2 * Copyright (C) 2006 Maarten Lankhorst
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
21 #include "wine/port.h"
24 #include "wine/debug.h"
29 #define NONAMELESSUNION
30 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
33 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet
);
35 BOOL WINAPI
DllMain(HINSTANCE hinstDLL
, DWORD fdwReason
, LPVOID lpvReserved
)
37 TRACE("(0x%p, %d, %p)\n", hinstDLL
, fdwReason
, lpvReserved
);
40 case DLL_WINE_PREATTACH
:
41 return FALSE
; /* prefer native version */
42 case DLL_PROCESS_ATTACH
:
43 DisableThreadLibraryCalls(hinstDLL
);
45 case DLL_PROCESS_DETACH
:
46 /* Do uninitialisation here */
53 static const WCHAR cryptNet
[] = { 'c','r','y','p','t','n','e','t','.',
55 static const WCHAR ldapProvOpenStore
[] = { 'L','d','a','p','P','r','o','v',
56 'O','p','e','S','t','o','r','e',0 };
58 /***********************************************************************
59 * DllRegisterServer (CRYPTNET.@)
61 HRESULT WINAPI
DllRegisterServer(void)
64 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING
,
65 CRYPT_OID_VERIFY_REVOCATION_FUNC
, 0, cryptNet
);
66 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap",
67 cryptNet
, "LdapProvOpenStore");
68 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
69 CERT_STORE_PROV_LDAP_W
, cryptNet
, "LdapProvOpenStore");
73 /***********************************************************************
74 * DllUnregisterServer (CRYPTNET.@)
76 HRESULT WINAPI
DllUnregisterServer(void)
79 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING
,
80 CRYPT_OID_VERIFY_REVOCATION_FUNC
, cryptNet
);
81 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap");
82 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
83 CERT_STORE_PROV_LDAP_W
);
87 static const char *url_oid_to_str(LPCSTR oid
)
97 #define _x(oid) case LOWORD(oid): return #oid
98 _x(URL_OID_CERTIFICATE_ISSUER
);
99 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT
);
100 _x(URL_OID_CTL_ISSUER
);
101 _x(URL_OID_CTL_NEXT_UPDATE
);
102 _x(URL_OID_CRL_ISSUER
);
103 _x(URL_OID_CERTIFICATE_FRESHEST_CRL
);
104 _x(URL_OID_CRL_FRESHEST_CRL
);
105 _x(URL_OID_CROSS_CERT_DIST_POINT
);
108 snprintf(buf
, sizeof(buf
), "%d", LOWORD(oid
));
114 typedef BOOL (WINAPI
*UrlDllGetObjectUrlFunc
)(LPCSTR
, LPVOID
, DWORD
,
115 PCRYPT_URL_ARRAY
, DWORD
*, PCRYPT_URL_INFO
, DWORD
*, LPVOID
);
117 static BOOL WINAPI
CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid
,
118 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
119 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
121 /* FIXME: This depends on the AIA (authority info access) extension being
122 * supported in crypt32.
125 SetLastError(CRYPT_E_NOT_FOUND
);
129 static BOOL WINAPI
CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid
,
130 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
131 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
133 PCCERT_CONTEXT cert
= (PCCERT_CONTEXT
)pvPara
;
137 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
138 if (dwFlags
&& !(dwFlags
& CRYPT_GET_URL_FROM_EXTENSION
))
140 SetLastError(CRYPT_E_NOT_FOUND
);
143 if ((ext
= CertFindExtension(szOID_CRL_DIST_POINTS
,
144 cert
->pCertInfo
->cExtension
, cert
->pCertInfo
->rgExtension
)))
146 CRL_DIST_POINTS_INFO
*info
;
149 ret
= CryptDecodeObjectEx(X509_ASN_ENCODING
, X509_CRL_DIST_POINTS
,
150 ext
->Value
.pbData
, ext
->Value
.cbData
, CRYPT_DECODE_ALLOC_FLAG
, NULL
,
154 DWORD i
, cUrl
, bytesNeeded
= sizeof(CRYPT_URL_ARRAY
);
156 for (i
= 0, cUrl
= 0; i
< info
->cDistPoint
; i
++)
157 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
158 == CRL_DIST_POINT_FULL_NAME
)
161 CERT_ALT_NAME_INFO
*name
=
162 &info
->rgDistPoint
[i
].DistPointName
.FullName
;
164 for (j
= 0; j
< name
->cAltEntry
; j
++)
165 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
168 if (name
->rgAltEntry
[j
].pwszURL
)
171 bytesNeeded
+= sizeof(LPWSTR
) +
172 (lstrlenW(name
->rgAltEntry
[j
].pwszURL
) + 1)
179 SetLastError(E_INVALIDARG
);
183 *pcbUrlArray
= bytesNeeded
;
184 else if (*pcbUrlArray
< bytesNeeded
)
186 SetLastError(ERROR_MORE_DATA
);
187 *pcbUrlArray
= bytesNeeded
;
194 *pcbUrlArray
= bytesNeeded
;
196 pUrlArray
->rgwszUrl
=
197 (LPWSTR
*)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
));
198 nextUrl
= (LPWSTR
)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
)
199 + cUrl
* sizeof(LPWSTR
));
200 for (i
= 0; i
< info
->cDistPoint
; i
++)
201 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
202 == CRL_DIST_POINT_FULL_NAME
)
205 CERT_ALT_NAME_INFO
*name
=
206 &info
->rgDistPoint
[i
].DistPointName
.FullName
;
208 for (j
= 0; j
< name
->cAltEntry
; j
++)
209 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
212 if (name
->rgAltEntry
[j
].pwszURL
)
215 name
->rgAltEntry
[j
].pwszURL
);
216 pUrlArray
->rgwszUrl
[pUrlArray
->cUrl
++] =
219 (lstrlenW(name
->rgAltEntry
[j
].pwszURL
) + 1)
229 FIXME("url info: stub\n");
231 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
232 else if (*pcbUrlInfo
< sizeof(CRYPT_URL_INFO
))
234 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
235 SetLastError(ERROR_MORE_DATA
);
240 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
241 memset(pUrlInfo
, 0, sizeof(CRYPT_URL_INFO
));
249 SetLastError(CRYPT_E_NOT_FOUND
);
253 /***********************************************************************
254 * CryptGetObjectUrl (CRYPTNET.@)
256 BOOL WINAPI
CryptGetObjectUrl(LPCSTR pszUrlOid
, LPVOID pvPara
, DWORD dwFlags
,
257 PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
, PCRYPT_URL_INFO pUrlInfo
,
258 DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
260 UrlDllGetObjectUrlFunc func
= NULL
;
261 HCRYPTOIDFUNCADDR hFunc
= NULL
;
264 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid
),
265 pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
, pUrlInfo
, pcbUrlInfo
, pvReserved
);
267 if (!HIWORD(pszUrlOid
))
269 switch (LOWORD(pszUrlOid
))
271 case LOWORD(URL_OID_CERTIFICATE_ISSUER
):
272 func
= CRYPT_GetUrlFromCertificateIssuer
;
274 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT
):
275 func
= CRYPT_GetUrlFromCertificateCRLDistPoint
;
278 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid
));
279 SetLastError(ERROR_FILE_NOT_FOUND
);
284 static HCRYPTOIDFUNCSET set
= NULL
;
287 set
= CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC
, 0);
288 CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszUrlOid
, 0,
289 (void **)&func
, &hFunc
);
292 ret
= func(pszUrlOid
, pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
,
293 pUrlInfo
, pcbUrlInfo
, pvReserved
);
295 CryptFreeOIDFunctionAddress(hFunc
, 0);
299 /***********************************************************************
300 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
302 BOOL WINAPI
CryptRetrieveObjectByUrlA(LPCSTR pszURL
, LPCSTR pszObjectOid
,
303 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
304 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
305 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
310 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL
),
311 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
312 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
316 SetLastError(ERROR_INVALID_PARAMETER
);
319 len
= MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, NULL
, 0);
322 LPWSTR url
= CryptMemAlloc(len
* sizeof(WCHAR
));
326 MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, url
, len
);
327 ret
= CryptRetrieveObjectByUrlW(url
, pszObjectOid
,
328 dwRetrievalFlags
, dwTimeout
, ppvObject
, hAsyncRetrieve
,
329 pCredentials
, pvVerify
, pAuxInfo
);
333 SetLastError(ERROR_OUTOFMEMORY
);
338 static void WINAPI
CRYPT_FreeBlob(LPCSTR pszObjectOid
,
339 PCRYPT_BLOB_ARRAY pObject
, void *pvFreeContext
)
343 for (i
= 0; i
< pObject
->cBlob
; i
++)
344 CryptMemFree(pObject
->rgBlob
[i
].pbData
);
345 CryptMemFree(pObject
->rgBlob
);
348 static BOOL
CRYPT_GetObjectFromFile(HANDLE hFile
, PCRYPT_BLOB_ARRAY pObject
)
353 if ((ret
= GetFileSizeEx(hFile
, &size
)))
357 WARN("file too big\n");
358 SetLastError(ERROR_INVALID_DATA
);
363 CRYPT_DATA_BLOB blob
;
365 blob
.pbData
= CryptMemAlloc(size
.LowPart
);
368 blob
.cbData
= size
.LowPart
;
369 ret
= ReadFile(hFile
, blob
.pbData
, size
.LowPart
, &blob
.cbData
,
373 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
377 memcpy(pObject
->rgBlob
, &blob
, sizeof(CRYPT_DATA_BLOB
));
381 SetLastError(ERROR_OUTOFMEMORY
);
386 CryptMemFree(blob
.pbData
);
390 SetLastError(ERROR_OUTOFMEMORY
);
398 /* FIXME: should make wininet cache all downloads instead */
399 /* FIXME: how do I know the cached object is up to date? */
400 static BOOL
CRYPT_GetObjectFromCache(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
401 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
404 INTERNET_CACHE_ENTRY_INFOW cacheInfo
= { sizeof(cacheInfo
), 0 };
405 DWORD size
= sizeof(cacheInfo
);
407 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pObject
, pAuxInfo
);
409 if (GetUrlCacheEntryInfoW(pszURL
, &cacheInfo
, &size
) ||
410 GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
414 GetSystemTimeAsFileTime(&ft
);
415 if (CompareFileTime(&cacheInfo
.ExpireTime
, &ft
) >= 0)
417 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo
= CryptMemAlloc(size
);
421 if (GetUrlCacheEntryInfoW(pszURL
, pCacheInfo
, &size
))
423 HANDLE hFile
= CreateFileW(pCacheInfo
->lpszLocalFileName
,
424 GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
425 FILE_ATTRIBUTE_NORMAL
, NULL
);
427 if (hFile
!= INVALID_HANDLE_VALUE
)
429 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
431 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
432 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
433 pLastSyncTime
) + sizeof(PFILETIME
) &&
434 pAuxInfo
->pLastSyncTime
)
435 memcpy(pAuxInfo
->pLastSyncTime
,
436 &pCacheInfo
->LastSyncTime
,
442 CryptMemFree(pCacheInfo
);
445 SetLastError(ERROR_OUTOFMEMORY
);
448 DeleteUrlCacheEntryW(pszURL
);
450 TRACE("returning %d\n", ret
);
454 static inline LPWSTR
strndupW(LPWSTR string
, int len
)
457 if (string
&& (ret
= CryptMemAlloc((len
+ 1) * sizeof(WCHAR
))) != NULL
)
459 memcpy(ret
, string
, len
* sizeof(WCHAR
));
465 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
466 * to NULL-terminated copies of those portions of the URL (to be freed with
469 static BOOL
CRYPT_CrackUrl(LPCWSTR pszURL
, URL_COMPONENTSW
*components
)
473 TRACE("(%s, %p)\n", debugstr_w(pszURL
), components
);
475 memset(components
, 0, sizeof(*components
));
476 components
->dwStructSize
= sizeof(*components
);
477 components
->dwHostNameLength
= 1;
478 components
->dwUrlPathLength
= 1;
479 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, components
);
482 LPWSTR hostname
= strndupW(components
->lpszHostName
,
483 components
->dwHostNameLength
);
484 LPWSTR path
= strndupW(components
->lpszUrlPath
,
485 components
->dwUrlPathLength
);
487 components
->lpszHostName
= hostname
;
488 components
->lpszUrlPath
= path
;
489 switch (components
->nScheme
)
491 case INTERNET_SCHEME_FTP
:
492 if (!components
->nPort
)
493 components
->nPort
= INTERNET_DEFAULT_FTP_PORT
;
495 case INTERNET_SCHEME_HTTP
:
496 if (!components
->nPort
)
497 components
->nPort
= INTERNET_DEFAULT_HTTP_PORT
;
503 TRACE("returning %d\n", ret
);
514 static struct InetContext
*CRYPT_MakeInetContext(DWORD dwTimeout
)
516 struct InetContext
*context
= CryptMemAlloc(sizeof(struct InetContext
));
520 context
->event
= CreateEventW(NULL
, FALSE
, FALSE
, NULL
);
523 CryptMemFree(context
);
528 context
->timeout
= dwTimeout
;
529 context
->error
= ERROR_SUCCESS
;
535 static BOOL
CRYPT_DownloadObject(DWORD dwRetrievalFlags
, HINTERNET hHttp
,
536 struct InetContext
*context
, PCRYPT_BLOB_ARRAY pObject
,
537 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
539 CRYPT_DATA_BLOB object
= { 0, NULL
};
540 DWORD bytesAvailable
;
544 if ((ret
= InternetQueryDataAvailable(hHttp
, &bytesAvailable
, 0, 0)))
549 object
.pbData
= CryptMemRealloc(object
.pbData
,
550 object
.cbData
+ bytesAvailable
);
552 object
.pbData
= CryptMemAlloc(bytesAvailable
);
555 INTERNET_BUFFERSA buffer
= { sizeof(buffer
), 0 };
557 buffer
.dwBufferLength
= bytesAvailable
;
558 buffer
.lpvBuffer
= object
.pbData
+ object
.cbData
;
559 if (!(ret
= InternetReadFileExA(hHttp
, &buffer
, IRF_NO_WAIT
,
560 (DWORD_PTR
)context
)))
562 if (GetLastError() == ERROR_IO_PENDING
)
564 if (WaitForSingleObject(context
->event
,
565 context
->timeout
) == WAIT_TIMEOUT
)
566 SetLastError(ERROR_TIMEOUT
);
567 else if (context
->error
)
568 SetLastError(context
->error
);
574 object
.cbData
+= bytesAvailable
;
578 SetLastError(ERROR_OUTOFMEMORY
);
583 else if (GetLastError() == ERROR_IO_PENDING
)
585 if (WaitForSingleObject(context
->event
, context
->timeout
) ==
587 SetLastError(ERROR_TIMEOUT
);
591 } while (ret
&& bytesAvailable
);
594 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
595 if (!pObject
->rgBlob
)
597 CryptMemFree(object
.pbData
);
598 SetLastError(ERROR_OUTOFMEMORY
);
603 pObject
->rgBlob
[0].cbData
= object
.cbData
;
604 pObject
->rgBlob
[0].pbData
= object
.pbData
;
608 TRACE("returning %d\n", ret
);
612 static void CRYPT_CacheURL(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
613 DWORD dwRetrievalFlags
)
615 WCHAR cacheFileName
[MAX_PATH
];
617 /* FIXME: let wininet directly cache instead */
618 if (CreateUrlCacheEntryW(pszURL
, pObject
->rgBlob
[0].cbData
, NULL
,
621 HANDLE hCacheFile
= CreateFileW(cacheFileName
, GENERIC_WRITE
, 0, NULL
,
622 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
624 if (hCacheFile
!= INVALID_HANDLE_VALUE
)
626 DWORD bytesWritten
, entryType
;
629 if (!(dwRetrievalFlags
& CRYPT_STICKY_CACHE_RETRIEVAL
))
630 entryType
= NORMAL_CACHE_ENTRY
;
632 entryType
= STICKY_CACHE_ENTRY
;
633 WriteFile(hCacheFile
, pObject
->rgBlob
[0].pbData
,
634 pObject
->rgBlob
[0].cbData
, &bytesWritten
, NULL
);
635 CloseHandle(hCacheFile
);
636 CommitUrlCacheEntryW(pszURL
, cacheFileName
, ft
, ft
, entryType
,
637 NULL
, 0, NULL
, NULL
);
642 static void CALLBACK
CRYPT_InetStatusCallback(HINTERNET hInt
,
643 DWORD_PTR dwContext
, DWORD status
, void *statusInfo
, DWORD statusInfoLen
)
645 struct InetContext
*context
= (struct InetContext
*)dwContext
;
646 LPINTERNET_ASYNC_RESULT result
;
650 case INTERNET_STATUS_REQUEST_COMPLETE
:
651 result
= (LPINTERNET_ASYNC_RESULT
)statusInfo
;
652 context
->error
= result
->dwError
;
653 SetEvent(context
->event
);
657 static BOOL
CRYPT_Connect(URL_COMPONENTSW
*components
,
658 struct InetContext
*context
, PCRYPT_CREDENTIALS pCredentials
,
659 HINTERNET
*phInt
, HINTERNET
*phHost
)
663 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components
->lpszHostName
),
664 components
->nPort
, context
, pCredentials
, phInt
, phInt
);
667 *phInt
= InternetOpenW(NULL
, INTERNET_OPEN_TYPE_DIRECT
, NULL
, NULL
,
668 context
? INTERNET_FLAG_ASYNC
: 0);
674 InternetSetStatusCallbackW(*phInt
, CRYPT_InetStatusCallback
);
675 switch (components
->nScheme
)
677 case INTERNET_SCHEME_FTP
:
678 service
= INTERNET_SERVICE_FTP
;
680 case INTERNET_SCHEME_HTTP
:
681 service
= INTERNET_SERVICE_HTTP
;
686 /* FIXME: use pCredentials for username/password */
687 *phHost
= InternetConnectW(*phInt
, components
->lpszHostName
,
688 components
->nPort
, NULL
, NULL
, service
, 0, (DWORD_PTR
)context
);
691 InternetCloseHandle(*phInt
);
700 TRACE("returning %d\n", ret
);
704 static BOOL WINAPI
FTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
705 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
706 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
707 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
708 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
710 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
711 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
712 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
715 pObject
->rgBlob
= NULL
;
716 *ppfnFreeObject
= CRYPT_FreeBlob
;
717 *ppvFreeContext
= NULL
;
721 static const WCHAR x509cacert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
722 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
723 static const WCHAR x509emailcert
[] = { 'a','p','p','l','i','c','a','t','i','o',
724 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
726 static const WCHAR x509servercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
727 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
729 static const WCHAR x509usercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
730 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
731 static const WCHAR pkcs7cert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
732 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
734 static const WCHAR pkixCRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
735 '/','p','k','i','x','-','c','r','l',0 };
736 static const WCHAR pkcs7CRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
737 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
738 static const WCHAR pkcs7sig
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
739 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
740 static const WCHAR pkcs7mime
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
741 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
743 static BOOL WINAPI
HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
744 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
745 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
746 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
747 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
751 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
752 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
753 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
756 pObject
->rgBlob
= NULL
;
757 *ppfnFreeObject
= CRYPT_FreeBlob
;
758 *ppvFreeContext
= NULL
;
760 if (!(dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
))
761 ret
= CRYPT_GetObjectFromCache(pszURL
, pObject
, pAuxInfo
);
762 if (!ret
&& (!(dwRetrievalFlags
& CRYPT_CACHE_ONLY_RETRIEVAL
) ||
763 (dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
)))
765 URL_COMPONENTSW components
;
767 if ((ret
= CRYPT_CrackUrl(pszURL
, &components
)))
769 HINTERNET hInt
, hHost
;
770 struct InetContext
*context
= NULL
;
773 context
= CRYPT_MakeInetContext(dwTimeout
);
774 ret
= CRYPT_Connect(&components
, context
, pCredentials
, &hInt
,
778 static LPCWSTR types
[] = { x509cacert
, x509emailcert
,
779 x509servercert
, x509usercert
, pkcs7cert
, pkixCRL
, pkcs7CRL
,
780 pkcs7sig
, pkcs7mime
, NULL
};
781 HINTERNET hHttp
= HttpOpenRequestW(hHost
, NULL
,
782 components
.lpszUrlPath
, NULL
, NULL
, types
,
783 INTERNET_FLAG_NO_COOKIES
| INTERNET_FLAG_NO_UI
,
788 ret
= HttpSendRequestExW(hHttp
, NULL
, NULL
, 0,
790 if (!ret
&& GetLastError() == ERROR_IO_PENDING
)
792 if (WaitForSingleObject(context
->event
,
793 context
->timeout
) == WAIT_TIMEOUT
)
794 SetLastError(ERROR_TIMEOUT
);
798 ret
= HttpEndRequestW(hHttp
, NULL
, 0, (DWORD_PTR
)context
);
799 if (!ret
&& GetLastError() == ERROR_IO_PENDING
)
801 if (WaitForSingleObject(context
->event
,
802 context
->timeout
) == WAIT_TIMEOUT
)
803 SetLastError(ERROR_TIMEOUT
);
808 ret
= CRYPT_DownloadObject(dwRetrievalFlags
, hHttp
,
809 context
, pObject
, pAuxInfo
);
810 if (ret
&& !(dwRetrievalFlags
& CRYPT_DONT_CACHE_RESULT
))
811 CRYPT_CacheURL(pszURL
, pObject
, dwRetrievalFlags
);
812 InternetCloseHandle(hHttp
);
814 InternetCloseHandle(hHost
);
815 InternetCloseHandle(hInt
);
819 CloseHandle(context
->event
);
820 CryptMemFree(context
);
822 CryptMemFree(components
.lpszUrlPath
);
823 CryptMemFree(components
.lpszHostName
);
826 TRACE("returning %d\n", ret
);
830 static BOOL WINAPI
File_RetrieveEncodedObjectW(LPCWSTR pszURL
,
831 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
832 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
833 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
834 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
836 URL_COMPONENTSW components
= { sizeof(components
), 0 };
839 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
840 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
841 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
844 pObject
->rgBlob
= NULL
;
845 *ppfnFreeObject
= CRYPT_FreeBlob
;
846 *ppvFreeContext
= NULL
;
848 components
.dwUrlPathLength
= 1;
849 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, &components
);
854 /* 3 == lstrlenW(L"c:") + 1 */
855 path
= CryptMemAlloc((components
.dwUrlPathLength
+ 3) * sizeof(WCHAR
));
860 /* Try to create the file directly - Wine handles / in pathnames */
861 lstrcpynW(path
, components
.lpszUrlPath
,
862 components
.dwUrlPathLength
+ 1);
863 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
864 FILE_ATTRIBUTE_NORMAL
, NULL
);
865 if (hFile
== INVALID_HANDLE_VALUE
)
867 /* Try again on the current drive */
868 GetCurrentDirectoryW(components
.dwUrlPathLength
, path
);
871 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
872 components
.dwUrlPathLength
+ 1);
873 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
874 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
876 if (hFile
== INVALID_HANDLE_VALUE
)
878 /* Try again on the Windows drive */
879 GetWindowsDirectoryW(path
, components
.dwUrlPathLength
);
882 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
883 components
.dwUrlPathLength
+ 1);
884 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
885 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
889 if (hFile
!= INVALID_HANDLE_VALUE
)
891 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
893 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
894 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
895 pLastSyncTime
) + sizeof(PFILETIME
) &&
896 pAuxInfo
->pLastSyncTime
)
897 GetFileTime(hFile
, NULL
, NULL
,
898 pAuxInfo
->pLastSyncTime
);
910 typedef BOOL (WINAPI
*SchemeDllRetrieveEncodedObjectW
)(LPCWSTR pwszUrl
,
911 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
912 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
913 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
914 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
);
916 static BOOL
CRYPT_GetRetrieveFunction(LPCWSTR pszURL
,
917 SchemeDllRetrieveEncodedObjectW
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
919 URL_COMPONENTSW components
= { sizeof(components
), 0 };
922 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pFunc
, phFunc
);
926 components
.dwSchemeLength
= 1;
927 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, &components
);
930 /* Microsoft always uses CryptInitOIDFunctionSet/
931 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
932 * reason to do so for builtin schemes.
934 switch (components
.nScheme
)
936 case INTERNET_SCHEME_FTP
:
937 *pFunc
= FTP_RetrieveEncodedObjectW
;
939 case INTERNET_SCHEME_HTTP
:
940 *pFunc
= HTTP_RetrieveEncodedObjectW
;
942 case INTERNET_SCHEME_FILE
:
943 *pFunc
= File_RetrieveEncodedObjectW
;
947 int len
= WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
948 components
.dwSchemeLength
, NULL
, 0, NULL
, NULL
);
952 LPSTR scheme
= CryptMemAlloc(len
);
956 static HCRYPTOIDFUNCSET set
= NULL
;
959 set
= CryptInitOIDFunctionSet(
960 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC
, 0);
961 WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
962 components
.dwSchemeLength
, scheme
, len
, NULL
, NULL
);
963 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
,
964 scheme
, 0, (void **)pFunc
, phFunc
);
965 CryptMemFree(scheme
);
969 SetLastError(ERROR_OUTOFMEMORY
);
978 TRACE("returning %d\n", ret
);
982 static BOOL WINAPI
CRYPT_CreateBlob(LPCSTR pszObjectOid
,
983 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
986 CRYPT_BLOB_ARRAY
*context
;
989 size
= sizeof(CRYPT_BLOB_ARRAY
) + pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
990 for (i
= 0; i
< pObject
->cBlob
; i
++)
991 size
+= pObject
->rgBlob
[i
].cbData
;
992 context
= CryptMemAlloc(size
);
999 (CRYPT_DATA_BLOB
*)((LPBYTE
)context
+ sizeof(CRYPT_BLOB_ARRAY
));
1001 (LPBYTE
)context
->rgBlob
+ pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1002 for (i
= 0; i
< pObject
->cBlob
; i
++)
1004 memcpy(nextData
, pObject
->rgBlob
[i
].pbData
,
1005 pObject
->rgBlob
[i
].cbData
);
1006 context
->rgBlob
[i
].pbData
= nextData
;
1007 context
->rgBlob
[i
].cbData
= pObject
->rgBlob
[i
].cbData
;
1008 nextData
+= pObject
->rgBlob
[i
].cbData
;
1011 *ppvContext
= context
;
1017 typedef BOOL (WINAPI
*AddContextToStore
)(HCERTSTORE hCertStore
,
1018 const void *pContext
, DWORD dwAddDisposition
, const void **ppStoreContext
);
1020 static BOOL
CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject
,
1021 DWORD dwExpectedContentTypeFlags
, AddContextToStore addFunc
, void **ppvContext
)
1025 if (!pObject
->cBlob
)
1027 SetLastError(ERROR_INVALID_DATA
);
1031 else if (pObject
->cBlob
== 1)
1033 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1034 dwExpectedContentTypeFlags
, CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
,
1035 NULL
, NULL
, NULL
, NULL
, (const void **)ppvContext
))
1037 SetLastError(CRYPT_E_NO_MATCH
);
1043 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1044 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1049 const void *context
;
1051 for (i
= 0; i
< pObject
->cBlob
; i
++)
1053 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1054 &pObject
->rgBlob
[i
], dwExpectedContentTypeFlags
,
1055 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, NULL
, NULL
, NULL
,
1058 if (!addFunc(store
, context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1063 SetLastError(CRYPT_E_NO_MATCH
);
1070 *ppvContext
= store
;
1075 static BOOL WINAPI
CRYPT_CreateCert(LPCSTR pszObjectOid
,
1076 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1078 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CERT
,
1079 (AddContextToStore
)CertAddCertificateContextToStore
, ppvContext
);
1082 static BOOL WINAPI
CRYPT_CreateCRL(LPCSTR pszObjectOid
,
1083 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1085 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CRL
,
1086 (AddContextToStore
)CertAddCRLContextToStore
, ppvContext
);
1089 static BOOL WINAPI
CRYPT_CreateCTL(LPCSTR pszObjectOid
,
1090 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1092 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CTL
,
1093 (AddContextToStore
)CertAddCTLContextToStore
, ppvContext
);
1096 static BOOL WINAPI
CRYPT_CreatePKCS7(LPCSTR pszObjectOid
,
1097 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1101 if (!pObject
->cBlob
)
1103 SetLastError(ERROR_INVALID_DATA
);
1107 else if (pObject
->cBlob
== 1)
1108 ret
= CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1109 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1110 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
, CERT_QUERY_FORMAT_FLAG_BINARY
,
1111 0, NULL
, NULL
, NULL
, (HCERTSTORE
*)ppvContext
, NULL
, NULL
);
1114 FIXME("multiple messages unimplemented\n");
1120 static BOOL WINAPI
CRYPT_CreateAny(LPCSTR pszObjectOid
,
1121 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1125 if (!pObject
->cBlob
)
1127 SetLastError(ERROR_INVALID_DATA
);
1133 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
1134 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1138 HCERTSTORE memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1139 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1143 CertAddStoreToCollection(store
, memStore
,
1144 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
1145 CertCloseStore(memStore
, 0);
1149 CertCloseStore(store
, 0);
1158 for (i
= 0; i
< pObject
->cBlob
; i
++)
1160 DWORD contentType
, expectedContentTypes
=
1161 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1162 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
|
1163 CERT_QUERY_CONTENT_FLAG_CERT
|
1164 CERT_QUERY_CONTENT_FLAG_CRL
|
1165 CERT_QUERY_CONTENT_FLAG_CTL
;
1166 HCERTSTORE contextStore
;
1167 const void *context
;
1169 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1170 &pObject
->rgBlob
[i
], expectedContentTypes
,
1171 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, &contentType
, NULL
,
1172 &contextStore
, NULL
, &context
))
1174 switch (contentType
)
1176 case CERT_QUERY_CONTENT_CERT
:
1177 if (!CertAddCertificateContextToStore(store
,
1178 (PCCERT_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1181 case CERT_QUERY_CONTENT_CRL
:
1182 if (!CertAddCRLContextToStore(store
,
1183 (PCCRL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1186 case CERT_QUERY_CONTENT_CTL
:
1187 if (!CertAddCTLContextToStore(store
,
1188 (PCCTL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1192 CertAddStoreToCollection(store
, contextStore
, 0, 0);
1201 *ppvContext
= store
;
1206 typedef BOOL (WINAPI
*ContextDllCreateObjectContext
)(LPCSTR pszObjectOid
,
1207 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
);
1209 static BOOL
CRYPT_GetCreateFunction(LPCSTR pszObjectOid
,
1210 ContextDllCreateObjectContext
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
1214 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid
), pFunc
, phFunc
);
1218 if (!HIWORD(pszObjectOid
))
1220 switch (LOWORD(pszObjectOid
))
1223 *pFunc
= CRYPT_CreateBlob
;
1225 case LOWORD(CONTEXT_OID_CERTIFICATE
):
1226 *pFunc
= CRYPT_CreateCert
;
1228 case LOWORD(CONTEXT_OID_CRL
):
1229 *pFunc
= CRYPT_CreateCRL
;
1231 case LOWORD(CONTEXT_OID_CTL
):
1232 *pFunc
= CRYPT_CreateCTL
;
1234 case LOWORD(CONTEXT_OID_PKCS7
):
1235 *pFunc
= CRYPT_CreatePKCS7
;
1237 case LOWORD(CONTEXT_OID_CAPI2_ANY
):
1238 *pFunc
= CRYPT_CreateAny
;
1244 static HCRYPTOIDFUNCSET set
= NULL
;
1247 set
= CryptInitOIDFunctionSet(
1248 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC
, 0);
1249 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszObjectOid
,
1250 0, (void **)pFunc
, phFunc
);
1252 TRACE("returning %d\n", ret
);
1256 /***********************************************************************
1257 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1259 BOOL WINAPI
CryptRetrieveObjectByUrlW(LPCWSTR pszURL
, LPCSTR pszObjectOid
,
1260 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
1261 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
1262 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
1265 SchemeDllRetrieveEncodedObjectW retrieve
;
1266 ContextDllCreateObjectContext create
;
1267 HCRYPTOIDFUNCADDR hRetrieve
= 0, hCreate
= 0;
1269 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
1270 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
1271 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
1275 SetLastError(ERROR_INVALID_PARAMETER
);
1278 ret
= CRYPT_GetRetrieveFunction(pszURL
, &retrieve
, &hRetrieve
);
1280 ret
= CRYPT_GetCreateFunction(pszObjectOid
, &create
, &hCreate
);
1283 CRYPT_BLOB_ARRAY object
= { 0, NULL
};
1284 PFN_FREE_ENCODED_OBJECT_FUNC freeObject
;
1287 ret
= retrieve(pszURL
, pszObjectOid
, dwRetrievalFlags
, dwTimeout
,
1288 &object
, &freeObject
, &freeContext
, hAsyncRetrieve
, pCredentials
,
1292 ret
= create(pszObjectOid
, dwRetrievalFlags
, &object
, ppvObject
);
1293 freeObject(pszObjectOid
, &object
, freeContext
);
1297 CryptFreeOIDFunctionAddress(hCreate
, 0);
1299 CryptFreeOIDFunctionAddress(hRetrieve
, 0);
1300 TRACE("returning %d\n", ret
);
1304 /***********************************************************************
1305 * CertDllVerifyRevocation (CRYPTNET.@)
1307 BOOL WINAPI
CertDllVerifyRevocation(DWORD dwEncodingType
, DWORD dwRevType
,
1308 DWORD cContext
, PVOID rgpvContext
[], DWORD dwFlags
,
1309 PCERT_REVOCATION_PARA pRevPara
, PCERT_REVOCATION_STATUS pRevStatus
)
1311 FIXME("(%08x, %d, %d, %p, %08x, %p, %p): stub\n", dwEncodingType
, dwRevType
,
1312 cContext
, rgpvContext
, dwFlags
, pRevPara
, pRevStatus
);