2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 #include "wine/port.h"
25 #include "wine/debug.h"
30 #define NONAMELESSUNION
31 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
34 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet);
36 BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
38 TRACE("(0x%p, %d, %p)\n", hinstDLL, fdwReason, lpvReserved);
41 case DLL_PROCESS_ATTACH:
42 DisableThreadLibraryCalls(hinstDLL);
44 case DLL_PROCESS_DETACH:
45 /* Do uninitialisation here */
52 static const WCHAR cryptNet[] = { 'c','r','y','p','t','n','e','t','.',
54 static const WCHAR ldapProvOpenStore[] = { 'L','d','a','p','P','r','o','v',
55 'O','p','e','S','t','o','r','e',0 };
57 /***********************************************************************
58 * DllRegisterServer (CRYPTNET.@)
60 HRESULT WINAPI DllRegisterServer(void)
63 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING,
64 CRYPT_OID_VERIFY_REVOCATION_FUNC, 0, cryptNet);
65 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap",
66 cryptNet, "LdapProvOpenStore");
67 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
68 CERT_STORE_PROV_LDAP_W, cryptNet, "LdapProvOpenStore");
72 /***********************************************************************
73 * DllUnregisterServer (CRYPTNET.@)
75 HRESULT WINAPI DllUnregisterServer(void)
78 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING,
79 CRYPT_OID_VERIFY_REVOCATION_FUNC, cryptNet);
80 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap");
81 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
82 CERT_STORE_PROV_LDAP_W);
86 static const char *url_oid_to_str(LPCSTR oid)
96 #define _x(oid) case LOWORD(oid): return #oid
97 _x(URL_OID_CERTIFICATE_ISSUER);
98 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT);
99 _x(URL_OID_CTL_ISSUER);
100 _x(URL_OID_CTL_NEXT_UPDATE);
101 _x(URL_OID_CRL_ISSUER);
102 _x(URL_OID_CERTIFICATE_FRESHEST_CRL);
103 _x(URL_OID_CRL_FRESHEST_CRL);
104 _x(URL_OID_CROSS_CERT_DIST_POINT);
107 snprintf(buf, sizeof(buf), "%d", LOWORD(oid));
113 typedef BOOL (WINAPI *UrlDllGetObjectUrlFunc)(LPCSTR, LPVOID, DWORD,
114 PCRYPT_URL_ARRAY, DWORD *, PCRYPT_URL_INFO, DWORD *, LPVOID);
116 static BOOL WINAPI CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid,
117 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
118 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
120 /* FIXME: This depends on the AIA (authority info access) extension being
121 * supported in crypt32.
124 SetLastError(CRYPT_E_NOT_FOUND);
128 static BOOL WINAPI CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid,
129 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
130 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
132 PCCERT_CONTEXT cert = (PCCERT_CONTEXT)pvPara;
136 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
137 if (dwFlags && !(dwFlags & CRYPT_GET_URL_FROM_EXTENSION))
139 SetLastError(CRYPT_E_NOT_FOUND);
142 if ((ext = CertFindExtension(szOID_CRL_DIST_POINTS,
143 cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
145 CRL_DIST_POINTS_INFO *info;
148 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CRL_DIST_POINTS,
149 ext->Value.pbData, ext->Value.cbData, CRYPT_DECODE_ALLOC_FLAG, NULL,
153 DWORD i, cUrl, bytesNeeded = sizeof(CRYPT_URL_ARRAY);
155 for (i = 0, cUrl = 0; i < info->cDistPoint; i++)
156 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
157 == CRL_DIST_POINT_FULL_NAME)
160 CERT_ALT_NAME_INFO *name =
161 &info->rgDistPoint[i].DistPointName.FullName;
163 for (j = 0; j < name->cAltEntry; j++)
164 if (name->rgAltEntry[j].dwAltNameChoice ==
167 if (name->rgAltEntry[j].pwszURL)
170 bytesNeeded += sizeof(LPWSTR) +
171 (lstrlenW(name->rgAltEntry[j].pwszURL) + 1)
178 SetLastError(E_INVALIDARG);
182 *pcbUrlArray = bytesNeeded;
183 else if (*pcbUrlArray < bytesNeeded)
185 SetLastError(ERROR_MORE_DATA);
186 *pcbUrlArray = bytesNeeded;
193 *pcbUrlArray = bytesNeeded;
195 pUrlArray->rgwszUrl =
196 (LPWSTR *)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY));
197 nextUrl = (LPWSTR)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY)
198 + cUrl * sizeof(LPWSTR));
199 for (i = 0; i < info->cDistPoint; i++)
200 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
201 == CRL_DIST_POINT_FULL_NAME)
204 CERT_ALT_NAME_INFO *name =
205 &info->rgDistPoint[i].DistPointName.FullName;
207 for (j = 0; j < name->cAltEntry; j++)
208 if (name->rgAltEntry[j].dwAltNameChoice ==
211 if (name->rgAltEntry[j].pwszURL)
214 name->rgAltEntry[j].pwszURL);
215 pUrlArray->rgwszUrl[pUrlArray->cUrl++] =
218 (lstrlenW(name->rgAltEntry[j].pwszURL) + 1)
228 FIXME("url info: stub\n");
230 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
231 else if (*pcbUrlInfo < sizeof(CRYPT_URL_INFO))
233 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
234 SetLastError(ERROR_MORE_DATA);
239 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
240 memset(pUrlInfo, 0, sizeof(CRYPT_URL_INFO));
248 SetLastError(CRYPT_E_NOT_FOUND);
252 /***********************************************************************
253 * CryptGetObjectUrl (CRYPTNET.@)
255 BOOL WINAPI CryptGetObjectUrl(LPCSTR pszUrlOid, LPVOID pvPara, DWORD dwFlags,
256 PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray, PCRYPT_URL_INFO pUrlInfo,
257 DWORD *pcbUrlInfo, LPVOID pvReserved)
259 UrlDllGetObjectUrlFunc func = NULL;
260 HCRYPTOIDFUNCADDR hFunc = NULL;
263 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid),
264 pvPara, dwFlags, pUrlArray, pcbUrlArray, pUrlInfo, pcbUrlInfo, pvReserved);
266 if (!HIWORD(pszUrlOid))
268 switch (LOWORD(pszUrlOid))
270 case LOWORD(URL_OID_CERTIFICATE_ISSUER):
271 func = CRYPT_GetUrlFromCertificateIssuer;
273 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT):
274 func = CRYPT_GetUrlFromCertificateCRLDistPoint;
277 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid));
278 SetLastError(ERROR_FILE_NOT_FOUND);
283 static HCRYPTOIDFUNCSET set = NULL;
286 set = CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC, 0);
287 CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszUrlOid, 0,
288 (void **)&func, &hFunc);
291 ret = func(pszUrlOid, pvPara, dwFlags, pUrlArray, pcbUrlArray,
292 pUrlInfo, pcbUrlInfo, pvReserved);
294 CryptFreeOIDFunctionAddress(hFunc, 0);
298 /***********************************************************************
299 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
301 BOOL WINAPI CryptRetrieveObjectByUrlA(LPCSTR pszURL, LPCSTR pszObjectOid,
302 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
303 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
304 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
309 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL),
310 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
311 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
315 SetLastError(ERROR_INVALID_PARAMETER);
318 len = MultiByteToWideChar(CP_ACP, 0, pszURL, -1, NULL, 0);
321 LPWSTR url = CryptMemAlloc(len * sizeof(WCHAR));
325 MultiByteToWideChar(CP_ACP, 0, pszURL, -1, url, len);
326 ret = CryptRetrieveObjectByUrlW(url, pszObjectOid,
327 dwRetrievalFlags, dwTimeout, ppvObject, hAsyncRetrieve,
328 pCredentials, pvVerify, pAuxInfo);
332 SetLastError(ERROR_OUTOFMEMORY);
337 static void WINAPI CRYPT_FreeBlob(LPCSTR pszObjectOid,
338 PCRYPT_BLOB_ARRAY pObject, void *pvFreeContext)
342 for (i = 0; i < pObject->cBlob; i++)
343 CryptMemFree(pObject->rgBlob[i].pbData);
344 CryptMemFree(pObject->rgBlob);
347 static BOOL CRYPT_GetObjectFromFile(HANDLE hFile, PCRYPT_BLOB_ARRAY pObject)
352 if ((ret = GetFileSizeEx(hFile, &size)))
356 WARN("file too big\n");
357 SetLastError(ERROR_INVALID_DATA);
362 CRYPT_DATA_BLOB blob;
364 blob.pbData = CryptMemAlloc(size.LowPart);
367 blob.cbData = size.LowPart;
368 ret = ReadFile(hFile, blob.pbData, size.LowPart, &blob.cbData,
372 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
376 memcpy(pObject->rgBlob, &blob, sizeof(CRYPT_DATA_BLOB));
380 SetLastError(ERROR_OUTOFMEMORY);
385 CryptMemFree(blob.pbData);
389 SetLastError(ERROR_OUTOFMEMORY);
397 /* FIXME: should make wininet cache all downloads instead */
398 static BOOL CRYPT_GetObjectFromCache(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
399 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
402 INTERNET_CACHE_ENTRY_INFOW cacheInfo = { sizeof(cacheInfo), 0 };
403 DWORD size = sizeof(cacheInfo);
405 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pObject, pAuxInfo);
407 if (GetUrlCacheEntryInfoW(pszURL, &cacheInfo, &size) ||
408 GetLastError() == ERROR_INSUFFICIENT_BUFFER)
412 GetSystemTimeAsFileTime(&ft);
413 if (CompareFileTime(&cacheInfo.ExpireTime, &ft) >= 0)
415 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo = CryptMemAlloc(size);
419 if (GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size))
421 HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
422 GENERIC_READ, 0, NULL, OPEN_EXISTING,
423 FILE_ATTRIBUTE_NORMAL, NULL);
425 if (hFile != INVALID_HANDLE_VALUE)
427 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
429 if (pAuxInfo && pAuxInfo->cbSize >=
430 offsetof(CRYPT_RETRIEVE_AUX_INFO,
431 pLastSyncTime) + sizeof(PFILETIME) &&
432 pAuxInfo->pLastSyncTime)
433 memcpy(pAuxInfo->pLastSyncTime,
434 &pCacheInfo->LastSyncTime,
440 CryptMemFree(pCacheInfo);
443 SetLastError(ERROR_OUTOFMEMORY);
446 DeleteUrlCacheEntryW(pszURL);
448 TRACE("returning %d\n", ret);
452 static inline LPWSTR strndupW(LPWSTR string, int len)
455 if (string && (ret = CryptMemAlloc((len + 1) * sizeof(WCHAR))) != NULL)
457 memcpy(ret, string, len * sizeof(WCHAR));
463 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
464 * to NULL-terminated copies of those portions of the URL (to be freed with
467 static BOOL CRYPT_CrackUrl(LPCWSTR pszURL, URL_COMPONENTSW *components)
471 TRACE("(%s, %p)\n", debugstr_w(pszURL), components);
473 memset(components, 0, sizeof(*components));
474 components->dwStructSize = sizeof(*components);
475 components->dwHostNameLength = 1;
476 components->dwUrlPathLength = 1;
477 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, components);
480 LPWSTR hostname = strndupW(components->lpszHostName,
481 components->dwHostNameLength);
482 LPWSTR path = strndupW(components->lpszUrlPath,
483 components->dwUrlPathLength);
485 components->lpszHostName = hostname;
486 components->lpszUrlPath = path;
487 switch (components->nScheme)
489 case INTERNET_SCHEME_FTP:
490 if (!components->nPort)
491 components->nPort = INTERNET_DEFAULT_FTP_PORT;
493 case INTERNET_SCHEME_HTTP:
494 if (!components->nPort)
495 components->nPort = INTERNET_DEFAULT_HTTP_PORT;
501 TRACE("returning %d\n", ret);
512 static struct InetContext *CRYPT_MakeInetContext(DWORD dwTimeout)
514 struct InetContext *context = CryptMemAlloc(sizeof(struct InetContext));
518 context->event = CreateEventW(NULL, FALSE, FALSE, NULL);
521 CryptMemFree(context);
526 context->timeout = dwTimeout;
527 context->error = ERROR_SUCCESS;
533 static BOOL CRYPT_DownloadObject(DWORD dwRetrievalFlags, HINTERNET hHttp,
534 struct InetContext *context, PCRYPT_BLOB_ARRAY pObject,
535 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
537 CRYPT_DATA_BLOB object = { 0, NULL };
538 DWORD bytesAvailable;
542 if ((ret = InternetQueryDataAvailable(hHttp, &bytesAvailable, 0, 0)))
547 object.pbData = CryptMemRealloc(object.pbData,
548 object.cbData + bytesAvailable);
550 object.pbData = CryptMemAlloc(bytesAvailable);
553 INTERNET_BUFFERSA buffer = { sizeof(buffer), 0 };
555 buffer.dwBufferLength = bytesAvailable;
556 buffer.lpvBuffer = object.pbData + object.cbData;
557 if (!(ret = InternetReadFileExA(hHttp, &buffer, IRF_NO_WAIT,
558 (DWORD_PTR)context)))
560 if (GetLastError() == ERROR_IO_PENDING)
562 if (WaitForSingleObject(context->event,
563 context->timeout) == WAIT_TIMEOUT)
564 SetLastError(ERROR_TIMEOUT);
565 else if (context->error)
566 SetLastError(context->error);
572 object.cbData += bytesAvailable;
576 SetLastError(ERROR_OUTOFMEMORY);
581 else if (GetLastError() == ERROR_IO_PENDING)
583 if (WaitForSingleObject(context->event, context->timeout) ==
585 SetLastError(ERROR_TIMEOUT);
589 } while (ret && bytesAvailable);
592 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
593 if (!pObject->rgBlob)
595 CryptMemFree(object.pbData);
596 SetLastError(ERROR_OUTOFMEMORY);
601 pObject->rgBlob[0].cbData = object.cbData;
602 pObject->rgBlob[0].pbData = object.pbData;
606 TRACE("returning %d\n", ret);
610 static void CRYPT_CacheURL(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
611 DWORD dwRetrievalFlags, FILETIME expires)
613 WCHAR cacheFileName[MAX_PATH];
615 /* FIXME: let wininet directly cache instead */
616 if (CreateUrlCacheEntryW(pszURL, pObject->rgBlob[0].cbData, NULL,
619 HANDLE hCacheFile = CreateFileW(cacheFileName, GENERIC_WRITE, 0, NULL,
620 CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
622 if (hCacheFile != INVALID_HANDLE_VALUE)
624 DWORD bytesWritten, entryType;
627 if (!(dwRetrievalFlags & CRYPT_STICKY_CACHE_RETRIEVAL))
628 entryType = NORMAL_CACHE_ENTRY;
630 entryType = STICKY_CACHE_ENTRY;
631 WriteFile(hCacheFile, pObject->rgBlob[0].pbData,
632 pObject->rgBlob[0].cbData, &bytesWritten, NULL);
633 CloseHandle(hCacheFile);
634 CommitUrlCacheEntryW(pszURL, cacheFileName, expires, ft, entryType,
635 NULL, 0, NULL, NULL);
640 static void CALLBACK CRYPT_InetStatusCallback(HINTERNET hInt,
641 DWORD_PTR dwContext, DWORD status, void *statusInfo, DWORD statusInfoLen)
643 struct InetContext *context = (struct InetContext *)dwContext;
644 LPINTERNET_ASYNC_RESULT result;
648 case INTERNET_STATUS_REQUEST_COMPLETE:
649 result = (LPINTERNET_ASYNC_RESULT)statusInfo;
650 context->error = result->dwError;
651 SetEvent(context->event);
655 static BOOL CRYPT_Connect(URL_COMPONENTSW *components,
656 struct InetContext *context, PCRYPT_CREDENTIALS pCredentials,
657 HINTERNET *phInt, HINTERNET *phHost)
661 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components->lpszHostName),
662 components->nPort, context, pCredentials, phInt, phInt);
665 *phInt = InternetOpenW(NULL, INTERNET_OPEN_TYPE_DIRECT, NULL, NULL,
666 context ? INTERNET_FLAG_ASYNC : 0);
672 InternetSetStatusCallbackW(*phInt, CRYPT_InetStatusCallback);
673 switch (components->nScheme)
675 case INTERNET_SCHEME_FTP:
676 service = INTERNET_SERVICE_FTP;
678 case INTERNET_SCHEME_HTTP:
679 service = INTERNET_SERVICE_HTTP;
684 /* FIXME: use pCredentials for username/password */
685 *phHost = InternetConnectW(*phInt, components->lpszHostName,
686 components->nPort, NULL, NULL, service, 0, (DWORD_PTR)context);
689 InternetCloseHandle(*phInt);
698 TRACE("returning %d\n", ret);
702 static BOOL WINAPI FTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
703 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
704 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
705 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
706 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
708 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
709 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
710 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
713 pObject->rgBlob = NULL;
714 *ppfnFreeObject = CRYPT_FreeBlob;
715 *ppvFreeContext = NULL;
719 static const WCHAR x509cacert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
720 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
721 static const WCHAR x509emailcert[] = { 'a','p','p','l','i','c','a','t','i','o',
722 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
724 static const WCHAR x509servercert[] = { 'a','p','p','l','i','c','a','t','i','o',
725 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
727 static const WCHAR x509usercert[] = { 'a','p','p','l','i','c','a','t','i','o',
728 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
729 static const WCHAR pkcs7cert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
730 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
732 static const WCHAR pkixCRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
733 '/','p','k','i','x','-','c','r','l',0 };
734 static const WCHAR pkcs7CRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
735 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
736 static const WCHAR pkcs7sig[] = { 'a','p','p','l','i','c','a','t','i','o','n',
737 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
738 static const WCHAR pkcs7mime[] = { 'a','p','p','l','i','c','a','t','i','o','n',
739 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
741 static BOOL WINAPI HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
742 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
743 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
744 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
745 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
749 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
750 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
751 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
754 pObject->rgBlob = NULL;
755 *ppfnFreeObject = CRYPT_FreeBlob;
756 *ppvFreeContext = NULL;
758 if (!(dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL))
759 ret = CRYPT_GetObjectFromCache(pszURL, pObject, pAuxInfo);
760 if (!ret && (!(dwRetrievalFlags & CRYPT_CACHE_ONLY_RETRIEVAL) ||
761 (dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL)))
763 URL_COMPONENTSW components;
765 if ((ret = CRYPT_CrackUrl(pszURL, &components)))
767 HINTERNET hInt, hHost;
768 struct InetContext *context = NULL;
771 context = CRYPT_MakeInetContext(dwTimeout);
772 ret = CRYPT_Connect(&components, context, pCredentials, &hInt,
776 static LPCWSTR types[] = { x509cacert, x509emailcert,
777 x509servercert, x509usercert, pkcs7cert, pkixCRL, pkcs7CRL,
778 pkcs7sig, pkcs7mime, NULL };
779 HINTERNET hHttp = HttpOpenRequestW(hHost, NULL,
780 components.lpszUrlPath, NULL, NULL, types,
781 INTERNET_FLAG_NO_COOKIES | INTERNET_FLAG_NO_UI,
788 InternetSetOptionW(hHttp,
789 INTERNET_OPTION_RECEIVE_TIMEOUT, &dwTimeout,
791 InternetSetOptionW(hHttp, INTERNET_OPTION_SEND_TIMEOUT,
792 &dwTimeout, sizeof(dwTimeout));
794 ret = HttpSendRequestExW(hHttp, NULL, NULL, 0,
796 if (!ret && GetLastError() == ERROR_IO_PENDING)
798 if (WaitForSingleObject(context->event,
799 context->timeout) == WAIT_TIMEOUT)
800 SetLastError(ERROR_TIMEOUT);
804 /* We don't set ret to TRUE in this block to avoid masking
805 * an error from HttpSendRequestExW.
807 if (!HttpEndRequestW(hHttp, NULL, 0, (DWORD_PTR)context) &&
808 GetLastError() == ERROR_IO_PENDING)
810 if (WaitForSingleObject(context->event,
811 context->timeout) == WAIT_TIMEOUT)
813 SetLastError(ERROR_TIMEOUT);
818 ret = CRYPT_DownloadObject(dwRetrievalFlags, hHttp,
819 context, pObject, pAuxInfo);
820 if (ret && !(dwRetrievalFlags & CRYPT_DONT_CACHE_RESULT))
823 DWORD len = sizeof(st);
825 if (HttpQueryInfoW(hHttp,
826 HTTP_QUERY_EXPIRES | HTTP_QUERY_FLAG_SYSTEMTIME, &st,
831 SystemTimeToFileTime(&st, &ft);
832 CRYPT_CacheURL(pszURL, pObject, dwRetrievalFlags,
836 InternetCloseHandle(hHttp);
838 InternetCloseHandle(hHost);
839 InternetCloseHandle(hInt);
843 CloseHandle(context->event);
844 CryptMemFree(context);
846 CryptMemFree(components.lpszUrlPath);
847 CryptMemFree(components.lpszHostName);
850 TRACE("returning %d\n", ret);
854 static BOOL WINAPI File_RetrieveEncodedObjectW(LPCWSTR pszURL,
855 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
856 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
857 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
858 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
860 URL_COMPONENTSW components = { sizeof(components), 0 };
863 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
864 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
865 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
868 pObject->rgBlob = NULL;
869 *ppfnFreeObject = CRYPT_FreeBlob;
870 *ppvFreeContext = NULL;
872 components.dwUrlPathLength = 1;
873 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
878 /* 3 == lstrlenW(L"c:") + 1 */
879 path = CryptMemAlloc((components.dwUrlPathLength + 3) * sizeof(WCHAR));
884 /* Try to create the file directly - Wine handles / in pathnames */
885 lstrcpynW(path, components.lpszUrlPath,
886 components.dwUrlPathLength + 1);
887 hFile = CreateFileW(path, GENERIC_READ, 0, NULL, OPEN_EXISTING,
888 FILE_ATTRIBUTE_NORMAL, NULL);
889 if (hFile == INVALID_HANDLE_VALUE)
891 /* Try again on the current drive */
892 GetCurrentDirectoryW(components.dwUrlPathLength, path);
895 lstrcpynW(path + 2, components.lpszUrlPath,
896 components.dwUrlPathLength + 1);
897 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
898 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
900 if (hFile == INVALID_HANDLE_VALUE)
902 /* Try again on the Windows drive */
903 GetWindowsDirectoryW(path, components.dwUrlPathLength);
906 lstrcpynW(path + 2, components.lpszUrlPath,
907 components.dwUrlPathLength + 1);
908 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
909 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
913 if (hFile != INVALID_HANDLE_VALUE)
915 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
917 if (pAuxInfo && pAuxInfo->cbSize >=
918 offsetof(CRYPT_RETRIEVE_AUX_INFO,
919 pLastSyncTime) + sizeof(PFILETIME) &&
920 pAuxInfo->pLastSyncTime)
921 GetFileTime(hFile, NULL, NULL,
922 pAuxInfo->pLastSyncTime);
934 typedef BOOL (WINAPI *SchemeDllRetrieveEncodedObjectW)(LPCWSTR pwszUrl,
935 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
936 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
937 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
938 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
940 static BOOL CRYPT_GetRetrieveFunction(LPCWSTR pszURL,
941 SchemeDllRetrieveEncodedObjectW *pFunc, HCRYPTOIDFUNCADDR *phFunc)
943 URL_COMPONENTSW components = { sizeof(components), 0 };
946 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pFunc, phFunc);
950 components.dwSchemeLength = 1;
951 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
954 /* Microsoft always uses CryptInitOIDFunctionSet/
955 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
956 * reason to do so for builtin schemes.
958 switch (components.nScheme)
960 case INTERNET_SCHEME_FTP:
961 *pFunc = FTP_RetrieveEncodedObjectW;
963 case INTERNET_SCHEME_HTTP:
964 *pFunc = HTTP_RetrieveEncodedObjectW;
966 case INTERNET_SCHEME_FILE:
967 *pFunc = File_RetrieveEncodedObjectW;
971 int len = WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
972 components.dwSchemeLength, NULL, 0, NULL, NULL);
976 LPSTR scheme = CryptMemAlloc(len);
980 static HCRYPTOIDFUNCSET set = NULL;
983 set = CryptInitOIDFunctionSet(
984 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC, 0);
985 WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
986 components.dwSchemeLength, scheme, len, NULL, NULL);
987 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING,
988 scheme, 0, (void **)pFunc, phFunc);
989 CryptMemFree(scheme);
993 SetLastError(ERROR_OUTOFMEMORY);
1002 TRACE("returning %d\n", ret);
1006 static BOOL WINAPI CRYPT_CreateBlob(LPCSTR pszObjectOid,
1007 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1010 CRYPT_BLOB_ARRAY *context;
1013 size = sizeof(CRYPT_BLOB_ARRAY) + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1014 for (i = 0; i < pObject->cBlob; i++)
1015 size += pObject->rgBlob[i].cbData;
1016 context = CryptMemAlloc(size);
1023 (CRYPT_DATA_BLOB *)((LPBYTE)context + sizeof(CRYPT_BLOB_ARRAY));
1025 (LPBYTE)context->rgBlob + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1026 for (i = 0; i < pObject->cBlob; i++)
1028 memcpy(nextData, pObject->rgBlob[i].pbData,
1029 pObject->rgBlob[i].cbData);
1030 context->rgBlob[i].pbData = nextData;
1031 context->rgBlob[i].cbData = pObject->rgBlob[i].cbData;
1032 nextData += pObject->rgBlob[i].cbData;
1035 *ppvContext = context;
1041 typedef BOOL (WINAPI *AddContextToStore)(HCERTSTORE hCertStore,
1042 const void *pContext, DWORD dwAddDisposition, const void **ppStoreContext);
1044 static BOOL CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject,
1045 DWORD dwExpectedContentTypeFlags, AddContextToStore addFunc, void **ppvContext)
1049 if (!pObject->cBlob)
1051 SetLastError(ERROR_INVALID_DATA);
1055 else if (pObject->cBlob == 1)
1057 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1058 dwExpectedContentTypeFlags, CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL,
1059 NULL, NULL, NULL, NULL, (const void **)ppvContext))
1061 SetLastError(CRYPT_E_NO_MATCH);
1067 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1068 CERT_STORE_CREATE_NEW_FLAG, NULL);
1073 const void *context;
1075 for (i = 0; i < pObject->cBlob; i++)
1077 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1078 &pObject->rgBlob[i], dwExpectedContentTypeFlags,
1079 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, NULL, NULL, NULL,
1082 if (!addFunc(store, context, CERT_STORE_ADD_ALWAYS, NULL))
1087 SetLastError(CRYPT_E_NO_MATCH);
1094 *ppvContext = store;
1099 static BOOL WINAPI CRYPT_CreateCert(LPCSTR pszObjectOid,
1100 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1102 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CERT,
1103 (AddContextToStore)CertAddCertificateContextToStore, ppvContext);
1106 static BOOL WINAPI CRYPT_CreateCRL(LPCSTR pszObjectOid,
1107 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1109 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CRL,
1110 (AddContextToStore)CertAddCRLContextToStore, ppvContext);
1113 static BOOL WINAPI CRYPT_CreateCTL(LPCSTR pszObjectOid,
1114 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1116 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CTL,
1117 (AddContextToStore)CertAddCTLContextToStore, ppvContext);
1120 static BOOL WINAPI CRYPT_CreatePKCS7(LPCSTR pszObjectOid,
1121 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1125 if (!pObject->cBlob)
1127 SetLastError(ERROR_INVALID_DATA);
1131 else if (pObject->cBlob == 1)
1132 ret = CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1133 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1134 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED, CERT_QUERY_FORMAT_FLAG_BINARY,
1135 0, NULL, NULL, NULL, (HCERTSTORE *)ppvContext, NULL, NULL);
1138 FIXME("multiple messages unimplemented\n");
1144 static BOOL WINAPI CRYPT_CreateAny(LPCSTR pszObjectOid,
1145 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1149 if (!pObject->cBlob)
1151 SetLastError(ERROR_INVALID_DATA);
1157 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
1158 CERT_STORE_CREATE_NEW_FLAG, NULL);
1162 HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1163 CERT_STORE_CREATE_NEW_FLAG, NULL);
1167 CertAddStoreToCollection(store, memStore,
1168 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1169 CertCloseStore(memStore, 0);
1173 CertCloseStore(store, 0);
1182 for (i = 0; i < pObject->cBlob; i++)
1184 DWORD contentType, expectedContentTypes =
1185 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1186 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED |
1187 CERT_QUERY_CONTENT_FLAG_CERT |
1188 CERT_QUERY_CONTENT_FLAG_CRL |
1189 CERT_QUERY_CONTENT_FLAG_CTL;
1190 HCERTSTORE contextStore;
1191 const void *context;
1193 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1194 &pObject->rgBlob[i], expectedContentTypes,
1195 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, &contentType, NULL,
1196 &contextStore, NULL, &context))
1198 switch (contentType)
1200 case CERT_QUERY_CONTENT_CERT:
1201 if (!CertAddCertificateContextToStore(store,
1202 (PCCERT_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1205 case CERT_QUERY_CONTENT_CRL:
1206 if (!CertAddCRLContextToStore(store,
1207 (PCCRL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1210 case CERT_QUERY_CONTENT_CTL:
1211 if (!CertAddCTLContextToStore(store,
1212 (PCCTL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1216 CertAddStoreToCollection(store, contextStore, 0, 0);
1225 *ppvContext = store;
1230 typedef BOOL (WINAPI *ContextDllCreateObjectContext)(LPCSTR pszObjectOid,
1231 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext);
1233 static BOOL CRYPT_GetCreateFunction(LPCSTR pszObjectOid,
1234 ContextDllCreateObjectContext *pFunc, HCRYPTOIDFUNCADDR *phFunc)
1238 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid), pFunc, phFunc);
1242 if (!HIWORD(pszObjectOid))
1244 switch (LOWORD(pszObjectOid))
1247 *pFunc = CRYPT_CreateBlob;
1249 case LOWORD(CONTEXT_OID_CERTIFICATE):
1250 *pFunc = CRYPT_CreateCert;
1252 case LOWORD(CONTEXT_OID_CRL):
1253 *pFunc = CRYPT_CreateCRL;
1255 case LOWORD(CONTEXT_OID_CTL):
1256 *pFunc = CRYPT_CreateCTL;
1258 case LOWORD(CONTEXT_OID_PKCS7):
1259 *pFunc = CRYPT_CreatePKCS7;
1261 case LOWORD(CONTEXT_OID_CAPI2_ANY):
1262 *pFunc = CRYPT_CreateAny;
1268 static HCRYPTOIDFUNCSET set = NULL;
1271 set = CryptInitOIDFunctionSet(
1272 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC, 0);
1273 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszObjectOid,
1274 0, (void **)pFunc, phFunc);
1276 TRACE("returning %d\n", ret);
1280 /***********************************************************************
1281 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1283 BOOL WINAPI CryptRetrieveObjectByUrlW(LPCWSTR pszURL, LPCSTR pszObjectOid,
1284 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
1285 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
1286 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
1289 SchemeDllRetrieveEncodedObjectW retrieve;
1290 ContextDllCreateObjectContext create;
1291 HCRYPTOIDFUNCADDR hRetrieve = 0, hCreate = 0;
1293 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
1294 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
1295 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
1299 SetLastError(ERROR_INVALID_PARAMETER);
1302 ret = CRYPT_GetRetrieveFunction(pszURL, &retrieve, &hRetrieve);
1304 ret = CRYPT_GetCreateFunction(pszObjectOid, &create, &hCreate);
1307 CRYPT_BLOB_ARRAY object = { 0, NULL };
1308 PFN_FREE_ENCODED_OBJECT_FUNC freeObject;
1311 ret = retrieve(pszURL, pszObjectOid, dwRetrievalFlags, dwTimeout,
1312 &object, &freeObject, &freeContext, hAsyncRetrieve, pCredentials,
1316 ret = create(pszObjectOid, dwRetrievalFlags, &object, ppvObject);
1317 freeObject(pszObjectOid, &object, freeContext);
1321 CryptFreeOIDFunctionAddress(hCreate, 0);
1323 CryptFreeOIDFunctionAddress(hRetrieve, 0);
1324 TRACE("returning %d\n", ret);
1328 typedef struct _OLD_CERT_REVOCATION_STATUS {
1333 } OLD_CERT_REVOCATION_STATUS, *POLD_CERT_REVOCATION_STATUS;
1335 /***********************************************************************
1336 * CertDllVerifyRevocation (CRYPTNET.@)
1338 BOOL WINAPI CertDllVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType,
1339 DWORD cContext, PVOID rgpvContext[], DWORD dwFlags,
1340 PCERT_REVOCATION_PARA pRevPara, PCERT_REVOCATION_STATUS pRevStatus)
1345 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType, dwRevType,
1346 cContext, rgpvContext, dwFlags, pRevPara, pRevStatus);
1348 if (pRevStatus->cbSize != sizeof(OLD_CERT_REVOCATION_STATUS) &&
1349 pRevStatus->cbSize != sizeof(CERT_REVOCATION_STATUS))
1351 SetLastError(E_INVALIDARG);
1354 memset(&pRevStatus->dwIndex, 0, pRevStatus->cbSize - sizeof(DWORD));
1355 if (dwRevType != CERT_CONTEXT_REVOCATION_TYPE)
1357 error = CRYPT_E_NO_REVOCATION_CHECK;
1363 for (i = 0; ret && i < cContext; i++)
1367 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1368 rgpvContext[i], 0, NULL, &cbUrlArray, NULL, NULL, NULL);
1369 if (!ret && GetLastError() == CRYPT_E_NOT_FOUND)
1371 error = CRYPT_E_NO_REVOCATION_CHECK;
1372 pRevStatus->dwIndex = i;
1376 CRYPT_URL_ARRAY *urlArray = CryptMemAlloc(cbUrlArray);
1380 DWORD j, retrievalFlags = 0, startTime, endTime, timeout;
1382 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1383 rgpvContext[i], 0, urlArray, &cbUrlArray, NULL, NULL,
1385 if (dwFlags & CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION)
1386 retrievalFlags |= CRYPT_CACHE_ONLY_RETRIEVAL;
1387 if (dwFlags & CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG &&
1388 pRevPara->cbSize >= offsetof(CERT_REVOCATION_PARA,
1389 dwUrlRetrievalTimeout) + sizeof(DWORD))
1391 startTime = GetTickCount();
1392 endTime = startTime + pRevPara->dwUrlRetrievalTimeout;
1393 timeout = pRevPara->dwUrlRetrievalTimeout;
1396 endTime = timeout = 0;
1397 for (j = 0; ret && j < urlArray->cUrl; j++)
1401 ret = CryptRetrieveObjectByUrlW(urlArray->rgwszUrl[j],
1402 CONTEXT_OID_CRL, retrievalFlags, timeout,
1403 (void **)&crl, NULL, NULL, NULL, NULL);
1406 PCRL_ENTRY entry = NULL;
1408 CertFindCertificateInCRL(
1409 (PCCERT_CONTEXT)rgpvContext[i], crl, 0, NULL,
1413 error = CRYPT_E_REVOKED;
1414 pRevStatus->dwIndex = i;
1419 DWORD time = GetTickCount();
1421 if ((int)(endTime - time) <= 0)
1423 error = ERROR_TIMEOUT;
1424 pRevStatus->dwIndex = i;
1428 timeout = endTime - time;
1430 CertFreeCRLContext(crl);
1433 error = CRYPT_E_REVOCATION_OFFLINE;
1435 CryptMemFree(urlArray);
1439 error = ERROR_OUTOFMEMORY;
1440 pRevStatus->dwIndex = i;
1445 pRevStatus->dwIndex = i;
1451 SetLastError(error);
1452 pRevStatus->dwError = error;
1454 TRACE("returning %d (%08x)\n", ret, error);