search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
crypt32: Avoid truncating unicode chars.
[wine.git] / dlls / crypt32 / str.c
blob3426889b2dd615ad37f8fb02463be6a60bb3583a
1 /*
2 * Copyright 2006 Juan Lang for CodeWeavers
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 */
18 #include <stdarg.h>
19
20 #include "windef.h"
21 #include "winbase.h"
22 #include "winnls.h"
23 #include "winuser.h"
24 #include "wincrypt.h"
25 #include "wine/debug.h"
26 #include "crypt32_private.h"
27
28 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
29
30 DWORD WINAPI CertRDNValueToStrA(DWORD type, PCERT_RDN_VALUE_BLOB value_blob,
31 LPSTR value, DWORD value_len)
32 {
33 DWORD len, len_mb, ret;
34 LPWSTR valueW;
35
36 TRACE("(%ld, %p, %p, %ld)\n", type, value_blob, value, value_len);
37
38 len = CertRDNValueToStrW(type, value_blob, NULL, 0);
39
40 if (!(valueW = CryptMemAlloc(len * sizeof(*valueW))))
41 {
42 ERR("No memory.\n");
43 if (value && value_len) *value = 0;
44 return 1;
45 }
46
47 len = CertRDNValueToStrW(type, value_blob, valueW, len);
48 len_mb = WideCharToMultiByte(CP_ACP, 0, valueW, len, NULL, 0, NULL, NULL);
49 if (!value || !value_len)
50 {
51 CryptMemFree(valueW);
52 return len_mb;
53 }
54
55 ret = WideCharToMultiByte(CP_ACP, 0, valueW, len, value, value_len, NULL, NULL);
56 if (ret < len_mb)
57 {
58 value[0] = 0;
59 ret = 1;
60 }
61 CryptMemFree(valueW);
62 return ret;
63 }
64
65 static DWORD rdn_value_to_strW(DWORD dwValueType, PCERT_RDN_VALUE_BLOB pValue,
66 LPWSTR psz, DWORD csz, BOOL partial_copy)
67 {
68 DWORD ret = 0, len, i;
69
70 TRACE("(%ld, %p, %p, %ld)\n", dwValueType, pValue, psz, csz);
71
72 switch (dwValueType)
73 {
74 case CERT_RDN_ANY_TYPE:
75 break;
76 case CERT_RDN_NUMERIC_STRING:
77 case CERT_RDN_PRINTABLE_STRING:
78 case CERT_RDN_TELETEX_STRING:
79 case CERT_RDN_VIDEOTEX_STRING:
80 case CERT_RDN_IA5_STRING:
81 case CERT_RDN_GRAPHIC_STRING:
82 case CERT_RDN_VISIBLE_STRING:
83 case CERT_RDN_GENERAL_STRING:
84 len = pValue->cbData;
85 if (!psz || !csz) ret = len;
86 else if (len < csz || partial_copy)
87 {
88 len = min(len, csz - 1);
89 for (i = 0; i < len; ++i)
90 psz[i] = pValue->pbData[i];
91 ret = len;
92 }
93 break;
94 case CERT_RDN_BMP_STRING:
95 case CERT_RDN_UTF8_STRING:
96 len = pValue->cbData / sizeof(WCHAR);
97 if (!psz || !csz)
98 ret = len;
99 else if (len < csz || partial_copy)
100 {
101 WCHAR *ptr = psz;
102
103 len = min(len, csz - 1);
104 for (i = 0; i < len; ++i)
105 ptr[i] = ((LPCWSTR)pValue->pbData)[i];
106 ret = len;
107 }
108 break;
109 default:
110 FIXME("string type %ld unimplemented\n", dwValueType);
111 }
112 if (psz && csz) psz[ret] = 0;
113 TRACE("returning %ld (%s)\n", ret + 1, debugstr_w(psz));
114 return ret + 1;
115 }
116
117 DWORD WINAPI CertRDNValueToStrW(DWORD dwValueType, PCERT_RDN_VALUE_BLOB pValue,
118 LPWSTR psz, DWORD csz)
119 {
120 return rdn_value_to_strW(dwValueType, pValue, psz, csz, FALSE);
121 }
122
123 static inline BOOL is_quotable_char(WCHAR c)
124 {
125 switch(c)
126 {
127 case '+':
128 case ',':
129 case '"':
130 case '=':
131 case '<':
132 case '>':
133 case ';':
134 case '#':
135 case '\n':
136 return TRUE;
137 default:
138 return FALSE;
139 }
140 }
141
142 static inline BOOL is_spaceW(WCHAR c)
143 {
144 return c <= 0x7f && isspace((char)c);
145 }
146
147 static DWORD quote_rdn_value_to_str_w(DWORD dwValueType,
148 PCERT_RDN_VALUE_BLOB pValue, LPWSTR psz, DWORD csz)
149 {
150 DWORD ret = 0, len, i, strLen;
151 BOOL needsQuotes = FALSE;
152
153 TRACE("(%ld, %p, %p, %ld)\n", dwValueType, pValue, psz, csz);
154
155 switch (dwValueType)
156 {
157 case CERT_RDN_ANY_TYPE:
158 break;
159 case CERT_RDN_NUMERIC_STRING:
160 case CERT_RDN_PRINTABLE_STRING:
161 case CERT_RDN_TELETEX_STRING:
162 case CERT_RDN_VIDEOTEX_STRING:
163 case CERT_RDN_IA5_STRING:
164 case CERT_RDN_GRAPHIC_STRING:
165 case CERT_RDN_VISIBLE_STRING:
166 case CERT_RDN_GENERAL_STRING:
167 len = pValue->cbData;
168 if (pValue->cbData && isspace(pValue->pbData[0]))
169 needsQuotes = TRUE;
170 if (pValue->cbData && isspace(pValue->pbData[pValue->cbData - 1]))
171 needsQuotes = TRUE;
172 for (i = 0; i < pValue->cbData; i++)
173 {
174 if (is_quotable_char(pValue->pbData[i]))
175 needsQuotes = TRUE;
176 if (pValue->pbData[i] == '"')
177 len += 1;
178 }
179 if (needsQuotes)
180 len += 2;
181 if (!psz || !csz)
182 ret = len;
183 else
184 {
185 WCHAR *ptr = psz;
186
187 if (needsQuotes)
188 *ptr++ = '"';
189 for (i = 0; i < pValue->cbData && ptr - psz < csz; ptr++, i++)
190 {
191 *ptr = pValue->pbData[i];
192 if (pValue->pbData[i] == '"' && ptr - psz < csz - 1)
193 *(++ptr) = '"';
194 }
195 if (needsQuotes && ptr - psz < csz)
196 *ptr++ = '"';
197 ret = ptr - psz;
198 }
199 break;
200 case CERT_RDN_BMP_STRING:
201 case CERT_RDN_UTF8_STRING:
202 strLen = len = pValue->cbData / sizeof(WCHAR);
203 if (strLen && is_spaceW(((LPCWSTR)pValue->pbData)[0]))
204 needsQuotes = TRUE;
205 if (strLen && _spaceW(((LPCWSTR)pValue->pbData)[strLen - 1]))
206 needsQuotes = TRUE;
207 for (i = 0; i < strLen; i++)
208 {
209 if (is_quotable_char(((LPCWSTR)pValue->pbData)[i]))
210 needsQuotes = TRUE;
211 if (((LPCWSTR)pValue->pbData)[i] == '"')
212 len += 1;
213 }
214 if (needsQuotes)
215 len += 2;
216 if (!psz || !csz)
217 ret = len;
218 else
219 {
220 WCHAR *ptr = psz;
221
222 if (needsQuotes)
223 *ptr++ = '"';
224 for (i = 0; i < strLen && ptr - psz < csz; ptr++, i++)
225 {
226 *ptr = ((LPCWSTR)pValue->pbData)[i];
227 if (((LPCWSTR)pValue->pbData)[i] == '"' && ptr - psz < csz - 1)
228 *(++ptr) = '"';
229 }
230 if (needsQuotes && ptr - psz < csz)
231 *ptr++ = '"';
232 ret = ptr - psz;
233 }
234 break;
235 default:
236 FIXME("string type %ld unimplemented\n", dwValueType);
237 }
238 TRACE("returning %ld (%s)\n", ret, debugstr_w(psz));
239 return ret;
240 }
241
242 DWORD WINAPI CertNameToStrA(DWORD encoding_type, PCERT_NAME_BLOB name_blob, DWORD str_type, LPSTR str, DWORD str_len)
243 {
244 DWORD len, len_mb, ret;
245 LPWSTR strW;
246
247 TRACE("(%ld, %p, %08lx, %p, %ld)\n", encoding_type, name_blob, str_type, str, str_len);
248
249 len = CertNameToStrW(encoding_type, name_blob, str_type, NULL, 0);
250
251 if (!(strW = CryptMemAlloc(len * sizeof(*strW))))
252 {
253 ERR("No memory.\n");
254 if (str && str_len) *str = 0;
255 return 1;
256 }
257
258 len = CertNameToStrW(encoding_type, name_blob, str_type, strW, len);
259 len_mb = WideCharToMultiByte(CP_ACP, 0, strW, len, NULL, 0, NULL, NULL);
260 if (!str || !str_len)
261 {
262 CryptMemFree(strW);
263 return len_mb;
264 }
265
266 ret = WideCharToMultiByte(CP_ACP, 0, strW, len, str, str_len, NULL, NULL);
267 if (ret < len_mb)
268 {
269 str[0] = 0;
270 ret = 1;
271 }
272 CryptMemFree(strW);
273 return ret;
274 }
275
276 /* Adds the prefix prefix to the wide-character string pointed to by psz,
277 * followed by the character '='. Copies no more than csz characters. Returns
278 * the number of characters copied. If psz is NULL, returns the number of
279 * characters that would be copied.
280 * Assumes the characters in prefix are ASCII (not multibyte characters.)
281 */
282 static DWORD CRYPT_AddPrefixAToW(LPCSTR prefix, LPWSTR psz, DWORD csz)
283 {
284 DWORD chars;
285
286 TRACE("(%s, %p, %ld)\n", debugstr_a(prefix), psz, csz);
287
288 if (psz)
289 {
290 DWORD i;
291
292 chars = min(strlen(prefix), csz);
293 for (i = 0; i < chars; i++)
294 *(psz + i) = prefix[i];
295 *(psz + chars) = '=';
296 chars++;
297 }
298 else
299 chars = lstrlenA(prefix) + 1;
300 return chars;
301 }
302
303 /* Adds the prefix prefix to the string pointed to by psz, followed by the
304 * character '='. Copies no more than csz characters. Returns the number of
305 * characters copied. If psz is NULL, returns the number of characters that
306 * would be copied.
307 */
308 static DWORD CRYPT_AddPrefixW(LPCWSTR prefix, LPWSTR psz, DWORD csz)
309 {
310 DWORD chars;
311
312 TRACE("(%s, %p, %ld)\n", debugstr_w(prefix), psz, csz);
313
314 if (psz)
315 {
316 chars = min(lstrlenW(prefix), csz);
317 memcpy(psz, prefix, chars * sizeof(WCHAR));
318 *(psz + chars) = '=';
319 chars++;
320 }
321 else
322 chars = lstrlenW(prefix) + 1;
323 return chars;
324 }
325
326 static const WCHAR indent[] = L" ";
327
328 DWORD cert_name_to_str_with_indent(DWORD dwCertEncodingType, DWORD indentLevel,
329 const CERT_NAME_BLOB *pName, DWORD dwStrType, LPWSTR psz, DWORD csz)
330 {
331 static const DWORD unsupportedFlags = CERT_NAME_STR_NO_QUOTING_FLAG |
332 CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG;
333 DWORD ret = 0, bytes = 0;
334 BOOL bRet;
335 CERT_NAME_INFO *info;
336 DWORD chars;
337
338 if (dwStrType & unsupportedFlags)
339 FIXME("unsupported flags: %08lx\n", dwStrType & unsupportedFlags);
340
341 bRet = CryptDecodeObjectEx(dwCertEncodingType, X509_NAME, pName->pbData,
342 pName->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, &info, &bytes);
343 if (bRet)
344 {
345 DWORD i, j, sepLen, rdnSepLen;
346 LPCWSTR sep, rdnSep;
347 BOOL reverse = dwStrType & CERT_NAME_STR_REVERSE_FLAG;
348 const CERT_RDN *rdn = info->rgRDN;
349
350 if(reverse && info->cRDN > 1) rdn += (info->cRDN - 1);
351
352 if (dwStrType & CERT_NAME_STR_SEMICOLON_FLAG)
353 sep = L"; ";
354 else if (dwStrType & CERT_NAME_STR_CRLF_FLAG)
355 sep = L"\r\n";
356 else
357 sep = L", ";
358 sepLen = lstrlenW(sep);
359 if (dwStrType & CERT_NAME_STR_NO_PLUS_FLAG)
360 rdnSep = L" ";
361 else
362 rdnSep = L" + ";
363 rdnSepLen = lstrlenW(rdnSep);
364 if (!csz) psz = NULL;
365 for (i = 0; i < info->cRDN; i++)
366 {
367 if (psz && ret + 1 == csz) break;
368 for (j = 0; j < rdn->cRDNAttr; j++)
369 {
370 LPCSTR prefixA = NULL;
371 LPCWSTR prefixW = NULL;
372
373 if (psz && ret + 1 == csz) break;
374
375 if ((dwStrType & 0x000000ff) == CERT_OID_NAME_STR)
376 prefixA = rdn->rgRDNAttr[j].pszObjId;
377 else if ((dwStrType & 0x000000ff) == CERT_X500_NAME_STR)
378 {
379 PCCRYPT_OID_INFO oidInfo = CryptFindOIDInfo(
380 CRYPT_OID_INFO_OID_KEY,
381 rdn->rgRDNAttr[j].pszObjId,
382 CRYPT_RDN_ATTR_OID_GROUP_ID);
383
384 if (oidInfo)
385 prefixW = oidInfo->pwszName;
386 else
387 prefixA = rdn->rgRDNAttr[j].pszObjId;
388 }
389 if (dwStrType & CERT_NAME_STR_CRLF_FLAG)
390 {
391 DWORD k;
392
393 for (k = 0; k < indentLevel; k++)
394 {
395 if (psz)
396 {
397 chars = min(lstrlenW(indent), csz - ret - 1);
398 memcpy(psz + ret, indent, chars * sizeof(WCHAR));
399 }
400 else
401 chars = lstrlenW(indent);
402 ret += chars;
403 }
404 if (psz && ret + 1 == csz) break;
405 }
406 if (prefixW)
407 {
408 /* - 1 is needed to account for the NULL terminator. */
409 chars = CRYPT_AddPrefixW(prefixW,
410 psz ? psz + ret : NULL, psz ? csz - ret - 1 : 0);
411 ret += chars;
412 }
413 else if (prefixA)
414 {
415 /* - 1 is needed to account for the NULL terminator. */
416 chars = CRYPT_AddPrefixAToW(prefixA,
417 psz ? psz + ret : NULL, psz ? csz - ret - 1 : 0);
418 ret += chars;
419 }
420 if (psz && ret + 1 == csz) break;
421
422 chars = quote_rdn_value_to_str_w(rdn->rgRDNAttr[j].dwValueType, &rdn->rgRDNAttr[j].Value,
423 psz ? psz + ret : NULL, psz ? csz - ret - 1 : 0);
424 ret += chars;
425 if (j < rdn->cRDNAttr - 1)
426 {
427 if (psz)
428 {
429 chars = min(rdnSepLen, csz - ret - 1);
430 memcpy(psz + ret, rdnSep, chars * sizeof(WCHAR));
431 ret += chars;
432 }
433 else ret += rdnSepLen;
434 }
435 }
436 if (psz && ret + 1 == csz) break;
437 if (i < info->cRDN - 1)
438 {
439 if (psz)
440 {
441 chars = min(sepLen, csz - ret - 1);
442 memcpy(psz + ret, sep, chars * sizeof(WCHAR));
443 ret += chars;
444 }
445 else ret += sepLen;
446 }
447 if(reverse) rdn--;
448 else rdn++;
449 }
450 LocalFree(info);
451 }
452 if (psz && csz) psz[ret] = 0;
453 return ret + 1;
454 }
455
456 DWORD WINAPI CertNameToStrW(DWORD dwCertEncodingType, PCERT_NAME_BLOB pName,
457 DWORD dwStrType, LPWSTR psz, DWORD csz)
458 {
459 BOOL ret;
460
461 TRACE("(%ld, %p, %08lx, %p, %ld)\n", dwCertEncodingType, pName, dwStrType,
462 psz, csz);
463
464 ret = cert_name_to_str_with_indent(dwCertEncodingType, 0, pName, dwStrType,
465 psz, csz);
466 TRACE("Returning %s\n", debugstr_w(psz));
467 return ret;
468 }
469
470 BOOL WINAPI CertStrToNameA(DWORD dwCertEncodingType, LPCSTR pszX500,
471 DWORD dwStrType, void *pvReserved, BYTE *pbEncoded, DWORD *pcbEncoded,
472 LPCSTR *ppszError)
473 {
474 BOOL ret;
475 int len;
476
477 TRACE("(%08lx, %s, %08lx, %p, %p, %p, %p)\n", dwCertEncodingType,
478 debugstr_a(pszX500), dwStrType, pvReserved, pbEncoded, pcbEncoded,
479 ppszError);
480
481 len = MultiByteToWideChar(CP_ACP, 0, pszX500, -1, NULL, 0);
482 if (len)
483 {
484 LPWSTR x500, errorStr;
485
486 if ((x500 = CryptMemAlloc(len * sizeof(WCHAR))))
487 {
488 MultiByteToWideChar(CP_ACP, 0, pszX500, -1, x500, len);
489 ret = CertStrToNameW(dwCertEncodingType, x500, dwStrType,
490 pvReserved, pbEncoded, pcbEncoded,
491 ppszError ? (LPCWSTR *)&errorStr : NULL);
492 if (ppszError)
493 {
494 if (!ret)
495 {
496 LONG i;
497
498 *ppszError = pszX500;
499 for (i = 0; i < errorStr - x500; i++)
500 *ppszError = CharNextA(*ppszError);
501 }
502 else
503 *ppszError = NULL;
504 }
505 CryptMemFree(x500);
506 }
507 else
508 {
509 SetLastError(ERROR_OUTOFMEMORY);
510 ret = FALSE;
511 }
512 }
513 else
514 {
515 SetLastError(CRYPT_E_INVALID_X500_STRING);
516 if (ppszError)
517 *ppszError = pszX500;
518 ret = FALSE;
519 }
520 return ret;
521 }
522
523 struct KeynameKeeper
524 {
525 WCHAR buf[10]; /* big enough for L"GivenName" */
526 LPWSTR keyName; /* usually = buf, but may be allocated */
527 DWORD keyLen; /* full available buffer size in WCHARs */
528 };
529
530 static void CRYPT_InitializeKeynameKeeper(struct KeynameKeeper *keeper)
531 {
532 keeper->keyName = keeper->buf;
533 keeper->keyLen = ARRAY_SIZE(keeper->buf);
534 }
535
536 static void CRYPT_FreeKeynameKeeper(struct KeynameKeeper *keeper)
537 {
538 if (keeper->keyName != keeper->buf)
539 CryptMemFree(keeper->keyName);
540 }
541
542 struct X500TokenW
543 {
544 LPCWSTR start;
545 LPCWSTR end;
546 };
547
548 static void CRYPT_KeynameKeeperFromTokenW(struct KeynameKeeper *keeper,
549 const struct X500TokenW *key)
550 {
551 DWORD len = key->end - key->start;
552
553 if (len >= keeper->keyLen)
554 {
555 CRYPT_FreeKeynameKeeper( keeper );
556 keeper->keyLen = len + 1;
557 keeper->keyName = CryptMemAlloc(keeper->keyLen * sizeof(WCHAR));
558 }
559 memcpy(keeper->keyName, key->start, len * sizeof(WCHAR));
560 keeper->keyName[len] = '\0';
561 TRACE("Keyname is %s\n", debugstr_w(keeper->keyName));
562 }
563
564 static BOOL CRYPT_GetNextKeyW(LPCWSTR str, struct X500TokenW *token,
565 LPCWSTR *ppszError)
566 {
567 BOOL ret = TRUE;
568
569 while (*str && iswspace(*str))
570 str++;
571 if (*str)
572 {
573 token->start = str;
574 while (*str && *str != '=' && !iswspace(*str))
575 str++;
576 if (*str && (*str == '=' || iswspace(*str)))
577 token->end = str;
578 else
579 {
580 TRACE("missing equals char at %s\n", debugstr_w(token->start));
581 if (ppszError)
582 *ppszError = token->start;
583 SetLastError(CRYPT_E_INVALID_X500_STRING);
584 ret = FALSE;
585 }
586 }
587 else
588 token->start = NULL;
589 return ret;
590 }
591
592 /* Assumes separators are characters in the 0-255 range */
593 static BOOL CRYPT_GetNextValueW(LPCWSTR str, DWORD dwFlags, LPCWSTR separators,
594 WCHAR *separator_used, struct X500TokenW *token, LPCWSTR *ppszError)
595 {
596 BOOL ret = TRUE;
597
598 TRACE("(%s, %s, %p, %p)\n", debugstr_w(str), debugstr_w(separators), token,
599 ppszError);
600
601 *separator_used = 0;
602 while (*str && iswspace(*str))
603 str++;
604 if (*str)
605 {
606 token->start = str;
607 if (!(dwFlags & CERT_NAME_STR_NO_QUOTING_FLAG) && *str == '"')
608 {
609 token->end = NULL;
610 str++;
611 while (!token->end && ret)
612 {
613 while (*str && *str != '"')
614 str++;
615 if (*str == '"')
616 {
617 if (*(str + 1) != '"')
618 token->end = str + 1;
619 else
620 str += 2;
621 }
622 else
623 {
624 TRACE("unterminated quote at %s\n", debugstr_w(str));
625 if (ppszError)
626 *ppszError = str;
627 SetLastError(CRYPT_E_INVALID_X500_STRING);
628 ret = FALSE;
629 }
630 }
631 }
632 else
633 {
634 WCHAR map[256] = { 0 };
635
636 while (*separators)
637 map[*separators++] = 1;
638 while (*str && (*str >= 0xff || !map[*str]))
639 str++;
640 token->end = str;
641 if (map[*str]) *separator_used = *str;
642 }
643 }
644 else
645 {
646 TRACE("missing value at %s\n", debugstr_w(str));
647 if (ppszError)
648 *ppszError = str;
649 SetLastError(CRYPT_E_INVALID_X500_STRING);
650 ret = FALSE;
651 }
652 return ret;
653 }
654
655 /* Encodes the string represented by value as the string type type into the
656 * CERT_NAME_BLOB output. If there is an error and ppszError is not NULL,
657 * *ppszError is set to the first failing character. If there is no error,
658 * output's pbData must be freed with LocalFree.
659 */
660 static BOOL CRYPT_EncodeValueWithType(DWORD dwCertEncodingType,
661 const struct X500TokenW *value, PCERT_NAME_BLOB output, DWORD type,
662 LPCWSTR *ppszError)
663 {
664 CERT_NAME_VALUE nameValue = { type, { 0, NULL } };
665 BOOL ret = TRUE;
666
667 if (value->end > value->start)
668 {
669 LONG i;
670 LPWSTR ptr;
671
672 nameValue.Value.pbData = CryptMemAlloc((value->end - value->start + 1) *
673 sizeof(WCHAR));
674 if (!nameValue.Value.pbData)
675 {
676 SetLastError(ERROR_OUTOFMEMORY);
677 return FALSE;
678 }
679 ptr = (LPWSTR)nameValue.Value.pbData;
680 for (i = 0; i < value->end - value->start; i++)
681 {
682 *ptr++ = value->start[i];
683 if (value->start[i] == '"')
684 i++;
685 }
686 /* The string is NULL terminated because of a quirk in encoding
687 * unicode names values: if the length is given as 0, the value is
688 * assumed to be a NULL-terminated string.
689 */
690 *ptr = 0;
691 nameValue.Value.cbData = (LPBYTE)ptr - nameValue.Value.pbData;
692 }
693 ret = CryptEncodeObjectEx(dwCertEncodingType, X509_UNICODE_NAME_VALUE,
694 &nameValue, CRYPT_ENCODE_ALLOC_FLAG, NULL, &output->pbData,
695 &output->cbData);
696 if (!ret && ppszError)
697 {
698 if (type == CERT_RDN_NUMERIC_STRING &&
699 GetLastError() == CRYPT_E_INVALID_NUMERIC_STRING)
700 *ppszError = value->start + output->cbData;
701 else if (type == CERT_RDN_PRINTABLE_STRING &&
702 GetLastError() == CRYPT_E_INVALID_PRINTABLE_STRING)
703 *ppszError = value->start + output->cbData;
704 else if (type == CERT_RDN_IA5_STRING &&
705 GetLastError() == CRYPT_E_INVALID_IA5_STRING)
706 *ppszError = value->start + output->cbData;
707 }
708 CryptMemFree(nameValue.Value.pbData);
709 return ret;
710 }
711
712 static BOOL CRYPT_EncodeValue(DWORD dwCertEncodingType,
713 const struct X500TokenW *value, PCERT_NAME_BLOB output, const DWORD *types,
714 LPCWSTR *ppszError)
715 {
716 DWORD i;
717 BOOL ret;
718
719 ret = FALSE;
720 for (i = 0; !ret && types[i]; i++)
721 ret = CRYPT_EncodeValueWithType(dwCertEncodingType, value, output,
722 types[i], ppszError);
723 return ret;
724 }
725
726 static BOOL CRYPT_ValueToRDN(DWORD dwCertEncodingType, PCERT_NAME_INFO info,
727 PCCRYPT_OID_INFO keyOID, struct X500TokenW *value, DWORD dwStrType, LPCWSTR *ppszError)
728 {
729 BOOL ret = FALSE;
730
731 TRACE("OID %s, value %s\n", debugstr_a(keyOID->pszOID),
732 debugstr_wn(value->start, value->end - value->start));
733
734 if (!info->rgRDN)
735 info->rgRDN = CryptMemAlloc(sizeof(CERT_RDN));
736 else
737 info->rgRDN = CryptMemRealloc(info->rgRDN,
738 (info->cRDN + 1) * sizeof(CERT_RDN));
739 if (info->rgRDN)
740 {
741 /* FIXME: support multiple RDN attrs */
742 info->rgRDN[info->cRDN].rgRDNAttr =
743 CryptMemAlloc(sizeof(CERT_RDN_ATTR));
744 if (info->rgRDN[info->cRDN].rgRDNAttr)
745 {
746 static const DWORD defaultTypes[] = { CERT_RDN_PRINTABLE_STRING,
747 CERT_RDN_BMP_STRING, 0 };
748 const DWORD *types;
749
750 info->rgRDN[info->cRDN].cRDNAttr = 1;
751 info->rgRDN[info->cRDN].rgRDNAttr[0].pszObjId =
752 (LPSTR)keyOID->pszOID;
753 info->rgRDN[info->cRDN].rgRDNAttr[0].dwValueType =
754 CERT_RDN_ENCODED_BLOB;
755 if (keyOID->ExtraInfo.cbData)
756 types = (const DWORD *)keyOID->ExtraInfo.pbData;
757 else
758 types = defaultTypes;
759
760 /* Remove surrounding quotes */
761 if (value->start[0] == '"' && !(dwStrType & CERT_NAME_STR_NO_QUOTING_FLAG))
762 {
763 value->start++;
764 value->end--;
765 }
766 ret = CRYPT_EncodeValue(dwCertEncodingType, value,
767 &info->rgRDN[info->cRDN].rgRDNAttr[0].Value, types, ppszError);
768 }
769 else
770 SetLastError(ERROR_OUTOFMEMORY);
771 info->cRDN++;
772 }
773 else
774 SetLastError(ERROR_OUTOFMEMORY);
775 return ret;
776 }
777
778 BOOL WINAPI CertStrToNameW(DWORD dwCertEncodingType, LPCWSTR pszX500,
779 DWORD dwStrType, void *pvReserved, BYTE *pbEncoded, DWORD *pcbEncoded,
780 LPCWSTR *ppszError)
781 {
782 CERT_NAME_INFO info = { 0, NULL };
783 LPCWSTR str;
784 struct KeynameKeeper keeper;
785 DWORD i;
786 BOOL ret = TRUE;
787
788 TRACE("(%08lx, %s, %08lx, %p, %p, %p, %p)\n", dwCertEncodingType,
789 debugstr_w(pszX500), dwStrType, pvReserved, pbEncoded, pcbEncoded,
790 ppszError);
791
792 CRYPT_InitializeKeynameKeeper(&keeper);
793 str = pszX500;
794 while (str && *str && ret)
795 {
796 struct X500TokenW token;
797
798 ret = CRYPT_GetNextKeyW(str, &token, ppszError);
799 if (ret && token.start)
800 {
801 PCCRYPT_OID_INFO keyOID;
802
803 CRYPT_KeynameKeeperFromTokenW(&keeper, &token);
804 keyOID = CryptFindOIDInfo(CRYPT_OID_INFO_NAME_KEY, keeper.keyName,
805 CRYPT_RDN_ATTR_OID_GROUP_ID);
806 if (!keyOID)
807 {
808 if (ppszError)
809 *ppszError = token.start;
810 SetLastError(CRYPT_E_INVALID_X500_STRING);
811 ret = FALSE;
812 }
813 else
814 {
815 str = token.end;
816 while (iswspace(*str))
817 str++;
818 if (*str != '=')
819 {
820 if (ppszError)
821 *ppszError = str;
822 SetLastError(CRYPT_E_INVALID_X500_STRING);
823 ret = FALSE;
824 }
825 else
826 {
827 LPCWSTR sep;
828 WCHAR sep_used;
829
830 str++;
831 if (dwStrType & CERT_NAME_STR_COMMA_FLAG)
832 sep = L",";
833 else if (dwStrType & CERT_NAME_STR_SEMICOLON_FLAG)
834 sep = L";";
835 else if (dwStrType & CERT_NAME_STR_CRLF_FLAG)
836 sep = L"\r\n";
837 else if (dwStrType & CERT_NAME_STR_NO_PLUS_FLAG)
838 sep = L",;\r\n";
839 else
840 sep = L"+,;\r\n";
841 ret = CRYPT_GetNextValueW(str, dwStrType, sep, &sep_used, &token,
842 ppszError);
843 if (ret)
844 {
845 str = token.end;
846 /* if token.end points to the separator, skip it */
847 if (str && sep_used && *str == sep_used) str++;
848
849 ret = CRYPT_ValueToRDN(dwCertEncodingType, &info,
850 keyOID, &token, dwStrType, ppszError);
851 }
852 }
853 }
854 }
855 }
856 CRYPT_FreeKeynameKeeper(&keeper);
857 if (ret)
858 {
859 if (ppszError)
860 *ppszError = NULL;
861 ret = CryptEncodeObjectEx(dwCertEncodingType, X509_NAME, &info,
862 0, NULL, pbEncoded, pcbEncoded);
863 }
864 for (i = 0; i < info.cRDN; i++)
865 {
866 DWORD j;
867
868 for (j = 0; j < info.rgRDN[i].cRDNAttr; j++)
869 LocalFree(info.rgRDN[i].rgRDNAttr[j].Value.pbData);
870 CryptMemFree(info.rgRDN[i].rgRDNAttr);
871 }
872 CryptMemFree(info.rgRDN);
873 return ret;
874 }
875
876 DWORD WINAPI CertGetNameStringA(PCCERT_CONTEXT cert, DWORD type,
877 DWORD flags, void *type_para, LPSTR name, DWORD name_len)
878 {
879 DWORD len, len_mb, ret;
880 LPWSTR nameW;
881
882 TRACE("(%p, %ld, %08lx, %p, %p, %ld)\n", cert, type, flags, type_para, name, name_len);
883
884 len = CertGetNameStringW(cert, type, flags, type_para, NULL, 0);
885
886 if (!(nameW = CryptMemAlloc(len * sizeof(*nameW))))
887 {
888 ERR("No memory.\n");
889 if (name && name_len) *name = 0;
890 return 1;
891 }
892
893 len = CertGetNameStringW(cert, type, flags, type_para, nameW, len);
894 len_mb = WideCharToMultiByte(CP_ACP, 0, nameW, len, NULL, 0, NULL, NULL);
895 if (!name || !name_len)
896 {
897 CryptMemFree(nameW);
898 return len_mb;
899 }
900
901 ret = WideCharToMultiByte(CP_ACP, 0, nameW, len, name, name_len, NULL, NULL);
902 if (ret < len_mb)
903 {
904 name[0] = 0;
905 ret = 1;
906 }
907 CryptMemFree(nameW);
908 return ret;
909 }
910
911 static BOOL cert_get_alt_name_info(PCCERT_CONTEXT cert, BOOL alt_name_issuer, PCERT_ALT_NAME_INFO *info)
912 {
913 static const char *oids[][2] =
914 {
915 { szOID_SUBJECT_ALT_NAME2, szOID_SUBJECT_ALT_NAME },
916 { szOID_ISSUER_ALT_NAME2, szOID_ISSUER_ALT_NAME },
917 };
918 PCERT_EXTENSION ext;
919 DWORD bytes = 0;
920
921 ext = CertFindExtension(oids[!!alt_name_issuer][0], cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
922 if (!ext)
923 ext = CertFindExtension(oids[!!alt_name_issuer][1], cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
924 if (!ext) return FALSE;
925
926 return CryptDecodeObjectEx(cert->dwCertEncodingType, X509_ALTERNATE_NAME, ext->Value.pbData, ext->Value.cbData,
927 CRYPT_DECODE_ALLOC_FLAG, NULL, info, &bytes);
928 }
929
930 static PCERT_ALT_NAME_ENTRY cert_find_next_alt_name_entry(PCERT_ALT_NAME_INFO info, DWORD entry_type,
931 unsigned int *index)
932 {
933 unsigned int i;
934
935 for (i = *index; i < info->cAltEntry; ++i)
936 if (info->rgAltEntry[i].dwAltNameChoice == entry_type)
937 {
938 *index = i + 1;
939 return &info->rgAltEntry[i];
940 }
941 return NULL;
942 }
943
944 /* Searches cert's extensions for the alternate name extension with OID
945 * altNameOID, and if found, searches it for the alternate name type entryType.
946 * If found, returns a pointer to the entry, otherwise returns NULL.
947 * Regardless of whether an entry of the desired type is found, if the
948 * alternate name extension is present, sets *info to the decoded alternate
949 * name extension, which you must free using LocalFree.
950 * The return value is a pointer within *info, so don't free *info before
951 * you're done with the return value.
952 */
953 static PCERT_ALT_NAME_ENTRY cert_find_alt_name_entry(PCCERT_CONTEXT cert, BOOL alt_name_issuer,
954 DWORD entry_type, PCERT_ALT_NAME_INFO *info)
955 {
956 unsigned int index = 0;
957
958 if (!cert_get_alt_name_info(cert, alt_name_issuer, info)) return NULL;
959 return cert_find_next_alt_name_entry(*info, entry_type, &index);
960 }
961
962 static DWORD cert_get_name_from_rdn_attr(DWORD encodingType,
963 const CERT_NAME_BLOB *name, LPCSTR oid, LPWSTR pszNameString, DWORD cchNameString)
964 {
965 CERT_NAME_INFO *nameInfo;
966 DWORD bytes = 0, ret = 0;
967
968 if (CryptDecodeObjectEx(encodingType, X509_NAME, name->pbData,
969 name->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, &nameInfo, &bytes))
970 {
971 PCERT_RDN_ATTR nameAttr = NULL;
972
973 if (oid)
974 nameAttr = CertFindRDNAttr(oid, nameInfo);
975 else
976 {
977 static const LPCSTR attributeOIDs[] =
978 {
979 szOID_RSA_emailAddr, szOID_COMMON_NAME,
980 szOID_ORGANIZATIONAL_UNIT_NAME, szOID_ORGANIZATION_NAME
981 };
982 DWORD i;
983
984 for (i = 0; !nameAttr && i < ARRAY_SIZE(attributeOIDs); i++)
985 nameAttr = CertFindRDNAttr(attributeOIDs[i], nameInfo);
986 }
987 if (nameAttr)
988 ret = rdn_value_to_strW(nameAttr->dwValueType, &nameAttr->Value,
989 pszNameString, cchNameString, TRUE);
990 LocalFree(nameInfo);
991 }
992 return ret;
993 }
994
995 static DWORD copy_output_str(WCHAR *dst, const WCHAR *src, DWORD dst_size)
996 {
997 DWORD len = wcslen(src);
998
999 if (!dst || !dst_size) return len + 1;
1000 len = min(len, dst_size - 1);
1001 memcpy(dst, src, len * sizeof(*dst));
1002 dst[len] = 0;
1003 return len + 1;
1004 }
1005
1006 DWORD WINAPI CertGetNameStringW(PCCERT_CONTEXT cert, DWORD type, DWORD flags, void *type_para,
1007 LPWSTR name_string, DWORD name_len)
1008 {
1009 static const DWORD supported_flags = CERT_NAME_ISSUER_FLAG | CERT_NAME_SEARCH_ALL_NAMES_FLAG;
1010 BOOL alt_name_issuer, search_all_names;
1011 CERT_ALT_NAME_INFO *info = NULL;
1012 PCERT_ALT_NAME_ENTRY entry;
1013 PCERT_NAME_BLOB name;
1014 DWORD ret = 0;
1015
1016 TRACE("(%p, %ld, %08lx, %p, %p, %ld)\n", cert, type, flags, type_para, name_string, name_len);
1017
1018 if (!cert)
1019 goto done;
1020
1021 if (flags & ~supported_flags)
1022 FIXME("Unsupported flags %#lx.\n", flags);
1023
1024 search_all_names = flags & CERT_NAME_SEARCH_ALL_NAMES_FLAG;
1025 if (search_all_names && type != CERT_NAME_DNS_TYPE)
1026 {
1027 WARN("CERT_NAME_SEARCH_ALL_NAMES_FLAG used with type %lu.\n", type);
1028 goto done;
1029 }
1030
1031 alt_name_issuer = flags & CERT_NAME_ISSUER_FLAG;
1032 name = alt_name_issuer ? &cert->pCertInfo->Issuer : &cert->pCertInfo->Subject;
1033
1034 switch (type)
1035 {
1036 case CERT_NAME_EMAIL_TYPE:
1037 {
1038 entry = cert_find_alt_name_entry(cert, alt_name_issuer, CERT_ALT_NAME_RFC822_NAME, &info);
1039
1040 if (entry)
1041 {
1042 ret = copy_output_str(name_string, entry->pwszRfc822Name, name_len);
1043 break;
1044 }
1045 ret = cert_get_name_from_rdn_attr(cert->dwCertEncodingType, name, szOID_RSA_emailAddr,
1046 name_string, name_len);
1047 break;
1048 }
1049 case CERT_NAME_RDN_TYPE:
1050 {
1051 DWORD param = type_para ? *(DWORD *)type_para : 0;
1052
1053 if (name->cbData)
1054 {
1055 ret = CertNameToStrW(cert->dwCertEncodingType, name, param, name_string, name_len);
1056 }
1057 else
1058 {
1059 entry = cert_find_alt_name_entry(cert, alt_name_issuer, CERT_ALT_NAME_DIRECTORY_NAME, &info);
1060
1061 if (entry)
1062 ret = CertNameToStrW(cert->dwCertEncodingType, &entry->DirectoryName,
1063 param, name_string, name_len);
1064 }
1065 break;
1066 }
1067 case CERT_NAME_ATTR_TYPE:
1068 ret = cert_get_name_from_rdn_attr(cert->dwCertEncodingType, name, type_para,
1069 name_string, name_len);
1070 if (ret) break;
1071
1072 entry = cert_find_alt_name_entry(cert, alt_name_issuer, CERT_ALT_NAME_DIRECTORY_NAME, &info);
1073
1074 if (entry)
1075 ret = cert_name_to_str_with_indent(X509_ASN_ENCODING, 0, &entry->DirectoryName,
1076 0, name_string, name_len);
1077 break;
1078 case CERT_NAME_SIMPLE_DISPLAY_TYPE:
1079 {
1080 static const LPCSTR simpleAttributeOIDs[] =
1081 {
1082 szOID_COMMON_NAME, szOID_ORGANIZATIONAL_UNIT_NAME, szOID_ORGANIZATION_NAME, szOID_RSA_emailAddr
1083 };
1084 CERT_NAME_INFO *nameInfo = NULL;
1085 DWORD bytes = 0, i;
1086
1087 if (CryptDecodeObjectEx(cert->dwCertEncodingType, X509_NAME, name->pbData, name->cbData,
1088 CRYPT_DECODE_ALLOC_FLAG, NULL, &nameInfo, &bytes))
1089 {
1090 PCERT_RDN_ATTR nameAttr = NULL;
1091
1092 for (i = 0; !nameAttr && i < ARRAY_SIZE(simpleAttributeOIDs); i++)
1093 nameAttr = CertFindRDNAttr(simpleAttributeOIDs[i], nameInfo);
1094 if (nameAttr)
1095 ret = rdn_value_to_strW(nameAttr->dwValueType, &nameAttr->Value, name_string, name_len, TRUE);
1096 LocalFree(nameInfo);
1097 }
1098 if (ret) break;
1099 entry = cert_find_alt_name_entry(cert, alt_name_issuer, CERT_ALT_NAME_RFC822_NAME, &info);
1100 if (!info) break;
1101 if (!entry && info->cAltEntry)
1102 entry = &info->rgAltEntry[0];
1103 if (entry) ret = copy_output_str(name_string, entry->pwszRfc822Name, name_len);
1104 break;
1105 }
1106 case CERT_NAME_FRIENDLY_DISPLAY_TYPE:
1107 {
1108 DWORD len = name_len;
1109
1110 if (CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID, name_string, &len))
1111 ret = len;
1112 else
1113 ret = CertGetNameStringW(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, flags,
1114 type_para, name_string, name_len);
1115 break;
1116 }
1117 case CERT_NAME_DNS_TYPE:
1118 {
1119 unsigned int index = 0, len;
1120
1121 if (cert_get_alt_name_info(cert, alt_name_issuer, &info)
1122 && (entry = cert_find_next_alt_name_entry(info, CERT_ALT_NAME_DNS_NAME, &index)))
1123 {
1124 if (search_all_names)
1125 {
1126 do
1127 {
1128 if (name_string && name_len == 1) break;
1129 ret += len = copy_output_str(name_string, entry->pwszDNSName, name_len ? name_len - 1 : 0);
1130 if (name_string && name_len)
1131 {
1132 name_string += len;
1133 name_len -= len;
1134 }
1135 }
1136 while ((entry = cert_find_next_alt_name_entry(info, CERT_ALT_NAME_DNS_NAME, &index)));
1137 }
1138 else ret = copy_output_str(name_string, entry->pwszDNSName, name_len);
1139 }
1140 else
1141 {
1142 if (!search_all_names || name_len != 1)
1143 {
1144 len = search_all_names && name_len ? name_len - 1 : name_len;
1145 ret = cert_get_name_from_rdn_attr(cert->dwCertEncodingType, name, szOID_COMMON_NAME,
1146 name_string, len);
1147 if (name_string) name_string += ret;
1148 }
1149 }
1150
1151 if (search_all_names)
1152 {
1153 if (name_string && name_len) *name_string = 0;
1154 ++ret;
1155 }
1156 break;
1157 }
1158 case CERT_NAME_URL_TYPE:
1159 {
1160 if ((entry = cert_find_alt_name_entry(cert, alt_name_issuer, CERT_ALT_NAME_URL, &info)))
1161 ret = copy_output_str(name_string, entry->pwszURL, name_len);
1162 break;
1163 }
1164 default:
1165 FIXME("unimplemented for type %lu.\n", type);
1166 ret = 0;
1167 break;
1168 }
1169 done:
1170 if (info)
1171 LocalFree(info);
1172
1173 if (!ret)
1174 {
1175 ret = 1;
1176 if (name_string && name_len) name_string[0] = 0;
1177 }
1178 return ret;
1179 }
Windows API implementation