search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cmd: Fix a couple of issues with redirections.
[wine.git] / dlls / wintrust / crypt.c
blobb2c5e31e87f6b6c4e8c738dbd2353fac4cf90b01
1 /*
2 * WinTrust Cryptography functions
3 *
4 * Copyright 2006 James Hawkins
5 * Copyright 2000-2002 Stuart Caie
6 * Copyright 2002 Patrik Stridvall
7 * Copyright 2003 Greg Turner
8 * Copyright 2008 Juan Lang
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
23 */
24
25 #include <stdarg.h>
26 #include <stdio.h>
27 #include "windef.h"
28 #include "winbase.h"
29 #include "wintrust.h"
30 #include "winver.h"
31 #include "mscat.h"
32 #include "mssip.h"
33 #include "imagehlp.h"
34 #include "winternl.h"
35
36 #include "wine/debug.h"
37
38 WINE_DEFAULT_DEBUG_CHANNEL(wintrust);
39
40 #define CATADMIN_MAGIC 0x43415441 /* 'CATA' */
41 #define CRYPTCAT_MAGIC 0x43415443 /* 'CATC' */
42 #define CATINFO_MAGIC 0x43415449 /* 'CATI' */
43
44 struct cryptcat
45 {
46 DWORD magic;
47 HCRYPTMSG msg;
48 DWORD encoding;
49 CTL_INFO *inner;
50 DWORD inner_len;
51 GUID subject;
52 DWORD attr_count;
53 CRYPTCATATTRIBUTE *attr;
54 };
55
56 struct catadmin
57 {
58 DWORD magic;
59 WCHAR path[MAX_PATH];
60 HANDLE find;
61 };
62
63 struct catinfo
64 {
65 DWORD magic;
66 WCHAR file[MAX_PATH];
67 };
68
69 static HCATINFO create_catinfo(const WCHAR *filename)
70 {
71 struct catinfo *ci;
72
73 if (!(ci = malloc(sizeof(*ci))))
74 {
75 SetLastError(ERROR_OUTOFMEMORY);
76 return INVALID_HANDLE_VALUE;
77 }
78 lstrcpyW(ci->file, filename);
79 ci->magic = CATINFO_MAGIC;
80 return ci;
81 }
82
83 /***********************************************************************
84 * CryptCATAdminAcquireContext (WINTRUST.@)
85 *
86 * Get a catalog administrator context handle.
87 *
88 * PARAMS
89 * catAdmin [O] Pointer to the context handle.
90 * sys [I] Pointer to a GUID for the needed subsystem.
91 * dwFlags [I] Reserved.
92 *
93 * RETURNS
94 * Success: TRUE. catAdmin contains the context handle.
95 * Failure: FALSE.
96 *
97 */
98 BOOL WINAPI CryptCATAdminAcquireContext(HCATADMIN *catAdmin,
99 const GUID *sys, DWORD dwFlags)
100 {
101 static const WCHAR catroot[] =
102 {'\\','c','a','t','r','o','o','t',0};
103 static const WCHAR fmt[] =
104 {'%','s','\\','{','%','0','8','x','-','%','0','4','x','-','%','0',
105 '4','x','-','%','0','2','x','%','0','2','x','-','%','0','2','x',
106 '%','0','2','x','%','0','2','x','%','0','2','x','%','0','2','x',
107 '%','0','2','x','}',0};
108 static const GUID defsys =
109 {0x127d0a1d,0x4ef2,0x11d1,{0x86,0x08,0x00,0xc0,0x4f,0xc2,0x95,0xee}};
110
111 WCHAR catroot_dir[MAX_PATH];
112 struct catadmin *ca;
113
114 TRACE("%p %s %lx\n", catAdmin, debugstr_guid(sys), dwFlags);
115
116 if (!catAdmin || dwFlags)
117 {
118 SetLastError(ERROR_INVALID_PARAMETER);
119 return FALSE;
120 }
121 if (!(ca = malloc(sizeof(*ca))))
122 {
123 SetLastError(ERROR_OUTOFMEMORY);
124 return FALSE;
125 }
126
127 GetSystemDirectoryW(catroot_dir, MAX_PATH);
128 lstrcatW(catroot_dir, catroot);
129
130 /* create the directory if it doesn't exist */
131 CreateDirectoryW(catroot_dir, NULL);
132
133 if (!sys) sys = &defsys;
134 swprintf(ca->path, ARRAY_SIZE(ca->path), fmt, catroot_dir, sys->Data1, sys->Data2,
135 sys->Data3, sys->Data4[0], sys->Data4[1], sys->Data4[2],
136 sys->Data4[3], sys->Data4[4], sys->Data4[5], sys->Data4[6],
137 sys->Data4[7]);
138
139 /* create the directory if it doesn't exist */
140 CreateDirectoryW(ca->path, NULL);
141
142 ca->magic = CATADMIN_MAGIC;
143 ca->find = INVALID_HANDLE_VALUE;
144
145 *catAdmin = ca;
146 return TRUE;
147 }
148
149 /***********************************************************************
150 * CryptCATAdminAcquireContext2 (WINTRUST.@)
151 */
152 BOOL WINAPI CryptCATAdminAcquireContext2(HCATADMIN *catAdmin, const GUID *sys, const WCHAR *algorithm,
153 const CERT_STRONG_SIGN_PARA *policy, DWORD flags)
154 {
155 FIXME("%p %s %s %p %lx stub\n", catAdmin, debugstr_guid(sys), debugstr_w(algorithm), policy, flags);
156 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
157 return FALSE;
158 }
159
160 /***********************************************************************
161 * CryptCATAdminAddCatalog (WINTRUST.@)
162 */
163 HCATINFO WINAPI CryptCATAdminAddCatalog(HCATADMIN catAdmin, PWSTR catalogFile,
164 PWSTR selectBaseName, DWORD flags)
165 {
166 static const WCHAR slashW[] = {'\\',0};
167 struct catadmin *ca = catAdmin;
168 struct catinfo *ci;
169 WCHAR *target;
170 DWORD len;
171
172 TRACE("%p %s %s %ld\n", catAdmin, debugstr_w(catalogFile),
173 debugstr_w(selectBaseName), flags);
174
175 if (!selectBaseName)
176 {
177 FIXME("NULL basename not handled\n");
178 SetLastError(ERROR_INVALID_PARAMETER);
179 return NULL;
180 }
181 if (!ca || ca->magic != CATADMIN_MAGIC || !catalogFile || flags)
182 {
183 SetLastError(ERROR_INVALID_PARAMETER);
184 return NULL;
185 }
186
187 len = lstrlenW(ca->path) + lstrlenW(selectBaseName) + 2;
188 if (!(target = malloc(len * sizeof(WCHAR))))
189 {
190 SetLastError(ERROR_OUTOFMEMORY);
191 return NULL;
192 }
193 lstrcpyW(target, ca->path);
194 lstrcatW(target, slashW);
195 lstrcatW(target, selectBaseName);
196
197 if (!CopyFileW(catalogFile, target, FALSE))
198 {
199 free(target);
200 return NULL;
201 }
202 SetFileAttributesW(target, FILE_ATTRIBUTE_SYSTEM);
203
204 if (!(ci = malloc(sizeof(*ci))))
205 {
206 free(target);
207 SetLastError(ERROR_OUTOFMEMORY);
208 return NULL;
209 }
210 ci->magic = CATINFO_MAGIC;
211 lstrcpyW(ci->file, target);
212
213 free(target);
214 return ci;
215 }
216
217 static BOOL pe_image_hash( HANDLE file, HCRYPTHASH hash )
218 {
219 UINT32 size, offset, file_size, sig_pos;
220 HANDLE mapping;
221 BYTE *view;
222 IMAGE_NT_HEADERS *nt;
223 BOOL ret = FALSE;
224
225 if ((file_size = GetFileSize( file, NULL )) == INVALID_FILE_SIZE) return FALSE;
226
227 if ((mapping = CreateFileMappingW( file, NULL, PAGE_READONLY, 0, 0, NULL )) == INVALID_HANDLE_VALUE)
228 return FALSE;
229
230 if (!(view = MapViewOfFile( mapping, FILE_MAP_READ, 0, 0, 0 )) || !(nt = ImageNtHeader( view ))) goto done;
231
232 if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC)
233 {
234 const IMAGE_NT_HEADERS64 *nt64 = (const IMAGE_NT_HEADERS64 *)nt;
235
236 /* offset from start of file to checksum */
237 offset = (BYTE *)&nt64->OptionalHeader.CheckSum - view;
238
239 /* area between checksum and security directory entry */
240 size = FIELD_OFFSET( IMAGE_OPTIONAL_HEADER64, DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY] ) -
241 FIELD_OFFSET( IMAGE_OPTIONAL_HEADER64, Subsystem );
242
243 if (nt64->OptionalHeader.NumberOfRvaAndSizes < IMAGE_FILE_SECURITY_DIRECTORY + 1) goto done;
244 sig_pos = nt64->OptionalHeader.DataDirectory[IMAGE_FILE_SECURITY_DIRECTORY].VirtualAddress;
245 }
246 else if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC)
247 {
248 const IMAGE_NT_HEADERS32 *nt32 = (const IMAGE_NT_HEADERS32 *)nt;
249
250 /* offset from start of file to checksum */
251 offset = (BYTE *)&nt32->OptionalHeader.CheckSum - view;
252
253 /* area between checksum and security directory entry */
254 size = FIELD_OFFSET( IMAGE_OPTIONAL_HEADER32, DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY] ) -
255 FIELD_OFFSET( IMAGE_OPTIONAL_HEADER32, Subsystem );
256
257 if (nt32->OptionalHeader.NumberOfRvaAndSizes < IMAGE_FILE_SECURITY_DIRECTORY + 1) goto done;
258 sig_pos = nt32->OptionalHeader.DataDirectory[IMAGE_FILE_SECURITY_DIRECTORY].VirtualAddress;
259 }
260 else goto done;
261
262 if (!CryptHashData( hash, view, offset, 0 )) goto done;
263 offset += sizeof(DWORD); /* skip checksum */
264 if (!CryptHashData( hash, view + offset, size, 0 )) goto done;
265
266 offset += size + sizeof(IMAGE_DATA_DIRECTORY); /* skip security entry */
267 if (offset > file_size) goto done;
268 if (sig_pos)
269 {
270 if (sig_pos < offset) goto done;
271 if (sig_pos > file_size) goto done;
272 size = sig_pos - offset; /* exclude signature */
273 }
274 else size = file_size - offset;
275
276 if (!CryptHashData( hash, view + offset, size, 0 )) goto done;
277 ret = TRUE;
278
279 if (!sig_pos && (size = file_size % 8))
280 {
281 static const BYTE pad[7];
282 ret = CryptHashData( hash, pad, 8 - size, 0 );
283 }
284
285 done:
286 UnmapViewOfFile( view );
287 CloseHandle( mapping );
288 return ret;
289 }
290
291 /***********************************************************************
292 * CryptCATAdminCalcHashFromFileHandle (WINTRUST.@)
293 */
294 BOOL WINAPI CryptCATAdminCalcHashFromFileHandle(HANDLE hFile, DWORD *pcbHash, BYTE *pbHash, DWORD dwFlags)
295 {
296 BOOL ret = FALSE;
297
298 TRACE("%p %p %p %lx\n", hFile, pcbHash, pbHash, dwFlags);
299
300 if (!hFile || !pcbHash || dwFlags)
301 {
302 SetLastError(ERROR_INVALID_PARAMETER);
303 return FALSE;
304 }
305 if (*pcbHash < 20)
306 {
307 *pcbHash = 20;
308 SetLastError(ERROR_INSUFFICIENT_BUFFER);
309 return TRUE;
310 }
311
312 *pcbHash = 20;
313 if (pbHash)
314 {
315 HCRYPTPROV prov;
316 HCRYPTHASH hash;
317 DWORD bytes_read;
318 BYTE *buffer;
319
320 if (!(buffer = malloc(4096)))
321 {
322 SetLastError(ERROR_OUTOFMEMORY);
323 return FALSE;
324 }
325 ret = CryptAcquireContextW(&prov, NULL, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
326 if (!ret)
327 {
328 free(buffer);
329 return FALSE;
330 }
331 ret = CryptCreateHash(prov, CALG_SHA1, 0, 0, &hash);
332 if (!ret)
333 {
334 free(buffer);
335 CryptReleaseContext(prov, 0);
336 return FALSE;
337 }
338
339 if (!(ret = pe_image_hash(hFile, hash)))
340 {
341 while ((ret = ReadFile(hFile, buffer, 4096, &bytes_read, NULL)) && bytes_read)
342 {
343 CryptHashData(hash, buffer, bytes_read, 0);
344 }
345 }
346 if (ret) ret = CryptGetHashParam(hash, HP_HASHVAL, pbHash, pcbHash, 0);
347
348 free(buffer);
349 CryptDestroyHash(hash);
350 CryptReleaseContext(prov, 0);
351 }
352 return ret;
353 }
354
355 /***********************************************************************
356 * CryptCATAdminEnumCatalogFromHash (WINTRUST.@)
357 */
358 HCATINFO WINAPI CryptCATAdminEnumCatalogFromHash(HCATADMIN hCatAdmin, BYTE* pbHash,
359 DWORD cbHash, DWORD dwFlags,
360 HCATINFO* phPrevCatInfo )
361 {
362 static const WCHAR slashW[] = {'\\',0};
363 static const WCHAR globW[] = {'\\','*','.','c','a','t',0};
364
365 struct catadmin *ca = hCatAdmin;
366 WIN32_FIND_DATAW data;
367 HCATINFO prev = NULL;
368 HCRYPTPROV prov;
369 DWORD size;
370 BOOL ret;
371
372 TRACE("%p %p %ld %lx %p\n", hCatAdmin, pbHash, cbHash, dwFlags, phPrevCatInfo);
373
374 if (!ca || ca->magic != CATADMIN_MAGIC || !pbHash || cbHash != 20 || dwFlags)
375 {
376 SetLastError(ERROR_INVALID_PARAMETER);
377 return NULL;
378 }
379 if (phPrevCatInfo) prev = *phPrevCatInfo;
380
381 ret = CryptAcquireContextW(&prov, NULL, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
382 if (!ret) return NULL;
383
384 if (!prev)
385 {
386 WCHAR *path;
387
388 size = lstrlenW(ca->path) * sizeof(WCHAR) + sizeof(globW);
389 if (!(path = malloc(size)))
390 {
391 CryptReleaseContext(prov, 0);
392 SetLastError(ERROR_OUTOFMEMORY);
393 return NULL;
394 }
395 lstrcpyW(path, ca->path);
396 lstrcatW(path, globW);
397
398 FindClose(ca->find);
399 ca->find = FindFirstFileW(path, &data);
400
401 free(path);
402 if (ca->find == INVALID_HANDLE_VALUE)
403 {
404 CryptReleaseContext(prov, 0);
405 return NULL;
406 }
407 }
408 else if (!FindNextFileW(ca->find, &data))
409 {
410 CryptCATAdminReleaseCatalogContext(hCatAdmin, prev, 0);
411 CryptReleaseContext(prov, 0);
412 return NULL;
413 }
414
415 while (1)
416 {
417 WCHAR *filename;
418 CRYPTCATMEMBER *member = NULL;
419 struct catinfo *ci;
420 HANDLE hcat;
421
422 size = (lstrlenW(ca->path) + lstrlenW(data.cFileName) + 2) * sizeof(WCHAR);
423 if (!(filename = malloc(size)))
424 {
425 SetLastError(ERROR_OUTOFMEMORY);
426 return NULL;
427 }
428 lstrcpyW(filename, ca->path);
429 lstrcatW(filename, slashW);
430 lstrcatW(filename, data.cFileName);
431
432 hcat = CryptCATOpen(filename, CRYPTCAT_OPEN_EXISTING, prov, 0, 0);
433 if (hcat == INVALID_HANDLE_VALUE)
434 {
435 WARN("couldn't open %s (%lu)\n", debugstr_w(filename), GetLastError());
436 continue;
437 }
438 while ((member = CryptCATEnumerateMember(hcat, member)))
439 {
440 if (member->pIndirectData->Digest.cbData != cbHash)
441 {
442 WARN("amount of hash bytes differs: %lu/%lu\n", member->pIndirectData->Digest.cbData, cbHash);
443 continue;
444 }
445 if (!memcmp(member->pIndirectData->Digest.pbData, pbHash, cbHash))
446 {
447 TRACE("file %s matches\n", debugstr_w(data.cFileName));
448
449 CryptCATClose(hcat);
450 CryptReleaseContext(prov, 0);
451 if (!phPrevCatInfo)
452 {
453 FindClose(ca->find);
454 ca->find = INVALID_HANDLE_VALUE;
455 }
456 ci = create_catinfo(filename);
457 free(filename);
458 return ci;
459 }
460 }
461 CryptCATClose(hcat);
462 free(filename);
463
464 if (!FindNextFileW(ca->find, &data))
465 {
466 FindClose(ca->find);
467 ca->find = INVALID_HANDLE_VALUE;
468 CryptReleaseContext(prov, 0);
469 return NULL;
470 }
471 }
472 return NULL;
473 }
474
475 /***********************************************************************
476 * CryptCATAdminReleaseCatalogContext (WINTRUST.@)
477 *
478 * Release a catalog context handle.
479 *
480 * PARAMS
481 * hCatAdmin [I] Context handle.
482 * hCatInfo [I] Catalog handle.
483 * dwFlags [I] Reserved.
484 *
485 * RETURNS
486 * Success: TRUE.
487 * Failure: FALSE.
488 *
489 */
490 BOOL WINAPI CryptCATAdminReleaseCatalogContext(HCATADMIN hCatAdmin,
491 HCATINFO hCatInfo,
492 DWORD dwFlags)
493 {
494 struct catinfo *ci = hCatInfo;
495 struct catadmin *ca = hCatAdmin;
496
497 TRACE("%p %p %lx\n", hCatAdmin, hCatInfo, dwFlags);
498
499 if (!ca || ca->magic != CATADMIN_MAGIC || !ci || ci->magic != CATINFO_MAGIC)
500 {
501 SetLastError(ERROR_INVALID_PARAMETER);
502 return FALSE;
503 }
504 /* Ensure compiler doesn't optimize out the assignment with 0. */
505 SecureZeroMemory(&ci->magic, sizeof(ci->magic));
506 free(ci);
507 return TRUE;
508 }
509
510 /***********************************************************************
511 * CryptCATAdminReleaseContext (WINTRUST.@)
512 *
513 * Release a catalog administrator context handle.
514 *
515 * PARAMS
516 * catAdmin [I] Context handle.
517 * dwFlags [I] Reserved.
518 *
519 * RETURNS
520 * Success: TRUE.
521 * Failure: FALSE.
522 *
523 */
524 BOOL WINAPI CryptCATAdminReleaseContext(HCATADMIN hCatAdmin, DWORD dwFlags )
525 {
526 struct catadmin *ca = hCatAdmin;
527
528 TRACE("%p %lx\n", hCatAdmin, dwFlags);
529
530 if (!ca || ca->magic != CATADMIN_MAGIC)
531 {
532 SetLastError(ERROR_INVALID_PARAMETER);
533 return FALSE;
534 }
535 if (ca->find != INVALID_HANDLE_VALUE) FindClose(ca->find);
536 /* Ensure compiler doesn't optimize out the assignment with 0. */
537 SecureZeroMemory(&ca->magic, sizeof(ca->magic));
538 free(ca);
539 return TRUE;
540 }
541
542 /***********************************************************************
543 * CryptCATAdminRemoveCatalog (WINTRUST.@)
544 *
545 * Remove a catalog file.
546 *
547 * PARAMS
548 * catAdmin [I] Context handle.
549 * pwszCatalogFile [I] Catalog file.
550 * dwFlags [I] Reserved.
551 *
552 * RETURNS
553 * Success: TRUE.
554 * Failure: FALSE.
555 *
556 */
557 BOOL WINAPI CryptCATAdminRemoveCatalog(HCATADMIN hCatAdmin, LPCWSTR pwszCatalogFile, DWORD dwFlags)
558 {
559 struct catadmin *ca = hCatAdmin;
560
561 TRACE("%p %s %lx\n", hCatAdmin, debugstr_w(pwszCatalogFile), dwFlags);
562
563 if (!ca || ca->magic != CATADMIN_MAGIC)
564 {
565 SetLastError(ERROR_INVALID_PARAMETER);
566 return FALSE;
567 }
568
569 /* Only delete when there is a filename and no path */
570 if (pwszCatalogFile && pwszCatalogFile[0] != 0 &&
571 !wcschr(pwszCatalogFile, '\\') && !wcschr(pwszCatalogFile, '/') &&
572 !wcschr(pwszCatalogFile, ':'))
573 {
574 static const WCHAR slashW[] = {'\\',0};
575 WCHAR *target;
576 DWORD len;
577
578 len = lstrlenW(ca->path) + lstrlenW(pwszCatalogFile) + 2;
579 if (!(target = malloc(len * sizeof(WCHAR))))
580 {
581 SetLastError(ERROR_OUTOFMEMORY);
582 return FALSE;
583 }
584 lstrcpyW(target, ca->path);
585 lstrcatW(target, slashW);
586 lstrcatW(target, pwszCatalogFile);
587
588 DeleteFileW(target);
589
590 free(target);
591 }
592
593 return TRUE;
594 }
595
596 /***********************************************************************
597 * CryptCATAdminResolveCatalogPath (WINTRUST.@)
598 */
599 BOOL WINAPI CryptCATAdminResolveCatalogPath(HCATADMIN hcatadmin, WCHAR *catalog_file,
600 CATALOG_INFO *info, DWORD flags)
601 {
602 static const WCHAR slashW[] = {'\\',0};
603 struct catadmin *ca = hcatadmin;
604
605 TRACE("%p %s %p %lx\n", hcatadmin, debugstr_w(catalog_file), info, flags);
606
607 if (!ca || ca->magic != CATADMIN_MAGIC || !info || info->cbStruct != sizeof(*info) || flags)
608 {
609 SetLastError(ERROR_INVALID_PARAMETER);
610 return FALSE;
611 }
612 lstrcpyW(info->wszCatalogFile, ca->path);
613 lstrcatW(info->wszCatalogFile, slashW);
614 lstrcatW(info->wszCatalogFile, catalog_file);
615
616 return TRUE;
617 }
618
619 /***********************************************************************
620 * CryptCATClose (WINTRUST.@)
621 */
622 BOOL WINAPI CryptCATClose(HANDLE hCatalog)
623 {
624 struct cryptcat *cc = hCatalog;
625
626 TRACE("(%p)\n", hCatalog);
627
628 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
629 {
630 SetLastError(ERROR_INVALID_PARAMETER);
631 return FALSE;
632 }
633 free(cc->attr);
634 free(cc->inner);
635 CryptMsgClose(cc->msg);
636
637 /* Ensure compiler doesn't optimize out the assignment with 0. */
638 SecureZeroMemory(&cc->magic, sizeof(cc->magic));
639 free(cc);
640 return TRUE;
641 }
642
643 /***********************************************************************
644 * CryptCATGetAttrInfo (WINTRUST.@)
645 */
646 CRYPTCATATTRIBUTE * WINAPI CryptCATGetAttrInfo(HANDLE hCatalog, CRYPTCATMEMBER *member, LPWSTR tag)
647 {
648 struct cryptcat *cc = hCatalog;
649
650 FIXME("%p, %p, %s\n", hCatalog, member, debugstr_w(tag));
651
652 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
653 {
654 SetLastError(ERROR_INVALID_PARAMETER);
655 return NULL;
656 }
657 SetLastError(CRYPT_E_NOT_FOUND);
658 return NULL;
659 }
660
661 /***********************************************************************
662 * CryptCATGetCatAttrInfo (WINTRUST.@)
663 */
664 CRYPTCATATTRIBUTE * WINAPI CryptCATGetCatAttrInfo(HANDLE hCatalog, LPWSTR tag)
665 {
666 struct cryptcat *cc = hCatalog;
667
668 FIXME("%p, %s\n", hCatalog, debugstr_w(tag));
669
670 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
671 {
672 SetLastError(ERROR_INVALID_PARAMETER);
673 return NULL;
674 }
675 SetLastError(CRYPT_E_NOT_FOUND);
676 return NULL;
677 }
678
679 CRYPTCATMEMBER * WINAPI CryptCATGetMemberInfo(HANDLE hCatalog, LPWSTR tag)
680 {
681 struct cryptcat *cc = hCatalog;
682
683 FIXME("%p, %s\n", hCatalog, debugstr_w(tag));
684
685 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
686 {
687 SetLastError(ERROR_INVALID_PARAMETER);
688 return NULL;
689 }
690 SetLastError(CRYPT_E_NOT_FOUND);
691 return NULL;
692 }
693
694 /***********************************************************************
695 * CryptCATEnumerateAttr (WINTRUST.@)
696 */
697 CRYPTCATATTRIBUTE * WINAPI CryptCATEnumerateAttr(HANDLE hCatalog, CRYPTCATMEMBER *member, CRYPTCATATTRIBUTE *prev)
698 {
699 struct cryptcat *cc = hCatalog;
700
701 FIXME("%p, %p, %p\n", hCatalog, member, prev);
702
703 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
704 {
705 SetLastError(ERROR_INVALID_PARAMETER);
706 return NULL;
707 }
708 SetLastError(CRYPT_E_NOT_FOUND);
709 return NULL;
710 }
711
712 /***********************************************************************
713 * CryptCATEnumerateCatAttr (WINTRUST.@)
714 */
715 CRYPTCATATTRIBUTE * WINAPI CryptCATEnumerateCatAttr(HANDLE hCatalog, CRYPTCATATTRIBUTE *prev)
716 {
717 struct cryptcat *cc = hCatalog;
718
719 FIXME("%p, %p\n", hCatalog, prev);
720
721 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
722 {
723 SetLastError(ERROR_INVALID_PARAMETER);
724 return NULL;
725 }
726 SetLastError(CRYPT_E_NOT_FOUND);
727 return NULL;
728 }
729
730 /***********************************************************************
731 * CryptCATEnumerateMember (WINTRUST.@)
732 */
733 CRYPTCATMEMBER * WINAPI CryptCATEnumerateMember(HANDLE hCatalog, CRYPTCATMEMBER *prev)
734 {
735 struct cryptcat *cc = hCatalog;
736 CRYPTCATMEMBER *member = prev;
737 CTL_ENTRY *entry;
738 DWORD size, i;
739
740 TRACE("%p, %p\n", hCatalog, prev);
741
742 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
743 {
744 SetLastError(ERROR_INVALID_PARAMETER);
745 return NULL;
746 }
747
748 /* dumping the contents makes me think that dwReserved is the iteration number */
749 if (!member)
750 {
751 if (!(member = malloc(sizeof(*member))))
752 {
753 SetLastError(ERROR_OUTOFMEMORY);
754 return NULL;
755 }
756 member->cbStruct = sizeof(*member);
757 member->pwszFileName = member->pwszReferenceTag = NULL;
758 member->dwReserved = 0;
759 member->hReserved = NULL;
760 member->gSubjectType = cc->subject;
761 member->fdwMemberFlags = 0;
762 member->pIndirectData = NULL;
763 member->dwCertVersion = cc->inner->dwVersion;
764 }
765 else member->dwReserved++;
766
767 if (member->dwReserved >= cc->inner->cCTLEntry)
768 {
769 SetLastError(ERROR_INVALID_PARAMETER);
770 goto error;
771 }
772
773 /* list them backwards, like native */
774 entry = &cc->inner->rgCTLEntry[cc->inner->cCTLEntry - member->dwReserved - 1];
775
776 member->sEncodedIndirectData.cbData = member->sEncodedMemberInfo.cbData = 0;
777 member->sEncodedIndirectData.pbData = member->sEncodedMemberInfo.pbData = NULL;
778 free(member->pIndirectData);
779 member->pIndirectData = NULL;
780
781 for (i = 0; i < entry->cAttribute; i++)
782 {
783 CRYPT_ATTRIBUTE *attr = entry->rgAttribute + i;
784
785 if (attr->cValue != 1)
786 {
787 ERR("Can't handle attr->cValue of %lu\n", attr->cValue);
788 continue;
789 }
790 if (!strcmp(attr->pszObjId, CAT_MEMBERINFO_OBJID))
791 {
792 CAT_MEMBERINFO *mi;
793 BOOL ret;
794
795 member->sEncodedMemberInfo.cbData = attr->rgValue->cbData;
796 member->sEncodedMemberInfo.pbData = attr->rgValue->pbData;
797
798 CryptDecodeObject(cc->encoding, CAT_MEMBERINFO_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, NULL, &size);
799
800 if (!(mi = malloc(size)))
801 {
802 SetLastError(ERROR_OUTOFMEMORY);
803 goto error;
804 }
805 ret = CryptDecodeObject(cc->encoding, CAT_MEMBERINFO_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, mi, &size);
806 if (ret)
807 {
808 UNICODE_STRING guid;
809
810 member->dwCertVersion = mi->dwCertVersion;
811 RtlInitUnicodeString(&guid, mi->pwszSubjGuid);
812 if (RtlGUIDFromString(&guid, &member->gSubjectType))
813 {
814 free(mi);
815 goto error;
816 }
817 }
818 free(mi);
819 if (!ret) goto error;
820 }
821 else if (!strcmp(attr->pszObjId, SPC_INDIRECT_DATA_OBJID))
822 {
823 /* SPC_INDIRECT_DATA_CONTENT is equal to SIP_INDIRECT_DATA */
824
825 member->sEncodedIndirectData.cbData = attr->rgValue->cbData;
826 member->sEncodedIndirectData.pbData = attr->rgValue->pbData;
827
828 CryptDecodeObject(cc->encoding, SPC_INDIRECT_DATA_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, NULL, &size);
829
830 if (!(member->pIndirectData = malloc(size)))
831 {
832 SetLastError(ERROR_OUTOFMEMORY);
833 goto error;
834 }
835 CryptDecodeObject(cc->encoding, SPC_INDIRECT_DATA_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, member->pIndirectData, &size);
836 }
837 else
838 /* this object id should probably be handled in CryptCATEnumerateAttr */
839 FIXME("unhandled object id \"%s\"\n", attr->pszObjId);
840 }
841
842 if (!member->sEncodedMemberInfo.cbData || !member->sEncodedIndirectData.cbData)
843 {
844 ERR("Corrupted catalog entry?\n");
845 SetLastError(CRYPT_E_ATTRIBUTES_MISSING);
846 goto error;
847 }
848 size = (2 * member->pIndirectData->Digest.cbData + 1) * sizeof(WCHAR);
849 member->pwszReferenceTag = realloc(member->pwszReferenceTag, size);
850
851 if (!member->pwszReferenceTag)
852 {
853 SetLastError(ERROR_OUTOFMEMORY);
854 goto error;
855 }
856 /* FIXME: reference tag is usually the file hash but doesn't have to be */
857 for (i = 0; i < member->pIndirectData->Digest.cbData; i++)
858 {
859 DWORD sub;
860
861 sub = member->pIndirectData->Digest.pbData[i] >> 4;
862 member->pwszReferenceTag[i * 2] = (sub < 10 ? '0' + sub : 'A' + sub - 10);
863 sub = member->pIndirectData->Digest.pbData[i] & 0xf;
864 member->pwszReferenceTag[i * 2 + 1] = (sub < 10 ? '0' + sub : 'A' + sub - 10);
865 }
866 member->pwszReferenceTag[i * 2] = 0;
867 return member;
868
869 error:
870 free(member->pIndirectData);
871 free(member->pwszReferenceTag);
872 free(member);
873 return NULL;
874 }
875
876 static CTL_INFO *decode_inner_content(HANDLE hmsg, DWORD encoding, DWORD *len)
877 {
878 DWORD size;
879 LPSTR oid = NULL;
880 BYTE *buffer = NULL;
881 CTL_INFO *inner = NULL;
882
883 if (!CryptMsgGetParam(hmsg, CMSG_INNER_CONTENT_TYPE_PARAM, 0, NULL, &size)) return NULL;
884 if (!(oid = malloc(size)))
885 {
886 SetLastError(ERROR_OUTOFMEMORY);
887 return NULL;
888 }
889 if (!CryptMsgGetParam(hmsg, CMSG_INNER_CONTENT_TYPE_PARAM, 0, oid, &size)) goto out;
890 if (!CryptMsgGetParam(hmsg, CMSG_CONTENT_PARAM, 0, NULL, &size)) goto out;
891 if (!(buffer = malloc(size)))
892 {
893 SetLastError(ERROR_OUTOFMEMORY);
894 goto out;
895 }
896 if (!CryptMsgGetParam(hmsg, CMSG_CONTENT_PARAM, 0, buffer, &size)) goto out;
897 if (!CryptDecodeObject(encoding, oid, buffer, size, 0, NULL, &size)) goto out;
898 if (!(inner = malloc(size)))
899 {
900 SetLastError(ERROR_OUTOFMEMORY);
901 goto out;
902 }
903 if (!CryptDecodeObject(encoding, oid, buffer, size, 0, inner, &size)) goto out;
904 *len = size;
905
906 out:
907 free(oid);
908 free(buffer);
909 return inner;
910 }
911
912 /***********************************************************************
913 * CryptCATCatalogInfoFromContext (WINTRUST.@)
914 */
915 BOOL WINAPI CryptCATCatalogInfoFromContext(HCATINFO hcatinfo, CATALOG_INFO *info, DWORD flags)
916 {
917 struct catinfo *ci = hcatinfo;
918
919 TRACE("%p, %p, %lx\n", hcatinfo, info, flags);
920
921 if (!hcatinfo || hcatinfo == INVALID_HANDLE_VALUE || ci->magic != CATINFO_MAGIC ||
922 flags || !info || info->cbStruct != sizeof(*info))
923 {
924 SetLastError(ERROR_INVALID_PARAMETER);
925 return FALSE;
926 }
927 lstrcpyW(info->wszCatalogFile, ci->file);
928 return TRUE;
929 }
930
931 /***********************************************************************
932 * CryptCATPutAttrInfo (WINTRUST.@)
933 */
934 CRYPTCATATTRIBUTE * WINAPI CryptCATPutAttrInfo(HANDLE catalog, CRYPTCATMEMBER *member,
935 WCHAR *name, DWORD flags, DWORD size, BYTE *data)
936 {
937 FIXME("catalog %p, member %p, name %s, flags %#lx, size %lu, data %p, stub!\n",
938 catalog, member, debugstr_w(name), flags, size, data);
939
940 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
941 return NULL;
942 }
943
944 /***********************************************************************
945 * CryptCATPutCatAttrInfo (WINTRUST.@)
946 */
947 CRYPTCATATTRIBUTE * WINAPI CryptCATPutCatAttrInfo(HANDLE catalog,
948 WCHAR *name, DWORD flags, DWORD size, BYTE *data)
949 {
950 FIXME("catalog %p, name %s, flags %#lx, size %lu, data %p, stub!\n",
951 catalog, debugstr_w(name), flags, size, data);
952
953 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
954 return NULL;
955 }
956
957 /***********************************************************************
958 * CryptCATPutMemberInfo (WINTRUST.@)
959 */
960 CRYPTCATMEMBER * WINAPI CryptCATPutMemberInfo(HANDLE catalog, WCHAR *filename,
961 WCHAR *member, GUID *subject, DWORD version, DWORD size, BYTE *data)
962 {
963 FIXME("catalog %p, filename %s, member %s, subject %s, version %lu, size %lu, data %p, stub!\n",
964 catalog, debugstr_w(filename), debugstr_w(member), debugstr_guid(subject), version, size, data);
965
966 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
967 return NULL;
968 }
969
970 /***********************************************************************
971 * CryptCATPersistStore (WINTRUST.@)
972 */
973 BOOL WINAPI CryptCATPersistStore(HANDLE catalog)
974 {
975 FIXME("catalog %p, stub!\n", catalog);
976
977 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
978 return FALSE;
979 }
980
981 /***********************************************************************
982 * CryptCATOpen (WINTRUST.@)
983 */
984 HANDLE WINAPI CryptCATOpen(WCHAR *filename, DWORD flags, HCRYPTPROV hProv,
985 DWORD dwPublicVersion, DWORD dwEncodingType)
986 {
987 HANDLE file, hmsg;
988 BYTE *buffer = NULL;
989 DWORD size, open_mode = OPEN_ALWAYS;
990 struct cryptcat *cc;
991 BOOL valid;
992
993 TRACE("filename %s, flags %#lx, provider %#Ix, version %#lx, type %#lx\n",
994 debugstr_w(filename), flags, hProv, dwPublicVersion, dwEncodingType);
995
996 if (!filename)
997 {
998 SetLastError(ERROR_INVALID_PARAMETER);
999 return INVALID_HANDLE_VALUE;
1000 }
1001
1002 if (!dwEncodingType) dwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
1003
1004 if (flags == CRYPTCAT_OPEN_EXISTING)
1005 open_mode = OPEN_EXISTING;
1006 if (flags & CRYPTCAT_OPEN_CREATENEW)
1007 open_mode = CREATE_ALWAYS;
1008
1009 file = CreateFileW(filename, GENERIC_READ, FILE_SHARE_READ, NULL, open_mode, 0, NULL);
1010 if (file == INVALID_HANDLE_VALUE) return INVALID_HANDLE_VALUE;
1011
1012 size = GetFileSize(file, NULL);
1013 if (!(buffer = malloc(size)))
1014 {
1015 CloseHandle(file);
1016 SetLastError(ERROR_OUTOFMEMORY);
1017 return INVALID_HANDLE_VALUE;
1018 }
1019 if (!(hmsg = CryptMsgOpenToDecode(dwEncodingType, 0, 0, hProv, NULL, NULL)))
1020 {
1021 CloseHandle(file);
1022 free(buffer);
1023 return INVALID_HANDLE_VALUE;
1024 }
1025 if (!size) valid = FALSE;
1026 else if (!ReadFile(file, buffer, size, &size, NULL))
1027 {
1028 CloseHandle(file);
1029 free(buffer);
1030 CryptMsgClose(hmsg);
1031 return INVALID_HANDLE_VALUE;
1032 }
1033 else valid = CryptMsgUpdate(hmsg, buffer, size, TRUE);
1034 free(buffer);
1035 CloseHandle(file);
1036
1037 size = sizeof(DWORD);
1038 if (!(cc = calloc(1, sizeof(*cc))))
1039 {
1040 CryptMsgClose(hmsg);
1041 SetLastError(ERROR_OUTOFMEMORY);
1042 return INVALID_HANDLE_VALUE;
1043 }
1044
1045 cc->msg = hmsg;
1046 cc->encoding = dwEncodingType;
1047 if (!valid)
1048 {
1049 cc->magic = CRYPTCAT_MAGIC;
1050 SetLastError(ERROR_SUCCESS);
1051 return cc;
1052 }
1053 else if (CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_COUNT_PARAM, 0, &cc->attr_count, &size))
1054 {
1055 DWORD i, sum = 0;
1056 BYTE *p;
1057
1058 for (i = 0; i < cc->attr_count; i++)
1059 {
1060 if (!CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_PARAM, i, NULL, &size))
1061 {
1062 CryptMsgClose(hmsg);
1063 free(cc);
1064 return INVALID_HANDLE_VALUE;
1065 }
1066 sum += size;
1067 }
1068 if (!(cc->attr = malloc(sizeof(*cc->attr) * cc->attr_count + sum)))
1069 {
1070 CryptMsgClose(hmsg);
1071 free(cc);
1072 SetLastError(ERROR_OUTOFMEMORY);
1073 return INVALID_HANDLE_VALUE;
1074 }
1075 p = (BYTE *)(cc->attr + cc->attr_count);
1076 for (i = 0; i < cc->attr_count; i++)
1077 {
1078 if (!CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_PARAM, i, NULL, &size))
1079 {
1080 CryptMsgClose(hmsg);
1081 free(cc->attr);
1082 free(cc);
1083 return INVALID_HANDLE_VALUE;
1084 }
1085 if (!CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_PARAM, i, p, &size))
1086 {
1087 CryptMsgClose(hmsg);
1088 free(cc->attr);
1089 free(cc);
1090 return INVALID_HANDLE_VALUE;
1091 }
1092 p += size;
1093 }
1094 cc->inner = decode_inner_content(hmsg, dwEncodingType, &cc->inner_len);
1095 if (!cc->inner || !CryptSIPRetrieveSubjectGuid(filename, NULL, &cc->subject))
1096 {
1097 CryptMsgClose(hmsg);
1098 free(cc->attr);
1099 free(cc->inner);
1100 free(cc);
1101 return INVALID_HANDLE_VALUE;
1102 }
1103 cc->magic = CRYPTCAT_MAGIC;
1104 SetLastError(ERROR_SUCCESS);
1105 return cc;
1106 }
1107 free(cc);
1108 return INVALID_HANDLE_VALUE;
1109 }
1110
1111 /***********************************************************************
1112 * CryptSIPCreateIndirectData (WINTRUST.@)
1113 */
1114 BOOL WINAPI CryptSIPCreateIndirectData(SIP_SUBJECTINFO* pSubjectInfo, DWORD* pcbIndirectData,
1115 SIP_INDIRECT_DATA* pIndirectData)
1116 {
1117 FIXME("(%p %p %p) stub\n", pSubjectInfo, pcbIndirectData, pIndirectData);
1118
1119 return FALSE;
1120 }
1121
1122
1123 /***********************************************************************
1124 * CryptCATCDFClose (WINTRUST.@)
1125 */
1126 BOOL WINAPI CryptCATCDFClose(CRYPTCATCDF *pCDF)
1127 {
1128 FIXME("(%p) stub\n", pCDF);
1129
1130 return FALSE;
1131 }
1132
1133 /***********************************************************************
1134 * CryptCATCDFEnumCatAttributes (WINTRUST.@)
1135 */
1136 CRYPTCATATTRIBUTE * WINAPI CryptCATCDFEnumCatAttributes(CRYPTCATCDF *pCDF,
1137 CRYPTCATATTRIBUTE *pPrevAttr,
1138 PFN_CDF_PARSE_ERROR_CALLBACK pfnParseError)
1139 {
1140 FIXME("(%p %p %p) stub\n", pCDF, pPrevAttr, pfnParseError);
1141
1142 return NULL;
1143 }
1144
1145 /***********************************************************************
1146 * CryptCATCDFEnumMembersByCDFTagEx (WINTRUST.@)
1147 */
1148 LPWSTR WINAPI CryptCATCDFEnumMembersByCDFTagEx(CRYPTCATCDF *pCDF, LPWSTR pwszPrevCDFTag,
1149 PFN_CDF_PARSE_ERROR_CALLBACK pfnParseError,
1150 CRYPTCATMEMBER **ppMember, BOOL fContinueOnError,
1151 LPVOID pvReserved)
1152 {
1153 FIXME("(%p %s %p %p %d %p) stub\n", pCDF, debugstr_w(pwszPrevCDFTag), pfnParseError,
1154 ppMember, fContinueOnError, pvReserved);
1155
1156 return NULL;
1157 }
1158
1159 /***********************************************************************
1160 * CryptCATCDFOpen (WINTRUST.@)
1161 */
1162 CRYPTCATCDF * WINAPI CryptCATCDFOpen(LPWSTR pwszFilePath,
1163 PFN_CDF_PARSE_ERROR_CALLBACK pfnParseError)
1164 {
1165 FIXME("(%s %p) stub\n", debugstr_w(pwszFilePath), pfnParseError);
1166
1167 return NULL;
1168 }
1169
1170 static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
1171 DWORD *pdwEncodingType, DWORD dwIndex, DWORD *pcbSignedDataMsg,
1172 BYTE *pbSignedDataMsg)
1173 {
1174 BOOL ret;
1175 WIN_CERTIFICATE *pCert = NULL;
1176 HANDLE file;
1177
1178 TRACE("(%p %p %ld %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1179 pcbSignedDataMsg, pbSignedDataMsg);
1180
1181 if(pSubjectInfo->hFile && pSubjectInfo->hFile!=INVALID_HANDLE_VALUE)
1182 file = pSubjectInfo->hFile;
1183 else
1184 {
1185 file = CreateFileW(pSubjectInfo->pwsFileName, GENERIC_READ,
1186 FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
1187 if(file == INVALID_HANDLE_VALUE)
1188 return FALSE;
1189 }
1190
1191 if (!pbSignedDataMsg)
1192 {
1193 WIN_CERTIFICATE cert;
1194
1195 /* app hasn't passed buffer, just get the length */
1196 ret = ImageGetCertificateHeader(file, dwIndex, &cert);
1197 if (ret)
1198 {
1199 switch (cert.wCertificateType)
1200 {
1201 case WIN_CERT_TYPE_X509:
1202 case WIN_CERT_TYPE_PKCS_SIGNED_DATA:
1203 *pcbSignedDataMsg = cert.dwLength;
1204 break;
1205 default:
1206 WARN("unknown certificate type %d\n", cert.wCertificateType);
1207 ret = FALSE;
1208 }
1209 }
1210 }
1211 else
1212 {
1213 DWORD len = 0;
1214
1215 ret = ImageGetCertificateData(file, dwIndex, NULL, &len);
1216 if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
1217 goto error;
1218 pCert = malloc(len);
1219 if (!pCert)
1220 {
1221 ret = FALSE;
1222 goto error;
1223 }
1224 ret = ImageGetCertificateData(file, dwIndex, pCert, &len);
1225 if (!ret)
1226 goto error;
1227 pCert->dwLength -= FIELD_OFFSET(WIN_CERTIFICATE, bCertificate);
1228 if (*pcbSignedDataMsg < pCert->dwLength)
1229 {
1230 *pcbSignedDataMsg = pCert->dwLength;
1231 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1232 ret = FALSE;
1233 }
1234 else
1235 {
1236 memcpy(pbSignedDataMsg, pCert->bCertificate, pCert->dwLength);
1237 *pcbSignedDataMsg = pCert->dwLength;
1238 switch (pCert->wCertificateType)
1239 {
1240 case WIN_CERT_TYPE_X509:
1241 *pdwEncodingType = X509_ASN_ENCODING;
1242 break;
1243 case WIN_CERT_TYPE_PKCS_SIGNED_DATA:
1244 *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
1245 break;
1246 default:
1247 WARN("don't know what to do for encoding type %d\n",
1248 pCert->wCertificateType);
1249 *pdwEncodingType = 0;
1250 ret = FALSE;
1251 }
1252 }
1253 }
1254 error:
1255 if(pSubjectInfo->hFile != file)
1256 CloseHandle(file);
1257 free(pCert);
1258 return ret;
1259 }
1260
1261 static BOOL WINTRUST_PutSignedMsgToPEFile(SIP_SUBJECTINFO* pSubjectInfo, DWORD pdwEncodingType,
1262 DWORD* pdwIndex, DWORD cbSignedDataMsg, BYTE* pbSignedDataMsg)
1263 {
1264 WIN_CERTIFICATE *cert;
1265 HANDLE file;
1266 DWORD size;
1267 BOOL ret;
1268
1269 if(pSubjectInfo->hFile && pSubjectInfo->hFile!=INVALID_HANDLE_VALUE)
1270 file = pSubjectInfo->hFile;
1271 else
1272 {
1273 file = CreateFileW(pSubjectInfo->pwsFileName, GENERIC_READ|GENERIC_WRITE,
1274 FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
1275 if(file == INVALID_HANDLE_VALUE)
1276 return FALSE;
1277 }
1278
1279 /* int aligned WIN_CERTIFICATE structure with cbSignedDataMsg+1 bytes of data */
1280 size = FIELD_OFFSET(WIN_CERTIFICATE, bCertificate[cbSignedDataMsg+4]) & (~3);
1281 cert = calloc(1, size);
1282 if(!cert)
1283 return FALSE;
1284
1285 cert->dwLength = size;
1286 cert->wRevision = WIN_CERT_REVISION_2_0;
1287 cert->wCertificateType = WIN_CERT_TYPE_PKCS_SIGNED_DATA;
1288 memcpy(cert->bCertificate, pbSignedDataMsg, cbSignedDataMsg);
1289 ret = ImageAddCertificate(file, cert, pdwIndex);
1290
1291 free(cert);
1292 if(file != pSubjectInfo->hFile)
1293 CloseHandle(file);
1294 return ret;
1295 }
1296
1297 /* structure offsets */
1298 #define cfhead_Signature (0x00)
1299 #define cfhead_CabinetSize (0x08)
1300 #define cfhead_MinorVersion (0x18)
1301 #define cfhead_MajorVersion (0x19)
1302 #define cfhead_Flags (0x1E)
1303 #define cfhead_SIZEOF (0x24)
1304 #define cfheadext_HeaderReserved (0x00)
1305 #define cfheadext_SIZEOF (0x04)
1306 #define cfsigninfo_CertOffset (0x04)
1307 #define cfsigninfo_CertSize (0x08)
1308 #define cfsigninfo_SIZEOF (0x0C)
1309
1310 /* flags */
1311 #define cfheadRESERVE_PRESENT (0x0004)
1312
1313 /* endian-neutral reading of little-endian data */
1314 #define EndGetI32(a) ((((a)[3])<<24)|(((a)[2])<<16)|(((a)[1])<<8)|((a)[0]))
1315 #define EndGetI16(a) ((((a)[1])<<8)|((a)[0]))
1316
1317 /* For documentation purposes only: this is the structure in the reserved
1318 * area of a signed cabinet file. The cert offset indicates where in the
1319 * cabinet file the signature resides, and the count indicates its size.
1320 */
1321 typedef struct _CAB_SIGNINFO
1322 {
1323 WORD unk0; /* always 0? */
1324 WORD unk1; /* always 0x0010? */
1325 DWORD dwCertOffset;
1326 DWORD cbCertBlock;
1327 } CAB_SIGNINFO, *PCAB_SIGNINFO;
1328
1329 static BOOL WINTRUST_GetSignedMsgFromCabFile(SIP_SUBJECTINFO *pSubjectInfo,
1330 DWORD *pdwEncodingType, DWORD dwIndex, DWORD *pcbSignedDataMsg,
1331 BYTE *pbSignedDataMsg)
1332 {
1333 int header_resv;
1334 LONG base_offset, cabsize;
1335 USHORT flags;
1336 BYTE buf[64];
1337 DWORD cert_offset, cert_size, dwRead;
1338
1339 TRACE("(%p %p %ld %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1340 pcbSignedDataMsg, pbSignedDataMsg);
1341
1342 /* get basic offset & size info */
1343 base_offset = SetFilePointer(pSubjectInfo->hFile, 0L, NULL, SEEK_CUR);
1344
1345 if (SetFilePointer(pSubjectInfo->hFile, 0, NULL, SEEK_END) == INVALID_SET_FILE_POINTER)
1346 {
1347 TRACE("seek error\n");
1348 return FALSE;
1349 }
1350
1351 cabsize = SetFilePointer(pSubjectInfo->hFile, 0L, NULL, SEEK_CUR);
1352 if ((cabsize == -1) || (base_offset == -1) ||
1353 (SetFilePointer(pSubjectInfo->hFile, 0, NULL, SEEK_SET) == INVALID_SET_FILE_POINTER))
1354 {
1355 TRACE("seek error\n");
1356 return FALSE;
1357 }
1358
1359 /* read in the CFHEADER */
1360 if (!ReadFile(pSubjectInfo->hFile, buf, cfhead_SIZEOF, &dwRead, NULL) ||
1361 dwRead != cfhead_SIZEOF)
1362 {
1363 TRACE("reading header failed\n");
1364 return FALSE;
1365 }
1366
1367 /* check basic MSCF signature */
1368 if (EndGetI32(buf+cfhead_Signature) != 0x4643534d)
1369 {
1370 WARN("cabinet signature not present\n");
1371 return FALSE;
1372 }
1373
1374 /* Ignore the number of folders and files and the set and cabinet IDs */
1375
1376 /* check the header revision */
1377 if ((buf[cfhead_MajorVersion] > 1) ||
1378 (buf[cfhead_MajorVersion] == 1 && buf[cfhead_MinorVersion] > 3))
1379 {
1380 WARN("cabinet format version > 1.3\n");
1381 return FALSE;
1382 }
1383
1384 /* pull the flags out */
1385 flags = EndGetI16(buf+cfhead_Flags);
1386
1387 if (!(flags & cfheadRESERVE_PRESENT))
1388 {
1389 TRACE("no header present, not signed\n");
1390 return FALSE;
1391 }
1392
1393 if (!ReadFile(pSubjectInfo->hFile, buf, cfheadext_SIZEOF, &dwRead, NULL) ||
1394 dwRead != cfheadext_SIZEOF)
1395 {
1396 ERR("bunk reserve-sizes?\n");
1397 return FALSE;
1398 }
1399
1400 header_resv = EndGetI16(buf+cfheadext_HeaderReserved);
1401 if (!header_resv)
1402 {
1403 TRACE("no header_resv, not signed\n");
1404 return FALSE;
1405 }
1406 else if (header_resv < cfsigninfo_SIZEOF)
1407 {
1408 TRACE("header_resv too small, not signed\n");
1409 return FALSE;
1410 }
1411
1412 if (header_resv > 60000)
1413 {
1414 WARN("WARNING; header reserved space > 60000\n");
1415 }
1416
1417 if (!ReadFile(pSubjectInfo->hFile, buf, cfsigninfo_SIZEOF, &dwRead, NULL) ||
1418 dwRead != cfsigninfo_SIZEOF)
1419 {
1420 ERR("couldn't read reserve\n");
1421 return FALSE;
1422 }
1423
1424 cert_offset = EndGetI32(buf+cfsigninfo_CertOffset);
1425 TRACE("cert_offset: %ld\n", cert_offset);
1426 cert_size = EndGetI32(buf+cfsigninfo_CertSize);
1427 TRACE("cert_size: %ld\n", cert_size);
1428
1429 /* The redundant checks are to avoid wraparound */
1430 if (cert_offset > cabsize || cert_size > cabsize ||
1431 cert_offset + cert_size > cabsize)
1432 {
1433 WARN("offset beyond file, not attempting to read\n");
1434 return FALSE;
1435 }
1436
1437 SetFilePointer(pSubjectInfo->hFile, base_offset, NULL, SEEK_SET);
1438 if (!pbSignedDataMsg)
1439 {
1440 *pcbSignedDataMsg = cert_size;
1441 return TRUE;
1442 }
1443 if (*pcbSignedDataMsg < cert_size)
1444 {
1445 *pcbSignedDataMsg = cert_size;
1446 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1447 return FALSE;
1448 }
1449 if (SetFilePointer(pSubjectInfo->hFile, cert_offset, NULL, SEEK_SET) == INVALID_SET_FILE_POINTER)
1450 {
1451 ERR("couldn't seek to cert location\n");
1452 return FALSE;
1453 }
1454 if (!ReadFile(pSubjectInfo->hFile, pbSignedDataMsg, cert_size, &dwRead,
1455 NULL) || dwRead != cert_size)
1456 {
1457 ERR("couldn't read cert\n");
1458 SetFilePointer(pSubjectInfo->hFile, base_offset, NULL, SEEK_SET);
1459 return FALSE;
1460 }
1461 /* The encoding of the files I've seen appears to be in ASN.1
1462 * format, and there isn't a field indicating the type, so assume it
1463 * always is.
1464 */
1465 *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
1466 /* Restore base offset */
1467 SetFilePointer(pSubjectInfo->hFile, base_offset, NULL, SEEK_SET);
1468 return TRUE;
1469 }
1470
1471 static BOOL WINTRUST_GetSignedMsgFromCatFile(SIP_SUBJECTINFO *pSubjectInfo,
1472 DWORD *pdwEncodingType, DWORD dwIndex, DWORD *pcbSignedDataMsg,
1473 BYTE *pbSignedDataMsg)
1474 {
1475 BOOL ret;
1476
1477 TRACE("(%p %p %ld %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1478 pcbSignedDataMsg, pbSignedDataMsg);
1479
1480 if (!pbSignedDataMsg)
1481 {
1482 *pcbSignedDataMsg = GetFileSize(pSubjectInfo->hFile, NULL);
1483 ret = TRUE;
1484 }
1485 else
1486 {
1487 DWORD len = GetFileSize(pSubjectInfo->hFile, NULL);
1488
1489 if (*pcbSignedDataMsg < len)
1490 {
1491 *pcbSignedDataMsg = len;
1492 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1493 ret = FALSE;
1494 }
1495 else
1496 {
1497 ret = ReadFile(pSubjectInfo->hFile, pbSignedDataMsg, len,
1498 pcbSignedDataMsg, NULL);
1499 if (ret)
1500 *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
1501 }
1502 }
1503 return ret;
1504 }
1505
1506 /* GUIDs used by CryptSIPGetSignedDataMsg and CryptSIPPutSignedDataMsg */
1507 static const GUID unknown = { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,
1508 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
1509 static const GUID cabGUID = { 0xC689AABA, 0x8E78, 0x11D0, { 0x8C,0x47,
1510 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
1511 static const GUID catGUID = { 0xDE351A43, 0x8E59, 0x11D0, { 0x8C,0x47,
1512 0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
1513
1514 /***********************************************************************
1515 * CryptSIPGetSignedDataMsg (WINTRUST.@)
1516 */
1517 BOOL WINAPI CryptSIPGetSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo, DWORD* pdwEncodingType,
1518 DWORD dwIndex, DWORD* pcbSignedDataMsg, BYTE* pbSignedDataMsg)
1519 {
1520 BOOL ret;
1521
1522 TRACE("(%p %p %ld %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1523 pcbSignedDataMsg, pbSignedDataMsg);
1524
1525 if(!pSubjectInfo)
1526 {
1527 SetLastError(ERROR_INVALID_PARAMETER);
1528 return FALSE;
1529 }
1530
1531 if (!memcmp(pSubjectInfo->pgSubjectType, &unknown, sizeof(unknown)))
1532 ret = WINTRUST_GetSignedMsgFromPEFile(pSubjectInfo, pdwEncodingType,
1533 dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
1534 else if (!memcmp(pSubjectInfo->pgSubjectType, &cabGUID, sizeof(cabGUID)))
1535 ret = WINTRUST_GetSignedMsgFromCabFile(pSubjectInfo, pdwEncodingType,
1536 dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
1537 else if (!memcmp(pSubjectInfo->pgSubjectType, &catGUID, sizeof(catGUID)))
1538 ret = WINTRUST_GetSignedMsgFromCatFile(pSubjectInfo, pdwEncodingType,
1539 dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
1540 else
1541 {
1542 FIXME("unimplemented for subject type %s\n",
1543 debugstr_guid(pSubjectInfo->pgSubjectType));
1544 ret = FALSE;
1545 }
1546
1547 TRACE("returning %d\n", ret);
1548 return ret;
1549 }
1550
1551 /***********************************************************************
1552 * CryptSIPPutSignedDataMsg (WINTRUST.@)
1553 */
1554 BOOL WINAPI CryptSIPPutSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo, DWORD pdwEncodingType,
1555 DWORD* pdwIndex, DWORD cbSignedDataMsg, BYTE* pbSignedDataMsg)
1556 {
1557 TRACE("(%p %ld %p %ld %p)\n", pSubjectInfo, pdwEncodingType, pdwIndex,
1558 cbSignedDataMsg, pbSignedDataMsg);
1559
1560 if(!pSubjectInfo) {
1561 SetLastError(ERROR_INVALID_PARAMETER);
1562 return FALSE;
1563 }
1564
1565 if(!memcmp(pSubjectInfo->pgSubjectType, &unknown, sizeof(unknown)))
1566 return WINTRUST_PutSignedMsgToPEFile(pSubjectInfo, pdwEncodingType,
1567 pdwIndex, cbSignedDataMsg, pbSignedDataMsg);
1568 else
1569 FIXME("unimplemented for subject type %s\n",
1570 debugstr_guid(pSubjectInfo->pgSubjectType));
1571
1572 return FALSE;
1573 }
1574
1575 /***********************************************************************
1576 * CryptSIPRemoveSignedDataMsg (WINTRUST.@)
1577 */
1578 BOOL WINAPI CryptSIPRemoveSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo,
1579 DWORD dwIndex)
1580 {
1581 FIXME("(%p %ld) stub\n", pSubjectInfo, dwIndex);
1582
1583 return FALSE;
1584 }
1585
1586 /***********************************************************************
1587 * CryptSIPVerifyIndirectData (WINTRUST.@)
1588 */
1589 BOOL WINAPI CryptSIPVerifyIndirectData(SIP_SUBJECTINFO* pSubjectInfo,
1590 SIP_INDIRECT_DATA* pIndirectData)
1591 {
1592 FIXME("(%p %p) stub\n", pSubjectInfo, pIndirectData);
1593
1594 return FALSE;
1595 }
Windows API implementation