2 * WinTrust Cryptography functions
4 * Copyright 2006 James Hawkins
5 * Copyright 2000-2002 Stuart Caie
6 * Copyright 2002 Patrik Stridvall
7 * Copyright 2003 Greg Turner
8 * Copyright 2008 Juan Lang
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
35 #include "wine/debug.h"
36 #include "wine/unicode.h"
38 WINE_DEFAULT_DEBUG_CHANNEL(wintrust);
40 #define CATADMIN_MAGIC 0x43415441 /* 'CATA' */
41 #define CRYPTCAT_MAGIC 0x43415443 /* 'CATC' */
42 #define CATINFO_MAGIC 0x43415449 /* 'CATI' */
53 CRYPTCATATTRIBUTE *attr;
69 static HCATINFO create_catinfo(const WCHAR *filename)
73 if (!(ci = HeapAlloc(GetProcessHeap(), 0, sizeof(*ci))))
75 SetLastError(ERROR_OUTOFMEMORY);
76 return INVALID_HANDLE_VALUE;
78 strcpyW(ci->file, filename);
79 ci->magic = CATINFO_MAGIC;
83 /***********************************************************************
84 * CryptCATAdminAcquireContext (WINTRUST.@)
86 * Get a catalog administrator context handle.
89 * catAdmin [O] Pointer to the context handle.
90 * sys [I] Pointer to a GUID for the needed subsystem.
91 * dwFlags [I] Reserved.
94 * Success: TRUE. catAdmin contains the context handle.
98 BOOL WINAPI CryptCATAdminAcquireContext(HCATADMIN *catAdmin,
99 const GUID *sys, DWORD dwFlags)
101 static const WCHAR catroot[] =
102 {'\\','c','a','t','r','o','o','t',0};
103 static const WCHAR fmt[] =
104 {'%','s','\\','{','%','0','8','x','-','%','0','4','x','-','%','0',
105 '4','x','-','%','0','2','x','%','0','2','x','-','%','0','2','x',
106 '%','0','2','x','%','0','2','x','%','0','2','x','%','0','2','x',
107 '%','0','2','x','}',0};
108 static const GUID defsys =
109 {0x127d0a1d,0x4ef2,0x11d1,{0x86,0x08,0x00,0xc0,0x4f,0xc2,0x95,0xee}};
111 WCHAR catroot_dir[MAX_PATH];
114 TRACE("%p %s %x\n", catAdmin, debugstr_guid(sys), dwFlags);
118 SetLastError(ERROR_INVALID_PARAMETER);
121 if (!(ca = HeapAlloc(GetProcessHeap(), 0, sizeof(*ca))))
123 SetLastError(ERROR_OUTOFMEMORY);
127 GetSystemDirectoryW(catroot_dir, MAX_PATH);
128 strcatW(catroot_dir, catroot);
130 /* create the directory if it doesn't exist */
131 CreateDirectoryW(catroot_dir, NULL);
133 if (!sys) sys = &defsys;
134 sprintfW(ca->path, fmt, catroot_dir, sys->Data1, sys->Data2,
135 sys->Data3, sys->Data4[0], sys->Data4[1], sys->Data4[2],
136 sys->Data4[3], sys->Data4[4], sys->Data4[5], sys->Data4[6],
139 /* create the directory if it doesn't exist */
140 CreateDirectoryW(ca->path, NULL);
142 ca->magic = CATADMIN_MAGIC;
143 ca->find = INVALID_HANDLE_VALUE;
149 /***********************************************************************
150 * CryptCATAdminAddCatalog (WINTRUST.@)
152 HCATINFO WINAPI CryptCATAdminAddCatalog(HCATADMIN catAdmin, PWSTR catalogFile,
153 PWSTR selectBaseName, DWORD flags)
155 static const WCHAR slashW[] = {'\\',0};
156 struct catadmin *ca = catAdmin;
161 TRACE("%p %s %s %d\n", catAdmin, debugstr_w(catalogFile),
162 debugstr_w(selectBaseName), flags);
166 FIXME("NULL basename not handled\n");
167 SetLastError(ERROR_INVALID_PARAMETER);
170 if (!ca || ca->magic != CATADMIN_MAGIC || !catalogFile || flags)
172 SetLastError(ERROR_INVALID_PARAMETER);
176 len = strlenW(ca->path) + strlenW(selectBaseName) + 2;
177 if (!(target = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR))))
179 SetLastError(ERROR_OUTOFMEMORY);
182 strcpyW(target, ca->path);
183 strcatW(target, slashW);
184 strcatW(target, selectBaseName);
186 if (!CopyFileW(catalogFile, target, FALSE))
188 HeapFree(GetProcessHeap(), 0, target);
191 if (!(ci = HeapAlloc(GetProcessHeap(), 0, sizeof(*ci))))
193 HeapFree(GetProcessHeap(), 0, target);
194 SetLastError(ERROR_OUTOFMEMORY);
197 ci->magic = CATINFO_MAGIC;
198 strcpyW(ci->file, target);
200 HeapFree(GetProcessHeap(), 0, target);
204 /***********************************************************************
205 * CryptCATAdminCalcHashFromFileHandle (WINTRUST.@)
207 BOOL WINAPI CryptCATAdminCalcHashFromFileHandle(HANDLE hFile, DWORD* pcbHash,
208 BYTE* pbHash, DWORD dwFlags )
212 TRACE("%p %p %p %x\n", hFile, pcbHash, pbHash, dwFlags);
214 if (!hFile || !pcbHash || dwFlags)
216 SetLastError(ERROR_INVALID_PARAMETER);
222 SetLastError(ERROR_INSUFFICIENT_BUFFER);
234 if (!(buffer = HeapAlloc(GetProcessHeap(), 0, 4096)))
236 SetLastError(ERROR_OUTOFMEMORY);
239 ret = CryptAcquireContextW(&prov, NULL, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
242 HeapFree(GetProcessHeap(), 0, buffer);
245 ret = CryptCreateHash(prov, CALG_SHA1, 0, 0, &hash);
248 HeapFree(GetProcessHeap(), 0, buffer);
249 CryptReleaseContext(prov, 0);
252 while ((ret = ReadFile(hFile, buffer, 4096, &bytes_read, NULL)) && bytes_read)
254 CryptHashData(hash, buffer, bytes_read, 0);
256 if (ret) ret = CryptGetHashParam(hash, HP_HASHVAL, pbHash, pcbHash, 0);
258 HeapFree(GetProcessHeap(), 0, buffer);
259 CryptDestroyHash(hash);
260 CryptReleaseContext(prov, 0);
265 /***********************************************************************
266 * CryptCATAdminEnumCatalogFromHash (WINTRUST.@)
268 HCATINFO WINAPI CryptCATAdminEnumCatalogFromHash(HCATADMIN hCatAdmin, BYTE* pbHash,
269 DWORD cbHash, DWORD dwFlags,
270 HCATINFO* phPrevCatInfo )
272 static const WCHAR slashW[] = {'\\',0};
273 static const WCHAR globW[] = {'\\','*','.','c','a','t',0};
275 struct catadmin *ca = hCatAdmin;
276 WIN32_FIND_DATAW data;
277 HCATINFO prev = NULL;
282 TRACE("%p %p %d %x %p\n", hCatAdmin, pbHash, cbHash, dwFlags, phPrevCatInfo);
284 if (!ca || ca->magic != CATADMIN_MAGIC || !pbHash || cbHash != 20 || dwFlags)
286 SetLastError(ERROR_INVALID_PARAMETER);
289 if (phPrevCatInfo) prev = *phPrevCatInfo;
291 ret = CryptAcquireContextW(&prov, NULL, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
292 if (!ret) return NULL;
298 size = strlenW(ca->path) * sizeof(WCHAR) + sizeof(globW);
299 if (!(path = HeapAlloc(GetProcessHeap(), 0, size)))
301 CryptReleaseContext(prov, 0);
302 SetLastError(ERROR_OUTOFMEMORY);
305 strcpyW(path, ca->path);
306 strcatW(path, globW);
309 ca->find = FindFirstFileW(path, &data);
311 HeapFree(GetProcessHeap(), 0, path);
312 if (ca->find == INVALID_HANDLE_VALUE)
314 CryptReleaseContext(prov, 0);
318 else if (!FindNextFileW(ca->find, &data))
320 CryptCATAdminReleaseCatalogContext(hCatAdmin, prev, 0);
321 CryptReleaseContext(prov, 0);
328 CRYPTCATMEMBER *member = NULL;
332 size = (strlenW(ca->path) + strlenW(data.cFileName) + 2) * sizeof(WCHAR);
333 if (!(filename = HeapAlloc(GetProcessHeap(), 0, size)))
335 SetLastError(ERROR_OUTOFMEMORY);
338 strcpyW(filename, ca->path);
339 strcatW(filename, slashW);
340 strcatW(filename, data.cFileName);
342 hcat = CryptCATOpen(filename, CRYPTCAT_OPEN_EXISTING, prov, 0, 0);
343 if (hcat == INVALID_HANDLE_VALUE)
345 WARN("couldn't open %s (%u)\n", debugstr_w(filename), GetLastError());
348 while ((member = CryptCATEnumerateMember(hcat, member)))
350 if (member->pIndirectData->Digest.cbData != cbHash)
352 WARN("amount of hash bytes differs: %u/%u\n", member->pIndirectData->Digest.cbData, cbHash);
355 if (!memcmp(member->pIndirectData->Digest.pbData, pbHash, cbHash))
357 TRACE("file %s matches\n", debugstr_w(data.cFileName));
360 CryptReleaseContext(prov, 0);
364 ca->find = INVALID_HANDLE_VALUE;
366 ci = create_catinfo(filename);
367 HeapFree(GetProcessHeap(), 0, filename);
372 HeapFree(GetProcessHeap(), 0, filename);
374 if (!FindNextFileW(ca->find, &data))
377 ca->find = INVALID_HANDLE_VALUE;
378 CryptReleaseContext(prov, 0);
385 /***********************************************************************
386 * CryptCATAdminReleaseCatalogContext (WINTRUST.@)
388 * Release a catalog context handle.
391 * hCatAdmin [I] Context handle.
392 * hCatInfo [I] Catalog handle.
393 * dwFlags [I] Reserved.
400 BOOL WINAPI CryptCATAdminReleaseCatalogContext(HCATADMIN hCatAdmin,
404 struct catinfo *ci = hCatInfo;
405 struct catadmin *ca = hCatAdmin;
407 TRACE("%p %p %x\n", hCatAdmin, hCatInfo, dwFlags);
409 if (!ca || ca->magic != CATADMIN_MAGIC || !ci || ci->magic != CATINFO_MAGIC)
411 SetLastError(ERROR_INVALID_PARAMETER);
415 return HeapFree(GetProcessHeap(), 0, ci);
418 /***********************************************************************
419 * CryptCATAdminReleaseContext (WINTRUST.@)
421 * Release a catalog administrator context handle.
424 * catAdmin [I] Context handle.
425 * dwFlags [I] Reserved.
432 BOOL WINAPI CryptCATAdminReleaseContext(HCATADMIN hCatAdmin, DWORD dwFlags )
434 struct catadmin *ca = hCatAdmin;
436 TRACE("%p %x\n", hCatAdmin, dwFlags);
438 if (!ca || ca->magic != CATADMIN_MAGIC)
440 SetLastError(ERROR_INVALID_PARAMETER);
443 if (ca->find != INVALID_HANDLE_VALUE) FindClose(ca->find);
445 return HeapFree(GetProcessHeap(), 0, ca);
448 /***********************************************************************
449 * CryptCATAdminRemoveCatalog (WINTRUST.@)
451 * Remove a catalog file.
454 * catAdmin [I] Context handle.
455 * pwszCatalogFile [I] Catalog file.
456 * dwFlags [I] Reserved.
463 BOOL WINAPI CryptCATAdminRemoveCatalog(HCATADMIN hCatAdmin, LPCWSTR pwszCatalogFile, DWORD dwFlags)
465 struct catadmin *ca = hCatAdmin;
467 TRACE("%p %s %x\n", hCatAdmin, debugstr_w(pwszCatalogFile), dwFlags);
469 if (!ca || ca->magic != CATADMIN_MAGIC)
471 SetLastError(ERROR_INVALID_PARAMETER);
474 return DeleteFileW(pwszCatalogFile);
477 /***********************************************************************
478 * CryptCATAdminResolveCatalogPath (WINTRUST.@)
480 BOOL WINAPI CryptCATAdminResolveCatalogPath(HCATADMIN hcatadmin, WCHAR *catalog_file,
481 CATALOG_INFO *info, DWORD flags)
483 static const WCHAR slashW[] = {'\\',0};
484 struct catadmin *ca = hcatadmin;
486 TRACE("%p %s %p %x\n", hcatadmin, debugstr_w(catalog_file), info, flags);
488 if (!ca || ca->magic != CATADMIN_MAGIC || !info || info->cbStruct != sizeof(*info) || flags)
490 SetLastError(ERROR_INVALID_PARAMETER);
493 strcpyW(info->wszCatalogFile, ca->path);
494 strcatW(info->wszCatalogFile, slashW);
495 strcatW(info->wszCatalogFile, catalog_file);
500 /***********************************************************************
501 * CryptCATClose (WINTRUST.@)
503 BOOL WINAPI CryptCATClose(HANDLE hCatalog)
505 struct cryptcat *cc = hCatalog;
507 TRACE("(%p)\n", hCatalog);
509 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
511 SetLastError(ERROR_INVALID_PARAMETER);
514 HeapFree(GetProcessHeap(), 0, cc->attr);
515 HeapFree(GetProcessHeap(), 0, cc->inner);
516 CryptMsgClose(cc->msg);
519 HeapFree(GetProcessHeap(), 0, cc);
523 /***********************************************************************
524 * CryptCATGetAttrInfo (WINTRUST.@)
526 CRYPTCATATTRIBUTE * WINAPI CryptCATGetAttrInfo(HANDLE hCatalog, CRYPTCATMEMBER *member, LPWSTR tag)
528 struct cryptcat *cc = hCatalog;
530 FIXME("%p, %p, %s\n", hCatalog, member, debugstr_w(tag));
532 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
534 SetLastError(ERROR_INVALID_PARAMETER);
537 SetLastError(CRYPT_E_NOT_FOUND);
541 /***********************************************************************
542 * CryptCATGetCatAttrInfo (WINTRUST.@)
544 CRYPTCATATTRIBUTE * WINAPI CryptCATGetCatAttrInfo(HANDLE hCatalog, LPWSTR tag)
546 struct cryptcat *cc = hCatalog;
548 FIXME("%p, %s\n", hCatalog, debugstr_w(tag));
550 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
552 SetLastError(ERROR_INVALID_PARAMETER);
555 SetLastError(CRYPT_E_NOT_FOUND);
559 CRYPTCATMEMBER * WINAPI CryptCATGetMemberInfo(HANDLE hCatalog, LPWSTR tag)
561 struct cryptcat *cc = hCatalog;
563 FIXME("%p, %s\n", hCatalog, debugstr_w(tag));
565 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
567 SetLastError(ERROR_INVALID_PARAMETER);
570 SetLastError(CRYPT_E_NOT_FOUND);
574 /***********************************************************************
575 * CryptCATEnumerateAttr (WINTRUST.@)
577 CRYPTCATATTRIBUTE * WINAPI CryptCATEnumerateAttr(HANDLE hCatalog, CRYPTCATMEMBER *member, CRYPTCATATTRIBUTE *prev)
579 struct cryptcat *cc = hCatalog;
581 FIXME("%p, %p, %p\n", hCatalog, member, prev);
583 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
585 SetLastError(ERROR_INVALID_PARAMETER);
588 SetLastError(CRYPT_E_NOT_FOUND);
592 /***********************************************************************
593 * CryptCATEnumerateCatAttr (WINTRUST.@)
595 CRYPTCATATTRIBUTE * WINAPI CryptCATEnumerateCatAttr(HANDLE hCatalog, CRYPTCATATTRIBUTE *prev)
597 struct cryptcat *cc = hCatalog;
599 FIXME("%p, %p\n", hCatalog, prev);
601 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
603 SetLastError(ERROR_INVALID_PARAMETER);
606 SetLastError(CRYPT_E_NOT_FOUND);
610 /***********************************************************************
611 * CryptCATEnumerateMember (WINTRUST.@)
613 CRYPTCATMEMBER * WINAPI CryptCATEnumerateMember(HANDLE hCatalog, CRYPTCATMEMBER *prev)
615 struct cryptcat *cc = hCatalog;
616 CRYPTCATMEMBER *member = prev;
620 TRACE("%p, %p\n", hCatalog, prev);
622 if (!hCatalog || hCatalog == INVALID_HANDLE_VALUE || cc->magic != CRYPTCAT_MAGIC)
624 SetLastError(ERROR_INVALID_PARAMETER);
628 /* dumping the contents makes me think that dwReserved is the iteration number */
631 if (!(member = HeapAlloc(GetProcessHeap(), 0, sizeof(*member))))
633 SetLastError(ERROR_OUTOFMEMORY);
636 member->cbStruct = sizeof(*member);
637 member->pwszFileName = member->pwszReferenceTag = NULL;
638 member->dwReserved = 0;
639 member->hReserved = NULL;
640 member->gSubjectType = cc->subject;
641 member->fdwMemberFlags = 0;
642 member->pIndirectData = NULL;
643 member->dwCertVersion = cc->inner->dwVersion;
645 else member->dwReserved++;
647 if (member->dwReserved >= cc->inner->cCTLEntry)
649 SetLastError(ERROR_INVALID_PARAMETER);
653 /* list them backwards, like native */
654 entry = &cc->inner->rgCTLEntry[cc->inner->cCTLEntry - member->dwReserved - 1];
656 member->sEncodedIndirectData.cbData = member->sEncodedMemberInfo.cbData = 0;
657 member->sEncodedIndirectData.pbData = member->sEncodedMemberInfo.pbData = NULL;
658 HeapFree(GetProcessHeap(), 0, member->pIndirectData);
659 member->pIndirectData = NULL;
661 for (i = 0; i < entry->cAttribute; i++)
663 CRYPT_ATTRIBUTE *attr = entry->rgAttribute + i;
665 if (attr->cValue != 1)
667 ERR("Can't handle attr->cValue of %u\n", attr->cValue);
670 if (!strcmp(attr->pszObjId, CAT_MEMBERINFO_OBJID))
675 member->sEncodedMemberInfo.cbData = attr->rgValue->cbData;
676 member->sEncodedMemberInfo.pbData = attr->rgValue->pbData;
678 CryptDecodeObject(cc->encoding, CAT_MEMBERINFO_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, NULL, &size);
680 if (!(mi = HeapAlloc(GetProcessHeap(), 0, size)))
682 SetLastError(ERROR_OUTOFMEMORY);
685 ret = CryptDecodeObject(cc->encoding, CAT_MEMBERINFO_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, mi, &size);
690 member->dwCertVersion = mi->dwCertVersion;
691 RtlInitUnicodeString(&guid, mi->pwszSubjGuid);
692 if (RtlGUIDFromString(&guid, &member->gSubjectType))
694 HeapFree(GetProcessHeap(), 0, mi);
698 HeapFree(GetProcessHeap(), 0, mi);
699 if (!ret) goto error;
701 else if (!strcmp(attr->pszObjId, SPC_INDIRECT_DATA_OBJID))
703 /* SPC_INDIRECT_DATA_CONTENT is equal to SIP_INDIRECT_DATA */
705 member->sEncodedIndirectData.cbData = attr->rgValue->cbData;
706 member->sEncodedIndirectData.pbData = attr->rgValue->pbData;
708 CryptDecodeObject(cc->encoding, SPC_INDIRECT_DATA_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, NULL, &size);
710 if (!(member->pIndirectData = HeapAlloc(GetProcessHeap(), 0, size)))
712 SetLastError(ERROR_OUTOFMEMORY);
715 CryptDecodeObject(cc->encoding, SPC_INDIRECT_DATA_OBJID, attr->rgValue->pbData, attr->rgValue->cbData, 0, member->pIndirectData, &size);
718 /* this object id should probably be handled in CryptCATEnumerateAttr */
719 FIXME("unhandled object id \"%s\"\n", attr->pszObjId);
722 if (!member->sEncodedMemberInfo.cbData || !member->sEncodedIndirectData.cbData)
724 ERR("Corrupted catalog entry?\n");
725 SetLastError(CRYPT_E_ATTRIBUTES_MISSING);
728 size = (2 * member->pIndirectData->Digest.cbData + 1) * sizeof(WCHAR);
729 if (member->pwszReferenceTag)
730 member->pwszReferenceTag = HeapReAlloc(GetProcessHeap(), 0, member->pwszReferenceTag, size);
732 member->pwszReferenceTag = HeapAlloc(GetProcessHeap(), 0, size);
734 if (!member->pwszReferenceTag)
736 SetLastError(ERROR_OUTOFMEMORY);
739 /* FIXME: reference tag is usually the file hash but doesn't have to be */
740 for (i = 0; i < member->pIndirectData->Digest.cbData; i++)
744 sub = member->pIndirectData->Digest.pbData[i] >> 4;
745 member->pwszReferenceTag[i * 2] = (sub < 10 ? '0' + sub : 'A' + sub - 10);
746 sub = member->pIndirectData->Digest.pbData[i] & 0xf;
747 member->pwszReferenceTag[i * 2 + 1] = (sub < 10 ? '0' + sub : 'A' + sub - 10);
749 member->pwszReferenceTag[i * 2] = 0;
753 HeapFree(GetProcessHeap(), 0, member->pIndirectData);
754 HeapFree(GetProcessHeap(), 0, member->pwszReferenceTag);
755 HeapFree(GetProcessHeap(), 0, member);
759 static CTL_INFO *decode_inner_content(HANDLE hmsg, DWORD encoding, DWORD *len)
764 CTL_INFO *inner = NULL;
766 if (!CryptMsgGetParam(hmsg, CMSG_INNER_CONTENT_TYPE_PARAM, 0, NULL, &size)) return NULL;
767 if (!(oid = HeapAlloc(GetProcessHeap(), 0, size)))
769 SetLastError(ERROR_OUTOFMEMORY);
772 if (!CryptMsgGetParam(hmsg, CMSG_INNER_CONTENT_TYPE_PARAM, 0, oid, &size)) goto out;
773 if (!CryptMsgGetParam(hmsg, CMSG_CONTENT_PARAM, 0, NULL, &size)) goto out;
774 if (!(buffer = HeapAlloc(GetProcessHeap(), 0, size)))
776 SetLastError(ERROR_OUTOFMEMORY);
779 if (!CryptMsgGetParam(hmsg, CMSG_CONTENT_PARAM, 0, buffer, &size)) goto out;
780 if (!CryptDecodeObject(encoding, oid, buffer, size, 0, NULL, &size)) goto out;
781 if (!(inner = HeapAlloc(GetProcessHeap(), 0, size)))
783 SetLastError(ERROR_OUTOFMEMORY);
786 if (!CryptDecodeObject(encoding, oid, buffer, size, 0, inner, &size)) goto out;
790 HeapFree(GetProcessHeap(), 0, oid);
791 HeapFree(GetProcessHeap(), 0, buffer);
795 /***********************************************************************
796 * CryptCATCatalogInfoFromContext (WINTRUST.@)
798 BOOL WINAPI CryptCATCatalogInfoFromContext(HCATINFO hcatinfo, CATALOG_INFO *info, DWORD flags)
800 struct catinfo *ci = hcatinfo;
802 TRACE("%p, %p, %x\n", hcatinfo, info, flags);
804 if (!hcatinfo || hcatinfo == INVALID_HANDLE_VALUE || ci->magic != CATINFO_MAGIC ||
805 flags || !info || info->cbStruct != sizeof(*info))
807 SetLastError(ERROR_INVALID_PARAMETER);
810 strcpyW(info->wszCatalogFile, ci->file);
814 /***********************************************************************
815 * CryptCATOpen (WINTRUST.@)
817 HANDLE WINAPI CryptCATOpen(LPWSTR pwszFileName, DWORD fdwOpenFlags, HCRYPTPROV hProv,
818 DWORD dwPublicVersion, DWORD dwEncodingType)
822 DWORD size, flags = OPEN_EXISTING;
825 TRACE("%s, %x, %lx, %x, %x\n", debugstr_w(pwszFileName), fdwOpenFlags,
826 hProv, dwPublicVersion, dwEncodingType);
830 SetLastError(ERROR_INVALID_PARAMETER);
831 return INVALID_HANDLE_VALUE;
834 if (!dwPublicVersion) dwPublicVersion = 0x00000100;
835 if (!dwEncodingType) dwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
837 if (fdwOpenFlags & CRYPTCAT_OPEN_ALWAYS) flags |= OPEN_ALWAYS;
838 if (fdwOpenFlags & CRYPTCAT_OPEN_CREATENEW) flags |= CREATE_NEW;
840 file = CreateFileW(pwszFileName, GENERIC_READ, FILE_SHARE_READ, NULL, flags, 0, NULL);
841 if (file == INVALID_HANDLE_VALUE) return INVALID_HANDLE_VALUE;
843 size = GetFileSize(file, NULL);
844 if (!(buffer = HeapAlloc(GetProcessHeap(), 0, size)))
847 SetLastError(ERROR_OUTOFMEMORY);
848 return INVALID_HANDLE_VALUE;
850 if (!(hmsg = CryptMsgOpenToDecode(dwEncodingType, 0, 0, hProv, NULL, NULL)))
853 HeapFree(GetProcessHeap(), 0, buffer);
854 return INVALID_HANDLE_VALUE;
856 if (!ReadFile(file, buffer, size, &size, NULL) || !CryptMsgUpdate(hmsg, buffer, size, TRUE))
859 HeapFree(GetProcessHeap(), 0, buffer);
861 return INVALID_HANDLE_VALUE;
863 HeapFree(GetProcessHeap(), 0, buffer);
866 size = sizeof(DWORD);
867 if (!(cc = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*cc))))
870 SetLastError(ERROR_OUTOFMEMORY);
871 return INVALID_HANDLE_VALUE;
875 cc->encoding = dwEncodingType;
876 if (CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_COUNT_PARAM, 0, &cc->attr_count, &size))
881 for (i = 0; i < cc->attr_count; i++)
883 if (!CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_PARAM, i, NULL, &size))
886 return INVALID_HANDLE_VALUE;
890 if (!(cc->attr = HeapAlloc(GetProcessHeap(), 0, sizeof(*cc->attr) * cc->attr_count + sum)))
893 SetLastError(ERROR_OUTOFMEMORY);
894 return INVALID_HANDLE_VALUE;
896 p = (BYTE *)(cc->attr + cc->attr_count);
897 for (i = 0; i < cc->attr_count; i++)
899 if (!CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_PARAM, i, NULL, &size))
902 HeapFree(GetProcessHeap(), 0, cc->attr);
903 return INVALID_HANDLE_VALUE;
905 if (!CryptMsgGetParam(hmsg, CMSG_ATTR_CERT_PARAM, i, p, &size))
908 HeapFree(GetProcessHeap(), 0, cc->attr);
909 return INVALID_HANDLE_VALUE;
913 cc->inner = decode_inner_content(hmsg, dwEncodingType, &cc->inner_len);
914 if (!cc->inner || !CryptSIPRetrieveSubjectGuid(pwszFileName, NULL, &cc->subject))
917 HeapFree(GetProcessHeap(), 0, cc->attr);
918 HeapFree(GetProcessHeap(), 0, cc->inner);
919 HeapFree(GetProcessHeap(), 0, cc);
920 return INVALID_HANDLE_VALUE;
922 cc->magic = CRYPTCAT_MAGIC;
925 return INVALID_HANDLE_VALUE;
928 /***********************************************************************
929 * CryptSIPCreateIndirectData (WINTRUST.@)
931 BOOL WINAPI CryptSIPCreateIndirectData(SIP_SUBJECTINFO* pSubjectInfo, DWORD* pcbIndirectData,
932 SIP_INDIRECT_DATA* pIndirectData)
934 FIXME("(%p %p %p) stub\n", pSubjectInfo, pcbIndirectData, pIndirectData);
939 static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
940 DWORD *pdwEncodingType, DWORD dwIndex, DWORD *pcbSignedDataMsg,
941 BYTE *pbSignedDataMsg)
944 WIN_CERTIFICATE *pCert = NULL;
946 TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
947 pcbSignedDataMsg, pbSignedDataMsg);
949 if (!pbSignedDataMsg)
951 WIN_CERTIFICATE cert;
953 /* app hasn't passed buffer, just get the length */
954 ret = ImageGetCertificateHeader(pSubjectInfo->hFile, dwIndex, &cert);
956 *pcbSignedDataMsg = cert.dwLength;
962 ret = ImageGetCertificateData(pSubjectInfo->hFile, dwIndex, NULL, &len);
963 if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
965 pCert = HeapAlloc(GetProcessHeap(), 0, len);
971 ret = ImageGetCertificateData(pSubjectInfo->hFile, dwIndex, pCert,
975 if (*pcbSignedDataMsg < pCert->dwLength)
977 *pcbSignedDataMsg = pCert->dwLength;
978 SetLastError(ERROR_INSUFFICIENT_BUFFER);
983 memcpy(pbSignedDataMsg, pCert->bCertificate, pCert->dwLength);
984 switch (pCert->wCertificateType)
986 case WIN_CERT_TYPE_X509:
987 *pdwEncodingType = X509_ASN_ENCODING;
989 case WIN_CERT_TYPE_PKCS_SIGNED_DATA:
990 *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
993 FIXME("don't know what to do for encoding type %d\n",
994 pCert->wCertificateType);
995 *pdwEncodingType = 0;
1000 HeapFree(GetProcessHeap(), 0, pCert);
1004 /* structure offsets */
1005 #define cfhead_Signature (0x00)
1006 #define cfhead_CabinetSize (0x08)
1007 #define cfhead_MinorVersion (0x18)
1008 #define cfhead_MajorVersion (0x19)
1009 #define cfhead_Flags (0x1E)
1010 #define cfhead_SIZEOF (0x24)
1011 #define cfheadext_HeaderReserved (0x00)
1012 #define cfheadext_SIZEOF (0x04)
1013 #define cfsigninfo_CertOffset (0x04)
1014 #define cfsigninfo_CertSize (0x08)
1015 #define cfsigninfo_SIZEOF (0x0C)
1018 #define cfheadRESERVE_PRESENT (0x0004)
1020 /* endian-neutral reading of little-endian data */
1021 #define EndGetI32(a) ((((a)[3])<<24)|(((a)[2])<<16)|(((a)[1])<<8)|((a)[0]))
1022 #define EndGetI16(a) ((((a)[1])<<8)|((a)[0]))
1024 /* For documentation purposes only: this is the structure in the reserved
1025 * area of a signed cabinet file. The cert offset indicates where in the
1026 * cabinet file the signature resides, and the count indicates its size.
1028 typedef struct _CAB_SIGNINFO
1030 WORD unk0; /* always 0? */
1031 WORD unk1; /* always 0x0010? */
1034 } CAB_SIGNINFO, *PCAB_SIGNINFO;
1036 static BOOL WINTRUST_GetSignedMsgFromCabFile(SIP_SUBJECTINFO *pSubjectInfo,
1037 DWORD *pdwEncodingType, DWORD dwIndex, DWORD *pcbSignedDataMsg,
1038 BYTE *pbSignedDataMsg)
1041 LONG base_offset, cabsize;
1044 DWORD cert_offset, cert_size, dwRead;
1046 TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1047 pcbSignedDataMsg, pbSignedDataMsg);
1050 * FIXME: I just noticed that I am memorizing the initial file pointer
1051 * offset and restoring it before reading in the rest of the header
1052 * information in the cabinet. Perhaps that's correct -- that is, perhaps
1053 * this API is supposed to support "streaming" cabinets which are embedded
1054 * in other files, or cabinets which begin at file offsets other than zero.
1055 * Otherwise, I should instead go to the absolute beginning of the file.
1056 * (Either way, the semantics of wine's FDICopy require me to leave the
1057 * file pointer where it is afterwards -- If Windows does not do so, we
1058 * ought to duplicate the native behavior in the FDIIsCabinet API, not here.
1060 * So, the answer lies in Windows; will native cabinet.dll recognize a
1061 * cabinet "file" embedded in another file? Note that cabextract.c does
1062 * support this, which implies that Microsoft's might. I haven't tried it
1063 * yet so I don't know. ATM, most of wine's FDI cabinet routines (except
1064 * this one) would not work in this way. To fix it, we could just make the
1065 * various references to absolute file positions in the code relative to an
1066 * initial "beginning" offset. Because the FDICopy API doesn't take a
1067 * file-handle like this one, we would therein need to search through the
1068 * file for the beginning of the cabinet (as we also do in cabextract.c).
1069 * Note that this limits us to a maximum of one cabinet per. file: the first.
1071 * So, in summary: either the code below is wrong, or the rest of fdi.c is
1072 * wrong... I cannot imagine that both are correct ;) One of these flaws
1073 * should be fixed after determining the behavior on Windows. We ought
1074 * to check both FDIIsCabinet and FDICopy for the right behavior.
1079 /* get basic offset & size info */
1080 base_offset = SetFilePointer(pSubjectInfo->hFile, 0L, NULL, SEEK_CUR);
1082 if (SetFilePointer(pSubjectInfo->hFile, 0, NULL, SEEK_END) == INVALID_SET_FILE_POINTER)
1084 TRACE("seek error\n");
1088 cabsize = SetFilePointer(pSubjectInfo->hFile, 0L, NULL, SEEK_CUR);
1089 if ((cabsize == -1) || (base_offset == -1) ||
1090 (SetFilePointer(pSubjectInfo->hFile, base_offset, NULL, SEEK_SET) == INVALID_SET_FILE_POINTER))
1092 TRACE("seek error\n");
1096 /* read in the CFHEADER */
1097 if (!ReadFile(pSubjectInfo->hFile, buf, cfhead_SIZEOF, &dwRead, NULL) ||
1098 dwRead != cfhead_SIZEOF)
1100 TRACE("reading header failed\n");
1104 /* check basic MSCF signature */
1105 if (EndGetI32(buf+cfhead_Signature) != 0x4643534d)
1107 WARN("cabinet signature not present\n");
1111 /* Ignore the number of folders and files and the set and cabinet IDs */
1113 /* check the header revision */
1114 if ((buf[cfhead_MajorVersion] > 1) ||
1115 (buf[cfhead_MajorVersion] == 1 && buf[cfhead_MinorVersion] > 3))
1117 WARN("cabinet format version > 1.3\n");
1121 /* pull the flags out */
1122 flags = EndGetI16(buf+cfhead_Flags);
1124 if (!(flags & cfheadRESERVE_PRESENT))
1126 TRACE("no header present, not signed\n");
1130 if (!ReadFile(pSubjectInfo->hFile, buf, cfheadext_SIZEOF, &dwRead, NULL) ||
1131 dwRead != cfheadext_SIZEOF)
1133 ERR("bunk reserve-sizes?\n");
1137 header_resv = EndGetI16(buf+cfheadext_HeaderReserved);
1140 TRACE("no header_resv, not signed\n");
1143 else if (header_resv < cfsigninfo_SIZEOF)
1145 TRACE("header_resv too small, not signed\n");
1149 if (header_resv > 60000)
1151 WARN("WARNING; header reserved space > 60000\n");
1154 if (!ReadFile(pSubjectInfo->hFile, buf, cfsigninfo_SIZEOF, &dwRead, NULL) ||
1155 dwRead != cfsigninfo_SIZEOF)
1157 ERR("couldn't read reserve\n");
1161 cert_offset = EndGetI32(buf+cfsigninfo_CertOffset);
1162 TRACE("cert_offset: %d\n", cert_offset);
1163 cert_size = EndGetI32(buf+cfsigninfo_CertSize);
1164 TRACE("cert_size: %d\n", cert_size);
1166 /* The redundant checks are to avoid wraparound */
1167 if (cert_offset > cabsize || cert_size > cabsize ||
1168 cert_offset + cert_size > cabsize)
1170 WARN("offset beyond file, not attempting to read\n");
1174 SetFilePointer(pSubjectInfo->hFile, base_offset, NULL, SEEK_SET);
1175 if (!pbSignedDataMsg)
1177 *pcbSignedDataMsg = cert_size;
1180 if (*pcbSignedDataMsg < cert_size)
1182 *pcbSignedDataMsg = cert_size;
1183 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1186 if (SetFilePointer(pSubjectInfo->hFile, cert_offset, NULL, SEEK_SET) == INVALID_SET_FILE_POINTER)
1188 ERR("couldn't seek to cert location\n");
1191 if (!ReadFile(pSubjectInfo->hFile, pbSignedDataMsg, cert_size, &dwRead,
1192 NULL) || dwRead != cert_size)
1194 ERR("couldn't read cert\n");
1197 /* The encoding of the files I've seen appears to be in ASN.1
1198 * format, and there isn't a field indicating the type, so assume it
1201 *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
1205 static BOOL WINTRUST_GetSignedMsgFromCatFile(SIP_SUBJECTINFO *pSubjectInfo,
1206 DWORD *pdwEncodingType, DWORD dwIndex, DWORD *pcbSignedDataMsg,
1207 BYTE *pbSignedDataMsg)
1211 TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1212 pcbSignedDataMsg, pbSignedDataMsg);
1214 if (!pbSignedDataMsg)
1216 *pcbSignedDataMsg = GetFileSize(pSubjectInfo->hFile, NULL);
1221 DWORD len = GetFileSize(pSubjectInfo->hFile, NULL);
1223 if (*pcbSignedDataMsg < len)
1225 *pcbSignedDataMsg = len;
1226 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1231 ret = ReadFile(pSubjectInfo->hFile, pbSignedDataMsg, len,
1232 pcbSignedDataMsg, NULL);
1234 *pdwEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
1240 /***********************************************************************
1241 * CryptSIPGetSignedDataMsg (WINTRUST.@)
1243 BOOL WINAPI CryptSIPGetSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo, DWORD* pdwEncodingType,
1244 DWORD dwIndex, DWORD* pcbSignedDataMsg, BYTE* pbSignedDataMsg)
1246 static const GUID unknown = { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,
1247 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
1248 static const GUID cabGUID = { 0xC689AABA, 0x8E78, 0x11D0, { 0x8C,0x47,
1249 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
1250 static const GUID catGUID = { 0xDE351A43, 0x8E59, 0x11D0, { 0x8C,0x47,
1251 0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
1254 TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
1255 pcbSignedDataMsg, pbSignedDataMsg);
1257 if (!memcmp(pSubjectInfo->pgSubjectType, &unknown, sizeof(unknown)))
1258 ret = WINTRUST_GetSignedMsgFromPEFile(pSubjectInfo, pdwEncodingType,
1259 dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
1260 else if (!memcmp(pSubjectInfo->pgSubjectType, &cabGUID, sizeof(cabGUID)))
1261 ret = WINTRUST_GetSignedMsgFromCabFile(pSubjectInfo, pdwEncodingType,
1262 dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
1263 else if (!memcmp(pSubjectInfo->pgSubjectType, &catGUID, sizeof(catGUID)))
1264 ret = WINTRUST_GetSignedMsgFromCatFile(pSubjectInfo, pdwEncodingType,
1265 dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
1268 FIXME("unimplemented for subject type %s\n",
1269 debugstr_guid(pSubjectInfo->pgSubjectType));
1273 TRACE("returning %d\n", ret);
1277 /***********************************************************************
1278 * CryptSIPPutSignedDataMsg (WINTRUST.@)
1280 BOOL WINAPI CryptSIPPutSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo, DWORD pdwEncodingType,
1281 DWORD* pdwIndex, DWORD cbSignedDataMsg, BYTE* pbSignedDataMsg)
1283 FIXME("(%p %d %p %d %p) stub\n", pSubjectInfo, pdwEncodingType, pdwIndex,
1284 cbSignedDataMsg, pbSignedDataMsg);
1289 /***********************************************************************
1290 * CryptSIPRemoveSignedDataMsg (WINTRUST.@)
1292 BOOL WINAPI CryptSIPRemoveSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo,
1295 FIXME("(%p %d) stub\n", pSubjectInfo, dwIndex);
1300 /***********************************************************************
1301 * CryptSIPVerifyIndirectData (WINTRUST.@)
1303 BOOL WINAPI CryptSIPVerifyIndirectData(SIP_SUBJECTINFO* pSubjectInfo,
1304 SIP_INDIRECT_DATA* pIndirectData)
1306 FIXME("(%p %p) stub\n", pSubjectInfo, pIndirectData);
projects / wine / blob