2 * WinTrust Cryptography functions
4 * Copyright 2006 James Hawkins
5 * Copyright 2000-2002 Stuart Caie
6 * Copyright 2002 Patrik Stridvall
7 * Copyright 2003 Greg Turner
8 * Copyright 2008 Juan Lang
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
34 #include "wine/debug.h"
35 #include "wine/unicode.h"
37 WINE_DEFAULT_DEBUG_CHANNEL(wintrust
);
39 #define CATADMIN_MAGIC 0x43415441 /* 'CATA' */
40 #define CRYPTCAT_MAGIC 0x43415443 /* 'CATC' */
41 #define CATINFO_MAGIC 0x43415449 /* 'CATI' */
52 CRYPTCATATTRIBUTE
*attr
;
68 static HCATINFO
create_catinfo(const WCHAR
*filename
)
72 if (!(ci
= HeapAlloc(GetProcessHeap(), 0, sizeof(*ci
))))
74 SetLastError(ERROR_OUTOFMEMORY
);
75 return INVALID_HANDLE_VALUE
;
77 strcpyW(ci
->file
, filename
);
78 ci
->magic
= CATINFO_MAGIC
;
82 /***********************************************************************
83 * CryptCATAdminAcquireContext (WINTRUST.@)
85 * Get a catalog administrator context handle.
88 * catAdmin [O] Pointer to the context handle.
89 * sys [I] Pointer to a GUID for the needed subsystem.
90 * dwFlags [I] Reserved.
93 * Success: TRUE. catAdmin contains the context handle.
97 BOOL WINAPI
CryptCATAdminAcquireContext(HCATADMIN
*catAdmin
,
98 const GUID
*sys
, DWORD dwFlags
)
100 static const WCHAR catroot
[] =
101 {'\\','c','a','t','r','o','o','t',0};
102 static const WCHAR fmt
[] =
103 {'%','s','\\','{','%','0','8','x','-','%','0','4','x','-','%','0',
104 '4','x','-','%','0','2','x','%','0','2','x','-','%','0','2','x',
105 '%','0','2','x','%','0','2','x','%','0','2','x','%','0','2','x',
106 '%','0','2','x','}',0};
107 static const GUID defsys
=
108 {0x127d0a1d,0x4ef2,0x11d1,{0x86,0x08,0x00,0xc0,0x4f,0xc2,0x95,0xee}};
110 WCHAR catroot_dir
[MAX_PATH
];
113 TRACE("%p %s %x\n", catAdmin
, debugstr_guid(sys
), dwFlags
);
117 SetLastError(ERROR_INVALID_PARAMETER
);
120 if (!(ca
= HeapAlloc(GetProcessHeap(), 0, sizeof(*ca
))))
122 SetLastError(ERROR_OUTOFMEMORY
);
126 GetSystemDirectoryW(catroot_dir
, MAX_PATH
);
127 strcatW(catroot_dir
, catroot
);
129 /* create the directory if it doesn't exist */
130 CreateDirectoryW(catroot_dir
, NULL
);
132 if (!sys
) sys
= &defsys
;
133 sprintfW(ca
->path
, fmt
, catroot_dir
, sys
->Data1
, sys
->Data2
,
134 sys
->Data3
, sys
->Data4
[0], sys
->Data4
[1], sys
->Data4
[2],
135 sys
->Data4
[3], sys
->Data4
[4], sys
->Data4
[5], sys
->Data4
[6],
138 /* create the directory if it doesn't exist */
139 CreateDirectoryW(ca
->path
, NULL
);
141 ca
->magic
= CATADMIN_MAGIC
;
148 /***********************************************************************
149 * CryptCATAdminAddCatalog (WINTRUST.@)
151 HCATINFO WINAPI
CryptCATAdminAddCatalog(HCATADMIN catAdmin
, PWSTR catalogFile
,
152 PWSTR selectBaseName
, DWORD flags
)
154 static const WCHAR slashW
[] = {'\\',0};
155 struct catadmin
*ca
= catAdmin
;
160 TRACE("%p %s %s %d\n", catAdmin
, debugstr_w(catalogFile
),
161 debugstr_w(selectBaseName
), flags
);
165 FIXME("NULL basename not handled\n");
166 SetLastError(ERROR_INVALID_PARAMETER
);
169 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
|| !catalogFile
|| flags
)
171 SetLastError(ERROR_INVALID_PARAMETER
);
175 len
= strlenW(ca
->path
) + strlenW(selectBaseName
) + 2;
176 if (!(target
= HeapAlloc(GetProcessHeap(), 0, len
* sizeof(WCHAR
))))
178 SetLastError(ERROR_OUTOFMEMORY
);
181 strcpyW(target
, ca
->path
);
182 strcatW(target
, slashW
);
183 strcatW(target
, selectBaseName
);
185 if (!CopyFileW(catalogFile
, target
, FALSE
))
187 HeapFree(GetProcessHeap(), 0, target
);
190 if (!(ci
= HeapAlloc(GetProcessHeap(), 0, sizeof(*ci
))))
192 HeapFree(GetProcessHeap(), 0, target
);
193 SetLastError(ERROR_OUTOFMEMORY
);
196 ci
->magic
= CATINFO_MAGIC
;
197 strcpyW(ci
->file
, target
);
199 HeapFree(GetProcessHeap(), 0, target
);
203 /***********************************************************************
204 * CryptCATAdminCalcHashFromFileHandle (WINTRUST.@)
206 BOOL WINAPI
CryptCATAdminCalcHashFromFileHandle(HANDLE hFile
, DWORD
* pcbHash
,
207 BYTE
* pbHash
, DWORD dwFlags
)
211 TRACE("%p %p %p %x\n", hFile
, pcbHash
, pbHash
, dwFlags
);
213 if (!hFile
|| !pcbHash
|| dwFlags
)
215 SetLastError(ERROR_INVALID_PARAMETER
);
221 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
233 if (!(buffer
= HeapAlloc(GetProcessHeap(), 0, 4096)))
235 SetLastError(ERROR_OUTOFMEMORY
);
238 ret
= CryptAcquireContextW(&prov
, NULL
, MS_DEF_PROV_W
, PROV_RSA_FULL
, CRYPT_VERIFYCONTEXT
);
241 HeapFree(GetProcessHeap(), 0, buffer
);
244 ret
= CryptCreateHash(prov
, CALG_SHA1
, 0, 0, &hash
);
247 HeapFree(GetProcessHeap(), 0, buffer
);
248 CryptReleaseContext(prov
, 0);
251 while ((ret
= ReadFile(hFile
, buffer
, 4096, &bytes_read
, NULL
)) && bytes_read
)
253 CryptHashData(hash
, buffer
, bytes_read
, 0);
255 if (ret
) ret
= CryptGetHashParam(hash
, HP_HASHVAL
, pbHash
, pcbHash
, 0);
257 HeapFree(GetProcessHeap(), 0, buffer
);
258 CryptDestroyHash(hash
);
259 CryptReleaseContext(prov
, 0);
264 /***********************************************************************
265 * CryptCATAdminEnumCatalogFromHash (WINTRUST.@)
267 HCATINFO WINAPI
CryptCATAdminEnumCatalogFromHash(HCATADMIN hCatAdmin
, BYTE
* pbHash
,
268 DWORD cbHash
, DWORD dwFlags
,
269 HCATINFO
* phPrevCatInfo
)
271 static const WCHAR slashW
[] = {'\\',0};
272 static const WCHAR globW
[] = {'\\','*','.','c','a','t',0};
274 struct catadmin
*ca
= hCatAdmin
;
275 WIN32_FIND_DATAW data
;
276 HCATINFO prev
= NULL
;
281 TRACE("%p %p %d %x %p\n", hCatAdmin
, pbHash
, cbHash
, dwFlags
, phPrevCatInfo
);
283 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
|| !pbHash
|| cbHash
!= 20 || dwFlags
)
285 SetLastError(ERROR_INVALID_PARAMETER
);
288 if (phPrevCatInfo
) prev
= *phPrevCatInfo
;
290 ret
= CryptAcquireContextW(&prov
, NULL
, MS_DEF_PROV_W
, PROV_RSA_FULL
, CRYPT_VERIFYCONTEXT
);
291 if (!ret
) return NULL
;
297 size
= strlenW(ca
->path
) * sizeof(WCHAR
) + sizeof(globW
);
298 if (!(path
= HeapAlloc(GetProcessHeap(), 0, size
)))
300 CryptReleaseContext(prov
, 0);
301 SetLastError(ERROR_OUTOFMEMORY
);
304 strcpyW(path
, ca
->path
);
305 strcatW(path
, globW
);
307 if (ca
->find
) FindClose(ca
->find
);
308 ca
->find
= FindFirstFileW(path
, &data
);
310 HeapFree(GetProcessHeap(), 0, path
);
313 CryptReleaseContext(prov
, 0);
317 else if (!FindNextFileW(ca
->find
, &data
))
319 CryptCATAdminReleaseCatalogContext(hCatAdmin
, prev
, 0);
320 CryptReleaseContext(prov
, 0);
327 CRYPTCATMEMBER
*member
= NULL
;
331 size
= (strlenW(ca
->path
) + strlenW(data
.cFileName
) + 2) * sizeof(WCHAR
);
332 if (!(filename
= HeapAlloc(GetProcessHeap(), 0, size
)))
334 SetLastError(ERROR_OUTOFMEMORY
);
337 strcpyW(filename
, ca
->path
);
338 strcatW(filename
, slashW
);
339 strcatW(filename
, data
.cFileName
);
341 hcat
= CryptCATOpen(filename
, CRYPTCAT_OPEN_EXISTING
, prov
, 0, 0);
342 if (hcat
== INVALID_HANDLE_VALUE
)
344 WARN("couldn't open %s (%u)\n", debugstr_w(filename
), GetLastError());
347 while ((member
= CryptCATEnumerateMember(hcat
, member
)))
349 if (member
->pIndirectData
->Digest
.cbData
!= cbHash
)
351 WARN("amount of hash bytes differs: %u/%u\n", member
->pIndirectData
->Digest
.cbData
, cbHash
);
354 if (!memcmp(member
->pIndirectData
->Digest
.pbData
, pbHash
, cbHash
))
356 TRACE("file %s matches\n", debugstr_w(data
.cFileName
));
359 CryptReleaseContext(prov
, 0);
365 ci
= create_catinfo(filename
);
366 HeapFree(GetProcessHeap(), 0, filename
);
371 HeapFree(GetProcessHeap(), 0, filename
);
373 if (!FindNextFileW(ca
->find
, &data
))
377 CryptReleaseContext(prov
, 0);
384 /***********************************************************************
385 * CryptCATAdminReleaseCatalogContext (WINTRUST.@)
387 * Release a catalog context handle.
390 * hCatAdmin [I] Context handle.
391 * hCatInfo [I] Catalog handle.
392 * dwFlags [I] Reserved.
399 BOOL WINAPI
CryptCATAdminReleaseCatalogContext(HCATADMIN hCatAdmin
,
403 struct catinfo
*ci
= hCatInfo
;
404 struct catadmin
*ca
= hCatAdmin
;
406 TRACE("%p %p %x\n", hCatAdmin
, hCatInfo
, dwFlags
);
408 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
|| !ci
|| ci
->magic
!= CATINFO_MAGIC
)
410 SetLastError(ERROR_INVALID_PARAMETER
);
414 return HeapFree(GetProcessHeap(), 0, ci
);
417 /***********************************************************************
418 * CryptCATAdminReleaseContext (WINTRUST.@)
420 * Release a catalog administrator context handle.
423 * catAdmin [I] Context handle.
424 * dwFlags [I] Reserved.
431 BOOL WINAPI
CryptCATAdminReleaseContext(HCATADMIN hCatAdmin
, DWORD dwFlags
)
433 struct catadmin
*ca
= hCatAdmin
;
435 TRACE("%p %x\n", hCatAdmin
, dwFlags
);
437 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
)
439 SetLastError(ERROR_INVALID_PARAMETER
);
442 if (ca
->find
) FindClose(ca
->find
);
444 return HeapFree(GetProcessHeap(), 0, ca
);
447 /***********************************************************************
448 * CryptCATAdminRemoveCatalog (WINTRUST.@)
450 * Remove a catalog file.
453 * catAdmin [I] Context handle.
454 * pwszCatalogFile [I] Catalog file.
455 * dwFlags [I] Reserved.
462 BOOL WINAPI
CryptCATAdminRemoveCatalog(HCATADMIN hCatAdmin
, LPCWSTR pwszCatalogFile
, DWORD dwFlags
)
464 struct catadmin
*ca
= hCatAdmin
;
466 TRACE("%p %s %x\n", hCatAdmin
, debugstr_w(pwszCatalogFile
), dwFlags
);
468 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
)
470 SetLastError(ERROR_INVALID_PARAMETER
);
473 return DeleteFileW(pwszCatalogFile
);
476 /***********************************************************************
477 * CryptCATClose (WINTRUST.@)
479 BOOL WINAPI
CryptCATClose(HANDLE hCatalog
)
481 struct cryptcat
*cc
= hCatalog
;
483 TRACE("(%p)\n", hCatalog
);
485 if (!hCatalog
|| hCatalog
== INVALID_HANDLE_VALUE
|| cc
->magic
!= CRYPTCAT_MAGIC
)
487 SetLastError(ERROR_INVALID_PARAMETER
);
490 HeapFree(GetProcessHeap(), 0, cc
->attr
);
491 HeapFree(GetProcessHeap(), 0, cc
->inner
);
492 CryptMsgClose(cc
->msg
);
495 HeapFree(GetProcessHeap(), 0, cc
);
499 /***********************************************************************
500 * CryptCATEnumerateMember (WINTRUST.@)
502 CRYPTCATMEMBER
*WINAPI
CryptCATEnumerateMember(HANDLE hCatalog
, CRYPTCATMEMBER
* pPrevMember
)
504 FIXME("(%p, %p) stub\n", hCatalog
, pPrevMember
);
508 static CTL_INFO
*decode_inner_content(HANDLE hmsg
, DWORD encoding
, DWORD
*len
)
513 CTL_INFO
*inner
= NULL
;
515 if (!CryptMsgGetParam(hmsg
, CMSG_INNER_CONTENT_TYPE_PARAM
, 0, NULL
, &size
)) return NULL
;
516 if (!(oid
= HeapAlloc(GetProcessHeap(), 0, size
)))
518 SetLastError(ERROR_OUTOFMEMORY
);
521 if (!CryptMsgGetParam(hmsg
, CMSG_INNER_CONTENT_TYPE_PARAM
, 0, oid
, &size
)) goto out
;
522 if (!CryptMsgGetParam(hmsg
, CMSG_CONTENT_PARAM
, 0, NULL
, &size
)) goto out
;
523 if (!(buffer
= HeapAlloc(GetProcessHeap(), 0, size
)))
525 SetLastError(ERROR_OUTOFMEMORY
);
528 if (!CryptMsgGetParam(hmsg
, CMSG_CONTENT_PARAM
, 0, buffer
, &size
)) goto out
;
529 if (!CryptDecodeObject(encoding
, oid
, buffer
, size
, 0, NULL
, &size
)) goto out
;
530 if (!(inner
= HeapAlloc(GetProcessHeap(), 0, size
)))
532 SetLastError(ERROR_OUTOFMEMORY
);
535 if (!CryptDecodeObject(encoding
, oid
, buffer
, size
, 0, inner
, &size
)) goto out
;
539 HeapFree(GetProcessHeap(), 0, oid
);
540 HeapFree(GetProcessHeap(), 0, buffer
);
544 /***********************************************************************
545 * CryptCATOpen (WINTRUST.@)
547 HANDLE WINAPI
CryptCATOpen(LPWSTR pwszFileName
, DWORD fdwOpenFlags
, HCRYPTPROV hProv
,
548 DWORD dwPublicVersion
, DWORD dwEncodingType
)
552 DWORD size
, flags
= OPEN_EXISTING
;
555 TRACE("%s, %x, %lx, %x, %x\n", debugstr_w(pwszFileName
), fdwOpenFlags
,
556 hProv
, dwPublicVersion
, dwEncodingType
);
560 SetLastError(ERROR_INVALID_PARAMETER
);
561 return INVALID_HANDLE_VALUE
;
564 if (!dwPublicVersion
) dwPublicVersion
= 0x00000100;
565 if (!dwEncodingType
) dwEncodingType
= X509_ASN_ENCODING
| PKCS_7_ASN_ENCODING
;
567 if (fdwOpenFlags
& CRYPTCAT_OPEN_ALWAYS
) flags
|= OPEN_ALWAYS
;
568 if (fdwOpenFlags
& CRYPTCAT_OPEN_CREATENEW
) flags
|= CREATE_NEW
;
570 file
= CreateFileW(pwszFileName
, GENERIC_READ
, FILE_SHARE_READ
, NULL
, flags
, 0, NULL
);
571 if (file
== INVALID_HANDLE_VALUE
) return INVALID_HANDLE_VALUE
;
573 size
= GetFileSize(file
, NULL
);
574 if (!(buffer
= HeapAlloc(GetProcessHeap(), 0, size
)))
577 SetLastError(ERROR_OUTOFMEMORY
);
578 return INVALID_HANDLE_VALUE
;
580 if (!(hmsg
= CryptMsgOpenToDecode(dwEncodingType
, 0, 0, hProv
, NULL
, NULL
)))
583 HeapFree(GetProcessHeap(), 0, buffer
);
584 return INVALID_HANDLE_VALUE
;
586 if (!ReadFile(file
, buffer
, size
, &size
, NULL
) || !CryptMsgUpdate(hmsg
, buffer
, size
, TRUE
))
589 HeapFree(GetProcessHeap(), 0, buffer
);
591 return INVALID_HANDLE_VALUE
;
593 HeapFree(GetProcessHeap(), 0, buffer
);
596 size
= sizeof(DWORD
);
597 if (!(cc
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(*cc
))))
600 SetLastError(ERROR_OUTOFMEMORY
);
601 return INVALID_HANDLE_VALUE
;
605 cc
->encoding
= dwEncodingType
;
606 if (CryptMsgGetParam(hmsg
, CMSG_ATTR_CERT_COUNT_PARAM
, 0, &cc
->attr_count
, &size
))
611 for (i
= 0; i
< cc
->attr_count
; i
++)
613 if (!CryptMsgGetParam(hmsg
, CMSG_ATTR_CERT_PARAM
, i
, NULL
, &size
))
616 return INVALID_HANDLE_VALUE
;
620 if (!(cc
->attr
= HeapAlloc(GetProcessHeap(), 0, sizeof(*cc
->attr
) * cc
->attr_count
+ sum
)))
623 SetLastError(ERROR_OUTOFMEMORY
);
624 return INVALID_HANDLE_VALUE
;
626 p
= (BYTE
*)(cc
->attr
+ cc
->attr_count
);
627 for (i
= 0; i
< cc
->attr_count
; i
++)
629 if (!CryptMsgGetParam(hmsg
, CMSG_ATTR_CERT_PARAM
, i
, NULL
, &size
))
632 HeapFree(GetProcessHeap(), 0, cc
->attr
);
633 return INVALID_HANDLE_VALUE
;
635 if (!CryptMsgGetParam(hmsg
, CMSG_ATTR_CERT_PARAM
, i
, p
, &size
))
638 HeapFree(GetProcessHeap(), 0, cc
->attr
);
639 return INVALID_HANDLE_VALUE
;
643 cc
->inner
= decode_inner_content(hmsg
, dwEncodingType
, &cc
->inner_len
);
644 if (!cc
->inner
|| !CryptSIPRetrieveSubjectGuid(pwszFileName
, NULL
, &cc
->subject
))
647 HeapFree(GetProcessHeap(), 0, cc
->attr
);
648 HeapFree(GetProcessHeap(), 0, cc
->inner
);
649 HeapFree(GetProcessHeap(), 0, cc
);
650 return INVALID_HANDLE_VALUE
;
652 cc
->magic
= CRYPTCAT_MAGIC
;
655 return INVALID_HANDLE_VALUE
;
658 /***********************************************************************
659 * CryptSIPCreateIndirectData (WINTRUST.@)
661 BOOL WINAPI
CryptSIPCreateIndirectData(SIP_SUBJECTINFO
* pSubjectInfo
, DWORD
* pcbIndirectData
,
662 SIP_INDIRECT_DATA
* pIndirectData
)
664 FIXME("(%p %p %p) stub\n", pSubjectInfo
, pcbIndirectData
, pIndirectData
);
669 static BOOL
WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO
*pSubjectInfo
,
670 DWORD
*pdwEncodingType
, DWORD dwIndex
, DWORD
*pcbSignedDataMsg
,
671 BYTE
*pbSignedDataMsg
)
674 WIN_CERTIFICATE
*pCert
= NULL
;
676 TRACE("(%p %p %d %p %p)\n", pSubjectInfo
, pdwEncodingType
, dwIndex
,
677 pcbSignedDataMsg
, pbSignedDataMsg
);
679 if (!pbSignedDataMsg
)
681 WIN_CERTIFICATE cert
;
683 /* app hasn't passed buffer, just get the length */
684 ret
= ImageGetCertificateHeader(pSubjectInfo
->hFile
, dwIndex
, &cert
);
686 *pcbSignedDataMsg
= cert
.dwLength
;
692 ret
= ImageGetCertificateData(pSubjectInfo
->hFile
, dwIndex
, NULL
, &len
);
693 if (GetLastError() != ERROR_INSUFFICIENT_BUFFER
)
695 pCert
= HeapAlloc(GetProcessHeap(), 0, len
);
701 ret
= ImageGetCertificateData(pSubjectInfo
->hFile
, dwIndex
, pCert
,
705 if (*pcbSignedDataMsg
< pCert
->dwLength
)
707 *pcbSignedDataMsg
= pCert
->dwLength
;
708 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
713 memcpy(pbSignedDataMsg
, pCert
->bCertificate
, pCert
->dwLength
);
714 switch (pCert
->wCertificateType
)
716 case WIN_CERT_TYPE_X509
:
717 *pdwEncodingType
= X509_ASN_ENCODING
;
719 case WIN_CERT_TYPE_PKCS_SIGNED_DATA
:
720 *pdwEncodingType
= X509_ASN_ENCODING
| PKCS_7_ASN_ENCODING
;
723 FIXME("don't know what to do for encoding type %d\n",
724 pCert
->wCertificateType
);
725 *pdwEncodingType
= 0;
730 HeapFree(GetProcessHeap(), 0, pCert
);
734 /* structure offsets */
735 #define cfhead_Signature (0x00)
736 #define cfhead_CabinetSize (0x08)
737 #define cfhead_MinorVersion (0x18)
738 #define cfhead_MajorVersion (0x19)
739 #define cfhead_Flags (0x1E)
740 #define cfhead_SIZEOF (0x24)
741 #define cfheadext_HeaderReserved (0x00)
742 #define cfheadext_SIZEOF (0x04)
743 #define cfsigninfo_CertOffset (0x04)
744 #define cfsigninfo_CertSize (0x08)
745 #define cfsigninfo_SIZEOF (0x0C)
748 #define cfheadRESERVE_PRESENT (0x0004)
750 /* endian-neutral reading of little-endian data */
751 #define EndGetI32(a) ((((a)[3])<<24)|(((a)[2])<<16)|(((a)[1])<<8)|((a)[0]))
752 #define EndGetI16(a) ((((a)[1])<<8)|((a)[0]))
754 /* For documentation purposes only: this is the structure in the reserved
755 * area of a signed cabinet file. The cert offset indicates where in the
756 * cabinet file the signature resides, and the count indicates its size.
758 typedef struct _CAB_SIGNINFO
760 WORD unk0
; /* always 0? */
761 WORD unk1
; /* always 0x0010? */
764 } CAB_SIGNINFO
, *PCAB_SIGNINFO
;
766 static BOOL
WINTRUST_GetSignedMsgFromCabFile(SIP_SUBJECTINFO
*pSubjectInfo
,
767 DWORD
*pdwEncodingType
, DWORD dwIndex
, DWORD
*pcbSignedDataMsg
,
768 BYTE
*pbSignedDataMsg
)
771 LONG base_offset
, cabsize
;
774 DWORD cert_offset
, cert_size
, dwRead
;
776 TRACE("(%p %p %d %p %p)\n", pSubjectInfo
, pdwEncodingType
, dwIndex
,
777 pcbSignedDataMsg
, pbSignedDataMsg
);
780 * FIXME: I just noticed that I am memorizing the initial file pointer
781 * offset and restoring it before reading in the rest of the header
782 * information in the cabinet. Perhaps that's correct -- that is, perhaps
783 * this API is supposed to support "streaming" cabinets which are embedded
784 * in other files, or cabinets which begin at file offsets other than zero.
785 * Otherwise, I should instead go to the absolute beginning of the file.
786 * (Either way, the semantics of wine's FDICopy require me to leave the
787 * file pointer where it is afterwards -- If Windows does not do so, we
788 * ought to duplicate the native behavior in the FDIIsCabinet API, not here.
790 * So, the answer lies in Windows; will native cabinet.dll recognize a
791 * cabinet "file" embedded in another file? Note that cabextract.c does
792 * support this, which implies that Microsoft's might. I haven't tried it
793 * yet so I don't know. ATM, most of wine's FDI cabinet routines (except
794 * this one) would not work in this way. To fix it, we could just make the
795 * various references to absolute file positions in the code relative to an
796 * initial "beginning" offset. Because the FDICopy API doesn't take a
797 * file-handle like this one, we would therein need to search through the
798 * file for the beginning of the cabinet (as we also do in cabextract.c).
799 * Note that this limits us to a maximum of one cabinet per. file: the first.
801 * So, in summary: either the code below is wrong, or the rest of fdi.c is
802 * wrong... I cannot imagine that both are correct ;) One of these flaws
803 * should be fixed after determining the behavior on Windows. We ought
804 * to check both FDIIsCabinet and FDICopy for the right behavior.
809 /* get basic offset & size info */
810 base_offset
= SetFilePointer(pSubjectInfo
->hFile
, 0L, NULL
, SEEK_CUR
);
812 if (SetFilePointer(pSubjectInfo
->hFile
, 0, NULL
, SEEK_END
) == INVALID_SET_FILE_POINTER
)
814 TRACE("seek error\n");
818 cabsize
= SetFilePointer(pSubjectInfo
->hFile
, 0L, NULL
, SEEK_CUR
);
819 if ((cabsize
== -1) || (base_offset
== -1) ||
820 (SetFilePointer(pSubjectInfo
->hFile
, base_offset
, NULL
, SEEK_SET
) == INVALID_SET_FILE_POINTER
))
822 TRACE("seek error\n");
826 /* read in the CFHEADER */
827 if (!ReadFile(pSubjectInfo
->hFile
, buf
, cfhead_SIZEOF
, &dwRead
, NULL
) ||
828 dwRead
!= cfhead_SIZEOF
)
830 TRACE("reading header failed\n");
834 /* check basic MSCF signature */
835 if (EndGetI32(buf
+cfhead_Signature
) != 0x4643534d)
837 WARN("cabinet signature not present\n");
841 /* Ignore the number of folders and files and the set and cabinet IDs */
843 /* check the header revision */
844 if ((buf
[cfhead_MajorVersion
] > 1) ||
845 (buf
[cfhead_MajorVersion
] == 1 && buf
[cfhead_MinorVersion
] > 3))
847 WARN("cabinet format version > 1.3\n");
851 /* pull the flags out */
852 flags
= EndGetI16(buf
+cfhead_Flags
);
854 if (!(flags
& cfheadRESERVE_PRESENT
))
856 TRACE("no header present, not signed\n");
860 if (!ReadFile(pSubjectInfo
->hFile
, buf
, cfheadext_SIZEOF
, &dwRead
, NULL
) ||
861 dwRead
!= cfheadext_SIZEOF
)
863 ERR("bunk reserve-sizes?\n");
867 header_resv
= EndGetI16(buf
+cfheadext_HeaderReserved
);
870 TRACE("no header_resv, not signed\n");
873 else if (header_resv
< cfsigninfo_SIZEOF
)
875 TRACE("header_resv too small, not signed\n");
879 if (header_resv
> 60000)
881 WARN("WARNING; header reserved space > 60000\n");
884 if (!ReadFile(pSubjectInfo
->hFile
, buf
, cfsigninfo_SIZEOF
, &dwRead
, NULL
) ||
885 dwRead
!= cfsigninfo_SIZEOF
)
887 ERR("couldn't read reserve\n");
891 cert_offset
= EndGetI32(buf
+cfsigninfo_CertOffset
);
892 TRACE("cert_offset: %d\n", cert_offset
);
893 cert_size
= EndGetI32(buf
+cfsigninfo_CertSize
);
894 TRACE("cert_size: %d\n", cert_size
);
896 /* The redundant checks are to avoid wraparound */
897 if (cert_offset
> cabsize
|| cert_size
> cabsize
||
898 cert_offset
+ cert_size
> cabsize
)
900 WARN("offset beyond file, not attempting to read\n");
904 SetFilePointer(pSubjectInfo
->hFile
, base_offset
, NULL
, SEEK_SET
);
905 if (!pbSignedDataMsg
)
907 *pcbSignedDataMsg
= cert_size
;
910 if (*pcbSignedDataMsg
< cert_size
)
912 *pcbSignedDataMsg
= cert_size
;
913 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
916 if (SetFilePointer(pSubjectInfo
->hFile
, cert_offset
, NULL
, SEEK_SET
) == INVALID_SET_FILE_POINTER
)
918 ERR("couldn't seek to cert location\n");
921 if (!ReadFile(pSubjectInfo
->hFile
, pbSignedDataMsg
, cert_size
, &dwRead
,
922 NULL
) || dwRead
!= cert_size
)
924 ERR("couldn't read cert\n");
927 /* The encoding of the files I've seen appears to be in ASN.1
928 * format, and there isn't a field indicating the type, so assume it
931 *pdwEncodingType
= X509_ASN_ENCODING
| PKCS_7_ASN_ENCODING
;
935 static BOOL
WINTRUST_GetSignedMsgFromCatFile(SIP_SUBJECTINFO
*pSubjectInfo
,
936 DWORD
*pdwEncodingType
, DWORD dwIndex
, DWORD
*pcbSignedDataMsg
,
937 BYTE
*pbSignedDataMsg
)
941 TRACE("(%p %p %d %p %p)\n", pSubjectInfo
, pdwEncodingType
, dwIndex
,
942 pcbSignedDataMsg
, pbSignedDataMsg
);
944 if (!pbSignedDataMsg
)
946 *pcbSignedDataMsg
= GetFileSize(pSubjectInfo
->hFile
, NULL
);
951 DWORD len
= GetFileSize(pSubjectInfo
->hFile
, NULL
);
953 if (*pcbSignedDataMsg
< len
)
955 *pcbSignedDataMsg
= len
;
956 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
961 ret
= ReadFile(pSubjectInfo
->hFile
, pbSignedDataMsg
, len
,
962 pcbSignedDataMsg
, NULL
);
964 *pdwEncodingType
= X509_ASN_ENCODING
| PKCS_7_ASN_ENCODING
;
970 /***********************************************************************
971 * CryptSIPGetSignedDataMsg (WINTRUST.@)
973 BOOL WINAPI
CryptSIPGetSignedDataMsg(SIP_SUBJECTINFO
* pSubjectInfo
, DWORD
* pdwEncodingType
,
974 DWORD dwIndex
, DWORD
* pcbSignedDataMsg
, BYTE
* pbSignedDataMsg
)
976 static const GUID unknown
= { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,
977 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
978 static const GUID cabGUID
= { 0xC689AABA, 0x8E78, 0x11D0, { 0x8C,0x47,
979 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
980 static const GUID catGUID
= { 0xDE351A43, 0x8E59, 0x11D0, { 0x8C,0x47,
981 0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
984 TRACE("(%p %p %d %p %p)\n", pSubjectInfo
, pdwEncodingType
, dwIndex
,
985 pcbSignedDataMsg
, pbSignedDataMsg
);
987 if (!memcmp(pSubjectInfo
->pgSubjectType
, &unknown
, sizeof(unknown
)))
988 ret
= WINTRUST_GetSignedMsgFromPEFile(pSubjectInfo
, pdwEncodingType
,
989 dwIndex
, pcbSignedDataMsg
, pbSignedDataMsg
);
990 else if (!memcmp(pSubjectInfo
->pgSubjectType
, &cabGUID
, sizeof(cabGUID
)))
991 ret
= WINTRUST_GetSignedMsgFromCabFile(pSubjectInfo
, pdwEncodingType
,
992 dwIndex
, pcbSignedDataMsg
, pbSignedDataMsg
);
993 else if (!memcmp(pSubjectInfo
->pgSubjectType
, &catGUID
, sizeof(catGUID
)))
994 ret
= WINTRUST_GetSignedMsgFromCatFile(pSubjectInfo
, pdwEncodingType
,
995 dwIndex
, pcbSignedDataMsg
, pbSignedDataMsg
);
998 FIXME("unimplemented for subject type %s\n",
999 debugstr_guid(pSubjectInfo
->pgSubjectType
));
1003 TRACE("returning %d\n", ret
);
1007 /***********************************************************************
1008 * CryptSIPPutSignedDataMsg (WINTRUST.@)
1010 BOOL WINAPI
CryptSIPPutSignedDataMsg(SIP_SUBJECTINFO
* pSubjectInfo
, DWORD pdwEncodingType
,
1011 DWORD
* pdwIndex
, DWORD cbSignedDataMsg
, BYTE
* pbSignedDataMsg
)
1013 FIXME("(%p %d %p %d %p) stub\n", pSubjectInfo
, pdwEncodingType
, pdwIndex
,
1014 cbSignedDataMsg
, pbSignedDataMsg
);
1019 /***********************************************************************
1020 * CryptSIPRemoveSignedDataMsg (WINTRUST.@)
1022 BOOL WINAPI
CryptSIPRemoveSignedDataMsg(SIP_SUBJECTINFO
* pSubjectInfo
,
1025 FIXME("(%p %d) stub\n", pSubjectInfo
, dwIndex
);
1030 /***********************************************************************
1031 * CryptSIPVerifyIndirectData (WINTRUST.@)
1033 BOOL WINAPI
CryptSIPVerifyIndirectData(SIP_SUBJECTINFO
* pSubjectInfo
,
1034 SIP_INDIRECT_DATA
* pIndirectData
)
1036 FIXME("(%p %p) stub\n", pSubjectInfo
, pIndirectData
);