2 * Copyright 2006 Juan Lang for CodeWeavers
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
25 #include "wine/debug.h"
26 #include "crypt32_private.h"
28 WINE_DEFAULT_DEBUG_CHANNEL(crypt
);
30 DWORD WINAPI
CertRDNValueToStrA(DWORD type
, PCERT_RDN_VALUE_BLOB value_blob
,
31 LPSTR value
, DWORD value_len
)
33 DWORD len
, len_mb
, ret
;
36 TRACE("(%ld, %p, %p, %ld)\n", type
, value_blob
, value
, value_len
);
38 len
= CertRDNValueToStrW(type
, value_blob
, NULL
, 0);
40 if (!(valueW
= CryptMemAlloc(len
* sizeof(*valueW
))))
43 if (value
&& value_len
) *value
= 0;
47 len
= CertRDNValueToStrW(type
, value_blob
, valueW
, len
);
48 len_mb
= WideCharToMultiByte(CP_ACP
, 0, valueW
, len
, NULL
, 0, NULL
, NULL
);
49 if (!value
|| !value_len
)
55 ret
= WideCharToMultiByte(CP_ACP
, 0, valueW
, len
, value
, value_len
, NULL
, NULL
);
65 static DWORD
rdn_value_to_strW(DWORD dwValueType
, PCERT_RDN_VALUE_BLOB pValue
,
66 LPWSTR psz
, DWORD csz
, BOOL partial_copy
)
68 DWORD ret
= 0, len
, i
;
70 TRACE("(%ld, %p, %p, %ld)\n", dwValueType
, pValue
, psz
, csz
);
74 case CERT_RDN_ANY_TYPE
:
76 case CERT_RDN_NUMERIC_STRING
:
77 case CERT_RDN_PRINTABLE_STRING
:
78 case CERT_RDN_TELETEX_STRING
:
79 case CERT_RDN_VIDEOTEX_STRING
:
80 case CERT_RDN_IA5_STRING
:
81 case CERT_RDN_GRAPHIC_STRING
:
82 case CERT_RDN_VISIBLE_STRING
:
83 case CERT_RDN_GENERAL_STRING
:
85 if (!psz
|| !csz
) ret
= len
;
86 else if (len
< csz
|| partial_copy
)
88 len
= min(len
, csz
- 1);
89 for (i
= 0; i
< len
; ++i
)
90 psz
[i
] = pValue
->pbData
[i
];
94 case CERT_RDN_BMP_STRING
:
95 case CERT_RDN_UTF8_STRING
:
96 len
= pValue
->cbData
/ sizeof(WCHAR
);
99 else if (len
< csz
|| partial_copy
)
103 len
= min(len
, csz
- 1);
104 for (i
= 0; i
< len
; ++i
)
105 ptr
[i
] = ((LPCWSTR
)pValue
->pbData
)[i
];
110 FIXME("string type %ld unimplemented\n", dwValueType
);
112 if (psz
&& csz
) psz
[ret
] = 0;
113 TRACE("returning %ld (%s)\n", ret
+ 1, debugstr_w(psz
));
117 DWORD WINAPI
CertRDNValueToStrW(DWORD dwValueType
, PCERT_RDN_VALUE_BLOB pValue
,
118 LPWSTR psz
, DWORD csz
)
120 return rdn_value_to_strW(dwValueType
, pValue
, psz
, csz
, FALSE
);
123 static inline BOOL
is_quotable_char(WCHAR c
)
142 static DWORD
quote_rdn_value_to_str_w(DWORD dwValueType
,
143 PCERT_RDN_VALUE_BLOB pValue
, LPWSTR psz
, DWORD csz
)
145 DWORD ret
= 0, len
, i
, strLen
;
146 BOOL needsQuotes
= FALSE
;
148 TRACE("(%ld, %p, %p, %ld)\n", dwValueType
, pValue
, psz
, csz
);
152 case CERT_RDN_ANY_TYPE
:
154 case CERT_RDN_NUMERIC_STRING
:
155 case CERT_RDN_PRINTABLE_STRING
:
156 case CERT_RDN_TELETEX_STRING
:
157 case CERT_RDN_VIDEOTEX_STRING
:
158 case CERT_RDN_IA5_STRING
:
159 case CERT_RDN_GRAPHIC_STRING
:
160 case CERT_RDN_VISIBLE_STRING
:
161 case CERT_RDN_GENERAL_STRING
:
162 len
= pValue
->cbData
;
163 if (pValue
->cbData
&& isspace(pValue
->pbData
[0]))
165 if (pValue
->cbData
&& isspace(pValue
->pbData
[pValue
->cbData
- 1]))
167 for (i
= 0; i
< pValue
->cbData
; i
++)
169 if (is_quotable_char(pValue
->pbData
[i
]))
171 if (pValue
->pbData
[i
] == '"')
184 for (i
= 0; i
< pValue
->cbData
&& ptr
- psz
< csz
; ptr
++, i
++)
186 *ptr
= pValue
->pbData
[i
];
187 if (pValue
->pbData
[i
] == '"' && ptr
- psz
< csz
- 1)
190 if (needsQuotes
&& ptr
- psz
< csz
)
195 case CERT_RDN_BMP_STRING
:
196 case CERT_RDN_UTF8_STRING
:
197 strLen
= len
= pValue
->cbData
/ sizeof(WCHAR
);
198 if (pValue
->cbData
&& isspace(pValue
->pbData
[0]))
200 if (pValue
->cbData
&& isspace(pValue
->pbData
[strLen
- 1]))
202 for (i
= 0; i
< strLen
; i
++)
204 if (is_quotable_char(((LPCWSTR
)pValue
->pbData
)[i
]))
206 if (((LPCWSTR
)pValue
->pbData
)[i
] == '"')
219 for (i
= 0; i
< strLen
&& ptr
- psz
< csz
; ptr
++, i
++)
221 *ptr
= ((LPCWSTR
)pValue
->pbData
)[i
];
222 if (((LPCWSTR
)pValue
->pbData
)[i
] == '"' && ptr
- psz
< csz
- 1)
225 if (needsQuotes
&& ptr
- psz
< csz
)
231 FIXME("string type %ld unimplemented\n", dwValueType
);
233 TRACE("returning %ld (%s)\n", ret
, debugstr_w(psz
));
237 DWORD WINAPI
CertNameToStrA(DWORD encoding_type
, PCERT_NAME_BLOB name_blob
, DWORD str_type
, LPSTR str
, DWORD str_len
)
239 DWORD len
, len_mb
, ret
;
242 TRACE("(%ld, %p, %08lx, %p, %ld)\n", encoding_type
, name_blob
, str_type
, str
, str_len
);
244 len
= CertNameToStrW(encoding_type
, name_blob
, str_type
, NULL
, 0);
246 if (!(strW
= CryptMemAlloc(len
* sizeof(*strW
))))
249 if (str
&& str_len
) *str
= 0;
253 len
= CertNameToStrW(encoding_type
, name_blob
, str_type
, strW
, len
);
254 len_mb
= WideCharToMultiByte(CP_ACP
, 0, strW
, len
, NULL
, 0, NULL
, NULL
);
255 if (!str
|| !str_len
)
261 ret
= WideCharToMultiByte(CP_ACP
, 0, strW
, len
, str
, str_len
, NULL
, NULL
);
271 /* Adds the prefix prefix to the wide-character string pointed to by psz,
272 * followed by the character '='. Copies no more than csz characters. Returns
273 * the number of characters copied. If psz is NULL, returns the number of
274 * characters that would be copied.
275 * Assumes the characters in prefix are ASCII (not multibyte characters.)
277 static DWORD
CRYPT_AddPrefixAToW(LPCSTR prefix
, LPWSTR psz
, DWORD csz
)
281 TRACE("(%s, %p, %ld)\n", debugstr_a(prefix
), psz
, csz
);
287 chars
= min(strlen(prefix
), csz
);
288 for (i
= 0; i
< chars
; i
++)
289 *(psz
+ i
) = prefix
[i
];
290 *(psz
+ chars
) = '=';
294 chars
= lstrlenA(prefix
) + 1;
298 /* Adds the prefix prefix to the string pointed to by psz, followed by the
299 * character '='. Copies no more than csz characters. Returns the number of
300 * characters copied. If psz is NULL, returns the number of characters that
303 static DWORD
CRYPT_AddPrefixW(LPCWSTR prefix
, LPWSTR psz
, DWORD csz
)
307 TRACE("(%s, %p, %ld)\n", debugstr_w(prefix
), psz
, csz
);
311 chars
= min(lstrlenW(prefix
), csz
);
312 memcpy(psz
, prefix
, chars
* sizeof(WCHAR
));
313 *(psz
+ chars
) = '=';
317 chars
= lstrlenW(prefix
) + 1;
321 static const WCHAR indent
[] = L
" ";
323 DWORD
cert_name_to_str_with_indent(DWORD dwCertEncodingType
, DWORD indentLevel
,
324 const CERT_NAME_BLOB
*pName
, DWORD dwStrType
, LPWSTR psz
, DWORD csz
)
326 static const DWORD unsupportedFlags
= CERT_NAME_STR_NO_QUOTING_FLAG
|
327 CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG
;
328 DWORD ret
= 0, bytes
= 0;
330 CERT_NAME_INFO
*info
;
333 if (dwStrType
& unsupportedFlags
)
334 FIXME("unsupported flags: %08lx\n", dwStrType
& unsupportedFlags
);
336 bRet
= CryptDecodeObjectEx(dwCertEncodingType
, X509_NAME
, pName
->pbData
,
337 pName
->cbData
, CRYPT_DECODE_ALLOC_FLAG
, NULL
, &info
, &bytes
);
340 DWORD i
, j
, sepLen
, rdnSepLen
;
342 BOOL reverse
= dwStrType
& CERT_NAME_STR_REVERSE_FLAG
;
343 const CERT_RDN
*rdn
= info
->rgRDN
;
345 if(reverse
&& info
->cRDN
> 1) rdn
+= (info
->cRDN
- 1);
347 if (dwStrType
& CERT_NAME_STR_SEMICOLON_FLAG
)
349 else if (dwStrType
& CERT_NAME_STR_CRLF_FLAG
)
353 sepLen
= lstrlenW(sep
);
354 if (dwStrType
& CERT_NAME_STR_NO_PLUS_FLAG
)
358 rdnSepLen
= lstrlenW(rdnSep
);
359 if (!csz
) psz
= NULL
;
360 for (i
= 0; i
< info
->cRDN
; i
++)
362 if (psz
&& ret
+ 1 == csz
) break;
363 for (j
= 0; j
< rdn
->cRDNAttr
; j
++)
365 LPCSTR prefixA
= NULL
;
366 LPCWSTR prefixW
= NULL
;
368 if (psz
&& ret
+ 1 == csz
) break;
370 if ((dwStrType
& 0x000000ff) == CERT_OID_NAME_STR
)
371 prefixA
= rdn
->rgRDNAttr
[j
].pszObjId
;
372 else if ((dwStrType
& 0x000000ff) == CERT_X500_NAME_STR
)
374 PCCRYPT_OID_INFO oidInfo
= CryptFindOIDInfo(
375 CRYPT_OID_INFO_OID_KEY
,
376 rdn
->rgRDNAttr
[j
].pszObjId
,
377 CRYPT_RDN_ATTR_OID_GROUP_ID
);
380 prefixW
= oidInfo
->pwszName
;
382 prefixA
= rdn
->rgRDNAttr
[j
].pszObjId
;
384 if (dwStrType
& CERT_NAME_STR_CRLF_FLAG
)
388 for (k
= 0; k
< indentLevel
; k
++)
392 chars
= min(lstrlenW(indent
), csz
- ret
- 1);
393 memcpy(psz
+ ret
, indent
, chars
* sizeof(WCHAR
));
396 chars
= lstrlenW(indent
);
399 if (psz
&& ret
+ 1 == csz
) break;
403 /* - 1 is needed to account for the NULL terminator. */
404 chars
= CRYPT_AddPrefixW(prefixW
,
405 psz
? psz
+ ret
: NULL
, psz
? csz
- ret
- 1 : 0);
410 /* - 1 is needed to account for the NULL terminator. */
411 chars
= CRYPT_AddPrefixAToW(prefixA
,
412 psz
? psz
+ ret
: NULL
, psz
? csz
- ret
- 1 : 0);
415 if (psz
&& ret
+ 1 == csz
) break;
417 chars
= quote_rdn_value_to_str_w(rdn
->rgRDNAttr
[j
].dwValueType
, &rdn
->rgRDNAttr
[j
].Value
,
418 psz
? psz
+ ret
: NULL
, psz
? csz
- ret
- 1 : 0);
420 if (j
< rdn
->cRDNAttr
- 1)
424 chars
= min(rdnSepLen
, csz
- ret
- 1);
425 memcpy(psz
+ ret
, rdnSep
, chars
* sizeof(WCHAR
));
428 else ret
+= rdnSepLen
;
431 if (psz
&& ret
+ 1 == csz
) break;
432 if (i
< info
->cRDN
- 1)
436 chars
= min(sepLen
, csz
- ret
- 1);
437 memcpy(psz
+ ret
, sep
, chars
* sizeof(WCHAR
));
447 if (psz
&& csz
) psz
[ret
] = 0;
451 DWORD WINAPI
CertNameToStrW(DWORD dwCertEncodingType
, PCERT_NAME_BLOB pName
,
452 DWORD dwStrType
, LPWSTR psz
, DWORD csz
)
456 TRACE("(%ld, %p, %08lx, %p, %ld)\n", dwCertEncodingType
, pName
, dwStrType
,
459 ret
= cert_name_to_str_with_indent(dwCertEncodingType
, 0, pName
, dwStrType
,
461 TRACE("Returning %s\n", debugstr_w(psz
));
465 BOOL WINAPI
CertStrToNameA(DWORD dwCertEncodingType
, LPCSTR pszX500
,
466 DWORD dwStrType
, void *pvReserved
, BYTE
*pbEncoded
, DWORD
*pcbEncoded
,
472 TRACE("(%08lx, %s, %08lx, %p, %p, %p, %p)\n", dwCertEncodingType
,
473 debugstr_a(pszX500
), dwStrType
, pvReserved
, pbEncoded
, pcbEncoded
,
476 len
= MultiByteToWideChar(CP_ACP
, 0, pszX500
, -1, NULL
, 0);
479 LPWSTR x500
, errorStr
;
481 if ((x500
= CryptMemAlloc(len
* sizeof(WCHAR
))))
483 MultiByteToWideChar(CP_ACP
, 0, pszX500
, -1, x500
, len
);
484 ret
= CertStrToNameW(dwCertEncodingType
, x500
, dwStrType
,
485 pvReserved
, pbEncoded
, pcbEncoded
,
486 ppszError
? (LPCWSTR
*)&errorStr
: NULL
);
493 *ppszError
= pszX500
;
494 for (i
= 0; i
< errorStr
- x500
; i
++)
495 *ppszError
= CharNextA(*ppszError
);
504 SetLastError(ERROR_OUTOFMEMORY
);
510 SetLastError(CRYPT_E_INVALID_X500_STRING
);
512 *ppszError
= pszX500
;
520 WCHAR buf
[10]; /* big enough for L"GivenName" */
521 LPWSTR keyName
; /* usually = buf, but may be allocated */
522 DWORD keyLen
; /* full available buffer size in WCHARs */
525 static void CRYPT_InitializeKeynameKeeper(struct KeynameKeeper
*keeper
)
527 keeper
->keyName
= keeper
->buf
;
528 keeper
->keyLen
= ARRAY_SIZE(keeper
->buf
);
531 static void CRYPT_FreeKeynameKeeper(struct KeynameKeeper
*keeper
)
533 if (keeper
->keyName
!= keeper
->buf
)
534 CryptMemFree(keeper
->keyName
);
543 static void CRYPT_KeynameKeeperFromTokenW(struct KeynameKeeper
*keeper
,
544 const struct X500TokenW
*key
)
546 DWORD len
= key
->end
- key
->start
;
548 if (len
>= keeper
->keyLen
)
550 CRYPT_FreeKeynameKeeper( keeper
);
551 keeper
->keyLen
= len
+ 1;
552 keeper
->keyName
= CryptMemAlloc(keeper
->keyLen
* sizeof(WCHAR
));
554 memcpy(keeper
->keyName
, key
->start
, len
* sizeof(WCHAR
));
555 keeper
->keyName
[len
] = '\0';
556 TRACE("Keyname is %s\n", debugstr_w(keeper
->keyName
));
559 static BOOL
CRYPT_GetNextKeyW(LPCWSTR str
, struct X500TokenW
*token
,
564 while (*str
&& iswspace(*str
))
569 while (*str
&& *str
!= '=' && !iswspace(*str
))
571 if (*str
&& (*str
== '=' || iswspace(*str
)))
575 TRACE("missing equals char at %s\n", debugstr_w(token
->start
));
577 *ppszError
= token
->start
;
578 SetLastError(CRYPT_E_INVALID_X500_STRING
);
587 /* Assumes separators are characters in the 0-255 range */
588 static BOOL
CRYPT_GetNextValueW(LPCWSTR str
, DWORD dwFlags
, LPCWSTR separators
,
589 WCHAR
*separator_used
, struct X500TokenW
*token
, LPCWSTR
*ppszError
)
593 TRACE("(%s, %s, %p, %p)\n", debugstr_w(str
), debugstr_w(separators
), token
,
597 while (*str
&& iswspace(*str
))
602 if (!(dwFlags
& CERT_NAME_STR_NO_QUOTING_FLAG
) && *str
== '"')
606 while (!token
->end
&& ret
)
608 while (*str
&& *str
!= '"')
612 if (*(str
+ 1) != '"')
613 token
->end
= str
+ 1;
619 TRACE("unterminated quote at %s\n", debugstr_w(str
));
622 SetLastError(CRYPT_E_INVALID_X500_STRING
);
629 WCHAR map
[256] = { 0 };
632 map
[*separators
++] = 1;
633 while (*str
&& (*str
>= 0xff || !map
[*str
]))
636 if (map
[*str
]) *separator_used
= *str
;
641 TRACE("missing value at %s\n", debugstr_w(str
));
644 SetLastError(CRYPT_E_INVALID_X500_STRING
);
650 /* Encodes the string represented by value as the string type type into the
651 * CERT_NAME_BLOB output. If there is an error and ppszError is not NULL,
652 * *ppszError is set to the first failing character. If there is no error,
653 * output's pbData must be freed with LocalFree.
655 static BOOL
CRYPT_EncodeValueWithType(DWORD dwCertEncodingType
,
656 const struct X500TokenW
*value
, PCERT_NAME_BLOB output
, DWORD type
,
659 CERT_NAME_VALUE nameValue
= { type
, { 0, NULL
} };
662 if (value
->end
> value
->start
)
667 nameValue
.Value
.pbData
= CryptMemAlloc((value
->end
- value
->start
+ 1) *
669 if (!nameValue
.Value
.pbData
)
671 SetLastError(ERROR_OUTOFMEMORY
);
674 ptr
= (LPWSTR
)nameValue
.Value
.pbData
;
675 for (i
= 0; i
< value
->end
- value
->start
; i
++)
677 *ptr
++ = value
->start
[i
];
678 if (value
->start
[i
] == '"')
681 /* The string is NULL terminated because of a quirk in encoding
682 * unicode names values: if the length is given as 0, the value is
683 * assumed to be a NULL-terminated string.
686 nameValue
.Value
.cbData
= (LPBYTE
)ptr
- nameValue
.Value
.pbData
;
688 ret
= CryptEncodeObjectEx(dwCertEncodingType
, X509_UNICODE_NAME_VALUE
,
689 &nameValue
, CRYPT_ENCODE_ALLOC_FLAG
, NULL
, &output
->pbData
,
691 if (!ret
&& ppszError
)
693 if (type
== CERT_RDN_NUMERIC_STRING
&&
694 GetLastError() == CRYPT_E_INVALID_NUMERIC_STRING
)
695 *ppszError
= value
->start
+ output
->cbData
;
696 else if (type
== CERT_RDN_PRINTABLE_STRING
&&
697 GetLastError() == CRYPT_E_INVALID_PRINTABLE_STRING
)
698 *ppszError
= value
->start
+ output
->cbData
;
699 else if (type
== CERT_RDN_IA5_STRING
&&
700 GetLastError() == CRYPT_E_INVALID_IA5_STRING
)
701 *ppszError
= value
->start
+ output
->cbData
;
703 CryptMemFree(nameValue
.Value
.pbData
);
707 static BOOL
CRYPT_EncodeValue(DWORD dwCertEncodingType
,
708 const struct X500TokenW
*value
, PCERT_NAME_BLOB output
, const DWORD
*types
,
715 for (i
= 0; !ret
&& types
[i
]; i
++)
716 ret
= CRYPT_EncodeValueWithType(dwCertEncodingType
, value
, output
,
717 types
[i
], ppszError
);
721 static BOOL
CRYPT_ValueToRDN(DWORD dwCertEncodingType
, PCERT_NAME_INFO info
,
722 PCCRYPT_OID_INFO keyOID
, struct X500TokenW
*value
, DWORD dwStrType
, LPCWSTR
*ppszError
)
726 TRACE("OID %s, value %s\n", debugstr_a(keyOID
->pszOID
),
727 debugstr_wn(value
->start
, value
->end
- value
->start
));
730 info
->rgRDN
= CryptMemAlloc(sizeof(CERT_RDN
));
732 info
->rgRDN
= CryptMemRealloc(info
->rgRDN
,
733 (info
->cRDN
+ 1) * sizeof(CERT_RDN
));
736 /* FIXME: support multiple RDN attrs */
737 info
->rgRDN
[info
->cRDN
].rgRDNAttr
=
738 CryptMemAlloc(sizeof(CERT_RDN_ATTR
));
739 if (info
->rgRDN
[info
->cRDN
].rgRDNAttr
)
741 static const DWORD defaultTypes
[] = { CERT_RDN_PRINTABLE_STRING
,
742 CERT_RDN_BMP_STRING
, 0 };
745 info
->rgRDN
[info
->cRDN
].cRDNAttr
= 1;
746 info
->rgRDN
[info
->cRDN
].rgRDNAttr
[0].pszObjId
=
747 (LPSTR
)keyOID
->pszOID
;
748 info
->rgRDN
[info
->cRDN
].rgRDNAttr
[0].dwValueType
=
749 CERT_RDN_ENCODED_BLOB
;
750 if (keyOID
->ExtraInfo
.cbData
)
751 types
= (const DWORD
*)keyOID
->ExtraInfo
.pbData
;
753 types
= defaultTypes
;
755 /* Remove surrounding quotes */
756 if (value
->start
[0] == '"' && !(dwStrType
& CERT_NAME_STR_NO_QUOTING_FLAG
))
761 ret
= CRYPT_EncodeValue(dwCertEncodingType
, value
,
762 &info
->rgRDN
[info
->cRDN
].rgRDNAttr
[0].Value
, types
, ppszError
);
765 SetLastError(ERROR_OUTOFMEMORY
);
769 SetLastError(ERROR_OUTOFMEMORY
);
773 BOOL WINAPI
CertStrToNameW(DWORD dwCertEncodingType
, LPCWSTR pszX500
,
774 DWORD dwStrType
, void *pvReserved
, BYTE
*pbEncoded
, DWORD
*pcbEncoded
,
777 CERT_NAME_INFO info
= { 0, NULL
};
779 struct KeynameKeeper keeper
;
783 TRACE("(%08lx, %s, %08lx, %p, %p, %p, %p)\n", dwCertEncodingType
,
784 debugstr_w(pszX500
), dwStrType
, pvReserved
, pbEncoded
, pcbEncoded
,
787 CRYPT_InitializeKeynameKeeper(&keeper
);
789 while (str
&& *str
&& ret
)
791 struct X500TokenW token
;
793 ret
= CRYPT_GetNextKeyW(str
, &token
, ppszError
);
794 if (ret
&& token
.start
)
796 PCCRYPT_OID_INFO keyOID
;
798 CRYPT_KeynameKeeperFromTokenW(&keeper
, &token
);
799 keyOID
= CryptFindOIDInfo(CRYPT_OID_INFO_NAME_KEY
, keeper
.keyName
,
800 CRYPT_RDN_ATTR_OID_GROUP_ID
);
804 *ppszError
= token
.start
;
805 SetLastError(CRYPT_E_INVALID_X500_STRING
);
811 while (iswspace(*str
))
817 SetLastError(CRYPT_E_INVALID_X500_STRING
);
826 if (dwStrType
& CERT_NAME_STR_COMMA_FLAG
)
828 else if (dwStrType
& CERT_NAME_STR_SEMICOLON_FLAG
)
830 else if (dwStrType
& CERT_NAME_STR_CRLF_FLAG
)
832 else if (dwStrType
& CERT_NAME_STR_NO_PLUS_FLAG
)
836 ret
= CRYPT_GetNextValueW(str
, dwStrType
, sep
, &sep_used
, &token
,
841 /* if token.end points to the separator, skip it */
842 if (str
&& sep_used
&& *str
== sep_used
) str
++;
844 ret
= CRYPT_ValueToRDN(dwCertEncodingType
, &info
,
845 keyOID
, &token
, dwStrType
, ppszError
);
851 CRYPT_FreeKeynameKeeper(&keeper
);
856 ret
= CryptEncodeObjectEx(dwCertEncodingType
, X509_NAME
, &info
,
857 0, NULL
, pbEncoded
, pcbEncoded
);
859 for (i
= 0; i
< info
.cRDN
; i
++)
863 for (j
= 0; j
< info
.rgRDN
[i
].cRDNAttr
; j
++)
864 LocalFree(info
.rgRDN
[i
].rgRDNAttr
[j
].Value
.pbData
);
865 CryptMemFree(info
.rgRDN
[i
].rgRDNAttr
);
867 CryptMemFree(info
.rgRDN
);
871 DWORD WINAPI
CertGetNameStringA(PCCERT_CONTEXT cert
, DWORD type
,
872 DWORD flags
, void *type_para
, LPSTR name
, DWORD name_len
)
874 DWORD len
, len_mb
, ret
;
877 TRACE("(%p, %ld, %08lx, %p, %p, %ld)\n", cert
, type
, flags
, type_para
, name
, name_len
);
879 len
= CertGetNameStringW(cert
, type
, flags
, type_para
, NULL
, 0);
881 if (!(nameW
= CryptMemAlloc(len
* sizeof(*nameW
))))
884 if (name
&& name_len
) *name
= 0;
888 len
= CertGetNameStringW(cert
, type
, flags
, type_para
, nameW
, len
);
889 len_mb
= WideCharToMultiByte(CP_ACP
, 0, nameW
, len
, NULL
, 0, NULL
, NULL
);
890 if (!name
|| !name_len
)
896 ret
= WideCharToMultiByte(CP_ACP
, 0, nameW
, len
, name
, name_len
, NULL
, NULL
);
906 static BOOL
cert_get_alt_name_info(PCCERT_CONTEXT cert
, BOOL alt_name_issuer
, PCERT_ALT_NAME_INFO
*info
)
908 static const char *oids
[][2] =
910 { szOID_SUBJECT_ALT_NAME2
, szOID_SUBJECT_ALT_NAME
},
911 { szOID_ISSUER_ALT_NAME2
, szOID_ISSUER_ALT_NAME
},
916 ext
= CertFindExtension(oids
[!!alt_name_issuer
][0], cert
->pCertInfo
->cExtension
, cert
->pCertInfo
->rgExtension
);
918 ext
= CertFindExtension(oids
[!!alt_name_issuer
][1], cert
->pCertInfo
->cExtension
, cert
->pCertInfo
->rgExtension
);
919 if (!ext
) return FALSE
;
921 return CryptDecodeObjectEx(cert
->dwCertEncodingType
, X509_ALTERNATE_NAME
, ext
->Value
.pbData
, ext
->Value
.cbData
,
922 CRYPT_DECODE_ALLOC_FLAG
, NULL
, info
, &bytes
);
925 static PCERT_ALT_NAME_ENTRY
cert_find_next_alt_name_entry(PCERT_ALT_NAME_INFO info
, DWORD entry_type
,
930 for (i
= *index
; i
< info
->cAltEntry
; ++i
)
931 if (info
->rgAltEntry
[i
].dwAltNameChoice
== entry_type
)
934 return &info
->rgAltEntry
[i
];
939 /* Searches cert's extensions for the alternate name extension with OID
940 * altNameOID, and if found, searches it for the alternate name type entryType.
941 * If found, returns a pointer to the entry, otherwise returns NULL.
942 * Regardless of whether an entry of the desired type is found, if the
943 * alternate name extension is present, sets *info to the decoded alternate
944 * name extension, which you must free using LocalFree.
945 * The return value is a pointer within *info, so don't free *info before
946 * you're done with the return value.
948 static PCERT_ALT_NAME_ENTRY
cert_find_alt_name_entry(PCCERT_CONTEXT cert
, BOOL alt_name_issuer
,
949 DWORD entry_type
, PCERT_ALT_NAME_INFO
*info
)
951 unsigned int index
= 0;
953 if (!cert_get_alt_name_info(cert
, alt_name_issuer
, info
)) return NULL
;
954 return cert_find_next_alt_name_entry(*info
, entry_type
, &index
);
957 static DWORD
cert_get_name_from_rdn_attr(DWORD encodingType
,
958 const CERT_NAME_BLOB
*name
, LPCSTR oid
, LPWSTR pszNameString
, DWORD cchNameString
)
960 CERT_NAME_INFO
*nameInfo
;
961 DWORD bytes
= 0, ret
= 0;
963 if (CryptDecodeObjectEx(encodingType
, X509_NAME
, name
->pbData
,
964 name
->cbData
, CRYPT_DECODE_ALLOC_FLAG
, NULL
, &nameInfo
, &bytes
))
966 PCERT_RDN_ATTR nameAttr
= NULL
;
969 nameAttr
= CertFindRDNAttr(oid
, nameInfo
);
972 static const LPCSTR attributeOIDs
[] =
974 szOID_RSA_emailAddr
, szOID_COMMON_NAME
,
975 szOID_ORGANIZATIONAL_UNIT_NAME
, szOID_ORGANIZATION_NAME
979 for (i
= 0; !nameAttr
&& i
< ARRAY_SIZE(attributeOIDs
); i
++)
980 nameAttr
= CertFindRDNAttr(attributeOIDs
[i
], nameInfo
);
983 ret
= rdn_value_to_strW(nameAttr
->dwValueType
, &nameAttr
->Value
,
984 pszNameString
, cchNameString
, TRUE
);
990 static DWORD
copy_output_str(WCHAR
*dst
, const WCHAR
*src
, DWORD dst_size
)
992 DWORD len
= wcslen(src
);
994 if (!dst
|| !dst_size
) return len
+ 1;
995 len
= min(len
, dst_size
- 1);
996 memcpy(dst
, src
, len
* sizeof(*dst
));
1001 DWORD WINAPI
CertGetNameStringW(PCCERT_CONTEXT cert
, DWORD type
, DWORD flags
, void *type_para
,
1002 LPWSTR name_string
, DWORD name_len
)
1004 static const DWORD supported_flags
= CERT_NAME_ISSUER_FLAG
| CERT_NAME_SEARCH_ALL_NAMES_FLAG
;
1005 BOOL alt_name_issuer
, search_all_names
;
1006 CERT_ALT_NAME_INFO
*info
= NULL
;
1007 PCERT_ALT_NAME_ENTRY entry
;
1008 PCERT_NAME_BLOB name
;
1011 TRACE("(%p, %ld, %08lx, %p, %p, %ld)\n", cert
, type
, flags
, type_para
, name_string
, name_len
);
1016 if (flags
& ~supported_flags
)
1017 FIXME("Unsupported flags %#lx.\n", flags
);
1019 search_all_names
= flags
& CERT_NAME_SEARCH_ALL_NAMES_FLAG
;
1020 if (search_all_names
&& type
!= CERT_NAME_DNS_TYPE
)
1022 WARN("CERT_NAME_SEARCH_ALL_NAMES_FLAG used with type %lu.\n", type
);
1026 alt_name_issuer
= flags
& CERT_NAME_ISSUER_FLAG
;
1027 name
= alt_name_issuer
? &cert
->pCertInfo
->Issuer
: &cert
->pCertInfo
->Subject
;
1031 case CERT_NAME_EMAIL_TYPE
:
1033 entry
= cert_find_alt_name_entry(cert
, alt_name_issuer
, CERT_ALT_NAME_RFC822_NAME
, &info
);
1037 ret
= copy_output_str(name_string
, entry
->pwszRfc822Name
, name_len
);
1040 ret
= cert_get_name_from_rdn_attr(cert
->dwCertEncodingType
, name
, szOID_RSA_emailAddr
,
1041 name_string
, name_len
);
1044 case CERT_NAME_RDN_TYPE
:
1046 DWORD param
= type_para
? *(DWORD
*)type_para
: 0;
1050 ret
= CertNameToStrW(cert
->dwCertEncodingType
, name
, param
, name_string
, name_len
);
1054 entry
= cert_find_alt_name_entry(cert
, alt_name_issuer
, CERT_ALT_NAME_DIRECTORY_NAME
, &info
);
1057 ret
= CertNameToStrW(cert
->dwCertEncodingType
, &entry
->DirectoryName
,
1058 param
, name_string
, name_len
);
1062 case CERT_NAME_ATTR_TYPE
:
1063 ret
= cert_get_name_from_rdn_attr(cert
->dwCertEncodingType
, name
, type_para
,
1064 name_string
, name_len
);
1067 entry
= cert_find_alt_name_entry(cert
, alt_name_issuer
, CERT_ALT_NAME_DIRECTORY_NAME
, &info
);
1070 ret
= cert_name_to_str_with_indent(X509_ASN_ENCODING
, 0, &entry
->DirectoryName
,
1071 0, name_string
, name_len
);
1073 case CERT_NAME_SIMPLE_DISPLAY_TYPE
:
1075 static const LPCSTR simpleAttributeOIDs
[] =
1077 szOID_COMMON_NAME
, szOID_ORGANIZATIONAL_UNIT_NAME
, szOID_ORGANIZATION_NAME
, szOID_RSA_emailAddr
1079 CERT_NAME_INFO
*nameInfo
= NULL
;
1082 if (CryptDecodeObjectEx(cert
->dwCertEncodingType
, X509_NAME
, name
->pbData
, name
->cbData
,
1083 CRYPT_DECODE_ALLOC_FLAG
, NULL
, &nameInfo
, &bytes
))
1085 PCERT_RDN_ATTR nameAttr
= NULL
;
1087 for (i
= 0; !nameAttr
&& i
< ARRAY_SIZE(simpleAttributeOIDs
); i
++)
1088 nameAttr
= CertFindRDNAttr(simpleAttributeOIDs
[i
], nameInfo
);
1090 ret
= rdn_value_to_strW(nameAttr
->dwValueType
, &nameAttr
->Value
, name_string
, name_len
, TRUE
);
1091 LocalFree(nameInfo
);
1094 entry
= cert_find_alt_name_entry(cert
, alt_name_issuer
, CERT_ALT_NAME_RFC822_NAME
, &info
);
1096 if (!entry
&& info
->cAltEntry
)
1097 entry
= &info
->rgAltEntry
[0];
1098 if (entry
) ret
= copy_output_str(name_string
, entry
->pwszRfc822Name
, name_len
);
1101 case CERT_NAME_FRIENDLY_DISPLAY_TYPE
:
1103 DWORD len
= name_len
;
1105 if (CertGetCertificateContextProperty(cert
, CERT_FRIENDLY_NAME_PROP_ID
, name_string
, &len
))
1108 ret
= CertGetNameStringW(cert
, CERT_NAME_SIMPLE_DISPLAY_TYPE
, flags
,
1109 type_para
, name_string
, name_len
);
1112 case CERT_NAME_DNS_TYPE
:
1114 unsigned int index
= 0, len
;
1116 if (cert_get_alt_name_info(cert
, alt_name_issuer
, &info
)
1117 && (entry
= cert_find_next_alt_name_entry(info
, CERT_ALT_NAME_DNS_NAME
, &index
)))
1119 if (search_all_names
)
1123 if (name_string
&& name_len
== 1) break;
1124 ret
+= len
= copy_output_str(name_string
, entry
->pwszDNSName
, name_len
? name_len
- 1 : 0);
1125 if (name_string
&& name_len
)
1131 while ((entry
= cert_find_next_alt_name_entry(info
, CERT_ALT_NAME_DNS_NAME
, &index
)));
1133 else ret
= copy_output_str(name_string
, entry
->pwszDNSName
, name_len
);
1137 if (!search_all_names
|| name_len
!= 1)
1139 len
= search_all_names
&& name_len
? name_len
- 1 : name_len
;
1140 ret
= cert_get_name_from_rdn_attr(cert
->dwCertEncodingType
, name
, szOID_COMMON_NAME
,
1142 if (name_string
) name_string
+= ret
;
1146 if (search_all_names
)
1148 if (name_string
&& name_len
) *name_string
= 0;
1153 case CERT_NAME_URL_TYPE
:
1155 if ((entry
= cert_find_alt_name_entry(cert
, alt_name_issuer
, CERT_ALT_NAME_URL
, &info
)))
1156 ret
= copy_output_str(name_string
, entry
->pwszURL
, name_len
);
1160 FIXME("unimplemented for type %lu.\n", type
);
1171 if (name_string
&& name_len
) name_string
[0] = 0;