search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
push 0c258732cb75565633c2f709ca58b227c9f8ae60
[wine/hacks.git] / dlls / crypt32 / msg.c
blob30ec62a4fab290635212a9c12c005571b05a88ee
1 /*
2 * Copyright 2007 Juan Lang
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 */
18 #include <stdarg.h>
19 #include "windef.h"
20 #include "winbase.h"
21 #include "wincrypt.h"
22 #include "snmp.h"
23
24 #include "wine/debug.h"
25 #include "wine/exception.h"
26 #include "crypt32_private.h"
27
28 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
29
30 /* Called when a message's ref count reaches zero. Free any message-specific
31 * data here.
32 */
33 typedef void (*CryptMsgCloseFunc)(HCRYPTMSG msg);
34
35 typedef BOOL (*CryptMsgGetParamFunc)(HCRYPTMSG hCryptMsg, DWORD dwParamType,
36 DWORD dwIndex, void *pvData, DWORD *pcbData);
37
38 typedef BOOL (*CryptMsgUpdateFunc)(HCRYPTMSG hCryptMsg, const BYTE *pbData,
39 DWORD cbData, BOOL fFinal);
40
41 typedef enum _CryptMsgState {
42 MsgStateInit,
43 MsgStateUpdated,
44 MsgStateFinalized
45 } CryptMsgState;
46
47 typedef struct _CryptMsgBase
48 {
49 LONG ref;
50 DWORD open_flags;
51 BOOL streamed;
52 CMSG_STREAM_INFO stream_info;
53 CryptMsgState state;
54 CryptMsgCloseFunc close;
55 CryptMsgUpdateFunc update;
56 CryptMsgGetParamFunc get_param;
57 } CryptMsgBase;
58
59 static inline void CryptMsgBase_Init(CryptMsgBase *msg, DWORD dwFlags,
60 PCMSG_STREAM_INFO pStreamInfo, CryptMsgCloseFunc close,
61 CryptMsgGetParamFunc get_param, CryptMsgUpdateFunc update)
62 {
63 msg->ref = 1;
64 msg->open_flags = dwFlags;
65 if (pStreamInfo)
66 {
67 msg->streamed = TRUE;
68 memcpy(&msg->stream_info, pStreamInfo, sizeof(msg->stream_info));
69 }
70 else
71 {
72 msg->streamed = FALSE;
73 memset(&msg->stream_info, 0, sizeof(msg->stream_info));
74 }
75 msg->close = close;
76 msg->get_param = get_param;
77 msg->update = update;
78 msg->state = MsgStateInit;
79 }
80
81 typedef struct _CDataEncodeMsg
82 {
83 CryptMsgBase base;
84 DWORD bare_content_len;
85 LPBYTE bare_content;
86 } CDataEncodeMsg;
87
88 static const BYTE empty_data_content[] = { 0x04,0x00 };
89
90 static void CDataEncodeMsg_Close(HCRYPTMSG hCryptMsg)
91 {
92 CDataEncodeMsg *msg = (CDataEncodeMsg *)hCryptMsg;
93
94 if (msg->bare_content != empty_data_content)
95 LocalFree(msg->bare_content);
96 }
97
98 static WINAPI BOOL CRYPT_EncodeContentLength(DWORD dwCertEncodingType,
99 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
100 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
101 {
102 const CDataEncodeMsg *msg = (const CDataEncodeMsg *)pvStructInfo;
103 DWORD lenBytes;
104 BOOL ret = TRUE;
105
106 /* Trick: report bytes needed based on total message length, even though
107 * the message isn't available yet. The caller will use the length
108 * reported here to encode its length.
109 */
110 CRYPT_EncodeLen(msg->base.stream_info.cbContent, NULL, &lenBytes);
111 if (!pbEncoded)
112 *pcbEncoded = 1 + lenBytes + msg->base.stream_info.cbContent;
113 else
114 {
115 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara, pbEncoded,
116 pcbEncoded, 1 + lenBytes)))
117 {
118 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
119 pbEncoded = *(BYTE **)pbEncoded;
120 *pbEncoded++ = ASN_OCTETSTRING;
121 CRYPT_EncodeLen(msg->base.stream_info.cbContent, pbEncoded,
122 &lenBytes);
123 }
124 }
125 return ret;
126 }
127
128 static BOOL CRYPT_EncodeDataContentInfoHeader(CDataEncodeMsg *msg,
129 CRYPT_DATA_BLOB *header)
130 {
131 BOOL ret;
132
133 if (msg->base.streamed && msg->base.stream_info.cbContent == 0xffffffff)
134 {
135 FIXME("unimplemented for indefinite-length encoding\n");
136 header->cbData = 0;
137 header->pbData = NULL;
138 ret = TRUE;
139 }
140 else
141 {
142 struct AsnConstructedItem constructed = { 0, msg,
143 CRYPT_EncodeContentLength };
144 struct AsnEncodeSequenceItem items[2] = {
145 { szOID_RSA_data, CRYPT_AsnEncodeOid, 0 },
146 { &constructed, CRYPT_AsnEncodeConstructed, 0 },
147 };
148
149 ret = CRYPT_AsnEncodeSequence(X509_ASN_ENCODING, items,
150 sizeof(items) / sizeof(items[0]), CRYPT_ENCODE_ALLOC_FLAG, NULL,
151 (LPBYTE)&header->pbData, &header->cbData);
152 if (ret)
153 {
154 /* Trick: subtract the content length from the reported length,
155 * as the actual content hasn't come yet.
156 */
157 header->cbData -= msg->base.stream_info.cbContent;
158 }
159 }
160 return ret;
161 }
162
163 static BOOL CDataEncodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
164 DWORD cbData, BOOL fFinal)
165 {
166 CDataEncodeMsg *msg = (CDataEncodeMsg *)hCryptMsg;
167 BOOL ret = FALSE;
168
169 if (msg->base.streamed)
170 {
171 __TRY
172 {
173 if (msg->base.state != MsgStateUpdated)
174 {
175 CRYPT_DATA_BLOB header;
176
177 ret = CRYPT_EncodeDataContentInfoHeader(msg, &header);
178 if (ret)
179 {
180 ret = msg->base.stream_info.pfnStreamOutput(
181 msg->base.stream_info.pvArg, header.pbData, header.cbData,
182 FALSE);
183 LocalFree(header.pbData);
184 }
185 }
186 if (!fFinal)
187 ret = msg->base.stream_info.pfnStreamOutput(
188 msg->base.stream_info.pvArg, (BYTE *)pbData, cbData,
189 FALSE);
190 else
191 {
192 if (msg->base.stream_info.cbContent == 0xffffffff)
193 {
194 BYTE indefinite_trailer[6] = { 0 };
195
196 ret = msg->base.stream_info.pfnStreamOutput(
197 msg->base.stream_info.pvArg, (BYTE *)pbData, cbData,
198 FALSE);
199 if (ret)
200 ret = msg->base.stream_info.pfnStreamOutput(
201 msg->base.stream_info.pvArg, indefinite_trailer,
202 sizeof(indefinite_trailer), TRUE);
203 }
204 else
205 ret = msg->base.stream_info.pfnStreamOutput(
206 msg->base.stream_info.pvArg, (BYTE *)pbData, cbData, TRUE);
207 }
208 }
209 __EXCEPT_PAGE_FAULT
210 {
211 SetLastError(STATUS_ACCESS_VIOLATION);
212 }
213 __ENDTRY;
214 }
215 else
216 {
217 if (!fFinal)
218 {
219 if (msg->base.open_flags & CMSG_DETACHED_FLAG)
220 SetLastError(E_INVALIDARG);
221 else
222 SetLastError(CRYPT_E_MSG_ERROR);
223 }
224 else
225 {
226 if (!cbData)
227 SetLastError(E_INVALIDARG);
228 else
229 {
230 CRYPT_DATA_BLOB blob = { cbData, (LPBYTE)pbData };
231
232 /* non-streamed data messages don't allow non-final updates,
233 * don't bother checking whether data already exist, they can't.
234 */
235 ret = CryptEncodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
236 &blob, CRYPT_ENCODE_ALLOC_FLAG, NULL, &msg->bare_content,
237 &msg->bare_content_len);
238 }
239 }
240 }
241 return ret;
242 }
243
244 static BOOL CRYPT_CopyParam(void *pvData, DWORD *pcbData, const void *src,
245 DWORD len)
246 {
247 BOOL ret = TRUE;
248
249 if (!pvData)
250 *pcbData = len;
251 else if (*pcbData < len)
252 {
253 *pcbData = len;
254 SetLastError(ERROR_MORE_DATA);
255 ret = FALSE;
256 }
257 else
258 {
259 *pcbData = len;
260 memcpy(pvData, src, len);
261 }
262 return ret;
263 }
264
265 static BOOL CDataEncodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
266 DWORD dwIndex, void *pvData, DWORD *pcbData)
267 {
268 CDataEncodeMsg *msg = (CDataEncodeMsg *)hCryptMsg;
269 BOOL ret = FALSE;
270
271 switch (dwParamType)
272 {
273 case CMSG_CONTENT_PARAM:
274 if (msg->base.streamed)
275 SetLastError(E_INVALIDARG);
276 else
277 {
278 CRYPT_CONTENT_INFO info;
279 char rsa_data[] = "1.2.840.113549.1.7.1";
280
281 info.pszObjId = rsa_data;
282 info.Content.cbData = msg->bare_content_len;
283 info.Content.pbData = msg->bare_content;
284 ret = CryptEncodeObject(X509_ASN_ENCODING, PKCS_CONTENT_INFO, &info,
285 pvData, pcbData);
286 }
287 break;
288 case CMSG_BARE_CONTENT_PARAM:
289 if (msg->base.streamed)
290 SetLastError(E_INVALIDARG);
291 else
292 ret = CRYPT_CopyParam(pvData, pcbData, msg->bare_content,
293 msg->bare_content_len);
294 break;
295 default:
296 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
297 }
298 return ret;
299 }
300
301 static HCRYPTMSG CDataEncodeMsg_Open(DWORD dwFlags, const void *pvMsgEncodeInfo,
302 LPSTR pszInnerContentObjID, PCMSG_STREAM_INFO pStreamInfo)
303 {
304 CDataEncodeMsg *msg;
305
306 if (pvMsgEncodeInfo)
307 {
308 SetLastError(E_INVALIDARG);
309 return NULL;
310 }
311 msg = CryptMemAlloc(sizeof(CDataEncodeMsg));
312 if (msg)
313 {
314 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
315 CDataEncodeMsg_Close, CDataEncodeMsg_GetParam, CDataEncodeMsg_Update);
316 msg->bare_content_len = sizeof(empty_data_content);
317 msg->bare_content = (LPBYTE)empty_data_content;
318 }
319 return (HCRYPTMSG)msg;
320 }
321
322 typedef struct _CHashEncodeMsg
323 {
324 CryptMsgBase base;
325 HCRYPTPROV prov;
326 HCRYPTHASH hash;
327 CRYPT_DATA_BLOB data;
328 } CHashEncodeMsg;
329
330 static void CHashEncodeMsg_Close(HCRYPTMSG hCryptMsg)
331 {
332 CHashEncodeMsg *msg = (CHashEncodeMsg *)hCryptMsg;
333
334 CryptMemFree(msg->data.pbData);
335 CryptDestroyHash(msg->hash);
336 if (msg->base.open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG)
337 CryptReleaseContext(msg->prov, 0);
338 }
339
340 static BOOL CRYPT_EncodePKCSDigestedData(CHashEncodeMsg *msg, void *pvData,
341 DWORD *pcbData)
342 {
343 BOOL ret;
344 ALG_ID algID;
345 DWORD size = sizeof(algID);
346
347 ret = CryptGetHashParam(msg->hash, HP_ALGID, (BYTE *)&algID, &size, 0);
348 if (ret)
349 {
350 CRYPT_DIGESTED_DATA digestedData = { 0 };
351 char oid_rsa_data[] = szOID_RSA_data;
352
353 digestedData.version = CMSG_HASHED_DATA_PKCS_1_5_VERSION;
354 digestedData.DigestAlgorithm.pszObjId = (LPSTR)CertAlgIdToOID(algID);
355 /* FIXME: what about digestedData.DigestAlgorithm.Parameters? */
356 /* Quirk: OID is only encoded messages if an update has happened */
357 if (msg->base.state != MsgStateInit)
358 digestedData.ContentInfo.pszObjId = oid_rsa_data;
359 if (!(msg->base.open_flags & CMSG_DETACHED_FLAG) && msg->data.cbData)
360 {
361 ret = CRYPT_AsnEncodeOctets(0, NULL, &msg->data,
362 CRYPT_ENCODE_ALLOC_FLAG, NULL,
363 (LPBYTE)&digestedData.ContentInfo.Content.pbData,
364 &digestedData.ContentInfo.Content.cbData);
365 }
366 if (msg->base.state == MsgStateFinalized)
367 {
368 size = sizeof(DWORD);
369 ret = CryptGetHashParam(msg->hash, HP_HASHSIZE,
370 (LPBYTE)&digestedData.hash.cbData, &size, 0);
371 if (ret)
372 {
373 digestedData.hash.pbData = CryptMemAlloc(
374 digestedData.hash.cbData);
375 ret = CryptGetHashParam(msg->hash, HP_HASHVAL,
376 digestedData.hash.pbData, &digestedData.hash.cbData, 0);
377 }
378 }
379 if (ret)
380 ret = CRYPT_AsnEncodePKCSDigestedData(&digestedData, pvData,
381 pcbData);
382 CryptMemFree(digestedData.hash.pbData);
383 LocalFree(digestedData.ContentInfo.Content.pbData);
384 }
385 return ret;
386 }
387
388 static BOOL CHashEncodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
389 DWORD dwIndex, void *pvData, DWORD *pcbData)
390 {
391 CHashEncodeMsg *msg = (CHashEncodeMsg *)hCryptMsg;
392 BOOL ret = FALSE;
393
394 TRACE("(%p, %d, %d, %p, %p)\n", hCryptMsg, dwParamType, dwIndex,
395 pvData, pcbData);
396
397 switch (dwParamType)
398 {
399 case CMSG_BARE_CONTENT_PARAM:
400 if (msg->base.streamed)
401 SetLastError(E_INVALIDARG);
402 else
403 ret = CRYPT_EncodePKCSDigestedData(msg, pvData, pcbData);
404 break;
405 case CMSG_CONTENT_PARAM:
406 {
407 CRYPT_CONTENT_INFO info;
408
409 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0, NULL,
410 &info.Content.cbData);
411 if (ret)
412 {
413 info.Content.pbData = CryptMemAlloc(info.Content.cbData);
414 if (info.Content.pbData)
415 {
416 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0,
417 info.Content.pbData, &info.Content.cbData);
418 if (ret)
419 {
420 char oid_rsa_hashed[] = szOID_RSA_hashedData;
421
422 info.pszObjId = oid_rsa_hashed;
423 ret = CryptEncodeObjectEx(X509_ASN_ENCODING,
424 PKCS_CONTENT_INFO, &info, 0, NULL, pvData, pcbData);
425 }
426 CryptMemFree(info.Content.pbData);
427 }
428 else
429 ret = FALSE;
430 }
431 break;
432 }
433 case CMSG_COMPUTED_HASH_PARAM:
434 ret = CryptGetHashParam(msg->hash, HP_HASHVAL, (BYTE *)pvData, pcbData,
435 0);
436 break;
437 case CMSG_VERSION_PARAM:
438 if (msg->base.state != MsgStateFinalized)
439 SetLastError(CRYPT_E_MSG_ERROR);
440 else
441 {
442 DWORD version = CMSG_HASHED_DATA_PKCS_1_5_VERSION;
443
444 /* Since the data are always encoded as octets, the version is
445 * always 0 (see rfc3852, section 7)
446 */
447 ret = CRYPT_CopyParam(pvData, pcbData, &version, sizeof(version));
448 }
449 break;
450 default:
451 ret = FALSE;
452 }
453 return ret;
454 }
455
456 static BOOL CHashEncodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
457 DWORD cbData, BOOL fFinal)
458 {
459 CHashEncodeMsg *msg = (CHashEncodeMsg *)hCryptMsg;
460 BOOL ret = FALSE;
461
462 TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
463
464 if (msg->base.streamed || (msg->base.open_flags & CMSG_DETACHED_FLAG))
465 {
466 /* Doesn't do much, as stream output is never called, and you
467 * can't get the content.
468 */
469 ret = CryptHashData(msg->hash, pbData, cbData, 0);
470 }
471 else
472 {
473 if (!fFinal)
474 SetLastError(CRYPT_E_MSG_ERROR);
475 else
476 {
477 ret = CryptHashData(msg->hash, pbData, cbData, 0);
478 if (ret)
479 {
480 msg->data.pbData = CryptMemAlloc(cbData);
481 if (msg->data.pbData)
482 {
483 memcpy(msg->data.pbData + msg->data.cbData, pbData, cbData);
484 msg->data.cbData += cbData;
485 }
486 else
487 ret = FALSE;
488 }
489 }
490 }
491 return ret;
492 }
493
494 static HCRYPTMSG CHashEncodeMsg_Open(DWORD dwFlags, const void *pvMsgEncodeInfo,
495 LPSTR pszInnerContentObjID, PCMSG_STREAM_INFO pStreamInfo)
496 {
497 CHashEncodeMsg *msg;
498 const CMSG_HASHED_ENCODE_INFO *info =
499 (const CMSG_HASHED_ENCODE_INFO *)pvMsgEncodeInfo;
500 HCRYPTPROV prov;
501 ALG_ID algID;
502
503 if (info->cbSize != sizeof(CMSG_HASHED_ENCODE_INFO))
504 {
505 SetLastError(E_INVALIDARG);
506 return NULL;
507 }
508 if (!(algID = CertOIDToAlgId(info->HashAlgorithm.pszObjId)))
509 {
510 SetLastError(CRYPT_E_UNKNOWN_ALGO);
511 return NULL;
512 }
513 if (info->hCryptProv)
514 prov = info->hCryptProv;
515 else
516 {
517 prov = CRYPT_GetDefaultProvider();
518 dwFlags &= ~CMSG_CRYPT_RELEASE_CONTEXT_FLAG;
519 }
520 msg = CryptMemAlloc(sizeof(CHashEncodeMsg));
521 if (msg)
522 {
523 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
524 CHashEncodeMsg_Close, CHashEncodeMsg_GetParam, CHashEncodeMsg_Update);
525 msg->prov = prov;
526 msg->data.cbData = 0;
527 msg->data.pbData = NULL;
528 if (!CryptCreateHash(prov, algID, 0, 0, &msg->hash))
529 {
530 CryptMsgClose(msg);
531 msg = NULL;
532 }
533 }
534 return (HCRYPTMSG)msg;
535 }
536
537 typedef struct _CMSG_SIGNER_ENCODE_INFO_WITH_CMS
538 {
539 DWORD cbSize;
540 PCERT_INFO pCertInfo;
541 HCRYPTPROV hCryptProv;
542 DWORD dwKeySpec;
543 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
544 void *pvHashAuxInfo;
545 DWORD cAuthAttr;
546 PCRYPT_ATTRIBUTE rgAuthAttr;
547 DWORD cUnauthAttr;
548 PCRYPT_ATTRIBUTE rgUnauthAttr;
549 CERT_ID SignerId;
550 CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
551 void *pvHashEncryptionAuxInfo;
552 } CMSG_SIGNER_ENCODE_INFO_WITH_CMS, *PCMSG_SIGNER_ENCODE_INFO_WITH_CMS;
553
554 typedef struct _CMSG_SIGNED_ENCODE_INFO_WITH_CMS
555 {
556 DWORD cbSize;
557 DWORD cSigners;
558 PCMSG_SIGNER_ENCODE_INFO_WITH_CMS rgSigners;
559 DWORD cCertEncoded;
560 PCERT_BLOB rgCertEncoded;
561 DWORD cCrlEncoded;
562 PCRL_BLOB rgCrlEncoded;
563 DWORD cAttrCertEncoded;
564 PCERT_BLOB rgAttrCertEncoded;
565 } CMSG_SIGNED_ENCODE_INFO_WITH_CMS, *PCMSG_SIGNED_ENCODE_INFO_WITH_CMS;
566
567 static BOOL CRYPT_IsValidSigner(CMSG_SIGNER_ENCODE_INFO_WITH_CMS *signer)
568 {
569 if (signer->cbSize != sizeof(CMSG_SIGNER_ENCODE_INFO) &&
570 signer->cbSize != sizeof(CMSG_SIGNER_ENCODE_INFO_WITH_CMS))
571 {
572 SetLastError(E_INVALIDARG);
573 return FALSE;
574 }
575 if (signer->cbSize == sizeof(CMSG_SIGNER_ENCODE_INFO_WITH_CMS))
576 {
577 FIXME("CMSG_SIGNER_ENCODE_INFO with CMS fields unsupported\n");
578 return FALSE;
579 }
580 if (!signer->pCertInfo->SerialNumber.cbData)
581 {
582 SetLastError(E_INVALIDARG);
583 return FALSE;
584 }
585 if (!signer->pCertInfo->Issuer.cbData)
586 {
587 SetLastError(E_INVALIDARG);
588 return FALSE;
589 }
590 if (!signer->hCryptProv)
591 {
592 SetLastError(E_INVALIDARG);
593 return FALSE;
594 }
595 if (!CertOIDToAlgId(signer->HashAlgorithm.pszObjId))
596 {
597 SetLastError(CRYPT_E_UNKNOWN_ALGO);
598 return FALSE;
599 }
600 return TRUE;
601 }
602
603 typedef struct _CSignerHandles
604 {
605 HCRYPTPROV prov;
606 HCRYPTHASH contentHash;
607 HCRYPTHASH authAttrHash;
608 HCRYPTKEY key;
609 } CSignerHandles;
610
611 static BOOL CRYPT_ConstructBlob(CRYPT_DATA_BLOB *out, const CRYPT_DATA_BLOB *in)
612 {
613 BOOL ret = TRUE;
614
615 out->cbData = in->cbData;
616 if (out->cbData)
617 {
618 out->pbData = CryptMemAlloc(out->cbData);
619 if (out->pbData)
620 memcpy(out->pbData, in->pbData, out->cbData);
621 else
622 ret = FALSE;
623 }
624 else
625 out->pbData = NULL;
626 return ret;
627 }
628
629 typedef struct _BlobArray
630 {
631 DWORD cBlobs;
632 PCRYPT_DATA_BLOB blobs;
633 } BlobArray;
634
635 static BOOL CRYPT_ConstructBlobArray(BlobArray *out, const BlobArray *in)
636 {
637 BOOL ret = TRUE;
638
639 out->cBlobs = in->cBlobs;
640 if (out->cBlobs)
641 {
642 out->blobs = CryptMemAlloc(out->cBlobs * sizeof(CRYPT_DATA_BLOB));
643 if (out->blobs)
644 {
645 DWORD i;
646
647 memset(out->blobs, 0, out->cBlobs * sizeof(CRYPT_DATA_BLOB));
648 for (i = 0; ret && i < out->cBlobs; i++)
649 ret = CRYPT_ConstructBlob(&out->blobs[i], &in->blobs[i]);
650 }
651 else
652 ret = FALSE;
653 }
654 return ret;
655 }
656
657 static void CRYPT_FreeBlobArray(BlobArray *array)
658 {
659 DWORD i;
660
661 for (i = 0; i < array->cBlobs; i++)
662 CryptMemFree(array->blobs[i].pbData);
663 CryptMemFree(array->blobs);
664 }
665
666 static BOOL CRYPT_ConstructAttribute(CRYPT_ATTRIBUTE *out,
667 const CRYPT_ATTRIBUTE *in)
668 {
669 BOOL ret;
670
671 out->pszObjId = CryptMemAlloc(strlen(in->pszObjId) + 1);
672 if (out->pszObjId)
673 {
674 strcpy(out->pszObjId, in->pszObjId);
675 ret = CRYPT_ConstructBlobArray((BlobArray *)&out->cValue,
676 (const BlobArray *)&in->cValue);
677 }
678 else
679 ret = FALSE;
680 return ret;
681 }
682
683 static BOOL CRYPT_ConstructAttributes(CRYPT_ATTRIBUTES *out,
684 const CRYPT_ATTRIBUTES *in)
685 {
686 BOOL ret = TRUE;
687
688 out->cAttr = in->cAttr;
689 if (out->cAttr)
690 {
691 out->rgAttr = CryptMemAlloc(out->cAttr * sizeof(CRYPT_ATTRIBUTE));
692 if (out->rgAttr)
693 {
694 DWORD i;
695
696 memset(out->rgAttr, 0, out->cAttr * sizeof(CRYPT_ATTRIBUTE));
697 for (i = 0; ret && i < out->cAttr; i++)
698 ret = CRYPT_ConstructAttribute(&out->rgAttr[i], &in->rgAttr[i]);
699 }
700 else
701 ret = FALSE;
702 }
703 else
704 out->rgAttr = NULL;
705 return ret;
706 }
707
708 /* Constructs both a CSignerHandles and a CMSG_SIGNER_INFO from a
709 * CMSG_SIGNER_ENCODE_INFO_WITH_CMS.
710 */
711 static BOOL CSignerInfo_Construct(CSignerHandles *handles,
712 CMSG_SIGNER_INFO *info, CMSG_SIGNER_ENCODE_INFO_WITH_CMS *in, DWORD open_flags)
713 {
714 ALG_ID algID;
715 BOOL ret;
716
717 handles->prov = in->hCryptProv;
718 if (!(open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG))
719 CryptContextAddRef(handles->prov, NULL, 0);
720 algID = CertOIDToAlgId(in->HashAlgorithm.pszObjId);
721 ret = CryptCreateHash(handles->prov, algID, 0, 0, &handles->contentHash);
722 if (ret && in->cAuthAttr)
723 ret = CryptCreateHash(handles->prov, algID, 0, 0,
724 &handles->authAttrHash);
725 if (ret)
726 {
727 /* Note: needs to change if CMS fields are supported */
728 info->dwVersion = CMSG_SIGNER_INFO_V1;
729 ret = CRYPT_ConstructBlob(&info->Issuer, &in->pCertInfo->Issuer);
730 if (ret)
731 ret = CRYPT_ConstructBlob(&info->SerialNumber,
732 &in->pCertInfo->SerialNumber);
733 /* Assumption: algorithm IDs will point to static strings, not
734 * stack-based ones, so copying the pointer values is safe.
735 */
736 info->HashAlgorithm.pszObjId = in->HashAlgorithm.pszObjId;
737 if (ret)
738 ret = CRYPT_ConstructBlob(&info->HashAlgorithm.Parameters,
739 &in->HashAlgorithm.Parameters);
740 memset(&info->HashEncryptionAlgorithm, 0,
741 sizeof(info->HashEncryptionAlgorithm));
742 if (ret)
743 ret = CRYPT_ConstructAttributes(&info->AuthAttrs,
744 (CRYPT_ATTRIBUTES *)&in->cAuthAttr);
745 if (ret)
746 ret = CRYPT_ConstructAttributes(&info->UnauthAttrs,
747 (CRYPT_ATTRIBUTES *)&in->cUnauthAttr);
748 }
749 return ret;
750 }
751
752 static void CSignerInfo_Free(CMSG_SIGNER_INFO *info)
753 {
754 DWORD i, j;
755
756 CryptMemFree(info->Issuer.pbData);
757 CryptMemFree(info->SerialNumber.pbData);
758 CryptMemFree(info->HashAlgorithm.Parameters.pbData);
759 CryptMemFree(info->EncryptedHash.pbData);
760 for (i = 0; i < info->AuthAttrs.cAttr; i++)
761 {
762 for (j = 0; j < info->AuthAttrs.rgAttr[i].cValue; j++)
763 CryptMemFree(info->AuthAttrs.rgAttr[i].rgValue[j].pbData);
764 CryptMemFree(info->AuthAttrs.rgAttr[i].rgValue);
765 CryptMemFree(info->AuthAttrs.rgAttr[i].pszObjId);
766 }
767 CryptMemFree(info->AuthAttrs.rgAttr);
768 for (i = 0; i < info->UnauthAttrs.cAttr; i++)
769 {
770 for (j = 0; j < info->UnauthAttrs.rgAttr[i].cValue; j++)
771 CryptMemFree(info->UnauthAttrs.rgAttr[i].rgValue[j].pbData);
772 CryptMemFree(info->UnauthAttrs.rgAttr[i].rgValue);
773 CryptMemFree(info->UnauthAttrs.rgAttr[i].pszObjId);
774 }
775 CryptMemFree(info->UnauthAttrs.rgAttr);
776 }
777
778 typedef struct _CSignedEncodeMsg
779 {
780 CryptMsgBase base;
781 CRYPT_DATA_BLOB data;
782 CRYPT_SIGNED_INFO info;
783 CSignerHandles *signerHandles;
784 } CSignedEncodeMsg;
785
786 static void CSignedEncodeMsg_Close(HCRYPTMSG hCryptMsg)
787 {
788 CSignedEncodeMsg *msg = (CSignedEncodeMsg *)hCryptMsg;
789 DWORD i;
790
791 CryptMemFree(msg->data.pbData);
792 CRYPT_FreeBlobArray((BlobArray *)&msg->info.cCertEncoded);
793 CRYPT_FreeBlobArray((BlobArray *)&msg->info.cCrlEncoded);
794 for (i = 0; i < msg->info.cSignerInfo; i++)
795 {
796 CSignerInfo_Free(&msg->info.rgSignerInfo[i]);
797 CryptDestroyKey(msg->signerHandles[i].key);
798 CryptDestroyHash(msg->signerHandles[i].contentHash);
799 CryptDestroyHash(msg->signerHandles[i].authAttrHash);
800 CryptReleaseContext(msg->signerHandles[i].prov, 0);
801 }
802 CryptMemFree(msg->signerHandles);
803 CryptMemFree(msg->info.rgSignerInfo);
804 }
805
806 static BOOL CSignedEncodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
807 DWORD dwIndex, void *pvData, DWORD *pcbData)
808 {
809 CSignedEncodeMsg *msg = (CSignedEncodeMsg *)hCryptMsg;
810 BOOL ret = FALSE;
811
812 switch (dwParamType)
813 {
814 case CMSG_CONTENT_PARAM:
815 {
816 CRYPT_CONTENT_INFO info;
817
818 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0, NULL,
819 &info.Content.cbData);
820 if (ret)
821 {
822 info.Content.pbData = CryptMemAlloc(info.Content.cbData);
823 if (info.Content.pbData)
824 {
825 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0,
826 info.Content.pbData, &info.Content.cbData);
827 if (ret)
828 {
829 char oid_rsa_signed[] = szOID_RSA_signedData;
830
831 info.pszObjId = oid_rsa_signed;
832 ret = CryptEncodeObjectEx(X509_ASN_ENCODING,
833 PKCS_CONTENT_INFO, &info, 0, NULL, pvData, pcbData);
834 }
835 CryptMemFree(info.Content.pbData);
836 }
837 else
838 ret = FALSE;
839 }
840 break;
841 }
842 case CMSG_BARE_CONTENT_PARAM:
843 {
844 CRYPT_SIGNED_INFO info;
845 char oid_rsa_data[] = szOID_RSA_data;
846
847 memcpy(&info, &msg->info, sizeof(info));
848 /* Quirk: OID is only encoded messages if an update has happened */
849 if (msg->base.state != MsgStateInit)
850 info.content.pszObjId = oid_rsa_data;
851 else
852 info.content.pszObjId = NULL;
853 if (msg->data.cbData)
854 {
855 CRYPT_DATA_BLOB blob = { msg->data.cbData, msg->data.pbData };
856
857 ret = CryptEncodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
858 &blob, CRYPT_ENCODE_ALLOC_FLAG, NULL,
859 &info.content.Content.pbData, &info.content.Content.cbData);
860 }
861 else
862 {
863 info.content.Content.cbData = 0;
864 info.content.Content.pbData = NULL;
865 ret = TRUE;
866 }
867 if (ret)
868 {
869 ret = CRYPT_AsnEncodePKCSSignedInfo(&info, pvData, pcbData);
870 LocalFree(info.content.Content.pbData);
871 }
872 break;
873 }
874 case CMSG_COMPUTED_HASH_PARAM:
875 if (dwIndex >= msg->info.cSignerInfo)
876 SetLastError(CRYPT_E_INVALID_INDEX);
877 else
878 ret = CryptGetHashParam(msg->signerHandles[dwIndex].contentHash,
879 HP_HASHVAL, pvData, pcbData, 0);
880 break;
881 case CMSG_ENCODED_SIGNER:
882 if (dwIndex >= msg->info.cSignerInfo)
883 SetLastError(CRYPT_E_INVALID_INDEX);
884 else
885 ret = CryptEncodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
886 PKCS7_SIGNER_INFO, &msg->info.rgSignerInfo[dwIndex], 0, NULL,
887 pvData, pcbData);
888 break;
889 case CMSG_VERSION_PARAM:
890 ret = CRYPT_CopyParam(pvData, pcbData, &msg->info.version,
891 sizeof(msg->info.version));
892 break;
893 default:
894 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
895 }
896 return ret;
897 }
898
899 static BOOL CSignedEncodeMsg_UpdateHash(CSignedEncodeMsg *msg,
900 const BYTE *pbData, DWORD cbData)
901 {
902 DWORD i;
903 BOOL ret = TRUE;
904
905 TRACE("(%p, %p, %d)\n", msg, pbData, cbData);
906
907 for (i = 0; ret && i < msg->info.cSignerInfo; i++)
908 ret = CryptHashData(msg->signerHandles[i].contentHash, pbData, cbData,
909 0);
910 return ret;
911 }
912
913 static BOOL CRYPT_AppendAttribute(CRYPT_ATTRIBUTES *out,
914 const CRYPT_ATTRIBUTE *in)
915 {
916 BOOL ret = FALSE;
917
918 out->rgAttr = CryptMemRealloc(out->rgAttr,
919 (out->cAttr + 1) * sizeof(CRYPT_ATTRIBUTE));
920 if (out->rgAttr)
921 {
922 ret = CRYPT_ConstructAttribute(&out->rgAttr[out->cAttr], in);
923 if (ret)
924 out->cAttr++;
925 }
926 return ret;
927 }
928
929 static BOOL CSignedEncodeMsg_AppendMessageDigestAttribute(CSignedEncodeMsg *msg,
930 DWORD signerIndex)
931 {
932 BOOL ret;
933 DWORD size;
934 CRYPT_HASH_BLOB hash = { 0, NULL }, encodedHash = { 0, NULL };
935 char messageDigest[] = szOID_RSA_messageDigest;
936 CRYPT_ATTRIBUTE messageDigestAttr = { messageDigest, 1, &encodedHash };
937
938 size = sizeof(DWORD);
939 ret = CryptGetHashParam(msg->signerHandles[signerIndex].contentHash,
940 HP_HASHSIZE, (LPBYTE)&hash.cbData, &size, 0);
941 if (ret)
942 {
943 hash.pbData = CryptMemAlloc(hash.cbData);
944 ret = CryptGetHashParam(msg->signerHandles[signerIndex].contentHash,
945 HP_HASHVAL, hash.pbData, &hash.cbData, 0);
946 if (ret)
947 {
948 ret = CRYPT_AsnEncodeOctets(0, NULL, &hash, CRYPT_ENCODE_ALLOC_FLAG,
949 NULL, (LPBYTE)&encodedHash.pbData, &encodedHash.cbData);
950 if (ret)
951 {
952 ret = CRYPT_AppendAttribute(
953 &msg->info.rgSignerInfo[signerIndex].AuthAttrs,
954 &messageDigestAttr);
955 LocalFree(encodedHash.pbData);
956 }
957 }
958 CryptMemFree(hash.pbData);
959 }
960 return ret;
961 }
962
963 static BOOL CSignedEncodeMsg_UpdateAuthenticatedAttributes(
964 CSignedEncodeMsg *msg)
965 {
966 DWORD i;
967 BOOL ret = TRUE;
968
969 TRACE("(%p)\n", msg);
970
971 for (i = 0; ret && i < msg->info.cSignerInfo; i++)
972 {
973 if (msg->info.rgSignerInfo[i].AuthAttrs.cAttr)
974 {
975 BYTE oid_rsa_data_encoded[] = { 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,
976 0x0d,0x01,0x07,0x01 };
977 CRYPT_DATA_BLOB content = { sizeof(oid_rsa_data_encoded),
978 oid_rsa_data_encoded };
979 char contentType[] = szOID_RSA_contentType;
980 CRYPT_ATTRIBUTE contentTypeAttr = { contentType, 1, &content };
981
982 /* FIXME: does this depend on inner OID? */
983 ret = CRYPT_AppendAttribute(&msg->info.rgSignerInfo[i].AuthAttrs,
984 &contentTypeAttr);
985 if (ret)
986 ret = CSignedEncodeMsg_AppendMessageDigestAttribute(msg, i);
987 if (ret)
988 {
989 LPBYTE encodedAttrs;
990 DWORD size;
991
992 ret = CryptEncodeObjectEx(X509_ASN_ENCODING, PKCS_ATTRIBUTES,
993 &msg->info.rgSignerInfo[i].AuthAttrs, CRYPT_ENCODE_ALLOC_FLAG,
994 NULL, (LPBYTE)&encodedAttrs, &size);
995 if (ret)
996 {
997 ret = CryptHashData(msg->signerHandles[i].authAttrHash,
998 encodedAttrs, size, 0);
999 LocalFree(encodedAttrs);
1000 }
1001 }
1002 }
1003 }
1004 TRACE("returning %d\n", ret);
1005 return ret;
1006 }
1007
1008 static void CRYPT_ReverseBytes(CRYPT_HASH_BLOB *hash)
1009 {
1010 DWORD i;
1011 BYTE tmp;
1012
1013 for (i = 0; i < hash->cbData / 2; i++)
1014 {
1015 tmp = hash->pbData[hash->cbData - i - 1];
1016 hash->pbData[hash->cbData - i - 1] = hash->pbData[i];
1017 hash->pbData[i] = tmp;
1018 }
1019 }
1020
1021 static BOOL CSignedEncodeMsg_Sign(CSignedEncodeMsg *msg)
1022 {
1023 DWORD i;
1024 BOOL ret = TRUE;
1025
1026 TRACE("(%p)\n", msg);
1027
1028 for (i = 0; ret && i < msg->info.cSignerInfo; i++)
1029 {
1030 HCRYPTHASH hash;
1031
1032 if (msg->info.rgSignerInfo[i].AuthAttrs.cAttr)
1033 hash = msg->signerHandles[i].authAttrHash;
1034 else
1035 hash = msg->signerHandles[i].contentHash;
1036 ret = CryptSignHashW(hash, AT_SIGNATURE, NULL, 0, NULL,
1037 &msg->info.rgSignerInfo[i].EncryptedHash.cbData);
1038 if (ret)
1039 {
1040 msg->info.rgSignerInfo[i].EncryptedHash.pbData =
1041 CryptMemAlloc(msg->info.rgSignerInfo[i].EncryptedHash.cbData);
1042 if (msg->info.rgSignerInfo[i].EncryptedHash.pbData)
1043 {
1044 ret = CryptSignHashW(hash, AT_SIGNATURE, NULL, 0,
1045 msg->info.rgSignerInfo[i].EncryptedHash.pbData,
1046 &msg->info.rgSignerInfo[i].EncryptedHash.cbData);
1047 if (ret)
1048 CRYPT_ReverseBytes(&msg->info.rgSignerInfo[i].EncryptedHash);
1049 }
1050 else
1051 ret = FALSE;
1052 }
1053 }
1054 return ret;
1055 }
1056
1057 static BOOL CSignedEncodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
1058 DWORD cbData, BOOL fFinal)
1059 {
1060 CSignedEncodeMsg *msg = (CSignedEncodeMsg *)hCryptMsg;
1061 BOOL ret = FALSE;
1062
1063 if (msg->base.streamed || (msg->base.open_flags & CMSG_DETACHED_FLAG))
1064 {
1065 ret = CSignedEncodeMsg_UpdateHash(msg, pbData, cbData);
1066 if (ret && fFinal)
1067 {
1068 ret = CSignedEncodeMsg_UpdateAuthenticatedAttributes(msg);
1069 if (ret)
1070 ret = CSignedEncodeMsg_Sign(msg);
1071 }
1072 if (msg->base.streamed)
1073 FIXME("streamed partial stub\n");
1074 }
1075 else
1076 {
1077 if (!fFinal)
1078 SetLastError(CRYPT_E_MSG_ERROR);
1079 else
1080 {
1081 if (cbData)
1082 {
1083 msg->data.pbData = CryptMemAlloc(cbData);
1084 if (msg->data.pbData)
1085 {
1086 memcpy(msg->data.pbData, pbData, cbData);
1087 msg->data.cbData = cbData;
1088 ret = TRUE;
1089 }
1090 }
1091 else
1092 ret = TRUE;
1093 if (ret)
1094 ret = CSignedEncodeMsg_UpdateHash(msg, pbData, cbData);
1095 if (ret)
1096 ret = CSignedEncodeMsg_UpdateAuthenticatedAttributes(msg);
1097 if (ret)
1098 ret = CSignedEncodeMsg_Sign(msg);
1099 }
1100 }
1101 return ret;
1102 }
1103
1104 static HCRYPTMSG CSignedEncodeMsg_Open(DWORD dwFlags,
1105 const void *pvMsgEncodeInfo, LPSTR pszInnerContentObjID,
1106 PCMSG_STREAM_INFO pStreamInfo)
1107 {
1108 const CMSG_SIGNED_ENCODE_INFO_WITH_CMS *info =
1109 (const CMSG_SIGNED_ENCODE_INFO_WITH_CMS *)pvMsgEncodeInfo;
1110 DWORD i;
1111 CSignedEncodeMsg *msg;
1112
1113 if (info->cbSize != sizeof(CMSG_SIGNED_ENCODE_INFO) &&
1114 info->cbSize != sizeof(CMSG_SIGNED_ENCODE_INFO_WITH_CMS))
1115 {
1116 SetLastError(E_INVALIDARG);
1117 return NULL;
1118 }
1119 if (info->cbSize == sizeof(CMSG_SIGNED_ENCODE_INFO_WITH_CMS))
1120 {
1121 FIXME("CMSG_SIGNED_ENCODE_INFO with CMS fields unsupported\n");
1122 return NULL;
1123 }
1124 for (i = 0; i < info->cSigners; i++)
1125 if (!CRYPT_IsValidSigner(&info->rgSigners[i]))
1126 return NULL;
1127 msg = CryptMemAlloc(sizeof(CSignedEncodeMsg));
1128 if (msg)
1129 {
1130 BOOL ret = TRUE;
1131
1132 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
1133 CSignedEncodeMsg_Close, CSignedEncodeMsg_GetParam,
1134 CSignedEncodeMsg_Update);
1135 msg->data.cbData = 0;
1136 msg->data.pbData = NULL;
1137 memset(&msg->info, 0, sizeof(msg->info));
1138 msg->info.version = CMSG_SIGNED_DATA_V1;
1139 if (info->cSigners)
1140 {
1141 msg->signerHandles =
1142 CryptMemAlloc(info->cSigners * sizeof(CSignerHandles));
1143 if (msg->signerHandles)
1144 msg->info.rgSignerInfo =
1145 CryptMemAlloc(info->cSigners * sizeof(CMSG_SIGNER_INFO));
1146 else
1147 {
1148 ret = FALSE;
1149 msg->info.rgSignerInfo = NULL;
1150 }
1151 if (msg->info.rgSignerInfo)
1152 {
1153 msg->info.cSignerInfo = info->cSigners;
1154 memset(msg->signerHandles, 0,
1155 msg->info.cSignerInfo * sizeof(CSignerHandles));
1156 memset(msg->info.rgSignerInfo, 0,
1157 msg->info.cSignerInfo * sizeof(CMSG_SIGNER_INFO));
1158 for (i = 0; ret && i < msg->info.cSignerInfo; i++)
1159 ret = CSignerInfo_Construct(&msg->signerHandles[i],
1160 &msg->info.rgSignerInfo[i], &info->rgSigners[i], dwFlags);
1161 }
1162 else
1163 ret = FALSE;
1164 }
1165 if (ret)
1166 ret = CRYPT_ConstructBlobArray((BlobArray *)&msg->info.cCertEncoded,
1167 (const BlobArray *)&info->cCertEncoded);
1168 if (ret)
1169 ret = CRYPT_ConstructBlobArray((BlobArray *)&msg->info.cCrlEncoded,
1170 (const BlobArray *)&info->cCrlEncoded);
1171 if (!ret)
1172 {
1173 CSignedEncodeMsg_Close(msg);
1174 msg = NULL;
1175 }
1176 }
1177 return msg;
1178 }
1179
1180 static inline const char *MSG_TYPE_STR(DWORD type)
1181 {
1182 switch (type)
1183 {
1184 #define _x(x) case (x): return #x
1185 _x(CMSG_DATA);
1186 _x(CMSG_SIGNED);
1187 _x(CMSG_ENVELOPED);
1188 _x(CMSG_SIGNED_AND_ENVELOPED);
1189 _x(CMSG_HASHED);
1190 _x(CMSG_ENCRYPTED);
1191 #undef _x
1192 default:
1193 return wine_dbg_sprintf("unknown (%d)", type);
1194 }
1195 }
1196
1197 HCRYPTMSG WINAPI CryptMsgOpenToEncode(DWORD dwMsgEncodingType, DWORD dwFlags,
1198 DWORD dwMsgType, const void *pvMsgEncodeInfo, LPSTR pszInnerContentObjID,
1199 PCMSG_STREAM_INFO pStreamInfo)
1200 {
1201 HCRYPTMSG msg = NULL;
1202
1203 TRACE("(%08x, %08x, %08x, %p, %s, %p)\n", dwMsgEncodingType, dwFlags,
1204 dwMsgType, pvMsgEncodeInfo, debugstr_a(pszInnerContentObjID), pStreamInfo);
1205
1206 if (GET_CMSG_ENCODING_TYPE(dwMsgEncodingType) != PKCS_7_ASN_ENCODING)
1207 {
1208 SetLastError(E_INVALIDARG);
1209 return NULL;
1210 }
1211 switch (dwMsgType)
1212 {
1213 case CMSG_DATA:
1214 msg = CDataEncodeMsg_Open(dwFlags, pvMsgEncodeInfo,
1215 pszInnerContentObjID, pStreamInfo);
1216 break;
1217 case CMSG_HASHED:
1218 msg = CHashEncodeMsg_Open(dwFlags, pvMsgEncodeInfo,
1219 pszInnerContentObjID, pStreamInfo);
1220 break;
1221 case CMSG_SIGNED:
1222 msg = CSignedEncodeMsg_Open(dwFlags, pvMsgEncodeInfo,
1223 pszInnerContentObjID, pStreamInfo);
1224 break;
1225 case CMSG_ENVELOPED:
1226 FIXME("unimplemented for type %s\n", MSG_TYPE_STR(dwMsgType));
1227 break;
1228 case CMSG_SIGNED_AND_ENVELOPED:
1229 case CMSG_ENCRYPTED:
1230 /* defined but invalid, fall through */
1231 default:
1232 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1233 }
1234 return msg;
1235 }
1236
1237 typedef struct _CDecodeMsg
1238 {
1239 CryptMsgBase base;
1240 DWORD type;
1241 HCRYPTPROV crypt_prov;
1242 union {
1243 HCRYPTHASH hash;
1244 CRYPT_SIGNED_INFO *signedInfo;
1245 } u;
1246 CRYPT_DATA_BLOB msg_data;
1247 PCONTEXT_PROPERTY_LIST properties;
1248 } CDecodeMsg;
1249
1250 static void CDecodeMsg_Close(HCRYPTMSG hCryptMsg)
1251 {
1252 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
1253
1254 if (msg->base.open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG)
1255 CryptReleaseContext(msg->crypt_prov, 0);
1256 switch (msg->type)
1257 {
1258 case CMSG_HASHED:
1259 if (msg->u.hash)
1260 CryptDestroyHash(msg->u.hash);
1261 break;
1262 case CMSG_SIGNED:
1263 LocalFree(msg->u.signedInfo);
1264 break;
1265 }
1266 CryptMemFree(msg->msg_data.pbData);
1267 ContextPropertyList_Free(msg->properties);
1268 }
1269
1270 static BOOL CDecodeMsg_CopyData(CDecodeMsg *msg, const BYTE *pbData,
1271 DWORD cbData)
1272 {
1273 BOOL ret = TRUE;
1274
1275 if (cbData)
1276 {
1277 if (msg->msg_data.cbData)
1278 msg->msg_data.pbData = CryptMemRealloc(msg->msg_data.pbData,
1279 msg->msg_data.cbData + cbData);
1280 else
1281 msg->msg_data.pbData = CryptMemAlloc(cbData);
1282 if (msg->msg_data.pbData)
1283 {
1284 memcpy(msg->msg_data.pbData + msg->msg_data.cbData, pbData, cbData);
1285 msg->msg_data.cbData += cbData;
1286 }
1287 else
1288 ret = FALSE;
1289 }
1290 return ret;
1291 }
1292
1293 static BOOL CDecodeMsg_DecodeDataContent(CDecodeMsg *msg, CRYPT_DER_BLOB *blob)
1294 {
1295 BOOL ret;
1296 CRYPT_DATA_BLOB *data;
1297 DWORD size;
1298
1299 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
1300 blob->pbData, blob->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, (LPBYTE)&data,
1301 &size);
1302 if (ret)
1303 {
1304 ret = ContextPropertyList_SetProperty(msg->properties,
1305 CMSG_CONTENT_PARAM, data->pbData, data->cbData);
1306 LocalFree(data);
1307 }
1308 return ret;
1309 }
1310
1311 static void CDecodeMsg_SaveAlgorithmID(CDecodeMsg *msg, DWORD param,
1312 const CRYPT_ALGORITHM_IDENTIFIER *id)
1313 {
1314 static const BYTE nullParams[] = { ASN_NULL, 0 };
1315 CRYPT_ALGORITHM_IDENTIFIER *copy;
1316 DWORD len = sizeof(CRYPT_ALGORITHM_IDENTIFIER);
1317
1318 /* Linearize algorithm id */
1319 len += strlen(id->pszObjId) + 1;
1320 len += id->Parameters.cbData;
1321 copy = CryptMemAlloc(len);
1322 if (copy)
1323 {
1324 copy->pszObjId =
1325 (LPSTR)((BYTE *)copy + sizeof(CRYPT_ALGORITHM_IDENTIFIER));
1326 strcpy(copy->pszObjId, id->pszObjId);
1327 copy->Parameters.pbData = (BYTE *)copy->pszObjId + strlen(id->pszObjId)
1328 + 1;
1329 /* Trick: omit NULL parameters */
1330 if (id->Parameters.cbData == sizeof(nullParams) &&
1331 !memcmp(id->Parameters.pbData, nullParams, sizeof(nullParams)))
1332 {
1333 copy->Parameters.cbData = 0;
1334 len -= sizeof(nullParams);
1335 }
1336 else
1337 copy->Parameters.cbData = id->Parameters.cbData;
1338 if (copy->Parameters.cbData)
1339 memcpy(copy->Parameters.pbData, id->Parameters.pbData,
1340 id->Parameters.cbData);
1341 ContextPropertyList_SetProperty(msg->properties, param, (BYTE *)copy,
1342 len);
1343 CryptMemFree(copy);
1344 }
1345 }
1346
1347 static inline void CRYPT_FixUpAlgorithmID(CRYPT_ALGORITHM_IDENTIFIER *id)
1348 {
1349 id->pszObjId = (LPSTR)((BYTE *)id + sizeof(CRYPT_ALGORITHM_IDENTIFIER));
1350 id->Parameters.pbData = (BYTE *)id->pszObjId + strlen(id->pszObjId) + 1;
1351 }
1352
1353 static BOOL CDecodeMsg_DecodeHashedContent(CDecodeMsg *msg,
1354 CRYPT_DER_BLOB *blob)
1355 {
1356 BOOL ret;
1357 CRYPT_DIGESTED_DATA *digestedData;
1358 DWORD size;
1359
1360 ret = CRYPT_AsnDecodePKCSDigestedData(blob->pbData, blob->cbData,
1361 CRYPT_DECODE_ALLOC_FLAG, NULL, (CRYPT_DIGESTED_DATA *)&digestedData,
1362 &size);
1363 if (ret)
1364 {
1365 ContextPropertyList_SetProperty(msg->properties, CMSG_VERSION_PARAM,
1366 (const BYTE *)&digestedData->version, sizeof(digestedData->version));
1367 CDecodeMsg_SaveAlgorithmID(msg, CMSG_HASH_ALGORITHM_PARAM,
1368 &digestedData->DigestAlgorithm);
1369 ContextPropertyList_SetProperty(msg->properties,
1370 CMSG_INNER_CONTENT_TYPE_PARAM,
1371 (const BYTE *)digestedData->ContentInfo.pszObjId,
1372 digestedData->ContentInfo.pszObjId ?
1373 strlen(digestedData->ContentInfo.pszObjId) + 1 : 0);
1374 if (digestedData->ContentInfo.Content.cbData)
1375 CDecodeMsg_DecodeDataContent(msg,
1376 &digestedData->ContentInfo.Content);
1377 else
1378 ContextPropertyList_SetProperty(msg->properties,
1379 CMSG_CONTENT_PARAM, NULL, 0);
1380 ContextPropertyList_SetProperty(msg->properties, CMSG_HASH_DATA_PARAM,
1381 digestedData->hash.pbData, digestedData->hash.cbData);
1382 LocalFree(digestedData);
1383 }
1384 return ret;
1385 }
1386
1387 static BOOL CDecodeMsg_DecodeSignedContent(CDecodeMsg *msg,
1388 CRYPT_DER_BLOB *blob)
1389 {
1390 BOOL ret;
1391 CRYPT_SIGNED_INFO *signedInfo;
1392 DWORD size;
1393
1394 ret = CRYPT_AsnDecodePKCSSignedInfo(blob->pbData, blob->cbData,
1395 CRYPT_DECODE_ALLOC_FLAG, NULL, (CRYPT_SIGNED_INFO *)&signedInfo,
1396 &size);
1397 if (ret)
1398 msg->u.signedInfo = signedInfo;
1399 return ret;
1400 }
1401 /* Decodes the content in blob as the type given, and updates the value
1402 * (type, parameters, etc.) of msg based on what blob contains.
1403 * It doesn't just use msg's type, to allow a recursive call from an implicitly
1404 * typed message once the outer content info has been decoded.
1405 */
1406 static BOOL CDecodeMsg_DecodeContent(CDecodeMsg *msg, CRYPT_DER_BLOB *blob,
1407 DWORD type)
1408 {
1409 BOOL ret;
1410
1411 switch (type)
1412 {
1413 case CMSG_DATA:
1414 if ((ret = CDecodeMsg_DecodeDataContent(msg, blob)))
1415 msg->type = CMSG_DATA;
1416 break;
1417 case CMSG_HASHED:
1418 if ((ret = CDecodeMsg_DecodeHashedContent(msg, blob)))
1419 msg->type = CMSG_HASHED;
1420 break;
1421 case CMSG_ENVELOPED:
1422 FIXME("unimplemented for type %s\n", MSG_TYPE_STR(type));
1423 ret = TRUE;
1424 break;
1425 case CMSG_SIGNED:
1426 if ((ret = CDecodeMsg_DecodeSignedContent(msg, blob)))
1427 msg->type = CMSG_SIGNED;
1428 break;
1429 default:
1430 {
1431 CRYPT_CONTENT_INFO *info;
1432 DWORD size;
1433
1434 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_CONTENT_INFO,
1435 msg->msg_data.pbData, msg->msg_data.cbData, CRYPT_DECODE_ALLOC_FLAG,
1436 NULL, (LPBYTE)&info, &size);
1437 if (ret)
1438 {
1439 if (!strcmp(info->pszObjId, szOID_RSA_data))
1440 ret = CDecodeMsg_DecodeContent(msg, &info->Content, CMSG_DATA);
1441 else if (!strcmp(info->pszObjId, szOID_RSA_digestedData))
1442 ret = CDecodeMsg_DecodeContent(msg, &info->Content,
1443 CMSG_HASHED);
1444 else if (!strcmp(info->pszObjId, szOID_RSA_envelopedData))
1445 ret = CDecodeMsg_DecodeContent(msg, &info->Content,
1446 CMSG_ENVELOPED);
1447 else if (!strcmp(info->pszObjId, szOID_RSA_signedData))
1448 ret = CDecodeMsg_DecodeContent(msg, &info->Content,
1449 CMSG_SIGNED);
1450 else
1451 {
1452 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1453 ret = FALSE;
1454 }
1455 LocalFree(info);
1456 }
1457 }
1458 }
1459 return ret;
1460 }
1461
1462 static BOOL CDecodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
1463 DWORD cbData, BOOL fFinal)
1464 {
1465 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
1466 BOOL ret = FALSE;
1467
1468 TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
1469
1470 if (msg->base.streamed)
1471 {
1472 ret = CDecodeMsg_CopyData(msg, pbData, cbData);
1473 FIXME("(%p, %p, %d, %d): streamed update stub\n", hCryptMsg, pbData,
1474 cbData, fFinal);
1475 }
1476 else
1477 {
1478 if (!fFinal)
1479 SetLastError(CRYPT_E_MSG_ERROR);
1480 else
1481 {
1482 ret = CDecodeMsg_CopyData(msg, pbData, cbData);
1483 if (ret)
1484 ret = CDecodeMsg_DecodeContent(msg, &msg->msg_data, msg->type);
1485
1486 }
1487 }
1488 return ret;
1489 }
1490
1491 static BOOL CDecodeHashMsg_GetParam(CDecodeMsg *msg, DWORD dwParamType,
1492 DWORD dwIndex, void *pvData, DWORD *pcbData)
1493 {
1494 BOOL ret = FALSE;
1495
1496 switch (dwParamType)
1497 {
1498 case CMSG_TYPE_PARAM:
1499 ret = CRYPT_CopyParam(pvData, pcbData, &msg->type, sizeof(msg->type));
1500 break;
1501 case CMSG_HASH_ALGORITHM_PARAM:
1502 {
1503 CRYPT_DATA_BLOB blob;
1504
1505 ret = ContextPropertyList_FindProperty(msg->properties, dwParamType,
1506 &blob);
1507 if (ret)
1508 {
1509 ret = CRYPT_CopyParam(pvData, pcbData, blob.pbData, blob.cbData);
1510 if (ret && pvData)
1511 CRYPT_FixUpAlgorithmID((CRYPT_ALGORITHM_IDENTIFIER *)pvData);
1512 }
1513 else
1514 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1515 break;
1516 }
1517 case CMSG_COMPUTED_HASH_PARAM:
1518 if (!msg->u.hash)
1519 {
1520 CRYPT_ALGORITHM_IDENTIFIER *hashAlgoID = NULL;
1521 DWORD size = 0;
1522 ALG_ID algID = 0;
1523
1524 CryptMsgGetParam(msg, CMSG_HASH_ALGORITHM_PARAM, 0, NULL, &size);
1525 hashAlgoID = CryptMemAlloc(size);
1526 ret = CryptMsgGetParam(msg, CMSG_HASH_ALGORITHM_PARAM, 0,
1527 hashAlgoID, &size);
1528 if (ret)
1529 algID = CertOIDToAlgId(hashAlgoID->pszObjId);
1530 ret = CryptCreateHash(msg->crypt_prov, algID, 0, 0, &msg->u.hash);
1531 if (ret)
1532 {
1533 CRYPT_DATA_BLOB content;
1534
1535 ret = ContextPropertyList_FindProperty(msg->properties,
1536 CMSG_CONTENT_PARAM, &content);
1537 if (ret)
1538 ret = CryptHashData(msg->u.hash, content.pbData,
1539 content.cbData, 0);
1540 }
1541 CryptMemFree(hashAlgoID);
1542 }
1543 else
1544 ret = TRUE;
1545 if (ret)
1546 ret = CryptGetHashParam(msg->u.hash, HP_HASHVAL, pvData, pcbData,
1547 0);
1548 break;
1549 default:
1550 {
1551 CRYPT_DATA_BLOB blob;
1552
1553 ret = ContextPropertyList_FindProperty(msg->properties, dwParamType,
1554 &blob);
1555 if (ret)
1556 ret = CRYPT_CopyParam(pvData, pcbData, blob.pbData, blob.cbData);
1557 else
1558 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1559 }
1560 }
1561 return ret;
1562 }
1563
1564 /* nextData is an in/out parameter - on input it's the memory location in
1565 * which a copy of in's data should be made, and on output it's the memory
1566 * location immediately after out's copy of in's data.
1567 */
1568 static inline void CRYPT_CopyBlob(CRYPT_DATA_BLOB *out,
1569 const CRYPT_DATA_BLOB *in, LPBYTE *nextData)
1570 {
1571 out->cbData = in->cbData;
1572 if (in->cbData)
1573 {
1574 out->pbData = *nextData;
1575 memcpy(out->pbData, in->pbData, in->cbData);
1576 *nextData += in->cbData;
1577 }
1578 }
1579
1580 static inline void CRYPT_CopyAlgorithmId(CRYPT_ALGORITHM_IDENTIFIER *out,
1581 const CRYPT_ALGORITHM_IDENTIFIER *in, LPBYTE *nextData)
1582 {
1583 if (in->pszObjId)
1584 {
1585 out->pszObjId = (LPSTR)*nextData;
1586 strcpy(out->pszObjId, in->pszObjId);
1587 *nextData += strlen(out->pszObjId) + 1;
1588 }
1589 CRYPT_CopyBlob(&out->Parameters, &in->Parameters, nextData);
1590 }
1591
1592 static inline void CRYPT_CopyAttributes(CRYPT_ATTRIBUTES *out,
1593 const CRYPT_ATTRIBUTES *in, LPBYTE *nextData)
1594 {
1595 out->cAttr = in->cAttr;
1596 if (in->cAttr)
1597 {
1598 DWORD i;
1599
1600 if ((*nextData - (LPBYTE)0) % sizeof(DWORD))
1601 *nextData += (*nextData - (LPBYTE)0) % sizeof(DWORD);
1602 out->rgAttr = (CRYPT_ATTRIBUTE *)*nextData;
1603 *nextData += in->cAttr * sizeof(CRYPT_ATTRIBUTE);
1604 for (i = 0; i < in->cAttr; i++)
1605 {
1606 if (in->rgAttr[i].pszObjId)
1607 {
1608 out->rgAttr[i].pszObjId = (LPSTR)*nextData;
1609 strcpy(out->rgAttr[i].pszObjId, in->rgAttr[i].pszObjId);
1610 *nextData += strlen(in->rgAttr[i].pszObjId) + 1;
1611 }
1612 if (in->rgAttr[i].cValue)
1613 {
1614 DWORD j;
1615
1616 out->rgAttr[i].cValue = in->rgAttr[i].cValue;
1617 if ((*nextData - (LPBYTE)0) % sizeof(DWORD))
1618 *nextData += (*nextData - (LPBYTE)0) % sizeof(DWORD);
1619 out->rgAttr[i].rgValue = (PCRYPT_DATA_BLOB)*nextData;
1620 for (j = 0; j < in->rgAttr[i].cValue; j++)
1621 CRYPT_CopyBlob(&out->rgAttr[i].rgValue[j],
1622 &in->rgAttr[i].rgValue[j], nextData);
1623 }
1624 }
1625 }
1626 }
1627
1628 static DWORD CRYPT_SizeOfAttributes(const CRYPT_ATTRIBUTES *attr)
1629 {
1630 DWORD size = attr->cAttr * sizeof(CRYPT_ATTRIBUTE), i, j;
1631
1632 for (i = 0; i < attr->cAttr; i++)
1633 {
1634 if (attr->rgAttr[i].pszObjId)
1635 size += strlen(attr->rgAttr[i].pszObjId) + 1;
1636 /* align pointer */
1637 if (size % sizeof(DWORD))
1638 size += size % sizeof(DWORD);
1639 size += attr->rgAttr[i].cValue * sizeof(CRYPT_DATA_BLOB);
1640 for (j = 0; j < attr->rgAttr[i].cValue; j++)
1641 size += attr->rgAttr[i].rgValue[j].cbData;
1642 }
1643 return size;
1644 }
1645
1646 static BOOL CRYPT_CopySignerInfo(void *pvData, DWORD *pcbData,
1647 const CMSG_SIGNER_INFO *in)
1648 {
1649 DWORD size = sizeof(CMSG_SIGNER_INFO);
1650 BOOL ret;
1651
1652 size += in->Issuer.cbData;
1653 size += in->SerialNumber.cbData;
1654 if (in->HashAlgorithm.pszObjId)
1655 size += strlen(in->HashAlgorithm.pszObjId) + 1;
1656 size += in->HashAlgorithm.Parameters.cbData;
1657 if (in->HashEncryptionAlgorithm.pszObjId)
1658 size += strlen(in->HashEncryptionAlgorithm.pszObjId) + 1;
1659 size += in->HashEncryptionAlgorithm.Parameters.cbData;
1660 size += in->EncryptedHash.cbData;
1661 /* align pointer */
1662 if (size % sizeof(DWORD))
1663 size += size % sizeof(DWORD);
1664 size += CRYPT_SizeOfAttributes(&in->AuthAttrs);
1665 size += CRYPT_SizeOfAttributes(&in->UnauthAttrs);
1666 if (!pvData)
1667 {
1668 *pcbData = size;
1669 ret = TRUE;
1670 }
1671 else if (*pcbData < size)
1672 {
1673 *pcbData = size;
1674 SetLastError(ERROR_MORE_DATA);
1675 ret = FALSE;
1676 }
1677 else
1678 {
1679 LPBYTE nextData = (BYTE *)pvData + sizeof(CMSG_SIGNER_INFO);
1680 CMSG_SIGNER_INFO *out = (CMSG_SIGNER_INFO *)pvData;
1681
1682 out->dwVersion = in->dwVersion;
1683 CRYPT_CopyBlob(&out->Issuer, &in->Issuer, &nextData);
1684 CRYPT_CopyBlob(&out->SerialNumber, &in->SerialNumber, &nextData);
1685 CRYPT_CopyAlgorithmId(&out->HashAlgorithm, &in->HashAlgorithm,
1686 &nextData);
1687 CRYPT_CopyAlgorithmId(&out->HashEncryptionAlgorithm,
1688 &in->HashEncryptionAlgorithm, &nextData);
1689 CRYPT_CopyBlob(&out->EncryptedHash, &in->EncryptedHash, &nextData);
1690 /* align pointer */
1691 if ((nextData - (LPBYTE)0) % sizeof(DWORD))
1692 nextData += (nextData - (LPBYTE)0) % sizeof(DWORD);
1693 CRYPT_CopyAttributes(&out->AuthAttrs, &in->AuthAttrs, &nextData);
1694 CRYPT_CopyAttributes(&out->UnauthAttrs, &in->UnauthAttrs, &nextData);
1695 ret = TRUE;
1696 }
1697 return ret;
1698 }
1699
1700 static BOOL CRYPT_CopySignerCertInfo(void *pvData, DWORD *pcbData,
1701 const CMSG_SIGNER_INFO *in)
1702 {
1703 DWORD size = sizeof(CERT_INFO);
1704 BOOL ret;
1705
1706 size += in->Issuer.cbData;
1707 size += in->SerialNumber.cbData;
1708 if (!pvData)
1709 {
1710 *pcbData = size;
1711 ret = TRUE;
1712 }
1713 else if (*pcbData < size)
1714 {
1715 *pcbData = size;
1716 SetLastError(ERROR_MORE_DATA);
1717 ret = FALSE;
1718 }
1719 else
1720 {
1721 LPBYTE nextData = (BYTE *)pvData + sizeof(CERT_INFO);
1722 CERT_INFO *out = (CERT_INFO *)pvData;
1723
1724 memset(out, 0, sizeof(CERT_INFO));
1725 CRYPT_CopyBlob(&out->Issuer, &in->Issuer, &nextData);
1726 CRYPT_CopyBlob(&out->SerialNumber, &in->SerialNumber, &nextData);
1727 ret = TRUE;
1728 }
1729 return ret;
1730 }
1731
1732 static BOOL CDecodeSignedMsg_GetParam(CDecodeMsg *msg, DWORD dwParamType,
1733 DWORD dwIndex, void *pvData, DWORD *pcbData)
1734 {
1735 BOOL ret = FALSE;
1736
1737 switch (dwParamType)
1738 {
1739 case CMSG_TYPE_PARAM:
1740 ret = CRYPT_CopyParam(pvData, pcbData, &msg->type, sizeof(msg->type));
1741 break;
1742 case CMSG_CONTENT_PARAM:
1743 if (msg->u.signedInfo)
1744 {
1745 CRYPT_DATA_BLOB *blob;
1746 DWORD size;
1747
1748 /* FIXME: does this depend on inner content type? */
1749 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
1750 msg->u.signedInfo->content.Content.pbData,
1751 msg->u.signedInfo->content.Content.cbData, CRYPT_DECODE_ALLOC_FLAG,
1752 NULL, (LPBYTE)&blob, &size);
1753 if (ret)
1754 {
1755 ret = CRYPT_CopyParam(pvData, pcbData, blob->pbData,
1756 blob->cbData);
1757 LocalFree(blob);
1758 }
1759 }
1760 else
1761 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1762 break;
1763 case CMSG_INNER_CONTENT_TYPE_PARAM:
1764 if (msg->u.signedInfo)
1765 ret = CRYPT_CopyParam(pvData, pcbData,
1766 msg->u.signedInfo->content.pszObjId,
1767 strlen(msg->u.signedInfo->content.pszObjId) + 1);
1768 else
1769 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1770 break;
1771 case CMSG_SIGNER_COUNT_PARAM:
1772 if (msg->u.signedInfo)
1773 ret = CRYPT_CopyParam(pvData, pcbData,
1774 &msg->u.signedInfo->cSignerInfo, sizeof(DWORD));
1775 else
1776 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1777 break;
1778 case CMSG_SIGNER_INFO_PARAM:
1779 if (msg->u.signedInfo)
1780 {
1781 if (dwIndex >= msg->u.signedInfo->cSignerInfo)
1782 SetLastError(CRYPT_E_INVALID_INDEX);
1783 else
1784 ret = CRYPT_CopySignerInfo(pvData, pcbData,
1785 &msg->u.signedInfo->rgSignerInfo[dwIndex]);
1786 }
1787 else
1788 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1789 break;
1790 case CMSG_SIGNER_CERT_INFO_PARAM:
1791 if (msg->u.signedInfo)
1792 {
1793 if (dwIndex >= msg->u.signedInfo->cSignerInfo)
1794 SetLastError(CRYPT_E_INVALID_INDEX);
1795 else
1796 ret = CRYPT_CopySignerCertInfo(pvData, pcbData,
1797 &msg->u.signedInfo->rgSignerInfo[dwIndex]);
1798 }
1799 else
1800 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1801 break;
1802 case CMSG_CERT_COUNT_PARAM:
1803 if (msg->u.signedInfo)
1804 ret = CRYPT_CopyParam(pvData, pcbData,
1805 &msg->u.signedInfo->cCertEncoded, sizeof(DWORD));
1806 else
1807 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1808 break;
1809 case CMSG_CERT_PARAM:
1810 if (msg->u.signedInfo)
1811 {
1812 if (dwIndex >= msg->u.signedInfo->cCertEncoded)
1813 SetLastError(CRYPT_E_INVALID_INDEX);
1814 else
1815 ret = CRYPT_CopyParam(pvData, pcbData,
1816 msg->u.signedInfo->rgCertEncoded[dwIndex].pbData,
1817 msg->u.signedInfo->rgCertEncoded[dwIndex].cbData);
1818 }
1819 else
1820 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1821 break;
1822 case CMSG_CRL_COUNT_PARAM:
1823 if (msg->u.signedInfo)
1824 ret = CRYPT_CopyParam(pvData, pcbData,
1825 &msg->u.signedInfo->cCrlEncoded, sizeof(DWORD));
1826 else
1827 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1828 break;
1829 case CMSG_CRL_PARAM:
1830 if (msg->u.signedInfo)
1831 {
1832 if (dwIndex >= msg->u.signedInfo->cCrlEncoded)
1833 SetLastError(CRYPT_E_INVALID_INDEX);
1834 else
1835 ret = CRYPT_CopyParam(pvData, pcbData,
1836 msg->u.signedInfo->rgCrlEncoded[dwIndex].pbData,
1837 msg->u.signedInfo->rgCrlEncoded[dwIndex].cbData);
1838 }
1839 else
1840 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1841 break;
1842 case CMSG_ATTR_CERT_COUNT_PARAM:
1843 if (msg->u.signedInfo)
1844 {
1845 DWORD attrCertCount = 0;
1846
1847 ret = CRYPT_CopyParam(pvData, pcbData,
1848 &attrCertCount, sizeof(DWORD));
1849 }
1850 else
1851 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1852 break;
1853 case CMSG_ATTR_CERT_PARAM:
1854 if (msg->u.signedInfo)
1855 SetLastError(CRYPT_E_INVALID_INDEX);
1856 else
1857 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1858 break;
1859 default:
1860 FIXME("unimplemented for %d\n", dwParamType);
1861 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1862 }
1863 return ret;
1864 }
1865
1866 static BOOL CDecodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
1867 DWORD dwIndex, void *pvData, DWORD *pcbData)
1868 {
1869 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
1870 BOOL ret = FALSE;
1871
1872 switch (msg->type)
1873 {
1874 case CMSG_HASHED:
1875 ret = CDecodeHashMsg_GetParam(msg, dwParamType, dwIndex, pvData,
1876 pcbData);
1877 break;
1878 case CMSG_SIGNED:
1879 ret = CDecodeSignedMsg_GetParam(msg, dwParamType, dwIndex, pvData,
1880 pcbData);
1881 break;
1882 default:
1883 switch (dwParamType)
1884 {
1885 case CMSG_TYPE_PARAM:
1886 ret = CRYPT_CopyParam(pvData, pcbData, &msg->type,
1887 sizeof(msg->type));
1888 break;
1889 default:
1890 {
1891 CRYPT_DATA_BLOB blob;
1892
1893 ret = ContextPropertyList_FindProperty(msg->properties, dwParamType,
1894 &blob);
1895 if (ret)
1896 ret = CRYPT_CopyParam(pvData, pcbData, blob.pbData,
1897 blob.cbData);
1898 else
1899 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1900 }
1901 }
1902 }
1903 return ret;
1904 }
1905
1906 HCRYPTMSG WINAPI CryptMsgOpenToDecode(DWORD dwMsgEncodingType, DWORD dwFlags,
1907 DWORD dwMsgType, HCRYPTPROV_LEGACY hCryptProv, PCERT_INFO pRecipientInfo,
1908 PCMSG_STREAM_INFO pStreamInfo)
1909 {
1910 CDecodeMsg *msg;
1911
1912 TRACE("(%08x, %08x, %08x, %08lx, %p, %p)\n", dwMsgEncodingType,
1913 dwFlags, dwMsgType, hCryptProv, pRecipientInfo, pStreamInfo);
1914
1915 if (GET_CMSG_ENCODING_TYPE(dwMsgEncodingType) != PKCS_7_ASN_ENCODING)
1916 {
1917 SetLastError(E_INVALIDARG);
1918 return NULL;
1919 }
1920 msg = CryptMemAlloc(sizeof(CDecodeMsg));
1921 if (msg)
1922 {
1923 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
1924 CDecodeMsg_Close, CDecodeMsg_GetParam, CDecodeMsg_Update);
1925 msg->type = dwMsgType;
1926 if (hCryptProv)
1927 msg->crypt_prov = hCryptProv;
1928 else
1929 {
1930 msg->crypt_prov = CRYPT_GetDefaultProvider();
1931 msg->base.open_flags &= ~CMSG_CRYPT_RELEASE_CONTEXT_FLAG;
1932 }
1933 memset(&msg->u, 0, sizeof(msg->u));
1934 msg->msg_data.cbData = 0;
1935 msg->msg_data.pbData = NULL;
1936 msg->properties = ContextPropertyList_Create();
1937 }
1938 return msg;
1939 }
1940
1941 HCRYPTMSG WINAPI CryptMsgDuplicate(HCRYPTMSG hCryptMsg)
1942 {
1943 TRACE("(%p)\n", hCryptMsg);
1944
1945 if (hCryptMsg)
1946 {
1947 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
1948
1949 InterlockedIncrement(&msg->ref);
1950 }
1951 return hCryptMsg;
1952 }
1953
1954 BOOL WINAPI CryptMsgClose(HCRYPTMSG hCryptMsg)
1955 {
1956 TRACE("(%p)\n", hCryptMsg);
1957
1958 if (hCryptMsg)
1959 {
1960 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
1961
1962 if (InterlockedDecrement(&msg->ref) == 0)
1963 {
1964 TRACE("freeing %p\n", msg);
1965 if (msg->close)
1966 msg->close(msg);
1967 CryptMemFree(msg);
1968 }
1969 }
1970 return TRUE;
1971 }
1972
1973 BOOL WINAPI CryptMsgUpdate(HCRYPTMSG hCryptMsg, const BYTE *pbData,
1974 DWORD cbData, BOOL fFinal)
1975 {
1976 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
1977 BOOL ret = FALSE;
1978
1979 TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
1980
1981 if (msg->state == MsgStateFinalized)
1982 SetLastError(CRYPT_E_MSG_ERROR);
1983 else
1984 {
1985 ret = msg->update(hCryptMsg, pbData, cbData, fFinal);
1986 msg->state = MsgStateUpdated;
1987 if (fFinal)
1988 msg->state = MsgStateFinalized;
1989 }
1990 return ret;
1991 }
1992
1993 BOOL WINAPI CryptMsgGetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
1994 DWORD dwIndex, void *pvData, DWORD *pcbData)
1995 {
1996 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
1997
1998 TRACE("(%p, %d, %d, %p, %p)\n", hCryptMsg, dwParamType, dwIndex,
1999 pvData, pcbData);
2000 return msg->get_param(hCryptMsg, dwParamType, dwIndex, pvData, pcbData);
2001 }
2002
2003 BOOL WINAPI CryptMsgControl(HCRYPTMSG hCryptMsg, DWORD dwFlags,
2004 DWORD dwCtrlType, const void *pvCtrlPara)
2005 {
2006 FIXME("(%p, %08x, %d, %p): stub\n", hCryptMsg, dwFlags, dwCtrlType,
2007 pvCtrlPara);
2008 return TRUE;
2009 }
useful hacks and other patches not (yet) suitable for mainline