Release 2.0-rc1.
[wine.git] / dlls / cryptdlg / main.c
blobe3eaec1e19f38ba927a0c3758b3beff0ea98c19c
1 /*
2 * Copyright 2008 Maarten Lankhorst
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 #define NONAMELESSUNION
21 #include "config.h"
23 #include <stdarg.h>
25 #include "windef.h"
26 #include "winbase.h"
27 #include "winnls.h"
28 #include "winreg.h"
29 #include "wincrypt.h"
30 #include "wintrust.h"
31 #include "winuser.h"
32 #include "objbase.h"
33 #include "cryptdlg.h"
34 #include "cryptuiapi.h"
35 #include "cryptres.h"
36 #include "wine/unicode.h"
37 #include "wine/debug.h"
39 WINE_DEFAULT_DEBUG_CHANNEL(cryptdlg);
41 static HINSTANCE hInstance;
43 BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
45 TRACE("(0x%p, %d, %p)\n", hinstDLL, fdwReason, lpvReserved);
47 switch (fdwReason)
49 case DLL_WINE_PREATTACH:
50 return FALSE; /* prefer native version */
51 case DLL_PROCESS_ATTACH:
52 DisableThreadLibraryCalls(hinstDLL);
53 hInstance = hinstDLL;
54 break;
56 return TRUE;
59 /***********************************************************************
60 * GetFriendlyNameOfCertA (CRYPTDLG.@)
62 DWORD WINAPI GetFriendlyNameOfCertA(PCCERT_CONTEXT pccert, LPSTR pchBuffer,
63 DWORD cchBuffer)
65 return CertGetNameStringA(pccert, CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL,
66 pchBuffer, cchBuffer);
69 /***********************************************************************
70 * GetFriendlyNameOfCertW (CRYPTDLG.@)
72 DWORD WINAPI GetFriendlyNameOfCertW(PCCERT_CONTEXT pccert, LPWSTR pchBuffer,
73 DWORD cchBuffer)
75 return CertGetNameStringW(pccert, CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL,
76 pchBuffer, cchBuffer);
79 /***********************************************************************
80 * CertTrustInit (CRYPTDLG.@)
82 HRESULT WINAPI CertTrustInit(CRYPT_PROVIDER_DATA *pProvData)
84 HRESULT ret = S_FALSE;
86 TRACE("(%p)\n", pProvData);
88 if (pProvData->padwTrustStepErrors &&
89 !pProvData->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_WVTINIT])
90 ret = S_OK;
91 TRACE("returning %08x\n", ret);
92 return ret;
95 /***********************************************************************
96 * CertTrustCertPolicy (CRYPTDLG.@)
98 BOOL WINAPI CertTrustCertPolicy(CRYPT_PROVIDER_DATA *pProvData, DWORD idxSigner, BOOL fCounterSignerChain, DWORD idxCounterSigner)
100 FIXME("(%p, %d, %s, %d)\n", pProvData, idxSigner, fCounterSignerChain ? "TRUE" : "FALSE", idxCounterSigner);
101 return FALSE;
104 /***********************************************************************
105 * CertTrustCleanup (CRYPTDLG.@)
107 HRESULT WINAPI CertTrustCleanup(CRYPT_PROVIDER_DATA *pProvData)
109 FIXME("(%p)\n", pProvData);
110 return E_NOTIMPL;
113 static BOOL CRYPTDLG_CheckOnlineCRL(void)
115 static const WCHAR policyFlagsKey[] = { 'S','o','f','t','w','a','r','e',
116 '\\','M','i','c','r','o','s','o','f','t','\\','C','r','y','p','t','o','g',
117 'r','a','p','h','y','\\','{','7','8','0','1','e','b','d','0','-','c','f',
118 '4','b','-','1','1','d','0','-','8','5','1','f','-','0','0','6','0','9',
119 '7','9','3','8','7','e','a','}',0 };
120 static const WCHAR policyFlags[] = { 'P','o','l','i','c','y','F','l','a',
121 'g','s',0 };
122 HKEY key;
123 BOOL ret = FALSE;
125 if (!RegOpenKeyExW(HKEY_LOCAL_MACHINE, policyFlagsKey, 0, KEY_READ, &key))
127 DWORD type, flags, size = sizeof(flags);
129 if (!RegQueryValueExW(key, policyFlags, NULL, &type, (BYTE *)&flags,
130 &size) && type == REG_DWORD)
132 /* The flag values aren't defined in any header I'm aware of, but
133 * this value is well documented on the net.
135 if (flags & 0x00010000)
136 ret = TRUE;
138 RegCloseKey(key);
140 return ret;
143 /* Returns TRUE if pCert is not in the Disallowed system store, or FALSE if it
144 * is.
146 static BOOL CRYPTDLG_IsCertAllowed(PCCERT_CONTEXT pCert)
148 BOOL ret;
149 BYTE hash[20];
150 DWORD size = sizeof(hash);
152 if ((ret = CertGetCertificateContextProperty(pCert,
153 CERT_SIGNATURE_HASH_PROP_ID, hash, &size)))
155 static const WCHAR disallowedW[] =
156 { 'D','i','s','a','l','l','o','w','e','d',0 };
157 HCERTSTORE disallowed = CertOpenStore(CERT_STORE_PROV_SYSTEM_W,
158 X509_ASN_ENCODING, 0, CERT_SYSTEM_STORE_CURRENT_USER, disallowedW);
160 if (disallowed)
162 PCCERT_CONTEXT found = CertFindCertificateInStore(disallowed,
163 X509_ASN_ENCODING, 0, CERT_FIND_SIGNATURE_HASH, hash, NULL);
165 if (found)
167 ret = FALSE;
168 CertFreeCertificateContext(found);
170 CertCloseStore(disallowed, 0);
173 return ret;
176 static DWORD CRYPTDLG_TrustStatusToConfidence(DWORD errorStatus)
178 DWORD confidence = 0;
180 confidence = 0;
181 if (!(errorStatus & CERT_TRUST_IS_NOT_SIGNATURE_VALID))
182 confidence |= CERT_CONFIDENCE_SIG;
183 if (!(errorStatus & CERT_TRUST_IS_NOT_TIME_VALID))
184 confidence |= CERT_CONFIDENCE_TIME;
185 if (!(errorStatus & CERT_TRUST_IS_NOT_TIME_NESTED))
186 confidence |= CERT_CONFIDENCE_TIMENEST;
187 return confidence;
190 static BOOL CRYPTDLG_CopyChain(CRYPT_PROVIDER_DATA *data,
191 PCCERT_CHAIN_CONTEXT chain)
193 BOOL ret;
194 CRYPT_PROVIDER_SGNR signer;
195 PCERT_SIMPLE_CHAIN simpleChain = chain->rgpChain[0];
196 DWORD i;
198 memset(&signer, 0, sizeof(signer));
199 signer.cbStruct = sizeof(signer);
200 ret = data->psPfns->pfnAddSgnr2Chain(data, FALSE, 0, &signer);
201 if (ret)
203 CRYPT_PROVIDER_SGNR *sgnr = WTHelperGetProvSignerFromChain(data, 0,
204 FALSE, 0);
206 if (sgnr)
208 sgnr->dwError = simpleChain->TrustStatus.dwErrorStatus;
209 sgnr->pChainContext = CertDuplicateCertificateChain(chain);
211 else
212 ret = FALSE;
213 for (i = 0; ret && i < simpleChain->cElement; i++)
215 ret = data->psPfns->pfnAddCert2Chain(data, 0, FALSE, 0,
216 simpleChain->rgpElement[i]->pCertContext);
217 if (ret)
219 CRYPT_PROVIDER_CERT *cert;
221 if ((cert = WTHelperGetProvCertFromChain(sgnr, i)))
223 CERT_CHAIN_ELEMENT *element = simpleChain->rgpElement[i];
225 cert->dwConfidence = CRYPTDLG_TrustStatusToConfidence(
226 element->TrustStatus.dwErrorStatus);
227 cert->dwError = element->TrustStatus.dwErrorStatus;
228 cert->pChainElement = element;
230 else
231 ret = FALSE;
235 return ret;
238 static CERT_VERIFY_CERTIFICATE_TRUST *CRYPTDLG_GetVerifyData(
239 CRYPT_PROVIDER_DATA *data)
241 CERT_VERIFY_CERTIFICATE_TRUST *pCert = NULL;
243 /* This should always be true, but just in case the calling function is
244 * called directly:
246 if (data->pWintrustData->dwUnionChoice == WTD_CHOICE_BLOB &&
247 data->pWintrustData->u.pBlob && data->pWintrustData->u.pBlob->cbMemObject ==
248 sizeof(CERT_VERIFY_CERTIFICATE_TRUST) &&
249 data->pWintrustData->u.pBlob->pbMemObject)
250 pCert = (CERT_VERIFY_CERTIFICATE_TRUST *)
251 data->pWintrustData->u.pBlob->pbMemObject;
252 return pCert;
255 static HCERTCHAINENGINE CRYPTDLG_MakeEngine(CERT_VERIFY_CERTIFICATE_TRUST *cert)
257 HCERTCHAINENGINE engine = NULL;
258 HCERTSTORE root = NULL, trust = NULL;
259 DWORD i;
261 if (cert->cRootStores)
263 root = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
264 CERT_STORE_CREATE_NEW_FLAG, NULL);
265 if (root)
267 for (i = 0; i < cert->cRootStores; i++)
268 CertAddStoreToCollection(root, cert->rghstoreRoots[i], 0, 0);
271 if (cert->cTrustStores)
273 trust = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
274 CERT_STORE_CREATE_NEW_FLAG, NULL);
275 if (trust)
277 for (i = 0; i < cert->cTrustStores; i++)
278 CertAddStoreToCollection(trust, cert->rghstoreTrust[i], 0, 0);
281 if (cert->cRootStores || cert->cStores || cert->cTrustStores)
283 CERT_CHAIN_ENGINE_CONFIG config;
285 memset(&config, 0, sizeof(config));
286 config.cbSize = sizeof(config);
287 config.hRestrictedRoot = root;
288 config.hRestrictedTrust = trust;
289 config.cAdditionalStore = cert->cStores;
290 config.rghAdditionalStore = cert->rghstoreCAs;
291 config.hRestrictedRoot = root;
292 CertCreateCertificateChainEngine(&config, &engine);
293 CertCloseStore(root, 0);
294 CertCloseStore(trust, 0);
296 return engine;
299 /***********************************************************************
300 * CertTrustFinalPolicy (CRYPTDLG.@)
302 HRESULT WINAPI CertTrustFinalPolicy(CRYPT_PROVIDER_DATA *data)
304 BOOL ret;
305 DWORD err = S_OK;
306 CERT_VERIFY_CERTIFICATE_TRUST *pCert = CRYPTDLG_GetVerifyData(data);
308 TRACE("(%p)\n", data);
310 if (data->pWintrustData->dwUIChoice != WTD_UI_NONE)
311 FIXME("unimplemented for UI choice %d\n",
312 data->pWintrustData->dwUIChoice);
313 if (pCert)
315 DWORD flags = 0;
316 CERT_CHAIN_PARA chainPara;
317 HCERTCHAINENGINE engine;
319 memset(&chainPara, 0, sizeof(chainPara));
320 chainPara.cbSize = sizeof(chainPara);
321 if (CRYPTDLG_CheckOnlineCRL())
322 flags |= CERT_CHAIN_REVOCATION_CHECK_END_CERT;
323 engine = CRYPTDLG_MakeEngine(pCert);
324 GetSystemTimeAsFileTime(&data->sftSystemTime);
325 ret = CRYPTDLG_IsCertAllowed(pCert->pccert);
326 if (ret)
328 PCCERT_CHAIN_CONTEXT chain;
330 ret = CertGetCertificateChain(engine, pCert->pccert,
331 &data->sftSystemTime, NULL, &chainPara, flags, NULL, &chain);
332 if (ret)
334 if (chain->cChain != 1)
336 FIXME("unimplemented for more than 1 simple chain\n");
337 err = TRUST_E_SUBJECT_FORM_UNKNOWN;
338 ret = FALSE;
340 else if ((ret = CRYPTDLG_CopyChain(data, chain)))
342 if (CertVerifyTimeValidity(&data->sftSystemTime,
343 pCert->pccert->pCertInfo))
345 ret = FALSE;
346 err = CERT_E_EXPIRED;
349 else
350 err = TRUST_E_SYSTEM_ERROR;
351 CertFreeCertificateChain(chain);
353 else
354 err = TRUST_E_SUBJECT_NOT_TRUSTED;
356 CertFreeCertificateChainEngine(engine);
358 else
360 ret = FALSE;
361 err = TRUST_E_NOSIGNATURE;
363 /* Oddly, native doesn't set the error in the trust step error location,
364 * probably because this action is more advisory than anything else.
365 * Instead it stores it as the final error, but the function "succeeds" in
366 * any case.
368 if (!ret)
369 data->dwFinalError = err;
370 TRACE("returning %d (%08x)\n", S_OK, data->dwFinalError);
371 return S_OK;
374 /***********************************************************************
375 * CertViewPropertiesA (CRYPTDLG.@)
377 BOOL WINAPI CertViewPropertiesA(CERT_VIEWPROPERTIES_STRUCT_A *info)
379 CERT_VIEWPROPERTIES_STRUCT_W infoW;
380 LPWSTR title = NULL;
381 BOOL ret;
383 TRACE("(%p)\n", info);
385 memcpy(&infoW, info, sizeof(infoW));
386 if (info->szTitle)
388 int len = MultiByteToWideChar(CP_ACP, 0, info->szTitle, -1, NULL, 0);
390 title = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
391 if (title)
393 MultiByteToWideChar(CP_ACP, 0, info->szTitle, -1, title, len);
394 infoW.szTitle = title;
396 else
398 ret = FALSE;
399 goto error;
402 ret = CertViewPropertiesW(&infoW);
403 HeapFree(GetProcessHeap(), 0, title);
404 error:
405 return ret;
408 /***********************************************************************
409 * CertViewPropertiesW (CRYPTDLG.@)
411 BOOL WINAPI CertViewPropertiesW(CERT_VIEWPROPERTIES_STRUCT_W *info)
413 static GUID cert_action_verify = CERT_CERTIFICATE_ACTION_VERIFY;
414 CERT_VERIFY_CERTIFICATE_TRUST trust;
415 WINTRUST_BLOB_INFO blob;
416 WINTRUST_DATA wtd;
417 LONG err;
418 BOOL ret;
420 TRACE("(%p)\n", info);
422 memset(&trust, 0, sizeof(trust));
423 trust.cbSize = sizeof(trust);
424 trust.pccert = info->pCertContext;
425 trust.cRootStores = info->cRootStores;
426 trust.rghstoreRoots = info->rghstoreRoots;
427 trust.cStores = info->cStores;
428 trust.rghstoreCAs = info->rghstoreCAs;
429 trust.cTrustStores = info->cTrustStores;
430 trust.rghstoreTrust = info->rghstoreTrust;
431 memset(&blob, 0, sizeof(blob));
432 blob.cbStruct = sizeof(blob);
433 blob.cbMemObject = sizeof(trust);
434 blob.pbMemObject = (BYTE *)&trust;
435 memset(&wtd, 0, sizeof(wtd));
436 wtd.cbStruct = sizeof(wtd);
437 wtd.dwUIChoice = WTD_UI_NONE;
438 wtd.dwUnionChoice = WTD_CHOICE_BLOB;
439 wtd.u.pBlob = &blob;
440 wtd.dwStateAction = WTD_STATEACTION_VERIFY;
441 err = WinVerifyTrust(NULL, &cert_action_verify, &wtd);
442 if (err == ERROR_SUCCESS)
444 CRYPTUI_VIEWCERTIFICATE_STRUCTW uiInfo;
445 BOOL propsChanged = FALSE;
447 memset(&uiInfo, 0, sizeof(uiInfo));
448 uiInfo.dwSize = sizeof(uiInfo);
449 uiInfo.hwndParent = info->hwndParent;
450 uiInfo.dwFlags =
451 CRYPTUI_DISABLE_ADDTOSTORE | CRYPTUI_ENABLE_EDITPROPERTIES;
452 uiInfo.szTitle = info->szTitle;
453 uiInfo.pCertContext = info->pCertContext;
454 uiInfo.cPurposes = info->cArrayPurposes;
455 uiInfo.rgszPurposes = (LPCSTR *)info->arrayPurposes;
456 uiInfo.u.hWVTStateData = wtd.hWVTStateData;
457 uiInfo.fpCryptProviderDataTrustedUsage = TRUE;
458 uiInfo.cPropSheetPages = info->cArrayPropSheetPages;
459 uiInfo.rgPropSheetPages = info->arrayPropSheetPages;
460 uiInfo.nStartPage = info->nStartPage;
461 ret = CryptUIDlgViewCertificateW(&uiInfo, &propsChanged);
462 wtd.dwStateAction = WTD_STATEACTION_CLOSE;
463 WinVerifyTrust(NULL, &cert_action_verify, &wtd);
465 else
466 ret = FALSE;
467 return ret;
470 static BOOL CRYPT_FormatHexString(const BYTE *pbEncoded, DWORD cbEncoded,
471 WCHAR *str, DWORD *pcchStr)
473 BOOL ret;
474 DWORD charsNeeded;
476 if (cbEncoded)
477 charsNeeded = (cbEncoded * 3);
478 else
479 charsNeeded = 1;
480 if (!str)
482 *pcchStr = charsNeeded;
483 ret = TRUE;
485 else if (*pcchStr < charsNeeded)
487 *pcchStr = charsNeeded;
488 SetLastError(ERROR_MORE_DATA);
489 ret = FALSE;
491 else
493 static const WCHAR fmt[] = { '%','0','2','x',' ',0 };
494 static const WCHAR endFmt[] = { '%','0','2','x',0 };
495 DWORD i;
496 LPWSTR ptr = str;
498 *pcchStr = charsNeeded;
499 if (cbEncoded)
501 for (i = 0; i < cbEncoded; i++)
503 if (i < cbEncoded - 1)
504 ptr += sprintfW(ptr, fmt, pbEncoded[i]);
505 else
506 ptr += sprintfW(ptr, endFmt, pbEncoded[i]);
509 else
510 *ptr = 0;
511 ret = TRUE;
513 return ret;
516 static const WCHAR indent[] = { ' ',' ',' ',' ',' ',0 };
517 static const WCHAR colonCrlf[] = { ':','\r','\n',0 };
518 static const WCHAR colonSpace[] = { ':',' ',0 };
519 static const WCHAR crlf[] = { '\r','\n',0 };
520 static const WCHAR commaSep[] = { ',',' ',0 };
522 static BOOL CRYPT_FormatCPS(DWORD dwCertEncodingType,
523 DWORD dwFormatStrType, const BYTE *pbEncoded, DWORD cbEncoded,
524 WCHAR *str, DWORD *pcchStr)
526 BOOL ret;
527 DWORD size, charsNeeded = 1;
528 CERT_NAME_VALUE *cpsValue;
530 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_UNICODE_ANY_STRING,
531 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &cpsValue, &size)))
533 LPCWSTR sep;
534 DWORD sepLen;
536 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
537 sep = crlf;
538 else
539 sep = commaSep;
541 sepLen = strlenW(sep);
543 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
545 charsNeeded += 3 * strlenW(indent);
546 if (str && *pcchStr >= charsNeeded)
548 strcpyW(str, indent);
549 str += strlenW(indent);
550 strcpyW(str, indent);
551 str += strlenW(indent);
552 strcpyW(str, indent);
553 str += strlenW(indent);
556 charsNeeded += cpsValue->Value.cbData / sizeof(WCHAR);
557 if (str && *pcchStr >= charsNeeded)
559 strcpyW(str, (LPWSTR)cpsValue->Value.pbData);
560 str += cpsValue->Value.cbData / sizeof(WCHAR);
562 charsNeeded += sepLen;
563 if (str && *pcchStr >= charsNeeded)
565 strcpyW(str, sep);
566 str += sepLen;
568 LocalFree(cpsValue);
569 if (!str)
570 *pcchStr = charsNeeded;
571 else if (*pcchStr < charsNeeded)
573 *pcchStr = charsNeeded;
574 SetLastError(ERROR_MORE_DATA);
575 ret = FALSE;
577 else
578 *pcchStr = charsNeeded;
580 return ret;
583 static BOOL CRYPT_FormatUserNotice(DWORD dwCertEncodingType,
584 DWORD dwFormatStrType, const BYTE *pbEncoded, DWORD cbEncoded,
585 WCHAR *str, DWORD *pcchStr)
587 BOOL ret;
588 DWORD size, charsNeeded = 1;
589 CERT_POLICY_QUALIFIER_USER_NOTICE *notice;
591 if ((ret = CryptDecodeObjectEx(dwCertEncodingType,
592 X509_PKIX_POLICY_QUALIFIER_USERNOTICE, pbEncoded, cbEncoded,
593 CRYPT_DECODE_ALLOC_FLAG, NULL, &notice, &size)))
595 static const WCHAR numFmt[] = { '%','d',0 };
596 CERT_POLICY_QUALIFIER_NOTICE_REFERENCE *pNoticeRef =
597 notice->pNoticeReference;
598 LPCWSTR headingSep, sep;
599 DWORD headingSepLen, sepLen;
600 LPWSTR noticeRef, organization, noticeNum, noticeText;
601 DWORD noticeRefLen, organizationLen, noticeNumLen, noticeTextLen;
602 WCHAR noticeNumStr[11];
604 noticeRefLen = LoadStringW(hInstance, IDS_NOTICE_REF,
605 (LPWSTR)&noticeRef, 0);
606 organizationLen = LoadStringW(hInstance, IDS_ORGANIZATION,
607 (LPWSTR)&organization, 0);
608 noticeNumLen = LoadStringW(hInstance, IDS_NOTICE_NUM,
609 (LPWSTR)&noticeNum, 0);
610 noticeTextLen = LoadStringW(hInstance, IDS_NOTICE_TEXT,
611 (LPWSTR)&noticeText, 0);
612 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
614 headingSep = colonCrlf;
615 sep = crlf;
617 else
619 headingSep = colonSpace;
620 sep = commaSep;
622 sepLen = strlenW(sep);
623 headingSepLen = strlenW(headingSep);
625 if (pNoticeRef)
627 DWORD k;
628 LPCSTR src;
630 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
632 charsNeeded += 3 * strlenW(indent);
633 if (str && *pcchStr >= charsNeeded)
635 strcpyW(str, indent);
636 str += strlenW(indent);
637 strcpyW(str, indent);
638 str += strlenW(indent);
639 strcpyW(str, indent);
640 str += strlenW(indent);
643 charsNeeded += noticeRefLen;
644 if (str && *pcchStr >= charsNeeded)
646 memcpy(str, noticeRef, noticeRefLen * sizeof(WCHAR));
647 str += noticeRefLen;
649 charsNeeded += headingSepLen;
650 if (str && *pcchStr >= charsNeeded)
652 strcpyW(str, headingSep);
653 str += headingSepLen;
655 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
657 charsNeeded += 4 * strlenW(indent);
658 if (str && *pcchStr >= charsNeeded)
660 strcpyW(str, indent);
661 str += strlenW(indent);
662 strcpyW(str, indent);
663 str += strlenW(indent);
664 strcpyW(str, indent);
665 str += strlenW(indent);
666 strcpyW(str, indent);
667 str += strlenW(indent);
670 charsNeeded += organizationLen;
671 if (str && *pcchStr >= charsNeeded)
673 memcpy(str, organization, organizationLen * sizeof(WCHAR));
674 str += organizationLen;
676 charsNeeded += strlen(pNoticeRef->pszOrganization);
677 if (str && *pcchStr >= charsNeeded)
678 for (src = pNoticeRef->pszOrganization; src && *src;
679 src++, str++)
680 *str = *src;
681 charsNeeded += sepLen;
682 if (str && *pcchStr >= charsNeeded)
684 strcpyW(str, sep);
685 str += sepLen;
687 for (k = 0; k < pNoticeRef->cNoticeNumbers; k++)
689 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
691 charsNeeded += 4 * strlenW(indent);
692 if (str && *pcchStr >= charsNeeded)
694 strcpyW(str, indent);
695 str += strlenW(indent);
696 strcpyW(str, indent);
697 str += strlenW(indent);
698 strcpyW(str, indent);
699 str += strlenW(indent);
700 strcpyW(str, indent);
701 str += strlenW(indent);
704 charsNeeded += noticeNumLen;
705 if (str && *pcchStr >= charsNeeded)
707 memcpy(str, noticeNum, noticeNumLen * sizeof(WCHAR));
708 str += noticeNumLen;
710 sprintfW(noticeNumStr, numFmt, k + 1);
711 charsNeeded += strlenW(noticeNumStr);
712 if (str && *pcchStr >= charsNeeded)
714 strcpyW(str, noticeNumStr);
715 str += strlenW(noticeNumStr);
717 charsNeeded += sepLen;
718 if (str && *pcchStr >= charsNeeded)
720 strcpyW(str, sep);
721 str += sepLen;
725 if (notice->pszDisplayText)
727 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
729 charsNeeded += 3 * strlenW(indent);
730 if (str && *pcchStr >= charsNeeded)
732 strcpyW(str, indent);
733 str += strlenW(indent);
734 strcpyW(str, indent);
735 str += strlenW(indent);
736 strcpyW(str, indent);
737 str += strlenW(indent);
740 charsNeeded += noticeTextLen;
741 if (str && *pcchStr >= charsNeeded)
743 memcpy(str, noticeText, noticeTextLen * sizeof(WCHAR));
744 str += noticeTextLen;
746 charsNeeded += strlenW(notice->pszDisplayText);
747 if (str && *pcchStr >= charsNeeded)
749 strcpyW(str, notice->pszDisplayText);
750 str += strlenW(notice->pszDisplayText);
752 charsNeeded += sepLen;
753 if (str && *pcchStr >= charsNeeded)
755 strcpyW(str, sep);
756 str += sepLen;
759 LocalFree(notice);
760 if (!str)
761 *pcchStr = charsNeeded;
762 else if (*pcchStr < charsNeeded)
764 *pcchStr = charsNeeded;
765 SetLastError(ERROR_MORE_DATA);
766 ret = FALSE;
768 else
769 *pcchStr = charsNeeded;
771 return ret;
774 /***********************************************************************
775 * FormatVerisignExtension (CRYPTDLG.@)
777 BOOL WINAPI FormatVerisignExtension(DWORD dwCertEncodingType,
778 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
779 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
780 DWORD *pcbFormat)
782 CERT_POLICIES_INFO *policies;
783 DWORD size;
784 BOOL ret = FALSE;
786 if (!cbEncoded)
788 SetLastError(E_INVALIDARG);
789 return FALSE;
791 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_CERT_POLICIES,
792 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &policies, &size)))
794 static const WCHAR numFmt[] = { '%','d',0 };
795 DWORD charsNeeded = 1; /* space for NULL terminator */
796 LPCWSTR headingSep, sep;
797 DWORD headingSepLen, sepLen;
798 WCHAR policyNum[11], policyQualifierNum[11];
799 LPWSTR certPolicy, policyId, policyQualifierInfo, policyQualifierId;
800 LPWSTR cps, userNotice, qualifier;
801 DWORD certPolicyLen, policyIdLen, policyQualifierInfoLen;
802 DWORD policyQualifierIdLen, cpsLen, userNoticeLen, qualifierLen;
803 DWORD i;
804 LPWSTR str = pbFormat;
806 certPolicyLen = LoadStringW(hInstance, IDS_CERT_POLICY,
807 (LPWSTR)&certPolicy, 0);
808 policyIdLen = LoadStringW(hInstance, IDS_POLICY_ID, (LPWSTR)&policyId,
810 policyQualifierInfoLen = LoadStringW(hInstance,
811 IDS_POLICY_QUALIFIER_INFO, (LPWSTR)&policyQualifierInfo, 0);
812 policyQualifierIdLen = LoadStringW(hInstance, IDS_POLICY_QUALIFIER_ID,
813 (LPWSTR)&policyQualifierId, 0);
814 cpsLen = LoadStringW(hInstance, IDS_CPS, (LPWSTR)&cps, 0);
815 userNoticeLen = LoadStringW(hInstance, IDS_USER_NOTICE,
816 (LPWSTR)&userNotice, 0);
817 qualifierLen = LoadStringW(hInstance, IDS_QUALIFIER,
818 (LPWSTR)&qualifier, 0);
819 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
821 headingSep = colonCrlf;
822 sep = crlf;
824 else
826 headingSep = colonSpace;
827 sep = commaSep;
829 sepLen = strlenW(sep);
830 headingSepLen = strlenW(headingSep);
832 for (i = 0; ret && i < policies->cPolicyInfo; i++)
834 CERT_POLICY_INFO *policy = &policies->rgPolicyInfo[i];
835 DWORD j;
836 LPCSTR src;
838 charsNeeded += 1; /* '['*/
839 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
840 *str++ = '[';
841 sprintfW(policyNum, numFmt, i + 1);
842 charsNeeded += strlenW(policyNum);
843 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
845 strcpyW(str, policyNum);
846 str += strlenW(policyNum);
848 charsNeeded += 1; /* ']'*/
849 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
850 *str++ = ']';
851 charsNeeded += certPolicyLen;
852 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
854 memcpy(str, certPolicy, certPolicyLen * sizeof(WCHAR));
855 str += certPolicyLen;
857 charsNeeded += headingSepLen;
858 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
860 strcpyW(str, headingSep);
861 str += headingSepLen;
863 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
865 charsNeeded += strlenW(indent);
866 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
868 strcpyW(str, indent);
869 str += strlenW(indent);
872 charsNeeded += policyIdLen;
873 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
875 memcpy(str, policyId, policyIdLen * sizeof(WCHAR));
876 str += policyIdLen;
878 charsNeeded += strlen(policy->pszPolicyIdentifier);
879 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
881 for (src = policy->pszPolicyIdentifier; src && *src;
882 src++, str++)
883 *str = *src;
885 charsNeeded += sepLen;
886 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
888 strcpyW(str, sep);
889 str += sepLen;
891 for (j = 0; j < policy->cPolicyQualifier; j++)
893 CERT_POLICY_QUALIFIER_INFO *qualifierInfo =
894 &policy->rgPolicyQualifier[j];
895 DWORD sizeRemaining;
897 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
899 charsNeeded += strlenW(indent);
900 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
902 strcpyW(str, indent);
903 str += strlenW(indent);
906 charsNeeded += 1; /* '['*/
907 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
908 *str++ = '[';
909 charsNeeded += strlenW(policyNum);
910 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
912 strcpyW(str, policyNum);
913 str += strlenW(policyNum);
915 charsNeeded += 1; /* ','*/
916 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
917 *str++ = ',';
918 sprintfW(policyQualifierNum, numFmt, j + 1);
919 charsNeeded += strlenW(policyQualifierNum);
920 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
922 strcpyW(str, policyQualifierNum);
923 str += strlenW(policyQualifierNum);
925 charsNeeded += 1; /* ']'*/
926 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
927 *str++ = ']';
928 charsNeeded += policyQualifierInfoLen;
929 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
931 memcpy(str, policyQualifierInfo,
932 policyQualifierInfoLen * sizeof(WCHAR));
933 str += policyQualifierInfoLen;
935 charsNeeded += headingSepLen;
936 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
938 strcpyW(str, headingSep);
939 str += headingSepLen;
941 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
943 charsNeeded += 2 * strlenW(indent);
944 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
946 strcpyW(str, indent);
947 str += strlenW(indent);
948 strcpyW(str, indent);
949 str += strlenW(indent);
952 charsNeeded += policyQualifierIdLen;
953 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
955 memcpy(str, policyQualifierId,
956 policyQualifierIdLen * sizeof(WCHAR));
957 str += policyQualifierIdLen;
959 if (!strcmp(qualifierInfo->pszPolicyQualifierId,
960 szOID_PKIX_POLICY_QUALIFIER_CPS))
962 charsNeeded += cpsLen;
963 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
965 memcpy(str, cps, cpsLen * sizeof(WCHAR));
966 str += cpsLen;
969 else if (!strcmp(qualifierInfo->pszPolicyQualifierId,
970 szOID_PKIX_POLICY_QUALIFIER_USERNOTICE))
972 charsNeeded += userNoticeLen;
973 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
975 memcpy(str, userNotice, userNoticeLen * sizeof(WCHAR));
976 str += userNoticeLen;
979 else
981 charsNeeded += strlen(qualifierInfo->pszPolicyQualifierId);
982 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
984 for (src = qualifierInfo->pszPolicyQualifierId;
985 src && *src; src++, str++)
986 *str = *src;
989 charsNeeded += sepLen;
990 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
992 strcpyW(str, sep);
993 str += sepLen;
995 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
997 charsNeeded += 2 * strlenW(indent);
998 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
1000 strcpyW(str, indent);
1001 str += strlenW(indent);
1002 strcpyW(str, indent);
1003 str += strlenW(indent);
1006 charsNeeded += qualifierLen;
1007 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
1009 memcpy(str, qualifier, qualifierLen * sizeof(WCHAR));
1010 str += qualifierLen;
1012 charsNeeded += headingSepLen;
1013 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
1015 strcpyW(str, headingSep);
1016 str += headingSepLen;
1018 /* This if block is deliberately redundant with the same if
1019 * block above, in order to keep the code more readable (the
1020 * code flow follows the order in which the strings are output.)
1022 if (!strcmp(qualifierInfo->pszPolicyQualifierId,
1023 szOID_PKIX_POLICY_QUALIFIER_CPS))
1025 if (!str || *pcbFormat < charsNeeded * sizeof(WCHAR))
1027 /* Insufficient space, determine how much is needed. */
1028 ret = CRYPT_FormatCPS(dwCertEncodingType,
1029 dwFormatStrType, qualifierInfo->Qualifier.pbData,
1030 qualifierInfo->Qualifier.cbData, NULL, &size);
1031 if (ret)
1032 charsNeeded += size - 1;
1034 else
1036 sizeRemaining = *pcbFormat / sizeof(WCHAR);
1037 sizeRemaining -= str - (LPWSTR)pbFormat;
1038 ret = CRYPT_FormatCPS(dwCertEncodingType,
1039 dwFormatStrType, qualifierInfo->Qualifier.pbData,
1040 qualifierInfo->Qualifier.cbData, str, &sizeRemaining);
1041 if (ret || GetLastError() == ERROR_MORE_DATA)
1043 charsNeeded += sizeRemaining - 1;
1044 str += sizeRemaining - 1;
1048 else if (!strcmp(qualifierInfo->pszPolicyQualifierId,
1049 szOID_PKIX_POLICY_QUALIFIER_USERNOTICE))
1051 if (!str || *pcbFormat < charsNeeded * sizeof(WCHAR))
1053 /* Insufficient space, determine how much is needed. */
1054 ret = CRYPT_FormatUserNotice(dwCertEncodingType,
1055 dwFormatStrType, qualifierInfo->Qualifier.pbData,
1056 qualifierInfo->Qualifier.cbData, NULL, &size);
1057 if (ret)
1058 charsNeeded += size - 1;
1060 else
1062 sizeRemaining = *pcbFormat / sizeof(WCHAR);
1063 sizeRemaining -= str - (LPWSTR)pbFormat;
1064 ret = CRYPT_FormatUserNotice(dwCertEncodingType,
1065 dwFormatStrType, qualifierInfo->Qualifier.pbData,
1066 qualifierInfo->Qualifier.cbData, str, &sizeRemaining);
1067 if (ret || GetLastError() == ERROR_MORE_DATA)
1069 charsNeeded += sizeRemaining - 1;
1070 str += sizeRemaining - 1;
1074 else
1076 if (!str || *pcbFormat < charsNeeded * sizeof(WCHAR))
1078 /* Insufficient space, determine how much is needed. */
1079 ret = CRYPT_FormatHexString(
1080 qualifierInfo->Qualifier.pbData,
1081 qualifierInfo->Qualifier.cbData, NULL, &size);
1082 if (ret)
1083 charsNeeded += size - 1;
1085 else
1087 sizeRemaining = *pcbFormat / sizeof(WCHAR);
1088 sizeRemaining -= str - (LPWSTR)pbFormat;
1089 ret = CRYPT_FormatHexString(
1090 qualifierInfo->Qualifier.pbData,
1091 qualifierInfo->Qualifier.cbData, str, &sizeRemaining);
1092 if (ret || GetLastError() == ERROR_MORE_DATA)
1094 charsNeeded += sizeRemaining - 1;
1095 str += sizeRemaining - 1;
1101 LocalFree(policies);
1102 if (ret)
1104 if (!pbFormat)
1105 *pcbFormat = charsNeeded * sizeof(WCHAR);
1106 else if (*pcbFormat < charsNeeded * sizeof(WCHAR))
1108 *pcbFormat = charsNeeded * sizeof(WCHAR);
1109 SetLastError(ERROR_MORE_DATA);
1110 ret = FALSE;
1112 else
1113 *pcbFormat = charsNeeded * sizeof(WCHAR);
1116 return ret;
1119 #define szOID_MICROSOFT_Encryption_Key_Preference "1.3.6.1.4.1.311.16.4"
1121 /***********************************************************************
1122 * DllRegisterServer (CRYPTDLG.@)
1124 HRESULT WINAPI DllRegisterServer(void)
1126 static WCHAR cryptdlg[] = { 'c','r','y','p','t','d','l','g','.',
1127 'd','l','l',0 };
1128 static WCHAR wintrust[] = { 'w','i','n','t','r','u','s','t','.',
1129 'd','l','l',0 };
1130 static WCHAR certTrustInit[] = { 'C','e','r','t','T','r','u','s','t',
1131 'I','n','i','t',0 };
1132 static WCHAR wintrustCertificateTrust[] = { 'W','i','n','t','r','u','s','t',
1133 'C','e','r','t','i','f','i','c','a','t','e','T','r','u','s','t',0 };
1134 static WCHAR certTrustCertPolicy[] = { 'C','e','r','t','T','r','u','s','t',
1135 'C','e','r','t','P','o','l','i','c','y',0 };
1136 static WCHAR certTrustFinalPolicy[] = { 'C','e','r','t','T','r','u','s','t',
1137 'F','i','n','a','l','P','o','l','i','c','y',0 };
1138 static WCHAR certTrustCleanup[] = { 'C','e','r','t','T','r','u','s','t',
1139 'C','l','e','a','n','u','p',0 };
1140 static const WCHAR cryptDlg[] = { 'c','r','y','p','t','d','l','g','.',
1141 'd','l','l',0 };
1142 CRYPT_REGISTER_ACTIONID reg;
1143 GUID guid = CERT_CERTIFICATE_ACTION_VERIFY;
1144 HRESULT hr = S_OK;
1146 memset(&reg, 0, sizeof(reg));
1147 reg.cbStruct = sizeof(reg);
1148 reg.sInitProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1149 reg.sInitProvider.pwszDLLName = cryptdlg;
1150 reg.sInitProvider.pwszFunctionName = certTrustInit;
1151 reg.sCertificateProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1152 reg.sCertificateProvider.pwszDLLName = wintrust;
1153 reg.sCertificateProvider.pwszFunctionName = wintrustCertificateTrust;
1154 reg.sCertificatePolicyProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1155 reg.sCertificatePolicyProvider.pwszDLLName = cryptdlg;
1156 reg.sCertificatePolicyProvider.pwszFunctionName = certTrustCertPolicy;
1157 reg.sFinalPolicyProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1158 reg.sFinalPolicyProvider.pwszDLLName = cryptdlg;
1159 reg.sFinalPolicyProvider.pwszFunctionName = certTrustFinalPolicy;
1160 reg.sCleanupProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1161 reg.sCleanupProvider.pwszDLLName = cryptdlg;
1162 reg.sCleanupProvider.pwszFunctionName = certTrustCleanup;
1163 if (!WintrustAddActionID(&guid, WT_ADD_ACTION_ID_RET_RESULT_FLAG, &reg))
1164 hr = GetLastError();
1165 CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC,
1166 "1.3.6.1.4.1.311.16.1.1", cryptDlg, "EncodeAttrSequence");
1167 CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC,
1168 szOID_MICROSOFT_Encryption_Key_Preference, cryptDlg, "EncodeRecipientID");
1169 CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC,
1170 "1.3.6.1.4.1.311.16.1.1", cryptDlg, "DecodeAttrSequence");
1171 CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC,
1172 szOID_MICROSOFT_Encryption_Key_Preference, cryptDlg, "DecodeRecipientID");
1173 CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_FORMAT_OBJECT_FUNC,
1174 szOID_PKIX_KP_EMAIL_PROTECTION, cryptDlg, "FormatPKIXEmailProtection");
1175 CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_FORMAT_OBJECT_FUNC,
1176 szOID_CERT_POLICIES, cryptDlg, "FormatVerisignExtension");
1177 return hr;
1180 /***********************************************************************
1181 * DllUnregisterServer (CRYPTDLG.@)
1183 HRESULT WINAPI DllUnregisterServer(void)
1185 GUID guid = CERT_CERTIFICATE_ACTION_VERIFY;
1187 WintrustRemoveActionID(&guid);
1188 CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC,
1189 "1.3.6.1.4.1.311.16.1.1");
1190 CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC,
1191 szOID_MICROSOFT_Encryption_Key_Preference);
1192 CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC,
1193 "1.3.6.1.4.1.311.16.1.1");
1194 CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC,
1195 szOID_MICROSOFT_Encryption_Key_Preference);
1196 CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_FORMAT_OBJECT_FUNC,
1197 szOID_PKIX_KP_EMAIL_PROTECTION);
1198 CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_FORMAT_OBJECT_FUNC,
1199 szOID_CERT_POLICIES);
1200 return S_OK;