2 * Copyright 2005-2009 Juan Lang
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 * This file implements ASN.1 DER decoding of a limited set of types.
19 * It isn't a full ASN.1 implementation. Microsoft implements BER
20 * encoding of many of the basic types in msasn1.dll, but that interface isn't
21 * implemented, so I implement them here.
24 * "A Layman's Guide to a Subset of ASN.1, BER, and DER", by Burton Kaliski
25 * (available online, look for a PDF copy as the HTML versions tend to have
26 * translation errors.)
28 * RFC3280, http://www.faqs.org/rfcs/rfc3280.html
30 * MSDN, especially "Constants for CryptEncodeObject and CryptDecodeObject"
34 #include "wine/port.h"
41 #define NONAMELESSUNION
48 #include "wine/debug.h"
49 #include "wine/exception.h"
50 #include "crypt32_private.h"
52 /* This is a bit arbitrary, but to set some limit: */
53 #define MAX_ENCODED_LEN 0x02000000
55 #define ASN_FLAGS_MASK 0xe0
56 #define ASN_TYPE_MASK 0x1f
58 WINE_DEFAULT_DEBUG_CHANNEL(cryptasn);
59 WINE_DECLARE_DEBUG_CHANNEL(crypt);
61 typedef BOOL (WINAPI *CryptDecodeObjectFunc)(DWORD, LPCSTR, const BYTE *,
62 DWORD, DWORD, void *, DWORD *);
63 typedef BOOL (WINAPI *CryptDecodeObjectExFunc)(DWORD, LPCSTR, const BYTE *,
64 DWORD, DWORD, PCRYPT_DECODE_PARA, void *, DWORD *);
66 /* Internal decoders don't do memory allocation or exception handling, and
67 * they report how many bytes they decoded.
69 typedef BOOL (*InternalDecodeFunc)(const BYTE *pbEncoded, DWORD cbEncoded,
70 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
72 static BOOL CRYPT_AsnDecodeChoiceOfTimeInternal(const BYTE *pbEncoded,
73 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
75 static BOOL CRYPT_AsnDecodePubKeyInfoInternal(const BYTE *pbEncoded,
76 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
78 /* Assumes pvStructInfo is a CERT_EXTENSION whose pszObjId is set ahead of time.
80 static BOOL CRYPT_AsnDecodeExtension(const BYTE *pbEncoded, DWORD cbEncoded,
81 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
82 /* Assumes algo->Parameters.pbData is set ahead of time. */
83 static BOOL CRYPT_AsnDecodeAlgorithmId(const BYTE *pbEncoded, DWORD cbEncoded,
84 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
85 static BOOL CRYPT_AsnDecodeBool(const BYTE *pbEncoded, DWORD cbEncoded,
86 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
87 /* Assumes the CRYPT_DATA_BLOB's pbData member has been initialized */
88 static BOOL CRYPT_AsnDecodeOctetsInternal(const BYTE *pbEncoded,
89 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
91 /* Doesn't check the tag, assumes the caller does so */
92 static BOOL CRYPT_AsnDecodeBitsInternal(const BYTE *pbEncoded, DWORD cbEncoded,
93 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
94 static BOOL CRYPT_AsnDecodeIntInternal(const BYTE *pbEncoded, DWORD cbEncoded,
95 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded);
96 /* Like CRYPT_AsnDecodeInteger, but assumes the CRYPT_INTEGER_BLOB's pbData
97 * member has been initialized, doesn't do exception handling, and doesn't do
98 * memory allocation. Also doesn't check tag, assumes the caller has checked
101 static BOOL CRYPT_AsnDecodeIntegerInternal(const BYTE *pbEncoded,
102 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
104 /* Like CRYPT_AsnDecodeInteger, but unsigned. */
105 static BOOL CRYPT_AsnDecodeUnsignedIntegerInternal(const BYTE *pbEncoded,
106 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
108 static BOOL CRYPT_AsnDecodePKCSAttributeInternal(const BYTE *pbEncoded,
109 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
112 /* Gets the number of length bytes from the given (leading) length byte */
113 #define GET_LEN_BYTES(b) ((b) <= 0x80 ? 1 : 1 + ((b) & 0x7f))
115 /* Helper function to get the encoded length of the data starting at pbEncoded,
116 * where pbEncoded[0] is the tag. If the data are too short to contain a
117 * length or if the length is too large for cbEncoded, sets an appropriate
118 * error code and returns FALSE. If the encoded length is unknown due to
119 * indefinite length encoding, *len is set to CMSG_INDEFINITE_LENGTH.
121 static BOOL CRYPT_GetLengthIndefinite(const BYTE *pbEncoded, DWORD cbEncoded,
128 SetLastError(CRYPT_E_ASN1_CORRUPT);
131 else if (pbEncoded[1] <= 0x7f)
133 if (pbEncoded[1] + 1 > cbEncoded)
135 SetLastError(CRYPT_E_ASN1_EOD);
144 else if (pbEncoded[1] == 0x80)
146 *len = CMSG_INDEFINITE_LENGTH;
151 BYTE lenLen = GET_LEN_BYTES(pbEncoded[1]);
153 if (lenLen > sizeof(DWORD) + 1)
155 SetLastError(CRYPT_E_ASN1_LARGE);
158 else if (lenLen + 2 > cbEncoded)
160 SetLastError(CRYPT_E_ASN1_CORRUPT);
173 if (out + lenLen + 1 > cbEncoded)
175 SetLastError(CRYPT_E_ASN1_EOD);
188 /* Like CRYPT_GetLengthIndefinite, but disallows indefinite-length encoding. */
189 static BOOL CRYPT_GetLen(const BYTE *pbEncoded, DWORD cbEncoded, DWORD *len)
193 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, len)) &&
194 *len == CMSG_INDEFINITE_LENGTH)
196 SetLastError(CRYPT_E_ASN1_CORRUPT);
202 /* Helper function to check *pcbStructInfo, set it to the required size, and
203 * optionally to allocate memory. Assumes pvStructInfo is not NULL.
204 * If CRYPT_DECODE_ALLOC_FLAG is set in dwFlags, *pvStructInfo will be set to a
205 * pointer to the newly allocated memory.
207 static BOOL CRYPT_DecodeEnsureSpace(DWORD dwFlags,
208 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo,
213 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
215 if (pDecodePara && pDecodePara->pfnAlloc)
216 *(BYTE **)pvStructInfo = pDecodePara->pfnAlloc(bytesNeeded);
218 *(BYTE **)pvStructInfo = LocalAlloc(0, bytesNeeded);
219 if (!*(BYTE **)pvStructInfo)
222 *pcbStructInfo = bytesNeeded;
224 else if (*pcbStructInfo < bytesNeeded)
226 *pcbStructInfo = bytesNeeded;
227 SetLastError(ERROR_MORE_DATA);
231 *pcbStructInfo = bytesNeeded;
235 static void CRYPT_FreeSpace(PCRYPT_DECODE_PARA pDecodePara, LPVOID pv)
237 if (pDecodePara && pDecodePara->pfnFree)
238 pDecodePara->pfnFree(pv);
243 /* Helper function to check *pcbStructInfo and set it to the required size.
244 * Assumes pvStructInfo is not NULL.
246 static BOOL CRYPT_DecodeCheckSpace(DWORD *pcbStructInfo, DWORD bytesNeeded)
250 if (*pcbStructInfo < bytesNeeded)
252 *pcbStructInfo = bytesNeeded;
253 SetLastError(ERROR_MORE_DATA);
258 *pcbStructInfo = bytesNeeded;
265 * The expected tag of the item. If tag is 0, decodeFunc is called
266 * regardless of the tag value seen.
268 * A sequence is decoded into a struct. The offset member is the
269 * offset of this item within that struct.
271 * The decoder function to use. If this is NULL, then the member isn't
272 * decoded, but minSize space is reserved for it.
274 * The minimum amount of space occupied after decoding. You must set this.
276 * If true, and the tag doesn't match the expected tag for this item,
277 * or the decodeFunc fails with CRYPT_E_ASN1_BADTAG, then minSize space is
278 * filled with 0 for this member.
279 * hasPointer, pointerOffset:
280 * If the item has dynamic data, set hasPointer to TRUE, pointerOffset to
281 * the offset within the struct of the data pointer (or to the
282 * first data pointer, if more than one exist).
284 * Used by CRYPT_AsnDecodeSequence, not for your use.
286 struct AsnDecodeSequenceItem
290 InternalDecodeFunc decodeFunc;
298 #define FINALMEMBERSIZE(s, member) (sizeof(s) - offsetof(s, member))
299 #define MEMBERSIZE(s, member, nextmember) \
300 (offsetof(s, nextmember) - offsetof(s, member))
302 /* Decodes the items in a sequence, where the items are described in items,
303 * the encoded data are in pbEncoded with length cbEncoded. Decodes into
304 * pvStructInfo. nextData is a pointer to the memory location at which the
305 * first decoded item with a dynamic pointer should point.
306 * Upon decoding, *cbDecoded is the total number of bytes decoded.
307 * Each item decoder is never called with CRYPT_DECODE_ALLOC_FLAG set.
309 static BOOL CRYPT_AsnDecodeSequenceItems(struct AsnDecodeSequenceItem items[],
310 DWORD cItem, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
311 void *pvStructInfo, BYTE *nextData, DWORD *cbDecoded)
314 DWORD i, decoded = 0;
315 const BYTE *ptr = pbEncoded;
317 TRACE("%p, %d, %p, %d, %08x, %p, %p, %p\n", items, cItem, pbEncoded,
318 cbEncoded, dwFlags, pvStructInfo, nextData, cbDecoded);
320 for (i = 0, ret = TRUE; ret && i < cItem; i++)
322 if (cbEncoded - (ptr - pbEncoded) != 0)
326 if ((ret = CRYPT_GetLengthIndefinite(ptr,
327 cbEncoded - (ptr - pbEncoded), &itemLen)))
329 BYTE itemLenBytes = GET_LEN_BYTES(ptr[1]);
331 if (ptr[0] == items[i].tag || !items[i].tag)
333 DWORD itemEncodedLen;
335 if (itemLen == CMSG_INDEFINITE_LENGTH)
336 itemEncodedLen = cbEncoded - (ptr - pbEncoded);
338 itemEncodedLen = 1 + itemLenBytes + itemLen;
339 if (nextData && pvStructInfo && items[i].hasPointer)
341 TRACE("Setting next pointer to %p\n",
343 *(BYTE **)((BYTE *)pvStructInfo +
344 items[i].pointerOffset) = nextData;
346 if (items[i].decodeFunc)
351 TRACE("decoding item %d\n", i);
353 TRACE("sizing item %d\n", i);
354 ret = items[i].decodeFunc(ptr, itemEncodedLen,
355 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
356 pvStructInfo ? (BYTE *)pvStructInfo + items[i].offset
357 : NULL, &items[i].size, &itemDecoded);
360 if (items[i].size < items[i].minSize)
361 items[i].size = items[i].minSize;
362 else if (items[i].size > items[i].minSize)
364 /* Account for alignment padding */
365 items[i].size = ALIGN_DWORD_PTR(items[i].size);
367 TRACE("item %d size: %d\n", i, items[i].size);
368 if (nextData && items[i].hasPointer &&
369 items[i].size > items[i].minSize)
370 nextData += items[i].size - items[i].minSize;
371 if (itemDecoded > itemEncodedLen)
373 WARN("decoded length %d exceeds encoded %d\n",
374 itemDecoded, itemEncodedLen);
375 SetLastError(CRYPT_E_ASN1_CORRUPT);
381 decoded += itemDecoded;
382 TRACE("item %d: decoded %d bytes\n", i,
386 else if (items[i].optional &&
387 GetLastError() == CRYPT_E_ASN1_BADTAG)
389 TRACE("skipping optional item %d\n", i);
390 items[i].size = items[i].minSize;
391 SetLastError(NOERROR);
395 TRACE("item %d failed: %08x\n", i,
398 else if (itemLen == CMSG_INDEFINITE_LENGTH)
400 ERR("can't use indefinite length encoding without a decoder\n");
401 SetLastError(CRYPT_E_ASN1_CORRUPT);
406 TRACE("item %d: decoded %d bytes\n", i, itemEncodedLen);
407 ptr += itemEncodedLen;
408 decoded += itemEncodedLen;
409 items[i].size = items[i].minSize;
412 else if (items[i].optional)
414 TRACE("skipping optional item %d\n", i);
415 items[i].size = items[i].minSize;
419 TRACE("item %d: tag %02x doesn't match expected %02x\n",
420 i, ptr[0], items[i].tag);
421 SetLastError(CRYPT_E_ASN1_BADTAG);
426 else if (items[i].optional)
428 TRACE("missing optional item %d, skipping\n", i);
429 items[i].size = items[i].minSize;
433 TRACE("not enough bytes for item %d, failing\n", i);
434 SetLastError(CRYPT_E_ASN1_CORRUPT);
439 *cbDecoded = decoded;
440 TRACE("returning %d\n", ret);
444 /* This decodes an arbitrary sequence into a contiguous block of memory
445 * (basically, a struct.) Each element being decoded is described by a struct
446 * AsnDecodeSequenceItem, see above.
447 * startingPointer is an optional pointer to the first place where dynamic
448 * data will be stored. If you know the starting offset, you may pass it
449 * here. Otherwise, pass NULL, and one will be inferred from the items.
451 static BOOL CRYPT_AsnDecodeSequence(struct AsnDecodeSequenceItem items[],
452 DWORD cItem, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
453 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo,
454 DWORD *pcbDecoded, void *startingPointer)
458 TRACE("%p, %d, %p, %d, %08x, %p, %p, %d, %p\n", items, cItem, pbEncoded,
459 cbEncoded, dwFlags, pDecodePara, pvStructInfo, *pcbStructInfo,
464 SetLastError(CRYPT_E_ASN1_EOD);
467 if (pbEncoded[0] == ASN_SEQUENCE)
471 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, &dataLen)))
473 DWORD lenBytes = GET_LEN_BYTES(pbEncoded[1]), cbDecoded;
474 const BYTE *ptr = pbEncoded + 1 + lenBytes;
475 BOOL indefinite = FALSE;
477 cbEncoded -= 1 + lenBytes;
478 if (dataLen == CMSG_INDEFINITE_LENGTH)
483 else if (cbEncoded < dataLen)
485 TRACE("dataLen %d exceeds cbEncoded %d, failing\n", dataLen,
487 SetLastError(CRYPT_E_ASN1_CORRUPT);
492 ret = CRYPT_AsnDecodeSequenceItems(items, cItem,
493 ptr, dataLen, dwFlags, NULL, NULL, &cbDecoded);
494 if (ret && dataLen == CMSG_INDEFINITE_LENGTH)
496 if (cbDecoded > cbEncoded - 2)
498 /* Not enough space for 0 TLV */
499 SetLastError(CRYPT_E_ASN1_CORRUPT);
502 else if (*(ptr + cbDecoded) != 0 ||
503 *(ptr + cbDecoded + 1) != 0)
505 TRACE("expected 0 TLV\n");
506 SetLastError(CRYPT_E_ASN1_CORRUPT);
513 if (ret && !indefinite && cbDecoded != dataLen)
515 TRACE("expected %d decoded, got %d, failing\n", dataLen,
517 SetLastError(CRYPT_E_ASN1_CORRUPT);
522 DWORD i, bytesNeeded = 0, structSize = 0;
524 for (i = 0; i < cItem; i++)
526 bytesNeeded += items[i].size;
527 structSize = max( structSize, items[i].offset + items[i].minSize );
530 *pcbDecoded = 1 + lenBytes + cbDecoded;
532 *pcbStructInfo = bytesNeeded;
533 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags,
534 pDecodePara, pvStructInfo, pcbStructInfo, bytesNeeded)))
538 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
539 pvStructInfo = *(BYTE **)pvStructInfo;
541 nextData = startingPointer;
543 nextData = (BYTE *)pvStructInfo + structSize;
544 memset(pvStructInfo, 0, structSize);
545 ret = CRYPT_AsnDecodeSequenceItems(items, cItem,
546 ptr, dataLen, dwFlags, pvStructInfo, nextData,
548 if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
549 CRYPT_FreeSpace(pDecodePara, pvStructInfo);
556 SetLastError(CRYPT_E_ASN1_BADTAG);
559 TRACE("returning %d (%08x)\n", ret, GetLastError());
564 * The expected tag of the entire encoded array (usually a variant
565 * of ASN_SETOF or ASN_SEQUENCEOF.) If tag is 0, decodeFunc is called
566 * regardless of the tag seen.
568 * The offset within the outer structure at which the count exists.
569 * For example, a structure such as CRYPT_ATTRIBUTES has countOffset == 0,
570 * while CRYPT_ATTRIBUTE has countOffset ==
571 * offsetof(CRYPT_ATTRIBUTE, cValue).
573 * The offset within the outer structure at which the array pointer exists.
574 * For example, CRYPT_ATTRIBUTES has arrayOffset ==
575 * offsetof(CRYPT_ATTRIBUTES, rgAttr).
577 * The minimum size of the decoded array. On WIN32, this is always 8:
578 * sizeof(DWORD) + sizeof(void *). On WIN64, it can be larger due to
581 * used to decode each item in the array
583 * is the minimum size of each decoded item
585 * indicates whether each item has a dynamic pointer
587 * indicates the offset within itemSize at which the pointer exists
589 struct AsnArrayDescriptor
595 InternalDecodeFunc decodeFunc;
601 struct AsnArrayItemSize
607 /* Decodes an array of like types into a structure described by a struct
608 * AsnArrayDescriptor.
610 static BOOL CRYPT_AsnDecodeArray(const struct AsnArrayDescriptor *arrayDesc,
611 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
612 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo,
617 TRACE("%p, %p, %d, %p, %d\n", arrayDesc, pbEncoded,
618 cbEncoded, pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
622 SetLastError(CRYPT_E_ASN1_EOD);
625 else if (!arrayDesc->tag || pbEncoded[0] == arrayDesc->tag)
629 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, &dataLen)))
631 DWORD bytesNeeded = arrayDesc->minArraySize, cItems = 0, decoded;
632 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
633 /* There can be arbitrarily many items, but there is often only one.
635 struct AsnArrayItemSize itemSize = { 0 }, *itemSizes = &itemSize;
637 decoded = 1 + lenBytes;
641 BOOL doneDecoding = FALSE;
643 for (ptr = pbEncoded + 1 + lenBytes; ret && !doneDecoding; )
645 if (dataLen == CMSG_INDEFINITE_LENGTH)
652 SetLastError(CRYPT_E_ASN1_CORRUPT);
659 else if (ptr - pbEncoded - 1 - lenBytes >= dataLen)
663 DWORD itemEncoded, itemDataLen, itemDecoded, size = 0;
665 /* Each item decoded may not tolerate extraneous bytes,
666 * so get the length of the next element if known.
668 if ((ret = CRYPT_GetLengthIndefinite(ptr,
669 cbEncoded - (ptr - pbEncoded), &itemDataLen)))
671 if (itemDataLen == CMSG_INDEFINITE_LENGTH)
672 itemEncoded = cbEncoded - (ptr - pbEncoded);
674 itemEncoded = 1 + GET_LEN_BYTES(ptr[1]) +
678 ret = arrayDesc->decodeFunc(ptr, itemEncoded,
679 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &size,
684 if (itemSizes != &itemSize)
685 itemSizes = CryptMemRealloc(itemSizes,
686 cItems * sizeof(struct AsnArrayItemSize));
691 cItems * sizeof(struct AsnArrayItemSize));
693 memcpy(itemSizes, &itemSize,
698 decoded += itemDecoded;
699 itemSizes[cItems - 1].encodedLen = itemEncoded;
700 itemSizes[cItems - 1].size = size;
713 *pcbDecoded = decoded;
715 *pcbStructInfo = bytesNeeded;
716 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
717 pvStructInfo, pcbStructInfo, bytesNeeded)))
724 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
725 pvStructInfo = *(void **)pvStructInfo;
726 pcItems = pvStructInfo;
728 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
730 rgItems = (BYTE *)pvStructInfo +
731 arrayDesc->minArraySize;
732 *(void **)((BYTE *)pcItems -
733 arrayDesc->countOffset + arrayDesc->arrayOffset) =
737 rgItems = *(void **)((BYTE *)pcItems -
738 arrayDesc->countOffset + arrayDesc->arrayOffset);
739 nextData = (BYTE *)rgItems + cItems * arrayDesc->itemSize;
740 for (i = 0, ptr = pbEncoded + 1 + lenBytes; ret &&
741 i < cItems && ptr - pbEncoded - 1 - lenBytes <
746 if (arrayDesc->hasPointer)
747 *(BYTE **)((BYTE *)rgItems + i * arrayDesc->itemSize
748 + arrayDesc->pointerOffset) = nextData;
749 ret = arrayDesc->decodeFunc(ptr,
750 itemSizes[i].encodedLen,
751 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
752 (BYTE *)rgItems + i * arrayDesc->itemSize,
753 &itemSizes[i].size, &itemDecoded);
756 nextData += itemSizes[i].size - arrayDesc->itemSize;
762 if (itemSizes != &itemSize)
763 CryptMemFree(itemSizes);
768 SetLastError(CRYPT_E_ASN1_BADTAG);
774 /* Decodes a DER-encoded BLOB into a CRYPT_DER_BLOB struct pointed to by
775 * pvStructInfo. The BLOB must be non-empty, otherwise the last error is set
776 * to CRYPT_E_ASN1_CORRUPT.
777 * Warning: assumes the CRYPT_DER_BLOB pointed to by pvStructInfo has pbData
780 static BOOL CRYPT_AsnDecodeDerBlob(const BYTE *pbEncoded, DWORD cbEncoded,
781 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
786 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
788 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
789 DWORD bytesNeeded = sizeof(CRYPT_DER_BLOB);
791 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
792 bytesNeeded += 1 + lenBytes + dataLen;
795 *pcbDecoded = 1 + lenBytes + dataLen;
797 *pcbStructInfo = bytesNeeded;
798 else if ((ret = CRYPT_DecodeCheckSpace(pcbStructInfo, bytesNeeded)))
800 CRYPT_DER_BLOB *blob;
802 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
803 pvStructInfo = *(BYTE **)pvStructInfo;
805 blob->cbData = 1 + lenBytes + dataLen;
808 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
809 blob->pbData = (BYTE *)pbEncoded;
812 assert(blob->pbData);
813 memcpy(blob->pbData, pbEncoded, blob->cbData);
818 SetLastError(CRYPT_E_ASN1_CORRUPT);
826 /* Like CRYPT_AsnDecodeBitsInternal, but swaps the bytes */
827 static BOOL CRYPT_AsnDecodeBitsSwapBytes(const BYTE *pbEncoded,
828 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
833 TRACE("(%p, %d, 0x%08x, %p, %d, %p)\n", pbEncoded, cbEncoded, dwFlags,
834 pvStructInfo, *pcbStructInfo, pcbDecoded);
836 /* Can't use the CRYPT_DECODE_NOCOPY_FLAG, because we modify the bytes in-
839 ret = CRYPT_AsnDecodeBitsInternal(pbEncoded, cbEncoded,
840 dwFlags & ~CRYPT_DECODE_NOCOPY_FLAG, pvStructInfo, pcbStructInfo,
842 if (ret && pvStructInfo)
844 CRYPT_BIT_BLOB *blob = pvStructInfo;
851 for (i = 0; i < blob->cbData / 2; i++)
853 temp = blob->pbData[i];
854 blob->pbData[i] = blob->pbData[blob->cbData - i - 1];
855 blob->pbData[blob->cbData - i - 1] = temp;
859 TRACE("returning %d (%08x)\n", ret, GetLastError());
863 static BOOL WINAPI CRYPT_AsnDecodeCertSignedContent(DWORD dwCertEncodingType,
864 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
865 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
869 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
870 pDecodePara, pvStructInfo, *pcbStructInfo);
874 struct AsnDecodeSequenceItem items[] = {
875 { 0, offsetof(CERT_SIGNED_CONTENT_INFO, ToBeSigned),
876 CRYPT_AsnDecodeDerBlob, sizeof(CRYPT_DER_BLOB), FALSE, TRUE,
877 offsetof(CERT_SIGNED_CONTENT_INFO, ToBeSigned.pbData), 0 },
878 { ASN_SEQUENCEOF, offsetof(CERT_SIGNED_CONTENT_INFO,
879 SignatureAlgorithm), CRYPT_AsnDecodeAlgorithmId,
880 sizeof(CRYPT_ALGORITHM_IDENTIFIER), FALSE, TRUE,
881 offsetof(CERT_SIGNED_CONTENT_INFO, SignatureAlgorithm.pszObjId), 0 },
882 { ASN_BITSTRING, offsetof(CERT_SIGNED_CONTENT_INFO, Signature),
883 CRYPT_AsnDecodeBitsSwapBytes, sizeof(CRYPT_BIT_BLOB), FALSE, TRUE,
884 offsetof(CERT_SIGNED_CONTENT_INFO, Signature.pbData), 0 },
887 if (dwFlags & CRYPT_DECODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG)
888 items[2].decodeFunc = CRYPT_AsnDecodeBitsInternal;
889 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
890 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
891 pcbStructInfo, NULL, NULL);
895 SetLastError(STATUS_ACCESS_VIOLATION);
900 TRACE("Returning %d (%08x)\n", ret, GetLastError());
904 static BOOL CRYPT_AsnDecodeCertVersion(const BYTE *pbEncoded, DWORD cbEncoded,
905 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
910 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
912 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
914 ret = CRYPT_AsnDecodeIntInternal(pbEncoded + 1 + lenBytes, dataLen,
915 dwFlags, pvStructInfo, pcbStructInfo, NULL);
917 *pcbDecoded = 1 + lenBytes + dataLen;
922 static BOOL CRYPT_AsnDecodeValidity(const BYTE *pbEncoded, DWORD cbEncoded,
923 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
927 struct AsnDecodeSequenceItem items[] = {
928 { 0, offsetof(CERT_PRIVATE_KEY_VALIDITY, NotBefore),
929 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), FALSE, FALSE, 0 },
930 { 0, offsetof(CERT_PRIVATE_KEY_VALIDITY, NotAfter),
931 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), FALSE, FALSE, 0 },
934 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
935 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
940 static BOOL CRYPT_AsnDecodeCertExtensionsInternal(const BYTE *pbEncoded,
941 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
945 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
946 offsetof(CERT_INFO, cExtension), offsetof(CERT_INFO, rgExtension),
947 FINALMEMBERSIZE(CERT_INFO, cExtension),
948 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
949 offsetof(CERT_EXTENSION, pszObjId) };
951 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
952 pvStructInfo, *pcbStructInfo, pcbDecoded);
954 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
955 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
959 static BOOL CRYPT_AsnDecodeCertExtensions(const BYTE *pbEncoded,
960 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
966 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
968 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
970 ret = CRYPT_AsnDecodeCertExtensionsInternal(pbEncoded + 1 + lenBytes,
971 dataLen, dwFlags, pvStructInfo, pcbStructInfo, NULL);
972 if (ret && pcbDecoded)
973 *pcbDecoded = 1 + lenBytes + dataLen;
978 static BOOL CRYPT_AsnDecodeCertInfo(DWORD dwCertEncodingType,
979 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
980 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
983 struct AsnDecodeSequenceItem items[] = {
984 { ASN_CONTEXT | ASN_CONSTRUCTOR, offsetof(CERT_INFO, dwVersion),
985 CRYPT_AsnDecodeCertVersion, sizeof(DWORD), TRUE, FALSE, 0, 0 },
986 { ASN_INTEGER, offsetof(CERT_INFO, SerialNumber),
987 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB), FALSE,
988 TRUE, offsetof(CERT_INFO, SerialNumber.pbData), 0 },
989 { ASN_SEQUENCEOF, offsetof(CERT_INFO, SignatureAlgorithm),
990 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
991 FALSE, TRUE, offsetof(CERT_INFO, SignatureAlgorithm.pszObjId), 0 },
992 { 0, offsetof(CERT_INFO, Issuer), CRYPT_AsnDecodeDerBlob,
993 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CERT_INFO,
995 { ASN_SEQUENCEOF, offsetof(CERT_INFO, NotBefore),
996 CRYPT_AsnDecodeValidity, sizeof(CERT_PRIVATE_KEY_VALIDITY), FALSE,
998 { 0, offsetof(CERT_INFO, Subject), CRYPT_AsnDecodeDerBlob,
999 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CERT_INFO,
1001 { ASN_SEQUENCEOF, offsetof(CERT_INFO, SubjectPublicKeyInfo),
1002 CRYPT_AsnDecodePubKeyInfoInternal, sizeof(CERT_PUBLIC_KEY_INFO),
1003 FALSE, TRUE, offsetof(CERT_INFO,
1004 SubjectPublicKeyInfo.Algorithm.Parameters.pbData), 0 },
1005 { ASN_CONTEXT | 1, offsetof(CERT_INFO, IssuerUniqueId),
1006 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), TRUE, TRUE,
1007 offsetof(CERT_INFO, IssuerUniqueId.pbData), 0 },
1008 { ASN_CONTEXT | 2, offsetof(CERT_INFO, SubjectUniqueId),
1009 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), TRUE, TRUE,
1010 offsetof(CERT_INFO, SubjectUniqueId.pbData), 0 },
1011 { ASN_CONTEXT | ASN_CONSTRUCTOR | 3, offsetof(CERT_INFO, cExtension),
1012 CRYPT_AsnDecodeCertExtensions, FINALMEMBERSIZE(CERT_INFO, cExtension),
1013 TRUE, TRUE, offsetof(CERT_INFO, rgExtension), 0 },
1016 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1017 pDecodePara, pvStructInfo, *pcbStructInfo);
1019 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1020 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo,
1022 if (ret && pvStructInfo)
1026 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1027 info = *(CERT_INFO **)pvStructInfo;
1029 info = pvStructInfo;
1030 if (!info->SerialNumber.cbData || !info->Issuer.cbData ||
1031 !info->Subject.cbData)
1033 SetLastError(CRYPT_E_ASN1_CORRUPT);
1034 /* Don't need to deallocate, because it should have failed on the
1035 * first pass (and no memory was allocated.)
1041 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1045 static BOOL WINAPI CRYPT_AsnDecodeCert(DWORD dwCertEncodingType,
1046 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1047 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1051 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1052 pDecodePara, pvStructInfo, *pcbStructInfo);
1058 /* Unless told not to, first try to decode it as a signed cert. */
1059 if (!(dwFlags & CRYPT_DECODE_TO_BE_SIGNED_FLAG))
1061 PCERT_SIGNED_CONTENT_INFO signedCert = NULL;
1063 ret = CRYPT_AsnDecodeCertSignedContent(dwCertEncodingType,
1064 X509_CERT, pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL,
1065 &signedCert, &size);
1069 ret = CRYPT_AsnDecodeCertInfo(dwCertEncodingType,
1070 X509_CERT_TO_BE_SIGNED, signedCert->ToBeSigned.pbData,
1071 signedCert->ToBeSigned.cbData, dwFlags, pDecodePara,
1072 pvStructInfo, pcbStructInfo);
1073 LocalFree(signedCert);
1076 /* Failing that, try it as an unsigned cert */
1080 ret = CRYPT_AsnDecodeCertInfo(dwCertEncodingType,
1081 X509_CERT_TO_BE_SIGNED, pbEncoded, cbEncoded, dwFlags,
1082 pDecodePara, pvStructInfo, pcbStructInfo);
1087 SetLastError(STATUS_ACCESS_VIOLATION);
1091 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1095 static BOOL CRYPT_AsnDecodeCRLEntryExtensions(const BYTE *pbEncoded,
1096 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1100 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1101 offsetof(CRL_ENTRY, cExtension), offsetof(CRL_ENTRY, rgExtension),
1102 FINALMEMBERSIZE(CRL_ENTRY, cExtension),
1103 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
1104 offsetof(CERT_EXTENSION, pszObjId) };
1106 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
1107 pvStructInfo, *pcbStructInfo, pcbDecoded);
1109 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1110 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1114 static BOOL CRYPT_AsnDecodeCRLEntry(const BYTE *pbEncoded, DWORD cbEncoded,
1115 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1118 struct AsnDecodeSequenceItem items[] = {
1119 { ASN_INTEGER, offsetof(CRL_ENTRY, SerialNumber),
1120 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB), FALSE, TRUE,
1121 offsetof(CRL_ENTRY, SerialNumber.pbData), 0 },
1122 { 0, offsetof(CRL_ENTRY, RevocationDate),
1123 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), FALSE, FALSE, 0 },
1124 { ASN_SEQUENCEOF, offsetof(CRL_ENTRY, cExtension),
1125 CRYPT_AsnDecodeCRLEntryExtensions,
1126 FINALMEMBERSIZE(CRL_ENTRY, cExtension), TRUE, TRUE,
1127 offsetof(CRL_ENTRY, rgExtension), 0 },
1129 PCRL_ENTRY entry = pvStructInfo;
1131 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags, entry,
1134 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1135 pbEncoded, cbEncoded, dwFlags, NULL, entry, pcbStructInfo, pcbDecoded,
1136 entry ? entry->SerialNumber.pbData : NULL);
1137 if (ret && entry && !entry->SerialNumber.cbData)
1139 WARN("empty CRL entry serial number\n");
1140 SetLastError(CRYPT_E_ASN1_CORRUPT);
1146 /* Warning: assumes pvStructInfo points to the cCRLEntry member of a CRL_INFO
1147 * whose rgCRLEntry member has been set prior to calling.
1149 static BOOL CRYPT_AsnDecodeCRLEntries(const BYTE *pbEncoded, DWORD cbEncoded,
1150 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1153 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1154 offsetof(CRL_INFO, cCRLEntry), offsetof(CRL_INFO, rgCRLEntry),
1155 MEMBERSIZE(CRL_INFO, cCRLEntry, cExtension),
1156 CRYPT_AsnDecodeCRLEntry, sizeof(CRL_ENTRY), TRUE,
1157 offsetof(CRL_ENTRY, SerialNumber.pbData) };
1159 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
1160 pvStructInfo, *pcbStructInfo, pcbDecoded);
1162 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1163 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1164 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1168 static BOOL CRYPT_AsnDecodeCRLExtensionsInternal(const BYTE *pbEncoded,
1169 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1173 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1174 offsetof(CRL_INFO, cExtension), offsetof(CRL_INFO, rgExtension),
1175 FINALMEMBERSIZE(CRL_INFO, cExtension),
1176 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
1177 offsetof(CERT_EXTENSION, pszObjId) };
1179 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
1180 pvStructInfo, *pcbStructInfo, pcbDecoded);
1182 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1183 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1187 static BOOL CRYPT_AsnDecodeCRLExtensions(const BYTE *pbEncoded,
1188 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1194 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1196 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1198 ret = CRYPT_AsnDecodeCRLExtensionsInternal(pbEncoded + 1 + lenBytes,
1199 dataLen, dwFlags, pvStructInfo, pcbStructInfo, NULL);
1200 if (ret && pcbDecoded)
1201 *pcbDecoded = 1 + lenBytes + dataLen;
1206 static BOOL CRYPT_AsnDecodeCRLInfo(DWORD dwCertEncodingType,
1207 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1208 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1210 struct AsnDecodeSequenceItem items[] = {
1211 { ASN_INTEGER, offsetof(CRL_INFO, dwVersion),
1212 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), TRUE, FALSE, 0, 0 },
1213 { ASN_SEQUENCEOF, offsetof(CRL_INFO, SignatureAlgorithm),
1214 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
1215 FALSE, TRUE, offsetof(CRL_INFO, SignatureAlgorithm.pszObjId), 0 },
1216 { 0, offsetof(CRL_INFO, Issuer), CRYPT_AsnDecodeDerBlob,
1217 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CRL_INFO,
1219 { 0, offsetof(CRL_INFO, ThisUpdate), CRYPT_AsnDecodeChoiceOfTimeInternal,
1220 sizeof(FILETIME), FALSE, FALSE, 0 },
1221 { 0, offsetof(CRL_INFO, NextUpdate), CRYPT_AsnDecodeChoiceOfTimeInternal,
1222 sizeof(FILETIME), TRUE, FALSE, 0 },
1223 { ASN_SEQUENCEOF, offsetof(CRL_INFO, cCRLEntry),
1224 CRYPT_AsnDecodeCRLEntries, MEMBERSIZE(CRL_INFO, cCRLEntry, cExtension),
1225 TRUE, TRUE, offsetof(CRL_INFO, rgCRLEntry), 0 },
1226 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CRL_INFO, cExtension),
1227 CRYPT_AsnDecodeCRLExtensions, FINALMEMBERSIZE(CRL_INFO, cExtension),
1228 TRUE, TRUE, offsetof(CRL_INFO, rgExtension), 0 },
1232 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1233 pDecodePara, pvStructInfo, *pcbStructInfo);
1235 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1236 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo,
1239 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1243 static BOOL WINAPI CRYPT_AsnDecodeCRL(DWORD dwCertEncodingType,
1244 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1245 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1249 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1250 pDecodePara, pvStructInfo, *pcbStructInfo);
1256 /* Unless told not to, first try to decode it as a signed crl. */
1257 if (!(dwFlags & CRYPT_DECODE_TO_BE_SIGNED_FLAG))
1259 PCERT_SIGNED_CONTENT_INFO signedCrl = NULL;
1261 ret = CRYPT_AsnDecodeCertSignedContent(dwCertEncodingType,
1262 X509_CERT, pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL,
1267 ret = CRYPT_AsnDecodeCRLInfo(dwCertEncodingType,
1268 X509_CERT_CRL_TO_BE_SIGNED, signedCrl->ToBeSigned.pbData,
1269 signedCrl->ToBeSigned.cbData, dwFlags, pDecodePara,
1270 pvStructInfo, pcbStructInfo);
1271 LocalFree(signedCrl);
1274 /* Failing that, try it as an unsigned crl */
1278 ret = CRYPT_AsnDecodeCRLInfo(dwCertEncodingType,
1279 X509_CERT_CRL_TO_BE_SIGNED, pbEncoded, cbEncoded,
1280 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo);
1285 SetLastError(STATUS_ACCESS_VIOLATION);
1289 TRACE("Returning %d (%08x)\n", ret, GetLastError());
1293 static BOOL CRYPT_AsnDecodeOidIgnoreTag(const BYTE *pbEncoded, DWORD cbEncoded,
1294 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1299 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1300 pvStructInfo, *pcbStructInfo);
1302 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1304 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1305 DWORD bytesNeeded = sizeof(LPSTR);
1309 /* The largest possible string for the first two components
1310 * is 2.175 (= 2 * 40 + 175 = 255), so this is big enough.
1315 snprintf(firstTwo, sizeof(firstTwo), "%d.%d",
1316 pbEncoded[1 + lenBytes] / 40,
1317 pbEncoded[1 + lenBytes] - (pbEncoded[1 + lenBytes] / 40)
1319 bytesNeeded += strlen(firstTwo) + 1;
1320 for (ptr = pbEncoded + 2 + lenBytes; ret &&
1321 ptr - pbEncoded - 1 - lenBytes < dataLen; )
1323 /* large enough for ".4000000" */
1327 while (ptr - pbEncoded - 1 - lenBytes < dataLen &&
1334 if (ptr - pbEncoded - 1 - lenBytes >= dataLen ||
1337 SetLastError(CRYPT_E_ASN1_CORRUPT);
1344 snprintf(str, sizeof(str), ".%d", val);
1345 bytesNeeded += strlen(str);
1350 *pcbDecoded = 1 + lenBytes + dataLen;
1352 *pcbStructInfo = bytesNeeded;
1353 else if (*pcbStructInfo < bytesNeeded)
1355 *pcbStructInfo = bytesNeeded;
1356 SetLastError(ERROR_MORE_DATA);
1364 LPSTR pszObjId = *(LPSTR *)pvStructInfo;
1367 sprintf(pszObjId, "%d.%d", pbEncoded[1 + lenBytes] / 40,
1368 pbEncoded[1 + lenBytes] - (pbEncoded[1 + lenBytes] /
1370 pszObjId += strlen(pszObjId);
1371 for (ptr = pbEncoded + 2 + lenBytes; ret &&
1372 ptr - pbEncoded - 1 - lenBytes < dataLen; )
1376 while (ptr - pbEncoded - 1 - lenBytes < dataLen &&
1385 sprintf(pszObjId, ".%d", val);
1386 pszObjId += strlen(pszObjId);
1390 *(LPSTR *)pvStructInfo = NULL;
1391 *pcbStructInfo = bytesNeeded;
1397 static BOOL CRYPT_AsnDecodeOidInternal(const BYTE *pbEncoded, DWORD cbEncoded,
1398 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1402 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1403 pvStructInfo, *pcbStructInfo);
1405 if (pbEncoded[0] == ASN_OBJECTIDENTIFIER)
1406 ret = CRYPT_AsnDecodeOidIgnoreTag(pbEncoded, cbEncoded, dwFlags,
1407 pvStructInfo, pcbStructInfo, pcbDecoded);
1410 SetLastError(CRYPT_E_ASN1_BADTAG);
1416 static BOOL CRYPT_AsnDecodeExtension(const BYTE *pbEncoded, DWORD cbEncoded,
1417 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1419 struct AsnDecodeSequenceItem items[] = {
1420 { ASN_OBJECTIDENTIFIER, offsetof(CERT_EXTENSION, pszObjId),
1421 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
1422 offsetof(CERT_EXTENSION, pszObjId), 0 },
1423 { ASN_BOOL, offsetof(CERT_EXTENSION, fCritical), CRYPT_AsnDecodeBool,
1424 sizeof(BOOL), TRUE, FALSE, 0, 0 },
1425 { ASN_OCTETSTRING, offsetof(CERT_EXTENSION, Value),
1426 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_OBJID_BLOB), FALSE, TRUE,
1427 offsetof(CERT_EXTENSION, Value.pbData) },
1430 PCERT_EXTENSION ext = pvStructInfo;
1432 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags, ext,
1436 TRACE("ext->pszObjId is %p\n", ext->pszObjId);
1437 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1438 pbEncoded, cbEncoded, dwFlags, NULL, ext, pcbStructInfo,
1439 pcbDecoded, ext ? ext->pszObjId : NULL);
1441 TRACE("ext->pszObjId is %p (%s)\n", ext->pszObjId,
1442 debugstr_a(ext->pszObjId));
1443 TRACE("returning %d (%08x)\n", ret, GetLastError());
1447 static BOOL WINAPI CRYPT_AsnDecodeExtensions(DWORD dwCertEncodingType,
1448 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1449 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1453 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1454 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
1458 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1459 offsetof(CERT_EXTENSIONS, cExtension),
1460 offsetof(CERT_EXTENSIONS, rgExtension),
1461 sizeof(CERT_EXTENSIONS),
1462 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
1463 offsetof(CERT_EXTENSION, pszObjId) };
1465 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1466 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
1470 SetLastError(STATUS_ACCESS_VIOLATION);
1477 /* Warning: this assumes the address of value->Value.pbData is already set, in
1478 * order to avoid overwriting memory. (In some cases, it may change it, if it
1479 * doesn't copy anything to memory.) Be sure to set it correctly!
1481 static BOOL CRYPT_AsnDecodeNameValueInternal(const BYTE *pbEncoded,
1482 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1487 CERT_NAME_VALUE *value = pvStructInfo;
1489 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1491 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1492 DWORD bytesNeeded = sizeof(CERT_NAME_VALUE), valueType;
1494 switch (pbEncoded[0])
1496 case ASN_OCTETSTRING:
1497 valueType = CERT_RDN_OCTET_STRING;
1498 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1499 bytesNeeded += dataLen;
1501 case ASN_NUMERICSTRING:
1502 valueType = CERT_RDN_NUMERIC_STRING;
1503 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1504 bytesNeeded += dataLen;
1506 case ASN_PRINTABLESTRING:
1507 valueType = CERT_RDN_PRINTABLE_STRING;
1508 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1509 bytesNeeded += dataLen;
1512 valueType = CERT_RDN_IA5_STRING;
1513 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1514 bytesNeeded += dataLen;
1517 valueType = CERT_RDN_T61_STRING;
1518 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1519 bytesNeeded += dataLen;
1521 case ASN_VIDEOTEXSTRING:
1522 valueType = CERT_RDN_VIDEOTEX_STRING;
1523 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1524 bytesNeeded += dataLen;
1526 case ASN_GRAPHICSTRING:
1527 valueType = CERT_RDN_GRAPHIC_STRING;
1528 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1529 bytesNeeded += dataLen;
1531 case ASN_VISIBLESTRING:
1532 valueType = CERT_RDN_VISIBLE_STRING;
1533 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1534 bytesNeeded += dataLen;
1536 case ASN_GENERALSTRING:
1537 valueType = CERT_RDN_GENERAL_STRING;
1538 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1539 bytesNeeded += dataLen;
1541 case ASN_UNIVERSALSTRING:
1542 FIXME("ASN_UNIVERSALSTRING: unimplemented\n");
1543 SetLastError(CRYPT_E_ASN1_BADTAG);
1546 valueType = CERT_RDN_BMP_STRING;
1547 bytesNeeded += dataLen;
1549 case ASN_UTF8STRING:
1550 valueType = CERT_RDN_UTF8_STRING;
1551 bytesNeeded += MultiByteToWideChar(CP_UTF8, 0,
1552 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen, NULL, 0) * 2;
1555 SetLastError(CRYPT_E_ASN1_BADTAG);
1560 *pcbDecoded = 1 + lenBytes + dataLen;
1562 *pcbStructInfo = bytesNeeded;
1563 else if (*pcbStructInfo < bytesNeeded)
1565 *pcbStructInfo = bytesNeeded;
1566 SetLastError(ERROR_MORE_DATA);
1571 *pcbStructInfo = bytesNeeded;
1572 value->dwValueType = valueType;
1577 assert(value->Value.pbData);
1578 switch (pbEncoded[0])
1580 case ASN_OCTETSTRING:
1581 case ASN_NUMERICSTRING:
1582 case ASN_PRINTABLESTRING:
1585 case ASN_VIDEOTEXSTRING:
1586 case ASN_GRAPHICSTRING:
1587 case ASN_VISIBLESTRING:
1588 case ASN_GENERALSTRING:
1589 value->Value.cbData = dataLen;
1592 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
1593 memcpy(value->Value.pbData,
1594 pbEncoded + 1 + lenBytes, dataLen);
1596 value->Value.pbData = (LPBYTE)pbEncoded + 1 +
1602 LPWSTR str = (LPWSTR)value->Value.pbData;
1604 value->Value.cbData = dataLen;
1605 for (i = 0; i < dataLen / 2; i++)
1606 str[i] = (pbEncoded[1 + lenBytes + 2 * i] << 8) |
1607 pbEncoded[1 + lenBytes + 2 * i + 1];
1610 case ASN_UTF8STRING:
1612 LPWSTR str = (LPWSTR)value->Value.pbData;
1614 value->Value.cbData = MultiByteToWideChar(CP_UTF8, 0,
1615 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen,
1616 str, bytesNeeded - sizeof(CERT_NAME_VALUE)) * 2;
1623 value->Value.cbData = 0;
1624 value->Value.pbData = NULL;
1631 static BOOL WINAPI CRYPT_AsnDecodeNameValue(DWORD dwCertEncodingType,
1632 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1633 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1639 ret = CRYPT_AsnDecodeNameValueInternal(pbEncoded, cbEncoded,
1640 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
1641 if (ret && pvStructInfo)
1643 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
1644 pcbStructInfo, *pcbStructInfo);
1647 CERT_NAME_VALUE *value;
1649 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1650 pvStructInfo = *(BYTE **)pvStructInfo;
1651 value = pvStructInfo;
1652 value->Value.pbData = ((BYTE *)value + sizeof(CERT_NAME_VALUE));
1653 ret = CRYPT_AsnDecodeNameValueInternal( pbEncoded, cbEncoded,
1654 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
1655 pcbStructInfo, NULL);
1661 SetLastError(STATUS_ACCESS_VIOLATION);
1668 static BOOL CRYPT_AsnDecodeUnicodeNameValueInternal(const BYTE *pbEncoded,
1669 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1674 CERT_NAME_VALUE *value = pvStructInfo;
1676 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
1678 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
1679 DWORD bytesNeeded = sizeof(CERT_NAME_VALUE), valueType;
1681 switch (pbEncoded[0])
1683 case ASN_NUMERICSTRING:
1684 valueType = CERT_RDN_NUMERIC_STRING;
1686 bytesNeeded += (dataLen + 1) * 2;
1688 case ASN_PRINTABLESTRING:
1689 valueType = CERT_RDN_PRINTABLE_STRING;
1691 bytesNeeded += (dataLen + 1) * 2;
1694 valueType = CERT_RDN_IA5_STRING;
1696 bytesNeeded += (dataLen + 1) * 2;
1699 valueType = CERT_RDN_T61_STRING;
1701 bytesNeeded += (dataLen + 1) * 2;
1703 case ASN_VIDEOTEXSTRING:
1704 valueType = CERT_RDN_VIDEOTEX_STRING;
1706 bytesNeeded += (dataLen + 1) * 2;
1708 case ASN_GRAPHICSTRING:
1709 valueType = CERT_RDN_GRAPHIC_STRING;
1711 bytesNeeded += (dataLen + 1) * 2;
1713 case ASN_VISIBLESTRING:
1714 valueType = CERT_RDN_VISIBLE_STRING;
1716 bytesNeeded += (dataLen + 1) * 2;
1718 case ASN_GENERALSTRING:
1719 valueType = CERT_RDN_GENERAL_STRING;
1721 bytesNeeded += (dataLen + 1) * 2;
1723 case ASN_UNIVERSALSTRING:
1724 valueType = CERT_RDN_UNIVERSAL_STRING;
1726 bytesNeeded += dataLen / 2 + sizeof(WCHAR);
1729 valueType = CERT_RDN_BMP_STRING;
1731 bytesNeeded += dataLen + sizeof(WCHAR);
1733 case ASN_UTF8STRING:
1734 valueType = CERT_RDN_UTF8_STRING;
1736 bytesNeeded += (MultiByteToWideChar(CP_UTF8, 0,
1737 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen, NULL, 0) + 1) * 2;
1740 SetLastError(CRYPT_E_ASN1_BADTAG);
1745 *pcbDecoded = 1 + lenBytes + dataLen;
1747 *pcbStructInfo = bytesNeeded;
1748 else if (*pcbStructInfo < bytesNeeded)
1750 *pcbStructInfo = bytesNeeded;
1751 SetLastError(ERROR_MORE_DATA);
1756 *pcbStructInfo = bytesNeeded;
1757 value->dwValueType = valueType;
1761 LPWSTR str = (LPWSTR)value->Value.pbData;
1763 assert(value->Value.pbData);
1764 switch (pbEncoded[0])
1766 case ASN_NUMERICSTRING:
1767 case ASN_PRINTABLESTRING:
1770 case ASN_VIDEOTEXSTRING:
1771 case ASN_GRAPHICSTRING:
1772 case ASN_VISIBLESTRING:
1773 case ASN_GENERALSTRING:
1774 value->Value.cbData = dataLen * 2;
1775 for (i = 0; i < dataLen; i++)
1776 str[i] = pbEncoded[1 + lenBytes + i];
1779 case ASN_UNIVERSALSTRING:
1780 value->Value.cbData = dataLen / 2;
1781 for (i = 0; i < dataLen / 4; i++)
1782 str[i] = (pbEncoded[1 + lenBytes + 2 * i + 2] << 8)
1783 | pbEncoded[1 + lenBytes + 2 * i + 3];
1787 value->Value.cbData = dataLen;
1788 for (i = 0; i < dataLen / 2; i++)
1789 str[i] = (pbEncoded[1 + lenBytes + 2 * i] << 8) |
1790 pbEncoded[1 + lenBytes + 2 * i + 1];
1793 case ASN_UTF8STRING:
1794 value->Value.cbData = MultiByteToWideChar(CP_UTF8, 0,
1795 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen,
1796 str, bytesNeeded - sizeof(CERT_NAME_VALUE)) * sizeof(WCHAR);
1797 *(WCHAR *)(value->Value.pbData + value->Value.cbData) = 0;
1798 value->Value.cbData += sizeof(WCHAR);
1804 value->Value.cbData = 0;
1805 value->Value.pbData = NULL;
1812 static BOOL WINAPI CRYPT_AsnDecodeUnicodeNameValue(DWORD dwCertEncodingType,
1813 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1814 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1820 ret = CRYPT_AsnDecodeUnicodeNameValueInternal(pbEncoded, cbEncoded,
1821 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
1822 if (ret && pvStructInfo)
1824 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
1825 pcbStructInfo, *pcbStructInfo);
1828 CERT_NAME_VALUE *value;
1830 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
1831 pvStructInfo = *(BYTE **)pvStructInfo;
1832 value = pvStructInfo;
1833 value->Value.pbData = ((BYTE *)value + sizeof(CERT_NAME_VALUE));
1834 ret = CRYPT_AsnDecodeUnicodeNameValueInternal(pbEncoded,
1835 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
1836 pcbStructInfo, NULL);
1842 SetLastError(STATUS_ACCESS_VIOLATION);
1849 static BOOL CRYPT_AsnDecodeRdnAttr(const BYTE *pbEncoded, DWORD cbEncoded,
1850 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1853 struct AsnDecodeSequenceItem items[] = {
1854 { ASN_OBJECTIDENTIFIER, offsetof(CERT_RDN_ATTR, pszObjId),
1855 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
1856 offsetof(CERT_RDN_ATTR, pszObjId), 0 },
1857 { 0, offsetof(CERT_RDN_ATTR, dwValueType),
1858 CRYPT_AsnDecodeNameValueInternal, sizeof(CERT_NAME_VALUE),
1859 FALSE, TRUE, offsetof(CERT_RDN_ATTR, Value.pbData), 0 },
1861 CERT_RDN_ATTR *attr = pvStructInfo;
1863 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1864 pvStructInfo, *pcbStructInfo);
1867 TRACE("attr->pszObjId is %p\n", attr->pszObjId);
1868 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1869 pbEncoded, cbEncoded, dwFlags, NULL, attr, pcbStructInfo, pcbDecoded,
1870 attr ? attr->pszObjId : NULL);
1873 TRACE("attr->pszObjId is %p (%s)\n", attr->pszObjId,
1874 debugstr_a(attr->pszObjId));
1875 TRACE("attr->dwValueType is %d\n", attr->dwValueType);
1877 TRACE("returning %d (%08x)\n", ret, GetLastError());
1881 static BOOL CRYPT_AsnDecodeRdn(const BYTE *pbEncoded, DWORD cbEncoded,
1882 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1885 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
1886 offsetof(CERT_RDN, cRDNAttr), offsetof(CERT_RDN, rgRDNAttr),
1888 CRYPT_AsnDecodeRdnAttr, sizeof(CERT_RDN_ATTR), TRUE,
1889 offsetof(CERT_RDN_ATTR, pszObjId) };
1891 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
1892 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1896 static BOOL WINAPI CRYPT_AsnDecodeName(DWORD dwCertEncodingType,
1897 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1898 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1904 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1905 offsetof(CERT_NAME_INFO, cRDN), offsetof(CERT_NAME_INFO, rgRDN),
1906 sizeof(CERT_NAME_INFO),
1907 CRYPT_AsnDecodeRdn, sizeof(CERT_RDN), TRUE,
1908 offsetof(CERT_RDN, rgRDNAttr) };
1910 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1911 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
1915 SetLastError(STATUS_ACCESS_VIOLATION);
1922 static BOOL CRYPT_AsnDecodeUnicodeRdnAttr(const BYTE *pbEncoded,
1923 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
1927 struct AsnDecodeSequenceItem items[] = {
1928 { ASN_OBJECTIDENTIFIER, offsetof(CERT_RDN_ATTR, pszObjId),
1929 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
1930 offsetof(CERT_RDN_ATTR, pszObjId), 0 },
1931 { 0, offsetof(CERT_RDN_ATTR, dwValueType),
1932 CRYPT_AsnDecodeUnicodeNameValueInternal, sizeof(CERT_NAME_VALUE),
1933 FALSE, TRUE, offsetof(CERT_RDN_ATTR, Value.pbData), 0 },
1935 CERT_RDN_ATTR *attr = pvStructInfo;
1937 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
1938 pvStructInfo, *pcbStructInfo);
1941 TRACE("attr->pszObjId is %p\n", attr->pszObjId);
1942 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
1943 pbEncoded, cbEncoded, dwFlags, NULL, attr, pcbStructInfo, pcbDecoded,
1944 attr ? attr->pszObjId : NULL);
1947 TRACE("attr->pszObjId is %p (%s)\n", attr->pszObjId,
1948 debugstr_a(attr->pszObjId));
1949 TRACE("attr->dwValueType is %d\n", attr->dwValueType);
1951 TRACE("returning %d (%08x)\n", ret, GetLastError());
1955 static BOOL CRYPT_AsnDecodeUnicodeRdn(const BYTE *pbEncoded, DWORD cbEncoded,
1956 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
1959 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
1960 offsetof(CERT_RDN, cRDNAttr), offsetof(CERT_RDN, rgRDNAttr),
1962 CRYPT_AsnDecodeUnicodeRdnAttr, sizeof(CERT_RDN_ATTR), TRUE,
1963 offsetof(CERT_RDN_ATTR, pszObjId) };
1965 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
1966 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
1970 static BOOL WINAPI CRYPT_AsnDecodeUnicodeName(DWORD dwCertEncodingType,
1971 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
1972 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
1978 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
1979 offsetof(CERT_NAME_INFO, cRDN), offsetof(CERT_NAME_INFO, rgRDN),
1980 sizeof(CERT_NAME_INFO),
1981 CRYPT_AsnDecodeUnicodeRdn, sizeof(CERT_RDN), TRUE,
1982 offsetof(CERT_RDN, rgRDNAttr) };
1984 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
1985 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
1989 SetLastError(STATUS_ACCESS_VIOLATION);
1996 static BOOL CRYPT_FindEncodedLen(const BYTE *pbEncoded, DWORD cbEncoded,
1999 BOOL ret = TRUE, done = FALSE;
2000 DWORD indefiniteNestingLevels = 0, decoded = 0;
2002 TRACE("(%p, %d)\n", pbEncoded, cbEncoded);
2009 else if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded,
2012 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2014 if (dataLen == CMSG_INDEFINITE_LENGTH)
2016 indefiniteNestingLevels++;
2017 pbEncoded += 1 + lenBytes;
2018 cbEncoded -= 1 + lenBytes;
2019 decoded += 1 + lenBytes;
2020 TRACE("indefiniteNestingLevels = %d\n",
2021 indefiniteNestingLevels);
2025 if (pbEncoded[0] == 0 && pbEncoded[1] == 0 &&
2026 indefiniteNestingLevels)
2028 indefiniteNestingLevels--;
2029 TRACE("indefiniteNestingLevels = %d\n",
2030 indefiniteNestingLevels);
2032 pbEncoded += 1 + lenBytes + dataLen;
2033 cbEncoded -= 1 + lenBytes + dataLen;
2034 decoded += 1 + lenBytes + dataLen;
2035 if (!indefiniteNestingLevels)
2039 } while (ret && !done);
2040 /* If we haven't found all 0 TLVs, we haven't found the end */
2041 if (ret && indefiniteNestingLevels)
2043 SetLastError(CRYPT_E_ASN1_EOD);
2047 *pcbDecoded = decoded;
2048 TRACE("returning %d (%d)\n", ret, ret ? *pcbDecoded : 0);
2052 static BOOL CRYPT_AsnDecodeCopyBytes(const BYTE *pbEncoded,
2053 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2057 DWORD bytesNeeded = sizeof(CRYPT_OBJID_BLOB), encodedLen = 0;
2059 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2060 pvStructInfo, *pcbStructInfo);
2062 if ((ret = CRYPT_FindEncodedLen(pbEncoded, cbEncoded, &encodedLen)))
2064 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
2065 bytesNeeded += encodedLen;
2067 *pcbStructInfo = bytesNeeded;
2068 else if (*pcbStructInfo < bytesNeeded)
2070 SetLastError(ERROR_MORE_DATA);
2071 *pcbStructInfo = bytesNeeded;
2076 PCRYPT_OBJID_BLOB blob = pvStructInfo;
2078 *pcbStructInfo = bytesNeeded;
2079 blob->cbData = encodedLen;
2082 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
2083 blob->pbData = (LPBYTE)pbEncoded;
2086 assert(blob->pbData);
2087 memcpy(blob->pbData, pbEncoded, blob->cbData);
2091 blob->pbData = NULL;
2094 *pcbDecoded = encodedLen;
2099 static BOOL CRYPT_AsnDecodeCTLUsage(const BYTE *pbEncoded, DWORD cbEncoded,
2100 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2103 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2104 offsetof(CTL_USAGE, cUsageIdentifier),
2105 offsetof(CTL_USAGE, rgpszUsageIdentifier),
2107 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), TRUE, 0 };
2109 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
2110 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2114 static BOOL CRYPT_AsnDecodeCTLEntryAttributes(const BYTE *pbEncoded,
2115 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2118 struct AsnArrayDescriptor arrayDesc = { 0,
2119 offsetof(CTL_ENTRY, cAttribute), offsetof(CTL_ENTRY, rgAttribute),
2120 FINALMEMBERSIZE(CTL_ENTRY, cAttribute),
2121 CRYPT_AsnDecodePKCSAttributeInternal, sizeof(CRYPT_ATTRIBUTE), TRUE,
2122 offsetof(CRYPT_ATTRIBUTE, pszObjId) };
2125 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2126 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2130 static BOOL CRYPT_AsnDecodeCTLEntry(const BYTE *pbEncoded, DWORD cbEncoded,
2131 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2133 struct AsnDecodeSequenceItem items[] = {
2134 { ASN_OCTETSTRING, offsetof(CTL_ENTRY, SubjectIdentifier),
2135 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB), FALSE, TRUE,
2136 offsetof(CTL_ENTRY, SubjectIdentifier.pbData), 0 },
2137 { ASN_CONSTRUCTOR | ASN_SETOF, offsetof(CTL_ENTRY, cAttribute),
2138 CRYPT_AsnDecodeCTLEntryAttributes,
2139 FINALMEMBERSIZE(CTL_ENTRY, cAttribute), FALSE, TRUE,
2140 offsetof(CTL_ENTRY, rgAttribute), 0 },
2143 CTL_ENTRY *entry = pvStructInfo;
2145 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags, entry,
2148 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2149 pbEncoded, cbEncoded, dwFlags, NULL, entry, pcbStructInfo,
2150 pcbDecoded, entry ? entry->SubjectIdentifier.pbData : NULL);
2154 static BOOL CRYPT_AsnDecodeCTLEntries(const BYTE *pbEncoded, DWORD cbEncoded,
2155 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2158 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2159 offsetof(CTL_INFO, cCTLEntry), offsetof(CTL_INFO, rgCTLEntry),
2160 FINALMEMBERSIZE(CTL_INFO, cExtension),
2161 CRYPT_AsnDecodeCTLEntry, sizeof(CTL_ENTRY), TRUE,
2162 offsetof(CTL_ENTRY, SubjectIdentifier.pbData) };
2164 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
2165 pvStructInfo, *pcbStructInfo, pcbDecoded);
2167 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2168 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2172 static BOOL CRYPT_AsnDecodeCTLExtensionsInternal(const BYTE *pbEncoded,
2173 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2177 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2178 offsetof(CTL_INFO, cExtension), offsetof(CTL_INFO, rgExtension),
2179 FINALMEMBERSIZE(CTL_INFO, cExtension),
2180 CRYPT_AsnDecodeExtension, sizeof(CERT_EXTENSION), TRUE,
2181 offsetof(CERT_EXTENSION, pszObjId) };
2183 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
2184 pvStructInfo, *pcbStructInfo, pcbDecoded);
2186 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2187 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2191 static BOOL CRYPT_AsnDecodeCTLExtensions(const BYTE *pbEncoded,
2192 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2198 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2200 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2202 ret = CRYPT_AsnDecodeCTLExtensionsInternal(pbEncoded + 1 + lenBytes,
2203 dataLen, dwFlags, pvStructInfo, pcbStructInfo, NULL);
2204 if (ret && pcbDecoded)
2205 *pcbDecoded = 1 + lenBytes + dataLen;
2210 static BOOL WINAPI CRYPT_AsnDecodeCTL(DWORD dwCertEncodingType,
2211 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2212 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2216 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2217 pDecodePara, pvStructInfo, *pcbStructInfo);
2221 struct AsnDecodeSequenceItem items[] = {
2222 { ASN_INTEGER, offsetof(CTL_INFO, dwVersion),
2223 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), TRUE, FALSE, 0, 0 },
2224 { ASN_SEQUENCEOF, offsetof(CTL_INFO, SubjectUsage),
2225 CRYPT_AsnDecodeCTLUsage, sizeof(CTL_USAGE), FALSE, TRUE,
2226 offsetof(CTL_INFO, SubjectUsage.rgpszUsageIdentifier), 0 },
2227 { ASN_OCTETSTRING, offsetof(CTL_INFO, ListIdentifier),
2228 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DATA_BLOB), TRUE,
2229 TRUE, offsetof(CTL_INFO, ListIdentifier.pbData), 0 },
2230 { ASN_INTEGER, offsetof(CTL_INFO, SequenceNumber),
2231 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
2232 TRUE, TRUE, offsetof(CTL_INFO, SequenceNumber.pbData), 0 },
2233 { 0, offsetof(CTL_INFO, ThisUpdate),
2234 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), FALSE, FALSE,
2236 { 0, offsetof(CTL_INFO, NextUpdate),
2237 CRYPT_AsnDecodeChoiceOfTimeInternal, sizeof(FILETIME), TRUE, FALSE,
2239 { ASN_SEQUENCEOF, offsetof(CTL_INFO, SubjectAlgorithm),
2240 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
2241 FALSE, TRUE, offsetof(CTL_INFO, SubjectAlgorithm.pszObjId), 0 },
2242 { ASN_SEQUENCEOF, offsetof(CTL_INFO, cCTLEntry),
2243 CRYPT_AsnDecodeCTLEntries,
2244 MEMBERSIZE(CTL_INFO, cCTLEntry, cExtension),
2245 TRUE, TRUE, offsetof(CTL_INFO, rgCTLEntry), 0 },
2246 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CTL_INFO, cExtension),
2247 CRYPT_AsnDecodeCTLExtensions, FINALMEMBERSIZE(CTL_INFO, cExtension),
2248 TRUE, TRUE, offsetof(CTL_INFO, rgExtension), 0 },
2251 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2252 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
2253 pcbStructInfo, NULL, NULL);
2257 SetLastError(STATUS_ACCESS_VIOLATION);
2263 static BOOL CRYPT_AsnDecodeSMIMECapability(const BYTE *pbEncoded,
2264 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2268 struct AsnDecodeSequenceItem items[] = {
2269 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_SMIME_CAPABILITY, pszObjId),
2270 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
2271 offsetof(CRYPT_SMIME_CAPABILITY, pszObjId), 0 },
2272 { 0, offsetof(CRYPT_SMIME_CAPABILITY, Parameters),
2273 CRYPT_AsnDecodeCopyBytes, sizeof(CRYPT_OBJID_BLOB), TRUE, TRUE,
2274 offsetof(CRYPT_SMIME_CAPABILITY, Parameters.pbData), 0 },
2276 PCRYPT_SMIME_CAPABILITY capability = pvStructInfo;
2278 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2279 pvStructInfo, *pcbStructInfo);
2281 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2282 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2283 pcbDecoded, capability ? capability->pszObjId : NULL);
2284 TRACE("returning %d\n", ret);
2288 static BOOL WINAPI CRYPT_AsnDecodeSMIMECapabilities(DWORD dwCertEncodingType,
2289 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2290 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2294 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2295 pDecodePara, pvStructInfo, *pcbStructInfo);
2299 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2300 offsetof(CRYPT_SMIME_CAPABILITIES, cCapability),
2301 offsetof(CRYPT_SMIME_CAPABILITIES, rgCapability),
2302 sizeof(CRYPT_SMIME_CAPABILITIES),
2303 CRYPT_AsnDecodeSMIMECapability, sizeof(CRYPT_SMIME_CAPABILITY), TRUE,
2304 offsetof(CRYPT_SMIME_CAPABILITY, pszObjId) };
2306 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2307 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
2311 SetLastError(STATUS_ACCESS_VIOLATION);
2314 TRACE("returning %d\n", ret);
2318 static BOOL CRYPT_AsnDecodeIA5String(const BYTE *pbEncoded,
2319 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2324 LPSTR *pStr = pvStructInfo;
2326 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2328 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2329 DWORD bytesNeeded = sizeof(LPSTR) + sizeof(char);
2331 if (pbEncoded[0] != ASN_IA5STRING)
2333 SetLastError(CRYPT_E_ASN1_CORRUPT);
2338 bytesNeeded += dataLen;
2340 *pcbDecoded = 1 + lenBytes + dataLen;
2342 *pcbStructInfo = bytesNeeded;
2343 else if (*pcbStructInfo < bytesNeeded)
2345 *pcbStructInfo = bytesNeeded;
2346 SetLastError(ERROR_MORE_DATA);
2351 *pcbStructInfo = bytesNeeded;
2357 memcpy(str, pbEncoded + 1 + lenBytes, dataLen);
2368 static BOOL CRYPT_AsnDecodeNoticeNumbers(const BYTE *pbEncoded,
2369 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2372 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
2373 offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, cNoticeNumbers),
2374 offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, rgNoticeNumbers),
2375 FINALMEMBERSIZE(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, cNoticeNumbers),
2376 CRYPT_AsnDecodeIntInternal, sizeof(int), FALSE, 0 };
2379 TRACE("(%p, %d, %08x, %p, %d)\n", pbEncoded, cbEncoded, dwFlags,
2380 pvStructInfo, pvStructInfo ? *pcbDecoded : 0);
2382 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2383 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2384 TRACE("returning %d\n", ret);
2388 static BOOL CRYPT_AsnDecodeNoticeReference(const BYTE *pbEncoded,
2389 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2393 struct AsnDecodeSequenceItem items[] = {
2394 { ASN_IA5STRING, offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE,
2395 pszOrganization), CRYPT_AsnDecodeIA5String, sizeof(LPSTR), FALSE, TRUE,
2396 offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, pszOrganization), 0 },
2397 { ASN_SEQUENCEOF, offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE,
2398 cNoticeNumbers), CRYPT_AsnDecodeNoticeNumbers,
2399 FINALMEMBERSIZE(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, cNoticeNumbers),
2400 FALSE, TRUE, offsetof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE,
2401 rgNoticeNumbers), 0 },
2405 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2406 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
2408 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2409 pbEncoded, cbEncoded, dwFlags, NULL, NULL, &bytesNeeded, pcbDecoded,
2413 /* The caller is expecting a pointer to a
2414 * CERT_POLICY_QUALIFIER_NOTICE_REFERENCE to be decoded, whereas
2415 * CRYPT_AsnDecodeSequence is decoding a
2416 * CERT_POLICY_QUALIFIER_NOTICE_REFERENCE. Increment the bytes
2417 * needed, and decode again if the requisite space is available.
2419 bytesNeeded += sizeof(PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE);
2421 *pcbStructInfo = bytesNeeded;
2422 else if (*pcbStructInfo < bytesNeeded)
2424 *pcbStructInfo = bytesNeeded;
2425 SetLastError(ERROR_MORE_DATA);
2430 PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE noticeRef;
2432 *pcbStructInfo = bytesNeeded;
2433 /* The pointer (pvStructInfo) passed in points to the first dynamic
2434 * pointer, so use it as the pointer to the
2435 * CERT_POLICY_QUALIFIER_NOTICE_REFERENCE, and create the
2436 * appropriate offset for the first dynamic pointer within the
2437 * notice reference by pointing to the first memory location past
2438 * the CERT_POLICY_QUALIFIER_NOTICE_REFERENCE.
2441 *(PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE *)pvStructInfo;
2442 noticeRef->pszOrganization = (LPSTR)((LPBYTE)noticeRef +
2443 sizeof(CERT_POLICY_QUALIFIER_NOTICE_REFERENCE));
2444 ret = CRYPT_AsnDecodeSequence(items,
2445 sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags,
2446 NULL, noticeRef, &bytesNeeded, pcbDecoded,
2447 noticeRef->pszOrganization);
2450 TRACE("returning %d\n", ret);
2454 static BOOL CRYPT_AsnDecodeUnicodeString(const BYTE *pbEncoded,
2455 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2461 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2463 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2464 DWORD bytesNeeded = sizeof(LPWSTR);
2466 switch (pbEncoded[0])
2468 case ASN_NUMERICSTRING:
2470 bytesNeeded += (dataLen + 1) * 2;
2472 case ASN_PRINTABLESTRING:
2474 bytesNeeded += (dataLen + 1) * 2;
2478 bytesNeeded += (dataLen + 1) * 2;
2482 bytesNeeded += (dataLen + 1) * 2;
2484 case ASN_VIDEOTEXSTRING:
2486 bytesNeeded += (dataLen + 1) * 2;
2488 case ASN_GRAPHICSTRING:
2490 bytesNeeded += (dataLen + 1) * 2;
2492 case ASN_VISIBLESTRING:
2494 bytesNeeded += (dataLen + 1) * 2;
2496 case ASN_GENERALSTRING:
2498 bytesNeeded += (dataLen + 1) * 2;
2500 case ASN_UNIVERSALSTRING:
2502 bytesNeeded += dataLen / 2 + sizeof(WCHAR);
2506 bytesNeeded += dataLen + sizeof(WCHAR);
2508 case ASN_UTF8STRING:
2510 bytesNeeded += (MultiByteToWideChar(CP_UTF8, 0,
2511 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen, NULL, 0) + 1) * 2;
2514 SetLastError(CRYPT_E_ASN1_BADTAG);
2519 *pcbDecoded = 1 + lenBytes + dataLen;
2521 *pcbStructInfo = bytesNeeded;
2522 else if (*pcbStructInfo < bytesNeeded)
2524 *pcbStructInfo = bytesNeeded;
2525 SetLastError(ERROR_MORE_DATA);
2530 LPWSTR *pStr = pvStructInfo;
2532 *pcbStructInfo = bytesNeeded;
2536 LPWSTR str = *(LPWSTR *)pStr;
2539 switch (pbEncoded[0])
2541 case ASN_NUMERICSTRING:
2542 case ASN_PRINTABLESTRING:
2545 case ASN_VIDEOTEXSTRING:
2546 case ASN_GRAPHICSTRING:
2547 case ASN_VISIBLESTRING:
2548 case ASN_GENERALSTRING:
2549 for (i = 0; i < dataLen; i++)
2550 str[i] = pbEncoded[1 + lenBytes + i];
2553 case ASN_UNIVERSALSTRING:
2554 for (i = 0; i < dataLen / 4; i++)
2555 str[i] = (pbEncoded[1 + lenBytes + 2 * i + 2] << 8)
2556 | pbEncoded[1 + lenBytes + 2 * i + 3];
2560 for (i = 0; i < dataLen / 2; i++)
2561 str[i] = (pbEncoded[1 + lenBytes + 2 * i] << 8) |
2562 pbEncoded[1 + lenBytes + 2 * i + 1];
2565 case ASN_UTF8STRING:
2567 int len = MultiByteToWideChar(CP_UTF8, 0,
2568 (LPCSTR)pbEncoded + 1 + lenBytes, dataLen,
2569 str, bytesNeeded - sizeof(CERT_NAME_VALUE)) * 2;
2582 static BOOL CRYPT_AsnDecodePolicyQualifierUserNoticeInternal(
2583 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo,
2584 DWORD *pcbStructInfo, DWORD *pcbDecoded)
2587 struct AsnDecodeSequenceItem items[] = {
2588 { ASN_SEQUENCE, offsetof(CERT_POLICY_QUALIFIER_USER_NOTICE,
2589 pNoticeReference), CRYPT_AsnDecodeNoticeReference,
2590 sizeof(PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE), TRUE, TRUE,
2591 offsetof(CERT_POLICY_QUALIFIER_USER_NOTICE, pNoticeReference), 0 },
2592 { 0, offsetof(CERT_POLICY_QUALIFIER_USER_NOTICE, pszDisplayText),
2593 CRYPT_AsnDecodeUnicodeString, sizeof(LPWSTR), TRUE, TRUE,
2594 offsetof(CERT_POLICY_QUALIFIER_USER_NOTICE, pszDisplayText), 0 },
2596 PCERT_POLICY_QUALIFIER_USER_NOTICE notice = pvStructInfo;
2598 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2599 pvStructInfo, *pcbStructInfo);
2601 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2602 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2603 pcbDecoded, notice ? notice->pNoticeReference : NULL);
2604 TRACE("returning %d\n", ret);
2608 static BOOL WINAPI CRYPT_AsnDecodePolicyQualifierUserNotice(
2609 DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded,
2610 DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
2611 void *pvStructInfo, DWORD *pcbStructInfo)
2615 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2616 pDecodePara, pvStructInfo, *pcbStructInfo);
2622 ret = CRYPT_AsnDecodePolicyQualifierUserNoticeInternal(pbEncoded,
2623 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded,
2628 *pcbStructInfo = bytesNeeded;
2629 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2630 pvStructInfo, pcbStructInfo, bytesNeeded)))
2632 PCERT_POLICY_QUALIFIER_USER_NOTICE notice;
2634 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2635 pvStructInfo = *(BYTE **)pvStructInfo;
2636 notice = pvStructInfo;
2637 notice->pNoticeReference =
2638 (PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE)
2639 ((BYTE *)pvStructInfo +
2640 sizeof(CERT_POLICY_QUALIFIER_USER_NOTICE));
2641 ret = CRYPT_AsnDecodePolicyQualifierUserNoticeInternal(
2642 pbEncoded, cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
2643 pvStructInfo, &bytesNeeded, NULL);
2649 SetLastError(STATUS_ACCESS_VIOLATION);
2652 TRACE("returning %d\n", ret);
2656 static BOOL CRYPT_AsnDecodePKCSAttributeValue(const BYTE *pbEncoded,
2657 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2661 struct AsnArrayDescriptor arrayDesc = { 0,
2662 offsetof(CRYPT_ATTRIBUTE, cValue), offsetof(CRYPT_ATTRIBUTE, rgValue),
2663 FINALMEMBERSIZE(CRYPT_ATTRIBUTE, cValue),
2664 CRYPT_AsnDecodeCopyBytes,
2665 sizeof(CRYPT_DER_BLOB), TRUE, offsetof(CRYPT_DER_BLOB, pbData) };
2667 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
2668 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0, pcbDecoded);
2670 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2671 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2675 static BOOL CRYPT_AsnDecodePKCSAttributeInternal(const BYTE *pbEncoded,
2676 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2680 struct AsnDecodeSequenceItem items[] = {
2681 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_ATTRIBUTE, pszObjId),
2682 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
2683 offsetof(CRYPT_ATTRIBUTE, pszObjId), 0 },
2684 { ASN_CONSTRUCTOR | ASN_SETOF, offsetof(CRYPT_ATTRIBUTE, cValue),
2685 CRYPT_AsnDecodePKCSAttributeValue,
2686 FINALMEMBERSIZE(CRYPT_ATTRIBUTE, cValue), FALSE,
2687 TRUE, offsetof(CRYPT_ATTRIBUTE, rgValue), 0 },
2689 PCRYPT_ATTRIBUTE attr = pvStructInfo;
2691 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2692 pvStructInfo, *pcbStructInfo);
2694 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2695 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2696 pcbDecoded, attr ? attr->pszObjId : NULL);
2697 TRACE("returning %d\n", ret);
2701 static BOOL WINAPI CRYPT_AsnDecodePKCSAttribute(DWORD dwCertEncodingType,
2702 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2703 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2707 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2708 pDecodePara, pvStructInfo, *pcbStructInfo);
2714 ret = CRYPT_AsnDecodePKCSAttributeInternal(pbEncoded, cbEncoded,
2715 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
2719 *pcbStructInfo = bytesNeeded;
2720 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2721 pvStructInfo, pcbStructInfo, bytesNeeded)))
2723 PCRYPT_ATTRIBUTE attr;
2725 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2726 pvStructInfo = *(BYTE **)pvStructInfo;
2727 attr = pvStructInfo;
2728 attr->pszObjId = (LPSTR)((BYTE *)pvStructInfo +
2729 sizeof(CRYPT_ATTRIBUTE));
2730 ret = CRYPT_AsnDecodePKCSAttributeInternal(pbEncoded, cbEncoded,
2731 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo, &bytesNeeded,
2738 SetLastError(STATUS_ACCESS_VIOLATION);
2741 TRACE("returning %d\n", ret);
2745 static BOOL CRYPT_AsnDecodePKCSAttributesInternal(const BYTE *pbEncoded,
2746 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2749 struct AsnArrayDescriptor arrayDesc = { 0,
2750 offsetof(CRYPT_ATTRIBUTES, cAttr), offsetof(CRYPT_ATTRIBUTES, rgAttr),
2751 sizeof(CRYPT_ATTRIBUTES),
2752 CRYPT_AsnDecodePKCSAttributeInternal, sizeof(CRYPT_ATTRIBUTE), TRUE,
2753 offsetof(CRYPT_ATTRIBUTE, pszObjId) };
2756 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
2757 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
2761 static BOOL WINAPI CRYPT_AsnDecodePKCSAttributes(DWORD dwCertEncodingType,
2762 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2763 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2767 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2768 pDecodePara, pvStructInfo, *pcbStructInfo);
2772 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
2773 offsetof(CRYPT_ATTRIBUTES, cAttr), offsetof(CRYPT_ATTRIBUTES, rgAttr),
2774 sizeof(CRYPT_ATTRIBUTES),
2775 CRYPT_AsnDecodePKCSAttributeInternal, sizeof(CRYPT_ATTRIBUTE),
2776 TRUE, offsetof(CRYPT_ATTRIBUTE, pszObjId) };
2778 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
2779 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
2783 SetLastError(STATUS_ACCESS_VIOLATION);
2786 TRACE("returning %d\n", ret);
2790 static BOOL CRYPT_AsnDecodeAlgorithmId(const BYTE *pbEncoded, DWORD cbEncoded,
2791 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2793 CRYPT_ALGORITHM_IDENTIFIER *algo = pvStructInfo;
2795 struct AsnDecodeSequenceItem items[] = {
2796 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_ALGORITHM_IDENTIFIER, pszObjId),
2797 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
2798 offsetof(CRYPT_ALGORITHM_IDENTIFIER, pszObjId), 0 },
2799 { 0, offsetof(CRYPT_ALGORITHM_IDENTIFIER, Parameters),
2800 CRYPT_AsnDecodeCopyBytes, sizeof(CRYPT_OBJID_BLOB), TRUE, TRUE,
2801 offsetof(CRYPT_ALGORITHM_IDENTIFIER, Parameters.pbData), 0 },
2804 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
2805 pvStructInfo, *pcbStructInfo, pcbDecoded);
2807 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2808 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2809 pcbDecoded, algo ? algo->pszObjId : NULL);
2810 if (ret && pvStructInfo)
2812 TRACE("pszObjId is %p (%s)\n", algo->pszObjId,
2813 debugstr_a(algo->pszObjId));
2818 static BOOL CRYPT_AsnDecodePubKeyInfoInternal(const BYTE *pbEncoded,
2819 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
2823 struct AsnDecodeSequenceItem items[] = {
2824 { ASN_SEQUENCEOF, offsetof(CERT_PUBLIC_KEY_INFO, Algorithm),
2825 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
2826 FALSE, TRUE, offsetof(CERT_PUBLIC_KEY_INFO,
2827 Algorithm.pszObjId) },
2828 { ASN_BITSTRING, offsetof(CERT_PUBLIC_KEY_INFO, PublicKey),
2829 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), FALSE, TRUE,
2830 offsetof(CERT_PUBLIC_KEY_INFO, PublicKey.pbData) },
2832 PCERT_PUBLIC_KEY_INFO info = pvStructInfo;
2834 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
2835 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
2836 pcbDecoded, info ? info->Algorithm.Parameters.pbData : NULL);
2840 static BOOL WINAPI CRYPT_AsnDecodePubKeyInfo(DWORD dwCertEncodingType,
2841 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
2842 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
2850 if ((ret = CRYPT_AsnDecodePubKeyInfoInternal(pbEncoded, cbEncoded,
2851 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
2854 *pcbStructInfo = bytesNeeded;
2855 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
2856 pvStructInfo, pcbStructInfo, bytesNeeded)))
2858 PCERT_PUBLIC_KEY_INFO info;
2860 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
2861 pvStructInfo = *(BYTE **)pvStructInfo;
2862 info = pvStructInfo;
2863 info->Algorithm.Parameters.pbData = (BYTE *)pvStructInfo +
2864 sizeof(CERT_PUBLIC_KEY_INFO);
2865 ret = CRYPT_AsnDecodePubKeyInfoInternal(pbEncoded, cbEncoded,
2866 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
2867 &bytesNeeded, NULL);
2873 SetLastError(STATUS_ACCESS_VIOLATION);
2880 static BOOL CRYPT_AsnDecodeBool(const BYTE *pbEncoded, DWORD cbEncoded,
2881 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2887 SetLastError(CRYPT_E_ASN1_CORRUPT);
2890 if (GET_LEN_BYTES(pbEncoded[1]) > 1)
2892 SetLastError(CRYPT_E_ASN1_CORRUPT);
2895 if (pbEncoded[1] > 1)
2897 SetLastError(CRYPT_E_ASN1_CORRUPT);
2904 *pcbStructInfo = sizeof(BOOL);
2907 else if (*pcbStructInfo < sizeof(BOOL))
2909 *pcbStructInfo = sizeof(BOOL);
2910 SetLastError(ERROR_MORE_DATA);
2915 *pcbStructInfo = sizeof(BOOL);
2916 *(BOOL *)pvStructInfo = pbEncoded[2] ? TRUE : FALSE;
2919 TRACE("returning %d (%08x)\n", ret, GetLastError());
2923 static BOOL CRYPT_AsnDecodeAltNameEntry(const BYTE *pbEncoded, DWORD cbEncoded,
2924 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
2926 PCERT_ALT_NAME_ENTRY entry = pvStructInfo;
2927 DWORD dataLen, lenBytes, bytesNeeded = sizeof(CERT_ALT_NAME_ENTRY);
2930 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
2931 pvStructInfo, *pcbStructInfo);
2935 SetLastError(CRYPT_E_ASN1_CORRUPT);
2938 lenBytes = GET_LEN_BYTES(pbEncoded[1]);
2939 if (1 + lenBytes > cbEncoded)
2941 SetLastError(CRYPT_E_ASN1_CORRUPT);
2944 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
2946 switch (pbEncoded[0] & ASN_TYPE_MASK)
2948 case 1: /* rfc822Name */
2949 case 2: /* dNSName */
2950 case 6: /* uniformResourceIdentifier */
2951 bytesNeeded += (dataLen + 1) * sizeof(WCHAR);
2953 case 4: /* directoryName */
2954 case 7: /* iPAddress */
2955 bytesNeeded += dataLen;
2957 case 8: /* registeredID */
2958 ret = CRYPT_AsnDecodeOidIgnoreTag(pbEncoded, cbEncoded, 0, NULL,
2962 /* FIXME: ugly, shouldn't need to know internals of OID decode
2963 * function to use it.
2965 bytesNeeded += dataLen - sizeof(LPSTR);
2968 case 0: /* otherName */
2969 FIXME("%d: stub\n", pbEncoded[0] & ASN_TYPE_MASK);
2970 SetLastError(CRYPT_E_ASN1_BADTAG);
2973 case 3: /* x400Address, unimplemented */
2974 case 5: /* ediPartyName, unimplemented */
2975 TRACE("type %d unimplemented\n", pbEncoded[0] & ASN_TYPE_MASK);
2976 SetLastError(CRYPT_E_ASN1_BADTAG);
2980 TRACE("type %d bad\n", pbEncoded[0] & ASN_TYPE_MASK);
2981 SetLastError(CRYPT_E_ASN1_CORRUPT);
2987 *pcbDecoded = 1 + lenBytes + dataLen;
2989 *pcbStructInfo = bytesNeeded;
2990 else if (*pcbStructInfo < bytesNeeded)
2992 *pcbStructInfo = bytesNeeded;
2993 SetLastError(ERROR_MORE_DATA);
2998 *pcbStructInfo = bytesNeeded;
2999 /* MS used values one greater than the asn1 ones.. sigh */
3000 entry->dwAltNameChoice = (pbEncoded[0] & ASN_TYPE_MASK) + 1;
3001 switch (pbEncoded[0] & ASN_TYPE_MASK)
3003 case 1: /* rfc822Name */
3004 case 2: /* dNSName */
3005 case 6: /* uniformResourceIdentifier */
3009 for (i = 0; i < dataLen; i++)
3010 entry->u.pwszURL[i] =
3011 (WCHAR)pbEncoded[1 + lenBytes + i];
3012 entry->u.pwszURL[i] = 0;
3013 TRACE("URL is %p (%s)\n", entry->u.pwszURL,
3014 debugstr_w(entry->u.pwszURL));
3017 case 4: /* directoryName */
3018 /* The data are memory-equivalent with the IPAddress case,
3021 case 7: /* iPAddress */
3022 /* The next data pointer is in the pwszURL spot, that is,
3023 * the first 4 bytes. Need to move it to the next spot.
3025 entry->u.IPAddress.pbData = (LPBYTE)entry->u.pwszURL;
3026 entry->u.IPAddress.cbData = dataLen;
3027 memcpy(entry->u.IPAddress.pbData, pbEncoded + 1 + lenBytes,
3030 case 8: /* registeredID */
3031 ret = CRYPT_AsnDecodeOidIgnoreTag(pbEncoded, cbEncoded, 0,
3032 &entry->u.pszRegisteredID, &dataLen, NULL);
3041 static BOOL CRYPT_AsnDecodeAltNameInternal(const BYTE *pbEncoded,
3042 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3046 struct AsnArrayDescriptor arrayDesc = { 0,
3047 offsetof(CERT_ALT_NAME_INFO, cAltEntry),
3048 offsetof(CERT_ALT_NAME_INFO, rgAltEntry),
3049 sizeof(CERT_ALT_NAME_INFO),
3050 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), TRUE,
3051 offsetof(CERT_ALT_NAME_ENTRY, u.pwszURL) };
3053 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3054 pvStructInfo, *pcbStructInfo, pcbDecoded);
3056 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded, dwFlags,
3057 NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
3061 /* Like CRYPT_AsnDecodeIntegerInternal, but swaps the bytes */
3062 static BOOL CRYPT_AsnDecodeIntegerSwapBytes(const BYTE *pbEncoded,
3063 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3068 TRACE("(%p, %d, 0x%08x, %p, %d, %p)\n", pbEncoded, cbEncoded, dwFlags,
3069 pvStructInfo, *pcbStructInfo, pcbDecoded);
3071 /* Can't use the CRYPT_DECODE_NOCOPY_FLAG, because we modify the bytes in-
3074 ret = CRYPT_AsnDecodeIntegerInternal(pbEncoded, cbEncoded,
3075 dwFlags & ~CRYPT_DECODE_NOCOPY_FLAG, pvStructInfo, pcbStructInfo,
3077 if (ret && pvStructInfo)
3079 CRYPT_DATA_BLOB *blob = pvStructInfo;
3086 for (i = 0; i < blob->cbData / 2; i++)
3088 temp = blob->pbData[i];
3089 blob->pbData[i] = blob->pbData[blob->cbData - i - 1];
3090 blob->pbData[blob->cbData - i - 1] = temp;
3094 TRACE("returning %d (%08x)\n", ret, GetLastError());
3098 static BOOL WINAPI CRYPT_AsnDecodeAuthorityKeyId(DWORD dwCertEncodingType,
3099 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3100 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3106 struct AsnDecodeSequenceItem items[] = {
3107 { ASN_CONTEXT | 0, offsetof(CERT_AUTHORITY_KEY_ID_INFO, KeyId),
3108 CRYPT_AsnDecodeIntegerSwapBytes, sizeof(CRYPT_DATA_BLOB),
3109 TRUE, TRUE, offsetof(CERT_AUTHORITY_KEY_ID_INFO, KeyId.pbData), 0 },
3110 { ASN_CONTEXT | ASN_CONSTRUCTOR| 1,
3111 offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertIssuer),
3112 CRYPT_AsnDecodeOctetsInternal, sizeof(CERT_NAME_BLOB), TRUE, TRUE,
3113 offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertIssuer.pbData), 0 },
3114 { ASN_CONTEXT | 2, offsetof(CERT_AUTHORITY_KEY_ID_INFO,
3115 CertSerialNumber), CRYPT_AsnDecodeIntegerInternal,
3116 sizeof(CRYPT_INTEGER_BLOB), TRUE, TRUE,
3117 offsetof(CERT_AUTHORITY_KEY_ID_INFO, CertSerialNumber.pbData), 0 },
3120 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3121 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3122 pcbStructInfo, NULL, NULL);
3126 SetLastError(STATUS_ACCESS_VIOLATION);
3133 static BOOL WINAPI CRYPT_AsnDecodeAuthorityKeyId2(DWORD dwCertEncodingType,
3134 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3135 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3141 struct AsnDecodeSequenceItem items[] = {
3142 { ASN_CONTEXT | 0, offsetof(CERT_AUTHORITY_KEY_ID2_INFO, KeyId),
3143 CRYPT_AsnDecodeIntegerSwapBytes, sizeof(CRYPT_DATA_BLOB),
3144 TRUE, TRUE, offsetof(CERT_AUTHORITY_KEY_ID2_INFO, KeyId.pbData), 0 },
3145 { ASN_CONTEXT | ASN_CONSTRUCTOR| 1,
3146 offsetof(CERT_AUTHORITY_KEY_ID2_INFO, AuthorityCertIssuer),
3147 CRYPT_AsnDecodeAltNameInternal, sizeof(CERT_ALT_NAME_INFO), TRUE,
3148 TRUE, offsetof(CERT_AUTHORITY_KEY_ID2_INFO,
3149 AuthorityCertIssuer.rgAltEntry), 0 },
3150 { ASN_CONTEXT | 2, offsetof(CERT_AUTHORITY_KEY_ID2_INFO,
3151 AuthorityCertSerialNumber), CRYPT_AsnDecodeIntegerInternal,
3152 sizeof(CRYPT_INTEGER_BLOB), TRUE, TRUE,
3153 offsetof(CERT_AUTHORITY_KEY_ID2_INFO,
3154 AuthorityCertSerialNumber.pbData), 0 },
3157 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3158 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3159 pcbStructInfo, NULL, NULL);
3163 SetLastError(STATUS_ACCESS_VIOLATION);
3170 static BOOL CRYPT_AsnDecodeAccessDescription(const BYTE *pbEncoded,
3171 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3174 struct AsnDecodeSequenceItem items[] = {
3175 { 0, offsetof(CERT_ACCESS_DESCRIPTION, pszAccessMethod),
3176 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), FALSE, TRUE,
3177 offsetof(CERT_ACCESS_DESCRIPTION, pszAccessMethod), 0 },
3178 { 0, offsetof(CERT_ACCESS_DESCRIPTION, AccessLocation),
3179 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), FALSE,
3180 TRUE, offsetof(CERT_ACCESS_DESCRIPTION, AccessLocation.u.pwszURL), 0 },
3182 CERT_ACCESS_DESCRIPTION *descr = pvStructInfo;
3184 return CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3185 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3186 pcbDecoded, descr ? descr->pszAccessMethod : NULL);
3189 static BOOL WINAPI CRYPT_AsnDecodeAuthorityInfoAccess(DWORD dwCertEncodingType,
3190 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3191 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3195 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3196 pDecodePara, pvStructInfo, *pcbStructInfo);
3200 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3201 offsetof(CERT_AUTHORITY_INFO_ACCESS, cAccDescr),
3202 offsetof(CERT_AUTHORITY_INFO_ACCESS, rgAccDescr),
3203 sizeof(CERT_AUTHORITY_INFO_ACCESS),
3204 CRYPT_AsnDecodeAccessDescription, sizeof(CERT_ACCESS_DESCRIPTION),
3205 TRUE, offsetof(CERT_ACCESS_DESCRIPTION, pszAccessMethod) };
3207 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3208 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3212 SetLastError(STATUS_ACCESS_VIOLATION);
3219 static BOOL CRYPT_AsnDecodePKCSContent(const BYTE *pbEncoded, DWORD cbEncoded,
3220 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
3225 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3226 pvStructInfo, *pcbStructInfo, pcbDecoded);
3228 /* The caller has already checked the tag, no need to check it again.
3229 * Check the outer length is valid:
3231 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, &dataLen)))
3233 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
3236 pbEncoded += 1 + lenBytes;
3237 cbEncoded -= 1 + lenBytes;
3238 if (dataLen == CMSG_INDEFINITE_LENGTH)
3239 cbEncoded -= 2; /* space for 0 TLV */
3240 /* Check the inner length is valid: */
3241 if ((ret = CRYPT_GetLengthIndefinite(pbEncoded, cbEncoded, &innerLen)))
3245 ret = CRYPT_AsnDecodeCopyBytes(pbEncoded, cbEncoded, dwFlags,
3246 pvStructInfo, pcbStructInfo, &decodedLen);
3247 if (dataLen == CMSG_INDEFINITE_LENGTH)
3249 if (*(pbEncoded + decodedLen) != 0 ||
3250 *(pbEncoded + decodedLen + 1) != 0)
3252 TRACE("expected 0 TLV, got {%02x,%02x}\n",
3253 *(pbEncoded + decodedLen),
3254 *(pbEncoded + decodedLen + 1));
3255 SetLastError(CRYPT_E_ASN1_CORRUPT);
3261 if (ret && pcbDecoded)
3263 *pcbDecoded = 1 + lenBytes + decodedLen;
3264 TRACE("decoded %d bytes\n", *pcbDecoded);
3271 static BOOL CRYPT_AsnDecodePKCSContentInfoInternal(const BYTE *pbEncoded,
3272 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3275 CRYPT_CONTENT_INFO *info = pvStructInfo;
3276 struct AsnDecodeSequenceItem items[] = {
3277 { ASN_OBJECTIDENTIFIER, offsetof(CRYPT_CONTENT_INFO, pszObjId),
3278 CRYPT_AsnDecodeOidIgnoreTag, sizeof(LPSTR), FALSE, TRUE,
3279 offsetof(CRYPT_CONTENT_INFO, pszObjId), 0 },
3280 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0,
3281 offsetof(CRYPT_CONTENT_INFO, Content), CRYPT_AsnDecodePKCSContent,
3282 sizeof(CRYPT_DER_BLOB), TRUE, TRUE,
3283 offsetof(CRYPT_CONTENT_INFO, Content.pbData), 0 },
3287 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3288 pvStructInfo, *pcbStructInfo, pcbDecoded);
3290 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3291 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3292 pcbDecoded, info ? info->pszObjId : NULL);
3296 static BOOL WINAPI CRYPT_AsnDecodePKCSContentInfo(DWORD dwCertEncodingType,
3297 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3298 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3302 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3303 pDecodePara, pvStructInfo, *pcbStructInfo);
3307 ret = CRYPT_AsnDecodePKCSContentInfoInternal(pbEncoded, cbEncoded,
3308 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
3309 if (ret && pvStructInfo)
3311 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
3312 pcbStructInfo, *pcbStructInfo);
3315 CRYPT_CONTENT_INFO *info;
3317 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3318 pvStructInfo = *(BYTE **)pvStructInfo;
3319 info = pvStructInfo;
3320 info->pszObjId = (LPSTR)((BYTE *)info +
3321 sizeof(CRYPT_CONTENT_INFO));
3322 ret = CRYPT_AsnDecodePKCSContentInfoInternal(pbEncoded,
3323 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
3324 pcbStructInfo, NULL);
3330 SetLastError(STATUS_ACCESS_VIOLATION);
3336 BOOL CRYPT_AsnDecodePKCSDigestedData(const BYTE *pbEncoded, DWORD cbEncoded,
3337 DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
3338 CRYPT_DIGESTED_DATA *digestedData, DWORD *pcbDigestedData)
3341 struct AsnDecodeSequenceItem items[] = {
3342 { ASN_INTEGER, offsetof(CRYPT_DIGESTED_DATA, version),
3343 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
3344 { ASN_SEQUENCEOF, offsetof(CRYPT_DIGESTED_DATA, DigestAlgorithm),
3345 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
3346 FALSE, TRUE, offsetof(CRYPT_DIGESTED_DATA, DigestAlgorithm.pszObjId),
3348 { ASN_SEQUENCEOF, offsetof(CRYPT_DIGESTED_DATA, ContentInfo),
3349 CRYPT_AsnDecodePKCSContentInfoInternal,
3350 sizeof(CRYPT_CONTENT_INFO), FALSE, TRUE, offsetof(CRYPT_DIGESTED_DATA,
3351 ContentInfo.pszObjId), 0 },
3352 { ASN_OCTETSTRING, offsetof(CRYPT_DIGESTED_DATA, hash),
3353 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_HASH_BLOB), FALSE, TRUE,
3354 offsetof(CRYPT_DIGESTED_DATA, hash.pbData), 0 },
3357 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3358 pbEncoded, cbEncoded, dwFlags, pDecodePara, digestedData, pcbDigestedData,
3363 static BOOL WINAPI CRYPT_AsnDecodeAltName(DWORD dwCertEncodingType,
3364 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3365 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3369 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3370 pDecodePara, pvStructInfo, *pcbStructInfo);
3376 if ((ret = CRYPT_AsnDecodeAltNameInternal(pbEncoded, cbEncoded,
3377 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
3380 *pcbStructInfo = bytesNeeded;
3381 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
3382 pvStructInfo, pcbStructInfo, bytesNeeded)))
3384 CERT_ALT_NAME_INFO *name;
3386 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3387 pvStructInfo = *(BYTE **)pvStructInfo;
3388 name = pvStructInfo;
3389 name->rgAltEntry = (PCERT_ALT_NAME_ENTRY)
3390 ((BYTE *)pvStructInfo + sizeof(CERT_ALT_NAME_INFO));
3391 ret = CRYPT_AsnDecodeAltNameInternal(pbEncoded, cbEncoded,
3392 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
3393 &bytesNeeded, NULL);
3399 SetLastError(STATUS_ACCESS_VIOLATION);
3406 struct PATH_LEN_CONSTRAINT
3408 BOOL fPathLenConstraint;
3409 DWORD dwPathLenConstraint;
3412 static BOOL CRYPT_AsnDecodePathLenConstraint(const BYTE *pbEncoded,
3413 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3417 DWORD bytesNeeded = sizeof(struct PATH_LEN_CONSTRAINT), size;
3419 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3420 pvStructInfo, *pcbStructInfo, pcbDecoded);
3424 ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags, NULL,
3426 *pcbStructInfo = bytesNeeded;
3428 else if (*pcbStructInfo < bytesNeeded)
3430 SetLastError(ERROR_MORE_DATA);
3431 *pcbStructInfo = bytesNeeded;
3436 struct PATH_LEN_CONSTRAINT *constraint = pvStructInfo;
3438 *pcbStructInfo = bytesNeeded;
3439 size = sizeof(constraint->dwPathLenConstraint);
3440 ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
3441 &constraint->dwPathLenConstraint, &size, pcbDecoded);
3443 constraint->fPathLenConstraint = TRUE;
3444 TRACE("got an int, dwPathLenConstraint is %d\n",
3445 constraint->dwPathLenConstraint);
3447 TRACE("returning %d (%08x)\n", ret, GetLastError());
3451 static BOOL CRYPT_AsnDecodeSubtreeConstraints(const BYTE *pbEncoded,
3452 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3456 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3457 offsetof(CERT_BASIC_CONSTRAINTS_INFO, cSubtreesConstraint),
3458 offsetof(CERT_BASIC_CONSTRAINTS_INFO, rgSubtreesConstraint),
3459 FINALMEMBERSIZE(CERT_BASIC_CONSTRAINTS_INFO, cSubtreesConstraint),
3460 CRYPT_AsnDecodeCopyBytes, sizeof(CERT_NAME_BLOB), TRUE,
3461 offsetof(CERT_NAME_BLOB, pbData) };
3463 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3464 pvStructInfo, *pcbStructInfo, pcbDecoded);
3466 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3467 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
3468 TRACE("Returning %d (%08x)\n", ret, GetLastError());
3472 static BOOL WINAPI CRYPT_AsnDecodeBasicConstraints(DWORD dwCertEncodingType,
3473 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3474 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3480 struct AsnDecodeSequenceItem items[] = {
3481 { ASN_BITSTRING, offsetof(CERT_BASIC_CONSTRAINTS_INFO, SubjectType),
3482 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), FALSE, TRUE,
3483 offsetof(CERT_BASIC_CONSTRAINTS_INFO, SubjectType.pbData), 0 },
3484 { ASN_INTEGER, offsetof(CERT_BASIC_CONSTRAINTS_INFO,
3485 fPathLenConstraint), CRYPT_AsnDecodePathLenConstraint,
3486 sizeof(struct PATH_LEN_CONSTRAINT), TRUE, FALSE, 0, 0 },
3487 { ASN_SEQUENCEOF, offsetof(CERT_BASIC_CONSTRAINTS_INFO,
3488 cSubtreesConstraint), CRYPT_AsnDecodeSubtreeConstraints,
3489 FINALMEMBERSIZE(CERT_BASIC_CONSTRAINTS_INFO, cSubtreesConstraint),
3491 offsetof(CERT_BASIC_CONSTRAINTS_INFO, rgSubtreesConstraint), 0 },
3494 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3495 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3496 pcbStructInfo, NULL, NULL);
3500 SetLastError(STATUS_ACCESS_VIOLATION);
3507 static BOOL WINAPI CRYPT_AsnDecodeBasicConstraints2(DWORD dwCertEncodingType,
3508 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3509 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3515 struct AsnDecodeSequenceItem items[] = {
3516 { ASN_BOOL, offsetof(CERT_BASIC_CONSTRAINTS2_INFO, fCA),
3517 CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE, FALSE, 0, 0 },
3518 { ASN_INTEGER, offsetof(CERT_BASIC_CONSTRAINTS2_INFO,
3519 fPathLenConstraint), CRYPT_AsnDecodePathLenConstraint,
3520 sizeof(struct PATH_LEN_CONSTRAINT), TRUE, FALSE, 0, 0 },
3523 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3524 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
3525 pcbStructInfo, NULL, NULL);
3529 SetLastError(STATUS_ACCESS_VIOLATION);
3536 static BOOL CRYPT_AsnDecodePolicyQualifier(const BYTE *pbEncoded,
3537 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3540 struct AsnDecodeSequenceItem items[] = {
3541 { ASN_OBJECTIDENTIFIER, offsetof(CERT_POLICY_QUALIFIER_INFO,
3542 pszPolicyQualifierId), CRYPT_AsnDecodeOidInternal, sizeof(LPSTR),
3543 FALSE, TRUE, offsetof(CERT_POLICY_QUALIFIER_INFO, pszPolicyQualifierId),
3545 { 0, offsetof(CERT_POLICY_QUALIFIER_INFO, Qualifier),
3546 CRYPT_AsnDecodeDerBlob, sizeof(CRYPT_OBJID_BLOB), TRUE, TRUE,
3547 offsetof(CERT_POLICY_QUALIFIER_INFO, Qualifier.pbData), 0 },
3550 CERT_POLICY_QUALIFIER_INFO *qualifier = pvStructInfo;
3552 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3553 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3555 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3556 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3557 pcbDecoded, qualifier ? qualifier->pszPolicyQualifierId : NULL);
3561 static BOOL CRYPT_AsnDecodePolicyQualifiers(const BYTE *pbEncoded,
3562 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3566 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3567 offsetof(CERT_POLICY_INFO, cPolicyQualifier),
3568 offsetof(CERT_POLICY_INFO, rgPolicyQualifier),
3569 FINALMEMBERSIZE(CERT_POLICY_INFO, cPolicyQualifier),
3570 CRYPT_AsnDecodePolicyQualifier, sizeof(CERT_POLICY_QUALIFIER_INFO), TRUE,
3571 offsetof(CERT_POLICY_QUALIFIER_INFO, pszPolicyQualifierId) };
3573 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3574 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3576 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3577 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
3578 TRACE("Returning %d (%08x)\n", ret, GetLastError());
3582 static BOOL CRYPT_AsnDecodeCertPolicy(const BYTE *pbEncoded, DWORD cbEncoded,
3583 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
3585 struct AsnDecodeSequenceItem items[] = {
3586 { ASN_OBJECTIDENTIFIER, offsetof(CERT_POLICY_INFO, pszPolicyIdentifier),
3587 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), FALSE, TRUE,
3588 offsetof(CERT_POLICY_INFO, pszPolicyIdentifier), 0 },
3589 { ASN_SEQUENCEOF, offsetof(CERT_POLICY_INFO, cPolicyQualifier),
3590 CRYPT_AsnDecodePolicyQualifiers,
3591 FINALMEMBERSIZE(CERT_POLICY_INFO, cPolicyQualifier), TRUE,
3592 TRUE, offsetof(CERT_POLICY_INFO, rgPolicyQualifier), 0 },
3594 CERT_POLICY_INFO *info = pvStructInfo;
3597 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3598 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3600 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3601 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3602 pcbDecoded, info ? info->pszPolicyIdentifier : NULL);
3606 static BOOL WINAPI CRYPT_AsnDecodeCertPolicies(DWORD dwCertEncodingType,
3607 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3608 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3612 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3613 pDecodePara, pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3617 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3618 offsetof(CERT_POLICIES_INFO, cPolicyInfo),
3619 offsetof(CERT_POLICIES_INFO, rgPolicyInfo),
3620 sizeof(CERT_POLICIES_INFO),
3621 CRYPT_AsnDecodeCertPolicy, sizeof(CERT_POLICY_INFO), TRUE,
3622 offsetof(CERT_POLICY_INFO, pszPolicyIdentifier) };
3624 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3625 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3629 SetLastError(STATUS_ACCESS_VIOLATION);
3635 static BOOL CRYPT_AsnDecodeCertPolicyMapping(const BYTE *pbEncoded,
3636 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3639 struct AsnDecodeSequenceItem items[] = {
3640 { ASN_OBJECTIDENTIFIER, offsetof(CERT_POLICY_MAPPING,
3641 pszIssuerDomainPolicy), CRYPT_AsnDecodeOidInternal, sizeof(LPSTR),
3642 FALSE, TRUE, offsetof(CERT_POLICY_MAPPING, pszIssuerDomainPolicy), 0 },
3643 { ASN_OBJECTIDENTIFIER, offsetof(CERT_POLICY_MAPPING,
3644 pszSubjectDomainPolicy), CRYPT_AsnDecodeOidInternal, sizeof(LPSTR),
3645 FALSE, TRUE, offsetof(CERT_POLICY_MAPPING, pszSubjectDomainPolicy), 0 },
3647 CERT_POLICY_MAPPING *mapping = pvStructInfo;
3650 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3651 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3653 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3654 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
3655 pcbDecoded, mapping ? mapping->pszIssuerDomainPolicy : NULL);
3659 static BOOL WINAPI CRYPT_AsnDecodeCertPolicyMappings(DWORD dwCertEncodingType,
3660 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3661 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3665 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3666 pDecodePara, pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
3670 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
3671 offsetof(CERT_POLICY_MAPPINGS_INFO, cPolicyMapping),
3672 offsetof(CERT_POLICY_MAPPINGS_INFO, rgPolicyMapping),
3673 sizeof(CERT_POLICY_MAPPING),
3674 CRYPT_AsnDecodeCertPolicyMapping, sizeof(CERT_POLICY_MAPPING), TRUE,
3675 offsetof(CERT_POLICY_MAPPING, pszIssuerDomainPolicy) };
3677 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
3678 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
3682 SetLastError(STATUS_ACCESS_VIOLATION);
3688 #define RSA1_MAGIC 0x31415352
3690 struct DECODED_RSA_PUB_KEY
3693 CRYPT_INTEGER_BLOB modulus;
3696 static BOOL WINAPI CRYPT_AsnDecodeRsaPubKey(DWORD dwCertEncodingType,
3697 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3698 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3704 struct AsnDecodeSequenceItem items[] = {
3705 { ASN_INTEGER, offsetof(struct DECODED_RSA_PUB_KEY, modulus),
3706 CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_INTEGER_BLOB),
3707 FALSE, TRUE, offsetof(struct DECODED_RSA_PUB_KEY, modulus.pbData),
3709 { ASN_INTEGER, offsetof(struct DECODED_RSA_PUB_KEY, pubexp),
3710 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
3712 struct DECODED_RSA_PUB_KEY *decodedKey = NULL;
3715 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
3716 pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &decodedKey,
3720 DWORD bytesNeeded = sizeof(BLOBHEADER) + sizeof(RSAPUBKEY) +
3721 decodedKey->modulus.cbData;
3725 *pcbStructInfo = bytesNeeded;
3728 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
3729 pvStructInfo, pcbStructInfo, bytesNeeded)))
3732 RSAPUBKEY *rsaPubKey;
3734 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3735 pvStructInfo = *(BYTE **)pvStructInfo;
3737 hdr->bType = PUBLICKEYBLOB;
3738 hdr->bVersion = CUR_BLOB_VERSION;
3740 hdr->aiKeyAlg = CALG_RSA_KEYX;
3741 rsaPubKey = (RSAPUBKEY *)((BYTE *)pvStructInfo +
3742 sizeof(BLOBHEADER));
3743 rsaPubKey->magic = RSA1_MAGIC;
3744 rsaPubKey->pubexp = decodedKey->pubexp;
3745 rsaPubKey->bitlen = decodedKey->modulus.cbData * 8;
3746 memcpy((BYTE *)pvStructInfo + sizeof(BLOBHEADER) +
3747 sizeof(RSAPUBKEY), decodedKey->modulus.pbData,
3748 decodedKey->modulus.cbData);
3750 LocalFree(decodedKey);
3755 SetLastError(STATUS_ACCESS_VIOLATION);
3762 static BOOL CRYPT_AsnDecodeOctetsInternal(const BYTE *pbEncoded,
3763 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
3767 DWORD bytesNeeded, dataLen;
3769 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
3770 pvStructInfo, *pcbStructInfo, pcbDecoded);
3772 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
3774 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
3776 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
3777 bytesNeeded = sizeof(CRYPT_DATA_BLOB);
3779 bytesNeeded = dataLen + sizeof(CRYPT_DATA_BLOB);
3781 *pcbDecoded = 1 + lenBytes + dataLen;
3783 *pcbStructInfo = bytesNeeded;
3784 else if (*pcbStructInfo < bytesNeeded)
3786 SetLastError(ERROR_MORE_DATA);
3787 *pcbStructInfo = bytesNeeded;
3792 CRYPT_DATA_BLOB *blob;
3794 *pcbStructInfo = bytesNeeded;
3795 blob = pvStructInfo;
3796 blob->cbData = dataLen;
3797 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
3798 blob->pbData = (BYTE *)pbEncoded + 1 + lenBytes;
3801 assert(blob->pbData);
3803 memcpy(blob->pbData, pbEncoded + 1 + lenBytes,
3811 static BOOL WINAPI CRYPT_AsnDecodeOctets(DWORD dwCertEncodingType,
3812 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3813 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3817 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
3818 pDecodePara, pvStructInfo, *pcbStructInfo);
3826 SetLastError(CRYPT_E_ASN1_CORRUPT);
3829 else if (pbEncoded[0] != ASN_OCTETSTRING)
3831 SetLastError(CRYPT_E_ASN1_BADTAG);
3834 else if ((ret = CRYPT_AsnDecodeOctetsInternal(pbEncoded, cbEncoded,
3835 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
3838 *pcbStructInfo = bytesNeeded;
3839 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
3840 pvStructInfo, pcbStructInfo, bytesNeeded)))
3842 CRYPT_DATA_BLOB *blob;
3844 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3845 pvStructInfo = *(BYTE **)pvStructInfo;
3846 blob = pvStructInfo;
3847 blob->pbData = (BYTE *)pvStructInfo + sizeof(CRYPT_DATA_BLOB);
3848 ret = CRYPT_AsnDecodeOctetsInternal(pbEncoded, cbEncoded,
3849 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
3850 &bytesNeeded, NULL);
3856 SetLastError(STATUS_ACCESS_VIOLATION);
3863 static BOOL CRYPT_AsnDecodeBitsInternal(const BYTE *pbEncoded, DWORD cbEncoded,
3864 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
3867 DWORD bytesNeeded, dataLen;
3868 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
3870 TRACE("(%p, %d, 0x%08x, %p, %d, %p)\n", pbEncoded, cbEncoded, dwFlags,
3871 pvStructInfo, *pcbStructInfo, pcbDecoded);
3873 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
3875 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
3876 bytesNeeded = sizeof(CRYPT_BIT_BLOB);
3878 bytesNeeded = dataLen - 1 + sizeof(CRYPT_BIT_BLOB);
3880 *pcbDecoded = 1 + lenBytes + dataLen;
3882 *pcbStructInfo = bytesNeeded;
3883 else if (*pcbStructInfo < bytesNeeded)
3885 *pcbStructInfo = bytesNeeded;
3886 SetLastError(ERROR_MORE_DATA);
3891 CRYPT_BIT_BLOB *blob;
3893 *pcbStructInfo = bytesNeeded;
3894 blob = pvStructInfo;
3895 blob->cbData = dataLen - 1;
3896 blob->cUnusedBits = *(pbEncoded + 1 + lenBytes);
3897 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
3899 blob->pbData = (BYTE *)pbEncoded + 2 + lenBytes;
3903 assert(blob->pbData);
3906 BYTE mask = 0xff << blob->cUnusedBits;
3908 memcpy(blob->pbData, pbEncoded + 2 + lenBytes,
3910 blob->pbData[blob->cbData - 1] &= mask;
3918 static BOOL WINAPI CRYPT_AsnDecodeBits(DWORD dwCertEncodingType,
3919 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
3920 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
3924 TRACE("(%p, %d, 0x%08x, %p, %p, %p)\n", pbEncoded, cbEncoded, dwFlags,
3925 pDecodePara, pvStructInfo, pcbStructInfo);
3933 SetLastError(CRYPT_E_ASN1_CORRUPT);
3936 else if (pbEncoded[0] != ASN_BITSTRING)
3938 SetLastError(CRYPT_E_ASN1_BADTAG);
3941 else if ((ret = CRYPT_AsnDecodeBitsInternal(pbEncoded, cbEncoded,
3942 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
3945 *pcbStructInfo = bytesNeeded;
3946 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
3947 pvStructInfo, pcbStructInfo, bytesNeeded)))
3949 CRYPT_BIT_BLOB *blob;
3951 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
3952 pvStructInfo = *(BYTE **)pvStructInfo;
3953 blob = pvStructInfo;
3954 blob->pbData = (BYTE *)pvStructInfo + sizeof(CRYPT_BIT_BLOB);
3955 ret = CRYPT_AsnDecodeBitsInternal(pbEncoded, cbEncoded,
3956 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
3957 &bytesNeeded, NULL);
3963 SetLastError(STATUS_ACCESS_VIOLATION);
3967 TRACE("returning %d (%08x)\n", ret, GetLastError());
3971 /* Ignores tag. Only allows integers 4 bytes or smaller in size. */
3972 static BOOL CRYPT_AsnDecodeIntInternal(const BYTE *pbEncoded, DWORD cbEncoded,
3973 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
3978 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
3980 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
3983 *pcbDecoded = 1 + lenBytes + dataLen;
3984 if (dataLen > sizeof(int))
3986 SetLastError(CRYPT_E_ASN1_LARGE);
3989 else if (!pvStructInfo)
3990 *pcbStructInfo = sizeof(int);
3991 else if ((ret = CRYPT_DecodeCheckSpace(pcbStructInfo, sizeof(int))))
3995 if (dataLen && pbEncoded[1 + lenBytes] & 0x80)
3997 /* initialize to a negative value to sign-extend */
4002 for (i = 0; i < dataLen; i++)
4005 val |= pbEncoded[1 + lenBytes + i];
4007 memcpy(pvStructInfo, &val, sizeof(int));
4013 static BOOL WINAPI CRYPT_AsnDecodeInt(DWORD dwCertEncodingType,
4014 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4015 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4025 SetLastError(CRYPT_E_ASN1_EOD);
4028 else if (pbEncoded[0] != ASN_INTEGER)
4030 SetLastError(CRYPT_E_ASN1_BADTAG);
4034 ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded,
4035 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
4039 *pcbStructInfo = bytesNeeded;
4040 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4041 pvStructInfo, pcbStructInfo, bytesNeeded)))
4043 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4044 pvStructInfo = *(BYTE **)pvStructInfo;
4045 ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded,
4046 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
4047 &bytesNeeded, NULL);
4053 SetLastError(STATUS_ACCESS_VIOLATION);
4060 static BOOL CRYPT_AsnDecodeIntegerInternal(const BYTE *pbEncoded,
4061 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4065 DWORD bytesNeeded, dataLen;
4067 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4069 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4071 bytesNeeded = dataLen + sizeof(CRYPT_INTEGER_BLOB);
4073 *pcbDecoded = 1 + lenBytes + dataLen;
4075 *pcbStructInfo = bytesNeeded;
4076 else if (*pcbStructInfo < bytesNeeded)
4078 *pcbStructInfo = bytesNeeded;
4079 SetLastError(ERROR_MORE_DATA);
4084 CRYPT_INTEGER_BLOB *blob = pvStructInfo;
4086 *pcbStructInfo = bytesNeeded;
4087 blob->cbData = dataLen;
4088 assert(blob->pbData);
4093 for (i = 0; i < blob->cbData; i++)
4095 blob->pbData[i] = *(pbEncoded + 1 + lenBytes +
4104 static BOOL WINAPI CRYPT_AsnDecodeInteger(DWORD dwCertEncodingType,
4105 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4106 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4114 if (pbEncoded[0] != ASN_INTEGER)
4116 SetLastError(CRYPT_E_ASN1_BADTAG);
4120 ret = CRYPT_AsnDecodeIntegerInternal(pbEncoded, cbEncoded,
4121 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
4125 *pcbStructInfo = bytesNeeded;
4126 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4127 pvStructInfo, pcbStructInfo, bytesNeeded)))
4129 CRYPT_INTEGER_BLOB *blob;
4131 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4132 pvStructInfo = *(BYTE **)pvStructInfo;
4133 blob = pvStructInfo;
4134 blob->pbData = (BYTE *)pvStructInfo +
4135 sizeof(CRYPT_INTEGER_BLOB);
4136 ret = CRYPT_AsnDecodeIntegerInternal(pbEncoded, cbEncoded,
4137 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, pvStructInfo,
4138 &bytesNeeded, NULL);
4144 SetLastError(STATUS_ACCESS_VIOLATION);
4151 static BOOL CRYPT_AsnDecodeUnsignedIntegerInternal(const BYTE *pbEncoded,
4152 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4157 if (pbEncoded[0] == ASN_INTEGER)
4159 DWORD bytesNeeded, dataLen;
4161 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4163 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4166 *pcbDecoded = 1 + lenBytes + dataLen;
4167 bytesNeeded = dataLen + sizeof(CRYPT_INTEGER_BLOB);
4169 *pcbStructInfo = bytesNeeded;
4170 else if (*pcbStructInfo < bytesNeeded)
4172 *pcbStructInfo = bytesNeeded;
4173 SetLastError(ERROR_MORE_DATA);
4178 CRYPT_INTEGER_BLOB *blob = pvStructInfo;
4180 *pcbStructInfo = bytesNeeded;
4181 blob->cbData = dataLen;
4182 assert(blob->pbData);
4183 /* remove leading zero byte if it exists */
4184 if (blob->cbData && *(pbEncoded + 1 + lenBytes) == 0)
4193 for (i = 0; i < blob->cbData; i++)
4195 blob->pbData[i] = *(pbEncoded + 1 + lenBytes +
4204 SetLastError(CRYPT_E_ASN1_BADTAG);
4210 static BOOL WINAPI CRYPT_AsnDecodeUnsignedInteger(DWORD dwCertEncodingType,
4211 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4212 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4220 if ((ret = CRYPT_AsnDecodeUnsignedIntegerInternal(pbEncoded, cbEncoded,
4221 dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL)))
4224 *pcbStructInfo = bytesNeeded;
4225 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4226 pvStructInfo, pcbStructInfo, bytesNeeded)))
4228 CRYPT_INTEGER_BLOB *blob;
4230 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4231 pvStructInfo = *(BYTE **)pvStructInfo;
4232 blob = pvStructInfo;
4233 blob->pbData = (BYTE *)pvStructInfo +
4234 sizeof(CRYPT_INTEGER_BLOB);
4235 ret = CRYPT_AsnDecodeUnsignedIntegerInternal(pbEncoded,
4236 cbEncoded, dwFlags & ~CRYPT_ENCODE_ALLOC_FLAG, pvStructInfo,
4237 &bytesNeeded, NULL);
4243 SetLastError(STATUS_ACCESS_VIOLATION);
4250 static BOOL WINAPI CRYPT_AsnDecodeEnumerated(DWORD dwCertEncodingType,
4251 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4252 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4258 *pcbStructInfo = sizeof(int);
4263 if (pbEncoded[0] == ASN_ENUMERATED)
4265 unsigned int val = 0, i;
4269 SetLastError(CRYPT_E_ASN1_EOD);
4272 else if (pbEncoded[1] == 0)
4274 SetLastError(CRYPT_E_ASN1_CORRUPT);
4279 /* A little strange looking, but we have to accept a sign byte:
4280 * 0xffffffff gets encoded as 0a 05 00 ff ff ff ff. Also,
4281 * assuming a small length is okay here, it has to be in short
4284 if (pbEncoded[1] > sizeof(unsigned int) + 1)
4286 SetLastError(CRYPT_E_ASN1_LARGE);
4289 for (i = 0; i < pbEncoded[1]; i++)
4292 val |= pbEncoded[2 + i];
4294 if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4295 pvStructInfo, pcbStructInfo, sizeof(unsigned int))))
4297 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4298 pvStructInfo = *(BYTE **)pvStructInfo;
4299 memcpy(pvStructInfo, &val, sizeof(unsigned int));
4305 SetLastError(CRYPT_E_ASN1_BADTAG);
4311 SetLastError(STATUS_ACCESS_VIOLATION);
4318 /* Modifies word, pbEncoded, and len, and magically sets a value ret to FALSE
4321 #define CRYPT_TIME_GET_DIGITS(pbEncoded, len, numDigits, word) \
4326 for (i = 0; (len) > 0 && i < (numDigits); i++, (len)--) \
4328 if (!isdigit(*(pbEncoded))) \
4330 SetLastError(CRYPT_E_ASN1_CORRUPT); \
4336 (word) += *(pbEncoded)++ - '0'; \
4341 static BOOL CRYPT_AsnDecodeTimeZone(const BYTE *pbEncoded, DWORD len,
4342 SYSTEMTIME *sysTime)
4346 if (len >= 3 && (*pbEncoded == '+' || *pbEncoded == '-'))
4348 WORD hours, minutes = 0;
4349 BYTE sign = *pbEncoded++;
4352 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, hours);
4353 if (ret && hours >= 24)
4355 SetLastError(CRYPT_E_ASN1_CORRUPT);
4360 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, minutes);
4361 if (ret && minutes >= 60)
4363 SetLastError(CRYPT_E_ASN1_CORRUPT);
4371 sysTime->wHour += hours;
4372 sysTime->wMinute += minutes;
4376 if (hours > sysTime->wHour)
4379 sysTime->wHour = 24 - (hours - sysTime->wHour);
4382 sysTime->wHour -= hours;
4383 if (minutes > sysTime->wMinute)
4386 sysTime->wMinute = 60 - (minutes - sysTime->wMinute);
4389 sysTime->wMinute -= minutes;
4396 #define MIN_ENCODED_TIME_LENGTH 10
4398 static BOOL CRYPT_AsnDecodeUtcTimeInternal(const BYTE *pbEncoded,
4399 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4404 if (pbEncoded[0] == ASN_UTCTIME)
4407 SetLastError(CRYPT_E_ASN1_EOD);
4408 else if (pbEncoded[1] > 0x7f)
4410 /* long-form date strings really can't be valid */
4411 SetLastError(CRYPT_E_ASN1_CORRUPT);
4415 SYSTEMTIME sysTime = { 0 };
4416 BYTE len = pbEncoded[1];
4418 if (len < MIN_ENCODED_TIME_LENGTH)
4419 SetLastError(CRYPT_E_ASN1_CORRUPT);
4424 *pcbDecoded = 2 + len;
4426 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wYear);
4427 if (sysTime.wYear >= 50)
4428 sysTime.wYear += 1900;
4430 sysTime.wYear += 2000;
4431 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMonth);
4432 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wDay);
4433 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wHour);
4434 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMinute);
4437 if (len >= 2 && isdigit(*pbEncoded) &&
4438 isdigit(*(pbEncoded + 1)))
4439 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
4441 else if (isdigit(*pbEncoded))
4442 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 1,
4445 ret = CRYPT_AsnDecodeTimeZone(pbEncoded, len,
4451 *pcbStructInfo = sizeof(FILETIME);
4452 else if ((ret = CRYPT_DecodeCheckSpace(pcbStructInfo,
4454 ret = SystemTimeToFileTime(&sysTime, pvStructInfo);
4460 SetLastError(CRYPT_E_ASN1_BADTAG);
4464 static BOOL WINAPI CRYPT_AsnDecodeUtcTime(DWORD dwCertEncodingType,
4465 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4466 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4474 ret = CRYPT_AsnDecodeUtcTimeInternal(pbEncoded, cbEncoded,
4475 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
4479 *pcbStructInfo = bytesNeeded;
4480 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags,
4481 pDecodePara, pvStructInfo, pcbStructInfo, bytesNeeded)))
4483 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4484 pvStructInfo = *(BYTE **)pvStructInfo;
4485 ret = CRYPT_AsnDecodeUtcTimeInternal(pbEncoded, cbEncoded,
4486 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
4487 &bytesNeeded, NULL);
4493 SetLastError(STATUS_ACCESS_VIOLATION);
4499 static BOOL CRYPT_AsnDecodeGeneralizedTime(const BYTE *pbEncoded,
4500 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4505 if (pbEncoded[0] == ASN_GENERALTIME)
4508 SetLastError(CRYPT_E_ASN1_EOD);
4509 else if (pbEncoded[1] > 0x7f)
4511 /* long-form date strings really can't be valid */
4512 SetLastError(CRYPT_E_ASN1_CORRUPT);
4516 BYTE len = pbEncoded[1];
4518 if (len < MIN_ENCODED_TIME_LENGTH)
4519 SetLastError(CRYPT_E_ASN1_CORRUPT);
4522 SYSTEMTIME sysTime = { 0 };
4526 *pcbDecoded = 2 + len;
4528 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 4, sysTime.wYear);
4529 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wMonth);
4530 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wDay);
4531 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2, sysTime.wHour);
4534 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
4537 CRYPT_TIME_GET_DIGITS(pbEncoded, len, 2,
4539 if (ret && len > 0 && (*pbEncoded == '.' ||
4546 /* workaround macro weirdness */
4547 digits = min(len, 3);
4548 CRYPT_TIME_GET_DIGITS(pbEncoded, len, digits,
4549 sysTime.wMilliseconds);
4552 ret = CRYPT_AsnDecodeTimeZone(pbEncoded, len,
4558 *pcbStructInfo = sizeof(FILETIME);
4559 else if ((ret = CRYPT_DecodeCheckSpace(pcbStructInfo,
4561 ret = SystemTimeToFileTime(&sysTime, pvStructInfo);
4567 SetLastError(CRYPT_E_ASN1_BADTAG);
4571 static BOOL CRYPT_AsnDecodeChoiceOfTimeInternal(const BYTE *pbEncoded,
4572 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4576 InternalDecodeFunc decode = NULL;
4578 if (pbEncoded[0] == ASN_UTCTIME)
4579 decode = CRYPT_AsnDecodeUtcTimeInternal;
4580 else if (pbEncoded[0] == ASN_GENERALTIME)
4581 decode = CRYPT_AsnDecodeGeneralizedTime;
4583 ret = decode(pbEncoded, cbEncoded, dwFlags, pvStructInfo,
4584 pcbStructInfo, pcbDecoded);
4587 SetLastError(CRYPT_E_ASN1_BADTAG);
4593 static BOOL WINAPI CRYPT_AsnDecodeChoiceOfTime(DWORD dwCertEncodingType,
4594 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4595 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4603 ret = CRYPT_AsnDecodeChoiceOfTimeInternal(pbEncoded, cbEncoded,
4604 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, &bytesNeeded, NULL);
4608 *pcbStructInfo = bytesNeeded;
4609 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4610 pvStructInfo, pcbStructInfo, bytesNeeded)))
4612 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4613 pvStructInfo = *(BYTE **)pvStructInfo;
4614 ret = CRYPT_AsnDecodeChoiceOfTimeInternal(pbEncoded, cbEncoded,
4615 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
4616 &bytesNeeded, NULL);
4622 SetLastError(STATUS_ACCESS_VIOLATION);
4629 static BOOL WINAPI CRYPT_AsnDecodeSequenceOfAny(DWORD dwCertEncodingType,
4630 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4631 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4637 if (pbEncoded[0] == ASN_SEQUENCEOF)
4639 DWORD bytesNeeded, dataLen, remainingLen, cValue;
4641 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4646 lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4647 bytesNeeded = sizeof(CRYPT_SEQUENCE_OF_ANY);
4649 ptr = pbEncoded + 1 + lenBytes;
4650 remainingLen = dataLen;
4651 while (ret && remainingLen)
4655 ret = CRYPT_GetLen(ptr, remainingLen, &nextLen);
4658 DWORD nextLenBytes = GET_LEN_BYTES(ptr[1]);
4660 remainingLen -= 1 + nextLenBytes + nextLen;
4661 ptr += 1 + nextLenBytes + nextLen;
4662 bytesNeeded += sizeof(CRYPT_DER_BLOB);
4663 if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG))
4664 bytesNeeded += 1 + nextLenBytes + nextLen;
4670 CRYPT_SEQUENCE_OF_ANY *seq;
4675 *pcbStructInfo = bytesNeeded;
4676 else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
4677 pvStructInfo, pcbStructInfo, bytesNeeded)))
4679 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
4680 pvStructInfo = *(BYTE **)pvStructInfo;
4682 seq->cValue = cValue;
4683 seq->rgValue = (CRYPT_DER_BLOB *)((BYTE *)seq +
4685 nextPtr = (BYTE *)seq->rgValue +
4686 cValue * sizeof(CRYPT_DER_BLOB);
4687 ptr = pbEncoded + 1 + lenBytes;
4688 remainingLen = dataLen;
4690 while (ret && remainingLen)
4694 ret = CRYPT_GetLen(ptr, remainingLen, &nextLen);
4697 DWORD nextLenBytes = GET_LEN_BYTES(ptr[1]);
4699 seq->rgValue[i].cbData = 1 + nextLenBytes +
4701 if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
4702 seq->rgValue[i].pbData = (BYTE *)ptr;
4705 seq->rgValue[i].pbData = nextPtr;
4706 memcpy(nextPtr, ptr, 1 + nextLenBytes +
4708 nextPtr += 1 + nextLenBytes + nextLen;
4710 remainingLen -= 1 + nextLenBytes + nextLen;
4711 ptr += 1 + nextLenBytes + nextLen;
4721 SetLastError(CRYPT_E_ASN1_BADTAG);
4727 SetLastError(STATUS_ACCESS_VIOLATION);
4734 static BOOL CRYPT_AsnDecodeDistPointName(const BYTE *pbEncoded,
4735 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4740 if (pbEncoded[0] == (ASN_CONTEXT | ASN_CONSTRUCTOR | 0))
4742 DWORD bytesNeeded, dataLen;
4744 if ((ret = CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen)))
4746 struct AsnArrayDescriptor arrayDesc = {
4747 ASN_CONTEXT | ASN_CONSTRUCTOR | 0,
4748 offsetof(CRL_DIST_POINT_NAME, u.FullName.cAltEntry),
4749 offsetof(CRL_DIST_POINT_NAME, u.FullName.rgAltEntry),
4750 FINALMEMBERSIZE(CRL_DIST_POINT_NAME, u),
4751 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), TRUE,
4752 offsetof(CERT_ALT_NAME_ENTRY, u.pwszURL) };
4753 BYTE lenBytes = GET_LEN_BYTES(pbEncoded[1]);
4758 ret = CRYPT_AsnDecodeArray(&arrayDesc,
4759 pbEncoded + 1 + lenBytes, cbEncoded - 1 - lenBytes,
4760 dwFlags, NULL, NULL, &nameLen, NULL);
4761 bytesNeeded = sizeof(CRL_DIST_POINT_NAME) + nameLen -
4762 FINALMEMBERSIZE(CRL_DIST_POINT_NAME, u);
4765 bytesNeeded = sizeof(CRL_DIST_POINT_NAME);
4767 *pcbDecoded = 1 + lenBytes + dataLen;
4769 *pcbStructInfo = bytesNeeded;
4770 else if (*pcbStructInfo < bytesNeeded)
4772 *pcbStructInfo = bytesNeeded;
4773 SetLastError(ERROR_MORE_DATA);
4778 CRL_DIST_POINT_NAME *name = pvStructInfo;
4780 *pcbStructInfo = bytesNeeded;
4783 name->dwDistPointNameChoice = CRL_DIST_POINT_FULL_NAME;
4784 ret = CRYPT_AsnDecodeArray(&arrayDesc,
4785 pbEncoded + 1 + lenBytes, cbEncoded - 1 - lenBytes,
4786 dwFlags, NULL, &name->u.FullName.cAltEntry, &nameLen,
4790 name->dwDistPointNameChoice = CRL_DIST_POINT_NO_NAME;
4796 SetLastError(CRYPT_E_ASN1_BADTAG);
4802 static BOOL CRYPT_AsnDecodeDistPoint(const BYTE *pbEncoded, DWORD cbEncoded,
4803 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
4805 struct AsnDecodeSequenceItem items[] = {
4806 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CRL_DIST_POINT,
4807 DistPointName), CRYPT_AsnDecodeDistPointName,
4808 sizeof(CRL_DIST_POINT_NAME), TRUE, TRUE, offsetof(CRL_DIST_POINT,
4809 DistPointName.u.FullName.rgAltEntry), 0 },
4810 { ASN_CONTEXT | 1, offsetof(CRL_DIST_POINT, ReasonFlags),
4811 CRYPT_AsnDecodeBitsInternal, sizeof(CRYPT_BIT_BLOB), TRUE, TRUE,
4812 offsetof(CRL_DIST_POINT, ReasonFlags.pbData), 0 },
4813 { ASN_CONTEXT | ASN_CONSTRUCTOR | 2, offsetof(CRL_DIST_POINT, CRLIssuer),
4814 CRYPT_AsnDecodeAltNameInternal, sizeof(CERT_ALT_NAME_INFO), TRUE, TRUE,
4815 offsetof(CRL_DIST_POINT, CRLIssuer.rgAltEntry), 0 },
4817 CRL_DIST_POINT *point = pvStructInfo;
4820 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
4821 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
4822 pcbDecoded, point ? point->DistPointName.u.FullName.rgAltEntry : NULL);
4826 static BOOL WINAPI CRYPT_AsnDecodeCRLDistPoints(DWORD dwCertEncodingType,
4827 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4828 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4832 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
4833 pDecodePara, pvStructInfo, *pcbStructInfo);
4837 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
4838 offsetof(CRL_DIST_POINTS_INFO, cDistPoint),
4839 offsetof(CRL_DIST_POINTS_INFO, rgDistPoint),
4840 sizeof(CRL_DIST_POINTS_INFO),
4841 CRYPT_AsnDecodeDistPoint, sizeof(CRL_DIST_POINT), TRUE,
4842 offsetof(CRL_DIST_POINT, DistPointName.u.FullName.rgAltEntry) };
4844 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
4845 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
4849 SetLastError(STATUS_ACCESS_VIOLATION);
4856 static BOOL WINAPI CRYPT_AsnDecodeEnhancedKeyUsage(DWORD dwCertEncodingType,
4857 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4858 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4862 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
4863 pDecodePara, pvStructInfo, *pcbStructInfo);
4867 struct AsnArrayDescriptor arrayDesc = { ASN_SEQUENCEOF,
4868 offsetof(CERT_ENHKEY_USAGE, cUsageIdentifier),
4869 offsetof(CERT_ENHKEY_USAGE, rgpszUsageIdentifier),
4870 sizeof(CERT_ENHKEY_USAGE),
4871 CRYPT_AsnDecodeOidInternal, sizeof(LPSTR), TRUE, 0 };
4873 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
4874 dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, NULL);
4878 SetLastError(STATUS_ACCESS_VIOLATION);
4885 static BOOL WINAPI CRYPT_AsnDecodeIssuingDistPoint(DWORD dwCertEncodingType,
4886 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
4887 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
4891 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
4892 pDecodePara, pvStructInfo, *pcbStructInfo);
4896 struct AsnDecodeSequenceItem items[] = {
4897 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0, offsetof(CRL_ISSUING_DIST_POINT,
4898 DistPointName), CRYPT_AsnDecodeDistPointName,
4899 sizeof(CRL_DIST_POINT_NAME), TRUE, TRUE,
4900 offsetof(CRL_ISSUING_DIST_POINT,
4901 DistPointName.u.FullName.rgAltEntry), 0 },
4902 { ASN_CONTEXT | 1, offsetof(CRL_ISSUING_DIST_POINT,
4903 fOnlyContainsUserCerts), CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE,
4905 { ASN_CONTEXT | 2, offsetof(CRL_ISSUING_DIST_POINT,
4906 fOnlyContainsCACerts), CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE,
4908 { ASN_CONTEXT | 3, offsetof(CRL_ISSUING_DIST_POINT,
4909 OnlySomeReasonFlags), CRYPT_AsnDecodeBitsInternal,
4910 sizeof(CRYPT_BIT_BLOB), TRUE, TRUE, offsetof(CRL_ISSUING_DIST_POINT,
4911 OnlySomeReasonFlags.pbData), 0 },
4912 { ASN_CONTEXT | 4, offsetof(CRL_ISSUING_DIST_POINT,
4913 fIndirectCRL), CRYPT_AsnDecodeBool, sizeof(BOOL), TRUE, FALSE, 0 },
4916 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
4917 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
4918 pcbStructInfo, NULL, NULL);
4922 SetLastError(STATUS_ACCESS_VIOLATION);
4929 static BOOL CRYPT_AsnDecodeMaximum(const BYTE *pbEncoded,
4930 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4934 DWORD max, size = sizeof(max);
4936 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
4937 pvStructInfo, *pcbStructInfo, pcbDecoded);
4941 SetLastError(CRYPT_E_ASN1_EOD);
4944 if (pbEncoded[0] != (ASN_CONTEXT | 1))
4946 SetLastError(CRYPT_E_ASN1_BADTAG);
4949 if ((ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
4950 &max, &size, pcbDecoded)))
4952 DWORD bytesNeeded = FINALMEMBERSIZE(CERT_GENERAL_SUBTREE, fMaximum);
4955 *pcbStructInfo = bytesNeeded;
4956 else if (*pcbStructInfo < bytesNeeded)
4958 *pcbStructInfo = bytesNeeded;
4959 SetLastError(ERROR_MORE_DATA);
4964 CERT_GENERAL_SUBTREE *subtree = (CERT_GENERAL_SUBTREE *)
4965 ((BYTE *)pvStructInfo - offsetof(CERT_GENERAL_SUBTREE, fMaximum));
4967 *pcbStructInfo = bytesNeeded;
4968 /* The BOOL is implicit: if the integer is present, then it's
4971 subtree->fMaximum = TRUE;
4972 subtree->dwMaximum = max;
4975 TRACE("returning %d\n", ret);
4979 static BOOL CRYPT_AsnDecodeSubtree(const BYTE *pbEncoded,
4980 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
4984 struct AsnDecodeSequenceItem items[] = {
4985 { 0, offsetof(CERT_GENERAL_SUBTREE, Base),
4986 CRYPT_AsnDecodeAltNameEntry, sizeof(CERT_ALT_NAME_ENTRY), TRUE, TRUE,
4987 offsetof(CERT_ALT_NAME_ENTRY, u.pwszURL), 0 },
4988 { ASN_CONTEXT | 0, offsetof(CERT_GENERAL_SUBTREE, dwMinimum),
4989 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), TRUE, FALSE, 0, 0 },
4990 { ASN_CONTEXT | 1, offsetof(CERT_GENERAL_SUBTREE, fMaximum),
4991 CRYPT_AsnDecodeMaximum, FINALMEMBERSIZE(CERT_GENERAL_SUBTREE, fMaximum),
4992 TRUE, FALSE, 0, 0 },
4994 CERT_GENERAL_SUBTREE *subtree = pvStructInfo;
4996 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
4997 pvStructInfo, *pcbStructInfo, pcbDecoded);
4999 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5000 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5001 pcbDecoded, subtree ? subtree->Base.u.pwszURL : NULL);
5004 TRACE("%d\n", *pcbDecoded);
5005 if (*pcbDecoded < cbEncoded)
5006 TRACE("%02x %02x\n", *(pbEncoded + *pcbDecoded),
5007 *(pbEncoded + *pcbDecoded + 1));
5009 TRACE("returning %d\n", ret);
5013 static BOOL CRYPT_AsnDecodePermittedSubtree(const BYTE *pbEncoded,
5014 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5018 struct AsnArrayDescriptor arrayDesc = { 0,
5019 offsetof(CERT_NAME_CONSTRAINTS_INFO, cPermittedSubtree),
5020 offsetof(CERT_NAME_CONSTRAINTS_INFO, rgPermittedSubtree),
5021 MEMBERSIZE(CERT_NAME_CONSTRAINTS_INFO, cPermittedSubtree,
5023 CRYPT_AsnDecodeSubtree, sizeof(CERT_GENERAL_SUBTREE), TRUE,
5024 offsetof(CERT_GENERAL_SUBTREE, Base.u.pwszURL) };
5026 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5027 pvStructInfo, *pcbStructInfo, pcbDecoded);
5029 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5030 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5034 static BOOL CRYPT_AsnDecodeExcludedSubtree(const BYTE *pbEncoded,
5035 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5039 struct AsnArrayDescriptor arrayDesc = { 0,
5040 offsetof(CERT_NAME_CONSTRAINTS_INFO, cExcludedSubtree),
5041 offsetof(CERT_NAME_CONSTRAINTS_INFO, rgExcludedSubtree),
5042 FINALMEMBERSIZE(CERT_NAME_CONSTRAINTS_INFO, cExcludedSubtree),
5043 CRYPT_AsnDecodeSubtree, sizeof(CERT_GENERAL_SUBTREE), TRUE,
5044 offsetof(CERT_GENERAL_SUBTREE, Base.u.pwszURL) };
5046 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5047 pvStructInfo, *pcbStructInfo, pcbDecoded);
5049 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5050 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5054 static BOOL WINAPI CRYPT_AsnDecodeNameConstraints(DWORD dwCertEncodingType,
5055 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5056 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5060 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5061 pDecodePara, pvStructInfo, *pcbStructInfo);
5065 struct AsnDecodeSequenceItem items[] = {
5066 { ASN_CONTEXT | ASN_CONSTRUCTOR | 0,
5067 offsetof(CERT_NAME_CONSTRAINTS_INFO, cPermittedSubtree),
5068 CRYPT_AsnDecodePermittedSubtree,
5069 MEMBERSIZE(CERT_NAME_CONSTRAINTS_INFO, cPermittedSubtree,
5070 cExcludedSubtree), TRUE, TRUE,
5071 offsetof(CERT_NAME_CONSTRAINTS_INFO, rgPermittedSubtree), 0 },
5072 { ASN_CONTEXT | ASN_CONSTRUCTOR | 1,
5073 offsetof(CERT_NAME_CONSTRAINTS_INFO, cExcludedSubtree),
5074 CRYPT_AsnDecodeExcludedSubtree,
5075 FINALMEMBERSIZE(CERT_NAME_CONSTRAINTS_INFO, cExcludedSubtree),
5077 offsetof(CERT_NAME_CONSTRAINTS_INFO, rgExcludedSubtree), 0 },
5080 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5081 pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
5082 pcbStructInfo, NULL, NULL);
5086 SetLastError(STATUS_ACCESS_VIOLATION);
5092 static BOOL CRYPT_AsnDecodeIssuerSerialNumber(const BYTE *pbEncoded,
5093 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5097 struct AsnDecodeSequenceItem items[] = {
5098 { 0, offsetof(CERT_ISSUER_SERIAL_NUMBER, Issuer), CRYPT_AsnDecodeDerBlob,
5099 sizeof(CRYPT_DER_BLOB), FALSE, TRUE, offsetof(CERT_ISSUER_SERIAL_NUMBER,
5101 { ASN_INTEGER, offsetof(CERT_ISSUER_SERIAL_NUMBER, SerialNumber),
5102 CRYPT_AsnDecodeIntegerInternal, sizeof(CRYPT_INTEGER_BLOB), FALSE,
5103 TRUE, offsetof(CERT_ISSUER_SERIAL_NUMBER, SerialNumber.pbData), 0 },
5105 CERT_ISSUER_SERIAL_NUMBER *issuerSerial = pvStructInfo;
5107 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5108 pvStructInfo, *pcbStructInfo, pcbDecoded);
5110 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5111 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5112 pcbDecoded, issuerSerial ? issuerSerial->Issuer.pbData : NULL);
5113 if (ret && issuerSerial && !issuerSerial->SerialNumber.cbData)
5115 SetLastError(CRYPT_E_ASN1_CORRUPT);
5118 TRACE("returning %d\n", ret);
5122 static BOOL CRYPT_AsnDecodePKCSSignerInfoInternal(const BYTE *pbEncoded,
5123 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5126 CMSG_SIGNER_INFO *info = pvStructInfo;
5127 struct AsnDecodeSequenceItem items[] = {
5128 { ASN_INTEGER, offsetof(CMSG_SIGNER_INFO, dwVersion),
5129 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
5130 { ASN_SEQUENCEOF, offsetof(CMSG_SIGNER_INFO, Issuer),
5131 CRYPT_AsnDecodeIssuerSerialNumber, sizeof(CERT_ISSUER_SERIAL_NUMBER),
5132 FALSE, TRUE, offsetof(CMSG_SIGNER_INFO, Issuer.pbData), 0 },
5133 { ASN_SEQUENCEOF, offsetof(CMSG_SIGNER_INFO, HashAlgorithm),
5134 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
5135 FALSE, TRUE, offsetof(CMSG_SIGNER_INFO, HashAlgorithm.pszObjId), 0 },
5136 { ASN_CONSTRUCTOR | ASN_CONTEXT | 0,
5137 offsetof(CMSG_SIGNER_INFO, AuthAttrs),
5138 CRYPT_AsnDecodePKCSAttributesInternal, sizeof(CRYPT_ATTRIBUTES),
5139 TRUE, TRUE, offsetof(CMSG_SIGNER_INFO, AuthAttrs.rgAttr), 0 },
5140 { ASN_SEQUENCEOF, offsetof(CMSG_SIGNER_INFO, HashEncryptionAlgorithm),
5141 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
5142 FALSE, TRUE, offsetof(CMSG_SIGNER_INFO,
5143 HashEncryptionAlgorithm.pszObjId), 0 },
5144 { ASN_OCTETSTRING, offsetof(CMSG_SIGNER_INFO, EncryptedHash),
5145 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DER_BLOB),
5146 FALSE, TRUE, offsetof(CMSG_SIGNER_INFO, EncryptedHash.pbData), 0 },
5147 { ASN_CONSTRUCTOR | ASN_CONTEXT | 1,
5148 offsetof(CMSG_SIGNER_INFO, UnauthAttrs),
5149 CRYPT_AsnDecodePKCSAttributesInternal, sizeof(CRYPT_ATTRIBUTES),
5150 TRUE, TRUE, offsetof(CMSG_SIGNER_INFO, UnauthAttrs.rgAttr), 0 },
5154 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5155 pvStructInfo, *pcbStructInfo);
5157 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5158 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5159 pcbDecoded, info ? info->Issuer.pbData : NULL);
5163 static BOOL WINAPI CRYPT_AsnDecodePKCSSignerInfo(DWORD dwCertEncodingType,
5164 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5165 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5169 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5170 pDecodePara, pvStructInfo, *pcbStructInfo);
5174 ret = CRYPT_AsnDecodePKCSSignerInfoInternal(pbEncoded, cbEncoded,
5175 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
5176 if (ret && pvStructInfo)
5178 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
5179 pcbStructInfo, *pcbStructInfo);
5182 CMSG_SIGNER_INFO *info;
5184 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
5185 pvStructInfo = *(BYTE **)pvStructInfo;
5186 info = pvStructInfo;
5187 info->Issuer.pbData = ((BYTE *)info +
5188 sizeof(CMSG_SIGNER_INFO));
5189 ret = CRYPT_AsnDecodePKCSSignerInfoInternal(pbEncoded,
5190 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
5191 pcbStructInfo, NULL);
5197 SetLastError(STATUS_ACCESS_VIOLATION);
5200 TRACE("returning %d\n", ret);
5204 static BOOL CRYPT_AsnDecodeCMSCertEncoded(const BYTE *pbEncoded,
5205 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5209 struct AsnArrayDescriptor arrayDesc = { 0,
5210 offsetof(CRYPT_SIGNED_INFO, cCertEncoded),
5211 offsetof(CRYPT_SIGNED_INFO, rgCertEncoded),
5212 MEMBERSIZE(CRYPT_SIGNED_INFO, cCertEncoded, cCrlEncoded),
5213 CRYPT_AsnDecodeCopyBytes,
5214 sizeof(CRYPT_DER_BLOB), TRUE, offsetof(CRYPT_DER_BLOB, pbData) };
5216 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5217 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0, pcbDecoded);
5219 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5220 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5224 static BOOL CRYPT_AsnDecodeCMSCrlEncoded(const BYTE *pbEncoded,
5225 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5229 struct AsnArrayDescriptor arrayDesc = { 0,
5230 offsetof(CRYPT_SIGNED_INFO, cCrlEncoded),
5231 offsetof(CRYPT_SIGNED_INFO, rgCrlEncoded),
5232 MEMBERSIZE(CRYPT_SIGNED_INFO, cCrlEncoded, content),
5233 CRYPT_AsnDecodeCopyBytes, sizeof(CRYPT_DER_BLOB),
5234 TRUE, offsetof(CRYPT_DER_BLOB, pbData) };
5236 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5237 pvStructInfo, pvStructInfo ? *pcbStructInfo : 0, pcbDecoded);
5239 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5240 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5244 static BOOL CRYPT_AsnDecodeCMSSignerId(const BYTE *pbEncoded,
5245 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5248 CERT_ID *id = pvStructInfo;
5251 if (*pbEncoded == ASN_SEQUENCEOF)
5253 ret = CRYPT_AsnDecodeIssuerSerialNumber(pbEncoded, cbEncoded, dwFlags,
5254 id ? &id->u.IssuerSerialNumber : NULL, pcbStructInfo, pcbDecoded);
5258 id->dwIdChoice = CERT_ID_ISSUER_SERIAL_NUMBER;
5259 if (*pcbStructInfo > sizeof(CERT_ISSUER_SERIAL_NUMBER))
5260 *pcbStructInfo = sizeof(CERT_ID) + *pcbStructInfo -
5261 sizeof(CERT_ISSUER_SERIAL_NUMBER);
5263 *pcbStructInfo = sizeof(CERT_ID);
5266 else if (*pbEncoded == (ASN_CONTEXT | 0))
5268 ret = CRYPT_AsnDecodeOctetsInternal(pbEncoded, cbEncoded, dwFlags,
5269 id ? &id->u.KeyId : NULL, pcbStructInfo, pcbDecoded);
5273 id->dwIdChoice = CERT_ID_KEY_IDENTIFIER;
5274 if (*pcbStructInfo > sizeof(CRYPT_DATA_BLOB))
5275 *pcbStructInfo = sizeof(CERT_ID) + *pcbStructInfo -
5276 sizeof(CRYPT_DATA_BLOB);
5278 *pcbStructInfo = sizeof(CERT_ID);
5282 SetLastError(CRYPT_E_ASN1_BADTAG);
5286 static BOOL CRYPT_AsnDecodeCMSSignerInfoInternal(const BYTE *pbEncoded,
5287 DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
5290 CMSG_CMS_SIGNER_INFO *info = pvStructInfo;
5291 struct AsnDecodeSequenceItem items[] = {
5292 { ASN_INTEGER, offsetof(CMSG_CMS_SIGNER_INFO, dwVersion),
5293 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
5294 { 0, offsetof(CMSG_CMS_SIGNER_INFO, SignerId),
5295 CRYPT_AsnDecodeCMSSignerId, sizeof(CERT_ID), FALSE, TRUE,
5296 offsetof(CMSG_CMS_SIGNER_INFO, SignerId.u.KeyId.pbData), 0 },
5297 { ASN_SEQUENCEOF, offsetof(CMSG_CMS_SIGNER_INFO, HashAlgorithm),
5298 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
5299 FALSE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO, HashAlgorithm.pszObjId), 0 },
5300 { ASN_CONSTRUCTOR | ASN_CONTEXT | 0,
5301 offsetof(CMSG_CMS_SIGNER_INFO, AuthAttrs),
5302 CRYPT_AsnDecodePKCSAttributesInternal, sizeof(CRYPT_ATTRIBUTES),
5303 TRUE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO, AuthAttrs.rgAttr), 0 },
5304 { ASN_SEQUENCEOF, offsetof(CMSG_CMS_SIGNER_INFO, HashEncryptionAlgorithm),
5305 CRYPT_AsnDecodeAlgorithmId, sizeof(CRYPT_ALGORITHM_IDENTIFIER),
5306 FALSE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO,
5307 HashEncryptionAlgorithm.pszObjId), 0 },
5308 { ASN_OCTETSTRING, offsetof(CMSG_CMS_SIGNER_INFO, EncryptedHash),
5309 CRYPT_AsnDecodeOctetsInternal, sizeof(CRYPT_DER_BLOB),
5310 FALSE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO, EncryptedHash.pbData), 0 },
5311 { ASN_CONSTRUCTOR | ASN_CONTEXT | 1,
5312 offsetof(CMSG_CMS_SIGNER_INFO, UnauthAttrs),
5313 CRYPT_AsnDecodePKCSAttributesInternal, sizeof(CRYPT_ATTRIBUTES),
5314 TRUE, TRUE, offsetof(CMSG_CMS_SIGNER_INFO, UnauthAttrs.rgAttr), 0 },
5318 TRACE("%p, %d, %08x, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5319 pvStructInfo, *pcbStructInfo);
5321 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5322 pbEncoded, cbEncoded, dwFlags, NULL, pvStructInfo, pcbStructInfo,
5323 pcbDecoded, info ? info->SignerId.u.KeyId.pbData : NULL);
5327 static BOOL WINAPI CRYPT_AsnDecodeCMSSignerInfo(DWORD dwCertEncodingType,
5328 LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5329 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5333 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5334 pDecodePara, pvStructInfo, *pcbStructInfo);
5338 ret = CRYPT_AsnDecodeCMSSignerInfoInternal(pbEncoded, cbEncoded,
5339 dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL, pcbStructInfo, NULL);
5340 if (ret && pvStructInfo)
5342 ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo,
5343 pcbStructInfo, *pcbStructInfo);
5346 CMSG_CMS_SIGNER_INFO *info;
5348 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
5349 pvStructInfo = *(BYTE **)pvStructInfo;
5350 info = pvStructInfo;
5351 info->SignerId.u.KeyId.pbData = ((BYTE *)info +
5352 sizeof(CMSG_CMS_SIGNER_INFO));
5353 ret = CRYPT_AsnDecodeCMSSignerInfoInternal(pbEncoded,
5354 cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, pvStructInfo,
5355 pcbStructInfo, NULL);
5361 SetLastError(STATUS_ACCESS_VIOLATION);
5364 TRACE("returning %d\n", ret);
5368 static BOOL CRYPT_DecodeSignerArray(const BYTE *pbEncoded, DWORD cbEncoded,
5369 DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo, DWORD *pcbDecoded)
5372 struct AsnArrayDescriptor arrayDesc = { ASN_CONSTRUCTOR | ASN_SETOF,
5373 offsetof(CRYPT_SIGNED_INFO, cSignerInfo),
5374 offsetof(CRYPT_SIGNED_INFO, rgSignerInfo),
5375 FINALMEMBERSIZE(CRYPT_SIGNED_INFO, cSignerInfo),
5376 CRYPT_AsnDecodeCMSSignerInfoInternal, sizeof(CMSG_CMS_SIGNER_INFO), TRUE,
5377 offsetof(CMSG_CMS_SIGNER_INFO, SignerId.u.KeyId.pbData) };
5379 TRACE("%p, %d, %08x, %p, %d, %p\n", pbEncoded, cbEncoded, dwFlags,
5380 pvStructInfo, *pcbStructInfo, pcbDecoded);
5382 ret = CRYPT_AsnDecodeArray(&arrayDesc, pbEncoded, cbEncoded,
5383 dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
5387 BOOL CRYPT_AsnDecodeCMSSignedInfo(const BYTE *pbEncoded, DWORD cbEncoded,
5388 DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
5389 CRYPT_SIGNED_INFO *signedInfo, DWORD *pcbSignedInfo)
5392 struct AsnDecodeSequenceItem items[] = {
5393 { ASN_INTEGER, offsetof(CRYPT_SIGNED_INFO, version),
5394 CRYPT_AsnDecodeIntInternal, sizeof(DWORD), FALSE, FALSE, 0, 0 },
5395 /* Placeholder for the hash algorithms - redundant with those in the
5396 * signers, so just ignore them.
5398 { ASN_CONSTRUCTOR | ASN_SETOF, 0, NULL, 0, TRUE, FALSE, 0, 0 },
5399 { ASN_SEQUENCE, offsetof(CRYPT_SIGNED_INFO, content),
5400 CRYPT_AsnDecodePKCSContentInfoInternal, sizeof(CRYPT_CONTENT_INFO),
5401 FALSE, TRUE, offsetof(CRYPT_SIGNED_INFO, content.pszObjId), 0 },
5402 { ASN_CONSTRUCTOR | ASN_CONTEXT | 0,
5403 offsetof(CRYPT_SIGNED_INFO, cCertEncoded), CRYPT_AsnDecodeCMSCertEncoded,
5404 MEMBERSIZE(CRYPT_SIGNED_INFO, cCertEncoded, cCrlEncoded), TRUE, TRUE,
5405 offsetof(CRYPT_SIGNED_INFO, rgCertEncoded), 0 },
5406 { ASN_CONSTRUCTOR | ASN_CONTEXT | 1,
5407 offsetof(CRYPT_SIGNED_INFO, cCrlEncoded), CRYPT_AsnDecodeCMSCrlEncoded,
5408 MEMBERSIZE(CRYPT_SIGNED_INFO, cCrlEncoded, content), TRUE, TRUE,
5409 offsetof(CRYPT_SIGNED_INFO, rgCrlEncoded), 0 },
5410 { ASN_CONSTRUCTOR | ASN_SETOF, offsetof(CRYPT_SIGNED_INFO, cSignerInfo),
5411 CRYPT_DecodeSignerArray,
5412 FINALMEMBERSIZE(CRYPT_SIGNED_INFO, cSignerInfo), TRUE, TRUE,
5413 offsetof(CRYPT_SIGNED_INFO, rgSignerInfo), 0 },
5416 TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
5417 pDecodePara, signedInfo, *pcbSignedInfo);
5419 ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
5420 pbEncoded, cbEncoded, dwFlags, pDecodePara, signedInfo, pcbSignedInfo,
5422 TRACE("returning %d\n", ret);
5426 static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
5427 LPCSTR lpszStructType)
5429 CryptDecodeObjectExFunc decodeFunc = NULL;
5431 if ((dwCertEncodingType & CERT_ENCODING_TYPE_MASK) != X509_ASN_ENCODING
5432 && (dwCertEncodingType & CMSG_ENCODING_TYPE_MASK) != PKCS_7_ASN_ENCODING)
5434 SetLastError(ERROR_FILE_NOT_FOUND);
5437 if (!HIWORD(lpszStructType))
5439 switch (LOWORD(lpszStructType))
5441 case LOWORD(X509_CERT):
5442 decodeFunc = CRYPT_AsnDecodeCertSignedContent;
5444 case LOWORD(X509_CERT_TO_BE_SIGNED):
5445 decodeFunc = CRYPT_AsnDecodeCert;
5447 case LOWORD(X509_CERT_CRL_TO_BE_SIGNED):
5448 decodeFunc = CRYPT_AsnDecodeCRL;
5450 case LOWORD(X509_EXTENSIONS):
5451 decodeFunc = CRYPT_AsnDecodeExtensions;
5453 case LOWORD(X509_NAME_VALUE):
5454 decodeFunc = CRYPT_AsnDecodeNameValue;
5456 case LOWORD(X509_NAME):
5457 decodeFunc = CRYPT_AsnDecodeName;
5459 case LOWORD(X509_PUBLIC_KEY_INFO):
5460 decodeFunc = CRYPT_AsnDecodePubKeyInfo;
5462 case LOWORD(X509_AUTHORITY_KEY_ID):
5463 decodeFunc = CRYPT_AsnDecodeAuthorityKeyId;
5465 case LOWORD(X509_ALTERNATE_NAME):
5466 decodeFunc = CRYPT_AsnDecodeAltName;
5468 case LOWORD(X509_BASIC_CONSTRAINTS):
5469 decodeFunc = CRYPT_AsnDecodeBasicConstraints;
5471 case LOWORD(X509_BASIC_CONSTRAINTS2):
5472 decodeFunc = CRYPT_AsnDecodeBasicConstraints2;
5474 case LOWORD(X509_CERT_POLICIES):
5475 decodeFunc = CRYPT_AsnDecodeCertPolicies;
5477 case LOWORD(RSA_CSP_PUBLICKEYBLOB):
5478 decodeFunc = CRYPT_AsnDecodeRsaPubKey;
5480 case LOWORD(X509_UNICODE_NAME):
5481 decodeFunc = CRYPT_AsnDecodeUnicodeName;
5483 case LOWORD(PKCS_ATTRIBUTE):
5484 decodeFunc = CRYPT_AsnDecodePKCSAttribute;
5486 case LOWORD(X509_UNICODE_NAME_VALUE):
5487 decodeFunc = CRYPT_AsnDecodeUnicodeNameValue;
5489 case LOWORD(X509_OCTET_STRING):
5490 decodeFunc = CRYPT_AsnDecodeOctets;
5492 case LOWORD(X509_BITS):
5493 case LOWORD(X509_KEY_USAGE):
5494 decodeFunc = CRYPT_AsnDecodeBits;
5496 case LOWORD(X509_INTEGER):
5497 decodeFunc = CRYPT_AsnDecodeInt;
5499 case LOWORD(X509_MULTI_BYTE_INTEGER):
5500 decodeFunc = CRYPT_AsnDecodeInteger;
5502 case LOWORD(X509_MULTI_BYTE_UINT):
5503 decodeFunc = CRYPT_AsnDecodeUnsignedInteger;
5505 case LOWORD(X509_ENUMERATED):
5506 decodeFunc = CRYPT_AsnDecodeEnumerated;
5508 case LOWORD(X509_CHOICE_OF_TIME):
5509 decodeFunc = CRYPT_AsnDecodeChoiceOfTime;
5511 case LOWORD(X509_AUTHORITY_KEY_ID2):
5512 decodeFunc = CRYPT_AsnDecodeAuthorityKeyId2;
5514 case LOWORD(X509_AUTHORITY_INFO_ACCESS):
5515 decodeFunc = CRYPT_AsnDecodeAuthorityInfoAccess;
5517 case LOWORD(PKCS_CONTENT_INFO):
5518 decodeFunc = CRYPT_AsnDecodePKCSContentInfo;
5520 case LOWORD(X509_SEQUENCE_OF_ANY):
5521 decodeFunc = CRYPT_AsnDecodeSequenceOfAny;
5523 case LOWORD(PKCS_UTC_TIME):
5524 decodeFunc = CRYPT_AsnDecodeUtcTime;
5526 case LOWORD(X509_CRL_DIST_POINTS):
5527 decodeFunc = CRYPT_AsnDecodeCRLDistPoints;
5529 case LOWORD(X509_ENHANCED_KEY_USAGE):
5530 decodeFunc = CRYPT_AsnDecodeEnhancedKeyUsage;
5532 case LOWORD(PKCS_CTL):
5533 decodeFunc = CRYPT_AsnDecodeCTL;
5535 case LOWORD(PKCS_SMIME_CAPABILITIES):
5536 decodeFunc = CRYPT_AsnDecodeSMIMECapabilities;
5538 case LOWORD(X509_PKIX_POLICY_QUALIFIER_USERNOTICE):
5539 decodeFunc = CRYPT_AsnDecodePolicyQualifierUserNotice;
5541 case LOWORD(PKCS_ATTRIBUTES):
5542 decodeFunc = CRYPT_AsnDecodePKCSAttributes;
5544 case LOWORD(X509_ISSUING_DIST_POINT):
5545 decodeFunc = CRYPT_AsnDecodeIssuingDistPoint;
5547 case LOWORD(X509_NAME_CONSTRAINTS):
5548 decodeFunc = CRYPT_AsnDecodeNameConstraints;
5550 case LOWORD(X509_POLICY_MAPPINGS):
5551 decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
5553 case LOWORD(PKCS7_SIGNER_INFO):
5554 decodeFunc = CRYPT_AsnDecodePKCSSignerInfo;
5556 case LOWORD(CMS_SIGNER_INFO):
5557 decodeFunc = CRYPT_AsnDecodeCMSSignerInfo;
5561 else if (!strcmp(lpszStructType, szOID_CERT_EXTENSIONS))
5562 decodeFunc = CRYPT_AsnDecodeExtensions;
5563 else if (!strcmp(lpszStructType, szOID_RSA_signingTime))
5564 decodeFunc = CRYPT_AsnDecodeUtcTime;
5565 else if (!strcmp(lpszStructType, szOID_RSA_SMIMECapabilities))
5566 decodeFunc = CRYPT_AsnDecodeSMIMECapabilities;
5567 else if (!strcmp(lpszStructType, szOID_AUTHORITY_KEY_IDENTIFIER))
5568 decodeFunc = CRYPT_AsnDecodeAuthorityKeyId;
5569 else if (!strcmp(lpszStructType, szOID_LEGACY_POLICY_MAPPINGS))
5570 decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
5571 else if (!strcmp(lpszStructType, szOID_AUTHORITY_KEY_IDENTIFIER2))
5572 decodeFunc = CRYPT_AsnDecodeAuthorityKeyId2;
5573 else if (!strcmp(lpszStructType, szOID_CRL_REASON_CODE))
5574 decodeFunc = CRYPT_AsnDecodeEnumerated;
5575 else if (!strcmp(lpszStructType, szOID_KEY_USAGE))
5576 decodeFunc = CRYPT_AsnDecodeBits;
5577 else if (!strcmp(lpszStructType, szOID_SUBJECT_KEY_IDENTIFIER))
5578 decodeFunc = CRYPT_AsnDecodeOctets;
5579 else if (!strcmp(lpszStructType, szOID_BASIC_CONSTRAINTS))
5580 decodeFunc = CRYPT_AsnDecodeBasicConstraints;
5581 else if (!strcmp(lpszStructType, szOID_BASIC_CONSTRAINTS2))
5582 decodeFunc = CRYPT_AsnDecodeBasicConstraints2;
5583 else if (!strcmp(lpszStructType, szOID_ISSUER_ALT_NAME))
5584 decodeFunc = CRYPT_AsnDecodeAltName;
5585 else if (!strcmp(lpszStructType, szOID_ISSUER_ALT_NAME2))
5586 decodeFunc = CRYPT_AsnDecodeAltName;
5587 else if (!strcmp(lpszStructType, szOID_NEXT_UPDATE_LOCATION))
5588 decodeFunc = CRYPT_AsnDecodeAltName;
5589 else if (!strcmp(lpszStructType, szOID_SUBJECT_ALT_NAME))
5590 decodeFunc = CRYPT_AsnDecodeAltName;
5591 else if (!strcmp(lpszStructType, szOID_SUBJECT_ALT_NAME2))
5592 decodeFunc = CRYPT_AsnDecodeAltName;
5593 else if (!strcmp(lpszStructType, szOID_CRL_DIST_POINTS))
5594 decodeFunc = CRYPT_AsnDecodeCRLDistPoints;
5595 else if (!strcmp(lpszStructType, szOID_CERT_POLICIES))
5596 decodeFunc = CRYPT_AsnDecodeCertPolicies;
5597 else if (!strcmp(lpszStructType, szOID_POLICY_MAPPINGS))
5598 decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
5599 else if (!strcmp(lpszStructType, szOID_ENHANCED_KEY_USAGE))
5600 decodeFunc = CRYPT_AsnDecodeEnhancedKeyUsage;
5601 else if (!strcmp(lpszStructType, szOID_ISSUING_DIST_POINT))
5602 decodeFunc = CRYPT_AsnDecodeIssuingDistPoint;
5603 else if (!strcmp(lpszStructType, szOID_NAME_CONSTRAINTS))
5604 decodeFunc = CRYPT_AsnDecodeNameConstraints;
5605 else if (!strcmp(lpszStructType, szOID_AUTHORITY_INFO_ACCESS))
5606 decodeFunc = CRYPT_AsnDecodeAuthorityInfoAccess;
5607 else if (!strcmp(lpszStructType, szOID_PKIX_POLICY_QUALIFIER_USERNOTICE))
5608 decodeFunc = CRYPT_AsnDecodePolicyQualifierUserNotice;
5609 else if (!strcmp(lpszStructType, szOID_CTL))
5610 decodeFunc = CRYPT_AsnDecodeCTL;
5614 static CryptDecodeObjectFunc CRYPT_LoadDecoderFunc(DWORD dwCertEncodingType,
5615 LPCSTR lpszStructType, HCRYPTOIDFUNCADDR *hFunc)
5617 static HCRYPTOIDFUNCSET set = NULL;
5618 CryptDecodeObjectFunc decodeFunc = NULL;
5621 set = CryptInitOIDFunctionSet(CRYPT_OID_DECODE_OBJECT_FUNC, 0);
5622 CryptGetOIDFunctionAddress(set, dwCertEncodingType, lpszStructType, 0,
5623 (void **)&decodeFunc, hFunc);
5627 static CryptDecodeObjectExFunc CRYPT_LoadDecoderExFunc(DWORD dwCertEncodingType,
5628 LPCSTR lpszStructType, HCRYPTOIDFUNCADDR *hFunc)
5630 static HCRYPTOIDFUNCSET set = NULL;
5631 CryptDecodeObjectExFunc decodeFunc = NULL;
5634 set = CryptInitOIDFunctionSet(CRYPT_OID_DECODE_OBJECT_EX_FUNC, 0);
5635 CryptGetOIDFunctionAddress(set, dwCertEncodingType, lpszStructType, 0,
5636 (void **)&decodeFunc, hFunc);
5640 BOOL WINAPI CryptDecodeObject(DWORD dwCertEncodingType, LPCSTR lpszStructType,
5641 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo,
5642 DWORD *pcbStructInfo)
5645 CryptDecodeObjectFunc pCryptDecodeObject = NULL;
5646 CryptDecodeObjectExFunc pCryptDecodeObjectEx = NULL;
5647 HCRYPTOIDFUNCADDR hFunc = NULL;
5649 TRACE_(crypt)("(0x%08x, %s, %p, %d, 0x%08x, %p, %p)\n", dwCertEncodingType,
5650 debugstr_a(lpszStructType), pbEncoded, cbEncoded, dwFlags,
5651 pvStructInfo, pcbStructInfo);
5653 if (!pvStructInfo && !pcbStructInfo)
5655 SetLastError(ERROR_INVALID_PARAMETER);
5658 if (cbEncoded > MAX_ENCODED_LEN)
5660 SetLastError(CRYPT_E_ASN1_LARGE);
5664 if (!(pCryptDecodeObjectEx = CRYPT_GetBuiltinDecoder(dwCertEncodingType,
5667 TRACE_(crypt)("OID %s not found or unimplemented, looking for DLL\n",
5668 debugstr_a(lpszStructType));
5669 pCryptDecodeObject = CRYPT_LoadDecoderFunc(dwCertEncodingType,
5670 lpszStructType, &hFunc);
5671 if (!pCryptDecodeObject)
5672 pCryptDecodeObjectEx = CRYPT_LoadDecoderExFunc(dwCertEncodingType,
5673 lpszStructType, &hFunc);
5675 if (pCryptDecodeObject)
5676 ret = pCryptDecodeObject(dwCertEncodingType, lpszStructType,
5677 pbEncoded, cbEncoded, dwFlags, pvStructInfo, pcbStructInfo);
5678 else if (pCryptDecodeObjectEx)
5679 ret = pCryptDecodeObjectEx(dwCertEncodingType, lpszStructType,
5680 pbEncoded, cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG, NULL,
5681 pvStructInfo, pcbStructInfo);
5683 CryptFreeOIDFunctionAddress(hFunc, 0);
5684 TRACE_(crypt)("returning %d\n", ret);
5688 BOOL WINAPI CryptDecodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType,
5689 const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
5690 PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
5693 CryptDecodeObjectExFunc decodeFunc;
5694 HCRYPTOIDFUNCADDR hFunc = NULL;
5696 TRACE_(crypt)("(0x%08x, %s, %p, %d, 0x%08x, %p, %p, %p)\n",
5697 dwCertEncodingType, debugstr_a(lpszStructType), pbEncoded,
5698 cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo);
5700 if (!pvStructInfo && !pcbStructInfo)
5702 SetLastError(ERROR_INVALID_PARAMETER);
5705 if (cbEncoded > MAX_ENCODED_LEN)
5707 SetLastError(CRYPT_E_ASN1_LARGE);
5711 SetLastError(NOERROR);
5712 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG && pvStructInfo)
5713 *(BYTE **)pvStructInfo = NULL;
5714 decodeFunc = CRYPT_GetBuiltinDecoder(dwCertEncodingType, lpszStructType);
5717 TRACE_(crypt)("OID %s not found or unimplemented, looking for DLL\n",
5718 debugstr_a(lpszStructType));
5719 decodeFunc = CRYPT_LoadDecoderExFunc(dwCertEncodingType, lpszStructType,
5723 ret = decodeFunc(dwCertEncodingType, lpszStructType, pbEncoded,
5724 cbEncoded, dwFlags, pDecodePara, pvStructInfo, pcbStructInfo);
5727 CryptDecodeObjectFunc pCryptDecodeObject =
5728 CRYPT_LoadDecoderFunc(dwCertEncodingType, lpszStructType, &hFunc);
5730 /* Try CryptDecodeObject function. Don't call CryptDecodeObject
5731 * directly, as that could cause an infinite loop.
5733 if (pCryptDecodeObject)
5735 if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
5737 ret = pCryptDecodeObject(dwCertEncodingType, lpszStructType,
5738 pbEncoded, cbEncoded, dwFlags, NULL, pcbStructInfo);
5739 if (ret && (ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara,
5740 pvStructInfo, pcbStructInfo, *pcbStructInfo)))
5741 ret = pCryptDecodeObject(dwCertEncodingType,
5742 lpszStructType, pbEncoded, cbEncoded, dwFlags,
5743 *(BYTE **)pvStructInfo, pcbStructInfo);
5746 ret = pCryptDecodeObject(dwCertEncodingType, lpszStructType,
5747 pbEncoded, cbEncoded, dwFlags, pvStructInfo, pcbStructInfo);
5751 CryptFreeOIDFunctionAddress(hFunc, 0);
5752 TRACE_(crypt)("returning %d\n", ret);
5756 BOOL WINAPI PFXIsPFXBlob(CRYPT_DATA_BLOB *pPFX)
5760 TRACE_(crypt)("(%p)\n", pPFX);
5762 /* A PFX blob is an asn.1-encoded sequence, consisting of at least a
5763 * version integer of length 1 (3 encoded byes) and at least one other
5764 * datum (two encoded bytes), plus at least two bytes for the outer
5765 * sequence. Thus, even an empty PFX blob is at least 7 bytes in length.
5767 if (pPFX->cbData < 7)
5769 else if (pPFX->pbData[0] == ASN_SEQUENCE)
5773 if ((ret = CRYPT_GetLengthIndefinite(pPFX->pbData, pPFX->cbData, &len)))
5775 BYTE lenLen = GET_LEN_BYTES(pPFX->pbData[1]);
5777 /* Need at least three bytes for the integer version */
5778 if (pPFX->cbData < 1 + lenLen + 3)
5780 else if (pPFX->pbData[1 + lenLen] != ASN_INTEGER || /* Tag */
5781 pPFX->pbData[1 + lenLen + 1] != 1 || /* Definite length */
5782 pPFX->pbData[1 + lenLen + 2] != 3) /* PFX version */
5791 HCERTSTORE WINAPI PFXImportCertStore(CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword,
5794 FIXME_(crypt)("(%p, %p, %08x): stub\n", pPFX, szPassword, dwFlags);
projects / wine / blob