search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- fix decoding of long-form data lengths
[wine/testsucceed.git] / dlls / crypt32 / encode.c
blob2e9557919ee237864ccb1b379923650d9a899f8b
1 /*
2 * Copyright 2002 Mike McCormack for CodeWeavers
3 * Copyright 2005 Juan Lang
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 *
19 * This file implements ASN.1 DER encoding and decoding of a limited set of
20 * types. It isn't a full ASN.1 implementation. Microsoft implements BER
21 * encoding of many of the basic types in msasn1.dll, but that interface is
22 * undocumented, so I implement them here.
23 *
24 * References:
25 * "A Layman's Guide to a Subset of ASN.1, BER, and DER", by Burton Kaliski
26 * (available online, look for a PDF copy as the HTML versions tend to have
27 * translation errors.)
28 *
29 * RFC3280, http://www.faqs.org/rfcs/rfc3280.html
30 *
31 * MSDN, especially:
32 * http://msdn.microsoft.com/library/en-us/seccrypto/security/constants_for_cryptencodeobject_and_cryptdecodeobject.asp
33 */
34 #include <stdarg.h>
35 #include <stdio.h>
36 #include <stdlib.h>
37 #include "windef.h"
38 #include "winbase.h"
39 #include "excpt.h"
40 #include "wincrypt.h"
41 #include "winreg.h"
42 #include "snmp.h"
43 #include "wine/debug.h"
44 #include "wine/exception.h"
45
46 /* This is a bit arbitrary, but to set some limit: */
47 #define MAX_ENCODED_LEN 0x02000000
48
49 /* a few asn.1 tags we need */
50 #define ASN_BOOL (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x01)
51 #define ASN_BITSTRING (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x03)
52 #define ASN_OCTETSTRING (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x04)
53 #define ASN_ENUMERATED (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x0a)
54 #define ASN_SETOF (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x11)
55 #define ASN_NUMERICSTRING (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x12)
56 #define ASN_PRINTABLESTRING (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x13)
57 #define ASN_IA5STRING (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x16)
58 #define ASN_UTCTIME (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x17)
59 #define ASN_GENERALTIME (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x18)
60
61 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
62
63 static const WCHAR szDllName[] = { 'D','l','l',0 };
64
65 static BOOL WINAPI CRYPT_AsnEncodeInt(DWORD dwCertEncodingType,
66 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
67 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded);
68 static BOOL WINAPI CRYPT_AsnEncodeInteger(DWORD dwCertEncodingType,
69 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
70 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded);
71 static BOOL WINAPI CRYPT_AsnDecodeInt(DWORD dwCertEncodingType,
72 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
73 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
74 static BOOL WINAPI CRYPT_AsnDecodeInteger(DWORD dwCertEncodingType,
75 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
76 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
77
78 /* filter for page-fault exceptions */
79 static WINE_EXCEPTION_FILTER(page_fault)
80 {
81 if (GetExceptionCode() == EXCEPTION_ACCESS_VIOLATION)
82 return EXCEPTION_EXECUTE_HANDLER;
83 return EXCEPTION_CONTINUE_SEARCH;
84 }
85
86 static char *CRYPT_GetKeyName(DWORD dwEncodingType, LPCSTR pszFuncName,
87 LPCSTR pszOID)
88 {
89 static const char szEncodingTypeFmt[] =
90 "Software\\Microsoft\\Cryptography\\OID\\EncodingType %ld\\%s\\%s";
91 UINT len;
92 char numericOID[7]; /* enough for "#65535" */
93 const char *oid;
94 LPSTR szKey;
95
96 /* MSDN says the encoding type is a mask, but it isn't treated that way.
97 * (E.g., if dwEncodingType were 3, the key names "EncodingType 1" and
98 * "EncodingType 2" would be expected if it were a mask. Instead native
99 * stores values in "EncodingType 3".
100 */
101 if (!HIWORD(pszOID))
102 {
103 snprintf(numericOID, sizeof(numericOID), "#%d", (int)pszOID);
104 oid = numericOID;
105 }
106 else
107 oid = pszOID;
108
109 /* This is enough: the lengths of the two string parameters are explicitly
110 * counted, and we need up to five additional characters for the encoding
111 * type. These are covered by the "%d", "%s", and "%s" characters in the
112 * format specifier that are removed by sprintf.
113 */
114 len = sizeof(szEncodingTypeFmt) + lstrlenA(pszFuncName) + lstrlenA(oid);
115 szKey = HeapAlloc(GetProcessHeap(), 0, len);
116 if (szKey)
117 sprintf(szKey, szEncodingTypeFmt, dwEncodingType, pszFuncName, oid);
118 return szKey;
119 }
120
121 BOOL WINAPI CryptRegisterOIDFunction(DWORD dwEncodingType, LPCSTR pszFuncName,
122 LPCSTR pszOID, LPCWSTR pwszDll, LPCSTR pszOverrideFuncName)
123 {
124 LONG r;
125 HKEY hKey;
126 LPSTR szKey;
127
128 TRACE("%lx %s %s %s %s\n", dwEncodingType, pszFuncName, pszOID,
129 debugstr_w(pwszDll), pszOverrideFuncName);
130
131 /* This only registers functions for encoding certs, not messages */
132 if (!GET_CERT_ENCODING_TYPE(dwEncodingType))
133 return TRUE;
134
135 /* Native does nothing pwszDll is NULL */
136 if (!pwszDll)
137 return TRUE;
138
139 /* I'm not matching MS bug for bug here, because I doubt any app depends on
140 * it:
141 * - native "succeeds" if pszFuncName is NULL, but the nonsensical entry
142 * it creates would never be used
143 * - native returns an HRESULT rather than a Win32 error if pszOID is NULL.
144 * Instead I disallow both of these with ERROR_INVALID_PARAMETER.
145 */
146 if (!pszFuncName || !pszOID)
147 {
148 SetLastError(ERROR_INVALID_PARAMETER);
149 return FALSE;
150 }
151
152 szKey = CRYPT_GetKeyName(dwEncodingType, pszFuncName, pszOID);
153 TRACE("Key name is %s\n", debugstr_a(szKey));
154
155 if (!szKey)
156 return FALSE;
157
158 r = RegCreateKeyA(HKEY_LOCAL_MACHINE, szKey, &hKey);
159 HeapFree(GetProcessHeap(), 0, szKey);
160 if(r != ERROR_SUCCESS)
161 return FALSE;
162
163 /* write the values */
164 if (pszOverrideFuncName)
165 RegSetValueExA(hKey, "FuncName", 0, REG_SZ, pszOverrideFuncName,
166 lstrlenA(pszOverrideFuncName) + 1);
167 RegSetValueExW(hKey, szDllName, 0, REG_SZ, (const BYTE*) pwszDll,
168 (lstrlenW(pwszDll) + 1) * sizeof (WCHAR));
169
170 RegCloseKey(hKey);
171 return TRUE;
172 }
173
174 BOOL WINAPI CryptUnregisterOIDFunction(DWORD dwEncodingType, LPCSTR pszFuncName,
175 LPCSTR pszOID)
176 {
177 LPSTR szKey;
178 LONG rc;
179
180 TRACE("%lx %s %s\n", dwEncodingType, pszFuncName, pszOID);
181
182 if (!GET_CERT_ENCODING_TYPE(dwEncodingType))
183 return TRUE;
184
185 if (!pszFuncName || !pszOID)
186 {
187 SetLastError(ERROR_INVALID_PARAMETER);
188 return FALSE;
189 }
190
191 szKey = CRYPT_GetKeyName(dwEncodingType, pszFuncName, pszOID);
192 rc = RegDeleteKeyA(HKEY_LOCAL_MACHINE, szKey);
193 HeapFree(GetProcessHeap(), 0, szKey);
194 if (rc)
195 SetLastError(rc);
196 return rc ? FALSE : TRUE;
197 }
198
199 BOOL WINAPI CryptGetOIDFunctionValue(DWORD dwEncodingType, LPCSTR pszFuncName,
200 LPCSTR pszOID, LPCWSTR pwszValueName, DWORD *pdwValueType, BYTE *pbValueData,
201 DWORD *pcbValueData)
202 {
203 LPSTR szKey;
204 LONG rc;
205 HKEY hKey;
206
207 TRACE("%lx %s %s %s %p %p %p\n", dwEncodingType, debugstr_a(pszFuncName),
208 debugstr_a(pszOID), debugstr_w(pwszValueName), pdwValueType, pbValueData,
209 pcbValueData);
210
211 if (!GET_CERT_ENCODING_TYPE(dwEncodingType))
212 return TRUE;
213
214 if (!pszFuncName || !pszOID || !pwszValueName)
215 {
216 SetLastError(ERROR_INVALID_PARAMETER);
217 return FALSE;
218 }
219
220 szKey = CRYPT_GetKeyName(dwEncodingType, pszFuncName, pszOID);
221 rc = RegOpenKeyA(HKEY_LOCAL_MACHINE, szKey, &hKey);
222 HeapFree(GetProcessHeap(), 0, szKey);
223 if (rc)
224 SetLastError(rc);
225 else
226 {
227 rc = RegQueryValueExW(hKey, pwszValueName, NULL, pdwValueType,
228 pbValueData, pcbValueData);
229 if (rc)
230 SetLastError(rc);
231 RegCloseKey(hKey);
232 }
233 return rc ? FALSE : TRUE;
234 }
235
236 BOOL WINAPI CryptSetOIDFunctionValue(DWORD dwEncodingType, LPCSTR pszFuncName,
237 LPCSTR pszOID, LPCWSTR pwszValueName, DWORD dwValueType,
238 const BYTE *pbValueData, DWORD cbValueData)
239 {
240 LPSTR szKey;
241 LONG rc;
242 HKEY hKey;
243
244 TRACE("%lx %s %s %s %ld %p %ld\n", dwEncodingType, debugstr_a(pszFuncName),
245 debugstr_a(pszOID), debugstr_w(pwszValueName), dwValueType, pbValueData,
246 cbValueData);
247
248 if (!GET_CERT_ENCODING_TYPE(dwEncodingType))
249 return TRUE;
250
251 if (!pszFuncName || !pszOID || !pwszValueName)
252 {
253 SetLastError(ERROR_INVALID_PARAMETER);
254 return FALSE;
255 }
256
257 szKey = CRYPT_GetKeyName(dwEncodingType, pszFuncName, pszOID);
258 rc = RegOpenKeyA(HKEY_LOCAL_MACHINE, szKey, &hKey);
259 HeapFree(GetProcessHeap(), 0, szKey);
260 if (rc)
261 SetLastError(rc);
262 else
263 {
264 rc = RegSetValueExW(hKey, pwszValueName, 0, dwValueType, pbValueData,
265 cbValueData);
266 if (rc)
267 SetLastError(rc);
268 RegCloseKey(hKey);
269 }
270 return rc ? FALSE : TRUE;
271 }
272
273 /* Gets the registered function named szFuncName for dwCertEncodingType and
274 * lpszStructType, or NULL if one could not be found. *lib will be set to the
275 * handle of the module it's in, or NULL if no module was loaded. If the
276 * return value is NULL, *lib will also be NULL, to simplify error handling.
277 */
278 static void *CRYPT_GetFunc(DWORD dwCertEncodingType, LPCSTR lpszStructType,
279 LPCSTR szFuncName, HMODULE *lib)
280 {
281 void *ret = NULL;
282 char *szKey = CRYPT_GetKeyName(dwCertEncodingType, szFuncName,
283 lpszStructType);
284 const char *funcName;
285 long r;
286 HKEY hKey;
287 DWORD type, size = 0;
288
289 TRACE("(%08lx %s %s %p)\n", dwCertEncodingType, debugstr_a(lpszStructType),
290 debugstr_a(szFuncName), lib);
291
292 *lib = NULL;
293 r = RegOpenKeyA(HKEY_LOCAL_MACHINE, szKey, &hKey);
294 HeapFree(GetProcessHeap(), 0, szKey);
295 if(r != ERROR_SUCCESS)
296 return NULL;
297
298 RegQueryValueExA(hKey, "FuncName", NULL, &type, NULL, &size);
299 if (GetLastError() == ERROR_MORE_DATA && type == REG_SZ)
300 {
301 funcName = HeapAlloc(GetProcessHeap(), 0, size);
302 RegQueryValueExA(hKey, "FuncName", NULL, &type, (LPBYTE)funcName,
303 &size);
304 }
305 else
306 funcName = szFuncName;
307 RegQueryValueExW(hKey, szDllName, NULL, &type, NULL, &size);
308 if (GetLastError() == ERROR_MORE_DATA && type == REG_SZ)
309 {
310 LPWSTR dllName = HeapAlloc(GetProcessHeap(), 0, size);
311
312 RegQueryValueExW(hKey, szDllName, NULL, &type, (LPBYTE)dllName,
313 &size);
314 *lib = LoadLibraryW(dllName);
315 if (*lib)
316 {
317 ret = GetProcAddress(*lib, funcName);
318 if (!ret)
319 {
320 /* Unload the library, the caller doesn't want to unload it
321 * when the return value is NULL.
322 */
323 FreeLibrary(*lib);
324 *lib = NULL;
325 }
326 }
327 HeapFree(GetProcessHeap(), 0, dllName);
328 }
329 if (funcName != szFuncName)
330 HeapFree(GetProcessHeap(), 0, (char *)funcName);
331 TRACE("returning %p\n", ret);
332 return ret;
333 }
334
335 typedef BOOL (WINAPI *CryptEncodeObjectFunc)(DWORD, LPCSTR, const void *,
336 BYTE *, DWORD *);
337
338 BOOL WINAPI CryptEncodeObject(DWORD dwCertEncodingType, LPCSTR lpszStructType,
339 const void *pvStructInfo, BYTE *pbEncoded, DWORD *pcbEncoded)
340 {
341 BOOL ret = FALSE;
342 HMODULE lib;
343 CryptEncodeObjectFunc pCryptEncodeObject;
344
345 TRACE("(0x%08lx, %s, %p, %p, %p)\n",
346 dwCertEncodingType, HIWORD(lpszStructType) ? debugstr_a(lpszStructType) :
347 "(integer value)", pvStructInfo, pbEncoded, pcbEncoded);
348
349 if (!pbEncoded && !pcbEncoded)
350 {
351 SetLastError(ERROR_INVALID_PARAMETER);
352 return FALSE;
353 }
354
355 /* Try registered DLL first.. */
356 pCryptEncodeObject =
357 (CryptEncodeObjectFunc)CRYPT_GetFunc(dwCertEncodingType,
358 lpszStructType, "CryptEncodeObject", &lib);
359 if (pCryptEncodeObject)
360 {
361 ret = pCryptEncodeObject(dwCertEncodingType, lpszStructType,
362 pvStructInfo, pbEncoded, pcbEncoded);
363 FreeLibrary(lib);
364 }
365 else
366 {
367 /* If not, use CryptEncodeObjectEx */
368 ret = CryptEncodeObjectEx(dwCertEncodingType, lpszStructType,
369 pvStructInfo, 0, NULL, pbEncoded, pcbEncoded);
370 }
371 return ret;
372 }
373
374 /* Helper function to check *pcbEncoded, set it to the required size, and
375 * optionally to allocate memory. Assumes pbEncoded is not NULL.
376 * If CRYPT_ENCODE_ALLOC_FLAG is set in dwFlags, *pbEncoded will be set to a
377 * pointer to the newly allocated memory.
378 */
379 static BOOL CRYPT_EncodeEnsureSpace(DWORD dwFlags,
380 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded,
381 DWORD bytesNeeded)
382 {
383 BOOL ret = TRUE;
384
385 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
386 {
387 if (pEncodePara && pEncodePara->pfnAlloc)
388 *(BYTE **)pbEncoded = pEncodePara->pfnAlloc(bytesNeeded);
389 else
390 *(BYTE **)pbEncoded = LocalAlloc(0, bytesNeeded);
391 if (!*(BYTE **)pbEncoded)
392 ret = FALSE;
393 else
394 *pcbEncoded = bytesNeeded;
395 }
396 else if (bytesNeeded > *pcbEncoded)
397 {
398 *pcbEncoded = bytesNeeded;
399 SetLastError(ERROR_MORE_DATA);
400 ret = FALSE;
401 }
402 return ret;
403 }
404
405 static BOOL CRYPT_EncodeLen(DWORD len, BYTE *pbEncoded, DWORD *pcbEncoded)
406 {
407 DWORD bytesNeeded, significantBytes = 0;
408
409 if (len <= 0x7f)
410 bytesNeeded = 1;
411 else
412 {
413 DWORD temp;
414
415 for (temp = len, significantBytes = sizeof(temp); !(temp & 0xff000000);
416 temp <<= 8, significantBytes--)
417 ;
418 bytesNeeded = significantBytes + 1;
419 }
420 if (!pbEncoded)
421 {
422 *pcbEncoded = bytesNeeded;
423 return TRUE;
424 }
425 if (*pcbEncoded < bytesNeeded)
426 {
427 SetLastError(ERROR_MORE_DATA);
428 return FALSE;
429 }
430 if (len <= 0x7f)
431 *pbEncoded = (BYTE)len;
432 else
433 {
434 DWORD i;
435
436 *pbEncoded++ = significantBytes | 0x80;
437 for (i = 0; i < significantBytes; i++)
438 {
439 *(pbEncoded + significantBytes - i - 1) = (BYTE)(len & 0xff);
440 len >>= 8;
441 }
442 }
443 *pcbEncoded = bytesNeeded;
444 return TRUE;
445 }
446
447 static BOOL WINAPI CRYPT_AsnEncodeOid(DWORD dwCertEncodingType,
448 LPCSTR pszObjId, BYTE *pbEncoded, DWORD *pcbEncoded)
449 {
450 DWORD bytesNeeded = 0, lenBytes;
451 BOOL ret = TRUE;
452 int firstPos = 0;
453 BYTE firstByte = 0;
454
455 if (pszObjId)
456 {
457 const char *ptr;
458 int val1, val2;
459
460 if (sscanf(pszObjId, "%d.%d.%n", &val1, &val2, &firstPos) != 2)
461 {
462 SetLastError(CRYPT_E_ASN1_ERROR);
463 return FALSE;
464 }
465 bytesNeeded++;
466 firstByte = val1 * 40 + val2;
467 ptr = pszObjId + firstPos;
468 while (ret && *ptr)
469 {
470 int pos;
471
472 /* note I assume each component is at most 32-bits long in base 2 */
473 if (sscanf(ptr, "%d%n", &val1, &pos) == 1)
474 {
475 if (val1 >= 0x10000000)
476 bytesNeeded += 5;
477 else if (val1 >= 0x200000)
478 bytesNeeded += 4;
479 else if (val1 >= 0x4000)
480 bytesNeeded += 3;
481 else if (val1 >= 0x80)
482 bytesNeeded += 2;
483 else
484 bytesNeeded += 1;
485 ptr += pos;
486 if (*ptr == '.')
487 ptr++;
488 }
489 else
490 {
491 SetLastError(CRYPT_E_ASN1_ERROR);
492 return FALSE;
493 }
494 }
495 CRYPT_EncodeLen(bytesNeeded, NULL, &lenBytes);
496 }
497 else
498 lenBytes = 1;
499 bytesNeeded += 1 + lenBytes;
500 if (pbEncoded)
501 {
502 if (*pbEncoded < bytesNeeded)
503 {
504 SetLastError(ERROR_MORE_DATA);
505 ret = FALSE;
506 }
507 else
508 {
509 *pbEncoded++ = ASN_OBJECTIDENTIFIER;
510 CRYPT_EncodeLen(bytesNeeded - 1 - lenBytes, pbEncoded, &lenBytes);
511 pbEncoded += lenBytes;
512 if (pszObjId)
513 {
514 const char *ptr;
515 int val, pos;
516
517 *pbEncoded++ = firstByte;
518 ptr = pszObjId + firstPos;
519 while (ret && *ptr)
520 {
521 sscanf(ptr, "%d%n", &val, &pos);
522 {
523 unsigned char outBytes[5];
524 int numBytes, i;
525
526 if (val >= 0x10000000)
527 numBytes = 5;
528 else if (val >= 0x200000)
529 numBytes = 4;
530 else if (val >= 0x4000)
531 numBytes = 3;
532 else if (val >= 0x80)
533 numBytes = 2;
534 else
535 numBytes = 1;
536 for (i = numBytes; i > 0; i--)
537 {
538 outBytes[i - 1] = val & 0x7f;
539 val >>= 7;
540 }
541 for (i = 0; i < numBytes - 1; i++)
542 *pbEncoded++ = outBytes[i] | 0x80;
543 *pbEncoded++ = outBytes[i];
544 ptr += pos;
545 if (*ptr == '.')
546 ptr++;
547 }
548 }
549 }
550 }
551 }
552 *pcbEncoded = bytesNeeded;
553 return ret;
554 }
555
556 static BOOL WINAPI CRYPT_AsnEncodeNameValue(DWORD dwCertEncodingType,
557 CERT_NAME_VALUE *value, BYTE *pbEncoded, DWORD *pcbEncoded)
558 {
559 BYTE tag;
560 DWORD bytesNeeded, lenBytes, encodedLen;
561 BOOL ret = TRUE;
562
563 switch (value->dwValueType)
564 {
565 case CERT_RDN_NUMERIC_STRING:
566 tag = ASN_NUMERICSTRING;
567 encodedLen = value->Value.cbData;
568 break;
569 case CERT_RDN_PRINTABLE_STRING:
570 tag = ASN_PRINTABLESTRING;
571 encodedLen = value->Value.cbData;
572 break;
573 case CERT_RDN_IA5_STRING:
574 tag = ASN_IA5STRING;
575 encodedLen = value->Value.cbData;
576 break;
577 case CERT_RDN_ANY_TYPE:
578 /* explicitly disallowed */
579 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
580 return FALSE;
581 default:
582 FIXME("String type %ld unimplemented\n", value->dwValueType);
583 return FALSE;
584 }
585 CRYPT_EncodeLen(encodedLen, NULL, &lenBytes);
586 bytesNeeded = 1 + lenBytes + encodedLen;
587 if (pbEncoded)
588 {
589 if (*pcbEncoded < bytesNeeded)
590 {
591 SetLastError(ERROR_MORE_DATA);
592 ret = FALSE;
593 }
594 else
595 {
596 *pbEncoded++ = tag;
597 CRYPT_EncodeLen(encodedLen, pbEncoded, &lenBytes);
598 pbEncoded += lenBytes;
599 switch (value->dwValueType)
600 {
601 case CERT_RDN_NUMERIC_STRING:
602 case CERT_RDN_PRINTABLE_STRING:
603 case CERT_RDN_IA5_STRING:
604 memcpy(pbEncoded, value->Value.pbData, value->Value.cbData);
605 }
606 }
607 }
608 *pcbEncoded = bytesNeeded;
609 return ret;
610 }
611
612 static BOOL WINAPI CRYPT_AsnEncodeRdnAttr(DWORD dwCertEncodingType,
613 CERT_RDN_ATTR *attr, BYTE *pbEncoded, DWORD *pcbEncoded)
614 {
615 DWORD bytesNeeded = 0, lenBytes, size;
616 BOOL ret;
617
618 ret = CRYPT_AsnEncodeOid(dwCertEncodingType, attr->pszObjId, NULL, &size);
619 if (ret)
620 {
621 bytesNeeded += size;
622 /* hack: a CERT_RDN_ATTR is identical to a CERT_NAME_VALUE beginning
623 * with dwValueType, so "cast" it to get its encoded size
624 */
625 ret = CRYPT_AsnEncodeNameValue(dwCertEncodingType,
626 (CERT_NAME_VALUE *)&attr->dwValueType, NULL, &size);
627 if (ret)
628 {
629 bytesNeeded += size;
630 CRYPT_EncodeLen(bytesNeeded, NULL, &lenBytes);
631 bytesNeeded += 1 + lenBytes;
632 if (pbEncoded)
633 {
634 if (*pcbEncoded < bytesNeeded)
635 {
636 SetLastError(ERROR_MORE_DATA);
637 ret = FALSE;
638 }
639 else
640 {
641 *pbEncoded++ = ASN_CONSTRUCTOR | ASN_SEQUENCE;
642 CRYPT_EncodeLen(bytesNeeded - lenBytes - 1, pbEncoded,
643 &lenBytes);
644 pbEncoded += lenBytes;
645 size = bytesNeeded - 1 - lenBytes;
646 ret = CRYPT_AsnEncodeOid(dwCertEncodingType, attr->pszObjId,
647 pbEncoded, &size);
648 if (ret)
649 {
650 pbEncoded += size;
651 size = bytesNeeded - 1 - lenBytes - size;
652 ret = CRYPT_AsnEncodeNameValue(dwCertEncodingType,
653 (CERT_NAME_VALUE *)&attr->dwValueType, pbEncoded,
654 &size);
655 }
656 }
657 }
658 *pcbEncoded = bytesNeeded;
659 }
660 }
661 return ret;
662 }
663
664 static int BLOBComp(const void *l, const void *r)
665 {
666 CRYPT_DER_BLOB *a = (CRYPT_DER_BLOB *)l, *b = (CRYPT_DER_BLOB *)r;
667 int ret;
668
669 if (!(ret = memcmp(a->pbData, b->pbData, min(a->cbData, b->cbData))))
670 ret = a->cbData - b->cbData;
671 return ret;
672 }
673
674 /* This encodes as a SET OF, which in DER must be lexicographically sorted.
675 */
676 static BOOL WINAPI CRYPT_AsnEncodeRdn(DWORD dwCertEncodingType, CERT_RDN *rdn,
677 BYTE *pbEncoded, DWORD *pcbEncoded)
678 {
679 BOOL ret;
680 CRYPT_DER_BLOB *blobs = NULL;
681
682 __TRY
683 {
684 DWORD bytesNeeded = 0, lenBytes, i;
685
686 ret = TRUE;
687 if (rdn->cRDNAttr)
688 {
689 blobs = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
690 rdn->cRDNAttr * sizeof(CRYPT_DER_BLOB));
691 if (!blobs)
692 ret = FALSE;
693 }
694 for (i = 0; ret && i < rdn->cRDNAttr; i++)
695 {
696 ret = CRYPT_AsnEncodeRdnAttr(dwCertEncodingType, &rdn->rgRDNAttr[i],
697 NULL, &blobs[i].cbData);
698 if (ret)
699 bytesNeeded += blobs[i].cbData;
700 }
701 if (ret)
702 {
703 CRYPT_EncodeLen(bytesNeeded, NULL, &lenBytes);
704 bytesNeeded += 1 + lenBytes;
705 if (pbEncoded)
706 {
707 if (*pcbEncoded < bytesNeeded)
708 {
709 SetLastError(ERROR_MORE_DATA);
710 ret = FALSE;
711 }
712 else
713 {
714 for (i = 0; ret && i < rdn->cRDNAttr; i++)
715 {
716 blobs[i].pbData = HeapAlloc(GetProcessHeap(), 0,
717 blobs[i].cbData);
718 if (!blobs[i].pbData)
719 ret = FALSE;
720 else
721 ret = CRYPT_AsnEncodeRdnAttr(dwCertEncodingType,
722 &rdn->rgRDNAttr[i], blobs[i].pbData,
723 &blobs[i].cbData);
724 }
725 if (ret)
726 {
727 qsort(blobs, rdn->cRDNAttr, sizeof(CRYPT_DER_BLOB),
728 BLOBComp);
729 *pbEncoded++ = ASN_CONSTRUCTOR | ASN_SETOF;
730 CRYPT_EncodeLen(bytesNeeded - lenBytes - 1, pbEncoded,
731 &lenBytes);
732 pbEncoded += lenBytes;
733 for (i = 0; ret && i < rdn->cRDNAttr; i++)
734 {
735 memcpy(pbEncoded, blobs[i].pbData, blobs[i].cbData);
736 pbEncoded += blobs[i].cbData;
737 }
738 }
739 }
740 }
741 *pcbEncoded = bytesNeeded;
742 }
743 if (blobs)
744 {
745 for (i = 0; i < rdn->cRDNAttr; i++)
746 HeapFree(GetProcessHeap(), 0, blobs[i].pbData);
747 }
748 }
749 __EXCEPT(page_fault)
750 {
751 SetLastError(STATUS_ACCESS_VIOLATION);
752 ret = FALSE;
753 }
754 __ENDTRY
755 HeapFree(GetProcessHeap(), 0, blobs);
756 return ret;
757 }
758
759 static BOOL WINAPI CRYPT_AsnEncodeName(DWORD dwCertEncodingType,
760 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
761 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
762 {
763 BOOL ret;
764
765 __TRY
766 {
767 CERT_NAME_INFO *info = (CERT_NAME_INFO *)pvStructInfo;
768 DWORD bytesNeeded = 0, lenBytes, size, i;
769
770 TRACE("encoding name with %ld RDNs\n", info->cRDN);
771 ret = TRUE;
772 for (i = 0; ret && i < info->cRDN; i++)
773 {
774 ret = CRYPT_AsnEncodeRdn(dwCertEncodingType, &info->rgRDN[i], NULL,
775 &size);
776 if (ret)
777 bytesNeeded += size;
778 }
779 CRYPT_EncodeLen(bytesNeeded, NULL, &lenBytes);
780 bytesNeeded += 1 + lenBytes;
781 if (ret)
782 {
783 if (!pbEncoded)
784 *pcbEncoded = bytesNeeded;
785 else
786 {
787 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara,
788 pbEncoded, pcbEncoded, bytesNeeded)))
789 {
790 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
791 pbEncoded = *(BYTE **)pbEncoded;
792 *pbEncoded++ = ASN_SEQUENCEOF;
793 CRYPT_EncodeLen(bytesNeeded - lenBytes - 1, pbEncoded,
794 &lenBytes);
795 pbEncoded += lenBytes;
796 for (i = 0; ret && i < info->cRDN; i++)
797 {
798 size = bytesNeeded;
799 ret = CRYPT_AsnEncodeRdn(dwCertEncodingType,
800 &info->rgRDN[i], pbEncoded, &size);
801 if (ret)
802 {
803 pbEncoded += size;
804 bytesNeeded -= size;
805 }
806 }
807 }
808 }
809 }
810 }
811 __EXCEPT(page_fault)
812 {
813 SetLastError(STATUS_ACCESS_VIOLATION);
814 ret = FALSE;
815 }
816 __ENDTRY
817 return ret;
818 }
819
820 static BOOL CRYPT_EncodeBool(BOOL val, BYTE *pbEncoded, DWORD *pcbEncoded)
821 {
822 if (!pbEncoded)
823 {
824 *pcbEncoded = 3;
825 return TRUE;
826 }
827 if (*pcbEncoded < 3)
828 {
829 *pcbEncoded = 3;
830 SetLastError(ERROR_MORE_DATA);
831 return FALSE;
832 }
833 *pcbEncoded = 3;
834 *pbEncoded++ = ASN_BOOL;
835 *pbEncoded++ = 1;
836 *pbEncoded++ = val ? 0xff : 0;
837 return TRUE;
838 }
839
840 static BOOL WINAPI CRYPT_AsnEncodeBasicConstraints2(DWORD dwCertEncodingType,
841 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
842 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
843 {
844 BOOL ret;
845
846 __TRY
847 {
848 CERT_BASIC_CONSTRAINTS2_INFO *info =
849 (CERT_BASIC_CONSTRAINTS2_INFO *)pvStructInfo;
850 DWORD bytesNeeded = 0, lenBytes, caLen = 0, pathConstraintLen = 0;
851
852 ret = TRUE;
853 if (info->fCA)
854 {
855 ret = CRYPT_EncodeBool(TRUE, NULL, &caLen);
856 if (ret)
857 bytesNeeded += caLen;
858 }
859 if (info->fPathLenConstraint)
860 {
861 ret = CRYPT_AsnEncodeInt(dwCertEncodingType, X509_INTEGER,
862 &info->dwPathLenConstraint, 0, NULL, NULL, &pathConstraintLen);
863 if (ret)
864 bytesNeeded += pathConstraintLen;
865 }
866 if (ret)
867 {
868 CRYPT_EncodeLen(bytesNeeded, NULL, &lenBytes);
869 bytesNeeded += 1 + lenBytes;
870 if (!pbEncoded)
871 {
872 *pcbEncoded = bytesNeeded;
873 ret = TRUE;
874 }
875 else
876 {
877 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara,
878 pbEncoded, pcbEncoded, bytesNeeded)))
879 {
880 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
881 pbEncoded = *(BYTE **)pbEncoded;
882 *pbEncoded++ = ASN_SEQUENCE;
883 CRYPT_EncodeLen(bytesNeeded - 1 - lenBytes, pbEncoded,
884 &lenBytes);
885 pbEncoded += lenBytes;
886 if (info->fCA)
887 {
888 ret = CRYPT_EncodeBool(TRUE, pbEncoded, &caLen);
889 if (ret)
890 pbEncoded += caLen;
891 }
892 if (info->fPathLenConstraint)
893 {
894 ret = CRYPT_AsnEncodeInt(dwCertEncodingType,
895 X509_INTEGER, &info->dwPathLenConstraint, 0, NULL,
896 pbEncoded, &pathConstraintLen);
897 }
898 }
899 }
900 }
901 }
902 __EXCEPT(page_fault)
903 {
904 SetLastError(STATUS_ACCESS_VIOLATION);
905 ret = FALSE;
906 }
907 __ENDTRY
908 return ret;
909 }
910
911 static BOOL WINAPI CRYPT_AsnEncodeOctets(DWORD dwCertEncodingType,
912 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
913 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
914 {
915 BOOL ret;
916
917 __TRY
918 {
919 CRYPT_DATA_BLOB *blob = (CRYPT_DATA_BLOB *)pvStructInfo;
920 DWORD bytesNeeded, lenBytes;
921
922 CRYPT_EncodeLen(blob->cbData, NULL, &lenBytes);
923 bytesNeeded = 1 + lenBytes + blob->cbData;
924 if (!pbEncoded)
925 {
926 *pcbEncoded = bytesNeeded;
927 ret = TRUE;
928 }
929 else
930 {
931 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara, pbEncoded,
932 pcbEncoded, bytesNeeded)))
933 {
934 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
935 pbEncoded = *(BYTE **)pbEncoded;
936 *pbEncoded++ = ASN_OCTETSTRING;
937 CRYPT_EncodeLen(blob->cbData, pbEncoded, &lenBytes);
938 pbEncoded += lenBytes;
939 if (blob->cbData)
940 memcpy(pbEncoded, blob->pbData, blob->cbData);
941 }
942 }
943 }
944 __EXCEPT(page_fault)
945 {
946 SetLastError(STATUS_ACCESS_VIOLATION);
947 ret = FALSE;
948 }
949 __ENDTRY
950 return ret;
951 }
952
953 static BOOL WINAPI CRYPT_AsnEncodeBits(DWORD dwCertEncodingType,
954 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
955 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
956 {
957 BOOL ret;
958
959 __TRY
960 {
961 CRYPT_BIT_BLOB *blob = (CRYPT_BIT_BLOB *)pvStructInfo;
962 DWORD bytesNeeded, lenBytes, dataBytes;
963 BYTE unusedBits;
964
965 /* yep, MS allows cUnusedBits to be >= 8 */
966 if (blob->cbData * 8 > blob->cUnusedBits)
967 {
968 dataBytes = (blob->cbData * 8 - blob->cUnusedBits) / 8 + 1;
969 unusedBits = blob->cUnusedBits >= 8 ? blob->cUnusedBits / 8 :
970 blob->cUnusedBits;
971 }
972 else
973 {
974 dataBytes = 0;
975 unusedBits = 0;
976 }
977 CRYPT_EncodeLen(dataBytes + 1, NULL, &lenBytes);
978 bytesNeeded = 1 + lenBytes + dataBytes + 1;
979 if (!pbEncoded)
980 {
981 *pcbEncoded = bytesNeeded;
982 ret = TRUE;
983 }
984 else
985 {
986 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara, pbEncoded,
987 pcbEncoded, bytesNeeded)))
988 {
989 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
990 pbEncoded = *(BYTE **)pbEncoded;
991 *pbEncoded++ = ASN_BITSTRING;
992 CRYPT_EncodeLen(dataBytes + 1, pbEncoded, &lenBytes);
993 pbEncoded += lenBytes;
994 *pbEncoded++ = unusedBits;
995 if (dataBytes)
996 {
997 BYTE mask = 0xff << unusedBits;
998
999 if (dataBytes > 1)
1000 {
1001 memcpy(pbEncoded, blob->pbData, dataBytes - 1);
1002 pbEncoded += dataBytes - 1;
1003 }
1004 *pbEncoded = *(blob->pbData + dataBytes - 1) & mask;
1005 }
1006 }
1007 }
1008 }
1009 __EXCEPT(page_fault)
1010 {
1011 SetLastError(STATUS_ACCESS_VIOLATION);
1012 ret = FALSE;
1013 }
1014 __ENDTRY
1015 return ret;
1016 }
1017
1018 static BOOL WINAPI CRYPT_AsnEncodeInt(DWORD dwCertEncodingType,
1019 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
1020 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
1021 {
1022 CRYPT_INTEGER_BLOB blob = { sizeof(INT), (BYTE *)pvStructInfo };
1023
1024 return CRYPT_AsnEncodeInteger(dwCertEncodingType, X509_MULTI_BYTE_INTEGER,
1025 &blob, dwFlags, pEncodePara, pbEncoded, pcbEncoded);
1026 }
1027
1028 static BOOL WINAPI CRYPT_AsnEncodeInteger(DWORD dwCertEncodingType,
1029 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
1030 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
1031 {
1032 BOOL ret;
1033
1034 __TRY
1035 {
1036 DWORD significantBytes, lenBytes;
1037 BYTE padByte = 0, bytesNeeded;
1038 BOOL pad = FALSE;
1039 CRYPT_INTEGER_BLOB *blob = (CRYPT_INTEGER_BLOB *)pvStructInfo;
1040
1041 significantBytes = blob->cbData;
1042 if (significantBytes)
1043 {
1044 if (blob->pbData[significantBytes - 1] & 0x80)
1045 {
1046 /* negative, lop off leading (little-endian) 0xffs */
1047 for (; significantBytes > 0 &&
1048 blob->pbData[significantBytes - 1] == 0xff; significantBytes--)
1049 ;
1050 if (blob->pbData[significantBytes - 1] < 0x80)
1051 {
1052 padByte = 0xff;
1053 pad = TRUE;
1054 }
1055 }
1056 else
1057 {
1058 /* positive, lop off leading (little-endian) zeroes */
1059 for (; significantBytes > 0 &&
1060 !blob->pbData[significantBytes - 1]; significantBytes--)
1061 ;
1062 if (significantBytes == 0)
1063 significantBytes = 1;
1064 if (blob->pbData[significantBytes - 1] > 0x7f)
1065 {
1066 padByte = 0;
1067 pad = TRUE;
1068 }
1069 }
1070 }
1071 if (pad)
1072 CRYPT_EncodeLen(significantBytes + 1, NULL, &lenBytes);
1073 else
1074 CRYPT_EncodeLen(significantBytes, NULL, &lenBytes);
1075 bytesNeeded = 1 + lenBytes + significantBytes;
1076 if (pad)
1077 bytesNeeded++;
1078 if (!pbEncoded)
1079 {
1080 *pcbEncoded = bytesNeeded;
1081 ret = TRUE;
1082 }
1083 else
1084 {
1085 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara, pbEncoded,
1086 pcbEncoded, bytesNeeded)))
1087 {
1088 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
1089 pbEncoded = *(BYTE **)pbEncoded;
1090 *pbEncoded++ = ASN_INTEGER;
1091 if (pad)
1092 {
1093 CRYPT_EncodeLen(significantBytes + 1, pbEncoded, &lenBytes);
1094 pbEncoded += lenBytes;
1095 *pbEncoded++ = padByte;
1096 }
1097 else
1098 {
1099 CRYPT_EncodeLen(significantBytes, pbEncoded, &lenBytes);
1100 pbEncoded += lenBytes;
1101 }
1102 for (; significantBytes > 0; significantBytes--)
1103 *(pbEncoded++) = blob->pbData[significantBytes - 1];
1104 }
1105 }
1106 }
1107 __EXCEPT(page_fault)
1108 {
1109 SetLastError(STATUS_ACCESS_VIOLATION);
1110 ret = FALSE;
1111 }
1112 __ENDTRY
1113 return ret;
1114 }
1115
1116 static BOOL WINAPI CRYPT_AsnEncodeUnsignedInteger(DWORD dwCertEncodingType,
1117 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
1118 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
1119 {
1120 BOOL ret;
1121
1122 __TRY
1123 {
1124 DWORD significantBytes, lenBytes;
1125 BYTE bytesNeeded;
1126 BOOL pad = FALSE;
1127 CRYPT_INTEGER_BLOB *blob = (CRYPT_INTEGER_BLOB *)pvStructInfo;
1128
1129 significantBytes = blob->cbData;
1130 if (significantBytes)
1131 {
1132 /* positive, lop off leading (little-endian) zeroes */
1133 for (; significantBytes > 0 && !blob->pbData[significantBytes - 1];
1134 significantBytes--)
1135 ;
1136 if (significantBytes == 0)
1137 significantBytes = 1;
1138 if (blob->pbData[significantBytes - 1] > 0x7f)
1139 pad = TRUE;
1140 }
1141 if (pad)
1142 CRYPT_EncodeLen(significantBytes + 1, NULL, &lenBytes);
1143 else
1144 CRYPT_EncodeLen(significantBytes, NULL, &lenBytes);
1145 bytesNeeded = 1 + lenBytes + significantBytes;
1146 if (pad)
1147 bytesNeeded++;
1148 if (!pbEncoded)
1149 {
1150 *pcbEncoded = bytesNeeded;
1151 ret = TRUE;
1152 }
1153 else
1154 {
1155 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara, pbEncoded,
1156 pcbEncoded, bytesNeeded)))
1157 {
1158 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
1159 pbEncoded = *(BYTE **)pbEncoded;
1160 *pbEncoded++ = ASN_INTEGER;
1161 if (pad)
1162 {
1163 CRYPT_EncodeLen(significantBytes + 1, pbEncoded, &lenBytes);
1164 pbEncoded += lenBytes;
1165 *pbEncoded++ = 0;
1166 }
1167 else
1168 {
1169 CRYPT_EncodeLen(significantBytes, pbEncoded, &lenBytes);
1170 pbEncoded += lenBytes;
1171 }
1172 for (; significantBytes > 0; significantBytes--)
1173 *(pbEncoded++) = blob->pbData[significantBytes - 1];
1174 }
1175 }
1176 }
1177 __EXCEPT(page_fault)
1178 {
1179 SetLastError(STATUS_ACCESS_VIOLATION);
1180 ret = FALSE;
1181 }
1182 __ENDTRY
1183 return ret;
1184 }
1185
1186 static BOOL WINAPI CRYPT_AsnEncodeEnumerated(DWORD dwCertEncodingType,
1187 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
1188 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
1189 {
1190 CRYPT_INTEGER_BLOB blob;
1191 BOOL ret;
1192
1193 /* Encode as an unsigned integer, then change the tag to enumerated */
1194 blob.cbData = sizeof(DWORD);
1195 blob.pbData = (BYTE *)pvStructInfo;
1196 ret = CRYPT_AsnEncodeUnsignedInteger(dwCertEncodingType,
1197 X509_MULTI_BYTE_UINT, &blob, dwFlags, pEncodePara, pbEncoded, pcbEncoded);
1198 if (ret && pbEncoded)
1199 {
1200 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
1201 pbEncoded = *(BYTE **)pbEncoded;
1202 pbEncoded[0] = ASN_ENUMERATED;
1203 }
1204 return ret;
1205 }
1206
1207 static BOOL WINAPI CRYPT_AsnEncodeUtcTime(DWORD dwCertEncodingType,
1208 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
1209 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
1210 {
1211 BOOL ret;
1212
1213 __TRY
1214 {
1215 SYSTEMTIME sysTime;
1216 /* sorry, magic number: enough for tag, len, YYMMDDHHMMSSZ\0. I use a
1217 * temporary buffer because the output buffer is not NULL-terminated.
1218 */
1219 char buf[16];
1220 static const DWORD bytesNeeded = sizeof(buf) - 1;
1221
1222 if (!pbEncoded)
1223 {
1224 *pcbEncoded = bytesNeeded;
1225 ret = TRUE;
1226 }
1227 else
1228 {
1229 /* Sanity check the year, this is a two-digit year format */
1230 ret = FileTimeToSystemTime((const FILETIME *)pvStructInfo,
1231 &sysTime);
1232 if (ret && (sysTime.wYear < 1950 || sysTime.wYear > 2050))
1233 {
1234 SetLastError(CRYPT_E_BAD_ENCODE);
1235 ret = FALSE;
1236 }
1237 if (ret)
1238 {
1239 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara,
1240 pbEncoded, pcbEncoded, bytesNeeded)))
1241 {
1242 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
1243 pbEncoded = *(BYTE **)pbEncoded;
1244 buf[0] = ASN_UTCTIME;
1245 buf[1] = bytesNeeded - 2;
1246 snprintf(buf + 2, sizeof(buf) - 2,
1247 "%02d%02d%02d%02d%02d%02dZ", sysTime.wYear >= 2000 ?
1248 sysTime.wYear - 2000 : sysTime.wYear - 1900,
1249 sysTime.wDay, sysTime.wMonth, sysTime.wHour,
1250 sysTime.wMinute, sysTime.wSecond);
1251 memcpy(pbEncoded, buf, bytesNeeded);
1252 }
1253 }
1254 }
1255 }
1256 __EXCEPT(page_fault)
1257 {
1258 SetLastError(STATUS_ACCESS_VIOLATION);
1259 ret = FALSE;
1260 }
1261 __ENDTRY
1262 return ret;
1263 }
1264
1265 static BOOL WINAPI CRYPT_AsnEncodeGeneralizedTime(DWORD dwCertEncodingType,
1266 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
1267 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
1268 {
1269 BOOL ret;
1270
1271 __TRY
1272 {
1273 SYSTEMTIME sysTime;
1274 /* sorry, magic number: enough for tag, len, YYYYMMDDHHMMSSZ\0. I use a
1275 * temporary buffer because the output buffer is not NULL-terminated.
1276 */
1277 char buf[18];
1278 static const DWORD bytesNeeded = sizeof(buf) - 1;
1279
1280 if (!pbEncoded)
1281 {
1282 *pcbEncoded = bytesNeeded;
1283 ret = TRUE;
1284 }
1285 else
1286 {
1287 ret = FileTimeToSystemTime((const FILETIME *)pvStructInfo,
1288 &sysTime);
1289 if (ret)
1290 ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara, pbEncoded,
1291 pcbEncoded, bytesNeeded);
1292 if (ret)
1293 {
1294 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
1295 pbEncoded = *(BYTE **)pbEncoded;
1296 buf[0] = ASN_GENERALTIME;
1297 buf[1] = bytesNeeded - 2;
1298 snprintf(buf + 2, sizeof(buf) - 2, "%04d%02d%02d%02d%02d%02dZ",
1299 sysTime.wYear, sysTime.wDay, sysTime.wMonth, sysTime.wHour,
1300 sysTime.wMinute, sysTime.wSecond);
1301 memcpy(pbEncoded, buf, bytesNeeded);
1302 }
1303 }
1304 }
1305 __EXCEPT(page_fault)
1306 {
1307 SetLastError(STATUS_ACCESS_VIOLATION);
1308 ret = FALSE;
1309 }
1310 __ENDTRY
1311 return ret;
1312 }
1313
1314 static BOOL WINAPI CRYPT_AsnEncodeChoiceOfTime(DWORD dwCertEncodingType,
1315 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
1316 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
1317 {
1318 BOOL ret;
1319
1320 __TRY
1321 {
1322 SYSTEMTIME sysTime;
1323
1324 /* Check the year, if it's in the UTCTime range call that encode func */
1325 if (!FileTimeToSystemTime((const FILETIME *)pvStructInfo, &sysTime))
1326 return FALSE;
1327 if (sysTime.wYear >= 1950 && sysTime.wYear <= 2050)
1328 ret = CRYPT_AsnEncodeUtcTime(dwCertEncodingType, lpszStructType,
1329 pvStructInfo, dwFlags, pEncodePara, pbEncoded, pcbEncoded);
1330 else
1331 ret = CRYPT_AsnEncodeGeneralizedTime(dwCertEncodingType,
1332 lpszStructType, pvStructInfo, dwFlags, pEncodePara, pbEncoded,
1333 pcbEncoded);
1334 }
1335 __EXCEPT(page_fault)
1336 {
1337 SetLastError(STATUS_ACCESS_VIOLATION);
1338 ret = FALSE;
1339 }
1340 __ENDTRY
1341 return ret;
1342 }
1343
1344 static BOOL WINAPI CRYPT_AsnEncodeSequenceOfAny(DWORD dwCertEncodingType,
1345 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
1346 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
1347 {
1348 BOOL ret;
1349
1350 __TRY
1351 {
1352 DWORD bytesNeeded, dataLen, lenBytes, i;
1353 CRYPT_SEQUENCE_OF_ANY *seq = (CRYPT_SEQUENCE_OF_ANY *)pvStructInfo;
1354
1355 for (i = 0, dataLen = 0; i < seq->cValue; i++)
1356 dataLen += seq->rgValue[i].cbData;
1357 CRYPT_EncodeLen(dataLen, NULL, &lenBytes);
1358 bytesNeeded = 1 + lenBytes + dataLen;
1359 if (!pbEncoded)
1360 {
1361 *pcbEncoded = bytesNeeded;
1362 ret = TRUE;
1363 }
1364 else
1365 {
1366 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara, pbEncoded,
1367 pcbEncoded, bytesNeeded)))
1368 {
1369 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
1370 pbEncoded = *(BYTE **)pbEncoded;
1371 *pbEncoded++ = ASN_SEQUENCEOF;
1372 CRYPT_EncodeLen(dataLen, pbEncoded, &lenBytes);
1373 pbEncoded += lenBytes;
1374 for (i = 0; i < seq->cValue; i++)
1375 {
1376 memcpy(pbEncoded, seq->rgValue[i].pbData,
1377 seq->rgValue[i].cbData);
1378 pbEncoded += seq->rgValue[i].cbData;
1379 }
1380 }
1381 }
1382 }
1383 __EXCEPT(page_fault)
1384 {
1385 SetLastError(STATUS_ACCESS_VIOLATION);
1386 ret = FALSE;
1387 }
1388 __ENDTRY
1389 return ret;
1390 }
1391
1392 typedef BOOL (WINAPI *CryptEncodeObjectExFunc)(DWORD, LPCSTR, const void *,
1393 DWORD, PCRYPT_ENCODE_PARA, BYTE *, DWORD *);
1394
1395 BOOL WINAPI CryptEncodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType,
1396 const void *pvStructInfo, DWORD dwFlags, PCRYPT_ENCODE_PARA pEncodePara,
1397 void *pvEncoded, DWORD *pcbEncoded)
1398 {
1399 BOOL ret = FALSE;
1400 HMODULE lib = NULL;
1401 CryptEncodeObjectExFunc encodeFunc = NULL;
1402
1403 TRACE("(0x%08lx, %s, %p, 0x%08lx, %p, %p, %p)\n",
1404 dwCertEncodingType, HIWORD(lpszStructType) ? debugstr_a(lpszStructType) :
1405 "(integer value)", pvStructInfo, dwFlags, pEncodePara, pvEncoded,
1406 pcbEncoded);
1407
1408 if (!pvEncoded && !pcbEncoded)
1409 {
1410 SetLastError(ERROR_INVALID_PARAMETER);
1411 return FALSE;
1412 }
1413 if ((dwCertEncodingType & CERT_ENCODING_TYPE_MASK) != X509_ASN_ENCODING
1414 && (dwCertEncodingType & CMSG_ENCODING_TYPE_MASK) != PKCS_7_ASN_ENCODING)
1415 {
1416 SetLastError(ERROR_FILE_NOT_FOUND);
1417 return FALSE;
1418 }
1419
1420 SetLastError(NOERROR);
1421 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG && pvEncoded)
1422 *(BYTE **)pvEncoded = NULL;
1423 if (!HIWORD(lpszStructType))
1424 {
1425 switch (LOWORD(lpszStructType))
1426 {
1427 case (WORD)X509_NAME:
1428 encodeFunc = CRYPT_AsnEncodeName;
1429 break;
1430 case (WORD)X509_BASIC_CONSTRAINTS2:
1431 encodeFunc = CRYPT_AsnEncodeBasicConstraints2;
1432 break;
1433 case (WORD)X509_OCTET_STRING:
1434 encodeFunc = CRYPT_AsnEncodeOctets;
1435 break;
1436 case (WORD)X509_BITS:
1437 case (WORD)X509_KEY_USAGE:
1438 encodeFunc = CRYPT_AsnEncodeBits;
1439 break;
1440 case (WORD)X509_INTEGER:
1441 encodeFunc = CRYPT_AsnEncodeInt;
1442 break;
1443 case (WORD)X509_MULTI_BYTE_INTEGER:
1444 encodeFunc = CRYPT_AsnEncodeInteger;
1445 break;
1446 case (WORD)X509_MULTI_BYTE_UINT:
1447 encodeFunc = CRYPT_AsnEncodeUnsignedInteger;
1448 break;
1449 case (WORD)X509_ENUMERATED:
1450 encodeFunc = CRYPT_AsnEncodeEnumerated;
1451 break;
1452 case (WORD)X509_CHOICE_OF_TIME:
1453 encodeFunc = CRYPT_AsnEncodeChoiceOfTime;
1454 break;
1455 case (WORD)X509_SEQUENCE_OF_ANY:
1456 encodeFunc = CRYPT_AsnEncodeSequenceOfAny;
1457 break;
1458 case (WORD)PKCS_UTC_TIME:
1459 encodeFunc = CRYPT_AsnEncodeUtcTime;
1460 break;
1461 default:
1462 FIXME("%d: unimplemented\n", LOWORD(lpszStructType));
1463 }
1464 }
1465 else if (!strcmp(lpszStructType, szOID_RSA_signingTime))
1466 encodeFunc = CRYPT_AsnEncodeUtcTime;
1467 else if (!strcmp(lpszStructType, szOID_CRL_REASON_CODE))
1468 encodeFunc = CRYPT_AsnEncodeEnumerated;
1469 else if (!strcmp(lpszStructType, szOID_KEY_USAGE))
1470 encodeFunc = CRYPT_AsnEncodeBits;
1471 else if (!strcmp(lpszStructType, szOID_SUBJECT_KEY_IDENTIFIER))
1472 encodeFunc = CRYPT_AsnEncodeOctets;
1473 else if (!strcmp(lpszStructType, szOID_BASIC_CONSTRAINTS2))
1474 encodeFunc = CRYPT_AsnEncodeBasicConstraints2;
1475 else
1476 TRACE("OID %s not found or unimplemented, looking for DLL\n",
1477 debugstr_a(lpszStructType));
1478 if (!encodeFunc)
1479 encodeFunc = (CryptEncodeObjectExFunc)CRYPT_GetFunc(dwCertEncodingType,
1480 lpszStructType, "CryptEncodeObjectEx", &lib);
1481 if (encodeFunc)
1482 ret = encodeFunc(dwCertEncodingType, lpszStructType, pvStructInfo,
1483 dwFlags, pEncodePara, pvEncoded, pcbEncoded);
1484 else
1485 SetLastError(ERROR_FILE_NOT_FOUND);
1486 if (lib)
1487 FreeLibrary(lib);
1488 return ret;
1489 }
1490
1491 typedef BOOL (WINAPI *CryptDecodeObjectFunc)(DWORD, LPCSTR, const BYTE *,
1492 DWORD, DWORD, void *, DWORD *);
1493
1494 BOOL WINAPI CryptDecodeObject(DWORD dwCertEncodingType, LPCSTR lpszStructType,
1495 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo,
1496 DWORD *pcbStructInfo)
1497 {
1498 BOOL ret = FALSE;
1499 HMODULE lib;
1500 CryptDecodeObjectFunc pCryptDecodeObject;
1501
1502 TRACE("(0x%08lx, %s, %p, %ld, 0x%08lx, %p, %p)\n",
1503 dwCertEncodingType, HIWORD(lpszStructType) ? debugstr_a(lpszStructType) :
1504 "(integer value)", pbEncoded, cbEncoded, dwFlags, pvStructInfo,
1505 pcbStructInfo);
1506
1507 if (!pvStructInfo && !pcbStructInfo)
1508 {
1509 SetLastError(ERROR_INVALID_PARAMETER);
1510 return FALSE;
1511 }
1512
1513 /* Try registered DLL first.. */
1514 pCryptDecodeObject =
1515 (CryptDecodeObjectFunc)CRYPT_GetFunc(dwCertEncodingType,
1516 lpszStructType, "CryptDecodeObject", &lib);
1517 if (pCryptDecodeObject)
1518 {
1519 ret = pCryptDecodeObject(dwCertEncodingType, lpszStructType,
1520 pbEncoded, cbEncoded, dwFlags, pvStructInfo, pcbStructInfo);
1521 FreeLibrary(lib);
1522 }
1523 else
1524 {
1525 /* If not, use CryptDecodeObjectEx */
1526 ret = CryptDecodeObjectEx(dwCertEncodingType, lpszStructType, pbEncoded,
1527 cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo);
1528 }
1529 return ret;
1530 }
1531
1532 /* Gets the number of length bytes from the given (leading) length byte */
1533 #define GET_LEN_BYTES(b) ((b) <= 0x7f ? 1 : 1 + ((b) & 0x7f))
1534
1535 /* Helper function to get the encoded length of the data starting at pbEncoded,
1536 * where pbEncoded[0] is the tag. If the data are too short to contain a
1537 * length or if the length is too large for cbEncoded, sets an appropriate
1538 * error code and returns FALSE.
1539 */
1540 static BOOL WINAPI CRYPT_GetLen(const BYTE *pbEncoded, DWORD cbEncoded,
1541 DWORD *len)
1542 {
1543 BOOL ret;
1544
1545 if (cbEncoded <= 1)
1546 {
1547 SetLastError(CRYPT_E_ASN1_EOD);
1548 ret = FALSE;
1549 }
1550 else if (pbEncoded[1] <= 0x7f)
1551 {
1552 *len = pbEncoded[1];
1553 ret = TRUE;
1554 }
1555 else
1556 {
1557 BYTE lenLen = GET_LEN_BYTES(pbEncoded[1]);
1558
1559 if (lenLen > sizeof(DWORD) + 1)
1560 {
1561 SetLastError(CRYPT_E_ASN1_LARGE);
1562 ret = FALSE;
1563 }
1564 else if (lenLen + 2 > cbEncoded)
1565 {
1566 SetLastError(CRYPT_E_ASN1_CORRUPT);
1567 ret = FALSE;
1568 }
1569 else
1570 {
1571 DWORD out = 0;
1572
1573 pbEncoded += 2;
1574 while (--lenLen)
1575 {
1576 out <<= 8;
1577 out |= *pbEncoded++;
1578 }
1579 if (out + lenLen + 1 > cbEncoded)
1580 {
1581 SetLastError(CRYPT_E_ASN1_EOD);
1582 ret = FALSE;
1583 }
1584 else
1585 {
1586 *len = out;
1587 ret = TRUE;
1588 }
1589 }
1590 }
1591 return ret;
1592 }
1593
1594 /* Helper function to check *pcbStructInfo, set it to the required size, and
1595 * optionally to allocate memory. Assumes pvStructInfo is not NULL.
1596 * If CRYPT_DECODE_ALLOC_FLAG is set in dwFlags, *pvStructInfo will be set to a
1597 * pointer to the newly allocated memory.
1598 */
1599 static BOOL CRYPT_DecodeEnsureSpace(DWORD dwFlags,
1600 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo,
1601 DWORD bytesNeeded)
1602 {
1603 BOOL ret = TRUE;
1604
1605 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1606 {
1607 if (pDecodePara && pDecodePara->pfnAlloc)
1608 *(BYTE **)pvStructInfo = pDecodePara->pfnAlloc(bytesNeeded);
1609 else
1610 *(BYTE **)pvStructInfo = LocalAlloc(0, bytesNeeded);
1611 if (!*(BYTE **)pvStructInfo)
1612 ret = FALSE;
1613 else
1614 *pcbStructInfo = bytesNeeded;
1615 }
1616 else if (*pcbStructInfo < bytesNeeded)
1617 {
1618 *pcbStructInfo = bytesNeeded;
1619 SetLastError(ERROR_MORE_DATA);
1620 ret = FALSE;
1621 }
1622 return ret;
1623 }
1624
1625 /* FIXME: honor the CRYPT_DECODE_SHARE_OID_FLAG. */
1626 static BOOL WINAPI CRYPT_AsnDecodeOid(DWORD dwCertEncodingType,
1627 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, LPSTR pszObjId,
1628 DWORD *pcbObjId)
1629 {
1630 BOOL ret = TRUE;
1631
1632 __TRY
1633 {
1634 if (pbEncoded[0] == ASN_OBJECTIDENTIFIER)
1635 {
1636 DWORD dataLen;
1637
1638 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1639 {
1640 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1641 DWORD bytesNeeded;
1642
1643 if (dataLen)
1644 {
1645 /* The largest possible string for the first two components
1646 * is 2.175 (= 2 * 40 + 175 = 255), so this is big enough.
1647 */
1648 char firstTwo[6];
1649 const BYTE *ptr;
1650
1651 snprintf(firstTwo, sizeof(firstTwo), "%d.%d",
1652 pbEncoded[1 + lenBytes] / 40,
1653 pbEncoded[1 + lenBytes] - (pbEncoded[1 + lenBytes] / 40)
1654 * 40);
1655 bytesNeeded = strlen(firstTwo) + 1;
1656 for (ptr = pbEncoded + 2 + lenBytes; ret &&
1657 ptr - pbEncoded - 1 - lenBytes < dataLen; )
1658 {
1659 /* large enough for ".4000000" */
1660 char str[9];
1661 int val = 0;
1662
1663 while (ptr - pbEncoded - 1 - lenBytes < dataLen &&
1664 (*ptr & 0x80))
1665 {
1666 val <<= 7;
1667 val |= *ptr & 0x7f;
1668 ptr++;
1669 }
1670 if (ptr - pbEncoded - 1 - lenBytes >= dataLen ||
1671 (*ptr & 0x80))
1672 {
1673 SetLastError(CRYPT_E_ASN1_CORRUPT);
1674 ret = FALSE;
1675 }
1676 else
1677 {
1678 val <<= 7;
1679 val |= *ptr++;
1680 snprintf(str, sizeof(str), ".%d", val);
1681 bytesNeeded += strlen(str);
1682 }
1683 }
1684 if (!pszObjId)
1685 *pcbObjId = bytesNeeded;
1686 else if (*pcbObjId < bytesNeeded)
1687 {
1688 *pcbObjId = bytesNeeded;
1689 SetLastError(ERROR_MORE_DATA);
1690 ret = FALSE;
1691 }
1692 else
1693 {
1694 sprintf(pszObjId, "%d.%d", pbEncoded[1 + lenBytes] / 40,
1695 pbEncoded[1 + lenBytes] - (pbEncoded[1 + lenBytes] /
1696 40) * 40);
1697 pszObjId += strlen(pszObjId);
1698 for (ptr = pbEncoded + 2 + lenBytes; ret &&
1699 ptr - pbEncoded - 1 - lenBytes < dataLen; )
1700 {
1701 int val = 0;
1702
1703 while (ptr - pbEncoded - 1 - lenBytes < dataLen &&
1704 (*ptr & 0x80))
1705 {
1706 val <<= 7;
1707 val |= *ptr & 0x7f;
1708 ptr++;
1709 }
1710 val <<= 7;
1711 val |= *ptr++;
1712 sprintf(pszObjId, ".%d", val);
1713 pszObjId += strlen(pszObjId);
1714 }
1715 }
1716 }
1717 else
1718 bytesNeeded = 0;
1719 *pcbObjId = bytesNeeded;
1720 }
1721 }
1722 else
1723 {
1724 SetLastError(CRYPT_E_ASN1_BADTAG);
1725 ret = FALSE;
1726 }
1727 }
1728 __EXCEPT(page_fault)
1729 {
1730 SetLastError(STATUS_ACCESS_VIOLATION);
1731 ret = FALSE;
1732 }
1733 __ENDTRY
1734 return ret;
1735 }
1736
1737 /* Warning: this assumes the address of value->Value.pbData is already set, in
1738 * order to avoid overwriting memory. (In some cases, it may change it, if it
1739 * doesn't copy anything to memory.) Be sure to set it correctly!
1740 */
1741 static BOOL WINAPI CRYPT_AsnDecodeNameValue(DWORD dwCertEncodingType,
1742 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, CERT_NAME_VALUE *value,
1743 DWORD *pcbValue)
1744 {
1745 BOOL ret = TRUE;
1746
1747 __TRY
1748 {
1749 DWORD dataLen;
1750
1751 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1752 {
1753 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1754
1755 switch (pbEncoded[0])
1756 {
1757 case ASN_NUMERICSTRING:
1758 case ASN_PRINTABLESTRING:
1759 case ASN_IA5STRING:
1760 break;
1761 default:
1762 FIXME("Unimplemented string type %02x\n", pbEncoded[0]);
1763 SetLastError(OSS_UNIMPLEMENTED);
1764 ret = FALSE;
1765 }
1766 if (ret)
1767 {
1768 DWORD bytesNeeded = sizeof(CERT_NAME_VALUE);
1769
1770 switch (pbEncoded[0])
1771 {
1772 case ASN_NUMERICSTRING:
1773 case ASN_PRINTABLESTRING:
1774 case ASN_IA5STRING:
1775 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1776 bytesNeeded += dataLen;
1777 break;
1778 }
1779 if (!value)
1780 *pcbValue = bytesNeeded;
1781 else if (*pcbValue < bytesNeeded)
1782 {
1783 *pcbValue = bytesNeeded;
1784 SetLastError(ERROR_MORE_DATA);
1785 ret = FALSE;
1786 }
1787 else
1788 {
1789 *pcbValue = bytesNeeded;
1790 switch (pbEncoded[0])
1791 {
1792 case ASN_NUMERICSTRING:
1793 value->dwValueType = CERT_RDN_NUMERIC_STRING;
1794 break;
1795 case ASN_PRINTABLESTRING:
1796 value->dwValueType = CERT_RDN_PRINTABLE_STRING;
1797 break;
1798 case ASN_IA5STRING:
1799 value->dwValueType = CERT_RDN_IA5_STRING;
1800 break;
1801 }
1802 if (dataLen)
1803 {
1804 switch (pbEncoded[0])
1805 {
1806 case ASN_NUMERICSTRING:
1807 case ASN_PRINTABLESTRING:
1808 case ASN_IA5STRING:
1809 value->Value.cbData = dataLen;
1810 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
1811 value->Value.pbData = (BYTE *)pbEncoded + 1 +
1812 lenBytes;
1813 else
1814 {
1815 if (!value->Value.pbData)
1816 {
1817 SetLastError(CRYPT_E_ASN1_INTERNAL);
1818 ret = FALSE;
1819 }
1820 else
1821 memcpy(value->Value.pbData,
1822 pbEncoded + 1 + lenBytes, dataLen);
1823 }
1824 break;
1825 }
1826 }
1827 else
1828 {
1829 value->Value.cbData = 0;
1830 value->Value.pbData = NULL;
1831 }
1832 }
1833 }
1834 }
1835 }
1836 __EXCEPT(page_fault)
1837 {
1838 SetLastError(STATUS_ACCESS_VIOLATION);
1839 ret = FALSE;
1840 }
1841 __ENDTRY
1842 return ret;
1843 }
1844
1845 static BOOL WINAPI CRYPT_AsnDecodeRdnAttr(DWORD dwCertEncodingType,
1846 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, CERT_RDN_ATTR *attr,
1847 DWORD *pcbAttr)
1848 {
1849 BOOL ret;
1850
1851 __TRY
1852 {
1853 if (pbEncoded[0] == (ASN_CONSTRUCTOR | ASN_SEQUENCE))
1854 {
1855 DWORD bytesNeeded, dataLen, size;
1856 BYTE lenBytes;
1857
1858 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1859 {
1860 /* The data length must be at least 4, two for the tag and
1861 * length for the OID, and two for the string (assuming both
1862 * have short-form lengths.)
1863 */
1864 if (dataLen < 4)
1865 {
1866 SetLastError(CRYPT_E_ASN1_EOD);
1867 ret = FALSE;
1868 }
1869 else
1870 {
1871 bytesNeeded = sizeof(CERT_RDN_ATTR);
1872 lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1873 ret = CRYPT_AsnDecodeOid(dwCertEncodingType, pbEncoded + 1
1874 + lenBytes, cbEncoded - 1 - lenBytes, dwFlags, NULL,
1875 &size);
1876 if (ret)
1877 {
1878 /* ugly: need to know the size of the next element of
1879 * the sequence, so get it directly
1880 */
1881 DWORD objIdOfset = 1 + lenBytes, objIdLen,
1882 nameValueOffset = 0;
1883
1884 ret = CRYPT_GetLen(pbEncoded + objIdOfset,
1885 cbEncoded - objIdOfset, &objIdLen);
1886 bytesNeeded += size;
1887 /* hack: like encoding, this takes advantage of the
1888 * fact that the rest of the structure is identical to
1889 * a CERT_NAME_VALUE.
1890 */
1891 if (ret)
1892 {
1893 nameValueOffset = objIdOfset + objIdLen + 1 +
1894 GET_LEN_BYTES(pbEncoded[objIdOfset]);
1895 ret = CRYPT_AsnDecodeNameValue(dwCertEncodingType,
1896 pbEncoded + nameValueOffset,
1897 cbEncoded - nameValueOffset, dwFlags, NULL, &size);
1898 }
1899 if (ret)
1900 {
1901 bytesNeeded += size;
1902 if (!attr)
1903 *pcbAttr = bytesNeeded;
1904 else if (*pcbAttr < bytesNeeded)
1905 {
1906 *pcbAttr = bytesNeeded;
1907 SetLastError(ERROR_MORE_DATA);
1908 ret = FALSE;
1909 }
1910 else
1911 {
1912 BYTE *originalData = attr->Value.pbData;
1913
1914 *pcbAttr = bytesNeeded;
1915 /* strange: decode the value first, because it
1916 * has a counted size, and we can store the OID
1917 * after it. Keep track of the original data
1918 * pointer, we'll need to know whether it was
1919 * changed.
1920 */
1921 size = bytesNeeded;
1922 ret = CRYPT_AsnDecodeNameValue(
1923 dwCertEncodingType,
1924 pbEncoded + nameValueOffset,
1925 cbEncoded - nameValueOffset,
1926 dwFlags, (CERT_NAME_VALUE *)&attr->dwValueType,
1927 &size);
1928 if (ret)
1929 {
1930 if (objIdLen)
1931 {
1932 /* if the data were copied to the
1933 * original location, the OID goes
1934 * after. Otherwise it goes in the
1935 * spot originally reserved for the
1936 * data.
1937 */
1938 if (attr->Value.pbData == originalData)
1939 attr->pszObjId =
1940 (LPSTR)(attr->Value.pbData +
1941 attr->Value.cbData);
1942 else
1943 attr->pszObjId = originalData;
1944 size = bytesNeeded - size;
1945 ret = CRYPT_AsnDecodeOid(
1946 dwCertEncodingType,
1947 pbEncoded + objIdOfset,
1948 cbEncoded - objIdOfset,
1949 dwFlags, attr->pszObjId, &size);
1950 }
1951 else
1952 attr->pszObjId = NULL;
1953 }
1954 }
1955 }
1956 }
1957 }
1958 }
1959 }
1960 else
1961 {
1962 SetLastError(CRYPT_E_ASN1_BADTAG);
1963 ret = FALSE;
1964 }
1965 }
1966 __EXCEPT(page_fault)
1967 {
1968 SetLastError(STATUS_ACCESS_VIOLATION);
1969 ret = FALSE;
1970 }
1971 __ENDTRY
1972 return ret;
1973 }
1974
1975 /* FIXME: this is indenting-happy, try to break it up */
1976 static BOOL WINAPI CRYPT_AsnDecodeRdn(DWORD dwCertEncodingType,
1977 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, CERT_RDN *rdn,
1978 DWORD *pcbRdn)
1979 {
1980 BOOL ret = TRUE;
1981
1982 __TRY
1983 {
1984 if (pbEncoded[0] == (ASN_CONSTRUCTOR | ASN_SETOF))
1985 {
1986 DWORD dataLen;
1987
1988 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1989 {
1990 DWORD bytesNeeded, cRDNAttr = 0;
1991 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1992
1993 bytesNeeded = sizeof(CERT_RDN);
1994 if (dataLen)
1995 {
1996 const BYTE *ptr;
1997 DWORD size;
1998
1999 for (ptr = pbEncoded + 1 + lenBytes; ret &&
2000 ptr - pbEncoded - 1 - lenBytes < dataLen; )
2001 {
2002 ret = CRYPT_AsnDecodeRdnAttr(dwCertEncodingType, ptr,
2003 cbEncoded - (ptr - pbEncoded), dwFlags, NULL, &size);
2004 if (ret)
2005 {
2006 DWORD nextLen;
2007
2008 cRDNAttr++;
2009 bytesNeeded += size;
2010 ret = CRYPT_GetLen(ptr,
2011 cbEncoded - (ptr - pbEncoded), &nextLen);
2012 if (ret)
2013 ptr += nextLen + 1 + GET_LEN_BYTES(ptr[1]);
2014 }
2015 }
2016 }
2017 if (ret)
2018 {
2019 if (!rdn)
2020 *pcbRdn = bytesNeeded;
2021 else if (*pcbRdn < bytesNeeded)
2022 {
2023 *pcbRdn = bytesNeeded;
2024 SetLastError(ERROR_MORE_DATA);
2025 ret = FALSE;
2026 }
2027 else
2028 {
2029 *pcbRdn = bytesNeeded;
2030 rdn->cRDNAttr = cRDNAttr;
2031 if (rdn->cRDNAttr == 0)
2032 rdn->rgRDNAttr = NULL;
2033 else
2034 {
2035 DWORD size, i;
2036 BYTE *nextData;
2037 const BYTE *ptr;
2038
2039 rdn->rgRDNAttr =
2040 (CERT_RDN_ATTR *)((BYTE *)rdn + sizeof(CERT_RDN));
2041 nextData = (BYTE *)rdn->rgRDNAttr +
2042 rdn->cRDNAttr * sizeof(CERT_RDN_ATTR);
2043 for (i = 0, ptr = pbEncoded + 1 + lenBytes; ret &&
2044 i < cRDNAttr && ptr - pbEncoded - 1 - lenBytes <
2045 dataLen; i++)
2046 {
2047 rdn->rgRDNAttr[i].Value.pbData = nextData;
2048 size = bytesNeeded;
2049 ret = CRYPT_AsnDecodeRdnAttr(dwCertEncodingType,
2050 ptr, cbEncoded - (ptr - pbEncoded), dwFlags,
2051 &rdn->rgRDNAttr[i], &size);
2052 if (ret)
2053 {
2054 DWORD nextLen;
2055
2056 bytesNeeded -= size;
2057 /* If dwFlags & CRYPT_DECODE_NOCOPY_FLAG,
2058 * the data may not have been copied.
2059 */
2060 if (rdn->rgRDNAttr[i].Value.pbData ==
2061 nextData)
2062 nextData +=
2063 rdn->rgRDNAttr[i].Value.cbData;
2064 /* Ugly: the OID, if copied, is stored in
2065 * memory after the value, so increment by
2066 * its string length if it's set and points
2067 * here.
2068 */
2069 if ((const BYTE *)rdn->rgRDNAttr[i].pszObjId
2070 == nextData)
2071 nextData +=
2072 strlen(rdn->rgRDNAttr[i].pszObjId) + 1;
2073 ret = CRYPT_GetLen(ptr,
2074 cbEncoded - (ptr - pbEncoded), &nextLen);
2075 if (ret)
2076 ptr += nextLen + 1 +
2077 GET_LEN_BYTES(ptr[1]);
2078 }
2079 }
2080 }
2081 }
2082 }
2083 }
2084 }
2085 else
2086 {
2087 SetLastError(CRYPT_E_ASN1_BADTAG);
2088 ret = FALSE;
2089 }
2090 }
2091 __EXCEPT(page_fault)
2092 {
2093 SetLastError(STATUS_ACCESS_VIOLATION);
2094 ret = FALSE;
2095 }
2096 __ENDTRY
2097 return ret;
2098 }
2099
2100 static BOOL WINAPI CRYPT_AsnDecodeName(DWORD dwCertEncodingType,
2101 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2102 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2103 {
2104 BOOL ret = TRUE;
2105
2106 __TRY
2107 {
2108 if (pbEncoded[0] == (ASN_CONSTRUCTOR | ASN_SEQUENCEOF))
2109 {
2110 DWORD dataLen;
2111
2112 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2113 {
2114 DWORD bytesNeeded, cRDN = 0;
2115 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2116
2117 bytesNeeded = sizeof(CERT_NAME_INFO);
2118 if (dataLen)
2119 {
2120 const BYTE *ptr;
2121
2122 for (ptr = pbEncoded + 1 + lenBytes; ret &&
2123 ptr - pbEncoded - 1 - lenBytes < dataLen; )
2124 {
2125 DWORD size;
2126
2127 ret = CRYPT_AsnDecodeRdn(dwCertEncodingType, ptr,
2128 cbEncoded - (ptr - pbEncoded), dwFlags, NULL, &size);
2129 if (ret)
2130 {
2131 DWORD nextLen;
2132
2133 cRDN++;
2134 bytesNeeded += size;
2135 ret = CRYPT_GetLen(ptr,
2136 cbEncoded - (ptr - pbEncoded), &nextLen);
2137 if (ret)
2138 ptr += nextLen + 1 + GET_LEN_BYTES(ptr[1]);
2139 }
2140 }
2141 }
2142 if (ret)
2143 {
2144 if (!pvStructInfo)
2145 *pcbStructInfo = bytesNeeded;
2146 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags,
2147 pDecodePara, pvStructInfo, pcbStructInfo, bytesNeeded)))
2148 {
2149 CERT_NAME_INFO *info;
2150
2151 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2152 pvStructInfo = *(BYTE **)pvStructInfo;
2153 info = (CERT_NAME_INFO *)pvStructInfo;
2154 info->cRDN = cRDN;
2155 if (info->cRDN == 0)
2156 info->rgRDN = NULL;
2157 else
2158 {
2159 DWORD size, i;
2160 BYTE *nextData;
2161 const BYTE *ptr;
2162
2163 info->rgRDN = (CERT_RDN *)((BYTE *)pvStructInfo +
2164 sizeof(CERT_NAME_INFO));
2165 nextData = (BYTE *)info->rgRDN +
2166 info->cRDN * sizeof(CERT_RDN);
2167 for (i = 0, ptr = pbEncoded + 1 + lenBytes; ret &&
2168 i < cRDN && ptr - pbEncoded - 1 - lenBytes <
2169 dataLen; i++)
2170 {
2171 info->rgRDN[i].rgRDNAttr =
2172 (CERT_RDN_ATTR *)nextData;
2173 size = bytesNeeded;
2174 ret = CRYPT_AsnDecodeRdn(dwCertEncodingType,
2175 ptr, cbEncoded - (ptr - pbEncoded), dwFlags,
2176 &info->rgRDN[i], &size);
2177 if (ret)
2178 {
2179 DWORD nextLen;
2180
2181 nextData += size;
2182 bytesNeeded -= size;
2183 ret = CRYPT_GetLen(ptr,
2184 cbEncoded - (ptr - pbEncoded), &nextLen);
2185 if (ret)
2186 ptr += nextLen + 1 +
2187 GET_LEN_BYTES(ptr[1]);
2188 }
2189 }
2190 }
2191 }
2192 }
2193 else
2194 {
2195 SetLastError(CRYPT_E_ASN1_BADTAG);
2196 ret = FALSE;
2197 }
2198 }
2199 }
2200 }
2201 __EXCEPT(page_fault)
2202 {
2203 SetLastError(STATUS_ACCESS_VIOLATION);
2204 ret = FALSE;
2205 }
2206 __ENDTRY
2207 return ret;
2208 }
2209
2210 static BOOL WINAPI CRYPT_DecodeBool(const BYTE *pbEncoded, DWORD cbEncoded,
2211 BOOL *val)
2212 {
2213 if (cbEncoded < 3)
2214 {
2215 SetLastError(CRYPT_E_ASN1_CORRUPT);
2216 return FALSE;
2217 }
2218 if (pbEncoded[0] != ASN_BOOL)
2219 {
2220 SetLastError(CRYPT_E_ASN1_BADTAG);
2221 return FALSE;
2222 }
2223 if (GET_LEN_BYTES(pbEncoded[1]) > 1)
2224 {
2225 SetLastError(CRYPT_E_ASN1_CORRUPT);
2226 return FALSE;
2227 }
2228 if (pbEncoded[1] > 1)
2229 {
2230 SetLastError(CRYPT_E_ASN1_CORRUPT);
2231 return FALSE;
2232 }
2233 *val = pbEncoded[2] ? TRUE : FALSE;
2234 return TRUE;
2235 }
2236
2237 static BOOL WINAPI CRYPT_AsnDecodeBasicConstraints2(DWORD dwCertEncodingType,
2238 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2239 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2240 {
2241 BOOL ret;
2242
2243 __TRY
2244 {
2245 if (pbEncoded[0] == ASN_SEQUENCE)
2246 {
2247 DWORD dataLen;
2248
2249 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2250 {
2251 /* sanity-check length, space enough for 7 bytes of integer and
2252 * 3 bytes of bool
2253 */
2254 if (dataLen > 10)
2255 {
2256 SetLastError(CRYPT_E_ASN1_CORRUPT);
2257 ret = FALSE;
2258 }
2259 else
2260 {
2261 DWORD bytesNeeded = sizeof(CERT_BASIC_CONSTRAINTS2_INFO);
2262
2263 if (!pvStructInfo)
2264 *pcbStructInfo = bytesNeeded;
2265 else
2266 {
2267 BYTE lenBytes;
2268 CERT_BASIC_CONSTRAINTS2_INFO info = { 0 };
2269
2270 lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2271 pbEncoded += 1 + lenBytes;
2272 cbEncoded -= 1 + lenBytes;
2273 if (cbEncoded)
2274 {
2275 DWORD size;
2276
2277 if (pbEncoded[0] == ASN_BOOL)
2278 {
2279 ret = CRYPT_DecodeBool(pbEncoded, cbEncoded,
2280 &info.fCA);
2281 if (ret)
2282 {
2283 cbEncoded -= 2 + pbEncoded[1];
2284 pbEncoded += 2 + pbEncoded[1];
2285 }
2286 }
2287 if (ret && cbEncoded && pbEncoded[0] == ASN_INTEGER)
2288 {
2289 size = sizeof(info.dwPathLenConstraint);
2290 ret = CRYPT_AsnDecodeInt(dwCertEncodingType,
2291 X509_INTEGER, pbEncoded, cbEncoded, 0, NULL,
2292 &info.dwPathLenConstraint, &size);
2293 if (ret)
2294 {
2295 cbEncoded -= 2 + pbEncoded[1];
2296 pbEncoded += 2 + pbEncoded[1];
2297 if (cbEncoded)
2298 {
2299 SetLastError(CRYPT_E_ASN1_CORRUPT);
2300 ret = FALSE;
2301 }
2302 else
2303 info.fPathLenConstraint = TRUE;
2304 }
2305 }
2306 }
2307 if (ret)
2308 {
2309 if ((ret = CRYPT_DecodeEnsureSpace(dwFlags,
2310 pDecodePara, pvStructInfo, pcbStructInfo,
2311 bytesNeeded)))
2312 {
2313 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2314 pvStructInfo = *(BYTE **)pvStructInfo;
2315 memcpy(pvStructInfo, &info,
2316 sizeof(CERT_BASIC_CONSTRAINTS2_INFO));
2317 }
2318 }
2319 }
2320 }
2321 }
2322 }
2323 else
2324 {
2325 SetLastError(CRYPT_E_ASN1_BADTAG);
2326 ret = FALSE;
2327 }
2328 }
2329 __EXCEPT(page_fault)
2330 {
2331 SetLastError(STATUS_ACCESS_VIOLATION);
2332 ret = FALSE;
2333 }
2334 __ENDTRY
2335 return ret;
2336 }
2337
2338 static BOOL WINAPI CRYPT_AsnDecodeOctets(DWORD dwCertEncodingType,
2339 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2340 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2341 {
2342 BOOL ret;
2343
2344 __TRY
2345 {
2346 if (pbEncoded[0] == ASN_OCTETSTRING)
2347 {
2348 DWORD bytesNeeded, dataLen;
2349
2350 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2351 {
2352 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2353 bytesNeeded = sizeof(CRYPT_DATA_BLOB);
2354 else
2355 bytesNeeded = dataLen + sizeof(CRYPT_DATA_BLOB);
2356 if (!pvStructInfo)
2357 *pcbStructInfo = bytesNeeded;
2358 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2359 pvStructInfo, pcbStructInfo, bytesNeeded)))
2360 {
2361 CRYPT_DATA_BLOB *blob;
2362 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2363
2364 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2365 pvStructInfo = *(BYTE **)pvStructInfo;
2366 blob = (CRYPT_DATA_BLOB *)pvStructInfo;
2367 blob->cbData = dataLen;
2368 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2369 blob->pbData = (BYTE *)pbEncoded + 1 + lenBytes;
2370 else
2371 {
2372 blob->pbData = (BYTE *)pvStructInfo +
2373 sizeof(CRYPT_DATA_BLOB);
2374 if (blob->cbData)
2375 memcpy(blob->pbData, pbEncoded + 1 + lenBytes,
2376 blob->cbData);
2377 }
2378 }
2379 }
2380 }
2381 else
2382 {
2383 SetLastError(CRYPT_E_ASN1_BADTAG);
2384 ret = FALSE;
2385 }
2386 }
2387 __EXCEPT(page_fault)
2388 {
2389 SetLastError(STATUS_ACCESS_VIOLATION);
2390 ret = FALSE;
2391 }
2392 __ENDTRY
2393 return ret;
2394 }
2395
2396 static BOOL WINAPI CRYPT_AsnDecodeBits(DWORD dwCertEncodingType,
2397 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2398 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2399 {
2400 BOOL ret;
2401
2402 __TRY
2403 {
2404 if (pbEncoded[0] == ASN_BITSTRING)
2405 {
2406 DWORD bytesNeeded, dataLen;
2407
2408 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2409 {
2410 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2411 bytesNeeded = sizeof(CRYPT_BIT_BLOB);
2412 else
2413 bytesNeeded = dataLen - 1 + sizeof(CRYPT_BIT_BLOB);
2414 if (!pvStructInfo)
2415 *pcbStructInfo = bytesNeeded;
2416 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2417 pvStructInfo, pcbStructInfo, bytesNeeded)))
2418 {
2419 CRYPT_BIT_BLOB *blob;
2420
2421 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2422 pvStructInfo = *(BYTE **)pvStructInfo;
2423 blob = (CRYPT_BIT_BLOB *)pvStructInfo;
2424 blob->cbData = dataLen - 1;
2425 blob->cUnusedBits = *(pbEncoded + 1 +
2426 GET_LEN_BYTES(pbEncoded[1]));
2427 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2428 blob->pbData = (BYTE *)pbEncoded + 2 +
2429 GET_LEN_BYTES(pbEncoded[1]);
2430 else
2431 {
2432 blob->pbData = (BYTE *)pvStructInfo +
2433 sizeof(CRYPT_BIT_BLOB);
2434 if (blob->cbData)
2435 {
2436 BYTE mask = 0xff << blob->cUnusedBits;
2437
2438 memcpy(blob->pbData, pbEncoded + 2 +
2439 GET_LEN_BYTES(pbEncoded[1]), blob->cbData);
2440 blob->pbData[blob->cbData - 1] &= mask;
2441 }
2442 }
2443 }
2444 }
2445 }
2446 else
2447 {
2448 SetLastError(CRYPT_E_ASN1_BADTAG);
2449 ret = FALSE;
2450 }
2451 }
2452 __EXCEPT(page_fault)
2453 {
2454 SetLastError(STATUS_ACCESS_VIOLATION);
2455 ret = FALSE;
2456 }
2457 __ENDTRY
2458 return ret;
2459 }
2460
2461 static BOOL WINAPI CRYPT_AsnDecodeInt(DWORD dwCertEncodingType,
2462 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2463 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2464 {
2465 BOOL ret;
2466
2467 if (!pvStructInfo)
2468 {
2469 *pcbStructInfo = sizeof(int);
2470 return TRUE;
2471 }
2472 __TRY
2473 {
2474 BYTE buf[sizeof(CRYPT_INTEGER_BLOB) + sizeof(int)];
2475 DWORD size = sizeof(buf);
2476
2477 ret = CRYPT_AsnDecodeInteger(dwCertEncodingType,
2478 X509_MULTI_BYTE_INTEGER, pbEncoded, cbEncoded, 0, NULL, &buf, &size);
2479 if (ret)
2480 {
2481 CRYPT_INTEGER_BLOB *blob = (CRYPT_INTEGER_BLOB *)buf;
2482
2483 if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2484 pvStructInfo, pcbStructInfo, sizeof(int))))
2485 {
2486 int val, i;
2487
2488 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2489 pvStructInfo = *(BYTE **)pvStructInfo;
2490 if (blob->pbData[blob->cbData - 1] & 0x80)
2491 {
2492 /* initialize to a negative value to sign-extend */
2493 val = -1;
2494 }
2495 else
2496 val = 0;
2497 for (i = 0; i < blob->cbData; i++)
2498 {
2499 val <<= 8;
2500 val |= blob->pbData[blob->cbData - i - 1];
2501 }
2502 memcpy(pvStructInfo, &val, sizeof(int));
2503 }
2504 }
2505 else if (GetLastError() == ERROR_MORE_DATA)
2506 SetLastError(CRYPT_E_ASN1_LARGE);
2507 }
2508 __EXCEPT(page_fault)
2509 {
2510 SetLastError(STATUS_ACCESS_VIOLATION);
2511 ret = FALSE;
2512 }
2513 __ENDTRY
2514 return ret;
2515 }
2516
2517 static BOOL WINAPI CRYPT_AsnDecodeInteger(DWORD dwCertEncodingType,
2518 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2519 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2520 {
2521 BOOL ret;
2522
2523 __TRY
2524 {
2525 if (pbEncoded[0] == ASN_INTEGER)
2526 {
2527 DWORD bytesNeeded, dataLen;
2528
2529 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2530 {
2531 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2532
2533 bytesNeeded = dataLen + sizeof(CRYPT_INTEGER_BLOB);
2534 if (!pvStructInfo)
2535 *pcbStructInfo = bytesNeeded;
2536 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2537 pvStructInfo, pcbStructInfo, bytesNeeded)))
2538 {
2539 CRYPT_INTEGER_BLOB *blob;
2540
2541 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2542 pvStructInfo = *(BYTE **)pvStructInfo;
2543 blob = (CRYPT_INTEGER_BLOB *)pvStructInfo;
2544 blob->cbData = dataLen;
2545 blob->pbData = (BYTE *)pvStructInfo +
2546 sizeof(CRYPT_INTEGER_BLOB);
2547 if (blob->cbData)
2548 {
2549 DWORD i;
2550
2551 for (i = 0; i < blob->cbData; i++)
2552 blob->pbData[i] = *(pbEncoded + 1 + lenBytes +
2553 dataLen - i - 1);
2554 }
2555 }
2556 }
2557 }
2558 else
2559 {
2560 SetLastError(CRYPT_E_ASN1_BADTAG);
2561 ret = FALSE;
2562 }
2563 }
2564 __EXCEPT(page_fault)
2565 {
2566 SetLastError(STATUS_ACCESS_VIOLATION);
2567 ret = FALSE;
2568 }
2569 __ENDTRY
2570 return ret;
2571 }
2572
2573 static BOOL WINAPI CRYPT_AsnDecodeUnsignedInteger(DWORD dwCertEncodingType,
2574 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2575 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2576 {
2577 BOOL ret;
2578
2579 __TRY
2580 {
2581 if (pbEncoded[0] == ASN_INTEGER)
2582 {
2583 DWORD bytesNeeded, dataLen;
2584 CRYPT_INTEGER_BLOB *blob;
2585
2586 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2587 {
2588 bytesNeeded = dataLen + sizeof(CRYPT_INTEGER_BLOB);
2589 if (!pvStructInfo)
2590 *pcbStructInfo = bytesNeeded;
2591 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2592 pvStructInfo, pcbStructInfo, bytesNeeded)))
2593 {
2594 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2595
2596 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2597 pvStructInfo = *(BYTE **)pvStructInfo;
2598 blob = (CRYPT_INTEGER_BLOB *)pvStructInfo;
2599 blob->cbData = dataLen;
2600 blob->pbData = (BYTE *)pvStructInfo +
2601 sizeof(CRYPT_INTEGER_BLOB);
2602 /* remove leading zero byte if it exists */
2603 if (blob->cbData && *(pbEncoded + 1 + lenBytes) == 0)
2604 {
2605 blob->cbData--;
2606 blob->pbData++;
2607 }
2608 if (blob->cbData)
2609 {
2610 DWORD i;
2611
2612 for (i = 0; i < blob->cbData; i++)
2613 blob->pbData[i] = *(pbEncoded + 1 + lenBytes +
2614 pbEncoded[1] - i - 1);
2615 }
2616 }
2617 }
2618 }
2619 else
2620 {
2621 SetLastError(CRYPT_E_ASN1_BADTAG);
2622 ret = FALSE;
2623 }
2624 }
2625 __EXCEPT(page_fault)
2626 {
2627 SetLastError(STATUS_ACCESS_VIOLATION);
2628 ret = FALSE;
2629 }
2630 __ENDTRY
2631 return ret;
2632 }
2633
2634 static BOOL WINAPI CRYPT_AsnDecodeEnumerated(DWORD dwCertEncodingType,
2635 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2636 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2637 {
2638 BOOL ret;
2639
2640 if (!pvStructInfo)
2641 {
2642 *pcbStructInfo = sizeof(int);
2643 return TRUE;
2644 }
2645 __TRY
2646 {
2647 if (pbEncoded[0] == ASN_ENUMERATED)
2648 {
2649 unsigned int val = 0, i;
2650
2651 if (cbEncoded <= 1)
2652 {
2653 SetLastError(CRYPT_E_ASN1_EOD);
2654 ret = FALSE;
2655 }
2656 else if (pbEncoded[1] == 0)
2657 {
2658 SetLastError(CRYPT_E_ASN1_CORRUPT);
2659 ret = FALSE;
2660 }
2661 else
2662 {
2663 /* A little strange looking, but we have to accept a sign byte:
2664 * 0xffffffff gets encoded as 0a 05 00 ff ff ff ff. Also,
2665 * assuming a small length is okay here, it has to be in short
2666 * form.
2667 */
2668 if (pbEncoded[1] > sizeof(unsigned int) + 1)
2669 {
2670 SetLastError(CRYPT_E_ASN1_LARGE);
2671 return FALSE;
2672 }
2673 for (i = 0; i < pbEncoded[1]; i++)
2674 {
2675 val <<= 8;
2676 val |= pbEncoded[2 + i];
2677 }
2678 if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2679 pvStructInfo, pcbStructInfo, sizeof(unsigned int))))
2680 {
2681 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2682 pvStructInfo = *(BYTE **)pvStructInfo;
2683 memcpy(pvStructInfo, &val, sizeof(unsigned int));
2684 }
2685 }
2686 }
2687 else
2688 {
2689 SetLastError(CRYPT_E_ASN1_BADTAG);
2690 ret = FALSE;
2691 }
2692 }
2693 __EXCEPT(page_fault)
2694 {
2695 SetLastError(STATUS_ACCESS_VIOLATION);
2696 ret = FALSE;
2697 }
2698 __ENDTRY
2699 return ret;
2700 }
2701
2702 /* Modifies word, pbEncoded, and len, and magically sets a value ret to FALSE
2703 * if it fails.
2704 */
2705 #define CRYPT_TIME_GET_DIGITS(pbEncoded, len, numDigits, word) \
2706 do { \
2707 BYTE i; \
2708 \
2709 (word) = 0; \
2710 for (i = 0; (len) > 0 && i < (numDigits); i++, (len)--) \
2711 { \
2712 if (!isdigit(*(pbEncoded))) \
2713 { \
2714 SetLastError(CRYPT_E_ASN1_CORRUPT); \
2715 ret = FALSE; \
2716 } \
2717 else \
2718 { \
2719 (word) *= 10; \
2720 (word) += *(pbEncoded)++ - '0'; \
2721 } \
2722 } \
2723 } while (0)
2724
2725 static BOOL CRYPT_AsnDecodeTimeZone(const BYTE *pbEncoded, DWORD len,
2726 SYSTEMTIME *sysTime)
2727 {
2728 BOOL ret = TRUE;
2729
2730 __TRY
2731 {
2732 if (len >= 3 && (*pbEncoded == '+' || *pbEncoded == '-'))
2733 {
2734 WORD hours, minutes = 0;
2735 BYTE sign = *pbEncoded++;
2736
2737 len--;
2738 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, hours);
2739 if (ret && hours >= 24)
2740 {
2741 SetLastError(CRYPT_E_ASN1_CORRUPT);
2742 ret = FALSE;
2743 }
2744 else if (len >= 2)
2745 {
2746 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, minutes);
2747 if (ret && minutes >= 60)
2748 {
2749 SetLastError(CRYPT_E_ASN1_CORRUPT);
2750 ret = FALSE;
2751 }
2752 }
2753 if (ret)
2754 {
2755 if (sign == '+')
2756 {
2757 sysTime->wHour += hours;
2758 sysTime->wMinute += minutes;
2759 }
2760 else
2761 {
2762 if (hours > sysTime->wHour)
2763 {
2764 sysTime->wDay--;
2765 sysTime->wHour = 24 - (hours - sysTime->wHour);
2766 }
2767 else
2768 sysTime->wHour -= hours;
2769 if (minutes > sysTime->wMinute)
2770 {
2771 sysTime->wHour--;
2772 sysTime->wMinute = 60 - (minutes - sysTime->wMinute);
2773 }
2774 else
2775 sysTime->wMinute -= minutes;
2776 }
2777 }
2778 }
2779 }
2780 __EXCEPT(page_fault)
2781 {
2782 SetLastError(STATUS_ACCESS_VIOLATION);
2783 ret = FALSE;
2784 }
2785 __ENDTRY
2786 return ret;
2787 }
2788
2789 #define MIN_ENCODED_TIME_LENGTH 10
2790
2791 static BOOL WINAPI CRYPT_AsnDecodeUtcTime(DWORD dwCertEncodingType,
2792 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2793 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2794 {
2795 BOOL ret = TRUE;
2796
2797 if (!pvStructInfo)
2798 {
2799 *pcbStructInfo = sizeof(FILETIME);
2800 return TRUE;
2801 }
2802 __TRY
2803 {
2804 if (pbEncoded[0] == ASN_UTCTIME)
2805 {
2806 if (cbEncoded <= 1)
2807 {
2808 SetLastError(CRYPT_E_ASN1_EOD);
2809 ret = FALSE;
2810 }
2811 else if (pbEncoded[1] > 0x7f)
2812 {
2813 /* long-form date strings really can't be valid */
2814 SetLastError(CRYPT_E_ASN1_CORRUPT);
2815 ret = FALSE;
2816 }
2817 else
2818 {
2819 SYSTEMTIME sysTime = { 0 };
2820 BYTE len = pbEncoded[1];
2821
2822 if (len < MIN_ENCODED_TIME_LENGTH)
2823 {
2824 SetLastError(CRYPT_E_ASN1_CORRUPT);
2825 ret = FALSE;
2826 }
2827 else
2828 {
2829 pbEncoded += 2;
2830 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wYear);
2831 if (sysTime.wYear >= 50)
2832 sysTime.wYear += 1900;
2833 else
2834 sysTime.wYear += 2000;
2835 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMonth);
2836 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wDay);
2837 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wHour);
2838 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMinute);
2839 if (ret && len > 0)
2840 {
2841 if (len >= 2 && isdigit(*pbEncoded) &&
2842 isdigit(*(pbEncoded + 1)))
2843 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
2844 sysTime.wSecond);
2845 else if (isdigit(*pbEncoded))
2846 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 1,
2847 sysTime.wSecond);
2848 if (ret)
2849 ret = CRYPT_AsnDecodeTimeZone(pbEncoded, len,
2850 &sysTime);
2851 }
2852 if (ret && (ret = CRYPT_DecodeEnsureSpace(dwFlags,
2853 pDecodePara, pvStructInfo, pcbStructInfo,
2854 sizeof(FILETIME))))
2855 {
2856 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2857 pvStructInfo = *(BYTE **)pvStructInfo;
2858 ret = SystemTimeToFileTime(&sysTime,
2859 (FILETIME *)pvStructInfo);
2860 }
2861 }
2862 }
2863 }
2864 else
2865 {
2866 SetLastError(CRYPT_E_ASN1_BADTAG);
2867 ret = FALSE;
2868 }
2869 }
2870 __EXCEPT(page_fault)
2871 {
2872 SetLastError(STATUS_ACCESS_VIOLATION);
2873 ret = FALSE;
2874 }
2875 __ENDTRY
2876 return ret;
2877 }
2878
2879 static BOOL WINAPI CRYPT_AsnDecodeGeneralizedTime(DWORD dwCertEncodingType,
2880 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2881 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2882 {
2883 BOOL ret = TRUE;
2884
2885 if (!pvStructInfo)
2886 {
2887 *pcbStructInfo = sizeof(FILETIME);
2888 return TRUE;
2889 }
2890 __TRY
2891 {
2892 if (pbEncoded[0] == ASN_GENERALTIME)
2893 {
2894 if (cbEncoded <= 1)
2895 {
2896 SetLastError(CRYPT_E_ASN1_EOD);
2897 ret = FALSE;
2898 }
2899 else if (pbEncoded[1] > 0x7f)
2900 {
2901 /* long-form date strings really can't be valid */
2902 SetLastError(CRYPT_E_ASN1_CORRUPT);
2903 ret = FALSE;
2904 }
2905 else
2906 {
2907 BYTE len = pbEncoded[1];
2908
2909 if (len < MIN_ENCODED_TIME_LENGTH)
2910 {
2911 SetLastError(CRYPT_E_ASN1_CORRUPT);
2912 ret = FALSE;
2913 }
2914 else
2915 {
2916 SYSTEMTIME sysTime = { 0 };
2917
2918 pbEncoded += 2;
2919 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 4, sysTime.wYear);
2920 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMonth);
2921 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wDay);
2922 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wHour);
2923 if (ret && len > 0)
2924 {
2925 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
2926 sysTime.wMinute);
2927 if (ret && len > 0)
2928 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
2929 sysTime.wSecond);
2930 if (ret && len > 0 && (*pbEncoded == '.' ||
2931 *pbEncoded == ','))
2932 {
2933 BYTE digits;
2934
2935 pbEncoded++;
2936 len--;
2937 /* workaround macro weirdness */
2938 digits = min(len, 3);
2939 CRYPT_TIME_GET_DIGITS(pbEncoded, len, digits,
2940 sysTime.wMilliseconds);
2941 }
2942 if (ret)
2943 ret = CRYPT_AsnDecodeTimeZone(pbEncoded, len,
2944 &sysTime);
2945 }
2946 if (ret && (ret = CRYPT_DecodeEnsureSpace(dwFlags,
2947 pDecodePara, pvStructInfo, pcbStructInfo,
2948 sizeof(FILETIME))))
2949 {
2950 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2951 pvStructInfo = *(BYTE **)pvStructInfo;
2952 ret = SystemTimeToFileTime(&sysTime,
2953 (FILETIME *)pvStructInfo);
2954 }
2955 }
2956 }
2957 }
2958 else
2959 {
2960 SetLastError(CRYPT_E_ASN1_BADTAG);
2961 ret = FALSE;
2962 }
2963 }
2964 __EXCEPT(page_fault)
2965 {
2966 SetLastError(STATUS_ACCESS_VIOLATION);
2967 ret = FALSE;
2968 }
2969 __ENDTRY
2970 return ret;
2971 }
2972
2973 static BOOL WINAPI CRYPT_AsnDecodeChoiceOfTime(DWORD dwCertEncodingType,
2974 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2975 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2976 {
2977 BOOL ret;
2978
2979 if (!pvStructInfo)
2980 {
2981 *pcbStructInfo = sizeof(FILETIME);
2982 return TRUE;
2983 }
2984
2985 __TRY
2986 {
2987 if (pbEncoded[0] == ASN_UTCTIME)
2988 ret = CRYPT_AsnDecodeUtcTime(dwCertEncodingType, lpszStructType,
2989 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
2990 pcbStructInfo);
2991 else if (pbEncoded[0] == ASN_GENERALTIME)
2992 ret = CRYPT_AsnDecodeGeneralizedTime(dwCertEncodingType,
2993 lpszStructType, pbEncoded, cbEncoded, dwFlags, pDecodePara,
2994 pvStructInfo, pcbStructInfo);
2995 else
2996 {
2997 SetLastError(CRYPT_E_ASN1_BADTAG);
2998 ret = FALSE;
2999 }
3000 }
3001 __EXCEPT(page_fault)
3002 {
3003 SetLastError(STATUS_ACCESS_VIOLATION);
3004 ret = FALSE;
3005 }
3006 __ENDTRY
3007 return ret;
3008 }
3009
3010 static BOOL WINAPI CRYPT_AsnDecodeSequenceOfAny(DWORD dwCertEncodingType,
3011 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3012 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3013 {
3014 BOOL ret = TRUE;
3015
3016 __TRY
3017 {
3018 if (pbEncoded[0] == ASN_SEQUENCEOF)
3019 {
3020 DWORD bytesNeeded, dataLen, remainingLen, cValue;
3021
3022 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
3023 {
3024 BYTE lenBytes;
3025 const BYTE *ptr;
3026
3027 lenBytes = GET_LEN_BYTES(pbEncoded[1]);
3028 bytesNeeded = sizeof(CRYPT_SEQUENCE_OF_ANY);
3029 cValue = 0;
3030 ptr = pbEncoded + 1 + lenBytes;
3031 remainingLen = dataLen;
3032 while (ret && remainingLen)
3033 {
3034 DWORD nextLen;
3035
3036 ret = CRYPT_GetLen(ptr, remainingLen, &nextLen);
3037 if (ret)
3038 {
3039 DWORD nextLenBytes = GET_LEN_BYTES(ptr[1]);
3040
3041 remainingLen -= 1 + nextLenBytes + nextLen;
3042 ptr += 1 + nextLenBytes + nextLen;
3043 bytesNeeded += sizeof(CRYPT_DER_BLOB);
3044 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
3045 bytesNeeded += 1 + nextLenBytes + nextLen;
3046 cValue++;
3047 }
3048 }
3049 if (ret)
3050 {
3051 CRYPT_SEQUENCE_OF_ANY *seq;
3052 BYTE *nextPtr;
3053 DWORD i;
3054
3055 if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
3056 pvStructInfo, pcbStructInfo, bytesNeeded)))
3057 {
3058 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3059 pvStructInfo = *(BYTE **)pvStructInfo;
3060 seq = (CRYPT_SEQUENCE_OF_ANY *)pvStructInfo;
3061 seq->cValue = cValue;
3062 seq->rgValue = (CRYPT_DER_BLOB *)((BYTE *)seq +
3063 sizeof(*seq));
3064 nextPtr = (BYTE *)seq->rgValue +
3065 cValue * sizeof(CRYPT_DER_BLOB);
3066 ptr = pbEncoded + 1 + lenBytes;
3067 remainingLen = dataLen;
3068 i = 0;
3069 while (ret && remainingLen)
3070 {
3071 DWORD nextLen;
3072
3073 ret = CRYPT_GetLen(ptr, remainingLen, &nextLen);
3074 if (ret)
3075 {
3076 DWORD nextLenBytes = GET_LEN_BYTES(ptr[1]);
3077
3078 seq->rgValue[i].cbData = 1 + nextLenBytes +
3079 nextLen;
3080 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
3081 seq->rgValue[i].pbData = (BYTE *)ptr;
3082 else
3083 {
3084 seq->rgValue[i].pbData = nextPtr;
3085 memcpy(nextPtr, ptr, 1 + nextLenBytes +
3086 nextLen);
3087 nextPtr += 1 + nextLenBytes + nextLen;
3088 }
3089 remainingLen -= 1 + nextLenBytes + nextLen;
3090 ptr += 1 + nextLenBytes + nextLen;
3091 i++;
3092 }
3093 }
3094 }
3095 }
3096 }
3097 }
3098 else
3099 {
3100 SetLastError(CRYPT_E_ASN1_BADTAG);
3101 return FALSE;
3102 }
3103 }
3104 __EXCEPT(page_fault)
3105 {
3106 SetLastError(STATUS_ACCESS_VIOLATION);
3107 ret = FALSE;
3108 }
3109 __ENDTRY
3110 return ret;
3111 }
3112
3113 typedef BOOL (WINAPI *CryptDecodeObjectExFunc)(DWORD, LPCSTR, const BYTE *,
3114 DWORD, DWORD, PCRYPT_DECODE_PARA, void *, DWORD *);
3115
3116 BOOL WINAPI CryptDecodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType,
3117 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3118 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3119 {
3120 BOOL ret = FALSE;
3121 HMODULE lib = NULL;
3122 CryptDecodeObjectExFunc decodeFunc = NULL;
3123
3124 TRACE("(0x%08lx, %s, %p, %ld, 0x%08lx, %p, %p, %p)\n",
3125 dwCertEncodingType, HIWORD(lpszStructType) ? debugstr_a(lpszStructType) :
3126 "(integer value)", pbEncoded, cbEncoded, dwFlags, pDecodePara,
3127 pvStructInfo, pcbStructInfo);
3128
3129 if (!pvStructInfo && !pcbStructInfo)
3130 {
3131 SetLastError(ERROR_INVALID_PARAMETER);
3132 return FALSE;
3133 }
3134 if ((dwCertEncodingType & CERT_ENCODING_TYPE_MASK) != X509_ASN_ENCODING
3135 && (dwCertEncodingType & CMSG_ENCODING_TYPE_MASK) != PKCS_7_ASN_ENCODING)
3136 {
3137 SetLastError(ERROR_FILE_NOT_FOUND);
3138 return FALSE;
3139 }
3140 if (!pbEncoded || !cbEncoded)
3141 {
3142 SetLastError(CRYPT_E_ASN1_EOD);
3143 return FALSE;
3144 }
3145 if (cbEncoded > MAX_ENCODED_LEN)
3146 {
3147 SetLastError(CRYPT_E_ASN1_LARGE);
3148 return FALSE;
3149 }
3150
3151 SetLastError(NOERROR);
3152 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG && pvStructInfo)
3153 *(BYTE **)pvStructInfo = NULL;
3154 if (!HIWORD(lpszStructType))
3155 {
3156 switch (LOWORD(lpszStructType))
3157 {
3158 case (WORD)X509_NAME:
3159 decodeFunc = CRYPT_AsnDecodeName;
3160 break;
3161 case (WORD)X509_BASIC_CONSTRAINTS2:
3162 decodeFunc = CRYPT_AsnDecodeBasicConstraints2;
3163 break;
3164 case (WORD)X509_OCTET_STRING:
3165 decodeFunc = CRYPT_AsnDecodeOctets;
3166 break;
3167 case (WORD)X509_BITS:
3168 case (WORD)X509_KEY_USAGE:
3169 decodeFunc = CRYPT_AsnDecodeBits;
3170 break;
3171 case (WORD)X509_INTEGER:
3172 decodeFunc = CRYPT_AsnDecodeInt;
3173 break;
3174 case (WORD)X509_MULTI_BYTE_INTEGER:
3175 decodeFunc = CRYPT_AsnDecodeInteger;
3176 break;
3177 case (WORD)X509_MULTI_BYTE_UINT:
3178 decodeFunc = CRYPT_AsnDecodeUnsignedInteger;
3179 break;
3180 case (WORD)X509_ENUMERATED:
3181 decodeFunc = CRYPT_AsnDecodeEnumerated;
3182 break;
3183 case (WORD)X509_CHOICE_OF_TIME:
3184 decodeFunc = CRYPT_AsnDecodeChoiceOfTime;
3185 break;
3186 case (WORD)X509_SEQUENCE_OF_ANY:
3187 decodeFunc = CRYPT_AsnDecodeSequenceOfAny;
3188 break;
3189 case (WORD)PKCS_UTC_TIME:
3190 decodeFunc = CRYPT_AsnDecodeUtcTime;
3191 break;
3192 default:
3193 FIXME("%d: unimplemented\n", LOWORD(lpszStructType));
3194 }
3195 }
3196 else if (!strcmp(lpszStructType, szOID_RSA_signingTime))
3197 decodeFunc = CRYPT_AsnDecodeUtcTime;
3198 else if (!strcmp(lpszStructType, szOID_CRL_REASON_CODE))
3199 decodeFunc = CRYPT_AsnDecodeEnumerated;
3200 else if (!strcmp(lpszStructType, szOID_KEY_USAGE))
3201 decodeFunc = CRYPT_AsnDecodeBits;
3202 else if (!strcmp(lpszStructType, szOID_SUBJECT_KEY_IDENTIFIER))
3203 decodeFunc = CRYPT_AsnDecodeOctets;
3204 else if (!strcmp(lpszStructType, szOID_BASIC_CONSTRAINTS2))
3205 decodeFunc = CRYPT_AsnDecodeBasicConstraints2;
3206 else
3207 TRACE("OID %s not found or unimplemented, looking for DLL\n",
3208 debugstr_a(lpszStructType));
3209 if (!decodeFunc)
3210 decodeFunc = (CryptDecodeObjectExFunc)CRYPT_GetFunc(dwCertEncodingType,
3211 lpszStructType, "CryptDecodeObjectEx", &lib);
3212 if (decodeFunc)
3213 ret = decodeFunc(dwCertEncodingType, lpszStructType, pbEncoded,
3214 cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo);
3215 else
3216 SetLastError(ERROR_FILE_NOT_FOUND);
3217 if (lib)
3218 FreeLibrary(lib);
3219 return ret;
3220 }
Quick hack tree for wine patches julliard doesn't want to commit