search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
push 4e98c31ec75caed2ea3040ac2e710b58ba1ca0e1
[wine/hacks.git] / dlls / cryptnet / cryptnet_main.c
blob0395e0aaaea3f1183f400c48886f4a24b46921da
1 /*
2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 *
19 */
20
21 #include "config.h"
22 #include "wine/port.h"
23
24 #define NONAMELESSUNION
25 #define NONAMELESSSTRUCT
26 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
27
28 #include <stdio.h>
29 #include <stdarg.h>
30
31 #include "windef.h"
32 #include "winbase.h"
33 #include "winnt.h"
34 #include "winnls.h"
35 #include "wininet.h"
36 #include "objbase.h"
37 #include "wincrypt.h"
38
39 #include "wine/debug.h"
40
41 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet);
42
43 BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
44 {
45 TRACE("(0x%p, %d, %p)\n", hinstDLL, fdwReason, lpvReserved);
46
47 switch (fdwReason) {
48 case DLL_PROCESS_ATTACH:
49 DisableThreadLibraryCalls(hinstDLL);
50 break;
51 case DLL_PROCESS_DETACH:
52 /* Do uninitialisation here */
53 break;
54 default: break;
55 }
56 return TRUE;
57 }
58
59 static const WCHAR cryptNet[] = { 'c','r','y','p','t','n','e','t','.',
60 'd','l','l',0 };
61 static const WCHAR ldapProvOpenStore[] = { 'L','d','a','p','P','r','o','v',
62 'O','p','e','S','t','o','r','e',0 };
63
64 /***********************************************************************
65 * DllRegisterServer (CRYPTNET.@)
66 */
67 HRESULT WINAPI DllRegisterServer(void)
68 {
69 TRACE("\n");
70 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING,
71 CRYPT_OID_VERIFY_REVOCATION_FUNC, 0, cryptNet);
72 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap",
73 cryptNet, "LdapProvOpenStore");
74 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
75 CERT_STORE_PROV_LDAP_W, cryptNet, "LdapProvOpenStore");
76 return S_OK;
77 }
78
79 /***********************************************************************
80 * DllUnregisterServer (CRYPTNET.@)
81 */
82 HRESULT WINAPI DllUnregisterServer(void)
83 {
84 TRACE("\n");
85 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING,
86 CRYPT_OID_VERIFY_REVOCATION_FUNC, cryptNet);
87 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap");
88 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
89 CERT_STORE_PROV_LDAP_W);
90 return S_OK;
91 }
92
93 static const char *url_oid_to_str(LPCSTR oid)
94 {
95 if (HIWORD(oid))
96 return oid;
97 else
98 {
99 static char buf[10];
100
101 switch (LOWORD(oid))
102 {
103 #define _x(oid) case LOWORD(oid): return #oid
104 _x(URL_OID_CERTIFICATE_ISSUER);
105 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT);
106 _x(URL_OID_CTL_ISSUER);
107 _x(URL_OID_CTL_NEXT_UPDATE);
108 _x(URL_OID_CRL_ISSUER);
109 _x(URL_OID_CERTIFICATE_FRESHEST_CRL);
110 _x(URL_OID_CRL_FRESHEST_CRL);
111 _x(URL_OID_CROSS_CERT_DIST_POINT);
112 #undef _x
113 default:
114 snprintf(buf, sizeof(buf), "%d", LOWORD(oid));
115 return buf;
116 }
117 }
118 }
119
120 typedef BOOL (WINAPI *UrlDllGetObjectUrlFunc)(LPCSTR, LPVOID, DWORD,
121 PCRYPT_URL_ARRAY, DWORD *, PCRYPT_URL_INFO, DWORD *, LPVOID);
122
123 static BOOL WINAPI CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid,
124 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
125 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
126 {
127 /* FIXME: This depends on the AIA (authority info access) extension being
128 * supported in crypt32.
129 */
130 FIXME("\n");
131 SetLastError(CRYPT_E_NOT_FOUND);
132 return FALSE;
133 }
134
135 static BOOL WINAPI CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid,
136 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
137 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
138 {
139 PCCERT_CONTEXT cert = (PCCERT_CONTEXT)pvPara;
140 PCERT_EXTENSION ext;
141 BOOL ret = FALSE;
142
143 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
144 if (dwFlags && !(dwFlags & CRYPT_GET_URL_FROM_EXTENSION))
145 {
146 SetLastError(CRYPT_E_NOT_FOUND);
147 return FALSE;
148 }
149 if ((ext = CertFindExtension(szOID_CRL_DIST_POINTS,
150 cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
151 {
152 CRL_DIST_POINTS_INFO *info;
153 DWORD size;
154
155 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CRL_DIST_POINTS,
156 ext->Value.pbData, ext->Value.cbData, CRYPT_DECODE_ALLOC_FLAG, NULL,
157 &info, &size);
158 if (ret)
159 {
160 DWORD i, cUrl, bytesNeeded = sizeof(CRYPT_URL_ARRAY);
161
162 for (i = 0, cUrl = 0; i < info->cDistPoint; i++)
163 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
164 == CRL_DIST_POINT_FULL_NAME)
165 {
166 DWORD j;
167 CERT_ALT_NAME_INFO *name =
168 &info->rgDistPoint[i].DistPointName.u.FullName;
169
170 for (j = 0; j < name->cAltEntry; j++)
171 if (name->rgAltEntry[j].dwAltNameChoice ==
172 CERT_ALT_NAME_URL)
173 {
174 if (name->rgAltEntry[j].u.pwszURL)
175 {
176 cUrl++;
177 bytesNeeded += sizeof(LPWSTR) +
178 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1)
179 * sizeof(WCHAR);
180 }
181 }
182 }
183 if (!pcbUrlArray)
184 {
185 SetLastError(E_INVALIDARG);
186 ret = FALSE;
187 }
188 else if (!pUrlArray)
189 *pcbUrlArray = bytesNeeded;
190 else if (*pcbUrlArray < bytesNeeded)
191 {
192 SetLastError(ERROR_MORE_DATA);
193 *pcbUrlArray = bytesNeeded;
194 ret = FALSE;
195 }
196 else
197 {
198 LPWSTR nextUrl;
199
200 *pcbUrlArray = bytesNeeded;
201 pUrlArray->cUrl = 0;
202 pUrlArray->rgwszUrl =
203 (LPWSTR *)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY));
204 nextUrl = (LPWSTR)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY)
205 + cUrl * sizeof(LPWSTR));
206 for (i = 0; i < info->cDistPoint; i++)
207 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
208 == CRL_DIST_POINT_FULL_NAME)
209 {
210 DWORD j;
211 CERT_ALT_NAME_INFO *name =
212 &info->rgDistPoint[i].DistPointName.u.FullName;
213
214 for (j = 0; j < name->cAltEntry; j++)
215 if (name->rgAltEntry[j].dwAltNameChoice ==
216 CERT_ALT_NAME_URL)
217 {
218 if (name->rgAltEntry[j].u.pwszURL)
219 {
220 lstrcpyW(nextUrl,
221 name->rgAltEntry[j].u.pwszURL);
222 pUrlArray->rgwszUrl[pUrlArray->cUrl++] =
223 nextUrl;
224 nextUrl +=
225 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1);
226 }
227 }
228 }
229 }
230 if (ret)
231 {
232 if (pcbUrlInfo)
233 {
234 FIXME("url info: stub\n");
235 if (!pUrlInfo)
236 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
237 else if (*pcbUrlInfo < sizeof(CRYPT_URL_INFO))
238 {
239 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
240 SetLastError(ERROR_MORE_DATA);
241 ret = FALSE;
242 }
243 else
244 {
245 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
246 memset(pUrlInfo, 0, sizeof(CRYPT_URL_INFO));
247 }
248 }
249 }
250 LocalFree(info);
251 }
252 }
253 else
254 SetLastError(CRYPT_E_NOT_FOUND);
255 return ret;
256 }
257
258 /***********************************************************************
259 * CryptGetObjectUrl (CRYPTNET.@)
260 */
261 BOOL WINAPI CryptGetObjectUrl(LPCSTR pszUrlOid, LPVOID pvPara, DWORD dwFlags,
262 PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray, PCRYPT_URL_INFO pUrlInfo,
263 DWORD *pcbUrlInfo, LPVOID pvReserved)
264 {
265 UrlDllGetObjectUrlFunc func = NULL;
266 HCRYPTOIDFUNCADDR hFunc = NULL;
267 BOOL ret = FALSE;
268
269 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid),
270 pvPara, dwFlags, pUrlArray, pcbUrlArray, pUrlInfo, pcbUrlInfo, pvReserved);
271
272 if (!HIWORD(pszUrlOid))
273 {
274 switch (LOWORD(pszUrlOid))
275 {
276 case LOWORD(URL_OID_CERTIFICATE_ISSUER):
277 func = CRYPT_GetUrlFromCertificateIssuer;
278 break;
279 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT):
280 func = CRYPT_GetUrlFromCertificateCRLDistPoint;
281 break;
282 default:
283 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid));
284 SetLastError(ERROR_FILE_NOT_FOUND);
285 }
286 }
287 else
288 {
289 static HCRYPTOIDFUNCSET set = NULL;
290
291 if (!set)
292 set = CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC, 0);
293 CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszUrlOid, 0,
294 (void **)&func, &hFunc);
295 }
296 if (func)
297 ret = func(pszUrlOid, pvPara, dwFlags, pUrlArray, pcbUrlArray,
298 pUrlInfo, pcbUrlInfo, pvReserved);
299 if (hFunc)
300 CryptFreeOIDFunctionAddress(hFunc, 0);
301 return ret;
302 }
303
304 /***********************************************************************
305 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
306 */
307 BOOL WINAPI CryptRetrieveObjectByUrlA(LPCSTR pszURL, LPCSTR pszObjectOid,
308 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
309 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
310 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
311 {
312 BOOL ret = FALSE;
313 int len;
314
315 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL),
316 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
317 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
318
319 if (!pszURL)
320 {
321 SetLastError(ERROR_INVALID_PARAMETER);
322 return FALSE;
323 }
324 len = MultiByteToWideChar(CP_ACP, 0, pszURL, -1, NULL, 0);
325 if (len)
326 {
327 LPWSTR url = CryptMemAlloc(len * sizeof(WCHAR));
328
329 if (url)
330 {
331 MultiByteToWideChar(CP_ACP, 0, pszURL, -1, url, len);
332 ret = CryptRetrieveObjectByUrlW(url, pszObjectOid,
333 dwRetrievalFlags, dwTimeout, ppvObject, hAsyncRetrieve,
334 pCredentials, pvVerify, pAuxInfo);
335 CryptMemFree(url);
336 }
337 else
338 SetLastError(ERROR_OUTOFMEMORY);
339 }
340 return ret;
341 }
342
343 static void WINAPI CRYPT_FreeBlob(LPCSTR pszObjectOid,
344 PCRYPT_BLOB_ARRAY pObject, void *pvFreeContext)
345 {
346 DWORD i;
347
348 for (i = 0; i < pObject->cBlob; i++)
349 CryptMemFree(pObject->rgBlob[i].pbData);
350 CryptMemFree(pObject->rgBlob);
351 }
352
353 static BOOL CRYPT_GetObjectFromFile(HANDLE hFile, PCRYPT_BLOB_ARRAY pObject)
354 {
355 BOOL ret;
356 LARGE_INTEGER size;
357
358 if ((ret = GetFileSizeEx(hFile, &size)))
359 {
360 if (size.u.HighPart)
361 {
362 WARN("file too big\n");
363 SetLastError(ERROR_INVALID_DATA);
364 ret = FALSE;
365 }
366 else
367 {
368 CRYPT_DATA_BLOB blob;
369
370 blob.pbData = CryptMemAlloc(size.u.LowPart);
371 if (blob.pbData)
372 {
373 blob.cbData = size.u.LowPart;
374 ret = ReadFile(hFile, blob.pbData, size.u.LowPart, &blob.cbData,
375 NULL);
376 if (ret)
377 {
378 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
379 if (pObject->rgBlob)
380 {
381 pObject->cBlob = 1;
382 memcpy(pObject->rgBlob, &blob, sizeof(CRYPT_DATA_BLOB));
383 }
384 else
385 {
386 SetLastError(ERROR_OUTOFMEMORY);
387 ret = FALSE;
388 }
389 }
390 if (!ret)
391 CryptMemFree(blob.pbData);
392 }
393 else
394 {
395 SetLastError(ERROR_OUTOFMEMORY);
396 ret = FALSE;
397 }
398 }
399 }
400 return ret;
401 }
402
403 /* FIXME: should make wininet cache all downloads instead */
404 static BOOL CRYPT_GetObjectFromCache(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
405 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
406 {
407 BOOL ret = FALSE;
408 INTERNET_CACHE_ENTRY_INFOW cacheInfo = { sizeof(cacheInfo), 0 };
409 DWORD size = sizeof(cacheInfo);
410
411 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pObject, pAuxInfo);
412
413 if (GetUrlCacheEntryInfoW(pszURL, &cacheInfo, &size) ||
414 GetLastError() == ERROR_INSUFFICIENT_BUFFER)
415 {
416 FILETIME ft;
417
418 GetSystemTimeAsFileTime(&ft);
419 if (CompareFileTime(&cacheInfo.ExpireTime, &ft) >= 0)
420 {
421 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo = CryptMemAlloc(size);
422
423 if (pCacheInfo)
424 {
425 if (GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size))
426 {
427 HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
428 GENERIC_READ, 0, NULL, OPEN_EXISTING,
429 FILE_ATTRIBUTE_NORMAL, NULL);
430
431 if (hFile != INVALID_HANDLE_VALUE)
432 {
433 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
434 {
435 if (pAuxInfo && pAuxInfo->cbSize >=
436 offsetof(CRYPT_RETRIEVE_AUX_INFO,
437 pLastSyncTime) + sizeof(PFILETIME) &&
438 pAuxInfo->pLastSyncTime)
439 memcpy(pAuxInfo->pLastSyncTime,
440 &pCacheInfo->LastSyncTime,
441 sizeof(FILETIME));
442 }
443 CloseHandle(hFile);
444 }
445 }
446 CryptMemFree(pCacheInfo);
447 }
448 else
449 SetLastError(ERROR_OUTOFMEMORY);
450 }
451 else
452 DeleteUrlCacheEntryW(pszURL);
453 }
454 TRACE("returning %d\n", ret);
455 return ret;
456 }
457
458 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
459 * to NULL-terminated copies of those portions of the URL (to be freed with
460 * CryptMemFree.)
461 */
462 static BOOL CRYPT_CrackUrl(LPCWSTR pszURL, URL_COMPONENTSW *components)
463 {
464 BOOL ret;
465
466 TRACE("(%s, %p)\n", debugstr_w(pszURL), components);
467
468 memset(components, 0, sizeof(*components));
469 components->dwStructSize = sizeof(*components);
470 components->lpszHostName = CryptMemAlloc(MAX_PATH * sizeof(WCHAR));
471 components->dwHostNameLength = MAX_PATH;
472 components->lpszUrlPath = CryptMemAlloc(MAX_PATH * 2 * sizeof(WCHAR));
473 components->dwUrlPathLength = 2 * MAX_PATH;
474 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, components);
475 if (ret)
476 {
477 if ((components->dwUrlPathLength == 2 * MAX_PATH - 1) ||
478 (components->dwHostNameLength == MAX_PATH - 1))
479 FIXME("Buffers are too small\n");
480 switch (components->nScheme)
481 {
482 case INTERNET_SCHEME_FTP:
483 if (!components->nPort)
484 components->nPort = INTERNET_DEFAULT_FTP_PORT;
485 break;
486 case INTERNET_SCHEME_HTTP:
487 if (!components->nPort)
488 components->nPort = INTERNET_DEFAULT_HTTP_PORT;
489 break;
490 default:
491 ; /* do nothing */
492 }
493 }
494 TRACE("returning %d\n", ret);
495 return ret;
496 }
497
498 struct InetContext
499 {
500 HANDLE event;
501 DWORD timeout;
502 DWORD error;
503 };
504
505 static struct InetContext *CRYPT_MakeInetContext(DWORD dwTimeout)
506 {
507 struct InetContext *context = CryptMemAlloc(sizeof(struct InetContext));
508
509 if (context)
510 {
511 context->event = CreateEventW(NULL, FALSE, FALSE, NULL);
512 if (!context->event)
513 {
514 CryptMemFree(context);
515 context = NULL;
516 }
517 else
518 {
519 context->timeout = dwTimeout;
520 context->error = ERROR_SUCCESS;
521 }
522 }
523 return context;
524 }
525
526 static BOOL CRYPT_DownloadObject(DWORD dwRetrievalFlags, HINTERNET hHttp,
527 struct InetContext *context, PCRYPT_BLOB_ARRAY pObject,
528 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
529 {
530 CRYPT_DATA_BLOB object = { 0, NULL };
531 DWORD bytesAvailable;
532 BOOL ret;
533
534 do {
535 if ((ret = InternetQueryDataAvailable(hHttp, &bytesAvailable, 0, 0)))
536 {
537 if (bytesAvailable)
538 {
539 if (object.pbData)
540 object.pbData = CryptMemRealloc(object.pbData,
541 object.cbData + bytesAvailable);
542 else
543 object.pbData = CryptMemAlloc(bytesAvailable);
544 if (object.pbData)
545 {
546 INTERNET_BUFFERSA buffer = { sizeof(buffer), 0 };
547
548 buffer.dwBufferLength = bytesAvailable;
549 buffer.lpvBuffer = object.pbData + object.cbData;
550 if (!(ret = InternetReadFileExA(hHttp, &buffer, IRF_NO_WAIT,
551 (DWORD_PTR)context)))
552 {
553 if (GetLastError() == ERROR_IO_PENDING)
554 {
555 if (WaitForSingleObject(context->event,
556 context->timeout) == WAIT_TIMEOUT)
557 SetLastError(ERROR_TIMEOUT);
558 else if (context->error)
559 SetLastError(context->error);
560 else
561 ret = TRUE;
562 }
563 }
564 if (ret)
565 object.cbData += bytesAvailable;
566 }
567 else
568 {
569 SetLastError(ERROR_OUTOFMEMORY);
570 ret = FALSE;
571 }
572 }
573 }
574 else if (GetLastError() == ERROR_IO_PENDING)
575 {
576 if (WaitForSingleObject(context->event, context->timeout) ==
577 WAIT_TIMEOUT)
578 SetLastError(ERROR_TIMEOUT);
579 else
580 ret = TRUE;
581 }
582 } while (ret && bytesAvailable);
583 if (ret)
584 {
585 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
586 if (!pObject->rgBlob)
587 {
588 CryptMemFree(object.pbData);
589 SetLastError(ERROR_OUTOFMEMORY);
590 ret = FALSE;
591 }
592 else
593 {
594 pObject->rgBlob[0].cbData = object.cbData;
595 pObject->rgBlob[0].pbData = object.pbData;
596 pObject->cBlob = 1;
597 }
598 }
599 TRACE("returning %d\n", ret);
600 return ret;
601 }
602
603 static void CRYPT_CacheURL(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
604 DWORD dwRetrievalFlags, FILETIME expires)
605 {
606 WCHAR cacheFileName[MAX_PATH];
607
608 /* FIXME: let wininet directly cache instead */
609 if (CreateUrlCacheEntryW(pszURL, pObject->rgBlob[0].cbData, NULL,
610 cacheFileName, 0))
611 {
612 HANDLE hCacheFile = CreateFileW(cacheFileName, GENERIC_WRITE, 0, NULL,
613 CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
614
615 if (hCacheFile != INVALID_HANDLE_VALUE)
616 {
617 DWORD bytesWritten, entryType;
618 FILETIME ft = { 0 };
619
620 if (!(dwRetrievalFlags & CRYPT_STICKY_CACHE_RETRIEVAL))
621 entryType = NORMAL_CACHE_ENTRY;
622 else
623 entryType = STICKY_CACHE_ENTRY;
624 WriteFile(hCacheFile, pObject->rgBlob[0].pbData,
625 pObject->rgBlob[0].cbData, &bytesWritten, NULL);
626 CloseHandle(hCacheFile);
627 CommitUrlCacheEntryW(pszURL, cacheFileName, expires, ft, entryType,
628 NULL, 0, NULL, NULL);
629 }
630 }
631 }
632
633 static void CALLBACK CRYPT_InetStatusCallback(HINTERNET hInt,
634 DWORD_PTR dwContext, DWORD status, void *statusInfo, DWORD statusInfoLen)
635 {
636 struct InetContext *context = (struct InetContext *)dwContext;
637 LPINTERNET_ASYNC_RESULT result;
638
639 switch (status)
640 {
641 case INTERNET_STATUS_REQUEST_COMPLETE:
642 result = (LPINTERNET_ASYNC_RESULT)statusInfo;
643 context->error = result->dwError;
644 SetEvent(context->event);
645 }
646 }
647
648 static BOOL CRYPT_Connect(URL_COMPONENTSW *components,
649 struct InetContext *context, PCRYPT_CREDENTIALS pCredentials,
650 HINTERNET *phInt, HINTERNET *phHost)
651 {
652 BOOL ret;
653
654 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components->lpszHostName),
655 components->nPort, context, pCredentials, phInt, phInt);
656
657 *phHost = NULL;
658 *phInt = InternetOpenW(NULL, INTERNET_OPEN_TYPE_DIRECT, NULL, NULL,
659 context ? INTERNET_FLAG_ASYNC : 0);
660 if (*phInt)
661 {
662 DWORD service;
663
664 if (context)
665 InternetSetStatusCallbackW(*phInt, CRYPT_InetStatusCallback);
666 switch (components->nScheme)
667 {
668 case INTERNET_SCHEME_FTP:
669 service = INTERNET_SERVICE_FTP;
670 break;
671 case INTERNET_SCHEME_HTTP:
672 service = INTERNET_SERVICE_HTTP;
673 break;
674 default:
675 service = 0;
676 }
677 /* FIXME: use pCredentials for username/password */
678 *phHost = InternetConnectW(*phInt, components->lpszHostName,
679 components->nPort, NULL, NULL, service, 0, (DWORD_PTR)context);
680 if (!*phHost)
681 {
682 InternetCloseHandle(*phInt);
683 *phInt = NULL;
684 ret = FALSE;
685 }
686 else
687 ret = TRUE;
688 }
689 else
690 ret = FALSE;
691 TRACE("returning %d\n", ret);
692 return ret;
693 }
694
695 static BOOL WINAPI FTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
696 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
697 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
698 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
699 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
700 {
701 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
702 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
703 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
704
705 pObject->cBlob = 0;
706 pObject->rgBlob = NULL;
707 *ppfnFreeObject = CRYPT_FreeBlob;
708 *ppvFreeContext = NULL;
709 return FALSE;
710 }
711
712 static const WCHAR x509cacert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
713 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
714 static const WCHAR x509emailcert[] = { 'a','p','p','l','i','c','a','t','i','o',
715 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
716 0 };
717 static const WCHAR x509servercert[] = { 'a','p','p','l','i','c','a','t','i','o',
718 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
719 't',0 };
720 static const WCHAR x509usercert[] = { 'a','p','p','l','i','c','a','t','i','o',
721 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
722 static const WCHAR pkcs7cert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
723 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
724 's',0 };
725 static const WCHAR pkixCRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
726 '/','p','k','i','x','-','c','r','l',0 };
727 static const WCHAR pkcs7CRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
728 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
729 static const WCHAR pkcs7sig[] = { 'a','p','p','l','i','c','a','t','i','o','n',
730 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
731 static const WCHAR pkcs7mime[] = { 'a','p','p','l','i','c','a','t','i','o','n',
732 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
733
734 static BOOL WINAPI HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
735 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
736 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
737 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
738 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
739 {
740 BOOL ret = FALSE;
741
742 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
743 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
744 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
745
746 pObject->cBlob = 0;
747 pObject->rgBlob = NULL;
748 *ppfnFreeObject = CRYPT_FreeBlob;
749 *ppvFreeContext = NULL;
750
751 if (!(dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL))
752 ret = CRYPT_GetObjectFromCache(pszURL, pObject, pAuxInfo);
753 if (!ret && (!(dwRetrievalFlags & CRYPT_CACHE_ONLY_RETRIEVAL) ||
754 (dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL)))
755 {
756 URL_COMPONENTSW components;
757
758 if ((ret = CRYPT_CrackUrl(pszURL, &components)))
759 {
760 HINTERNET hInt, hHost;
761 struct InetContext *context = NULL;
762
763 if (dwTimeout)
764 context = CRYPT_MakeInetContext(dwTimeout);
765 ret = CRYPT_Connect(&components, context, pCredentials, &hInt,
766 &hHost);
767 if (ret)
768 {
769 static LPCWSTR types[] = { x509cacert, x509emailcert,
770 x509servercert, x509usercert, pkcs7cert, pkixCRL, pkcs7CRL,
771 pkcs7sig, pkcs7mime, NULL };
772 HINTERNET hHttp = HttpOpenRequestW(hHost, NULL,
773 components.lpszUrlPath, NULL, NULL, types,
774 INTERNET_FLAG_NO_COOKIES | INTERNET_FLAG_NO_UI,
775 (DWORD_PTR)context);
776
777 if (hHttp)
778 {
779 if (dwTimeout)
780 {
781 InternetSetOptionW(hHttp,
782 INTERNET_OPTION_RECEIVE_TIMEOUT, &dwTimeout,
783 sizeof(dwTimeout));
784 InternetSetOptionW(hHttp, INTERNET_OPTION_SEND_TIMEOUT,
785 &dwTimeout, sizeof(dwTimeout));
786 }
787 ret = HttpSendRequestExW(hHttp, NULL, NULL, 0,
788 (DWORD_PTR)context);
789 if (!ret && GetLastError() == ERROR_IO_PENDING)
790 {
791 if (WaitForSingleObject(context->event,
792 context->timeout) == WAIT_TIMEOUT)
793 SetLastError(ERROR_TIMEOUT);
794 else
795 ret = TRUE;
796 }
797 /* We don't set ret to TRUE in this block to avoid masking
798 * an error from HttpSendRequestExW.
799 */
800 if (!HttpEndRequestW(hHttp, NULL, 0, (DWORD_PTR)context) &&
801 GetLastError() == ERROR_IO_PENDING)
802 {
803 if (WaitForSingleObject(context->event,
804 context->timeout) == WAIT_TIMEOUT)
805 {
806 SetLastError(ERROR_TIMEOUT);
807 ret = FALSE;
808 }
809 }
810 if (ret)
811 ret = CRYPT_DownloadObject(dwRetrievalFlags, hHttp,
812 context, pObject, pAuxInfo);
813 if (ret && !(dwRetrievalFlags & CRYPT_DONT_CACHE_RESULT))
814 {
815 SYSTEMTIME st;
816 DWORD len = sizeof(st);
817
818 if (HttpQueryInfoW(hHttp,
819 HTTP_QUERY_EXPIRES | HTTP_QUERY_FLAG_SYSTEMTIME, &st,
820 &len, NULL))
821 {
822 FILETIME ft;
823
824 SystemTimeToFileTime(&st, &ft);
825 CRYPT_CacheURL(pszURL, pObject, dwRetrievalFlags,
826 ft);
827 }
828 }
829 InternetCloseHandle(hHttp);
830 }
831 InternetCloseHandle(hHost);
832 InternetCloseHandle(hInt);
833 }
834 if (context)
835 {
836 CloseHandle(context->event);
837 CryptMemFree(context);
838 }
839 CryptMemFree(components.lpszUrlPath);
840 CryptMemFree(components.lpszHostName);
841 }
842 }
843 TRACE("returning %d\n", ret);
844 return ret;
845 }
846
847 static BOOL WINAPI File_RetrieveEncodedObjectW(LPCWSTR pszURL,
848 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
849 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
850 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
851 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
852 {
853 URL_COMPONENTSW components = { sizeof(components), 0 };
854 BOOL ret;
855
856 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
857 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
858 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
859
860 pObject->cBlob = 0;
861 pObject->rgBlob = NULL;
862 *ppfnFreeObject = CRYPT_FreeBlob;
863 *ppvFreeContext = NULL;
864
865 components.lpszUrlPath = CryptMemAlloc(MAX_PATH * 2 * sizeof(WCHAR));
866 components.dwUrlPathLength = 2 * MAX_PATH;
867 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
868 if (ret)
869 {
870 LPWSTR path;
871
872 if (components.dwUrlPathLength == 2 * MAX_PATH - 1)
873 FIXME("Buffers are too small\n");
874
875 /* 3 == lstrlenW(L"c:") + 1 */
876 path = CryptMemAlloc((components.dwUrlPathLength + 3) * sizeof(WCHAR));
877 if (path)
878 {
879 HANDLE hFile;
880
881 /* Try to create the file directly - Wine handles / in pathnames */
882 lstrcpynW(path, components.lpszUrlPath,
883 components.dwUrlPathLength + 1);
884 hFile = CreateFileW(path, GENERIC_READ, 0, NULL, OPEN_EXISTING,
885 FILE_ATTRIBUTE_NORMAL, NULL);
886 if (hFile == INVALID_HANDLE_VALUE)
887 {
888 /* Try again on the current drive */
889 GetCurrentDirectoryW(components.dwUrlPathLength, path);
890 if (path[1] == ':')
891 {
892 lstrcpynW(path + 2, components.lpszUrlPath,
893 components.dwUrlPathLength + 1);
894 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
895 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
896 }
897 if (hFile == INVALID_HANDLE_VALUE)
898 {
899 /* Try again on the Windows drive */
900 GetWindowsDirectoryW(path, components.dwUrlPathLength);
901 if (path[1] == ':')
902 {
903 lstrcpynW(path + 2, components.lpszUrlPath,
904 components.dwUrlPathLength + 1);
905 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
906 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
907 }
908 }
909 }
910 if (hFile != INVALID_HANDLE_VALUE)
911 {
912 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
913 {
914 if (pAuxInfo && pAuxInfo->cbSize >=
915 offsetof(CRYPT_RETRIEVE_AUX_INFO,
916 pLastSyncTime) + sizeof(PFILETIME) &&
917 pAuxInfo->pLastSyncTime)
918 GetFileTime(hFile, NULL, NULL,
919 pAuxInfo->pLastSyncTime);
920 }
921 CloseHandle(hFile);
922 }
923 else
924 ret = FALSE;
925 CryptMemFree(path);
926 }
927 }
928 CryptMemFree(components.lpszUrlPath);
929 return ret;
930 }
931
932 typedef BOOL (WINAPI *SchemeDllRetrieveEncodedObjectW)(LPCWSTR pwszUrl,
933 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
934 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
935 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
936 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
937
938 static BOOL CRYPT_GetRetrieveFunction(LPCWSTR pszURL,
939 SchemeDllRetrieveEncodedObjectW *pFunc, HCRYPTOIDFUNCADDR *phFunc)
940 {
941 URL_COMPONENTSW components = { sizeof(components), 0 };
942 BOOL ret;
943
944 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pFunc, phFunc);
945
946 *pFunc = NULL;
947 *phFunc = 0;
948 components.dwSchemeLength = 1;
949 ret = InternetCrackUrlW(pszURL, 0, 0, &components);
950 if (ret)
951 {
952 /* Microsoft always uses CryptInitOIDFunctionSet/
953 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
954 * reason to do so for builtin schemes.
955 */
956 switch (components.nScheme)
957 {
958 case INTERNET_SCHEME_FTP:
959 *pFunc = FTP_RetrieveEncodedObjectW;
960 break;
961 case INTERNET_SCHEME_HTTP:
962 *pFunc = HTTP_RetrieveEncodedObjectW;
963 break;
964 case INTERNET_SCHEME_FILE:
965 *pFunc = File_RetrieveEncodedObjectW;
966 break;
967 default:
968 {
969 int len = WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
970 components.dwSchemeLength, NULL, 0, NULL, NULL);
971
972 if (len)
973 {
974 LPSTR scheme = CryptMemAlloc(len);
975
976 if (scheme)
977 {
978 static HCRYPTOIDFUNCSET set = NULL;
979
980 if (!set)
981 set = CryptInitOIDFunctionSet(
982 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC, 0);
983 WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
984 components.dwSchemeLength, scheme, len, NULL, NULL);
985 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING,
986 scheme, 0, (void **)pFunc, phFunc);
987 CryptMemFree(scheme);
988 }
989 else
990 {
991 SetLastError(ERROR_OUTOFMEMORY);
992 ret = FALSE;
993 }
994 }
995 else
996 ret = FALSE;
997 }
998 }
999 }
1000 TRACE("returning %d\n", ret);
1001 return ret;
1002 }
1003
1004 static BOOL WINAPI CRYPT_CreateBlob(LPCSTR pszObjectOid,
1005 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1006 {
1007 DWORD size, i;
1008 CRYPT_BLOB_ARRAY *context;
1009 BOOL ret = FALSE;
1010
1011 size = sizeof(CRYPT_BLOB_ARRAY) + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1012 for (i = 0; i < pObject->cBlob; i++)
1013 size += pObject->rgBlob[i].cbData;
1014 context = CryptMemAlloc(size);
1015 if (context)
1016 {
1017 LPBYTE nextData;
1018
1019 context->cBlob = 0;
1020 context->rgBlob =
1021 (CRYPT_DATA_BLOB *)((LPBYTE)context + sizeof(CRYPT_BLOB_ARRAY));
1022 nextData =
1023 (LPBYTE)context->rgBlob + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1024 for (i = 0; i < pObject->cBlob; i++)
1025 {
1026 memcpy(nextData, pObject->rgBlob[i].pbData,
1027 pObject->rgBlob[i].cbData);
1028 context->rgBlob[i].pbData = nextData;
1029 context->rgBlob[i].cbData = pObject->rgBlob[i].cbData;
1030 nextData += pObject->rgBlob[i].cbData;
1031 context->cBlob++;
1032 }
1033 *ppvContext = context;
1034 ret = TRUE;
1035 }
1036 return ret;
1037 }
1038
1039 typedef BOOL (WINAPI *AddContextToStore)(HCERTSTORE hCertStore,
1040 const void *pContext, DWORD dwAddDisposition, const void **ppStoreContext);
1041
1042 static BOOL CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject,
1043 DWORD dwExpectedContentTypeFlags, AddContextToStore addFunc, void **ppvContext)
1044 {
1045 BOOL ret = TRUE;
1046
1047 if (!pObject->cBlob)
1048 {
1049 SetLastError(ERROR_INVALID_DATA);
1050 *ppvContext = NULL;
1051 ret = FALSE;
1052 }
1053 else if (pObject->cBlob == 1)
1054 {
1055 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1056 dwExpectedContentTypeFlags, CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL,
1057 NULL, NULL, NULL, NULL, (const void **)ppvContext))
1058 {
1059 SetLastError(CRYPT_E_NO_MATCH);
1060 ret = FALSE;
1061 }
1062 }
1063 else
1064 {
1065 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1066 CERT_STORE_CREATE_NEW_FLAG, NULL);
1067
1068 if (store)
1069 {
1070 DWORD i;
1071 const void *context;
1072
1073 for (i = 0; i < pObject->cBlob; i++)
1074 {
1075 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1076 &pObject->rgBlob[i], dwExpectedContentTypeFlags,
1077 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, NULL, NULL, NULL,
1078 NULL, &context))
1079 {
1080 if (!addFunc(store, context, CERT_STORE_ADD_ALWAYS, NULL))
1081 ret = FALSE;
1082 }
1083 else
1084 {
1085 SetLastError(CRYPT_E_NO_MATCH);
1086 ret = FALSE;
1087 }
1088 }
1089 }
1090 else
1091 ret = FALSE;
1092 *ppvContext = store;
1093 }
1094 return ret;
1095 }
1096
1097 static BOOL WINAPI CRYPT_CreateCert(LPCSTR pszObjectOid,
1098 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1099 {
1100 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CERT,
1101 (AddContextToStore)CertAddCertificateContextToStore, ppvContext);
1102 }
1103
1104 static BOOL WINAPI CRYPT_CreateCRL(LPCSTR pszObjectOid,
1105 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1106 {
1107 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CRL,
1108 (AddContextToStore)CertAddCRLContextToStore, ppvContext);
1109 }
1110
1111 static BOOL WINAPI CRYPT_CreateCTL(LPCSTR pszObjectOid,
1112 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1113 {
1114 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CTL,
1115 (AddContextToStore)CertAddCTLContextToStore, ppvContext);
1116 }
1117
1118 static BOOL WINAPI CRYPT_CreatePKCS7(LPCSTR pszObjectOid,
1119 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1120 {
1121 BOOL ret;
1122
1123 if (!pObject->cBlob)
1124 {
1125 SetLastError(ERROR_INVALID_DATA);
1126 *ppvContext = NULL;
1127 ret = FALSE;
1128 }
1129 else if (pObject->cBlob == 1)
1130 ret = CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1131 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1132 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED, CERT_QUERY_FORMAT_FLAG_BINARY,
1133 0, NULL, NULL, NULL, ppvContext, NULL, NULL);
1134 else
1135 {
1136 FIXME("multiple messages unimplemented\n");
1137 ret = FALSE;
1138 }
1139 return ret;
1140 }
1141
1142 static BOOL WINAPI CRYPT_CreateAny(LPCSTR pszObjectOid,
1143 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1144 {
1145 BOOL ret;
1146
1147 if (!pObject->cBlob)
1148 {
1149 SetLastError(ERROR_INVALID_DATA);
1150 *ppvContext = NULL;
1151 ret = FALSE;
1152 }
1153 else
1154 {
1155 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
1156 CERT_STORE_CREATE_NEW_FLAG, NULL);
1157
1158 if (store)
1159 {
1160 HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1161 CERT_STORE_CREATE_NEW_FLAG, NULL);
1162
1163 if (memStore)
1164 {
1165 CertAddStoreToCollection(store, memStore,
1166 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1167 CertCloseStore(memStore, 0);
1168 }
1169 else
1170 {
1171 CertCloseStore(store, 0);
1172 store = NULL;
1173 }
1174 }
1175 if (store)
1176 {
1177 DWORD i;
1178
1179 ret = TRUE;
1180 for (i = 0; i < pObject->cBlob; i++)
1181 {
1182 DWORD contentType, expectedContentTypes =
1183 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1184 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED |
1185 CERT_QUERY_CONTENT_FLAG_CERT |
1186 CERT_QUERY_CONTENT_FLAG_CRL |
1187 CERT_QUERY_CONTENT_FLAG_CTL;
1188 HCERTSTORE contextStore;
1189 const void *context;
1190
1191 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1192 &pObject->rgBlob[i], expectedContentTypes,
1193 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, &contentType, NULL,
1194 &contextStore, NULL, &context))
1195 {
1196 switch (contentType)
1197 {
1198 case CERT_QUERY_CONTENT_CERT:
1199 if (!CertAddCertificateContextToStore(store,
1200 (PCCERT_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1201 ret = FALSE;
1202 break;
1203 case CERT_QUERY_CONTENT_CRL:
1204 if (!CertAddCRLContextToStore(store,
1205 (PCCRL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1206 ret = FALSE;
1207 break;
1208 case CERT_QUERY_CONTENT_CTL:
1209 if (!CertAddCTLContextToStore(store,
1210 (PCCTL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1211 ret = FALSE;
1212 break;
1213 default:
1214 CertAddStoreToCollection(store, contextStore, 0, 0);
1215 }
1216 }
1217 else
1218 ret = FALSE;
1219 }
1220 }
1221 else
1222 ret = FALSE;
1223 *ppvContext = store;
1224 }
1225 return ret;
1226 }
1227
1228 typedef BOOL (WINAPI *ContextDllCreateObjectContext)(LPCSTR pszObjectOid,
1229 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext);
1230
1231 static BOOL CRYPT_GetCreateFunction(LPCSTR pszObjectOid,
1232 ContextDllCreateObjectContext *pFunc, HCRYPTOIDFUNCADDR *phFunc)
1233 {
1234 BOOL ret = TRUE;
1235
1236 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid), pFunc, phFunc);
1237
1238 *pFunc = NULL;
1239 *phFunc = 0;
1240 if (!HIWORD(pszObjectOid))
1241 {
1242 switch (LOWORD(pszObjectOid))
1243 {
1244 case 0:
1245 *pFunc = CRYPT_CreateBlob;
1246 break;
1247 case LOWORD(CONTEXT_OID_CERTIFICATE):
1248 *pFunc = CRYPT_CreateCert;
1249 break;
1250 case LOWORD(CONTEXT_OID_CRL):
1251 *pFunc = CRYPT_CreateCRL;
1252 break;
1253 case LOWORD(CONTEXT_OID_CTL):
1254 *pFunc = CRYPT_CreateCTL;
1255 break;
1256 case LOWORD(CONTEXT_OID_PKCS7):
1257 *pFunc = CRYPT_CreatePKCS7;
1258 break;
1259 case LOWORD(CONTEXT_OID_CAPI2_ANY):
1260 *pFunc = CRYPT_CreateAny;
1261 break;
1262 }
1263 }
1264 if (!*pFunc)
1265 {
1266 static HCRYPTOIDFUNCSET set = NULL;
1267
1268 if (!set)
1269 set = CryptInitOIDFunctionSet(
1270 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC, 0);
1271 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszObjectOid,
1272 0, (void **)pFunc, phFunc);
1273 }
1274 TRACE("returning %d\n", ret);
1275 return ret;
1276 }
1277
1278 /***********************************************************************
1279 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1280 */
1281 BOOL WINAPI CryptRetrieveObjectByUrlW(LPCWSTR pszURL, LPCSTR pszObjectOid,
1282 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
1283 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
1284 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
1285 {
1286 BOOL ret;
1287 SchemeDllRetrieveEncodedObjectW retrieve;
1288 ContextDllCreateObjectContext create;
1289 HCRYPTOIDFUNCADDR hRetrieve = 0, hCreate = 0;
1290
1291 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
1292 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
1293 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
1294
1295 if (!pszURL)
1296 {
1297 SetLastError(ERROR_INVALID_PARAMETER);
1298 return FALSE;
1299 }
1300 ret = CRYPT_GetRetrieveFunction(pszURL, &retrieve, &hRetrieve);
1301 if (ret)
1302 ret = CRYPT_GetCreateFunction(pszObjectOid, &create, &hCreate);
1303 if (ret)
1304 {
1305 CRYPT_BLOB_ARRAY object = { 0, NULL };
1306 PFN_FREE_ENCODED_OBJECT_FUNC freeObject;
1307 void *freeContext;
1308
1309 ret = retrieve(pszURL, pszObjectOid, dwRetrievalFlags, dwTimeout,
1310 &object, &freeObject, &freeContext, hAsyncRetrieve, pCredentials,
1311 pAuxInfo);
1312 if (ret)
1313 {
1314 ret = create(pszObjectOid, dwRetrievalFlags, &object, ppvObject);
1315 freeObject(pszObjectOid, &object, freeContext);
1316 }
1317 }
1318 if (hCreate)
1319 CryptFreeOIDFunctionAddress(hCreate, 0);
1320 if (hRetrieve)
1321 CryptFreeOIDFunctionAddress(hRetrieve, 0);
1322 TRACE("returning %d\n", ret);
1323 return ret;
1324 }
1325
1326 typedef struct _OLD_CERT_REVOCATION_STATUS {
1327 DWORD cbSize;
1328 DWORD dwIndex;
1329 DWORD dwError;
1330 DWORD dwReason;
1331 } OLD_CERT_REVOCATION_STATUS, *POLD_CERT_REVOCATION_STATUS;
1332
1333 /***********************************************************************
1334 * CertDllVerifyRevocation (CRYPTNET.@)
1335 */
1336 BOOL WINAPI CertDllVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType,
1337 DWORD cContext, PVOID rgpvContext[], DWORD dwFlags,
1338 PCERT_REVOCATION_PARA pRevPara, PCERT_REVOCATION_STATUS pRevStatus)
1339 {
1340 DWORD error = 0, i;
1341 BOOL ret;
1342
1343 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType, dwRevType,
1344 cContext, rgpvContext, dwFlags, pRevPara, pRevStatus);
1345
1346 if (pRevStatus->cbSize != sizeof(OLD_CERT_REVOCATION_STATUS) &&
1347 pRevStatus->cbSize != sizeof(CERT_REVOCATION_STATUS))
1348 {
1349 SetLastError(E_INVALIDARG);
1350 return FALSE;
1351 }
1352 memset(&pRevStatus->dwIndex, 0, pRevStatus->cbSize - sizeof(DWORD));
1353 if (dwRevType != CERT_CONTEXT_REVOCATION_TYPE)
1354 {
1355 error = CRYPT_E_NO_REVOCATION_CHECK;
1356 ret = FALSE;
1357 }
1358 else
1359 {
1360 ret = TRUE;
1361 for (i = 0; ret && i < cContext; i++)
1362 {
1363 DWORD cbUrlArray;
1364
1365 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1366 rgpvContext[i], 0, NULL, &cbUrlArray, NULL, NULL, NULL);
1367 if (!ret && GetLastError() == CRYPT_E_NOT_FOUND)
1368 {
1369 error = CRYPT_E_NO_REVOCATION_CHECK;
1370 pRevStatus->dwIndex = i;
1371 }
1372 else if (ret)
1373 {
1374 CRYPT_URL_ARRAY *urlArray = CryptMemAlloc(cbUrlArray);
1375
1376 if (urlArray)
1377 {
1378 DWORD j, retrievalFlags = 0, startTime, endTime, timeout;
1379
1380 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1381 rgpvContext[i], 0, urlArray, &cbUrlArray, NULL, NULL,
1382 NULL);
1383 if (dwFlags & CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION)
1384 retrievalFlags |= CRYPT_CACHE_ONLY_RETRIEVAL;
1385 if (dwFlags & CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG &&
1386 pRevPara->cbSize >= offsetof(CERT_REVOCATION_PARA,
1387 dwUrlRetrievalTimeout) + sizeof(DWORD))
1388 {
1389 startTime = GetTickCount();
1390 endTime = startTime + pRevPara->dwUrlRetrievalTimeout;
1391 timeout = pRevPara->dwUrlRetrievalTimeout;
1392 }
1393 else
1394 endTime = timeout = 0;
1395 for (j = 0; ret && j < urlArray->cUrl; j++)
1396 {
1397 PCCRL_CONTEXT crl;
1398
1399 ret = CryptRetrieveObjectByUrlW(urlArray->rgwszUrl[j],
1400 CONTEXT_OID_CRL, retrievalFlags, timeout,
1401 (void **)&crl, NULL, NULL, NULL, NULL);
1402 if (ret)
1403 {
1404 PCRL_ENTRY entry = NULL;
1405
1406 CertFindCertificateInCRL(
1407 (PCCERT_CONTEXT)rgpvContext[i], crl, 0, NULL,
1408 &entry);
1409 if (entry)
1410 {
1411 error = CRYPT_E_REVOKED;
1412 pRevStatus->dwIndex = i;
1413 ret = FALSE;
1414 }
1415 else if (timeout)
1416 {
1417 DWORD time = GetTickCount();
1418
1419 if ((int)(endTime - time) <= 0)
1420 {
1421 error = ERROR_TIMEOUT;
1422 pRevStatus->dwIndex = i;
1423 ret = FALSE;
1424 }
1425 else
1426 timeout = endTime - time;
1427 }
1428 CertFreeCRLContext(crl);
1429 }
1430 else
1431 error = CRYPT_E_REVOCATION_OFFLINE;
1432 }
1433 CryptMemFree(urlArray);
1434 }
1435 else
1436 {
1437 error = ERROR_OUTOFMEMORY;
1438 pRevStatus->dwIndex = i;
1439 ret = FALSE;
1440 }
1441 }
1442 else
1443 pRevStatus->dwIndex = i;
1444 }
1445 }
1446
1447 if (!ret)
1448 {
1449 SetLastError(error);
1450 pRevStatus->dwError = error;
1451 }
1452 TRACE("returning %d (%08x)\n", ret, error);
1453 return ret;
1454 }
useful hacks and other patches not (yet) suitable for mainline