2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 #include "wine/port.h"
25 #define NONAMELESSUNION
26 #define NONAMELESSSTRUCT
29 #include "wine/debug.h"
35 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
38 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet
);
40 BOOL WINAPI
DllMain(HINSTANCE hinstDLL
, DWORD fdwReason
, LPVOID lpvReserved
)
42 TRACE("(0x%p, %d, %p)\n", hinstDLL
, fdwReason
, lpvReserved
);
45 case DLL_PROCESS_ATTACH
:
46 DisableThreadLibraryCalls(hinstDLL
);
48 case DLL_PROCESS_DETACH
:
49 /* Do uninitialisation here */
56 static const WCHAR cryptNet
[] = { 'c','r','y','p','t','n','e','t','.',
58 static const WCHAR ldapProvOpenStore
[] = { 'L','d','a','p','P','r','o','v',
59 'O','p','e','S','t','o','r','e',0 };
61 /***********************************************************************
62 * DllRegisterServer (CRYPTNET.@)
64 HRESULT WINAPI
DllRegisterServer(void)
67 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING
,
68 CRYPT_OID_VERIFY_REVOCATION_FUNC
, 0, cryptNet
);
69 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap",
70 cryptNet
, "LdapProvOpenStore");
71 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
72 CERT_STORE_PROV_LDAP_W
, cryptNet
, "LdapProvOpenStore");
76 /***********************************************************************
77 * DllUnregisterServer (CRYPTNET.@)
79 HRESULT WINAPI
DllUnregisterServer(void)
82 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING
,
83 CRYPT_OID_VERIFY_REVOCATION_FUNC
, cryptNet
);
84 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
, "Ldap");
85 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC
,
86 CERT_STORE_PROV_LDAP_W
);
90 static const char *url_oid_to_str(LPCSTR oid
)
100 #define _x(oid) case LOWORD(oid): return #oid
101 _x(URL_OID_CERTIFICATE_ISSUER
);
102 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT
);
103 _x(URL_OID_CTL_ISSUER
);
104 _x(URL_OID_CTL_NEXT_UPDATE
);
105 _x(URL_OID_CRL_ISSUER
);
106 _x(URL_OID_CERTIFICATE_FRESHEST_CRL
);
107 _x(URL_OID_CRL_FRESHEST_CRL
);
108 _x(URL_OID_CROSS_CERT_DIST_POINT
);
111 snprintf(buf
, sizeof(buf
), "%d", LOWORD(oid
));
117 typedef BOOL (WINAPI
*UrlDllGetObjectUrlFunc
)(LPCSTR
, LPVOID
, DWORD
,
118 PCRYPT_URL_ARRAY
, DWORD
*, PCRYPT_URL_INFO
, DWORD
*, LPVOID
);
120 static BOOL WINAPI
CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid
,
121 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
122 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
124 /* FIXME: This depends on the AIA (authority info access) extension being
125 * supported in crypt32.
128 SetLastError(CRYPT_E_NOT_FOUND
);
132 static BOOL WINAPI
CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid
,
133 LPVOID pvPara
, DWORD dwFlags
, PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
,
134 PCRYPT_URL_INFO pUrlInfo
, DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
136 PCCERT_CONTEXT cert
= (PCCERT_CONTEXT
)pvPara
;
140 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
141 if (dwFlags
&& !(dwFlags
& CRYPT_GET_URL_FROM_EXTENSION
))
143 SetLastError(CRYPT_E_NOT_FOUND
);
146 if ((ext
= CertFindExtension(szOID_CRL_DIST_POINTS
,
147 cert
->pCertInfo
->cExtension
, cert
->pCertInfo
->rgExtension
)))
149 CRL_DIST_POINTS_INFO
*info
;
152 ret
= CryptDecodeObjectEx(X509_ASN_ENCODING
, X509_CRL_DIST_POINTS
,
153 ext
->Value
.pbData
, ext
->Value
.cbData
, CRYPT_DECODE_ALLOC_FLAG
, NULL
,
157 DWORD i
, cUrl
, bytesNeeded
= sizeof(CRYPT_URL_ARRAY
);
159 for (i
= 0, cUrl
= 0; i
< info
->cDistPoint
; i
++)
160 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
161 == CRL_DIST_POINT_FULL_NAME
)
164 CERT_ALT_NAME_INFO
*name
=
165 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
167 for (j
= 0; j
< name
->cAltEntry
; j
++)
168 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
171 if (name
->rgAltEntry
[j
].u
.pwszURL
)
174 bytesNeeded
+= sizeof(LPWSTR
) +
175 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1)
182 SetLastError(E_INVALIDARG
);
186 *pcbUrlArray
= bytesNeeded
;
187 else if (*pcbUrlArray
< bytesNeeded
)
189 SetLastError(ERROR_MORE_DATA
);
190 *pcbUrlArray
= bytesNeeded
;
197 *pcbUrlArray
= bytesNeeded
;
199 pUrlArray
->rgwszUrl
=
200 (LPWSTR
*)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
));
201 nextUrl
= (LPWSTR
)((BYTE
*)pUrlArray
+ sizeof(CRYPT_URL_ARRAY
)
202 + cUrl
* sizeof(LPWSTR
));
203 for (i
= 0; i
< info
->cDistPoint
; i
++)
204 if (info
->rgDistPoint
[i
].DistPointName
.dwDistPointNameChoice
205 == CRL_DIST_POINT_FULL_NAME
)
208 CERT_ALT_NAME_INFO
*name
=
209 &info
->rgDistPoint
[i
].DistPointName
.u
.FullName
;
211 for (j
= 0; j
< name
->cAltEntry
; j
++)
212 if (name
->rgAltEntry
[j
].dwAltNameChoice
==
215 if (name
->rgAltEntry
[j
].u
.pwszURL
)
218 name
->rgAltEntry
[j
].u
.pwszURL
);
219 pUrlArray
->rgwszUrl
[pUrlArray
->cUrl
++] =
222 (lstrlenW(name
->rgAltEntry
[j
].u
.pwszURL
) + 1)
232 FIXME("url info: stub\n");
234 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
235 else if (*pcbUrlInfo
< sizeof(CRYPT_URL_INFO
))
237 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
238 SetLastError(ERROR_MORE_DATA
);
243 *pcbUrlInfo
= sizeof(CRYPT_URL_INFO
);
244 memset(pUrlInfo
, 0, sizeof(CRYPT_URL_INFO
));
252 SetLastError(CRYPT_E_NOT_FOUND
);
256 /***********************************************************************
257 * CryptGetObjectUrl (CRYPTNET.@)
259 BOOL WINAPI
CryptGetObjectUrl(LPCSTR pszUrlOid
, LPVOID pvPara
, DWORD dwFlags
,
260 PCRYPT_URL_ARRAY pUrlArray
, DWORD
*pcbUrlArray
, PCRYPT_URL_INFO pUrlInfo
,
261 DWORD
*pcbUrlInfo
, LPVOID pvReserved
)
263 UrlDllGetObjectUrlFunc func
= NULL
;
264 HCRYPTOIDFUNCADDR hFunc
= NULL
;
267 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid
),
268 pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
, pUrlInfo
, pcbUrlInfo
, pvReserved
);
270 if (!HIWORD(pszUrlOid
))
272 switch (LOWORD(pszUrlOid
))
274 case LOWORD(URL_OID_CERTIFICATE_ISSUER
):
275 func
= CRYPT_GetUrlFromCertificateIssuer
;
277 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT
):
278 func
= CRYPT_GetUrlFromCertificateCRLDistPoint
;
281 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid
));
282 SetLastError(ERROR_FILE_NOT_FOUND
);
287 static HCRYPTOIDFUNCSET set
= NULL
;
290 set
= CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC
, 0);
291 CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszUrlOid
, 0,
292 (void **)&func
, &hFunc
);
295 ret
= func(pszUrlOid
, pvPara
, dwFlags
, pUrlArray
, pcbUrlArray
,
296 pUrlInfo
, pcbUrlInfo
, pvReserved
);
298 CryptFreeOIDFunctionAddress(hFunc
, 0);
302 /***********************************************************************
303 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
305 BOOL WINAPI
CryptRetrieveObjectByUrlA(LPCSTR pszURL
, LPCSTR pszObjectOid
,
306 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
307 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
308 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
313 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL
),
314 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
315 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
319 SetLastError(ERROR_INVALID_PARAMETER
);
322 len
= MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, NULL
, 0);
325 LPWSTR url
= CryptMemAlloc(len
* sizeof(WCHAR
));
329 MultiByteToWideChar(CP_ACP
, 0, pszURL
, -1, url
, len
);
330 ret
= CryptRetrieveObjectByUrlW(url
, pszObjectOid
,
331 dwRetrievalFlags
, dwTimeout
, ppvObject
, hAsyncRetrieve
,
332 pCredentials
, pvVerify
, pAuxInfo
);
336 SetLastError(ERROR_OUTOFMEMORY
);
341 static void WINAPI
CRYPT_FreeBlob(LPCSTR pszObjectOid
,
342 PCRYPT_BLOB_ARRAY pObject
, void *pvFreeContext
)
346 for (i
= 0; i
< pObject
->cBlob
; i
++)
347 CryptMemFree(pObject
->rgBlob
[i
].pbData
);
348 CryptMemFree(pObject
->rgBlob
);
351 static BOOL
CRYPT_GetObjectFromFile(HANDLE hFile
, PCRYPT_BLOB_ARRAY pObject
)
356 if ((ret
= GetFileSizeEx(hFile
, &size
)))
360 WARN("file too big\n");
361 SetLastError(ERROR_INVALID_DATA
);
366 CRYPT_DATA_BLOB blob
;
368 blob
.pbData
= CryptMemAlloc(size
.u
.LowPart
);
371 blob
.cbData
= size
.u
.LowPart
;
372 ret
= ReadFile(hFile
, blob
.pbData
, size
.u
.LowPart
, &blob
.cbData
,
376 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
380 memcpy(pObject
->rgBlob
, &blob
, sizeof(CRYPT_DATA_BLOB
));
384 SetLastError(ERROR_OUTOFMEMORY
);
389 CryptMemFree(blob
.pbData
);
393 SetLastError(ERROR_OUTOFMEMORY
);
401 /* FIXME: should make wininet cache all downloads instead */
402 static BOOL
CRYPT_GetObjectFromCache(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
403 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
406 INTERNET_CACHE_ENTRY_INFOW cacheInfo
= { sizeof(cacheInfo
), 0 };
407 DWORD size
= sizeof(cacheInfo
);
409 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pObject
, pAuxInfo
);
411 if (GetUrlCacheEntryInfoW(pszURL
, &cacheInfo
, &size
) ||
412 GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
416 GetSystemTimeAsFileTime(&ft
);
417 if (CompareFileTime(&cacheInfo
.ExpireTime
, &ft
) >= 0)
419 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo
= CryptMemAlloc(size
);
423 if (GetUrlCacheEntryInfoW(pszURL
, pCacheInfo
, &size
))
425 HANDLE hFile
= CreateFileW(pCacheInfo
->lpszLocalFileName
,
426 GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
427 FILE_ATTRIBUTE_NORMAL
, NULL
);
429 if (hFile
!= INVALID_HANDLE_VALUE
)
431 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
433 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
434 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
435 pLastSyncTime
) + sizeof(PFILETIME
) &&
436 pAuxInfo
->pLastSyncTime
)
437 memcpy(pAuxInfo
->pLastSyncTime
,
438 &pCacheInfo
->LastSyncTime
,
444 CryptMemFree(pCacheInfo
);
447 SetLastError(ERROR_OUTOFMEMORY
);
450 DeleteUrlCacheEntryW(pszURL
);
452 TRACE("returning %d\n", ret
);
456 static inline LPWSTR
strndupW(LPWSTR string
, int len
)
459 if (string
&& (ret
= CryptMemAlloc((len
+ 1) * sizeof(WCHAR
))) != NULL
)
461 memcpy(ret
, string
, len
* sizeof(WCHAR
));
467 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
468 * to NULL-terminated copies of those portions of the URL (to be freed with
471 static BOOL
CRYPT_CrackUrl(LPCWSTR pszURL
, URL_COMPONENTSW
*components
)
475 TRACE("(%s, %p)\n", debugstr_w(pszURL
), components
);
477 memset(components
, 0, sizeof(*components
));
478 components
->dwStructSize
= sizeof(*components
);
479 components
->dwHostNameLength
= 1;
480 components
->dwUrlPathLength
= 1;
481 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, components
);
484 LPWSTR hostname
= strndupW(components
->lpszHostName
,
485 components
->dwHostNameLength
);
486 LPWSTR path
= strndupW(components
->lpszUrlPath
,
487 components
->dwUrlPathLength
);
489 components
->lpszHostName
= hostname
;
490 components
->lpszUrlPath
= path
;
491 switch (components
->nScheme
)
493 case INTERNET_SCHEME_FTP
:
494 if (!components
->nPort
)
495 components
->nPort
= INTERNET_DEFAULT_FTP_PORT
;
497 case INTERNET_SCHEME_HTTP
:
498 if (!components
->nPort
)
499 components
->nPort
= INTERNET_DEFAULT_HTTP_PORT
;
505 TRACE("returning %d\n", ret
);
516 static struct InetContext
*CRYPT_MakeInetContext(DWORD dwTimeout
)
518 struct InetContext
*context
= CryptMemAlloc(sizeof(struct InetContext
));
522 context
->event
= CreateEventW(NULL
, FALSE
, FALSE
, NULL
);
525 CryptMemFree(context
);
530 context
->timeout
= dwTimeout
;
531 context
->error
= ERROR_SUCCESS
;
537 static BOOL
CRYPT_DownloadObject(DWORD dwRetrievalFlags
, HINTERNET hHttp
,
538 struct InetContext
*context
, PCRYPT_BLOB_ARRAY pObject
,
539 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
541 CRYPT_DATA_BLOB object
= { 0, NULL
};
542 DWORD bytesAvailable
;
546 if ((ret
= InternetQueryDataAvailable(hHttp
, &bytesAvailable
, 0, 0)))
551 object
.pbData
= CryptMemRealloc(object
.pbData
,
552 object
.cbData
+ bytesAvailable
);
554 object
.pbData
= CryptMemAlloc(bytesAvailable
);
557 INTERNET_BUFFERSA buffer
= { sizeof(buffer
), 0 };
559 buffer
.dwBufferLength
= bytesAvailable
;
560 buffer
.lpvBuffer
= object
.pbData
+ object
.cbData
;
561 if (!(ret
= InternetReadFileExA(hHttp
, &buffer
, IRF_NO_WAIT
,
562 (DWORD_PTR
)context
)))
564 if (GetLastError() == ERROR_IO_PENDING
)
566 if (WaitForSingleObject(context
->event
,
567 context
->timeout
) == WAIT_TIMEOUT
)
568 SetLastError(ERROR_TIMEOUT
);
569 else if (context
->error
)
570 SetLastError(context
->error
);
576 object
.cbData
+= bytesAvailable
;
580 SetLastError(ERROR_OUTOFMEMORY
);
585 else if (GetLastError() == ERROR_IO_PENDING
)
587 if (WaitForSingleObject(context
->event
, context
->timeout
) ==
589 SetLastError(ERROR_TIMEOUT
);
593 } while (ret
&& bytesAvailable
);
596 pObject
->rgBlob
= CryptMemAlloc(sizeof(CRYPT_DATA_BLOB
));
597 if (!pObject
->rgBlob
)
599 CryptMemFree(object
.pbData
);
600 SetLastError(ERROR_OUTOFMEMORY
);
605 pObject
->rgBlob
[0].cbData
= object
.cbData
;
606 pObject
->rgBlob
[0].pbData
= object
.pbData
;
610 TRACE("returning %d\n", ret
);
614 static void CRYPT_CacheURL(LPCWSTR pszURL
, PCRYPT_BLOB_ARRAY pObject
,
615 DWORD dwRetrievalFlags
, FILETIME expires
)
617 WCHAR cacheFileName
[MAX_PATH
];
619 /* FIXME: let wininet directly cache instead */
620 if (CreateUrlCacheEntryW(pszURL
, pObject
->rgBlob
[0].cbData
, NULL
,
623 HANDLE hCacheFile
= CreateFileW(cacheFileName
, GENERIC_WRITE
, 0, NULL
,
624 CREATE_ALWAYS
, FILE_ATTRIBUTE_NORMAL
, NULL
);
626 if (hCacheFile
!= INVALID_HANDLE_VALUE
)
628 DWORD bytesWritten
, entryType
;
631 if (!(dwRetrievalFlags
& CRYPT_STICKY_CACHE_RETRIEVAL
))
632 entryType
= NORMAL_CACHE_ENTRY
;
634 entryType
= STICKY_CACHE_ENTRY
;
635 WriteFile(hCacheFile
, pObject
->rgBlob
[0].pbData
,
636 pObject
->rgBlob
[0].cbData
, &bytesWritten
, NULL
);
637 CloseHandle(hCacheFile
);
638 CommitUrlCacheEntryW(pszURL
, cacheFileName
, expires
, ft
, entryType
,
639 NULL
, 0, NULL
, NULL
);
644 static void CALLBACK
CRYPT_InetStatusCallback(HINTERNET hInt
,
645 DWORD_PTR dwContext
, DWORD status
, void *statusInfo
, DWORD statusInfoLen
)
647 struct InetContext
*context
= (struct InetContext
*)dwContext
;
648 LPINTERNET_ASYNC_RESULT result
;
652 case INTERNET_STATUS_REQUEST_COMPLETE
:
653 result
= (LPINTERNET_ASYNC_RESULT
)statusInfo
;
654 context
->error
= result
->dwError
;
655 SetEvent(context
->event
);
659 static BOOL
CRYPT_Connect(URL_COMPONENTSW
*components
,
660 struct InetContext
*context
, PCRYPT_CREDENTIALS pCredentials
,
661 HINTERNET
*phInt
, HINTERNET
*phHost
)
665 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components
->lpszHostName
),
666 components
->nPort
, context
, pCredentials
, phInt
, phInt
);
669 *phInt
= InternetOpenW(NULL
, INTERNET_OPEN_TYPE_DIRECT
, NULL
, NULL
,
670 context
? INTERNET_FLAG_ASYNC
: 0);
676 InternetSetStatusCallbackW(*phInt
, CRYPT_InetStatusCallback
);
677 switch (components
->nScheme
)
679 case INTERNET_SCHEME_FTP
:
680 service
= INTERNET_SERVICE_FTP
;
682 case INTERNET_SCHEME_HTTP
:
683 service
= INTERNET_SERVICE_HTTP
;
688 /* FIXME: use pCredentials for username/password */
689 *phHost
= InternetConnectW(*phInt
, components
->lpszHostName
,
690 components
->nPort
, NULL
, NULL
, service
, 0, (DWORD_PTR
)context
);
693 InternetCloseHandle(*phInt
);
702 TRACE("returning %d\n", ret
);
706 static BOOL WINAPI
FTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
707 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
708 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
709 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
710 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
712 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
713 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
714 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
717 pObject
->rgBlob
= NULL
;
718 *ppfnFreeObject
= CRYPT_FreeBlob
;
719 *ppvFreeContext
= NULL
;
723 static const WCHAR x509cacert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
724 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
725 static const WCHAR x509emailcert
[] = { 'a','p','p','l','i','c','a','t','i','o',
726 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
728 static const WCHAR x509servercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
729 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
731 static const WCHAR x509usercert
[] = { 'a','p','p','l','i','c','a','t','i','o',
732 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
733 static const WCHAR pkcs7cert
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
734 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
736 static const WCHAR pkixCRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
737 '/','p','k','i','x','-','c','r','l',0 };
738 static const WCHAR pkcs7CRL
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
739 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
740 static const WCHAR pkcs7sig
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
741 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
742 static const WCHAR pkcs7mime
[] = { 'a','p','p','l','i','c','a','t','i','o','n',
743 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
745 static BOOL WINAPI
HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL
,
746 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
747 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
748 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
749 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
753 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
754 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
755 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
758 pObject
->rgBlob
= NULL
;
759 *ppfnFreeObject
= CRYPT_FreeBlob
;
760 *ppvFreeContext
= NULL
;
762 if (!(dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
))
763 ret
= CRYPT_GetObjectFromCache(pszURL
, pObject
, pAuxInfo
);
764 if (!ret
&& (!(dwRetrievalFlags
& CRYPT_CACHE_ONLY_RETRIEVAL
) ||
765 (dwRetrievalFlags
& CRYPT_WIRE_ONLY_RETRIEVAL
)))
767 URL_COMPONENTSW components
;
769 if ((ret
= CRYPT_CrackUrl(pszURL
, &components
)))
771 HINTERNET hInt
, hHost
;
772 struct InetContext
*context
= NULL
;
775 context
= CRYPT_MakeInetContext(dwTimeout
);
776 ret
= CRYPT_Connect(&components
, context
, pCredentials
, &hInt
,
780 static LPCWSTR types
[] = { x509cacert
, x509emailcert
,
781 x509servercert
, x509usercert
, pkcs7cert
, pkixCRL
, pkcs7CRL
,
782 pkcs7sig
, pkcs7mime
, NULL
};
783 HINTERNET hHttp
= HttpOpenRequestW(hHost
, NULL
,
784 components
.lpszUrlPath
, NULL
, NULL
, types
,
785 INTERNET_FLAG_NO_COOKIES
| INTERNET_FLAG_NO_UI
,
792 InternetSetOptionW(hHttp
,
793 INTERNET_OPTION_RECEIVE_TIMEOUT
, &dwTimeout
,
795 InternetSetOptionW(hHttp
, INTERNET_OPTION_SEND_TIMEOUT
,
796 &dwTimeout
, sizeof(dwTimeout
));
798 ret
= HttpSendRequestExW(hHttp
, NULL
, NULL
, 0,
800 if (!ret
&& GetLastError() == ERROR_IO_PENDING
)
802 if (WaitForSingleObject(context
->event
,
803 context
->timeout
) == WAIT_TIMEOUT
)
804 SetLastError(ERROR_TIMEOUT
);
808 /* We don't set ret to TRUE in this block to avoid masking
809 * an error from HttpSendRequestExW.
811 if (!HttpEndRequestW(hHttp
, NULL
, 0, (DWORD_PTR
)context
) &&
812 GetLastError() == ERROR_IO_PENDING
)
814 if (WaitForSingleObject(context
->event
,
815 context
->timeout
) == WAIT_TIMEOUT
)
817 SetLastError(ERROR_TIMEOUT
);
822 ret
= CRYPT_DownloadObject(dwRetrievalFlags
, hHttp
,
823 context
, pObject
, pAuxInfo
);
824 if (ret
&& !(dwRetrievalFlags
& CRYPT_DONT_CACHE_RESULT
))
827 DWORD len
= sizeof(st
);
829 if (HttpQueryInfoW(hHttp
,
830 HTTP_QUERY_EXPIRES
| HTTP_QUERY_FLAG_SYSTEMTIME
, &st
,
835 SystemTimeToFileTime(&st
, &ft
);
836 CRYPT_CacheURL(pszURL
, pObject
, dwRetrievalFlags
,
840 InternetCloseHandle(hHttp
);
842 InternetCloseHandle(hHost
);
843 InternetCloseHandle(hInt
);
847 CloseHandle(context
->event
);
848 CryptMemFree(context
);
850 CryptMemFree(components
.lpszUrlPath
);
851 CryptMemFree(components
.lpszHostName
);
854 TRACE("returning %d\n", ret
);
858 static BOOL WINAPI
File_RetrieveEncodedObjectW(LPCWSTR pszURL
,
859 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
860 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
861 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
862 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
864 URL_COMPONENTSW components
= { sizeof(components
), 0 };
867 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
868 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, pObject
,
869 ppfnFreeObject
, ppvFreeContext
, hAsyncRetrieve
, pCredentials
, pAuxInfo
);
872 pObject
->rgBlob
= NULL
;
873 *ppfnFreeObject
= CRYPT_FreeBlob
;
874 *ppvFreeContext
= NULL
;
876 components
.dwUrlPathLength
= 1;
877 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, &components
);
882 /* 3 == lstrlenW(L"c:") + 1 */
883 path
= CryptMemAlloc((components
.dwUrlPathLength
+ 3) * sizeof(WCHAR
));
888 /* Try to create the file directly - Wine handles / in pathnames */
889 lstrcpynW(path
, components
.lpszUrlPath
,
890 components
.dwUrlPathLength
+ 1);
891 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
, OPEN_EXISTING
,
892 FILE_ATTRIBUTE_NORMAL
, NULL
);
893 if (hFile
== INVALID_HANDLE_VALUE
)
895 /* Try again on the current drive */
896 GetCurrentDirectoryW(components
.dwUrlPathLength
, path
);
899 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
900 components
.dwUrlPathLength
+ 1);
901 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
902 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
904 if (hFile
== INVALID_HANDLE_VALUE
)
906 /* Try again on the Windows drive */
907 GetWindowsDirectoryW(path
, components
.dwUrlPathLength
);
910 lstrcpynW(path
+ 2, components
.lpszUrlPath
,
911 components
.dwUrlPathLength
+ 1);
912 hFile
= CreateFileW(path
, GENERIC_READ
, 0, NULL
,
913 OPEN_EXISTING
, FILE_ATTRIBUTE_NORMAL
, NULL
);
917 if (hFile
!= INVALID_HANDLE_VALUE
)
919 if ((ret
= CRYPT_GetObjectFromFile(hFile
, pObject
)))
921 if (pAuxInfo
&& pAuxInfo
->cbSize
>=
922 offsetof(CRYPT_RETRIEVE_AUX_INFO
,
923 pLastSyncTime
) + sizeof(PFILETIME
) &&
924 pAuxInfo
->pLastSyncTime
)
925 GetFileTime(hFile
, NULL
, NULL
,
926 pAuxInfo
->pLastSyncTime
);
938 typedef BOOL (WINAPI
*SchemeDllRetrieveEncodedObjectW
)(LPCWSTR pwszUrl
,
939 LPCSTR pszObjectOid
, DWORD dwRetrievalFlags
, DWORD dwTimeout
,
940 PCRYPT_BLOB_ARRAY pObject
, PFN_FREE_ENCODED_OBJECT_FUNC
*ppfnFreeObject
,
941 void **ppvFreeContext
, HCRYPTASYNC hAsyncRetrieve
,
942 PCRYPT_CREDENTIALS pCredentials
, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
);
944 static BOOL
CRYPT_GetRetrieveFunction(LPCWSTR pszURL
,
945 SchemeDllRetrieveEncodedObjectW
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
947 URL_COMPONENTSW components
= { sizeof(components
), 0 };
950 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL
), pFunc
, phFunc
);
954 components
.dwSchemeLength
= 1;
955 ret
= InternetCrackUrlW(pszURL
, 0, ICU_DECODE
, &components
);
958 /* Microsoft always uses CryptInitOIDFunctionSet/
959 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
960 * reason to do so for builtin schemes.
962 switch (components
.nScheme
)
964 case INTERNET_SCHEME_FTP
:
965 *pFunc
= FTP_RetrieveEncodedObjectW
;
967 case INTERNET_SCHEME_HTTP
:
968 *pFunc
= HTTP_RetrieveEncodedObjectW
;
970 case INTERNET_SCHEME_FILE
:
971 *pFunc
= File_RetrieveEncodedObjectW
;
975 int len
= WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
976 components
.dwSchemeLength
, NULL
, 0, NULL
, NULL
);
980 LPSTR scheme
= CryptMemAlloc(len
);
984 static HCRYPTOIDFUNCSET set
= NULL
;
987 set
= CryptInitOIDFunctionSet(
988 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC
, 0);
989 WideCharToMultiByte(CP_ACP
, 0, components
.lpszScheme
,
990 components
.dwSchemeLength
, scheme
, len
, NULL
, NULL
);
991 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
,
992 scheme
, 0, (void **)pFunc
, phFunc
);
993 CryptMemFree(scheme
);
997 SetLastError(ERROR_OUTOFMEMORY
);
1006 TRACE("returning %d\n", ret
);
1010 static BOOL WINAPI
CRYPT_CreateBlob(LPCSTR pszObjectOid
,
1011 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1014 CRYPT_BLOB_ARRAY
*context
;
1017 size
= sizeof(CRYPT_BLOB_ARRAY
) + pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1018 for (i
= 0; i
< pObject
->cBlob
; i
++)
1019 size
+= pObject
->rgBlob
[i
].cbData
;
1020 context
= CryptMemAlloc(size
);
1027 (CRYPT_DATA_BLOB
*)((LPBYTE
)context
+ sizeof(CRYPT_BLOB_ARRAY
));
1029 (LPBYTE
)context
->rgBlob
+ pObject
->cBlob
* sizeof(CRYPT_DATA_BLOB
);
1030 for (i
= 0; i
< pObject
->cBlob
; i
++)
1032 memcpy(nextData
, pObject
->rgBlob
[i
].pbData
,
1033 pObject
->rgBlob
[i
].cbData
);
1034 context
->rgBlob
[i
].pbData
= nextData
;
1035 context
->rgBlob
[i
].cbData
= pObject
->rgBlob
[i
].cbData
;
1036 nextData
+= pObject
->rgBlob
[i
].cbData
;
1039 *ppvContext
= context
;
1045 typedef BOOL (WINAPI
*AddContextToStore
)(HCERTSTORE hCertStore
,
1046 const void *pContext
, DWORD dwAddDisposition
, const void **ppStoreContext
);
1048 static BOOL
CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject
,
1049 DWORD dwExpectedContentTypeFlags
, AddContextToStore addFunc
, void **ppvContext
)
1053 if (!pObject
->cBlob
)
1055 SetLastError(ERROR_INVALID_DATA
);
1059 else if (pObject
->cBlob
== 1)
1061 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1062 dwExpectedContentTypeFlags
, CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
,
1063 NULL
, NULL
, NULL
, NULL
, (const void **)ppvContext
))
1065 SetLastError(CRYPT_E_NO_MATCH
);
1071 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1072 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1077 const void *context
;
1079 for (i
= 0; i
< pObject
->cBlob
; i
++)
1081 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1082 &pObject
->rgBlob
[i
], dwExpectedContentTypeFlags
,
1083 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, NULL
, NULL
, NULL
,
1086 if (!addFunc(store
, context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1091 SetLastError(CRYPT_E_NO_MATCH
);
1098 *ppvContext
= store
;
1103 static BOOL WINAPI
CRYPT_CreateCert(LPCSTR pszObjectOid
,
1104 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1106 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CERT
,
1107 (AddContextToStore
)CertAddCertificateContextToStore
, ppvContext
);
1110 static BOOL WINAPI
CRYPT_CreateCRL(LPCSTR pszObjectOid
,
1111 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1113 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CRL
,
1114 (AddContextToStore
)CertAddCRLContextToStore
, ppvContext
);
1117 static BOOL WINAPI
CRYPT_CreateCTL(LPCSTR pszObjectOid
,
1118 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1120 return CRYPT_CreateContext(pObject
, CERT_QUERY_CONTENT_FLAG_CTL
,
1121 (AddContextToStore
)CertAddCTLContextToStore
, ppvContext
);
1124 static BOOL WINAPI
CRYPT_CreatePKCS7(LPCSTR pszObjectOid
,
1125 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1129 if (!pObject
->cBlob
)
1131 SetLastError(ERROR_INVALID_DATA
);
1135 else if (pObject
->cBlob
== 1)
1136 ret
= CryptQueryObject(CERT_QUERY_OBJECT_BLOB
, &pObject
->rgBlob
[0],
1137 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1138 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
, CERT_QUERY_FORMAT_FLAG_BINARY
,
1139 0, NULL
, NULL
, NULL
, (HCERTSTORE
*)ppvContext
, NULL
, NULL
);
1142 FIXME("multiple messages unimplemented\n");
1148 static BOOL WINAPI
CRYPT_CreateAny(LPCSTR pszObjectOid
,
1149 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
)
1153 if (!pObject
->cBlob
)
1155 SetLastError(ERROR_INVALID_DATA
);
1161 HCERTSTORE store
= CertOpenStore(CERT_STORE_PROV_COLLECTION
, 0, 0,
1162 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1166 HCERTSTORE memStore
= CertOpenStore(CERT_STORE_PROV_MEMORY
, 0, 0,
1167 CERT_STORE_CREATE_NEW_FLAG
, NULL
);
1171 CertAddStoreToCollection(store
, memStore
,
1172 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
, 0);
1173 CertCloseStore(memStore
, 0);
1177 CertCloseStore(store
, 0);
1186 for (i
= 0; i
< pObject
->cBlob
; i
++)
1188 DWORD contentType
, expectedContentTypes
=
1189 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED
|
1190 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED
|
1191 CERT_QUERY_CONTENT_FLAG_CERT
|
1192 CERT_QUERY_CONTENT_FLAG_CRL
|
1193 CERT_QUERY_CONTENT_FLAG_CTL
;
1194 HCERTSTORE contextStore
;
1195 const void *context
;
1197 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB
,
1198 &pObject
->rgBlob
[i
], expectedContentTypes
,
1199 CERT_QUERY_FORMAT_FLAG_BINARY
, 0, NULL
, &contentType
, NULL
,
1200 &contextStore
, NULL
, &context
))
1202 switch (contentType
)
1204 case CERT_QUERY_CONTENT_CERT
:
1205 if (!CertAddCertificateContextToStore(store
,
1206 (PCCERT_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1209 case CERT_QUERY_CONTENT_CRL
:
1210 if (!CertAddCRLContextToStore(store
,
1211 (PCCRL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1214 case CERT_QUERY_CONTENT_CTL
:
1215 if (!CertAddCTLContextToStore(store
,
1216 (PCCTL_CONTEXT
)context
, CERT_STORE_ADD_ALWAYS
, NULL
))
1220 CertAddStoreToCollection(store
, contextStore
, 0, 0);
1229 *ppvContext
= store
;
1234 typedef BOOL (WINAPI
*ContextDllCreateObjectContext
)(LPCSTR pszObjectOid
,
1235 DWORD dwRetrievalFlags
, PCRYPT_BLOB_ARRAY pObject
, void **ppvContext
);
1237 static BOOL
CRYPT_GetCreateFunction(LPCSTR pszObjectOid
,
1238 ContextDllCreateObjectContext
*pFunc
, HCRYPTOIDFUNCADDR
*phFunc
)
1242 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid
), pFunc
, phFunc
);
1246 if (!HIWORD(pszObjectOid
))
1248 switch (LOWORD(pszObjectOid
))
1251 *pFunc
= CRYPT_CreateBlob
;
1253 case LOWORD(CONTEXT_OID_CERTIFICATE
):
1254 *pFunc
= CRYPT_CreateCert
;
1256 case LOWORD(CONTEXT_OID_CRL
):
1257 *pFunc
= CRYPT_CreateCRL
;
1259 case LOWORD(CONTEXT_OID_CTL
):
1260 *pFunc
= CRYPT_CreateCTL
;
1262 case LOWORD(CONTEXT_OID_PKCS7
):
1263 *pFunc
= CRYPT_CreatePKCS7
;
1265 case LOWORD(CONTEXT_OID_CAPI2_ANY
):
1266 *pFunc
= CRYPT_CreateAny
;
1272 static HCRYPTOIDFUNCSET set
= NULL
;
1275 set
= CryptInitOIDFunctionSet(
1276 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC
, 0);
1277 ret
= CryptGetOIDFunctionAddress(set
, X509_ASN_ENCODING
, pszObjectOid
,
1278 0, (void **)pFunc
, phFunc
);
1280 TRACE("returning %d\n", ret
);
1284 /***********************************************************************
1285 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1287 BOOL WINAPI
CryptRetrieveObjectByUrlW(LPCWSTR pszURL
, LPCSTR pszObjectOid
,
1288 DWORD dwRetrievalFlags
, DWORD dwTimeout
, LPVOID
*ppvObject
,
1289 HCRYPTASYNC hAsyncRetrieve
, PCRYPT_CREDENTIALS pCredentials
, LPVOID pvVerify
,
1290 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo
)
1293 SchemeDllRetrieveEncodedObjectW retrieve
;
1294 ContextDllCreateObjectContext create
;
1295 HCRYPTOIDFUNCADDR hRetrieve
= 0, hCreate
= 0;
1297 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL
),
1298 debugstr_a(pszObjectOid
), dwRetrievalFlags
, dwTimeout
, ppvObject
,
1299 hAsyncRetrieve
, pCredentials
, pvVerify
, pAuxInfo
);
1303 SetLastError(ERROR_INVALID_PARAMETER
);
1306 ret
= CRYPT_GetRetrieveFunction(pszURL
, &retrieve
, &hRetrieve
);
1308 ret
= CRYPT_GetCreateFunction(pszObjectOid
, &create
, &hCreate
);
1311 CRYPT_BLOB_ARRAY object
= { 0, NULL
};
1312 PFN_FREE_ENCODED_OBJECT_FUNC freeObject
;
1315 ret
= retrieve(pszURL
, pszObjectOid
, dwRetrievalFlags
, dwTimeout
,
1316 &object
, &freeObject
, &freeContext
, hAsyncRetrieve
, pCredentials
,
1320 ret
= create(pszObjectOid
, dwRetrievalFlags
, &object
, ppvObject
);
1321 freeObject(pszObjectOid
, &object
, freeContext
);
1325 CryptFreeOIDFunctionAddress(hCreate
, 0);
1327 CryptFreeOIDFunctionAddress(hRetrieve
, 0);
1328 TRACE("returning %d\n", ret
);
1332 typedef struct _OLD_CERT_REVOCATION_STATUS
{
1337 } OLD_CERT_REVOCATION_STATUS
, *POLD_CERT_REVOCATION_STATUS
;
1339 /***********************************************************************
1340 * CertDllVerifyRevocation (CRYPTNET.@)
1342 BOOL WINAPI
CertDllVerifyRevocation(DWORD dwEncodingType
, DWORD dwRevType
,
1343 DWORD cContext
, PVOID rgpvContext
[], DWORD dwFlags
,
1344 PCERT_REVOCATION_PARA pRevPara
, PCERT_REVOCATION_STATUS pRevStatus
)
1349 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType
, dwRevType
,
1350 cContext
, rgpvContext
, dwFlags
, pRevPara
, pRevStatus
);
1352 if (pRevStatus
->cbSize
!= sizeof(OLD_CERT_REVOCATION_STATUS
) &&
1353 pRevStatus
->cbSize
!= sizeof(CERT_REVOCATION_STATUS
))
1355 SetLastError(E_INVALIDARG
);
1358 memset(&pRevStatus
->dwIndex
, 0, pRevStatus
->cbSize
- sizeof(DWORD
));
1359 if (dwRevType
!= CERT_CONTEXT_REVOCATION_TYPE
)
1361 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1367 for (i
= 0; ret
&& i
< cContext
; i
++)
1371 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1372 rgpvContext
[i
], 0, NULL
, &cbUrlArray
, NULL
, NULL
, NULL
);
1373 if (!ret
&& GetLastError() == CRYPT_E_NOT_FOUND
)
1375 error
= CRYPT_E_NO_REVOCATION_CHECK
;
1376 pRevStatus
->dwIndex
= i
;
1380 CRYPT_URL_ARRAY
*urlArray
= CryptMemAlloc(cbUrlArray
);
1384 DWORD j
, retrievalFlags
= 0, startTime
, endTime
, timeout
;
1386 ret
= CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT
,
1387 rgpvContext
[i
], 0, urlArray
, &cbUrlArray
, NULL
, NULL
,
1389 if (dwFlags
& CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION
)
1390 retrievalFlags
|= CRYPT_CACHE_ONLY_RETRIEVAL
;
1391 if (dwFlags
& CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG
&&
1392 pRevPara
->cbSize
>= offsetof(CERT_REVOCATION_PARA
,
1393 dwUrlRetrievalTimeout
) + sizeof(DWORD
))
1395 startTime
= GetTickCount();
1396 endTime
= startTime
+ pRevPara
->dwUrlRetrievalTimeout
;
1397 timeout
= pRevPara
->dwUrlRetrievalTimeout
;
1400 endTime
= timeout
= 0;
1401 for (j
= 0; ret
&& j
< urlArray
->cUrl
; j
++)
1405 ret
= CryptRetrieveObjectByUrlW(urlArray
->rgwszUrl
[j
],
1406 CONTEXT_OID_CRL
, retrievalFlags
, timeout
,
1407 (void **)&crl
, NULL
, NULL
, NULL
, NULL
);
1410 PCRL_ENTRY entry
= NULL
;
1412 CertFindCertificateInCRL(
1413 (PCCERT_CONTEXT
)rgpvContext
[i
], crl
, 0, NULL
,
1417 error
= CRYPT_E_REVOKED
;
1418 pRevStatus
->dwIndex
= i
;
1423 DWORD time
= GetTickCount();
1425 if ((int)(endTime
- time
) <= 0)
1427 error
= ERROR_TIMEOUT
;
1428 pRevStatus
->dwIndex
= i
;
1432 timeout
= endTime
- time
;
1434 CertFreeCRLContext(crl
);
1437 error
= CRYPT_E_REVOCATION_OFFLINE
;
1439 CryptMemFree(urlArray
);
1443 error
= ERROR_OUTOFMEMORY
;
1444 pRevStatus
->dwIndex
= i
;
1449 pRevStatus
->dwIndex
= i
;
1455 SetLastError(error
);
1456 pRevStatus
->dwError
= error
;
1458 TRACE("returning %d (%08x)\n", ret
, error
);