2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 #include "wine/port.h"
25 #define NONAMELESSUNION
26 #define NONAMELESSSTRUCT
29 #include "wine/debug.h"
35 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
38 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet
);
40 BOOL WINAPI
DllMain(HINSTANCE hinstDLL
, DWORD fdwReason
, LPVOID lpvReserved
)
42 TRACE("(0x%p, %d, %p)\n", hinstDLL
, fdwReason
, lpvReserved
);
45 case DLL_PROCESS_ATTACH
:
46 DisableThreadLibraryCalls(hinstDLL
);
48 case DLL_PROCESS_DETACH
:
49 /* Do uninitialisation here */
56 static const WCHAR cryptNet
[] = { 'c','r','y','p','t','n','e','t','.',
58 static const WCHAR ldapProvOpenStore
[] = { 'L','d','a','p','P','r','o','v',
59 'O','p','e','S','t','o','r','e',0 };
61 /***********************************************************************
62 * DllRegisterServer (CRYPTNET.@)
64 HRESULT WINAPI
DllRegisterServer(void)
67 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING
,
68 CRYPT_OID_VERIFY_REVOCATION_FUNC
, 0, cryptNet
);
69 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap",
70 cryptNet
, "LdapProvOpenStore");
71 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
72 CERT_STORE_PROV_LDAP_W
, cryptNet
, "LdapProvOpenStore");
76 /***********************************************************************
77 * DllUnregisterServer (CRYPTNET.@)
79 HRESULT WINAPI
DllUnregisterServer(void)
82 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING
,
83 CRYPT_OID_VERIFY_REVOCATION_FUNC
, cryptNet
);
84 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap");
85 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
86 CERT_STORE_PROV_LDAP_W
);
90 static const char *url_oid_to_str(LPCSTR oid
)
100 #define _x(oid) case LOWORD(oid): return #oid
101 _x(URL_OID_CERTIFICATE_ISSUER
);
102 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT
);
103 _x(URL_OID_CTL_ISSUER
);
104 _x(URL_OID_CTL_NEXT_UPDATE
);
105 _x(URL_OID_CRL_ISSUER
);
106 _x(URL_OID_CERTIFICATE_FRESHEST_CRL
);
107 _x(URL_OID_CRL_FRESHEST_CRL
);
108 _x(URL_OID_CROSS_CERT_DIST_POINT
);
111 snprintf(buf
, sizeof(buf
), "%d", LOWORD(oid
));
117 typedef BOOL (WINAPI
*UrlDllGetObjectUrlFunc
)(LPCSTR
, LPVOID
, DWORD
,
118 PCRYPT_URL_ARRAY
, DWORD
*, PCRYPT_URL_INFO
, DWORD
*, LPVOID
);
120 static BOOL WINAPI
CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid
,
121 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
122 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
124 /* FIXME: This depends on the AIA (authority info access) extension being
125 * supported in crypt32.
128 SetLastError(CRYPT_E_NOT_FOUND
);
132 static BOOL WINAPI
CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid
,
133 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
134 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
136 PCCERT_CONTEXT cert
= (PCCERT_CONTEXT
)pvPara
;
140 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
141 if (dwFlags
&& !(dwFlags
& CRYPT_GET_URL_FROM_EXTENSION
))
143 SetLastError(CRYPT_E_NOT_FOUND
);
146 if ((ext
= CertFindExtension(szOID_CRL_DIST_POINTS
,
147 cert
->pCertInfo
->cExtension
, cert
->pCertInfo
->rgExtension
)))
149 CRL_DIST_POINTS_INFO
*info
;
152 ret
= CryptDecodeObjectEx(X509_ASN_ENCODING
, X509_CRL_DIST_POINTS
,
153 ext
->Value
.pbData
, ext
->Value
.cbData
, CRYPT_DECODE_ALLOC_FLAG
, NULL
,
157 DWORD i
, cUrl
, bytesNeeded
= sizeof(CRYPT_URL_ARRAY
);
159 for (i
= 0, cUrl
= 0; i
< info
->cDistPoint
; i
++)
160 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
161 == CRL_DIST_POINT_FULL_NAME
)
164 CERT_ALT_NAME_INFO
*name
=
165 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
167 for (j
= 0; j
< name
->cAltEntry
; j
++)
168 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
171 if (name
->rgAltEntry
[j
].u
.pwszURL
)
174 bytesNeeded
+= sizeof(LPWSTR
) +
175 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1)
182 SetLastError(E_INVALIDARG
);
186 *pcbUrlArray
= bytesNeeded
;
187 else if (*pcbUrlArray
< bytesNeeded
)
189 SetLastError(ERROR_MORE_DATA
);
190 *pcbUrlArray
= bytesNeeded
;
197 *pcbUrlArray
= bytesNeeded
;
199 pUrlArray
->rgwszUrl
=
200 (LPWSTR
*)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
));
201 nextUrl
= (LPWSTR
)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
)
202 + cUrl
* sizeof(LPWSTR
));
203 for (i
= 0; i
< info
->cDistPoint
; i
++)
204 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
205 == CRL_DIST_POINT_FULL_NAME
)
208 CERT_ALT_NAME_INFO
*name
=
209 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
211 for (j
= 0; j
< name
->cAltEntry
; j
++)
212 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
215 if (name
->rgAltEntry
[j
].u
.pwszURL
)
218 name
->rgAltEntry
[j
].u
.pwszURL
);
219 pUrlArray
->rgwszUrl
[pUrlArray
->cUrl
++] =
222 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1)
232 FIXME("url info: stub\n");
234 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
235 else if (*pcbUrlInfo
< sizeof(CRYPT_URL_INFO
))
237 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
238 SetLastError(ERROR_MORE_DATA
);
243 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
244 memset(pUrlInfo
, 0, sizeof(CRYPT_URL_INFO
));
252 SetLastError(CRYPT_E_NOT_FOUND
);
256 /***********************************************************************
257 * CryptGetObjectUrl (CRYPTNET.@)
259 BOOL WINAPI
CryptGetObjectUrl(LPCSTR pszUrlOid
, LPVOID pvPara
, DWORD dwFlags
,
260 PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
, PCRYPT_URL_INFO pUrlInfo
,
261 DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
263 UrlDllGetObjectUrlFunc func
= NULL
;
264 HCRYPTOIDFUNCADDR hFunc
= NULL
;
267 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid
),
268 pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
, pUrlInfo
, pcbUrlInfo
, pvReserved
);
270 if (!HIWORD(pszUrlOid
))
272 switch (LOWORD(pszUrlOid
))
274 case LOWORD(URL_OID_CERTIFICATE_ISSUER
):
275 func
= CRYPT_GetUrlFromCertificateIssuer
;
277 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT
):
278 func
= CRYPT_GetUrlFromCertificateCRLDistPoint
;
281 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid
));
282 SetLastError(ERROR_FILE_NOT_FOUND
);
287 static HCRYPTOIDFUNCSET set
= NULL
;
290 set
= CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC
, 0);
291 CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszUrlOid
, 0,
292 (void **)&func
, &hFunc
);
295 ret
= func(pszUrlOid
, pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
,
296 pUrlInfo
, pcbUrlInfo
, pvReserved
);
298 CryptFreeOIDFunctionAddress(hFunc
, 0);
302 /***********************************************************************
303 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
305 BOOL WINAPI
CryptRetrieveObjectByUrlA(LPCSTR pszURL
, LPCSTR pszObjectOid
,
306 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
307 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
308 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
313 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL
),
314 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
315 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
319 SetLastError(ERROR_INVALID_PARAMETER
);
322 len
= MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, NULL
, 0);
325 LPWSTR url
= CryptMemAlloc(len
* sizeof(WCHAR
));
329 MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, url
, len
);
330 ret
= CryptRetrieveObjectByUrlW(url
, pszObjectOid
,
331 dwRetrievalFlags
, dwTimeout
, ppvObject
, hAsyncRetrieve
,
332 pCredentials
, pvVerify
, pAuxInfo
);
336 SetLastError(ERROR_OUTOFMEMORY
);
341 static void WINAPI
CRYPT_FreeBlob(LPCSTR pszObjectOid
,
342 PCRYPT_BLOB_ARRAY pObject
, void *pvFreeContext
)
346 for (i
= 0; i
< pObject
->cBlob
; i
++)
347 CryptMemFree(pObject
->rgBlob
[i
].pbData
);
348 CryptMemFree(pObject
->rgBlob
);
351 static BOOL
CRYPT_GetObjectFromFile(HANDLE hFile
, PCRYPT_BLOB_ARRAY pObject
)
356 if ((ret
= GetFileSizeEx(hFile
, &size
)))
360 WARN("file too big\n");
361 SetLastError(ERROR_INVALID_DATA
);
366 CRYPT_DATA_BLOB blob
;
368 blob
.pbData
= CryptMemAlloc(size
.u
.LowPart
);
371 blob
.cbData
= size
.u
.LowPart
;
372 ret
= ReadFile(hFile
, blob
.pbData
, size
.u
.LowPart
, &blob
.cbData
,
376 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
380 memcpy(pObject
->rgBlob
, &blob
, sizeof(CRYPT_DATA_BLOB
));
384 SetLastError(ERROR_OUTOFMEMORY
);
389 CryptMemFree(blob
.pbData
);
393 SetLastError(ERROR_OUTOFMEMORY
);
401 /* FIXME: should make wininet cache all downloads instead */
402 static BOOL
CRYPT_GetObjectFromCache(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
403 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
406 INTERNET_CACHE_ENTRY_INFOW cacheInfo
= { sizeof(cacheInfo
), 0 };
407 DWORD size
= sizeof(cacheInfo
);
409 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pObject
, pAuxInfo
);
411 if (GetUrlCacheEntryInfoW(pszURL
, &cacheInfo
, &size
) ||
412 GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
416 GetSystemTimeAsFileTime(&ft
);
417 if (CompareFileTime(&cacheInfo
.ExpireTime
, &ft
) >= 0)
419 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo
= CryptMemAlloc(size
);
423 if (GetUrlCacheEntryInfoW(pszURL
, pCacheInfo
, &size
))
425 HANDLE hFile
= CreateFileW(pCacheInfo
->lpszLocalFileName
,
426 GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
427 FILE_ATTRIBUTE_NORMAL
, NULL
);
429 if (hFile
!= INVALID_HANDLE_VALUE
)
431 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
433 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
434 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
435 pLastSyncTime
) + sizeof(PFILETIME
) &&
436 pAuxInfo
->pLastSyncTime
)
437 memcpy(pAuxInfo
->pLastSyncTime
,
438 &pCacheInfo
->LastSyncTime
,
444 CryptMemFree(pCacheInfo
);
447 SetLastError(ERROR_OUTOFMEMORY
);
450 DeleteUrlCacheEntryW(pszURL
);
452 TRACE("returning %d\n", ret
);
456 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
457 * to NULL-terminated copies of those portions of the URL (to be freed with
460 static BOOL
CRYPT_CrackUrl(LPCWSTR pszURL
, URL_COMPONENTSW
*components
)
464 TRACE("(%s, %p)\n", debugstr_w(pszURL
), components
);
466 memset(components
, 0, sizeof(*components
));
467 components
->dwStructSize
= sizeof(*components
);
468 components
->lpszHostName
= CryptMemAlloc(MAX_PATH
* sizeof(WCHAR
));
469 components
->dwHostNameLength
= MAX_PATH
;
470 components
->lpszUrlPath
= CryptMemAlloc(MAX_PATH
* 2 * sizeof(WCHAR
));
471 components
->dwUrlPathLength
= 2 * MAX_PATH
;
472 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, components
);
475 if ((components
->dwUrlPathLength
== 2 * MAX_PATH
- 1) ||
476 (components
->dwHostNameLength
== MAX_PATH
- 1))
477 FIXME("Buffers are too small\n");
478 switch (components
->nScheme
)
480 case INTERNET_SCHEME_FTP
:
481 if (!components
->nPort
)
482 components
->nPort
= INTERNET_DEFAULT_FTP_PORT
;
484 case INTERNET_SCHEME_HTTP
:
485 if (!components
->nPort
)
486 components
->nPort
= INTERNET_DEFAULT_HTTP_PORT
;
492 TRACE("returning %d\n", ret
);
503 static struct InetContext
*CRYPT_MakeInetContext(DWORD dwTimeout
)
505 struct InetContext
*context
= CryptMemAlloc(sizeof(struct InetContext
));
509 context
->event
= CreateEventW(NULL
, FALSE
, FALSE
, NULL
);
512 CryptMemFree(context
);
517 context
->timeout
= dwTimeout
;
518 context
->error
= ERROR_SUCCESS
;
524 static BOOL
CRYPT_DownloadObject(DWORD dwRetrievalFlags
, HINTERNET hHttp
,
525 struct InetContext
*context
, PCRYPT_BLOB_ARRAY pObject
,
526 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
528 CRYPT_DATA_BLOB object
= { 0, NULL
};
529 DWORD bytesAvailable
;
533 if ((ret
= InternetQueryDataAvailable(hHttp
, &bytesAvailable
, 0, 0)))
538 object
.pbData
= CryptMemRealloc(object
.pbData
,
539 object
.cbData
+ bytesAvailable
);
541 object
.pbData
= CryptMemAlloc(bytesAvailable
);
544 INTERNET_BUFFERSA buffer
= { sizeof(buffer
), 0 };
546 buffer
.dwBufferLength
= bytesAvailable
;
547 buffer
.lpvBuffer
= object
.pbData
+ object
.cbData
;
548 if (!(ret
= InternetReadFileExA(hHttp
, &buffer
, IRF_NO_WAIT
,
549 (DWORD_PTR
)context
)))
551 if (GetLastError() == ERROR_IO_PENDING
)
553 if (WaitForSingleObject(context
->event
,
554 context
->timeout
) == WAIT_TIMEOUT
)
555 SetLastError(ERROR_TIMEOUT
);
556 else if (context
->error
)
557 SetLastError(context
->error
);
563 object
.cbData
+= bytesAvailable
;
567 SetLastError(ERROR_OUTOFMEMORY
);
572 else if (GetLastError() == ERROR_IO_PENDING
)
574 if (WaitForSingleObject(context
->event
, context
->timeout
) ==
576 SetLastError(ERROR_TIMEOUT
);
580 } while (ret
&& bytesAvailable
);
583 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
584 if (!pObject
->rgBlob
)
586 CryptMemFree(object
.pbData
);
587 SetLastError(ERROR_OUTOFMEMORY
);
592 pObject
->rgBlob
[0].cbData
= object
.cbData
;
593 pObject
->rgBlob
[0].pbData
= object
.pbData
;
597 TRACE("returning %d\n", ret
);
601 static void CRYPT_CacheURL(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
602 DWORD dwRetrievalFlags
, FILETIME expires
)
604 WCHAR cacheFileName
[MAX_PATH
];
606 /* FIXME: let wininet directly cache instead */
607 if (CreateUrlCacheEntryW(pszURL
, pObject
->rgBlob
[0].cbData
, NULL
,
610 HANDLE hCacheFile
= CreateFileW(cacheFileName
, GENERIC_WRITE
, 0, NULL
,
611 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
613 if (hCacheFile
!= INVALID_HANDLE_VALUE
)
615 DWORD bytesWritten
, entryType
;
618 if (!(dwRetrievalFlags
& CRYPT_STICKY_CACHE_RETRIEVAL
))
619 entryType
= NORMAL_CACHE_ENTRY
;
621 entryType
= STICKY_CACHE_ENTRY
;
622 WriteFile(hCacheFile
, pObject
->rgBlob
[0].pbData
,
623 pObject
->rgBlob
[0].cbData
, &bytesWritten
, NULL
);
624 CloseHandle(hCacheFile
);
625 CommitUrlCacheEntryW(pszURL
, cacheFileName
, expires
, ft
, entryType
,
626 NULL
, 0, NULL
, NULL
);
631 static void CALLBACK
CRYPT_InetStatusCallback(HINTERNET hInt
,
632 DWORD_PTR dwContext
, DWORD status
, void *statusInfo
, DWORD statusInfoLen
)
634 struct InetContext
*context
= (struct InetContext
*)dwContext
;
635 LPINTERNET_ASYNC_RESULT result
;
639 case INTERNET_STATUS_REQUEST_COMPLETE
:
640 result
= (LPINTERNET_ASYNC_RESULT
)statusInfo
;
641 context
->error
= result
->dwError
;
642 SetEvent(context
->event
);
646 static BOOL
CRYPT_Connect(URL_COMPONENTSW
*components
,
647 struct InetContext
*context
, PCRYPT_CREDENTIALS pCredentials
,
648 HINTERNET
*phInt
, HINTERNET
*phHost
)
652 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components
->lpszHostName
),
653 components
->nPort
, context
, pCredentials
, phInt
, phInt
);
656 *phInt
= InternetOpenW(NULL
, INTERNET_OPEN_TYPE_DIRECT
, NULL
, NULL
,
657 context
? INTERNET_FLAG_ASYNC
: 0);
663 InternetSetStatusCallbackW(*phInt
, CRYPT_InetStatusCallback
);
664 switch (components
->nScheme
)
666 case INTERNET_SCHEME_FTP
:
667 service
= INTERNET_SERVICE_FTP
;
669 case INTERNET_SCHEME_HTTP
:
670 service
= INTERNET_SERVICE_HTTP
;
675 /* FIXME: use pCredentials for username/password */
676 *phHost
= InternetConnectW(*phInt
, components
->lpszHostName
,
677 components
->nPort
, NULL
, NULL
, service
, 0, (DWORD_PTR
)context
);
680 InternetCloseHandle(*phInt
);
689 TRACE("returning %d\n", ret
);
693 static BOOL WINAPI
FTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
694 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
695 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
696 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
697 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
699 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
700 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
701 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
704 pObject
->rgBlob
= NULL
;
705 *ppfnFreeObject
= CRYPT_FreeBlob
;
706 *ppvFreeContext
= NULL
;
710 static const WCHAR x509cacert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
711 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
712 static const WCHAR x509emailcert
[] = { 'a','p','p','l','i','c','a','t','i','o',
713 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
715 static const WCHAR x509servercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
716 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
718 static const WCHAR x509usercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
719 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
720 static const WCHAR pkcs7cert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
721 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
723 static const WCHAR pkixCRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
724 '/','p','k','i','x','-','c','r','l',0 };
725 static const WCHAR pkcs7CRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
726 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
727 static const WCHAR pkcs7sig
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
728 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
729 static const WCHAR pkcs7mime
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
730 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
732 static BOOL WINAPI
HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
733 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
734 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
735 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
736 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
740 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
741 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
742 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
745 pObject
->rgBlob
= NULL
;
746 *ppfnFreeObject
= CRYPT_FreeBlob
;
747 *ppvFreeContext
= NULL
;
749 if (!(dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
))
750 ret
= CRYPT_GetObjectFromCache(pszURL
, pObject
, pAuxInfo
);
751 if (!ret
&& (!(dwRetrievalFlags
& CRYPT_CACHE_ONLY_RETRIEVAL
) ||
752 (dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
)))
754 URL_COMPONENTSW components
;
756 if ((ret
= CRYPT_CrackUrl(pszURL
, &components
)))
758 HINTERNET hInt
, hHost
;
759 struct InetContext
*context
= NULL
;
762 context
= CRYPT_MakeInetContext(dwTimeout
);
763 ret
= CRYPT_Connect(&components
, context
, pCredentials
, &hInt
,
767 static LPCWSTR types
[] = { x509cacert
, x509emailcert
,
768 x509servercert
, x509usercert
, pkcs7cert
, pkixCRL
, pkcs7CRL
,
769 pkcs7sig
, pkcs7mime
, NULL
};
770 HINTERNET hHttp
= HttpOpenRequestW(hHost
, NULL
,
771 components
.lpszUrlPath
, NULL
, NULL
, types
,
772 INTERNET_FLAG_NO_COOKIES
| INTERNET_FLAG_NO_UI
,
779 InternetSetOptionW(hHttp
,
780 INTERNET_OPTION_RECEIVE_TIMEOUT
, &dwTimeout
,
782 InternetSetOptionW(hHttp
, INTERNET_OPTION_SEND_TIMEOUT
,
783 &dwTimeout
, sizeof(dwTimeout
));
785 ret
= HttpSendRequestExW(hHttp
, NULL
, NULL
, 0,
787 if (!ret
&& GetLastError() == ERROR_IO_PENDING
)
789 if (WaitForSingleObject(context
->event
,
790 context
->timeout
) == WAIT_TIMEOUT
)
791 SetLastError(ERROR_TIMEOUT
);
795 /* We don't set ret to TRUE in this block to avoid masking
796 * an error from HttpSendRequestExW.
798 if (!HttpEndRequestW(hHttp
, NULL
, 0, (DWORD_PTR
)context
) &&
799 GetLastError() == ERROR_IO_PENDING
)
801 if (WaitForSingleObject(context
->event
,
802 context
->timeout
) == WAIT_TIMEOUT
)
804 SetLastError(ERROR_TIMEOUT
);
809 ret
= CRYPT_DownloadObject(dwRetrievalFlags
, hHttp
,
810 context
, pObject
, pAuxInfo
);
811 if (ret
&& !(dwRetrievalFlags
& CRYPT_DONT_CACHE_RESULT
))
814 DWORD len
= sizeof(st
);
816 if (HttpQueryInfoW(hHttp
,
817 HTTP_QUERY_EXPIRES
| HTTP_QUERY_FLAG_SYSTEMTIME
, &st
,
822 SystemTimeToFileTime(&st
, &ft
);
823 CRYPT_CacheURL(pszURL
, pObject
, dwRetrievalFlags
,
827 InternetCloseHandle(hHttp
);
829 InternetCloseHandle(hHost
);
830 InternetCloseHandle(hInt
);
834 CloseHandle(context
->event
);
835 CryptMemFree(context
);
837 CryptMemFree(components
.lpszUrlPath
);
838 CryptMemFree(components
.lpszHostName
);
841 TRACE("returning %d\n", ret
);
845 static BOOL WINAPI
File_RetrieveEncodedObjectW(LPCWSTR pszURL
,
846 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
847 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
848 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
849 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
851 URL_COMPONENTSW components
= { sizeof(components
), 0 };
854 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
855 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
856 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
859 pObject
->rgBlob
= NULL
;
860 *ppfnFreeObject
= CRYPT_FreeBlob
;
861 *ppvFreeContext
= NULL
;
863 components
.lpszUrlPath
= CryptMemAlloc(MAX_PATH
* 2 * sizeof(WCHAR
));
864 components
.dwUrlPathLength
= 2 * MAX_PATH
;
865 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, &components
);
870 if (components
.dwUrlPathLength
== 2 * MAX_PATH
- 1)
871 FIXME("Buffers are too small\n");
873 /* 3 == lstrlenW(L"c:") + 1 */
874 path
= CryptMemAlloc((components
.dwUrlPathLength
+ 3) * sizeof(WCHAR
));
879 /* Try to create the file directly - Wine handles / in pathnames */
880 lstrcpynW(path
, components
.lpszUrlPath
,
881 components
.dwUrlPathLength
+ 1);
882 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
883 FILE_ATTRIBUTE_NORMAL
, NULL
);
884 if (hFile
== INVALID_HANDLE_VALUE
)
886 /* Try again on the current drive */
887 GetCurrentDirectoryW(components
.dwUrlPathLength
, path
);
890 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
891 components
.dwUrlPathLength
+ 1);
892 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
893 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
895 if (hFile
== INVALID_HANDLE_VALUE
)
897 /* Try again on the Windows drive */
898 GetWindowsDirectoryW(path
, components
.dwUrlPathLength
);
901 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
902 components
.dwUrlPathLength
+ 1);
903 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
904 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
908 if (hFile
!= INVALID_HANDLE_VALUE
)
910 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
912 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
913 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
914 pLastSyncTime
) + sizeof(PFILETIME
) &&
915 pAuxInfo
->pLastSyncTime
)
916 GetFileTime(hFile
, NULL
, NULL
,
917 pAuxInfo
->pLastSyncTime
);
926 CryptMemFree(components
.lpszUrlPath
);
930 typedef BOOL (WINAPI
*SchemeDllRetrieveEncodedObjectW
)(LPCWSTR pwszUrl
,
931 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
932 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
933 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
934 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
);
936 static BOOL
CRYPT_GetRetrieveFunction(LPCWSTR pszURL
,
937 SchemeDllRetrieveEncodedObjectW
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
939 URL_COMPONENTSW components
= { sizeof(components
), 0 };
942 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pFunc
, phFunc
);
946 components
.dwSchemeLength
= 1;
947 ret
= InternetCrackUrlW(pszURL
, 0, 0, &components
);
950 /* Microsoft always uses CryptInitOIDFunctionSet/
951 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
952 * reason to do so for builtin schemes.
954 switch (components
.nScheme
)
956 case INTERNET_SCHEME_FTP
:
957 *pFunc
= FTP_RetrieveEncodedObjectW
;
959 case INTERNET_SCHEME_HTTP
:
960 *pFunc
= HTTP_RetrieveEncodedObjectW
;
962 case INTERNET_SCHEME_FILE
:
963 *pFunc
= File_RetrieveEncodedObjectW
;
967 int len
= WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
968 components
.dwSchemeLength
, NULL
, 0, NULL
, NULL
);
972 LPSTR scheme
= CryptMemAlloc(len
);
976 static HCRYPTOIDFUNCSET set
= NULL
;
979 set
= CryptInitOIDFunctionSet(
980 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC
, 0);
981 WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
982 components
.dwSchemeLength
, scheme
, len
, NULL
, NULL
);
983 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
,
984 scheme
, 0, (void **)pFunc
, phFunc
);
985 CryptMemFree(scheme
);
989 SetLastError(ERROR_OUTOFMEMORY
);
998 TRACE("returning %d\n", ret
);
1002 static BOOL WINAPI
CRYPT_CreateBlob(LPCSTR pszObjectOid
,
1003 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1006 CRYPT_BLOB_ARRAY
*context
;
1009 size
= sizeof(CRYPT_BLOB_ARRAY
) + pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1010 for (i
= 0; i
< pObject
->cBlob
; i
++)
1011 size
+= pObject
->rgBlob
[i
].cbData
;
1012 context
= CryptMemAlloc(size
);
1019 (CRYPT_DATA_BLOB
*)((LPBYTE
)context
+ sizeof(CRYPT_BLOB_ARRAY
));
1021 (LPBYTE
)context
->rgBlob
+ pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1022 for (i
= 0; i
< pObject
->cBlob
; i
++)
1024 memcpy(nextData
, pObject
->rgBlob
[i
].pbData
,
1025 pObject
->rgBlob
[i
].cbData
);
1026 context
->rgBlob
[i
].pbData
= nextData
;
1027 context
->rgBlob
[i
].cbData
= pObject
->rgBlob
[i
].cbData
;
1028 nextData
+= pObject
->rgBlob
[i
].cbData
;
1031 *ppvContext
= context
;
1037 typedef BOOL (WINAPI
*AddContextToStore
)(HCERTSTORE hCertStore
,
1038 const void *pContext
, DWORD dwAddDisposition
, const void **ppStoreContext
);
1040 static BOOL
CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject
,
1041 DWORD dwExpectedContentTypeFlags
, AddContextToStore addFunc
, void **ppvContext
)
1045 if (!pObject
->cBlob
)
1047 SetLastError(ERROR_INVALID_DATA
);
1051 else if (pObject
->cBlob
== 1)
1053 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1054 dwExpectedContentTypeFlags
, CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
,
1055 NULL
, NULL
, NULL
, NULL
, (const void **)ppvContext
))
1057 SetLastError(CRYPT_E_NO_MATCH
);
1063 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1064 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1069 const void *context
;
1071 for (i
= 0; i
< pObject
->cBlob
; i
++)
1073 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1074 &pObject
->rgBlob
[i
], dwExpectedContentTypeFlags
,
1075 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, NULL
, NULL
, NULL
,
1078 if (!addFunc(store
, context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1083 SetLastError(CRYPT_E_NO_MATCH
);
1090 *ppvContext
= store
;
1095 static BOOL WINAPI
CRYPT_CreateCert(LPCSTR pszObjectOid
,
1096 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1098 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CERT
,
1099 (AddContextToStore
)CertAddCertificateContextToStore
, ppvContext
);
1102 static BOOL WINAPI
CRYPT_CreateCRL(LPCSTR pszObjectOid
,
1103 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1105 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CRL
,
1106 (AddContextToStore
)CertAddCRLContextToStore
, ppvContext
);
1109 static BOOL WINAPI
CRYPT_CreateCTL(LPCSTR pszObjectOid
,
1110 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1112 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CTL
,
1113 (AddContextToStore
)CertAddCTLContextToStore
, ppvContext
);
1116 static BOOL WINAPI
CRYPT_CreatePKCS7(LPCSTR pszObjectOid
,
1117 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1121 if (!pObject
->cBlob
)
1123 SetLastError(ERROR_INVALID_DATA
);
1127 else if (pObject
->cBlob
== 1)
1128 ret
= CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1129 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1130 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
, CERT_QUERY_FORMAT_FLAG_BINARY
,
1131 0, NULL
, NULL
, NULL
, ppvContext
, NULL
, NULL
);
1134 FIXME("multiple messages unimplemented\n");
1140 static BOOL WINAPI
CRYPT_CreateAny(LPCSTR pszObjectOid
,
1141 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1145 if (!pObject
->cBlob
)
1147 SetLastError(ERROR_INVALID_DATA
);
1153 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
1154 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1158 HCERTSTORE memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1159 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1163 CertAddStoreToCollection(store
, memStore
,
1164 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
1165 CertCloseStore(memStore
, 0);
1169 CertCloseStore(store
, 0);
1178 for (i
= 0; i
< pObject
->cBlob
; i
++)
1180 DWORD contentType
, expectedContentTypes
=
1181 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1182 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
|
1183 CERT_QUERY_CONTENT_FLAG_CERT
|
1184 CERT_QUERY_CONTENT_FLAG_CRL
|
1185 CERT_QUERY_CONTENT_FLAG_CTL
;
1186 HCERTSTORE contextStore
;
1187 const void *context
;
1189 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1190 &pObject
->rgBlob
[i
], expectedContentTypes
,
1191 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, &contentType
, NULL
,
1192 &contextStore
, NULL
, &context
))
1194 switch (contentType
)
1196 case CERT_QUERY_CONTENT_CERT
:
1197 if (!CertAddCertificateContextToStore(store
,
1198 (PCCERT_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1201 case CERT_QUERY_CONTENT_CRL
:
1202 if (!CertAddCRLContextToStore(store
,
1203 (PCCRL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1206 case CERT_QUERY_CONTENT_CTL
:
1207 if (!CertAddCTLContextToStore(store
,
1208 (PCCTL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1212 CertAddStoreToCollection(store
, contextStore
, 0, 0);
1221 *ppvContext
= store
;
1226 typedef BOOL (WINAPI
*ContextDllCreateObjectContext
)(LPCSTR pszObjectOid
,
1227 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
);
1229 static BOOL
CRYPT_GetCreateFunction(LPCSTR pszObjectOid
,
1230 ContextDllCreateObjectContext
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
1234 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid
), pFunc
, phFunc
);
1238 if (!HIWORD(pszObjectOid
))
1240 switch (LOWORD(pszObjectOid
))
1243 *pFunc
= CRYPT_CreateBlob
;
1245 case LOWORD(CONTEXT_OID_CERTIFICATE
):
1246 *pFunc
= CRYPT_CreateCert
;
1248 case LOWORD(CONTEXT_OID_CRL
):
1249 *pFunc
= CRYPT_CreateCRL
;
1251 case LOWORD(CONTEXT_OID_CTL
):
1252 *pFunc
= CRYPT_CreateCTL
;
1254 case LOWORD(CONTEXT_OID_PKCS7
):
1255 *pFunc
= CRYPT_CreatePKCS7
;
1257 case LOWORD(CONTEXT_OID_CAPI2_ANY
):
1258 *pFunc
= CRYPT_CreateAny
;
1264 static HCRYPTOIDFUNCSET set
= NULL
;
1267 set
= CryptInitOIDFunctionSet(
1268 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC
, 0);
1269 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszObjectOid
,
1270 0, (void **)pFunc
, phFunc
);
1272 TRACE("returning %d\n", ret
);
1276 /***********************************************************************
1277 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1279 BOOL WINAPI
CryptRetrieveObjectByUrlW(LPCWSTR pszURL
, LPCSTR pszObjectOid
,
1280 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
1281 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
1282 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
1285 SchemeDllRetrieveEncodedObjectW retrieve
;
1286 ContextDllCreateObjectContext create
;
1287 HCRYPTOIDFUNCADDR hRetrieve
= 0, hCreate
= 0;
1289 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
1290 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
1291 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
1295 SetLastError(ERROR_INVALID_PARAMETER
);
1298 ret
= CRYPT_GetRetrieveFunction(pszURL
, &retrieve
, &hRetrieve
);
1300 ret
= CRYPT_GetCreateFunction(pszObjectOid
, &create
, &hCreate
);
1303 CRYPT_BLOB_ARRAY object
= { 0, NULL
};
1304 PFN_FREE_ENCODED_OBJECT_FUNC freeObject
;
1307 ret
= retrieve(pszURL
, pszObjectOid
, dwRetrievalFlags
, dwTimeout
,
1308 &object
, &freeObject
, &freeContext
, hAsyncRetrieve
, pCredentials
,
1312 ret
= create(pszObjectOid
, dwRetrievalFlags
, &object
, ppvObject
);
1313 freeObject(pszObjectOid
, &object
, freeContext
);
1317 CryptFreeOIDFunctionAddress(hCreate
, 0);
1319 CryptFreeOIDFunctionAddress(hRetrieve
, 0);
1320 TRACE("returning %d\n", ret
);
1324 typedef struct _OLD_CERT_REVOCATION_STATUS
{
1329 } OLD_CERT_REVOCATION_STATUS
, *POLD_CERT_REVOCATION_STATUS
;
1331 /***********************************************************************
1332 * CertDllVerifyRevocation (CRYPTNET.@)
1334 BOOL WINAPI
CertDllVerifyRevocation(DWORD dwEncodingType
, DWORD dwRevType
,
1335 DWORD cContext
, PVOID rgpvContext
[], DWORD dwFlags
,
1336 PCERT_REVOCATION_PARA pRevPara
, PCERT_REVOCATION_STATUS pRevStatus
)
1341 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType
, dwRevType
,
1342 cContext
, rgpvContext
, dwFlags
, pRevPara
, pRevStatus
);
1344 if (pRevStatus
->cbSize
!= sizeof(OLD_CERT_REVOCATION_STATUS
) &&
1345 pRevStatus
->cbSize
!= sizeof(CERT_REVOCATION_STATUS
))
1347 SetLastError(E_INVALIDARG
);
1350 memset(&pRevStatus
->dwIndex
, 0, pRevStatus
->cbSize
- sizeof(DWORD
));
1351 if (dwRevType
!= CERT_CONTEXT_REVOCATION_TYPE
)
1353 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1359 for (i
= 0; ret
&& i
< cContext
; i
++)
1363 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1364 rgpvContext
[i
], 0, NULL
, &cbUrlArray
, NULL
, NULL
, NULL
);
1365 if (!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
)
1367 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1368 pRevStatus
->dwIndex
= i
;
1372 CRYPT_URL_ARRAY
*urlArray
= CryptMemAlloc(cbUrlArray
);
1376 DWORD j
, retrievalFlags
= 0, startTime
, endTime
, timeout
;
1378 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1379 rgpvContext
[i
], 0, urlArray
, &cbUrlArray
, NULL
, NULL
,
1381 if (dwFlags
& CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION
)
1382 retrievalFlags
|= CRYPT_CACHE_ONLY_RETRIEVAL
;
1383 if (dwFlags
& CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG
&&
1384 pRevPara
->cbSize
>= offsetof(CERT_REVOCATION_PARA
,
1385 dwUrlRetrievalTimeout
) + sizeof(DWORD
))
1387 startTime
= GetTickCount();
1388 endTime
= startTime
+ pRevPara
->dwUrlRetrievalTimeout
;
1389 timeout
= pRevPara
->dwUrlRetrievalTimeout
;
1392 endTime
= timeout
= 0;
1393 for (j
= 0; ret
&& j
< urlArray
->cUrl
; j
++)
1397 ret
= CryptRetrieveObjectByUrlW(urlArray
->rgwszUrl
[j
],
1398 CONTEXT_OID_CRL
, retrievalFlags
, timeout
,
1399 (void **)&crl
, NULL
, NULL
, NULL
, NULL
);
1402 PCRL_ENTRY entry
= NULL
;
1404 CertFindCertificateInCRL(
1405 (PCCERT_CONTEXT
)rgpvContext
[i
], crl
, 0, NULL
,
1409 error
= CRYPT_E_REVOKED
;
1410 pRevStatus
->dwIndex
= i
;
1415 DWORD time
= GetTickCount();
1417 if ((int)(endTime
- time
) <= 0)
1419 error
= ERROR_TIMEOUT
;
1420 pRevStatus
->dwIndex
= i
;
1424 timeout
= endTime
- time
;
1426 CertFreeCRLContext(crl
);
1429 error
= CRYPT_E_REVOCATION_OFFLINE
;
1431 CryptMemFree(urlArray
);
1435 error
= ERROR_OUTOFMEMORY
;
1436 pRevStatus
->dwIndex
= i
;
1441 pRevStatus
->dwIndex
= i
;
1447 SetLastError(error
);
1448 pRevStatus
->dwError
= error
;
1450 TRACE("returning %d (%08x)\n", ret
, error
);