2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 #include "wine/port.h"
25 #define NONAMELESSUNION
26 #define NONAMELESSSTRUCT
29 #include "wine/debug.h"
34 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
37 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet);
39 BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
41 TRACE("(0x%p, %d, %p)\n", hinstDLL, fdwReason, lpvReserved);
44 case DLL_PROCESS_ATTACH:
45 DisableThreadLibraryCalls(hinstDLL);
47 case DLL_PROCESS_DETACH:
48 /* Do uninitialisation here */
55 static const WCHAR cryptNet[] = { 'c','r','y','p','t','n','e','t','.',
57 static const WCHAR ldapProvOpenStore[] = { 'L','d','a','p','P','r','o','v',
58 'O','p','e','S','t','o','r','e',0 };
60 /***********************************************************************
61 * DllRegisterServer (CRYPTNET.@)
63 HRESULT WINAPI DllRegisterServer(void)
66 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING,
67 CRYPT_OID_VERIFY_REVOCATION_FUNC, 0, cryptNet);
68 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap",
69 cryptNet, "LdapProvOpenStore");
70 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
71 CERT_STORE_PROV_LDAP_W, cryptNet, "LdapProvOpenStore");
75 /***********************************************************************
76 * DllUnregisterServer (CRYPTNET.@)
78 HRESULT WINAPI DllUnregisterServer(void)
81 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING,
82 CRYPT_OID_VERIFY_REVOCATION_FUNC, cryptNet);
83 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap");
84 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
85 CERT_STORE_PROV_LDAP_W);
89 static const char *url_oid_to_str(LPCSTR oid)
99 #define _x(oid) case LOWORD(oid): return #oid
100 _x(URL_OID_CERTIFICATE_ISSUER);
101 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT);
102 _x(URL_OID_CTL_ISSUER);
103 _x(URL_OID_CTL_NEXT_UPDATE);
104 _x(URL_OID_CRL_ISSUER);
105 _x(URL_OID_CERTIFICATE_FRESHEST_CRL);
106 _x(URL_OID_CRL_FRESHEST_CRL);
107 _x(URL_OID_CROSS_CERT_DIST_POINT);
110 snprintf(buf, sizeof(buf), "%d", LOWORD(oid));
116 typedef BOOL (WINAPI *UrlDllGetObjectUrlFunc)(LPCSTR, LPVOID, DWORD,
117 PCRYPT_URL_ARRAY, DWORD *, PCRYPT_URL_INFO, DWORD *, LPVOID);
119 static BOOL WINAPI CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid,
120 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
121 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
123 /* FIXME: This depends on the AIA (authority info access) extension being
124 * supported in crypt32.
127 SetLastError(CRYPT_E_NOT_FOUND);
131 static BOOL WINAPI CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid,
132 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
133 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
135 PCCERT_CONTEXT cert = (PCCERT_CONTEXT)pvPara;
139 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
140 if (dwFlags && !(dwFlags & CRYPT_GET_URL_FROM_EXTENSION))
142 SetLastError(CRYPT_E_NOT_FOUND);
145 if ((ext = CertFindExtension(szOID_CRL_DIST_POINTS,
146 cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
148 CRL_DIST_POINTS_INFO *info;
151 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CRL_DIST_POINTS,
152 ext->Value.pbData, ext->Value.cbData, CRYPT_DECODE_ALLOC_FLAG, NULL,
156 DWORD i, cUrl, bytesNeeded = sizeof(CRYPT_URL_ARRAY);
158 for (i = 0, cUrl = 0; i < info->cDistPoint; i++)
159 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
160 == CRL_DIST_POINT_FULL_NAME)
163 CERT_ALT_NAME_INFO *name =
164 &info->rgDistPoint[i].DistPointName.u.FullName;
166 for (j = 0; j < name->cAltEntry; j++)
167 if (name->rgAltEntry[j].dwAltNameChoice ==
170 if (name->rgAltEntry[j].u.pwszURL)
173 bytesNeeded += sizeof(LPWSTR) +
174 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1)
181 SetLastError(E_INVALIDARG);
185 *pcbUrlArray = bytesNeeded;
186 else if (*pcbUrlArray < bytesNeeded)
188 SetLastError(ERROR_MORE_DATA);
189 *pcbUrlArray = bytesNeeded;
196 *pcbUrlArray = bytesNeeded;
198 pUrlArray->rgwszUrl =
199 (LPWSTR *)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY));
200 nextUrl = (LPWSTR)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY)
201 + cUrl * sizeof(LPWSTR));
202 for (i = 0; i < info->cDistPoint; i++)
203 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
204 == CRL_DIST_POINT_FULL_NAME)
207 CERT_ALT_NAME_INFO *name =
208 &info->rgDistPoint[i].DistPointName.u.FullName;
210 for (j = 0; j < name->cAltEntry; j++)
211 if (name->rgAltEntry[j].dwAltNameChoice ==
214 if (name->rgAltEntry[j].u.pwszURL)
217 name->rgAltEntry[j].u.pwszURL);
218 pUrlArray->rgwszUrl[pUrlArray->cUrl++] =
221 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1)
231 FIXME("url info: stub\n");
233 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
234 else if (*pcbUrlInfo < sizeof(CRYPT_URL_INFO))
236 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
237 SetLastError(ERROR_MORE_DATA);
242 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
243 memset(pUrlInfo, 0, sizeof(CRYPT_URL_INFO));
251 SetLastError(CRYPT_E_NOT_FOUND);
255 /***********************************************************************
256 * CryptGetObjectUrl (CRYPTNET.@)
258 BOOL WINAPI CryptGetObjectUrl(LPCSTR pszUrlOid, LPVOID pvPara, DWORD dwFlags,
259 PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray, PCRYPT_URL_INFO pUrlInfo,
260 DWORD *pcbUrlInfo, LPVOID pvReserved)
262 UrlDllGetObjectUrlFunc func = NULL;
263 HCRYPTOIDFUNCADDR hFunc = NULL;
266 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid),
267 pvPara, dwFlags, pUrlArray, pcbUrlArray, pUrlInfo, pcbUrlInfo, pvReserved);
269 if (!HIWORD(pszUrlOid))
271 switch (LOWORD(pszUrlOid))
273 case LOWORD(URL_OID_CERTIFICATE_ISSUER):
274 func = CRYPT_GetUrlFromCertificateIssuer;
276 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT):
277 func = CRYPT_GetUrlFromCertificateCRLDistPoint;
280 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid));
281 SetLastError(ERROR_FILE_NOT_FOUND);
286 static HCRYPTOIDFUNCSET set = NULL;
289 set = CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC, 0);
290 CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszUrlOid, 0,
291 (void **)&func, &hFunc);
294 ret = func(pszUrlOid, pvPara, dwFlags, pUrlArray, pcbUrlArray,
295 pUrlInfo, pcbUrlInfo, pvReserved);
297 CryptFreeOIDFunctionAddress(hFunc, 0);
301 /***********************************************************************
302 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
304 BOOL WINAPI CryptRetrieveObjectByUrlA(LPCSTR pszURL, LPCSTR pszObjectOid,
305 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
306 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
307 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
312 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL),
313 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
314 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
318 SetLastError(ERROR_INVALID_PARAMETER);
321 len = MultiByteToWideChar(CP_ACP, 0, pszURL, -1, NULL, 0);
324 LPWSTR url = CryptMemAlloc(len * sizeof(WCHAR));
328 MultiByteToWideChar(CP_ACP, 0, pszURL, -1, url, len);
329 ret = CryptRetrieveObjectByUrlW(url, pszObjectOid,
330 dwRetrievalFlags, dwTimeout, ppvObject, hAsyncRetrieve,
331 pCredentials, pvVerify, pAuxInfo);
335 SetLastError(ERROR_OUTOFMEMORY);
340 static void WINAPI CRYPT_FreeBlob(LPCSTR pszObjectOid,
341 PCRYPT_BLOB_ARRAY pObject, void *pvFreeContext)
345 for (i = 0; i < pObject->cBlob; i++)
346 CryptMemFree(pObject->rgBlob[i].pbData);
347 CryptMemFree(pObject->rgBlob);
350 static BOOL CRYPT_GetObjectFromFile(HANDLE hFile, PCRYPT_BLOB_ARRAY pObject)
355 if ((ret = GetFileSizeEx(hFile, &size)))
359 WARN("file too big\n");
360 SetLastError(ERROR_INVALID_DATA);
365 CRYPT_DATA_BLOB blob;
367 blob.pbData = CryptMemAlloc(size.u.LowPart);
370 blob.cbData = size.u.LowPart;
371 ret = ReadFile(hFile, blob.pbData, size.u.LowPart, &blob.cbData,
375 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
379 memcpy(pObject->rgBlob, &blob, sizeof(CRYPT_DATA_BLOB));
383 SetLastError(ERROR_OUTOFMEMORY);
388 CryptMemFree(blob.pbData);
392 SetLastError(ERROR_OUTOFMEMORY);
400 /* FIXME: should make wininet cache all downloads instead */
401 static BOOL CRYPT_GetObjectFromCache(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
402 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
405 INTERNET_CACHE_ENTRY_INFOW cacheInfo = { sizeof(cacheInfo), 0 };
406 DWORD size = sizeof(cacheInfo);
408 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pObject, pAuxInfo);
410 if (GetUrlCacheEntryInfoW(pszURL, &cacheInfo, &size) ||
411 GetLastError() == ERROR_INSUFFICIENT_BUFFER)
415 GetSystemTimeAsFileTime(&ft);
416 if (CompareFileTime(&cacheInfo.ExpireTime, &ft) >= 0)
418 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo = CryptMemAlloc(size);
422 if (GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size))
424 HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
425 GENERIC_READ, 0, NULL, OPEN_EXISTING,
426 FILE_ATTRIBUTE_NORMAL, NULL);
428 if (hFile != INVALID_HANDLE_VALUE)
430 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
432 if (pAuxInfo && pAuxInfo->cbSize >=
433 offsetof(CRYPT_RETRIEVE_AUX_INFO,
434 pLastSyncTime) + sizeof(PFILETIME) &&
435 pAuxInfo->pLastSyncTime)
436 memcpy(pAuxInfo->pLastSyncTime,
437 &pCacheInfo->LastSyncTime,
443 CryptMemFree(pCacheInfo);
446 SetLastError(ERROR_OUTOFMEMORY);
449 DeleteUrlCacheEntryW(pszURL);
451 TRACE("returning %d\n", ret);
455 static inline LPWSTR strndupW(LPWSTR string, int len)
458 if (string && (ret = CryptMemAlloc((len + 1) * sizeof(WCHAR))) != NULL)
460 memcpy(ret, string, len * sizeof(WCHAR));
466 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
467 * to NULL-terminated copies of those portions of the URL (to be freed with
470 static BOOL CRYPT_CrackUrl(LPCWSTR pszURL, URL_COMPONENTSW *components)
474 TRACE("(%s, %p)\n", debugstr_w(pszURL), components);
476 memset(components, 0, sizeof(*components));
477 components->dwStructSize = sizeof(*components);
478 components->dwHostNameLength = 1;
479 components->dwUrlPathLength = 1;
480 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, components);
483 LPWSTR hostname = strndupW(components->lpszHostName,
484 components->dwHostNameLength);
485 LPWSTR path = strndupW(components->lpszUrlPath,
486 components->dwUrlPathLength);
488 components->lpszHostName = hostname;
489 components->lpszUrlPath = path;
490 switch (components->nScheme)
492 case INTERNET_SCHEME_FTP:
493 if (!components->nPort)
494 components->nPort = INTERNET_DEFAULT_FTP_PORT;
496 case INTERNET_SCHEME_HTTP:
497 if (!components->nPort)
498 components->nPort = INTERNET_DEFAULT_HTTP_PORT;
504 TRACE("returning %d\n", ret);
515 static struct InetContext *CRYPT_MakeInetContext(DWORD dwTimeout)
517 struct InetContext *context = CryptMemAlloc(sizeof(struct InetContext));
521 context->event = CreateEventW(NULL, FALSE, FALSE, NULL);
524 CryptMemFree(context);
529 context->timeout = dwTimeout;
530 context->error = ERROR_SUCCESS;
536 static BOOL CRYPT_DownloadObject(DWORD dwRetrievalFlags, HINTERNET hHttp,
537 struct InetContext *context, PCRYPT_BLOB_ARRAY pObject,
538 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
540 CRYPT_DATA_BLOB object = { 0, NULL };
541 DWORD bytesAvailable;
545 if ((ret = InternetQueryDataAvailable(hHttp, &bytesAvailable, 0, 0)))
550 object.pbData = CryptMemRealloc(object.pbData,
551 object.cbData + bytesAvailable);
553 object.pbData = CryptMemAlloc(bytesAvailable);
556 INTERNET_BUFFERSA buffer = { sizeof(buffer), 0 };
558 buffer.dwBufferLength = bytesAvailable;
559 buffer.lpvBuffer = object.pbData + object.cbData;
560 if (!(ret = InternetReadFileExA(hHttp, &buffer, IRF_NO_WAIT,
561 (DWORD_PTR)context)))
563 if (GetLastError() == ERROR_IO_PENDING)
565 if (WaitForSingleObject(context->event,
566 context->timeout) == WAIT_TIMEOUT)
567 SetLastError(ERROR_TIMEOUT);
568 else if (context->error)
569 SetLastError(context->error);
575 object.cbData += bytesAvailable;
579 SetLastError(ERROR_OUTOFMEMORY);
584 else if (GetLastError() == ERROR_IO_PENDING)
586 if (WaitForSingleObject(context->event, context->timeout) ==
588 SetLastError(ERROR_TIMEOUT);
592 } while (ret && bytesAvailable);
595 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
596 if (!pObject->rgBlob)
598 CryptMemFree(object.pbData);
599 SetLastError(ERROR_OUTOFMEMORY);
604 pObject->rgBlob[0].cbData = object.cbData;
605 pObject->rgBlob[0].pbData = object.pbData;
609 TRACE("returning %d\n", ret);
613 static void CRYPT_CacheURL(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
614 DWORD dwRetrievalFlags, FILETIME expires)
616 WCHAR cacheFileName[MAX_PATH];
618 /* FIXME: let wininet directly cache instead */
619 if (CreateUrlCacheEntryW(pszURL, pObject->rgBlob[0].cbData, NULL,
622 HANDLE hCacheFile = CreateFileW(cacheFileName, GENERIC_WRITE, 0, NULL,
623 CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
625 if (hCacheFile != INVALID_HANDLE_VALUE)
627 DWORD bytesWritten, entryType;
630 if (!(dwRetrievalFlags & CRYPT_STICKY_CACHE_RETRIEVAL))
631 entryType = NORMAL_CACHE_ENTRY;
633 entryType = STICKY_CACHE_ENTRY;
634 WriteFile(hCacheFile, pObject->rgBlob[0].pbData,
635 pObject->rgBlob[0].cbData, &bytesWritten, NULL);
636 CloseHandle(hCacheFile);
637 CommitUrlCacheEntryW(pszURL, cacheFileName, expires, ft, entryType,
638 NULL, 0, NULL, NULL);
643 static void CALLBACK CRYPT_InetStatusCallback(HINTERNET hInt,
644 DWORD_PTR dwContext, DWORD status, void *statusInfo, DWORD statusInfoLen)
646 struct InetContext *context = (struct InetContext *)dwContext;
647 LPINTERNET_ASYNC_RESULT result;
651 case INTERNET_STATUS_REQUEST_COMPLETE:
652 result = (LPINTERNET_ASYNC_RESULT)statusInfo;
653 context->error = result->dwError;
654 SetEvent(context->event);
658 static BOOL CRYPT_Connect(URL_COMPONENTSW *components,
659 struct InetContext *context, PCRYPT_CREDENTIALS pCredentials,
660 HINTERNET *phInt, HINTERNET *phHost)
664 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components->lpszHostName),
665 components->nPort, context, pCredentials, phInt, phInt);
668 *phInt = InternetOpenW(NULL, INTERNET_OPEN_TYPE_DIRECT, NULL, NULL,
669 context ? INTERNET_FLAG_ASYNC : 0);
675 InternetSetStatusCallbackW(*phInt, CRYPT_InetStatusCallback);
676 switch (components->nScheme)
678 case INTERNET_SCHEME_FTP:
679 service = INTERNET_SERVICE_FTP;
681 case INTERNET_SCHEME_HTTP:
682 service = INTERNET_SERVICE_HTTP;
687 /* FIXME: use pCredentials for username/password */
688 *phHost = InternetConnectW(*phInt, components->lpszHostName,
689 components->nPort, NULL, NULL, service, 0, (DWORD_PTR)context);
692 InternetCloseHandle(*phInt);
701 TRACE("returning %d\n", ret);
705 static BOOL WINAPI FTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
706 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
707 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
708 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
709 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
711 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
712 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
713 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
716 pObject->rgBlob = NULL;
717 *ppfnFreeObject = CRYPT_FreeBlob;
718 *ppvFreeContext = NULL;
722 static const WCHAR x509cacert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
723 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
724 static const WCHAR x509emailcert[] = { 'a','p','p','l','i','c','a','t','i','o',
725 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
727 static const WCHAR x509servercert[] = { 'a','p','p','l','i','c','a','t','i','o',
728 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
730 static const WCHAR x509usercert[] = { 'a','p','p','l','i','c','a','t','i','o',
731 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
732 static const WCHAR pkcs7cert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
733 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
735 static const WCHAR pkixCRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
736 '/','p','k','i','x','-','c','r','l',0 };
737 static const WCHAR pkcs7CRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
738 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
739 static const WCHAR pkcs7sig[] = { 'a','p','p','l','i','c','a','t','i','o','n',
740 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
741 static const WCHAR pkcs7mime[] = { 'a','p','p','l','i','c','a','t','i','o','n',
742 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
744 static BOOL WINAPI HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
745 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
746 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
747 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
748 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
752 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
753 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
754 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
757 pObject->rgBlob = NULL;
758 *ppfnFreeObject = CRYPT_FreeBlob;
759 *ppvFreeContext = NULL;
761 if (!(dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL))
762 ret = CRYPT_GetObjectFromCache(pszURL, pObject, pAuxInfo);
763 if (!ret && (!(dwRetrievalFlags & CRYPT_CACHE_ONLY_RETRIEVAL) ||
764 (dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL)))
766 URL_COMPONENTSW components;
768 if ((ret = CRYPT_CrackUrl(pszURL, &components)))
770 HINTERNET hInt, hHost;
771 struct InetContext *context = NULL;
774 context = CRYPT_MakeInetContext(dwTimeout);
775 ret = CRYPT_Connect(&components, context, pCredentials, &hInt,
779 static LPCWSTR types[] = { x509cacert, x509emailcert,
780 x509servercert, x509usercert, pkcs7cert, pkixCRL, pkcs7CRL,
781 pkcs7sig, pkcs7mime, NULL };
782 HINTERNET hHttp = HttpOpenRequestW(hHost, NULL,
783 components.lpszUrlPath, NULL, NULL, types,
784 INTERNET_FLAG_NO_COOKIES | INTERNET_FLAG_NO_UI,
791 InternetSetOptionW(hHttp,
792 INTERNET_OPTION_RECEIVE_TIMEOUT, &dwTimeout,
794 InternetSetOptionW(hHttp, INTERNET_OPTION_SEND_TIMEOUT,
795 &dwTimeout, sizeof(dwTimeout));
797 ret = HttpSendRequestExW(hHttp, NULL, NULL, 0,
799 if (!ret && GetLastError() == ERROR_IO_PENDING)
801 if (WaitForSingleObject(context->event,
802 context->timeout) == WAIT_TIMEOUT)
803 SetLastError(ERROR_TIMEOUT);
807 /* We don't set ret to TRUE in this block to avoid masking
808 * an error from HttpSendRequestExW.
810 if (!HttpEndRequestW(hHttp, NULL, 0, (DWORD_PTR)context) &&
811 GetLastError() == ERROR_IO_PENDING)
813 if (WaitForSingleObject(context->event,
814 context->timeout) == WAIT_TIMEOUT)
816 SetLastError(ERROR_TIMEOUT);
821 ret = CRYPT_DownloadObject(dwRetrievalFlags, hHttp,
822 context, pObject, pAuxInfo);
823 if (ret && !(dwRetrievalFlags & CRYPT_DONT_CACHE_RESULT))
826 DWORD len = sizeof(st);
828 if (HttpQueryInfoW(hHttp,
829 HTTP_QUERY_EXPIRES | HTTP_QUERY_FLAG_SYSTEMTIME, &st,
834 SystemTimeToFileTime(&st, &ft);
835 CRYPT_CacheURL(pszURL, pObject, dwRetrievalFlags,
839 InternetCloseHandle(hHttp);
841 InternetCloseHandle(hHost);
842 InternetCloseHandle(hInt);
846 CloseHandle(context->event);
847 CryptMemFree(context);
849 CryptMemFree(components.lpszUrlPath);
850 CryptMemFree(components.lpszHostName);
853 TRACE("returning %d\n", ret);
857 static BOOL WINAPI File_RetrieveEncodedObjectW(LPCWSTR pszURL,
858 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
859 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
860 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
861 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
863 URL_COMPONENTSW components = { sizeof(components), 0 };
866 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
867 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
868 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
871 pObject->rgBlob = NULL;
872 *ppfnFreeObject = CRYPT_FreeBlob;
873 *ppvFreeContext = NULL;
875 components.dwUrlPathLength = 1;
876 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
881 /* 3 == lstrlenW(L"c:") + 1 */
882 path = CryptMemAlloc((components.dwUrlPathLength + 3) * sizeof(WCHAR));
887 /* Try to create the file directly - Wine handles / in pathnames */
888 lstrcpynW(path, components.lpszUrlPath,
889 components.dwUrlPathLength + 1);
890 hFile = CreateFileW(path, GENERIC_READ, 0, NULL, OPEN_EXISTING,
891 FILE_ATTRIBUTE_NORMAL, NULL);
892 if (hFile == INVALID_HANDLE_VALUE)
894 /* Try again on the current drive */
895 GetCurrentDirectoryW(components.dwUrlPathLength, path);
898 lstrcpynW(path + 2, components.lpszUrlPath,
899 components.dwUrlPathLength + 1);
900 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
901 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
903 if (hFile == INVALID_HANDLE_VALUE)
905 /* Try again on the Windows drive */
906 GetWindowsDirectoryW(path, components.dwUrlPathLength);
909 lstrcpynW(path + 2, components.lpszUrlPath,
910 components.dwUrlPathLength + 1);
911 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
912 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
916 if (hFile != INVALID_HANDLE_VALUE)
918 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
920 if (pAuxInfo && pAuxInfo->cbSize >=
921 offsetof(CRYPT_RETRIEVE_AUX_INFO,
922 pLastSyncTime) + sizeof(PFILETIME) &&
923 pAuxInfo->pLastSyncTime)
924 GetFileTime(hFile, NULL, NULL,
925 pAuxInfo->pLastSyncTime);
937 typedef BOOL (WINAPI *SchemeDllRetrieveEncodedObjectW)(LPCWSTR pwszUrl,
938 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
939 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
940 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
941 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
943 static BOOL CRYPT_GetRetrieveFunction(LPCWSTR pszURL,
944 SchemeDllRetrieveEncodedObjectW *pFunc, HCRYPTOIDFUNCADDR *phFunc)
946 URL_COMPONENTSW components = { sizeof(components), 0 };
949 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pFunc, phFunc);
953 components.dwSchemeLength = 1;
954 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
957 /* Microsoft always uses CryptInitOIDFunctionSet/
958 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
959 * reason to do so for builtin schemes.
961 switch (components.nScheme)
963 case INTERNET_SCHEME_FTP:
964 *pFunc = FTP_RetrieveEncodedObjectW;
966 case INTERNET_SCHEME_HTTP:
967 *pFunc = HTTP_RetrieveEncodedObjectW;
969 case INTERNET_SCHEME_FILE:
970 *pFunc = File_RetrieveEncodedObjectW;
974 int len = WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
975 components.dwSchemeLength, NULL, 0, NULL, NULL);
979 LPSTR scheme = CryptMemAlloc(len);
983 static HCRYPTOIDFUNCSET set = NULL;
986 set = CryptInitOIDFunctionSet(
987 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC, 0);
988 WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
989 components.dwSchemeLength, scheme, len, NULL, NULL);
990 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING,
991 scheme, 0, (void **)pFunc, phFunc);
992 CryptMemFree(scheme);
996 SetLastError(ERROR_OUTOFMEMORY);
1005 TRACE("returning %d\n", ret);
1009 static BOOL WINAPI CRYPT_CreateBlob(LPCSTR pszObjectOid,
1010 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1013 CRYPT_BLOB_ARRAY *context;
1016 size = sizeof(CRYPT_BLOB_ARRAY) + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1017 for (i = 0; i < pObject->cBlob; i++)
1018 size += pObject->rgBlob[i].cbData;
1019 context = CryptMemAlloc(size);
1026 (CRYPT_DATA_BLOB *)((LPBYTE)context + sizeof(CRYPT_BLOB_ARRAY));
1028 (LPBYTE)context->rgBlob + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1029 for (i = 0; i < pObject->cBlob; i++)
1031 memcpy(nextData, pObject->rgBlob[i].pbData,
1032 pObject->rgBlob[i].cbData);
1033 context->rgBlob[i].pbData = nextData;
1034 context->rgBlob[i].cbData = pObject->rgBlob[i].cbData;
1035 nextData += pObject->rgBlob[i].cbData;
1038 *ppvContext = context;
1044 typedef BOOL (WINAPI *AddContextToStore)(HCERTSTORE hCertStore,
1045 const void *pContext, DWORD dwAddDisposition, const void **ppStoreContext);
1047 static BOOL CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject,
1048 DWORD dwExpectedContentTypeFlags, AddContextToStore addFunc, void **ppvContext)
1052 if (!pObject->cBlob)
1054 SetLastError(ERROR_INVALID_DATA);
1058 else if (pObject->cBlob == 1)
1060 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1061 dwExpectedContentTypeFlags, CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL,
1062 NULL, NULL, NULL, NULL, (const void **)ppvContext))
1064 SetLastError(CRYPT_E_NO_MATCH);
1070 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1071 CERT_STORE_CREATE_NEW_FLAG, NULL);
1076 const void *context;
1078 for (i = 0; i < pObject->cBlob; i++)
1080 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1081 &pObject->rgBlob[i], dwExpectedContentTypeFlags,
1082 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, NULL, NULL, NULL,
1085 if (!addFunc(store, context, CERT_STORE_ADD_ALWAYS, NULL))
1090 SetLastError(CRYPT_E_NO_MATCH);
1097 *ppvContext = store;
1102 static BOOL WINAPI CRYPT_CreateCert(LPCSTR pszObjectOid,
1103 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1105 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CERT,
1106 (AddContextToStore)CertAddCertificateContextToStore, ppvContext);
1109 static BOOL WINAPI CRYPT_CreateCRL(LPCSTR pszObjectOid,
1110 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1112 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CRL,
1113 (AddContextToStore)CertAddCRLContextToStore, ppvContext);
1116 static BOOL WINAPI CRYPT_CreateCTL(LPCSTR pszObjectOid,
1117 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1119 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CTL,
1120 (AddContextToStore)CertAddCTLContextToStore, ppvContext);
1123 static BOOL WINAPI CRYPT_CreatePKCS7(LPCSTR pszObjectOid,
1124 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1128 if (!pObject->cBlob)
1130 SetLastError(ERROR_INVALID_DATA);
1134 else if (pObject->cBlob == 1)
1135 ret = CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1136 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1137 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED, CERT_QUERY_FORMAT_FLAG_BINARY,
1138 0, NULL, NULL, NULL, (HCERTSTORE *)ppvContext, NULL, NULL);
1141 FIXME("multiple messages unimplemented\n");
1147 static BOOL WINAPI CRYPT_CreateAny(LPCSTR pszObjectOid,
1148 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1152 if (!pObject->cBlob)
1154 SetLastError(ERROR_INVALID_DATA);
1160 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
1161 CERT_STORE_CREATE_NEW_FLAG, NULL);
1165 HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1166 CERT_STORE_CREATE_NEW_FLAG, NULL);
1170 CertAddStoreToCollection(store, memStore,
1171 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1172 CertCloseStore(memStore, 0);
1176 CertCloseStore(store, 0);
1185 for (i = 0; i < pObject->cBlob; i++)
1187 DWORD contentType, expectedContentTypes =
1188 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1189 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED |
1190 CERT_QUERY_CONTENT_FLAG_CERT |
1191 CERT_QUERY_CONTENT_FLAG_CRL |
1192 CERT_QUERY_CONTENT_FLAG_CTL;
1193 HCERTSTORE contextStore;
1194 const void *context;
1196 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1197 &pObject->rgBlob[i], expectedContentTypes,
1198 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, &contentType, NULL,
1199 &contextStore, NULL, &context))
1201 switch (contentType)
1203 case CERT_QUERY_CONTENT_CERT:
1204 if (!CertAddCertificateContextToStore(store,
1205 (PCCERT_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1208 case CERT_QUERY_CONTENT_CRL:
1209 if (!CertAddCRLContextToStore(store,
1210 (PCCRL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1213 case CERT_QUERY_CONTENT_CTL:
1214 if (!CertAddCTLContextToStore(store,
1215 (PCCTL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1219 CertAddStoreToCollection(store, contextStore, 0, 0);
1228 *ppvContext = store;
1233 typedef BOOL (WINAPI *ContextDllCreateObjectContext)(LPCSTR pszObjectOid,
1234 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext);
1236 static BOOL CRYPT_GetCreateFunction(LPCSTR pszObjectOid,
1237 ContextDllCreateObjectContext *pFunc, HCRYPTOIDFUNCADDR *phFunc)
1241 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid), pFunc, phFunc);
1245 if (!HIWORD(pszObjectOid))
1247 switch (LOWORD(pszObjectOid))
1250 *pFunc = CRYPT_CreateBlob;
1252 case LOWORD(CONTEXT_OID_CERTIFICATE):
1253 *pFunc = CRYPT_CreateCert;
1255 case LOWORD(CONTEXT_OID_CRL):
1256 *pFunc = CRYPT_CreateCRL;
1258 case LOWORD(CONTEXT_OID_CTL):
1259 *pFunc = CRYPT_CreateCTL;
1261 case LOWORD(CONTEXT_OID_PKCS7):
1262 *pFunc = CRYPT_CreatePKCS7;
1264 case LOWORD(CONTEXT_OID_CAPI2_ANY):
1265 *pFunc = CRYPT_CreateAny;
1271 static HCRYPTOIDFUNCSET set = NULL;
1274 set = CryptInitOIDFunctionSet(
1275 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC, 0);
1276 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszObjectOid,
1277 0, (void **)pFunc, phFunc);
1279 TRACE("returning %d\n", ret);
1283 /***********************************************************************
1284 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1286 BOOL WINAPI CryptRetrieveObjectByUrlW(LPCWSTR pszURL, LPCSTR pszObjectOid,
1287 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
1288 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
1289 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
1292 SchemeDllRetrieveEncodedObjectW retrieve;
1293 ContextDllCreateObjectContext create;
1294 HCRYPTOIDFUNCADDR hRetrieve = 0, hCreate = 0;
1296 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
1297 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
1298 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
1302 SetLastError(ERROR_INVALID_PARAMETER);
1305 ret = CRYPT_GetRetrieveFunction(pszURL, &retrieve, &hRetrieve);
1307 ret = CRYPT_GetCreateFunction(pszObjectOid, &create, &hCreate);
1310 CRYPT_BLOB_ARRAY object = { 0, NULL };
1311 PFN_FREE_ENCODED_OBJECT_FUNC freeObject;
1314 ret = retrieve(pszURL, pszObjectOid, dwRetrievalFlags, dwTimeout,
1315 &object, &freeObject, &freeContext, hAsyncRetrieve, pCredentials,
1319 ret = create(pszObjectOid, dwRetrievalFlags, &object, ppvObject);
1320 freeObject(pszObjectOid, &object, freeContext);
1324 CryptFreeOIDFunctionAddress(hCreate, 0);
1326 CryptFreeOIDFunctionAddress(hRetrieve, 0);
1327 TRACE("returning %d\n", ret);
1331 typedef struct _OLD_CERT_REVOCATION_STATUS {
1336 } OLD_CERT_REVOCATION_STATUS, *POLD_CERT_REVOCATION_STATUS;
1338 /***********************************************************************
1339 * CertDllVerifyRevocation (CRYPTNET.@)
1341 BOOL WINAPI CertDllVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType,
1342 DWORD cContext, PVOID rgpvContext[], DWORD dwFlags,
1343 PCERT_REVOCATION_PARA pRevPara, PCERT_REVOCATION_STATUS pRevStatus)
1348 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType, dwRevType,
1349 cContext, rgpvContext, dwFlags, pRevPara, pRevStatus);
1351 if (pRevStatus->cbSize != sizeof(OLD_CERT_REVOCATION_STATUS) &&
1352 pRevStatus->cbSize != sizeof(CERT_REVOCATION_STATUS))
1354 SetLastError(E_INVALIDARG);
1357 memset(&pRevStatus->dwIndex, 0, pRevStatus->cbSize - sizeof(DWORD));
1358 if (dwRevType != CERT_CONTEXT_REVOCATION_TYPE)
1360 error = CRYPT_E_NO_REVOCATION_CHECK;
1366 for (i = 0; ret && i < cContext; i++)
1370 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1371 rgpvContext[i], 0, NULL, &cbUrlArray, NULL, NULL, NULL);
1372 if (!ret && GetLastError() == CRYPT_E_NOT_FOUND)
1374 error = CRYPT_E_NO_REVOCATION_CHECK;
1375 pRevStatus->dwIndex = i;
1379 CRYPT_URL_ARRAY *urlArray = CryptMemAlloc(cbUrlArray);
1383 DWORD j, retrievalFlags = 0, startTime, endTime, timeout;
1385 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1386 rgpvContext[i], 0, urlArray, &cbUrlArray, NULL, NULL,
1388 if (dwFlags & CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION)
1389 retrievalFlags |= CRYPT_CACHE_ONLY_RETRIEVAL;
1390 if (dwFlags & CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG &&
1391 pRevPara->cbSize >= offsetof(CERT_REVOCATION_PARA,
1392 dwUrlRetrievalTimeout) + sizeof(DWORD))
1394 startTime = GetTickCount();
1395 endTime = startTime + pRevPara->dwUrlRetrievalTimeout;
1396 timeout = pRevPara->dwUrlRetrievalTimeout;
1399 endTime = timeout = 0;
1400 for (j = 0; ret && j < urlArray->cUrl; j++)
1404 ret = CryptRetrieveObjectByUrlW(urlArray->rgwszUrl[j],
1405 CONTEXT_OID_CRL, retrievalFlags, timeout,
1406 (void **)&crl, NULL, NULL, NULL, NULL);
1409 PCRL_ENTRY entry = NULL;
1411 CertFindCertificateInCRL(
1412 (PCCERT_CONTEXT)rgpvContext[i], crl, 0, NULL,
1416 error = CRYPT_E_REVOKED;
1417 pRevStatus->dwIndex = i;
1422 DWORD time = GetTickCount();
1424 if ((int)(endTime - time) <= 0)
1426 error = ERROR_TIMEOUT;
1427 pRevStatus->dwIndex = i;
1431 timeout = endTime - time;
1433 CertFreeCRLContext(crl);
1436 error = CRYPT_E_REVOCATION_OFFLINE;
1438 CryptMemFree(urlArray);
1442 error = ERROR_OUTOFMEMORY;
1443 pRevStatus->dwIndex = i;
1448 pRevStatus->dwIndex = i;
1454 SetLastError(error);
1455 pRevStatus->dwError = error;
1457 TRACE("returning %d (%08x)\n", ret, error);
projects / wine / blob