search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
gdi32: PATH_ExtTextOut remove incorrect shift to DC origin.
[wine/hacks.git] / dlls / crypt32 / object.c
blobe880f089090d21da132c632f49496d7dc0bb784e
1 /*
2 * crypt32 Crypt*Object functions
3 *
4 * Copyright 2007 Juan Lang
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20 #include <stdarg.h>
21 #define NONAMELESSUNION
22 #include "windef.h"
23 #include "winbase.h"
24 #include "wincrypt.h"
25 #include "mssip.h"
26 #include "winuser.h"
27 #include "wintrust.h"
28 #include "crypt32_private.h"
29 #include "cryptres.h"
30 #include "wine/unicode.h"
31 #include "wine/debug.h"
32
33 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
34
35 static BOOL CRYPT_ReadBlobFromFile(LPCWSTR fileName, PCERT_BLOB blob)
36 {
37 BOOL ret = FALSE;
38 HANDLE file;
39
40 TRACE("%s\n", debugstr_w(fileName));
41
42 file = CreateFileW(fileName, GENERIC_READ, FILE_SHARE_READ, NULL,
43 OPEN_EXISTING, 0, NULL);
44 if (file != INVALID_HANDLE_VALUE)
45 {
46 ret = TRUE;
47 blob->cbData = GetFileSize(file, NULL);
48 if (blob->cbData)
49 {
50 blob->pbData = CryptMemAlloc(blob->cbData);
51 if (blob->pbData)
52 {
53 DWORD read;
54
55 ret = ReadFile(file, blob->pbData, blob->cbData, &read, NULL);
56 }
57 }
58 CloseHandle(file);
59 }
60 TRACE("returning %d\n", ret);
61 return ret;
62 }
63
64 static BOOL CRYPT_QueryContextBlob(const CERT_BLOB *blob,
65 DWORD dwExpectedContentTypeFlags, HCERTSTORE store,
66 DWORD *contentType, const void **ppvContext)
67 {
68 BOOL ret = FALSE;
69
70 if (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_CERT)
71 {
72 ret = pCertInterface->addEncodedToStore(store, X509_ASN_ENCODING,
73 blob->pbData, blob->cbData, CERT_STORE_ADD_ALWAYS, ppvContext);
74 if (ret && contentType)
75 *contentType = CERT_QUERY_CONTENT_CERT;
76 }
77 if (!ret && (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_CRL))
78 {
79 ret = pCRLInterface->addEncodedToStore(store, X509_ASN_ENCODING,
80 blob->pbData, blob->cbData, CERT_STORE_ADD_ALWAYS, ppvContext);
81 if (ret && contentType)
82 *contentType = CERT_QUERY_CONTENT_CRL;
83 }
84 if (!ret && (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_CTL))
85 {
86 ret = pCTLInterface->addEncodedToStore(store, X509_ASN_ENCODING,
87 blob->pbData, blob->cbData, CERT_STORE_ADD_ALWAYS, ppvContext);
88 if (ret && contentType)
89 *contentType = CERT_QUERY_CONTENT_CTL;
90 }
91 return ret;
92 }
93
94 static BOOL CRYPT_QueryContextObject(DWORD dwObjectType, const void *pvObject,
95 DWORD dwExpectedContentTypeFlags, DWORD dwExpectedFormatTypeFlags,
96 DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType, DWORD *pdwFormatType,
97 HCERTSTORE *phCertStore, const void **ppvContext)
98 {
99 CERT_BLOB fileBlob;
100 const CERT_BLOB *blob;
101 HCERTSTORE store;
102 BOOL ret;
103 DWORD formatType = 0;
104
105 switch (dwObjectType)
106 {
107 case CERT_QUERY_OBJECT_FILE:
108 /* Cert, CRL, and CTL contexts can't be "embedded" in a file, so
109 * just read the file directly
110 */
111 ret = CRYPT_ReadBlobFromFile(pvObject, &fileBlob);
112 blob = &fileBlob;
113 break;
114 case CERT_QUERY_OBJECT_BLOB:
115 blob = pvObject;
116 ret = TRUE;
117 break;
118 default:
119 SetLastError(E_INVALIDARG); /* FIXME: is this the correct error? */
120 ret = FALSE;
121 }
122 if (!ret)
123 return FALSE;
124
125 ret = FALSE;
126 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
127 CERT_STORE_CREATE_NEW_FLAG, NULL);
128 if (dwExpectedFormatTypeFlags & CERT_QUERY_FORMAT_FLAG_BINARY)
129 {
130 ret = CRYPT_QueryContextBlob(blob, dwExpectedContentTypeFlags, store,
131 pdwContentType, ppvContext);
132 if (ret)
133 formatType = CERT_QUERY_FORMAT_BINARY;
134 }
135 if (!ret &&
136 (dwExpectedFormatTypeFlags & CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED))
137 {
138 CRYPT_DATA_BLOB trimmed = { blob->cbData, blob->pbData };
139 CRYPT_DATA_BLOB decoded;
140
141 while (trimmed.cbData && !trimmed.pbData[trimmed.cbData - 1])
142 trimmed.cbData--;
143 ret = CryptStringToBinaryA((LPSTR)trimmed.pbData, trimmed.cbData,
144 CRYPT_STRING_BASE64_ANY, NULL, &decoded.cbData, NULL, NULL);
145 if (ret)
146 {
147 decoded.pbData = CryptMemAlloc(decoded.cbData);
148 if (decoded.pbData)
149 {
150 ret = CryptStringToBinaryA((LPSTR)trimmed.pbData,
151 trimmed.cbData, CRYPT_STRING_BASE64_ANY, decoded.pbData,
152 &decoded.cbData, NULL, NULL);
153 if (ret)
154 {
155 ret = CRYPT_QueryContextBlob(&decoded,
156 dwExpectedContentTypeFlags, store, pdwContentType,
157 ppvContext);
158 if (ret)
159 formatType = CERT_QUERY_FORMAT_BASE64_ENCODED;
160 }
161 CryptMemFree(decoded.pbData);
162 }
163 else
164 ret = FALSE;
165 }
166 }
167 if (ret)
168 {
169 if (pdwMsgAndCertEncodingType)
170 *pdwMsgAndCertEncodingType = X509_ASN_ENCODING;
171 if (pdwFormatType)
172 *pdwFormatType = formatType;
173 if (phCertStore)
174 *phCertStore = CertDuplicateStore(store);
175 }
176 CertCloseStore(store, 0);
177 if (blob == &fileBlob)
178 CryptMemFree(blob->pbData);
179 TRACE("returning %d\n", ret);
180 return ret;
181 }
182
183 static BOOL CRYPT_QuerySerializedContextObject(DWORD dwObjectType,
184 const void *pvObject, DWORD dwExpectedContentTypeFlags,
185 DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType,
186 HCERTSTORE *phCertStore, const void **ppvContext)
187 {
188 CERT_BLOB fileBlob;
189 const CERT_BLOB *blob;
190 const WINE_CONTEXT_INTERFACE *contextInterface = NULL;
191 const void *context;
192 DWORD contextType;
193 BOOL ret;
194
195 switch (dwObjectType)
196 {
197 case CERT_QUERY_OBJECT_FILE:
198 /* Cert, CRL, and CTL contexts can't be "embedded" in a file, so
199 * just read the file directly
200 */
201 ret = CRYPT_ReadBlobFromFile(pvObject, &fileBlob);
202 blob = &fileBlob;
203 break;
204 case CERT_QUERY_OBJECT_BLOB:
205 blob = pvObject;
206 ret = TRUE;
207 break;
208 default:
209 SetLastError(E_INVALIDARG); /* FIXME: is this the correct error? */
210 ret = FALSE;
211 }
212 if (!ret)
213 return FALSE;
214
215 ret = FALSE;
216 context = CRYPT_ReadSerializedElement(blob->pbData, blob->cbData,
217 CERT_STORE_ALL_CONTEXT_FLAG, &contextType);
218 if (context)
219 {
220 DWORD contentType, certStoreOffset;
221
222 ret = TRUE;
223 switch (contextType)
224 {
225 case CERT_STORE_CERTIFICATE_CONTEXT:
226 contextInterface = pCertInterface;
227 contentType = CERT_QUERY_CONTENT_SERIALIZED_CERT;
228 certStoreOffset = offsetof(CERT_CONTEXT, hCertStore);
229 if (!(dwExpectedContentTypeFlags &
230 CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT))
231 {
232 SetLastError(ERROR_INVALID_DATA);
233 ret = FALSE;
234 goto end;
235 }
236 break;
237 case CERT_STORE_CRL_CONTEXT:
238 contextInterface = pCRLInterface;
239 contentType = CERT_QUERY_CONTENT_SERIALIZED_CRL;
240 certStoreOffset = offsetof(CRL_CONTEXT, hCertStore);
241 if (!(dwExpectedContentTypeFlags &
242 CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL))
243 {
244 SetLastError(ERROR_INVALID_DATA);
245 ret = FALSE;
246 goto end;
247 }
248 break;
249 case CERT_STORE_CTL_CONTEXT:
250 contextInterface = pCTLInterface;
251 contentType = CERT_QUERY_CONTENT_SERIALIZED_CTL;
252 certStoreOffset = offsetof(CTL_CONTEXT, hCertStore);
253 if (!(dwExpectedContentTypeFlags &
254 CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL))
255 {
256 SetLastError(ERROR_INVALID_DATA);
257 ret = FALSE;
258 goto end;
259 }
260 break;
261 default:
262 SetLastError(ERROR_INVALID_DATA);
263 ret = FALSE;
264 goto end;
265 }
266 if (pdwMsgAndCertEncodingType)
267 *pdwMsgAndCertEncodingType = X509_ASN_ENCODING;
268 if (pdwContentType)
269 *pdwContentType = contentType;
270 if (phCertStore)
271 *phCertStore = CertDuplicateStore(
272 *(HCERTSTORE *)((const BYTE *)context + certStoreOffset));
273 if (ppvContext)
274 *ppvContext = contextInterface->duplicate(context);
275 }
276
277 end:
278 if (contextInterface && context)
279 contextInterface->free(context);
280 if (blob == &fileBlob)
281 CryptMemFree(blob->pbData);
282 TRACE("returning %d\n", ret);
283 return ret;
284 }
285
286 static BOOL CRYPT_QuerySerializedStoreObject(DWORD dwObjectType,
287 const void *pvObject, DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType,
288 HCERTSTORE *phCertStore, HCRYPTMSG *phMsg)
289 {
290 LPCWSTR fileName = pvObject;
291 HANDLE file;
292 BOOL ret = FALSE;
293
294 if (dwObjectType != CERT_QUERY_OBJECT_FILE)
295 {
296 FIXME("unimplemented for non-file type %d\n", dwObjectType);
297 SetLastError(E_INVALIDARG); /* FIXME: is this the correct error? */
298 return FALSE;
299 }
300 TRACE("%s\n", debugstr_w(fileName));
301 file = CreateFileW(fileName, GENERIC_READ, FILE_SHARE_READ, NULL,
302 OPEN_EXISTING, 0, NULL);
303 if (file != INVALID_HANDLE_VALUE)
304 {
305 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
306 CERT_STORE_CREATE_NEW_FLAG, NULL);
307
308 ret = CRYPT_ReadSerializedStoreFromFile(file, store);
309 if (ret)
310 {
311 if (pdwMsgAndCertEncodingType)
312 *pdwMsgAndCertEncodingType = X509_ASN_ENCODING;
313 if (pdwContentType)
314 *pdwContentType = CERT_QUERY_CONTENT_SERIALIZED_STORE;
315 if (phCertStore)
316 *phCertStore = CertDuplicateStore(store);
317 }
318 CertCloseStore(store, 0);
319 CloseHandle(file);
320 }
321 TRACE("returning %d\n", ret);
322 return ret;
323 }
324
325 static BOOL CRYPT_QuerySignedMessage(const CRYPT_DATA_BLOB *blob,
326 DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType, HCRYPTMSG *phMsg)
327 {
328 DWORD encodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
329 BOOL ret = FALSE;
330 HCRYPTMSG msg;
331
332 if ((msg = CryptMsgOpenToDecode(encodingType, 0, 0, 0, NULL, NULL)))
333 {
334 ret = CryptMsgUpdate(msg, blob->pbData, blob->cbData, TRUE);
335 if (ret)
336 {
337 DWORD type, len = sizeof(type);
338
339 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, &type, &len);
340 if (ret)
341 {
342 if (type != CMSG_SIGNED)
343 {
344 SetLastError(ERROR_INVALID_DATA);
345 ret = FALSE;
346 }
347 }
348 }
349 if (!ret)
350 {
351 CryptMsgClose(msg);
352 msg = CryptMsgOpenToDecode(encodingType, 0, CMSG_SIGNED, 0, NULL,
353 NULL);
354 if (msg)
355 {
356 ret = CryptMsgUpdate(msg, blob->pbData, blob->cbData, TRUE);
357 if (!ret)
358 {
359 CryptMsgClose(msg);
360 msg = NULL;
361 }
362 }
363 }
364 }
365 if (ret)
366 {
367 if (pdwMsgAndCertEncodingType)
368 *pdwMsgAndCertEncodingType = encodingType;
369 if (pdwContentType)
370 *pdwContentType = CERT_QUERY_CONTENT_PKCS7_SIGNED;
371 if (phMsg)
372 *phMsg = msg;
373 }
374 return ret;
375 }
376
377 static BOOL CRYPT_QueryUnsignedMessage(const CRYPT_DATA_BLOB *blob,
378 DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType, HCRYPTMSG *phMsg)
379 {
380 DWORD encodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
381 BOOL ret = FALSE;
382 HCRYPTMSG msg;
383
384 if ((msg = CryptMsgOpenToDecode(encodingType, 0, 0, 0, NULL, NULL)))
385 {
386 ret = CryptMsgUpdate(msg, blob->pbData, blob->cbData, TRUE);
387 if (ret)
388 {
389 DWORD type, len = sizeof(type);
390
391 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, &type, &len);
392 if (ret)
393 {
394 if (type != CMSG_DATA)
395 {
396 SetLastError(ERROR_INVALID_DATA);
397 ret = FALSE;
398 }
399 }
400 }
401 if (!ret)
402 {
403 CryptMsgClose(msg);
404 msg = CryptMsgOpenToDecode(encodingType, 0, CMSG_DATA, 0,
405 NULL, NULL);
406 if (msg)
407 {
408 ret = CryptMsgUpdate(msg, blob->pbData, blob->cbData, TRUE);
409 if (!ret)
410 {
411 CryptMsgClose(msg);
412 msg = NULL;
413 }
414 }
415 }
416 }
417 if (ret)
418 {
419 if (pdwMsgAndCertEncodingType)
420 *pdwMsgAndCertEncodingType = encodingType;
421 if (pdwContentType)
422 *pdwContentType = CERT_QUERY_CONTENT_PKCS7_SIGNED;
423 if (phMsg)
424 *phMsg = msg;
425 }
426 return ret;
427 }
428
429 /* Used to decode non-embedded messages */
430 static BOOL CRYPT_QueryMessageObject(DWORD dwObjectType, const void *pvObject,
431 DWORD dwExpectedContentTypeFlags, DWORD dwExpectedFormatTypeFlags,
432 DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType, DWORD *pdwFormatType,
433 HCERTSTORE *phCertStore, HCRYPTMSG *phMsg)
434 {
435 CERT_BLOB fileBlob;
436 const CERT_BLOB *blob;
437 BOOL ret;
438 HCRYPTMSG msg = NULL;
439 DWORD encodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
440 DWORD formatType = 0;
441
442 TRACE("(%d, %p, %08x, %08x, %p, %p, %p, %p, %p)\n", dwObjectType, pvObject,
443 dwExpectedContentTypeFlags, dwExpectedFormatTypeFlags,
444 pdwMsgAndCertEncodingType, pdwContentType, pdwFormatType, phCertStore,
445 phMsg);
446
447 switch (dwObjectType)
448 {
449 case CERT_QUERY_OBJECT_FILE:
450 /* This isn't an embedded PKCS7 message, so just read the file
451 * directly
452 */
453 ret = CRYPT_ReadBlobFromFile(pvObject, &fileBlob);
454 blob = &fileBlob;
455 break;
456 case CERT_QUERY_OBJECT_BLOB:
457 blob = pvObject;
458 ret = TRUE;
459 break;
460 default:
461 SetLastError(E_INVALIDARG); /* FIXME: is this the correct error? */
462 ret = FALSE;
463 }
464 if (!ret)
465 return FALSE;
466
467 ret = FALSE;
468 if (dwExpectedFormatTypeFlags & CERT_QUERY_FORMAT_FLAG_BINARY)
469 {
470 /* Try it first as a signed message */
471 if (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED)
472 ret = CRYPT_QuerySignedMessage(blob, pdwMsgAndCertEncodingType,
473 pdwContentType, &msg);
474 /* Failing that, try as an unsigned message */
475 if (!ret &&
476 (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED))
477 ret = CRYPT_QueryUnsignedMessage(blob, pdwMsgAndCertEncodingType,
478 pdwContentType, &msg);
479 if (ret)
480 formatType = CERT_QUERY_FORMAT_BINARY;
481 }
482 if (!ret &&
483 (dwExpectedFormatTypeFlags & CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED))
484 {
485 CRYPT_DATA_BLOB trimmed = { blob->cbData, blob->pbData };
486 CRYPT_DATA_BLOB decoded;
487
488 while (trimmed.cbData && !trimmed.pbData[trimmed.cbData - 1])
489 trimmed.cbData--;
490 ret = CryptStringToBinaryA((LPSTR)trimmed.pbData, trimmed.cbData,
491 CRYPT_STRING_BASE64_ANY, NULL, &decoded.cbData, NULL, NULL);
492 if (ret)
493 {
494 decoded.pbData = CryptMemAlloc(decoded.cbData);
495 if (decoded.pbData)
496 {
497 ret = CryptStringToBinaryA((LPSTR)trimmed.pbData,
498 trimmed.cbData, CRYPT_STRING_BASE64_ANY, decoded.pbData,
499 &decoded.cbData, NULL, NULL);
500 if (ret)
501 {
502 /* Try it first as a signed message */
503 if (dwExpectedContentTypeFlags &
504 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED)
505 ret = CRYPT_QuerySignedMessage(&decoded,
506 pdwMsgAndCertEncodingType, pdwContentType, &msg);
507 /* Failing that, try as an unsigned message */
508 if (!ret && (dwExpectedContentTypeFlags &
509 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED))
510 ret = CRYPT_QueryUnsignedMessage(&decoded,
511 pdwMsgAndCertEncodingType, pdwContentType, &msg);
512 if (ret)
513 formatType = CERT_QUERY_FORMAT_BASE64_ENCODED;
514 }
515 CryptMemFree(decoded.pbData);
516 }
517 else
518 ret = FALSE;
519 }
520 if (!ret && !(blob->cbData % sizeof(WCHAR)))
521 {
522 CRYPT_DATA_BLOB decoded;
523 LPWSTR str = (LPWSTR)blob->pbData;
524 DWORD strLen = blob->cbData / sizeof(WCHAR);
525
526 /* Try again, assuming the input string is UTF-16 base64 */
527 while (strLen && !str[strLen - 1])
528 strLen--;
529 ret = CryptStringToBinaryW(str, strLen, CRYPT_STRING_BASE64_ANY,
530 NULL, &decoded.cbData, NULL, NULL);
531 if (ret)
532 {
533 decoded.pbData = CryptMemAlloc(decoded.cbData);
534 if (decoded.pbData)
535 {
536 ret = CryptStringToBinaryW(str, strLen,
537 CRYPT_STRING_BASE64_ANY, decoded.pbData, &decoded.cbData,
538 NULL, NULL);
539 if (ret)
540 {
541 /* Try it first as a signed message */
542 if (dwExpectedContentTypeFlags &
543 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED)
544 ret = CRYPT_QuerySignedMessage(&decoded,
545 pdwMsgAndCertEncodingType, pdwContentType, &msg);
546 /* Failing that, try as an unsigned message */
547 if (!ret && (dwExpectedContentTypeFlags &
548 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED))
549 ret = CRYPT_QueryUnsignedMessage(&decoded,
550 pdwMsgAndCertEncodingType, pdwContentType, &msg);
551 if (ret)
552 formatType = CERT_QUERY_FORMAT_BASE64_ENCODED;
553 }
554 CryptMemFree(decoded.pbData);
555 }
556 else
557 ret = FALSE;
558 }
559 }
560 }
561 if (ret)
562 {
563 if (pdwFormatType)
564 *pdwFormatType = formatType;
565 if (phMsg)
566 *phMsg = msg;
567 if (phCertStore)
568 *phCertStore = CertOpenStore(CERT_STORE_PROV_MSG, encodingType, 0,
569 0, msg);
570 }
571 if (blob == &fileBlob)
572 CryptMemFree(blob->pbData);
573 TRACE("returning %d\n", ret);
574 return ret;
575 }
576
577 static BOOL CRYPT_QueryEmbeddedMessageObject(DWORD dwObjectType,
578 const void *pvObject, DWORD dwExpectedContentTypeFlags,
579 DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType,
580 HCERTSTORE *phCertStore, HCRYPTMSG *phMsg)
581 {
582 HANDLE file;
583 GUID subject;
584 BOOL ret = FALSE;
585
586 TRACE("%s\n", debugstr_w(pvObject));
587
588 if (dwObjectType != CERT_QUERY_OBJECT_FILE)
589 {
590 WARN("don't know what to do for type %d embedded signed messages\n",
591 dwObjectType);
592 SetLastError(E_INVALIDARG);
593 return FALSE;
594 }
595 file = CreateFileW(pvObject, GENERIC_READ, FILE_SHARE_READ,
596 NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
597 if (file != INVALID_HANDLE_VALUE)
598 {
599 ret = CryptSIPRetrieveSubjectGuid(pvObject, file, &subject);
600 if (ret)
601 {
602 SIP_DISPATCH_INFO sip;
603
604 memset(&sip, 0, sizeof(sip));
605 sip.cbSize = sizeof(sip);
606 ret = CryptSIPLoad(&subject, 0, &sip);
607 if (ret)
608 {
609 SIP_SUBJECTINFO subjectInfo;
610 CERT_BLOB blob;
611 DWORD encodingType;
612
613 memset(&subjectInfo, 0, sizeof(subjectInfo));
614 subjectInfo.cbSize = sizeof(subjectInfo);
615 subjectInfo.pgSubjectType = &subject;
616 subjectInfo.hFile = file;
617 subjectInfo.pwsFileName = pvObject;
618 ret = sip.pfGet(&subjectInfo, &encodingType, 0, &blob.cbData,
619 NULL);
620 if (ret)
621 {
622 blob.pbData = CryptMemAlloc(blob.cbData);
623 if (blob.pbData)
624 {
625 ret = sip.pfGet(&subjectInfo, &encodingType, 0,
626 &blob.cbData, blob.pbData);
627 if (ret)
628 {
629 ret = CRYPT_QueryMessageObject(
630 CERT_QUERY_OBJECT_BLOB, &blob,
631 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED,
632 CERT_QUERY_FORMAT_FLAG_BINARY,
633 pdwMsgAndCertEncodingType, NULL, NULL,
634 phCertStore, phMsg);
635 if (ret && pdwContentType)
636 *pdwContentType =
637 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED;
638 }
639 CryptMemFree(blob.pbData);
640 }
641 else
642 {
643 SetLastError(ERROR_OUTOFMEMORY);
644 ret = FALSE;
645 }
646 }
647 }
648 }
649 CloseHandle(file);
650 }
651 TRACE("returning %d\n", ret);
652 return ret;
653 }
654
655 BOOL WINAPI CryptQueryObject(DWORD dwObjectType, const void *pvObject,
656 DWORD dwExpectedContentTypeFlags, DWORD dwExpectedFormatTypeFlags,
657 DWORD dwFlags, DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType,
658 DWORD *pdwFormatType, HCERTSTORE *phCertStore, HCRYPTMSG *phMsg,
659 const void **ppvContext)
660 {
661 static const DWORD unimplementedTypes =
662 CERT_QUERY_CONTENT_FLAG_PKCS10 | CERT_QUERY_CONTENT_FLAG_PFX |
663 CERT_QUERY_CONTENT_FLAG_CERT_PAIR;
664 BOOL ret = TRUE;
665
666 TRACE("(%08x, %p, %08x, %08x, %08x, %p, %p, %p, %p, %p, %p)\n",
667 dwObjectType, pvObject, dwExpectedContentTypeFlags,
668 dwExpectedFormatTypeFlags, dwFlags, pdwMsgAndCertEncodingType,
669 pdwContentType, pdwFormatType, phCertStore, phMsg, ppvContext);
670
671 if (dwObjectType != CERT_QUERY_OBJECT_BLOB &&
672 dwObjectType != CERT_QUERY_OBJECT_FILE)
673 {
674 WARN("unsupported type %d\n", dwObjectType);
675 SetLastError(E_INVALIDARG);
676 return FALSE;
677 }
678 if (!pvObject)
679 {
680 WARN("missing required argument\n");
681 SetLastError(E_INVALIDARG);
682 return FALSE;
683 }
684 if (dwExpectedContentTypeFlags & unimplementedTypes)
685 WARN("unimplemented for types %08x\n",
686 dwExpectedContentTypeFlags & unimplementedTypes);
687
688 if (pdwFormatType)
689 *pdwFormatType = CERT_QUERY_FORMAT_BINARY;
690 if (phCertStore)
691 *phCertStore = NULL;
692 if (phMsg)
693 *phMsg = NULL;
694 if (ppvContext)
695 *ppvContext = NULL;
696
697 ret = FALSE;
698 if ((dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_CERT) ||
699 (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_CRL) ||
700 (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_CTL))
701 {
702 ret = CRYPT_QueryContextObject(dwObjectType, pvObject,
703 dwExpectedContentTypeFlags, dwExpectedFormatTypeFlags,
704 pdwMsgAndCertEncodingType, pdwContentType, pdwFormatType, phCertStore,
705 ppvContext);
706 }
707 if (!ret &&
708 (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE))
709 {
710 ret = CRYPT_QuerySerializedStoreObject(dwObjectType, pvObject,
711 pdwMsgAndCertEncodingType, pdwContentType, phCertStore, phMsg);
712 }
713 if (!ret &&
714 ((dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT) ||
715 (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL) ||
716 (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL)))
717 {
718 ret = CRYPT_QuerySerializedContextObject(dwObjectType, pvObject,
719 dwExpectedContentTypeFlags, pdwMsgAndCertEncodingType, pdwContentType,
720 phCertStore, ppvContext);
721 }
722 if (!ret &&
723 ((dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED) ||
724 (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED)))
725 {
726 ret = CRYPT_QueryMessageObject(dwObjectType, pvObject,
727 dwExpectedContentTypeFlags, dwExpectedFormatTypeFlags,
728 pdwMsgAndCertEncodingType, pdwContentType, pdwFormatType,
729 phCertStore, phMsg);
730 }
731 if (!ret &&
732 (dwExpectedContentTypeFlags & CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED))
733 {
734 ret = CRYPT_QueryEmbeddedMessageObject(dwObjectType, pvObject,
735 dwExpectedContentTypeFlags, pdwMsgAndCertEncodingType, pdwContentType,
736 phCertStore, phMsg);
737 }
738 if (!ret)
739 SetLastError(CRYPT_E_NO_MATCH);
740 TRACE("returning %d\n", ret);
741 return ret;
742 }
743
744 static BOOL WINAPI CRYPT_FormatHexString(DWORD dwCertEncodingType,
745 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
746 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
747 DWORD *pcbFormat)
748 {
749 BOOL ret;
750 DWORD bytesNeeded;
751
752 if (cbEncoded)
753 bytesNeeded = (cbEncoded * 3) * sizeof(WCHAR);
754 else
755 bytesNeeded = sizeof(WCHAR);
756 if (!pbFormat)
757 {
758 *pcbFormat = bytesNeeded;
759 ret = TRUE;
760 }
761 else if (*pcbFormat < bytesNeeded)
762 {
763 *pcbFormat = bytesNeeded;
764 SetLastError(ERROR_MORE_DATA);
765 ret = FALSE;
766 }
767 else
768 {
769 static const WCHAR fmt[] = { '%','0','2','x',' ',0 };
770 static const WCHAR endFmt[] = { '%','0','2','x',0 };
771 DWORD i;
772 LPWSTR ptr = pbFormat;
773
774 *pcbFormat = bytesNeeded;
775 if (cbEncoded)
776 {
777 for (i = 0; i < cbEncoded; i++)
778 {
779 if (i < cbEncoded - 1)
780 ptr += sprintfW(ptr, fmt, pbEncoded[i]);
781 else
782 ptr += sprintfW(ptr, endFmt, pbEncoded[i]);
783 }
784 }
785 else
786 *ptr = 0;
787 ret = TRUE;
788 }
789 return ret;
790 }
791
792 #define MAX_STRING_RESOURCE_LEN 128
793
794 static const WCHAR commaSpace[] = { ',',' ',0 };
795
796 struct BitToString
797 {
798 BYTE bit;
799 int id;
800 WCHAR str[MAX_STRING_RESOURCE_LEN];
801 };
802
803 static BOOL CRYPT_FormatBits(BYTE bits, const struct BitToString *map,
804 DWORD mapEntries, void *pbFormat, DWORD *pcbFormat, BOOL *first)
805 {
806 DWORD bytesNeeded = sizeof(WCHAR);
807 int i;
808 BOOL ret = TRUE, localFirst = *first;
809
810 for (i = 0; i < mapEntries; i++)
811 if (bits & map[i].bit)
812 {
813 if (!localFirst)
814 bytesNeeded += strlenW(commaSpace) * sizeof(WCHAR);
815 localFirst = FALSE;
816 bytesNeeded += strlenW(map[i].str) * sizeof(WCHAR);
817 }
818 if (!pbFormat)
819 {
820 *first = localFirst;
821 *pcbFormat = bytesNeeded;
822 }
823 else if (*pcbFormat < bytesNeeded)
824 {
825 *first = localFirst;
826 *pcbFormat = bytesNeeded;
827 SetLastError(ERROR_MORE_DATA);
828 ret = FALSE;
829 }
830 else
831 {
832 LPWSTR str = pbFormat;
833
834 localFirst = *first;
835 *pcbFormat = bytesNeeded;
836 for (i = 0; i < mapEntries; i++)
837 if (bits & map[i].bit)
838 {
839 if (!localFirst)
840 {
841 strcpyW(str, commaSpace);
842 str += strlenW(commaSpace);
843 }
844 localFirst = FALSE;
845 strcpyW(str, map[i].str);
846 str += strlenW(map[i].str);
847 }
848 *first = localFirst;
849 }
850 return ret;
851 }
852
853 static struct BitToString keyUsageByte0Map[] = {
854 { CERT_DIGITAL_SIGNATURE_KEY_USAGE, IDS_DIGITAL_SIGNATURE, { 0 } },
855 { CERT_NON_REPUDIATION_KEY_USAGE, IDS_NON_REPUDIATION, { 0 } },
856 { CERT_KEY_ENCIPHERMENT_KEY_USAGE, IDS_KEY_ENCIPHERMENT, { 0 } },
857 { CERT_DATA_ENCIPHERMENT_KEY_USAGE, IDS_DATA_ENCIPHERMENT, { 0 } },
858 { CERT_KEY_AGREEMENT_KEY_USAGE, IDS_KEY_AGREEMENT, { 0 } },
859 { CERT_KEY_CERT_SIGN_KEY_USAGE, IDS_CERT_SIGN, { 0 } },
860 { CERT_OFFLINE_CRL_SIGN_KEY_USAGE, IDS_OFFLINE_CRL_SIGN, { 0 } },
861 { CERT_CRL_SIGN_KEY_USAGE, IDS_CRL_SIGN, { 0 } },
862 { CERT_ENCIPHER_ONLY_KEY_USAGE, IDS_ENCIPHER_ONLY, { 0 } },
863 };
864 static struct BitToString keyUsageByte1Map[] = {
865 { CERT_DECIPHER_ONLY_KEY_USAGE, IDS_DECIPHER_ONLY, { 0 } },
866 };
867
868 static BOOL WINAPI CRYPT_FormatKeyUsage(DWORD dwCertEncodingType,
869 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
870 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
871 DWORD *pcbFormat)
872 {
873 DWORD size;
874 CRYPT_BIT_BLOB *bits;
875 BOOL ret;
876
877 if (!cbEncoded)
878 {
879 SetLastError(E_INVALIDARG);
880 return FALSE;
881 }
882 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_KEY_USAGE,
883 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &bits, &size)))
884 {
885 WCHAR infoNotAvailable[MAX_STRING_RESOURCE_LEN];
886 DWORD bytesNeeded = sizeof(WCHAR);
887
888 LoadStringW(hInstance, IDS_INFO_NOT_AVAILABLE, infoNotAvailable,
889 sizeof(infoNotAvailable) / sizeof(infoNotAvailable[0]));
890 if (!bits->cbData || bits->cbData > 2)
891 {
892 bytesNeeded += strlenW(infoNotAvailable) * sizeof(WCHAR);
893 if (!pbFormat)
894 *pcbFormat = bytesNeeded;
895 else if (*pcbFormat < bytesNeeded)
896 {
897 *pcbFormat = bytesNeeded;
898 SetLastError(ERROR_MORE_DATA);
899 ret = FALSE;
900 }
901 else
902 {
903 LPWSTR str = pbFormat;
904
905 *pcbFormat = bytesNeeded;
906 strcpyW(str, infoNotAvailable);
907 }
908 }
909 else
910 {
911 static BOOL stringsLoaded = FALSE;
912 int i;
913 DWORD bitStringLen;
914 BOOL first = TRUE;
915
916 if (!stringsLoaded)
917 {
918 for (i = 0;
919 i < sizeof(keyUsageByte0Map) / sizeof(keyUsageByte0Map[0]);
920 i++)
921 LoadStringW(hInstance, keyUsageByte0Map[i].id,
922 keyUsageByte0Map[i].str, MAX_STRING_RESOURCE_LEN);
923 for (i = 0;
924 i < sizeof(keyUsageByte1Map) / sizeof(keyUsageByte1Map[0]);
925 i++)
926 LoadStringW(hInstance, keyUsageByte1Map[i].id,
927 keyUsageByte1Map[i].str, MAX_STRING_RESOURCE_LEN);
928 stringsLoaded = TRUE;
929 }
930 CRYPT_FormatBits(bits->pbData[0], keyUsageByte0Map,
931 sizeof(keyUsageByte0Map) / sizeof(keyUsageByte0Map[0]),
932 NULL, &bitStringLen, &first);
933 bytesNeeded += bitStringLen;
934 if (bits->cbData == 2)
935 {
936 CRYPT_FormatBits(bits->pbData[1], keyUsageByte1Map,
937 sizeof(keyUsageByte1Map) / sizeof(keyUsageByte1Map[0]),
938 NULL, &bitStringLen, &first);
939 bytesNeeded += bitStringLen;
940 }
941 bytesNeeded += 3 * sizeof(WCHAR); /* " (" + ")" */
942 CRYPT_FormatHexString(0, 0, 0, NULL, NULL, bits->pbData,
943 bits->cbData, NULL, &size);
944 bytesNeeded += size;
945 if (!pbFormat)
946 *pcbFormat = bytesNeeded;
947 else if (*pcbFormat < bytesNeeded)
948 {
949 *pcbFormat = bytesNeeded;
950 SetLastError(ERROR_MORE_DATA);
951 ret = FALSE;
952 }
953 else
954 {
955 LPWSTR str = pbFormat;
956
957 bitStringLen = bytesNeeded;
958 first = TRUE;
959 CRYPT_FormatBits(bits->pbData[0], keyUsageByte0Map,
960 sizeof(keyUsageByte0Map) / sizeof(keyUsageByte0Map[0]),
961 str, &bitStringLen, &first);
962 str += bitStringLen / sizeof(WCHAR) - 1;
963 if (bits->cbData == 2)
964 {
965 bitStringLen = bytesNeeded;
966 CRYPT_FormatBits(bits->pbData[1], keyUsageByte1Map,
967 sizeof(keyUsageByte1Map) / sizeof(keyUsageByte1Map[0]),
968 str, &bitStringLen, &first);
969 str += bitStringLen / sizeof(WCHAR) - 1;
970 }
971 *str++ = ' ';
972 *str++ = '(';
973 CRYPT_FormatHexString(0, 0, 0, NULL, NULL, bits->pbData,
974 bits->cbData, str, &size);
975 str += size / sizeof(WCHAR) - 1;
976 *str++ = ')';
977 *str = 0;
978 }
979 }
980 LocalFree(bits);
981 }
982 return ret;
983 }
984
985 static const WCHAR crlf[] = { '\r','\n',0 };
986
987 static WCHAR subjectTypeHeader[MAX_STRING_RESOURCE_LEN];
988 static WCHAR subjectTypeCA[MAX_STRING_RESOURCE_LEN];
989 static WCHAR subjectTypeEndCert[MAX_STRING_RESOURCE_LEN];
990 static WCHAR pathLengthHeader[MAX_STRING_RESOURCE_LEN];
991
992 static BOOL WINAPI CRYPT_FormatBasicConstraints2(DWORD dwCertEncodingType,
993 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
994 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
995 DWORD *pcbFormat)
996 {
997 DWORD size;
998 CERT_BASIC_CONSTRAINTS2_INFO *info;
999 BOOL ret;
1000
1001 if (!cbEncoded)
1002 {
1003 SetLastError(E_INVALIDARG);
1004 return FALSE;
1005 }
1006 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_BASIC_CONSTRAINTS2,
1007 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &info, &size)))
1008 {
1009 static const WCHAR pathFmt[] = { '%','d',0 };
1010 static BOOL stringsLoaded = FALSE;
1011 DWORD bytesNeeded = sizeof(WCHAR); /* space for the NULL terminator */
1012 WCHAR pathLength[MAX_STRING_RESOURCE_LEN];
1013 LPCWSTR sep, subjectType;
1014 DWORD sepLen;
1015
1016 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1017 {
1018 sep = crlf;
1019 sepLen = strlenW(crlf) * sizeof(WCHAR);
1020 }
1021 else
1022 {
1023 sep = commaSpace;
1024 sepLen = strlenW(commaSpace) * sizeof(WCHAR);
1025 }
1026
1027 if (!stringsLoaded)
1028 {
1029 LoadStringW(hInstance, IDS_SUBJECT_TYPE, subjectTypeHeader,
1030 sizeof(subjectTypeHeader) / sizeof(subjectTypeHeader[0]));
1031 LoadStringW(hInstance, IDS_SUBJECT_TYPE_CA, subjectTypeCA,
1032 sizeof(subjectTypeCA) / sizeof(subjectTypeCA[0]));
1033 LoadStringW(hInstance, IDS_SUBJECT_TYPE_END_CERT,
1034 subjectTypeEndCert,
1035 sizeof(subjectTypeEndCert) / sizeof(subjectTypeEndCert[0]));
1036 LoadStringW(hInstance, IDS_PATH_LENGTH, pathLengthHeader,
1037 sizeof(pathLengthHeader) / sizeof(pathLengthHeader[0]));
1038 stringsLoaded = TRUE;
1039 }
1040 bytesNeeded += strlenW(subjectTypeHeader) * sizeof(WCHAR);
1041 if (info->fCA)
1042 subjectType = subjectTypeCA;
1043 else
1044 subjectType = subjectTypeEndCert;
1045 bytesNeeded += strlenW(subjectType) * sizeof(WCHAR);
1046 bytesNeeded += sepLen;
1047 bytesNeeded += strlenW(pathLengthHeader) * sizeof(WCHAR);
1048 if (info->fPathLenConstraint)
1049 sprintfW(pathLength, pathFmt, info->dwPathLenConstraint);
1050 else
1051 LoadStringW(hInstance, IDS_PATH_LENGTH_NONE, pathLength,
1052 sizeof(pathLength) / sizeof(pathLength[0]));
1053 bytesNeeded += strlenW(pathLength) * sizeof(WCHAR);
1054 if (!pbFormat)
1055 *pcbFormat = bytesNeeded;
1056 else if (*pcbFormat < bytesNeeded)
1057 {
1058 *pcbFormat = bytesNeeded;
1059 SetLastError(ERROR_MORE_DATA);
1060 ret = FALSE;
1061 }
1062 else
1063 {
1064 LPWSTR str = pbFormat;
1065
1066 *pcbFormat = bytesNeeded;
1067 strcpyW(str, subjectTypeHeader);
1068 str += strlenW(subjectTypeHeader);
1069 strcpyW(str, subjectType);
1070 str += strlenW(subjectType);
1071 strcpyW(str, sep);
1072 str += sepLen / sizeof(WCHAR);
1073 strcpyW(str, pathLengthHeader);
1074 str += strlenW(pathLengthHeader);
1075 strcpyW(str, pathLength);
1076 str += strlenW(pathLength);
1077 }
1078 LocalFree(info);
1079 }
1080 return ret;
1081 }
1082
1083 static BOOL CRYPT_FormatHexStringWithPrefix(CRYPT_DATA_BLOB *blob, int id,
1084 LPWSTR str, DWORD *pcbStr)
1085 {
1086 WCHAR buf[MAX_STRING_RESOURCE_LEN];
1087 DWORD bytesNeeded;
1088 BOOL ret;
1089
1090 LoadStringW(hInstance, id, buf, sizeof(buf) / sizeof(buf[0]));
1091 CRYPT_FormatHexString(X509_ASN_ENCODING, 0, 0, NULL, NULL,
1092 blob->pbData, blob->cbData, NULL, &bytesNeeded);
1093 bytesNeeded += strlenW(buf) * sizeof(WCHAR);
1094 if (!str)
1095 {
1096 *pcbStr = bytesNeeded;
1097 ret = TRUE;
1098 }
1099 else if (*pcbStr < bytesNeeded)
1100 {
1101 *pcbStr = bytesNeeded;
1102 SetLastError(ERROR_MORE_DATA);
1103 ret = FALSE;
1104 }
1105 else
1106 {
1107 *pcbStr = bytesNeeded;
1108 strcpyW(str, buf);
1109 str += strlenW(str);
1110 bytesNeeded -= strlenW(str) * sizeof(WCHAR);
1111 ret = CRYPT_FormatHexString(X509_ASN_ENCODING, 0, 0, NULL, NULL,
1112 blob->pbData, blob->cbData, str, &bytesNeeded);
1113 }
1114 return ret;
1115 }
1116
1117 static BOOL CRYPT_FormatKeyId(CRYPT_DATA_BLOB *keyId, LPWSTR str,
1118 DWORD *pcbStr)
1119 {
1120 return CRYPT_FormatHexStringWithPrefix(keyId, IDS_KEY_ID, str, pcbStr);
1121 }
1122
1123 static BOOL CRYPT_FormatCertSerialNumber(CRYPT_DATA_BLOB *serialNum, LPWSTR str,
1124 DWORD *pcbStr)
1125 {
1126 return CRYPT_FormatHexStringWithPrefix(serialNum, IDS_CERT_SERIAL_NUMBER,
1127 str, pcbStr);
1128 }
1129
1130 static const WCHAR indent[] = { ' ',' ',' ',' ',' ',0 };
1131 static const WCHAR colonCrlf[] = { ':','\r','\n',0 };
1132
1133 static BOOL CRYPT_FormatAltNameEntry(DWORD dwFormatStrType, DWORD indentLevel,
1134 CERT_ALT_NAME_ENTRY *entry, LPWSTR str, DWORD *pcbStr)
1135 {
1136 BOOL ret;
1137 WCHAR buf[MAX_STRING_RESOURCE_LEN];
1138 WCHAR mask[MAX_STRING_RESOURCE_LEN];
1139 WCHAR ipAddrBuf[32];
1140 WCHAR maskBuf[16];
1141 DWORD bytesNeeded = sizeof(WCHAR);
1142 DWORD strType = CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG;
1143
1144 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1145 bytesNeeded += indentLevel * strlenW(indent) * sizeof(WCHAR);
1146 switch (entry->dwAltNameChoice)
1147 {
1148 case CERT_ALT_NAME_RFC822_NAME:
1149 LoadStringW(hInstance, IDS_ALT_NAME_RFC822_NAME, buf,
1150 sizeof(buf) / sizeof(buf[0]));
1151 bytesNeeded += strlenW(entry->u.pwszRfc822Name) * sizeof(WCHAR);
1152 ret = TRUE;
1153 break;
1154 case CERT_ALT_NAME_DNS_NAME:
1155 LoadStringW(hInstance, IDS_ALT_NAME_DNS_NAME, buf,
1156 sizeof(buf) / sizeof(buf[0]));
1157 bytesNeeded += strlenW(entry->u.pwszDNSName) * sizeof(WCHAR);
1158 ret = TRUE;
1159 break;
1160 case CERT_ALT_NAME_DIRECTORY_NAME:
1161 {
1162 DWORD directoryNameLen;
1163
1164 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1165 strType |= CERT_NAME_STR_CRLF_FLAG;
1166 directoryNameLen = cert_name_to_str_with_indent(X509_ASN_ENCODING,
1167 indentLevel + 1, &entry->u.DirectoryName, strType, NULL, 0);
1168 LoadStringW(hInstance, IDS_ALT_NAME_DIRECTORY_NAME, buf,
1169 sizeof(buf) / sizeof(buf[0]));
1170 bytesNeeded += (directoryNameLen - 1) * sizeof(WCHAR);
1171 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1172 bytesNeeded += strlenW(colonCrlf) * sizeof(WCHAR);
1173 else
1174 bytesNeeded += sizeof(WCHAR); /* '=' */
1175 ret = TRUE;
1176 break;
1177 }
1178 case CERT_ALT_NAME_URL:
1179 LoadStringW(hInstance, IDS_ALT_NAME_URL, buf,
1180 sizeof(buf) / sizeof(buf[0]));
1181 bytesNeeded += strlenW(entry->u.pwszURL) * sizeof(WCHAR);
1182 ret = TRUE;
1183 break;
1184 case CERT_ALT_NAME_IP_ADDRESS:
1185 {
1186 static const WCHAR ipAddrWithMaskFmt[] = { '%','d','.','%','d','.',
1187 '%','d','.','%','d','/','%','d','.','%','d','.','%','d','.','%','d',0
1188 };
1189 static const WCHAR ipAddrFmt[] = { '%','d','.','%','d','.','%','d',
1190 '.','%','d',0 };
1191
1192 LoadStringW(hInstance, IDS_ALT_NAME_IP_ADDRESS, buf,
1193 sizeof(buf) / sizeof(buf[0]));
1194 if (entry->u.IPAddress.cbData == 8)
1195 {
1196 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1197 {
1198 LoadStringW(hInstance, IDS_ALT_NAME_MASK, mask,
1199 sizeof(mask) / sizeof(mask[0]));
1200 bytesNeeded += strlenW(mask) * sizeof(WCHAR);
1201 sprintfW(ipAddrBuf, ipAddrFmt,
1202 entry->u.IPAddress.pbData[0],
1203 entry->u.IPAddress.pbData[1],
1204 entry->u.IPAddress.pbData[2],
1205 entry->u.IPAddress.pbData[3]);
1206 bytesNeeded += strlenW(ipAddrBuf) * sizeof(WCHAR);
1207 /* indent again, for the mask line */
1208 bytesNeeded += indentLevel * strlenW(indent) * sizeof(WCHAR);
1209 sprintfW(maskBuf, ipAddrFmt,
1210 entry->u.IPAddress.pbData[4],
1211 entry->u.IPAddress.pbData[5],
1212 entry->u.IPAddress.pbData[6],
1213 entry->u.IPAddress.pbData[7]);
1214 bytesNeeded += strlenW(maskBuf) * sizeof(WCHAR);
1215 bytesNeeded += strlenW(crlf) * sizeof(WCHAR);
1216 }
1217 else
1218 {
1219 sprintfW(ipAddrBuf, ipAddrWithMaskFmt,
1220 entry->u.IPAddress.pbData[0],
1221 entry->u.IPAddress.pbData[1],
1222 entry->u.IPAddress.pbData[2],
1223 entry->u.IPAddress.pbData[3],
1224 entry->u.IPAddress.pbData[4],
1225 entry->u.IPAddress.pbData[5],
1226 entry->u.IPAddress.pbData[6],
1227 entry->u.IPAddress.pbData[7]);
1228 bytesNeeded += (strlenW(ipAddrBuf) + 1) * sizeof(WCHAR);
1229 }
1230 ret = TRUE;
1231 }
1232 else
1233 {
1234 FIXME("unknown IP address format (%d bytes)\n",
1235 entry->u.IPAddress.cbData);
1236 ret = FALSE;
1237 }
1238 break;
1239 }
1240 default:
1241 FIXME("unimplemented for %d\n", entry->dwAltNameChoice);
1242 ret = FALSE;
1243 }
1244 if (ret)
1245 {
1246 bytesNeeded += strlenW(buf) * sizeof(WCHAR);
1247 if (!str)
1248 *pcbStr = bytesNeeded;
1249 else if (*pcbStr < bytesNeeded)
1250 {
1251 *pcbStr = bytesNeeded;
1252 SetLastError(ERROR_MORE_DATA);
1253 ret = FALSE;
1254 }
1255 else
1256 {
1257 DWORD i;
1258
1259 *pcbStr = bytesNeeded;
1260 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1261 {
1262 for (i = 0; i < indentLevel; i++)
1263 {
1264 strcpyW(str, indent);
1265 str += strlenW(indent);
1266 }
1267 }
1268 strcpyW(str, buf);
1269 str += strlenW(str);
1270 switch (entry->dwAltNameChoice)
1271 {
1272 case CERT_ALT_NAME_RFC822_NAME:
1273 case CERT_ALT_NAME_DNS_NAME:
1274 case CERT_ALT_NAME_URL:
1275 strcpyW(str, entry->u.pwszURL);
1276 break;
1277 case CERT_ALT_NAME_DIRECTORY_NAME:
1278 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1279 {
1280 strcpyW(str, colonCrlf);
1281 str += strlenW(colonCrlf);
1282 }
1283 else
1284 *str++ = '=';
1285 cert_name_to_str_with_indent(X509_ASN_ENCODING,
1286 indentLevel + 1, &entry->u.DirectoryName, strType, str,
1287 bytesNeeded / sizeof(WCHAR));
1288 break;
1289 case CERT_ALT_NAME_IP_ADDRESS:
1290 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1291 {
1292 strcpyW(str, ipAddrBuf);
1293 str += strlenW(ipAddrBuf);
1294 strcpyW(str, crlf);
1295 str += strlenW(crlf);
1296 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1297 {
1298 for (i = 0; i < indentLevel; i++)
1299 {
1300 strcpyW(str, indent);
1301 str += strlenW(indent);
1302 }
1303 }
1304 strcpyW(str, mask);
1305 str += strlenW(mask);
1306 strcpyW(str, maskBuf);
1307 }
1308 else
1309 strcpyW(str, ipAddrBuf);
1310 break;
1311 }
1312 }
1313 }
1314 return ret;
1315 }
1316
1317 static BOOL CRYPT_FormatAltNameInfo(DWORD dwFormatStrType, DWORD indentLevel,
1318 CERT_ALT_NAME_INFO *name, LPWSTR str, DWORD *pcbStr)
1319 {
1320 DWORD i, size, bytesNeeded = 0;
1321 BOOL ret = TRUE;
1322 LPCWSTR sep;
1323 DWORD sepLen;
1324
1325 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1326 {
1327 sep = crlf;
1328 sepLen = strlenW(crlf) * sizeof(WCHAR);
1329 }
1330 else
1331 {
1332 sep = commaSpace;
1333 sepLen = strlenW(commaSpace) * sizeof(WCHAR);
1334 }
1335
1336 for (i = 0; ret && i < name->cAltEntry; i++)
1337 {
1338 ret = CRYPT_FormatAltNameEntry(dwFormatStrType, indentLevel,
1339 &name->rgAltEntry[i], NULL, &size);
1340 if (ret)
1341 {
1342 bytesNeeded += size - sizeof(WCHAR);
1343 if (i < name->cAltEntry - 1)
1344 bytesNeeded += sepLen;
1345 }
1346 }
1347 if (ret)
1348 {
1349 bytesNeeded += sizeof(WCHAR);
1350 if (!str)
1351 *pcbStr = bytesNeeded;
1352 else if (*pcbStr < bytesNeeded)
1353 {
1354 *pcbStr = bytesNeeded;
1355 SetLastError(ERROR_MORE_DATA);
1356 ret = FALSE;
1357 }
1358 else
1359 {
1360 *pcbStr = bytesNeeded;
1361 for (i = 0; ret && i < name->cAltEntry; i++)
1362 {
1363 ret = CRYPT_FormatAltNameEntry(dwFormatStrType, indentLevel,
1364 &name->rgAltEntry[i], str, &size);
1365 if (ret)
1366 {
1367 str += size / sizeof(WCHAR) - 1;
1368 if (i < name->cAltEntry - 1)
1369 {
1370 strcpyW(str, sep);
1371 str += sepLen / sizeof(WCHAR);
1372 }
1373 }
1374 }
1375 }
1376 }
1377 return ret;
1378 }
1379
1380 static const WCHAR colonSep[] = { ':',' ',0 };
1381
1382 static BOOL WINAPI CRYPT_FormatAltName(DWORD dwCertEncodingType,
1383 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
1384 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
1385 DWORD *pcbFormat)
1386 {
1387 BOOL ret;
1388 CERT_ALT_NAME_INFO *info;
1389 DWORD size;
1390
1391 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_ALTERNATE_NAME,
1392 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &info, &size)))
1393 {
1394 ret = CRYPT_FormatAltNameInfo(dwFormatStrType, 0, info, pbFormat, pcbFormat);
1395 LocalFree(info);
1396 }
1397 return ret;
1398 }
1399
1400 static BOOL CRYPT_FormatCertIssuer(DWORD dwFormatStrType,
1401 CERT_ALT_NAME_INFO *issuer, LPWSTR str, DWORD *pcbStr)
1402 {
1403 WCHAR buf[MAX_STRING_RESOURCE_LEN];
1404 DWORD bytesNeeded, sepLen;
1405 LPCWSTR sep;
1406 BOOL ret;
1407
1408 LoadStringW(hInstance, IDS_CERT_ISSUER, buf, sizeof(buf) / sizeof(buf[0]));
1409 ret = CRYPT_FormatAltNameInfo(dwFormatStrType, 1, issuer, NULL,
1410 &bytesNeeded);
1411 bytesNeeded += strlenW(buf) * sizeof(WCHAR);
1412 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1413 {
1414 sep = colonCrlf;
1415 sepLen = strlenW(colonCrlf) * sizeof(WCHAR);
1416 }
1417 else
1418 {
1419 sep = colonSep;
1420 sepLen = strlenW(colonSep) * sizeof(WCHAR);
1421 }
1422 bytesNeeded += sepLen;
1423 if (ret)
1424 {
1425 if (!str)
1426 *pcbStr = bytesNeeded;
1427 else if (*pcbStr < bytesNeeded)
1428 {
1429 *pcbStr = bytesNeeded;
1430 SetLastError(ERROR_MORE_DATA);
1431 ret = FALSE;
1432 }
1433 else
1434 {
1435 *pcbStr = bytesNeeded;
1436 strcpyW(str, buf);
1437 bytesNeeded -= strlenW(str) * sizeof(WCHAR);
1438 str += strlenW(str);
1439 strcpyW(str, sep);
1440 str += sepLen / sizeof(WCHAR);
1441 ret = CRYPT_FormatAltNameInfo(dwFormatStrType, 1, issuer, str,
1442 &bytesNeeded);
1443 }
1444 }
1445 return ret;
1446 }
1447
1448 static BOOL WINAPI CRYPT_FormatAuthorityKeyId2(DWORD dwCertEncodingType,
1449 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
1450 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
1451 DWORD *pcbFormat)
1452 {
1453 CERT_AUTHORITY_KEY_ID2_INFO *info;
1454 DWORD size;
1455 BOOL ret = FALSE;
1456
1457 if (!cbEncoded)
1458 {
1459 SetLastError(E_INVALIDARG);
1460 return FALSE;
1461 }
1462 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_AUTHORITY_KEY_ID2,
1463 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &info, &size)))
1464 {
1465 DWORD bytesNeeded = sizeof(WCHAR); /* space for the NULL terminator */
1466 LPCWSTR sep;
1467 DWORD sepLen;
1468 BOOL needSeparator = FALSE;
1469
1470 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1471 {
1472 sep = crlf;
1473 sepLen = strlenW(crlf) * sizeof(WCHAR);
1474 }
1475 else
1476 {
1477 sep = commaSpace;
1478 sepLen = strlenW(commaSpace) * sizeof(WCHAR);
1479 }
1480
1481 if (info->KeyId.cbData)
1482 {
1483 needSeparator = TRUE;
1484 ret = CRYPT_FormatKeyId(&info->KeyId, NULL, &size);
1485 if (ret)
1486 {
1487 /* don't include NULL-terminator more than once */
1488 bytesNeeded += size - sizeof(WCHAR);
1489 }
1490 }
1491 if (info->AuthorityCertIssuer.cAltEntry)
1492 {
1493 if (needSeparator)
1494 bytesNeeded += sepLen;
1495 needSeparator = TRUE;
1496 ret = CRYPT_FormatCertIssuer(dwFormatStrType,
1497 &info->AuthorityCertIssuer, NULL, &size);
1498 if (ret)
1499 {
1500 /* don't include NULL-terminator more than once */
1501 bytesNeeded += size - sizeof(WCHAR);
1502 }
1503 }
1504 if (info->AuthorityCertSerialNumber.cbData)
1505 {
1506 if (needSeparator)
1507 bytesNeeded += sepLen;
1508 ret = CRYPT_FormatCertSerialNumber(
1509 &info->AuthorityCertSerialNumber, NULL, &size);
1510 if (ret)
1511 {
1512 /* don't include NULL-terminator more than once */
1513 bytesNeeded += size - sizeof(WCHAR);
1514 }
1515 }
1516 if (ret)
1517 {
1518 if (!pbFormat)
1519 *pcbFormat = bytesNeeded;
1520 else if (*pcbFormat < bytesNeeded)
1521 {
1522 *pcbFormat = bytesNeeded;
1523 SetLastError(ERROR_MORE_DATA);
1524 ret = FALSE;
1525 }
1526 else
1527 {
1528 LPWSTR str = pbFormat;
1529
1530 *pcbFormat = bytesNeeded;
1531 needSeparator = FALSE;
1532 if (info->KeyId.cbData)
1533 {
1534 needSeparator = TRUE;
1535 /* Overestimate size available, it's already been checked
1536 * above.
1537 */
1538 size = bytesNeeded;
1539 ret = CRYPT_FormatKeyId(&info->KeyId, str, &size);
1540 if (ret)
1541 str += size / sizeof(WCHAR) - 1;
1542 }
1543 if (info->AuthorityCertIssuer.cAltEntry)
1544 {
1545 if (needSeparator)
1546 {
1547 strcpyW(str, sep);
1548 str += sepLen / sizeof(WCHAR);
1549 }
1550 needSeparator = TRUE;
1551 /* Overestimate size available, it's already been checked
1552 * above.
1553 */
1554 size = bytesNeeded;
1555 ret = CRYPT_FormatCertIssuer(dwFormatStrType,
1556 &info->AuthorityCertIssuer, str, &size);
1557 if (ret)
1558 str += size / sizeof(WCHAR) - 1;
1559 }
1560 if (info->AuthorityCertSerialNumber.cbData)
1561 {
1562 if (needSeparator)
1563 {
1564 strcpyW(str, sep);
1565 str += sepLen / sizeof(WCHAR);
1566 }
1567 /* Overestimate size available, it's already been checked
1568 * above.
1569 */
1570 size = bytesNeeded;
1571 ret = CRYPT_FormatCertSerialNumber(
1572 &info->AuthorityCertSerialNumber, str, &size);
1573 }
1574 }
1575 }
1576 LocalFree(info);
1577 }
1578 return ret;
1579 }
1580
1581 static WCHAR aia[MAX_STRING_RESOURCE_LEN];
1582 static WCHAR accessMethod[MAX_STRING_RESOURCE_LEN];
1583 static WCHAR ocsp[MAX_STRING_RESOURCE_LEN];
1584 static WCHAR caIssuers[MAX_STRING_RESOURCE_LEN];
1585 static WCHAR unknown[MAX_STRING_RESOURCE_LEN];
1586 static WCHAR accessLocation[MAX_STRING_RESOURCE_LEN];
1587
1588 static BOOL WINAPI CRYPT_FormatAuthorityInfoAccess(DWORD dwCertEncodingType,
1589 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
1590 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
1591 DWORD *pcbFormat)
1592 {
1593 CERT_AUTHORITY_INFO_ACCESS *info;
1594 DWORD size;
1595 BOOL ret = FALSE;
1596
1597 if (!cbEncoded)
1598 {
1599 SetLastError(E_INVALIDARG);
1600 return FALSE;
1601 }
1602 if ((ret = CryptDecodeObjectEx(dwCertEncodingType,
1603 X509_AUTHORITY_INFO_ACCESS, pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG,
1604 NULL, &info, &size)))
1605 {
1606 DWORD bytesNeeded = sizeof(WCHAR);
1607
1608 if (!info->cAccDescr)
1609 {
1610 WCHAR infoNotAvailable[MAX_STRING_RESOURCE_LEN];
1611
1612 LoadStringW(hInstance, IDS_INFO_NOT_AVAILABLE, infoNotAvailable,
1613 sizeof(infoNotAvailable) / sizeof(infoNotAvailable[0]));
1614 bytesNeeded += strlenW(infoNotAvailable) * sizeof(WCHAR);
1615 if (!pbFormat)
1616 *pcbFormat = bytesNeeded;
1617 else if (*pcbFormat < bytesNeeded)
1618 {
1619 *pcbFormat = bytesNeeded;
1620 SetLastError(ERROR_MORE_DATA);
1621 ret = FALSE;
1622 }
1623 else
1624 {
1625 *pcbFormat = bytesNeeded;
1626 strcpyW(pbFormat, infoNotAvailable);
1627 }
1628 }
1629 else
1630 {
1631 static const WCHAR numFmt[] = { '%','d',0 };
1632 static const WCHAR equal[] = { '=',0 };
1633 static BOOL stringsLoaded = FALSE;
1634 DWORD i;
1635 LPCWSTR headingSep, accessMethodSep, locationSep;
1636 WCHAR accessDescrNum[11];
1637
1638 if (!stringsLoaded)
1639 {
1640 LoadStringW(hInstance, IDS_AIA, aia,
1641 sizeof(aia) / sizeof(aia[0]));
1642 LoadStringW(hInstance, IDS_ACCESS_METHOD, accessMethod,
1643 sizeof(accessMethod) / sizeof(accessMethod[0]));
1644 LoadStringW(hInstance, IDS_ACCESS_METHOD_OCSP, ocsp,
1645 sizeof(ocsp) / sizeof(ocsp[0]));
1646 LoadStringW(hInstance, IDS_ACCESS_METHOD_CA_ISSUERS, caIssuers,
1647 sizeof(caIssuers) / sizeof(caIssuers[0]));
1648 LoadStringW(hInstance, IDS_ACCESS_METHOD_UNKNOWN, unknown,
1649 sizeof(unknown) / sizeof(unknown[0]));
1650 LoadStringW(hInstance, IDS_ACCESS_LOCATION, accessLocation,
1651 sizeof(accessLocation) / sizeof(accessLocation[0]));
1652 stringsLoaded = TRUE;
1653 }
1654 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1655 {
1656 headingSep = crlf;
1657 accessMethodSep = crlf;
1658 locationSep = colonCrlf;
1659 }
1660 else
1661 {
1662 headingSep = colonSep;
1663 accessMethodSep = commaSpace;
1664 locationSep = equal;
1665 }
1666
1667 for (i = 0; ret && i < info->cAccDescr; i++)
1668 {
1669 /* Heading */
1670 bytesNeeded += sizeof(WCHAR); /* left bracket */
1671 sprintfW(accessDescrNum, numFmt, i + 1);
1672 bytesNeeded += strlenW(accessDescrNum) * sizeof(WCHAR);
1673 bytesNeeded += sizeof(WCHAR); /* right bracket */
1674 bytesNeeded += strlenW(aia) * sizeof(WCHAR);
1675 bytesNeeded += strlenW(headingSep) * sizeof(WCHAR);
1676 /* Access method */
1677 bytesNeeded += strlenW(accessMethod) * sizeof(WCHAR);
1678 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1679 bytesNeeded += strlenW(indent) * sizeof(WCHAR);
1680 if (!strcmp(info->rgAccDescr[i].pszAccessMethod,
1681 szOID_PKIX_OCSP))
1682 bytesNeeded += strlenW(ocsp) * sizeof(WCHAR);
1683 else if (!strcmp(info->rgAccDescr[i].pszAccessMethod,
1684 szOID_PKIX_CA_ISSUERS))
1685 bytesNeeded += strlenW(caIssuers) * sizeof(caIssuers);
1686 else
1687 bytesNeeded += strlenW(unknown) * sizeof(WCHAR);
1688 bytesNeeded += sizeof(WCHAR); /* space */
1689 bytesNeeded += sizeof(WCHAR); /* left paren */
1690 bytesNeeded += strlen(info->rgAccDescr[i].pszAccessMethod)
1691 * sizeof(WCHAR);
1692 bytesNeeded += sizeof(WCHAR); /* right paren */
1693 /* Delimiter between access method and location */
1694 bytesNeeded += strlenW(accessMethodSep) * sizeof(WCHAR);
1695 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1696 bytesNeeded += strlenW(indent) * sizeof(WCHAR);
1697 bytesNeeded += strlenW(accessLocation) * sizeof(WCHAR);
1698 bytesNeeded += strlenW(locationSep) * sizeof(WCHAR);
1699 ret = CRYPT_FormatAltNameEntry(dwFormatStrType, 2,
1700 &info->rgAccDescr[i].AccessLocation, NULL, &size);
1701 if (ret)
1702 bytesNeeded += size - sizeof(WCHAR);
1703 /* Need extra delimiter between access method entries */
1704 if (i < info->cAccDescr - 1)
1705 bytesNeeded += strlenW(accessMethodSep) * sizeof(WCHAR);
1706 }
1707 if (ret)
1708 {
1709 if (!pbFormat)
1710 *pcbFormat = bytesNeeded;
1711 else if (*pcbFormat < bytesNeeded)
1712 {
1713 *pcbFormat = bytesNeeded;
1714 SetLastError(ERROR_MORE_DATA);
1715 ret = FALSE;
1716 }
1717 else
1718 {
1719 LPWSTR str = pbFormat;
1720 DWORD altNameEntrySize;
1721
1722 *pcbFormat = bytesNeeded;
1723 for (i = 0; ret && i < info->cAccDescr; i++)
1724 {
1725 LPCSTR oidPtr;
1726
1727 *str++ = '[';
1728 sprintfW(accessDescrNum, numFmt, i + 1);
1729 strcpyW(str, accessDescrNum);
1730 str += strlenW(accessDescrNum);
1731 *str++ = ']';
1732 strcpyW(str, aia);
1733 str += strlenW(aia);
1734 strcpyW(str, headingSep);
1735 str += strlenW(headingSep);
1736 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1737 {
1738 strcpyW(str, indent);
1739 str += strlenW(indent);
1740 }
1741 strcpyW(str, accessMethod);
1742 str += strlenW(accessMethod);
1743 if (!strcmp(info->rgAccDescr[i].pszAccessMethod,
1744 szOID_PKIX_OCSP))
1745 {
1746 strcpyW(str, ocsp);
1747 str += strlenW(ocsp);
1748 }
1749 else if (!strcmp(info->rgAccDescr[i].pszAccessMethod,
1750 szOID_PKIX_CA_ISSUERS))
1751 {
1752 strcpyW(str, caIssuers);
1753 str += strlenW(caIssuers);
1754 }
1755 else
1756 {
1757 strcpyW(str, unknown);
1758 str += strlenW(unknown);
1759 }
1760 *str++ = ' ';
1761 *str++ = '(';
1762 for (oidPtr = info->rgAccDescr[i].pszAccessMethod;
1763 *oidPtr; oidPtr++, str++)
1764 *str = *oidPtr;
1765 *str++ = ')';
1766 strcpyW(str, accessMethodSep);
1767 str += strlenW(accessMethodSep);
1768 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1769 {
1770 strcpyW(str, indent);
1771 str += strlenW(indent);
1772 }
1773 strcpyW(str, accessLocation);
1774 str += strlenW(accessLocation);
1775 strcpyW(str, locationSep);
1776 str += strlenW(locationSep);
1777 /* This overestimates the size available, but that
1778 * won't matter since we checked earlier whether enough
1779 * space for the entire string was available.
1780 */
1781 altNameEntrySize = bytesNeeded;
1782 ret = CRYPT_FormatAltNameEntry(dwFormatStrType, 2,
1783 &info->rgAccDescr[i].AccessLocation, str,
1784 &altNameEntrySize);
1785 if (ret)
1786 str += altNameEntrySize / sizeof(WCHAR) - 1;
1787 if (i < info->cAccDescr - 1)
1788 {
1789 strcpyW(str, accessMethodSep);
1790 str += strlenW(accessMethodSep);
1791 }
1792 }
1793 }
1794 }
1795 }
1796 LocalFree(info);
1797 }
1798 return ret;
1799 }
1800
1801 static WCHAR keyCompromise[MAX_STRING_RESOURCE_LEN];
1802 static WCHAR caCompromise[MAX_STRING_RESOURCE_LEN];
1803 static WCHAR affiliationChanged[MAX_STRING_RESOURCE_LEN];
1804 static WCHAR superseded[MAX_STRING_RESOURCE_LEN];
1805 static WCHAR operationCeased[MAX_STRING_RESOURCE_LEN];
1806 static WCHAR certificateHold[MAX_STRING_RESOURCE_LEN];
1807
1808 struct reason_map_entry
1809 {
1810 BYTE reasonBit;
1811 LPWSTR reason;
1812 int id;
1813 };
1814 static struct reason_map_entry reason_map[] = {
1815 { CRL_REASON_KEY_COMPROMISE_FLAG, keyCompromise, IDS_REASON_KEY_COMPROMISE },
1816 { CRL_REASON_CA_COMPROMISE_FLAG, caCompromise, IDS_REASON_CA_COMPROMISE },
1817 { CRL_REASON_AFFILIATION_CHANGED_FLAG, affiliationChanged,
1818 IDS_REASON_AFFILIATION_CHANGED },
1819 { CRL_REASON_SUPERSEDED_FLAG, superseded, IDS_REASON_SUPERSEDED },
1820 { CRL_REASON_CESSATION_OF_OPERATION_FLAG, operationCeased,
1821 IDS_REASON_CESSATION_OF_OPERATION },
1822 { CRL_REASON_CERTIFICATE_HOLD_FLAG, certificateHold,
1823 IDS_REASON_CERTIFICATE_HOLD },
1824 };
1825
1826 static BOOL CRYPT_FormatReason(DWORD dwFormatStrType,
1827 const CRYPT_BIT_BLOB *reasonFlags, LPWSTR str, DWORD *pcbStr)
1828 {
1829 static const WCHAR sep[] = { ',',' ',0 };
1830 static const WCHAR bitsFmt[] = { ' ','(','%','0','2','x',')',0 };
1831 static BOOL stringsLoaded = FALSE;
1832 int i, numReasons = 0;
1833 BOOL ret = TRUE;
1834 DWORD bytesNeeded = sizeof(WCHAR);
1835 WCHAR bits[6];
1836
1837 if (!stringsLoaded)
1838 {
1839 for (i = 0; i < sizeof(reason_map) / sizeof(reason_map[0]); i++)
1840 LoadStringW(hInstance, reason_map[i].id, reason_map[i].reason,
1841 MAX_STRING_RESOURCE_LEN);
1842 stringsLoaded = TRUE;
1843 }
1844 /* No need to check reasonFlags->cbData, we already know it's positive.
1845 * Ignore any other bytes, as they're for undefined bits.
1846 */
1847 for (i = 0; i < sizeof(reason_map) / sizeof(reason_map[0]); i++)
1848 {
1849 if (reasonFlags->pbData[0] & reason_map[i].reasonBit)
1850 {
1851 bytesNeeded += strlenW(reason_map[i].reason) * sizeof(WCHAR);
1852 if (numReasons++)
1853 bytesNeeded += strlenW(sep) * sizeof(WCHAR);
1854 }
1855 }
1856 sprintfW(bits, bitsFmt, reasonFlags->pbData[0]);
1857 bytesNeeded += strlenW(bits);
1858 if (!str)
1859 *pcbStr = bytesNeeded;
1860 else if (*pcbStr < bytesNeeded)
1861 {
1862 *pcbStr = bytesNeeded;
1863 SetLastError(ERROR_MORE_DATA);
1864 ret = FALSE;
1865 }
1866 else
1867 {
1868 *pcbStr = bytesNeeded;
1869 for (i = 0; i < sizeof(reason_map) / sizeof(reason_map[0]); i++)
1870 {
1871 if (reasonFlags->pbData[0] & reason_map[i].reasonBit)
1872 {
1873 strcpyW(str, reason_map[i].reason);
1874 str += strlenW(reason_map[i].reason);
1875 if (i < sizeof(reason_map) / sizeof(reason_map[0]) - 1 &&
1876 numReasons)
1877 {
1878 strcpyW(str, sep);
1879 str += strlenW(sep);
1880 }
1881 }
1882 }
1883 strcpyW(str, bits);
1884 }
1885 return ret;
1886 }
1887
1888 static WCHAR crlDistPoint[MAX_STRING_RESOURCE_LEN];
1889 static WCHAR distPointName[MAX_STRING_RESOURCE_LEN];
1890 static WCHAR fullName[MAX_STRING_RESOURCE_LEN];
1891 static WCHAR rdnName[MAX_STRING_RESOURCE_LEN];
1892 static WCHAR reason[MAX_STRING_RESOURCE_LEN];
1893 static WCHAR issuer[MAX_STRING_RESOURCE_LEN];
1894
1895 static BOOL WINAPI CRYPT_FormatCRLDistPoints(DWORD dwCertEncodingType,
1896 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
1897 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
1898 DWORD *pcbFormat)
1899 {
1900 CRL_DIST_POINTS_INFO *info;
1901 DWORD size;
1902 BOOL ret = FALSE;
1903
1904 if (!cbEncoded)
1905 {
1906 SetLastError(E_INVALIDARG);
1907 return FALSE;
1908 }
1909 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_CRL_DIST_POINTS,
1910 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &info, &size)))
1911 {
1912 static const WCHAR numFmt[] = { '%','d',0 };
1913 static const WCHAR colon[] = { ':',0 };
1914 static BOOL stringsLoaded = FALSE;
1915 DWORD bytesNeeded = sizeof(WCHAR); /* space for NULL terminator */
1916 BOOL haveAnEntry = FALSE;
1917 LPCWSTR headingSep, nameSep;
1918 WCHAR distPointNum[11];
1919 DWORD i;
1920
1921 if (!stringsLoaded)
1922 {
1923 LoadStringW(hInstance, IDS_CRL_DIST_POINT, crlDistPoint,
1924 sizeof(crlDistPoint) / sizeof(crlDistPoint[0]));
1925 LoadStringW(hInstance, IDS_CRL_DIST_POINT_NAME, distPointName,
1926 sizeof(distPointName) / sizeof(distPointName[0]));
1927 LoadStringW(hInstance, IDS_CRL_DIST_POINT_FULL_NAME, fullName,
1928 sizeof(fullName) / sizeof(fullName[0]));
1929 LoadStringW(hInstance, IDS_CRL_DIST_POINT_RDN_NAME, rdnName,
1930 sizeof(rdnName) / sizeof(rdnName[0]));
1931 LoadStringW(hInstance, IDS_CRL_DIST_POINT_REASON, reason,
1932 sizeof(reason) / sizeof(reason[0]));
1933 LoadStringW(hInstance, IDS_CRL_DIST_POINT_ISSUER, issuer,
1934 sizeof(issuer) / sizeof(issuer[0]));
1935 stringsLoaded = TRUE;
1936 }
1937 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1938 {
1939 headingSep = crlf;
1940 nameSep = colonCrlf;
1941 }
1942 else
1943 {
1944 headingSep = colonSep;
1945 nameSep = colon;
1946 }
1947
1948 for (i = 0; ret && i < info->cDistPoint; i++)
1949 {
1950 CRL_DIST_POINT *distPoint = &info->rgDistPoint[i];
1951
1952 if (distPoint->DistPointName.dwDistPointNameChoice !=
1953 CRL_DIST_POINT_NO_NAME)
1954 {
1955 bytesNeeded += strlenW(distPointName) * sizeof(WCHAR);
1956 bytesNeeded += strlenW(nameSep) * sizeof(WCHAR);
1957 if (distPoint->DistPointName.dwDistPointNameChoice ==
1958 CRL_DIST_POINT_FULL_NAME)
1959 bytesNeeded += strlenW(fullName) * sizeof(WCHAR);
1960 else
1961 bytesNeeded += strlenW(rdnName) * sizeof(WCHAR);
1962 bytesNeeded += strlenW(nameSep) * sizeof(WCHAR);
1963 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1964 bytesNeeded += 2 * strlenW(indent) * sizeof(WCHAR);
1965 /* The indent level (3) is higher than when used as the issuer,
1966 * because the name is subordinate to the name type (full vs.
1967 * RDN.)
1968 */
1969 ret = CRYPT_FormatAltNameInfo(dwFormatStrType, 3,
1970 &distPoint->DistPointName.u.FullName, NULL, &size);
1971 if (ret)
1972 bytesNeeded += size - sizeof(WCHAR);
1973 haveAnEntry = TRUE;
1974 }
1975 else if (distPoint->ReasonFlags.cbData)
1976 {
1977 bytesNeeded += strlenW(reason) * sizeof(WCHAR);
1978 ret = CRYPT_FormatReason(dwFormatStrType,
1979 &distPoint->ReasonFlags, NULL, &size);
1980 if (ret)
1981 bytesNeeded += size - sizeof(WCHAR);
1982 haveAnEntry = TRUE;
1983 }
1984 else if (distPoint->CRLIssuer.cAltEntry)
1985 {
1986 bytesNeeded += strlenW(issuer) * sizeof(WCHAR);
1987 bytesNeeded += strlenW(nameSep) * sizeof(WCHAR);
1988 ret = CRYPT_FormatAltNameInfo(dwFormatStrType, 2,
1989 &distPoint->CRLIssuer, NULL, &size);
1990 if (ret)
1991 bytesNeeded += size - sizeof(WCHAR);
1992 haveAnEntry = TRUE;
1993 }
1994 if (haveAnEntry)
1995 {
1996 bytesNeeded += sizeof(WCHAR); /* left bracket */
1997 sprintfW(distPointNum, numFmt, i + 1);
1998 bytesNeeded += strlenW(distPointNum) * sizeof(WCHAR);
1999 bytesNeeded += sizeof(WCHAR); /* right bracket */
2000 bytesNeeded += strlenW(crlDistPoint) * sizeof(WCHAR);
2001 bytesNeeded += strlenW(headingSep) * sizeof(WCHAR);
2002 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
2003 bytesNeeded += strlenW(indent) * sizeof(WCHAR);
2004 }
2005 }
2006 if (!haveAnEntry)
2007 {
2008 WCHAR infoNotAvailable[MAX_STRING_RESOURCE_LEN];
2009
2010 LoadStringW(hInstance, IDS_INFO_NOT_AVAILABLE, infoNotAvailable,
2011 sizeof(infoNotAvailable) / sizeof(infoNotAvailable[0]));
2012 bytesNeeded += strlenW(infoNotAvailable) * sizeof(WCHAR);
2013 if (!pbFormat)
2014 *pcbFormat = bytesNeeded;
2015 else if (*pcbFormat < bytesNeeded)
2016 {
2017 *pcbFormat = bytesNeeded;
2018 SetLastError(ERROR_MORE_DATA);
2019 ret = FALSE;
2020 }
2021 else
2022 {
2023 *pcbFormat = bytesNeeded;
2024 strcpyW(pbFormat, infoNotAvailable);
2025 }
2026 }
2027 else
2028 {
2029 if (!pbFormat)
2030 *pcbFormat = bytesNeeded;
2031 else if (*pcbFormat < bytesNeeded)
2032 {
2033 *pcbFormat = bytesNeeded;
2034 SetLastError(ERROR_MORE_DATA);
2035 ret = FALSE;
2036 }
2037 else
2038 {
2039 LPWSTR str = pbFormat;
2040
2041 *pcbFormat = bytesNeeded;
2042 for (i = 0; ret && i < info->cDistPoint; i++)
2043 {
2044 CRL_DIST_POINT *distPoint = &info->rgDistPoint[i];
2045
2046 *str++ = '[';
2047 sprintfW(distPointNum, numFmt, i + 1);
2048 strcpyW(str, distPointNum);
2049 str += strlenW(distPointNum);
2050 *str++ = ']';
2051 strcpyW(str, crlDistPoint);
2052 str += strlenW(crlDistPoint);
2053 strcpyW(str, headingSep);
2054 str += strlenW(headingSep);
2055 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
2056 {
2057 strcpyW(str, indent);
2058 str += strlenW(indent);
2059 }
2060 if (distPoint->DistPointName.dwDistPointNameChoice !=
2061 CRL_DIST_POINT_NO_NAME)
2062 {
2063 DWORD altNameSize = bytesNeeded;
2064
2065 strcpyW(str, distPointName);
2066 str += strlenW(distPointName);
2067 strcpyW(str, nameSep);
2068 str += strlenW(nameSep);
2069 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
2070 {
2071 strcpyW(str, indent);
2072 str += strlenW(indent);
2073 strcpyW(str, indent);
2074 str += strlenW(indent);
2075 }
2076 if (distPoint->DistPointName.dwDistPointNameChoice ==
2077 CRL_DIST_POINT_FULL_NAME)
2078 {
2079 strcpyW(str, fullName);
2080 str += strlenW(fullName);
2081 }
2082 else
2083 {
2084 strcpyW(str, rdnName);
2085 str += strlenW(rdnName);
2086 }
2087 strcpyW(str, nameSep);
2088 str += strlenW(nameSep);
2089 ret = CRYPT_FormatAltNameInfo(dwFormatStrType, 3,
2090 &distPoint->DistPointName.u.FullName, str,
2091 &altNameSize);
2092 if (ret)
2093 str += altNameSize / sizeof(WCHAR) - 1;
2094 }
2095 else if (distPoint->ReasonFlags.cbData)
2096 {
2097 DWORD reasonSize = bytesNeeded;
2098
2099 strcpyW(str, reason);
2100 str += strlenW(reason);
2101 ret = CRYPT_FormatReason(dwFormatStrType,
2102 &distPoint->ReasonFlags, str, &reasonSize);
2103 if (ret)
2104 str += reasonSize / sizeof(WCHAR) - 1;
2105 }
2106 else if (distPoint->CRLIssuer.cAltEntry)
2107 {
2108 DWORD crlIssuerSize = bytesNeeded;
2109
2110 strcpyW(str, issuer);
2111 str += strlenW(issuer);
2112 strcpyW(str, nameSep);
2113 str += strlenW(nameSep);
2114 ret = CRYPT_FormatAltNameInfo(dwFormatStrType, 2,
2115 &distPoint->CRLIssuer, str,
2116 &crlIssuerSize);
2117 if (ret)
2118 str += crlIssuerSize / sizeof(WCHAR) - 1;
2119 }
2120 }
2121 }
2122 }
2123 LocalFree(info);
2124 }
2125 return ret;
2126 }
2127
2128 static BOOL WINAPI CRYPT_FormatEnhancedKeyUsage(DWORD dwCertEncodingType,
2129 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
2130 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
2131 DWORD *pcbFormat)
2132 {
2133 CERT_ENHKEY_USAGE *usage;
2134 DWORD size;
2135 BOOL ret = FALSE;
2136
2137 if (!cbEncoded)
2138 {
2139 SetLastError(E_INVALIDARG);
2140 return FALSE;
2141 }
2142 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_ENHANCED_KEY_USAGE,
2143 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &usage, &size)))
2144 {
2145 WCHAR unknown[MAX_STRING_RESOURCE_LEN];
2146 DWORD i;
2147 DWORD bytesNeeded = sizeof(WCHAR); /* space for the NULL terminator */
2148 LPCWSTR sep;
2149 DWORD sepLen;
2150
2151 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
2152 {
2153 sep = crlf;
2154 sepLen = strlenW(crlf) * sizeof(WCHAR);
2155 }
2156 else
2157 {
2158 sep = commaSpace;
2159 sepLen = strlenW(commaSpace) * sizeof(WCHAR);
2160 }
2161
2162 LoadStringW(hInstance, IDS_USAGE_UNKNOWN, unknown,
2163 sizeof(unknown) / sizeof(unknown[0]));
2164 for (i = 0; i < usage->cUsageIdentifier; i++)
2165 {
2166 PCCRYPT_OID_INFO info = CryptFindOIDInfo(CRYPT_OID_INFO_OID_KEY,
2167 usage->rgpszUsageIdentifier[i], CRYPT_ENHKEY_USAGE_OID_GROUP_ID);
2168
2169 if (info)
2170 bytesNeeded += strlenW(info->pwszName) * sizeof(WCHAR);
2171 else
2172 bytesNeeded += strlenW(unknown) * sizeof(WCHAR);
2173 bytesNeeded += sizeof(WCHAR); /* space */
2174 bytesNeeded += sizeof(WCHAR); /* left paren */
2175 bytesNeeded += strlen(usage->rgpszUsageIdentifier[i]) *
2176 sizeof(WCHAR);
2177 bytesNeeded += sizeof(WCHAR); /* right paren */
2178 if (i < usage->cUsageIdentifier - 1)
2179 bytesNeeded += sepLen;
2180 }
2181 if (!pbFormat)
2182 *pcbFormat = bytesNeeded;
2183 else if (*pcbFormat < bytesNeeded)
2184 {
2185 *pcbFormat = bytesNeeded;
2186 SetLastError(ERROR_MORE_DATA);
2187 ret = FALSE;
2188 }
2189 else
2190 {
2191 LPWSTR str = pbFormat;
2192
2193 *pcbFormat = bytesNeeded;
2194 for (i = 0; i < usage->cUsageIdentifier; i++)
2195 {
2196 PCCRYPT_OID_INFO info = CryptFindOIDInfo(CRYPT_OID_INFO_OID_KEY,
2197 usage->rgpszUsageIdentifier[i],
2198 CRYPT_ENHKEY_USAGE_OID_GROUP_ID);
2199 LPCSTR oidPtr;
2200
2201 if (info)
2202 {
2203 strcpyW(str, info->pwszName);
2204 str += strlenW(info->pwszName);
2205 }
2206 else
2207 {
2208 strcpyW(str, unknown);
2209 str += strlenW(unknown);
2210 }
2211 *str++ = ' ';
2212 *str++ = '(';
2213 for (oidPtr = usage->rgpszUsageIdentifier[i]; *oidPtr; oidPtr++)
2214 *str++ = *oidPtr;
2215 *str++ = ')';
2216 *str = 0;
2217 if (i < usage->cUsageIdentifier - 1)
2218 {
2219 strcpyW(str, sep);
2220 str += sepLen / sizeof(WCHAR);
2221 }
2222 }
2223 }
2224 LocalFree(usage);
2225 }
2226 return ret;
2227 }
2228
2229 static struct BitToString netscapeCertTypeMap[] = {
2230 { NETSCAPE_SSL_CLIENT_AUTH_CERT_TYPE, IDS_NETSCAPE_SSL_CLIENT, { 0 } },
2231 { NETSCAPE_SSL_SERVER_AUTH_CERT_TYPE, IDS_NETSCAPE_SSL_SERVER, { 0 } },
2232 { NETSCAPE_SMIME_CERT_TYPE, IDS_NETSCAPE_SMIME, { 0 } },
2233 { NETSCAPE_SIGN_CERT_TYPE, IDS_NETSCAPE_SIGN, { 0 } },
2234 { NETSCAPE_SSL_CA_CERT_TYPE, IDS_NETSCAPE_SSL_CA, { 0 } },
2235 { NETSCAPE_SMIME_CA_CERT_TYPE, IDS_NETSCAPE_SMIME_CA, { 0 } },
2236 { NETSCAPE_SIGN_CA_CERT_TYPE, IDS_NETSCAPE_SIGN_CA, { 0 } },
2237 };
2238
2239 static BOOL WINAPI CRYPT_FormatNetscapeCertType(DWORD dwCertEncodingType,
2240 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
2241 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
2242 DWORD *pcbFormat)
2243 {
2244 DWORD size;
2245 CRYPT_BIT_BLOB *bits;
2246 BOOL ret;
2247
2248 if (!cbEncoded)
2249 {
2250 SetLastError(E_INVALIDARG);
2251 return FALSE;
2252 }
2253 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_BITS,
2254 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &bits, &size)))
2255 {
2256 WCHAR infoNotAvailable[MAX_STRING_RESOURCE_LEN];
2257 DWORD bytesNeeded = sizeof(WCHAR);
2258
2259 LoadStringW(hInstance, IDS_INFO_NOT_AVAILABLE, infoNotAvailable,
2260 sizeof(infoNotAvailable) / sizeof(infoNotAvailable[0]));
2261 if (!bits->cbData || bits->cbData > 1)
2262 {
2263 bytesNeeded += strlenW(infoNotAvailable) * sizeof(WCHAR);
2264 if (!pbFormat)
2265 *pcbFormat = bytesNeeded;
2266 else if (*pcbFormat < bytesNeeded)
2267 {
2268 *pcbFormat = bytesNeeded;
2269 SetLastError(ERROR_MORE_DATA);
2270 ret = FALSE;
2271 }
2272 else
2273 {
2274 LPWSTR str = pbFormat;
2275
2276 *pcbFormat = bytesNeeded;
2277 strcpyW(str, infoNotAvailable);
2278 }
2279 }
2280 else
2281 {
2282 static BOOL stringsLoaded = FALSE;
2283 int i;
2284 DWORD bitStringLen;
2285 BOOL first = TRUE;
2286
2287 if (!stringsLoaded)
2288 {
2289 for (i = 0; i < sizeof(netscapeCertTypeMap) /
2290 sizeof(netscapeCertTypeMap[0]); i++)
2291 LoadStringW(hInstance, netscapeCertTypeMap[i].id,
2292 netscapeCertTypeMap[i].str, MAX_STRING_RESOURCE_LEN);
2293 stringsLoaded = TRUE;
2294 }
2295 CRYPT_FormatBits(bits->pbData[0], netscapeCertTypeMap,
2296 sizeof(netscapeCertTypeMap) / sizeof(netscapeCertTypeMap[0]),
2297 NULL, &bitStringLen, &first);
2298 bytesNeeded += bitStringLen;
2299 bytesNeeded += 3 * sizeof(WCHAR); /* " (" + ")" */
2300 CRYPT_FormatHexString(0, 0, 0, NULL, NULL, bits->pbData,
2301 bits->cbData, NULL, &size);
2302 bytesNeeded += size;
2303 if (!pbFormat)
2304 *pcbFormat = bytesNeeded;
2305 else if (*pcbFormat < bytesNeeded)
2306 {
2307 *pcbFormat = bytesNeeded;
2308 SetLastError(ERROR_MORE_DATA);
2309 ret = FALSE;
2310 }
2311 else
2312 {
2313 LPWSTR str = pbFormat;
2314
2315 bitStringLen = bytesNeeded;
2316 first = TRUE;
2317 CRYPT_FormatBits(bits->pbData[0], netscapeCertTypeMap,
2318 sizeof(netscapeCertTypeMap) / sizeof(netscapeCertTypeMap[0]),
2319 str, &bitStringLen, &first);
2320 str += bitStringLen / sizeof(WCHAR) - 1;
2321 *str++ = ' ';
2322 *str++ = '(';
2323 CRYPT_FormatHexString(0, 0, 0, NULL, NULL, bits->pbData,
2324 bits->cbData, str, &size);
2325 str += size / sizeof(WCHAR) - 1;
2326 *str++ = ')';
2327 *str = 0;
2328 }
2329 }
2330 LocalFree(bits);
2331 }
2332 return ret;
2333 }
2334
2335 static WCHAR financialCriteria[MAX_STRING_RESOURCE_LEN];
2336 static WCHAR available[MAX_STRING_RESOURCE_LEN];
2337 static WCHAR notAvailable[MAX_STRING_RESOURCE_LEN];
2338 static WCHAR meetsCriteria[MAX_STRING_RESOURCE_LEN];
2339 static WCHAR yes[MAX_STRING_RESOURCE_LEN];
2340 static WCHAR no[MAX_STRING_RESOURCE_LEN];
2341
2342 static BOOL WINAPI CRYPT_FormatSpcFinancialCriteria(DWORD dwCertEncodingType,
2343 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
2344 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
2345 DWORD *pcbFormat)
2346 {
2347 SPC_FINANCIAL_CRITERIA criteria;
2348 DWORD size = sizeof(criteria);
2349 BOOL ret = FALSE;
2350
2351 if (!cbEncoded)
2352 {
2353 SetLastError(E_INVALIDARG);
2354 return FALSE;
2355 }
2356 if ((ret = CryptDecodeObjectEx(dwCertEncodingType,
2357 SPC_FINANCIAL_CRITERIA_STRUCT, pbEncoded, cbEncoded, 0, NULL, &criteria,
2358 &size)))
2359 {
2360 static BOOL stringsLoaded = FALSE;
2361 DWORD bytesNeeded = sizeof(WCHAR);
2362 LPCWSTR sep;
2363 DWORD sepLen;
2364
2365 if (!stringsLoaded)
2366 {
2367 LoadStringW(hInstance, IDS_FINANCIAL_CRITERIA, financialCriteria,
2368 sizeof(financialCriteria) / sizeof(financialCriteria[0]));
2369 LoadStringW(hInstance, IDS_FINANCIAL_CRITERIA_AVAILABLE, available,
2370 sizeof(available) / sizeof(available[0]));
2371 LoadStringW(hInstance, IDS_FINANCIAL_CRITERIA_NOT_AVAILABLE,
2372 notAvailable, sizeof(notAvailable) / sizeof(notAvailable[0]));
2373 LoadStringW(hInstance, IDS_FINANCIAL_CRITERIA_MEETS_CRITERIA,
2374 meetsCriteria, sizeof(meetsCriteria) / sizeof(meetsCriteria[0]));
2375 LoadStringW(hInstance, IDS_YES, yes, sizeof(yes) / sizeof(yes[0]));
2376 LoadStringW(hInstance, IDS_NO, no, sizeof(no) / sizeof(no[0]));
2377 stringsLoaded = TRUE;
2378 }
2379 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
2380 {
2381 sep = crlf;
2382 sepLen = strlenW(crlf) * sizeof(WCHAR);
2383 }
2384 else
2385 {
2386 sep = commaSpace;
2387 sepLen = strlenW(commaSpace) * sizeof(WCHAR);
2388 }
2389 bytesNeeded += strlenW(financialCriteria) * sizeof(WCHAR);
2390 if (criteria.fFinancialInfoAvailable)
2391 {
2392 bytesNeeded += strlenW(available) * sizeof(WCHAR);
2393 bytesNeeded += sepLen;
2394 bytesNeeded += strlenW(meetsCriteria) * sizeof(WCHAR);
2395 if (criteria.fMeetsCriteria)
2396 bytesNeeded += strlenW(yes) * sizeof(WCHAR);
2397 else
2398 bytesNeeded += strlenW(no) * sizeof(WCHAR);
2399 }
2400 else
2401 bytesNeeded += strlenW(notAvailable) * sizeof(WCHAR);
2402 if (!pbFormat)
2403 *pcbFormat = bytesNeeded;
2404 else if (*pcbFormat < bytesNeeded)
2405 {
2406 *pcbFormat = bytesNeeded;
2407 SetLastError(ERROR_MORE_DATA);
2408 ret = FALSE;
2409 }
2410 else
2411 {
2412 LPWSTR str = pbFormat;
2413
2414 *pcbFormat = bytesNeeded;
2415 strcpyW(str, financialCriteria);
2416 str += strlenW(financialCriteria);
2417 if (criteria.fFinancialInfoAvailable)
2418 {
2419 strcpyW(str, available);
2420 str += strlenW(available);
2421 strcpyW(str, sep);
2422 str += sepLen / sizeof(WCHAR);
2423 strcpyW(str, meetsCriteria);
2424 str += strlenW(meetsCriteria);
2425 if (criteria.fMeetsCriteria)
2426 strcpyW(str, yes);
2427 else
2428 strcpyW(str, no);
2429 }
2430 else
2431 {
2432 strcpyW(str, notAvailable);
2433 str += strlenW(notAvailable);
2434 }
2435 }
2436 }
2437 return ret;
2438 }
2439
2440 static BOOL WINAPI CRYPT_FormatUnicodeString(DWORD dwCertEncodingType,
2441 DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
2442 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
2443 DWORD *pcbFormat)
2444 {
2445 CERT_NAME_VALUE *value;
2446 DWORD size;
2447 BOOL ret;
2448
2449 if (!cbEncoded)
2450 {
2451 SetLastError(E_INVALIDARG);
2452 return FALSE;
2453 }
2454 if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_UNICODE_ANY_STRING,
2455 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &value, &size)))
2456 {
2457 if (!pbFormat)
2458 *pcbFormat = value->Value.cbData;
2459 else if (*pcbFormat < value->Value.cbData)
2460 {
2461 *pcbFormat = value->Value.cbData;
2462 SetLastError(ERROR_MORE_DATA);
2463 ret = FALSE;
2464 }
2465 else
2466 {
2467 LPWSTR str = pbFormat;
2468
2469 *pcbFormat = value->Value.cbData;
2470 strcpyW(str, (LPWSTR)value->Value.pbData);
2471 }
2472 }
2473 return ret;
2474 }
2475
2476 typedef BOOL (WINAPI *CryptFormatObjectFunc)(DWORD, DWORD, DWORD, void *,
2477 LPCSTR, const BYTE *, DWORD, void *, DWORD *);
2478
2479 static CryptFormatObjectFunc CRYPT_GetBuiltinFormatFunction(DWORD encodingType,
2480 DWORD formatStrType, LPCSTR lpszStructType)
2481 {
2482 CryptFormatObjectFunc format = NULL;
2483
2484 if ((encodingType & CERT_ENCODING_TYPE_MASK) != X509_ASN_ENCODING)
2485 {
2486 SetLastError(ERROR_FILE_NOT_FOUND);
2487 return NULL;
2488 }
2489 if (!HIWORD(lpszStructType))
2490 {
2491 switch (LOWORD(lpszStructType))
2492 {
2493 case LOWORD(X509_KEY_USAGE):
2494 format = CRYPT_FormatKeyUsage;
2495 break;
2496 case LOWORD(X509_ALTERNATE_NAME):
2497 format = CRYPT_FormatAltName;
2498 break;
2499 case LOWORD(X509_BASIC_CONSTRAINTS2):
2500 format = CRYPT_FormatBasicConstraints2;
2501 break;
2502 case LOWORD(X509_AUTHORITY_KEY_ID2):
2503 format = CRYPT_FormatAuthorityKeyId2;
2504 break;
2505 case LOWORD(X509_AUTHORITY_INFO_ACCESS):
2506 format = CRYPT_FormatAuthorityInfoAccess;
2507 break;
2508 case LOWORD(X509_CRL_DIST_POINTS):
2509 format = CRYPT_FormatCRLDistPoints;
2510 break;
2511 case LOWORD(X509_ENHANCED_KEY_USAGE):
2512 format = CRYPT_FormatEnhancedKeyUsage;
2513 break;
2514 case LOWORD(SPC_FINANCIAL_CRITERIA_STRUCT):
2515 format = CRYPT_FormatSpcFinancialCriteria;
2516 break;
2517 }
2518 }
2519 else if (!strcmp(lpszStructType, szOID_SUBJECT_ALT_NAME))
2520 format = CRYPT_FormatAltName;
2521 else if (!strcmp(lpszStructType, szOID_ISSUER_ALT_NAME))
2522 format = CRYPT_FormatAltName;
2523 else if (!strcmp(lpszStructType, szOID_KEY_USAGE))
2524 format = CRYPT_FormatKeyUsage;
2525 else if (!strcmp(lpszStructType, szOID_SUBJECT_ALT_NAME2))
2526 format = CRYPT_FormatAltName;
2527 else if (!strcmp(lpszStructType, szOID_ISSUER_ALT_NAME2))
2528 format = CRYPT_FormatAltName;
2529 else if (!strcmp(lpszStructType, szOID_BASIC_CONSTRAINTS2))
2530 format = CRYPT_FormatBasicConstraints2;
2531 else if (!strcmp(lpszStructType, szOID_AUTHORITY_INFO_ACCESS))
2532 format = CRYPT_FormatAuthorityInfoAccess;
2533 else if (!strcmp(lpszStructType, szOID_AUTHORITY_KEY_IDENTIFIER2))
2534 format = CRYPT_FormatAuthorityKeyId2;
2535 else if (!strcmp(lpszStructType, szOID_CRL_DIST_POINTS))
2536 format = CRYPT_FormatCRLDistPoints;
2537 else if (!strcmp(lpszStructType, szOID_ENHANCED_KEY_USAGE))
2538 format = CRYPT_FormatEnhancedKeyUsage;
2539 else if (!strcmp(lpszStructType, szOID_NETSCAPE_CERT_TYPE))
2540 format = CRYPT_FormatNetscapeCertType;
2541 else if (!strcmp(lpszStructType, szOID_NETSCAPE_BASE_URL) ||
2542 !strcmp(lpszStructType, szOID_NETSCAPE_REVOCATION_URL) ||
2543 !strcmp(lpszStructType, szOID_NETSCAPE_CA_REVOCATION_URL) ||
2544 !strcmp(lpszStructType, szOID_NETSCAPE_CERT_RENEWAL_URL) ||
2545 !strcmp(lpszStructType, szOID_NETSCAPE_CA_POLICY_URL) ||
2546 !strcmp(lpszStructType, szOID_NETSCAPE_SSL_SERVER_NAME) ||
2547 !strcmp(lpszStructType, szOID_NETSCAPE_COMMENT))
2548 format = CRYPT_FormatUnicodeString;
2549 else if (!strcmp(lpszStructType, SPC_FINANCIAL_CRITERIA_OBJID))
2550 format = CRYPT_FormatSpcFinancialCriteria;
2551 return format;
2552 }
2553
2554 BOOL WINAPI CryptFormatObject(DWORD dwCertEncodingType, DWORD dwFormatType,
2555 DWORD dwFormatStrType, void *pFormatStruct, LPCSTR lpszStructType,
2556 const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat, DWORD *pcbFormat)
2557 {
2558 CryptFormatObjectFunc format = NULL;
2559 HCRYPTOIDFUNCADDR hFunc = NULL;
2560 BOOL ret = FALSE;
2561
2562 TRACE("(%08x, %d, %08x, %p, %s, %p, %d, %p, %p)\n", dwCertEncodingType,
2563 dwFormatType, dwFormatStrType, pFormatStruct, debugstr_a(lpszStructType),
2564 pbEncoded, cbEncoded, pbFormat, pcbFormat);
2565
2566 if (!(format = CRYPT_GetBuiltinFormatFunction(dwCertEncodingType,
2567 dwFormatStrType, lpszStructType)))
2568 {
2569 static HCRYPTOIDFUNCSET set = NULL;
2570
2571 if (!set)
2572 set = CryptInitOIDFunctionSet(CRYPT_OID_FORMAT_OBJECT_FUNC, 0);
2573 CryptGetOIDFunctionAddress(set, dwCertEncodingType, lpszStructType, 0,
2574 (void **)&format, &hFunc);
2575 }
2576 if (!format && (dwCertEncodingType & CERT_ENCODING_TYPE_MASK) ==
2577 X509_ASN_ENCODING && !(dwFormatStrType & CRYPT_FORMAT_STR_NO_HEX))
2578 format = CRYPT_FormatHexString;
2579 if (format)
2580 ret = format(dwCertEncodingType, dwFormatType, dwFormatStrType,
2581 pFormatStruct, lpszStructType, pbEncoded, cbEncoded, pbFormat,
2582 pcbFormat);
2583 if (hFunc)
2584 CryptFreeOIDFunctionAddress(hFunc, 0);
2585 return ret;
2586 }
useful hacks and other patches not (yet) suitable for mainline