search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
d3dx8: Add WINAPI to the prototypes of D3DXMatrixTransformation.
[wine/multimedia.git] / dlls / cryptnet / cryptnet_main.c
blob0ad302dd7434938d5efbdf4500268547f9300c38
1 /*
2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 *
19 */
20
21 #include "config.h"
22 #include "wine/port.h"
23 #include <stdio.h>
24
25 #define NONAMELESSUNION
26 #define NONAMELESSSTRUCT
27
28 #include "windef.h"
29 #include "wine/debug.h"
30 #include "winbase.h"
31 #include "winnt.h"
32 #include "winnls.h"
33 #include "wininet.h"
34 #include "objbase.h"
35 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
36 #include "wincrypt.h"
37
38 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet);
39
40 BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
41 {
42 TRACE("(0x%p, %d, %p)\n", hinstDLL, fdwReason, lpvReserved);
43
44 switch (fdwReason) {
45 case DLL_PROCESS_ATTACH:
46 DisableThreadLibraryCalls(hinstDLL);
47 break;
48 case DLL_PROCESS_DETACH:
49 /* Do uninitialisation here */
50 break;
51 default: break;
52 }
53 return TRUE;
54 }
55
56 static const WCHAR cryptNet[] = { 'c','r','y','p','t','n','e','t','.',
57 'd','l','l',0 };
58 static const WCHAR ldapProvOpenStore[] = { 'L','d','a','p','P','r','o','v',
59 'O','p','e','S','t','o','r','e',0 };
60
61 /***********************************************************************
62 * DllRegisterServer (CRYPTNET.@)
63 */
64 HRESULT WINAPI DllRegisterServer(void)
65 {
66 TRACE("\n");
67 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING,
68 CRYPT_OID_VERIFY_REVOCATION_FUNC, 0, cryptNet);
69 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap",
70 cryptNet, "LdapProvOpenStore");
71 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
72 CERT_STORE_PROV_LDAP_W, cryptNet, "LdapProvOpenStore");
73 return S_OK;
74 }
75
76 /***********************************************************************
77 * DllUnregisterServer (CRYPTNET.@)
78 */
79 HRESULT WINAPI DllUnregisterServer(void)
80 {
81 TRACE("\n");
82 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING,
83 CRYPT_OID_VERIFY_REVOCATION_FUNC, cryptNet);
84 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap");
85 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
86 CERT_STORE_PROV_LDAP_W);
87 return S_OK;
88 }
89
90 static const char *url_oid_to_str(LPCSTR oid)
91 {
92 if (HIWORD(oid))
93 return oid;
94 else
95 {
96 static char buf[10];
97
98 switch (LOWORD(oid))
99 {
100 #define _x(oid) case LOWORD(oid): return #oid
101 _x(URL_OID_CERTIFICATE_ISSUER);
102 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT);
103 _x(URL_OID_CTL_ISSUER);
104 _x(URL_OID_CTL_NEXT_UPDATE);
105 _x(URL_OID_CRL_ISSUER);
106 _x(URL_OID_CERTIFICATE_FRESHEST_CRL);
107 _x(URL_OID_CRL_FRESHEST_CRL);
108 _x(URL_OID_CROSS_CERT_DIST_POINT);
109 #undef _x
110 default:
111 snprintf(buf, sizeof(buf), "%d", LOWORD(oid));
112 return buf;
113 }
114 }
115 }
116
117 typedef BOOL (WINAPI *UrlDllGetObjectUrlFunc)(LPCSTR, LPVOID, DWORD,
118 PCRYPT_URL_ARRAY, DWORD *, PCRYPT_URL_INFO, DWORD *, LPVOID);
119
120 static BOOL WINAPI CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid,
121 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
122 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
123 {
124 /* FIXME: This depends on the AIA (authority info access) extension being
125 * supported in crypt32.
126 */
127 FIXME("\n");
128 SetLastError(CRYPT_E_NOT_FOUND);
129 return FALSE;
130 }
131
132 static BOOL WINAPI CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid,
133 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
134 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
135 {
136 PCCERT_CONTEXT cert = (PCCERT_CONTEXT)pvPara;
137 PCERT_EXTENSION ext;
138 BOOL ret = FALSE;
139
140 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
141 if (dwFlags && !(dwFlags & CRYPT_GET_URL_FROM_EXTENSION))
142 {
143 SetLastError(CRYPT_E_NOT_FOUND);
144 return FALSE;
145 }
146 if ((ext = CertFindExtension(szOID_CRL_DIST_POINTS,
147 cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
148 {
149 CRL_DIST_POINTS_INFO *info;
150 DWORD size;
151
152 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CRL_DIST_POINTS,
153 ext->Value.pbData, ext->Value.cbData, CRYPT_DECODE_ALLOC_FLAG, NULL,
154 &info, &size);
155 if (ret)
156 {
157 DWORD i, cUrl, bytesNeeded = sizeof(CRYPT_URL_ARRAY);
158
159 for (i = 0, cUrl = 0; i < info->cDistPoint; i++)
160 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
161 == CRL_DIST_POINT_FULL_NAME)
162 {
163 DWORD j;
164 CERT_ALT_NAME_INFO *name =
165 &info->rgDistPoint[i].DistPointName.u.FullName;
166
167 for (j = 0; j < name->cAltEntry; j++)
168 if (name->rgAltEntry[j].dwAltNameChoice ==
169 CERT_ALT_NAME_URL)
170 {
171 if (name->rgAltEntry[j].u.pwszURL)
172 {
173 cUrl++;
174 bytesNeeded += sizeof(LPWSTR) +
175 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1)
176 * sizeof(WCHAR);
177 }
178 }
179 }
180 if (!pcbUrlArray)
181 {
182 SetLastError(E_INVALIDARG);
183 ret = FALSE;
184 }
185 else if (!pUrlArray)
186 *pcbUrlArray = bytesNeeded;
187 else if (*pcbUrlArray < bytesNeeded)
188 {
189 SetLastError(ERROR_MORE_DATA);
190 *pcbUrlArray = bytesNeeded;
191 ret = FALSE;
192 }
193 else
194 {
195 LPWSTR nextUrl;
196
197 *pcbUrlArray = bytesNeeded;
198 pUrlArray->cUrl = 0;
199 pUrlArray->rgwszUrl =
200 (LPWSTR *)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY));
201 nextUrl = (LPWSTR)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY)
202 + cUrl * sizeof(LPWSTR));
203 for (i = 0; i < info->cDistPoint; i++)
204 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
205 == CRL_DIST_POINT_FULL_NAME)
206 {
207 DWORD j;
208 CERT_ALT_NAME_INFO *name =
209 &info->rgDistPoint[i].DistPointName.u.FullName;
210
211 for (j = 0; j < name->cAltEntry; j++)
212 if (name->rgAltEntry[j].dwAltNameChoice ==
213 CERT_ALT_NAME_URL)
214 {
215 if (name->rgAltEntry[j].u.pwszURL)
216 {
217 lstrcpyW(nextUrl,
218 name->rgAltEntry[j].u.pwszURL);
219 pUrlArray->rgwszUrl[pUrlArray->cUrl++] =
220 nextUrl;
221 nextUrl +=
222 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1)
223 * sizeof(WCHAR);
224 }
225 }
226 }
227 }
228 if (ret)
229 {
230 if (pcbUrlInfo)
231 {
232 FIXME("url info: stub\n");
233 if (!pUrlInfo)
234 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
235 else if (*pcbUrlInfo < sizeof(CRYPT_URL_INFO))
236 {
237 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
238 SetLastError(ERROR_MORE_DATA);
239 ret = FALSE;
240 }
241 else
242 {
243 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
244 memset(pUrlInfo, 0, sizeof(CRYPT_URL_INFO));
245 }
246 }
247 }
248 LocalFree(info);
249 }
250 }
251 else
252 SetLastError(CRYPT_E_NOT_FOUND);
253 return ret;
254 }
255
256 /***********************************************************************
257 * CryptGetObjectUrl (CRYPTNET.@)
258 */
259 BOOL WINAPI CryptGetObjectUrl(LPCSTR pszUrlOid, LPVOID pvPara, DWORD dwFlags,
260 PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray, PCRYPT_URL_INFO pUrlInfo,
261 DWORD *pcbUrlInfo, LPVOID pvReserved)
262 {
263 UrlDllGetObjectUrlFunc func = NULL;
264 HCRYPTOIDFUNCADDR hFunc = NULL;
265 BOOL ret = FALSE;
266
267 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid),
268 pvPara, dwFlags, pUrlArray, pcbUrlArray, pUrlInfo, pcbUrlInfo, pvReserved);
269
270 if (!HIWORD(pszUrlOid))
271 {
272 switch (LOWORD(pszUrlOid))
273 {
274 case LOWORD(URL_OID_CERTIFICATE_ISSUER):
275 func = CRYPT_GetUrlFromCertificateIssuer;
276 break;
277 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT):
278 func = CRYPT_GetUrlFromCertificateCRLDistPoint;
279 break;
280 default:
281 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid));
282 SetLastError(ERROR_FILE_NOT_FOUND);
283 }
284 }
285 else
286 {
287 static HCRYPTOIDFUNCSET set = NULL;
288
289 if (!set)
290 set = CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC, 0);
291 CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszUrlOid, 0,
292 (void **)&func, &hFunc);
293 }
294 if (func)
295 ret = func(pszUrlOid, pvPara, dwFlags, pUrlArray, pcbUrlArray,
296 pUrlInfo, pcbUrlInfo, pvReserved);
297 if (hFunc)
298 CryptFreeOIDFunctionAddress(hFunc, 0);
299 return ret;
300 }
301
302 /***********************************************************************
303 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
304 */
305 BOOL WINAPI CryptRetrieveObjectByUrlA(LPCSTR pszURL, LPCSTR pszObjectOid,
306 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
307 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
308 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
309 {
310 BOOL ret = FALSE;
311 int len;
312
313 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL),
314 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
315 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
316
317 if (!pszURL)
318 {
319 SetLastError(ERROR_INVALID_PARAMETER);
320 return FALSE;
321 }
322 len = MultiByteToWideChar(CP_ACP, 0, pszURL, -1, NULL, 0);
323 if (len)
324 {
325 LPWSTR url = CryptMemAlloc(len * sizeof(WCHAR));
326
327 if (url)
328 {
329 MultiByteToWideChar(CP_ACP, 0, pszURL, -1, url, len);
330 ret = CryptRetrieveObjectByUrlW(url, pszObjectOid,
331 dwRetrievalFlags, dwTimeout, ppvObject, hAsyncRetrieve,
332 pCredentials, pvVerify, pAuxInfo);
333 CryptMemFree(url);
334 }
335 else
336 SetLastError(ERROR_OUTOFMEMORY);
337 }
338 return ret;
339 }
340
341 static void WINAPI CRYPT_FreeBlob(LPCSTR pszObjectOid,
342 PCRYPT_BLOB_ARRAY pObject, void *pvFreeContext)
343 {
344 DWORD i;
345
346 for (i = 0; i < pObject->cBlob; i++)
347 CryptMemFree(pObject->rgBlob[i].pbData);
348 CryptMemFree(pObject->rgBlob);
349 }
350
351 static BOOL CRYPT_GetObjectFromFile(HANDLE hFile, PCRYPT_BLOB_ARRAY pObject)
352 {
353 BOOL ret;
354 LARGE_INTEGER size;
355
356 if ((ret = GetFileSizeEx(hFile, &size)))
357 {
358 if (size.u.HighPart)
359 {
360 WARN("file too big\n");
361 SetLastError(ERROR_INVALID_DATA);
362 ret = FALSE;
363 }
364 else
365 {
366 CRYPT_DATA_BLOB blob;
367
368 blob.pbData = CryptMemAlloc(size.u.LowPart);
369 if (blob.pbData)
370 {
371 blob.cbData = size.u.LowPart;
372 ret = ReadFile(hFile, blob.pbData, size.u.LowPart, &blob.cbData,
373 NULL);
374 if (ret)
375 {
376 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
377 if (pObject->rgBlob)
378 {
379 pObject->cBlob = 1;
380 memcpy(pObject->rgBlob, &blob, sizeof(CRYPT_DATA_BLOB));
381 }
382 else
383 {
384 SetLastError(ERROR_OUTOFMEMORY);
385 ret = FALSE;
386 }
387 }
388 if (!ret)
389 CryptMemFree(blob.pbData);
390 }
391 else
392 {
393 SetLastError(ERROR_OUTOFMEMORY);
394 ret = FALSE;
395 }
396 }
397 }
398 return ret;
399 }
400
401 /* FIXME: should make wininet cache all downloads instead */
402 static BOOL CRYPT_GetObjectFromCache(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
403 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
404 {
405 BOOL ret = FALSE;
406 INTERNET_CACHE_ENTRY_INFOW cacheInfo = { sizeof(cacheInfo), 0 };
407 DWORD size = sizeof(cacheInfo);
408
409 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pObject, pAuxInfo);
410
411 if (GetUrlCacheEntryInfoW(pszURL, &cacheInfo, &size) ||
412 GetLastError() == ERROR_INSUFFICIENT_BUFFER)
413 {
414 FILETIME ft;
415
416 GetSystemTimeAsFileTime(&ft);
417 if (CompareFileTime(&cacheInfo.ExpireTime, &ft) >= 0)
418 {
419 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo = CryptMemAlloc(size);
420
421 if (pCacheInfo)
422 {
423 if (GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size))
424 {
425 HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
426 GENERIC_READ, 0, NULL, OPEN_EXISTING,
427 FILE_ATTRIBUTE_NORMAL, NULL);
428
429 if (hFile != INVALID_HANDLE_VALUE)
430 {
431 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
432 {
433 if (pAuxInfo && pAuxInfo->cbSize >=
434 offsetof(CRYPT_RETRIEVE_AUX_INFO,
435 pLastSyncTime) + sizeof(PFILETIME) &&
436 pAuxInfo->pLastSyncTime)
437 memcpy(pAuxInfo->pLastSyncTime,
438 &pCacheInfo->LastSyncTime,
439 sizeof(FILETIME));
440 }
441 CloseHandle(hFile);
442 }
443 }
444 CryptMemFree(pCacheInfo);
445 }
446 else
447 SetLastError(ERROR_OUTOFMEMORY);
448 }
449 else
450 DeleteUrlCacheEntryW(pszURL);
451 }
452 TRACE("returning %d\n", ret);
453 return ret;
454 }
455
456 static inline LPWSTR strndupW(LPWSTR string, int len)
457 {
458 LPWSTR ret = NULL;
459 if (string && (ret = CryptMemAlloc((len + 1) * sizeof(WCHAR))) != NULL)
460 {
461 memcpy(ret, string, len * sizeof(WCHAR));
462 ret[len] = 0;
463 }
464 return ret;
465 }
466
467 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
468 * to NULL-terminated copies of those portions of the URL (to be freed with
469 * CryptMemFree.)
470 */
471 static BOOL CRYPT_CrackUrl(LPCWSTR pszURL, URL_COMPONENTSW *components)
472 {
473 BOOL ret;
474
475 TRACE("(%s, %p)\n", debugstr_w(pszURL), components);
476
477 memset(components, 0, sizeof(*components));
478 components->dwStructSize = sizeof(*components);
479 components->dwHostNameLength = 1;
480 components->dwUrlPathLength = 1;
481 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, components);
482 if (ret)
483 {
484 LPWSTR hostname = strndupW(components->lpszHostName,
485 components->dwHostNameLength);
486 LPWSTR path = strndupW(components->lpszUrlPath,
487 components->dwUrlPathLength);
488
489 components->lpszHostName = hostname;
490 components->lpszUrlPath = path;
491 switch (components->nScheme)
492 {
493 case INTERNET_SCHEME_FTP:
494 if (!components->nPort)
495 components->nPort = INTERNET_DEFAULT_FTP_PORT;
496 break;
497 case INTERNET_SCHEME_HTTP:
498 if (!components->nPort)
499 components->nPort = INTERNET_DEFAULT_HTTP_PORT;
500 break;
501 default:
502 ; /* do nothing */
503 }
504 }
505 TRACE("returning %d\n", ret);
506 return ret;
507 }
508
509 struct InetContext
510 {
511 HANDLE event;
512 DWORD timeout;
513 DWORD error;
514 };
515
516 static struct InetContext *CRYPT_MakeInetContext(DWORD dwTimeout)
517 {
518 struct InetContext *context = CryptMemAlloc(sizeof(struct InetContext));
519
520 if (context)
521 {
522 context->event = CreateEventW(NULL, FALSE, FALSE, NULL);
523 if (!context->event)
524 {
525 CryptMemFree(context);
526 context = NULL;
527 }
528 else
529 {
530 context->timeout = dwTimeout;
531 context->error = ERROR_SUCCESS;
532 }
533 }
534 return context;
535 }
536
537 static BOOL CRYPT_DownloadObject(DWORD dwRetrievalFlags, HINTERNET hHttp,
538 struct InetContext *context, PCRYPT_BLOB_ARRAY pObject,
539 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
540 {
541 CRYPT_DATA_BLOB object = { 0, NULL };
542 DWORD bytesAvailable;
543 BOOL ret;
544
545 do {
546 if ((ret = InternetQueryDataAvailable(hHttp, &bytesAvailable, 0, 0)))
547 {
548 if (bytesAvailable)
549 {
550 if (object.pbData)
551 object.pbData = CryptMemRealloc(object.pbData,
552 object.cbData + bytesAvailable);
553 else
554 object.pbData = CryptMemAlloc(bytesAvailable);
555 if (object.pbData)
556 {
557 INTERNET_BUFFERSA buffer = { sizeof(buffer), 0 };
558
559 buffer.dwBufferLength = bytesAvailable;
560 buffer.lpvBuffer = object.pbData + object.cbData;
561 if (!(ret = InternetReadFileExA(hHttp, &buffer, IRF_NO_WAIT,
562 (DWORD_PTR)context)))
563 {
564 if (GetLastError() == ERROR_IO_PENDING)
565 {
566 if (WaitForSingleObject(context->event,
567 context->timeout) == WAIT_TIMEOUT)
568 SetLastError(ERROR_TIMEOUT);
569 else if (context->error)
570 SetLastError(context->error);
571 else
572 ret = TRUE;
573 }
574 }
575 if (ret)
576 object.cbData += bytesAvailable;
577 }
578 else
579 {
580 SetLastError(ERROR_OUTOFMEMORY);
581 ret = FALSE;
582 }
583 }
584 }
585 else if (GetLastError() == ERROR_IO_PENDING)
586 {
587 if (WaitForSingleObject(context->event, context->timeout) ==
588 WAIT_TIMEOUT)
589 SetLastError(ERROR_TIMEOUT);
590 else
591 ret = TRUE;
592 }
593 } while (ret && bytesAvailable);
594 if (ret)
595 {
596 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
597 if (!pObject->rgBlob)
598 {
599 CryptMemFree(object.pbData);
600 SetLastError(ERROR_OUTOFMEMORY);
601 ret = FALSE;
602 }
603 else
604 {
605 pObject->rgBlob[0].cbData = object.cbData;
606 pObject->rgBlob[0].pbData = object.pbData;
607 pObject->cBlob = 1;
608 }
609 }
610 TRACE("returning %d\n", ret);
611 return ret;
612 }
613
614 static void CRYPT_CacheURL(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
615 DWORD dwRetrievalFlags, FILETIME expires)
616 {
617 WCHAR cacheFileName[MAX_PATH];
618
619 /* FIXME: let wininet directly cache instead */
620 if (CreateUrlCacheEntryW(pszURL, pObject->rgBlob[0].cbData, NULL,
621 cacheFileName, 0))
622 {
623 HANDLE hCacheFile = CreateFileW(cacheFileName, GENERIC_WRITE, 0, NULL,
624 CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
625
626 if (hCacheFile != INVALID_HANDLE_VALUE)
627 {
628 DWORD bytesWritten, entryType;
629 FILETIME ft = { 0 };
630
631 if (!(dwRetrievalFlags & CRYPT_STICKY_CACHE_RETRIEVAL))
632 entryType = NORMAL_CACHE_ENTRY;
633 else
634 entryType = STICKY_CACHE_ENTRY;
635 WriteFile(hCacheFile, pObject->rgBlob[0].pbData,
636 pObject->rgBlob[0].cbData, &bytesWritten, NULL);
637 CloseHandle(hCacheFile);
638 CommitUrlCacheEntryW(pszURL, cacheFileName, expires, ft, entryType,
639 NULL, 0, NULL, NULL);
640 }
641 }
642 }
643
644 static void CALLBACK CRYPT_InetStatusCallback(HINTERNET hInt,
645 DWORD_PTR dwContext, DWORD status, void *statusInfo, DWORD statusInfoLen)
646 {
647 struct InetContext *context = (struct InetContext *)dwContext;
648 LPINTERNET_ASYNC_RESULT result;
649
650 switch (status)
651 {
652 case INTERNET_STATUS_REQUEST_COMPLETE:
653 result = (LPINTERNET_ASYNC_RESULT)statusInfo;
654 context->error = result->dwError;
655 SetEvent(context->event);
656 }
657 }
658
659 static BOOL CRYPT_Connect(URL_COMPONENTSW *components,
660 struct InetContext *context, PCRYPT_CREDENTIALS pCredentials,
661 HINTERNET *phInt, HINTERNET *phHost)
662 {
663 BOOL ret;
664
665 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components->lpszHostName),
666 components->nPort, context, pCredentials, phInt, phInt);
667
668 *phHost = NULL;
669 *phInt = InternetOpenW(NULL, INTERNET_OPEN_TYPE_DIRECT, NULL, NULL,
670 context ? INTERNET_FLAG_ASYNC : 0);
671 if (*phInt)
672 {
673 DWORD service;
674
675 if (context)
676 InternetSetStatusCallbackW(*phInt, CRYPT_InetStatusCallback);
677 switch (components->nScheme)
678 {
679 case INTERNET_SCHEME_FTP:
680 service = INTERNET_SERVICE_FTP;
681 break;
682 case INTERNET_SCHEME_HTTP:
683 service = INTERNET_SERVICE_HTTP;
684 break;
685 default:
686 service = 0;
687 }
688 /* FIXME: use pCredentials for username/password */
689 *phHost = InternetConnectW(*phInt, components->lpszHostName,
690 components->nPort, NULL, NULL, service, 0, (DWORD_PTR)context);
691 if (!*phHost)
692 {
693 InternetCloseHandle(*phInt);
694 *phInt = NULL;
695 ret = FALSE;
696 }
697 else
698 ret = TRUE;
699 }
700 else
701 ret = FALSE;
702 TRACE("returning %d\n", ret);
703 return ret;
704 }
705
706 static BOOL WINAPI FTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
707 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
708 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
709 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
710 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
711 {
712 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
713 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
714 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
715
716 pObject->cBlob = 0;
717 pObject->rgBlob = NULL;
718 *ppfnFreeObject = CRYPT_FreeBlob;
719 *ppvFreeContext = NULL;
720 return FALSE;
721 }
722
723 static const WCHAR x509cacert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
724 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
725 static const WCHAR x509emailcert[] = { 'a','p','p','l','i','c','a','t','i','o',
726 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
727 0 };
728 static const WCHAR x509servercert[] = { 'a','p','p','l','i','c','a','t','i','o',
729 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
730 't',0 };
731 static const WCHAR x509usercert[] = { 'a','p','p','l','i','c','a','t','i','o',
732 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
733 static const WCHAR pkcs7cert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
734 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
735 's',0 };
736 static const WCHAR pkixCRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
737 '/','p','k','i','x','-','c','r','l',0 };
738 static const WCHAR pkcs7CRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
739 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
740 static const WCHAR pkcs7sig[] = { 'a','p','p','l','i','c','a','t','i','o','n',
741 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
742 static const WCHAR pkcs7mime[] = { 'a','p','p','l','i','c','a','t','i','o','n',
743 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
744
745 static BOOL WINAPI HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
746 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
747 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
748 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
749 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
750 {
751 BOOL ret = FALSE;
752
753 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
754 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
755 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
756
757 pObject->cBlob = 0;
758 pObject->rgBlob = NULL;
759 *ppfnFreeObject = CRYPT_FreeBlob;
760 *ppvFreeContext = NULL;
761
762 if (!(dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL))
763 ret = CRYPT_GetObjectFromCache(pszURL, pObject, pAuxInfo);
764 if (!ret && (!(dwRetrievalFlags & CRYPT_CACHE_ONLY_RETRIEVAL) ||
765 (dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL)))
766 {
767 URL_COMPONENTSW components;
768
769 if ((ret = CRYPT_CrackUrl(pszURL, &components)))
770 {
771 HINTERNET hInt, hHost;
772 struct InetContext *context = NULL;
773
774 if (dwTimeout)
775 context = CRYPT_MakeInetContext(dwTimeout);
776 ret = CRYPT_Connect(&components, context, pCredentials, &hInt,
777 &hHost);
778 if (ret)
779 {
780 static LPCWSTR types[] = { x509cacert, x509emailcert,
781 x509servercert, x509usercert, pkcs7cert, pkixCRL, pkcs7CRL,
782 pkcs7sig, pkcs7mime, NULL };
783 HINTERNET hHttp = HttpOpenRequestW(hHost, NULL,
784 components.lpszUrlPath, NULL, NULL, types,
785 INTERNET_FLAG_NO_COOKIES | INTERNET_FLAG_NO_UI,
786 (DWORD_PTR)context);
787
788 if (hHttp)
789 {
790 if (dwTimeout)
791 {
792 InternetSetOptionW(hHttp,
793 INTERNET_OPTION_RECEIVE_TIMEOUT, &dwTimeout,
794 sizeof(dwTimeout));
795 InternetSetOptionW(hHttp, INTERNET_OPTION_SEND_TIMEOUT,
796 &dwTimeout, sizeof(dwTimeout));
797 }
798 ret = HttpSendRequestExW(hHttp, NULL, NULL, 0,
799 (DWORD_PTR)context);
800 if (!ret && GetLastError() == ERROR_IO_PENDING)
801 {
802 if (WaitForSingleObject(context->event,
803 context->timeout) == WAIT_TIMEOUT)
804 SetLastError(ERROR_TIMEOUT);
805 else
806 ret = TRUE;
807 }
808 /* We don't set ret to TRUE in this block to avoid masking
809 * an error from HttpSendRequestExW.
810 */
811 if (!HttpEndRequestW(hHttp, NULL, 0, (DWORD_PTR)context) &&
812 GetLastError() == ERROR_IO_PENDING)
813 {
814 if (WaitForSingleObject(context->event,
815 context->timeout) == WAIT_TIMEOUT)
816 {
817 SetLastError(ERROR_TIMEOUT);
818 ret = FALSE;
819 }
820 }
821 if (ret)
822 ret = CRYPT_DownloadObject(dwRetrievalFlags, hHttp,
823 context, pObject, pAuxInfo);
824 if (ret && !(dwRetrievalFlags & CRYPT_DONT_CACHE_RESULT))
825 {
826 SYSTEMTIME st;
827 DWORD len = sizeof(st);
828
829 if (HttpQueryInfoW(hHttp,
830 HTTP_QUERY_EXPIRES | HTTP_QUERY_FLAG_SYSTEMTIME, &st,
831 &len, NULL))
832 {
833 FILETIME ft;
834
835 SystemTimeToFileTime(&st, &ft);
836 CRYPT_CacheURL(pszURL, pObject, dwRetrievalFlags,
837 ft);
838 }
839 }
840 InternetCloseHandle(hHttp);
841 }
842 InternetCloseHandle(hHost);
843 InternetCloseHandle(hInt);
844 }
845 if (context)
846 {
847 CloseHandle(context->event);
848 CryptMemFree(context);
849 }
850 CryptMemFree(components.lpszUrlPath);
851 CryptMemFree(components.lpszHostName);
852 }
853 }
854 TRACE("returning %d\n", ret);
855 return ret;
856 }
857
858 static BOOL WINAPI File_RetrieveEncodedObjectW(LPCWSTR pszURL,
859 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
860 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
861 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
862 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
863 {
864 URL_COMPONENTSW components = { sizeof(components), 0 };
865 BOOL ret;
866
867 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
868 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
869 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
870
871 pObject->cBlob = 0;
872 pObject->rgBlob = NULL;
873 *ppfnFreeObject = CRYPT_FreeBlob;
874 *ppvFreeContext = NULL;
875
876 components.dwUrlPathLength = 1;
877 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
878 if (ret)
879 {
880 LPWSTR path;
881
882 /* 3 == lstrlenW(L"c:") + 1 */
883 path = CryptMemAlloc((components.dwUrlPathLength + 3) * sizeof(WCHAR));
884 if (path)
885 {
886 HANDLE hFile;
887
888 /* Try to create the file directly - Wine handles / in pathnames */
889 lstrcpynW(path, components.lpszUrlPath,
890 components.dwUrlPathLength + 1);
891 hFile = CreateFileW(path, GENERIC_READ, 0, NULL, OPEN_EXISTING,
892 FILE_ATTRIBUTE_NORMAL, NULL);
893 if (hFile == INVALID_HANDLE_VALUE)
894 {
895 /* Try again on the current drive */
896 GetCurrentDirectoryW(components.dwUrlPathLength, path);
897 if (path[1] == ':')
898 {
899 lstrcpynW(path + 2, components.lpszUrlPath,
900 components.dwUrlPathLength + 1);
901 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
902 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
903 }
904 if (hFile == INVALID_HANDLE_VALUE)
905 {
906 /* Try again on the Windows drive */
907 GetWindowsDirectoryW(path, components.dwUrlPathLength);
908 if (path[1] == ':')
909 {
910 lstrcpynW(path + 2, components.lpszUrlPath,
911 components.dwUrlPathLength + 1);
912 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
913 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
914 }
915 }
916 }
917 if (hFile != INVALID_HANDLE_VALUE)
918 {
919 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
920 {
921 if (pAuxInfo && pAuxInfo->cbSize >=
922 offsetof(CRYPT_RETRIEVE_AUX_INFO,
923 pLastSyncTime) + sizeof(PFILETIME) &&
924 pAuxInfo->pLastSyncTime)
925 GetFileTime(hFile, NULL, NULL,
926 pAuxInfo->pLastSyncTime);
927 }
928 CloseHandle(hFile);
929 }
930 else
931 ret = FALSE;
932 CryptMemFree(path);
933 }
934 }
935 return ret;
936 }
937
938 typedef BOOL (WINAPI *SchemeDllRetrieveEncodedObjectW)(LPCWSTR pwszUrl,
939 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
940 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
941 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
942 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
943
944 static BOOL CRYPT_GetRetrieveFunction(LPCWSTR pszURL,
945 SchemeDllRetrieveEncodedObjectW *pFunc, HCRYPTOIDFUNCADDR *phFunc)
946 {
947 URL_COMPONENTSW components = { sizeof(components), 0 };
948 BOOL ret;
949
950 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pFunc, phFunc);
951
952 *pFunc = NULL;
953 *phFunc = 0;
954 components.dwSchemeLength = 1;
955 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
956 if (ret)
957 {
958 /* Microsoft always uses CryptInitOIDFunctionSet/
959 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
960 * reason to do so for builtin schemes.
961 */
962 switch (components.nScheme)
963 {
964 case INTERNET_SCHEME_FTP:
965 *pFunc = FTP_RetrieveEncodedObjectW;
966 break;
967 case INTERNET_SCHEME_HTTP:
968 *pFunc = HTTP_RetrieveEncodedObjectW;
969 break;
970 case INTERNET_SCHEME_FILE:
971 *pFunc = File_RetrieveEncodedObjectW;
972 break;
973 default:
974 {
975 int len = WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
976 components.dwSchemeLength, NULL, 0, NULL, NULL);
977
978 if (len)
979 {
980 LPSTR scheme = CryptMemAlloc(len);
981
982 if (scheme)
983 {
984 static HCRYPTOIDFUNCSET set = NULL;
985
986 if (!set)
987 set = CryptInitOIDFunctionSet(
988 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC, 0);
989 WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
990 components.dwSchemeLength, scheme, len, NULL, NULL);
991 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING,
992 scheme, 0, (void **)pFunc, phFunc);
993 CryptMemFree(scheme);
994 }
995 else
996 {
997 SetLastError(ERROR_OUTOFMEMORY);
998 ret = FALSE;
999 }
1000 }
1001 else
1002 ret = FALSE;
1003 }
1004 }
1005 }
1006 TRACE("returning %d\n", ret);
1007 return ret;
1008 }
1009
1010 static BOOL WINAPI CRYPT_CreateBlob(LPCSTR pszObjectOid,
1011 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1012 {
1013 DWORD size, i;
1014 CRYPT_BLOB_ARRAY *context;
1015 BOOL ret = FALSE;
1016
1017 size = sizeof(CRYPT_BLOB_ARRAY) + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1018 for (i = 0; i < pObject->cBlob; i++)
1019 size += pObject->rgBlob[i].cbData;
1020 context = CryptMemAlloc(size);
1021 if (context)
1022 {
1023 LPBYTE nextData;
1024
1025 context->cBlob = 0;
1026 context->rgBlob =
1027 (CRYPT_DATA_BLOB *)((LPBYTE)context + sizeof(CRYPT_BLOB_ARRAY));
1028 nextData =
1029 (LPBYTE)context->rgBlob + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1030 for (i = 0; i < pObject->cBlob; i++)
1031 {
1032 memcpy(nextData, pObject->rgBlob[i].pbData,
1033 pObject->rgBlob[i].cbData);
1034 context->rgBlob[i].pbData = nextData;
1035 context->rgBlob[i].cbData = pObject->rgBlob[i].cbData;
1036 nextData += pObject->rgBlob[i].cbData;
1037 context->cBlob++;
1038 }
1039 *ppvContext = context;
1040 ret = TRUE;
1041 }
1042 return ret;
1043 }
1044
1045 typedef BOOL (WINAPI *AddContextToStore)(HCERTSTORE hCertStore,
1046 const void *pContext, DWORD dwAddDisposition, const void **ppStoreContext);
1047
1048 static BOOL CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject,
1049 DWORD dwExpectedContentTypeFlags, AddContextToStore addFunc, void **ppvContext)
1050 {
1051 BOOL ret = TRUE;
1052
1053 if (!pObject->cBlob)
1054 {
1055 SetLastError(ERROR_INVALID_DATA);
1056 *ppvContext = NULL;
1057 ret = FALSE;
1058 }
1059 else if (pObject->cBlob == 1)
1060 {
1061 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1062 dwExpectedContentTypeFlags, CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL,
1063 NULL, NULL, NULL, NULL, (const void **)ppvContext))
1064 {
1065 SetLastError(CRYPT_E_NO_MATCH);
1066 ret = FALSE;
1067 }
1068 }
1069 else
1070 {
1071 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1072 CERT_STORE_CREATE_NEW_FLAG, NULL);
1073
1074 if (store)
1075 {
1076 DWORD i;
1077 const void *context;
1078
1079 for (i = 0; i < pObject->cBlob; i++)
1080 {
1081 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1082 &pObject->rgBlob[i], dwExpectedContentTypeFlags,
1083 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, NULL, NULL, NULL,
1084 NULL, &context))
1085 {
1086 if (!addFunc(store, context, CERT_STORE_ADD_ALWAYS, NULL))
1087 ret = FALSE;
1088 }
1089 else
1090 {
1091 SetLastError(CRYPT_E_NO_MATCH);
1092 ret = FALSE;
1093 }
1094 }
1095 }
1096 else
1097 ret = FALSE;
1098 *ppvContext = store;
1099 }
1100 return ret;
1101 }
1102
1103 static BOOL WINAPI CRYPT_CreateCert(LPCSTR pszObjectOid,
1104 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1105 {
1106 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CERT,
1107 (AddContextToStore)CertAddCertificateContextToStore, ppvContext);
1108 }
1109
1110 static BOOL WINAPI CRYPT_CreateCRL(LPCSTR pszObjectOid,
1111 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1112 {
1113 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CRL,
1114 (AddContextToStore)CertAddCRLContextToStore, ppvContext);
1115 }
1116
1117 static BOOL WINAPI CRYPT_CreateCTL(LPCSTR pszObjectOid,
1118 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1119 {
1120 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CTL,
1121 (AddContextToStore)CertAddCTLContextToStore, ppvContext);
1122 }
1123
1124 static BOOL WINAPI CRYPT_CreatePKCS7(LPCSTR pszObjectOid,
1125 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1126 {
1127 BOOL ret;
1128
1129 if (!pObject->cBlob)
1130 {
1131 SetLastError(ERROR_INVALID_DATA);
1132 *ppvContext = NULL;
1133 ret = FALSE;
1134 }
1135 else if (pObject->cBlob == 1)
1136 ret = CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1137 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1138 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED, CERT_QUERY_FORMAT_FLAG_BINARY,
1139 0, NULL, NULL, NULL, (HCERTSTORE *)ppvContext, NULL, NULL);
1140 else
1141 {
1142 FIXME("multiple messages unimplemented\n");
1143 ret = FALSE;
1144 }
1145 return ret;
1146 }
1147
1148 static BOOL WINAPI CRYPT_CreateAny(LPCSTR pszObjectOid,
1149 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1150 {
1151 BOOL ret;
1152
1153 if (!pObject->cBlob)
1154 {
1155 SetLastError(ERROR_INVALID_DATA);
1156 *ppvContext = NULL;
1157 ret = FALSE;
1158 }
1159 else
1160 {
1161 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
1162 CERT_STORE_CREATE_NEW_FLAG, NULL);
1163
1164 if (store)
1165 {
1166 HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1167 CERT_STORE_CREATE_NEW_FLAG, NULL);
1168
1169 if (memStore)
1170 {
1171 CertAddStoreToCollection(store, memStore,
1172 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1173 CertCloseStore(memStore, 0);
1174 }
1175 else
1176 {
1177 CertCloseStore(store, 0);
1178 store = NULL;
1179 }
1180 }
1181 if (store)
1182 {
1183 DWORD i;
1184
1185 ret = TRUE;
1186 for (i = 0; i < pObject->cBlob; i++)
1187 {
1188 DWORD contentType, expectedContentTypes =
1189 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1190 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED |
1191 CERT_QUERY_CONTENT_FLAG_CERT |
1192 CERT_QUERY_CONTENT_FLAG_CRL |
1193 CERT_QUERY_CONTENT_FLAG_CTL;
1194 HCERTSTORE contextStore;
1195 const void *context;
1196
1197 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1198 &pObject->rgBlob[i], expectedContentTypes,
1199 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, &contentType, NULL,
1200 &contextStore, NULL, &context))
1201 {
1202 switch (contentType)
1203 {
1204 case CERT_QUERY_CONTENT_CERT:
1205 if (!CertAddCertificateContextToStore(store,
1206 (PCCERT_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1207 ret = FALSE;
1208 break;
1209 case CERT_QUERY_CONTENT_CRL:
1210 if (!CertAddCRLContextToStore(store,
1211 (PCCRL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1212 ret = FALSE;
1213 break;
1214 case CERT_QUERY_CONTENT_CTL:
1215 if (!CertAddCTLContextToStore(store,
1216 (PCCTL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1217 ret = FALSE;
1218 break;
1219 default:
1220 CertAddStoreToCollection(store, contextStore, 0, 0);
1221 }
1222 }
1223 else
1224 ret = FALSE;
1225 }
1226 }
1227 else
1228 ret = FALSE;
1229 *ppvContext = store;
1230 }
1231 return ret;
1232 }
1233
1234 typedef BOOL (WINAPI *ContextDllCreateObjectContext)(LPCSTR pszObjectOid,
1235 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext);
1236
1237 static BOOL CRYPT_GetCreateFunction(LPCSTR pszObjectOid,
1238 ContextDllCreateObjectContext *pFunc, HCRYPTOIDFUNCADDR *phFunc)
1239 {
1240 BOOL ret = TRUE;
1241
1242 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid), pFunc, phFunc);
1243
1244 *pFunc = NULL;
1245 *phFunc = 0;
1246 if (!HIWORD(pszObjectOid))
1247 {
1248 switch (LOWORD(pszObjectOid))
1249 {
1250 case 0:
1251 *pFunc = CRYPT_CreateBlob;
1252 break;
1253 case LOWORD(CONTEXT_OID_CERTIFICATE):
1254 *pFunc = CRYPT_CreateCert;
1255 break;
1256 case LOWORD(CONTEXT_OID_CRL):
1257 *pFunc = CRYPT_CreateCRL;
1258 break;
1259 case LOWORD(CONTEXT_OID_CTL):
1260 *pFunc = CRYPT_CreateCTL;
1261 break;
1262 case LOWORD(CONTEXT_OID_PKCS7):
1263 *pFunc = CRYPT_CreatePKCS7;
1264 break;
1265 case LOWORD(CONTEXT_OID_CAPI2_ANY):
1266 *pFunc = CRYPT_CreateAny;
1267 break;
1268 }
1269 }
1270 if (!*pFunc)
1271 {
1272 static HCRYPTOIDFUNCSET set = NULL;
1273
1274 if (!set)
1275 set = CryptInitOIDFunctionSet(
1276 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC, 0);
1277 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszObjectOid,
1278 0, (void **)pFunc, phFunc);
1279 }
1280 TRACE("returning %d\n", ret);
1281 return ret;
1282 }
1283
1284 /***********************************************************************
1285 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1286 */
1287 BOOL WINAPI CryptRetrieveObjectByUrlW(LPCWSTR pszURL, LPCSTR pszObjectOid,
1288 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
1289 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
1290 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
1291 {
1292 BOOL ret;
1293 SchemeDllRetrieveEncodedObjectW retrieve;
1294 ContextDllCreateObjectContext create;
1295 HCRYPTOIDFUNCADDR hRetrieve = 0, hCreate = 0;
1296
1297 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
1298 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
1299 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
1300
1301 if (!pszURL)
1302 {
1303 SetLastError(ERROR_INVALID_PARAMETER);
1304 return FALSE;
1305 }
1306 ret = CRYPT_GetRetrieveFunction(pszURL, &retrieve, &hRetrieve);
1307 if (ret)
1308 ret = CRYPT_GetCreateFunction(pszObjectOid, &create, &hCreate);
1309 if (ret)
1310 {
1311 CRYPT_BLOB_ARRAY object = { 0, NULL };
1312 PFN_FREE_ENCODED_OBJECT_FUNC freeObject;
1313 void *freeContext;
1314
1315 ret = retrieve(pszURL, pszObjectOid, dwRetrievalFlags, dwTimeout,
1316 &object, &freeObject, &freeContext, hAsyncRetrieve, pCredentials,
1317 pAuxInfo);
1318 if (ret)
1319 {
1320 ret = create(pszObjectOid, dwRetrievalFlags, &object, ppvObject);
1321 freeObject(pszObjectOid, &object, freeContext);
1322 }
1323 }
1324 if (hCreate)
1325 CryptFreeOIDFunctionAddress(hCreate, 0);
1326 if (hRetrieve)
1327 CryptFreeOIDFunctionAddress(hRetrieve, 0);
1328 TRACE("returning %d\n", ret);
1329 return ret;
1330 }
1331
1332 typedef struct _OLD_CERT_REVOCATION_STATUS {
1333 DWORD cbSize;
1334 DWORD dwIndex;
1335 DWORD dwError;
1336 DWORD dwReason;
1337 } OLD_CERT_REVOCATION_STATUS, *POLD_CERT_REVOCATION_STATUS;
1338
1339 /***********************************************************************
1340 * CertDllVerifyRevocation (CRYPTNET.@)
1341 */
1342 BOOL WINAPI CertDllVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType,
1343 DWORD cContext, PVOID rgpvContext[], DWORD dwFlags,
1344 PCERT_REVOCATION_PARA pRevPara, PCERT_REVOCATION_STATUS pRevStatus)
1345 {
1346 DWORD error = 0, i;
1347 BOOL ret;
1348
1349 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType, dwRevType,
1350 cContext, rgpvContext, dwFlags, pRevPara, pRevStatus);
1351
1352 if (pRevStatus->cbSize != sizeof(OLD_CERT_REVOCATION_STATUS) &&
1353 pRevStatus->cbSize != sizeof(CERT_REVOCATION_STATUS))
1354 {
1355 SetLastError(E_INVALIDARG);
1356 return FALSE;
1357 }
1358 memset(&pRevStatus->dwIndex, 0, pRevStatus->cbSize - sizeof(DWORD));
1359 if (dwRevType != CERT_CONTEXT_REVOCATION_TYPE)
1360 {
1361 error = CRYPT_E_NO_REVOCATION_CHECK;
1362 ret = FALSE;
1363 }
1364 else
1365 {
1366 ret = TRUE;
1367 for (i = 0; ret && i < cContext; i++)
1368 {
1369 DWORD cbUrlArray;
1370
1371 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1372 rgpvContext[i], 0, NULL, &cbUrlArray, NULL, NULL, NULL);
1373 if (!ret && GetLastError() == CRYPT_E_NOT_FOUND)
1374 {
1375 error = CRYPT_E_NO_REVOCATION_CHECK;
1376 pRevStatus->dwIndex = i;
1377 }
1378 else if (ret)
1379 {
1380 CRYPT_URL_ARRAY *urlArray = CryptMemAlloc(cbUrlArray);
1381
1382 if (urlArray)
1383 {
1384 DWORD j, retrievalFlags = 0, startTime, endTime, timeout;
1385
1386 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1387 rgpvContext[i], 0, urlArray, &cbUrlArray, NULL, NULL,
1388 NULL);
1389 if (dwFlags & CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION)
1390 retrievalFlags |= CRYPT_CACHE_ONLY_RETRIEVAL;
1391 if (dwFlags & CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG &&
1392 pRevPara->cbSize >= offsetof(CERT_REVOCATION_PARA,
1393 dwUrlRetrievalTimeout) + sizeof(DWORD))
1394 {
1395 startTime = GetTickCount();
1396 endTime = startTime + pRevPara->dwUrlRetrievalTimeout;
1397 timeout = pRevPara->dwUrlRetrievalTimeout;
1398 }
1399 else
1400 endTime = timeout = 0;
1401 for (j = 0; ret && j < urlArray->cUrl; j++)
1402 {
1403 PCCRL_CONTEXT crl;
1404
1405 ret = CryptRetrieveObjectByUrlW(urlArray->rgwszUrl[j],
1406 CONTEXT_OID_CRL, retrievalFlags, timeout,
1407 (void **)&crl, NULL, NULL, NULL, NULL);
1408 if (ret)
1409 {
1410 PCRL_ENTRY entry = NULL;
1411
1412 CertFindCertificateInCRL(
1413 (PCCERT_CONTEXT)rgpvContext[i], crl, 0, NULL,
1414 &entry);
1415 if (entry)
1416 {
1417 error = CRYPT_E_REVOKED;
1418 pRevStatus->dwIndex = i;
1419 ret = FALSE;
1420 }
1421 else if (timeout)
1422 {
1423 DWORD time = GetTickCount();
1424
1425 if ((int)(endTime - time) <= 0)
1426 {
1427 error = ERROR_TIMEOUT;
1428 pRevStatus->dwIndex = i;
1429 ret = FALSE;
1430 }
1431 else
1432 timeout = endTime - time;
1433 }
1434 CertFreeCRLContext(crl);
1435 }
1436 else
1437 error = CRYPT_E_REVOCATION_OFFLINE;
1438 }
1439 CryptMemFree(urlArray);
1440 }
1441 else
1442 {
1443 error = ERROR_OUTOFMEMORY;
1444 pRevStatus->dwIndex = i;
1445 ret = FALSE;
1446 }
1447 }
1448 else
1449 pRevStatus->dwIndex = i;
1450 }
1451 }
1452
1453 if (!ret)
1454 {
1455 SetLastError(error);
1456 pRevStatus->dwError = error;
1457 }
1458 TRACE("returning %d (%08x)\n", ret, error);
1459 return ret;
1460 }
Maarten's multimedia branch