dlls/crypt32/message.c

   1 /*
   2  * Copyright 2007 Juan Lang
   3  *
   4  * This library is free software; you can redistribute it and/or
   5  * modify it under the terms of the GNU Lesser General Public
   6  * License as published by the Free Software Foundation; either
   7  * version 2.1 of the License, or (at your option) any later version.
   8  *
   9  * This library is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12  * Lesser General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU Lesser General Public
  15  * License along with this library; if not, write to the Free Software
  16  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  17  */
  18
  19 #include <stdarg.h>
  20 #include "windef.h"
  21 #include "winbase.h"
  22 #include "wincrypt.h"
  23
  24 #include "wine/debug.h"
  25
  26 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
  27
  28 HCERTSTORE WINAPI CryptGetMessageCertificates(DWORD dwMsgAndCertEncodingType,
  29  HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const BYTE* pbSignedBlob,
  30  DWORD cbSignedBlob)
  31 {
  32     CRYPT_DATA_BLOB blob = { cbSignedBlob, (LPBYTE)pbSignedBlob };
  33
  34     TRACE("(%08x, %ld, %d08x %p, %d)\n", dwMsgAndCertEncodingType, hCryptProv,
  35      dwFlags, pbSignedBlob, cbSignedBlob);
  36
  37     return CertOpenStore(CERT_STORE_PROV_PKCS7, dwMsgAndCertEncodingType,
  38      hCryptProv, dwFlags, &blob);
  39 }
  40
  41 LONG WINAPI CryptGetMessageSignerCount(DWORD dwMsgEncodingType,
  42  const BYTE *pbSignedBlob, DWORD cbSignedBlob)
  43 {
  44     HCRYPTMSG msg;
  45     LONG count = -1;
  46
  47     TRACE("(%08x, %p, %d)\n", dwMsgEncodingType, pbSignedBlob, cbSignedBlob);
  48
  49     msg = CryptMsgOpenToDecode(dwMsgEncodingType, 0, 0, 0, NULL, NULL);
  50     if (msg)
  51     {
  52         if (CryptMsgUpdate(msg, pbSignedBlob, cbSignedBlob, TRUE))
  53         {
  54             DWORD size = sizeof(count);
  55
  56             CryptMsgGetParam(msg, CMSG_SIGNER_COUNT_PARAM, 0, &count, &size);
  57         }
  58         CryptMsgClose(msg);
  59     }
  60     return count;
  61 }
  62
  63 static BOOL CRYPT_CopyParam(void *pvData, DWORD *pcbData, const void *src,
  64  DWORD len)
  65 {
  66     BOOL ret = TRUE;
  67
  68     if (!pvData)
  69         *pcbData = len;
  70     else if (*pcbData < len)
  71     {
  72         *pcbData = len;
  73         SetLastError(ERROR_MORE_DATA);
  74         ret = FALSE;
  75     }
  76     else
  77     {
  78         *pcbData = len;
  79         memcpy(pvData, src, len);
  80     }
  81     return ret;
  82 }
  83
  84 static CERT_INFO *CRYPT_GetSignerCertInfoFromMsg(HCRYPTMSG msg,
  85  DWORD dwSignerIndex)
  86 {
  87     CERT_INFO *certInfo = NULL;
  88     DWORD size;
  89
  90     if (CryptMsgGetParam(msg, CMSG_SIGNER_CERT_INFO_PARAM, dwSignerIndex, NULL,
  91      &size))
  92     {
  93         certInfo = CryptMemAlloc(size);
  94         if (certInfo)
  95         {
  96             if (!CryptMsgGetParam(msg, CMSG_SIGNER_CERT_INFO_PARAM,
  97              dwSignerIndex, certInfo, &size))
  98             {
  99                 CryptMemFree(certInfo);
 100                 certInfo = NULL;
 101             }
 102         }
 103     }
 104     return certInfo;
 105 }
 106
 107 static PCCERT_CONTEXT WINAPI CRYPT_DefaultGetSignerCertificate(void *pvGetArg,
 108  DWORD dwCertEncodingType, PCERT_INFO pSignerId, HCERTSTORE hMsgCertStore)
 109 {
 110     return CertFindCertificateInStore(hMsgCertStore, dwCertEncodingType, 0,
 111      CERT_FIND_SUBJECT_CERT, pSignerId, NULL);
 112 }
 113
 114 static inline PCCERT_CONTEXT CRYPT_GetSignerCertificate(HCRYPTMSG msg,
 115  PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, PCERT_INFO certInfo, HCERTSTORE store)
 116 {
 117     PFN_CRYPT_GET_SIGNER_CERTIFICATE getCert;
 118
 119     if (pVerifyPara->pfnGetSignerCertificate)
 120         getCert = pVerifyPara->pfnGetSignerCertificate;
 121     else
 122         getCert = CRYPT_DefaultGetSignerCertificate;
 123     return getCert(pVerifyPara->pvGetArg,
 124      pVerifyPara->dwMsgAndCertEncodingType, certInfo, store);
 125 }
 126
 127 BOOL WINAPI CryptVerifyMessageSignature(PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara,
 128  DWORD dwSignerIndex, const BYTE* pbSignedBlob, DWORD cbSignedBlob,
 129  BYTE* pbDecoded, DWORD* pcbDecoded, PCCERT_CONTEXT* ppSignerCert)
 130 {
 131     BOOL ret = FALSE;
 132     DWORD size;
 133     CRYPT_CONTENT_INFO *contentInfo;
 134
 135     TRACE("(%p, %d, %p, %d, %p, %p, %p)\n",
 136      pVerifyPara, dwSignerIndex, pbSignedBlob, cbSignedBlob,
 137      pbDecoded, pcbDecoded, ppSignerCert);
 138
 139     if (ppSignerCert)
 140         *ppSignerCert = NULL;
 141     if (pcbDecoded)
 142         *pcbDecoded = 0;
 143     if (!pVerifyPara ||
 144      pVerifyPara->cbSize != sizeof(CRYPT_VERIFY_MESSAGE_PARA) ||
 145      GET_CMSG_ENCODING_TYPE(pVerifyPara->dwMsgAndCertEncodingType) !=
 146      PKCS_7_ASN_ENCODING)
 147     {
 148         SetLastError(E_INVALIDARG);
 149         return FALSE;
 150     }
 151
 152     ret = CryptDecodeObjectEx(pVerifyPara->dwMsgAndCertEncodingType,
 153      PKCS_CONTENT_INFO, pbSignedBlob, cbSignedBlob,
 154      CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
 155      (LPBYTE)&contentInfo, &size);
 156     if (ret)
 157     {
 158         if (strcmp(contentInfo->pszObjId, szOID_RSA_signedData))
 159         {
 160             SetLastError(CRYPT_E_UNEXPECTED_MSG_TYPE);
 161             ret = FALSE;
 162         }
 163         else
 164         {
 165             HCRYPTMSG msg = CryptMsgOpenToDecode(
 166              pVerifyPara->dwMsgAndCertEncodingType, 0, CMSG_SIGNED,
 167              pVerifyPara->hCryptProv, NULL, NULL);
 168
 169             if (msg)
 170             {
 171                 ret = CryptMsgUpdate(msg, contentInfo->Content.pbData,
 172                  contentInfo->Content.cbData, TRUE);
 173                 if (ret && pcbDecoded)
 174                     ret = CRYPT_CopyParam(pbDecoded, pcbDecoded,
 175                      contentInfo->Content.pbData, contentInfo->Content.cbData);
 176                 if (ret)
 177                 {
 178                     CERT_INFO *certInfo = CRYPT_GetSignerCertInfoFromMsg(msg,
 179                      dwSignerIndex);
 180
 181                     ret = FALSE;
 182                     if (certInfo)
 183                     {
 184                         HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MSG,
 185                          pVerifyPara->dwMsgAndCertEncodingType,
 186                          pVerifyPara->hCryptProv, 0, msg);
 187
 188                         if (store)
 189                         {
 190                             PCCERT_CONTEXT cert = CRYPT_GetSignerCertificate(
 191                              msg, pVerifyPara, certInfo, store);
 192
 193                             if (cert)
 194                             {
 195                                 ret = CryptMsgControl(msg, 0,
 196                                  CMSG_CTRL_VERIFY_SIGNATURE, cert->pCertInfo);
 197                                 if (ret && ppSignerCert)
 198                                     *ppSignerCert = cert;
 199                                 else
 200                                     CertFreeCertificateContext(cert);
 201                             }
 202                             CertCloseStore(store, 0);
 203                         }
 204                     }
 205                     CryptMemFree(certInfo);
 206                 }
 207                 CryptMsgClose(msg);
 208             }
 209         }
 210         LocalFree(contentInfo);
 211     }
 212     TRACE("returning %d\n", ret);
 213     return ret;
 214 }
 215
 216 BOOL WINAPI CryptHashMessage(PCRYPT_HASH_MESSAGE_PARA pHashPara,
 217  BOOL fDetachedHash, DWORD cToBeHashed, const BYTE *rgpbToBeHashed[],
 218  DWORD rgcbToBeHashed[], BYTE *pbHashedBlob, DWORD *pcbHashedBlob,
 219  BYTE *pbComputedHash, DWORD *pcbComputedHash)
 220 {
 221     DWORD i, flags;
 222     BOOL ret = FALSE;
 223     HCRYPTMSG msg;
 224     CMSG_HASHED_ENCODE_INFO info;
 225
 226     TRACE("(%p, %d, %d, %p, %p, %p, %p, %p, %p)\n", pHashPara, fDetachedHash,
 227      cToBeHashed, rgpbToBeHashed, rgcbToBeHashed, pbHashedBlob, pcbHashedBlob,
 228      pbComputedHash, pcbComputedHash);
 229
 230     if (pHashPara->cbSize != sizeof(CRYPT_HASH_MESSAGE_PARA))
 231     {
 232         SetLastError(E_INVALIDARG);
 233         return FALSE;
 234     }
 235     /* Native seems to ignore any encoding type other than the expected
 236      * PKCS_7_ASN_ENCODING
 237      */
 238     if (GET_CMSG_ENCODING_TYPE(pHashPara->dwMsgEncodingType) !=
 239      PKCS_7_ASN_ENCODING)
 240         return TRUE;
 241     /* Native also seems to do nothing if the output parameter isn't given */
 242     if (!pcbHashedBlob)
 243         return TRUE;
 244
 245     flags = fDetachedHash ? CMSG_DETACHED_FLAG : 0;
 246     memset(&info, 0, sizeof(info));
 247     info.cbSize = sizeof(info);
 248     info.hCryptProv = pHashPara->hCryptProv;
 249     memcpy(&info.HashAlgorithm, &pHashPara->HashAlgorithm,
 250      sizeof(info.HashAlgorithm));
 251     info.pvHashAuxInfo = pHashPara->pvHashAuxInfo;
 252     msg = CryptMsgOpenToEncode(pHashPara->dwMsgEncodingType, flags, CMSG_HASHED,
 253      &info, NULL, NULL);
 254     if (msg)
 255     {
 256         for (i = 0, ret = TRUE; ret && i < cToBeHashed; i++)
 257             ret = CryptMsgUpdate(msg, rgpbToBeHashed[i], rgcbToBeHashed[i],
 258              i == cToBeHashed - 1 ? TRUE : FALSE);
 259         if (ret)
 260         {
 261             ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, pbHashedBlob,
 262              pcbHashedBlob);
 263             if (ret && pcbComputedHash)
 264                 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0,
 265                  pbComputedHash, pcbComputedHash);
 266         }
 267         CryptMsgClose(msg);
 268     }
 269     return ret;
 270 }