic = blob_magic;
+    ecckey->cbKey = (pubKeyInfo->PublicKey.cbData - 1) / 2;
+    memcpy(ecckey + 1, pubKeyInfo->PublicKey.pbData + 1, pubKeyInfo->PublicKey.cbData - 1);
+
+    status = BCryptImportKeyPair(alg, NULL, BCRYPT_ECCPUBLIC_BLOB, key, (BYTE*)ecckey, ecckey_len, 0);
+    BCryptCloseAlgorithmProvider(alg, 0);
+    if (status)
+    {
+        SetLastError(RtlNtStatusToDosError(status));
+        return FALSE;
+    }
+
+    return TRUE;
+}
+
+static BOOL import_bcrypt_pubkey(PCERT_PUBLIC_KEY_INFO pubKeyInfo, BCRYPT_KEY_HANDLE *key)
+{
+    if (!strcmp(pubKeyInfo->Algorithm.pszObjId, szOID_ECC_PUBLIC_KEY))
+        return import_bcrypt_pubkey_ecc(pubKeyInfo, key);
+
+    FIXME("Unsupported public key type: %s\n", debugstr_a(pubKeyInfo->Algorithm.pszObjId));
+    SetLastError(NTE_BAD_ALGID);
+    return FALSE;
+}
+
+static BOOL prepare_bcrypt_signature_ecc(BYTE *encoded_sig, DWORD encoded_size,
+    BYTE **sig_value, DWORD *sig_len)
+{
+    CERT_ECC_SIGNATURE *ecc_sig;
+    DWORD size;
+    int i;
+
+    if (!CryptDecodeObjectEx(X509_ASN_ENCODING, X509_ECC_SIGNATURE,
+                             encoded_sig, encoded_size,
+                             CRYPT_DECODE_ALLOC_FLAG, NULL, &ecc_sig, &size))
+        return FALSE;
+
+    if (!ecc_sig->r.cbData || !ecc_sig->s.cbData)
+    {
+        LocalFree(ecc_sig);
+        SetLastError(ERROR_INVALID_DATA);
+        return FALSE;
+    }
+
+    *sig_len = ecc_sig->r.cbData + ecc_sig->s.cbData;
+    if (!(*sig_value = CryptMemAlloc(*sig_len)))
+    {
+        LocalFree(ecc_sig);
+        SetLastError(ERROR_OUTOFMEMORY);
+        return FALSE;
+    }
+
+    for (i = 0; i < ecc_sig->r.cbData; i++)
+        (*sig_value)[i] = ecc_sig->r.pbData[ecc_sig->r.cbData - i - 1];
+    for (i = 0; i < ecc_sig->s.cbData; i++)
+        (*sig_value)[ecc_sig->r.cbData + i] = ecc_sig->s.pbData[ecc_sig->s.cbData - i - 1];
+
+    LocalFree(ecc_sig);
+    return TRUE;
+}
+
+static BOOL prepare_bcrypt_signature(PCERT_PUBLIC_KEY_INFO pubKeyInfo,
+    const CERT_SIGNED_CONTENT_INFO *signedCert, BYTE **sig_value, DWORD *sig_len)
+{
+    BYTE *encoded_sig;
+    BOOL ret = FALSE;
+    int i;
+
+    if (!signedCert->Signature.cbData)
+    {
+        SetLastError(ERROR_INVALID_DATA);
+        return FALSE;
+    }
+
+    if (!(encoded_sig = CryptMemAlloc(signedCert->Signature.cbData)))
+    {
+        SetLastError(ERROR_OUTOFMEMORY);
+        return FALSE;
+    }
+
+    for (i = 0; i < signedCert->Signature.cbData; i++)
+        encoded_sig[i] = signedCert->Signature.pbData[signedCert->Signature.cbData - i - 1];
+
+    if (!strcmp(pubKeyInfo->Algorithm.pszObjId, szOID_ECC_PUBLIC_KEY))
+        ret = prepare_bcrypt_signature_ecc(encoded_sig, signedCert->Signature.cbData, sig_value, sig_len);
+    else
+    {
+        FIXME("Unsupported public key type: %s\n", debugstr_a(pubKeyInfo->Algorithm.pszObjId));
+        SetLastError(NTE_BAD_ALGID);
+    }
+
+    CryptMemFree(encoded_sig);
+    return ret;
+}
+
+static BOOL verify_signature_bcrypt(HCRYPTPROV_LEGACY hCryptProv,
+    DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pubKeyInfo,
+    const CERT_SIGNED_CONTENT_INFO *signedCert, PCCRYPT_OID_INFO info)
+{
+    BCRYPT_KEY_HANDLE key = NULL;
+    BYTE *hash_value, *sig_value;
+    DWORD hash_len, sig_len;
+    NTSTATUS status;
+
+    if (!calculate_hash_bcrypt(info->pwszCNGAlgid, signedCert, &hash_value, &hash_len))
+        return FALSE;
+
+    if (!import_bcrypt_pubkey(pubKeyInfo, &key))
+    {
+        CryptMemFree(hash_value);
+        return FALSE;
+    }
+
+    if (!prepare_bcrypt_signature(pubKeyInfo, signedCert, &sig_value, &sig_len))
+    {
+        CryptMemFree(hash_value);
+        BCryptDestroyKey(key);
+        return FALSE;
+    }
+
+    status = BCryptVerifySignature(key, NULL, hash_value, hash_len, sig_value, sig_len, 0);
+
+    BCryptDestroyKey(key);
+    CryptMemFree(hash_value);
+    CryptMemFree(sig_value);
+
+    if (status)
+    {
+        FIXME("Failed to verify signature: %08x\n", status);
+        SetLastError(RtlNtStatusToDosError(status));
+        return FALSE;
+    }
+
+    return TRUE;
+}
+
+static BOOL CRYPT_VerifyCertSignatureFromPublicKeyInfo(HCRYPTPROV_LEGACY hCryptProv,
+    DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pubKeyInfo,
+    const CERT_SIGNED_CONTENT_INFO *signedCert)
+{
+    PCCRYPT_OID_INFO info;
+
+    info = CryptFindOIDInfo(CRYPT_OID_INFO_OID_KEY,
+     signedCert->SignatureAlgorithm.pszObjId, 0);
+    if (!info || info->dwGroupId != CRYPT_SIGN_ALG_OID_GROUP_ID)
+    {
+        SetLastError(NTE_BAD_ALGID);
+        return FALSE;
+    }
+
+    if (info->u.Algid == CALG_OID_INFO_CNG_ONLY)
+        return verify_signature_bcrypt(hCryptProv, dwCertEncodingType, pubKeyInfo, signedCert, info);
+    else
+        return verify_signature_crypt(hCryptProv, dwCertEncodingType, pubKeyInfo, signedCert, info);
+}
+
 BOOL WINAPI CryptVerifyCertificateSignatureEx(HCRYPTPROV_LEGACY hCryptProv,
  DWORD dwCertEncodingType, DWORD dwSubjectType, void *pvSubject,
  DWORD dwIssuerType, void *pvIssuer, DWORD dwFlags, void *pvReserved)
index 45bb8f3..89a8ddb 100644 (file)
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  *
  */
-
+#include <stdarg.h>
+#define NONAMELESSUNION
+#include "windef.h"
+#include "winbase.h"
+#define CERT_CHAIN_PARA_HAS_EXTRA_FIELDS
+#define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
+#include "wincrypt.h"
+#include "wininet.h"
+#include "wine/debug.h"
+#include "wine/unicode.h"
 #include "crypt32_private.h"
 
-#include <wininet.h>
-
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 WINE_DECLARE_DEBUG_CHANNEL(chain);
 
@@ -258,7 +265,7 @@ typedef struct _CertificateChain
     LONG ref;
 } CertificateChain;
 
-BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert)
+BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert, DWORD *type)
 {
     PCERT_EXTENSION ext;
     DWORD size;
@@ -293,6 +300,7 @@ BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert)
                      &directoryName->u.DirectoryName, &cert->pCertInfo->Issuer)
                      && CertCompareIntegerBlob(&info->AuthorityCertSerialNumber,
                      &cert->pCertInfo->SerialNumber);
+                     if (type) *type = CERT_TRUST_HAS_NAME_MATCH_ISSUER;
                 }
                 else
                 {
@@ -314,6 +322,7 @@ BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert)
                          CERT_KEY_IDENTIFIER_PROP_ID, buf, &size);
                         ret = !memcmp(buf, info->KeyId.pbData, size);
                         CryptMemFree(buf);
+                        if (type) *type = CERT_TRUST_HAS_KEY_MATCH_ISSUER;
                     }
                     else
                         ret = FALSE;
@@ -341,6 +350,7 @@ BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert)
                  &info->CertIssuer, &cert->pCertInfo->Issuer) &&
                  CertCompareIntegerBlob(&info->CertSerialNumber,
                  &cert->pCertInfo->SerialNumber);
+                if (type) *type = CERT_TRUST_HAS_NAME_MATCH_ISSUER;
             }
             else if (info->KeyId.cbData)
             {
@@ -356,6 +366,7 @@ BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert)
                          CERT_KEY_IDENTIFIER_PROP_ID, buf, &size);
                         ret = !memcmp(buf, info->KeyId.pbData, size);
                         CryptMemFree(buf);
+                        if (type) *type = CERT_TRUST_HAS_KEY_MATCH_ISSUER;
                     }
                     else
                         ret = FALSE;
@@ -369,8 +380,11 @@ BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert)
         }
     }
     else
+    {
         ret = CertCompareCertificateName(cert->dwCertEncodingType,
          &cert->pCertInfo->Subject, &cert->pCertInfo->Issuer);
+        if (type) *type = CERT_TRUST_HAS_NAME_MATCH_ISSUER;
+    }
     return ret;
 }
 
@@ -1313,7 +1327,7 @@ static void CRYPT_CheckChainNameConstraints(PCERT_SIMPLE_CHAIN chain)
                      * constraints checked unless they're the end cert.
                      */
                     if (j == 0 || !CRYPT_IsCertificateSelfSigned(
-                     chain->rgpElement[j]->pCertContext))
+                     chain->rgpElement[j]->pCertContext, NULL))
                     {
                         CRYPT_CheckNameConstraints(nameConstraints,
                          chain->rgpElement[j]->pCertContext->pCertInfo,
@@ -1886,6 +1900,7 @@ static void CRYPT_CheckSimpleChain(CertificateChainEngine *engine,
     int i;
     BOOL pathLengthConstraintViolated = FALSE;
     CERT_BASIC_CONSTRAINTS2_INFO constraints = { FALSE, FALSE, 0 };
+    DWORD type;
 
     TRACE_(chain)("checking chain with %d elements for time %s\n",
      chain->cElement, filetime_to_str(time));
@@ -1897,7 +1912,7 @@ static void CRYPT_CheckSimpleChain(CertificateChainEngine *engine,
             dump_element(chain->rgpElement[i]->pCertContext);
         if (i == chain->cElement - 1)
             isRoot = CRYPT_IsCertificateSelfSigned(
-             chain->rgpElement[i]->pCertContext);
+             chain->rgpElement[i]->pCertContext, NULL);
         else
             isRoot = FALSE;
         if (!CRYPT_IsCertVersionValid(chain->rgpElement[i]->pCertContext))
@@ -1973,10 +1988,10 @@ static void CRYPT_CheckSimpleChain(CertificateChainEngine *engine,
     }
     CRYPT_CheckChainNameConstraints(chain);
     CRYPT_CheckChainPolicies(chain);
-    if (CRYPT_IsCertificateSelfSigned(rootElement->pCertContext))
+    if (CRYPT_IsCertificateSelfSigned(rootElement->pCertContext, &type))
     {
         rootElement->TrustStatus.dwInfoStatus |=
-         CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER;
+         CERT_TRUST_IS_SELF_SIGNED | type;
         CRYPT_CheckRootCert(engine->hRoot, rootElement);
     }
     CRYPT_CombineTrustStatus(&chain->TrustStatus, &rootElement->TrustStatus);
@@ -2188,7 +2203,7 @@ static BOOL CRYPT_BuildSimpleChain(const CertificateChainEngine *engine,
     PCCERT_CONTEXT cert = chain->rgpElement[chain->cElement - 1]->pCertContext;
 
     while (ret && !CRYPT_IsSimpleChainCyclic(chain) &&
-     !CRYPT_IsCertificateSelfSigned(cert))
+     !CRYPT_IsCertificateSelfSigned(cert, NULL))
     {
         PCCERT_CONTEXT issuer = CRYPT_GetIssuer(engine, world, cert, NULL, flags,
          &chain->rgpElement[chain->cElement - 1]->TrustStatus.dwInfoStatus);
index b0cdd7d..2c2398d 100644 (file)
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
-
+#include <stdarg.h>
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
@@ -160,7 +164,6 @@ static context_t *CRYPT_CollectionAdvanceEnum(WINE_COLLECTIONSTORE *store,
         Context_AddRef(child);
         child = contextFuncs->enumContext(storeEntry->store, child);
         Context_Release(prev);
-        prev = NULL;
     }
     else
     {
index e0824f5..90d1afd 100644 (file)
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
-
+#include <assert.h>
+#include <stdarg.h>
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(context);
index ada6bea..db80651 100644 (file)
  *
  */
 
+#include <assert.h>
+#include <stdarg.h>
+#define NONAMELESSUNION
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
+#include "wine/unicode.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
index 9214e27..2ed4b27 100644 (file)
@@ -27,7 +27,7 @@
 #define WINE_PRODUCTVERSION 5,131,2600,1243
 #define WINE_PRODUCTVERSION_STR "5.131.2600.1243"
 
-#include <wine/wine_common_ver.rc>
+#include "wine/wine_common_ver.rc"
 
 /* UTF-8 */
 #pragma code_page(65001)
index 00a2d62..fc0955e 100644 (file)
@@ -92,6 +92,7 @@
 @ stdcall CertSetStoreProperty(ptr long long ptr)
 @ stdcall CertStrToNameA(long str long ptr ptr ptr ptr)
 @ stdcall CertStrToNameW(long wstr long ptr ptr ptr ptr)
+@ stdcall CertUnregisterPhysicalStore(ptr long wstr)
 @ stdcall CertUnregisterSystemStore(ptr long)
 @ stdcall CertVerifyCRLRevocation(long ptr long ptr)
 @ stdcall CertVerifyCRLTimeValidity(ptr ptr)
index 9ef8655..5c08369 100644 (file)
 #ifndef __CRYPT32_PRIVATE_H__
 #define __CRYPT32_PRIVATE_H__
 
-#include <wine/config.h>
-#include <wine/port.h>
-
-#include <assert.h>
-#include <stdarg.h>
-#include <stdio.h>
-
-#define _INC_WINDOWS
-#define COM_NO_WINDOWS_H
-
-#define NONAMELESSUNION
-
-#include <windef.h>
-#include <winbase.h>
-#include <winuser.h>
-#include <winreg.h>
-#include <snmp.h>
-
-#define CERT_CHAIN_PARA_HAS_EXTRA_FIELDS
-#define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
-#include <wincrypt.h>
-
-#include <mssip.h>
-
-#include <wine/unicode.h>
-#include <wine/list.h>
-#include <wine/exception.h>
-#include <wine/debug.h>
-
-#include "cryptres.h"
+#include "wine/list.h"
 
 /* a few asn.1 tags we need */
 #define ASN_BOOL            (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x01)
@@ -370,7 +341,7 @@ void CRYPT_ImportSystemRootCertsToReg(void) DECLSPEC_HIDDEN;
 BOOL CRYPT_SerializeContextsToReg(HKEY key, DWORD flags, const WINE_CONTEXT_INTERFACE *contextInterface,
     HCERTSTORE memStore) DECLSPEC_HIDDEN;
 
-BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert) DECLSPEC_HIDDEN;
+BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert, DWORD *type) DECLSPEC_HIDDEN;
 
 /* Allocates and initializes a certificate chain engine, but without creating
  * the root store.  Instead, it uses root, and assumes the caller has done any
@@ -479,4 +450,4 @@ void init_empty_store(void) DECLSPEC_HIDDEN;
  */
 #define IS_INTOID(x)    (((ULONG_PTR)(x) >> 16) == 0)
 
-#endif /* __CRYPT32_PRIVATE_H__ */
+#endif
index fd6bc0d..bdb0251 100644 (file)
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
-
 #ifndef __WINE_CRYPTRES_H__
 #define __WINE_CRYPTRES_H__
 
+#include <windef.h>
+
 #define IDS_AUTHORITY_KEY_ID 1000
 #define IDS_KEY_ATTRIBUTES 1001
 #define IDS_KEY_USAGE_RESTRICTION 1002
index ec2f0aa..b8b728f 100644 (file)
  *
  */
 
+#include <assert.h>
+#include <stdarg.h>
+
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
index 5d91e30..cc028a9 100644 (file)
  * MSDN, especially "Constants for CryptEncodeObject and CryptDecodeObject"
  */
 
+#include "config.h"
+#include "wine/port.h"
+
+#include <assert.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#define NONAMELESSUNION
+
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "winnls.h"
+#include "snmp.h"
+#include "wine/debug.h"
+#include "wine/exception.h"
 #include "crypt32_private.h"
 
 /* This is a bit arbitrary, but to set some limit: */
@@ -68,7 +85,7 @@ static BOOL CRYPT_AsnDecodeAlgorithmId(const BYTE *pbEncoded, DWORD cbEncoded,
 static BOOL CRYPT_AsnDecodeBool(const BYTE *pbEncoded, DWORD cbEncoded,
  DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
 /* Assumes the CRYPT_DATA_BLOB's pbData member has been initialized */
-static BOOL CRYPT_AsnDecodeOctetsInternal(const BYTE *pbEncoded,
+static BOOL CRYPT_AsnDecodeOctets(const BYTE *pbEncoded,
  DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
  DWORD *pcbDecoded);
 /* Doesn't check the tag, assumes the caller does so */
@@ -462,6 +479,7 @@ static BOOL CRYPT_AsnDecodeSequence(struct AsnDecodeSequenceItem items[],
             {
                 dataLen = cbEncoded;
                 indefinite = TRUE;
+                lenBytes += 2;
             }
             else if (cbEncoded < dataLen)
             {
@@ -1404,7 +1422,7 @@ static BOOL CRYPT_AsnDecodeExtension(const BYTE *pbEncoded, DWORD cbEncoded,
      { ASN_BOOL, offsetof(CERT_EXTENSION, fCritical), CRYPT_AsnDecodeBool,
        sizeof(BOOL), TRUE, FALSE, 0, 0 },
      { ASN_OCTETSTRING, offsetof(CERT_EXTENSION, Value),
-       CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_OBJID_BLOB), FALSE, TRUE,
+       CRYPT_AsnDecodeOctets, sizeof(CRYPT_OBJID_BLOB), FALSE, TRUE,
        offsetof(CERT_EXTENSION, Value.pbData) },
     };
     BOOL ret = TRUE;
@@ -2166,7 +2184,7 @@ static BOOL CRYPT_AsnDecodeCTLEntry(const BYTE *pbEncoded, DWORD cbEncoded,
 {
     struct AsnDecodeSequenceItem items[] = {
      { ASN_OCTETSTRING, offsetof(CTL_ENTRY, SubjectIdentifier),
-       CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB), FALSE, TRUE,
+       CRYPT_AsnDecodeOctets, sizeof(CRYPT_DATA_BLOB), FALSE, TRUE,
        offsetof(CTL_ENTRY, SubjectIdentifier.pbData), 0 },
      { ASN_CONSTRUCTOR | ASN_SETOF, offsetof(CTL_ENTRY, cAttribute),
        CRYPT_AsnDecodeCTLEntryAttributes,
@@ -2259,7 +2277,7 @@ static BOOL WINAPI CRYPT_AsnDecodeCTL(DWORD dwCertEncodingType,
            CRYPT_AsnDecodeCTLUsage, sizeof(CTL_USAGE), FALSE, TRUE,
            offsetof(CTL_INFO, SubjectUsage.rgpszUsageIdentifier), 0 },
          { ASN_OCTETSTRING, offsetof(CTL_INFO, ListIdentifier),
-           CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB), TRUE,
+           CRYPT_AsnDecodeOctets, sizeof(CRYPT_DATA_BLOB), TRUE,
            TRUE, offsetof(CTL_INFO, ListIdentifier.pbData), 0 },
          { ASN_INTEGER, offsetof(CTL_INFO, SequenceNumber),
            CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
@@ -3120,11 +3138,11 @@ static BOOL WINAPI CRYPT_AsnDecodeAuthorityKeyId(DWORD dwCertEncodingType,
     {
         struct AsnDecodeSequenceItem items[] = {
          { ASN_CONTEXT | 0, offsetof(CERT_AUTHORITY_KEY_ID_INFO, KeyId),
-           CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB),
+           CRYPT_AsnDecodeOctets, sizeof(CRYPT_DATA_BLOB),
            TRUE, TRUE, offsetof(CERT_AUTHORITY_KEY_ID_INFO, KeyId.pbData), 0 },
          { ASN_CONTEXT | ASN_CONSTRUCTOR| 1,
            offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertIssuer),
-           CRYPT_AsnDecodeOctetsInternal, sizeof(CERT_NAME_BLOB), TRUE, TRUE,
+           CRYPT_AsnDecodeOctets, sizeof(CERT_NAME_BLOB), TRUE, TRUE,
            offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertIssuer.pbData), 0 },
          { ASN_CONTEXT | 2, offsetof(CERT_AUTHORITY_KEY_ID_INFO,
            CertSerialNumber), CRYPT_AsnDecodeIntegerInternal,
@@ -3155,7 +3173,7 @@ static BOOL WINAPI CRYPT_AsnDecodeAuthorityKeyId2(DWORD dwCertEncodingType,
     {
         struct AsnDecodeSequenceItem items[] = {
          { ASN_CONTEXT | 0, offsetof(CERT_AUTHORITY_KEY_ID2_INFO, KeyId),
-           CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB),
+           CRYPT_AsnDecodeOctets, sizeof(CRYPT_DATA_BLOB),
            TRUE, TRUE, offsetof(CERT_AUTHORITY_KEY_ID2_INFO, KeyId.pbData), 0 },
          { ASN_CONTEXT | ASN_CONSTRUCTOR| 1,
            offsetof(CERT_AUTHORITY_KEY_ID2_INFO, AuthorityCertIssuer),
@@ -3370,7 +3388,7 @@ BOOL CRYPT_AsnDecodePKCSDigestedData(const BYTE *pbEncoded, DWORD cbEncoded,
        sizeof(CRYPT_CONTENT_INFO), FALSE, TRUE, offsetof(CRYPT_DIGESTED_DATA,
        ContentInfo.pszObjId), 0 },
      { ASN_OCTETSTRING, offsetof(CRYPT_DIGESTED_DATA, hash),
-       CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_HASH_BLOB), FALSE, TRUE,
+       CRYPT_AsnDecodeOctets, sizeof(CRYPT_HASH_BLOB), FALSE, TRUE,
        offsetof(CRYPT_DIGESTED_DATA, hash.pbData), 0 },
     };
 
@@ -4062,7 +4080,7 @@ static BOOL WINAPI CRYPT_AsnDecodeRsaPrivKey(DWORD dwCertEncodingType,
     return ret;
 }
 
-static BOOL CRYPT_AsnDecodeOctetsInternal(const BYTE *pbEncoded,
+static BOOL CRYPT_AsnDecodeOctets(const BYTE *pbEncoded,
  DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
  DWORD *pcbDecoded)
 {
@@ -4111,7 +4129,99 @@ static BOOL CRYPT_AsnDecodeOctetsInternal(const BYTE *pbEncoded,
     return ret;
 }
 
-static BOOL WINAPI CRYPT_AsnDecodeOctets(DWORD dwCertEncodingType,
+static BOOL CRYPT_AsnDecodeOctetStringInternal(const BYTE *encoded, DWORD encoded_size,
+    DWORD flags, void *buf, DWORD *buf_size, DWORD *ret_decoded)
+{
+    DWORD decoded = 0, indefinite_len_depth = 0, len_size, len, bytes_needed;
+    CRYPT_DATA_BLOB *blob;
+    const BYTE *string;
+
+    while (encoded[0] == (ASN_CONSTRUCTOR | ASN_OCTETSTRING))
+    {
+        if (!CRYPT_GetLengthIndefinite(encoded, encoded_size, &len))
+            return FALSE;
+
+        len_size = GET_LEN_BYTES(encoded[1]);
+        encoded += 1 + len_size;
+        encoded_size -= 1 + len_size;
+        decoded += 1 + len_size;
+
+        if (len == CMSG_INDEFINITE_LENGTH)
+        {
+            indefinite_len_depth++;
+            if (encoded_size < 2)
+            {
+                SetLastError(CRYPT_E_ASN1_EOD);
+                return FALSE;
+            }
+            encoded_size -= 2;
+            decoded += 2;
+        }
+    }
+
+    if (encoded[0] != ASN_OCTETSTRING)
+    {
+        WARN("Unexpected tag %02x\n", encoded[0]);
+        SetLastError(CRYPT_E_ASN1_BADTAG);
+        return FALSE;
+    }
+
+    if (!CRYPT_GetLen(encoded, encoded_size, &len))
+        return FALSE;
+    len_size = GET_LEN_BYTES(encoded[1]);
+    decoded += 1 + len_size + len;
+    encoded_size -= 1 + len_size;
+
+    if (len > encoded_size)
+    {
+        SetLastError(CRYPT_E_ASN1_EOD);
+        return FALSE;
+    }
+    if (ret_decoded)
+        *ret_decoded = decoded;
+
+    encoded += 1 + len_size;
+    string = encoded;
+    encoded += len;
+
+    while (indefinite_len_depth--)
+    {
+        if (encoded[0] || encoded[1])
+        {
+            TRACE("expected 0 TLV, got %02x %02x\n", encoded[0], encoded[1]);
+            SetLastError(CRYPT_E_ASN1_CORRUPT);
+            return FALSE;
+        }
+    }
+
+    bytes_needed = sizeof(*blob);
+    if (!(flags & CRYPT_DECODE_NOCOPY_FLAG)) bytes_needed += len;
+    if (!buf)
+    {
+        *buf_size = bytes_needed;
+        return TRUE;
+    }
+    if (*buf_size < bytes_needed)
+    {
+        SetLastError(ERROR_MORE_DATA);
+        *buf_size = bytes_needed;
+        return FALSE;
+    }
+
+    *buf_size = bytes_needed;
+    blob = buf;
+    blob->cbData = len;
+    if (flags & CRYPT_DECODE_NOCOPY_FLAG)
+        blob->pbData = (BYTE*)string;
+    else if (blob->cbData)
+        memcpy(blob->pbData, string, blob->cbData);
+
+    if (ret_decoded)
+        *ret_decoded = decoded;
+    return TRUE;
+}
+
+static BOOL WINAPI CRYPT_AsnDecodeOctetString(DWORD dwCertEncodingType,
  LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
  PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
 {
@@ -4120,21 +4230,17 @@ static BOOL WINAPI CRYPT_AsnDecodeOctets(DWORD dwCertEncodingType,
     TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
      pDecodePara, pvStructInfo, *pcbStructInfo);
 
+    if (!cbEncoded)
+    {
+        SetLastError(CRYPT_E_ASN1_CORRUPT);
+        return FALSE;
+    }
+
     __TRY
     {
         DWORD bytesNeeded = 0;
 
-        if (!cbEncoded)
-        {
-            SetLastError(CRYPT_E_ASN1_CORRUPT);
-            ret = FALSE;
-        }
-        else if (pbEncoded[0] != ASN_OCTETSTRING)
-        {
-            SetLastError(CRYPT_E_ASN1_BADTAG);
-            ret = FALSE;
-        }
-        else if ((ret = CRYPT_AsnDecodeOctetsInternal(pbEncoded, cbEncoded,
+        if ((ret = CRYPT_AsnDecodeOctetStringInternal(pbEncoded, cbEncoded,
          dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
         {
             if (!pvStructInfo)
@@ -4148,7 +4254,7 @@ static BOOL WINAPI CRYPT_AsnDecodeOctets(DWORD dwCertEncodingType,
                     pvStructInfo = *(BYTE **)pvStructInfo;
                 blob = pvStructInfo;
                 blob->pbData = (BYTE *)pvStructInfo + sizeof(CRYPT_DATA_BLOB);
-                ret = CRYPT_AsnDecodeOctetsInternal(pbEncoded, cbEncoded,
+                ret = CRYPT_AsnDecodeOctetStringInternal(pbEncoded, cbEncoded,
                  dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
                  &bytesNeeded, NULL);
                 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
@@ -5467,7 +5573,7 @@ static BOOL CRYPT_AsnDecodePKCSSignerInfoInternal(const BYTE *pbEncoded,
        FALSE, TRUE, offsetof(CMSG_SIGNER_INFO,
        HashEncryptionAlgorithm.pszObjId), 0 },
      { ASN_OCTETSTRING, offsetof(CMSG_SIGNER_INFO, EncryptedHash),
-       CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DER_BLOB),
+       CRYPT_AsnDecodeOctets, sizeof(CRYPT_DER_BLOB),
        FALSE, TRUE, offsetof(CMSG_SIGNER_INFO, EncryptedHash.pbData), 0 },
      { ASN_CONSTRUCTOR | ASN_CONTEXT | 1,
        offsetof(CMSG_SIGNER_INFO, UnauthAttrs),
@@ -5592,7 +5698,7 @@ static BOOL CRYPT_AsnDecodeCMSSignerId(const BYTE *pbEncoded,
     }
     else if (*pbEncoded == (ASN_CONTEXT | 0))
     {
-        ret = CRYPT_AsnDecodeOctetsInternal(pbEncoded, cbEncoded, dwFlags,
+        ret = CRYPT_AsnDecodeOctets(pbEncoded, cbEncoded, dwFlags,
          id ? &id->u.KeyId : NULL, pcbStructInfo, pcbDecoded);
         if (ret)
         {
@@ -5636,7 +5742,7 @@ static BOOL CRYPT_AsnDecodeCMSSignerInfoInternal(const BYTE *pbEncoded,
        FALSE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO,
        HashEncryptionAlgorithm.pszObjId), 0 },
      { ASN_OCTETSTRING, offsetof(CMSG_CMS_SIGNER_INFO, EncryptedHash),
-       CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DER_BLOB),
+       CRYPT_AsnDecodeOctets, sizeof(CRYPT_DER_BLOB),
        FALSE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO, EncryptedHash.pbData), 0 },
      { ASN_CONSTRUCTOR | ASN_CONTEXT | 1,
        offsetof(CMSG_CMS_SIGNER_INFO, UnauthAttrs),
@@ -5774,7 +5880,7 @@ static BOOL CRYPT_AsnDecodeRecipientInfo(const BYTE *pbEncoded, DWORD cbEncoded,
        offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO,
        KeyEncryptionAlgorithm.pszObjId), 0 },
      { ASN_OCTETSTRING, offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO, EncryptedKey),
-       CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB), FALSE, TRUE,
+       CRYPT_AsnDecodeOctets, sizeof(CRYPT_DATA_BLOB), FALSE, TRUE,
        offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO, EncryptedKey.pbData), 0 },
     };
 
@@ -5830,7 +5936,7 @@ static BOOL CRYPT_AsnDecodeEncryptedContentInfo(const BYTE *pbEncoded,
        offsetof(CRYPT_ENCRYPTED_CONTENT_INFO,
        contentEncryptionAlgorithm.pszObjId), 0 },
      { ASN_CONTEXT | 0, offsetof(CRYPT_ENCRYPTED_CONTENT_INFO,
-       encryptedContent), CRYPT_AsnDecodeOctetsInternal,
+       encryptedContent), CRYPT_AsnDecodeOctets,
        sizeof(CRYPT_DATA_BLOB), TRUE, TRUE,
        offsetof(CRYPT_ENCRYPTED_CONTENT_INFO, encryptedContent.pbData) },
     };
@@ -5873,6 +5979,75 @@ BOOL CRYPT_AsnDecodePKCSEnvelopedData(const BYTE *pbEncoded, DWORD cbEncoded,
     return ret;
 }
 
+static BOOL WINAPI CRYPT_AsnDecodeObjectIdentifier(DWORD dwCertEncodingType,
+ LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
+ PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
+{
+    DWORD bytesNeeded = 0;
+    BOOL ret;
+
+    __TRY
+    {
+        ret = CRYPT_AsnDecodeOidInternal(pbEncoded, cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
+                                         NULL, &bytesNeeded, NULL);
+        if (ret)
+        {
+            if (!pvStructInfo)
+                *pcbStructInfo = bytesNeeded;
+            else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, bytesNeeded)))
+            {
+                LPSTR *info;
+
+                if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
+                    pvStructInfo = *(BYTE **)pvStructInfo;
+
+                info = pvStructInfo;
+                *info = (void *)((BYTE *)info + sizeof(*info));
+                ret = CRYPT_AsnDecodeOidInternal(pbEncoded, cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
+                                                 pvStructInfo, &bytesNeeded, NULL);
+                if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
+                    CRYPT_FreeSpace(pDecodePara, info);
+            }
+        }
+    }
+    __EXCEPT_PAGE_FAULT
+    {
+        SetLastError(STATUS_ACCESS_VIOLATION);
+        ret = FALSE;
+    }
+    __ENDTRY
+    return ret;
+}
+
+static BOOL WINAPI CRYPT_AsnDecodeEccSignature(DWORD dwCertEncodingType,
+ LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
+ PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
+{
+    BOOL ret;
+    struct AsnDecodeSequenceItem items[] = {
+     { ASN_INTEGER, offsetof(CERT_ECC_SIGNATURE, r),
+       CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_UINT_BLOB), FALSE,
+       TRUE, offsetof(CERT_ECC_SIGNATURE, r.pbData), 0 },
+     { ASN_INTEGER, offsetof(CERT_ECC_SIGNATURE, s),
+       CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_UINT_BLOB), FALSE,
+       TRUE, offsetof(CERT_ECC_SIGNATURE, s.pbData), 0 },
+    };
+
+    __TRY
+    {
+        ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
+         pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
+         pcbStructInfo, NULL, NULL);
+    }
+    __EXCEPT_PAGE_FAULT
+    {
+        SetLastError(STATUS_ACCESS_VIOLATION);
+        ret = FALSE;
+    }
+    __ENDTRY
+    return ret;
+}
+
 static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
  LPCSTR lpszStructType)
 {
@@ -5940,7 +6115,7 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
             decodeFunc = CRYPT_AsnDecodeUnicodeNameValue;
             break;
         case LOWORD(X509_OCTET_STRING):
-            decodeFunc = CRYPT_AsnDecodeOctets;
+            decodeFunc = CRYPT_AsnDecodeOctetString;
             break;
         case LOWORD(X509_BITS):
         case LOWORD(X509_KEY_USAGE):
@@ -6012,6 +6187,12 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
         case LOWORD(CMS_SIGNER_INFO):
             decodeFunc = CRYPT_AsnDecodeCMSSignerInfo;
             break;
+        case LOWORD(X509_OBJECT_IDENTIFIER):
+            decodeFunc = CRYPT_AsnDecodeObjectIdentifier;
+            break;
+        case LOWORD(X509_ECC_SIGNATURE):
+            decodeFunc = CRYPT_AsnDecodeEccSignature;
+            break;
         }
     }
     else if (!strcmp(lpszStructType, szOID_CERT_EXTENSIONS))
@@ -6031,7 +6212,7 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
     else if (!strcmp(lpszStructType, szOID_KEY_USAGE))
         decodeFunc = CRYPT_AsnDecodeBits;
     else if (!strcmp(lpszStructType, szOID_SUBJECT_KEY_IDENTIFIER))
-        decodeFunc = CRYPT_AsnDecodeOctets;
+        decodeFunc = CRYPT_AsnDecodeOctetString;
     else if (!strcmp(lpszStructType, szOID_BASIC_CONSTRAINTS))
         decodeFunc = CRYPT_AsnDecodeBasicConstraints;
     else if (!strcmp(lpszStructType, szOID_BASIC_CONSTRAINTS2))
@@ -6066,6 +6247,8 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
         decodeFunc = CRYPT_AsnDecodePolicyQualifierUserNotice;
     else if (!strcmp(lpszStructType, szOID_CTL))
         decodeFunc = CRYPT_AsnDecodeCTL;
+    else if (!strcmp(lpszStructType, szOID_ECC_PUBLIC_KEY))
+        decodeFunc = CRYPT_AsnDecodeObjectIdentifier;
     return decodeFunc;
 }
 
index b006704..6f9f595 100644 (file)
  * MSDN, especially "Constants for CryptEncodeObject and CryptDecodeObject"
  */
 
+#include "config.h"
+#include "wine/port.h"
+
+#include <assert.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#define NONAMELESSUNION
+
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "snmp.h"
+#include "wine/debug.h"
+#include "wine/exception.h"
+#include "wine/unicode.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(cryptasn);
index f3e618f..0f7d8d5 100644 (file)
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
-
+#include <stdarg.h>
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "winnls.h"
+#include "wine/debug.h"
+#include "wine/unicode.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
index 8f2902e..c03c092 100644 (file)
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include "crypt32_private.h"
-
+#include "config.h"
+#include <stdarg.h>
+#include <stdio.h>
+
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "winreg.h"
+#include "winuser.h"
 #include "i_cryptasn1tls.h"
+#include "crypt32_private.h"
+#include "wine/debug.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
index e740235..5b77c87 100644 (file)
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include "crypt32_private.h"
+#include <stdarg.h>
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+
+#include "wine/debug.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
index c9a0fe1..fd43a7b 100644 (file)
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
+#include "config.h"
+#include "wine/port.h"
+
+#include <stdarg.h>
+#define NONAMELESSUNION
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "snmp.h"
+
+#include "wine/debug.h"
+#include "wine/exception.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
@@ -2715,12 +2727,10 @@ static BOOL CRYPT_CopySignerInfo(void *pvData, DWORD *pcbData,
     size += CRYPT_SizeOfAttributes(&in->UnauthAttrs);
     if (!pvData)
     {
-        *pcbData = size;
         ret = TRUE;
     }
     else if (*pcbData < size)
     {
-        *pcbData = size;
         SetLastError(ERROR_MORE_DATA);
         ret = FALSE;
     }
@@ -2753,6 +2763,7 @@ static BOOL CRYPT_CopySignerInfo(void *pvData, DWORD *pcbData,
             CRYPT_CopyAttributes(&out->UnauthAttrs, &in->UnauthAttrs, &nextData);
         }
     }
+    *pcbData = size;
     TRACE("returning %d\n", ret);
     return ret;
 }
index 78dea19..0320cfd 100644 (file)
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
-
+#include <stdarg.h>
+#define NONAMELESSUNION
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "mssip.h"
+#include "winuser.h"
+#include "wintrust.h"
 #include "crypt32_private.h"
-
-#include <wintrust.h>
+#include "cryptres.h"
+#include "wine/unicode.h"
+#include "wine/debug.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
index ff1c859..42d998a 100644 (file)
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
+#include "config.h"
+#include "wine/port.h"
+
+#include <stdio.h>
+#include <stdarg.h>
+#define NONAMELESSUNION
+#include "windef.h"
+#include "winbase.h"
+#define CRYPT_OID_INFO_HAS_EXTRA_FIELDS
+#include "wincrypt.h"
+#include "winreg.h"
+#include "winuser.h"
+#include "wine/debug.h"
+#include "wine/list.h"
 #include "crypt32_private.h"
+#include "cryptres.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
@@ -1066,6 +1081,8 @@ static const WCHAR sha384RSA[] = { 's','h','a','3','8','4','R','S','A',0 };
 static const WCHAR sha512RSA[] = { 's','h','a','5','1','2','R','S','A',0 };
 static const WCHAR mosaicUpdatedSig[] =
  { 'm','o','s','a','i','c','U','p','d','a','t','e','d','S','i','g',0 };
+static const WCHAR sha256ECDSA[] = { 's','h','a','2','5','6','E','C','D','S','A',0 };
+static const WCHAR sha384ECDSA[] = { 's','h','a','3','8','4','E','C','D','S','A',0 };
 static const WCHAR CN[] = { 'C','N',0 };
 static const WCHAR L[] = { 'L',0 };
 static const WCHAR O[] = { 'O',0 };
@@ -1112,12 +1129,16 @@ static const DWORD dssSign[2] = { CALG_DSS_SIGN,
 static const DWORD mosaicSign[2] = { CALG_DSS_SIGN,
  CRYPT_OID_INHIBIT_SIGNATURE_FORMAT_FLAG |
  CRYPT_OID_NO_NULL_ALGORITHM_PARA_FLAG };
+static const DWORD ecdsaSign[2] = { CALG_OID_INFO_PARAMETERS,
+ CRYPT_OID_NO_NULL_ALGORITHM_PARA_FLAG };
 static const CRYPT_DATA_BLOB rsaSignBlob = { sizeof(rsaSign),
  (LPBYTE)&rsaSign };
 static const CRYPT_DATA_BLOB dssSignBlob = { sizeof(dssSign),
  (LPBYTE)dssSign };
 static const CRYPT_DATA_BLOB mosaicSignBlob = { sizeof(mosaicSign),
  (LPBYTE)mosaicSign };
+static const CRYPT_DATA_BLOB ecdsaSignBlob = { sizeof(ecdsaSign),
+ (LPBYTE)ecdsaSign };
 
 static const DWORD ia5String[] = { CERT_RDN_IA5_STRING, 0 };
 static const DWORD numericString[] = { CERT_RDN_NUMERIC_STRING, 0 };
@@ -1139,6 +1160,8 @@ static const struct OIDInfoConstructor {
     UINT    Algid;
     LPCWSTR pwszName;
     const CRYPT_DATA_BLOB *blob;
+    LPCWSTR pwszCNGAlgid;
+    LPCWSTR pwszCNGExtraAlgid;
 } oidInfoConstructors[] = {
  { 1, szOID_OIWSEC_sha1,               CALG_SHA1,     sha1, NULL },
  { 1, szOID_OIWSEC_sha1,               CALG_SHA1,     sha, NULL },
@@ -1146,6 +1169,7 @@ static const struct OIDInfoConstructor {
  { 1, szOID_RSA_MD5,                   CALG_MD5,      md5, NULL },
  { 1, szOID_RSA_MD4,                   CALG_MD4,      md4, NULL },
  { 1, szOID_RSA_MD2,                   CALG_MD2,      md2, NULL },
+ /* NOTE: Windows Vista+ uses -1 instead of CALG_SHA_* following SHA entries. */
  { 1, szOID_NIST_sha256,               CALG_SHA_256,  sha256, NULL },
  { 1, szOID_NIST_sha384,               CALG_SHA_384,  sha384, NULL },
  { 1, szOID_NIST_sha512,               CALG_SHA_512,  sha512, NULL },
@@ -1193,6 +1217,10 @@ static const struct OIDInfoConstructor {
  { 4, szOID_OIWSEC_dsaSHA1,            CALG_SHA1,     dsaSHA1, &dssSignBlob },
  { 4, szOID_INFOSEC_mosaicUpdatedSig,  CALG_SHA1,     mosaicUpdatedSig,
    &mosaicSignBlob },
+ { 4, szOID_ECDSA_SHA256,              CALG_OID_INFO_CNG_ONLY, sha256ECDSA, &ecdsaSignBlob,
+   BCRYPT_SHA256_ALGORITHM, CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM },
+ { 4, szOID_ECDSA_SHA384,              CALG_OID_INFO_CNG_ONLY, sha384ECDSA, &ecdsaSignBlob,
+   BCRYPT_SHA384_ALGORITHM, CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM },
 
  { 5, szOID_COMMON_NAME,              0, CN, NULL },
  { 5, szOID_LOCALITY_NAME,            0, L, NULL },
@@ -1408,6 +1436,8 @@ static void init_oid_info(void)
                     info->info.ExtraInfo.pbData =
                      oidInfoConstructors[i].blob->pbData;
                 }
+                info->info.pwszCNGAlgid = oidInfoConstructors[i].pwszCNGAlgid;
+                info->info.pwszCNGExtraAlgid = oidInfoConstructors[i].pwszCNGExtraAlgid;
                 list_add_tail(&oidInfo, &info->entry);
             }
         }
@@ -1440,6 +1470,8 @@ static void init_oid_info(void)
                         info->info.ExtraInfo.pbData =
                          oidInfoConstructors[i].blob->pbData;
                     }
+                    info->info.pwszCNGAlgid = oidInfoConstructors[i].pwszCNGAlgid;
+                    info->info.pwszCNGExtraAlgid = oidInfoConstructors[i].pwszCNGExtraAlgid;
                     list_add_tail(&oidInfo, &info->entry);
                 }
             }
diff --git a/dll/win32/crypt32/precomp.h b/dll/win32/crypt32/precomp.h
new file mode 100644 (file)
index 0000000..9033691
--- /dev/null
@@ -0,0 +1,40 @@
+
+#ifndef __CRYPT32_PRECOMP_H__
+#define __CRYPT32_PRECOMP_H__
+
+#include <wine/config.h>
+#include <wine/port.h>
+
+#include <assert.h>
+#include <stdarg.h>
+#include <stdio.h>
+
+#define _INC_WINDOWS
+#define COM_NO_WINDOWS_H
+
+#define NONAMELESSUNION
+
+#include <ntstatus.h>
+#define WIN32_NO_STATUS
+#include <windef.h>
+#include <winbase.h>
+#include <wine/winternl.h>
+#include <winuser.h>
+#include <winreg.h>
+#include <snmp.h>
+
+#define CERT_CHAIN_PARA_HAS_EXTRA_FIELDS
+#define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
+#define CRYPT_OID_INFO_HAS_EXTRA_FIELDS
+#include <wincrypt.h>
+
+#include <mssip.h>
+
+#include <wine/unicode.h>
+#include <wine/exception.h>
+#include <wine/debug.h>
+
+#include "crypt32_private.h"
+#include "cryptres.h"
+
+#endif /* !__CRYPT32_PRECOMP_H__ */
index 291b94c..f5ae221 100644 (file)
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
-
+#include <assert.h>
+#include <stdarg.h>
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
+#include "wine/list.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
index 6ef8b63..20e11f4 100644 (file)
  *
  */
 
-#include "crypt32_private.h"
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
index 640ea62..a6f7130 100644 (file)
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
+#include <stdarg.h>
+#include <assert.h>
+
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
index ba4b439..5a39a26 100644 (file)
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
-
+#include <assert.h>
+#include <stdarg.h>
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "winreg.h"
+#include "winuser.h"
+#include "wine/debug.h"
 #include "crypt32_private.h"
 
-#include <shlwapi.h>
-
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
 typedef struct _WINE_HASH_TO_DELETE
index a5e2744..cdeec74 100644 (file)
@@ -15,9 +15,9 @@
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
-
-#include "crypt32_private.h"
-
+#include "config.h"
+#include <stdarg.h>
+#include <stdio.h>
 #include <sys/types.h>
 #ifdef HAVE_SYS_STAT_H
 #include <sys/stat.h>
 #ifdef HAVE_SECURITY_SECURITY_H
 #include <Security/Security.h>
 #endif
+#include "ntstatus.h"
+#define WIN32_NO_STATUS
+#include "windef.h"
+#include "winbase.h"
+#include "winreg.h"
+#include "wincrypt.h"
+#include "wine/winternl.h"
+#include "wine/debug.h"
+#include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
index b722d21..e8ccc4a 100644 (file)
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
+#include "config.h"
+#include "wine/port.h"
+
+#include <stdarg.h>
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
+#include "wine/exception.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
index 9d195e0..8b561fd 100644 (file)
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include "crypt32_private.h"
+#include <stdarg.h>
+#include <stdio.h>
+
+#include "windef.h"
+#include "winbase.h"
+#include "wincrypt.h"
+#include "winreg.h"
+#include "winnls.h"
+#include "mssip.h"
+#include "winuser.h"
+
+#include "wine/debug.h"
+#include "wine/list.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
index 7910635..bc4ebde 100644 (file)
  * - Many flags, options and whatnot are unimplemented.
  */
 
+#include "config.h"
+#include "wine/port.h"
+
+#include <assert.h>
+#include <stdarg.h>
+#include "windef.h"
+#include "winbase.h"
+#include "winnls.h"
+#include "winreg.h"
+#include "winuser.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
+#include "wine/exception.h"
 #include "crypt32_private.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
@@ -1371,6 +1384,13 @@ BOOL WINAPI CertRegisterPhysicalStore(const void *pvSystemStore, DWORD dwFlags,
     return FALSE;
 }
 
+BOOL WINAPI CertUnregisterPhysicalStore(const void *pvSystemStore, DWORD dwFlags,
+ LPCWSTR pwszStoreName)
+{
+    FIXME("(%p, %08x, %s): stub\n", pvSystemStore, dwFlags, debugstr_w(pwszStoreName));
+    return TRUE;
+}
+
 BOOL WINAPI CertRegisterSystemStore(const void *pvSystemStore, DWORD dwFlags,
   PCERT_SYSTEM_STORE_INFO pStoreInfo, void *pvReserved)
 {
@@ -1394,7 +1414,7 @@ BOOL WINAPI CertRegisterSystemStore(const void *pvSystemStore, DWORD dwFlags,
     return FALSE;
 }
 
-BOOL WINAPI CertUnregisterSystemStore(void *pvSystemStore, DWORD dwFlags)
+BOOL WINAPI CertUnregisterSystemStore(const void *pvSystemStore, DWORD dwFlags)
 {
     HCERTSTORE hstore;
 
index d2eee45..1daf29f 100644 (file)
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
+#include <stdarg.h>
 
-#include "crypt32_private.h"
+#define NONAMELESSUNION
+
+#include "windef.h"
+#include "winbase.h"
+#include "winnls.h"
+#include "winuser.h"
+#include "wincrypt.h"
+#include "wine/debug.h"
+#include "wine/unicode.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
 
index 50402e4..7d6bb23 100644 (file)
@@ -58,7 +58,7 @@ reactos/dll/win32/comctl32            # Synced to Wine-3.0
 reactos/dll/win32/comdlg32            # Synced to WineStaging-3.3
 reactos/dll/win32/compstui            # Synced to WineStaging-3.3
 reactos/dll/win32/credui              # Synced to WineStaging-3.3
-reactos/dll/win32/crypt32             # Synced to WineStaging-2.16
+reactos/dll/win32/crypt32             # Synced to WineStaging-3.3
 reactos/dll/win32/cryptdlg            # Synced to WineStaging-2.9
 reactos/dll/win32/cryptdll            # Synced to WineStaging-2.9
 reactos/dll/win32/cryptnet            # Synced to WineStaging-2.9