2 * WinTrust Cryptography functions
4 * Copyright 2006 James Hawkins
5 * Copyright 2000-2002 Stuart Caie
6 * Copyright 2002 Patrik Stridvall
7 * Copyright 2003 Greg Turner
8 * Copyright 2008 Juan Lang
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
35 #include "wine/debug.h"
36 #include "wine/unicode.h"
38 WINE_DEFAULT_DEBUG_CHANNEL(wintrust
);
40 #define CATADMIN_MAGIC 0x43415441 /* 'CATA' */
41 #define CRYPTCAT_MAGIC 0x43415443 /* 'CATC' */
42 #define CATINFO_MAGIC 0x43415449 /* 'CATI' */
53 CRYPTCATATTRIBUTE
*attr
;
69 static HCATINFO
create_catinfo(const WCHAR
*filename
)
73 if (!(ci
= HeapAlloc(GetProcessHeap(), 0, sizeof(*ci
))))
75 SetLastError(ERROR_OUTOFMEMORY
);
76 return INVALID_HANDLE_VALUE
;
78 strcpyW(ci
->file
, filename
);
79 ci
->magic
= CATINFO_MAGIC
;
83 /***********************************************************************
84 * CryptCATAdminAcquireContext (WINTRUST.@)
86 * Get a catalog administrator context handle.
89 * catAdmin [O] Pointer to the context handle.
90 * sys [I] Pointer to a GUID for the needed subsystem.
91 * dwFlags [I] Reserved.
94 * Success: TRUE. catAdmin contains the context handle.
98 BOOL WINAPI
CryptCATAdminAcquireContext(HCATADMIN
*catAdmin
,
99 const GUID
*sys
, DWORD dwFlags
)
101 static const WCHAR catroot
[] =
102 {'\\','c','a','t','r','o','o','t',0};
103 static const WCHAR fmt
[] =
104 {'%','s','\\','{','%','0','8','x','-','%','0','4','x','-','%','0',
105 '4','x','-','%','0','2','x','%','0','2','x','-','%','0','2','x',
106 '%','0','2','x','%','0','2','x','%','0','2','x','%','0','2','x',
107 '%','0','2','x','}',0};
108 static const GUID defsys
=
109 {0x127d0a1d,0x4ef2,0x11d1,{0x86,0x08,0x00,0xc0,0x4f,0xc2,0x95,0xee}};
111 WCHAR catroot_dir
[MAX_PATH
];
114 TRACE("%p %s %x\n", catAdmin
, debugstr_guid(sys
), dwFlags
);
118 SetLastError(ERROR_INVALID_PARAMETER
);
121 if (!(ca
= HeapAlloc(GetProcessHeap(), 0, sizeof(*ca
))))
123 SetLastError(ERROR_OUTOFMEMORY
);
127 GetSystemDirectoryW(catroot_dir
, MAX_PATH
);
128 strcatW(catroot_dir
, catroot
);
130 /* create the directory if it doesn't exist */
131 CreateDirectoryW(catroot_dir
, NULL
);
133 if (!sys
) sys
= &defsys
;
134 sprintfW(ca
->path
, fmt
, catroot_dir
, sys
->Data1
, sys
->Data2
,
135 sys
->Data3
, sys
->Data4
[0], sys
->Data4
[1], sys
->Data4
[2],
136 sys
->Data4
[3], sys
->Data4
[4], sys
->Data4
[5], sys
->Data4
[6],
139 /* create the directory if it doesn't exist */
140 CreateDirectoryW(ca
->path
, NULL
);
142 ca
->magic
= CATADMIN_MAGIC
;
143 ca
->find
= INVALID_HANDLE_VALUE
;
149 /***********************************************************************
150 * CryptCATAdminAddCatalog (WINTRUST.@)
152 HCATINFO WINAPI
CryptCATAdminAddCatalog(HCATADMIN catAdmin
, PWSTR catalogFile
,
153 PWSTR selectBaseName
, DWORD flags
)
155 static const WCHAR slashW
[] = {'\\',0};
156 struct catadmin
*ca
= catAdmin
;
161 TRACE("%p %s %s %d\n", catAdmin
, debugstr_w(catalogFile
),
162 debugstr_w(selectBaseName
), flags
);
166 FIXME("NULL basename not handled\n");
167 SetLastError(ERROR_INVALID_PARAMETER
);
170 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
|| !catalogFile
|| flags
)
172 SetLastError(ERROR_INVALID_PARAMETER
);
176 len
= strlenW(ca
->path
) + strlenW(selectBaseName
) + 2;
177 if (!(target
= HeapAlloc(GetProcessHeap(), 0, len
* sizeof(WCHAR
))))
179 SetLastError(ERROR_OUTOFMEMORY
);
182 strcpyW(target
, ca
->path
);
183 strcatW(target
, slashW
);
184 strcatW(target
, selectBaseName
);
186 if (!CopyFileW(catalogFile
, target
, FALSE
))
188 HeapFree(GetProcessHeap(), 0, target
);
191 SetFileAttributesW(target
, FILE_ATTRIBUTE_SYSTEM
);
193 if (!(ci
= HeapAlloc(GetProcessHeap(), 0, sizeof(*ci
))))
195 HeapFree(GetProcessHeap(), 0, target
);
196 SetLastError(ERROR_OUTOFMEMORY
);
199 ci
->magic
= CATINFO_MAGIC
;
200 strcpyW(ci
->file
, target
);
202 HeapFree(GetProcessHeap(), 0, target
);
206 /***********************************************************************
207 * CryptCATAdminCalcHashFromFileHandle (WINTRUST.@)
209 BOOL WINAPI
CryptCATAdminCalcHashFromFileHandle(HANDLE hFile
, DWORD
* pcbHash
,
210 BYTE
* pbHash
, DWORD dwFlags
)
214 TRACE("%p %p %p %x\n", hFile
, pcbHash
, pbHash
, dwFlags
);
216 if (!hFile
|| !pcbHash
|| dwFlags
)
218 SetLastError(ERROR_INVALID_PARAMETER
);
224 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
236 if (!(buffer
= HeapAlloc(GetProcessHeap(), 0, 4096)))
238 SetLastError(ERROR_OUTOFMEMORY
);
241 ret
= CryptAcquireContextW(&prov
, NULL
, MS_DEF_PROV_W
, PROV_RSA_FULL
, CRYPT_VERIFYCONTEXT
);
244 HeapFree(GetProcessHeap(), 0, buffer
);
247 ret
= CryptCreateHash(prov
, CALG_SHA1
, 0, 0, &hash
);
250 HeapFree(GetProcessHeap(), 0, buffer
);
251 CryptReleaseContext(prov
, 0);
254 while ((ret
= ReadFile(hFile
, buffer
, 4096, &bytes_read
, NULL
)) && bytes_read
)
256 CryptHashData(hash
, buffer
, bytes_read
, 0);
258 if (ret
) ret
= CryptGetHashParam(hash
, HP_HASHVAL
, pbHash
, pcbHash
, 0);
260 HeapFree(GetProcessHeap(), 0, buffer
);
261 CryptDestroyHash(hash
);
262 CryptReleaseContext(prov
, 0);
267 /***********************************************************************
268 * CryptCATAdminEnumCatalogFromHash (WINTRUST.@)
270 HCATINFO WINAPI
CryptCATAdminEnumCatalogFromHash(HCATADMIN hCatAdmin
, BYTE
* pbHash
,
271 DWORD cbHash
, DWORD dwFlags
,
272 HCATINFO
* phPrevCatInfo
)
274 static const WCHAR slashW
[] = {'\\',0};
275 static const WCHAR globW
[] = {'\\','*','.','c','a','t',0};
277 struct catadmin
*ca
= hCatAdmin
;
278 WIN32_FIND_DATAW data
;
279 HCATINFO prev
= NULL
;
284 TRACE("%p %p %d %x %p\n", hCatAdmin
, pbHash
, cbHash
, dwFlags
, phPrevCatInfo
);
286 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
|| !pbHash
|| cbHash
!= 20 || dwFlags
)
288 SetLastError(ERROR_INVALID_PARAMETER
);
291 if (phPrevCatInfo
) prev
= *phPrevCatInfo
;
293 ret
= CryptAcquireContextW(&prov
, NULL
, MS_DEF_PROV_W
, PROV_RSA_FULL
, CRYPT_VERIFYCONTEXT
);
294 if (!ret
) return NULL
;
300 size
= strlenW(ca
->path
) * sizeof(WCHAR
) + sizeof(globW
);
301 if (!(path
= HeapAlloc(GetProcessHeap(), 0, size
)))
303 CryptReleaseContext(prov
, 0);
304 SetLastError(ERROR_OUTOFMEMORY
);
307 strcpyW(path
, ca
->path
);
308 strcatW(path
, globW
);
311 ca
->find
= FindFirstFileW(path
, &data
);
313 HeapFree(GetProcessHeap(), 0, path
);
314 if (ca
->find
== INVALID_HANDLE_VALUE
)
316 CryptReleaseContext(prov
, 0);
320 else if (!FindNextFileW(ca
->find
, &data
))
322 CryptCATAdminReleaseCatalogContext(hCatAdmin
, prev
, 0);
323 CryptReleaseContext(prov
, 0);
330 CRYPTCATMEMBER
*member
= NULL
;
334 size
= (strlenW(ca
->path
) + strlenW(data
.cFileName
) + 2) * sizeof(WCHAR
);
335 if (!(filename
= HeapAlloc(GetProcessHeap(), 0, size
)))
337 SetLastError(ERROR_OUTOFMEMORY
);
340 strcpyW(filename
, ca
->path
);
341 strcatW(filename
, slashW
);
342 strcatW(filename
, data
.cFileName
);
344 hcat
= CryptCATOpen(filename
, CRYPTCAT_OPEN_EXISTING
, prov
, 0, 0);
345 if (hcat
== INVALID_HANDLE_VALUE
)
347 WARN("couldn't open %s (%u)\n", debugstr_w(filename
), GetLastError());
350 while ((member
= CryptCATEnumerateMember(hcat
, member
)))
352 if (member
->pIndirectData
->Digest
.cbData
!= cbHash
)
354 WARN("amount of hash bytes differs: %u/%u\n", member
->pIndirectData
->Digest
.cbData
, cbHash
);
357 if (!memcmp(member
->pIndirectData
->Digest
.pbData
, pbHash
, cbHash
))
359 TRACE("file %s matches\n", debugstr_w(data
.cFileName
));
362 CryptReleaseContext(prov
, 0);
366 ca
->find
= INVALID_HANDLE_VALUE
;
368 ci
= create_catinfo(filename
);
369 HeapFree(GetProcessHeap(), 0, filename
);
374 HeapFree(GetProcessHeap(), 0, filename
);
376 if (!FindNextFileW(ca
->find
, &data
))
379 ca
->find
= INVALID_HANDLE_VALUE
;
380 CryptReleaseContext(prov
, 0);
387 /***********************************************************************
388 * CryptCATAdminReleaseCatalogContext (WINTRUST.@)
390 * Release a catalog context handle.
393 * hCatAdmin [I] Context handle.
394 * hCatInfo [I] Catalog handle.
395 * dwFlags [I] Reserved.
402 BOOL WINAPI
CryptCATAdminReleaseCatalogContext(HCATADMIN hCatAdmin
,
406 struct catinfo
*ci
= hCatInfo
;
407 struct catadmin
*ca
= hCatAdmin
;
409 TRACE("%p %p %x\n", hCatAdmin
, hCatInfo
, dwFlags
);
411 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
|| !ci
|| ci
->magic
!= CATINFO_MAGIC
)
413 SetLastError(ERROR_INVALID_PARAMETER
);
417 return HeapFree(GetProcessHeap(), 0, ci
);
420 /***********************************************************************
421 * CryptCATAdminReleaseContext (WINTRUST.@)
423 * Release a catalog administrator context handle.
426 * catAdmin [I] Context handle.
427 * dwFlags [I] Reserved.
434 BOOL WINAPI
CryptCATAdminReleaseContext(HCATADMIN hCatAdmin
, DWORD dwFlags
)
436 struct catadmin
*ca
= hCatAdmin
;
438 TRACE("%p %x\n", hCatAdmin
, dwFlags
);
440 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
)
442 SetLastError(ERROR_INVALID_PARAMETER
);
445 if (ca
->find
!= INVALID_HANDLE_VALUE
) FindClose(ca
->find
);
447 return HeapFree(GetProcessHeap(), 0, ca
);
450 /***********************************************************************
451 * CryptCATAdminRemoveCatalog (WINTRUST.@)
453 * Remove a catalog file.
456 * catAdmin [I] Context handle.
457 * pwszCatalogFile [I] Catalog file.
458 * dwFlags [I] Reserved.
465 BOOL WINAPI
CryptCATAdminRemoveCatalog(HCATADMIN hCatAdmin
, LPCWSTR pwszCatalogFile
, DWORD dwFlags
)
467 struct catadmin
*ca
= hCatAdmin
;
469 TRACE("%p %s %x\n", hCatAdmin
, debugstr_w(pwszCatalogFile
), dwFlags
);
471 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
)
473 SetLastError(ERROR_INVALID_PARAMETER
);
477 /* Only delete when there is a filename and no path */
478 if (pwszCatalogFile
&& pwszCatalogFile
[0] != 0 &&
479 !strchrW(pwszCatalogFile
, '\\') && !strchrW(pwszCatalogFile
, '/') &&
480 !strchrW(pwszCatalogFile
, ':'))
482 static const WCHAR slashW
[] = {'\\',0};
486 len
= strlenW(ca
->path
) + strlenW(pwszCatalogFile
) + 2;
487 if (!(target
= HeapAlloc(GetProcessHeap(), 0, len
* sizeof(WCHAR
))))
489 SetLastError(ERROR_OUTOFMEMORY
);
492 strcpyW(target
, ca
->path
);
493 strcatW(target
, slashW
);
494 strcatW(target
, pwszCatalogFile
);
498 HeapFree(GetProcessHeap(), 0, target
);
504 /***********************************************************************
505 * CryptCATAdminResolveCatalogPath (WINTRUST.@)
507 BOOL WINAPI
CryptCATAdminResolveCatalogPath(HCATADMIN hcatadmin
, WCHAR
*catalog_file
,
508 CATALOG_INFO
*info
, DWORD flags
)
510 static const WCHAR slashW
[] = {'\\',0};
511 struct catadmin
*ca
= hcatadmin
;
513 TRACE("%p %s %p %x\n", hcatadmin
, debugstr_w(catalog_file
), info
, flags
);
515 if (!ca
|| ca
->magic
!= CATADMIN_MAGIC
|| !info
|| info
->cbStruct
!= sizeof(*info
) || flags
)
517 SetLastError(ERROR_INVALID_PARAMETER
);
520 strcpyW(info
->wszCatalogFile
, ca
->path
);
521 strcatW(info
->wszCatalogFile
, slashW
);
522 strcatW(info
->wszCatalogFile
, catalog_file
);
527 /***********************************************************************
528 * CryptCATClose (WINTRUST.@)
530 BOOL WINAPI
CryptCATClose(HANDLE hCatalog
)
532 struct cryptcat
*cc
= hCatalog
;
534 TRACE("(%p)\n", hCatalog
);
536 if (!hCatalog
|| hCatalog
== INVALID_HANDLE_VALUE
|| cc
->magic
!= CRYPTCAT_MAGIC
)
538 SetLastError(ERROR_INVALID_PARAMETER
);
541 HeapFree(GetProcessHeap(), 0, cc
->attr
);
542 HeapFree(GetProcessHeap(), 0, cc
->inner
);
543 CryptMsgClose(cc
->msg
);
546 HeapFree(GetProcessHeap(), 0, cc
);
550 /***********************************************************************
551 * CryptCATGetAttrInfo (WINTRUST.@)
553 CRYPTCATATTRIBUTE
* WINAPI
CryptCATGetAttrInfo(HANDLE hCatalog
, CRYPTCATMEMBER
*member
, LPWSTR tag
)
555 struct cryptcat
*cc
= hCatalog
;
557 FIXME("%p, %p, %s\n", hCatalog
, member
, debugstr_w(tag
));
559 if (!hCatalog
|| hCatalog
== INVALID_HANDLE_VALUE
|| cc
->magic
!= CRYPTCAT_MAGIC
)
561 SetLastError(ERROR_INVALID_PARAMETER
);
564 SetLastError(CRYPT_E_NOT_FOUND
);
568 /***********************************************************************
569 * CryptCATGetCatAttrInfo (WINTRUST.@)
571 CRYPTCATATTRIBUTE
* WINAPI
CryptCATGetCatAttrInfo(HANDLE hCatalog
, LPWSTR tag
)
573 struct cryptcat
*cc
= hCatalog
;
575 FIXME("%p, %s\n", hCatalog
, debugstr_w(tag
));
577 if (!hCatalog
|| hCatalog
== INVALID_HANDLE_VALUE
|| cc
->magic
!= CRYPTCAT_MAGIC
)
579 SetLastError(ERROR_INVALID_PARAMETER
);
582 SetLastError(CRYPT_E_NOT_FOUND
);
586 CRYPTCATMEMBER
* WINAPI
CryptCATGetMemberInfo(HANDLE hCatalog
, LPWSTR tag
)
588 struct cryptcat
*cc
= hCatalog
;
590 FIXME("%p, %s\n", hCatalog
, debugstr_w(tag
));
592 if (!hCatalog
|| hCatalog
== INVALID_HANDLE_VALUE
|| cc
->magic
!= CRYPTCAT_MAGIC
)
594 SetLastError(ERROR_INVALID_PARAMETER
);
597 SetLastError(CRYPT_E_NOT_FOUND
);
601 /***********************************************************************
602 * CryptCATEnumerateAttr (WINTRUST.@)
604 CRYPTCATATTRIBUTE
* WINAPI
CryptCATEnumerateAttr(HANDLE hCatalog
, CRYPTCATMEMBER
*member
, CRYPTCATATTRIBUTE
*prev
)
606 struct cryptcat
*cc
= hCatalog
;
608 FIXME("%p, %p, %p\n", hCatalog
, member
, prev
);
610 if (!hCatalog
|| hCatalog
== INVALID_HANDLE_VALUE
|| cc
->magic
!= CRYPTCAT_MAGIC
)
612 SetLastError(ERROR_INVALID_PARAMETER
);
615 SetLastError(CRYPT_E_NOT_FOUND
);
619 /***********************************************************************
620 * CryptCATEnumerateCatAttr (WINTRUST.@)
622 CRYPTCATATTRIBUTE
* WINAPI
CryptCATEnumerateCatAttr(HANDLE hCatalog
, CRYPTCATATTRIBUTE
*prev
)
624 struct cryptcat
*cc
= hCatalog
;
626 FIXME("%p, %p\n", hCatalog
, prev
);
628 if (!hCatalog
|| hCatalog
== INVALID_HANDLE_VALUE
|| cc
->magic
!= CRYPTCAT_MAGIC
)
630 SetLastError(ERROR_INVALID_PARAMETER
);
633 SetLastError(CRYPT_E_NOT_FOUND
);
637 /***********************************************************************
638 * CryptCATEnumerateMember (WINTRUST.@)
640 CRYPTCATMEMBER
* WINAPI
CryptCATEnumerateMember(HANDLE hCatalog
, CRYPTCATMEMBER
*prev
)
642 struct cryptcat
*cc
= hCatalog
;
643 CRYPTCATMEMBER
*member
= prev
;
647 TRACE("%p, %p\n", hCatalog
, prev
);
649 if (!hCatalog
|| hCatalog
== INVALID_HANDLE_VALUE
|| cc
->magic
!= CRYPTCAT_MAGIC
)
651 SetLastError(ERROR_INVALID_PARAMETER
);
655 /* dumping the contents makes me think that dwReserved is the iteration number */
658 if (!(member
= HeapAlloc(GetProcessHeap(), 0, sizeof(*member
))))
660 SetLastError(ERROR_OUTOFMEMORY
);
663 member
->cbStruct
= sizeof(*member
);
664 member
->pwszFileName
= member
->pwszReferenceTag
= NULL
;
665 member
->dwReserved
= 0;
666 member
->hReserved
= NULL
;
667 member
->gSubjectType
= cc
->subject
;
668 member
->fdwMemberFlags
= 0;
669 member
->pIndirectData
= NULL
;
670 member
->dwCertVersion
= cc
->inner
->dwVersion
;
672 else member
->dwReserved
++;
674 if (member
->dwReserved
>= cc
->inner
->cCTLEntry
)
676 SetLastError(ERROR_INVALID_PARAMETER
);
680 /* list them backwards, like native */
681 entry
= &cc
->inner
->rgCTLEntry
[cc
->inner
->cCTLEntry
- member
->dwReserved
- 1];
683 member
->sEncodedIndirectData
.cbData
= member
->sEncodedMemberInfo
.cbData
= 0;
684 member
->sEncodedIndirectData
.pbData
= member
->sEncodedMemberInfo
.pbData
= NULL
;
685 HeapFree(GetProcessHeap(), 0, member
->pIndirectData
);
686 member
->pIndirectData
= NULL
;
688 for (i
= 0; i
< entry
->cAttribute
; i
++)
690 CRYPT_ATTRIBUTE
*attr
= entry
->rgAttribute
+ i
;
692 if (attr
->cValue
!= 1)
694 ERR("Can't handle attr->cValue of %u\n", attr
->cValue
);
697 if (!strcmp(attr
->pszObjId
, CAT_MEMBERINFO_OBJID
))
702 member
->sEncodedMemberInfo
.cbData
= attr
->rgValue
->cbData
;
703 member
->sEncodedMemberInfo
.pbData
= attr
->rgValue
->pbData
;
705 CryptDecodeObject(cc
->encoding
, CAT_MEMBERINFO_OBJID
, attr
->rgValue
->pbData
, attr
->rgValue
->cbData
, 0, NULL
, &size
);
707 if (!(mi
= HeapAlloc(GetProcessHeap(), 0, size
)))
709 SetLastError(ERROR_OUTOFMEMORY
);
712 ret
= CryptDecodeObject(cc
->encoding
, CAT_MEMBERINFO_OBJID
, attr
->rgValue
->pbData
, attr
->rgValue
->cbData
, 0, mi
, &size
);
717 member
->dwCertVersion
= mi
->dwCertVersion
;
718 RtlInitUnicodeString(&guid
, mi
->pwszSubjGuid
);
719 if (RtlGUIDFromString(&guid
, &member
->gSubjectType
))
721 HeapFree(GetProcessHeap(), 0, mi
);
725 HeapFree(GetProcessHeap(), 0, mi
);
726 if (!ret
) goto error
;
728 else if (!strcmp(attr
->pszObjId
, SPC_INDIRECT_DATA_OBJID
))
730 /* SPC_INDIRECT_DATA_CONTENT is equal to SIP_INDIRECT_DATA */
732 member
->sEncodedIndirectData
.cbData
= attr
->rgValue
->cbData
;
733 member
->sEncodedIndirectData
.pbData
= attr
->rgValue
->pbData
;
735 CryptDecodeObject(cc
->encoding
, SPC_INDIRECT_DATA_OBJID
, attr
->rgValue
->pbData
, attr
->rgValue
->cbData
, 0, NULL
, &size
);
737 if (!(member
->pIndirectData
= HeapAlloc(GetProcessHeap(), 0, size
)))
739 SetLastError(ERROR_OUTOFMEMORY
);
742 CryptDecodeObject(cc
->encoding
, SPC_INDIRECT_DATA_OBJID
, attr
->rgValue
->pbData
, attr
->rgValue
->cbData
, 0, member
->pIndirectData
, &size
);
745 /* this object id should probably be handled in CryptCATEnumerateAttr */
746 FIXME("unhandled object id \"%s\"\n", attr
->pszObjId
);
749 if (!member
->sEncodedMemberInfo
.cbData
|| !member
->sEncodedIndirectData
.cbData
)
751 ERR("Corrupted catalog entry?\n");
752 SetLastError(CRYPT_E_ATTRIBUTES_MISSING
);
755 size
= (2 * member
->pIndirectData
->Digest
.cbData
+ 1) * sizeof(WCHAR
);
756 if (member
->pwszReferenceTag
)
757 member
->pwszReferenceTag
= HeapReAlloc(GetProcessHeap(), 0, member
->pwszReferenceTag
, size
);
759 member
->pwszReferenceTag
= HeapAlloc(GetProcessHeap(), 0, size
);
761 if (!member
->pwszReferenceTag
)
763 SetLastError(ERROR_OUTOFMEMORY
);
766 /* FIXME: reference tag is usually the file hash but doesn't have to be */
767 for (i
= 0; i
< member
->pIndirectData
->Digest
.cbData
; i
++)
771 sub
= member
->pIndirectData
->Digest
.pbData
[i
] >> 4;
772 member
->pwszReferenceTag
[i
* 2] = (sub
< 10 ? '0' + sub
: 'A' + sub
- 10);
773 sub
= member
->pIndirectData
->Digest
.pbData
[i
] & 0xf;
774 member
->pwszReferenceTag
[i
* 2 + 1] = (sub
< 10 ? '0' + sub
: 'A' + sub
- 10);
776 member
->pwszReferenceTag
[i
* 2] = 0;
780 HeapFree(GetProcessHeap(), 0, member
->pIndirectData
);
781 HeapFree(GetProcessHeap(), 0, member
->pwszReferenceTag
);
782 HeapFree(GetProcessHeap(), 0, member
);
786 static CTL_INFO
*decode_inner_content(HANDLE hmsg
, DWORD encoding
, DWORD
*len
)
791 CTL_INFO
*inner
= NULL
;
793 if (!CryptMsgGetParam(hmsg
, CMSG_INNER_CONTENT_TYPE_PARAM
, 0, NULL
, &size
)) return NULL
;
794 if (!(oid
= HeapAlloc(GetProcessHeap(), 0, size
)))
796 SetLastError(ERROR_OUTOFMEMORY
);
799 if (!CryptMsgGetParam(hmsg
, CMSG_INNER_CONTENT_TYPE_PARAM
, 0, oid
, &size
)) goto out
;
800 if (!CryptMsgGetParam(hmsg
, CMSG_CONTENT_PARAM
, 0, NULL
, &size
)) goto out
;
801 if (!(buffer
= HeapAlloc(GetProcessHeap(), 0, size
)))
803 SetLastError(ERROR_OUTOFMEMORY
);
806 if (!CryptMsgGetParam(hmsg
, CMSG_CONTENT_PARAM
, 0, buffer
, &size
)) goto out
;
807 if (!CryptDecodeObject(encoding
, oid
, buffer
, size
, 0, NULL
, &size
)) goto out
;
808 if (!(inner
= HeapAlloc(GetProcessHeap(), 0, size
)))
810 SetLastError(ERROR_OUTOFMEMORY
);
813 if (!CryptDecodeObject(encoding
, oid
, buffer
, size
, 0, inner
, &size
)) goto out
;
817 HeapFree(GetProcessHeap(), 0, oid
);
818 HeapFree(GetProcessHeap(), 0, buffer
);
822 /***********************************************************************
823 * CryptCATCatalogInfoFromContext (WINTRUST.@)
825 BOOL WINAPI
CryptCATCatalogInfoFromContext(HCATINFO hcatinfo
, CATALOG_INFO
*info
, DWORD flags
)
827 struct catinfo
*ci
= hcatinfo
;
829 TRACE("%p, %p, %x\n", hcatinfo
, info
, flags
);
831 if (!hcatinfo
|| hcatinfo
== INVALID_HANDLE_VALUE
|| ci
->magic
!= CATINFO_MAGIC
||
832 flags
|| !info
|| info
->cbStruct
!= sizeof(*info
))
834 SetLastError(ERROR_INVALID_PARAMETER
);
837 strcpyW(info
->wszCatalogFile
, ci
->file
);
841 /***********************************************************************
842 * CryptCATOpen (WINTRUST.@)
844 HANDLE WINAPI
CryptCATOpen(LPWSTR pwszFileName
, DWORD fdwOpenFlags
, HCRYPTPROV hProv
,
845 DWORD dwPublicVersion
, DWORD dwEncodingType
)
849 DWORD size
, flags
= OPEN_EXISTING
;
852 TRACE("%s, %x, %lx, %x, %x\n", debugstr_w(pwszFileName
), fdwOpenFlags
,
853 hProv
, dwPublicVersion
, dwEncodingType
);
857 SetLastError(ERROR_INVALID_PARAMETER
);
858 return INVALID_HANDLE_VALUE
;
861 if (!dwPublicVersion
) dwPublicVersion
= 0x00000100;
862 if (!dwEncodingType
) dwEncodingType
= X509_ASN_ENCODING
| PKCS_7_ASN_ENCODING
;
864 if (fdwOpenFlags
& CRYPTCAT_OPEN_ALWAYS
) flags
|= OPEN_ALWAYS
;
865 if (fdwOpenFlags
& CRYPTCAT_OPEN_CREATENEW
) flags
|= CREATE_NEW
;
867 file
= CreateFileW(pwszFileName
, GENERIC_READ
, FILE_SHARE_READ
, NULL
, flags
, 0, NULL
);
868 if (file
== INVALID_HANDLE_VALUE
) return INVALID_HANDLE_VALUE
;
870 size
= GetFileSize(file
, NULL
);
871 if (!(buffer
= HeapAlloc(GetProcessHeap(), 0, size
)))
874 SetLastError(ERROR_OUTOFMEMORY
);
875 return INVALID_HANDLE_VALUE
;
877 if (!(hmsg
= CryptMsgOpenToDecode(dwEncodingType
, 0, 0, hProv
, NULL
, NULL
)))
880 HeapFree(GetProcessHeap(), 0, buffer
);
881 return INVALID_HANDLE_VALUE
;
883 if (!ReadFile(file
, buffer
, size
, &size
, NULL
) || !CryptMsgUpdate(hmsg
, buffer
, size
, TRUE
))
886 HeapFree(GetProcessHeap(), 0, buffer
);
888 return INVALID_HANDLE_VALUE
;
890 HeapFree(GetProcessHeap(), 0, buffer
);
893 size
= sizeof(DWORD
);
894 if (!(cc
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(*cc
))))
897 SetLastError(ERROR_OUTOFMEMORY
);
898 return INVALID_HANDLE_VALUE
;
902 cc
->encoding
= dwEncodingType
;
903 if (CryptMsgGetParam(hmsg
, CMSG_ATTR_CERT_COUNT_PARAM
, 0, &cc
->attr_count
, &size
))
908 for (i
= 0; i
< cc
->attr_count
; i
++)
910 if (!CryptMsgGetParam(hmsg
, CMSG_ATTR_CERT_PARAM
, i
, NULL
, &size
))
913 return INVALID_HANDLE_VALUE
;
917 if (!(cc
->attr
= HeapAlloc(GetProcessHeap(), 0, sizeof(*cc
->attr
) * cc
->attr_count
+ sum
)))
920 SetLastError(ERROR_OUTOFMEMORY
);
921 return INVALID_HANDLE_VALUE
;
923 p
= (BYTE
*)(cc
->attr
+ cc
->attr_count
);
924 for (i
= 0; i
< cc
->attr_count
; i
++)
926 if (!CryptMsgGetParam(hmsg
, CMSG_ATTR_CERT_PARAM
, i
, NULL
, &size
))
929 HeapFree(GetProcessHeap(), 0, cc
->attr
);
930 return INVALID_HANDLE_VALUE
;
932 if (!CryptMsgGetParam(hmsg
, CMSG_ATTR_CERT_PARAM
, i
, p
, &size
))
935 HeapFree(GetProcessHeap(), 0, cc
->attr
);
936 return INVALID_HANDLE_VALUE
;
940 cc
->inner
= decode_inner_content(hmsg
, dwEncodingType
, &cc
->inner_len
);
941 if (!cc
->inner
|| !CryptSIPRetrieveSubjectGuid(pwszFileName
, NULL
, &cc
->subject
))
944 HeapFree(GetProcessHeap(), 0, cc
->attr
);
945 HeapFree(GetProcessHeap(), 0, cc
->inner
);
946 HeapFree(GetProcessHeap(), 0, cc
);
947 return INVALID_HANDLE_VALUE
;
949 cc
->magic
= CRYPTCAT_MAGIC
;
952 return INVALID_HANDLE_VALUE
;
955 /***********************************************************************
956 * CryptSIPCreateIndirectData (WINTRUST.@)
958 BOOL WINAPI
CryptSIPCreateIndirectData(SIP_SUBJECTINFO
* pSubjectInfo
, DWORD
* pcbIndirectData
,
959 SIP_INDIRECT_DATA
* pIndirectData
)
961 FIXME("(%p %p %p) stub\n", pSubjectInfo
, pcbIndirectData
, pIndirectData
);
967 /***********************************************************************
968 * CryptCATCDFClose (WINTRUST.@)
970 BOOL WINAPI
CryptCATCDFClose(CRYPTCATCDF
*pCDF
)
972 FIXME("(%p) stub\n", pCDF
);
977 /***********************************************************************
978 * CryptCATCDFEnumCatAttributes (WINTRUST.@)
980 CRYPTCATATTRIBUTE
* WINAPI
CryptCATCDFEnumCatAttributes(CRYPTCATCDF
*pCDF
,
981 CRYPTCATATTRIBUTE
*pPrevAttr
,
982 PFN_CDF_PARSE_ERROR_CALLBACK pfnParseError
)
984 FIXME("(%p %p %p) stub\n", pCDF
, pPrevAttr
, pfnParseError
);
989 /***********************************************************************
990 * CryptCATCDFEnumMembersByCDFTagEx (WINTRUST.@)
992 LPWSTR WINAPI
CryptCATCDFEnumMembersByCDFTagEx(CRYPTCATCDF
*pCDF
, LPWSTR pwszPrevCDFTag
,
993 PFN_CDF_PARSE_ERROR_CALLBACK pfnParseError
,
994 CRYPTCATMEMBER
**ppMember
, BOOL fContinueOnError
,
997 FIXME("(%p %s %p %p %d %p) stub\n", pCDF
, debugstr_w(pwszPrevCDFTag
), pfnParseError
,
998 ppMember
, fContinueOnError
, pvReserved
);
1003 /***********************************************************************
1004 * CryptCATCDFOpen (WINTRUST.@)
1006 CRYPTCATCDF
* WINAPI
CryptCATCDFOpen(LPWSTR pwszFilePath
,
1007 PFN_CDF_PARSE_ERROR_CALLBACK pfnParseError
)
1009 FIXME("(%s %p) stub\n", debugstr_w(pwszFilePath
), pfnParseError
);
1014 static BOOL
WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO
*pSubjectInfo
,
1015 DWORD
*pdwEncodingType
, DWORD dwIndex
, DWORD
*pcbSignedDataMsg
,
1016 BYTE
*pbSignedDataMsg
)
1019 WIN_CERTIFICATE
*pCert
= NULL
;
1021 TRACE("(%p %p %d %p %p)\n", pSubjectInfo
, pdwEncodingType
, dwIndex
,
1022 pcbSignedDataMsg
, pbSignedDataMsg
);
1024 if (!pbSignedDataMsg
)
1026 WIN_CERTIFICATE cert
;
1028 /* app hasn't passed buffer, just get the length */
1029 ret
= ImageGetCertificateHeader(pSubjectInfo
->hFile
, dwIndex
, &cert
);
1032 switch (cert
.wCertificateType
)
1034 case WIN_CERT_TYPE_X509
:
1035 case WIN_CERT_TYPE_PKCS_SIGNED_DATA
:
1036 *pcbSignedDataMsg
= cert
.dwLength
;
1039 WARN("unknown certificate type %d\n", cert
.wCertificateType
);
1048 ret
= ImageGetCertificateData(pSubjectInfo
->hFile
, dwIndex
, NULL
, &len
);
1049 if (GetLastError() != ERROR_INSUFFICIENT_BUFFER
)
1051 pCert
= HeapAlloc(GetProcessHeap(), 0, len
);
1057 ret
= ImageGetCertificateData(pSubjectInfo
->hFile
, dwIndex
, pCert
,
1061 if (*pcbSignedDataMsg
< pCert
->dwLength
)
1063 *pcbSignedDataMsg
= pCert
->dwLength
;
1064 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1069 memcpy(pbSignedDataMsg
, pCert
->bCertificate
, pCert
->dwLength
);
1070 switch (pCert
->wCertificateType
)
1072 case WIN_CERT_TYPE_X509
:
1073 *pdwEncodingType
= X509_ASN_ENCODING
;
1075 case WIN_CERT_TYPE_PKCS_SIGNED_DATA
:
1076 *pdwEncodingType
= X509_ASN_ENCODING
| PKCS_7_ASN_ENCODING
;
1079 WARN("don't know what to do for encoding type %d\n",
1080 pCert
->wCertificateType
);
1081 *pdwEncodingType
= 0;
1087 HeapFree(GetProcessHeap(), 0, pCert
);
1091 /* structure offsets */
1092 #define cfhead_Signature (0x00)
1093 #define cfhead_CabinetSize (0x08)
1094 #define cfhead_MinorVersion (0x18)
1095 #define cfhead_MajorVersion (0x19)
1096 #define cfhead_Flags (0x1E)
1097 #define cfhead_SIZEOF (0x24)
1098 #define cfheadext_HeaderReserved (0x00)
1099 #define cfheadext_SIZEOF (0x04)
1100 #define cfsigninfo_CertOffset (0x04)
1101 #define cfsigninfo_CertSize (0x08)
1102 #define cfsigninfo_SIZEOF (0x0C)
1105 #define cfheadRESERVE_PRESENT (0x0004)
1107 /* endian-neutral reading of little-endian data */
1108 #define EndGetI32(a) ((((a)[3])<<24)|(((a)[2])<<16)|(((a)[1])<<8)|((a)[0]))
1109 #define EndGetI16(a) ((((a)[1])<<8)|((a)[0]))
1111 /* For documentation purposes only: this is the structure in the reserved
1112 * area of a signed cabinet file. The cert offset indicates where in the
1113 * cabinet file the signature resides, and the count indicates its size.
1115 typedef struct _CAB_SIGNINFO
1117 WORD unk0
; /* always 0? */
1118 WORD unk1
; /* always 0x0010? */
1121 } CAB_SIGNINFO
, *PCAB_SIGNINFO
;
1123 static BOOL
WINTRUST_GetSignedMsgFromCabFile(SIP_SUBJECTINFO
*pSubjectInfo
,
1124 DWORD
*pdwEncodingType
, DWORD dwIndex
, DWORD
*pcbSignedDataMsg
,
1125 BYTE
*pbSignedDataMsg
)
1128 LONG base_offset
, cabsize
;
1131 DWORD cert_offset
, cert_size
, dwRead
;
1133 TRACE("(%p %p %d %p %p)\n", pSubjectInfo
, pdwEncodingType
, dwIndex
,
1134 pcbSignedDataMsg
, pbSignedDataMsg
);
1136 /* get basic offset & size info */
1137 base_offset
= SetFilePointer(pSubjectInfo
->hFile
, 0L, NULL
, SEEK_CUR
);
1139 if (SetFilePointer(pSubjectInfo
->hFile
, 0, NULL
, SEEK_END
) == INVALID_SET_FILE_POINTER
)
1141 TRACE("seek error\n");
1145 cabsize
= SetFilePointer(pSubjectInfo
->hFile
, 0L, NULL
, SEEK_CUR
);
1146 if ((cabsize
== -1) || (base_offset
== -1) ||
1147 (SetFilePointer(pSubjectInfo
->hFile
, 0, NULL
, SEEK_SET
) == INVALID_SET_FILE_POINTER
))
1149 TRACE("seek error\n");
1153 /* read in the CFHEADER */
1154 if (!ReadFile(pSubjectInfo
->hFile
, buf
, cfhead_SIZEOF
, &dwRead
, NULL
) ||
1155 dwRead
!= cfhead_SIZEOF
)
1157 TRACE("reading header failed\n");
1161 /* check basic MSCF signature */
1162 if (EndGetI32(buf
+cfhead_Signature
) != 0x4643534d)
1164 WARN("cabinet signature not present\n");
1168 /* Ignore the number of folders and files and the set and cabinet IDs */
1170 /* check the header revision */
1171 if ((buf
[cfhead_MajorVersion
] > 1) ||
1172 (buf
[cfhead_MajorVersion
] == 1 && buf
[cfhead_MinorVersion
] > 3))
1174 WARN("cabinet format version > 1.3\n");
1178 /* pull the flags out */
1179 flags
= EndGetI16(buf
+cfhead_Flags
);
1181 if (!(flags
& cfheadRESERVE_PRESENT
))
1183 TRACE("no header present, not signed\n");
1187 if (!ReadFile(pSubjectInfo
->hFile
, buf
, cfheadext_SIZEOF
, &dwRead
, NULL
) ||
1188 dwRead
!= cfheadext_SIZEOF
)
1190 ERR("bunk reserve-sizes?\n");
1194 header_resv
= EndGetI16(buf
+cfheadext_HeaderReserved
);
1197 TRACE("no header_resv, not signed\n");
1200 else if (header_resv
< cfsigninfo_SIZEOF
)
1202 TRACE("header_resv too small, not signed\n");
1206 if (header_resv
> 60000)
1208 WARN("WARNING; header reserved space > 60000\n");
1211 if (!ReadFile(pSubjectInfo
->hFile
, buf
, cfsigninfo_SIZEOF
, &dwRead
, NULL
) ||
1212 dwRead
!= cfsigninfo_SIZEOF
)
1214 ERR("couldn't read reserve\n");
1218 cert_offset
= EndGetI32(buf
+cfsigninfo_CertOffset
);
1219 TRACE("cert_offset: %d\n", cert_offset
);
1220 cert_size
= EndGetI32(buf
+cfsigninfo_CertSize
);
1221 TRACE("cert_size: %d\n", cert_size
);
1223 /* The redundant checks are to avoid wraparound */
1224 if (cert_offset
> cabsize
|| cert_size
> cabsize
||
1225 cert_offset
+ cert_size
> cabsize
)
1227 WARN("offset beyond file, not attempting to read\n");
1231 SetFilePointer(pSubjectInfo
->hFile
, base_offset
, NULL
, SEEK_SET
);
1232 if (!pbSignedDataMsg
)
1234 *pcbSignedDataMsg
= cert_size
;
1237 if (*pcbSignedDataMsg
< cert_size
)
1239 *pcbSignedDataMsg
= cert_size
;
1240 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1243 if (SetFilePointer(pSubjectInfo
->hFile
, cert_offset
, NULL
, SEEK_SET
) == INVALID_SET_FILE_POINTER
)
1245 ERR("couldn't seek to cert location\n");
1248 if (!ReadFile(pSubjectInfo
->hFile
, pbSignedDataMsg
, cert_size
, &dwRead
,
1249 NULL
) || dwRead
!= cert_size
)
1251 ERR("couldn't read cert\n");
1252 SetFilePointer(pSubjectInfo
->hFile
, base_offset
, NULL
, SEEK_SET
);
1255 /* The encoding of the files I've seen appears to be in ASN.1
1256 * format, and there isn't a field indicating the type, so assume it
1259 *pdwEncodingType
= X509_ASN_ENCODING
| PKCS_7_ASN_ENCODING
;
1260 /* Restore base offset */
1261 SetFilePointer(pSubjectInfo
->hFile
, base_offset
, NULL
, SEEK_SET
);
1265 static BOOL
WINTRUST_GetSignedMsgFromCatFile(SIP_SUBJECTINFO
*pSubjectInfo
,
1266 DWORD
*pdwEncodingType
, DWORD dwIndex
, DWORD
*pcbSignedDataMsg
,
1267 BYTE
*pbSignedDataMsg
)
1271 TRACE("(%p %p %d %p %p)\n", pSubjectInfo
, pdwEncodingType
, dwIndex
,
1272 pcbSignedDataMsg
, pbSignedDataMsg
);
1274 if (!pbSignedDataMsg
)
1276 *pcbSignedDataMsg
= GetFileSize(pSubjectInfo
->hFile
, NULL
);
1281 DWORD len
= GetFileSize(pSubjectInfo
->hFile
, NULL
);
1283 if (*pcbSignedDataMsg
< len
)
1285 *pcbSignedDataMsg
= len
;
1286 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1291 ret
= ReadFile(pSubjectInfo
->hFile
, pbSignedDataMsg
, len
,
1292 pcbSignedDataMsg
, NULL
);
1294 *pdwEncodingType
= X509_ASN_ENCODING
| PKCS_7_ASN_ENCODING
;
1300 /***********************************************************************
1301 * CryptSIPGetSignedDataMsg (WINTRUST.@)
1303 BOOL WINAPI
CryptSIPGetSignedDataMsg(SIP_SUBJECTINFO
* pSubjectInfo
, DWORD
* pdwEncodingType
,
1304 DWORD dwIndex
, DWORD
* pcbSignedDataMsg
, BYTE
* pbSignedDataMsg
)
1306 static const GUID unknown
= { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,
1307 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
1308 static const GUID cabGUID
= { 0xC689AABA, 0x8E78, 0x11D0, { 0x8C,0x47,
1309 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
1310 static const GUID catGUID
= { 0xDE351A43, 0x8E59, 0x11D0, { 0x8C,0x47,
1311 0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
1314 TRACE("(%p %p %d %p %p)\n", pSubjectInfo
, pdwEncodingType
, dwIndex
,
1315 pcbSignedDataMsg
, pbSignedDataMsg
);
1317 if (!memcmp(pSubjectInfo
->pgSubjectType
, &unknown
, sizeof(unknown
)))
1318 ret
= WINTRUST_GetSignedMsgFromPEFile(pSubjectInfo
, pdwEncodingType
,
1319 dwIndex
, pcbSignedDataMsg
, pbSignedDataMsg
);
1320 else if (!memcmp(pSubjectInfo
->pgSubjectType
, &cabGUID
, sizeof(cabGUID
)))
1321 ret
= WINTRUST_GetSignedMsgFromCabFile(pSubjectInfo
, pdwEncodingType
,
1322 dwIndex
, pcbSignedDataMsg
, pbSignedDataMsg
);
1323 else if (!memcmp(pSubjectInfo
->pgSubjectType
, &catGUID
, sizeof(catGUID
)))
1324 ret
= WINTRUST_GetSignedMsgFromCatFile(pSubjectInfo
, pdwEncodingType
,
1325 dwIndex
, pcbSignedDataMsg
, pbSignedDataMsg
);
1328 FIXME("unimplemented for subject type %s\n",
1329 debugstr_guid(pSubjectInfo
->pgSubjectType
));
1333 TRACE("returning %d\n", ret
);
1337 /***********************************************************************
1338 * CryptSIPPutSignedDataMsg (WINTRUST.@)
1340 BOOL WINAPI
CryptSIPPutSignedDataMsg(SIP_SUBJECTINFO
* pSubjectInfo
, DWORD pdwEncodingType
,
1341 DWORD
* pdwIndex
, DWORD cbSignedDataMsg
, BYTE
* pbSignedDataMsg
)
1343 FIXME("(%p %d %p %d %p) stub\n", pSubjectInfo
, pdwEncodingType
, pdwIndex
,
1344 cbSignedDataMsg
, pbSignedDataMsg
);
1349 /***********************************************************************
1350 * CryptSIPRemoveSignedDataMsg (WINTRUST.@)
1352 BOOL WINAPI
CryptSIPRemoveSignedDataMsg(SIP_SUBJECTINFO
* pSubjectInfo
,
1355 FIXME("(%p %d) stub\n", pSubjectInfo
, dwIndex
);
1360 /***********************************************************************
1361 * CryptSIPVerifyIndirectData (WINTRUST.@)
1363 BOOL WINAPI
CryptSIPVerifyIndirectData(SIP_SUBJECTINFO
* pSubjectInfo
,
1364 SIP_INDIRECT_DATA
* pIndirectData
)
1366 FIXME("(%p %p) stub\n", pSubjectInfo
, pIndirectData
);