2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 #include "wine/port.h"
24 #define NONAMELESSUNION
25 #define NONAMELESSSTRUCT
26 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
39 #include "wine/debug.h"
41 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet
);
43 BOOL WINAPI
DllMain(HINSTANCE hinstDLL
, DWORD fdwReason
, LPVOID lpvReserved
)
45 TRACE("(0x%p, %d, %p)\n", hinstDLL
, fdwReason
, lpvReserved
);
48 case DLL_PROCESS_ATTACH
:
49 DisableThreadLibraryCalls(hinstDLL
);
51 case DLL_PROCESS_DETACH
:
52 /* Do uninitialisation here */
59 static const WCHAR cryptNet
[] = { 'c','r','y','p','t','n','e','t','.',
61 static const WCHAR ldapProvOpenStore
[] = { 'L','d','a','p','P','r','o','v',
62 'O','p','e','S','t','o','r','e',0 };
64 /***********************************************************************
65 * DllRegisterServer (CRYPTNET.@)
67 HRESULT WINAPI
DllRegisterServer(void)
70 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING
,
71 CRYPT_OID_VERIFY_REVOCATION_FUNC
, 0, cryptNet
);
72 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap",
73 cryptNet
, "LdapProvOpenStore");
74 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
75 CERT_STORE_PROV_LDAP_W
, cryptNet
, "LdapProvOpenStore");
79 /***********************************************************************
80 * DllUnregisterServer (CRYPTNET.@)
82 HRESULT WINAPI
DllUnregisterServer(void)
85 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING
,
86 CRYPT_OID_VERIFY_REVOCATION_FUNC
, cryptNet
);
87 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap");
88 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
89 CERT_STORE_PROV_LDAP_W
);
93 static const char *url_oid_to_str(LPCSTR oid
)
103 #define _x(oid) case LOWORD(oid): return #oid
104 _x(URL_OID_CERTIFICATE_ISSUER
);
105 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT
);
106 _x(URL_OID_CTL_ISSUER
);
107 _x(URL_OID_CTL_NEXT_UPDATE
);
108 _x(URL_OID_CRL_ISSUER
);
109 _x(URL_OID_CERTIFICATE_FRESHEST_CRL
);
110 _x(URL_OID_CRL_FRESHEST_CRL
);
111 _x(URL_OID_CROSS_CERT_DIST_POINT
);
114 snprintf(buf
, sizeof(buf
), "%d", LOWORD(oid
));
120 typedef BOOL (WINAPI
*UrlDllGetObjectUrlFunc
)(LPCSTR
, LPVOID
, DWORD
,
121 PCRYPT_URL_ARRAY
, DWORD
*, PCRYPT_URL_INFO
, DWORD
*, LPVOID
);
123 static BOOL WINAPI
CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid
,
124 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
125 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
127 PCCERT_CONTEXT cert
= pvPara
;
131 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
132 if (dwFlags
&& !(dwFlags
& CRYPT_GET_URL_FROM_EXTENSION
))
134 SetLastError(CRYPT_E_NOT_FOUND
);
137 if ((ext
= CertFindExtension(szOID_AUTHORITY_INFO_ACCESS
,
138 cert
->pCertInfo
->cExtension
, cert
->pCertInfo
->rgExtension
)))
140 CERT_AUTHORITY_INFO_ACCESS
*aia
;
143 ret
= CryptDecodeObjectEx(X509_ASN_ENCODING
, X509_AUTHORITY_INFO_ACCESS
,
144 ext
->Value
.pbData
, ext
->Value
.cbData
, CRYPT_DECODE_ALLOC_FLAG
, NULL
,
148 DWORD i
, cUrl
, bytesNeeded
= sizeof(CRYPT_URL_ARRAY
);
150 for (i
= 0, cUrl
= 0; i
< aia
->cAccDescr
; i
++)
151 if (!strcmp(aia
->rgAccDescr
[i
].pszAccessMethod
,
152 szOID_PKIX_CA_ISSUERS
))
154 if (aia
->rgAccDescr
[i
].AccessLocation
.dwAltNameChoice
==
157 if (aia
->rgAccDescr
[i
].AccessLocation
.u
.pwszURL
)
160 bytesNeeded
+= sizeof(LPWSTR
) +
161 (lstrlenW(aia
->rgAccDescr
[i
].AccessLocation
.u
.
162 pwszURL
) + 1) * sizeof(WCHAR
);
166 FIXME("unsupported alt name type %d\n",
167 aia
->rgAccDescr
[i
].AccessLocation
.dwAltNameChoice
);
171 SetLastError(E_INVALIDARG
);
175 *pcbUrlArray
= bytesNeeded
;
176 else if (*pcbUrlArray
< bytesNeeded
)
178 SetLastError(ERROR_MORE_DATA
);
179 *pcbUrlArray
= bytesNeeded
;
186 *pcbUrlArray
= bytesNeeded
;
188 pUrlArray
->rgwszUrl
=
189 (LPWSTR
*)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
));
190 nextUrl
= (LPWSTR
)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
)
191 + cUrl
* sizeof(LPWSTR
));
192 for (i
= 0; i
< aia
->cAccDescr
; i
++)
193 if (!strcmp(aia
->rgAccDescr
[i
].pszAccessMethod
,
194 szOID_PKIX_CA_ISSUERS
))
196 if (aia
->rgAccDescr
[i
].AccessLocation
.dwAltNameChoice
197 == CERT_ALT_NAME_URL
)
199 if (aia
->rgAccDescr
[i
].AccessLocation
.u
.pwszURL
)
202 aia
->rgAccDescr
[i
].AccessLocation
.u
.pwszURL
);
203 pUrlArray
->rgwszUrl
[pUrlArray
->cUrl
++] =
205 nextUrl
+= (lstrlenW(nextUrl
) + 1);
214 FIXME("url info: stub\n");
216 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
217 else if (*pcbUrlInfo
< sizeof(CRYPT_URL_INFO
))
219 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
220 SetLastError(ERROR_MORE_DATA
);
225 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
226 memset(pUrlInfo
, 0, sizeof(CRYPT_URL_INFO
));
234 SetLastError(CRYPT_E_NOT_FOUND
);
238 static BOOL WINAPI
CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid
,
239 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
240 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
242 PCCERT_CONTEXT cert
= pvPara
;
246 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
247 if (dwFlags
&& !(dwFlags
& CRYPT_GET_URL_FROM_EXTENSION
))
249 SetLastError(CRYPT_E_NOT_FOUND
);
252 if ((ext
= CertFindExtension(szOID_CRL_DIST_POINTS
,
253 cert
->pCertInfo
->cExtension
, cert
->pCertInfo
->rgExtension
)))
255 CRL_DIST_POINTS_INFO
*info
;
258 ret
= CryptDecodeObjectEx(X509_ASN_ENCODING
, X509_CRL_DIST_POINTS
,
259 ext
->Value
.pbData
, ext
->Value
.cbData
, CRYPT_DECODE_ALLOC_FLAG
, NULL
,
263 DWORD i
, cUrl
, bytesNeeded
= sizeof(CRYPT_URL_ARRAY
);
265 for (i
= 0, cUrl
= 0; i
< info
->cDistPoint
; i
++)
266 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
267 == CRL_DIST_POINT_FULL_NAME
)
270 CERT_ALT_NAME_INFO
*name
=
271 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
273 for (j
= 0; j
< name
->cAltEntry
; j
++)
274 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
277 if (name
->rgAltEntry
[j
].u
.pwszURL
)
280 bytesNeeded
+= sizeof(LPWSTR
) +
281 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1)
288 SetLastError(E_INVALIDARG
);
292 *pcbUrlArray
= bytesNeeded
;
293 else if (*pcbUrlArray
< bytesNeeded
)
295 SetLastError(ERROR_MORE_DATA
);
296 *pcbUrlArray
= bytesNeeded
;
303 *pcbUrlArray
= bytesNeeded
;
305 pUrlArray
->rgwszUrl
=
306 (LPWSTR
*)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
));
307 nextUrl
= (LPWSTR
)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
)
308 + cUrl
* sizeof(LPWSTR
));
309 for (i
= 0; i
< info
->cDistPoint
; i
++)
310 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
311 == CRL_DIST_POINT_FULL_NAME
)
314 CERT_ALT_NAME_INFO
*name
=
315 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
317 for (j
= 0; j
< name
->cAltEntry
; j
++)
318 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
321 if (name
->rgAltEntry
[j
].u
.pwszURL
)
324 name
->rgAltEntry
[j
].u
.pwszURL
);
325 pUrlArray
->rgwszUrl
[pUrlArray
->cUrl
++] =
328 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1);
337 FIXME("url info: stub\n");
339 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
340 else if (*pcbUrlInfo
< sizeof(CRYPT_URL_INFO
))
342 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
343 SetLastError(ERROR_MORE_DATA
);
348 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
349 memset(pUrlInfo
, 0, sizeof(CRYPT_URL_INFO
));
357 SetLastError(CRYPT_E_NOT_FOUND
);
361 /***********************************************************************
362 * CryptGetObjectUrl (CRYPTNET.@)
364 BOOL WINAPI
CryptGetObjectUrl(LPCSTR pszUrlOid
, LPVOID pvPara
, DWORD dwFlags
,
365 PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
, PCRYPT_URL_INFO pUrlInfo
,
366 DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
368 UrlDllGetObjectUrlFunc func
= NULL
;
369 HCRYPTOIDFUNCADDR hFunc
= NULL
;
372 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid
),
373 pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
, pUrlInfo
, pcbUrlInfo
, pvReserved
);
375 if (!HIWORD(pszUrlOid
))
377 switch (LOWORD(pszUrlOid
))
379 case LOWORD(URL_OID_CERTIFICATE_ISSUER
):
380 func
= CRYPT_GetUrlFromCertificateIssuer
;
382 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT
):
383 func
= CRYPT_GetUrlFromCertificateCRLDistPoint
;
386 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid
));
387 SetLastError(ERROR_FILE_NOT_FOUND
);
392 static HCRYPTOIDFUNCSET set
= NULL
;
395 set
= CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC
, 0);
396 CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszUrlOid
, 0,
397 (void **)&func
, &hFunc
);
400 ret
= func(pszUrlOid
, pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
,
401 pUrlInfo
, pcbUrlInfo
, pvReserved
);
403 CryptFreeOIDFunctionAddress(hFunc
, 0);
407 /***********************************************************************
408 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
410 BOOL WINAPI
CryptRetrieveObjectByUrlA(LPCSTR pszURL
, LPCSTR pszObjectOid
,
411 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
412 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
413 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
418 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL
),
419 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
420 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
424 SetLastError(ERROR_INVALID_PARAMETER
);
427 len
= MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, NULL
, 0);
430 LPWSTR url
= CryptMemAlloc(len
* sizeof(WCHAR
));
434 MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, url
, len
);
435 ret
= CryptRetrieveObjectByUrlW(url
, pszObjectOid
,
436 dwRetrievalFlags
, dwTimeout
, ppvObject
, hAsyncRetrieve
,
437 pCredentials
, pvVerify
, pAuxInfo
);
441 SetLastError(ERROR_OUTOFMEMORY
);
446 static void WINAPI
CRYPT_FreeBlob(LPCSTR pszObjectOid
,
447 PCRYPT_BLOB_ARRAY pObject
, void *pvFreeContext
)
451 for (i
= 0; i
< pObject
->cBlob
; i
++)
452 CryptMemFree(pObject
->rgBlob
[i
].pbData
);
453 CryptMemFree(pObject
->rgBlob
);
456 static BOOL
CRYPT_GetObjectFromFile(HANDLE hFile
, PCRYPT_BLOB_ARRAY pObject
)
461 if ((ret
= GetFileSizeEx(hFile
, &size
)))
465 WARN("file too big\n");
466 SetLastError(ERROR_INVALID_DATA
);
471 CRYPT_DATA_BLOB blob
;
473 blob
.pbData
= CryptMemAlloc(size
.u
.LowPart
);
476 blob
.cbData
= size
.u
.LowPart
;
477 ret
= ReadFile(hFile
, blob
.pbData
, size
.u
.LowPart
, &blob
.cbData
,
481 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
485 memcpy(pObject
->rgBlob
, &blob
, sizeof(CRYPT_DATA_BLOB
));
489 SetLastError(ERROR_OUTOFMEMORY
);
494 CryptMemFree(blob
.pbData
);
498 SetLastError(ERROR_OUTOFMEMORY
);
506 static BOOL
CRYPT_GetObjectFromCache(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
507 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
510 INTERNET_CACHE_ENTRY_INFOW
*pCacheInfo
= NULL
;
513 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pObject
, pAuxInfo
);
515 ret
= GetUrlCacheEntryInfoW(pszURL
, NULL
, &size
);
516 if (!ret
&& GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
518 pCacheInfo
= CryptMemAlloc(size
);
522 SetLastError(ERROR_OUTOFMEMORY
);
524 if (ret
&& (ret
= GetUrlCacheEntryInfoW(pszURL
, pCacheInfo
, &size
)))
528 GetSystemTimeAsFileTime(&ft
);
529 if (CompareFileTime(&pCacheInfo
->ExpireTime
, &ft
) >= 0)
531 HANDLE hFile
= CreateFileW(pCacheInfo
->lpszLocalFileName
,
532 GENERIC_READ
, 0, NULL
, OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
534 if (hFile
!= INVALID_HANDLE_VALUE
)
536 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
538 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
539 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
540 pLastSyncTime
) + sizeof(PFILETIME
) &&
541 pAuxInfo
->pLastSyncTime
)
542 memcpy(pAuxInfo
->pLastSyncTime
,
543 &pCacheInfo
->LastSyncTime
,
550 DeleteUrlCacheEntryW(pszURL
);
556 DeleteUrlCacheEntryW(pszURL
);
560 CryptMemFree(pCacheInfo
);
561 TRACE("returning %d\n", ret
);
565 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
566 * to NULL-terminated copies of those portions of the URL (to be freed with
569 static BOOL
CRYPT_CrackUrl(LPCWSTR pszURL
, URL_COMPONENTSW
*components
)
573 TRACE("(%s, %p)\n", debugstr_w(pszURL
), components
);
575 memset(components
, 0, sizeof(*components
));
576 components
->dwStructSize
= sizeof(*components
);
577 components
->lpszHostName
= CryptMemAlloc(MAX_PATH
* sizeof(WCHAR
));
578 components
->dwHostNameLength
= MAX_PATH
;
579 components
->lpszUrlPath
= CryptMemAlloc(MAX_PATH
* 2 * sizeof(WCHAR
));
580 components
->dwUrlPathLength
= 2 * MAX_PATH
;
581 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, components
);
584 if ((components
->dwUrlPathLength
== 2 * MAX_PATH
- 1) ||
585 (components
->dwHostNameLength
== MAX_PATH
- 1))
586 FIXME("Buffers are too small\n");
587 switch (components
->nScheme
)
589 case INTERNET_SCHEME_FTP
:
590 if (!components
->nPort
)
591 components
->nPort
= INTERNET_DEFAULT_FTP_PORT
;
593 case INTERNET_SCHEME_HTTP
:
594 if (!components
->nPort
)
595 components
->nPort
= INTERNET_DEFAULT_HTTP_PORT
;
601 TRACE("returning %d\n", ret
);
612 static struct InetContext
*CRYPT_MakeInetContext(DWORD dwTimeout
)
614 struct InetContext
*context
= CryptMemAlloc(sizeof(struct InetContext
));
618 context
->event
= CreateEventW(NULL
, FALSE
, FALSE
, NULL
);
621 CryptMemFree(context
);
626 context
->timeout
= dwTimeout
;
627 context
->error
= ERROR_SUCCESS
;
633 static BOOL
CRYPT_DownloadObject(DWORD dwRetrievalFlags
, HINTERNET hHttp
,
634 struct InetContext
*context
, PCRYPT_BLOB_ARRAY pObject
,
635 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
637 CRYPT_DATA_BLOB object
= { 0, NULL
};
638 DWORD bytesAvailable
;
642 if ((ret
= InternetQueryDataAvailable(hHttp
, &bytesAvailable
, 0, 0)))
647 object
.pbData
= CryptMemRealloc(object
.pbData
,
648 object
.cbData
+ bytesAvailable
);
650 object
.pbData
= CryptMemAlloc(bytesAvailable
);
653 INTERNET_BUFFERSA buffer
= { sizeof(buffer
), 0 };
655 buffer
.dwBufferLength
= bytesAvailable
;
656 buffer
.lpvBuffer
= object
.pbData
+ object
.cbData
;
657 if (!(ret
= InternetReadFileExA(hHttp
, &buffer
, IRF_NO_WAIT
,
658 (DWORD_PTR
)context
)))
660 if (GetLastError() == ERROR_IO_PENDING
)
662 if (WaitForSingleObject(context
->event
,
663 context
->timeout
) == WAIT_TIMEOUT
)
664 SetLastError(ERROR_TIMEOUT
);
665 else if (context
->error
)
666 SetLastError(context
->error
);
672 object
.cbData
+= buffer
.dwBufferLength
;
676 SetLastError(ERROR_OUTOFMEMORY
);
681 else if (GetLastError() == ERROR_IO_PENDING
)
683 if (WaitForSingleObject(context
->event
, context
->timeout
) ==
685 SetLastError(ERROR_TIMEOUT
);
689 } while (ret
&& bytesAvailable
);
692 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
693 if (!pObject
->rgBlob
)
695 CryptMemFree(object
.pbData
);
696 SetLastError(ERROR_OUTOFMEMORY
);
701 pObject
->rgBlob
[0].cbData
= object
.cbData
;
702 pObject
->rgBlob
[0].pbData
= object
.pbData
;
706 TRACE("returning %d\n", ret
);
710 /* Finds the object specified by pszURL in the cache. If it's not found,
711 * creates a new cache entry for the object and writes the object to it.
712 * Sets the expiration time of the cache entry to expires.
714 static void CRYPT_CacheURL(LPCWSTR pszURL
, const CRYPT_BLOB_ARRAY
*pObject
,
715 DWORD dwRetrievalFlags
, FILETIME expires
)
717 WCHAR cacheFileName
[MAX_PATH
];
719 BOOL ret
, create
= FALSE
;
721 GetUrlCacheEntryInfoW(pszURL
, NULL
, &size
);
722 if (GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
724 INTERNET_CACHE_ENTRY_INFOW
*info
= CryptMemAlloc(size
);
730 ret
= GetUrlCacheEntryInfoW(pszURL
, info
, &size
);
732 lstrcpyW(cacheFileName
, info
->lpszLocalFileName
);
733 /* Check if the existing cache entry is up to date. If it isn't,
734 * overwite it with the new value.
736 GetSystemTimeAsFileTime(&ft
);
737 if (CompareFileTime(&info
->ExpireTime
, &ft
) < 0)
746 ret
= CreateUrlCacheEntryW(pszURL
, pObject
->rgBlob
[0].cbData
, NULL
,
757 HANDLE hCacheFile
= CreateFileW(cacheFileName
, GENERIC_WRITE
, 0,
758 NULL
, CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
760 if (hCacheFile
!= INVALID_HANDLE_VALUE
)
764 WriteFile(hCacheFile
, pObject
->rgBlob
[0].pbData
,
765 pObject
->rgBlob
[0].cbData
, &bytesWritten
, NULL
);
766 CloseHandle(hCacheFile
);
773 if (!(dwRetrievalFlags
& CRYPT_STICKY_CACHE_RETRIEVAL
))
774 entryType
= NORMAL_CACHE_ENTRY
;
776 entryType
= STICKY_CACHE_ENTRY
;
777 CommitUrlCacheEntryW(pszURL
, cacheFileName
, expires
, ft
, entryType
,
778 NULL
, 0, NULL
, NULL
);
783 static void CALLBACK
CRYPT_InetStatusCallback(HINTERNET hInt
,
784 DWORD_PTR dwContext
, DWORD status
, void *statusInfo
, DWORD statusInfoLen
)
786 struct InetContext
*context
= (struct InetContext
*)dwContext
;
787 LPINTERNET_ASYNC_RESULT result
;
791 case INTERNET_STATUS_REQUEST_COMPLETE
:
793 context
->error
= result
->dwError
;
794 SetEvent(context
->event
);
798 static BOOL
CRYPT_Connect(const URL_COMPONENTSW
*components
,
799 struct InetContext
*context
, PCRYPT_CREDENTIALS pCredentials
,
800 HINTERNET
*phInt
, HINTERNET
*phHost
)
804 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components
->lpszHostName
),
805 components
->nPort
, context
, pCredentials
, phInt
, phInt
);
808 *phInt
= InternetOpenW(NULL
, INTERNET_OPEN_TYPE_DIRECT
, NULL
, NULL
,
809 context
? INTERNET_FLAG_ASYNC
: 0);
815 InternetSetStatusCallbackW(*phInt
, CRYPT_InetStatusCallback
);
816 switch (components
->nScheme
)
818 case INTERNET_SCHEME_FTP
:
819 service
= INTERNET_SERVICE_FTP
;
821 case INTERNET_SCHEME_HTTP
:
822 service
= INTERNET_SERVICE_HTTP
;
827 /* FIXME: use pCredentials for username/password */
828 *phHost
= InternetConnectW(*phInt
, components
->lpszHostName
,
829 components
->nPort
, NULL
, NULL
, service
, 0, (DWORD_PTR
)context
);
832 InternetCloseHandle(*phInt
);
841 TRACE("returning %d\n", ret
);
845 static BOOL WINAPI
FTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
846 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
847 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
848 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
849 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
851 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
852 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
853 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
856 pObject
->rgBlob
= NULL
;
857 *ppfnFreeObject
= CRYPT_FreeBlob
;
858 *ppvFreeContext
= NULL
;
862 static const WCHAR x509cacert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
863 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
864 static const WCHAR x509emailcert
[] = { 'a','p','p','l','i','c','a','t','i','o',
865 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
867 static const WCHAR x509servercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
868 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
870 static const WCHAR x509usercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
871 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
872 static const WCHAR pkcs7cert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
873 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
875 static const WCHAR pkixCRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
876 '/','p','k','i','x','-','c','r','l',0 };
877 static const WCHAR pkcs7CRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
878 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
879 static const WCHAR pkcs7sig
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
880 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
881 static const WCHAR pkcs7mime
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
882 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
884 static BOOL WINAPI
HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
885 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
886 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
887 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
888 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
892 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
893 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
894 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
897 pObject
->rgBlob
= NULL
;
898 *ppfnFreeObject
= CRYPT_FreeBlob
;
899 *ppvFreeContext
= NULL
;
901 if (!(dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
))
902 ret
= CRYPT_GetObjectFromCache(pszURL
, pObject
, pAuxInfo
);
903 if (!ret
&& (!(dwRetrievalFlags
& CRYPT_CACHE_ONLY_RETRIEVAL
) ||
904 (dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
)))
906 URL_COMPONENTSW components
;
908 if ((ret
= CRYPT_CrackUrl(pszURL
, &components
)))
910 HINTERNET hInt
, hHost
;
911 struct InetContext
*context
= NULL
;
914 context
= CRYPT_MakeInetContext(dwTimeout
);
915 ret
= CRYPT_Connect(&components
, context
, pCredentials
, &hInt
,
919 static LPCWSTR types
[] = { x509cacert
, x509emailcert
,
920 x509servercert
, x509usercert
, pkcs7cert
, pkixCRL
, pkcs7CRL
,
921 pkcs7sig
, pkcs7mime
, NULL
};
922 HINTERNET hHttp
= HttpOpenRequestW(hHost
, NULL
,
923 components
.lpszUrlPath
, NULL
, NULL
, types
,
924 INTERNET_FLAG_NO_COOKIES
| INTERNET_FLAG_NO_UI
,
931 InternetSetOptionW(hHttp
,
932 INTERNET_OPTION_RECEIVE_TIMEOUT
, &dwTimeout
,
934 InternetSetOptionW(hHttp
, INTERNET_OPTION_SEND_TIMEOUT
,
935 &dwTimeout
, sizeof(dwTimeout
));
937 ret
= HttpSendRequestExW(hHttp
, NULL
, NULL
, 0,
939 if (!ret
&& GetLastError() == ERROR_IO_PENDING
)
941 if (WaitForSingleObject(context
->event
,
942 context
->timeout
) == WAIT_TIMEOUT
)
943 SetLastError(ERROR_TIMEOUT
);
947 /* We don't set ret to TRUE in this block to avoid masking
948 * an error from HttpSendRequestExW.
950 if (!HttpEndRequestW(hHttp
, NULL
, 0, (DWORD_PTR
)context
) &&
951 GetLastError() == ERROR_IO_PENDING
)
953 if (WaitForSingleObject(context
->event
,
954 context
->timeout
) == WAIT_TIMEOUT
)
956 SetLastError(ERROR_TIMEOUT
);
961 ret
= CRYPT_DownloadObject(dwRetrievalFlags
, hHttp
,
962 context
, pObject
, pAuxInfo
);
963 if (ret
&& !(dwRetrievalFlags
& CRYPT_DONT_CACHE_RESULT
))
966 DWORD len
= sizeof(st
);
968 if (HttpQueryInfoW(hHttp
,
969 HTTP_QUERY_EXPIRES
| HTTP_QUERY_FLAG_SYSTEMTIME
, &st
,
974 SystemTimeToFileTime(&st
, &ft
);
975 CRYPT_CacheURL(pszURL
, pObject
, dwRetrievalFlags
,
979 InternetCloseHandle(hHttp
);
981 InternetCloseHandle(hHost
);
982 InternetCloseHandle(hInt
);
986 CloseHandle(context
->event
);
987 CryptMemFree(context
);
989 CryptMemFree(components
.lpszUrlPath
);
990 CryptMemFree(components
.lpszHostName
);
993 TRACE("returning %d\n", ret
);
997 static BOOL WINAPI
File_RetrieveEncodedObjectW(LPCWSTR pszURL
,
998 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
999 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
1000 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
1001 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
1003 URL_COMPONENTSW components
= { sizeof(components
), 0 };
1006 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
1007 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
1008 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
1011 pObject
->rgBlob
= NULL
;
1012 *ppfnFreeObject
= CRYPT_FreeBlob
;
1013 *ppvFreeContext
= NULL
;
1015 components
.lpszUrlPath
= CryptMemAlloc(MAX_PATH
* 2 * sizeof(WCHAR
));
1016 components
.dwUrlPathLength
= 2 * MAX_PATH
;
1017 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, &components
);
1022 if (components
.dwUrlPathLength
== 2 * MAX_PATH
- 1)
1023 FIXME("Buffers are too small\n");
1025 /* 3 == lstrlenW(L"c:") + 1 */
1026 path
= CryptMemAlloc((components
.dwUrlPathLength
+ 3) * sizeof(WCHAR
));
1031 /* Try to create the file directly - Wine handles / in pathnames */
1032 lstrcpynW(path
, components
.lpszUrlPath
,
1033 components
.dwUrlPathLength
+ 1);
1034 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
1035 FILE_ATTRIBUTE_NORMAL
, NULL
);
1036 if (hFile
== INVALID_HANDLE_VALUE
)
1038 /* Try again on the current drive */
1039 GetCurrentDirectoryW(components
.dwUrlPathLength
, path
);
1042 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
1043 components
.dwUrlPathLength
+ 1);
1044 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
1045 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
1047 if (hFile
== INVALID_HANDLE_VALUE
)
1049 /* Try again on the Windows drive */
1050 GetWindowsDirectoryW(path
, components
.dwUrlPathLength
);
1053 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
1054 components
.dwUrlPathLength
+ 1);
1055 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
1056 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
1060 if (hFile
!= INVALID_HANDLE_VALUE
)
1062 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
1064 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
1065 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
1066 pLastSyncTime
) + sizeof(PFILETIME
) &&
1067 pAuxInfo
->pLastSyncTime
)
1068 GetFileTime(hFile
, NULL
, NULL
,
1069 pAuxInfo
->pLastSyncTime
);
1078 CryptMemFree(components
.lpszUrlPath
);
1082 typedef BOOL (WINAPI
*SchemeDllRetrieveEncodedObjectW
)(LPCWSTR pwszUrl
,
1083 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
1084 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
1085 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
1086 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
);
1088 static BOOL
CRYPT_GetRetrieveFunction(LPCWSTR pszURL
,
1089 SchemeDllRetrieveEncodedObjectW
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
1091 URL_COMPONENTSW components
= { sizeof(components
), 0 };
1094 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pFunc
, phFunc
);
1098 components
.dwSchemeLength
= 1;
1099 ret
= InternetCrackUrlW(pszURL
, 0, 0, &components
);
1102 /* Microsoft always uses CryptInitOIDFunctionSet/
1103 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
1104 * reason to do so for builtin schemes.
1106 switch (components
.nScheme
)
1108 case INTERNET_SCHEME_FTP
:
1109 *pFunc
= FTP_RetrieveEncodedObjectW
;
1111 case INTERNET_SCHEME_HTTP
:
1112 *pFunc
= HTTP_RetrieveEncodedObjectW
;
1114 case INTERNET_SCHEME_FILE
:
1115 *pFunc
= File_RetrieveEncodedObjectW
;
1119 int len
= WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
1120 components
.dwSchemeLength
, NULL
, 0, NULL
, NULL
);
1124 LPSTR scheme
= CryptMemAlloc(len
);
1128 static HCRYPTOIDFUNCSET set
= NULL
;
1131 set
= CryptInitOIDFunctionSet(
1132 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC
, 0);
1133 WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
1134 components
.dwSchemeLength
, scheme
, len
, NULL
, NULL
);
1135 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
,
1136 scheme
, 0, (void **)pFunc
, phFunc
);
1137 CryptMemFree(scheme
);
1141 SetLastError(ERROR_OUTOFMEMORY
);
1150 TRACE("returning %d\n", ret
);
1154 static BOOL WINAPI
CRYPT_CreateBlob(LPCSTR pszObjectOid
,
1155 DWORD dwRetrievalFlags
, const CRYPT_BLOB_ARRAY
*pObject
, void **ppvContext
)
1158 CRYPT_BLOB_ARRAY
*context
;
1161 size
= sizeof(CRYPT_BLOB_ARRAY
) + pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1162 for (i
= 0; i
< pObject
->cBlob
; i
++)
1163 size
+= pObject
->rgBlob
[i
].cbData
;
1164 context
= CryptMemAlloc(size
);
1171 (CRYPT_DATA_BLOB
*)((LPBYTE
)context
+ sizeof(CRYPT_BLOB_ARRAY
));
1173 (LPBYTE
)context
->rgBlob
+ pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1174 for (i
= 0; i
< pObject
->cBlob
; i
++)
1176 memcpy(nextData
, pObject
->rgBlob
[i
].pbData
,
1177 pObject
->rgBlob
[i
].cbData
);
1178 context
->rgBlob
[i
].pbData
= nextData
;
1179 context
->rgBlob
[i
].cbData
= pObject
->rgBlob
[i
].cbData
;
1180 nextData
+= pObject
->rgBlob
[i
].cbData
;
1183 *ppvContext
= context
;
1189 typedef BOOL (WINAPI
*AddContextToStore
)(HCERTSTORE hCertStore
,
1190 const void *pContext
, DWORD dwAddDisposition
, const void **ppStoreContext
);
1192 static BOOL
CRYPT_CreateContext(const CRYPT_BLOB_ARRAY
*pObject
,
1193 DWORD dwExpectedContentTypeFlags
, AddContextToStore addFunc
, void **ppvContext
)
1197 if (!pObject
->cBlob
)
1199 SetLastError(ERROR_INVALID_DATA
);
1203 else if (pObject
->cBlob
== 1)
1205 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1206 dwExpectedContentTypeFlags
, CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
,
1207 NULL
, NULL
, NULL
, NULL
, (const void **)ppvContext
))
1209 SetLastError(CRYPT_E_NO_MATCH
);
1215 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1216 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1221 const void *context
;
1223 for (i
= 0; i
< pObject
->cBlob
; i
++)
1225 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1226 &pObject
->rgBlob
[i
], dwExpectedContentTypeFlags
,
1227 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, NULL
, NULL
, NULL
,
1230 if (!addFunc(store
, context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1235 SetLastError(CRYPT_E_NO_MATCH
);
1242 *ppvContext
= store
;
1247 static BOOL WINAPI
CRYPT_CreateCert(LPCSTR pszObjectOid
,
1248 DWORD dwRetrievalFlags
, const CRYPT_BLOB_ARRAY
*pObject
, void **ppvContext
)
1250 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CERT
,
1251 (AddContextToStore
)CertAddCertificateContextToStore
, ppvContext
);
1254 static BOOL WINAPI
CRYPT_CreateCRL(LPCSTR pszObjectOid
,
1255 DWORD dwRetrievalFlags
, const CRYPT_BLOB_ARRAY
*pObject
, void **ppvContext
)
1257 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CRL
,
1258 (AddContextToStore
)CertAddCRLContextToStore
, ppvContext
);
1261 static BOOL WINAPI
CRYPT_CreateCTL(LPCSTR pszObjectOid
,
1262 DWORD dwRetrievalFlags
, const CRYPT_BLOB_ARRAY
*pObject
, void **ppvContext
)
1264 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CTL
,
1265 (AddContextToStore
)CertAddCTLContextToStore
, ppvContext
);
1268 static BOOL WINAPI
CRYPT_CreatePKCS7(LPCSTR pszObjectOid
,
1269 DWORD dwRetrievalFlags
, const CRYPT_BLOB_ARRAY
*pObject
, void **ppvContext
)
1273 if (!pObject
->cBlob
)
1275 SetLastError(ERROR_INVALID_DATA
);
1279 else if (pObject
->cBlob
== 1)
1280 ret
= CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1281 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1282 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
, CERT_QUERY_FORMAT_FLAG_BINARY
,
1283 0, NULL
, NULL
, NULL
, ppvContext
, NULL
, NULL
);
1286 FIXME("multiple messages unimplemented\n");
1292 static BOOL WINAPI
CRYPT_CreateAny(LPCSTR pszObjectOid
,
1293 DWORD dwRetrievalFlags
, const CRYPT_BLOB_ARRAY
*pObject
, void **ppvContext
)
1297 if (!pObject
->cBlob
)
1299 SetLastError(ERROR_INVALID_DATA
);
1305 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
1306 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1310 HCERTSTORE memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1311 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1315 CertAddStoreToCollection(store
, memStore
,
1316 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
1317 CertCloseStore(memStore
, 0);
1321 CertCloseStore(store
, 0);
1330 for (i
= 0; i
< pObject
->cBlob
; i
++)
1332 DWORD contentType
, expectedContentTypes
=
1333 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1334 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
|
1335 CERT_QUERY_CONTENT_FLAG_CERT
|
1336 CERT_QUERY_CONTENT_FLAG_CRL
|
1337 CERT_QUERY_CONTENT_FLAG_CTL
;
1338 HCERTSTORE contextStore
;
1339 const void *context
;
1341 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1342 &pObject
->rgBlob
[i
], expectedContentTypes
,
1343 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, &contentType
, NULL
,
1344 &contextStore
, NULL
, &context
))
1346 switch (contentType
)
1348 case CERT_QUERY_CONTENT_CERT
:
1349 if (!CertAddCertificateContextToStore(store
,
1350 context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1352 CertFreeCertificateContext(context
);
1354 case CERT_QUERY_CONTENT_CRL
:
1355 if (!CertAddCRLContextToStore(store
,
1356 context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1358 CertFreeCRLContext(context
);
1360 case CERT_QUERY_CONTENT_CTL
:
1361 if (!CertAddCTLContextToStore(store
,
1362 context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1364 CertFreeCTLContext(context
);
1367 CertAddStoreToCollection(store
, contextStore
, 0, 0);
1369 CertCloseStore(contextStore
, 0);
1377 *ppvContext
= store
;
1382 typedef BOOL (WINAPI
*ContextDllCreateObjectContext
)(LPCSTR pszObjectOid
,
1383 DWORD dwRetrievalFlags
, const CRYPT_BLOB_ARRAY
*pObject
, void **ppvContext
);
1385 static BOOL
CRYPT_GetCreateFunction(LPCSTR pszObjectOid
,
1386 ContextDllCreateObjectContext
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
1390 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid
), pFunc
, phFunc
);
1394 if (!HIWORD(pszObjectOid
))
1396 switch (LOWORD(pszObjectOid
))
1399 *pFunc
= CRYPT_CreateBlob
;
1401 case LOWORD(CONTEXT_OID_CERTIFICATE
):
1402 *pFunc
= CRYPT_CreateCert
;
1404 case LOWORD(CONTEXT_OID_CRL
):
1405 *pFunc
= CRYPT_CreateCRL
;
1407 case LOWORD(CONTEXT_OID_CTL
):
1408 *pFunc
= CRYPT_CreateCTL
;
1410 case LOWORD(CONTEXT_OID_PKCS7
):
1411 *pFunc
= CRYPT_CreatePKCS7
;
1413 case LOWORD(CONTEXT_OID_CAPI2_ANY
):
1414 *pFunc
= CRYPT_CreateAny
;
1420 static HCRYPTOIDFUNCSET set
= NULL
;
1423 set
= CryptInitOIDFunctionSet(
1424 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC
, 0);
1425 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszObjectOid
,
1426 0, (void **)pFunc
, phFunc
);
1428 TRACE("returning %d\n", ret
);
1432 typedef BOOL (*get_object_expiration_func
)(const void *pvContext
,
1433 FILETIME
*expiration
);
1435 static BOOL
CRYPT_GetExpirationFromCert(const void *pvObject
, FILETIME
*expiration
)
1437 PCCERT_CONTEXT cert
= pvObject
;
1439 *expiration
= cert
->pCertInfo
->NotAfter
;
1443 static BOOL
CRYPT_GetExpirationFromCRL(const void *pvObject
, FILETIME
*expiration
)
1445 PCCRL_CONTEXT cert
= pvObject
;
1447 *expiration
= cert
->pCrlInfo
->NextUpdate
;
1451 static BOOL
CRYPT_GetExpirationFromCTL(const void *pvObject
, FILETIME
*expiration
)
1453 PCCTL_CONTEXT cert
= pvObject
;
1455 *expiration
= cert
->pCtlInfo
->NextUpdate
;
1459 static BOOL
CRYPT_GetExpirationFunction(LPCSTR pszObjectOid
,
1460 get_object_expiration_func
*getExpiration
)
1464 if (!HIWORD(pszObjectOid
))
1466 switch (LOWORD(pszObjectOid
))
1468 case LOWORD(CONTEXT_OID_CERTIFICATE
):
1469 *getExpiration
= CRYPT_GetExpirationFromCert
;
1472 case LOWORD(CONTEXT_OID_CRL
):
1473 *getExpiration
= CRYPT_GetExpirationFromCRL
;
1476 case LOWORD(CONTEXT_OID_CTL
):
1477 *getExpiration
= CRYPT_GetExpirationFromCTL
;
1489 /***********************************************************************
1490 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1492 BOOL WINAPI
CryptRetrieveObjectByUrlW(LPCWSTR pszURL
, LPCSTR pszObjectOid
,
1493 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
1494 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
1495 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
1498 SchemeDllRetrieveEncodedObjectW retrieve
;
1499 ContextDllCreateObjectContext create
;
1500 HCRYPTOIDFUNCADDR hRetrieve
= 0, hCreate
= 0;
1502 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
1503 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
1504 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
1508 SetLastError(ERROR_INVALID_PARAMETER
);
1511 ret
= CRYPT_GetRetrieveFunction(pszURL
, &retrieve
, &hRetrieve
);
1513 ret
= CRYPT_GetCreateFunction(pszObjectOid
, &create
, &hCreate
);
1516 CRYPT_BLOB_ARRAY object
= { 0, NULL
};
1517 PFN_FREE_ENCODED_OBJECT_FUNC freeObject
;
1520 ret
= retrieve(pszURL
, pszObjectOid
, dwRetrievalFlags
, dwTimeout
,
1521 &object
, &freeObject
, &freeContext
, hAsyncRetrieve
, pCredentials
,
1525 get_object_expiration_func getExpiration
;
1527 ret
= create(pszObjectOid
, dwRetrievalFlags
, &object
, ppvObject
);
1528 if (ret
&& !(dwRetrievalFlags
& CRYPT_DONT_CACHE_RESULT
) &&
1529 CRYPT_GetExpirationFunction(pszObjectOid
, &getExpiration
))
1533 if (getExpiration(*ppvObject
, &expires
))
1534 CRYPT_CacheURL(pszURL
, &object
, dwRetrievalFlags
, expires
);
1536 freeObject(pszObjectOid
, &object
, freeContext
);
1540 CryptFreeOIDFunctionAddress(hCreate
, 0);
1542 CryptFreeOIDFunctionAddress(hRetrieve
, 0);
1543 TRACE("returning %d\n", ret
);
1547 typedef struct _CERT_REVOCATION_PARA_NO_EXTRA_FIELDS
{
1549 PCCERT_CONTEXT pIssuerCert
;
1551 HCERTSTORE
*rgCertStore
;
1552 HCERTSTORE hCrlStore
;
1553 LPFILETIME pftTimeToUse
;
1554 } CERT_REVOCATION_PARA_NO_EXTRA_FIELDS
, *PCERT_REVOCATION_PARA_NO_EXTRA_FIELDS
;
1556 typedef struct _OLD_CERT_REVOCATION_STATUS
{
1561 } OLD_CERT_REVOCATION_STATUS
, *POLD_CERT_REVOCATION_STATUS
;
1563 /***********************************************************************
1564 * CertDllVerifyRevocation (CRYPTNET.@)
1566 BOOL WINAPI
CertDllVerifyRevocation(DWORD dwEncodingType
, DWORD dwRevType
,
1567 DWORD cContext
, PVOID rgpvContext
[], DWORD dwFlags
,
1568 PCERT_REVOCATION_PARA pRevPara
, PCERT_REVOCATION_STATUS pRevStatus
)
1573 LPFILETIME pTime
= NULL
;
1575 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType
, dwRevType
,
1576 cContext
, rgpvContext
, dwFlags
, pRevPara
, pRevStatus
);
1578 if (pRevStatus
->cbSize
!= sizeof(OLD_CERT_REVOCATION_STATUS
) &&
1579 pRevStatus
->cbSize
!= sizeof(CERT_REVOCATION_STATUS
))
1581 SetLastError(E_INVALIDARG
);
1586 SetLastError(E_INVALIDARG
);
1589 if (pRevPara
&& pRevPara
->cbSize
>=
1590 sizeof(CERT_REVOCATION_PARA_NO_EXTRA_FIELDS
))
1591 pTime
= pRevPara
->pftTimeToUse
;
1594 GetSystemTimeAsFileTime(&now
);
1597 memset(&pRevStatus
->dwIndex
, 0, pRevStatus
->cbSize
- sizeof(DWORD
));
1598 if (dwRevType
!= CERT_CONTEXT_REVOCATION_TYPE
)
1600 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1606 for (i
= 0; ret
&& i
< cContext
; i
++)
1610 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1611 rgpvContext
[i
], 0, NULL
, &cbUrlArray
, NULL
, NULL
, NULL
);
1612 if (!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
)
1614 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1615 pRevStatus
->dwIndex
= i
;
1619 CRYPT_URL_ARRAY
*urlArray
= CryptMemAlloc(cbUrlArray
);
1623 DWORD j
, retrievalFlags
= 0, startTime
, endTime
, timeout
;
1625 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1626 rgpvContext
[i
], 0, urlArray
, &cbUrlArray
, NULL
, NULL
,
1628 if (dwFlags
& CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION
)
1629 retrievalFlags
|= CRYPT_CACHE_ONLY_RETRIEVAL
;
1630 if ((dwFlags
& CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG
) &&
1632 pRevPara
->cbSize
>= offsetof(CERT_REVOCATION_PARA
,
1633 dwUrlRetrievalTimeout
) + sizeof(DWORD
))
1635 startTime
= GetTickCount();
1636 endTime
= startTime
+ pRevPara
->dwUrlRetrievalTimeout
;
1637 timeout
= pRevPara
->dwUrlRetrievalTimeout
;
1640 endTime
= timeout
= 0;
1641 for (j
= 0; ret
&& j
< urlArray
->cUrl
; j
++)
1645 ret
= CryptRetrieveObjectByUrlW(urlArray
->rgwszUrl
[j
],
1646 CONTEXT_OID_CRL
, retrievalFlags
, timeout
,
1647 (void **)&crl
, NULL
, NULL
, NULL
, NULL
);
1650 if (CertVerifyCRLTimeValidity(pTime
, crl
->pCrlInfo
))
1652 /* The CRL isn't time valid */
1653 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1658 PCRL_ENTRY entry
= NULL
;
1660 CertFindCertificateInCRL(
1661 rgpvContext
[i
], crl
, 0, NULL
,
1665 error
= CRYPT_E_REVOKED
;
1666 pRevStatus
->dwIndex
= i
;
1672 DWORD time
= GetTickCount();
1674 if ((int)(endTime
- time
) <= 0)
1676 error
= ERROR_TIMEOUT
;
1677 pRevStatus
->dwIndex
= i
;
1681 timeout
= endTime
- time
;
1683 CertFreeCRLContext(crl
);
1686 error
= CRYPT_E_REVOCATION_OFFLINE
;
1688 CryptMemFree(urlArray
);
1692 error
= ERROR_OUTOFMEMORY
;
1693 pRevStatus
->dwIndex
= i
;
1698 pRevStatus
->dwIndex
= i
;
1704 SetLastError(error
);
1705 pRevStatus
->dwError
= error
;
1707 TRACE("returning %d (%08x)\n", ret
, error
);