2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 #include "wine/port.h"
24 #define NONAMELESSUNION
25 #define NONAMELESSSTRUCT
26 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
39 #include "wine/debug.h"
41 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet
);
43 BOOL WINAPI
DllMain(HINSTANCE hinstDLL
, DWORD fdwReason
, LPVOID lpvReserved
)
45 TRACE("(0x%p, %d, %p)\n", hinstDLL
, fdwReason
, lpvReserved
);
48 case DLL_PROCESS_ATTACH
:
49 DisableThreadLibraryCalls(hinstDLL
);
51 case DLL_PROCESS_DETACH
:
52 /* Do uninitialisation here */
59 static const WCHAR cryptNet
[] = { 'c','r','y','p','t','n','e','t','.',
61 static const WCHAR ldapProvOpenStore
[] = { 'L','d','a','p','P','r','o','v',
62 'O','p','e','S','t','o','r','e',0 };
64 /***********************************************************************
65 * DllRegisterServer (CRYPTNET.@)
67 HRESULT WINAPI
DllRegisterServer(void)
70 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING
,
71 CRYPT_OID_VERIFY_REVOCATION_FUNC
, 0, cryptNet
);
72 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap",
73 cryptNet
, "LdapProvOpenStore");
74 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
75 CERT_STORE_PROV_LDAP_W
, cryptNet
, "LdapProvOpenStore");
79 /***********************************************************************
80 * DllUnregisterServer (CRYPTNET.@)
82 HRESULT WINAPI
DllUnregisterServer(void)
85 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING
,
86 CRYPT_OID_VERIFY_REVOCATION_FUNC
, cryptNet
);
87 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap");
88 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
89 CERT_STORE_PROV_LDAP_W
);
93 static const char *url_oid_to_str(LPCSTR oid
)
103 #define _x(oid) case LOWORD(oid): return #oid
104 _x(URL_OID_CERTIFICATE_ISSUER
);
105 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT
);
106 _x(URL_OID_CTL_ISSUER
);
107 _x(URL_OID_CTL_NEXT_UPDATE
);
108 _x(URL_OID_CRL_ISSUER
);
109 _x(URL_OID_CERTIFICATE_FRESHEST_CRL
);
110 _x(URL_OID_CRL_FRESHEST_CRL
);
111 _x(URL_OID_CROSS_CERT_DIST_POINT
);
114 snprintf(buf
, sizeof(buf
), "%d", LOWORD(oid
));
120 typedef BOOL (WINAPI
*UrlDllGetObjectUrlFunc
)(LPCSTR
, LPVOID
, DWORD
,
121 PCRYPT_URL_ARRAY
, DWORD
*, PCRYPT_URL_INFO
, DWORD
*, LPVOID
);
123 static BOOL WINAPI
CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid
,
124 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
125 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
127 /* FIXME: This depends on the AIA (authority info access) extension being
128 * supported in crypt32.
131 SetLastError(CRYPT_E_NOT_FOUND
);
135 static BOOL WINAPI
CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid
,
136 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
137 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
139 PCCERT_CONTEXT cert
= (PCCERT_CONTEXT
)pvPara
;
143 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
144 if (dwFlags
&& !(dwFlags
& CRYPT_GET_URL_FROM_EXTENSION
))
146 SetLastError(CRYPT_E_NOT_FOUND
);
149 if ((ext
= CertFindExtension(szOID_CRL_DIST_POINTS
,
150 cert
->pCertInfo
->cExtension
, cert
->pCertInfo
->rgExtension
)))
152 CRL_DIST_POINTS_INFO
*info
;
155 ret
= CryptDecodeObjectEx(X509_ASN_ENCODING
, X509_CRL_DIST_POINTS
,
156 ext
->Value
.pbData
, ext
->Value
.cbData
, CRYPT_DECODE_ALLOC_FLAG
, NULL
,
160 DWORD i
, cUrl
, bytesNeeded
= sizeof(CRYPT_URL_ARRAY
);
162 for (i
= 0, cUrl
= 0; i
< info
->cDistPoint
; i
++)
163 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
164 == CRL_DIST_POINT_FULL_NAME
)
167 CERT_ALT_NAME_INFO
*name
=
168 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
170 for (j
= 0; j
< name
->cAltEntry
; j
++)
171 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
174 if (name
->rgAltEntry
[j
].u
.pwszURL
)
177 bytesNeeded
+= sizeof(LPWSTR
) +
178 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1)
185 SetLastError(E_INVALIDARG
);
189 *pcbUrlArray
= bytesNeeded
;
190 else if (*pcbUrlArray
< bytesNeeded
)
192 SetLastError(ERROR_MORE_DATA
);
193 *pcbUrlArray
= bytesNeeded
;
200 *pcbUrlArray
= bytesNeeded
;
202 pUrlArray
->rgwszUrl
=
203 (LPWSTR
*)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
));
204 nextUrl
= (LPWSTR
)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
)
205 + cUrl
* sizeof(LPWSTR
));
206 for (i
= 0; i
< info
->cDistPoint
; i
++)
207 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
208 == CRL_DIST_POINT_FULL_NAME
)
211 CERT_ALT_NAME_INFO
*name
=
212 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
214 for (j
= 0; j
< name
->cAltEntry
; j
++)
215 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
218 if (name
->rgAltEntry
[j
].u
.pwszURL
)
221 name
->rgAltEntry
[j
].u
.pwszURL
);
222 pUrlArray
->rgwszUrl
[pUrlArray
->cUrl
++] =
225 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1);
234 FIXME("url info: stub\n");
236 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
237 else if (*pcbUrlInfo
< sizeof(CRYPT_URL_INFO
))
239 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
240 SetLastError(ERROR_MORE_DATA
);
245 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
246 memset(pUrlInfo
, 0, sizeof(CRYPT_URL_INFO
));
254 SetLastError(CRYPT_E_NOT_FOUND
);
258 /***********************************************************************
259 * CryptGetObjectUrl (CRYPTNET.@)
261 BOOL WINAPI
CryptGetObjectUrl(LPCSTR pszUrlOid
, LPVOID pvPara
, DWORD dwFlags
,
262 PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
, PCRYPT_URL_INFO pUrlInfo
,
263 DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
265 UrlDllGetObjectUrlFunc func
= NULL
;
266 HCRYPTOIDFUNCADDR hFunc
= NULL
;
269 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid
),
270 pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
, pUrlInfo
, pcbUrlInfo
, pvReserved
);
272 if (!HIWORD(pszUrlOid
))
274 switch (LOWORD(pszUrlOid
))
276 case LOWORD(URL_OID_CERTIFICATE_ISSUER
):
277 func
= CRYPT_GetUrlFromCertificateIssuer
;
279 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT
):
280 func
= CRYPT_GetUrlFromCertificateCRLDistPoint
;
283 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid
));
284 SetLastError(ERROR_FILE_NOT_FOUND
);
289 static HCRYPTOIDFUNCSET set
= NULL
;
292 set
= CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC
, 0);
293 CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszUrlOid
, 0,
294 (void **)&func
, &hFunc
);
297 ret
= func(pszUrlOid
, pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
,
298 pUrlInfo
, pcbUrlInfo
, pvReserved
);
300 CryptFreeOIDFunctionAddress(hFunc
, 0);
304 /***********************************************************************
305 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
307 BOOL WINAPI
CryptRetrieveObjectByUrlA(LPCSTR pszURL
, LPCSTR pszObjectOid
,
308 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
309 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
310 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
315 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL
),
316 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
317 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
321 SetLastError(ERROR_INVALID_PARAMETER
);
324 len
= MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, NULL
, 0);
327 LPWSTR url
= CryptMemAlloc(len
* sizeof(WCHAR
));
331 MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, url
, len
);
332 ret
= CryptRetrieveObjectByUrlW(url
, pszObjectOid
,
333 dwRetrievalFlags
, dwTimeout
, ppvObject
, hAsyncRetrieve
,
334 pCredentials
, pvVerify
, pAuxInfo
);
338 SetLastError(ERROR_OUTOFMEMORY
);
343 static void WINAPI
CRYPT_FreeBlob(LPCSTR pszObjectOid
,
344 PCRYPT_BLOB_ARRAY pObject
, void *pvFreeContext
)
348 for (i
= 0; i
< pObject
->cBlob
; i
++)
349 CryptMemFree(pObject
->rgBlob
[i
].pbData
);
350 CryptMemFree(pObject
->rgBlob
);
353 static BOOL
CRYPT_GetObjectFromFile(HANDLE hFile
, PCRYPT_BLOB_ARRAY pObject
)
358 if ((ret
= GetFileSizeEx(hFile
, &size
)))
362 WARN("file too big\n");
363 SetLastError(ERROR_INVALID_DATA
);
368 CRYPT_DATA_BLOB blob
;
370 blob
.pbData
= CryptMemAlloc(size
.u
.LowPart
);
373 blob
.cbData
= size
.u
.LowPart
;
374 ret
= ReadFile(hFile
, blob
.pbData
, size
.u
.LowPart
, &blob
.cbData
,
378 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
382 memcpy(pObject
->rgBlob
, &blob
, sizeof(CRYPT_DATA_BLOB
));
386 SetLastError(ERROR_OUTOFMEMORY
);
391 CryptMemFree(blob
.pbData
);
395 SetLastError(ERROR_OUTOFMEMORY
);
403 /* FIXME: should make wininet cache all downloads instead */
404 static BOOL
CRYPT_GetObjectFromCache(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
405 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
408 INTERNET_CACHE_ENTRY_INFOW cacheInfo
= { sizeof(cacheInfo
), 0 };
409 DWORD size
= sizeof(cacheInfo
);
411 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pObject
, pAuxInfo
);
413 if (GetUrlCacheEntryInfoW(pszURL
, &cacheInfo
, &size
) ||
414 GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
418 GetSystemTimeAsFileTime(&ft
);
419 if (CompareFileTime(&cacheInfo
.ExpireTime
, &ft
) >= 0)
421 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo
= CryptMemAlloc(size
);
425 if (GetUrlCacheEntryInfoW(pszURL
, pCacheInfo
, &size
))
427 HANDLE hFile
= CreateFileW(pCacheInfo
->lpszLocalFileName
,
428 GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
429 FILE_ATTRIBUTE_NORMAL
, NULL
);
431 if (hFile
!= INVALID_HANDLE_VALUE
)
433 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
435 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
436 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
437 pLastSyncTime
) + sizeof(PFILETIME
) &&
438 pAuxInfo
->pLastSyncTime
)
439 memcpy(pAuxInfo
->pLastSyncTime
,
440 &pCacheInfo
->LastSyncTime
,
446 CryptMemFree(pCacheInfo
);
449 SetLastError(ERROR_OUTOFMEMORY
);
452 DeleteUrlCacheEntryW(pszURL
);
454 TRACE("returning %d\n", ret
);
458 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
459 * to NULL-terminated copies of those portions of the URL (to be freed with
462 static BOOL
CRYPT_CrackUrl(LPCWSTR pszURL
, URL_COMPONENTSW
*components
)
466 TRACE("(%s, %p)\n", debugstr_w(pszURL
), components
);
468 memset(components
, 0, sizeof(*components
));
469 components
->dwStructSize
= sizeof(*components
);
470 components
->lpszHostName
= CryptMemAlloc(MAX_PATH
* sizeof(WCHAR
));
471 components
->dwHostNameLength
= MAX_PATH
;
472 components
->lpszUrlPath
= CryptMemAlloc(MAX_PATH
* 2 * sizeof(WCHAR
));
473 components
->dwUrlPathLength
= 2 * MAX_PATH
;
474 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, components
);
477 if ((components
->dwUrlPathLength
== 2 * MAX_PATH
- 1) ||
478 (components
->dwHostNameLength
== MAX_PATH
- 1))
479 FIXME("Buffers are too small\n");
480 switch (components
->nScheme
)
482 case INTERNET_SCHEME_FTP
:
483 if (!components
->nPort
)
484 components
->nPort
= INTERNET_DEFAULT_FTP_PORT
;
486 case INTERNET_SCHEME_HTTP
:
487 if (!components
->nPort
)
488 components
->nPort
= INTERNET_DEFAULT_HTTP_PORT
;
494 TRACE("returning %d\n", ret
);
505 static struct InetContext
*CRYPT_MakeInetContext(DWORD dwTimeout
)
507 struct InetContext
*context
= CryptMemAlloc(sizeof(struct InetContext
));
511 context
->event
= CreateEventW(NULL
, FALSE
, FALSE
, NULL
);
514 CryptMemFree(context
);
519 context
->timeout
= dwTimeout
;
520 context
->error
= ERROR_SUCCESS
;
526 static BOOL
CRYPT_DownloadObject(DWORD dwRetrievalFlags
, HINTERNET hHttp
,
527 struct InetContext
*context
, PCRYPT_BLOB_ARRAY pObject
,
528 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
530 CRYPT_DATA_BLOB object
= { 0, NULL
};
531 DWORD bytesAvailable
;
535 if ((ret
= InternetQueryDataAvailable(hHttp
, &bytesAvailable
, 0, 0)))
540 object
.pbData
= CryptMemRealloc(object
.pbData
,
541 object
.cbData
+ bytesAvailable
);
543 object
.pbData
= CryptMemAlloc(bytesAvailable
);
546 INTERNET_BUFFERSA buffer
= { sizeof(buffer
), 0 };
548 buffer
.dwBufferLength
= bytesAvailable
;
549 buffer
.lpvBuffer
= object
.pbData
+ object
.cbData
;
550 if (!(ret
= InternetReadFileExA(hHttp
, &buffer
, IRF_NO_WAIT
,
551 (DWORD_PTR
)context
)))
553 if (GetLastError() == ERROR_IO_PENDING
)
555 if (WaitForSingleObject(context
->event
,
556 context
->timeout
) == WAIT_TIMEOUT
)
557 SetLastError(ERROR_TIMEOUT
);
558 else if (context
->error
)
559 SetLastError(context
->error
);
565 object
.cbData
+= bytesAvailable
;
569 SetLastError(ERROR_OUTOFMEMORY
);
574 else if (GetLastError() == ERROR_IO_PENDING
)
576 if (WaitForSingleObject(context
->event
, context
->timeout
) ==
578 SetLastError(ERROR_TIMEOUT
);
582 } while (ret
&& bytesAvailable
);
585 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
586 if (!pObject
->rgBlob
)
588 CryptMemFree(object
.pbData
);
589 SetLastError(ERROR_OUTOFMEMORY
);
594 pObject
->rgBlob
[0].cbData
= object
.cbData
;
595 pObject
->rgBlob
[0].pbData
= object
.pbData
;
599 TRACE("returning %d\n", ret
);
603 static void CRYPT_CacheURL(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
604 DWORD dwRetrievalFlags
, FILETIME expires
)
606 WCHAR cacheFileName
[MAX_PATH
];
608 /* FIXME: let wininet directly cache instead */
609 if (CreateUrlCacheEntryW(pszURL
, pObject
->rgBlob
[0].cbData
, NULL
,
612 HANDLE hCacheFile
= CreateFileW(cacheFileName
, GENERIC_WRITE
, 0, NULL
,
613 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
615 if (hCacheFile
!= INVALID_HANDLE_VALUE
)
617 DWORD bytesWritten
, entryType
;
620 if (!(dwRetrievalFlags
& CRYPT_STICKY_CACHE_RETRIEVAL
))
621 entryType
= NORMAL_CACHE_ENTRY
;
623 entryType
= STICKY_CACHE_ENTRY
;
624 WriteFile(hCacheFile
, pObject
->rgBlob
[0].pbData
,
625 pObject
->rgBlob
[0].cbData
, &bytesWritten
, NULL
);
626 CloseHandle(hCacheFile
);
627 CommitUrlCacheEntryW(pszURL
, cacheFileName
, expires
, ft
, entryType
,
628 NULL
, 0, NULL
, NULL
);
633 static void CALLBACK
CRYPT_InetStatusCallback(HINTERNET hInt
,
634 DWORD_PTR dwContext
, DWORD status
, void *statusInfo
, DWORD statusInfoLen
)
636 struct InetContext
*context
= (struct InetContext
*)dwContext
;
637 LPINTERNET_ASYNC_RESULT result
;
641 case INTERNET_STATUS_REQUEST_COMPLETE
:
642 result
= (LPINTERNET_ASYNC_RESULT
)statusInfo
;
643 context
->error
= result
->dwError
;
644 SetEvent(context
->event
);
648 static BOOL
CRYPT_Connect(URL_COMPONENTSW
*components
,
649 struct InetContext
*context
, PCRYPT_CREDENTIALS pCredentials
,
650 HINTERNET
*phInt
, HINTERNET
*phHost
)
654 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components
->lpszHostName
),
655 components
->nPort
, context
, pCredentials
, phInt
, phInt
);
658 *phInt
= InternetOpenW(NULL
, INTERNET_OPEN_TYPE_DIRECT
, NULL
, NULL
,
659 context
? INTERNET_FLAG_ASYNC
: 0);
665 InternetSetStatusCallbackW(*phInt
, CRYPT_InetStatusCallback
);
666 switch (components
->nScheme
)
668 case INTERNET_SCHEME_FTP
:
669 service
= INTERNET_SERVICE_FTP
;
671 case INTERNET_SCHEME_HTTP
:
672 service
= INTERNET_SERVICE_HTTP
;
677 /* FIXME: use pCredentials for username/password */
678 *phHost
= InternetConnectW(*phInt
, components
->lpszHostName
,
679 components
->nPort
, NULL
, NULL
, service
, 0, (DWORD_PTR
)context
);
682 InternetCloseHandle(*phInt
);
691 TRACE("returning %d\n", ret
);
695 static BOOL WINAPI
FTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
696 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
697 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
698 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
699 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
701 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
702 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
703 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
706 pObject
->rgBlob
= NULL
;
707 *ppfnFreeObject
= CRYPT_FreeBlob
;
708 *ppvFreeContext
= NULL
;
712 static const WCHAR x509cacert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
713 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
714 static const WCHAR x509emailcert
[] = { 'a','p','p','l','i','c','a','t','i','o',
715 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
717 static const WCHAR x509servercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
718 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
720 static const WCHAR x509usercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
721 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
722 static const WCHAR pkcs7cert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
723 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
725 static const WCHAR pkixCRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
726 '/','p','k','i','x','-','c','r','l',0 };
727 static const WCHAR pkcs7CRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
728 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
729 static const WCHAR pkcs7sig
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
730 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
731 static const WCHAR pkcs7mime
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
732 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
734 static BOOL WINAPI
HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
735 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
736 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
737 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
738 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
742 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
743 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
744 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
747 pObject
->rgBlob
= NULL
;
748 *ppfnFreeObject
= CRYPT_FreeBlob
;
749 *ppvFreeContext
= NULL
;
751 if (!(dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
))
752 ret
= CRYPT_GetObjectFromCache(pszURL
, pObject
, pAuxInfo
);
753 if (!ret
&& (!(dwRetrievalFlags
& CRYPT_CACHE_ONLY_RETRIEVAL
) ||
754 (dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
)))
756 URL_COMPONENTSW components
;
758 if ((ret
= CRYPT_CrackUrl(pszURL
, &components
)))
760 HINTERNET hInt
, hHost
;
761 struct InetContext
*context
= NULL
;
764 context
= CRYPT_MakeInetContext(dwTimeout
);
765 ret
= CRYPT_Connect(&components
, context
, pCredentials
, &hInt
,
769 static LPCWSTR types
[] = { x509cacert
, x509emailcert
,
770 x509servercert
, x509usercert
, pkcs7cert
, pkixCRL
, pkcs7CRL
,
771 pkcs7sig
, pkcs7mime
, NULL
};
772 HINTERNET hHttp
= HttpOpenRequestW(hHost
, NULL
,
773 components
.lpszUrlPath
, NULL
, NULL
, types
,
774 INTERNET_FLAG_NO_COOKIES
| INTERNET_FLAG_NO_UI
,
781 InternetSetOptionW(hHttp
,
782 INTERNET_OPTION_RECEIVE_TIMEOUT
, &dwTimeout
,
784 InternetSetOptionW(hHttp
, INTERNET_OPTION_SEND_TIMEOUT
,
785 &dwTimeout
, sizeof(dwTimeout
));
787 ret
= HttpSendRequestExW(hHttp
, NULL
, NULL
, 0,
789 if (!ret
&& GetLastError() == ERROR_IO_PENDING
)
791 if (WaitForSingleObject(context
->event
,
792 context
->timeout
) == WAIT_TIMEOUT
)
793 SetLastError(ERROR_TIMEOUT
);
797 /* We don't set ret to TRUE in this block to avoid masking
798 * an error from HttpSendRequestExW.
800 if (!HttpEndRequestW(hHttp
, NULL
, 0, (DWORD_PTR
)context
) &&
801 GetLastError() == ERROR_IO_PENDING
)
803 if (WaitForSingleObject(context
->event
,
804 context
->timeout
) == WAIT_TIMEOUT
)
806 SetLastError(ERROR_TIMEOUT
);
811 ret
= CRYPT_DownloadObject(dwRetrievalFlags
, hHttp
,
812 context
, pObject
, pAuxInfo
);
813 if (ret
&& !(dwRetrievalFlags
& CRYPT_DONT_CACHE_RESULT
))
816 DWORD len
= sizeof(st
);
818 if (HttpQueryInfoW(hHttp
,
819 HTTP_QUERY_EXPIRES
| HTTP_QUERY_FLAG_SYSTEMTIME
, &st
,
824 SystemTimeToFileTime(&st
, &ft
);
825 CRYPT_CacheURL(pszURL
, pObject
, dwRetrievalFlags
,
829 InternetCloseHandle(hHttp
);
831 InternetCloseHandle(hHost
);
832 InternetCloseHandle(hInt
);
836 CloseHandle(context
->event
);
837 CryptMemFree(context
);
839 CryptMemFree(components
.lpszUrlPath
);
840 CryptMemFree(components
.lpszHostName
);
843 TRACE("returning %d\n", ret
);
847 static BOOL WINAPI
File_RetrieveEncodedObjectW(LPCWSTR pszURL
,
848 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
849 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
850 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
851 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
853 URL_COMPONENTSW components
= { sizeof(components
), 0 };
856 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
857 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
858 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
861 pObject
->rgBlob
= NULL
;
862 *ppfnFreeObject
= CRYPT_FreeBlob
;
863 *ppvFreeContext
= NULL
;
865 components
.lpszUrlPath
= CryptMemAlloc(MAX_PATH
* 2 * sizeof(WCHAR
));
866 components
.dwUrlPathLength
= 2 * MAX_PATH
;
867 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, &components
);
872 if (components
.dwUrlPathLength
== 2 * MAX_PATH
- 1)
873 FIXME("Buffers are too small\n");
875 /* 3 == lstrlenW(L"c:") + 1 */
876 path
= CryptMemAlloc((components
.dwUrlPathLength
+ 3) * sizeof(WCHAR
));
881 /* Try to create the file directly - Wine handles / in pathnames */
882 lstrcpynW(path
, components
.lpszUrlPath
,
883 components
.dwUrlPathLength
+ 1);
884 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
885 FILE_ATTRIBUTE_NORMAL
, NULL
);
886 if (hFile
== INVALID_HANDLE_VALUE
)
888 /* Try again on the current drive */
889 GetCurrentDirectoryW(components
.dwUrlPathLength
, path
);
892 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
893 components
.dwUrlPathLength
+ 1);
894 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
895 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
897 if (hFile
== INVALID_HANDLE_VALUE
)
899 /* Try again on the Windows drive */
900 GetWindowsDirectoryW(path
, components
.dwUrlPathLength
);
903 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
904 components
.dwUrlPathLength
+ 1);
905 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
906 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
910 if (hFile
!= INVALID_HANDLE_VALUE
)
912 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
914 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
915 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
916 pLastSyncTime
) + sizeof(PFILETIME
) &&
917 pAuxInfo
->pLastSyncTime
)
918 GetFileTime(hFile
, NULL
, NULL
,
919 pAuxInfo
->pLastSyncTime
);
928 CryptMemFree(components
.lpszUrlPath
);
932 typedef BOOL (WINAPI
*SchemeDllRetrieveEncodedObjectW
)(LPCWSTR pwszUrl
,
933 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
934 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
935 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
936 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
);
938 static BOOL
CRYPT_GetRetrieveFunction(LPCWSTR pszURL
,
939 SchemeDllRetrieveEncodedObjectW
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
941 URL_COMPONENTSW components
= { sizeof(components
), 0 };
944 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pFunc
, phFunc
);
948 components
.dwSchemeLength
= 1;
949 ret
= InternetCrackUrlW(pszURL
, 0, 0, &components
);
952 /* Microsoft always uses CryptInitOIDFunctionSet/
953 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
954 * reason to do so for builtin schemes.
956 switch (components
.nScheme
)
958 case INTERNET_SCHEME_FTP
:
959 *pFunc
= FTP_RetrieveEncodedObjectW
;
961 case INTERNET_SCHEME_HTTP
:
962 *pFunc
= HTTP_RetrieveEncodedObjectW
;
964 case INTERNET_SCHEME_FILE
:
965 *pFunc
= File_RetrieveEncodedObjectW
;
969 int len
= WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
970 components
.dwSchemeLength
, NULL
, 0, NULL
, NULL
);
974 LPSTR scheme
= CryptMemAlloc(len
);
978 static HCRYPTOIDFUNCSET set
= NULL
;
981 set
= CryptInitOIDFunctionSet(
982 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC
, 0);
983 WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
984 components
.dwSchemeLength
, scheme
, len
, NULL
, NULL
);
985 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
,
986 scheme
, 0, (void **)pFunc
, phFunc
);
987 CryptMemFree(scheme
);
991 SetLastError(ERROR_OUTOFMEMORY
);
1000 TRACE("returning %d\n", ret
);
1004 static BOOL WINAPI
CRYPT_CreateBlob(LPCSTR pszObjectOid
,
1005 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1008 CRYPT_BLOB_ARRAY
*context
;
1011 size
= sizeof(CRYPT_BLOB_ARRAY
) + pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1012 for (i
= 0; i
< pObject
->cBlob
; i
++)
1013 size
+= pObject
->rgBlob
[i
].cbData
;
1014 context
= CryptMemAlloc(size
);
1021 (CRYPT_DATA_BLOB
*)((LPBYTE
)context
+ sizeof(CRYPT_BLOB_ARRAY
));
1023 (LPBYTE
)context
->rgBlob
+ pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1024 for (i
= 0; i
< pObject
->cBlob
; i
++)
1026 memcpy(nextData
, pObject
->rgBlob
[i
].pbData
,
1027 pObject
->rgBlob
[i
].cbData
);
1028 context
->rgBlob
[i
].pbData
= nextData
;
1029 context
->rgBlob
[i
].cbData
= pObject
->rgBlob
[i
].cbData
;
1030 nextData
+= pObject
->rgBlob
[i
].cbData
;
1033 *ppvContext
= context
;
1039 typedef BOOL (WINAPI
*AddContextToStore
)(HCERTSTORE hCertStore
,
1040 const void *pContext
, DWORD dwAddDisposition
, const void **ppStoreContext
);
1042 static BOOL
CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject
,
1043 DWORD dwExpectedContentTypeFlags
, AddContextToStore addFunc
, void **ppvContext
)
1047 if (!pObject
->cBlob
)
1049 SetLastError(ERROR_INVALID_DATA
);
1053 else if (pObject
->cBlob
== 1)
1055 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1056 dwExpectedContentTypeFlags
, CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
,
1057 NULL
, NULL
, NULL
, NULL
, (const void **)ppvContext
))
1059 SetLastError(CRYPT_E_NO_MATCH
);
1065 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1066 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1071 const void *context
;
1073 for (i
= 0; i
< pObject
->cBlob
; i
++)
1075 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1076 &pObject
->rgBlob
[i
], dwExpectedContentTypeFlags
,
1077 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, NULL
, NULL
, NULL
,
1080 if (!addFunc(store
, context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1085 SetLastError(CRYPT_E_NO_MATCH
);
1092 *ppvContext
= store
;
1097 static BOOL WINAPI
CRYPT_CreateCert(LPCSTR pszObjectOid
,
1098 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1100 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CERT
,
1101 (AddContextToStore
)CertAddCertificateContextToStore
, ppvContext
);
1104 static BOOL WINAPI
CRYPT_CreateCRL(LPCSTR pszObjectOid
,
1105 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1107 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CRL
,
1108 (AddContextToStore
)CertAddCRLContextToStore
, ppvContext
);
1111 static BOOL WINAPI
CRYPT_CreateCTL(LPCSTR pszObjectOid
,
1112 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1114 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CTL
,
1115 (AddContextToStore
)CertAddCTLContextToStore
, ppvContext
);
1118 static BOOL WINAPI
CRYPT_CreatePKCS7(LPCSTR pszObjectOid
,
1119 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1123 if (!pObject
->cBlob
)
1125 SetLastError(ERROR_INVALID_DATA
);
1129 else if (pObject
->cBlob
== 1)
1130 ret
= CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1131 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1132 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
, CERT_QUERY_FORMAT_FLAG_BINARY
,
1133 0, NULL
, NULL
, NULL
, ppvContext
, NULL
, NULL
);
1136 FIXME("multiple messages unimplemented\n");
1142 static BOOL WINAPI
CRYPT_CreateAny(LPCSTR pszObjectOid
,
1143 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1147 if (!pObject
->cBlob
)
1149 SetLastError(ERROR_INVALID_DATA
);
1155 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
1156 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1160 HCERTSTORE memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1161 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1165 CertAddStoreToCollection(store
, memStore
,
1166 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
1167 CertCloseStore(memStore
, 0);
1171 CertCloseStore(store
, 0);
1180 for (i
= 0; i
< pObject
->cBlob
; i
++)
1182 DWORD contentType
, expectedContentTypes
=
1183 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1184 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
|
1185 CERT_QUERY_CONTENT_FLAG_CERT
|
1186 CERT_QUERY_CONTENT_FLAG_CRL
|
1187 CERT_QUERY_CONTENT_FLAG_CTL
;
1188 HCERTSTORE contextStore
;
1189 const void *context
;
1191 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1192 &pObject
->rgBlob
[i
], expectedContentTypes
,
1193 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, &contentType
, NULL
,
1194 &contextStore
, NULL
, &context
))
1196 switch (contentType
)
1198 case CERT_QUERY_CONTENT_CERT
:
1199 if (!CertAddCertificateContextToStore(store
,
1200 (PCCERT_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1203 case CERT_QUERY_CONTENT_CRL
:
1204 if (!CertAddCRLContextToStore(store
,
1205 (PCCRL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1208 case CERT_QUERY_CONTENT_CTL
:
1209 if (!CertAddCTLContextToStore(store
,
1210 (PCCTL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1214 CertAddStoreToCollection(store
, contextStore
, 0, 0);
1223 *ppvContext
= store
;
1228 typedef BOOL (WINAPI
*ContextDllCreateObjectContext
)(LPCSTR pszObjectOid
,
1229 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
);
1231 static BOOL
CRYPT_GetCreateFunction(LPCSTR pszObjectOid
,
1232 ContextDllCreateObjectContext
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
1236 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid
), pFunc
, phFunc
);
1240 if (!HIWORD(pszObjectOid
))
1242 switch (LOWORD(pszObjectOid
))
1245 *pFunc
= CRYPT_CreateBlob
;
1247 case LOWORD(CONTEXT_OID_CERTIFICATE
):
1248 *pFunc
= CRYPT_CreateCert
;
1250 case LOWORD(CONTEXT_OID_CRL
):
1251 *pFunc
= CRYPT_CreateCRL
;
1253 case LOWORD(CONTEXT_OID_CTL
):
1254 *pFunc
= CRYPT_CreateCTL
;
1256 case LOWORD(CONTEXT_OID_PKCS7
):
1257 *pFunc
= CRYPT_CreatePKCS7
;
1259 case LOWORD(CONTEXT_OID_CAPI2_ANY
):
1260 *pFunc
= CRYPT_CreateAny
;
1266 static HCRYPTOIDFUNCSET set
= NULL
;
1269 set
= CryptInitOIDFunctionSet(
1270 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC
, 0);
1271 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszObjectOid
,
1272 0, (void **)pFunc
, phFunc
);
1274 TRACE("returning %d\n", ret
);
1278 /***********************************************************************
1279 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1281 BOOL WINAPI
CryptRetrieveObjectByUrlW(LPCWSTR pszURL
, LPCSTR pszObjectOid
,
1282 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
1283 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
1284 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
1287 SchemeDllRetrieveEncodedObjectW retrieve
;
1288 ContextDllCreateObjectContext create
;
1289 HCRYPTOIDFUNCADDR hRetrieve
= 0, hCreate
= 0;
1291 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
1292 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
1293 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
1297 SetLastError(ERROR_INVALID_PARAMETER
);
1300 ret
= CRYPT_GetRetrieveFunction(pszURL
, &retrieve
, &hRetrieve
);
1302 ret
= CRYPT_GetCreateFunction(pszObjectOid
, &create
, &hCreate
);
1305 CRYPT_BLOB_ARRAY object
= { 0, NULL
};
1306 PFN_FREE_ENCODED_OBJECT_FUNC freeObject
;
1309 ret
= retrieve(pszURL
, pszObjectOid
, dwRetrievalFlags
, dwTimeout
,
1310 &object
, &freeObject
, &freeContext
, hAsyncRetrieve
, pCredentials
,
1314 ret
= create(pszObjectOid
, dwRetrievalFlags
, &object
, ppvObject
);
1315 freeObject(pszObjectOid
, &object
, freeContext
);
1319 CryptFreeOIDFunctionAddress(hCreate
, 0);
1321 CryptFreeOIDFunctionAddress(hRetrieve
, 0);
1322 TRACE("returning %d\n", ret
);
1326 typedef struct _OLD_CERT_REVOCATION_STATUS
{
1331 } OLD_CERT_REVOCATION_STATUS
, *POLD_CERT_REVOCATION_STATUS
;
1333 /***********************************************************************
1334 * CertDllVerifyRevocation (CRYPTNET.@)
1336 BOOL WINAPI
CertDllVerifyRevocation(DWORD dwEncodingType
, DWORD dwRevType
,
1337 DWORD cContext
, PVOID rgpvContext
[], DWORD dwFlags
,
1338 PCERT_REVOCATION_PARA pRevPara
, PCERT_REVOCATION_STATUS pRevStatus
)
1343 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType
, dwRevType
,
1344 cContext
, rgpvContext
, dwFlags
, pRevPara
, pRevStatus
);
1346 if (pRevStatus
->cbSize
!= sizeof(OLD_CERT_REVOCATION_STATUS
) &&
1347 pRevStatus
->cbSize
!= sizeof(CERT_REVOCATION_STATUS
))
1349 SetLastError(E_INVALIDARG
);
1352 memset(&pRevStatus
->dwIndex
, 0, pRevStatus
->cbSize
- sizeof(DWORD
));
1353 if (dwRevType
!= CERT_CONTEXT_REVOCATION_TYPE
)
1355 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1361 for (i
= 0; ret
&& i
< cContext
; i
++)
1365 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1366 rgpvContext
[i
], 0, NULL
, &cbUrlArray
, NULL
, NULL
, NULL
);
1367 if (!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
)
1369 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1370 pRevStatus
->dwIndex
= i
;
1374 CRYPT_URL_ARRAY
*urlArray
= CryptMemAlloc(cbUrlArray
);
1378 DWORD j
, retrievalFlags
= 0, startTime
, endTime
, timeout
;
1380 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1381 rgpvContext
[i
], 0, urlArray
, &cbUrlArray
, NULL
, NULL
,
1383 if (dwFlags
& CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION
)
1384 retrievalFlags
|= CRYPT_CACHE_ONLY_RETRIEVAL
;
1385 if (dwFlags
& CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG
&&
1386 pRevPara
->cbSize
>= offsetof(CERT_REVOCATION_PARA
,
1387 dwUrlRetrievalTimeout
) + sizeof(DWORD
))
1389 startTime
= GetTickCount();
1390 endTime
= startTime
+ pRevPara
->dwUrlRetrievalTimeout
;
1391 timeout
= pRevPara
->dwUrlRetrievalTimeout
;
1394 endTime
= timeout
= 0;
1395 for (j
= 0; ret
&& j
< urlArray
->cUrl
; j
++)
1399 ret
= CryptRetrieveObjectByUrlW(urlArray
->rgwszUrl
[j
],
1400 CONTEXT_OID_CRL
, retrievalFlags
, timeout
,
1401 (void **)&crl
, NULL
, NULL
, NULL
, NULL
);
1404 PCRL_ENTRY entry
= NULL
;
1406 CertFindCertificateInCRL(
1407 (PCCERT_CONTEXT
)rgpvContext
[i
], crl
, 0, NULL
,
1411 error
= CRYPT_E_REVOKED
;
1412 pRevStatus
->dwIndex
= i
;
1417 DWORD time
= GetTickCount();
1419 if ((int)(endTime
- time
) <= 0)
1421 error
= ERROR_TIMEOUT
;
1422 pRevStatus
->dwIndex
= i
;
1426 timeout
= endTime
- time
;
1428 CertFreeCRLContext(crl
);
1431 error
= CRYPT_E_REVOCATION_OFFLINE
;
1433 CryptMemFree(urlArray
);
1437 error
= ERROR_OUTOFMEMORY
;
1438 pRevStatus
->dwIndex
= i
;
1443 pRevStatus
->dwIndex
= i
;
1449 SetLastError(error
);
1450 pRevStatus
->dwError
= error
;
1452 TRACE("returning %d (%08x)\n", ret
, error
);