search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
comctl32: Fix a typo in comment.
[wine.git] / dlls / crypt32 / decode.c
blob09c9608e31e40b560538777f4f1c1c3e67364b0d
1 /*
2 * Copyright 2005-2009 Juan Lang
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 *
18 * This file implements ASN.1 DER decoding of a limited set of types.
19 * It isn't a full ASN.1 implementation. Microsoft implements BER
20 * encoding of many of the basic types in msasn1.dll, but that interface isn't
21 * implemented, so I implement them here.
22 *
23 * References:
24 * "A Layman's Guide to a Subset of ASN.1, BER, and DER", by Burton Kaliski
25 * (available online, look for a PDF copy as the HTML versions tend to have
26 * translation errors.)
27 *
28 * RFC3280, http://www.faqs.org/rfcs/rfc3280.html
29 *
30 * MSDN, especially "Constants for CryptEncodeObject and CryptDecodeObject"
31 */
32
33 #include "config.h"
34 #include "wine/port.h"
35
36 #include <assert.h>
37 #include <stdarg.h>
38 #include <stdio.h>
39 #include <stdlib.h>
40
41 #define NONAMELESSUNION
42
43 #include "windef.h"
44 #include "winbase.h"
45 #include "wincrypt.h"
46 #include "winnls.h"
47 #include "snmp.h"
48 #include "wine/debug.h"
49 #include "wine/exception.h"
50 #include "crypt32_private.h"
51
52 /* This is a bit arbitrary, but to set some limit: */
53 #define MAX_ENCODED_LEN 0x02000000
54
55 #define ASN_FLAGS_MASK 0xe0
56 #define ASN_TYPE_MASK 0x1f
57
58 WINE_DEFAULT_DEBUG_CHANNEL(cryptasn);
59 WINE_DECLARE_DEBUG_CHANNEL(crypt);
60
61 typedef BOOL (WINAPI *CryptDecodeObjectFunc)(DWORD, LPCSTR, const BYTE *,
62 DWORD, DWORD, void *, DWORD *);
63 typedef BOOL (WINAPI *CryptDecodeObjectExFunc)(DWORD, LPCSTR, const BYTE *,
64 DWORD, DWORD, PCRYPT_DECODE_PARA, void *, DWORD *);
65
66 /* Internal decoders don't do memory allocation or exception handling, and
67 * they report how many bytes they decoded.
68 */
69 typedef BOOL (*InternalDecodeFunc)(const BYTE *pbEncoded, DWORD cbEncoded,
70 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
71
72 static BOOL CRYPT_AsnDecodeChoiceOfTimeInternal(const BYTE *pbEncoded,
73 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
74 DWORD *pcbDecoded);
75 static BOOL CRYPT_AsnDecodePubKeyInfoInternal(const BYTE *pbEncoded,
76 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
77 DWORD *pcbDecoded);
78 /* Assumes pvStructInfo is a CERT_EXTENSION whose pszObjId is set ahead of time.
79 */
80 static BOOL CRYPT_AsnDecodeExtension(const BYTE *pbEncoded, DWORD cbEncoded,
81 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
82 /* Assumes algo->Parameters.pbData is set ahead of time. */
83 static BOOL CRYPT_AsnDecodeAlgorithmId(const BYTE *pbEncoded, DWORD cbEncoded,
84 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
85 static BOOL CRYPT_AsnDecodeBool(const BYTE *pbEncoded, DWORD cbEncoded,
86 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
87 /* Assumes the CRYPT_DATA_BLOB's pbData member has been initialized */
88 static BOOL CRYPT_AsnDecodeOctetsInternal(const BYTE *pbEncoded,
89 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
90 DWORD *pcbDecoded);
91 /* Doesn't check the tag, assumes the caller does so */
92 static BOOL CRYPT_AsnDecodeBitsInternal(const BYTE *pbEncoded, DWORD cbEncoded,
93 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
94 static BOOL CRYPT_AsnDecodeIntInternal(const BYTE *pbEncoded, DWORD cbEncoded,
95 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
96 /* Like CRYPT_AsnDecodeInteger, but assumes the CRYPT_INTEGER_BLOB's pbData
97 * member has been initialized, doesn't do exception handling, and doesn't do
98 * memory allocation. Also doesn't check tag, assumes the caller has checked
99 * it.
100 */
101 static BOOL CRYPT_AsnDecodeIntegerInternal(const BYTE *pbEncoded,
102 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
103 DWORD *pcbDecoded);
104 /* Like CRYPT_AsnDecodeInteger, but unsigned. */
105 static BOOL CRYPT_AsnDecodeUnsignedIntegerInternal(const BYTE *pbEncoded,
106 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
107 DWORD *pcbDecoded);
108 static BOOL CRYPT_AsnDecodePKCSAttributeInternal(const BYTE *pbEncoded,
109 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
110 DWORD *pcbDecoded);
111
112 /* Gets the number of length bytes from the given (leading) length byte */
113 #define GET_LEN_BYTES(b) ((b) <= 0x80 ? 1 : 1 + ((b) & 0x7f))
114
115 /* Helper function to get the encoded length of the data starting at pbEncoded,
116 * where pbEncoded[0] is the tag. If the data are too short to contain a
117 * length or if the length is too large for cbEncoded, sets an appropriate
118 * error code and returns FALSE. If the encoded length is unknown due to
119 * indefinite length encoding, *len is set to CMSG_INDEFINITE_LENGTH.
120 */
121 static BOOL CRYPT_GetLengthIndefinite(const BYTE *pbEncoded, DWORD cbEncoded,
122 DWORD *len)
123 {
124 BOOL ret;
125
126 if (cbEncoded <= 1)
127 {
128 SetLastError(CRYPT_E_ASN1_CORRUPT);
129 ret = FALSE;
130 }
131 else if (pbEncoded[1] <= 0x7f)
132 {
133 if (pbEncoded[1] + 1 > cbEncoded)
134 {
135 SetLastError(CRYPT_E_ASN1_EOD);
136 ret = FALSE;
137 }
138 else
139 {
140 *len = pbEncoded[1];
141 ret = TRUE;
142 }
143 }
144 else if (pbEncoded[1] == 0x80)
145 {
146 *len = CMSG_INDEFINITE_LENGTH;
147 ret = TRUE;
148 }
149 else
150 {
151 BYTE lenLen = GET_LEN_BYTES(pbEncoded[1]);
152
153 if (lenLen > sizeof(DWORD) + 1)
154 {
155 SetLastError(CRYPT_E_ASN1_LARGE);
156 ret = FALSE;
157 }
158 else if (lenLen + 2 > cbEncoded)
159 {
160 SetLastError(CRYPT_E_ASN1_CORRUPT);
161 ret = FALSE;
162 }
163 else
164 {
165 DWORD out = 0;
166
167 pbEncoded += 2;
168 while (--lenLen)
169 {
170 out <<= 8;
171 out |= *pbEncoded++;
172 }
173 if (out + lenLen + 1 > cbEncoded)
174 {
175 SetLastError(CRYPT_E_ASN1_EOD);
176 ret = FALSE;
177 }
178 else
179 {
180 *len = out;
181 ret = TRUE;
182 }
183 }
184 }
185 return ret;
186 }
187
188 /* Like CRYPT_GetLengthIndefinite, but disallows indefinite-length encoding. */
189 static BOOL CRYPT_GetLen(const BYTE *pbEncoded, DWORD cbEncoded, DWORD *len)
190 {
191 BOOL ret;
192
193 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, len)) &&
194 *len == CMSG_INDEFINITE_LENGTH)
195 {
196 SetLastError(CRYPT_E_ASN1_CORRUPT);
197 ret = FALSE;
198 }
199 return ret;
200 }
201
202 /* Helper function to check *pcbStructInfo, set it to the required size, and
203 * optionally to allocate memory. Assumes pvStructInfo is not NULL.
204 * If CRYPT_DECODE_ALLOC_FLAG is set in dwFlags, *pvStructInfo will be set to a
205 * pointer to the newly allocated memory.
206 */
207 static BOOL CRYPT_DecodeEnsureSpace(DWORD dwFlags,
208 const CRYPT_DECODE_PARA *pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo,
209 DWORD bytesNeeded)
210 {
211 BOOL ret = TRUE;
212
213 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
214 {
215 if (pDecodePara && pDecodePara->pfnAlloc)
216 *(BYTE **)pvStructInfo = pDecodePara->pfnAlloc(bytesNeeded);
217 else
218 *(BYTE **)pvStructInfo = LocalAlloc(0, bytesNeeded);
219 if (!*(BYTE **)pvStructInfo)
220 ret = FALSE;
221 else
222 *pcbStructInfo = bytesNeeded;
223 }
224 else if (*pcbStructInfo < bytesNeeded)
225 {
226 *pcbStructInfo = bytesNeeded;
227 SetLastError(ERROR_MORE_DATA);
228 ret = FALSE;
229 }
230 else
231 *pcbStructInfo = bytesNeeded;
232 return ret;
233 }
234
235 static void CRYPT_FreeSpace(const CRYPT_DECODE_PARA *pDecodePara, LPVOID pv)
236 {
237 if (pDecodePara && pDecodePara->pfnFree)
238 pDecodePara->pfnFree(pv);
239 else
240 LocalFree(pv);
241 }
242
243 /* Helper function to check *pcbStructInfo and set it to the required size.
244 * Assumes pvStructInfo is not NULL.
245 */
246 static BOOL CRYPT_DecodeCheckSpace(DWORD *pcbStructInfo, DWORD bytesNeeded)
247 {
248 BOOL ret;
249
250 if (*pcbStructInfo < bytesNeeded)
251 {
252 *pcbStructInfo = bytesNeeded;
253 SetLastError(ERROR_MORE_DATA);
254 ret = FALSE;
255 }
256 else
257 {
258 *pcbStructInfo = bytesNeeded;
259 ret = TRUE;
260 }
261 return ret;
262 }
263
264 /* tag:
265 * The expected tag of the item. If tag is 0, decodeFunc is called
266 * regardless of the tag value seen.
267 * offset:
268 * A sequence is decoded into a struct. The offset member is the
269 * offset of this item within that struct.
270 * decodeFunc:
271 * The decoder function to use. If this is NULL, then the member isn't
272 * decoded, but minSize space is reserved for it.
273 * minSize:
274 * The minimum amount of space occupied after decoding. You must set this.
275 * optional:
276 * If true, and the tag doesn't match the expected tag for this item,
277 * or the decodeFunc fails with CRYPT_E_ASN1_BADTAG, then minSize space is
278 * filled with 0 for this member.
279 * hasPointer, pointerOffset:
280 * If the item has dynamic data, set hasPointer to TRUE, pointerOffset to
281 * the offset within the struct of the data pointer (or to the
282 * first data pointer, if more than one exist).
283 * size:
284 * Used by CRYPT_AsnDecodeSequence, not for your use.
285 */
286 struct AsnDecodeSequenceItem
287 {
288 BYTE tag;
289 DWORD offset;
290 InternalDecodeFunc decodeFunc;
291 DWORD minSize;
292 BOOL optional;
293 BOOL hasPointer;
294 DWORD pointerOffset;
295 DWORD size;
296 };
297
298 #define FINALMEMBERSIZE(s, member) (sizeof(s) - offsetof(s, member))
299 #define MEMBERSIZE(s, member, nextmember) \
300 (offsetof(s, nextmember) - offsetof(s, member))
301
302 /* Decodes the items in a sequence, where the items are described in items,
303 * the encoded data are in pbEncoded with length cbEncoded. Decodes into
304 * pvStructInfo. nextData is a pointer to the memory location at which the
305 * first decoded item with a dynamic pointer should point.
306 * Upon decoding, *cbDecoded is the total number of bytes decoded.
307 * Each item decoder is never called with CRYPT_DECODE_ALLOC_FLAG set.
308 */
309 static BOOL CRYPT_AsnDecodeSequenceItems(struct AsnDecodeSequenceItem items[],
310 DWORD cItem, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
311 void *pvStructInfo, BYTE *nextData, DWORD *cbDecoded)
312 {
313 BOOL ret;
314 DWORD i, decoded = 0;
315 const BYTE *ptr = pbEncoded;
316
317 TRACE("%p, %d, %p, %d, %08x, %p, %p, %p\n", items, cItem, pbEncoded,
318 cbEncoded, dwFlags, pvStructInfo, nextData, cbDecoded);
319
320 for (i = 0, ret = TRUE; ret && i < cItem; i++)
321 {
322 if (cbEncoded - (ptr - pbEncoded) != 0)
323 {
324 DWORD itemLen;
325
326 if ((ret = CRYPT_GetLengthIndefinite(ptr,
327 cbEncoded - (ptr - pbEncoded), &itemLen)))
328 {
329 BYTE itemLenBytes = GET_LEN_BYTES(ptr[1]);
330
331 if (ptr[0] == items[i].tag || !items[i].tag)
332 {
333 DWORD itemEncodedLen;
334
335 if (itemLen == CMSG_INDEFINITE_LENGTH)
336 itemEncodedLen = cbEncoded - (ptr - pbEncoded);
337 else
338 itemEncodedLen = 1 + itemLenBytes + itemLen;
339 if (nextData && pvStructInfo && items[i].hasPointer)
340 {
341 TRACE("Setting next pointer to %p\n",
342 nextData);
343 *(BYTE **)((BYTE *)pvStructInfo +
344 items[i].pointerOffset) = nextData;
345 }
346 if (items[i].decodeFunc)
347 {
348 DWORD itemDecoded;
349
350 if (pvStructInfo)
351 TRACE("decoding item %d\n", i);
352 else
353 TRACE("sizing item %d\n", i);
354 ret = items[i].decodeFunc(ptr, itemEncodedLen,
355 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
356 pvStructInfo ? (BYTE *)pvStructInfo + items[i].offset
357 : NULL, &items[i].size, &itemDecoded);
358 if (ret)
359 {
360 if (items[i].size < items[i].minSize)
361 items[i].size = items[i].minSize;
362 else if (items[i].size > items[i].minSize)
363 {
364 /* Account for alignment padding */
365 items[i].size = ALIGN_DWORD_PTR(items[i].size);
366 }
367 TRACE("item %d size: %d\n", i, items[i].size);
368 if (nextData && items[i].hasPointer &&
369 items[i].size > items[i].minSize)
370 nextData += items[i].size - items[i].minSize;
371 if (itemDecoded > itemEncodedLen)
372 {
373 WARN("decoded length %d exceeds encoded %d\n",
374 itemDecoded, itemEncodedLen);
375 SetLastError(CRYPT_E_ASN1_CORRUPT);
376 ret = FALSE;
377 }
378 else
379 {
380 ptr += itemDecoded;
381 decoded += itemDecoded;
382 TRACE("item %d: decoded %d bytes\n", i,
383 itemDecoded);
384 }
385 }
386 else if (items[i].optional &&
387 GetLastError() == CRYPT_E_ASN1_BADTAG)
388 {
389 TRACE("skipping optional item %d\n", i);
390 items[i].size = items[i].minSize;
391 SetLastError(NOERROR);
392 ret = TRUE;
393 }
394 else
395 TRACE("item %d failed: %08x\n", i,
396 GetLastError());
397 }
398 else if (itemLen == CMSG_INDEFINITE_LENGTH)
399 {
400 ERR("can't use indefinite length encoding without a decoder\n");
401 SetLastError(CRYPT_E_ASN1_CORRUPT);
402 ret = FALSE;
403 }
404 else
405 {
406 TRACE("item %d: decoded %d bytes\n", i, itemEncodedLen);
407 ptr += itemEncodedLen;
408 decoded += itemEncodedLen;
409 items[i].size = items[i].minSize;
410 }
411 }
412 else if (items[i].optional)
413 {
414 TRACE("skipping optional item %d\n", i);
415 items[i].size = items[i].minSize;
416 }
417 else
418 {
419 TRACE("item %d: tag %02x doesn't match expected %02x\n",
420 i, ptr[0], items[i].tag);
421 SetLastError(CRYPT_E_ASN1_BADTAG);
422 ret = FALSE;
423 }
424 }
425 }
426 else if (items[i].optional)
427 {
428 TRACE("missing optional item %d, skipping\n", i);
429 items[i].size = items[i].minSize;
430 }
431 else
432 {
433 TRACE("not enough bytes for item %d, failing\n", i);
434 SetLastError(CRYPT_E_ASN1_CORRUPT);
435 ret = FALSE;
436 }
437 }
438 if (cbDecoded)
439 *cbDecoded = decoded;
440 TRACE("returning %d\n", ret);
441 return ret;
442 }
443
444 /* This decodes an arbitrary sequence into a contiguous block of memory
445 * (basically, a struct.) Each element being decoded is described by a struct
446 * AsnDecodeSequenceItem, see above.
447 * startingPointer is an optional pointer to the first place where dynamic
448 * data will be stored. If you know the starting offset, you may pass it
449 * here. Otherwise, pass NULL, and one will be inferred from the items.
450 */
451 static BOOL CRYPT_AsnDecodeSequence(struct AsnDecodeSequenceItem items[],
452 DWORD cItem, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
453 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo,
454 DWORD *pcbDecoded, void *startingPointer)
455 {
456 BOOL ret;
457
458 TRACE("%p, %d, %p, %d, %08x, %p, %p, %d, %p\n", items, cItem, pbEncoded,
459 cbEncoded, dwFlags, pDecodePara, pvStructInfo, *pcbStructInfo,
460 startingPointer);
461
462 if (!cbEncoded)
463 {
464 SetLastError(CRYPT_E_ASN1_EOD);
465 return FALSE;
466 }
467 if (pbEncoded[0] == ASN_SEQUENCE)
468 {
469 DWORD dataLen;
470
471 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, &dataLen)))
472 {
473 DWORD lenBytes = GET_LEN_BYTES(pbEncoded[1]), cbDecoded;
474 const BYTE *ptr = pbEncoded + 1 + lenBytes;
475 BOOL indefinite = FALSE;
476
477 cbEncoded -= 1 + lenBytes;
478 if (dataLen == CMSG_INDEFINITE_LENGTH)
479 {
480 dataLen = cbEncoded;
481 indefinite = TRUE;
482 }
483 else if (cbEncoded < dataLen)
484 {
485 TRACE("dataLen %d exceeds cbEncoded %d, failing\n", dataLen,
486 cbEncoded);
487 SetLastError(CRYPT_E_ASN1_CORRUPT);
488 ret = FALSE;
489 }
490 if (ret)
491 {
492 ret = CRYPT_AsnDecodeSequenceItems(items, cItem,
493 ptr, dataLen, dwFlags, NULL, NULL, &cbDecoded);
494 if (ret && dataLen == CMSG_INDEFINITE_LENGTH)
495 {
496 if (cbDecoded > cbEncoded - 2)
497 {
498 /* Not enough space for 0 TLV */
499 SetLastError(CRYPT_E_ASN1_CORRUPT);
500 ret = FALSE;
501 }
502 else if (*(ptr + cbDecoded) != 0 ||
503 *(ptr + cbDecoded + 1) != 0)
504 {
505 TRACE("expected 0 TLV\n");
506 SetLastError(CRYPT_E_ASN1_CORRUPT);
507 ret = FALSE;
508 }
509 else
510 cbDecoded += 2;
511 }
512 }
513 if (ret && !indefinite && cbDecoded != dataLen)
514 {
515 TRACE("expected %d decoded, got %d, failing\n", dataLen,
516 cbDecoded);
517 SetLastError(CRYPT_E_ASN1_CORRUPT);
518 ret = FALSE;
519 }
520 if (ret)
521 {
522 DWORD i, bytesNeeded = 0, structSize = 0;
523
524 for (i = 0; i < cItem; i++)
525 {
526 if (items[i].size > items[i].minSize)
527 bytesNeeded += items[i].size - items[i].minSize;
528 structSize = max( structSize, items[i].offset + items[i].minSize );
529 }
530 bytesNeeded += structSize;
531 if (pcbDecoded)
532 *pcbDecoded = 1 + lenBytes + cbDecoded;
533 if (!pvStructInfo)
534 *pcbStructInfo = bytesNeeded;
535 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags,
536 pDecodePara, pvStructInfo, pcbStructInfo, bytesNeeded)))
537 {
538 BYTE *nextData;
539
540 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
541 pvStructInfo = *(BYTE **)pvStructInfo;
542 if (startingPointer)
543 nextData = startingPointer;
544 else
545 nextData = (BYTE *)pvStructInfo + structSize;
546 memset(pvStructInfo, 0, structSize);
547 ret = CRYPT_AsnDecodeSequenceItems(items, cItem,
548 ptr, dataLen, dwFlags, pvStructInfo, nextData,
549 &cbDecoded);
550 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
551 CRYPT_FreeSpace(pDecodePara, pvStructInfo);
552 }
553 }
554 }
555 }
556 else
557 {
558 SetLastError(CRYPT_E_ASN1_BADTAG);
559 ret = FALSE;
560 }
561 TRACE("returning %d (%08x)\n", ret, GetLastError());
562 return ret;
563 }
564
565 /* tag:
566 * The expected tag of the entire encoded array (usually a variant
567 * of ASN_SETOF or ASN_SEQUENCEOF.) If tag is 0, decodeFunc is called
568 * regardless of the tag seen.
569 * countOffset:
570 * The offset within the outer structure at which the count exists.
571 * For example, a structure such as CRYPT_ATTRIBUTES has countOffset == 0,
572 * while CRYPT_ATTRIBUTE has countOffset ==
573 * offsetof(CRYPT_ATTRIBUTE, cValue).
574 * arrayOffset:
575 * The offset within the outer structure at which the array pointer exists.
576 * For example, CRYPT_ATTRIBUTES has arrayOffset ==
577 * offsetof(CRYPT_ATTRIBUTES, rgAttr).
578 * minArraySize:
579 * The minimum size of the decoded array. On WIN32, this is always 8:
580 * sizeof(DWORD) + sizeof(void *). On WIN64, it can be larger due to
581 * alignment.
582 * decodeFunc:
583 * used to decode each item in the array
584 * itemSize:
585 * is the minimum size of each decoded item
586 * hasPointer:
587 * indicates whether each item has a dynamic pointer
588 * pointerOffset:
589 * indicates the offset within itemSize at which the pointer exists
590 */
591 struct AsnArrayDescriptor
592 {
593 BYTE tag;
594 DWORD countOffset;
595 DWORD arrayOffset;
596 DWORD minArraySize;
597 InternalDecodeFunc decodeFunc;
598 DWORD itemSize;
599 BOOL hasPointer;
600 DWORD pointerOffset;
601 };
602
603 struct AsnArrayItemSize
604 {
605 DWORD encodedLen;
606 DWORD size;
607 };
608
609 /* Decodes an array of like types into a structure described by a struct
610 * AsnArrayDescriptor.
611 */
612 static BOOL CRYPT_AsnDecodeArray(const struct AsnArrayDescriptor *arrayDesc,
613 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
614 const CRYPT_DECODE_PARA *pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo,
615 DWORD *pcbDecoded)
616 {
617 BOOL ret = TRUE;
618
619 TRACE("%p, %p, %d, %p, %d\n", arrayDesc, pbEncoded,
620 cbEncoded, pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
621
622 if (!cbEncoded)
623 {
624 SetLastError(CRYPT_E_ASN1_EOD);
625 ret = FALSE;
626 }
627 else if (!arrayDesc->tag || pbEncoded[0] == arrayDesc->tag)
628 {
629 DWORD dataLen;
630
631 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, &dataLen)))
632 {
633 DWORD bytesNeeded = arrayDesc->minArraySize, cItems = 0, decoded;
634 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
635 /* There can be arbitrarily many items, but there is often only one.
636 */
637 struct AsnArrayItemSize itemSize = { 0 }, *itemSizes = &itemSize;
638
639 decoded = 1 + lenBytes;
640 if (dataLen)
641 {
642 const BYTE *ptr;
643 BOOL doneDecoding = FALSE;
644
645 for (ptr = pbEncoded + 1 + lenBytes; ret && !doneDecoding; )
646 {
647 if (dataLen == CMSG_INDEFINITE_LENGTH)
648 {
649 if (ptr[0] == 0)
650 {
651 doneDecoding = TRUE;
652 if (ptr[1] != 0)
653 {
654 SetLastError(CRYPT_E_ASN1_CORRUPT);
655 ret = FALSE;
656 }
657 else
658 decoded += 2;
659 }
660 }
661 else if (ptr - pbEncoded - 1 - lenBytes >= dataLen)
662 doneDecoding = TRUE;
663 if (!doneDecoding)
664 {
665 DWORD itemEncoded, itemDataLen, itemDecoded, size = 0;
666
667 /* Each item decoded may not tolerate extraneous bytes,
668 * so get the length of the next element if known.
669 */
670 if ((ret = CRYPT_GetLengthIndefinite(ptr,
671 cbEncoded - (ptr - pbEncoded), &itemDataLen)))
672 {
673 if (itemDataLen == CMSG_INDEFINITE_LENGTH)
674 itemEncoded = cbEncoded - (ptr - pbEncoded);
675 else
676 itemEncoded = 1 + GET_LEN_BYTES(ptr[1]) +
677 itemDataLen;
678 }
679 if (ret)
680 ret = arrayDesc->decodeFunc(ptr, itemEncoded,
681 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &size,
682 &itemDecoded);
683 if (ret)
684 {
685 cItems++;
686 if (itemSizes != &itemSize)
687 itemSizes = CryptMemRealloc(itemSizes,
688 cItems * sizeof(struct AsnArrayItemSize));
689 else if (cItems > 1)
690 {
691 itemSizes =
692 CryptMemAlloc(
693 cItems * sizeof(struct AsnArrayItemSize));
694 if (itemSizes)
695 *itemSizes = itemSize;
696 }
697 if (itemSizes)
698 {
699 decoded += itemDecoded;
700 itemSizes[cItems - 1].encodedLen = itemEncoded;
701 itemSizes[cItems - 1].size = size;
702 bytesNeeded += size;
703 ptr += itemEncoded;
704 }
705 else
706 ret = FALSE;
707 }
708 }
709 }
710 }
711 if (ret)
712 {
713 if (pcbDecoded)
714 *pcbDecoded = decoded;
715 if (!pvStructInfo)
716 *pcbStructInfo = bytesNeeded;
717 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
718 pvStructInfo, pcbStructInfo, bytesNeeded)))
719 {
720 DWORD i, *pcItems;
721 BYTE *nextData;
722 const BYTE *ptr;
723 void *rgItems;
724
725 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
726 pvStructInfo = *(void **)pvStructInfo;
727 pcItems = pvStructInfo;
728 *pcItems = cItems;
729 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
730 {
731 rgItems = (BYTE *)pvStructInfo +
732 arrayDesc->minArraySize;
733 *(void **)((BYTE *)pcItems -
734 arrayDesc->countOffset + arrayDesc->arrayOffset) =
735 rgItems;
736 }
737 else
738 rgItems = *(void **)((BYTE *)pcItems -
739 arrayDesc->countOffset + arrayDesc->arrayOffset);
740 nextData = (BYTE *)rgItems + cItems * arrayDesc->itemSize;
741 for (i = 0, ptr = pbEncoded + 1 + lenBytes; ret &&
742 i < cItems && ptr - pbEncoded - 1 - lenBytes <
743 dataLen; i++)
744 {
745 DWORD itemDecoded;
746
747 if (arrayDesc->hasPointer)
748 *(BYTE **)((BYTE *)rgItems + i * arrayDesc->itemSize
749 + arrayDesc->pointerOffset) = nextData;
750 ret = arrayDesc->decodeFunc(ptr,
751 itemSizes[i].encodedLen,
752 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
753 (BYTE *)rgItems + i * arrayDesc->itemSize,
754 &itemSizes[i].size, &itemDecoded);
755 if (ret)
756 {
757 nextData += itemSizes[i].size - arrayDesc->itemSize;
758 ptr += itemDecoded;
759 }
760 }
761 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
762 CRYPT_FreeSpace(pDecodePara, pvStructInfo);
763 }
764 }
765 if (itemSizes != &itemSize)
766 CryptMemFree(itemSizes);
767 }
768 }
769 else
770 {
771 SetLastError(CRYPT_E_ASN1_BADTAG);
772 ret = FALSE;
773 }
774 return ret;
775 }
776
777 /* Decodes a DER-encoded BLOB into a CRYPT_DER_BLOB struct pointed to by
778 * pvStructInfo. The BLOB must be non-empty, otherwise the last error is set
779 * to CRYPT_E_ASN1_CORRUPT.
780 * Warning: assumes the CRYPT_DER_BLOB pointed to by pvStructInfo has pbData
781 * set!
782 */
783 static BOOL CRYPT_AsnDecodeDerBlob(const BYTE *pbEncoded, DWORD cbEncoded,
784 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
785 {
786 BOOL ret;
787 DWORD dataLen;
788
789 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
790 {
791 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
792 DWORD bytesNeeded = sizeof(CRYPT_DER_BLOB);
793
794 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
795 bytesNeeded += 1 + lenBytes + dataLen;
796
797 if (pcbDecoded)
798 *pcbDecoded = 1 + lenBytes + dataLen;
799 if (!pvStructInfo)
800 *pcbStructInfo = bytesNeeded;
801 else if ((ret = CRYPT_DecodeCheckSpace(pcbStructInfo, bytesNeeded)))
802 {
803 CRYPT_DER_BLOB *blob;
804
805 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
806 pvStructInfo = *(BYTE **)pvStructInfo;
807 blob = pvStructInfo;
808 blob->cbData = 1 + lenBytes + dataLen;
809 if (blob->cbData)
810 {
811 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
812 blob->pbData = (BYTE *)pbEncoded;
813 else
814 {
815 assert(blob->pbData);
816 memcpy(blob->pbData, pbEncoded, blob->cbData);
817 }
818 }
819 else
820 {
821 SetLastError(CRYPT_E_ASN1_CORRUPT);
822 ret = FALSE;
823 }
824 }
825 }
826 return ret;
827 }
828
829 /* Like CRYPT_AsnDecodeBitsInternal, but swaps the bytes */
830 static BOOL CRYPT_AsnDecodeBitsSwapBytes(const BYTE *pbEncoded,
831 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
832 DWORD *pcbDecoded)
833 {
834 BOOL ret;
835
836 TRACE("(%p, %d, 0x%08x, %p, %d, %p)\n", pbEncoded, cbEncoded, dwFlags,
837 pvStructInfo, *pcbStructInfo, pcbDecoded);
838
839 /* Can't use the CRYPT_DECODE_NOCOPY_FLAG, because we modify the bytes in-
840 * place.
841 */
842 ret = CRYPT_AsnDecodeBitsInternal(pbEncoded, cbEncoded,
843 dwFlags & ~CRYPT_DECODE_NOCOPY_FLAG, pvStructInfo, pcbStructInfo,
844 pcbDecoded);
845 if (ret && pvStructInfo)
846 {
847 CRYPT_BIT_BLOB *blob = pvStructInfo;
848
849 if (blob->cbData)
850 {
851 DWORD i;
852 BYTE temp;
853
854 for (i = 0; i < blob->cbData / 2; i++)
855 {
856 temp = blob->pbData[i];
857 blob->pbData[i] = blob->pbData[blob->cbData - i - 1];
858 blob->pbData[blob->cbData - i - 1] = temp;
859 }
860 }
861 }
862 TRACE("returning %d (%08x)\n", ret, GetLastError());
863 return ret;
864 }
865
866 static BOOL WINAPI CRYPT_AsnDecodeCertSignedContent(DWORD dwCertEncodingType,
867 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
868 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
869 {
870 BOOL ret = TRUE;
871
872 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
873 pDecodePara, pvStructInfo, *pcbStructInfo);
874
875 __TRY
876 {
877 struct AsnDecodeSequenceItem items[] = {
878 { 0, offsetof(CERT_SIGNED_CONTENT_INFO, ToBeSigned),
879 CRYPT_AsnDecodeDerBlob, sizeof(CRYPT_DER_BLOB), FALSE, TRUE,
880 offsetof(CERT_SIGNED_CONTENT_INFO, ToBeSigned.pbData), 0 },
881 { ASN_SEQUENCEOF, offsetof(CERT_SIGNED_CONTENT_INFO,
882 SignatureAlgorithm), CRYPT_AsnDecodeAlgorithmId,
883 sizeof(CRYPT_ALGORITHM_IDENTIFIER), FALSE, TRUE,
884 offsetof(CERT_SIGNED_CONTENT_INFO, SignatureAlgorithm.pszObjId), 0 },
885 { ASN_BITSTRING, offsetof(CERT_SIGNED_CONTENT_INFO, Signature),
886 CRYPT_AsnDecodeBitsSwapBytes, sizeof(CRYPT_BIT_BLOB), FALSE, TRUE,
887 offsetof(CERT_SIGNED_CONTENT_INFO, Signature.pbData), 0 },
888 };
889
890 if (dwFlags & CRYPT_DECODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG)
891 items[2].decodeFunc = CRYPT_AsnDecodeBitsInternal;
892 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
893 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
894 pcbStructInfo, NULL, NULL);
895 }
896 __EXCEPT_PAGE_FAULT
897 {
898 SetLastError(STATUS_ACCESS_VIOLATION);
899 ret = FALSE;
900 }
901 __ENDTRY
902
903 TRACE("Returning %d (%08x)\n", ret, GetLastError());
904 return ret;
905 }
906
907 static BOOL CRYPT_AsnDecodeCertVersion(const BYTE *pbEncoded, DWORD cbEncoded,
908 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
909 {
910 BOOL ret;
911 DWORD dataLen;
912
913 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
914 {
915 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
916
917 ret = CRYPT_AsnDecodeIntInternal(pbEncoded + 1 + lenBytes, dataLen,
918 dwFlags, pvStructInfo, pcbStructInfo, NULL);
919 if (pcbDecoded)
920 *pcbDecoded = 1 + lenBytes + dataLen;
921 }
922 return ret;
923 }
924
925 static BOOL CRYPT_AsnDecodeValidity(const BYTE *pbEncoded, DWORD cbEncoded,
926 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
927 {
928 BOOL ret;
929
930 struct AsnDecodeSequenceItem items[] = {
931 { 0, offsetof(CERT_PRIVATE_KEY_VALIDITY, NotBefore),
932 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), FALSE, FALSE, 0 },
933 { 0, offsetof(CERT_PRIVATE_KEY_VALIDITY, NotAfter),
934 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), FALSE, FALSE, 0 },
935 };
936
937 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
938 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
939 pcbDecoded, NULL);
940 return ret;
941 }
942
943 static BOOL CRYPT_AsnDecodeCertExtensionsInternal(const BYTE *pbEncoded,
944 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
945 DWORD *pcbDecoded)
946 {
947 BOOL ret = TRUE;
948 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
949 offsetof(CERT_INFO, cExtension), offsetof(CERT_INFO, rgExtension),
950 FINALMEMBERSIZE(CERT_INFO, cExtension),
951 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
952 offsetof(CERT_EXTENSION, pszObjId) };
953
954 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
955 pvStructInfo, *pcbStructInfo, pcbDecoded);
956
957 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
958 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
959 return ret;
960 }
961
962 static BOOL CRYPT_AsnDecodeCertExtensions(const BYTE *pbEncoded,
963 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
964 DWORD *pcbDecoded)
965 {
966 BOOL ret;
967 DWORD dataLen;
968
969 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
970 {
971 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
972
973 ret = CRYPT_AsnDecodeCertExtensionsInternal(pbEncoded + 1 + lenBytes,
974 dataLen, dwFlags, pvStructInfo, pcbStructInfo, NULL);
975 if (ret && pcbDecoded)
976 *pcbDecoded = 1 + lenBytes + dataLen;
977 }
978 return ret;
979 }
980
981 static BOOL CRYPT_AsnDecodeCertInfo(DWORD dwCertEncodingType,
982 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
983 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
984 {
985 BOOL ret = TRUE;
986 struct AsnDecodeSequenceItem items[] = {
987 { ASN_CONTEXT | ASN_CONSTRUCTOR, offsetof(CERT_INFO, dwVersion),
988 CRYPT_AsnDecodeCertVersion, sizeof(DWORD), TRUE, FALSE, 0, 0 },
989 { ASN_INTEGER, offsetof(CERT_INFO, SerialNumber),
990 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB), FALSE,
991 TRUE, offsetof(CERT_INFO, SerialNumber.pbData), 0 },
992 { ASN_SEQUENCEOF, offsetof(CERT_INFO, SignatureAlgorithm),
993 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
994 FALSE, TRUE, offsetof(CERT_INFO, SignatureAlgorithm.pszObjId), 0 },
995 { 0, offsetof(CERT_INFO, Issuer), CRYPT_AsnDecodeDerBlob,
996 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CERT_INFO,
997 Issuer.pbData) },
998 { ASN_SEQUENCEOF, offsetof(CERT_INFO, NotBefore),
999 CRYPT_AsnDecodeValidity, sizeof(CERT_PRIVATE_KEY_VALIDITY), FALSE,
1000 FALSE, 0 },
1001 { 0, offsetof(CERT_INFO, Subject), CRYPT_AsnDecodeDerBlob,
1002 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CERT_INFO,
1003 Subject.pbData) },
1004 { ASN_SEQUENCEOF, offsetof(CERT_INFO, SubjectPublicKeyInfo),
1005 CRYPT_AsnDecodePubKeyInfoInternal, sizeof(CERT_PUBLIC_KEY_INFO),
1006 FALSE, TRUE, offsetof(CERT_INFO,
1007 SubjectPublicKeyInfo.Algorithm.Parameters.pbData), 0 },
1008 { ASN_CONTEXT | 1, offsetof(CERT_INFO, IssuerUniqueId),
1009 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), TRUE, TRUE,
1010 offsetof(CERT_INFO, IssuerUniqueId.pbData), 0 },
1011 { ASN_CONTEXT | 2, offsetof(CERT_INFO, SubjectUniqueId),
1012 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), TRUE, TRUE,
1013 offsetof(CERT_INFO, SubjectUniqueId.pbData), 0 },
1014 { ASN_CONTEXT | ASN_CONSTRUCTOR | 3, offsetof(CERT_INFO, cExtension),
1015 CRYPT_AsnDecodeCertExtensions, FINALMEMBERSIZE(CERT_INFO, cExtension),
1016 TRUE, TRUE, offsetof(CERT_INFO, rgExtension), 0 },
1017 };
1018
1019 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1020 pDecodePara, pvStructInfo, *pcbStructInfo);
1021
1022 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1023 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo,
1024 NULL, NULL);
1025 if (ret && pvStructInfo)
1026 {
1027 CERT_INFO *info;
1028
1029 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1030 info = *(CERT_INFO **)pvStructInfo;
1031 else
1032 info = pvStructInfo;
1033 if (!info->SerialNumber.cbData || !info->Issuer.cbData ||
1034 !info->Subject.cbData)
1035 {
1036 SetLastError(CRYPT_E_ASN1_CORRUPT);
1037 /* Don't need to deallocate, because it should have failed on the
1038 * first pass (and no memory was allocated.)
1039 */
1040 ret = FALSE;
1041 }
1042 }
1043
1044 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1045 return ret;
1046 }
1047
1048 static BOOL WINAPI CRYPT_AsnDecodeCert(DWORD dwCertEncodingType,
1049 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1050 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1051 {
1052 BOOL ret = FALSE;
1053
1054 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1055 pDecodePara, pvStructInfo, *pcbStructInfo);
1056
1057 __TRY
1058 {
1059 DWORD size = 0;
1060
1061 /* Unless told not to, first try to decode it as a signed cert. */
1062 if (!(dwFlags & CRYPT_DECODE_TO_BE_SIGNED_FLAG))
1063 {
1064 PCERT_SIGNED_CONTENT_INFO signedCert = NULL;
1065
1066 ret = CRYPT_AsnDecodeCertSignedContent(dwCertEncodingType,
1067 X509_CERT, pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL,
1068 &signedCert, &size);
1069 if (ret)
1070 {
1071 size = 0;
1072 ret = CRYPT_AsnDecodeCertInfo(dwCertEncodingType,
1073 X509_CERT_TO_BE_SIGNED, signedCert->ToBeSigned.pbData,
1074 signedCert->ToBeSigned.cbData, dwFlags, pDecodePara,
1075 pvStructInfo, pcbStructInfo);
1076 LocalFree(signedCert);
1077 }
1078 }
1079 /* Failing that, try it as an unsigned cert */
1080 if (!ret)
1081 {
1082 size = 0;
1083 ret = CRYPT_AsnDecodeCertInfo(dwCertEncodingType,
1084 X509_CERT_TO_BE_SIGNED, pbEncoded, cbEncoded, dwFlags,
1085 pDecodePara, pvStructInfo, pcbStructInfo);
1086 }
1087 }
1088 __EXCEPT_PAGE_FAULT
1089 {
1090 SetLastError(STATUS_ACCESS_VIOLATION);
1091 }
1092 __ENDTRY
1093
1094 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1095 return ret;
1096 }
1097
1098 static BOOL CRYPT_AsnDecodeCRLEntryExtensions(const BYTE *pbEncoded,
1099 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1100 DWORD *pcbDecoded)
1101 {
1102 BOOL ret = TRUE;
1103 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1104 offsetof(CRL_ENTRY, cExtension), offsetof(CRL_ENTRY, rgExtension),
1105 FINALMEMBERSIZE(CRL_ENTRY, cExtension),
1106 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
1107 offsetof(CERT_EXTENSION, pszObjId) };
1108
1109 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
1110 pvStructInfo, *pcbStructInfo, pcbDecoded);
1111
1112 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1113 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1114 return ret;
1115 }
1116
1117 static BOOL CRYPT_AsnDecodeCRLEntry(const BYTE *pbEncoded, DWORD cbEncoded,
1118 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1119 {
1120 BOOL ret;
1121 struct AsnDecodeSequenceItem items[] = {
1122 { ASN_INTEGER, offsetof(CRL_ENTRY, SerialNumber),
1123 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB), FALSE, TRUE,
1124 offsetof(CRL_ENTRY, SerialNumber.pbData), 0 },
1125 { 0, offsetof(CRL_ENTRY, RevocationDate),
1126 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), FALSE, FALSE, 0 },
1127 { ASN_SEQUENCEOF, offsetof(CRL_ENTRY, cExtension),
1128 CRYPT_AsnDecodeCRLEntryExtensions,
1129 FINALMEMBERSIZE(CRL_ENTRY, cExtension), TRUE, TRUE,
1130 offsetof(CRL_ENTRY, rgExtension), 0 },
1131 };
1132 PCRL_ENTRY entry = pvStructInfo;
1133
1134 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags, entry,
1135 *pcbStructInfo);
1136
1137 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1138 pbEncoded, cbEncoded, dwFlags, NULL, entry, pcbStructInfo, pcbDecoded,
1139 entry ? entry->SerialNumber.pbData : NULL);
1140 if (ret && entry && !entry->SerialNumber.cbData)
1141 {
1142 WARN("empty CRL entry serial number\n");
1143 SetLastError(CRYPT_E_ASN1_CORRUPT);
1144 ret = FALSE;
1145 }
1146 return ret;
1147 }
1148
1149 /* Warning: assumes pvStructInfo points to the cCRLEntry member of a CRL_INFO
1150 * whose rgCRLEntry member has been set prior to calling.
1151 */
1152 static BOOL CRYPT_AsnDecodeCRLEntries(const BYTE *pbEncoded, DWORD cbEncoded,
1153 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1154 {
1155 BOOL ret;
1156 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1157 offsetof(CRL_INFO, cCRLEntry), offsetof(CRL_INFO, rgCRLEntry),
1158 MEMBERSIZE(CRL_INFO, cCRLEntry, cExtension),
1159 CRYPT_AsnDecodeCRLEntry, sizeof(CRL_ENTRY), TRUE,
1160 offsetof(CRL_ENTRY, SerialNumber.pbData) };
1161
1162 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
1163 pvStructInfo, *pcbStructInfo, pcbDecoded);
1164
1165 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1166 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1167 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1168 return ret;
1169 }
1170
1171 static BOOL CRYPT_AsnDecodeCRLExtensionsInternal(const BYTE *pbEncoded,
1172 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1173 DWORD *pcbDecoded)
1174 {
1175 BOOL ret = TRUE;
1176 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1177 offsetof(CRL_INFO, cExtension), offsetof(CRL_INFO, rgExtension),
1178 FINALMEMBERSIZE(CRL_INFO, cExtension),
1179 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
1180 offsetof(CERT_EXTENSION, pszObjId) };
1181
1182 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
1183 pvStructInfo, *pcbStructInfo, pcbDecoded);
1184
1185 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1186 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1187 return ret;
1188 }
1189
1190 static BOOL CRYPT_AsnDecodeCRLExtensions(const BYTE *pbEncoded,
1191 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1192 DWORD *pcbDecoded)
1193 {
1194 BOOL ret;
1195 DWORD dataLen;
1196
1197 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1198 {
1199 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1200
1201 ret = CRYPT_AsnDecodeCRLExtensionsInternal(pbEncoded + 1 + lenBytes,
1202 dataLen, dwFlags, pvStructInfo, pcbStructInfo, NULL);
1203 if (ret && pcbDecoded)
1204 *pcbDecoded = 1 + lenBytes + dataLen;
1205 }
1206 return ret;
1207 }
1208
1209 static BOOL CRYPT_AsnDecodeCRLInfo(DWORD dwCertEncodingType,
1210 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1211 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1212 {
1213 struct AsnDecodeSequenceItem items[] = {
1214 { ASN_INTEGER, offsetof(CRL_INFO, dwVersion),
1215 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), TRUE, FALSE, 0, 0 },
1216 { ASN_SEQUENCEOF, offsetof(CRL_INFO, SignatureAlgorithm),
1217 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
1218 FALSE, TRUE, offsetof(CRL_INFO, SignatureAlgorithm.pszObjId), 0 },
1219 { 0, offsetof(CRL_INFO, Issuer), CRYPT_AsnDecodeDerBlob,
1220 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CRL_INFO,
1221 Issuer.pbData) },
1222 { 0, offsetof(CRL_INFO, ThisUpdate), CRYPT_AsnDecodeChoiceOfTimeInternal,
1223 sizeof(FILETIME), FALSE, FALSE, 0 },
1224 { 0, offsetof(CRL_INFO, NextUpdate), CRYPT_AsnDecodeChoiceOfTimeInternal,
1225 sizeof(FILETIME), TRUE, FALSE, 0 },
1226 { ASN_SEQUENCEOF, offsetof(CRL_INFO, cCRLEntry),
1227 CRYPT_AsnDecodeCRLEntries, MEMBERSIZE(CRL_INFO, cCRLEntry, cExtension),
1228 TRUE, TRUE, offsetof(CRL_INFO, rgCRLEntry), 0 },
1229 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CRL_INFO, cExtension),
1230 CRYPT_AsnDecodeCRLExtensions, FINALMEMBERSIZE(CRL_INFO, cExtension),
1231 TRUE, TRUE, offsetof(CRL_INFO, rgExtension), 0 },
1232 };
1233 BOOL ret = TRUE;
1234
1235 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1236 pDecodePara, pvStructInfo, *pcbStructInfo);
1237
1238 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1239 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo,
1240 NULL, NULL);
1241
1242 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1243 return ret;
1244 }
1245
1246 static BOOL WINAPI CRYPT_AsnDecodeCRL(DWORD dwCertEncodingType,
1247 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1248 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1249 {
1250 BOOL ret = FALSE;
1251
1252 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1253 pDecodePara, pvStructInfo, *pcbStructInfo);
1254
1255 __TRY
1256 {
1257 DWORD size = 0;
1258
1259 /* Unless told not to, first try to decode it as a signed crl. */
1260 if (!(dwFlags & CRYPT_DECODE_TO_BE_SIGNED_FLAG))
1261 {
1262 PCERT_SIGNED_CONTENT_INFO signedCrl = NULL;
1263
1264 ret = CRYPT_AsnDecodeCertSignedContent(dwCertEncodingType,
1265 X509_CERT, pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL,
1266 &signedCrl, &size);
1267 if (ret)
1268 {
1269 size = 0;
1270 ret = CRYPT_AsnDecodeCRLInfo(dwCertEncodingType,
1271 X509_CERT_CRL_TO_BE_SIGNED, signedCrl->ToBeSigned.pbData,
1272 signedCrl->ToBeSigned.cbData, dwFlags, pDecodePara,
1273 pvStructInfo, pcbStructInfo);
1274 LocalFree(signedCrl);
1275 }
1276 }
1277 /* Failing that, try it as an unsigned crl */
1278 if (!ret)
1279 {
1280 size = 0;
1281 ret = CRYPT_AsnDecodeCRLInfo(dwCertEncodingType,
1282 X509_CERT_CRL_TO_BE_SIGNED, pbEncoded, cbEncoded,
1283 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo);
1284 }
1285 }
1286 __EXCEPT_PAGE_FAULT
1287 {
1288 SetLastError(STATUS_ACCESS_VIOLATION);
1289 }
1290 __ENDTRY
1291
1292 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1293 return ret;
1294 }
1295
1296 static BOOL CRYPT_AsnDecodeOidIgnoreTag(const BYTE *pbEncoded, DWORD cbEncoded,
1297 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1298 {
1299 BOOL ret = TRUE;
1300 DWORD dataLen;
1301
1302 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1303 pvStructInfo, *pcbStructInfo);
1304
1305 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1306 {
1307 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1308 DWORD bytesNeeded = sizeof(LPSTR);
1309
1310 if (dataLen)
1311 {
1312 const BYTE *ptr;
1313 char str[32];
1314
1315 snprintf(str, sizeof(str), "%d.%d",
1316 pbEncoded[1 + lenBytes] / 40,
1317 pbEncoded[1 + lenBytes] - (pbEncoded[1 + lenBytes] / 40)
1318 * 40);
1319 bytesNeeded += strlen(str) + 1;
1320 for (ptr = pbEncoded + 2 + lenBytes; ret &&
1321 ptr - pbEncoded - 1 - lenBytes < dataLen; )
1322 {
1323 int val = 0;
1324
1325 while (ptr - pbEncoded - 1 - lenBytes < dataLen &&
1326 (*ptr & 0x80))
1327 {
1328 val <<= 7;
1329 val |= *ptr & 0x7f;
1330 ptr++;
1331 }
1332 if (ptr - pbEncoded - 1 - lenBytes >= dataLen ||
1333 (*ptr & 0x80))
1334 {
1335 SetLastError(CRYPT_E_ASN1_CORRUPT);
1336 ret = FALSE;
1337 }
1338 else
1339 {
1340 val <<= 7;
1341 val |= *ptr++;
1342 snprintf(str, sizeof(str), ".%d", val);
1343 bytesNeeded += strlen(str);
1344 }
1345 }
1346 }
1347 if (pcbDecoded)
1348 *pcbDecoded = 1 + lenBytes + dataLen;
1349 if (!pvStructInfo)
1350 *pcbStructInfo = bytesNeeded;
1351 else if (*pcbStructInfo < bytesNeeded)
1352 {
1353 *pcbStructInfo = bytesNeeded;
1354 SetLastError(ERROR_MORE_DATA);
1355 ret = FALSE;
1356 }
1357 else
1358 {
1359 if (dataLen)
1360 {
1361 const BYTE *ptr;
1362 LPSTR pszObjId = *(LPSTR *)pvStructInfo;
1363
1364 *pszObjId = 0;
1365 sprintf(pszObjId, "%d.%d", pbEncoded[1 + lenBytes] / 40,
1366 pbEncoded[1 + lenBytes] - (pbEncoded[1 + lenBytes] /
1367 40) * 40);
1368 pszObjId += strlen(pszObjId);
1369 for (ptr = pbEncoded + 2 + lenBytes; ret &&
1370 ptr - pbEncoded - 1 - lenBytes < dataLen; )
1371 {
1372 int val = 0;
1373
1374 while (ptr - pbEncoded - 1 - lenBytes < dataLen &&
1375 (*ptr & 0x80))
1376 {
1377 val <<= 7;
1378 val |= *ptr & 0x7f;
1379 ptr++;
1380 }
1381 val <<= 7;
1382 val |= *ptr++;
1383 sprintf(pszObjId, ".%d", val);
1384 pszObjId += strlen(pszObjId);
1385 }
1386 }
1387 else
1388 *(LPSTR *)pvStructInfo = NULL;
1389 *pcbStructInfo = bytesNeeded;
1390 }
1391 }
1392 return ret;
1393 }
1394
1395 static BOOL CRYPT_AsnDecodeOidInternal(const BYTE *pbEncoded, DWORD cbEncoded,
1396 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1397 {
1398 BOOL ret;
1399
1400 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1401 pvStructInfo, *pcbStructInfo);
1402
1403 if (pbEncoded[0] == ASN_OBJECTIDENTIFIER)
1404 ret = CRYPT_AsnDecodeOidIgnoreTag(pbEncoded, cbEncoded, dwFlags,
1405 pvStructInfo, pcbStructInfo, pcbDecoded);
1406 else
1407 {
1408 SetLastError(CRYPT_E_ASN1_BADTAG);
1409 ret = FALSE;
1410 }
1411 return ret;
1412 }
1413
1414 static BOOL CRYPT_AsnDecodeExtension(const BYTE *pbEncoded, DWORD cbEncoded,
1415 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1416 {
1417 struct AsnDecodeSequenceItem items[] = {
1418 { ASN_OBJECTIDENTIFIER, offsetof(CERT_EXTENSION, pszObjId),
1419 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
1420 offsetof(CERT_EXTENSION, pszObjId), 0 },
1421 { ASN_BOOL, offsetof(CERT_EXTENSION, fCritical), CRYPT_AsnDecodeBool,
1422 sizeof(BOOL), TRUE, FALSE, 0, 0 },
1423 { ASN_OCTETSTRING, offsetof(CERT_EXTENSION, Value),
1424 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_OBJID_BLOB), FALSE, TRUE,
1425 offsetof(CERT_EXTENSION, Value.pbData) },
1426 };
1427 BOOL ret = TRUE;
1428 PCERT_EXTENSION ext = pvStructInfo;
1429
1430 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags, ext,
1431 *pcbStructInfo);
1432
1433 if (ext)
1434 TRACE("ext->pszObjId is %p\n", ext->pszObjId);
1435 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1436 pbEncoded, cbEncoded, dwFlags, NULL, ext, pcbStructInfo,
1437 pcbDecoded, ext ? ext->pszObjId : NULL);
1438 if (ext)
1439 TRACE("ext->pszObjId is %p (%s)\n", ext->pszObjId,
1440 debugstr_a(ext->pszObjId));
1441 TRACE("returning %d (%08x)\n", ret, GetLastError());
1442 return ret;
1443 }
1444
1445 static BOOL WINAPI CRYPT_AsnDecodeExtensions(DWORD dwCertEncodingType,
1446 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1447 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1448 {
1449 BOOL ret = TRUE;
1450
1451 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1452 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
1453
1454 __TRY
1455 {
1456 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1457 offsetof(CERT_EXTENSIONS, cExtension),
1458 offsetof(CERT_EXTENSIONS, rgExtension),
1459 sizeof(CERT_EXTENSIONS),
1460 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
1461 offsetof(CERT_EXTENSION, pszObjId) };
1462 CERT_EXTENSIONS *exts = pvStructInfo;
1463
1464 if (pvStructInfo && !(dwFlags & CRYPT_DECODE_ALLOC_FLAG))
1465 exts->rgExtension = (CERT_EXTENSION *)(exts + 1);
1466 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1467 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
1468 }
1469 __EXCEPT_PAGE_FAULT
1470 {
1471 SetLastError(STATUS_ACCESS_VIOLATION);
1472 ret = FALSE;
1473 }
1474 __ENDTRY
1475 return ret;
1476 }
1477
1478 /* Warning: this assumes the address of value->Value.pbData is already set, in
1479 * order to avoid overwriting memory. (In some cases, it may change it, if it
1480 * doesn't copy anything to memory.) Be sure to set it correctly!
1481 */
1482 static BOOL CRYPT_AsnDecodeNameValueInternal(const BYTE *pbEncoded,
1483 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1484 DWORD *pcbDecoded)
1485 {
1486 BOOL ret = TRUE;
1487 DWORD dataLen;
1488 CERT_NAME_VALUE *value = pvStructInfo;
1489
1490 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1491 {
1492 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1493 DWORD bytesNeeded = sizeof(CERT_NAME_VALUE), valueType;
1494
1495 switch (pbEncoded[0])
1496 {
1497 case ASN_OCTETSTRING:
1498 valueType = CERT_RDN_OCTET_STRING;
1499 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1500 bytesNeeded += dataLen;
1501 break;
1502 case ASN_NUMERICSTRING:
1503 valueType = CERT_RDN_NUMERIC_STRING;
1504 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1505 bytesNeeded += dataLen;
1506 break;
1507 case ASN_PRINTABLESTRING:
1508 valueType = CERT_RDN_PRINTABLE_STRING;
1509 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1510 bytesNeeded += dataLen;
1511 break;
1512 case ASN_IA5STRING:
1513 valueType = CERT_RDN_IA5_STRING;
1514 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1515 bytesNeeded += dataLen;
1516 break;
1517 case ASN_T61STRING:
1518 valueType = CERT_RDN_T61_STRING;
1519 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1520 bytesNeeded += dataLen;
1521 break;
1522 case ASN_VIDEOTEXSTRING:
1523 valueType = CERT_RDN_VIDEOTEX_STRING;
1524 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1525 bytesNeeded += dataLen;
1526 break;
1527 case ASN_GRAPHICSTRING:
1528 valueType = CERT_RDN_GRAPHIC_STRING;
1529 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1530 bytesNeeded += dataLen;
1531 break;
1532 case ASN_VISIBLESTRING:
1533 valueType = CERT_RDN_VISIBLE_STRING;
1534 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1535 bytesNeeded += dataLen;
1536 break;
1537 case ASN_GENERALSTRING:
1538 valueType = CERT_RDN_GENERAL_STRING;
1539 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1540 bytesNeeded += dataLen;
1541 break;
1542 case ASN_UNIVERSALSTRING:
1543 FIXME("ASN_UNIVERSALSTRING: unimplemented\n");
1544 SetLastError(CRYPT_E_ASN1_BADTAG);
1545 return FALSE;
1546 case ASN_BMPSTRING:
1547 valueType = CERT_RDN_BMP_STRING;
1548 bytesNeeded += dataLen;
1549 break;
1550 case ASN_UTF8STRING:
1551 valueType = CERT_RDN_UTF8_STRING;
1552 bytesNeeded += MultiByteToWideChar(CP_UTF8, 0,
1553 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen, NULL, 0) * 2;
1554 break;
1555 default:
1556 SetLastError(CRYPT_E_ASN1_BADTAG);
1557 return FALSE;
1558 }
1559
1560 if (pcbDecoded)
1561 *pcbDecoded = 1 + lenBytes + dataLen;
1562 if (!value)
1563 *pcbStructInfo = bytesNeeded;
1564 else if (*pcbStructInfo < bytesNeeded)
1565 {
1566 *pcbStructInfo = bytesNeeded;
1567 SetLastError(ERROR_MORE_DATA);
1568 ret = FALSE;
1569 }
1570 else
1571 {
1572 *pcbStructInfo = bytesNeeded;
1573 value->dwValueType = valueType;
1574 if (dataLen)
1575 {
1576 DWORD i;
1577
1578 assert(value->Value.pbData);
1579 switch (pbEncoded[0])
1580 {
1581 case ASN_OCTETSTRING:
1582 case ASN_NUMERICSTRING:
1583 case ASN_PRINTABLESTRING:
1584 case ASN_IA5STRING:
1585 case ASN_T61STRING:
1586 case ASN_VIDEOTEXSTRING:
1587 case ASN_GRAPHICSTRING:
1588 case ASN_VISIBLESTRING:
1589 case ASN_GENERALSTRING:
1590 value->Value.cbData = dataLen;
1591 if (dataLen)
1592 {
1593 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1594 memcpy(value->Value.pbData,
1595 pbEncoded + 1 + lenBytes, dataLen);
1596 else
1597 value->Value.pbData = (LPBYTE)pbEncoded + 1 +
1598 lenBytes;
1599 }
1600 break;
1601 case ASN_BMPSTRING:
1602 {
1603 LPWSTR str = (LPWSTR)value->Value.pbData;
1604
1605 value->Value.cbData = dataLen;
1606 for (i = 0; i < dataLen / 2; i++)
1607 str[i] = (pbEncoded[1 + lenBytes + 2 * i] << 8) |
1608 pbEncoded[1 + lenBytes + 2 * i + 1];
1609 break;
1610 }
1611 case ASN_UTF8STRING:
1612 {
1613 LPWSTR str = (LPWSTR)value->Value.pbData;
1614
1615 value->Value.cbData = MultiByteToWideChar(CP_UTF8, 0,
1616 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen,
1617 str, bytesNeeded - sizeof(CERT_NAME_VALUE)) * 2;
1618 break;
1619 }
1620 }
1621 }
1622 else
1623 {
1624 value->Value.cbData = 0;
1625 value->Value.pbData = NULL;
1626 }
1627 }
1628 }
1629 return ret;
1630 }
1631
1632 static BOOL WINAPI CRYPT_AsnDecodeNameValue(DWORD dwCertEncodingType,
1633 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1634 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1635 {
1636 BOOL ret = TRUE;
1637
1638 __TRY
1639 {
1640 ret = CRYPT_AsnDecodeNameValueInternal(pbEncoded, cbEncoded,
1641 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
1642 if (ret && pvStructInfo)
1643 {
1644 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
1645 pcbStructInfo, *pcbStructInfo);
1646 if (ret)
1647 {
1648 CERT_NAME_VALUE *value;
1649
1650 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1651 pvStructInfo = *(BYTE **)pvStructInfo;
1652 value = pvStructInfo;
1653 value->Value.pbData = ((BYTE *)value + sizeof(CERT_NAME_VALUE));
1654 ret = CRYPT_AsnDecodeNameValueInternal( pbEncoded, cbEncoded,
1655 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
1656 pcbStructInfo, NULL);
1657 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
1658 CRYPT_FreeSpace(pDecodePara, value);
1659 }
1660 }
1661 }
1662 __EXCEPT_PAGE_FAULT
1663 {
1664 SetLastError(STATUS_ACCESS_VIOLATION);
1665 ret = FALSE;
1666 }
1667 __ENDTRY
1668 return ret;
1669 }
1670
1671 static BOOL CRYPT_AsnDecodeUnicodeNameValueInternal(const BYTE *pbEncoded,
1672 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1673 DWORD *pcbDecoded)
1674 {
1675 BOOL ret = TRUE;
1676 DWORD dataLen;
1677 CERT_NAME_VALUE *value = pvStructInfo;
1678
1679 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1680 {
1681 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1682 DWORD bytesNeeded = sizeof(CERT_NAME_VALUE), valueType;
1683
1684 switch (pbEncoded[0])
1685 {
1686 case ASN_NUMERICSTRING:
1687 valueType = CERT_RDN_NUMERIC_STRING;
1688 if (dataLen)
1689 bytesNeeded += (dataLen + 1) * 2;
1690 break;
1691 case ASN_PRINTABLESTRING:
1692 valueType = CERT_RDN_PRINTABLE_STRING;
1693 if (dataLen)
1694 bytesNeeded += (dataLen + 1) * 2;
1695 break;
1696 case ASN_IA5STRING:
1697 valueType = CERT_RDN_IA5_STRING;
1698 if (dataLen)
1699 bytesNeeded += (dataLen + 1) * 2;
1700 break;
1701 case ASN_T61STRING:
1702 valueType = CERT_RDN_T61_STRING;
1703 if (dataLen)
1704 bytesNeeded += (dataLen + 1) * 2;
1705 break;
1706 case ASN_VIDEOTEXSTRING:
1707 valueType = CERT_RDN_VIDEOTEX_STRING;
1708 if (dataLen)
1709 bytesNeeded += (dataLen + 1) * 2;
1710 break;
1711 case ASN_GRAPHICSTRING:
1712 valueType = CERT_RDN_GRAPHIC_STRING;
1713 if (dataLen)
1714 bytesNeeded += (dataLen + 1) * 2;
1715 break;
1716 case ASN_VISIBLESTRING:
1717 valueType = CERT_RDN_VISIBLE_STRING;
1718 if (dataLen)
1719 bytesNeeded += (dataLen + 1) * 2;
1720 break;
1721 case ASN_GENERALSTRING:
1722 valueType = CERT_RDN_GENERAL_STRING;
1723 if (dataLen)
1724 bytesNeeded += (dataLen + 1) * 2;
1725 break;
1726 case ASN_UNIVERSALSTRING:
1727 valueType = CERT_RDN_UNIVERSAL_STRING;
1728 if (dataLen)
1729 bytesNeeded += dataLen / 2 + sizeof(WCHAR);
1730 break;
1731 case ASN_BMPSTRING:
1732 valueType = CERT_RDN_BMP_STRING;
1733 if (dataLen)
1734 bytesNeeded += dataLen + sizeof(WCHAR);
1735 break;
1736 case ASN_UTF8STRING:
1737 valueType = CERT_RDN_UTF8_STRING;
1738 if (dataLen)
1739 bytesNeeded += (MultiByteToWideChar(CP_UTF8, 0,
1740 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen, NULL, 0) + 1) * 2;
1741 break;
1742 default:
1743 SetLastError(CRYPT_E_ASN1_BADTAG);
1744 return FALSE;
1745 }
1746
1747 if (pcbDecoded)
1748 *pcbDecoded = 1 + lenBytes + dataLen;
1749 if (!value)
1750 *pcbStructInfo = bytesNeeded;
1751 else if (*pcbStructInfo < bytesNeeded)
1752 {
1753 *pcbStructInfo = bytesNeeded;
1754 SetLastError(ERROR_MORE_DATA);
1755 ret = FALSE;
1756 }
1757 else
1758 {
1759 *pcbStructInfo = bytesNeeded;
1760 value->dwValueType = valueType;
1761 if (dataLen)
1762 {
1763 DWORD i;
1764 LPWSTR str = (LPWSTR)value->Value.pbData;
1765
1766 assert(value->Value.pbData);
1767 switch (pbEncoded[0])
1768 {
1769 case ASN_NUMERICSTRING:
1770 case ASN_PRINTABLESTRING:
1771 case ASN_IA5STRING:
1772 case ASN_T61STRING:
1773 case ASN_VIDEOTEXSTRING:
1774 case ASN_GRAPHICSTRING:
1775 case ASN_VISIBLESTRING:
1776 case ASN_GENERALSTRING:
1777 value->Value.cbData = dataLen * 2;
1778 for (i = 0; i < dataLen; i++)
1779 str[i] = pbEncoded[1 + lenBytes + i];
1780 str[i] = 0;
1781 break;
1782 case ASN_UNIVERSALSTRING:
1783 value->Value.cbData = dataLen / 2;
1784 for (i = 0; i < dataLen / 4; i++)
1785 str[i] = (pbEncoded[1 + lenBytes + 2 * i + 2] << 8)
1786 | pbEncoded[1 + lenBytes + 2 * i + 3];
1787 str[i] = 0;
1788 break;
1789 case ASN_BMPSTRING:
1790 value->Value.cbData = dataLen;
1791 for (i = 0; i < dataLen / 2; i++)
1792 str[i] = (pbEncoded[1 + lenBytes + 2 * i] << 8) |
1793 pbEncoded[1 + lenBytes + 2 * i + 1];
1794 str[i] = 0;
1795 break;
1796 case ASN_UTF8STRING:
1797 value->Value.cbData = MultiByteToWideChar(CP_UTF8, 0,
1798 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen,
1799 str, bytesNeeded - sizeof(CERT_NAME_VALUE)) * sizeof(WCHAR);
1800 *(WCHAR *)(value->Value.pbData + value->Value.cbData) = 0;
1801 value->Value.cbData += sizeof(WCHAR);
1802 break;
1803 }
1804 }
1805 else
1806 {
1807 value->Value.cbData = 0;
1808 value->Value.pbData = NULL;
1809 }
1810 }
1811 }
1812 return ret;
1813 }
1814
1815 static BOOL WINAPI CRYPT_AsnDecodeUnicodeNameValue(DWORD dwCertEncodingType,
1816 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1817 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1818 {
1819 BOOL ret = TRUE;
1820
1821 __TRY
1822 {
1823 ret = CRYPT_AsnDecodeUnicodeNameValueInternal(pbEncoded, cbEncoded,
1824 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
1825 if (ret && pvStructInfo)
1826 {
1827 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
1828 pcbStructInfo, *pcbStructInfo);
1829 if (ret)
1830 {
1831 CERT_NAME_VALUE *value;
1832
1833 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1834 pvStructInfo = *(BYTE **)pvStructInfo;
1835 value = pvStructInfo;
1836 value->Value.pbData = ((BYTE *)value + sizeof(CERT_NAME_VALUE));
1837 ret = CRYPT_AsnDecodeUnicodeNameValueInternal(pbEncoded,
1838 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
1839 pcbStructInfo, NULL);
1840 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
1841 CRYPT_FreeSpace(pDecodePara, value);
1842 }
1843 }
1844 }
1845 __EXCEPT_PAGE_FAULT
1846 {
1847 SetLastError(STATUS_ACCESS_VIOLATION);
1848 ret = FALSE;
1849 }
1850 __ENDTRY
1851 return ret;
1852 }
1853
1854 static BOOL CRYPT_AsnDecodeRdnAttr(const BYTE *pbEncoded, DWORD cbEncoded,
1855 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1856 {
1857 BOOL ret;
1858 struct AsnDecodeSequenceItem items[] = {
1859 { ASN_OBJECTIDENTIFIER, offsetof(CERT_RDN_ATTR, pszObjId),
1860 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
1861 offsetof(CERT_RDN_ATTR, pszObjId), 0 },
1862 { 0, offsetof(CERT_RDN_ATTR, dwValueType),
1863 CRYPT_AsnDecodeNameValueInternal, sizeof(CERT_NAME_VALUE),
1864 FALSE, TRUE, offsetof(CERT_RDN_ATTR, Value.pbData), 0 },
1865 };
1866 CERT_RDN_ATTR *attr = pvStructInfo;
1867
1868 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1869 pvStructInfo, *pcbStructInfo);
1870
1871 if (attr)
1872 TRACE("attr->pszObjId is %p\n", attr->pszObjId);
1873 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1874 pbEncoded, cbEncoded, dwFlags, NULL, attr, pcbStructInfo, pcbDecoded,
1875 attr ? attr->pszObjId : NULL);
1876 if (attr)
1877 {
1878 TRACE("attr->pszObjId is %p (%s)\n", attr->pszObjId,
1879 debugstr_a(attr->pszObjId));
1880 TRACE("attr->dwValueType is %d\n", attr->dwValueType);
1881 }
1882 TRACE("returning %d (%08x)\n", ret, GetLastError());
1883 return ret;
1884 }
1885
1886 static BOOL CRYPT_AsnDecodeRdn(const BYTE *pbEncoded, DWORD cbEncoded,
1887 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1888 {
1889 BOOL ret = TRUE;
1890 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
1891 offsetof(CERT_RDN, cRDNAttr), offsetof(CERT_RDN, rgRDNAttr),
1892 sizeof(CERT_RDN),
1893 CRYPT_AsnDecodeRdnAttr, sizeof(CERT_RDN_ATTR), TRUE,
1894 offsetof(CERT_RDN_ATTR, pszObjId) };
1895
1896 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
1897 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1898 return ret;
1899 }
1900
1901 static BOOL WINAPI CRYPT_AsnDecodeName(DWORD dwCertEncodingType,
1902 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1903 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1904 {
1905 BOOL ret = TRUE;
1906
1907 __TRY
1908 {
1909 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1910 offsetof(CERT_NAME_INFO, cRDN), offsetof(CERT_NAME_INFO, rgRDN),
1911 sizeof(CERT_NAME_INFO),
1912 CRYPT_AsnDecodeRdn, sizeof(CERT_RDN), TRUE,
1913 offsetof(CERT_RDN, rgRDNAttr) };
1914 DWORD bytesNeeded = 0;
1915
1916 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1917 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, NULL, &bytesNeeded,
1918 NULL);
1919 if (ret)
1920 {
1921 if (!pvStructInfo)
1922 *pcbStructInfo = bytesNeeded;
1923 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
1924 pvStructInfo, pcbStructInfo, bytesNeeded)))
1925 {
1926 CERT_NAME_INFO *info;
1927
1928 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1929 pvStructInfo = *(BYTE **)pvStructInfo;
1930 info = pvStructInfo;
1931 info->rgRDN = (CERT_RDN *)((BYTE *)pvStructInfo +
1932 sizeof(CERT_NAME_INFO));
1933 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1934 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pvStructInfo,
1935 &bytesNeeded, NULL);
1936 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
1937 CRYPT_FreeSpace(pDecodePara, info);
1938 }
1939 }
1940 }
1941 __EXCEPT_PAGE_FAULT
1942 {
1943 SetLastError(STATUS_ACCESS_VIOLATION);
1944 ret = FALSE;
1945 }
1946 __ENDTRY
1947 return ret;
1948 }
1949
1950 static BOOL CRYPT_AsnDecodeUnicodeRdnAttr(const BYTE *pbEncoded,
1951 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1952 DWORD *pcbDecoded)
1953 {
1954 BOOL ret;
1955 struct AsnDecodeSequenceItem items[] = {
1956 { ASN_OBJECTIDENTIFIER, offsetof(CERT_RDN_ATTR, pszObjId),
1957 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
1958 offsetof(CERT_RDN_ATTR, pszObjId), 0 },
1959 { 0, offsetof(CERT_RDN_ATTR, dwValueType),
1960 CRYPT_AsnDecodeUnicodeNameValueInternal, sizeof(CERT_NAME_VALUE),
1961 FALSE, TRUE, offsetof(CERT_RDN_ATTR, Value.pbData), 0 },
1962 };
1963 CERT_RDN_ATTR *attr = pvStructInfo;
1964
1965 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1966 pvStructInfo, *pcbStructInfo);
1967
1968 if (attr)
1969 TRACE("attr->pszObjId is %p\n", attr->pszObjId);
1970 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1971 pbEncoded, cbEncoded, dwFlags, NULL, attr, pcbStructInfo, pcbDecoded,
1972 attr ? attr->pszObjId : NULL);
1973 if (attr)
1974 {
1975 TRACE("attr->pszObjId is %p (%s)\n", attr->pszObjId,
1976 debugstr_a(attr->pszObjId));
1977 TRACE("attr->dwValueType is %d\n", attr->dwValueType);
1978 }
1979 TRACE("returning %d (%08x)\n", ret, GetLastError());
1980 return ret;
1981 }
1982
1983 static BOOL CRYPT_AsnDecodeUnicodeRdn(const BYTE *pbEncoded, DWORD cbEncoded,
1984 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1985 {
1986 BOOL ret = TRUE;
1987 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
1988 offsetof(CERT_RDN, cRDNAttr), offsetof(CERT_RDN, rgRDNAttr),
1989 sizeof(CERT_RDN),
1990 CRYPT_AsnDecodeUnicodeRdnAttr, sizeof(CERT_RDN_ATTR), TRUE,
1991 offsetof(CERT_RDN_ATTR, pszObjId) };
1992
1993 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
1994 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1995 return ret;
1996 }
1997
1998 static BOOL WINAPI CRYPT_AsnDecodeUnicodeName(DWORD dwCertEncodingType,
1999 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2000 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2001 {
2002 BOOL ret = TRUE;
2003
2004 __TRY
2005 {
2006 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2007 offsetof(CERT_NAME_INFO, cRDN), offsetof(CERT_NAME_INFO, rgRDN),
2008 sizeof(CERT_NAME_INFO),
2009 CRYPT_AsnDecodeUnicodeRdn, sizeof(CERT_RDN), TRUE,
2010 offsetof(CERT_RDN, rgRDNAttr) };
2011 DWORD bytesNeeded = 0;
2012
2013 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2014 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, NULL, &bytesNeeded,
2015 NULL);
2016 if (ret)
2017 {
2018 if (!pvStructInfo)
2019 *pcbStructInfo = bytesNeeded;
2020 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2021 pvStructInfo, pcbStructInfo, bytesNeeded)))
2022 {
2023 CERT_NAME_INFO *info;
2024
2025 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2026 pvStructInfo = *(BYTE **)pvStructInfo;
2027 info = pvStructInfo;
2028 info->rgRDN = (CERT_RDN *)((BYTE *)pvStructInfo +
2029 sizeof(CERT_NAME_INFO));
2030 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2031 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pvStructInfo,
2032 &bytesNeeded, NULL);
2033 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
2034 CRYPT_FreeSpace(pDecodePara, info);
2035 }
2036 }
2037 }
2038 __EXCEPT_PAGE_FAULT
2039 {
2040 SetLastError(STATUS_ACCESS_VIOLATION);
2041 ret = FALSE;
2042 }
2043 __ENDTRY
2044 return ret;
2045 }
2046
2047 static BOOL CRYPT_FindEncodedLen(const BYTE *pbEncoded, DWORD cbEncoded,
2048 DWORD *pcbDecoded)
2049 {
2050 BOOL ret = TRUE, done = FALSE;
2051 DWORD indefiniteNestingLevels = 0, decoded = 0;
2052
2053 TRACE("(%p, %d)\n", pbEncoded, cbEncoded);
2054
2055 do {
2056 DWORD dataLen;
2057
2058 if (!cbEncoded)
2059 done = TRUE;
2060 else if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded,
2061 &dataLen)))
2062 {
2063 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2064
2065 if (dataLen == CMSG_INDEFINITE_LENGTH)
2066 {
2067 indefiniteNestingLevels++;
2068 pbEncoded += 1 + lenBytes;
2069 cbEncoded -= 1 + lenBytes;
2070 decoded += 1 + lenBytes;
2071 TRACE("indefiniteNestingLevels = %d\n",
2072 indefiniteNestingLevels);
2073 }
2074 else
2075 {
2076 if (pbEncoded[0] == 0 && pbEncoded[1] == 0 &&
2077 indefiniteNestingLevels)
2078 {
2079 indefiniteNestingLevels--;
2080 TRACE("indefiniteNestingLevels = %d\n",
2081 indefiniteNestingLevels);
2082 }
2083 pbEncoded += 1 + lenBytes + dataLen;
2084 cbEncoded -= 1 + lenBytes + dataLen;
2085 decoded += 1 + lenBytes + dataLen;
2086 if (!indefiniteNestingLevels)
2087 done = TRUE;
2088 }
2089 }
2090 } while (ret && !done);
2091 /* If we haven't found all 0 TLVs, we haven't found the end */
2092 if (ret && indefiniteNestingLevels)
2093 {
2094 SetLastError(CRYPT_E_ASN1_EOD);
2095 ret = FALSE;
2096 }
2097 if (ret)
2098 *pcbDecoded = decoded;
2099 TRACE("returning %d (%d)\n", ret, ret ? *pcbDecoded : 0);
2100 return ret;
2101 }
2102
2103 static BOOL CRYPT_AsnDecodeCopyBytes(const BYTE *pbEncoded,
2104 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2105 DWORD *pcbDecoded)
2106 {
2107 BOOL ret = TRUE;
2108 DWORD bytesNeeded = sizeof(CRYPT_OBJID_BLOB), encodedLen = 0;
2109
2110 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2111 pvStructInfo, *pcbStructInfo);
2112
2113 if ((ret = CRYPT_FindEncodedLen(pbEncoded, cbEncoded, &encodedLen)))
2114 {
2115 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
2116 bytesNeeded += encodedLen;
2117 if (!pvStructInfo)
2118 *pcbStructInfo = bytesNeeded;
2119 else if (*pcbStructInfo < bytesNeeded)
2120 {
2121 SetLastError(ERROR_MORE_DATA);
2122 *pcbStructInfo = bytesNeeded;
2123 ret = FALSE;
2124 }
2125 else
2126 {
2127 PCRYPT_OBJID_BLOB blob = pvStructInfo;
2128
2129 *pcbStructInfo = bytesNeeded;
2130 blob->cbData = encodedLen;
2131 if (encodedLen)
2132 {
2133 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2134 blob->pbData = (LPBYTE)pbEncoded;
2135 else
2136 {
2137 assert(blob->pbData);
2138 memcpy(blob->pbData, pbEncoded, blob->cbData);
2139 }
2140 }
2141 else
2142 blob->pbData = NULL;
2143 }
2144 if (pcbDecoded)
2145 *pcbDecoded = encodedLen;
2146 }
2147 return ret;
2148 }
2149
2150 static BOOL CRYPT_AsnDecodeCTLUsage(const BYTE *pbEncoded, DWORD cbEncoded,
2151 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2152 {
2153 BOOL ret;
2154 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2155 offsetof(CTL_USAGE, cUsageIdentifier),
2156 offsetof(CTL_USAGE, rgpszUsageIdentifier),
2157 sizeof(CTL_USAGE),
2158 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), TRUE, 0 };
2159
2160 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
2161 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2162 return ret;
2163 }
2164
2165 static BOOL CRYPT_AsnDecodeCTLEntryAttributes(const BYTE *pbEncoded,
2166 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2167 DWORD *pcbDecoded)
2168 {
2169 struct AsnArrayDescriptor arrayDesc = { 0,
2170 offsetof(CTL_ENTRY, cAttribute), offsetof(CTL_ENTRY, rgAttribute),
2171 FINALMEMBERSIZE(CTL_ENTRY, cAttribute),
2172 CRYPT_AsnDecodePKCSAttributeInternal, sizeof(CRYPT_ATTRIBUTE), TRUE,
2173 offsetof(CRYPT_ATTRIBUTE, pszObjId) };
2174 BOOL ret;
2175
2176 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2177 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2178 return ret;
2179 }
2180
2181 static BOOL CRYPT_AsnDecodeCTLEntry(const BYTE *pbEncoded, DWORD cbEncoded,
2182 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2183 {
2184 struct AsnDecodeSequenceItem items[] = {
2185 { ASN_OCTETSTRING, offsetof(CTL_ENTRY, SubjectIdentifier),
2186 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB), FALSE, TRUE,
2187 offsetof(CTL_ENTRY, SubjectIdentifier.pbData), 0 },
2188 { ASN_CONSTRUCTOR | ASN_SETOF, offsetof(CTL_ENTRY, cAttribute),
2189 CRYPT_AsnDecodeCTLEntryAttributes,
2190 FINALMEMBERSIZE(CTL_ENTRY, cAttribute), FALSE, TRUE,
2191 offsetof(CTL_ENTRY, rgAttribute), 0 },
2192 };
2193 BOOL ret = TRUE;
2194 CTL_ENTRY *entry = pvStructInfo;
2195
2196 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags, entry,
2197 *pcbStructInfo);
2198
2199 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2200 pbEncoded, cbEncoded, dwFlags, NULL, entry, pcbStructInfo,
2201 pcbDecoded, entry ? entry->SubjectIdentifier.pbData : NULL);
2202 return ret;
2203 }
2204
2205 static BOOL CRYPT_AsnDecodeCTLEntries(const BYTE *pbEncoded, DWORD cbEncoded,
2206 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2207 {
2208 BOOL ret;
2209 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2210 offsetof(CTL_INFO, cCTLEntry), offsetof(CTL_INFO, rgCTLEntry),
2211 FINALMEMBERSIZE(CTL_INFO, cExtension),
2212 CRYPT_AsnDecodeCTLEntry, sizeof(CTL_ENTRY), TRUE,
2213 offsetof(CTL_ENTRY, SubjectIdentifier.pbData) };
2214
2215 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
2216 pvStructInfo, *pcbStructInfo, pcbDecoded);
2217
2218 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2219 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2220 return ret;
2221 }
2222
2223 static BOOL CRYPT_AsnDecodeCTLExtensionsInternal(const BYTE *pbEncoded,
2224 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2225 DWORD *pcbDecoded)
2226 {
2227 BOOL ret = TRUE;
2228 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2229 offsetof(CTL_INFO, cExtension), offsetof(CTL_INFO, rgExtension),
2230 FINALMEMBERSIZE(CTL_INFO, cExtension),
2231 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
2232 offsetof(CERT_EXTENSION, pszObjId) };
2233
2234 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
2235 pvStructInfo, *pcbStructInfo, pcbDecoded);
2236
2237 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2238 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2239 return ret;
2240 }
2241
2242 static BOOL CRYPT_AsnDecodeCTLExtensions(const BYTE *pbEncoded,
2243 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2244 DWORD *pcbDecoded)
2245 {
2246 BOOL ret;
2247 DWORD dataLen;
2248
2249 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2250 {
2251 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2252
2253 ret = CRYPT_AsnDecodeCTLExtensionsInternal(pbEncoded + 1 + lenBytes,
2254 dataLen, dwFlags, pvStructInfo, pcbStructInfo, NULL);
2255 if (ret && pcbDecoded)
2256 *pcbDecoded = 1 + lenBytes + dataLen;
2257 }
2258 return ret;
2259 }
2260
2261 static BOOL WINAPI CRYPT_AsnDecodeCTL(DWORD dwCertEncodingType,
2262 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2263 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2264 {
2265 BOOL ret = FALSE;
2266
2267 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2268 pDecodePara, pvStructInfo, *pcbStructInfo);
2269
2270 __TRY
2271 {
2272 struct AsnDecodeSequenceItem items[] = {
2273 { ASN_INTEGER, offsetof(CTL_INFO, dwVersion),
2274 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), TRUE, FALSE, 0, 0 },
2275 { ASN_SEQUENCEOF, offsetof(CTL_INFO, SubjectUsage),
2276 CRYPT_AsnDecodeCTLUsage, sizeof(CTL_USAGE), FALSE, TRUE,
2277 offsetof(CTL_INFO, SubjectUsage.rgpszUsageIdentifier), 0 },
2278 { ASN_OCTETSTRING, offsetof(CTL_INFO, ListIdentifier),
2279 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB), TRUE,
2280 TRUE, offsetof(CTL_INFO, ListIdentifier.pbData), 0 },
2281 { ASN_INTEGER, offsetof(CTL_INFO, SequenceNumber),
2282 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
2283 TRUE, TRUE, offsetof(CTL_INFO, SequenceNumber.pbData), 0 },
2284 { 0, offsetof(CTL_INFO, ThisUpdate),
2285 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), FALSE, FALSE,
2286 0 },
2287 { 0, offsetof(CTL_INFO, NextUpdate),
2288 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), TRUE, FALSE,
2289 0 },
2290 { ASN_SEQUENCEOF, offsetof(CTL_INFO, SubjectAlgorithm),
2291 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
2292 FALSE, TRUE, offsetof(CTL_INFO, SubjectAlgorithm.pszObjId), 0 },
2293 { ASN_SEQUENCEOF, offsetof(CTL_INFO, cCTLEntry),
2294 CRYPT_AsnDecodeCTLEntries,
2295 MEMBERSIZE(CTL_INFO, cCTLEntry, cExtension),
2296 TRUE, TRUE, offsetof(CTL_INFO, rgCTLEntry), 0 },
2297 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CTL_INFO, cExtension),
2298 CRYPT_AsnDecodeCTLExtensions, FINALMEMBERSIZE(CTL_INFO, cExtension),
2299 TRUE, TRUE, offsetof(CTL_INFO, rgExtension), 0 },
2300 };
2301
2302 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2303 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
2304 pcbStructInfo, NULL, NULL);
2305 }
2306 __EXCEPT_PAGE_FAULT
2307 {
2308 SetLastError(STATUS_ACCESS_VIOLATION);
2309 }
2310 __ENDTRY
2311 return ret;
2312 }
2313
2314 static BOOL CRYPT_AsnDecodeSMIMECapability(const BYTE *pbEncoded,
2315 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2316 DWORD *pcbDecoded)
2317 {
2318 BOOL ret;
2319 struct AsnDecodeSequenceItem items[] = {
2320 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_SMIME_CAPABILITY, pszObjId),
2321 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
2322 offsetof(CRYPT_SMIME_CAPABILITY, pszObjId), 0 },
2323 { 0, offsetof(CRYPT_SMIME_CAPABILITY, Parameters),
2324 CRYPT_AsnDecodeCopyBytes, sizeof(CRYPT_OBJID_BLOB), TRUE, TRUE,
2325 offsetof(CRYPT_SMIME_CAPABILITY, Parameters.pbData), 0 },
2326 };
2327 PCRYPT_SMIME_CAPABILITY capability = pvStructInfo;
2328
2329 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2330 pvStructInfo, *pcbStructInfo);
2331
2332 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2333 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2334 pcbDecoded, capability ? capability->pszObjId : NULL);
2335 TRACE("returning %d\n", ret);
2336 return ret;
2337 }
2338
2339 static BOOL WINAPI CRYPT_AsnDecodeSMIMECapabilities(DWORD dwCertEncodingType,
2340 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2341 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2342 {
2343 BOOL ret = FALSE;
2344
2345 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2346 pDecodePara, pvStructInfo, *pcbStructInfo);
2347
2348 __TRY
2349 {
2350 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2351 offsetof(CRYPT_SMIME_CAPABILITIES, cCapability),
2352 offsetof(CRYPT_SMIME_CAPABILITIES, rgCapability),
2353 sizeof(CRYPT_SMIME_CAPABILITIES),
2354 CRYPT_AsnDecodeSMIMECapability, sizeof(CRYPT_SMIME_CAPABILITY), TRUE,
2355 offsetof(CRYPT_SMIME_CAPABILITY, pszObjId) };
2356 CRYPT_SMIME_CAPABILITIES *capabilities = pvStructInfo;
2357
2358 if (pvStructInfo && !(dwFlags & CRYPT_DECODE_ALLOC_FLAG))
2359 capabilities->rgCapability = (CRYPT_SMIME_CAPABILITY *)(capabilities + 1);
2360 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2361 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
2362 }
2363 __EXCEPT_PAGE_FAULT
2364 {
2365 SetLastError(STATUS_ACCESS_VIOLATION);
2366 }
2367 __ENDTRY
2368 TRACE("returning %d\n", ret);
2369 return ret;
2370 }
2371
2372 static BOOL CRYPT_AsnDecodeIA5String(const BYTE *pbEncoded,
2373 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2374 DWORD *pcbDecoded)
2375 {
2376 BOOL ret = TRUE;
2377 DWORD dataLen;
2378 LPSTR *pStr = pvStructInfo;
2379
2380 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2381 {
2382 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2383 DWORD bytesNeeded = sizeof(LPSTR) + sizeof(char);
2384
2385 if (pbEncoded[0] != ASN_IA5STRING)
2386 {
2387 SetLastError(CRYPT_E_ASN1_CORRUPT);
2388 ret = FALSE;
2389 }
2390 else
2391 {
2392 bytesNeeded += dataLen;
2393 if (pcbDecoded)
2394 *pcbDecoded = 1 + lenBytes + dataLen;
2395 if (!pvStructInfo)
2396 *pcbStructInfo = bytesNeeded;
2397 else if (*pcbStructInfo < bytesNeeded)
2398 {
2399 *pcbStructInfo = bytesNeeded;
2400 SetLastError(ERROR_MORE_DATA);
2401 ret = FALSE;
2402 }
2403 else
2404 {
2405 *pcbStructInfo = bytesNeeded;
2406 if (dataLen)
2407 {
2408 LPSTR str = *pStr;
2409
2410 assert(str);
2411 memcpy(str, pbEncoded + 1 + lenBytes, dataLen);
2412 str[dataLen] = 0;
2413 }
2414 else
2415 *pStr = NULL;
2416 }
2417 }
2418 }
2419 return ret;
2420 }
2421
2422 static BOOL CRYPT_AsnDecodeNoticeNumbers(const BYTE *pbEncoded,
2423 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2424 DWORD *pcbDecoded)
2425 {
2426 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2427 offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, cNoticeNumbers),
2428 offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, rgNoticeNumbers),
2429 FINALMEMBERSIZE(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, cNoticeNumbers),
2430 CRYPT_AsnDecodeIntInternal, sizeof(int), FALSE, 0 };
2431 BOOL ret;
2432
2433 TRACE("(%p, %d, %08x, %p, %d)\n", pbEncoded, cbEncoded, dwFlags,
2434 pvStructInfo, pvStructInfo ? *pcbDecoded : 0);
2435
2436 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2437 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2438 TRACE("returning %d\n", ret);
2439 return ret;
2440 }
2441
2442 static BOOL CRYPT_AsnDecodeNoticeReference(const BYTE *pbEncoded,
2443 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2444 DWORD *pcbDecoded)
2445 {
2446 BOOL ret;
2447 struct AsnDecodeSequenceItem items[] = {
2448 { ASN_IA5STRING, offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE,
2449 pszOrganization), CRYPT_AsnDecodeIA5String, sizeof(LPSTR), FALSE, TRUE,
2450 offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, pszOrganization), 0 },
2451 { ASN_SEQUENCEOF, offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE,
2452 cNoticeNumbers), CRYPT_AsnDecodeNoticeNumbers,
2453 FINALMEMBERSIZE(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, cNoticeNumbers),
2454 FALSE, TRUE, offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE,
2455 rgNoticeNumbers), 0 },
2456 };
2457 DWORD bytesNeeded = 0;
2458
2459 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2460 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
2461
2462 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2463 pbEncoded, cbEncoded, dwFlags, NULL, NULL, &bytesNeeded, pcbDecoded,
2464 NULL);
2465 if (ret)
2466 {
2467 /* The caller is expecting a pointer to a
2468 * CERT_POLICY_QUALIFIER_NOTICE_REFERENCE to be decoded, whereas
2469 * CRYPT_AsnDecodeSequence is decoding a
2470 * CERT_POLICY_QUALIFIER_NOTICE_REFERENCE. Increment the bytes
2471 * needed, and decode again if the requisite space is available.
2472 */
2473 bytesNeeded += sizeof(PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE);
2474 if (!pvStructInfo)
2475 *pcbStructInfo = bytesNeeded;
2476 else if (*pcbStructInfo < bytesNeeded)
2477 {
2478 *pcbStructInfo = bytesNeeded;
2479 SetLastError(ERROR_MORE_DATA);
2480 ret = FALSE;
2481 }
2482 else
2483 {
2484 PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE noticeRef;
2485
2486 *pcbStructInfo = bytesNeeded;
2487 /* The pointer (pvStructInfo) passed in points to the first dynamic
2488 * pointer, so use it as the pointer to the
2489 * CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, and create the
2490 * appropriate offset for the first dynamic pointer within the
2491 * notice reference by pointing to the first memory location past
2492 * the CERT_POLICY_QUALIFIER_NOTICE_REFERENCE.
2493 */
2494 noticeRef =
2495 *(PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE *)pvStructInfo;
2496 noticeRef->pszOrganization = (LPSTR)((LPBYTE)noticeRef +
2497 sizeof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE));
2498 ret = CRYPT_AsnDecodeSequence(items,
2499 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
2500 NULL, noticeRef, &bytesNeeded, pcbDecoded,
2501 noticeRef->pszOrganization);
2502 }
2503 }
2504 TRACE("returning %d\n", ret);
2505 return ret;
2506 }
2507
2508 static BOOL CRYPT_AsnDecodeUnicodeString(const BYTE *pbEncoded,
2509 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2510 DWORD *pcbDecoded)
2511 {
2512 BOOL ret = TRUE;
2513 DWORD dataLen;
2514
2515 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2516 {
2517 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2518 DWORD bytesNeeded = sizeof(LPWSTR);
2519
2520 switch (pbEncoded[0])
2521 {
2522 case ASN_NUMERICSTRING:
2523 if (dataLen)
2524 bytesNeeded += (dataLen + 1) * 2;
2525 break;
2526 case ASN_PRINTABLESTRING:
2527 if (dataLen)
2528 bytesNeeded += (dataLen + 1) * 2;
2529 break;
2530 case ASN_IA5STRING:
2531 if (dataLen)
2532 bytesNeeded += (dataLen + 1) * 2;
2533 break;
2534 case ASN_T61STRING:
2535 if (dataLen)
2536 bytesNeeded += (dataLen + 1) * 2;
2537 break;
2538 case ASN_VIDEOTEXSTRING:
2539 if (dataLen)
2540 bytesNeeded += (dataLen + 1) * 2;
2541 break;
2542 case ASN_GRAPHICSTRING:
2543 if (dataLen)
2544 bytesNeeded += (dataLen + 1) * 2;
2545 break;
2546 case ASN_VISIBLESTRING:
2547 if (dataLen)
2548 bytesNeeded += (dataLen + 1) * 2;
2549 break;
2550 case ASN_GENERALSTRING:
2551 if (dataLen)
2552 bytesNeeded += (dataLen + 1) * 2;
2553 break;
2554 case ASN_UNIVERSALSTRING:
2555 if (dataLen)
2556 bytesNeeded += dataLen / 2 + sizeof(WCHAR);
2557 break;
2558 case ASN_BMPSTRING:
2559 if (dataLen)
2560 bytesNeeded += dataLen + sizeof(WCHAR);
2561 break;
2562 case ASN_UTF8STRING:
2563 if (dataLen)
2564 bytesNeeded += (MultiByteToWideChar(CP_UTF8, 0,
2565 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen, NULL, 0) + 1) * 2;
2566 break;
2567 default:
2568 SetLastError(CRYPT_E_ASN1_BADTAG);
2569 return FALSE;
2570 }
2571
2572 if (pcbDecoded)
2573 *pcbDecoded = 1 + lenBytes + dataLen;
2574 if (!pvStructInfo)
2575 *pcbStructInfo = bytesNeeded;
2576 else if (*pcbStructInfo < bytesNeeded)
2577 {
2578 *pcbStructInfo = bytesNeeded;
2579 SetLastError(ERROR_MORE_DATA);
2580 ret = FALSE;
2581 }
2582 else
2583 {
2584 LPWSTR *pStr = pvStructInfo;
2585
2586 *pcbStructInfo = bytesNeeded;
2587 if (dataLen)
2588 {
2589 DWORD i;
2590 LPWSTR str = *(LPWSTR *)pStr;
2591
2592 assert(str);
2593 switch (pbEncoded[0])
2594 {
2595 case ASN_NUMERICSTRING:
2596 case ASN_PRINTABLESTRING:
2597 case ASN_IA5STRING:
2598 case ASN_T61STRING:
2599 case ASN_VIDEOTEXSTRING:
2600 case ASN_GRAPHICSTRING:
2601 case ASN_VISIBLESTRING:
2602 case ASN_GENERALSTRING:
2603 for (i = 0; i < dataLen; i++)
2604 str[i] = pbEncoded[1 + lenBytes + i];
2605 str[i] = 0;
2606 break;
2607 case ASN_UNIVERSALSTRING:
2608 for (i = 0; i < dataLen / 4; i++)
2609 str[i] = (pbEncoded[1 + lenBytes + 2 * i + 2] << 8)
2610 | pbEncoded[1 + lenBytes + 2 * i + 3];
2611 str[i] = 0;
2612 break;
2613 case ASN_BMPSTRING:
2614 for (i = 0; i < dataLen / 2; i++)
2615 str[i] = (pbEncoded[1 + lenBytes + 2 * i] << 8) |
2616 pbEncoded[1 + lenBytes + 2 * i + 1];
2617 str[i] = 0;
2618 break;
2619 case ASN_UTF8STRING:
2620 {
2621 int len = MultiByteToWideChar(CP_UTF8, 0,
2622 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen,
2623 str, bytesNeeded - sizeof(CERT_NAME_VALUE)) * 2;
2624 str[len] = 0;
2625 break;
2626 }
2627 }
2628 }
2629 else
2630 *pStr = NULL;
2631 }
2632 }
2633 return ret;
2634 }
2635
2636 static BOOL CRYPT_AsnDecodePolicyQualifierUserNoticeInternal(
2637 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo,
2638 DWORD *pcbStructInfo, DWORD *pcbDecoded)
2639 {
2640 BOOL ret;
2641 struct AsnDecodeSequenceItem items[] = {
2642 { ASN_SEQUENCE, offsetof(CERT_POLICY_QUALIFIER_USER_NOTICE,
2643 pNoticeReference), CRYPT_AsnDecodeNoticeReference,
2644 sizeof(PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE), TRUE, TRUE,
2645 offsetof(CERT_POLICY_QUALIFIER_USER_NOTICE, pNoticeReference), 0 },
2646 { 0, offsetof(CERT_POLICY_QUALIFIER_USER_NOTICE, pszDisplayText),
2647 CRYPT_AsnDecodeUnicodeString, sizeof(LPWSTR), TRUE, TRUE,
2648 offsetof(CERT_POLICY_QUALIFIER_USER_NOTICE, pszDisplayText), 0 },
2649 };
2650 PCERT_POLICY_QUALIFIER_USER_NOTICE notice = pvStructInfo;
2651
2652 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2653 pvStructInfo, *pcbStructInfo);
2654
2655 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2656 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2657 pcbDecoded, notice ? notice->pNoticeReference : NULL);
2658 TRACE("returning %d\n", ret);
2659 return ret;
2660 }
2661
2662 static BOOL WINAPI CRYPT_AsnDecodePolicyQualifierUserNotice(
2663 DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded,
2664 DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
2665 void *pvStructInfo, DWORD *pcbStructInfo)
2666 {
2667 BOOL ret = FALSE;
2668
2669 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2670 pDecodePara, pvStructInfo, *pcbStructInfo);
2671
2672 __TRY
2673 {
2674 DWORD bytesNeeded = 0;
2675
2676 ret = CRYPT_AsnDecodePolicyQualifierUserNoticeInternal(pbEncoded,
2677 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded,
2678 NULL);
2679 if (ret)
2680 {
2681 if (!pvStructInfo)
2682 *pcbStructInfo = bytesNeeded;
2683 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2684 pvStructInfo, pcbStructInfo, bytesNeeded)))
2685 {
2686 PCERT_POLICY_QUALIFIER_USER_NOTICE notice;
2687
2688 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2689 pvStructInfo = *(BYTE **)pvStructInfo;
2690 notice = pvStructInfo;
2691 notice->pNoticeReference =
2692 (PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE)
2693 ((BYTE *)pvStructInfo +
2694 sizeof(CERT_POLICY_QUALIFIER_USER_NOTICE));
2695 ret = CRYPT_AsnDecodePolicyQualifierUserNoticeInternal(
2696 pbEncoded, cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
2697 pvStructInfo, &bytesNeeded, NULL);
2698 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
2699 CRYPT_FreeSpace(pDecodePara, notice);
2700 }
2701 }
2702 }
2703 __EXCEPT_PAGE_FAULT
2704 {
2705 SetLastError(STATUS_ACCESS_VIOLATION);
2706 }
2707 __ENDTRY
2708 TRACE("returning %d\n", ret);
2709 return ret;
2710 }
2711
2712 static BOOL CRYPT_AsnDecodePKCSAttributeValue(const BYTE *pbEncoded,
2713 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2714 DWORD *pcbDecoded)
2715 {
2716 BOOL ret;
2717 struct AsnArrayDescriptor arrayDesc = { 0,
2718 offsetof(CRYPT_ATTRIBUTE, cValue), offsetof(CRYPT_ATTRIBUTE, rgValue),
2719 FINALMEMBERSIZE(CRYPT_ATTRIBUTE, cValue),
2720 CRYPT_AsnDecodeCopyBytes,
2721 sizeof(CRYPT_DER_BLOB), TRUE, offsetof(CRYPT_DER_BLOB, pbData) };
2722
2723 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
2724 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0, pcbDecoded);
2725
2726 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2727 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2728 return ret;
2729 }
2730
2731 static BOOL CRYPT_AsnDecodePKCSAttributeInternal(const BYTE *pbEncoded,
2732 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2733 DWORD *pcbDecoded)
2734 {
2735 BOOL ret;
2736 struct AsnDecodeSequenceItem items[] = {
2737 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_ATTRIBUTE, pszObjId),
2738 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
2739 offsetof(CRYPT_ATTRIBUTE, pszObjId), 0 },
2740 { ASN_CONSTRUCTOR | ASN_SETOF, offsetof(CRYPT_ATTRIBUTE, cValue),
2741 CRYPT_AsnDecodePKCSAttributeValue,
2742 FINALMEMBERSIZE(CRYPT_ATTRIBUTE, cValue), FALSE,
2743 TRUE, offsetof(CRYPT_ATTRIBUTE, rgValue), 0 },
2744 };
2745 PCRYPT_ATTRIBUTE attr = pvStructInfo;
2746
2747 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2748 pvStructInfo, *pcbStructInfo);
2749
2750 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2751 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2752 pcbDecoded, attr ? attr->pszObjId : NULL);
2753 TRACE("returning %d\n", ret);
2754 return ret;
2755 }
2756
2757 static BOOL WINAPI CRYPT_AsnDecodePKCSAttribute(DWORD dwCertEncodingType,
2758 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2759 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2760 {
2761 BOOL ret = FALSE;
2762
2763 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2764 pDecodePara, pvStructInfo, *pcbStructInfo);
2765
2766 __TRY
2767 {
2768 DWORD bytesNeeded = 0;
2769
2770 ret = CRYPT_AsnDecodePKCSAttributeInternal(pbEncoded, cbEncoded,
2771 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
2772 if (ret)
2773 {
2774 if (!pvStructInfo)
2775 *pcbStructInfo = bytesNeeded;
2776 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2777 pvStructInfo, pcbStructInfo, bytesNeeded)))
2778 {
2779 PCRYPT_ATTRIBUTE attr;
2780
2781 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2782 pvStructInfo = *(BYTE **)pvStructInfo;
2783 attr = pvStructInfo;
2784 attr->pszObjId = (LPSTR)((BYTE *)pvStructInfo +
2785 sizeof(CRYPT_ATTRIBUTE));
2786 ret = CRYPT_AsnDecodePKCSAttributeInternal(pbEncoded, cbEncoded,
2787 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo, &bytesNeeded,
2788 NULL);
2789 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
2790 CRYPT_FreeSpace(pDecodePara, attr);
2791 }
2792 }
2793 }
2794 __EXCEPT_PAGE_FAULT
2795 {
2796 SetLastError(STATUS_ACCESS_VIOLATION);
2797 }
2798 __ENDTRY
2799 TRACE("returning %d\n", ret);
2800 return ret;
2801 }
2802
2803 static BOOL CRYPT_AsnDecodePKCSAttributesInternal(const BYTE *pbEncoded,
2804 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2805 DWORD *pcbDecoded)
2806 {
2807 struct AsnArrayDescriptor arrayDesc = { 0,
2808 offsetof(CRYPT_ATTRIBUTES, cAttr), offsetof(CRYPT_ATTRIBUTES, rgAttr),
2809 sizeof(CRYPT_ATTRIBUTES),
2810 CRYPT_AsnDecodePKCSAttributeInternal, sizeof(CRYPT_ATTRIBUTE), TRUE,
2811 offsetof(CRYPT_ATTRIBUTE, pszObjId) };
2812 BOOL ret;
2813
2814 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
2815 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2816 return ret;
2817 }
2818
2819 static BOOL WINAPI CRYPT_AsnDecodePKCSAttributes(DWORD dwCertEncodingType,
2820 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2821 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2822 {
2823 BOOL ret = FALSE;
2824
2825 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2826 pDecodePara, pvStructInfo, *pcbStructInfo);
2827
2828 __TRY
2829 {
2830 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
2831 offsetof(CRYPT_ATTRIBUTES, cAttr), offsetof(CRYPT_ATTRIBUTES, rgAttr),
2832 sizeof(CRYPT_ATTRIBUTES),
2833 CRYPT_AsnDecodePKCSAttributeInternal, sizeof(CRYPT_ATTRIBUTE),
2834 TRUE, offsetof(CRYPT_ATTRIBUTE, pszObjId) };
2835 CRYPT_ATTRIBUTES *attrs = pvStructInfo;
2836
2837 if (pvStructInfo && !(dwFlags & CRYPT_DECODE_ALLOC_FLAG))
2838 attrs->rgAttr = (CRYPT_ATTRIBUTE *)(attrs + 1);
2839 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2840 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
2841 }
2842 __EXCEPT_PAGE_FAULT
2843 {
2844 SetLastError(STATUS_ACCESS_VIOLATION);
2845 }
2846 __ENDTRY
2847 TRACE("returning %d\n", ret);
2848 return ret;
2849 }
2850
2851 static BOOL CRYPT_AsnDecodeAlgorithmId(const BYTE *pbEncoded, DWORD cbEncoded,
2852 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2853 {
2854 CRYPT_ALGORITHM_IDENTIFIER *algo = pvStructInfo;
2855 BOOL ret = TRUE;
2856 struct AsnDecodeSequenceItem items[] = {
2857 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_ALGORITHM_IDENTIFIER, pszObjId),
2858 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
2859 offsetof(CRYPT_ALGORITHM_IDENTIFIER, pszObjId), 0 },
2860 { 0, offsetof(CRYPT_ALGORITHM_IDENTIFIER, Parameters),
2861 CRYPT_AsnDecodeCopyBytes, sizeof(CRYPT_OBJID_BLOB), TRUE, TRUE,
2862 offsetof(CRYPT_ALGORITHM_IDENTIFIER, Parameters.pbData), 0 },
2863 };
2864
2865 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
2866 pvStructInfo, *pcbStructInfo, pcbDecoded);
2867
2868 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2869 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2870 pcbDecoded, algo ? algo->pszObjId : NULL);
2871 if (ret && pvStructInfo)
2872 {
2873 TRACE("pszObjId is %p (%s)\n", algo->pszObjId,
2874 debugstr_a(algo->pszObjId));
2875 }
2876 return ret;
2877 }
2878
2879 static BOOL CRYPT_AsnDecodePubKeyInfoInternal(const BYTE *pbEncoded,
2880 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2881 DWORD *pcbDecoded)
2882 {
2883 BOOL ret = TRUE;
2884 struct AsnDecodeSequenceItem items[] = {
2885 { ASN_SEQUENCEOF, offsetof(CERT_PUBLIC_KEY_INFO, Algorithm),
2886 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
2887 FALSE, TRUE, offsetof(CERT_PUBLIC_KEY_INFO,
2888 Algorithm.pszObjId) },
2889 { ASN_BITSTRING, offsetof(CERT_PUBLIC_KEY_INFO, PublicKey),
2890 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), FALSE, TRUE,
2891 offsetof(CERT_PUBLIC_KEY_INFO, PublicKey.pbData) },
2892 };
2893 PCERT_PUBLIC_KEY_INFO info = pvStructInfo;
2894
2895 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2896 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2897 pcbDecoded, info ? info->Algorithm.Parameters.pbData : NULL);
2898 return ret;
2899 }
2900
2901 static BOOL WINAPI CRYPT_AsnDecodePubKeyInfo(DWORD dwCertEncodingType,
2902 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2903 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2904 {
2905 BOOL ret = TRUE;
2906
2907 __TRY
2908 {
2909 DWORD bytesNeeded = 0;
2910
2911 if ((ret = CRYPT_AsnDecodePubKeyInfoInternal(pbEncoded, cbEncoded,
2912 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
2913 {
2914 if (!pvStructInfo)
2915 *pcbStructInfo = bytesNeeded;
2916 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2917 pvStructInfo, pcbStructInfo, bytesNeeded)))
2918 {
2919 PCERT_PUBLIC_KEY_INFO info;
2920
2921 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2922 pvStructInfo = *(BYTE **)pvStructInfo;
2923 info = pvStructInfo;
2924 info->Algorithm.Parameters.pbData = (BYTE *)pvStructInfo +
2925 sizeof(CERT_PUBLIC_KEY_INFO);
2926 ret = CRYPT_AsnDecodePubKeyInfoInternal(pbEncoded, cbEncoded,
2927 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
2928 &bytesNeeded, NULL);
2929 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
2930 CRYPT_FreeSpace(pDecodePara, info);
2931 }
2932 }
2933 }
2934 __EXCEPT_PAGE_FAULT
2935 {
2936 SetLastError(STATUS_ACCESS_VIOLATION);
2937 ret = FALSE;
2938 }
2939 __ENDTRY
2940 return ret;
2941 }
2942
2943 static BOOL CRYPT_AsnDecodeBool(const BYTE *pbEncoded, DWORD cbEncoded,
2944 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2945 {
2946 BOOL ret;
2947
2948 if (cbEncoded < 3)
2949 {
2950 SetLastError(CRYPT_E_ASN1_CORRUPT);
2951 return FALSE;
2952 }
2953 if (GET_LEN_BYTES(pbEncoded[1]) > 1)
2954 {
2955 SetLastError(CRYPT_E_ASN1_CORRUPT);
2956 return FALSE;
2957 }
2958 if (pbEncoded[1] > 1)
2959 {
2960 SetLastError(CRYPT_E_ASN1_CORRUPT);
2961 return FALSE;
2962 }
2963 if (pcbDecoded)
2964 *pcbDecoded = 3;
2965 if (!pvStructInfo)
2966 {
2967 *pcbStructInfo = sizeof(BOOL);
2968 ret = TRUE;
2969 }
2970 else if (*pcbStructInfo < sizeof(BOOL))
2971 {
2972 *pcbStructInfo = sizeof(BOOL);
2973 SetLastError(ERROR_MORE_DATA);
2974 ret = FALSE;
2975 }
2976 else
2977 {
2978 *pcbStructInfo = sizeof(BOOL);
2979 *(BOOL *)pvStructInfo = pbEncoded[2] != 0;
2980 ret = TRUE;
2981 }
2982 TRACE("returning %d (%08x)\n", ret, GetLastError());
2983 return ret;
2984 }
2985
2986 static BOOL CRYPT_AsnDecodeAltNameEntry(const BYTE *pbEncoded, DWORD cbEncoded,
2987 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2988 {
2989 PCERT_ALT_NAME_ENTRY entry = pvStructInfo;
2990 DWORD dataLen, lenBytes, bytesNeeded = sizeof(CERT_ALT_NAME_ENTRY);
2991 BOOL ret;
2992
2993 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2994 pvStructInfo, *pcbStructInfo);
2995
2996 if (cbEncoded < 2)
2997 {
2998 SetLastError(CRYPT_E_ASN1_CORRUPT);
2999 return FALSE;
3000 }
3001 lenBytes = GET_LEN_BYTES(pbEncoded[1]);
3002 if (1 + lenBytes > cbEncoded)
3003 {
3004 SetLastError(CRYPT_E_ASN1_CORRUPT);
3005 return FALSE;
3006 }
3007 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
3008 {
3009 switch (pbEncoded[0] & ASN_TYPE_MASK)
3010 {
3011 case 1: /* rfc822Name */
3012 case 2: /* dNSName */
3013 case 6: /* uniformResourceIdentifier */
3014 if (memchr(pbEncoded + 1 + lenBytes, 0, dataLen))
3015 {
3016 SetLastError(CRYPT_E_ASN1_RULE);
3017 ret = FALSE;
3018 }
3019 else
3020 bytesNeeded += (dataLen + 1) * sizeof(WCHAR);
3021 break;
3022 case 4: /* directoryName */
3023 case 7: /* iPAddress */
3024 bytesNeeded += dataLen;
3025 break;
3026 case 8: /* registeredID */
3027 ret = CRYPT_AsnDecodeOidIgnoreTag(pbEncoded, cbEncoded, 0, NULL,
3028 &dataLen, NULL);
3029 if (ret)
3030 {
3031 /* FIXME: ugly, shouldn't need to know internals of OID decode
3032 * function to use it.
3033 */
3034 bytesNeeded += dataLen - sizeof(LPSTR);
3035 }
3036 break;
3037 case 0: /* otherName */
3038 FIXME("%d: stub\n", pbEncoded[0] & ASN_TYPE_MASK);
3039 SetLastError(CRYPT_E_ASN1_BADTAG);
3040 ret = FALSE;
3041 break;
3042 case 3: /* x400Address, unimplemented */
3043 case 5: /* ediPartyName, unimplemented */
3044 TRACE("type %d unimplemented\n", pbEncoded[0] & ASN_TYPE_MASK);
3045 SetLastError(CRYPT_E_ASN1_BADTAG);
3046 ret = FALSE;
3047 break;
3048 default:
3049 TRACE("type %d bad\n", pbEncoded[0] & ASN_TYPE_MASK);
3050 SetLastError(CRYPT_E_ASN1_CORRUPT);
3051 ret = FALSE;
3052 }
3053 if (ret)
3054 {
3055 if (pcbDecoded)
3056 *pcbDecoded = 1 + lenBytes + dataLen;
3057 if (!entry)
3058 *pcbStructInfo = bytesNeeded;
3059 else if (*pcbStructInfo < bytesNeeded)
3060 {
3061 *pcbStructInfo = bytesNeeded;
3062 SetLastError(ERROR_MORE_DATA);
3063 ret = FALSE;
3064 }
3065 else
3066 {
3067 *pcbStructInfo = bytesNeeded;
3068 /* MS used values one greater than the asn1 ones.. sigh */
3069 entry->dwAltNameChoice = (pbEncoded[0] & ASN_TYPE_MASK) + 1;
3070 switch (pbEncoded[0] & ASN_TYPE_MASK)
3071 {
3072 case 1: /* rfc822Name */
3073 case 2: /* dNSName */
3074 case 6: /* uniformResourceIdentifier */
3075 {
3076 DWORD i;
3077
3078 for (i = 0; i < dataLen; i++)
3079 entry->u.pwszURL[i] =
3080 (WCHAR)pbEncoded[1 + lenBytes + i];
3081 entry->u.pwszURL[i] = 0;
3082 TRACE("URL is %p (%s)\n", entry->u.pwszURL,
3083 debugstr_w(entry->u.pwszURL));
3084 break;
3085 }
3086 case 4: /* directoryName */
3087 /* The data are memory-equivalent with the IPAddress case,
3088 * fall-through
3089 */
3090 case 7: /* iPAddress */
3091 /* The next data pointer is in the pwszURL spot, that is,
3092 * the first 4 bytes. Need to move it to the next spot.
3093 */
3094 entry->u.IPAddress.pbData = (LPBYTE)entry->u.pwszURL;
3095 entry->u.IPAddress.cbData = dataLen;
3096 memcpy(entry->u.IPAddress.pbData, pbEncoded + 1 + lenBytes,
3097 dataLen);
3098 break;
3099 case 8: /* registeredID */
3100 ret = CRYPT_AsnDecodeOidIgnoreTag(pbEncoded, cbEncoded, 0,
3101 &entry->u.pszRegisteredID, &dataLen, NULL);
3102 break;
3103 }
3104 }
3105 }
3106 }
3107 return ret;
3108 }
3109
3110 static BOOL CRYPT_AsnDecodeAltNameInternal(const BYTE *pbEncoded,
3111 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3112 DWORD *pcbDecoded)
3113 {
3114 BOOL ret;
3115 struct AsnArrayDescriptor arrayDesc = { 0,
3116 offsetof(CERT_ALT_NAME_INFO, cAltEntry),
3117 offsetof(CERT_ALT_NAME_INFO, rgAltEntry),
3118 sizeof(CERT_ALT_NAME_INFO),
3119 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), TRUE,
3120 offsetof(CERT_ALT_NAME_ENTRY, u.pwszURL) };
3121
3122 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3123 pvStructInfo, *pcbStructInfo, pcbDecoded);
3124
3125 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
3126 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
3127 return ret;
3128 }
3129
3130 static BOOL WINAPI CRYPT_AsnDecodeAuthorityKeyId(DWORD dwCertEncodingType,
3131 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3132 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3133 {
3134 BOOL ret;
3135
3136 __TRY
3137 {
3138 struct AsnDecodeSequenceItem items[] = {
3139 { ASN_CONTEXT | 0, offsetof(CERT_AUTHORITY_KEY_ID_INFO, KeyId),
3140 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB),
3141 TRUE, TRUE, offsetof(CERT_AUTHORITY_KEY_ID_INFO, KeyId.pbData), 0 },
3142 { ASN_CONTEXT | ASN_CONSTRUCTOR| 1,
3143 offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertIssuer),
3144 CRYPT_AsnDecodeOctetsInternal, sizeof(CERT_NAME_BLOB), TRUE, TRUE,
3145 offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertIssuer.pbData), 0 },
3146 { ASN_CONTEXT | 2, offsetof(CERT_AUTHORITY_KEY_ID_INFO,
3147 CertSerialNumber), CRYPT_AsnDecodeIntegerInternal,
3148 sizeof(CRYPT_INTEGER_BLOB), TRUE, TRUE,
3149 offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertSerialNumber.pbData), 0 },
3150 };
3151
3152 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3153 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3154 pcbStructInfo, NULL, NULL);
3155 }
3156 __EXCEPT_PAGE_FAULT
3157 {
3158 SetLastError(STATUS_ACCESS_VIOLATION);
3159 ret = FALSE;
3160 }
3161 __ENDTRY
3162 return ret;
3163 }
3164
3165 static BOOL WINAPI CRYPT_AsnDecodeAuthorityKeyId2(DWORD dwCertEncodingType,
3166 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3167 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3168 {
3169 BOOL ret;
3170
3171 __TRY
3172 {
3173 struct AsnDecodeSequenceItem items[] = {
3174 { ASN_CONTEXT | 0, offsetof(CERT_AUTHORITY_KEY_ID2_INFO, KeyId),
3175 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB),
3176 TRUE, TRUE, offsetof(CERT_AUTHORITY_KEY_ID2_INFO, KeyId.pbData), 0 },
3177 { ASN_CONTEXT | ASN_CONSTRUCTOR| 1,
3178 offsetof(CERT_AUTHORITY_KEY_ID2_INFO, AuthorityCertIssuer),
3179 CRYPT_AsnDecodeAltNameInternal, sizeof(CERT_ALT_NAME_INFO), TRUE,
3180 TRUE, offsetof(CERT_AUTHORITY_KEY_ID2_INFO,
3181 AuthorityCertIssuer.rgAltEntry), 0 },
3182 { ASN_CONTEXT | 2, offsetof(CERT_AUTHORITY_KEY_ID2_INFO,
3183 AuthorityCertSerialNumber), CRYPT_AsnDecodeIntegerInternal,
3184 sizeof(CRYPT_INTEGER_BLOB), TRUE, TRUE,
3185 offsetof(CERT_AUTHORITY_KEY_ID2_INFO,
3186 AuthorityCertSerialNumber.pbData), 0 },
3187 };
3188
3189 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3190 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3191 pcbStructInfo, NULL, NULL);
3192 }
3193 __EXCEPT_PAGE_FAULT
3194 {
3195 SetLastError(STATUS_ACCESS_VIOLATION);
3196 ret = FALSE;
3197 }
3198 __ENDTRY
3199 return ret;
3200 }
3201
3202 static BOOL CRYPT_AsnDecodeAccessDescription(const BYTE *pbEncoded,
3203 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3204 DWORD *pcbDecoded)
3205 {
3206 struct AsnDecodeSequenceItem items[] = {
3207 { 0, offsetof(CERT_ACCESS_DESCRIPTION, pszAccessMethod),
3208 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), FALSE, TRUE,
3209 offsetof(CERT_ACCESS_DESCRIPTION, pszAccessMethod), 0 },
3210 { 0, offsetof(CERT_ACCESS_DESCRIPTION, AccessLocation),
3211 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), FALSE,
3212 TRUE, offsetof(CERT_ACCESS_DESCRIPTION, AccessLocation.u.pwszURL), 0 },
3213 };
3214 CERT_ACCESS_DESCRIPTION *descr = pvStructInfo;
3215
3216 return CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3217 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3218 pcbDecoded, descr ? descr->pszAccessMethod : NULL);
3219 }
3220
3221 static BOOL WINAPI CRYPT_AsnDecodeAuthorityInfoAccess(DWORD dwCertEncodingType,
3222 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3223 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3224 {
3225 BOOL ret;
3226
3227 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3228 pDecodePara, pvStructInfo, *pcbStructInfo);
3229
3230 __TRY
3231 {
3232 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3233 offsetof(CERT_AUTHORITY_INFO_ACCESS, cAccDescr),
3234 offsetof(CERT_AUTHORITY_INFO_ACCESS, rgAccDescr),
3235 sizeof(CERT_AUTHORITY_INFO_ACCESS),
3236 CRYPT_AsnDecodeAccessDescription, sizeof(CERT_ACCESS_DESCRIPTION),
3237 TRUE, offsetof(CERT_ACCESS_DESCRIPTION, pszAccessMethod) };
3238 CERT_AUTHORITY_INFO_ACCESS *info = pvStructInfo;
3239
3240 if (pvStructInfo && !(dwFlags & CRYPT_DECODE_ALLOC_FLAG))
3241 info->rgAccDescr = (CERT_ACCESS_DESCRIPTION *)(info + 1);
3242 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3243 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3244 }
3245 __EXCEPT_PAGE_FAULT
3246 {
3247 SetLastError(STATUS_ACCESS_VIOLATION);
3248 ret = FALSE;
3249 }
3250 __ENDTRY
3251 return ret;
3252 }
3253
3254 static BOOL CRYPT_AsnDecodePKCSContent(const BYTE *pbEncoded, DWORD cbEncoded,
3255 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
3256 {
3257 BOOL ret;
3258 DWORD dataLen;
3259
3260 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3261 pvStructInfo, *pcbStructInfo, pcbDecoded);
3262
3263 /* The caller has already checked the tag, no need to check it again.
3264 * Check the outer length is valid:
3265 */
3266 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, &dataLen)))
3267 {
3268 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
3269 DWORD innerLen;
3270
3271 pbEncoded += 1 + lenBytes;
3272 cbEncoded -= 1 + lenBytes;
3273 if (dataLen == CMSG_INDEFINITE_LENGTH)
3274 cbEncoded -= 2; /* space for 0 TLV */
3275 /* Check the inner length is valid: */
3276 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, &innerLen)))
3277 {
3278 DWORD decodedLen;
3279
3280 ret = CRYPT_AsnDecodeCopyBytes(pbEncoded, cbEncoded, dwFlags,
3281 pvStructInfo, pcbStructInfo, &decodedLen);
3282 if (dataLen == CMSG_INDEFINITE_LENGTH)
3283 {
3284 if (*(pbEncoded + decodedLen) != 0 ||
3285 *(pbEncoded + decodedLen + 1) != 0)
3286 {
3287 TRACE("expected 0 TLV, got {%02x,%02x}\n",
3288 *(pbEncoded + decodedLen),
3289 *(pbEncoded + decodedLen + 1));
3290 SetLastError(CRYPT_E_ASN1_CORRUPT);
3291 ret = FALSE;
3292 }
3293 else
3294 decodedLen += 2;
3295 }
3296 if (ret && pcbDecoded)
3297 {
3298 *pcbDecoded = 1 + lenBytes + decodedLen;
3299 TRACE("decoded %d bytes\n", *pcbDecoded);
3300 }
3301 }
3302 }
3303 return ret;
3304 }
3305
3306 static BOOL CRYPT_AsnDecodePKCSContentInfoInternal(const BYTE *pbEncoded,
3307 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3308 DWORD *pcbDecoded)
3309 {
3310 CRYPT_CONTENT_INFO *info = pvStructInfo;
3311 struct AsnDecodeSequenceItem items[] = {
3312 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_CONTENT_INFO, pszObjId),
3313 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
3314 offsetof(CRYPT_CONTENT_INFO, pszObjId), 0 },
3315 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0,
3316 offsetof(CRYPT_CONTENT_INFO, Content), CRYPT_AsnDecodePKCSContent,
3317 sizeof(CRYPT_DER_BLOB), TRUE, TRUE,
3318 offsetof(CRYPT_CONTENT_INFO, Content.pbData), 0 },
3319 };
3320 BOOL ret;
3321
3322 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3323 pvStructInfo, *pcbStructInfo, pcbDecoded);
3324
3325 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3326 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3327 pcbDecoded, info ? info->pszObjId : NULL);
3328 return ret;
3329 }
3330
3331 static BOOL WINAPI CRYPT_AsnDecodePKCSContentInfo(DWORD dwCertEncodingType,
3332 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3333 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3334 {
3335 BOOL ret = FALSE;
3336
3337 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3338 pDecodePara, pvStructInfo, *pcbStructInfo);
3339
3340 __TRY
3341 {
3342 ret = CRYPT_AsnDecodePKCSContentInfoInternal(pbEncoded, cbEncoded,
3343 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
3344 if (ret && pvStructInfo)
3345 {
3346 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
3347 pcbStructInfo, *pcbStructInfo);
3348 if (ret)
3349 {
3350 CRYPT_CONTENT_INFO *info;
3351
3352 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3353 pvStructInfo = *(BYTE **)pvStructInfo;
3354 info = pvStructInfo;
3355 info->pszObjId = (LPSTR)((BYTE *)info +
3356 sizeof(CRYPT_CONTENT_INFO));
3357 ret = CRYPT_AsnDecodePKCSContentInfoInternal(pbEncoded,
3358 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
3359 pcbStructInfo, NULL);
3360 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
3361 CRYPT_FreeSpace(pDecodePara, info);
3362 }
3363 }
3364 }
3365 __EXCEPT_PAGE_FAULT
3366 {
3367 SetLastError(STATUS_ACCESS_VIOLATION);
3368 }
3369 __ENDTRY
3370 return ret;
3371 }
3372
3373 BOOL CRYPT_AsnDecodePKCSDigestedData(const BYTE *pbEncoded, DWORD cbEncoded,
3374 DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
3375 CRYPT_DIGESTED_DATA *digestedData, DWORD *pcbDigestedData)
3376 {
3377 BOOL ret;
3378 struct AsnDecodeSequenceItem items[] = {
3379 { ASN_INTEGER, offsetof(CRYPT_DIGESTED_DATA, version),
3380 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
3381 { ASN_SEQUENCEOF, offsetof(CRYPT_DIGESTED_DATA, DigestAlgorithm),
3382 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
3383 FALSE, TRUE, offsetof(CRYPT_DIGESTED_DATA, DigestAlgorithm.pszObjId),
3384 0 },
3385 { ASN_SEQUENCEOF, offsetof(CRYPT_DIGESTED_DATA, ContentInfo),
3386 CRYPT_AsnDecodePKCSContentInfoInternal,
3387 sizeof(CRYPT_CONTENT_INFO), FALSE, TRUE, offsetof(CRYPT_DIGESTED_DATA,
3388 ContentInfo.pszObjId), 0 },
3389 { ASN_OCTETSTRING, offsetof(CRYPT_DIGESTED_DATA, hash),
3390 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_HASH_BLOB), FALSE, TRUE,
3391 offsetof(CRYPT_DIGESTED_DATA, hash.pbData), 0 },
3392 };
3393
3394 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3395 pbEncoded, cbEncoded, dwFlags, pDecodePara, digestedData, pcbDigestedData,
3396 NULL, NULL);
3397 return ret;
3398 }
3399
3400 static BOOL WINAPI CRYPT_AsnDecodeAltName(DWORD dwCertEncodingType,
3401 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3402 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3403 {
3404 BOOL ret = TRUE;
3405
3406 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3407 pDecodePara, pvStructInfo, *pcbStructInfo);
3408
3409 __TRY
3410 {
3411 DWORD bytesNeeded = 0;
3412
3413 if ((ret = CRYPT_AsnDecodeAltNameInternal(pbEncoded, cbEncoded,
3414 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
3415 {
3416 if (!pvStructInfo)
3417 *pcbStructInfo = bytesNeeded;
3418 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
3419 pvStructInfo, pcbStructInfo, bytesNeeded)))
3420 {
3421 CERT_ALT_NAME_INFO *name;
3422
3423 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3424 pvStructInfo = *(BYTE **)pvStructInfo;
3425 name = pvStructInfo;
3426 name->rgAltEntry = (PCERT_ALT_NAME_ENTRY)
3427 ((BYTE *)pvStructInfo + sizeof(CERT_ALT_NAME_INFO));
3428 ret = CRYPT_AsnDecodeAltNameInternal(pbEncoded, cbEncoded,
3429 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
3430 &bytesNeeded, NULL);
3431 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
3432 CRYPT_FreeSpace(pDecodePara, name);
3433 }
3434 }
3435 }
3436 __EXCEPT_PAGE_FAULT
3437 {
3438 SetLastError(STATUS_ACCESS_VIOLATION);
3439 ret = FALSE;
3440 }
3441 __ENDTRY
3442 return ret;
3443 }
3444
3445 struct PATH_LEN_CONSTRAINT
3446 {
3447 BOOL fPathLenConstraint;
3448 DWORD dwPathLenConstraint;
3449 };
3450
3451 static BOOL CRYPT_AsnDecodePathLenConstraint(const BYTE *pbEncoded,
3452 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3453 DWORD *pcbDecoded)
3454 {
3455 BOOL ret = TRUE;
3456 DWORD bytesNeeded = sizeof(struct PATH_LEN_CONSTRAINT), size;
3457
3458 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3459 pvStructInfo, *pcbStructInfo, pcbDecoded);
3460
3461 if (!pvStructInfo)
3462 {
3463 ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags, NULL,
3464 &size, pcbDecoded);
3465 *pcbStructInfo = bytesNeeded;
3466 }
3467 else if (*pcbStructInfo < bytesNeeded)
3468 {
3469 SetLastError(ERROR_MORE_DATA);
3470 *pcbStructInfo = bytesNeeded;
3471 ret = FALSE;
3472 }
3473 else
3474 {
3475 struct PATH_LEN_CONSTRAINT *constraint = pvStructInfo;
3476
3477 *pcbStructInfo = bytesNeeded;
3478 size = sizeof(constraint->dwPathLenConstraint);
3479 ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
3480 &constraint->dwPathLenConstraint, &size, pcbDecoded);
3481 if (ret)
3482 constraint->fPathLenConstraint = TRUE;
3483 TRACE("got an int, dwPathLenConstraint is %d\n",
3484 constraint->dwPathLenConstraint);
3485 }
3486 TRACE("returning %d (%08x)\n", ret, GetLastError());
3487 return ret;
3488 }
3489
3490 static BOOL CRYPT_AsnDecodeSubtreeConstraints(const BYTE *pbEncoded,
3491 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3492 DWORD *pcbDecoded)
3493 {
3494 BOOL ret;
3495 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3496 offsetof(CERT_BASIC_CONSTRAINTS_INFO, cSubtreesConstraint),
3497 offsetof(CERT_BASIC_CONSTRAINTS_INFO, rgSubtreesConstraint),
3498 FINALMEMBERSIZE(CERT_BASIC_CONSTRAINTS_INFO, cSubtreesConstraint),
3499 CRYPT_AsnDecodeCopyBytes, sizeof(CERT_NAME_BLOB), TRUE,
3500 offsetof(CERT_NAME_BLOB, pbData) };
3501
3502 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3503 pvStructInfo, *pcbStructInfo, pcbDecoded);
3504
3505 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3506 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
3507 TRACE("Returning %d (%08x)\n", ret, GetLastError());
3508 return ret;
3509 }
3510
3511 static BOOL WINAPI CRYPT_AsnDecodeBasicConstraints(DWORD dwCertEncodingType,
3512 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3513 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3514 {
3515 BOOL ret;
3516
3517 __TRY
3518 {
3519 struct AsnDecodeSequenceItem items[] = {
3520 { ASN_BITSTRING, offsetof(CERT_BASIC_CONSTRAINTS_INFO, SubjectType),
3521 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), FALSE, TRUE,
3522 offsetof(CERT_BASIC_CONSTRAINTS_INFO, SubjectType.pbData), 0 },
3523 { ASN_INTEGER, offsetof(CERT_BASIC_CONSTRAINTS_INFO,
3524 fPathLenConstraint), CRYPT_AsnDecodePathLenConstraint,
3525 sizeof(struct PATH_LEN_CONSTRAINT), TRUE, FALSE, 0, 0 },
3526 { ASN_SEQUENCEOF, offsetof(CERT_BASIC_CONSTRAINTS_INFO,
3527 cSubtreesConstraint), CRYPT_AsnDecodeSubtreeConstraints,
3528 FINALMEMBERSIZE(CERT_BASIC_CONSTRAINTS_INFO, cSubtreesConstraint),
3529 TRUE, TRUE,
3530 offsetof(CERT_BASIC_CONSTRAINTS_INFO, rgSubtreesConstraint), 0 },
3531 };
3532
3533 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3534 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3535 pcbStructInfo, NULL, NULL);
3536 }
3537 __EXCEPT_PAGE_FAULT
3538 {
3539 SetLastError(STATUS_ACCESS_VIOLATION);
3540 ret = FALSE;
3541 }
3542 __ENDTRY
3543 return ret;
3544 }
3545
3546 static BOOL WINAPI CRYPT_AsnDecodeBasicConstraints2(DWORD dwCertEncodingType,
3547 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3548 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3549 {
3550 BOOL ret;
3551
3552 __TRY
3553 {
3554 struct AsnDecodeSequenceItem items[] = {
3555 { ASN_BOOL, offsetof(CERT_BASIC_CONSTRAINTS2_INFO, fCA),
3556 CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE, FALSE, 0, 0 },
3557 { ASN_INTEGER, offsetof(CERT_BASIC_CONSTRAINTS2_INFO,
3558 fPathLenConstraint), CRYPT_AsnDecodePathLenConstraint,
3559 sizeof(struct PATH_LEN_CONSTRAINT), TRUE, FALSE, 0, 0 },
3560 };
3561
3562 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3563 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3564 pcbStructInfo, NULL, NULL);
3565 }
3566 __EXCEPT_PAGE_FAULT
3567 {
3568 SetLastError(STATUS_ACCESS_VIOLATION);
3569 ret = FALSE;
3570 }
3571 __ENDTRY
3572 return ret;
3573 }
3574
3575 static BOOL CRYPT_AsnDecodePolicyQualifier(const BYTE *pbEncoded,
3576 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3577 DWORD *pcbDecoded)
3578 {
3579 struct AsnDecodeSequenceItem items[] = {
3580 { ASN_OBJECTIDENTIFIER, offsetof(CERT_POLICY_QUALIFIER_INFO,
3581 pszPolicyQualifierId), CRYPT_AsnDecodeOidInternal, sizeof(LPSTR),
3582 FALSE, TRUE, offsetof(CERT_POLICY_QUALIFIER_INFO, pszPolicyQualifierId),
3583 0 },
3584 { 0, offsetof(CERT_POLICY_QUALIFIER_INFO, Qualifier),
3585 CRYPT_AsnDecodeDerBlob, sizeof(CRYPT_OBJID_BLOB), TRUE, TRUE,
3586 offsetof(CERT_POLICY_QUALIFIER_INFO, Qualifier.pbData), 0 },
3587 };
3588 BOOL ret;
3589 CERT_POLICY_QUALIFIER_INFO *qualifier = pvStructInfo;
3590
3591 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3592 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3593
3594 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3595 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3596 pcbDecoded, qualifier ? qualifier->pszPolicyQualifierId : NULL);
3597 return ret;
3598 }
3599
3600 static BOOL CRYPT_AsnDecodePolicyQualifiers(const BYTE *pbEncoded,
3601 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3602 DWORD *pcbDecoded)
3603 {
3604 BOOL ret;
3605 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3606 offsetof(CERT_POLICY_INFO, cPolicyQualifier),
3607 offsetof(CERT_POLICY_INFO, rgPolicyQualifier),
3608 FINALMEMBERSIZE(CERT_POLICY_INFO, cPolicyQualifier),
3609 CRYPT_AsnDecodePolicyQualifier, sizeof(CERT_POLICY_QUALIFIER_INFO), TRUE,
3610 offsetof(CERT_POLICY_QUALIFIER_INFO, pszPolicyQualifierId) };
3611
3612 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3613 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3614
3615 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3616 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
3617 TRACE("Returning %d (%08x)\n", ret, GetLastError());
3618 return ret;
3619 }
3620
3621 static BOOL CRYPT_AsnDecodeCertPolicy(const BYTE *pbEncoded, DWORD cbEncoded,
3622 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
3623 {
3624 struct AsnDecodeSequenceItem items[] = {
3625 { ASN_OBJECTIDENTIFIER, offsetof(CERT_POLICY_INFO, pszPolicyIdentifier),
3626 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), FALSE, TRUE,
3627 offsetof(CERT_POLICY_INFO, pszPolicyIdentifier), 0 },
3628 { ASN_SEQUENCEOF, offsetof(CERT_POLICY_INFO, cPolicyQualifier),
3629 CRYPT_AsnDecodePolicyQualifiers,
3630 FINALMEMBERSIZE(CERT_POLICY_INFO, cPolicyQualifier), TRUE,
3631 TRUE, offsetof(CERT_POLICY_INFO, rgPolicyQualifier), 0 },
3632 };
3633 CERT_POLICY_INFO *info = pvStructInfo;
3634 BOOL ret;
3635
3636 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3637 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3638
3639 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3640 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3641 pcbDecoded, info ? info->pszPolicyIdentifier : NULL);
3642 return ret;
3643 }
3644
3645 static BOOL WINAPI CRYPT_AsnDecodeCertPolicies(DWORD dwCertEncodingType,
3646 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3647 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3648 {
3649 BOOL ret = FALSE;
3650
3651 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3652 pDecodePara, pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3653
3654 __TRY
3655 {
3656 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3657 offsetof(CERT_POLICIES_INFO, cPolicyInfo),
3658 offsetof(CERT_POLICIES_INFO, rgPolicyInfo),
3659 sizeof(CERT_POLICIES_INFO),
3660 CRYPT_AsnDecodeCertPolicy, sizeof(CERT_POLICY_INFO), TRUE,
3661 offsetof(CERT_POLICY_INFO, pszPolicyIdentifier) };
3662 CERT_POLICIES_INFO *info = pvStructInfo;
3663
3664 if (pvStructInfo && !(dwFlags & CRYPT_DECODE_ALLOC_FLAG))
3665 info->rgPolicyInfo = (CERT_POLICY_INFO *)(info + 1);
3666
3667 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3668 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3669 }
3670 __EXCEPT_PAGE_FAULT
3671 {
3672 SetLastError(STATUS_ACCESS_VIOLATION);
3673 }
3674 __ENDTRY
3675 return ret;
3676 }
3677
3678 static BOOL CRYPT_AsnDecodeCertPolicyMapping(const BYTE *pbEncoded,
3679 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3680 DWORD *pcbDecoded)
3681 {
3682 struct AsnDecodeSequenceItem items[] = {
3683 { ASN_OBJECTIDENTIFIER, offsetof(CERT_POLICY_MAPPING,
3684 pszIssuerDomainPolicy), CRYPT_AsnDecodeOidInternal, sizeof(LPSTR),
3685 FALSE, TRUE, offsetof(CERT_POLICY_MAPPING, pszIssuerDomainPolicy), 0 },
3686 { ASN_OBJECTIDENTIFIER, offsetof(CERT_POLICY_MAPPING,
3687 pszSubjectDomainPolicy), CRYPT_AsnDecodeOidInternal, sizeof(LPSTR),
3688 FALSE, TRUE, offsetof(CERT_POLICY_MAPPING, pszSubjectDomainPolicy), 0 },
3689 };
3690 CERT_POLICY_MAPPING *mapping = pvStructInfo;
3691 BOOL ret;
3692
3693 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3694 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3695
3696 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3697 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3698 pcbDecoded, mapping ? mapping->pszIssuerDomainPolicy : NULL);
3699 return ret;
3700 }
3701
3702 static BOOL WINAPI CRYPT_AsnDecodeCertPolicyMappings(DWORD dwCertEncodingType,
3703 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3704 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3705 {
3706 BOOL ret = FALSE;
3707
3708 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3709 pDecodePara, pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3710
3711 __TRY
3712 {
3713 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3714 offsetof(CERT_POLICY_MAPPINGS_INFO, cPolicyMapping),
3715 offsetof(CERT_POLICY_MAPPINGS_INFO, rgPolicyMapping),
3716 sizeof(CERT_POLICY_MAPPING),
3717 CRYPT_AsnDecodeCertPolicyMapping, sizeof(CERT_POLICY_MAPPING), TRUE,
3718 offsetof(CERT_POLICY_MAPPING, pszIssuerDomainPolicy) };
3719 CERT_POLICY_MAPPINGS_INFO *info = pvStructInfo;
3720
3721 if (pvStructInfo && !(dwFlags & CRYPT_DECODE_ALLOC_FLAG))
3722 info->rgPolicyMapping = (CERT_POLICY_MAPPING *)(info + 1);
3723 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3724 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3725 }
3726 __EXCEPT_PAGE_FAULT
3727 {
3728 SetLastError(STATUS_ACCESS_VIOLATION);
3729 }
3730 __ENDTRY
3731 return ret;
3732 }
3733
3734 static BOOL CRYPT_AsnDecodeRequireExplicit(const BYTE *pbEncoded,
3735 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3736 DWORD *pcbDecoded)
3737 {
3738 BOOL ret;
3739 DWORD skip, size = sizeof(skip);
3740
3741 if (!cbEncoded)
3742 {
3743 SetLastError(CRYPT_E_ASN1_EOD);
3744 return FALSE;
3745 }
3746 if (pbEncoded[0] != (ASN_CONTEXT | 0))
3747 {
3748 SetLastError(CRYPT_E_ASN1_BADTAG);
3749 return FALSE;
3750 }
3751 if ((ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
3752 &skip, &size, pcbDecoded)))
3753 {
3754 DWORD bytesNeeded = MEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO,
3755 fRequireExplicitPolicy, fInhibitPolicyMapping);
3756
3757 if (!pvStructInfo)
3758 *pcbStructInfo = bytesNeeded;
3759 else if (*pcbStructInfo < bytesNeeded)
3760 {
3761 *pcbStructInfo = bytesNeeded;
3762 SetLastError(ERROR_MORE_DATA);
3763 ret = FALSE;
3764 }
3765 else
3766 {
3767 CERT_POLICY_CONSTRAINTS_INFO *info = CONTAINING_RECORD(pvStructInfo,
3768 CERT_POLICY_CONSTRAINTS_INFO, fRequireExplicitPolicy);
3769
3770 *pcbStructInfo = bytesNeeded;
3771 /* The BOOL is implicit: if the integer is present, then it's
3772 * TRUE.
3773 */
3774 info->fRequireExplicitPolicy = TRUE;
3775 info->dwRequireExplicitPolicySkipCerts = skip;
3776 }
3777 }
3778 return ret;
3779 }
3780
3781 static BOOL CRYPT_AsnDecodeInhibitMapping(const BYTE *pbEncoded,
3782 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3783 DWORD *pcbDecoded)
3784 {
3785 BOOL ret;
3786 DWORD skip, size = sizeof(skip);
3787
3788 if (!cbEncoded)
3789 {
3790 SetLastError(CRYPT_E_ASN1_EOD);
3791 return FALSE;
3792 }
3793 if (pbEncoded[0] != (ASN_CONTEXT | 1))
3794 {
3795 SetLastError(CRYPT_E_ASN1_BADTAG);
3796 return FALSE;
3797 }
3798 if ((ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
3799 &skip, &size, pcbDecoded)))
3800 {
3801 DWORD bytesNeeded = FINALMEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO,
3802 fInhibitPolicyMapping);
3803
3804 if (!pvStructInfo)
3805 *pcbStructInfo = bytesNeeded;
3806 else if (*pcbStructInfo < bytesNeeded)
3807 {
3808 *pcbStructInfo = bytesNeeded;
3809 SetLastError(ERROR_MORE_DATA);
3810 ret = FALSE;
3811 }
3812 else
3813 {
3814 CERT_POLICY_CONSTRAINTS_INFO *info = CONTAINING_RECORD(pvStructInfo,
3815 CERT_POLICY_CONSTRAINTS_INFO, fInhibitPolicyMapping);
3816
3817 *pcbStructInfo = bytesNeeded;
3818 /* The BOOL is implicit: if the integer is present, then it's
3819 * TRUE.
3820 */
3821 info->fInhibitPolicyMapping = TRUE;
3822 info->dwInhibitPolicyMappingSkipCerts = skip;
3823 }
3824 }
3825 return ret;
3826 }
3827
3828 static BOOL WINAPI CRYPT_AsnDecodeCertPolicyConstraints(
3829 DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded,
3830 DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
3831 void *pvStructInfo, DWORD *pcbStructInfo)
3832 {
3833 BOOL ret = FALSE;
3834
3835 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3836 pDecodePara, pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3837
3838 __TRY
3839 {
3840 struct AsnDecodeSequenceItem items[] = {
3841 { ASN_CONTEXT | 0,
3842 offsetof(CERT_POLICY_CONSTRAINTS_INFO, fRequireExplicitPolicy),
3843 CRYPT_AsnDecodeRequireExplicit,
3844 MEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO, fRequireExplicitPolicy,
3845 fInhibitPolicyMapping), TRUE, FALSE, 0, 0 },
3846 { ASN_CONTEXT | 1,
3847 offsetof(CERT_POLICY_CONSTRAINTS_INFO, fInhibitPolicyMapping),
3848 CRYPT_AsnDecodeInhibitMapping,
3849 FINALMEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO, fInhibitPolicyMapping),
3850 TRUE, FALSE, 0, 0 },
3851 };
3852
3853 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3854 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3855 pcbStructInfo, NULL, NULL);
3856 }
3857 __EXCEPT_PAGE_FAULT
3858 {
3859 SetLastError(STATUS_ACCESS_VIOLATION);
3860 }
3861 __ENDTRY
3862 return ret;
3863 }
3864
3865 #define RSA1_MAGIC 0x31415352
3866
3867 struct DECODED_RSA_PUB_KEY
3868 {
3869 DWORD pubexp;
3870 CRYPT_INTEGER_BLOB modulus;
3871 };
3872
3873 static BOOL WINAPI CRYPT_AsnDecodeRsaPubKey(DWORD dwCertEncodingType,
3874 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3875 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3876 {
3877 BOOL ret;
3878
3879 __TRY
3880 {
3881 struct AsnDecodeSequenceItem items[] = {
3882 { ASN_INTEGER, offsetof(struct DECODED_RSA_PUB_KEY, modulus),
3883 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
3884 FALSE, TRUE, offsetof(struct DECODED_RSA_PUB_KEY, modulus.pbData),
3885 0 },
3886 { ASN_INTEGER, offsetof(struct DECODED_RSA_PUB_KEY, pubexp),
3887 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
3888 };
3889 struct DECODED_RSA_PUB_KEY *decodedKey = NULL;
3890 DWORD size = 0;
3891
3892 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3893 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &decodedKey,
3894 &size, NULL, NULL);
3895 if (ret)
3896 {
3897 DWORD bytesNeeded = sizeof(BLOBHEADER) + sizeof(RSAPUBKEY) +
3898 decodedKey->modulus.cbData;
3899
3900 if (!pvStructInfo)
3901 {
3902 *pcbStructInfo = bytesNeeded;
3903 ret = TRUE;
3904 }
3905 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
3906 pvStructInfo, pcbStructInfo, bytesNeeded)))
3907 {
3908 BLOBHEADER *hdr;
3909 RSAPUBKEY *rsaPubKey;
3910
3911 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3912 pvStructInfo = *(BYTE **)pvStructInfo;
3913 hdr = pvStructInfo;
3914 hdr->bType = PUBLICKEYBLOB;
3915 hdr->bVersion = CUR_BLOB_VERSION;
3916 hdr->reserved = 0;
3917 hdr->aiKeyAlg = CALG_RSA_KEYX;
3918 rsaPubKey = (RSAPUBKEY *)((BYTE *)pvStructInfo +
3919 sizeof(BLOBHEADER));
3920 rsaPubKey->magic = RSA1_MAGIC;
3921 rsaPubKey->pubexp = decodedKey->pubexp;
3922 rsaPubKey->bitlen = decodedKey->modulus.cbData * 8;
3923 memcpy((BYTE *)pvStructInfo + sizeof(BLOBHEADER) +
3924 sizeof(RSAPUBKEY), decodedKey->modulus.pbData,
3925 decodedKey->modulus.cbData);
3926 }
3927 LocalFree(decodedKey);
3928 }
3929 }
3930 __EXCEPT_PAGE_FAULT
3931 {
3932 SetLastError(STATUS_ACCESS_VIOLATION);
3933 ret = FALSE;
3934 }
3935 __ENDTRY
3936 return ret;
3937 }
3938
3939 #define RSA2_MAGIC 0x32415352
3940
3941 struct DECODED_RSA_PRIV_KEY
3942 {
3943 DWORD version;
3944 DWORD pubexp;
3945 CRYPT_INTEGER_BLOB modulus;
3946 CRYPT_INTEGER_BLOB privexp;
3947 CRYPT_INTEGER_BLOB prime1;
3948 CRYPT_INTEGER_BLOB prime2;
3949 CRYPT_INTEGER_BLOB exponent1;
3950 CRYPT_INTEGER_BLOB exponent2;
3951 CRYPT_INTEGER_BLOB coefficient;
3952 };
3953
3954 static BOOL WINAPI CRYPT_AsnDecodeRsaPrivKey(DWORD dwCertEncodingType,
3955 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3956 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3957 {
3958 BOOL ret;
3959 DWORD halflen;
3960
3961 __TRY
3962 {
3963 struct AsnDecodeSequenceItem items[] = {
3964 { ASN_INTEGER, offsetof(struct DECODED_RSA_PRIV_KEY, version),
3965 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
3966 { ASN_INTEGER, offsetof(struct DECODED_RSA_PRIV_KEY, modulus),
3967 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
3968 FALSE, TRUE, offsetof(struct DECODED_RSA_PRIV_KEY, modulus.pbData),
3969 0 },
3970 { ASN_INTEGER, offsetof(struct DECODED_RSA_PRIV_KEY, pubexp),
3971 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
3972 { ASN_INTEGER, offsetof(struct DECODED_RSA_PRIV_KEY, privexp),
3973 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
3974 FALSE, TRUE, offsetof(struct DECODED_RSA_PRIV_KEY, privexp.pbData),
3975 0 },
3976 { ASN_INTEGER, offsetof(struct DECODED_RSA_PRIV_KEY, prime1),
3977 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
3978 FALSE, TRUE, offsetof(struct DECODED_RSA_PRIV_KEY, prime1.pbData),
3979 0 },
3980 { ASN_INTEGER, offsetof(struct DECODED_RSA_PRIV_KEY, prime2),
3981 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
3982 FALSE, TRUE, offsetof(struct DECODED_RSA_PRIV_KEY, prime2.pbData),
3983 0 },
3984 { ASN_INTEGER, offsetof(struct DECODED_RSA_PRIV_KEY, exponent1),
3985 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
3986 FALSE, TRUE, offsetof(struct DECODED_RSA_PRIV_KEY, exponent1.pbData),
3987 0 },
3988 { ASN_INTEGER, offsetof(struct DECODED_RSA_PRIV_KEY, exponent2),
3989 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
3990 FALSE, TRUE, offsetof(struct DECODED_RSA_PRIV_KEY, exponent2.pbData),
3991 0 },
3992 { ASN_INTEGER, offsetof(struct DECODED_RSA_PRIV_KEY, coefficient),
3993 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
3994 FALSE, TRUE, offsetof(struct DECODED_RSA_PRIV_KEY, coefficient.pbData),
3995 0 },
3996 };
3997 struct DECODED_RSA_PRIV_KEY *decodedKey = NULL;
3998 DWORD size = 0;
3999
4000 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
4001 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &decodedKey,
4002 &size, NULL, NULL);
4003 if (ret)
4004 {
4005 halflen = decodedKey->prime1.cbData;
4006 if (halflen < decodedKey->prime2.cbData)
4007 halflen = decodedKey->prime2.cbData;
4008 if (halflen < decodedKey->exponent1.cbData)
4009 halflen = decodedKey->exponent1.cbData;
4010 if (halflen < decodedKey->exponent2.cbData)
4011 halflen = decodedKey->exponent2.cbData;
4012 if (halflen < decodedKey->coefficient.cbData)
4013 halflen = decodedKey->coefficient.cbData;
4014 if (halflen * 2 < decodedKey->modulus.cbData)
4015 halflen = decodedKey->modulus.cbData / 2 + decodedKey->modulus.cbData % 2;
4016 if (halflen * 2 < decodedKey->privexp.cbData)
4017 halflen = decodedKey->privexp.cbData / 2 + decodedKey->privexp.cbData % 2;
4018
4019 if (ret)
4020 {
4021 DWORD bytesNeeded = sizeof(BLOBHEADER) + sizeof(RSAPUBKEY) +
4022 (halflen * 9);
4023
4024 if (!pvStructInfo)
4025 {
4026 *pcbStructInfo = bytesNeeded;
4027 ret = TRUE;
4028 }
4029 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4030 pvStructInfo, pcbStructInfo, bytesNeeded)))
4031 {
4032 BLOBHEADER *hdr;
4033 RSAPUBKEY *rsaPubKey;
4034 BYTE *vardata;
4035
4036 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4037 pvStructInfo = *(BYTE **)pvStructInfo;
4038
4039 hdr = pvStructInfo;
4040 hdr->bType = PRIVATEKEYBLOB;
4041 hdr->bVersion = CUR_BLOB_VERSION;
4042 hdr->reserved = 0;
4043 hdr->aiKeyAlg = CALG_RSA_KEYX;
4044
4045 rsaPubKey = (RSAPUBKEY *)((BYTE *)pvStructInfo +
4046 sizeof(BLOBHEADER));
4047 rsaPubKey->magic = RSA2_MAGIC;
4048 rsaPubKey->pubexp = decodedKey->pubexp;
4049 rsaPubKey->bitlen = halflen * 16;
4050
4051 vardata = (BYTE*)(rsaPubKey + 1);
4052 memset(vardata, 0, halflen * 9);
4053 memcpy(vardata,
4054 decodedKey->modulus.pbData, decodedKey->modulus.cbData);
4055 memcpy(vardata + halflen * 2,
4056 decodedKey->prime1.pbData, decodedKey->prime1.cbData);
4057 memcpy(vardata + halflen * 3,
4058 decodedKey->prime2.pbData, decodedKey->prime2.cbData);
4059 memcpy(vardata + halflen * 4,
4060 decodedKey->exponent1.pbData, decodedKey->exponent1.cbData);
4061 memcpy(vardata + halflen * 5,
4062 decodedKey->exponent2.pbData, decodedKey->exponent2.cbData);
4063 memcpy(vardata + halflen * 6,
4064 decodedKey->coefficient.pbData, decodedKey->coefficient.cbData);
4065 memcpy(vardata + halflen * 7,
4066 decodedKey->privexp.pbData, decodedKey->privexp.cbData);
4067 }
4068 }
4069
4070 LocalFree(decodedKey);
4071 }
4072 }
4073 __EXCEPT_PAGE_FAULT
4074 {
4075 SetLastError(STATUS_ACCESS_VIOLATION);
4076 ret = FALSE;
4077 }
4078 __ENDTRY
4079 return ret;
4080 }
4081
4082 static BOOL CRYPT_AsnDecodeOctetsInternal(const BYTE *pbEncoded,
4083 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4084 DWORD *pcbDecoded)
4085 {
4086 BOOL ret;
4087 DWORD bytesNeeded, dataLen;
4088
4089 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
4090 pvStructInfo, *pcbStructInfo, pcbDecoded);
4091
4092 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4093 {
4094 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4095
4096 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
4097 bytesNeeded = sizeof(CRYPT_DATA_BLOB);
4098 else
4099 bytesNeeded = dataLen + sizeof(CRYPT_DATA_BLOB);
4100 if (pcbDecoded)
4101 *pcbDecoded = 1 + lenBytes + dataLen;
4102 if (!pvStructInfo)
4103 *pcbStructInfo = bytesNeeded;
4104 else if (*pcbStructInfo < bytesNeeded)
4105 {
4106 SetLastError(ERROR_MORE_DATA);
4107 *pcbStructInfo = bytesNeeded;
4108 ret = FALSE;
4109 }
4110 else
4111 {
4112 CRYPT_DATA_BLOB *blob;
4113
4114 *pcbStructInfo = bytesNeeded;
4115 blob = pvStructInfo;
4116 blob->cbData = dataLen;
4117 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
4118 blob->pbData = (BYTE *)pbEncoded + 1 + lenBytes;
4119 else
4120 {
4121 assert(blob->pbData);
4122 if (blob->cbData)
4123 memcpy(blob->pbData, pbEncoded + 1 + lenBytes,
4124 blob->cbData);
4125 }
4126 }
4127 }
4128 return ret;
4129 }
4130
4131 static BOOL WINAPI CRYPT_AsnDecodeOctets(DWORD dwCertEncodingType,
4132 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4133 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4134 {
4135 BOOL ret;
4136
4137 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
4138 pDecodePara, pvStructInfo, *pcbStructInfo);
4139
4140 __TRY
4141 {
4142 DWORD bytesNeeded = 0;
4143
4144 if (!cbEncoded)
4145 {
4146 SetLastError(CRYPT_E_ASN1_CORRUPT);
4147 ret = FALSE;
4148 }
4149 else if (pbEncoded[0] != ASN_OCTETSTRING)
4150 {
4151 SetLastError(CRYPT_E_ASN1_BADTAG);
4152 ret = FALSE;
4153 }
4154 else if ((ret = CRYPT_AsnDecodeOctetsInternal(pbEncoded, cbEncoded,
4155 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
4156 {
4157 if (!pvStructInfo)
4158 *pcbStructInfo = bytesNeeded;
4159 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4160 pvStructInfo, pcbStructInfo, bytesNeeded)))
4161 {
4162 CRYPT_DATA_BLOB *blob;
4163
4164 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4165 pvStructInfo = *(BYTE **)pvStructInfo;
4166 blob = pvStructInfo;
4167 blob->pbData = (BYTE *)pvStructInfo + sizeof(CRYPT_DATA_BLOB);
4168 ret = CRYPT_AsnDecodeOctetsInternal(pbEncoded, cbEncoded,
4169 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
4170 &bytesNeeded, NULL);
4171 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
4172 CRYPT_FreeSpace(pDecodePara, blob);
4173 }
4174 }
4175 }
4176 __EXCEPT_PAGE_FAULT
4177 {
4178 SetLastError(STATUS_ACCESS_VIOLATION);
4179 ret = FALSE;
4180 }
4181 __ENDTRY
4182 return ret;
4183 }
4184
4185 static BOOL CRYPT_AsnDecodeBitsInternal(const BYTE *pbEncoded, DWORD cbEncoded,
4186 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
4187 {
4188 BOOL ret;
4189 DWORD bytesNeeded, dataLen;
4190 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4191
4192 TRACE("(%p, %d, 0x%08x, %p, %d, %p)\n", pbEncoded, cbEncoded, dwFlags,
4193 pvStructInfo, *pcbStructInfo, pcbDecoded);
4194
4195 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4196 {
4197 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
4198 bytesNeeded = sizeof(CRYPT_BIT_BLOB);
4199 else
4200 bytesNeeded = dataLen - 1 + sizeof(CRYPT_BIT_BLOB);
4201 if (pcbDecoded)
4202 *pcbDecoded = 1 + lenBytes + dataLen;
4203 if (!pvStructInfo)
4204 *pcbStructInfo = bytesNeeded;
4205 else if (*pcbStructInfo < bytesNeeded)
4206 {
4207 *pcbStructInfo = bytesNeeded;
4208 SetLastError(ERROR_MORE_DATA);
4209 ret = FALSE;
4210 }
4211 else
4212 {
4213 CRYPT_BIT_BLOB *blob;
4214
4215 *pcbStructInfo = bytesNeeded;
4216 blob = pvStructInfo;
4217 blob->cbData = dataLen - 1;
4218 blob->cUnusedBits = *(pbEncoded + 1 + lenBytes);
4219 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
4220 {
4221 blob->pbData = (BYTE *)pbEncoded + 2 + lenBytes;
4222 }
4223 else
4224 {
4225 assert(blob->pbData);
4226 if (blob->cbData)
4227 {
4228 BYTE mask = 0xff << blob->cUnusedBits;
4229
4230 memcpy(blob->pbData, pbEncoded + 2 + lenBytes,
4231 blob->cbData);
4232 blob->pbData[blob->cbData - 1] &= mask;
4233 }
4234 }
4235 }
4236 }
4237 return ret;
4238 }
4239
4240 static BOOL WINAPI CRYPT_AsnDecodeBits(DWORD dwCertEncodingType,
4241 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4242 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4243 {
4244 BOOL ret;
4245
4246 TRACE("(%p, %d, 0x%08x, %p, %p, %p)\n", pbEncoded, cbEncoded, dwFlags,
4247 pDecodePara, pvStructInfo, pcbStructInfo);
4248
4249 __TRY
4250 {
4251 DWORD bytesNeeded = 0;
4252
4253 if (!cbEncoded)
4254 {
4255 SetLastError(CRYPT_E_ASN1_CORRUPT);
4256 ret = FALSE;
4257 }
4258 else if (pbEncoded[0] != ASN_BITSTRING)
4259 {
4260 SetLastError(CRYPT_E_ASN1_BADTAG);
4261 ret = FALSE;
4262 }
4263 else if ((ret = CRYPT_AsnDecodeBitsInternal(pbEncoded, cbEncoded,
4264 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
4265 {
4266 if (!pvStructInfo)
4267 *pcbStructInfo = bytesNeeded;
4268 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4269 pvStructInfo, pcbStructInfo, bytesNeeded)))
4270 {
4271 CRYPT_BIT_BLOB *blob;
4272
4273 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4274 pvStructInfo = *(BYTE **)pvStructInfo;
4275 blob = pvStructInfo;
4276 blob->pbData = (BYTE *)pvStructInfo + sizeof(CRYPT_BIT_BLOB);
4277 ret = CRYPT_AsnDecodeBitsInternal(pbEncoded, cbEncoded,
4278 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
4279 &bytesNeeded, NULL);
4280 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
4281 CRYPT_FreeSpace(pDecodePara, blob);
4282 }
4283 }
4284 }
4285 __EXCEPT_PAGE_FAULT
4286 {
4287 SetLastError(STATUS_ACCESS_VIOLATION);
4288 ret = FALSE;
4289 }
4290 __ENDTRY
4291 TRACE("returning %d (%08x)\n", ret, GetLastError());
4292 return ret;
4293 }
4294
4295 /* Ignores tag. Only allows integers 4 bytes or smaller in size. */
4296 static BOOL CRYPT_AsnDecodeIntInternal(const BYTE *pbEncoded, DWORD cbEncoded,
4297 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
4298 {
4299 BOOL ret;
4300 DWORD dataLen;
4301
4302 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4303 {
4304 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4305
4306 if (pcbDecoded)
4307 *pcbDecoded = 1 + lenBytes + dataLen;
4308 if (dataLen > sizeof(int))
4309 {
4310 SetLastError(CRYPT_E_ASN1_LARGE);
4311 ret = FALSE;
4312 }
4313 else if (!pvStructInfo)
4314 *pcbStructInfo = sizeof(int);
4315 else if ((ret = CRYPT_DecodeCheckSpace(pcbStructInfo, sizeof(int))))
4316 {
4317 int val, i;
4318
4319 if (dataLen && pbEncoded[1 + lenBytes] & 0x80)
4320 {
4321 /* initialize to a negative value to sign-extend */
4322 val = -1;
4323 }
4324 else
4325 val = 0;
4326 for (i = 0; i < dataLen; i++)
4327 {
4328 val <<= 8;
4329 val |= pbEncoded[1 + lenBytes + i];
4330 }
4331 memcpy(pvStructInfo, &val, sizeof(int));
4332 }
4333 }
4334 return ret;
4335 }
4336
4337 static BOOL WINAPI CRYPT_AsnDecodeInt(DWORD dwCertEncodingType,
4338 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4339 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4340 {
4341 BOOL ret;
4342
4343 __TRY
4344 {
4345 DWORD bytesNeeded = 0;
4346
4347 if (!cbEncoded)
4348 {
4349 SetLastError(CRYPT_E_ASN1_EOD);
4350 ret = FALSE;
4351 }
4352 else if (pbEncoded[0] != ASN_INTEGER)
4353 {
4354 SetLastError(CRYPT_E_ASN1_BADTAG);
4355 ret = FALSE;
4356 }
4357 else
4358 ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded,
4359 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
4360 if (ret)
4361 {
4362 if (!pvStructInfo)
4363 *pcbStructInfo = bytesNeeded;
4364 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4365 pvStructInfo, pcbStructInfo, bytesNeeded)))
4366 {
4367 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4368 pvStructInfo = *(BYTE **)pvStructInfo;
4369 ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded,
4370 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
4371 &bytesNeeded, NULL);
4372 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
4373 CRYPT_FreeSpace(pDecodePara, pvStructInfo);
4374 }
4375 }
4376 }
4377 __EXCEPT_PAGE_FAULT
4378 {
4379 SetLastError(STATUS_ACCESS_VIOLATION);
4380 ret = FALSE;
4381 }
4382 __ENDTRY
4383 return ret;
4384 }
4385
4386 static BOOL CRYPT_AsnDecodeIntegerInternal(const BYTE *pbEncoded,
4387 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4388 DWORD *pcbDecoded)
4389 {
4390 BOOL ret;
4391 DWORD bytesNeeded, dataLen;
4392
4393 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4394 {
4395 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4396
4397 bytesNeeded = dataLen + sizeof(CRYPT_INTEGER_BLOB);
4398 if (pcbDecoded)
4399 *pcbDecoded = 1 + lenBytes + dataLen;
4400 if (!pvStructInfo)
4401 *pcbStructInfo = bytesNeeded;
4402 else if (*pcbStructInfo < bytesNeeded)
4403 {
4404 *pcbStructInfo = bytesNeeded;
4405 SetLastError(ERROR_MORE_DATA);
4406 ret = FALSE;
4407 }
4408 else
4409 {
4410 CRYPT_INTEGER_BLOB *blob = pvStructInfo;
4411
4412 *pcbStructInfo = bytesNeeded;
4413 blob->cbData = dataLen;
4414 assert(blob->pbData);
4415 if (blob->cbData)
4416 {
4417 DWORD i;
4418
4419 for (i = 0; i < blob->cbData; i++)
4420 {
4421 blob->pbData[i] = *(pbEncoded + 1 + lenBytes +
4422 dataLen - i - 1);
4423 }
4424 }
4425 }
4426 }
4427 return ret;
4428 }
4429
4430 static BOOL WINAPI CRYPT_AsnDecodeInteger(DWORD dwCertEncodingType,
4431 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4432 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4433 {
4434 BOOL ret;
4435
4436 __TRY
4437 {
4438 DWORD bytesNeeded = 0;
4439
4440 if (pbEncoded[0] != ASN_INTEGER)
4441 {
4442 SetLastError(CRYPT_E_ASN1_BADTAG);
4443 ret = FALSE;
4444 }
4445 else
4446 ret = CRYPT_AsnDecodeIntegerInternal(pbEncoded, cbEncoded,
4447 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
4448 if (ret)
4449 {
4450 if (!pvStructInfo)
4451 *pcbStructInfo = bytesNeeded;
4452 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4453 pvStructInfo, pcbStructInfo, bytesNeeded)))
4454 {
4455 CRYPT_INTEGER_BLOB *blob;
4456
4457 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4458 pvStructInfo = *(BYTE **)pvStructInfo;
4459 blob = pvStructInfo;
4460 blob->pbData = (BYTE *)pvStructInfo +
4461 sizeof(CRYPT_INTEGER_BLOB);
4462 ret = CRYPT_AsnDecodeIntegerInternal(pbEncoded, cbEncoded,
4463 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, pvStructInfo,
4464 &bytesNeeded, NULL);
4465 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
4466 CRYPT_FreeSpace(pDecodePara, blob);
4467 }
4468 }
4469 }
4470 __EXCEPT_PAGE_FAULT
4471 {
4472 SetLastError(STATUS_ACCESS_VIOLATION);
4473 ret = FALSE;
4474 }
4475 __ENDTRY
4476 return ret;
4477 }
4478
4479 static BOOL CRYPT_AsnDecodeUnsignedIntegerInternal(const BYTE *pbEncoded,
4480 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4481 DWORD *pcbDecoded)
4482 {
4483 BOOL ret;
4484
4485 if (pbEncoded[0] == ASN_INTEGER)
4486 {
4487 DWORD bytesNeeded, dataLen;
4488
4489 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4490 {
4491 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4492
4493 if (pcbDecoded)
4494 *pcbDecoded = 1 + lenBytes + dataLen;
4495 bytesNeeded = dataLen + sizeof(CRYPT_INTEGER_BLOB);
4496 if (!pvStructInfo)
4497 *pcbStructInfo = bytesNeeded;
4498 else if (*pcbStructInfo < bytesNeeded)
4499 {
4500 *pcbStructInfo = bytesNeeded;
4501 SetLastError(ERROR_MORE_DATA);
4502 ret = FALSE;
4503 }
4504 else
4505 {
4506 CRYPT_INTEGER_BLOB *blob = pvStructInfo;
4507
4508 *pcbStructInfo = bytesNeeded;
4509 blob->cbData = dataLen;
4510 assert(blob->pbData);
4511 /* remove leading zero byte if it exists */
4512 if (blob->cbData && *(pbEncoded + 1 + lenBytes) == 0)
4513 {
4514 blob->cbData--;
4515 blob->pbData++;
4516 }
4517 if (blob->cbData)
4518 {
4519 DWORD i;
4520
4521 for (i = 0; i < blob->cbData; i++)
4522 {
4523 blob->pbData[i] = *(pbEncoded + 1 + lenBytes +
4524 dataLen - i - 1);
4525 }
4526 }
4527 }
4528 }
4529 }
4530 else
4531 {
4532 SetLastError(CRYPT_E_ASN1_BADTAG);
4533 ret = FALSE;
4534 }
4535 return ret;
4536 }
4537
4538 static BOOL WINAPI CRYPT_AsnDecodeUnsignedInteger(DWORD dwCertEncodingType,
4539 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4540 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4541 {
4542 BOOL ret;
4543
4544 __TRY
4545 {
4546 DWORD bytesNeeded = 0;
4547
4548 if ((ret = CRYPT_AsnDecodeUnsignedIntegerInternal(pbEncoded, cbEncoded,
4549 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
4550 {
4551 if (!pvStructInfo)
4552 *pcbStructInfo = bytesNeeded;
4553 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4554 pvStructInfo, pcbStructInfo, bytesNeeded)))
4555 {
4556 CRYPT_INTEGER_BLOB *blob;
4557
4558 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4559 pvStructInfo = *(BYTE **)pvStructInfo;
4560 blob = pvStructInfo;
4561 blob->pbData = (BYTE *)pvStructInfo +
4562 sizeof(CRYPT_INTEGER_BLOB);
4563 ret = CRYPT_AsnDecodeUnsignedIntegerInternal(pbEncoded,
4564 cbEncoded, dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, pvStructInfo,
4565 &bytesNeeded, NULL);
4566 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
4567 CRYPT_FreeSpace(pDecodePara, blob);
4568 }
4569 }
4570 }
4571 __EXCEPT_PAGE_FAULT
4572 {
4573 SetLastError(STATUS_ACCESS_VIOLATION);
4574 ret = FALSE;
4575 }
4576 __ENDTRY
4577 return ret;
4578 }
4579
4580 static BOOL WINAPI CRYPT_AsnDecodeEnumerated(DWORD dwCertEncodingType,
4581 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4582 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4583 {
4584 BOOL ret;
4585
4586 if (!pvStructInfo)
4587 {
4588 *pcbStructInfo = sizeof(int);
4589 return TRUE;
4590 }
4591 __TRY
4592 {
4593 if (pbEncoded[0] == ASN_ENUMERATED)
4594 {
4595 unsigned int val = 0, i;
4596
4597 if (cbEncoded <= 1)
4598 {
4599 SetLastError(CRYPT_E_ASN1_EOD);
4600 ret = FALSE;
4601 }
4602 else if (pbEncoded[1] == 0)
4603 {
4604 SetLastError(CRYPT_E_ASN1_CORRUPT);
4605 ret = FALSE;
4606 }
4607 else
4608 {
4609 /* A little strange looking, but we have to accept a sign byte:
4610 * 0xffffffff gets encoded as 0a 05 00 ff ff ff ff. Also,
4611 * assuming a small length is okay here, it has to be in short
4612 * form.
4613 */
4614 if (pbEncoded[1] > sizeof(unsigned int) + 1)
4615 {
4616 SetLastError(CRYPT_E_ASN1_LARGE);
4617 return FALSE;
4618 }
4619 for (i = 0; i < pbEncoded[1]; i++)
4620 {
4621 val <<= 8;
4622 val |= pbEncoded[2 + i];
4623 }
4624 if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4625 pvStructInfo, pcbStructInfo, sizeof(unsigned int))))
4626 {
4627 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4628 pvStructInfo = *(BYTE **)pvStructInfo;
4629 memcpy(pvStructInfo, &val, sizeof(unsigned int));
4630 }
4631 }
4632 }
4633 else
4634 {
4635 SetLastError(CRYPT_E_ASN1_BADTAG);
4636 ret = FALSE;
4637 }
4638 }
4639 __EXCEPT_PAGE_FAULT
4640 {
4641 SetLastError(STATUS_ACCESS_VIOLATION);
4642 ret = FALSE;
4643 }
4644 __ENDTRY
4645 return ret;
4646 }
4647
4648 /* Modifies word, pbEncoded, and len, and magically sets a value ret to FALSE
4649 * if it fails.
4650 */
4651 #define CRYPT_TIME_GET_DIGITS(pbEncoded, len, numDigits, word) \
4652 do { \
4653 BYTE i; \
4654 \
4655 (word) = 0; \
4656 for (i = 0; (len) > 0 && i < (numDigits); i++, (len)--) \
4657 { \
4658 if (!isdigit(*(pbEncoded))) \
4659 { \
4660 SetLastError(CRYPT_E_ASN1_CORRUPT); \
4661 ret = FALSE; \
4662 } \
4663 else \
4664 { \
4665 (word) *= 10; \
4666 (word) += *(pbEncoded)++ - '0'; \
4667 } \
4668 } \
4669 } while (0)
4670
4671 static BOOL CRYPT_AsnDecodeTimeZone(const BYTE *pbEncoded, DWORD len,
4672 SYSTEMTIME *sysTime)
4673 {
4674 BOOL ret = TRUE;
4675
4676 if (len >= 3 && (*pbEncoded == '+' || *pbEncoded == '-'))
4677 {
4678 WORD hours, minutes = 0;
4679 BYTE sign = *pbEncoded++;
4680
4681 len--;
4682 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, hours);
4683 if (ret && hours >= 24)
4684 {
4685 SetLastError(CRYPT_E_ASN1_CORRUPT);
4686 ret = FALSE;
4687 }
4688 else if (len >= 2)
4689 {
4690 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, minutes);
4691 if (ret && minutes >= 60)
4692 {
4693 SetLastError(CRYPT_E_ASN1_CORRUPT);
4694 ret = FALSE;
4695 }
4696 }
4697 if (ret)
4698 {
4699 if (sign == '+')
4700 {
4701 sysTime->wHour += hours;
4702 sysTime->wMinute += minutes;
4703 }
4704 else
4705 {
4706 if (hours > sysTime->wHour)
4707 {
4708 sysTime->wDay--;
4709 sysTime->wHour = 24 - (hours - sysTime->wHour);
4710 }
4711 else
4712 sysTime->wHour -= hours;
4713 if (minutes > sysTime->wMinute)
4714 {
4715 sysTime->wHour--;
4716 sysTime->wMinute = 60 - (minutes - sysTime->wMinute);
4717 }
4718 else
4719 sysTime->wMinute -= minutes;
4720 }
4721 }
4722 }
4723 return ret;
4724 }
4725
4726 #define MIN_ENCODED_TIME_LENGTH 10
4727
4728 static BOOL CRYPT_AsnDecodeUtcTimeInternal(const BYTE *pbEncoded,
4729 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4730 DWORD *pcbDecoded)
4731 {
4732 BOOL ret = FALSE;
4733
4734 if (pbEncoded[0] == ASN_UTCTIME)
4735 {
4736 if (cbEncoded <= 1)
4737 SetLastError(CRYPT_E_ASN1_EOD);
4738 else if (pbEncoded[1] > 0x7f)
4739 {
4740 /* long-form date strings really can't be valid */
4741 SetLastError(CRYPT_E_ASN1_CORRUPT);
4742 }
4743 else
4744 {
4745 SYSTEMTIME sysTime = { 0 };
4746 BYTE len = pbEncoded[1];
4747
4748 if (len < MIN_ENCODED_TIME_LENGTH)
4749 SetLastError(CRYPT_E_ASN1_CORRUPT);
4750 else
4751 {
4752 ret = TRUE;
4753 if (pcbDecoded)
4754 *pcbDecoded = 2 + len;
4755 pbEncoded += 2;
4756 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wYear);
4757 if (sysTime.wYear >= 50)
4758 sysTime.wYear += 1900;
4759 else
4760 sysTime.wYear += 2000;
4761 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMonth);
4762 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wDay);
4763 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wHour);
4764 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMinute);
4765 if (ret && len > 0)
4766 {
4767 if (len >= 2 && isdigit(*pbEncoded) &&
4768 isdigit(*(pbEncoded + 1)))
4769 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
4770 sysTime.wSecond);
4771 else if (isdigit(*pbEncoded))
4772 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 1,
4773 sysTime.wSecond);
4774 if (ret)
4775 ret = CRYPT_AsnDecodeTimeZone(pbEncoded, len,
4776 &sysTime);
4777 }
4778 if (ret)
4779 {
4780 if (!pvStructInfo)
4781 *pcbStructInfo = sizeof(FILETIME);
4782 else if ((ret = CRYPT_DecodeCheckSpace(pcbStructInfo,
4783 sizeof(FILETIME))))
4784 ret = SystemTimeToFileTime(&sysTime, pvStructInfo);
4785 }
4786 }
4787 }
4788 }
4789 else
4790 SetLastError(CRYPT_E_ASN1_BADTAG);
4791 return ret;
4792 }
4793
4794 static BOOL WINAPI CRYPT_AsnDecodeUtcTime(DWORD dwCertEncodingType,
4795 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4796 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4797 {
4798 BOOL ret = FALSE;
4799
4800 __TRY
4801 {
4802 DWORD bytesNeeded = 0;
4803
4804 ret = CRYPT_AsnDecodeUtcTimeInternal(pbEncoded, cbEncoded,
4805 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
4806 if (ret)
4807 {
4808 if (!pvStructInfo)
4809 *pcbStructInfo = bytesNeeded;
4810 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags,
4811 pDecodePara, pvStructInfo, pcbStructInfo, bytesNeeded)))
4812 {
4813 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4814 pvStructInfo = *(BYTE **)pvStructInfo;
4815 ret = CRYPT_AsnDecodeUtcTimeInternal(pbEncoded, cbEncoded,
4816 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
4817 &bytesNeeded, NULL);
4818 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
4819 CRYPT_FreeSpace(pDecodePara, pvStructInfo);
4820 }
4821 }
4822 }
4823 __EXCEPT_PAGE_FAULT
4824 {
4825 SetLastError(STATUS_ACCESS_VIOLATION);
4826 }
4827 __ENDTRY
4828 return ret;
4829 }
4830
4831 static BOOL CRYPT_AsnDecodeGeneralizedTime(const BYTE *pbEncoded,
4832 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4833 DWORD *pcbDecoded)
4834 {
4835 BOOL ret = FALSE;
4836
4837 if (pbEncoded[0] == ASN_GENERALTIME)
4838 {
4839 if (cbEncoded <= 1)
4840 SetLastError(CRYPT_E_ASN1_EOD);
4841 else if (pbEncoded[1] > 0x7f)
4842 {
4843 /* long-form date strings really can't be valid */
4844 SetLastError(CRYPT_E_ASN1_CORRUPT);
4845 }
4846 else
4847 {
4848 BYTE len = pbEncoded[1];
4849
4850 if (len < MIN_ENCODED_TIME_LENGTH)
4851 SetLastError(CRYPT_E_ASN1_CORRUPT);
4852 else
4853 {
4854 SYSTEMTIME sysTime = { 0 };
4855
4856 ret = TRUE;
4857 if (pcbDecoded)
4858 *pcbDecoded = 2 + len;
4859 pbEncoded += 2;
4860 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 4, sysTime.wYear);
4861 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMonth);
4862 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wDay);
4863 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wHour);
4864 if (ret && len > 0)
4865 {
4866 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
4867 sysTime.wMinute);
4868 if (ret && len > 0)
4869 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
4870 sysTime.wSecond);
4871 if (ret && len > 0 && (*pbEncoded == '.' ||
4872 *pbEncoded == ','))
4873 {
4874 BYTE digits;
4875
4876 pbEncoded++;
4877 len--;
4878 /* workaround macro weirdness */
4879 digits = min(len, 3);
4880 CRYPT_TIME_GET_DIGITS(pbEncoded, len, digits,
4881 sysTime.wMilliseconds);
4882 }
4883 if (ret)
4884 ret = CRYPT_AsnDecodeTimeZone(pbEncoded, len,
4885 &sysTime);
4886 }
4887 if (ret)
4888 {
4889 if (!pvStructInfo)
4890 *pcbStructInfo = sizeof(FILETIME);
4891 else if ((ret = CRYPT_DecodeCheckSpace(pcbStructInfo,
4892 sizeof(FILETIME))))
4893 ret = SystemTimeToFileTime(&sysTime, pvStructInfo);
4894 }
4895 }
4896 }
4897 }
4898 else
4899 SetLastError(CRYPT_E_ASN1_BADTAG);
4900 return ret;
4901 }
4902
4903 static BOOL CRYPT_AsnDecodeChoiceOfTimeInternal(const BYTE *pbEncoded,
4904 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4905 DWORD *pcbDecoded)
4906 {
4907 BOOL ret;
4908 InternalDecodeFunc decode = NULL;
4909
4910 if (pbEncoded[0] == ASN_UTCTIME)
4911 decode = CRYPT_AsnDecodeUtcTimeInternal;
4912 else if (pbEncoded[0] == ASN_GENERALTIME)
4913 decode = CRYPT_AsnDecodeGeneralizedTime;
4914 if (decode)
4915 ret = decode(pbEncoded, cbEncoded, dwFlags, pvStructInfo,
4916 pcbStructInfo, pcbDecoded);
4917 else
4918 {
4919 SetLastError(CRYPT_E_ASN1_BADTAG);
4920 ret = FALSE;
4921 }
4922 return ret;
4923 }
4924
4925 static BOOL WINAPI CRYPT_AsnDecodeChoiceOfTime(DWORD dwCertEncodingType,
4926 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4927 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4928 {
4929 BOOL ret;
4930
4931 __TRY
4932 {
4933 DWORD bytesNeeded = 0;
4934
4935 ret = CRYPT_AsnDecodeChoiceOfTimeInternal(pbEncoded, cbEncoded,
4936 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
4937 if (ret)
4938 {
4939 if (!pvStructInfo)
4940 *pcbStructInfo = bytesNeeded;
4941 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4942 pvStructInfo, pcbStructInfo, bytesNeeded)))
4943 {
4944 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4945 pvStructInfo = *(BYTE **)pvStructInfo;
4946 ret = CRYPT_AsnDecodeChoiceOfTimeInternal(pbEncoded, cbEncoded,
4947 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
4948 &bytesNeeded, NULL);
4949 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
4950 CRYPT_FreeSpace(pDecodePara, pvStructInfo);
4951 }
4952 }
4953 }
4954 __EXCEPT_PAGE_FAULT
4955 {
4956 SetLastError(STATUS_ACCESS_VIOLATION);
4957 ret = FALSE;
4958 }
4959 __ENDTRY
4960 return ret;
4961 }
4962
4963 static BOOL WINAPI CRYPT_AsnDecodeSequenceOfAny(DWORD dwCertEncodingType,
4964 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4965 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4966 {
4967 BOOL ret = TRUE;
4968
4969 __TRY
4970 {
4971 if (pbEncoded[0] == ASN_SEQUENCEOF)
4972 {
4973 DWORD bytesNeeded, dataLen, remainingLen, cValue;
4974
4975 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4976 {
4977 BYTE lenBytes;
4978 const BYTE *ptr;
4979
4980 lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4981 bytesNeeded = sizeof(CRYPT_SEQUENCE_OF_ANY);
4982 cValue = 0;
4983 ptr = pbEncoded + 1 + lenBytes;
4984 remainingLen = dataLen;
4985 while (ret && remainingLen)
4986 {
4987 DWORD nextLen;
4988
4989 ret = CRYPT_GetLen(ptr, remainingLen, &nextLen);
4990 if (ret)
4991 {
4992 DWORD nextLenBytes = GET_LEN_BYTES(ptr[1]);
4993
4994 remainingLen -= 1 + nextLenBytes + nextLen;
4995 ptr += 1 + nextLenBytes + nextLen;
4996 bytesNeeded += sizeof(CRYPT_DER_BLOB);
4997 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
4998 bytesNeeded += 1 + nextLenBytes + nextLen;
4999 cValue++;
5000 }
5001 }
5002 if (ret)
5003 {
5004 CRYPT_SEQUENCE_OF_ANY *seq;
5005 BYTE *nextPtr;
5006 DWORD i;
5007
5008 if (!pvStructInfo)
5009 *pcbStructInfo = bytesNeeded;
5010 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
5011 pvStructInfo, pcbStructInfo, bytesNeeded)))
5012 {
5013 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
5014 pvStructInfo = *(BYTE **)pvStructInfo;
5015 seq = pvStructInfo;
5016 seq->cValue = cValue;
5017 seq->rgValue = (CRYPT_DER_BLOB *)((BYTE *)seq +
5018 sizeof(*seq));
5019 nextPtr = (BYTE *)seq->rgValue +
5020 cValue * sizeof(CRYPT_DER_BLOB);
5021 ptr = pbEncoded + 1 + lenBytes;
5022 remainingLen = dataLen;
5023 i = 0;
5024 while (ret && remainingLen)
5025 {
5026 DWORD nextLen;
5027
5028 ret = CRYPT_GetLen(ptr, remainingLen, &nextLen);
5029 if (ret)
5030 {
5031 DWORD nextLenBytes = GET_LEN_BYTES(ptr[1]);
5032
5033 seq->rgValue[i].cbData = 1 + nextLenBytes +
5034 nextLen;
5035 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
5036 seq->rgValue[i].pbData = (BYTE *)ptr;
5037 else
5038 {
5039 seq->rgValue[i].pbData = nextPtr;
5040 memcpy(nextPtr, ptr, 1 + nextLenBytes +
5041 nextLen);
5042 nextPtr += 1 + nextLenBytes + nextLen;
5043 }
5044 remainingLen -= 1 + nextLenBytes + nextLen;
5045 ptr += 1 + nextLenBytes + nextLen;
5046 i++;
5047 }
5048 }
5049 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
5050 CRYPT_FreeSpace(pDecodePara, seq);
5051 }
5052 }
5053 }
5054 }
5055 else
5056 {
5057 SetLastError(CRYPT_E_ASN1_BADTAG);
5058 ret = FALSE;
5059 }
5060 }
5061 __EXCEPT_PAGE_FAULT
5062 {
5063 SetLastError(STATUS_ACCESS_VIOLATION);
5064 ret = FALSE;
5065 }
5066 __ENDTRY
5067 return ret;
5068 }
5069
5070 static BOOL CRYPT_AsnDecodeDistPointName(const BYTE *pbEncoded,
5071 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5072 DWORD *pcbDecoded)
5073 {
5074 BOOL ret;
5075
5076 if (pbEncoded[0] == (ASN_CONTEXT | ASN_CONSTRUCTOR | 0))
5077 {
5078 DWORD bytesNeeded = 0, dataLen;
5079
5080 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
5081 {
5082 struct AsnArrayDescriptor arrayDesc = {
5083 ASN_CONTEXT | ASN_CONSTRUCTOR | 0,
5084 offsetof(CRL_DIST_POINT_NAME, u.FullName.cAltEntry),
5085 offsetof(CRL_DIST_POINT_NAME, u.FullName.rgAltEntry),
5086 FINALMEMBERSIZE(CRL_DIST_POINT_NAME, u),
5087 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), TRUE,
5088 offsetof(CERT_ALT_NAME_ENTRY, u.pwszURL) };
5089 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
5090 DWORD nameLen;
5091
5092 if (dataLen)
5093 {
5094 ret = CRYPT_AsnDecodeArray(&arrayDesc,
5095 pbEncoded + 1 + lenBytes, cbEncoded - 1 - lenBytes,
5096 dwFlags, NULL, NULL, &nameLen, NULL);
5097 bytesNeeded = sizeof(CRL_DIST_POINT_NAME) + nameLen -
5098 FINALMEMBERSIZE(CRL_DIST_POINT_NAME, u);
5099 }
5100 else
5101 bytesNeeded = sizeof(CRL_DIST_POINT_NAME);
5102 if (pcbDecoded)
5103 *pcbDecoded = 1 + lenBytes + dataLen;
5104 if (!pvStructInfo)
5105 *pcbStructInfo = bytesNeeded;
5106 else if (*pcbStructInfo < bytesNeeded)
5107 {
5108 *pcbStructInfo = bytesNeeded;
5109 SetLastError(ERROR_MORE_DATA);
5110 ret = FALSE;
5111 }
5112 else
5113 {
5114 CRL_DIST_POINT_NAME *name = pvStructInfo;
5115
5116 *pcbStructInfo = bytesNeeded;
5117 if (dataLen)
5118 {
5119 name->dwDistPointNameChoice = CRL_DIST_POINT_FULL_NAME;
5120 ret = CRYPT_AsnDecodeArray(&arrayDesc,
5121 pbEncoded + 1 + lenBytes, cbEncoded - 1 - lenBytes,
5122 dwFlags, NULL, &name->u.FullName.cAltEntry, &nameLen,
5123 NULL);
5124 }
5125 else
5126 name->dwDistPointNameChoice = CRL_DIST_POINT_NO_NAME;
5127 }
5128 }
5129 }
5130 else
5131 {
5132 SetLastError(CRYPT_E_ASN1_BADTAG);
5133 ret = FALSE;
5134 }
5135 return ret;
5136 }
5137
5138 static BOOL CRYPT_AsnDecodeDistPoint(const BYTE *pbEncoded, DWORD cbEncoded,
5139 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
5140 {
5141 struct AsnDecodeSequenceItem items[] = {
5142 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CRL_DIST_POINT,
5143 DistPointName), CRYPT_AsnDecodeDistPointName,
5144 sizeof(CRL_DIST_POINT_NAME), TRUE, TRUE, offsetof(CRL_DIST_POINT,
5145 DistPointName.u.FullName.rgAltEntry), 0 },
5146 { ASN_CONTEXT | 1, offsetof(CRL_DIST_POINT, ReasonFlags),
5147 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), TRUE, TRUE,
5148 offsetof(CRL_DIST_POINT, ReasonFlags.pbData), 0 },
5149 { ASN_CONTEXT | ASN_CONSTRUCTOR | 2, offsetof(CRL_DIST_POINT, CRLIssuer),
5150 CRYPT_AsnDecodeAltNameInternal, sizeof(CERT_ALT_NAME_INFO), TRUE, TRUE,
5151 offsetof(CRL_DIST_POINT, CRLIssuer.rgAltEntry), 0 },
5152 };
5153 CRL_DIST_POINT *point = pvStructInfo;
5154 BOOL ret;
5155
5156 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5157 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5158 pcbDecoded, point ? point->DistPointName.u.FullName.rgAltEntry : NULL);
5159 return ret;
5160 }
5161
5162 static BOOL WINAPI CRYPT_AsnDecodeCRLDistPoints(DWORD dwCertEncodingType,
5163 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5164 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5165 {
5166 BOOL ret;
5167
5168 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5169 pDecodePara, pvStructInfo, *pcbStructInfo);
5170
5171 __TRY
5172 {
5173 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
5174 offsetof(CRL_DIST_POINTS_INFO, cDistPoint),
5175 offsetof(CRL_DIST_POINTS_INFO, rgDistPoint),
5176 sizeof(CRL_DIST_POINTS_INFO),
5177 CRYPT_AsnDecodeDistPoint, sizeof(CRL_DIST_POINT), TRUE,
5178 offsetof(CRL_DIST_POINT, DistPointName.u.FullName.rgAltEntry) };
5179 CRL_DIST_POINTS_INFO *info = pvStructInfo;
5180
5181 if (pvStructInfo && !(dwFlags & CRYPT_DECODE_ALLOC_FLAG))
5182 info->rgDistPoint = (CRL_DIST_POINT *)(info + 1);
5183 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5184 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
5185 }
5186 __EXCEPT_PAGE_FAULT
5187 {
5188 SetLastError(STATUS_ACCESS_VIOLATION);
5189 ret = FALSE;
5190 }
5191 __ENDTRY
5192 return ret;
5193 }
5194
5195 static BOOL WINAPI CRYPT_AsnDecodeEnhancedKeyUsage(DWORD dwCertEncodingType,
5196 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5197 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5198 {
5199 BOOL ret;
5200
5201 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5202 pDecodePara, pvStructInfo, *pcbStructInfo);
5203
5204 __TRY
5205 {
5206 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
5207 offsetof(CERT_ENHKEY_USAGE, cUsageIdentifier),
5208 offsetof(CERT_ENHKEY_USAGE, rgpszUsageIdentifier),
5209 sizeof(CERT_ENHKEY_USAGE),
5210 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), TRUE, 0 };
5211 CERT_ENHKEY_USAGE *usage = pvStructInfo;
5212
5213 if (pvStructInfo && !(dwFlags & CRYPT_DECODE_ALLOC_FLAG))
5214 usage->rgpszUsageIdentifier = (LPSTR *)(usage + 1);
5215 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5216 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
5217 }
5218 __EXCEPT_PAGE_FAULT
5219 {
5220 SetLastError(STATUS_ACCESS_VIOLATION);
5221 ret = FALSE;
5222 }
5223 __ENDTRY
5224 return ret;
5225 }
5226
5227 static BOOL WINAPI CRYPT_AsnDecodeIssuingDistPoint(DWORD dwCertEncodingType,
5228 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5229 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5230 {
5231 BOOL ret;
5232
5233 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5234 pDecodePara, pvStructInfo, *pcbStructInfo);
5235
5236 __TRY
5237 {
5238 struct AsnDecodeSequenceItem items[] = {
5239 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CRL_ISSUING_DIST_POINT,
5240 DistPointName), CRYPT_AsnDecodeDistPointName,
5241 sizeof(CRL_DIST_POINT_NAME), TRUE, TRUE,
5242 offsetof(CRL_ISSUING_DIST_POINT,
5243 DistPointName.u.FullName.rgAltEntry), 0 },
5244 { ASN_CONTEXT | 1, offsetof(CRL_ISSUING_DIST_POINT,
5245 fOnlyContainsUserCerts), CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE,
5246 FALSE, 0 },
5247 { ASN_CONTEXT | 2, offsetof(CRL_ISSUING_DIST_POINT,
5248 fOnlyContainsCACerts), CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE,
5249 FALSE, 0 },
5250 { ASN_CONTEXT | 3, offsetof(CRL_ISSUING_DIST_POINT,
5251 OnlySomeReasonFlags), CRYPT_AsnDecodeBitsInternal,
5252 sizeof(CRYPT_BIT_BLOB), TRUE, TRUE, offsetof(CRL_ISSUING_DIST_POINT,
5253 OnlySomeReasonFlags.pbData), 0 },
5254 { ASN_CONTEXT | 4, offsetof(CRL_ISSUING_DIST_POINT,
5255 fIndirectCRL), CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE, FALSE, 0 },
5256 };
5257
5258 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5259 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
5260 pcbStructInfo, NULL, NULL);
5261 }
5262 __EXCEPT_PAGE_FAULT
5263 {
5264 SetLastError(STATUS_ACCESS_VIOLATION);
5265 ret = FALSE;
5266 }
5267 __ENDTRY
5268 return ret;
5269 }
5270
5271 static BOOL CRYPT_AsnDecodeMaximum(const BYTE *pbEncoded,
5272 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5273 DWORD *pcbDecoded)
5274 {
5275 BOOL ret;
5276 DWORD max, size = sizeof(max);
5277
5278 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5279 pvStructInfo, *pcbStructInfo, pcbDecoded);
5280
5281 if (!cbEncoded)
5282 {
5283 SetLastError(CRYPT_E_ASN1_EOD);
5284 return FALSE;
5285 }
5286 if (pbEncoded[0] != (ASN_CONTEXT | 1))
5287 {
5288 SetLastError(CRYPT_E_ASN1_BADTAG);
5289 return FALSE;
5290 }
5291 if ((ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
5292 &max, &size, pcbDecoded)))
5293 {
5294 DWORD bytesNeeded = FINALMEMBERSIZE(CERT_GENERAL_SUBTREE, fMaximum);
5295
5296 if (!pvStructInfo)
5297 *pcbStructInfo = bytesNeeded;
5298 else if (*pcbStructInfo < bytesNeeded)
5299 {
5300 *pcbStructInfo = bytesNeeded;
5301 SetLastError(ERROR_MORE_DATA);
5302 ret = FALSE;
5303 }
5304 else
5305 {
5306 CERT_GENERAL_SUBTREE *subtree = CONTAINING_RECORD(pvStructInfo,
5307 CERT_GENERAL_SUBTREE, fMaximum);
5308
5309 *pcbStructInfo = bytesNeeded;
5310 /* The BOOL is implicit: if the integer is present, then it's
5311 * TRUE.
5312 */
5313 subtree->fMaximum = TRUE;
5314 subtree->dwMaximum = max;
5315 }
5316 }
5317 TRACE("returning %d\n", ret);
5318 return ret;
5319 }
5320
5321 static BOOL CRYPT_AsnDecodeSubtree(const BYTE *pbEncoded,
5322 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5323 DWORD *pcbDecoded)
5324 {
5325 BOOL ret;
5326 struct AsnDecodeSequenceItem items[] = {
5327 { 0, offsetof(CERT_GENERAL_SUBTREE, Base),
5328 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), TRUE, TRUE,
5329 offsetof(CERT_ALT_NAME_ENTRY, u.pwszURL), 0 },
5330 { ASN_CONTEXT | 0, offsetof(CERT_GENERAL_SUBTREE, dwMinimum),
5331 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), TRUE, FALSE, 0, 0 },
5332 { ASN_CONTEXT | 1, offsetof(CERT_GENERAL_SUBTREE, fMaximum),
5333 CRYPT_AsnDecodeMaximum, FINALMEMBERSIZE(CERT_GENERAL_SUBTREE, fMaximum),
5334 TRUE, FALSE, 0, 0 },
5335 };
5336 CERT_GENERAL_SUBTREE *subtree = pvStructInfo;
5337
5338 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5339 pvStructInfo, *pcbStructInfo, pcbDecoded);
5340
5341 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5342 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5343 pcbDecoded, subtree ? subtree->Base.u.pwszURL : NULL);
5344 if (pcbDecoded)
5345 {
5346 TRACE("%d\n", *pcbDecoded);
5347 if (*pcbDecoded < cbEncoded)
5348 TRACE("%02x %02x\n", *(pbEncoded + *pcbDecoded),
5349 *(pbEncoded + *pcbDecoded + 1));
5350 }
5351 TRACE("returning %d\n", ret);
5352 return ret;
5353 }
5354
5355 static BOOL CRYPT_AsnDecodePermittedSubtree(const BYTE *pbEncoded,
5356 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5357 DWORD *pcbDecoded)
5358 {
5359 BOOL ret = TRUE;
5360 struct AsnArrayDescriptor arrayDesc = { 0,
5361 offsetof(CERT_NAME_CONSTRAINTS_INFO, cPermittedSubtree),
5362 offsetof(CERT_NAME_CONSTRAINTS_INFO, rgPermittedSubtree),
5363 MEMBERSIZE(CERT_NAME_CONSTRAINTS_INFO, cPermittedSubtree,
5364 cExcludedSubtree),
5365 CRYPT_AsnDecodeSubtree, sizeof(CERT_GENERAL_SUBTREE), TRUE,
5366 offsetof(CERT_GENERAL_SUBTREE, Base.u.pwszURL) };
5367
5368 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5369 pvStructInfo, *pcbStructInfo, pcbDecoded);
5370
5371 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5372 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5373 return ret;
5374 }
5375
5376 static BOOL CRYPT_AsnDecodeExcludedSubtree(const BYTE *pbEncoded,
5377 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5378 DWORD *pcbDecoded)
5379 {
5380 BOOL ret = TRUE;
5381 struct AsnArrayDescriptor arrayDesc = { 0,
5382 offsetof(CERT_NAME_CONSTRAINTS_INFO, cExcludedSubtree),
5383 offsetof(CERT_NAME_CONSTRAINTS_INFO, rgExcludedSubtree),
5384 FINALMEMBERSIZE(CERT_NAME_CONSTRAINTS_INFO, cExcludedSubtree),
5385 CRYPT_AsnDecodeSubtree, sizeof(CERT_GENERAL_SUBTREE), TRUE,
5386 offsetof(CERT_GENERAL_SUBTREE, Base.u.pwszURL) };
5387
5388 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5389 pvStructInfo, *pcbStructInfo, pcbDecoded);
5390
5391 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5392 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5393 return ret;
5394 }
5395
5396 static BOOL WINAPI CRYPT_AsnDecodeNameConstraints(DWORD dwCertEncodingType,
5397 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5398 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5399 {
5400 BOOL ret = FALSE;
5401
5402 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5403 pDecodePara, pvStructInfo, *pcbStructInfo);
5404
5405 __TRY
5406 {
5407 struct AsnDecodeSequenceItem items[] = {
5408 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0,
5409 offsetof(CERT_NAME_CONSTRAINTS_INFO, cPermittedSubtree),
5410 CRYPT_AsnDecodePermittedSubtree,
5411 MEMBERSIZE(CERT_NAME_CONSTRAINTS_INFO, cPermittedSubtree,
5412 cExcludedSubtree), TRUE, TRUE,
5413 offsetof(CERT_NAME_CONSTRAINTS_INFO, rgPermittedSubtree), 0 },
5414 { ASN_CONTEXT | ASN_CONSTRUCTOR | 1,
5415 offsetof(CERT_NAME_CONSTRAINTS_INFO, cExcludedSubtree),
5416 CRYPT_AsnDecodeExcludedSubtree,
5417 FINALMEMBERSIZE(CERT_NAME_CONSTRAINTS_INFO, cExcludedSubtree),
5418 TRUE, TRUE,
5419 offsetof(CERT_NAME_CONSTRAINTS_INFO, rgExcludedSubtree), 0 },
5420 };
5421
5422 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5423 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
5424 pcbStructInfo, NULL, NULL);
5425 }
5426 __EXCEPT_PAGE_FAULT
5427 {
5428 SetLastError(STATUS_ACCESS_VIOLATION);
5429 }
5430 __ENDTRY
5431 return ret;
5432 }
5433
5434 static BOOL CRYPT_AsnDecodeIssuerSerialNumber(const BYTE *pbEncoded,
5435 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5436 DWORD *pcbDecoded)
5437 {
5438 BOOL ret;
5439 struct AsnDecodeSequenceItem items[] = {
5440 { 0, offsetof(CERT_ISSUER_SERIAL_NUMBER, Issuer), CRYPT_AsnDecodeDerBlob,
5441 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CERT_ISSUER_SERIAL_NUMBER,
5442 Issuer.pbData) },
5443 { ASN_INTEGER, offsetof(CERT_ISSUER_SERIAL_NUMBER, SerialNumber),
5444 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB), FALSE,
5445 TRUE, offsetof(CERT_ISSUER_SERIAL_NUMBER, SerialNumber.pbData), 0 },
5446 };
5447 CERT_ISSUER_SERIAL_NUMBER *issuerSerial = pvStructInfo;
5448
5449 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5450 pvStructInfo, *pcbStructInfo, pcbDecoded);
5451
5452 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5453 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5454 pcbDecoded, issuerSerial ? issuerSerial->Issuer.pbData : NULL);
5455 if (ret && issuerSerial && !issuerSerial->SerialNumber.cbData)
5456 {
5457 SetLastError(CRYPT_E_ASN1_CORRUPT);
5458 ret = FALSE;
5459 }
5460 TRACE("returning %d\n", ret);
5461 return ret;
5462 }
5463
5464 static BOOL CRYPT_AsnDecodePKCSSignerInfoInternal(const BYTE *pbEncoded,
5465 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5466 DWORD *pcbDecoded)
5467 {
5468 CMSG_SIGNER_INFO *info = pvStructInfo;
5469 struct AsnDecodeSequenceItem items[] = {
5470 { ASN_INTEGER, offsetof(CMSG_SIGNER_INFO, dwVersion),
5471 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
5472 { ASN_SEQUENCEOF, offsetof(CMSG_SIGNER_INFO, Issuer),
5473 CRYPT_AsnDecodeIssuerSerialNumber, sizeof(CERT_ISSUER_SERIAL_NUMBER),
5474 FALSE, TRUE, offsetof(CMSG_SIGNER_INFO, Issuer.pbData), 0 },
5475 { ASN_SEQUENCEOF, offsetof(CMSG_SIGNER_INFO, HashAlgorithm),
5476 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
5477 FALSE, TRUE, offsetof(CMSG_SIGNER_INFO, HashAlgorithm.pszObjId), 0 },
5478 { ASN_CONSTRUCTOR | ASN_CONTEXT | 0,
5479 offsetof(CMSG_SIGNER_INFO, AuthAttrs),
5480 CRYPT_AsnDecodePKCSAttributesInternal, sizeof(CRYPT_ATTRIBUTES),
5481 TRUE, TRUE, offsetof(CMSG_SIGNER_INFO, AuthAttrs.rgAttr), 0 },
5482 { ASN_SEQUENCEOF, offsetof(CMSG_SIGNER_INFO, HashEncryptionAlgorithm),
5483 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
5484 FALSE, TRUE, offsetof(CMSG_SIGNER_INFO,
5485 HashEncryptionAlgorithm.pszObjId), 0 },
5486 { ASN_OCTETSTRING, offsetof(CMSG_SIGNER_INFO, EncryptedHash),
5487 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DER_BLOB),
5488 FALSE, TRUE, offsetof(CMSG_SIGNER_INFO, EncryptedHash.pbData), 0 },
5489 { ASN_CONSTRUCTOR | ASN_CONTEXT | 1,
5490 offsetof(CMSG_SIGNER_INFO, UnauthAttrs),
5491 CRYPT_AsnDecodePKCSAttributesInternal, sizeof(CRYPT_ATTRIBUTES),
5492 TRUE, TRUE, offsetof(CMSG_SIGNER_INFO, UnauthAttrs.rgAttr), 0 },
5493 };
5494 BOOL ret;
5495
5496 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5497 pvStructInfo, *pcbStructInfo);
5498
5499 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5500 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5501 pcbDecoded, info ? info->Issuer.pbData : NULL);
5502 return ret;
5503 }
5504
5505 static BOOL WINAPI CRYPT_AsnDecodePKCSSignerInfo(DWORD dwCertEncodingType,
5506 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5507 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5508 {
5509 BOOL ret = FALSE;
5510
5511 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5512 pDecodePara, pvStructInfo, *pcbStructInfo);
5513
5514 __TRY
5515 {
5516 ret = CRYPT_AsnDecodePKCSSignerInfoInternal(pbEncoded, cbEncoded,
5517 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
5518 if (ret && pvStructInfo)
5519 {
5520 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
5521 pcbStructInfo, *pcbStructInfo);
5522 if (ret)
5523 {
5524 CMSG_SIGNER_INFO *info;
5525
5526 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
5527 pvStructInfo = *(BYTE **)pvStructInfo;
5528 info = pvStructInfo;
5529 info->Issuer.pbData = ((BYTE *)info +
5530 sizeof(CMSG_SIGNER_INFO));
5531 ret = CRYPT_AsnDecodePKCSSignerInfoInternal(pbEncoded,
5532 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
5533 pcbStructInfo, NULL);
5534 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
5535 CRYPT_FreeSpace(pDecodePara, info);
5536 }
5537 }
5538 }
5539 __EXCEPT_PAGE_FAULT
5540 {
5541 SetLastError(STATUS_ACCESS_VIOLATION);
5542 }
5543 __ENDTRY
5544 TRACE("returning %d\n", ret);
5545 return ret;
5546 }
5547
5548 static BOOL CRYPT_AsnDecodeCMSCertEncoded(const BYTE *pbEncoded,
5549 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5550 DWORD *pcbDecoded)
5551 {
5552 BOOL ret;
5553 struct AsnArrayDescriptor arrayDesc = { 0,
5554 offsetof(CRYPT_SIGNED_INFO, cCertEncoded),
5555 offsetof(CRYPT_SIGNED_INFO, rgCertEncoded),
5556 MEMBERSIZE(CRYPT_SIGNED_INFO, cCertEncoded, cCrlEncoded),
5557 CRYPT_AsnDecodeCopyBytes,
5558 sizeof(CRYPT_DER_BLOB), TRUE, offsetof(CRYPT_DER_BLOB, pbData) };
5559
5560 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5561 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0, pcbDecoded);
5562
5563 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5564 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5565 return ret;
5566 }
5567
5568 static BOOL CRYPT_AsnDecodeCMSCrlEncoded(const BYTE *pbEncoded,
5569 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5570 DWORD *pcbDecoded)
5571 {
5572 BOOL ret;
5573 struct AsnArrayDescriptor arrayDesc = { 0,
5574 offsetof(CRYPT_SIGNED_INFO, cCrlEncoded),
5575 offsetof(CRYPT_SIGNED_INFO, rgCrlEncoded),
5576 MEMBERSIZE(CRYPT_SIGNED_INFO, cCrlEncoded, content),
5577 CRYPT_AsnDecodeCopyBytes, sizeof(CRYPT_DER_BLOB),
5578 TRUE, offsetof(CRYPT_DER_BLOB, pbData) };
5579
5580 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5581 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0, pcbDecoded);
5582
5583 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5584 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5585 return ret;
5586 }
5587
5588 static BOOL CRYPT_AsnDecodeCMSSignerId(const BYTE *pbEncoded,
5589 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5590 DWORD *pcbDecoded)
5591 {
5592 CERT_ID *id = pvStructInfo;
5593 BOOL ret = FALSE;
5594
5595 if (*pbEncoded == ASN_SEQUENCEOF)
5596 {
5597 ret = CRYPT_AsnDecodeIssuerSerialNumber(pbEncoded, cbEncoded, dwFlags,
5598 id ? &id->u.IssuerSerialNumber : NULL, pcbStructInfo, pcbDecoded);
5599 if (ret)
5600 {
5601 if (id)
5602 id->dwIdChoice = CERT_ID_ISSUER_SERIAL_NUMBER;
5603 if (*pcbStructInfo > sizeof(CERT_ISSUER_SERIAL_NUMBER))
5604 *pcbStructInfo = sizeof(CERT_ID) + *pcbStructInfo -
5605 sizeof(CERT_ISSUER_SERIAL_NUMBER);
5606 else
5607 *pcbStructInfo = sizeof(CERT_ID);
5608 }
5609 }
5610 else if (*pbEncoded == (ASN_CONTEXT | 0))
5611 {
5612 ret = CRYPT_AsnDecodeOctetsInternal(pbEncoded, cbEncoded, dwFlags,
5613 id ? &id->u.KeyId : NULL, pcbStructInfo, pcbDecoded);
5614 if (ret)
5615 {
5616 if (id)
5617 id->dwIdChoice = CERT_ID_KEY_IDENTIFIER;
5618 if (*pcbStructInfo > sizeof(CRYPT_DATA_BLOB))
5619 *pcbStructInfo = sizeof(CERT_ID) + *pcbStructInfo -
5620 sizeof(CRYPT_DATA_BLOB);
5621 else
5622 *pcbStructInfo = sizeof(CERT_ID);
5623 }
5624 }
5625 else
5626 SetLastError(CRYPT_E_ASN1_BADTAG);
5627 return ret;
5628 }
5629
5630 static BOOL CRYPT_AsnDecodeCMSSignerInfoInternal(const BYTE *pbEncoded,
5631 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5632 DWORD *pcbDecoded)
5633 {
5634 CMSG_CMS_SIGNER_INFO *info = pvStructInfo;
5635 struct AsnDecodeSequenceItem items[] = {
5636 { ASN_INTEGER, offsetof(CMSG_CMS_SIGNER_INFO, dwVersion),
5637 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
5638 { 0, offsetof(CMSG_CMS_SIGNER_INFO, SignerId),
5639 CRYPT_AsnDecodeCMSSignerId, sizeof(CERT_ID), FALSE, TRUE,
5640 offsetof(CMSG_CMS_SIGNER_INFO, SignerId.u.KeyId.pbData), 0 },
5641 { ASN_SEQUENCEOF, offsetof(CMSG_CMS_SIGNER_INFO, HashAlgorithm),
5642 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
5643 FALSE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO, HashAlgorithm.pszObjId), 0 },
5644 { ASN_CONSTRUCTOR | ASN_CONTEXT | 0,
5645 offsetof(CMSG_CMS_SIGNER_INFO, AuthAttrs),
5646 CRYPT_AsnDecodePKCSAttributesInternal, sizeof(CRYPT_ATTRIBUTES),
5647 TRUE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO, AuthAttrs.rgAttr), 0 },
5648 { ASN_SEQUENCEOF, offsetof(CMSG_CMS_SIGNER_INFO, HashEncryptionAlgorithm),
5649 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
5650 FALSE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO,
5651 HashEncryptionAlgorithm.pszObjId), 0 },
5652 { ASN_OCTETSTRING, offsetof(CMSG_CMS_SIGNER_INFO, EncryptedHash),
5653 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DER_BLOB),
5654 FALSE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO, EncryptedHash.pbData), 0 },
5655 { ASN_CONSTRUCTOR | ASN_CONTEXT | 1,
5656 offsetof(CMSG_CMS_SIGNER_INFO, UnauthAttrs),
5657 CRYPT_AsnDecodePKCSAttributesInternal, sizeof(CRYPT_ATTRIBUTES),
5658 TRUE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO, UnauthAttrs.rgAttr), 0 },
5659 };
5660 BOOL ret;
5661
5662 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5663 pvStructInfo, *pcbStructInfo);
5664
5665 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5666 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5667 pcbDecoded, info ? info->SignerId.u.KeyId.pbData : NULL);
5668 return ret;
5669 }
5670
5671 static BOOL WINAPI CRYPT_AsnDecodeCMSSignerInfo(DWORD dwCertEncodingType,
5672 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5673 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5674 {
5675 BOOL ret = FALSE;
5676
5677 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5678 pDecodePara, pvStructInfo, *pcbStructInfo);
5679
5680 __TRY
5681 {
5682 ret = CRYPT_AsnDecodeCMSSignerInfoInternal(pbEncoded, cbEncoded,
5683 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
5684 if (ret && pvStructInfo)
5685 {
5686 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
5687 pcbStructInfo, *pcbStructInfo);
5688 if (ret)
5689 {
5690 CMSG_CMS_SIGNER_INFO *info;
5691
5692 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
5693 pvStructInfo = *(BYTE **)pvStructInfo;
5694 info = pvStructInfo;
5695 info->SignerId.u.KeyId.pbData = ((BYTE *)info +
5696 sizeof(CMSG_CMS_SIGNER_INFO));
5697 ret = CRYPT_AsnDecodeCMSSignerInfoInternal(pbEncoded,
5698 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
5699 pcbStructInfo, NULL);
5700 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
5701 CRYPT_FreeSpace(pDecodePara, info);
5702 }
5703 }
5704 }
5705 __EXCEPT_PAGE_FAULT
5706 {
5707 SetLastError(STATUS_ACCESS_VIOLATION);
5708 }
5709 __ENDTRY
5710 TRACE("returning %d\n", ret);
5711 return ret;
5712 }
5713
5714 static BOOL CRYPT_DecodeSignerArray(const BYTE *pbEncoded, DWORD cbEncoded,
5715 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
5716 {
5717 BOOL ret;
5718 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
5719 offsetof(CRYPT_SIGNED_INFO, cSignerInfo),
5720 offsetof(CRYPT_SIGNED_INFO, rgSignerInfo),
5721 FINALMEMBERSIZE(CRYPT_SIGNED_INFO, cSignerInfo),
5722 CRYPT_AsnDecodeCMSSignerInfoInternal, sizeof(CMSG_CMS_SIGNER_INFO), TRUE,
5723 offsetof(CMSG_CMS_SIGNER_INFO, SignerId.u.KeyId.pbData) };
5724
5725 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5726 pvStructInfo, *pcbStructInfo, pcbDecoded);
5727
5728 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5729 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5730 return ret;
5731 }
5732
5733 BOOL CRYPT_AsnDecodeCMSSignedInfo(const BYTE *pbEncoded, DWORD cbEncoded,
5734 DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
5735 CRYPT_SIGNED_INFO *signedInfo, DWORD *pcbSignedInfo)
5736 {
5737 BOOL ret = FALSE;
5738 struct AsnDecodeSequenceItem items[] = {
5739 { ASN_INTEGER, offsetof(CRYPT_SIGNED_INFO, version),
5740 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
5741 /* Placeholder for the hash algorithms - redundant with those in the
5742 * signers, so just ignore them.
5743 */
5744 { ASN_CONSTRUCTOR | ASN_SETOF, 0, NULL, 0, TRUE, FALSE, 0, 0 },
5745 { ASN_SEQUENCE, offsetof(CRYPT_SIGNED_INFO, content),
5746 CRYPT_AsnDecodePKCSContentInfoInternal, sizeof(CRYPT_CONTENT_INFO),
5747 FALSE, TRUE, offsetof(CRYPT_SIGNED_INFO, content.pszObjId), 0 },
5748 { ASN_CONSTRUCTOR | ASN_CONTEXT | 0,
5749 offsetof(CRYPT_SIGNED_INFO, cCertEncoded), CRYPT_AsnDecodeCMSCertEncoded,
5750 MEMBERSIZE(CRYPT_SIGNED_INFO, cCertEncoded, cCrlEncoded), TRUE, TRUE,
5751 offsetof(CRYPT_SIGNED_INFO, rgCertEncoded), 0 },
5752 { ASN_CONSTRUCTOR | ASN_CONTEXT | 1,
5753 offsetof(CRYPT_SIGNED_INFO, cCrlEncoded), CRYPT_AsnDecodeCMSCrlEncoded,
5754 MEMBERSIZE(CRYPT_SIGNED_INFO, cCrlEncoded, content), TRUE, TRUE,
5755 offsetof(CRYPT_SIGNED_INFO, rgCrlEncoded), 0 },
5756 { ASN_CONSTRUCTOR | ASN_SETOF, offsetof(CRYPT_SIGNED_INFO, cSignerInfo),
5757 CRYPT_DecodeSignerArray,
5758 FINALMEMBERSIZE(CRYPT_SIGNED_INFO, cSignerInfo), TRUE, TRUE,
5759 offsetof(CRYPT_SIGNED_INFO, rgSignerInfo), 0 },
5760 };
5761
5762 TRACE("%p, %d, %08x, %p, %p, %p\n", pbEncoded, cbEncoded, dwFlags,
5763 pDecodePara, signedInfo, pcbSignedInfo);
5764
5765 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5766 pbEncoded, cbEncoded, dwFlags, pDecodePara, signedInfo, pcbSignedInfo,
5767 NULL, NULL);
5768 TRACE("returning %d\n", ret);
5769 return ret;
5770 }
5771
5772 static BOOL CRYPT_AsnDecodeRecipientInfo(const BYTE *pbEncoded, DWORD cbEncoded,
5773 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
5774 {
5775 BOOL ret;
5776 CMSG_KEY_TRANS_RECIPIENT_INFO *info = pvStructInfo;
5777 struct AsnDecodeSequenceItem items[] = {
5778 { ASN_INTEGER, offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO, dwVersion),
5779 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
5780 { ASN_SEQUENCEOF, offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO,
5781 RecipientId.u.IssuerSerialNumber), CRYPT_AsnDecodeIssuerSerialNumber,
5782 sizeof(CERT_ISSUER_SERIAL_NUMBER), FALSE, TRUE,
5783 offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO,
5784 RecipientId.u.IssuerSerialNumber.Issuer.pbData), 0 },
5785 { ASN_SEQUENCEOF, offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO,
5786 KeyEncryptionAlgorithm), CRYPT_AsnDecodeAlgorithmId,
5787 sizeof(CRYPT_ALGORITHM_IDENTIFIER), FALSE, TRUE,
5788 offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO,
5789 KeyEncryptionAlgorithm.pszObjId), 0 },
5790 { ASN_OCTETSTRING, offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO, EncryptedKey),
5791 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB), FALSE, TRUE,
5792 offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO, EncryptedKey.pbData), 0 },
5793 };
5794
5795 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5796 pvStructInfo, *pcbStructInfo, pcbDecoded);
5797
5798 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5799 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5800 pcbDecoded, info ? info->RecipientId.u.IssuerSerialNumber.Issuer.pbData :
5801 NULL);
5802 if (info)
5803 info->RecipientId.dwIdChoice = CERT_ID_ISSUER_SERIAL_NUMBER;
5804 TRACE("returning %d\n", ret);
5805 return ret;
5806 }
5807
5808 static BOOL CRYPT_DecodeRecipientInfoArray(const BYTE *pbEncoded,
5809 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5810 DWORD *pcbDecoded)
5811 {
5812 BOOL ret;
5813 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
5814 offsetof(CRYPT_ENVELOPED_DATA, cRecipientInfo),
5815 offsetof(CRYPT_ENVELOPED_DATA, rgRecipientInfo),
5816 MEMBERSIZE(CRYPT_ENVELOPED_DATA, cRecipientInfo, encryptedContentInfo),
5817 CRYPT_AsnDecodeRecipientInfo, sizeof(CMSG_KEY_TRANS_RECIPIENT_INFO), TRUE,
5818 offsetof(CMSG_KEY_TRANS_RECIPIENT_INFO,
5819 RecipientId.u.IssuerSerialNumber.Issuer.pbData) };
5820
5821 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5822 pvStructInfo, *pcbStructInfo, pcbDecoded);
5823
5824 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5825 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5826 TRACE("returning %d\n", ret);
5827 return ret;
5828 }
5829
5830 static BOOL CRYPT_AsnDecodeEncryptedContentInfo(const BYTE *pbEncoded,
5831 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5832 DWORD *pcbDecoded)
5833 {
5834 BOOL ret;
5835 CRYPT_ENCRYPTED_CONTENT_INFO *info = pvStructInfo;
5836 struct AsnDecodeSequenceItem items[] = {
5837 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_ENCRYPTED_CONTENT_INFO,
5838 contentType), CRYPT_AsnDecodeOidInternal, sizeof(LPSTR),
5839 FALSE, TRUE, offsetof(CRYPT_ENCRYPTED_CONTENT_INFO,
5840 contentType), 0 },
5841 { ASN_SEQUENCEOF, offsetof(CRYPT_ENCRYPTED_CONTENT_INFO,
5842 contentEncryptionAlgorithm), CRYPT_AsnDecodeAlgorithmId,
5843 sizeof(CRYPT_ALGORITHM_IDENTIFIER), FALSE, TRUE,
5844 offsetof(CRYPT_ENCRYPTED_CONTENT_INFO,
5845 contentEncryptionAlgorithm.pszObjId), 0 },
5846 { ASN_CONTEXT | 0, offsetof(CRYPT_ENCRYPTED_CONTENT_INFO,
5847 encryptedContent), CRYPT_AsnDecodeOctetsInternal,
5848 sizeof(CRYPT_DATA_BLOB), TRUE, TRUE,
5849 offsetof(CRYPT_ENCRYPTED_CONTENT_INFO, encryptedContent.pbData) },
5850 };
5851
5852 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5853 pvStructInfo, *pcbStructInfo, pcbDecoded);
5854
5855 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5856 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5857 pcbDecoded, info ? info->contentType : NULL);
5858 TRACE("returning %d\n", ret);
5859 return ret;
5860 }
5861
5862 BOOL CRYPT_AsnDecodePKCSEnvelopedData(const BYTE *pbEncoded, DWORD cbEncoded,
5863 DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
5864 CRYPT_ENVELOPED_DATA *envelopedData, DWORD *pcbEnvelopedData)
5865 {
5866 BOOL ret;
5867 struct AsnDecodeSequenceItem items[] = {
5868 { ASN_INTEGER, offsetof(CRYPT_ENVELOPED_DATA, version),
5869 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
5870 { ASN_CONSTRUCTOR | ASN_SETOF, offsetof(CRYPT_ENVELOPED_DATA,
5871 cRecipientInfo), CRYPT_DecodeRecipientInfoArray,
5872 MEMBERSIZE(CRYPT_ENVELOPED_DATA, cRecipientInfo, encryptedContentInfo),
5873 FALSE, TRUE, offsetof(CRYPT_ENVELOPED_DATA, rgRecipientInfo), 0 },
5874 { ASN_SEQUENCEOF, offsetof(CRYPT_ENVELOPED_DATA, encryptedContentInfo),
5875 CRYPT_AsnDecodeEncryptedContentInfo,
5876 sizeof(CRYPT_ENCRYPTED_CONTENT_INFO), FALSE, TRUE,
5877 offsetof(CRYPT_ENVELOPED_DATA, encryptedContentInfo.contentType), 0 },
5878 };
5879
5880 TRACE("%p, %d, %08x, %p, %p, %p\n", pbEncoded, cbEncoded, dwFlags,
5881 pDecodePara, envelopedData, pcbEnvelopedData);
5882
5883 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5884 pbEncoded, cbEncoded, dwFlags, pDecodePara, envelopedData,
5885 pcbEnvelopedData, NULL, NULL);
5886 TRACE("returning %d\n", ret);
5887 return ret;
5888 }
5889
5890 static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
5891 LPCSTR lpszStructType)
5892 {
5893 CryptDecodeObjectExFunc decodeFunc = NULL;
5894
5895 if ((dwCertEncodingType & CERT_ENCODING_TYPE_MASK) != X509_ASN_ENCODING
5896 && (dwCertEncodingType & CMSG_ENCODING_TYPE_MASK) != PKCS_7_ASN_ENCODING)
5897 {
5898 SetLastError(ERROR_FILE_NOT_FOUND);
5899 return NULL;
5900 }
5901 if (IS_INTOID(lpszStructType))
5902 {
5903 switch (LOWORD(lpszStructType))
5904 {
5905 case LOWORD(X509_CERT):
5906 decodeFunc = CRYPT_AsnDecodeCertSignedContent;
5907 break;
5908 case LOWORD(X509_CERT_TO_BE_SIGNED):
5909 decodeFunc = CRYPT_AsnDecodeCert;
5910 break;
5911 case LOWORD(X509_CERT_CRL_TO_BE_SIGNED):
5912 decodeFunc = CRYPT_AsnDecodeCRL;
5913 break;
5914 case LOWORD(X509_EXTENSIONS):
5915 decodeFunc = CRYPT_AsnDecodeExtensions;
5916 break;
5917 case LOWORD(X509_NAME_VALUE):
5918 decodeFunc = CRYPT_AsnDecodeNameValue;
5919 break;
5920 case LOWORD(X509_NAME):
5921 decodeFunc = CRYPT_AsnDecodeName;
5922 break;
5923 case LOWORD(X509_PUBLIC_KEY_INFO):
5924 decodeFunc = CRYPT_AsnDecodePubKeyInfo;
5925 break;
5926 case LOWORD(X509_AUTHORITY_KEY_ID):
5927 decodeFunc = CRYPT_AsnDecodeAuthorityKeyId;
5928 break;
5929 case LOWORD(X509_ALTERNATE_NAME):
5930 decodeFunc = CRYPT_AsnDecodeAltName;
5931 break;
5932 case LOWORD(X509_BASIC_CONSTRAINTS):
5933 decodeFunc = CRYPT_AsnDecodeBasicConstraints;
5934 break;
5935 case LOWORD(X509_BASIC_CONSTRAINTS2):
5936 decodeFunc = CRYPT_AsnDecodeBasicConstraints2;
5937 break;
5938 case LOWORD(X509_CERT_POLICIES):
5939 decodeFunc = CRYPT_AsnDecodeCertPolicies;
5940 break;
5941 case LOWORD(RSA_CSP_PUBLICKEYBLOB):
5942 decodeFunc = CRYPT_AsnDecodeRsaPubKey;
5943 break;
5944 case LOWORD(PKCS_RSA_PRIVATE_KEY):
5945 decodeFunc = CRYPT_AsnDecodeRsaPrivKey;
5946 break;
5947 case LOWORD(X509_UNICODE_NAME):
5948 decodeFunc = CRYPT_AsnDecodeUnicodeName;
5949 break;
5950 case LOWORD(PKCS_ATTRIBUTE):
5951 decodeFunc = CRYPT_AsnDecodePKCSAttribute;
5952 break;
5953 case LOWORD(X509_UNICODE_NAME_VALUE):
5954 decodeFunc = CRYPT_AsnDecodeUnicodeNameValue;
5955 break;
5956 case LOWORD(X509_OCTET_STRING):
5957 decodeFunc = CRYPT_AsnDecodeOctets;
5958 break;
5959 case LOWORD(X509_BITS):
5960 case LOWORD(X509_KEY_USAGE):
5961 decodeFunc = CRYPT_AsnDecodeBits;
5962 break;
5963 case LOWORD(X509_INTEGER):
5964 decodeFunc = CRYPT_AsnDecodeInt;
5965 break;
5966 case LOWORD(X509_MULTI_BYTE_INTEGER):
5967 decodeFunc = CRYPT_AsnDecodeInteger;
5968 break;
5969 case LOWORD(X509_MULTI_BYTE_UINT):
5970 decodeFunc = CRYPT_AsnDecodeUnsignedInteger;
5971 break;
5972 case LOWORD(X509_ENUMERATED):
5973 decodeFunc = CRYPT_AsnDecodeEnumerated;
5974 break;
5975 case LOWORD(X509_CHOICE_OF_TIME):
5976 decodeFunc = CRYPT_AsnDecodeChoiceOfTime;
5977 break;
5978 case LOWORD(X509_AUTHORITY_KEY_ID2):
5979 decodeFunc = CRYPT_AsnDecodeAuthorityKeyId2;
5980 break;
5981 case LOWORD(X509_AUTHORITY_INFO_ACCESS):
5982 decodeFunc = CRYPT_AsnDecodeAuthorityInfoAccess;
5983 break;
5984 case LOWORD(PKCS_CONTENT_INFO):
5985 decodeFunc = CRYPT_AsnDecodePKCSContentInfo;
5986 break;
5987 case LOWORD(X509_SEQUENCE_OF_ANY):
5988 decodeFunc = CRYPT_AsnDecodeSequenceOfAny;
5989 break;
5990 case LOWORD(PKCS_UTC_TIME):
5991 decodeFunc = CRYPT_AsnDecodeUtcTime;
5992 break;
5993 case LOWORD(X509_CRL_DIST_POINTS):
5994 decodeFunc = CRYPT_AsnDecodeCRLDistPoints;
5995 break;
5996 case LOWORD(X509_ENHANCED_KEY_USAGE):
5997 decodeFunc = CRYPT_AsnDecodeEnhancedKeyUsage;
5998 break;
5999 case LOWORD(PKCS_CTL):
6000 decodeFunc = CRYPT_AsnDecodeCTL;
6001 break;
6002 case LOWORD(PKCS_SMIME_CAPABILITIES):
6003 decodeFunc = CRYPT_AsnDecodeSMIMECapabilities;
6004 break;
6005 case LOWORD(X509_PKIX_POLICY_QUALIFIER_USERNOTICE):
6006 decodeFunc = CRYPT_AsnDecodePolicyQualifierUserNotice;
6007 break;
6008 case LOWORD(PKCS_ATTRIBUTES):
6009 decodeFunc = CRYPT_AsnDecodePKCSAttributes;
6010 break;
6011 case LOWORD(X509_ISSUING_DIST_POINT):
6012 decodeFunc = CRYPT_AsnDecodeIssuingDistPoint;
6013 break;
6014 case LOWORD(X509_NAME_CONSTRAINTS):
6015 decodeFunc = CRYPT_AsnDecodeNameConstraints;
6016 break;
6017 case LOWORD(X509_POLICY_MAPPINGS):
6018 decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
6019 break;
6020 case LOWORD(X509_POLICY_CONSTRAINTS):
6021 decodeFunc = CRYPT_AsnDecodeCertPolicyConstraints;
6022 break;
6023 case LOWORD(PKCS7_SIGNER_INFO):
6024 decodeFunc = CRYPT_AsnDecodePKCSSignerInfo;
6025 break;
6026 case LOWORD(CMS_SIGNER_INFO):
6027 decodeFunc = CRYPT_AsnDecodeCMSSignerInfo;
6028 break;
6029 }
6030 }
6031 else if (!strcmp(lpszStructType, szOID_CERT_EXTENSIONS))
6032 decodeFunc = CRYPT_AsnDecodeExtensions;
6033 else if (!strcmp(lpszStructType, szOID_RSA_signingTime))
6034 decodeFunc = CRYPT_AsnDecodeUtcTime;
6035 else if (!strcmp(lpszStructType, szOID_RSA_SMIMECapabilities))
6036 decodeFunc = CRYPT_AsnDecodeSMIMECapabilities;
6037 else if (!strcmp(lpszStructType, szOID_AUTHORITY_KEY_IDENTIFIER))
6038 decodeFunc = CRYPT_AsnDecodeAuthorityKeyId;
6039 else if (!strcmp(lpszStructType, szOID_LEGACY_POLICY_MAPPINGS))
6040 decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
6041 else if (!strcmp(lpszStructType, szOID_AUTHORITY_KEY_IDENTIFIER2))
6042 decodeFunc = CRYPT_AsnDecodeAuthorityKeyId2;
6043 else if (!strcmp(lpszStructType, szOID_CRL_REASON_CODE))
6044 decodeFunc = CRYPT_AsnDecodeEnumerated;
6045 else if (!strcmp(lpszStructType, szOID_KEY_USAGE))
6046 decodeFunc = CRYPT_AsnDecodeBits;
6047 else if (!strcmp(lpszStructType, szOID_SUBJECT_KEY_IDENTIFIER))
6048 decodeFunc = CRYPT_AsnDecodeOctets;
6049 else if (!strcmp(lpszStructType, szOID_BASIC_CONSTRAINTS))
6050 decodeFunc = CRYPT_AsnDecodeBasicConstraints;
6051 else if (!strcmp(lpszStructType, szOID_BASIC_CONSTRAINTS2))
6052 decodeFunc = CRYPT_AsnDecodeBasicConstraints2;
6053 else if (!strcmp(lpszStructType, szOID_ISSUER_ALT_NAME))
6054 decodeFunc = CRYPT_AsnDecodeAltName;
6055 else if (!strcmp(lpszStructType, szOID_ISSUER_ALT_NAME2))
6056 decodeFunc = CRYPT_AsnDecodeAltName;
6057 else if (!strcmp(lpszStructType, szOID_NEXT_UPDATE_LOCATION))
6058 decodeFunc = CRYPT_AsnDecodeAltName;
6059 else if (!strcmp(lpszStructType, szOID_SUBJECT_ALT_NAME))
6060 decodeFunc = CRYPT_AsnDecodeAltName;
6061 else if (!strcmp(lpszStructType, szOID_SUBJECT_ALT_NAME2))
6062 decodeFunc = CRYPT_AsnDecodeAltName;
6063 else if (!strcmp(lpszStructType, szOID_CRL_DIST_POINTS))
6064 decodeFunc = CRYPT_AsnDecodeCRLDistPoints;
6065 else if (!strcmp(lpszStructType, szOID_CERT_POLICIES))
6066 decodeFunc = CRYPT_AsnDecodeCertPolicies;
6067 else if (!strcmp(lpszStructType, szOID_POLICY_MAPPINGS))
6068 decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
6069 else if (!strcmp(lpszStructType, szOID_POLICY_CONSTRAINTS))
6070 decodeFunc = CRYPT_AsnDecodeCertPolicyConstraints;
6071 else if (!strcmp(lpszStructType, szOID_ENHANCED_KEY_USAGE))
6072 decodeFunc = CRYPT_AsnDecodeEnhancedKeyUsage;
6073 else if (!strcmp(lpszStructType, szOID_ISSUING_DIST_POINT))
6074 decodeFunc = CRYPT_AsnDecodeIssuingDistPoint;
6075 else if (!strcmp(lpszStructType, szOID_NAME_CONSTRAINTS))
6076 decodeFunc = CRYPT_AsnDecodeNameConstraints;
6077 else if (!strcmp(lpszStructType, szOID_AUTHORITY_INFO_ACCESS))
6078 decodeFunc = CRYPT_AsnDecodeAuthorityInfoAccess;
6079 else if (!strcmp(lpszStructType, szOID_PKIX_POLICY_QUALIFIER_USERNOTICE))
6080 decodeFunc = CRYPT_AsnDecodePolicyQualifierUserNotice;
6081 else if (!strcmp(lpszStructType, szOID_CTL))
6082 decodeFunc = CRYPT_AsnDecodeCTL;
6083 return decodeFunc;
6084 }
6085
6086 static CryptDecodeObjectFunc CRYPT_LoadDecoderFunc(DWORD dwCertEncodingType,
6087 LPCSTR lpszStructType, HCRYPTOIDFUNCADDR *hFunc)
6088 {
6089 static HCRYPTOIDFUNCSET set = NULL;
6090 CryptDecodeObjectFunc decodeFunc = NULL;
6091
6092 if (!set)
6093 set = CryptInitOIDFunctionSet(CRYPT_OID_DECODE_OBJECT_FUNC, 0);
6094 CryptGetOIDFunctionAddress(set, dwCertEncodingType, lpszStructType, 0,
6095 (void **)&decodeFunc, hFunc);
6096 return decodeFunc;
6097 }
6098
6099 static CryptDecodeObjectExFunc CRYPT_LoadDecoderExFunc(DWORD dwCertEncodingType,
6100 LPCSTR lpszStructType, HCRYPTOIDFUNCADDR *hFunc)
6101 {
6102 static HCRYPTOIDFUNCSET set = NULL;
6103 CryptDecodeObjectExFunc decodeFunc = NULL;
6104
6105 if (!set)
6106 set = CryptInitOIDFunctionSet(CRYPT_OID_DECODE_OBJECT_EX_FUNC, 0);
6107 CryptGetOIDFunctionAddress(set, dwCertEncodingType, lpszStructType, 0,
6108 (void **)&decodeFunc, hFunc);
6109 return decodeFunc;
6110 }
6111
6112 BOOL WINAPI CryptDecodeObject(DWORD dwCertEncodingType, LPCSTR lpszStructType,
6113 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo,
6114 DWORD *pcbStructInfo)
6115 {
6116 BOOL ret = FALSE;
6117 CryptDecodeObjectFunc pCryptDecodeObject = NULL;
6118 CryptDecodeObjectExFunc pCryptDecodeObjectEx = NULL;
6119 HCRYPTOIDFUNCADDR hFunc = NULL;
6120
6121 TRACE_(crypt)("(0x%08x, %s, %p, %d, 0x%08x, %p, %p)\n", dwCertEncodingType,
6122 debugstr_a(lpszStructType), pbEncoded, cbEncoded, dwFlags,
6123 pvStructInfo, pcbStructInfo);
6124
6125 if (!pvStructInfo && !pcbStructInfo)
6126 {
6127 SetLastError(ERROR_INVALID_PARAMETER);
6128 return FALSE;
6129 }
6130 if (cbEncoded > MAX_ENCODED_LEN)
6131 {
6132 SetLastError(CRYPT_E_ASN1_LARGE);
6133 return FALSE;
6134 }
6135
6136 if (!(pCryptDecodeObjectEx = CRYPT_GetBuiltinDecoder(dwCertEncodingType,
6137 lpszStructType)))
6138 {
6139 TRACE_(crypt)("OID %s not found or unimplemented, looking for DLL\n",
6140 debugstr_a(lpszStructType));
6141 pCryptDecodeObject = CRYPT_LoadDecoderFunc(dwCertEncodingType,
6142 lpszStructType, &hFunc);
6143 if (!pCryptDecodeObject)
6144 pCryptDecodeObjectEx = CRYPT_LoadDecoderExFunc(dwCertEncodingType,
6145 lpszStructType, &hFunc);
6146 }
6147 if (pCryptDecodeObject)
6148 ret = pCryptDecodeObject(dwCertEncodingType, lpszStructType,
6149 pbEncoded, cbEncoded, dwFlags, pvStructInfo, pcbStructInfo);
6150 else if (pCryptDecodeObjectEx)
6151 ret = pCryptDecodeObjectEx(dwCertEncodingType, lpszStructType,
6152 pbEncoded, cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL,
6153 pvStructInfo, pcbStructInfo);
6154 if (hFunc)
6155 CryptFreeOIDFunctionAddress(hFunc, 0);
6156 TRACE_(crypt)("returning %d\n", ret);
6157 return ret;
6158 }
6159
6160 BOOL WINAPI CryptDecodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType,
6161 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
6162 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
6163 {
6164 BOOL ret = FALSE;
6165 CryptDecodeObjectExFunc decodeFunc;
6166 HCRYPTOIDFUNCADDR hFunc = NULL;
6167
6168 TRACE_(crypt)("(0x%08x, %s, %p, %d, 0x%08x, %p, %p, %p)\n",
6169 dwCertEncodingType, debugstr_a(lpszStructType), pbEncoded,
6170 cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo);
6171
6172 if (!pvStructInfo && !pcbStructInfo)
6173 {
6174 SetLastError(ERROR_INVALID_PARAMETER);
6175 return FALSE;
6176 }
6177 if (cbEncoded > MAX_ENCODED_LEN)
6178 {
6179 SetLastError(CRYPT_E_ASN1_LARGE);
6180 return FALSE;
6181 }
6182
6183 SetLastError(NOERROR);
6184 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
6185 {
6186 if (!pvStructInfo)
6187 {
6188 SetLastError(ERROR_INVALID_PARAMETER);
6189 return FALSE;
6190 }
6191 *(BYTE **)pvStructInfo = NULL;
6192 }
6193 decodeFunc = CRYPT_GetBuiltinDecoder(dwCertEncodingType, lpszStructType);
6194 if (!decodeFunc)
6195 {
6196 TRACE_(crypt)("OID %s not found or unimplemented, looking for DLL\n",
6197 debugstr_a(lpszStructType));
6198 decodeFunc = CRYPT_LoadDecoderExFunc(dwCertEncodingType, lpszStructType,
6199 &hFunc);
6200 }
6201 if (decodeFunc)
6202 ret = decodeFunc(dwCertEncodingType, lpszStructType, pbEncoded,
6203 cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo);
6204 else
6205 {
6206 CryptDecodeObjectFunc pCryptDecodeObject =
6207 CRYPT_LoadDecoderFunc(dwCertEncodingType, lpszStructType, &hFunc);
6208
6209 /* Try CryptDecodeObject function. Don't call CryptDecodeObject
6210 * directly, as that could cause an infinite loop.
6211 */
6212 if (pCryptDecodeObject)
6213 {
6214 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
6215 {
6216 ret = pCryptDecodeObject(dwCertEncodingType, lpszStructType,
6217 pbEncoded, cbEncoded, dwFlags, NULL, pcbStructInfo);
6218 if (ret && (ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
6219 pvStructInfo, pcbStructInfo, *pcbStructInfo)))
6220 {
6221 ret = pCryptDecodeObject(dwCertEncodingType,
6222 lpszStructType, pbEncoded, cbEncoded, dwFlags,
6223 *(BYTE **)pvStructInfo, pcbStructInfo);
6224 if (!ret)
6225 CRYPT_FreeSpace(pDecodePara, *(BYTE **)pvStructInfo);
6226 }
6227 }
6228 else
6229 ret = pCryptDecodeObject(dwCertEncodingType, lpszStructType,
6230 pbEncoded, cbEncoded, dwFlags, pvStructInfo, pcbStructInfo);
6231 }
6232 }
6233 if (hFunc)
6234 CryptFreeOIDFunctionAddress(hFunc, 0);
6235 TRACE_(crypt)("returning %d\n", ret);
6236 return ret;
6237 }
6238
6239 BOOL WINAPI PFXIsPFXBlob(CRYPT_DATA_BLOB *pPFX)
6240 {
6241 BOOL ret;
6242
6243 TRACE_(crypt)("(%p)\n", pPFX);
6244
6245 /* A PFX blob is an asn.1-encoded sequence, consisting of at least a
6246 * version integer of length 1 (3 encoded byes) and at least one other
6247 * datum (two encoded bytes), plus at least two bytes for the outer
6248 * sequence. Thus, even an empty PFX blob is at least 7 bytes in length.
6249 */
6250 if (pPFX->cbData < 7)
6251 ret = FALSE;
6252 else if (pPFX->pbData[0] == ASN_SEQUENCE)
6253 {
6254 DWORD len;
6255
6256 if ((ret = CRYPT_GetLengthIndefinite(pPFX->pbData, pPFX->cbData, &len)))
6257 {
6258 BYTE lenLen = GET_LEN_BYTES(pPFX->pbData[1]);
6259
6260 /* Need at least three bytes for the integer version */
6261 if (pPFX->cbData < 1 + lenLen + 3)
6262 ret = FALSE;
6263 else if (pPFX->pbData[1 + lenLen] != ASN_INTEGER || /* Tag */
6264 pPFX->pbData[1 + lenLen + 1] != 1 || /* Definite length */
6265 pPFX->pbData[1 + lenLen + 2] != 3) /* PFX version */
6266 ret = FALSE;
6267 }
6268 }
6269 else
6270 ret = FALSE;
6271 return ret;
6272 }
6273
6274 HCERTSTORE WINAPI PFXImportCertStore(CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword,
6275 DWORD dwFlags)
6276 {
6277 FIXME_(crypt)("(%p, %p, %08x): stub\n", pPFX, szPassword, dwFlags);
6278 return NULL;
6279 }
6280
6281 BOOL WINAPI PFXVerifyPassword(CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword,
6282 DWORD dwFlags)
6283 {
6284 FIXME_(crypt)("(%p, %p, %08x): stub\n", pPFX, szPassword, dwFlags);
6285 return FALSE;
6286 }
Windows API implementation