2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 #include "wine/port.h"
25 #define NONAMELESSUNION
28 #include "wine/debug.h"
33 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
36 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet
);
38 BOOL WINAPI
DllMain(HINSTANCE hinstDLL
, DWORD fdwReason
, LPVOID lpvReserved
)
40 TRACE("(0x%p, %d, %p)\n", hinstDLL
, fdwReason
, lpvReserved
);
43 case DLL_PROCESS_ATTACH
:
44 DisableThreadLibraryCalls(hinstDLL
);
46 case DLL_PROCESS_DETACH
:
47 /* Do uninitialisation here */
54 static const WCHAR cryptNet
[] = { 'c','r','y','p','t','n','e','t','.',
56 static const WCHAR ldapProvOpenStore
[] = { 'L','d','a','p','P','r','o','v',
57 'O','p','e','S','t','o','r','e',0 };
59 /***********************************************************************
60 * DllRegisterServer (CRYPTNET.@)
62 HRESULT WINAPI
DllRegisterServer(void)
65 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING
,
66 CRYPT_OID_VERIFY_REVOCATION_FUNC
, 0, cryptNet
);
67 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap",
68 cryptNet
, "LdapProvOpenStore");
69 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
70 CERT_STORE_PROV_LDAP_W
, cryptNet
, "LdapProvOpenStore");
74 /***********************************************************************
75 * DllUnregisterServer (CRYPTNET.@)
77 HRESULT WINAPI
DllUnregisterServer(void)
80 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING
,
81 CRYPT_OID_VERIFY_REVOCATION_FUNC
, cryptNet
);
82 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap");
83 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
84 CERT_STORE_PROV_LDAP_W
);
88 static const char *url_oid_to_str(LPCSTR oid
)
98 #define _x(oid) case LOWORD(oid): return #oid
99 _x(URL_OID_CERTIFICATE_ISSUER
);
100 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT
);
101 _x(URL_OID_CTL_ISSUER
);
102 _x(URL_OID_CTL_NEXT_UPDATE
);
103 _x(URL_OID_CRL_ISSUER
);
104 _x(URL_OID_CERTIFICATE_FRESHEST_CRL
);
105 _x(URL_OID_CRL_FRESHEST_CRL
);
106 _x(URL_OID_CROSS_CERT_DIST_POINT
);
109 snprintf(buf
, sizeof(buf
), "%d", LOWORD(oid
));
115 typedef BOOL (WINAPI
*UrlDllGetObjectUrlFunc
)(LPCSTR
, LPVOID
, DWORD
,
116 PCRYPT_URL_ARRAY
, DWORD
*, PCRYPT_URL_INFO
, DWORD
*, LPVOID
);
118 static BOOL WINAPI
CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid
,
119 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
120 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
122 /* FIXME: This depends on the AIA (authority info access) extension being
123 * supported in crypt32.
126 SetLastError(CRYPT_E_NOT_FOUND
);
130 static BOOL WINAPI
CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid
,
131 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
132 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
134 PCCERT_CONTEXT cert
= (PCCERT_CONTEXT
)pvPara
;
138 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
139 if (dwFlags
&& !(dwFlags
& CRYPT_GET_URL_FROM_EXTENSION
))
141 SetLastError(CRYPT_E_NOT_FOUND
);
144 if ((ext
= CertFindExtension(szOID_CRL_DIST_POINTS
,
145 cert
->pCertInfo
->cExtension
, cert
->pCertInfo
->rgExtension
)))
147 CRL_DIST_POINTS_INFO
*info
;
150 ret
= CryptDecodeObjectEx(X509_ASN_ENCODING
, X509_CRL_DIST_POINTS
,
151 ext
->Value
.pbData
, ext
->Value
.cbData
, CRYPT_DECODE_ALLOC_FLAG
, NULL
,
155 DWORD i
, cUrl
, bytesNeeded
= sizeof(CRYPT_URL_ARRAY
);
157 for (i
= 0, cUrl
= 0; i
< info
->cDistPoint
; i
++)
158 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
159 == CRL_DIST_POINT_FULL_NAME
)
162 CERT_ALT_NAME_INFO
*name
=
163 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
165 for (j
= 0; j
< name
->cAltEntry
; j
++)
166 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
169 if (name
->rgAltEntry
[j
].u
.pwszURL
)
172 bytesNeeded
+= sizeof(LPWSTR
) +
173 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1)
180 SetLastError(E_INVALIDARG
);
184 *pcbUrlArray
= bytesNeeded
;
185 else if (*pcbUrlArray
< bytesNeeded
)
187 SetLastError(ERROR_MORE_DATA
);
188 *pcbUrlArray
= bytesNeeded
;
195 *pcbUrlArray
= bytesNeeded
;
197 pUrlArray
->rgwszUrl
=
198 (LPWSTR
*)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
));
199 nextUrl
= (LPWSTR
)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
)
200 + cUrl
* sizeof(LPWSTR
));
201 for (i
= 0; i
< info
->cDistPoint
; i
++)
202 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
203 == CRL_DIST_POINT_FULL_NAME
)
206 CERT_ALT_NAME_INFO
*name
=
207 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
209 for (j
= 0; j
< name
->cAltEntry
; j
++)
210 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
213 if (name
->rgAltEntry
[j
].u
.pwszURL
)
216 name
->rgAltEntry
[j
].u
.pwszURL
);
217 pUrlArray
->rgwszUrl
[pUrlArray
->cUrl
++] =
220 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1)
230 FIXME("url info: stub\n");
232 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
233 else if (*pcbUrlInfo
< sizeof(CRYPT_URL_INFO
))
235 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
236 SetLastError(ERROR_MORE_DATA
);
241 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
242 memset(pUrlInfo
, 0, sizeof(CRYPT_URL_INFO
));
250 SetLastError(CRYPT_E_NOT_FOUND
);
254 /***********************************************************************
255 * CryptGetObjectUrl (CRYPTNET.@)
257 BOOL WINAPI
CryptGetObjectUrl(LPCSTR pszUrlOid
, LPVOID pvPara
, DWORD dwFlags
,
258 PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
, PCRYPT_URL_INFO pUrlInfo
,
259 DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
261 UrlDllGetObjectUrlFunc func
= NULL
;
262 HCRYPTOIDFUNCADDR hFunc
= NULL
;
265 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid
),
266 pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
, pUrlInfo
, pcbUrlInfo
, pvReserved
);
268 if (!HIWORD(pszUrlOid
))
270 switch (LOWORD(pszUrlOid
))
272 case LOWORD(URL_OID_CERTIFICATE_ISSUER
):
273 func
= CRYPT_GetUrlFromCertificateIssuer
;
275 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT
):
276 func
= CRYPT_GetUrlFromCertificateCRLDistPoint
;
279 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid
));
280 SetLastError(ERROR_FILE_NOT_FOUND
);
285 static HCRYPTOIDFUNCSET set
= NULL
;
288 set
= CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC
, 0);
289 CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszUrlOid
, 0,
290 (void **)&func
, &hFunc
);
293 ret
= func(pszUrlOid
, pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
,
294 pUrlInfo
, pcbUrlInfo
, pvReserved
);
296 CryptFreeOIDFunctionAddress(hFunc
, 0);
300 /***********************************************************************
301 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
303 BOOL WINAPI
CryptRetrieveObjectByUrlA(LPCSTR pszURL
, LPCSTR pszObjectOid
,
304 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
305 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
306 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
311 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL
),
312 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
313 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
317 SetLastError(ERROR_INVALID_PARAMETER
);
320 len
= MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, NULL
, 0);
323 LPWSTR url
= CryptMemAlloc(len
* sizeof(WCHAR
));
327 MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, url
, len
);
328 ret
= CryptRetrieveObjectByUrlW(url
, pszObjectOid
,
329 dwRetrievalFlags
, dwTimeout
, ppvObject
, hAsyncRetrieve
,
330 pCredentials
, pvVerify
, pAuxInfo
);
334 SetLastError(ERROR_OUTOFMEMORY
);
339 static void WINAPI
CRYPT_FreeBlob(LPCSTR pszObjectOid
,
340 PCRYPT_BLOB_ARRAY pObject
, void *pvFreeContext
)
344 for (i
= 0; i
< pObject
->cBlob
; i
++)
345 CryptMemFree(pObject
->rgBlob
[i
].pbData
);
346 CryptMemFree(pObject
->rgBlob
);
349 static BOOL
CRYPT_GetObjectFromFile(HANDLE hFile
, PCRYPT_BLOB_ARRAY pObject
)
354 if ((ret
= GetFileSizeEx(hFile
, &size
)))
358 WARN("file too big\n");
359 SetLastError(ERROR_INVALID_DATA
);
364 CRYPT_DATA_BLOB blob
;
366 blob
.pbData
= CryptMemAlloc(size
.LowPart
);
369 blob
.cbData
= size
.LowPart
;
370 ret
= ReadFile(hFile
, blob
.pbData
, size
.LowPart
, &blob
.cbData
,
374 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
378 memcpy(pObject
->rgBlob
, &blob
, sizeof(CRYPT_DATA_BLOB
));
382 SetLastError(ERROR_OUTOFMEMORY
);
387 CryptMemFree(blob
.pbData
);
391 SetLastError(ERROR_OUTOFMEMORY
);
399 /* FIXME: should make wininet cache all downloads instead */
400 static BOOL
CRYPT_GetObjectFromCache(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
401 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
404 INTERNET_CACHE_ENTRY_INFOW cacheInfo
= { sizeof(cacheInfo
), 0 };
405 DWORD size
= sizeof(cacheInfo
);
407 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pObject
, pAuxInfo
);
409 if (GetUrlCacheEntryInfoW(pszURL
, &cacheInfo
, &size
) ||
410 GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
414 GetSystemTimeAsFileTime(&ft
);
415 if (CompareFileTime(&cacheInfo
.ExpireTime
, &ft
) >= 0)
417 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo
= CryptMemAlloc(size
);
421 if (GetUrlCacheEntryInfoW(pszURL
, pCacheInfo
, &size
))
423 HANDLE hFile
= CreateFileW(pCacheInfo
->lpszLocalFileName
,
424 GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
425 FILE_ATTRIBUTE_NORMAL
, NULL
);
427 if (hFile
!= INVALID_HANDLE_VALUE
)
429 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
431 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
432 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
433 pLastSyncTime
) + sizeof(PFILETIME
) &&
434 pAuxInfo
->pLastSyncTime
)
435 memcpy(pAuxInfo
->pLastSyncTime
,
436 &pCacheInfo
->LastSyncTime
,
442 CryptMemFree(pCacheInfo
);
445 SetLastError(ERROR_OUTOFMEMORY
);
448 DeleteUrlCacheEntryW(pszURL
);
450 TRACE("returning %d\n", ret
);
454 static inline LPWSTR
strndupW(LPWSTR string
, int len
)
457 if (string
&& (ret
= CryptMemAlloc((len
+ 1) * sizeof(WCHAR
))) != NULL
)
459 memcpy(ret
, string
, len
* sizeof(WCHAR
));
465 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
466 * to NULL-terminated copies of those portions of the URL (to be freed with
469 static BOOL
CRYPT_CrackUrl(LPCWSTR pszURL
, URL_COMPONENTSW
*components
)
473 TRACE("(%s, %p)\n", debugstr_w(pszURL
), components
);
475 memset(components
, 0, sizeof(*components
));
476 components
->dwStructSize
= sizeof(*components
);
477 components
->dwHostNameLength
= 1;
478 components
->dwUrlPathLength
= 1;
479 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, components
);
482 LPWSTR hostname
= strndupW(components
->lpszHostName
,
483 components
->dwHostNameLength
);
484 LPWSTR path
= strndupW(components
->lpszUrlPath
,
485 components
->dwUrlPathLength
);
487 components
->lpszHostName
= hostname
;
488 components
->lpszUrlPath
= path
;
489 switch (components
->nScheme
)
491 case INTERNET_SCHEME_FTP
:
492 if (!components
->nPort
)
493 components
->nPort
= INTERNET_DEFAULT_FTP_PORT
;
495 case INTERNET_SCHEME_HTTP
:
496 if (!components
->nPort
)
497 components
->nPort
= INTERNET_DEFAULT_HTTP_PORT
;
503 TRACE("returning %d\n", ret
);
514 static struct InetContext
*CRYPT_MakeInetContext(DWORD dwTimeout
)
516 struct InetContext
*context
= CryptMemAlloc(sizeof(struct InetContext
));
520 context
->event
= CreateEventW(NULL
, FALSE
, FALSE
, NULL
);
523 CryptMemFree(context
);
528 context
->timeout
= dwTimeout
;
529 context
->error
= ERROR_SUCCESS
;
535 static BOOL
CRYPT_DownloadObject(DWORD dwRetrievalFlags
, HINTERNET hHttp
,
536 struct InetContext
*context
, PCRYPT_BLOB_ARRAY pObject
,
537 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
539 CRYPT_DATA_BLOB object
= { 0, NULL
};
540 DWORD bytesAvailable
;
544 if ((ret
= InternetQueryDataAvailable(hHttp
, &bytesAvailable
, 0, 0)))
549 object
.pbData
= CryptMemRealloc(object
.pbData
,
550 object
.cbData
+ bytesAvailable
);
552 object
.pbData
= CryptMemAlloc(bytesAvailable
);
555 INTERNET_BUFFERSA buffer
= { sizeof(buffer
), 0 };
557 buffer
.dwBufferLength
= bytesAvailable
;
558 buffer
.lpvBuffer
= object
.pbData
+ object
.cbData
;
559 if (!(ret
= InternetReadFileExA(hHttp
, &buffer
, IRF_NO_WAIT
,
560 (DWORD_PTR
)context
)))
562 if (GetLastError() == ERROR_IO_PENDING
)
564 if (WaitForSingleObject(context
->event
,
565 context
->timeout
) == WAIT_TIMEOUT
)
566 SetLastError(ERROR_TIMEOUT
);
567 else if (context
->error
)
568 SetLastError(context
->error
);
574 object
.cbData
+= bytesAvailable
;
578 SetLastError(ERROR_OUTOFMEMORY
);
583 else if (GetLastError() == ERROR_IO_PENDING
)
585 if (WaitForSingleObject(context
->event
, context
->timeout
) ==
587 SetLastError(ERROR_TIMEOUT
);
591 } while (ret
&& bytesAvailable
);
594 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
595 if (!pObject
->rgBlob
)
597 CryptMemFree(object
.pbData
);
598 SetLastError(ERROR_OUTOFMEMORY
);
603 pObject
->rgBlob
[0].cbData
= object
.cbData
;
604 pObject
->rgBlob
[0].pbData
= object
.pbData
;
608 TRACE("returning %d\n", ret
);
612 static void CRYPT_CacheURL(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
613 DWORD dwRetrievalFlags
, FILETIME expires
)
615 WCHAR cacheFileName
[MAX_PATH
];
617 /* FIXME: let wininet directly cache instead */
618 if (CreateUrlCacheEntryW(pszURL
, pObject
->rgBlob
[0].cbData
, NULL
,
621 HANDLE hCacheFile
= CreateFileW(cacheFileName
, GENERIC_WRITE
, 0, NULL
,
622 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
624 if (hCacheFile
!= INVALID_HANDLE_VALUE
)
626 DWORD bytesWritten
, entryType
;
629 if (!(dwRetrievalFlags
& CRYPT_STICKY_CACHE_RETRIEVAL
))
630 entryType
= NORMAL_CACHE_ENTRY
;
632 entryType
= STICKY_CACHE_ENTRY
;
633 WriteFile(hCacheFile
, pObject
->rgBlob
[0].pbData
,
634 pObject
->rgBlob
[0].cbData
, &bytesWritten
, NULL
);
635 CloseHandle(hCacheFile
);
636 CommitUrlCacheEntryW(pszURL
, cacheFileName
, expires
, ft
, entryType
,
637 NULL
, 0, NULL
, NULL
);
642 static void CALLBACK
CRYPT_InetStatusCallback(HINTERNET hInt
,
643 DWORD_PTR dwContext
, DWORD status
, void *statusInfo
, DWORD statusInfoLen
)
645 struct InetContext
*context
= (struct InetContext
*)dwContext
;
646 LPINTERNET_ASYNC_RESULT result
;
650 case INTERNET_STATUS_REQUEST_COMPLETE
:
651 result
= (LPINTERNET_ASYNC_RESULT
)statusInfo
;
652 context
->error
= result
->dwError
;
653 SetEvent(context
->event
);
657 static BOOL
CRYPT_Connect(URL_COMPONENTSW
*components
,
658 struct InetContext
*context
, PCRYPT_CREDENTIALS pCredentials
,
659 HINTERNET
*phInt
, HINTERNET
*phHost
)
663 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components
->lpszHostName
),
664 components
->nPort
, context
, pCredentials
, phInt
, phInt
);
667 *phInt
= InternetOpenW(NULL
, INTERNET_OPEN_TYPE_DIRECT
, NULL
, NULL
,
668 context
? INTERNET_FLAG_ASYNC
: 0);
674 InternetSetStatusCallbackW(*phInt
, CRYPT_InetStatusCallback
);
675 switch (components
->nScheme
)
677 case INTERNET_SCHEME_FTP
:
678 service
= INTERNET_SERVICE_FTP
;
680 case INTERNET_SCHEME_HTTP
:
681 service
= INTERNET_SERVICE_HTTP
;
686 /* FIXME: use pCredentials for username/password */
687 *phHost
= InternetConnectW(*phInt
, components
->lpszHostName
,
688 components
->nPort
, NULL
, NULL
, service
, 0, (DWORD_PTR
)context
);
691 InternetCloseHandle(*phInt
);
700 TRACE("returning %d\n", ret
);
704 static BOOL WINAPI
FTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
705 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
706 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
707 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
708 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
710 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
711 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
712 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
715 pObject
->rgBlob
= NULL
;
716 *ppfnFreeObject
= CRYPT_FreeBlob
;
717 *ppvFreeContext
= NULL
;
721 static const WCHAR x509cacert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
722 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
723 static const WCHAR x509emailcert
[] = { 'a','p','p','l','i','c','a','t','i','o',
724 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
726 static const WCHAR x509servercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
727 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
729 static const WCHAR x509usercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
730 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
731 static const WCHAR pkcs7cert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
732 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
734 static const WCHAR pkixCRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
735 '/','p','k','i','x','-','c','r','l',0 };
736 static const WCHAR pkcs7CRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
737 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
738 static const WCHAR pkcs7sig
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
739 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
740 static const WCHAR pkcs7mime
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
741 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
743 static BOOL WINAPI
HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
744 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
745 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
746 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
747 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
751 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
752 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
753 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
756 pObject
->rgBlob
= NULL
;
757 *ppfnFreeObject
= CRYPT_FreeBlob
;
758 *ppvFreeContext
= NULL
;
760 if (!(dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
))
761 ret
= CRYPT_GetObjectFromCache(pszURL
, pObject
, pAuxInfo
);
762 if (!ret
&& (!(dwRetrievalFlags
& CRYPT_CACHE_ONLY_RETRIEVAL
) ||
763 (dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
)))
765 URL_COMPONENTSW components
;
767 if ((ret
= CRYPT_CrackUrl(pszURL
, &components
)))
769 HINTERNET hInt
, hHost
;
770 struct InetContext
*context
= NULL
;
773 context
= CRYPT_MakeInetContext(dwTimeout
);
774 ret
= CRYPT_Connect(&components
, context
, pCredentials
, &hInt
,
778 static LPCWSTR types
[] = { x509cacert
, x509emailcert
,
779 x509servercert
, x509usercert
, pkcs7cert
, pkixCRL
, pkcs7CRL
,
780 pkcs7sig
, pkcs7mime
, NULL
};
781 HINTERNET hHttp
= HttpOpenRequestW(hHost
, NULL
,
782 components
.lpszUrlPath
, NULL
, NULL
, types
,
783 INTERNET_FLAG_NO_COOKIES
| INTERNET_FLAG_NO_UI
,
790 InternetSetOptionW(hHttp
,
791 INTERNET_OPTION_RECEIVE_TIMEOUT
, &dwTimeout
,
793 InternetSetOptionW(hHttp
, INTERNET_OPTION_SEND_TIMEOUT
,
794 &dwTimeout
, sizeof(dwTimeout
));
796 ret
= HttpSendRequestExW(hHttp
, NULL
, NULL
, 0,
798 if (!ret
&& GetLastError() == ERROR_IO_PENDING
)
800 if (WaitForSingleObject(context
->event
,
801 context
->timeout
) == WAIT_TIMEOUT
)
802 SetLastError(ERROR_TIMEOUT
);
806 /* We don't set ret to TRUE in this block to avoid masking
807 * an error from HttpSendRequestExW.
809 if (!HttpEndRequestW(hHttp
, NULL
, 0, (DWORD_PTR
)context
) &&
810 GetLastError() == ERROR_IO_PENDING
)
812 if (WaitForSingleObject(context
->event
,
813 context
->timeout
) == WAIT_TIMEOUT
)
815 SetLastError(ERROR_TIMEOUT
);
820 ret
= CRYPT_DownloadObject(dwRetrievalFlags
, hHttp
,
821 context
, pObject
, pAuxInfo
);
822 if (ret
&& !(dwRetrievalFlags
& CRYPT_DONT_CACHE_RESULT
))
825 DWORD len
= sizeof(st
);
827 if (HttpQueryInfoW(hHttp
,
828 HTTP_QUERY_EXPIRES
| HTTP_QUERY_FLAG_SYSTEMTIME
, &st
,
833 SystemTimeToFileTime(&st
, &ft
);
834 CRYPT_CacheURL(pszURL
, pObject
, dwRetrievalFlags
,
838 InternetCloseHandle(hHttp
);
840 InternetCloseHandle(hHost
);
841 InternetCloseHandle(hInt
);
845 CloseHandle(context
->event
);
846 CryptMemFree(context
);
848 CryptMemFree(components
.lpszUrlPath
);
849 CryptMemFree(components
.lpszHostName
);
852 TRACE("returning %d\n", ret
);
856 static BOOL WINAPI
File_RetrieveEncodedObjectW(LPCWSTR pszURL
,
857 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
858 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
859 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
860 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
862 URL_COMPONENTSW components
= { sizeof(components
), 0 };
865 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
866 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
867 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
870 pObject
->rgBlob
= NULL
;
871 *ppfnFreeObject
= CRYPT_FreeBlob
;
872 *ppvFreeContext
= NULL
;
874 components
.dwUrlPathLength
= 1;
875 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, &components
);
880 /* 3 == lstrlenW(L"c:") + 1 */
881 path
= CryptMemAlloc((components
.dwUrlPathLength
+ 3) * sizeof(WCHAR
));
886 /* Try to create the file directly - Wine handles / in pathnames */
887 lstrcpynW(path
, components
.lpszUrlPath
,
888 components
.dwUrlPathLength
+ 1);
889 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
890 FILE_ATTRIBUTE_NORMAL
, NULL
);
891 if (hFile
== INVALID_HANDLE_VALUE
)
893 /* Try again on the current drive */
894 GetCurrentDirectoryW(components
.dwUrlPathLength
, path
);
897 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
898 components
.dwUrlPathLength
+ 1);
899 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
900 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
902 if (hFile
== INVALID_HANDLE_VALUE
)
904 /* Try again on the Windows drive */
905 GetWindowsDirectoryW(path
, components
.dwUrlPathLength
);
908 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
909 components
.dwUrlPathLength
+ 1);
910 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
911 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
915 if (hFile
!= INVALID_HANDLE_VALUE
)
917 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
919 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
920 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
921 pLastSyncTime
) + sizeof(PFILETIME
) &&
922 pAuxInfo
->pLastSyncTime
)
923 GetFileTime(hFile
, NULL
, NULL
,
924 pAuxInfo
->pLastSyncTime
);
936 typedef BOOL (WINAPI
*SchemeDllRetrieveEncodedObjectW
)(LPCWSTR pwszUrl
,
937 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
938 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
939 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
940 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
);
942 static BOOL
CRYPT_GetRetrieveFunction(LPCWSTR pszURL
,
943 SchemeDllRetrieveEncodedObjectW
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
945 URL_COMPONENTSW components
= { sizeof(components
), 0 };
948 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pFunc
, phFunc
);
952 components
.dwSchemeLength
= 1;
953 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, &components
);
956 /* Microsoft always uses CryptInitOIDFunctionSet/
957 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
958 * reason to do so for builtin schemes.
960 switch (components
.nScheme
)
962 case INTERNET_SCHEME_FTP
:
963 *pFunc
= FTP_RetrieveEncodedObjectW
;
965 case INTERNET_SCHEME_HTTP
:
966 *pFunc
= HTTP_RetrieveEncodedObjectW
;
968 case INTERNET_SCHEME_FILE
:
969 *pFunc
= File_RetrieveEncodedObjectW
;
973 int len
= WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
974 components
.dwSchemeLength
, NULL
, 0, NULL
, NULL
);
978 LPSTR scheme
= CryptMemAlloc(len
);
982 static HCRYPTOIDFUNCSET set
= NULL
;
985 set
= CryptInitOIDFunctionSet(
986 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC
, 0);
987 WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
988 components
.dwSchemeLength
, scheme
, len
, NULL
, NULL
);
989 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
,
990 scheme
, 0, (void **)pFunc
, phFunc
);
991 CryptMemFree(scheme
);
995 SetLastError(ERROR_OUTOFMEMORY
);
1004 TRACE("returning %d\n", ret
);
1008 static BOOL WINAPI
CRYPT_CreateBlob(LPCSTR pszObjectOid
,
1009 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1012 CRYPT_BLOB_ARRAY
*context
;
1015 size
= sizeof(CRYPT_BLOB_ARRAY
) + pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1016 for (i
= 0; i
< pObject
->cBlob
; i
++)
1017 size
+= pObject
->rgBlob
[i
].cbData
;
1018 context
= CryptMemAlloc(size
);
1025 (CRYPT_DATA_BLOB
*)((LPBYTE
)context
+ sizeof(CRYPT_BLOB_ARRAY
));
1027 (LPBYTE
)context
->rgBlob
+ pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1028 for (i
= 0; i
< pObject
->cBlob
; i
++)
1030 memcpy(nextData
, pObject
->rgBlob
[i
].pbData
,
1031 pObject
->rgBlob
[i
].cbData
);
1032 context
->rgBlob
[i
].pbData
= nextData
;
1033 context
->rgBlob
[i
].cbData
= pObject
->rgBlob
[i
].cbData
;
1034 nextData
+= pObject
->rgBlob
[i
].cbData
;
1037 *ppvContext
= context
;
1043 typedef BOOL (WINAPI
*AddContextToStore
)(HCERTSTORE hCertStore
,
1044 const void *pContext
, DWORD dwAddDisposition
, const void **ppStoreContext
);
1046 static BOOL
CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject
,
1047 DWORD dwExpectedContentTypeFlags
, AddContextToStore addFunc
, void **ppvContext
)
1051 if (!pObject
->cBlob
)
1053 SetLastError(ERROR_INVALID_DATA
);
1057 else if (pObject
->cBlob
== 1)
1059 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1060 dwExpectedContentTypeFlags
, CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
,
1061 NULL
, NULL
, NULL
, NULL
, (const void **)ppvContext
))
1063 SetLastError(CRYPT_E_NO_MATCH
);
1069 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1070 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1075 const void *context
;
1077 for (i
= 0; i
< pObject
->cBlob
; i
++)
1079 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1080 &pObject
->rgBlob
[i
], dwExpectedContentTypeFlags
,
1081 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, NULL
, NULL
, NULL
,
1084 if (!addFunc(store
, context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1089 SetLastError(CRYPT_E_NO_MATCH
);
1096 *ppvContext
= store
;
1101 static BOOL WINAPI
CRYPT_CreateCert(LPCSTR pszObjectOid
,
1102 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1104 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CERT
,
1105 (AddContextToStore
)CertAddCertificateContextToStore
, ppvContext
);
1108 static BOOL WINAPI
CRYPT_CreateCRL(LPCSTR pszObjectOid
,
1109 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1111 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CRL
,
1112 (AddContextToStore
)CertAddCRLContextToStore
, ppvContext
);
1115 static BOOL WINAPI
CRYPT_CreateCTL(LPCSTR pszObjectOid
,
1116 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1118 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CTL
,
1119 (AddContextToStore
)CertAddCTLContextToStore
, ppvContext
);
1122 static BOOL WINAPI
CRYPT_CreatePKCS7(LPCSTR pszObjectOid
,
1123 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1127 if (!pObject
->cBlob
)
1129 SetLastError(ERROR_INVALID_DATA
);
1133 else if (pObject
->cBlob
== 1)
1134 ret
= CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1135 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1136 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
, CERT_QUERY_FORMAT_FLAG_BINARY
,
1137 0, NULL
, NULL
, NULL
, (HCERTSTORE
*)ppvContext
, NULL
, NULL
);
1140 FIXME("multiple messages unimplemented\n");
1146 static BOOL WINAPI
CRYPT_CreateAny(LPCSTR pszObjectOid
,
1147 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1151 if (!pObject
->cBlob
)
1153 SetLastError(ERROR_INVALID_DATA
);
1159 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
1160 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1164 HCERTSTORE memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1165 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1169 CertAddStoreToCollection(store
, memStore
,
1170 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
1171 CertCloseStore(memStore
, 0);
1175 CertCloseStore(store
, 0);
1184 for (i
= 0; i
< pObject
->cBlob
; i
++)
1186 DWORD contentType
, expectedContentTypes
=
1187 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1188 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
|
1189 CERT_QUERY_CONTENT_FLAG_CERT
|
1190 CERT_QUERY_CONTENT_FLAG_CRL
|
1191 CERT_QUERY_CONTENT_FLAG_CTL
;
1192 HCERTSTORE contextStore
;
1193 const void *context
;
1195 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1196 &pObject
->rgBlob
[i
], expectedContentTypes
,
1197 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, &contentType
, NULL
,
1198 &contextStore
, NULL
, &context
))
1200 switch (contentType
)
1202 case CERT_QUERY_CONTENT_CERT
:
1203 if (!CertAddCertificateContextToStore(store
,
1204 (PCCERT_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1207 case CERT_QUERY_CONTENT_CRL
:
1208 if (!CertAddCRLContextToStore(store
,
1209 (PCCRL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1212 case CERT_QUERY_CONTENT_CTL
:
1213 if (!CertAddCTLContextToStore(store
,
1214 (PCCTL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1218 CertAddStoreToCollection(store
, contextStore
, 0, 0);
1227 *ppvContext
= store
;
1232 typedef BOOL (WINAPI
*ContextDllCreateObjectContext
)(LPCSTR pszObjectOid
,
1233 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
);
1235 static BOOL
CRYPT_GetCreateFunction(LPCSTR pszObjectOid
,
1236 ContextDllCreateObjectContext
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
1240 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid
), pFunc
, phFunc
);
1244 if (!HIWORD(pszObjectOid
))
1246 switch (LOWORD(pszObjectOid
))
1249 *pFunc
= CRYPT_CreateBlob
;
1251 case LOWORD(CONTEXT_OID_CERTIFICATE
):
1252 *pFunc
= CRYPT_CreateCert
;
1254 case LOWORD(CONTEXT_OID_CRL
):
1255 *pFunc
= CRYPT_CreateCRL
;
1257 case LOWORD(CONTEXT_OID_CTL
):
1258 *pFunc
= CRYPT_CreateCTL
;
1260 case LOWORD(CONTEXT_OID_PKCS7
):
1261 *pFunc
= CRYPT_CreatePKCS7
;
1263 case LOWORD(CONTEXT_OID_CAPI2_ANY
):
1264 *pFunc
= CRYPT_CreateAny
;
1270 static HCRYPTOIDFUNCSET set
= NULL
;
1273 set
= CryptInitOIDFunctionSet(
1274 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC
, 0);
1275 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszObjectOid
,
1276 0, (void **)pFunc
, phFunc
);
1278 TRACE("returning %d\n", ret
);
1282 /***********************************************************************
1283 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1285 BOOL WINAPI
CryptRetrieveObjectByUrlW(LPCWSTR pszURL
, LPCSTR pszObjectOid
,
1286 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
1287 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
1288 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
1291 SchemeDllRetrieveEncodedObjectW retrieve
;
1292 ContextDllCreateObjectContext create
;
1293 HCRYPTOIDFUNCADDR hRetrieve
= 0, hCreate
= 0;
1295 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
1296 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
1297 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
1301 SetLastError(ERROR_INVALID_PARAMETER
);
1304 ret
= CRYPT_GetRetrieveFunction(pszURL
, &retrieve
, &hRetrieve
);
1306 ret
= CRYPT_GetCreateFunction(pszObjectOid
, &create
, &hCreate
);
1309 CRYPT_BLOB_ARRAY object
= { 0, NULL
};
1310 PFN_FREE_ENCODED_OBJECT_FUNC freeObject
;
1313 ret
= retrieve(pszURL
, pszObjectOid
, dwRetrievalFlags
, dwTimeout
,
1314 &object
, &freeObject
, &freeContext
, hAsyncRetrieve
, pCredentials
,
1318 ret
= create(pszObjectOid
, dwRetrievalFlags
, &object
, ppvObject
);
1319 freeObject(pszObjectOid
, &object
, freeContext
);
1323 CryptFreeOIDFunctionAddress(hCreate
, 0);
1325 CryptFreeOIDFunctionAddress(hRetrieve
, 0);
1326 TRACE("returning %d\n", ret
);
1330 typedef struct _OLD_CERT_REVOCATION_STATUS
{
1335 } OLD_CERT_REVOCATION_STATUS
, *POLD_CERT_REVOCATION_STATUS
;
1337 /***********************************************************************
1338 * CertDllVerifyRevocation (CRYPTNET.@)
1340 BOOL WINAPI
CertDllVerifyRevocation(DWORD dwEncodingType
, DWORD dwRevType
,
1341 DWORD cContext
, PVOID rgpvContext
[], DWORD dwFlags
,
1342 PCERT_REVOCATION_PARA pRevPara
, PCERT_REVOCATION_STATUS pRevStatus
)
1347 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType
, dwRevType
,
1348 cContext
, rgpvContext
, dwFlags
, pRevPara
, pRevStatus
);
1350 if (pRevStatus
->cbSize
!= sizeof(OLD_CERT_REVOCATION_STATUS
) &&
1351 pRevStatus
->cbSize
!= sizeof(CERT_REVOCATION_STATUS
))
1353 SetLastError(E_INVALIDARG
);
1356 memset(&pRevStatus
->dwIndex
, 0, pRevStatus
->cbSize
- sizeof(DWORD
));
1357 if (dwRevType
!= CERT_CONTEXT_REVOCATION_TYPE
)
1359 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1365 for (i
= 0; ret
&& i
< cContext
; i
++)
1369 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1370 rgpvContext
[i
], 0, NULL
, &cbUrlArray
, NULL
, NULL
, NULL
);
1371 if (!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
)
1373 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1374 pRevStatus
->dwIndex
= i
;
1378 CRYPT_URL_ARRAY
*urlArray
= CryptMemAlloc(cbUrlArray
);
1382 DWORD j
, retrievalFlags
= 0, startTime
, endTime
, timeout
;
1384 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1385 rgpvContext
[i
], 0, urlArray
, &cbUrlArray
, NULL
, NULL
,
1387 if (dwFlags
& CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION
)
1388 retrievalFlags
|= CRYPT_CACHE_ONLY_RETRIEVAL
;
1389 if (dwFlags
& CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG
&&
1390 pRevPara
->cbSize
>= offsetof(CERT_REVOCATION_PARA
,
1391 dwUrlRetrievalTimeout
) + sizeof(DWORD
))
1393 startTime
= GetTickCount();
1394 endTime
= startTime
+ pRevPara
->dwUrlRetrievalTimeout
;
1395 timeout
= pRevPara
->dwUrlRetrievalTimeout
;
1398 endTime
= timeout
= 0;
1399 for (j
= 0; ret
&& j
< urlArray
->cUrl
; j
++)
1403 ret
= CryptRetrieveObjectByUrlW(urlArray
->rgwszUrl
[j
],
1404 CONTEXT_OID_CRL
, retrievalFlags
, timeout
,
1405 (void **)&crl
, NULL
, NULL
, NULL
, NULL
);
1408 PCRL_ENTRY entry
= NULL
;
1410 CertFindCertificateInCRL(
1411 (PCCERT_CONTEXT
)rgpvContext
[i
], crl
, 0, NULL
,
1415 error
= CRYPT_E_REVOKED
;
1416 pRevStatus
->dwIndex
= i
;
1421 DWORD time
= GetTickCount();
1423 if ((int)(endTime
- time
) <= 0)
1425 error
= ERROR_TIMEOUT
;
1426 pRevStatus
->dwIndex
= i
;
1430 timeout
= endTime
- time
;
1432 CertFreeCRLContext(crl
);
1435 error
= CRYPT_E_REVOCATION_OFFLINE
;
1437 CryptMemFree(urlArray
);
1441 error
= ERROR_OUTOFMEMORY
;
1442 pRevStatus
->dwIndex
= i
;
1447 pRevStatus
->dwIndex
= i
;
1453 SetLastError(error
);
1454 pRevStatus
->dwError
= error
;
1456 TRACE("returning %d (%08x)\n", ret
, error
);