2 * Copyright (C) 2006 Maarten Lankhorst
3 * Copyright 2007 Juan Lang
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 #include "wine/port.h"
25 #define NONAMELESSUNION
26 #define NONAMELESSSTRUCT
29 #include "wine/debug.h"
35 #define CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
38 WINE_DEFAULT_DEBUG_CHANNEL(cryptnet);
40 BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
42 TRACE("(0x%p, %d, %p)\n", hinstDLL, fdwReason, lpvReserved);
45 case DLL_PROCESS_ATTACH:
46 DisableThreadLibraryCalls(hinstDLL);
48 case DLL_PROCESS_DETACH:
49 /* Do uninitialisation here */
56 static const WCHAR cryptNet[] = { 'c','r','y','p','t','n','e','t','.',
58 static const WCHAR ldapProvOpenStore[] = { 'L','d','a','p','P','r','o','v',
59 'O','p','e','S','t','o','r','e',0 };
61 /***********************************************************************
62 * DllRegisterServer (CRYPTNET.@)
64 HRESULT WINAPI DllRegisterServer(void)
67 CryptRegisterDefaultOIDFunction(X509_ASN_ENCODING,
68 CRYPT_OID_VERIFY_REVOCATION_FUNC, 0, cryptNet);
69 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap",
70 cryptNet, "LdapProvOpenStore");
71 CryptRegisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
72 CERT_STORE_PROV_LDAP_W, cryptNet, "LdapProvOpenStore");
76 /***********************************************************************
77 * DllUnregisterServer (CRYPTNET.@)
79 HRESULT WINAPI DllUnregisterServer(void)
82 CryptUnregisterDefaultOIDFunction(X509_ASN_ENCODING,
83 CRYPT_OID_VERIFY_REVOCATION_FUNC, cryptNet);
84 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC, "Ldap");
85 CryptUnregisterOIDFunction(0, CRYPT_OID_OPEN_STORE_PROV_FUNC,
86 CERT_STORE_PROV_LDAP_W);
90 static const char *url_oid_to_str(LPCSTR oid)
100 #define _x(oid) case LOWORD(oid): return #oid
101 _x(URL_OID_CERTIFICATE_ISSUER);
102 _x(URL_OID_CERTIFICATE_CRL_DIST_POINT);
103 _x(URL_OID_CTL_ISSUER);
104 _x(URL_OID_CTL_NEXT_UPDATE);
105 _x(URL_OID_CRL_ISSUER);
106 _x(URL_OID_CERTIFICATE_FRESHEST_CRL);
107 _x(URL_OID_CRL_FRESHEST_CRL);
108 _x(URL_OID_CROSS_CERT_DIST_POINT);
111 snprintf(buf, sizeof(buf), "%d", LOWORD(oid));
117 typedef BOOL (WINAPI *UrlDllGetObjectUrlFunc)(LPCSTR, LPVOID, DWORD,
118 PCRYPT_URL_ARRAY, DWORD *, PCRYPT_URL_INFO, DWORD *, LPVOID);
120 static BOOL WINAPI CRYPT_GetUrlFromCertificateIssuer(LPCSTR pszUrlOid,
121 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
122 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
124 /* FIXME: This depends on the AIA (authority info access) extension being
125 * supported in crypt32.
128 SetLastError(CRYPT_E_NOT_FOUND);
132 static BOOL WINAPI CRYPT_GetUrlFromCertificateCRLDistPoint(LPCSTR pszUrlOid,
133 LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray,
134 PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved)
136 PCCERT_CONTEXT cert = (PCCERT_CONTEXT)pvPara;
140 /* The only applicable flag is CRYPT_GET_URL_FROM_EXTENSION */
141 if (dwFlags && !(dwFlags & CRYPT_GET_URL_FROM_EXTENSION))
143 SetLastError(CRYPT_E_NOT_FOUND);
146 if ((ext = CertFindExtension(szOID_CRL_DIST_POINTS,
147 cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
149 CRL_DIST_POINTS_INFO *info;
152 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CRL_DIST_POINTS,
153 ext->Value.pbData, ext->Value.cbData, CRYPT_DECODE_ALLOC_FLAG, NULL,
157 DWORD i, cUrl, bytesNeeded = sizeof(CRYPT_URL_ARRAY);
159 for (i = 0, cUrl = 0; i < info->cDistPoint; i++)
160 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
161 == CRL_DIST_POINT_FULL_NAME)
164 CERT_ALT_NAME_INFO *name =
165 &info->rgDistPoint[i].DistPointName.u.FullName;
167 for (j = 0; j < name->cAltEntry; j++)
168 if (name->rgAltEntry[j].dwAltNameChoice ==
171 if (name->rgAltEntry[j].u.pwszURL)
174 bytesNeeded += sizeof(LPWSTR) +
175 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1)
182 SetLastError(E_INVALIDARG);
186 *pcbUrlArray = bytesNeeded;
187 else if (*pcbUrlArray < bytesNeeded)
189 SetLastError(ERROR_MORE_DATA);
190 *pcbUrlArray = bytesNeeded;
197 *pcbUrlArray = bytesNeeded;
199 pUrlArray->rgwszUrl =
200 (LPWSTR *)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY));
201 nextUrl = (LPWSTR)((BYTE *)pUrlArray + sizeof(CRYPT_URL_ARRAY)
202 + cUrl * sizeof(LPWSTR));
203 for (i = 0; i < info->cDistPoint; i++)
204 if (info->rgDistPoint[i].DistPointName.dwDistPointNameChoice
205 == CRL_DIST_POINT_FULL_NAME)
208 CERT_ALT_NAME_INFO *name =
209 &info->rgDistPoint[i].DistPointName.u.FullName;
211 for (j = 0; j < name->cAltEntry; j++)
212 if (name->rgAltEntry[j].dwAltNameChoice ==
215 if (name->rgAltEntry[j].u.pwszURL)
218 name->rgAltEntry[j].u.pwszURL);
219 pUrlArray->rgwszUrl[pUrlArray->cUrl++] =
222 (lstrlenW(name->rgAltEntry[j].u.pwszURL) + 1)
232 FIXME("url info: stub\n");
234 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
235 else if (*pcbUrlInfo < sizeof(CRYPT_URL_INFO))
237 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
238 SetLastError(ERROR_MORE_DATA);
243 *pcbUrlInfo = sizeof(CRYPT_URL_INFO);
244 memset(pUrlInfo, 0, sizeof(CRYPT_URL_INFO));
252 SetLastError(CRYPT_E_NOT_FOUND);
256 /***********************************************************************
257 * CryptGetObjectUrl (CRYPTNET.@)
259 BOOL WINAPI CryptGetObjectUrl(LPCSTR pszUrlOid, LPVOID pvPara, DWORD dwFlags,
260 PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray, PCRYPT_URL_INFO pUrlInfo,
261 DWORD *pcbUrlInfo, LPVOID pvReserved)
263 UrlDllGetObjectUrlFunc func = NULL;
264 HCRYPTOIDFUNCADDR hFunc = NULL;
267 TRACE("(%s, %p, %08x, %p, %p, %p, %p, %p)\n", debugstr_a(pszUrlOid),
268 pvPara, dwFlags, pUrlArray, pcbUrlArray, pUrlInfo, pcbUrlInfo, pvReserved);
270 if (!HIWORD(pszUrlOid))
272 switch (LOWORD(pszUrlOid))
274 case LOWORD(URL_OID_CERTIFICATE_ISSUER):
275 func = CRYPT_GetUrlFromCertificateIssuer;
277 case LOWORD(URL_OID_CERTIFICATE_CRL_DIST_POINT):
278 func = CRYPT_GetUrlFromCertificateCRLDistPoint;
281 FIXME("unimplemented for %s\n", url_oid_to_str(pszUrlOid));
282 SetLastError(ERROR_FILE_NOT_FOUND);
287 static HCRYPTOIDFUNCSET set = NULL;
290 set = CryptInitOIDFunctionSet(URL_OID_GET_OBJECT_URL_FUNC, 0);
291 CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszUrlOid, 0,
292 (void **)&func, &hFunc);
295 ret = func(pszUrlOid, pvPara, dwFlags, pUrlArray, pcbUrlArray,
296 pUrlInfo, pcbUrlInfo, pvReserved);
298 CryptFreeOIDFunctionAddress(hFunc, 0);
302 /***********************************************************************
303 * CryptRetrieveObjectByUrlA (CRYPTNET.@)
305 BOOL WINAPI CryptRetrieveObjectByUrlA(LPCSTR pszURL, LPCSTR pszObjectOid,
306 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
307 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
308 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
313 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_a(pszURL),
314 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
315 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
319 SetLastError(ERROR_INVALID_PARAMETER);
322 len = MultiByteToWideChar(CP_ACP, 0, pszURL, -1, NULL, 0);
325 LPWSTR url = CryptMemAlloc(len * sizeof(WCHAR));
329 MultiByteToWideChar(CP_ACP, 0, pszURL, -1, url, len);
330 ret = CryptRetrieveObjectByUrlW(url, pszObjectOid,
331 dwRetrievalFlags, dwTimeout, ppvObject, hAsyncRetrieve,
332 pCredentials, pvVerify, pAuxInfo);
336 SetLastError(ERROR_OUTOFMEMORY);
341 static void WINAPI CRYPT_FreeBlob(LPCSTR pszObjectOid,
342 PCRYPT_BLOB_ARRAY pObject, void *pvFreeContext)
346 for (i = 0; i < pObject->cBlob; i++)
347 CryptMemFree(pObject->rgBlob[i].pbData);
348 CryptMemFree(pObject->rgBlob);
351 static BOOL CRYPT_GetObjectFromFile(HANDLE hFile, PCRYPT_BLOB_ARRAY pObject)
356 if ((ret = GetFileSizeEx(hFile, &size)))
360 WARN("file too big\n");
361 SetLastError(ERROR_INVALID_DATA);
366 CRYPT_DATA_BLOB blob;
368 blob.pbData = CryptMemAlloc(size.u.LowPart);
371 blob.cbData = size.u.LowPart;
372 ret = ReadFile(hFile, blob.pbData, size.u.LowPart, &blob.cbData,
376 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
380 memcpy(pObject->rgBlob, &blob, sizeof(CRYPT_DATA_BLOB));
384 SetLastError(ERROR_OUTOFMEMORY);
389 CryptMemFree(blob.pbData);
393 SetLastError(ERROR_OUTOFMEMORY);
401 /* FIXME: should make wininet cache all downloads instead */
402 static BOOL CRYPT_GetObjectFromCache(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
403 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
406 INTERNET_CACHE_ENTRY_INFOW cacheInfo = { sizeof(cacheInfo), 0 };
407 DWORD size = sizeof(cacheInfo);
409 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pObject, pAuxInfo);
411 if (GetUrlCacheEntryInfoW(pszURL, &cacheInfo, &size) ||
412 GetLastError() == ERROR_INSUFFICIENT_BUFFER)
416 GetSystemTimeAsFileTime(&ft);
417 if (CompareFileTime(&cacheInfo.ExpireTime, &ft) >= 0)
419 LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo = CryptMemAlloc(size);
423 if (GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size))
425 HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
426 GENERIC_READ, 0, NULL, OPEN_EXISTING,
427 FILE_ATTRIBUTE_NORMAL, NULL);
429 if (hFile != INVALID_HANDLE_VALUE)
431 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
433 if (pAuxInfo && pAuxInfo->cbSize >=
434 offsetof(CRYPT_RETRIEVE_AUX_INFO,
435 pLastSyncTime) + sizeof(PFILETIME) &&
436 pAuxInfo->pLastSyncTime)
437 memcpy(pAuxInfo->pLastSyncTime,
438 &pCacheInfo->LastSyncTime,
444 CryptMemFree(pCacheInfo);
447 SetLastError(ERROR_OUTOFMEMORY);
450 DeleteUrlCacheEntryW(pszURL);
452 TRACE("returning %d\n", ret);
456 static inline LPWSTR strndupW(LPWSTR string, int len)
459 if (string && (ret = CryptMemAlloc((len + 1) * sizeof(WCHAR))) != NULL)
461 memcpy(ret, string, len * sizeof(WCHAR));
467 /* Parses the URL, and sets components's lpszHostName and lpszUrlPath members
468 * to NULL-terminated copies of those portions of the URL (to be freed with
471 static BOOL CRYPT_CrackUrl(LPCWSTR pszURL, URL_COMPONENTSW *components)
475 TRACE("(%s, %p)\n", debugstr_w(pszURL), components);
477 memset(components, 0, sizeof(*components));
478 components->dwStructSize = sizeof(*components);
479 components->lpszHostName = CryptMemAlloc(MAX_PATH * sizeof(WCHAR));
480 components->dwHostNameLength = MAX_PATH;
481 components->lpszUrlPath = CryptMemAlloc(MAX_PATH * 2 * sizeof(WCHAR));
482 components->dwUrlPathLength = 2 * MAX_PATH;
483 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, components);
486 if ((components->dwUrlPathLength == 2 * MAX_PATH - 1) ||
487 (components->dwHostNameLength == MAX_PATH - 1))
488 FIXME("Buffers are too small\n");
489 switch (components->nScheme)
491 case INTERNET_SCHEME_FTP:
492 if (!components->nPort)
493 components->nPort = INTERNET_DEFAULT_FTP_PORT;
495 case INTERNET_SCHEME_HTTP:
496 if (!components->nPort)
497 components->nPort = INTERNET_DEFAULT_HTTP_PORT;
503 TRACE("returning %d\n", ret);
514 static struct InetContext *CRYPT_MakeInetContext(DWORD dwTimeout)
516 struct InetContext *context = CryptMemAlloc(sizeof(struct InetContext));
520 context->event = CreateEventW(NULL, FALSE, FALSE, NULL);
523 CryptMemFree(context);
528 context->timeout = dwTimeout;
529 context->error = ERROR_SUCCESS;
535 static BOOL CRYPT_DownloadObject(DWORD dwRetrievalFlags, HINTERNET hHttp,
536 struct InetContext *context, PCRYPT_BLOB_ARRAY pObject,
537 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
539 CRYPT_DATA_BLOB object = { 0, NULL };
540 DWORD bytesAvailable;
544 if ((ret = InternetQueryDataAvailable(hHttp, &bytesAvailable, 0, 0)))
549 object.pbData = CryptMemRealloc(object.pbData,
550 object.cbData + bytesAvailable);
552 object.pbData = CryptMemAlloc(bytesAvailable);
555 INTERNET_BUFFERSA buffer = { sizeof(buffer), 0 };
557 buffer.dwBufferLength = bytesAvailable;
558 buffer.lpvBuffer = object.pbData + object.cbData;
559 if (!(ret = InternetReadFileExA(hHttp, &buffer, IRF_NO_WAIT,
560 (DWORD_PTR)context)))
562 if (GetLastError() == ERROR_IO_PENDING)
564 if (WaitForSingleObject(context->event,
565 context->timeout) == WAIT_TIMEOUT)
566 SetLastError(ERROR_TIMEOUT);
567 else if (context->error)
568 SetLastError(context->error);
574 object.cbData += bytesAvailable;
578 SetLastError(ERROR_OUTOFMEMORY);
583 else if (GetLastError() == ERROR_IO_PENDING)
585 if (WaitForSingleObject(context->event, context->timeout) ==
587 SetLastError(ERROR_TIMEOUT);
591 } while (ret && bytesAvailable);
594 pObject->rgBlob = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
595 if (!pObject->rgBlob)
597 CryptMemFree(object.pbData);
598 SetLastError(ERROR_OUTOFMEMORY);
603 pObject->rgBlob[0].cbData = object.cbData;
604 pObject->rgBlob[0].pbData = object.pbData;
608 TRACE("returning %d\n", ret);
612 static void CRYPT_CacheURL(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
613 DWORD dwRetrievalFlags, FILETIME expires)
615 WCHAR cacheFileName[MAX_PATH];
617 /* FIXME: let wininet directly cache instead */
618 if (CreateUrlCacheEntryW(pszURL, pObject->rgBlob[0].cbData, NULL,
621 HANDLE hCacheFile = CreateFileW(cacheFileName, GENERIC_WRITE, 0, NULL,
622 CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
624 if (hCacheFile != INVALID_HANDLE_VALUE)
626 DWORD bytesWritten, entryType;
629 if (!(dwRetrievalFlags & CRYPT_STICKY_CACHE_RETRIEVAL))
630 entryType = NORMAL_CACHE_ENTRY;
632 entryType = STICKY_CACHE_ENTRY;
633 WriteFile(hCacheFile, pObject->rgBlob[0].pbData,
634 pObject->rgBlob[0].cbData, &bytesWritten, NULL);
635 CloseHandle(hCacheFile);
636 CommitUrlCacheEntryW(pszURL, cacheFileName, expires, ft, entryType,
637 NULL, 0, NULL, NULL);
642 static void CALLBACK CRYPT_InetStatusCallback(HINTERNET hInt,
643 DWORD_PTR dwContext, DWORD status, void *statusInfo, DWORD statusInfoLen)
645 struct InetContext *context = (struct InetContext *)dwContext;
646 LPINTERNET_ASYNC_RESULT result;
650 case INTERNET_STATUS_REQUEST_COMPLETE:
651 result = (LPINTERNET_ASYNC_RESULT)statusInfo;
652 context->error = result->dwError;
653 SetEvent(context->event);
657 static BOOL CRYPT_Connect(URL_COMPONENTSW *components,
658 struct InetContext *context, PCRYPT_CREDENTIALS pCredentials,
659 HINTERNET *phInt, HINTERNET *phHost)
663 TRACE("(%s:%d, %p, %p, %p, %p)\n", debugstr_w(components->lpszHostName),
664 components->nPort, context, pCredentials, phInt, phInt);
667 *phInt = InternetOpenW(NULL, INTERNET_OPEN_TYPE_DIRECT, NULL, NULL,
668 context ? INTERNET_FLAG_ASYNC : 0);
674 InternetSetStatusCallbackW(*phInt, CRYPT_InetStatusCallback);
675 switch (components->nScheme)
677 case INTERNET_SCHEME_FTP:
678 service = INTERNET_SERVICE_FTP;
680 case INTERNET_SCHEME_HTTP:
681 service = INTERNET_SERVICE_HTTP;
686 /* FIXME: use pCredentials for username/password */
687 *phHost = InternetConnectW(*phInt, components->lpszHostName,
688 components->nPort, NULL, NULL, service, 0, (DWORD_PTR)context);
691 InternetCloseHandle(*phInt);
700 TRACE("returning %d\n", ret);
704 static BOOL WINAPI FTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
705 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
706 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
707 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
708 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
710 FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
711 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
712 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
715 pObject->rgBlob = NULL;
716 *ppfnFreeObject = CRYPT_FreeBlob;
717 *ppvFreeContext = NULL;
721 static const WCHAR x509cacert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
722 '/','x','-','x','5','0','9','-','c','a','-','c','e','r','t',0 };
723 static const WCHAR x509emailcert[] = { 'a','p','p','l','i','c','a','t','i','o',
724 'n','/','x','-','x','5','0','9','-','e','m','a','i','l','-','c','e','r','t',
726 static const WCHAR x509servercert[] = { 'a','p','p','l','i','c','a','t','i','o',
727 'n','/','x','-','x','5','0','9','-','s','e','r','v','e','r','-','c','e','r',
729 static const WCHAR x509usercert[] = { 'a','p','p','l','i','c','a','t','i','o',
730 'n','/','x','-','x','5','0','9','-','u','s','e','r','-','c','e','r','t',0 };
731 static const WCHAR pkcs7cert[] = { 'a','p','p','l','i','c','a','t','i','o','n',
732 '/','x','-','p','k','c','s','7','-','c','e','r','t','i','f','c','a','t','e',
734 static const WCHAR pkixCRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
735 '/','p','k','i','x','-','c','r','l',0 };
736 static const WCHAR pkcs7CRL[] = { 'a','p','p','l','i','c','a','t','i','o','n',
737 '/','x','-','p','k','c','s','7','-','c','r','l',0 };
738 static const WCHAR pkcs7sig[] = { 'a','p','p','l','i','c','a','t','i','o','n',
739 '/','x','-','p','k','c','s','7','-','s','i','g','n','a','t','u','r','e',0 };
740 static const WCHAR pkcs7mime[] = { 'a','p','p','l','i','c','a','t','i','o','n',
741 '/','x','-','p','k','c','s','7','-','m','i','m','e',0 };
743 static BOOL WINAPI HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
744 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
745 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
746 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
747 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
751 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
752 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
753 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
756 pObject->rgBlob = NULL;
757 *ppfnFreeObject = CRYPT_FreeBlob;
758 *ppvFreeContext = NULL;
760 if (!(dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL))
761 ret = CRYPT_GetObjectFromCache(pszURL, pObject, pAuxInfo);
762 if (!ret && (!(dwRetrievalFlags & CRYPT_CACHE_ONLY_RETRIEVAL) ||
763 (dwRetrievalFlags & CRYPT_WIRE_ONLY_RETRIEVAL)))
765 URL_COMPONENTSW components;
767 if ((ret = CRYPT_CrackUrl(pszURL, &components)))
769 HINTERNET hInt, hHost;
770 struct InetContext *context = NULL;
773 context = CRYPT_MakeInetContext(dwTimeout);
774 ret = CRYPT_Connect(&components, context, pCredentials, &hInt,
778 static LPCWSTR types[] = { x509cacert, x509emailcert,
779 x509servercert, x509usercert, pkcs7cert, pkixCRL, pkcs7CRL,
780 pkcs7sig, pkcs7mime, NULL };
781 HINTERNET hHttp = HttpOpenRequestW(hHost, NULL,
782 components.lpszUrlPath, NULL, NULL, types,
783 INTERNET_FLAG_NO_COOKIES | INTERNET_FLAG_NO_UI,
790 InternetSetOptionW(hHttp,
791 INTERNET_OPTION_RECEIVE_TIMEOUT, &dwTimeout,
793 InternetSetOptionW(hHttp, INTERNET_OPTION_SEND_TIMEOUT,
794 &dwTimeout, sizeof(dwTimeout));
796 ret = HttpSendRequestExW(hHttp, NULL, NULL, 0,
798 if (!ret && GetLastError() == ERROR_IO_PENDING)
800 if (WaitForSingleObject(context->event,
801 context->timeout) == WAIT_TIMEOUT)
802 SetLastError(ERROR_TIMEOUT);
806 /* We don't set ret to TRUE in this block to avoid masking
807 * an error from HttpSendRequestExW.
809 if (!HttpEndRequestW(hHttp, NULL, 0, (DWORD_PTR)context) &&
810 GetLastError() == ERROR_IO_PENDING)
812 if (WaitForSingleObject(context->event,
813 context->timeout) == WAIT_TIMEOUT)
815 SetLastError(ERROR_TIMEOUT);
820 ret = CRYPT_DownloadObject(dwRetrievalFlags, hHttp,
821 context, pObject, pAuxInfo);
822 if (ret && !(dwRetrievalFlags & CRYPT_DONT_CACHE_RESULT))
825 DWORD len = sizeof(st);
827 if (HttpQueryInfoW(hHttp,
828 HTTP_QUERY_EXPIRES | HTTP_QUERY_FLAG_SYSTEMTIME, &st,
833 SystemTimeToFileTime(&st, &ft);
834 CRYPT_CacheURL(pszURL, pObject, dwRetrievalFlags,
838 InternetCloseHandle(hHttp);
840 InternetCloseHandle(hHost);
841 InternetCloseHandle(hInt);
845 CloseHandle(context->event);
846 CryptMemFree(context);
848 CryptMemFree(components.lpszUrlPath);
849 CryptMemFree(components.lpszHostName);
852 TRACE("returning %d\n", ret);
856 static BOOL WINAPI File_RetrieveEncodedObjectW(LPCWSTR pszURL,
857 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
858 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
859 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
860 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
862 URL_COMPONENTSW components = { sizeof(components), 0 };
865 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
866 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
867 ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
870 pObject->rgBlob = NULL;
871 *ppfnFreeObject = CRYPT_FreeBlob;
872 *ppvFreeContext = NULL;
874 components.lpszUrlPath = CryptMemAlloc(MAX_PATH * 2 * sizeof(WCHAR));
875 components.dwUrlPathLength = 2 * MAX_PATH;
876 ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
881 if (components.dwUrlPathLength == 2 * MAX_PATH - 1)
882 FIXME("Buffers are too small\n");
884 /* 3 == lstrlenW(L"c:") + 1 */
885 path = CryptMemAlloc((components.dwUrlPathLength + 3) * sizeof(WCHAR));
890 /* Try to create the file directly - Wine handles / in pathnames */
891 lstrcpynW(path, components.lpszUrlPath,
892 components.dwUrlPathLength + 1);
893 hFile = CreateFileW(path, GENERIC_READ, 0, NULL, OPEN_EXISTING,
894 FILE_ATTRIBUTE_NORMAL, NULL);
895 if (hFile == INVALID_HANDLE_VALUE)
897 /* Try again on the current drive */
898 GetCurrentDirectoryW(components.dwUrlPathLength, path);
901 lstrcpynW(path + 2, components.lpszUrlPath,
902 components.dwUrlPathLength + 1);
903 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
904 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
906 if (hFile == INVALID_HANDLE_VALUE)
908 /* Try again on the Windows drive */
909 GetWindowsDirectoryW(path, components.dwUrlPathLength);
912 lstrcpynW(path + 2, components.lpszUrlPath,
913 components.dwUrlPathLength + 1);
914 hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
915 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
919 if (hFile != INVALID_HANDLE_VALUE)
921 if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
923 if (pAuxInfo && pAuxInfo->cbSize >=
924 offsetof(CRYPT_RETRIEVE_AUX_INFO,
925 pLastSyncTime) + sizeof(PFILETIME) &&
926 pAuxInfo->pLastSyncTime)
927 GetFileTime(hFile, NULL, NULL,
928 pAuxInfo->pLastSyncTime);
937 CryptMemFree(components.lpszUrlPath);
941 typedef BOOL (WINAPI *SchemeDllRetrieveEncodedObjectW)(LPCWSTR pwszUrl,
942 LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
943 PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
944 void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
945 PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
947 static BOOL CRYPT_GetRetrieveFunction(LPCWSTR pszURL,
948 SchemeDllRetrieveEncodedObjectW *pFunc, HCRYPTOIDFUNCADDR *phFunc)
950 URL_COMPONENTSW components = { sizeof(components), 0 };
953 TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pFunc, phFunc);
957 components.dwSchemeLength = 1;
958 ret = InternetCrackUrlW(pszURL, 0, 0, &components);
961 /* Microsoft always uses CryptInitOIDFunctionSet/
962 * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
963 * reason to do so for builtin schemes.
965 switch (components.nScheme)
967 case INTERNET_SCHEME_FTP:
968 *pFunc = FTP_RetrieveEncodedObjectW;
970 case INTERNET_SCHEME_HTTP:
971 *pFunc = HTTP_RetrieveEncodedObjectW;
973 case INTERNET_SCHEME_FILE:
974 *pFunc = File_RetrieveEncodedObjectW;
978 int len = WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
979 components.dwSchemeLength, NULL, 0, NULL, NULL);
983 LPSTR scheme = CryptMemAlloc(len);
987 static HCRYPTOIDFUNCSET set = NULL;
990 set = CryptInitOIDFunctionSet(
991 SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC, 0);
992 WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
993 components.dwSchemeLength, scheme, len, NULL, NULL);
994 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING,
995 scheme, 0, (void **)pFunc, phFunc);
996 CryptMemFree(scheme);
1000 SetLastError(ERROR_OUTOFMEMORY);
1009 TRACE("returning %d\n", ret);
1013 static BOOL WINAPI CRYPT_CreateBlob(LPCSTR pszObjectOid,
1014 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1017 CRYPT_BLOB_ARRAY *context;
1020 size = sizeof(CRYPT_BLOB_ARRAY) + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1021 for (i = 0; i < pObject->cBlob; i++)
1022 size += pObject->rgBlob[i].cbData;
1023 context = CryptMemAlloc(size);
1030 (CRYPT_DATA_BLOB *)((LPBYTE)context + sizeof(CRYPT_BLOB_ARRAY));
1032 (LPBYTE)context->rgBlob + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
1033 for (i = 0; i < pObject->cBlob; i++)
1035 memcpy(nextData, pObject->rgBlob[i].pbData,
1036 pObject->rgBlob[i].cbData);
1037 context->rgBlob[i].pbData = nextData;
1038 context->rgBlob[i].cbData = pObject->rgBlob[i].cbData;
1039 nextData += pObject->rgBlob[i].cbData;
1042 *ppvContext = context;
1048 typedef BOOL (WINAPI *AddContextToStore)(HCERTSTORE hCertStore,
1049 const void *pContext, DWORD dwAddDisposition, const void **ppStoreContext);
1051 static BOOL CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject,
1052 DWORD dwExpectedContentTypeFlags, AddContextToStore addFunc, void **ppvContext)
1056 if (!pObject->cBlob)
1058 SetLastError(ERROR_INVALID_DATA);
1062 else if (pObject->cBlob == 1)
1064 if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1065 dwExpectedContentTypeFlags, CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL,
1066 NULL, NULL, NULL, NULL, (const void **)ppvContext))
1068 SetLastError(CRYPT_E_NO_MATCH);
1074 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1075 CERT_STORE_CREATE_NEW_FLAG, NULL);
1080 const void *context;
1082 for (i = 0; i < pObject->cBlob; i++)
1084 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1085 &pObject->rgBlob[i], dwExpectedContentTypeFlags,
1086 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, NULL, NULL, NULL,
1089 if (!addFunc(store, context, CERT_STORE_ADD_ALWAYS, NULL))
1094 SetLastError(CRYPT_E_NO_MATCH);
1101 *ppvContext = store;
1106 static BOOL WINAPI CRYPT_CreateCert(LPCSTR pszObjectOid,
1107 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1109 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CERT,
1110 (AddContextToStore)CertAddCertificateContextToStore, ppvContext);
1113 static BOOL WINAPI CRYPT_CreateCRL(LPCSTR pszObjectOid,
1114 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1116 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CRL,
1117 (AddContextToStore)CertAddCRLContextToStore, ppvContext);
1120 static BOOL WINAPI CRYPT_CreateCTL(LPCSTR pszObjectOid,
1121 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1123 return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CTL,
1124 (AddContextToStore)CertAddCTLContextToStore, ppvContext);
1127 static BOOL WINAPI CRYPT_CreatePKCS7(LPCSTR pszObjectOid,
1128 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1132 if (!pObject->cBlob)
1134 SetLastError(ERROR_INVALID_DATA);
1138 else if (pObject->cBlob == 1)
1139 ret = CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
1140 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1141 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED, CERT_QUERY_FORMAT_FLAG_BINARY,
1142 0, NULL, NULL, NULL, ppvContext, NULL, NULL);
1145 FIXME("multiple messages unimplemented\n");
1151 static BOOL WINAPI CRYPT_CreateAny(LPCSTR pszObjectOid,
1152 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
1156 if (!pObject->cBlob)
1158 SetLastError(ERROR_INVALID_DATA);
1164 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
1165 CERT_STORE_CREATE_NEW_FLAG, NULL);
1169 HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
1170 CERT_STORE_CREATE_NEW_FLAG, NULL);
1174 CertAddStoreToCollection(store, memStore,
1175 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1176 CertCloseStore(memStore, 0);
1180 CertCloseStore(store, 0);
1189 for (i = 0; i < pObject->cBlob; i++)
1191 DWORD contentType, expectedContentTypes =
1192 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
1193 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED |
1194 CERT_QUERY_CONTENT_FLAG_CERT |
1195 CERT_QUERY_CONTENT_FLAG_CRL |
1196 CERT_QUERY_CONTENT_FLAG_CTL;
1197 HCERTSTORE contextStore;
1198 const void *context;
1200 if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
1201 &pObject->rgBlob[i], expectedContentTypes,
1202 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, &contentType, NULL,
1203 &contextStore, NULL, &context))
1205 switch (contentType)
1207 case CERT_QUERY_CONTENT_CERT:
1208 if (!CertAddCertificateContextToStore(store,
1209 (PCCERT_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1212 case CERT_QUERY_CONTENT_CRL:
1213 if (!CertAddCRLContextToStore(store,
1214 (PCCRL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1217 case CERT_QUERY_CONTENT_CTL:
1218 if (!CertAddCTLContextToStore(store,
1219 (PCCTL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
1223 CertAddStoreToCollection(store, contextStore, 0, 0);
1232 *ppvContext = store;
1237 typedef BOOL (WINAPI *ContextDllCreateObjectContext)(LPCSTR pszObjectOid,
1238 DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext);
1240 static BOOL CRYPT_GetCreateFunction(LPCSTR pszObjectOid,
1241 ContextDllCreateObjectContext *pFunc, HCRYPTOIDFUNCADDR *phFunc)
1245 TRACE("(%s, %p, %p)\n", debugstr_a(pszObjectOid), pFunc, phFunc);
1249 if (!HIWORD(pszObjectOid))
1251 switch (LOWORD(pszObjectOid))
1254 *pFunc = CRYPT_CreateBlob;
1256 case LOWORD(CONTEXT_OID_CERTIFICATE):
1257 *pFunc = CRYPT_CreateCert;
1259 case LOWORD(CONTEXT_OID_CRL):
1260 *pFunc = CRYPT_CreateCRL;
1262 case LOWORD(CONTEXT_OID_CTL):
1263 *pFunc = CRYPT_CreateCTL;
1265 case LOWORD(CONTEXT_OID_PKCS7):
1266 *pFunc = CRYPT_CreatePKCS7;
1268 case LOWORD(CONTEXT_OID_CAPI2_ANY):
1269 *pFunc = CRYPT_CreateAny;
1275 static HCRYPTOIDFUNCSET set = NULL;
1278 set = CryptInitOIDFunctionSet(
1279 CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC, 0);
1280 ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszObjectOid,
1281 0, (void **)pFunc, phFunc);
1283 TRACE("returning %d\n", ret);
1287 /***********************************************************************
1288 * CryptRetrieveObjectByUrlW (CRYPTNET.@)
1290 BOOL WINAPI CryptRetrieveObjectByUrlW(LPCWSTR pszURL, LPCSTR pszObjectOid,
1291 DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject,
1292 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
1293 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
1296 SchemeDllRetrieveEncodedObjectW retrieve;
1297 ContextDllCreateObjectContext create;
1298 HCRYPTOIDFUNCADDR hRetrieve = 0, hCreate = 0;
1300 TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
1301 debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
1302 hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
1306 SetLastError(ERROR_INVALID_PARAMETER);
1309 ret = CRYPT_GetRetrieveFunction(pszURL, &retrieve, &hRetrieve);
1311 ret = CRYPT_GetCreateFunction(pszObjectOid, &create, &hCreate);
1314 CRYPT_BLOB_ARRAY object = { 0, NULL };
1315 PFN_FREE_ENCODED_OBJECT_FUNC freeObject;
1318 ret = retrieve(pszURL, pszObjectOid, dwRetrievalFlags, dwTimeout,
1319 &object, &freeObject, &freeContext, hAsyncRetrieve, pCredentials,
1323 ret = create(pszObjectOid, dwRetrievalFlags, &object, ppvObject);
1324 freeObject(pszObjectOid, &object, freeContext);
1328 CryptFreeOIDFunctionAddress(hCreate, 0);
1330 CryptFreeOIDFunctionAddress(hRetrieve, 0);
1331 TRACE("returning %d\n", ret);
1335 typedef struct _OLD_CERT_REVOCATION_STATUS {
1340 } OLD_CERT_REVOCATION_STATUS, *POLD_CERT_REVOCATION_STATUS;
1342 /***********************************************************************
1343 * CertDllVerifyRevocation (CRYPTNET.@)
1345 BOOL WINAPI CertDllVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType,
1346 DWORD cContext, PVOID rgpvContext[], DWORD dwFlags,
1347 PCERT_REVOCATION_PARA pRevPara, PCERT_REVOCATION_STATUS pRevStatus)
1352 TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType, dwRevType,
1353 cContext, rgpvContext, dwFlags, pRevPara, pRevStatus);
1355 if (pRevStatus->cbSize != sizeof(OLD_CERT_REVOCATION_STATUS) &&
1356 pRevStatus->cbSize != sizeof(CERT_REVOCATION_STATUS))
1358 SetLastError(E_INVALIDARG);
1361 memset(&pRevStatus->dwIndex, 0, pRevStatus->cbSize - sizeof(DWORD));
1362 if (dwRevType != CERT_CONTEXT_REVOCATION_TYPE)
1364 error = CRYPT_E_NO_REVOCATION_CHECK;
1370 for (i = 0; ret && i < cContext; i++)
1374 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1375 rgpvContext[i], 0, NULL, &cbUrlArray, NULL, NULL, NULL);
1376 if (!ret && GetLastError() == CRYPT_E_NOT_FOUND)
1378 error = CRYPT_E_NO_REVOCATION_CHECK;
1379 pRevStatus->dwIndex = i;
1383 CRYPT_URL_ARRAY *urlArray = CryptMemAlloc(cbUrlArray);
1387 DWORD j, retrievalFlags = 0, startTime, endTime, timeout;
1389 ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT,
1390 rgpvContext[i], 0, urlArray, &cbUrlArray, NULL, NULL,
1392 if (dwFlags & CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION)
1393 retrievalFlags |= CRYPT_CACHE_ONLY_RETRIEVAL;
1394 if (dwFlags & CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG &&
1395 pRevPara->cbSize >= offsetof(CERT_REVOCATION_PARA,
1396 dwUrlRetrievalTimeout) + sizeof(DWORD))
1398 startTime = GetTickCount();
1399 endTime = startTime + pRevPara->dwUrlRetrievalTimeout;
1400 timeout = pRevPara->dwUrlRetrievalTimeout;
1403 endTime = timeout = 0;
1404 for (j = 0; ret && j < urlArray->cUrl; j++)
1408 ret = CryptRetrieveObjectByUrlW(urlArray->rgwszUrl[j],
1409 CONTEXT_OID_CRL, retrievalFlags, timeout,
1410 (void **)&crl, NULL, NULL, NULL, NULL);
1413 PCRL_ENTRY entry = NULL;
1415 CertFindCertificateInCRL(
1416 (PCCERT_CONTEXT)rgpvContext[i], crl, 0, NULL,
1420 error = CRYPT_E_REVOKED;
1421 pRevStatus->dwIndex = i;
1426 DWORD time = GetTickCount();
1428 if ((int)(endTime - time) <= 0)
1430 error = ERROR_TIMEOUT;
1431 pRevStatus->dwIndex = i;
1435 timeout = endTime - time;
1437 CertFreeCRLContext(crl);
1440 error = CRYPT_E_REVOCATION_OFFLINE;
1442 CryptMemFree(urlArray);
1446 error = ERROR_OUTOFMEMORY;
1447 pRevStatus->dwIndex = i;
1452 pRevStatus->dwIndex = i;
1458 SetLastError(error);
1459 pRevStatus->dwError = error;
1461 TRACE("returning %d (%08x)\n", ret, error);