search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
push 3de9b6d6ec9c4ab8dfeeb76c2f7fb86ab1d5c9a7
[wine/hacks.git] / dlls / cryptnet / cryptnet_main.c
blobb83adb850e316e3e9716711601477f2b728ebf95
1 /*
2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 *
19 */
20
21 #include "config.h"
22 #include "wine/port.h"
23 #include <stdio.h>
24
25 #define NONAMELESSUNION
26
27 #include "windef.h"
28 #include "wine/debug.h"
29 #include "winbase.h"
30 #include "winnt.h"
31 #include "winnls.h"
32 #include "wininet.h"
33 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
34 #include "wincrypt.h"
35
36 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet);
37
38 BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
39 {
40 TRACE("(0x%p, %d, %p)\n", hinstDLL, fdwReason, lpvReserved);
41
42 switch (fdwReason) {
43 case DLL_PROCESS_ATTACH:
44 DisableThreadLibraryCalls(hinstDLL);
45 break;
46 case DLL_PROCESS_DETACH:
47 /* Do uninitialisation here */
48 break;
49 default: break;
50 }
51 return TRUE;
52 }
53
54 static const WCHAR cryptNet[] = { 'c','r','y','p','t','n','e','t','.',
55 'd','l','l',0 };
56 static const WCHAR ldapProvOpenStore[] = { 'L','d','a','p','P','r','o','v',
57 'O','p','e','S','t','o','r','e',0 };
58
59 /***********************************************************************
60 * DllRegisterServer (CRYPTNET.@)
61 */
62 HRESULT WINAPI DllRegisterServer(void)
63 {
64 TRACE("\n");
65 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING,
66 CRYPT_OID_VERIFY_REVOCATION_FUNC, 0, cryptNet);
67 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap",
68 cryptNet, "LdapProvOpenStore");
69 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
70 CERT_STORE_PROV_LDAP_W, cryptNet, "LdapProvOpenStore");
71 return S_OK;
72 }
73
74 /***********************************************************************
75 * DllUnregisterServer (CRYPTNET.@)
76 */
77 HRESULT WINAPI DllUnregisterServer(void)
78 {
79 TRACE("\n");
80 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING,
81 CRYPT_OID_VERIFY_REVOCATION_FUNC, cryptNet);
82 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap");
83 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
84 CERT_STORE_PROV_LDAP_W);
85 return S_OK;
86 }
87
88 static const char *url_oid_to_str(LPCSTR oid)
89 {
90 if (HIWORD(oid))
91 return oid;
92 else
93 {
94 static char buf[10];
95
96 switch (LOWORD(oid))
97 {
98 #define _x(oid) case LOWORD(oid): return #oid
99 _x(URL_OID_CERTIFICATE_ISSUER);
100 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT);
101 _x(URL_OID_CTL_ISSUER);
102 _x(URL_OID_CTL_NEXT_UPDATE);
103 _x(URL_OID_CRL_ISSUER);
104 _x(URL_OID_CERTIFICATE_FRESHEST_CRL);
105 _x(URL_OID_CRL_FRESHEST_CRL);
106 _x(URL_OID_CROSS_CERT_DIST_POINT);
107 #undef _x
108 default:
109 snprintf(buf, sizeof(buf), "%d", LOWORD(oid));
110 return buf;
111 }
112 }
113 }
114
115 typedef BOOL (WINAPI *UrlDllGetObjectUrlFunc)(LPCSTR, LPVOID, DWORD,
116 PCRYPT_URL_ARRAY, DWORD *, PCRYPT_URL_INFO, DWORD *, LPVOID);
117
118 static BOOL WINAPI CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid,
119 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
120 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
121 {
122 /* FIXME: This depends on the AIA (authority info access) extension being
123 * supported in crypt32.
124 */
125 FIXME("\n");
126 SetLastError(CRYPT_E_NOT_FOUND);
127 return FALSE;
128 }
129
130 static BOOL WINAPI CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid,
131 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
132 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
133 {
134 PCCERT_CONTEXT cert = (PCCERT_CONTEXT)pvPara;
135 PCERT_EXTENSION ext;
136 BOOL ret = FALSE;
137
138 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
139 if (dwFlags && !(dwFlags & CRYPT_GET_URL_FROM_EXTENSION))
140 {
141 SetLastError(CRYPT_E_NOT_FOUND);
142 return FALSE;
143 }
144 if ((ext = CertFindExtension(szOID_CRL_DIST_POINTS,
145 cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
146 {
147 CRL_DIST_POINTS_INFO *info;
148 DWORD size;
149
150 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CRL_DIST_POINTS,
151 ext->Value.pbData, ext->Value.cbData, CRYPT_DECODE_ALLOC_FLAG, NULL,
152 &info, &size);
153 if (ret)
154 {
155 DWORD i, cUrl, bytesNeeded = sizeof(CRYPT_URL_ARRAY);
156
157 for (i = 0, cUrl = 0; i < info->cDistPoint; i++)
158 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
159 == CRL_DIST_POINT_FULL_NAME)
160 {
161 DWORD j;
162 CERT_ALT_NAME_INFO *name =
163 &info->rgDistPoint[i].DistPointName.u.FullName;
164
165 for (j = 0; j < name->cAltEntry; j++)
166 if (name->rgAltEntry[j].dwAltNameChoice ==
167 CERT_ALT_NAME_URL)
168 {
169 if (name->rgAltEntry[j].u.pwszURL)
170 {
171 cUrl++;
172 bytesNeeded += sizeof(LPWSTR) +
173 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1)
174 * sizeof(WCHAR);
175 }
176 }
177 }
178 if (!pcbUrlArray)
179 {
180 SetLastError(E_INVALIDARG);
181 ret = FALSE;
182 }
183 else if (!pUrlArray)
184 *pcbUrlArray = bytesNeeded;
185 else if (*pcbUrlArray < bytesNeeded)
186 {
187 SetLastError(ERROR_MORE_DATA);
188 *pcbUrlArray = bytesNeeded;
189 ret = FALSE;
190 }
191 else
192 {
193 LPWSTR nextUrl;
194
195 *pcbUrlArray = bytesNeeded;
196 pUrlArray->cUrl = 0;
197 pUrlArray->rgwszUrl =
198 (LPWSTR *)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY));
199 nextUrl = (LPWSTR)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY)
200 + cUrl * sizeof(LPWSTR));
201 for (i = 0; i < info->cDistPoint; i++)
202 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
203 == CRL_DIST_POINT_FULL_NAME)
204 {
205 DWORD j;
206 CERT_ALT_NAME_INFO *name =
207 &info->rgDistPoint[i].DistPointName.u.FullName;
208
209 for (j = 0; j < name->cAltEntry; j++)
210 if (name->rgAltEntry[j].dwAltNameChoice ==
211 CERT_ALT_NAME_URL)
212 {
213 if (name->rgAltEntry[j].u.pwszURL)
214 {
215 lstrcpyW(nextUrl,
216 name->rgAltEntry[j].u.pwszURL);
217 pUrlArray->rgwszUrl[pUrlArray->cUrl++] =
218 nextUrl;
219 nextUrl +=
220 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1)
221 * sizeof(WCHAR);
222 }
223 }
224 }
225 }
226 if (ret)
227 {
228 if (pcbUrlInfo)
229 {
230 FIXME("url info: stub\n");
231 if (!pUrlInfo)
232 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
233 else if (*pcbUrlInfo < sizeof(CRYPT_URL_INFO))
234 {
235 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
236 SetLastError(ERROR_MORE_DATA);
237 ret = FALSE;
238 }
239 else
240 {
241 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
242 memset(pUrlInfo, 0, sizeof(CRYPT_URL_INFO));
243 }
244 }
245 }
246 LocalFree(info);
247 }
248 }
249 else
250 SetLastError(CRYPT_E_NOT_FOUND);
251 return ret;
252 }
253
254 /***********************************************************************
255 * CryptGetObjectUrl (CRYPTNET.@)
256 */
257 BOOL WINAPI CryptGetObjectUrl(LPCSTR pszUrlOid, LPVOID pvPara, DWORD dwFlags,
258 PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray, PCRYPT_URL_INFO pUrlInfo,
259 DWORD *pcbUrlInfo, LPVOID pvReserved)
260 {
261 UrlDllGetObjectUrlFunc func = NULL;
262 HCRYPTOIDFUNCADDR hFunc = NULL;
263 BOOL ret = FALSE;
264
265 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid),
266 pvPara, dwFlags, pUrlArray, pcbUrlArray, pUrlInfo, pcbUrlInfo, pvReserved);
267
268 if (!HIWORD(pszUrlOid))
269 {
270 switch (LOWORD(pszUrlOid))
271 {
272 case LOWORD(URL_OID_CERTIFICATE_ISSUER):
273 func = CRYPT_GetUrlFromCertificateIssuer;
274 break;
275 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT):
276 func = CRYPT_GetUrlFromCertificateCRLDistPoint;
277 break;
278 default:
279 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid));
280 SetLastError(ERROR_FILE_NOT_FOUND);
281 }
282 }
283 else
284 {
285 static HCRYPTOIDFUNCSET set = NULL;
286
287 if (!set)
288 set = CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC, 0);
289 CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszUrlOid, 0,
290 (void **)&func, &hFunc);
291 }
292 if (func)
293 ret = func(pszUrlOid, pvPara, dwFlags, pUrlArray, pcbUrlArray,
294 pUrlInfo, pcbUrlInfo, pvReserved);
295 if (hFunc)
296 CryptFreeOIDFunctionAddress(hFunc, 0);
297 return ret;
298 }
299
300 /***********************************************************************
301 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
302 */
303 BOOL WINAPI CryptRetrieveObjectByUrlA(LPCSTR pszURL, LPCSTR pszObjectOid,
304 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
305 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
306 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
307 {
308 BOOL ret = FALSE;
309 int len;
310
311 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL),
312 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
313 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
314
315 if (!pszURL)
316 {
317 SetLastError(ERROR_INVALID_PARAMETER);
318 return FALSE;
319 }
320 len = MultiByteToWideChar(CP_ACP, 0, pszURL, -1, NULL, 0);
321 if (len)
322 {
323 LPWSTR url = CryptMemAlloc(len * sizeof(WCHAR));
324
325 if (url)
326 {
327 MultiByteToWideChar(CP_ACP, 0, pszURL, -1, url, len);
328 ret = CryptRetrieveObjectByUrlW(url, pszObjectOid,
329 dwRetrievalFlags, dwTimeout, ppvObject, hAsyncRetrieve,
330 pCredentials, pvVerify, pAuxInfo);
331 CryptMemFree(url);
332 }
333 else
334 SetLastError(ERROR_OUTOFMEMORY);
335 }
336 return ret;
337 }
338
339 static void WINAPI CRYPT_FreeBlob(LPCSTR pszObjectOid,
340 PCRYPT_BLOB_ARRAY pObject, void *pvFreeContext)
341 {
342 DWORD i;
343
344 for (i = 0; i < pObject->cBlob; i++)
345 CryptMemFree(pObject->rgBlob[i].pbData);
346 CryptMemFree(pObject->rgBlob);
347 }
348
349 static BOOL CRYPT_GetObjectFromFile(HANDLE hFile, PCRYPT_BLOB_ARRAY pObject)
350 {
351 BOOL ret;
352 LARGE_INTEGER size;
353
354 if ((ret = GetFileSizeEx(hFile, &size)))
355 {
356 if (size.HighPart)
357 {
358 WARN("file too big\n");
359 SetLastError(ERROR_INVALID_DATA);
360 ret = FALSE;
361 }
362 else
363 {
364 CRYPT_DATA_BLOB blob;
365
366 blob.pbData = CryptMemAlloc(size.LowPart);
367 if (blob.pbData)
368 {
369 blob.cbData = size.LowPart;
370 ret = ReadFile(hFile, blob.pbData, size.LowPart, &blob.cbData,
371 NULL);
372 if (ret)
373 {
374 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
375 if (pObject->rgBlob)
376 {
377 pObject->cBlob = 1;
378 memcpy(pObject->rgBlob, &blob, sizeof(CRYPT_DATA_BLOB));
379 }
380 else
381 {
382 SetLastError(ERROR_OUTOFMEMORY);
383 ret = FALSE;
384 }
385 }
386 if (!ret)
387 CryptMemFree(blob.pbData);
388 }
389 else
390 {
391 SetLastError(ERROR_OUTOFMEMORY);
392 ret = FALSE;
393 }
394 }
395 }
396 return ret;
397 }
398
399 /* FIXME: should make wininet cache all downloads instead */
400 static BOOL CRYPT_GetObjectFromCache(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
401 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
402 {
403 BOOL ret = FALSE;
404 INTERNET_CACHE_ENTRY_INFOW cacheInfo = { sizeof(cacheInfo), 0 };
405 DWORD size = sizeof(cacheInfo);
406
407 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pObject, pAuxInfo);
408
409 if (GetUrlCacheEntryInfoW(pszURL, &cacheInfo, &size) ||
410 GetLastError() == ERROR_INSUFFICIENT_BUFFER)
411 {
412 FILETIME ft;
413
414 GetSystemTimeAsFileTime(&ft);
415 if (CompareFileTime(&cacheInfo.ExpireTime, &ft) >= 0)
416 {
417 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo = CryptMemAlloc(size);
418
419 if (pCacheInfo)
420 {
421 if (GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size))
422 {
423 HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
424 GENERIC_READ, 0, NULL, OPEN_EXISTING,
425 FILE_ATTRIBUTE_NORMAL, NULL);
426
427 if (hFile != INVALID_HANDLE_VALUE)
428 {
429 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
430 {
431 if (pAuxInfo && pAuxInfo->cbSize >=
432 offsetof(CRYPT_RETRIEVE_AUX_INFO,
433 pLastSyncTime) + sizeof(PFILETIME) &&
434 pAuxInfo->pLastSyncTime)
435 memcpy(pAuxInfo->pLastSyncTime,
436 &pCacheInfo->LastSyncTime,
437 sizeof(FILETIME));
438 }
439 CloseHandle(hFile);
440 }
441 }
442 CryptMemFree(pCacheInfo);
443 }
444 else
445 SetLastError(ERROR_OUTOFMEMORY);
446 }
447 else
448 DeleteUrlCacheEntryW(pszURL);
449 }
450 TRACE("returning %d\n", ret);
451 return ret;
452 }
453
454 static inline LPWSTR strndupW(LPWSTR string, int len)
455 {
456 LPWSTR ret = NULL;
457 if (string && (ret = CryptMemAlloc((len + 1) * sizeof(WCHAR))) != NULL)
458 {
459 memcpy(ret, string, len * sizeof(WCHAR));
460 ret[len] = 0;
461 }
462 return ret;
463 }
464
465 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
466 * to NULL-terminated copies of those portions of the URL (to be freed with
467 * CryptMemFree.)
468 */
469 static BOOL CRYPT_CrackUrl(LPCWSTR pszURL, URL_COMPONENTSW *components)
470 {
471 BOOL ret;
472
473 TRACE("(%s, %p)\n", debugstr_w(pszURL), components);
474
475 memset(components, 0, sizeof(*components));
476 components->dwStructSize = sizeof(*components);
477 components->dwHostNameLength = 1;
478 components->dwUrlPathLength = 1;
479 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, components);
480 if (ret)
481 {
482 LPWSTR hostname = strndupW(components->lpszHostName,
483 components->dwHostNameLength);
484 LPWSTR path = strndupW(components->lpszUrlPath,
485 components->dwUrlPathLength);
486
487 components->lpszHostName = hostname;
488 components->lpszUrlPath = path;
489 switch (components->nScheme)
490 {
491 case INTERNET_SCHEME_FTP:
492 if (!components->nPort)
493 components->nPort = INTERNET_DEFAULT_FTP_PORT;
494 break;
495 case INTERNET_SCHEME_HTTP:
496 if (!components->nPort)
497 components->nPort = INTERNET_DEFAULT_HTTP_PORT;
498 break;
499 default:
500 ; /* do nothing */
501 }
502 }
503 TRACE("returning %d\n", ret);
504 return ret;
505 }
506
507 struct InetContext
508 {
509 HANDLE event;
510 DWORD timeout;
511 DWORD error;
512 };
513
514 static struct InetContext *CRYPT_MakeInetContext(DWORD dwTimeout)
515 {
516 struct InetContext *context = CryptMemAlloc(sizeof(struct InetContext));
517
518 if (context)
519 {
520 context->event = CreateEventW(NULL, FALSE, FALSE, NULL);
521 if (!context->event)
522 {
523 CryptMemFree(context);
524 context = NULL;
525 }
526 else
527 {
528 context->timeout = dwTimeout;
529 context->error = ERROR_SUCCESS;
530 }
531 }
532 return context;
533 }
534
535 static BOOL CRYPT_DownloadObject(DWORD dwRetrievalFlags, HINTERNET hHttp,
536 struct InetContext *context, PCRYPT_BLOB_ARRAY pObject,
537 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
538 {
539 CRYPT_DATA_BLOB object = { 0, NULL };
540 DWORD bytesAvailable;
541 BOOL ret;
542
543 do {
544 if ((ret = InternetQueryDataAvailable(hHttp, &bytesAvailable, 0, 0)))
545 {
546 if (bytesAvailable)
547 {
548 if (object.pbData)
549 object.pbData = CryptMemRealloc(object.pbData,
550 object.cbData + bytesAvailable);
551 else
552 object.pbData = CryptMemAlloc(bytesAvailable);
553 if (object.pbData)
554 {
555 INTERNET_BUFFERSA buffer = { sizeof(buffer), 0 };
556
557 buffer.dwBufferLength = bytesAvailable;
558 buffer.lpvBuffer = object.pbData + object.cbData;
559 if (!(ret = InternetReadFileExA(hHttp, &buffer, IRF_NO_WAIT,
560 (DWORD_PTR)context)))
561 {
562 if (GetLastError() == ERROR_IO_PENDING)
563 {
564 if (WaitForSingleObject(context->event,
565 context->timeout) == WAIT_TIMEOUT)
566 SetLastError(ERROR_TIMEOUT);
567 else if (context->error)
568 SetLastError(context->error);
569 else
570 ret = TRUE;
571 }
572 }
573 if (ret)
574 object.cbData += bytesAvailable;
575 }
576 else
577 {
578 SetLastError(ERROR_OUTOFMEMORY);
579 ret = FALSE;
580 }
581 }
582 }
583 else if (GetLastError() == ERROR_IO_PENDING)
584 {
585 if (WaitForSingleObject(context->event, context->timeout) ==
586 WAIT_TIMEOUT)
587 SetLastError(ERROR_TIMEOUT);
588 else
589 ret = TRUE;
590 }
591 } while (ret && bytesAvailable);
592 if (ret)
593 {
594 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
595 if (!pObject->rgBlob)
596 {
597 CryptMemFree(object.pbData);
598 SetLastError(ERROR_OUTOFMEMORY);
599 ret = FALSE;
600 }
601 else
602 {
603 pObject->rgBlob[0].cbData = object.cbData;
604 pObject->rgBlob[0].pbData = object.pbData;
605 pObject->cBlob = 1;
606 }
607 }
608 TRACE("returning %d\n", ret);
609 return ret;
610 }
611
612 static void CRYPT_CacheURL(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
613 DWORD dwRetrievalFlags, FILETIME expires)
614 {
615 WCHAR cacheFileName[MAX_PATH];
616
617 /* FIXME: let wininet directly cache instead */
618 if (CreateUrlCacheEntryW(pszURL, pObject->rgBlob[0].cbData, NULL,
619 cacheFileName, 0))
620 {
621 HANDLE hCacheFile = CreateFileW(cacheFileName, GENERIC_WRITE, 0, NULL,
622 CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
623
624 if (hCacheFile != INVALID_HANDLE_VALUE)
625 {
626 DWORD bytesWritten, entryType;
627 FILETIME ft = { 0 };
628
629 if (!(dwRetrievalFlags & CRYPT_STICKY_CACHE_RETRIEVAL))
630 entryType = NORMAL_CACHE_ENTRY;
631 else
632 entryType = STICKY_CACHE_ENTRY;
633 WriteFile(hCacheFile, pObject->rgBlob[0].pbData,
634 pObject->rgBlob[0].cbData, &bytesWritten, NULL);
635 CloseHandle(hCacheFile);
636 CommitUrlCacheEntryW(pszURL, cacheFileName, expires, ft, entryType,
637 NULL, 0, NULL, NULL);
638 }
639 }
640 }
641
642 static void CALLBACK CRYPT_InetStatusCallback(HINTERNET hInt,
643 DWORD_PTR dwContext, DWORD status, void *statusInfo, DWORD statusInfoLen)
644 {
645 struct InetContext *context = (struct InetContext *)dwContext;
646 LPINTERNET_ASYNC_RESULT result;
647
648 switch (status)
649 {
650 case INTERNET_STATUS_REQUEST_COMPLETE:
651 result = (LPINTERNET_ASYNC_RESULT)statusInfo;
652 context->error = result->dwError;
653 SetEvent(context->event);
654 }
655 }
656
657 static BOOL CRYPT_Connect(URL_COMPONENTSW *components,
658 struct InetContext *context, PCRYPT_CREDENTIALS pCredentials,
659 HINTERNET *phInt, HINTERNET *phHost)
660 {
661 BOOL ret;
662
663 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components->lpszHostName),
664 components->nPort, context, pCredentials, phInt, phInt);
665
666 *phHost = NULL;
667 *phInt = InternetOpenW(NULL, INTERNET_OPEN_TYPE_DIRECT, NULL, NULL,
668 context ? INTERNET_FLAG_ASYNC : 0);
669 if (*phInt)
670 {
671 DWORD service;
672
673 if (context)
674 InternetSetStatusCallbackW(*phInt, CRYPT_InetStatusCallback);
675 switch (components->nScheme)
676 {
677 case INTERNET_SCHEME_FTP:
678 service = INTERNET_SERVICE_FTP;
679 break;
680 case INTERNET_SCHEME_HTTP:
681 service = INTERNET_SERVICE_HTTP;
682 break;
683 default:
684 service = 0;
685 }
686 /* FIXME: use pCredentials for username/password */
687 *phHost = InternetConnectW(*phInt, components->lpszHostName,
688 components->nPort, NULL, NULL, service, 0, (DWORD_PTR)context);
689 if (!*phHost)
690 {
691 InternetCloseHandle(*phInt);
692 *phInt = NULL;
693 ret = FALSE;
694 }
695 else
696 ret = TRUE;
697 }
698 else
699 ret = FALSE;
700 TRACE("returning %d\n", ret);
701 return ret;
702 }
703
704 static BOOL WINAPI FTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
705 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
706 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
707 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
708 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
709 {
710 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
711 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
712 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
713
714 pObject->cBlob = 0;
715 pObject->rgBlob = NULL;
716 *ppfnFreeObject = CRYPT_FreeBlob;
717 *ppvFreeContext = NULL;
718 return FALSE;
719 }
720
721 static const WCHAR x509cacert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
722 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
723 static const WCHAR x509emailcert[] = { 'a','p','p','l','i','c','a','t','i','o',
724 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
725 0 };
726 static const WCHAR x509servercert[] = { 'a','p','p','l','i','c','a','t','i','o',
727 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
728 't',0 };
729 static const WCHAR x509usercert[] = { 'a','p','p','l','i','c','a','t','i','o',
730 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
731 static const WCHAR pkcs7cert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
732 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
733 's',0 };
734 static const WCHAR pkixCRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
735 '/','p','k','i','x','-','c','r','l',0 };
736 static const WCHAR pkcs7CRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
737 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
738 static const WCHAR pkcs7sig[] = { 'a','p','p','l','i','c','a','t','i','o','n',
739 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
740 static const WCHAR pkcs7mime[] = { 'a','p','p','l','i','c','a','t','i','o','n',
741 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
742
743 static BOOL WINAPI HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
744 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
745 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
746 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
747 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
748 {
749 BOOL ret = FALSE;
750
751 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
752 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
753 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
754
755 pObject->cBlob = 0;
756 pObject->rgBlob = NULL;
757 *ppfnFreeObject = CRYPT_FreeBlob;
758 *ppvFreeContext = NULL;
759
760 if (!(dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL))
761 ret = CRYPT_GetObjectFromCache(pszURL, pObject, pAuxInfo);
762 if (!ret && (!(dwRetrievalFlags & CRYPT_CACHE_ONLY_RETRIEVAL) ||
763 (dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL)))
764 {
765 URL_COMPONENTSW components;
766
767 if ((ret = CRYPT_CrackUrl(pszURL, &components)))
768 {
769 HINTERNET hInt, hHost;
770 struct InetContext *context = NULL;
771
772 if (dwTimeout)
773 context = CRYPT_MakeInetContext(dwTimeout);
774 ret = CRYPT_Connect(&components, context, pCredentials, &hInt,
775 &hHost);
776 if (ret)
777 {
778 static LPCWSTR types[] = { x509cacert, x509emailcert,
779 x509servercert, x509usercert, pkcs7cert, pkixCRL, pkcs7CRL,
780 pkcs7sig, pkcs7mime, NULL };
781 HINTERNET hHttp = HttpOpenRequestW(hHost, NULL,
782 components.lpszUrlPath, NULL, NULL, types,
783 INTERNET_FLAG_NO_COOKIES | INTERNET_FLAG_NO_UI,
784 (DWORD_PTR)context);
785
786 if (hHttp)
787 {
788 if (dwTimeout)
789 {
790 InternetSetOptionW(hHttp,
791 INTERNET_OPTION_RECEIVE_TIMEOUT, &dwTimeout,
792 sizeof(dwTimeout));
793 InternetSetOptionW(hHttp, INTERNET_OPTION_SEND_TIMEOUT,
794 &dwTimeout, sizeof(dwTimeout));
795 }
796 ret = HttpSendRequestExW(hHttp, NULL, NULL, 0,
797 (DWORD_PTR)context);
798 if (!ret && GetLastError() == ERROR_IO_PENDING)
799 {
800 if (WaitForSingleObject(context->event,
801 context->timeout) == WAIT_TIMEOUT)
802 SetLastError(ERROR_TIMEOUT);
803 else
804 ret = TRUE;
805 }
806 /* We don't set ret to TRUE in this block to avoid masking
807 * an error from HttpSendRequestExW.
808 */
809 if (!HttpEndRequestW(hHttp, NULL, 0, (DWORD_PTR)context) &&
810 GetLastError() == ERROR_IO_PENDING)
811 {
812 if (WaitForSingleObject(context->event,
813 context->timeout) == WAIT_TIMEOUT)
814 {
815 SetLastError(ERROR_TIMEOUT);
816 ret = FALSE;
817 }
818 }
819 if (ret)
820 ret = CRYPT_DownloadObject(dwRetrievalFlags, hHttp,
821 context, pObject, pAuxInfo);
822 if (ret && !(dwRetrievalFlags & CRYPT_DONT_CACHE_RESULT))
823 {
824 SYSTEMTIME st;
825 DWORD len = sizeof(st);
826
827 if (HttpQueryInfoW(hHttp,
828 HTTP_QUERY_EXPIRES | HTTP_QUERY_FLAG_SYSTEMTIME, &st,
829 &len, NULL))
830 {
831 FILETIME ft;
832
833 SystemTimeToFileTime(&st, &ft);
834 CRYPT_CacheURL(pszURL, pObject, dwRetrievalFlags,
835 ft);
836 }
837 }
838 InternetCloseHandle(hHttp);
839 }
840 InternetCloseHandle(hHost);
841 InternetCloseHandle(hInt);
842 }
843 if (context)
844 {
845 CloseHandle(context->event);
846 CryptMemFree(context);
847 }
848 CryptMemFree(components.lpszUrlPath);
849 CryptMemFree(components.lpszHostName);
850 }
851 }
852 TRACE("returning %d\n", ret);
853 return ret;
854 }
855
856 static BOOL WINAPI File_RetrieveEncodedObjectW(LPCWSTR pszURL,
857 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
858 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
859 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
860 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
861 {
862 URL_COMPONENTSW components = { sizeof(components), 0 };
863 BOOL ret;
864
865 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
866 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
867 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
868
869 pObject->cBlob = 0;
870 pObject->rgBlob = NULL;
871 *ppfnFreeObject = CRYPT_FreeBlob;
872 *ppvFreeContext = NULL;
873
874 components.dwUrlPathLength = 1;
875 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
876 if (ret)
877 {
878 LPWSTR path;
879
880 /* 3 == lstrlenW(L"c:") + 1 */
881 path = CryptMemAlloc((components.dwUrlPathLength + 3) * sizeof(WCHAR));
882 if (path)
883 {
884 HANDLE hFile;
885
886 /* Try to create the file directly - Wine handles / in pathnames */
887 lstrcpynW(path, components.lpszUrlPath,
888 components.dwUrlPathLength + 1);
889 hFile = CreateFileW(path, GENERIC_READ, 0, NULL, OPEN_EXISTING,
890 FILE_ATTRIBUTE_NORMAL, NULL);
891 if (hFile == INVALID_HANDLE_VALUE)
892 {
893 /* Try again on the current drive */
894 GetCurrentDirectoryW(components.dwUrlPathLength, path);
895 if (path[1] == ':')
896 {
897 lstrcpynW(path + 2, components.lpszUrlPath,
898 components.dwUrlPathLength + 1);
899 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
900 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
901 }
902 if (hFile == INVALID_HANDLE_VALUE)
903 {
904 /* Try again on the Windows drive */
905 GetWindowsDirectoryW(path, components.dwUrlPathLength);
906 if (path[1] == ':')
907 {
908 lstrcpynW(path + 2, components.lpszUrlPath,
909 components.dwUrlPathLength + 1);
910 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
911 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
912 }
913 }
914 }
915 if (hFile != INVALID_HANDLE_VALUE)
916 {
917 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
918 {
919 if (pAuxInfo && pAuxInfo->cbSize >=
920 offsetof(CRYPT_RETRIEVE_AUX_INFO,
921 pLastSyncTime) + sizeof(PFILETIME) &&
922 pAuxInfo->pLastSyncTime)
923 GetFileTime(hFile, NULL, NULL,
924 pAuxInfo->pLastSyncTime);
925 }
926 CloseHandle(hFile);
927 }
928 else
929 ret = FALSE;
930 CryptMemFree(path);
931 }
932 }
933 return ret;
934 }
935
936 typedef BOOL (WINAPI *SchemeDllRetrieveEncodedObjectW)(LPCWSTR pwszUrl,
937 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
938 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
939 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
940 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
941
942 static BOOL CRYPT_GetRetrieveFunction(LPCWSTR pszURL,
943 SchemeDllRetrieveEncodedObjectW *pFunc, HCRYPTOIDFUNCADDR *phFunc)
944 {
945 URL_COMPONENTSW components = { sizeof(components), 0 };
946 BOOL ret;
947
948 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pFunc, phFunc);
949
950 *pFunc = NULL;
951 *phFunc = 0;
952 components.dwSchemeLength = 1;
953 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
954 if (ret)
955 {
956 /* Microsoft always uses CryptInitOIDFunctionSet/
957 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
958 * reason to do so for builtin schemes.
959 */
960 switch (components.nScheme)
961 {
962 case INTERNET_SCHEME_FTP:
963 *pFunc = FTP_RetrieveEncodedObjectW;
964 break;
965 case INTERNET_SCHEME_HTTP:
966 *pFunc = HTTP_RetrieveEncodedObjectW;
967 break;
968 case INTERNET_SCHEME_FILE:
969 *pFunc = File_RetrieveEncodedObjectW;
970 break;
971 default:
972 {
973 int len = WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
974 components.dwSchemeLength, NULL, 0, NULL, NULL);
975
976 if (len)
977 {
978 LPSTR scheme = CryptMemAlloc(len);
979
980 if (scheme)
981 {
982 static HCRYPTOIDFUNCSET set = NULL;
983
984 if (!set)
985 set = CryptInitOIDFunctionSet(
986 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC, 0);
987 WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
988 components.dwSchemeLength, scheme, len, NULL, NULL);
989 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING,
990 scheme, 0, (void **)pFunc, phFunc);
991 CryptMemFree(scheme);
992 }
993 else
994 {
995 SetLastError(ERROR_OUTOFMEMORY);
996 ret = FALSE;
997 }
998 }
999 else
1000 ret = FALSE;
1001 }
1002 }
1003 }
1004 TRACE("returning %d\n", ret);
1005 return ret;
1006 }
1007
1008 static BOOL WINAPI CRYPT_CreateBlob(LPCSTR pszObjectOid,
1009 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1010 {
1011 DWORD size, i;
1012 CRYPT_BLOB_ARRAY *context;
1013 BOOL ret = FALSE;
1014
1015 size = sizeof(CRYPT_BLOB_ARRAY) + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1016 for (i = 0; i < pObject->cBlob; i++)
1017 size += pObject->rgBlob[i].cbData;
1018 context = CryptMemAlloc(size);
1019 if (context)
1020 {
1021 LPBYTE nextData;
1022
1023 context->cBlob = 0;
1024 context->rgBlob =
1025 (CRYPT_DATA_BLOB *)((LPBYTE)context + sizeof(CRYPT_BLOB_ARRAY));
1026 nextData =
1027 (LPBYTE)context->rgBlob + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1028 for (i = 0; i < pObject->cBlob; i++)
1029 {
1030 memcpy(nextData, pObject->rgBlob[i].pbData,
1031 pObject->rgBlob[i].cbData);
1032 context->rgBlob[i].pbData = nextData;
1033 context->rgBlob[i].cbData = pObject->rgBlob[i].cbData;
1034 nextData += pObject->rgBlob[i].cbData;
1035 context->cBlob++;
1036 }
1037 *ppvContext = context;
1038 ret = TRUE;
1039 }
1040 return ret;
1041 }
1042
1043 typedef BOOL (WINAPI *AddContextToStore)(HCERTSTORE hCertStore,
1044 const void *pContext, DWORD dwAddDisposition, const void **ppStoreContext);
1045
1046 static BOOL CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject,
1047 DWORD dwExpectedContentTypeFlags, AddContextToStore addFunc, void **ppvContext)
1048 {
1049 BOOL ret = TRUE;
1050
1051 if (!pObject->cBlob)
1052 {
1053 SetLastError(ERROR_INVALID_DATA);
1054 *ppvContext = NULL;
1055 ret = FALSE;
1056 }
1057 else if (pObject->cBlob == 1)
1058 {
1059 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1060 dwExpectedContentTypeFlags, CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL,
1061 NULL, NULL, NULL, NULL, (const void **)ppvContext))
1062 {
1063 SetLastError(CRYPT_E_NO_MATCH);
1064 ret = FALSE;
1065 }
1066 }
1067 else
1068 {
1069 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1070 CERT_STORE_CREATE_NEW_FLAG, NULL);
1071
1072 if (store)
1073 {
1074 DWORD i;
1075 const void *context;
1076
1077 for (i = 0; i < pObject->cBlob; i++)
1078 {
1079 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1080 &pObject->rgBlob[i], dwExpectedContentTypeFlags,
1081 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, NULL, NULL, NULL,
1082 NULL, &context))
1083 {
1084 if (!addFunc(store, context, CERT_STORE_ADD_ALWAYS, NULL))
1085 ret = FALSE;
1086 }
1087 else
1088 {
1089 SetLastError(CRYPT_E_NO_MATCH);
1090 ret = FALSE;
1091 }
1092 }
1093 }
1094 else
1095 ret = FALSE;
1096 *ppvContext = store;
1097 }
1098 return ret;
1099 }
1100
1101 static BOOL WINAPI CRYPT_CreateCert(LPCSTR pszObjectOid,
1102 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1103 {
1104 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CERT,
1105 (AddContextToStore)CertAddCertificateContextToStore, ppvContext);
1106 }
1107
1108 static BOOL WINAPI CRYPT_CreateCRL(LPCSTR pszObjectOid,
1109 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1110 {
1111 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CRL,
1112 (AddContextToStore)CertAddCRLContextToStore, ppvContext);
1113 }
1114
1115 static BOOL WINAPI CRYPT_CreateCTL(LPCSTR pszObjectOid,
1116 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1117 {
1118 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CTL,
1119 (AddContextToStore)CertAddCTLContextToStore, ppvContext);
1120 }
1121
1122 static BOOL WINAPI CRYPT_CreatePKCS7(LPCSTR pszObjectOid,
1123 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1124 {
1125 BOOL ret;
1126
1127 if (!pObject->cBlob)
1128 {
1129 SetLastError(ERROR_INVALID_DATA);
1130 *ppvContext = NULL;
1131 ret = FALSE;
1132 }
1133 else if (pObject->cBlob == 1)
1134 ret = CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1135 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1136 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED, CERT_QUERY_FORMAT_FLAG_BINARY,
1137 0, NULL, NULL, NULL, (HCERTSTORE *)ppvContext, NULL, NULL);
1138 else
1139 {
1140 FIXME("multiple messages unimplemented\n");
1141 ret = FALSE;
1142 }
1143 return ret;
1144 }
1145
1146 static BOOL WINAPI CRYPT_CreateAny(LPCSTR pszObjectOid,
1147 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1148 {
1149 BOOL ret;
1150
1151 if (!pObject->cBlob)
1152 {
1153 SetLastError(ERROR_INVALID_DATA);
1154 *ppvContext = NULL;
1155 ret = FALSE;
1156 }
1157 else
1158 {
1159 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
1160 CERT_STORE_CREATE_NEW_FLAG, NULL);
1161
1162 if (store)
1163 {
1164 HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1165 CERT_STORE_CREATE_NEW_FLAG, NULL);
1166
1167 if (memStore)
1168 {
1169 CertAddStoreToCollection(store, memStore,
1170 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1171 CertCloseStore(memStore, 0);
1172 }
1173 else
1174 {
1175 CertCloseStore(store, 0);
1176 store = NULL;
1177 }
1178 }
1179 if (store)
1180 {
1181 DWORD i;
1182
1183 ret = TRUE;
1184 for (i = 0; i < pObject->cBlob; i++)
1185 {
1186 DWORD contentType, expectedContentTypes =
1187 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1188 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED |
1189 CERT_QUERY_CONTENT_FLAG_CERT |
1190 CERT_QUERY_CONTENT_FLAG_CRL |
1191 CERT_QUERY_CONTENT_FLAG_CTL;
1192 HCERTSTORE contextStore;
1193 const void *context;
1194
1195 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1196 &pObject->rgBlob[i], expectedContentTypes,
1197 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, &contentType, NULL,
1198 &contextStore, NULL, &context))
1199 {
1200 switch (contentType)
1201 {
1202 case CERT_QUERY_CONTENT_CERT:
1203 if (!CertAddCertificateContextToStore(store,
1204 (PCCERT_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1205 ret = FALSE;
1206 break;
1207 case CERT_QUERY_CONTENT_CRL:
1208 if (!CertAddCRLContextToStore(store,
1209 (PCCRL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1210 ret = FALSE;
1211 break;
1212 case CERT_QUERY_CONTENT_CTL:
1213 if (!CertAddCTLContextToStore(store,
1214 (PCCTL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1215 ret = FALSE;
1216 break;
1217 default:
1218 CertAddStoreToCollection(store, contextStore, 0, 0);
1219 }
1220 }
1221 else
1222 ret = FALSE;
1223 }
1224 }
1225 else
1226 ret = FALSE;
1227 *ppvContext = store;
1228 }
1229 return ret;
1230 }
1231
1232 typedef BOOL (WINAPI *ContextDllCreateObjectContext)(LPCSTR pszObjectOid,
1233 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext);
1234
1235 static BOOL CRYPT_GetCreateFunction(LPCSTR pszObjectOid,
1236 ContextDllCreateObjectContext *pFunc, HCRYPTOIDFUNCADDR *phFunc)
1237 {
1238 BOOL ret = TRUE;
1239
1240 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid), pFunc, phFunc);
1241
1242 *pFunc = NULL;
1243 *phFunc = 0;
1244 if (!HIWORD(pszObjectOid))
1245 {
1246 switch (LOWORD(pszObjectOid))
1247 {
1248 case 0:
1249 *pFunc = CRYPT_CreateBlob;
1250 break;
1251 case LOWORD(CONTEXT_OID_CERTIFICATE):
1252 *pFunc = CRYPT_CreateCert;
1253 break;
1254 case LOWORD(CONTEXT_OID_CRL):
1255 *pFunc = CRYPT_CreateCRL;
1256 break;
1257 case LOWORD(CONTEXT_OID_CTL):
1258 *pFunc = CRYPT_CreateCTL;
1259 break;
1260 case LOWORD(CONTEXT_OID_PKCS7):
1261 *pFunc = CRYPT_CreatePKCS7;
1262 break;
1263 case LOWORD(CONTEXT_OID_CAPI2_ANY):
1264 *pFunc = CRYPT_CreateAny;
1265 break;
1266 }
1267 }
1268 if (!*pFunc)
1269 {
1270 static HCRYPTOIDFUNCSET set = NULL;
1271
1272 if (!set)
1273 set = CryptInitOIDFunctionSet(
1274 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC, 0);
1275 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszObjectOid,
1276 0, (void **)pFunc, phFunc);
1277 }
1278 TRACE("returning %d\n", ret);
1279 return ret;
1280 }
1281
1282 /***********************************************************************
1283 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1284 */
1285 BOOL WINAPI CryptRetrieveObjectByUrlW(LPCWSTR pszURL, LPCSTR pszObjectOid,
1286 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
1287 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
1288 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
1289 {
1290 BOOL ret;
1291 SchemeDllRetrieveEncodedObjectW retrieve;
1292 ContextDllCreateObjectContext create;
1293 HCRYPTOIDFUNCADDR hRetrieve = 0, hCreate = 0;
1294
1295 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
1296 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
1297 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
1298
1299 if (!pszURL)
1300 {
1301 SetLastError(ERROR_INVALID_PARAMETER);
1302 return FALSE;
1303 }
1304 ret = CRYPT_GetRetrieveFunction(pszURL, &retrieve, &hRetrieve);
1305 if (ret)
1306 ret = CRYPT_GetCreateFunction(pszObjectOid, &create, &hCreate);
1307 if (ret)
1308 {
1309 CRYPT_BLOB_ARRAY object = { 0, NULL };
1310 PFN_FREE_ENCODED_OBJECT_FUNC freeObject;
1311 void *freeContext;
1312
1313 ret = retrieve(pszURL, pszObjectOid, dwRetrievalFlags, dwTimeout,
1314 &object, &freeObject, &freeContext, hAsyncRetrieve, pCredentials,
1315 pAuxInfo);
1316 if (ret)
1317 {
1318 ret = create(pszObjectOid, dwRetrievalFlags, &object, ppvObject);
1319 freeObject(pszObjectOid, &object, freeContext);
1320 }
1321 }
1322 if (hCreate)
1323 CryptFreeOIDFunctionAddress(hCreate, 0);
1324 if (hRetrieve)
1325 CryptFreeOIDFunctionAddress(hRetrieve, 0);
1326 TRACE("returning %d\n", ret);
1327 return ret;
1328 }
1329
1330 typedef struct _OLD_CERT_REVOCATION_STATUS {
1331 DWORD cbSize;
1332 DWORD dwIndex;
1333 DWORD dwError;
1334 DWORD dwReason;
1335 } OLD_CERT_REVOCATION_STATUS, *POLD_CERT_REVOCATION_STATUS;
1336
1337 /***********************************************************************
1338 * CertDllVerifyRevocation (CRYPTNET.@)
1339 */
1340 BOOL WINAPI CertDllVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType,
1341 DWORD cContext, PVOID rgpvContext[], DWORD dwFlags,
1342 PCERT_REVOCATION_PARA pRevPara, PCERT_REVOCATION_STATUS pRevStatus)
1343 {
1344 DWORD error = 0, i;
1345 BOOL ret;
1346
1347 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType, dwRevType,
1348 cContext, rgpvContext, dwFlags, pRevPara, pRevStatus);
1349
1350 if (pRevStatus->cbSize != sizeof(OLD_CERT_REVOCATION_STATUS) &&
1351 pRevStatus->cbSize != sizeof(CERT_REVOCATION_STATUS))
1352 {
1353 SetLastError(E_INVALIDARG);
1354 return FALSE;
1355 }
1356 memset(&pRevStatus->dwIndex, 0, pRevStatus->cbSize - sizeof(DWORD));
1357 if (dwRevType != CERT_CONTEXT_REVOCATION_TYPE)
1358 {
1359 error = CRYPT_E_NO_REVOCATION_CHECK;
1360 ret = FALSE;
1361 }
1362 else
1363 {
1364 ret = TRUE;
1365 for (i = 0; ret && i < cContext; i++)
1366 {
1367 DWORD cbUrlArray;
1368
1369 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1370 rgpvContext[i], 0, NULL, &cbUrlArray, NULL, NULL, NULL);
1371 if (!ret && GetLastError() == CRYPT_E_NOT_FOUND)
1372 {
1373 error = CRYPT_E_NO_REVOCATION_CHECK;
1374 pRevStatus->dwIndex = i;
1375 }
1376 else if (ret)
1377 {
1378 CRYPT_URL_ARRAY *urlArray = CryptMemAlloc(cbUrlArray);
1379
1380 if (urlArray)
1381 {
1382 DWORD j, retrievalFlags = 0, startTime, endTime, timeout;
1383
1384 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1385 rgpvContext[i], 0, urlArray, &cbUrlArray, NULL, NULL,
1386 NULL);
1387 if (dwFlags & CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION)
1388 retrievalFlags |= CRYPT_CACHE_ONLY_RETRIEVAL;
1389 if (dwFlags & CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG &&
1390 pRevPara->cbSize >= offsetof(CERT_REVOCATION_PARA,
1391 dwUrlRetrievalTimeout) + sizeof(DWORD))
1392 {
1393 startTime = GetTickCount();
1394 endTime = startTime + pRevPara->dwUrlRetrievalTimeout;
1395 timeout = pRevPara->dwUrlRetrievalTimeout;
1396 }
1397 else
1398 endTime = timeout = 0;
1399 for (j = 0; ret && j < urlArray->cUrl; j++)
1400 {
1401 PCCRL_CONTEXT crl;
1402
1403 ret = CryptRetrieveObjectByUrlW(urlArray->rgwszUrl[j],
1404 CONTEXT_OID_CRL, retrievalFlags, timeout,
1405 (void **)&crl, NULL, NULL, NULL, NULL);
1406 if (ret)
1407 {
1408 PCRL_ENTRY entry = NULL;
1409
1410 CertFindCertificateInCRL(
1411 (PCCERT_CONTEXT)rgpvContext[i], crl, 0, NULL,
1412 &entry);
1413 if (entry)
1414 {
1415 error = CRYPT_E_REVOKED;
1416 pRevStatus->dwIndex = i;
1417 ret = FALSE;
1418 }
1419 else if (timeout)
1420 {
1421 DWORD time = GetTickCount();
1422
1423 if ((int)(endTime - time) <= 0)
1424 {
1425 error = ERROR_TIMEOUT;
1426 pRevStatus->dwIndex = i;
1427 ret = FALSE;
1428 }
1429 else
1430 timeout = endTime - time;
1431 }
1432 CertFreeCRLContext(crl);
1433 }
1434 else
1435 error = CRYPT_E_REVOCATION_OFFLINE;
1436 }
1437 CryptMemFree(urlArray);
1438 }
1439 else
1440 {
1441 error = ERROR_OUTOFMEMORY;
1442 pRevStatus->dwIndex = i;
1443 ret = FALSE;
1444 }
1445 }
1446 else
1447 pRevStatus->dwIndex = i;
1448 }
1449 }
1450
1451 if (!ret)
1452 {
1453 SetLastError(error);
1454 pRevStatus->dwError = error;
1455 }
1456 TRACE("returning %d (%08x)\n", ret, error);
1457 return ret;
1458 }
useful hacks and other patches not (yet) suitable for mainline