2 * Copyright 2007 Juan Lang
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
24 #include "wine/debug.h"
25 #include "wine/exception.h"
26 #include "crypt32_private.h"
28 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
30 /* Called when a message's ref count reaches zero. Free any message-specific
33 typedef void (*CryptMsgCloseFunc)(HCRYPTMSG msg);
35 typedef BOOL (*CryptMsgGetParamFunc)(HCRYPTMSG hCryptMsg, DWORD dwParamType,
36 DWORD dwIndex, void *pvData, DWORD *pcbData);
38 typedef BOOL (*CryptMsgUpdateFunc)(HCRYPTMSG hCryptMsg, const BYTE *pbData,
39 DWORD cbData, BOOL fFinal);
41 typedef BOOL (*CryptMsgControlFunc)(HCRYPTMSG hCryptMsg, DWORD dwFlags,
42 DWORD dwCtrlType, const void *pvCtrlPara);
44 BOOL CRYPT_DefaultMsgControl(HCRYPTMSG hCryptMsg, DWORD dwFlags,
45 DWORD dwCtrlType, const void *pvCtrlPara)
47 TRACE("(%p, %08x, %d, %p)\n", hCryptMsg, dwFlags, dwCtrlType, pvCtrlPara);
48 SetLastError(E_INVALIDARG);
52 typedef enum _CryptMsgState {
55 MsgStateDataFinalized,
59 typedef struct _CryptMsgBase
64 CMSG_STREAM_INFO stream_info;
66 CryptMsgCloseFunc close;
67 CryptMsgUpdateFunc update;
68 CryptMsgGetParamFunc get_param;
69 CryptMsgControlFunc control;
72 static inline void CryptMsgBase_Init(CryptMsgBase *msg, DWORD dwFlags,
73 PCMSG_STREAM_INFO pStreamInfo, CryptMsgCloseFunc close,
74 CryptMsgGetParamFunc get_param, CryptMsgUpdateFunc update,
75 CryptMsgControlFunc control)
78 msg->open_flags = dwFlags;
82 msg->stream_info = *pStreamInfo;
86 msg->streamed = FALSE;
87 memset(&msg->stream_info, 0, sizeof(msg->stream_info));
90 msg->get_param = get_param;
92 msg->control = control;
93 msg->state = MsgStateInit;
96 typedef struct _CDataEncodeMsg
99 DWORD bare_content_len;
103 static const BYTE empty_data_content[] = { 0x04,0x00 };
105 static void CDataEncodeMsg_Close(HCRYPTMSG hCryptMsg)
107 CDataEncodeMsg *msg = (CDataEncodeMsg *)hCryptMsg;
109 if (msg->bare_content != empty_data_content)
110 LocalFree(msg->bare_content);
113 static BOOL WINAPI CRYPT_EncodeContentLength(DWORD dwCertEncodingType,
114 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
115 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
117 DWORD dataLen = *(DWORD *)pvStructInfo;
121 /* Trick: report bytes needed based on total message length, even though
122 * the message isn't available yet. The caller will use the length
123 * reported here to encode its length.
125 CRYPT_EncodeLen(dataLen, NULL, &lenBytes);
127 *pcbEncoded = 1 + lenBytes + dataLen;
130 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara, pbEncoded,
131 pcbEncoded, 1 + lenBytes)))
133 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
134 pbEncoded = *(BYTE **)pbEncoded;
135 *pbEncoded++ = ASN_OCTETSTRING;
136 CRYPT_EncodeLen(dataLen, pbEncoded,
143 static BOOL CRYPT_EncodeDataContentInfoHeader(CDataEncodeMsg *msg,
144 CRYPT_DATA_BLOB *header)
148 if (msg->base.streamed && msg->base.stream_info.cbContent == 0xffffffff)
150 static const BYTE headerValue[] = { 0x30,0x80,0x06,0x09,0x2a,0x86,0x48,
151 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x80,0x24,0x80 };
153 header->pbData = LocalAlloc(0, sizeof(headerValue));
156 header->cbData = sizeof(headerValue);
157 memcpy(header->pbData, headerValue, sizeof(headerValue));
165 struct AsnConstructedItem constructed = { 0,
166 &msg->base.stream_info.cbContent, CRYPT_EncodeContentLength };
167 struct AsnEncodeSequenceItem items[2] = {
168 { szOID_RSA_data, CRYPT_AsnEncodeOid, 0 },
169 { &constructed, CRYPT_AsnEncodeConstructed, 0 },
172 ret = CRYPT_AsnEncodeSequence(X509_ASN_ENCODING, items,
173 sizeof(items) / sizeof(items[0]), CRYPT_ENCODE_ALLOC_FLAG, NULL,
174 (LPBYTE)&header->pbData, &header->cbData);
177 /* Trick: subtract the content length from the reported length,
178 * as the actual content hasn't come yet.
180 header->cbData -= msg->base.stream_info.cbContent;
186 static BOOL CDataEncodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
187 DWORD cbData, BOOL fFinal)
189 CDataEncodeMsg *msg = (CDataEncodeMsg *)hCryptMsg;
192 if (msg->base.state == MsgStateFinalized)
193 SetLastError(CRYPT_E_MSG_ERROR);
194 else if (msg->base.streamed)
198 if (msg->base.state != MsgStateUpdated)
200 CRYPT_DATA_BLOB header;
202 ret = CRYPT_EncodeDataContentInfoHeader(msg, &header);
205 ret = msg->base.stream_info.pfnStreamOutput(
206 msg->base.stream_info.pvArg, header.pbData, header.cbData,
208 LocalFree(header.pbData);
211 /* Curiously, every indefinite-length streamed update appears to
212 * get its own tag and length, regardless of fFinal.
214 if (msg->base.stream_info.cbContent == 0xffffffff)
219 ret = CRYPT_EncodeContentLength(X509_ASN_ENCODING, NULL,
220 &cbData, CRYPT_ENCODE_ALLOC_FLAG, NULL, (BYTE *)&header,
224 ret = msg->base.stream_info.pfnStreamOutput(
225 msg->base.stream_info.pvArg, header, headerLen,
232 ret = msg->base.stream_info.pfnStreamOutput(
233 msg->base.stream_info.pvArg, (BYTE *)pbData, cbData,
235 msg->base.state = MsgStateUpdated;
239 msg->base.state = MsgStateFinalized;
240 if (msg->base.stream_info.cbContent == 0xffffffff)
242 BYTE indefinite_trailer[6] = { 0 };
244 ret = msg->base.stream_info.pfnStreamOutput(
245 msg->base.stream_info.pvArg, (BYTE *)pbData, cbData,
248 ret = msg->base.stream_info.pfnStreamOutput(
249 msg->base.stream_info.pvArg, indefinite_trailer,
250 sizeof(indefinite_trailer), TRUE);
253 ret = msg->base.stream_info.pfnStreamOutput(
254 msg->base.stream_info.pvArg, (BYTE *)pbData, cbData, TRUE);
259 SetLastError(STATUS_ACCESS_VIOLATION);
268 if (msg->base.open_flags & CMSG_DETACHED_FLAG)
269 SetLastError(E_INVALIDARG);
271 SetLastError(CRYPT_E_MSG_ERROR);
275 msg->base.state = MsgStateFinalized;
277 SetLastError(E_INVALIDARG);
280 CRYPT_DATA_BLOB blob = { cbData, (LPBYTE)pbData };
282 /* non-streamed data messages don't allow non-final updates,
283 * don't bother checking whether data already exist, they can't.
285 ret = CryptEncodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
286 &blob, CRYPT_ENCODE_ALLOC_FLAG, NULL, &msg->bare_content,
287 &msg->bare_content_len);
294 static BOOL CRYPT_CopyParam(void *pvData, DWORD *pcbData, const void *src,
301 else if (*pcbData < len)
304 SetLastError(ERROR_MORE_DATA);
310 memcpy(pvData, src, len);
315 static BOOL CDataEncodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
316 DWORD dwIndex, void *pvData, DWORD *pcbData)
318 CDataEncodeMsg *msg = (CDataEncodeMsg *)hCryptMsg;
323 case CMSG_CONTENT_PARAM:
324 if (msg->base.streamed)
325 SetLastError(E_INVALIDARG);
328 CRYPT_CONTENT_INFO info;
329 char rsa_data[] = "1.2.840.113549.1.7.1";
331 info.pszObjId = rsa_data;
332 info.Content.cbData = msg->bare_content_len;
333 info.Content.pbData = msg->bare_content;
334 ret = CryptEncodeObject(X509_ASN_ENCODING, PKCS_CONTENT_INFO, &info,
338 case CMSG_BARE_CONTENT_PARAM:
339 if (msg->base.streamed)
340 SetLastError(E_INVALIDARG);
342 ret = CRYPT_CopyParam(pvData, pcbData, msg->bare_content,
343 msg->bare_content_len);
346 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
351 static HCRYPTMSG CDataEncodeMsg_Open(DWORD dwFlags, const void *pvMsgEncodeInfo,
352 LPSTR pszInnerContentObjID, PCMSG_STREAM_INFO pStreamInfo)
358 SetLastError(E_INVALIDARG);
361 msg = CryptMemAlloc(sizeof(CDataEncodeMsg));
364 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
365 CDataEncodeMsg_Close, CDataEncodeMsg_GetParam, CDataEncodeMsg_Update,
366 CRYPT_DefaultMsgControl);
367 msg->bare_content_len = sizeof(empty_data_content);
368 msg->bare_content = (LPBYTE)empty_data_content;
370 return (HCRYPTMSG)msg;
373 typedef struct _CHashEncodeMsg
378 CRYPT_DATA_BLOB data;
381 static void CHashEncodeMsg_Close(HCRYPTMSG hCryptMsg)
383 CHashEncodeMsg *msg = (CHashEncodeMsg *)hCryptMsg;
385 CryptMemFree(msg->data.pbData);
386 CryptDestroyHash(msg->hash);
387 if (msg->base.open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG)
388 CryptReleaseContext(msg->prov, 0);
391 static BOOL CRYPT_EncodePKCSDigestedData(CHashEncodeMsg *msg, void *pvData,
396 DWORD size = sizeof(algID);
398 ret = CryptGetHashParam(msg->hash, HP_ALGID, (BYTE *)&algID, &size, 0);
401 CRYPT_DIGESTED_DATA digestedData = { 0 };
402 char oid_rsa_data[] = szOID_RSA_data;
404 digestedData.version = CMSG_HASHED_DATA_PKCS_1_5_VERSION;
405 digestedData.DigestAlgorithm.pszObjId = (LPSTR)CertAlgIdToOID(algID);
406 /* FIXME: what about digestedData.DigestAlgorithm.Parameters? */
407 /* Quirk: OID is only encoded messages if an update has happened */
408 if (msg->base.state != MsgStateInit)
409 digestedData.ContentInfo.pszObjId = oid_rsa_data;
410 if (!(msg->base.open_flags & CMSG_DETACHED_FLAG) && msg->data.cbData)
412 ret = CRYPT_AsnEncodeOctets(0, NULL, &msg->data,
413 CRYPT_ENCODE_ALLOC_FLAG, NULL,
414 (LPBYTE)&digestedData.ContentInfo.Content.pbData,
415 &digestedData.ContentInfo.Content.cbData);
417 if (msg->base.state == MsgStateFinalized)
419 size = sizeof(DWORD);
420 ret = CryptGetHashParam(msg->hash, HP_HASHSIZE,
421 (LPBYTE)&digestedData.hash.cbData, &size, 0);
424 digestedData.hash.pbData = CryptMemAlloc(
425 digestedData.hash.cbData);
426 ret = CryptGetHashParam(msg->hash, HP_HASHVAL,
427 digestedData.hash.pbData, &digestedData.hash.cbData, 0);
431 ret = CRYPT_AsnEncodePKCSDigestedData(&digestedData, pvData,
433 CryptMemFree(digestedData.hash.pbData);
434 LocalFree(digestedData.ContentInfo.Content.pbData);
439 static BOOL CHashEncodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
440 DWORD dwIndex, void *pvData, DWORD *pcbData)
442 CHashEncodeMsg *msg = (CHashEncodeMsg *)hCryptMsg;
445 TRACE("(%p, %d, %d, %p, %p)\n", hCryptMsg, dwParamType, dwIndex,
450 case CMSG_BARE_CONTENT_PARAM:
451 if (msg->base.streamed)
452 SetLastError(E_INVALIDARG);
454 ret = CRYPT_EncodePKCSDigestedData(msg, pvData, pcbData);
456 case CMSG_CONTENT_PARAM:
458 CRYPT_CONTENT_INFO info;
460 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0, NULL,
461 &info.Content.cbData);
464 info.Content.pbData = CryptMemAlloc(info.Content.cbData);
465 if (info.Content.pbData)
467 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0,
468 info.Content.pbData, &info.Content.cbData);
471 char oid_rsa_hashed[] = szOID_RSA_hashedData;
473 info.pszObjId = oid_rsa_hashed;
474 ret = CryptEncodeObjectEx(X509_ASN_ENCODING,
475 PKCS_CONTENT_INFO, &info, 0, NULL, pvData, pcbData);
477 CryptMemFree(info.Content.pbData);
484 case CMSG_COMPUTED_HASH_PARAM:
485 ret = CryptGetHashParam(msg->hash, HP_HASHVAL, (BYTE *)pvData, pcbData,
488 case CMSG_VERSION_PARAM:
489 if (msg->base.state != MsgStateFinalized)
490 SetLastError(CRYPT_E_MSG_ERROR);
493 DWORD version = CMSG_HASHED_DATA_PKCS_1_5_VERSION;
495 /* Since the data are always encoded as octets, the version is
496 * always 0 (see rfc3852, section 7)
498 ret = CRYPT_CopyParam(pvData, pcbData, &version, sizeof(version));
502 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
507 static BOOL CHashEncodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
508 DWORD cbData, BOOL fFinal)
510 CHashEncodeMsg *msg = (CHashEncodeMsg *)hCryptMsg;
513 TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
515 if (msg->base.state == MsgStateFinalized)
516 SetLastError(CRYPT_E_MSG_ERROR);
517 else if (msg->base.streamed || (msg->base.open_flags & CMSG_DETACHED_FLAG))
519 /* Doesn't do much, as stream output is never called, and you
520 * can't get the content.
522 ret = CryptHashData(msg->hash, pbData, cbData, 0);
523 msg->base.state = fFinal ? MsgStateFinalized : MsgStateUpdated;
528 SetLastError(CRYPT_E_MSG_ERROR);
531 ret = CryptHashData(msg->hash, pbData, cbData, 0);
534 msg->data.pbData = CryptMemAlloc(cbData);
535 if (msg->data.pbData)
537 memcpy(msg->data.pbData + msg->data.cbData, pbData, cbData);
538 msg->data.cbData += cbData;
543 msg->base.state = MsgStateFinalized;
549 static HCRYPTMSG CHashEncodeMsg_Open(DWORD dwFlags, const void *pvMsgEncodeInfo,
550 LPSTR pszInnerContentObjID, PCMSG_STREAM_INFO pStreamInfo)
553 const CMSG_HASHED_ENCODE_INFO *info =
554 (const CMSG_HASHED_ENCODE_INFO *)pvMsgEncodeInfo;
558 if (info->cbSize != sizeof(CMSG_HASHED_ENCODE_INFO))
560 SetLastError(E_INVALIDARG);
563 if (!(algID = CertOIDToAlgId(info->HashAlgorithm.pszObjId)))
565 SetLastError(CRYPT_E_UNKNOWN_ALGO);
568 if (info->hCryptProv)
569 prov = info->hCryptProv;
572 prov = CRYPT_GetDefaultProvider();
573 dwFlags &= ~CMSG_CRYPT_RELEASE_CONTEXT_FLAG;
575 msg = CryptMemAlloc(sizeof(CHashEncodeMsg));
578 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
579 CHashEncodeMsg_Close, CHashEncodeMsg_GetParam, CHashEncodeMsg_Update,
580 CRYPT_DefaultMsgControl);
582 msg->data.cbData = 0;
583 msg->data.pbData = NULL;
584 if (!CryptCreateHash(prov, algID, 0, 0, &msg->hash))
590 return (HCRYPTMSG)msg;
593 typedef struct _CMSG_SIGNER_ENCODE_INFO_WITH_CMS
596 PCERT_INFO pCertInfo;
597 HCRYPTPROV hCryptProv;
599 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
602 PCRYPT_ATTRIBUTE rgAuthAttr;
604 PCRYPT_ATTRIBUTE rgUnauthAttr;
606 CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
607 void *pvHashEncryptionAuxInfo;
608 } CMSG_SIGNER_ENCODE_INFO_WITH_CMS, *PCMSG_SIGNER_ENCODE_INFO_WITH_CMS;
610 typedef struct _CMSG_SIGNED_ENCODE_INFO_WITH_CMS
614 PCMSG_SIGNER_ENCODE_INFO_WITH_CMS rgSigners;
616 PCERT_BLOB rgCertEncoded;
618 PCRL_BLOB rgCrlEncoded;
619 DWORD cAttrCertEncoded;
620 PCERT_BLOB rgAttrCertEncoded;
621 } CMSG_SIGNED_ENCODE_INFO_WITH_CMS, *PCMSG_SIGNED_ENCODE_INFO_WITH_CMS;
623 static BOOL CRYPT_IsValidSigner(CMSG_SIGNER_ENCODE_INFO_WITH_CMS *signer)
625 if (signer->cbSize != sizeof(CMSG_SIGNER_ENCODE_INFO) &&
626 signer->cbSize != sizeof(CMSG_SIGNER_ENCODE_INFO_WITH_CMS))
628 SetLastError(E_INVALIDARG);
631 if (signer->cbSize == sizeof(CMSG_SIGNER_ENCODE_INFO_WITH_CMS))
633 FIXME("CMSG_SIGNER_ENCODE_INFO with CMS fields unsupported\n");
636 if (!signer->pCertInfo->SerialNumber.cbData)
638 SetLastError(E_INVALIDARG);
641 if (!signer->pCertInfo->Issuer.cbData)
643 SetLastError(E_INVALIDARG);
646 if (!signer->hCryptProv)
648 SetLastError(E_INVALIDARG);
651 if (!CertOIDToAlgId(signer->HashAlgorithm.pszObjId))
653 SetLastError(CRYPT_E_UNKNOWN_ALGO);
659 static BOOL CRYPT_ConstructBlob(CRYPT_DATA_BLOB *out, const CRYPT_DATA_BLOB *in)
663 out->cbData = in->cbData;
666 out->pbData = CryptMemAlloc(out->cbData);
668 memcpy(out->pbData, in->pbData, out->cbData);
677 typedef struct _BlobArray
680 PCRYPT_DATA_BLOB blobs;
683 static BOOL CRYPT_ConstructBlobArray(BlobArray *out, const BlobArray *in)
687 out->cBlobs = in->cBlobs;
690 out->blobs = CryptMemAlloc(out->cBlobs * sizeof(CRYPT_DATA_BLOB));
695 memset(out->blobs, 0, out->cBlobs * sizeof(CRYPT_DATA_BLOB));
696 for (i = 0; ret && i < out->cBlobs; i++)
697 ret = CRYPT_ConstructBlob(&out->blobs[i], &in->blobs[i]);
705 static void CRYPT_FreeBlobArray(BlobArray *array)
709 for (i = 0; i < array->cBlobs; i++)
710 CryptMemFree(array->blobs[i].pbData);
711 CryptMemFree(array->blobs);
714 static BOOL CRYPT_ConstructAttribute(CRYPT_ATTRIBUTE *out,
715 const CRYPT_ATTRIBUTE *in)
719 out->pszObjId = CryptMemAlloc(strlen(in->pszObjId) + 1);
722 strcpy(out->pszObjId, in->pszObjId);
723 ret = CRYPT_ConstructBlobArray((BlobArray *)&out->cValue,
724 (const BlobArray *)&in->cValue);
731 static BOOL CRYPT_ConstructAttributes(CRYPT_ATTRIBUTES *out,
732 const CRYPT_ATTRIBUTES *in)
736 out->cAttr = in->cAttr;
739 out->rgAttr = CryptMemAlloc(out->cAttr * sizeof(CRYPT_ATTRIBUTE));
744 memset(out->rgAttr, 0, out->cAttr * sizeof(CRYPT_ATTRIBUTE));
745 for (i = 0; ret && i < out->cAttr; i++)
746 ret = CRYPT_ConstructAttribute(&out->rgAttr[i], &in->rgAttr[i]);
756 /* Constructs a CMSG_SIGNER_INFO from a CMSG_SIGNER_ENCODE_INFO_WITH_CMS. */
757 static BOOL CSignerInfo_Construct(CMSG_SIGNER_INFO *info,
758 CMSG_SIGNER_ENCODE_INFO_WITH_CMS *in)
762 /* Note: needs to change if CMS fields are supported */
763 info->dwVersion = CMSG_SIGNER_INFO_V1;
764 ret = CRYPT_ConstructBlob(&info->Issuer, &in->pCertInfo->Issuer);
766 ret = CRYPT_ConstructBlob(&info->SerialNumber,
767 &in->pCertInfo->SerialNumber);
768 /* Assumption: algorithm IDs will point to static strings, not
769 * stack-based ones, so copying the pointer values is safe.
771 info->HashAlgorithm.pszObjId = in->HashAlgorithm.pszObjId;
773 ret = CRYPT_ConstructBlob(&info->HashAlgorithm.Parameters,
774 &in->HashAlgorithm.Parameters);
775 memset(&info->HashEncryptionAlgorithm, 0,
776 sizeof(info->HashEncryptionAlgorithm));
778 ret = CRYPT_ConstructAttributes(&info->AuthAttrs,
779 (CRYPT_ATTRIBUTES *)&in->cAuthAttr);
781 ret = CRYPT_ConstructAttributes(&info->UnauthAttrs,
782 (CRYPT_ATTRIBUTES *)&in->cUnauthAttr);
786 static void CSignerInfo_Free(CMSG_SIGNER_INFO *info)
790 CryptMemFree(info->Issuer.pbData);
791 CryptMemFree(info->SerialNumber.pbData);
792 CryptMemFree(info->HashAlgorithm.Parameters.pbData);
793 CryptMemFree(info->EncryptedHash.pbData);
794 for (i = 0; i < info->AuthAttrs.cAttr; i++)
796 for (j = 0; j < info->AuthAttrs.rgAttr[i].cValue; j++)
797 CryptMemFree(info->AuthAttrs.rgAttr[i].rgValue[j].pbData);
798 CryptMemFree(info->AuthAttrs.rgAttr[i].rgValue);
799 CryptMemFree(info->AuthAttrs.rgAttr[i].pszObjId);
801 CryptMemFree(info->AuthAttrs.rgAttr);
802 for (i = 0; i < info->UnauthAttrs.cAttr; i++)
804 for (j = 0; j < info->UnauthAttrs.rgAttr[i].cValue; j++)
805 CryptMemFree(info->UnauthAttrs.rgAttr[i].rgValue[j].pbData);
806 CryptMemFree(info->UnauthAttrs.rgAttr[i].rgValue);
807 CryptMemFree(info->UnauthAttrs.rgAttr[i].pszObjId);
809 CryptMemFree(info->UnauthAttrs.rgAttr);
812 typedef struct _CSignerHandles
814 HCRYPTHASH contentHash;
815 HCRYPTHASH authAttrHash;
818 typedef struct _CSignedMsgData
820 CRYPT_SIGNED_INFO *info;
822 CSignerHandles *signerHandles;
825 /* Constructs the signer handles for the signerIndex'th signer of msg_data.
826 * Assumes signerIndex is a valid idnex, and that msg_data's info has already
829 static BOOL CSignedMsgData_ConstructSignerHandles(CSignedMsgData *msg_data,
830 DWORD signerIndex, HCRYPTPROV crypt_prov)
835 algID = CertOIDToAlgId(
836 msg_data->info->rgSignerInfo[signerIndex].HashAlgorithm.pszObjId);
837 ret = CryptCreateHash(crypt_prov, algID, 0, 0,
838 &msg_data->signerHandles->contentHash);
839 if (ret && msg_data->info->rgSignerInfo[signerIndex].AuthAttrs.cAttr > 0)
840 ret = CryptCreateHash(crypt_prov, algID, 0, 0,
841 &msg_data->signerHandles->authAttrHash);
845 /* Allocates a CSignedMsgData's handles. Assumes its info has already been
848 static BOOL CSignedMsgData_AllocateHandles(CSignedMsgData *msg_data)
852 if (msg_data->info->cSignerInfo)
854 msg_data->signerHandles =
855 CryptMemAlloc(msg_data->info->cSignerInfo * sizeof(CSignerHandles));
856 if (msg_data->signerHandles)
858 msg_data->cSignerHandle = msg_data->info->cSignerInfo;
859 memset(msg_data->signerHandles, 0,
860 msg_data->info->cSignerInfo * sizeof(CSignerHandles));
864 msg_data->cSignerHandle = 0;
870 msg_data->cSignerHandle = 0;
871 msg_data->signerHandles = NULL;
876 static void CSignedMsgData_CloseHandles(CSignedMsgData *msg_data)
880 for (i = 0; i < msg_data->cSignerHandle; i++)
882 if (msg_data->signerHandles[i].contentHash)
883 CryptDestroyHash(msg_data->signerHandles[i].contentHash);
884 if (msg_data->signerHandles[i].authAttrHash)
885 CryptDestroyHash(msg_data->signerHandles[i].authAttrHash);
887 CryptMemFree(msg_data->signerHandles);
888 msg_data->signerHandles = NULL;
889 msg_data->cSignerHandle = 0;
892 static BOOL CSignedMsgData_UpdateHash(CSignedMsgData *msg_data,
893 const BYTE *pbData, DWORD cbData)
898 for (i = 0; ret && i < msg_data->cSignerHandle; i++)
899 ret = CryptHashData(msg_data->signerHandles[i].contentHash, pbData,
904 static BOOL CRYPT_AppendAttribute(CRYPT_ATTRIBUTES *out,
905 const CRYPT_ATTRIBUTE *in)
909 out->rgAttr = CryptMemRealloc(out->rgAttr,
910 (out->cAttr + 1) * sizeof(CRYPT_ATTRIBUTE));
913 ret = CRYPT_ConstructAttribute(&out->rgAttr[out->cAttr], in);
920 static BOOL CSignedMsgData_AppendMessageDigestAttribute(
921 CSignedMsgData *msg_data, DWORD signerIndex)
925 CRYPT_HASH_BLOB hash = { 0, NULL }, encodedHash = { 0, NULL };
926 char messageDigest[] = szOID_RSA_messageDigest;
927 CRYPT_ATTRIBUTE messageDigestAttr = { messageDigest, 1, &encodedHash };
929 size = sizeof(DWORD);
930 ret = CryptGetHashParam(
931 msg_data->signerHandles[signerIndex].contentHash, HP_HASHSIZE,
932 (LPBYTE)&hash.cbData, &size, 0);
935 hash.pbData = CryptMemAlloc(hash.cbData);
936 ret = CryptGetHashParam(
937 msg_data->signerHandles[signerIndex].contentHash, HP_HASHVAL,
938 hash.pbData, &hash.cbData, 0);
941 ret = CRYPT_AsnEncodeOctets(0, NULL, &hash, CRYPT_ENCODE_ALLOC_FLAG,
942 NULL, (LPBYTE)&encodedHash.pbData, &encodedHash.cbData);
945 ret = CRYPT_AppendAttribute(
946 &msg_data->info->rgSignerInfo[signerIndex].AuthAttrs,
948 LocalFree(encodedHash.pbData);
951 CryptMemFree(hash.pbData);
961 static BOOL CSignedMsgData_UpdateAuthenticatedAttributes(
962 CSignedMsgData *msg_data, SignOrVerify flag)
967 TRACE("(%p)\n", msg_data);
969 for (i = 0; ret && i < msg_data->info->cSignerInfo; i++)
971 if (msg_data->info->rgSignerInfo[i].AuthAttrs.cAttr)
975 BYTE oid_rsa_data_encoded[] = { 0x06,0x09,0x2a,0x86,0x48,0x86,
976 0xf7,0x0d,0x01,0x07,0x01 };
977 CRYPT_DATA_BLOB content = { sizeof(oid_rsa_data_encoded),
978 oid_rsa_data_encoded };
979 char contentType[] = szOID_RSA_contentType;
980 CRYPT_ATTRIBUTE contentTypeAttr = { contentType, 1, &content };
982 /* FIXME: does this depend on inner OID? */
983 ret = CRYPT_AppendAttribute(
984 &msg_data->info->rgSignerInfo[i].AuthAttrs, &contentTypeAttr);
986 ret = CSignedMsgData_AppendMessageDigestAttribute(msg_data,
994 ret = CryptEncodeObjectEx(X509_ASN_ENCODING, PKCS_ATTRIBUTES,
995 &msg_data->info->rgSignerInfo[i].AuthAttrs,
996 CRYPT_ENCODE_ALLOC_FLAG, NULL, (LPBYTE)&encodedAttrs, &size);
1000 msg_data->signerHandles[i].authAttrHash, encodedAttrs,
1002 LocalFree(encodedAttrs);
1007 TRACE("returning %d\n", ret);
1011 static void CRYPT_ReverseBytes(CRYPT_HASH_BLOB *hash)
1016 for (i = 0; i < hash->cbData / 2; i++)
1018 tmp = hash->pbData[hash->cbData - i - 1];
1019 hash->pbData[hash->cbData - i - 1] = hash->pbData[i];
1020 hash->pbData[i] = tmp;
1024 static BOOL CSignedMsgData_Sign(CSignedMsgData *msg_data)
1029 TRACE("(%p)\n", msg_data);
1031 for (i = 0; ret && i < msg_data->info->cSignerInfo; i++)
1035 if (msg_data->info->rgSignerInfo[i].AuthAttrs.cAttr)
1036 hash = msg_data->signerHandles[i].authAttrHash;
1038 hash = msg_data->signerHandles[i].contentHash;
1039 ret = CryptSignHashW(hash, AT_SIGNATURE, NULL, 0, NULL,
1040 &msg_data->info->rgSignerInfo[i].EncryptedHash.cbData);
1043 msg_data->info->rgSignerInfo[i].EncryptedHash.pbData =
1045 msg_data->info->rgSignerInfo[i].EncryptedHash.cbData);
1046 if (msg_data->info->rgSignerInfo[i].EncryptedHash.pbData)
1048 ret = CryptSignHashW(hash, AT_SIGNATURE, NULL, 0,
1049 msg_data->info->rgSignerInfo[i].EncryptedHash.pbData,
1050 &msg_data->info->rgSignerInfo[i].EncryptedHash.cbData);
1053 &msg_data->info->rgSignerInfo[i].EncryptedHash);
1062 static BOOL CSignedMsgData_Update(CSignedMsgData *msg_data,
1063 const BYTE *pbData, DWORD cbData, BOOL fFinal, SignOrVerify flag)
1065 BOOL ret = CSignedMsgData_UpdateHash(msg_data, pbData, cbData);
1069 ret = CSignedMsgData_UpdateAuthenticatedAttributes(msg_data, flag);
1070 if (ret && flag == Sign)
1071 ret = CSignedMsgData_Sign(msg_data);
1076 typedef struct _CSignedEncodeMsg
1079 CRYPT_DATA_BLOB data;
1080 CSignedMsgData msg_data;
1083 static void CSignedEncodeMsg_Close(HCRYPTMSG hCryptMsg)
1085 CSignedEncodeMsg *msg = (CSignedEncodeMsg *)hCryptMsg;
1088 CryptMemFree(msg->data.pbData);
1089 CRYPT_FreeBlobArray((BlobArray *)&msg->msg_data.info->cCertEncoded);
1090 CRYPT_FreeBlobArray((BlobArray *)&msg->msg_data.info->cCrlEncoded);
1091 for (i = 0; i < msg->msg_data.info->cSignerInfo; i++)
1092 CSignerInfo_Free(&msg->msg_data.info->rgSignerInfo[i]);
1093 CSignedMsgData_CloseHandles(&msg->msg_data);
1094 CryptMemFree(msg->msg_data.info->rgSignerInfo);
1095 CryptMemFree(msg->msg_data.info);
1098 static BOOL CSignedEncodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
1099 DWORD dwIndex, void *pvData, DWORD *pcbData)
1101 CSignedEncodeMsg *msg = (CSignedEncodeMsg *)hCryptMsg;
1104 switch (dwParamType)
1106 case CMSG_CONTENT_PARAM:
1108 CRYPT_CONTENT_INFO info;
1110 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0, NULL,
1111 &info.Content.cbData);
1114 info.Content.pbData = CryptMemAlloc(info.Content.cbData);
1115 if (info.Content.pbData)
1117 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0,
1118 info.Content.pbData, &info.Content.cbData);
1121 char oid_rsa_signed[] = szOID_RSA_signedData;
1123 info.pszObjId = oid_rsa_signed;
1124 ret = CryptEncodeObjectEx(X509_ASN_ENCODING,
1125 PKCS_CONTENT_INFO, &info, 0, NULL, pvData, pcbData);
1127 CryptMemFree(info.Content.pbData);
1134 case CMSG_BARE_CONTENT_PARAM:
1136 CRYPT_SIGNED_INFO info;
1137 char oid_rsa_data[] = szOID_RSA_data;
1139 info = *msg->msg_data.info;
1140 /* Quirk: OID is only encoded messages if an update has happened */
1141 if (msg->base.state != MsgStateInit)
1142 info.content.pszObjId = oid_rsa_data;
1144 info.content.pszObjId = NULL;
1145 if (msg->data.cbData)
1147 CRYPT_DATA_BLOB blob = { msg->data.cbData, msg->data.pbData };
1149 ret = CryptEncodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
1150 &blob, CRYPT_ENCODE_ALLOC_FLAG, NULL,
1151 &info.content.Content.pbData, &info.content.Content.cbData);
1155 info.content.Content.cbData = 0;
1156 info.content.Content.pbData = NULL;
1161 ret = CRYPT_AsnEncodePKCSSignedInfo(&info, pvData, pcbData);
1162 LocalFree(info.content.Content.pbData);
1166 case CMSG_COMPUTED_HASH_PARAM:
1167 if (dwIndex >= msg->msg_data.cSignerHandle)
1168 SetLastError(CRYPT_E_INVALID_INDEX);
1170 ret = CryptGetHashParam(
1171 msg->msg_data.signerHandles[dwIndex].contentHash, HP_HASHVAL,
1172 pvData, pcbData, 0);
1174 case CMSG_ENCODED_SIGNER:
1175 if (dwIndex >= msg->msg_data.info->cSignerInfo)
1176 SetLastError(CRYPT_E_INVALID_INDEX);
1178 ret = CryptEncodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
1179 PKCS7_SIGNER_INFO, &msg->msg_data.info->rgSignerInfo[dwIndex], 0,
1180 NULL, pvData, pcbData);
1182 case CMSG_VERSION_PARAM:
1183 ret = CRYPT_CopyParam(pvData, pcbData, &msg->msg_data.info->version,
1184 sizeof(msg->msg_data.info->version));
1187 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1192 static BOOL CSignedEncodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
1193 DWORD cbData, BOOL fFinal)
1195 CSignedEncodeMsg *msg = (CSignedEncodeMsg *)hCryptMsg;
1198 if (msg->base.state == MsgStateFinalized)
1199 SetLastError(CRYPT_E_MSG_ERROR);
1200 else if (msg->base.streamed || (msg->base.open_flags & CMSG_DETACHED_FLAG))
1202 ret = CSignedMsgData_Update(&msg->msg_data, pbData, cbData, fFinal,
1204 if (msg->base.streamed)
1205 FIXME("streamed partial stub\n");
1206 msg->base.state = fFinal ? MsgStateFinalized : MsgStateUpdated;
1211 SetLastError(CRYPT_E_MSG_ERROR);
1216 msg->data.pbData = CryptMemAlloc(cbData);
1217 if (msg->data.pbData)
1219 memcpy(msg->data.pbData, pbData, cbData);
1220 msg->data.cbData = cbData;
1227 ret = CSignedMsgData_Update(&msg->msg_data, pbData, cbData,
1229 msg->base.state = MsgStateFinalized;
1235 static HCRYPTMSG CSignedEncodeMsg_Open(DWORD dwFlags,
1236 const void *pvMsgEncodeInfo, LPSTR pszInnerContentObjID,
1237 PCMSG_STREAM_INFO pStreamInfo)
1239 const CMSG_SIGNED_ENCODE_INFO_WITH_CMS *info =
1240 (const CMSG_SIGNED_ENCODE_INFO_WITH_CMS *)pvMsgEncodeInfo;
1242 CSignedEncodeMsg *msg;
1244 if (info->cbSize != sizeof(CMSG_SIGNED_ENCODE_INFO) &&
1245 info->cbSize != sizeof(CMSG_SIGNED_ENCODE_INFO_WITH_CMS))
1247 SetLastError(E_INVALIDARG);
1250 if (info->cbSize == sizeof(CMSG_SIGNED_ENCODE_INFO_WITH_CMS))
1252 FIXME("CMSG_SIGNED_ENCODE_INFO with CMS fields unsupported\n");
1255 for (i = 0; i < info->cSigners; i++)
1256 if (!CRYPT_IsValidSigner(&info->rgSigners[i]))
1258 msg = CryptMemAlloc(sizeof(CSignedEncodeMsg));
1263 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
1264 CSignedEncodeMsg_Close, CSignedEncodeMsg_GetParam,
1265 CSignedEncodeMsg_Update, CRYPT_DefaultMsgControl);
1266 msg->data.cbData = 0;
1267 msg->data.pbData = NULL;
1268 msg->msg_data.info = CryptMemAlloc(sizeof(CRYPT_SIGNED_INFO));
1269 if (msg->msg_data.info)
1271 memset(msg->msg_data.info, 0, sizeof(CRYPT_SIGNED_INFO));
1272 msg->msg_data.info->version = CMSG_SIGNED_DATA_V1;
1280 msg->msg_data.info->rgSignerInfo =
1281 CryptMemAlloc(info->cSigners * sizeof(CMSG_SIGNER_INFO));
1282 if (msg->msg_data.info->rgSignerInfo)
1284 msg->msg_data.info->cSignerInfo = info->cSigners;
1285 memset(msg->msg_data.info->rgSignerInfo, 0,
1286 msg->msg_data.info->cSignerInfo * sizeof(CMSG_SIGNER_INFO));
1287 ret = CSignedMsgData_AllocateHandles(&msg->msg_data);
1288 for (i = 0; ret && i < msg->msg_data.info->cSignerInfo; i++)
1290 ret = CSignerInfo_Construct(
1291 &msg->msg_data.info->rgSignerInfo[i],
1292 &info->rgSigners[i]);
1295 ret = CSignedMsgData_ConstructSignerHandles(
1296 &msg->msg_data, i, info->rgSigners[i].hCryptProv);
1297 if (dwFlags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG)
1298 CryptReleaseContext(info->rgSigners[i].hCryptProv,
1308 msg->msg_data.info->cSignerInfo = 0;
1309 msg->msg_data.signerHandles = NULL;
1310 msg->msg_data.cSignerHandle = 0;
1314 ret = CRYPT_ConstructBlobArray(
1315 (BlobArray *)&msg->msg_data.info->cCertEncoded,
1316 (const BlobArray *)&info->cCertEncoded);
1318 ret = CRYPT_ConstructBlobArray(
1319 (BlobArray *)&msg->msg_data.info->cCrlEncoded,
1320 (const BlobArray *)&info->cCrlEncoded);
1323 CSignedEncodeMsg_Close(msg);
1330 static inline const char *MSG_TYPE_STR(DWORD type)
1334 #define _x(x) case (x): return #x
1338 _x(CMSG_SIGNED_AND_ENVELOPED);
1343 return wine_dbg_sprintf("unknown (%d)", type);
1347 HCRYPTMSG WINAPI CryptMsgOpenToEncode(DWORD dwMsgEncodingType, DWORD dwFlags,
1348 DWORD dwMsgType, const void *pvMsgEncodeInfo, LPSTR pszInnerContentObjID,
1349 PCMSG_STREAM_INFO pStreamInfo)
1351 HCRYPTMSG msg = NULL;
1353 TRACE("(%08x, %08x, %08x, %p, %s, %p)\n", dwMsgEncodingType, dwFlags,
1354 dwMsgType, pvMsgEncodeInfo, debugstr_a(pszInnerContentObjID), pStreamInfo);
1356 if (GET_CMSG_ENCODING_TYPE(dwMsgEncodingType) != PKCS_7_ASN_ENCODING)
1358 SetLastError(E_INVALIDARG);
1364 msg = CDataEncodeMsg_Open(dwFlags, pvMsgEncodeInfo,
1365 pszInnerContentObjID, pStreamInfo);
1368 msg = CHashEncodeMsg_Open(dwFlags, pvMsgEncodeInfo,
1369 pszInnerContentObjID, pStreamInfo);
1372 msg = CSignedEncodeMsg_Open(dwFlags, pvMsgEncodeInfo,
1373 pszInnerContentObjID, pStreamInfo);
1375 case CMSG_ENVELOPED:
1376 FIXME("unimplemented for type %s\n", MSG_TYPE_STR(dwMsgType));
1378 case CMSG_SIGNED_AND_ENVELOPED:
1379 case CMSG_ENCRYPTED:
1380 /* defined but invalid, fall through */
1382 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1387 typedef struct _CDecodeMsg
1391 HCRYPTPROV crypt_prov;
1394 CSignedMsgData signed_data;
1396 CRYPT_DATA_BLOB msg_data;
1397 PCONTEXT_PROPERTY_LIST properties;
1400 static void CDecodeMsg_Close(HCRYPTMSG hCryptMsg)
1402 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
1404 if (msg->base.open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG)
1405 CryptReleaseContext(msg->crypt_prov, 0);
1410 CryptDestroyHash(msg->u.hash);
1413 if (msg->u.signed_data.info)
1415 LocalFree(msg->u.signed_data.info);
1416 CSignedMsgData_CloseHandles(&msg->u.signed_data);
1420 CryptMemFree(msg->msg_data.pbData);
1421 ContextPropertyList_Free(msg->properties);
1424 static BOOL CDecodeMsg_CopyData(CDecodeMsg *msg, const BYTE *pbData,
1431 if (msg->msg_data.cbData)
1432 msg->msg_data.pbData = CryptMemRealloc(msg->msg_data.pbData,
1433 msg->msg_data.cbData + cbData);
1435 msg->msg_data.pbData = CryptMemAlloc(cbData);
1436 if (msg->msg_data.pbData)
1438 memcpy(msg->msg_data.pbData + msg->msg_data.cbData, pbData, cbData);
1439 msg->msg_data.cbData += cbData;
1447 static BOOL CDecodeMsg_DecodeDataContent(CDecodeMsg *msg, CRYPT_DER_BLOB *blob)
1450 CRYPT_DATA_BLOB *data;
1453 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
1454 blob->pbData, blob->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, (LPBYTE)&data,
1458 ret = ContextPropertyList_SetProperty(msg->properties,
1459 CMSG_CONTENT_PARAM, data->pbData, data->cbData);
1465 static void CDecodeMsg_SaveAlgorithmID(CDecodeMsg *msg, DWORD param,
1466 const CRYPT_ALGORITHM_IDENTIFIER *id)
1468 static const BYTE nullParams[] = { ASN_NULL, 0 };
1469 CRYPT_ALGORITHM_IDENTIFIER *copy;
1470 DWORD len = sizeof(CRYPT_ALGORITHM_IDENTIFIER);
1472 /* Linearize algorithm id */
1473 len += strlen(id->pszObjId) + 1;
1474 len += id->Parameters.cbData;
1475 copy = CryptMemAlloc(len);
1479 (LPSTR)((BYTE *)copy + sizeof(CRYPT_ALGORITHM_IDENTIFIER));
1480 strcpy(copy->pszObjId, id->pszObjId);
1481 copy->Parameters.pbData = (BYTE *)copy->pszObjId + strlen(id->pszObjId)
1483 /* Trick: omit NULL parameters */
1484 if (id->Parameters.cbData == sizeof(nullParams) &&
1485 !memcmp(id->Parameters.pbData, nullParams, sizeof(nullParams)))
1487 copy->Parameters.cbData = 0;
1488 len -= sizeof(nullParams);
1491 copy->Parameters.cbData = id->Parameters.cbData;
1492 if (copy->Parameters.cbData)
1493 memcpy(copy->Parameters.pbData, id->Parameters.pbData,
1494 id->Parameters.cbData);
1495 ContextPropertyList_SetProperty(msg->properties, param, (BYTE *)copy,
1501 static inline void CRYPT_FixUpAlgorithmID(CRYPT_ALGORITHM_IDENTIFIER *id)
1503 id->pszObjId = (LPSTR)((BYTE *)id + sizeof(CRYPT_ALGORITHM_IDENTIFIER));
1504 id->Parameters.pbData = (BYTE *)id->pszObjId + strlen(id->pszObjId) + 1;
1507 static BOOL CDecodeMsg_DecodeHashedContent(CDecodeMsg *msg,
1508 CRYPT_DER_BLOB *blob)
1511 CRYPT_DIGESTED_DATA *digestedData;
1514 ret = CRYPT_AsnDecodePKCSDigestedData(blob->pbData, blob->cbData,
1515 CRYPT_DECODE_ALLOC_FLAG, NULL, (CRYPT_DIGESTED_DATA *)&digestedData,
1519 ContextPropertyList_SetProperty(msg->properties, CMSG_VERSION_PARAM,
1520 (const BYTE *)&digestedData->version, sizeof(digestedData->version));
1521 CDecodeMsg_SaveAlgorithmID(msg, CMSG_HASH_ALGORITHM_PARAM,
1522 &digestedData->DigestAlgorithm);
1523 ContextPropertyList_SetProperty(msg->properties,
1524 CMSG_INNER_CONTENT_TYPE_PARAM,
1525 (const BYTE *)digestedData->ContentInfo.pszObjId,
1526 digestedData->ContentInfo.pszObjId ?
1527 strlen(digestedData->ContentInfo.pszObjId) + 1 : 0);
1528 if (digestedData->ContentInfo.Content.cbData)
1529 CDecodeMsg_DecodeDataContent(msg,
1530 &digestedData->ContentInfo.Content);
1532 ContextPropertyList_SetProperty(msg->properties,
1533 CMSG_CONTENT_PARAM, NULL, 0);
1534 ContextPropertyList_SetProperty(msg->properties, CMSG_HASH_DATA_PARAM,
1535 digestedData->hash.pbData, digestedData->hash.cbData);
1536 LocalFree(digestedData);
1541 static BOOL CDecodeMsg_DecodeSignedContent(CDecodeMsg *msg,
1542 CRYPT_DER_BLOB *blob)
1545 CRYPT_SIGNED_INFO *signedInfo;
1548 ret = CRYPT_AsnDecodePKCSSignedInfo(blob->pbData, blob->cbData,
1549 CRYPT_DECODE_ALLOC_FLAG, NULL, (CRYPT_SIGNED_INFO *)&signedInfo,
1555 msg->u.signed_data.info = signedInfo;
1556 ret = CSignedMsgData_AllocateHandles(&msg->u.signed_data);
1557 for (i = 0; ret && i < msg->u.signed_data.info->cSignerInfo; i++)
1558 ret = CSignedMsgData_ConstructSignerHandles(&msg->u.signed_data, i,
1562 /* Now that we have all the content, update the hash handles with
1563 * it. Have to decode it if the type is szOID_RSA_data.
1565 if (msg->u.signed_data.info->content.Content.cbData)
1567 if (!strcmp(msg->u.signed_data.info->content.pszObjId,
1570 CRYPT_DATA_BLOB *blob;
1572 ret = CryptDecodeObjectEx(X509_ASN_ENCODING,
1574 msg->u.signed_data.info->content.Content.pbData,
1575 msg->u.signed_data.info->content.Content.cbData,
1576 CRYPT_DECODE_ALLOC_FLAG, NULL, (LPBYTE)&blob, &size);
1579 ret = CSignedMsgData_Update(&msg->u.signed_data,
1580 blob->pbData, blob->cbData, TRUE, Verify);
1585 ret = CSignedMsgData_Update(&msg->u.signed_data,
1586 msg->u.signed_data.info->content.Content.pbData,
1587 msg->u.signed_data.info->content.Content.cbData, TRUE,
1594 /* Decodes the content in blob as the type given, and updates the value
1595 * (type, parameters, etc.) of msg based on what blob contains.
1596 * It doesn't just use msg's type, to allow a recursive call from an implicitly
1597 * typed message once the outer content info has been decoded.
1599 static BOOL CDecodeMsg_DecodeContent(CDecodeMsg *msg, CRYPT_DER_BLOB *blob,
1607 if ((ret = CDecodeMsg_DecodeDataContent(msg, blob)))
1608 msg->type = CMSG_DATA;
1611 if ((ret = CDecodeMsg_DecodeHashedContent(msg, blob)))
1612 msg->type = CMSG_HASHED;
1614 case CMSG_ENVELOPED:
1615 FIXME("unimplemented for type %s\n", MSG_TYPE_STR(type));
1619 if ((ret = CDecodeMsg_DecodeSignedContent(msg, blob)))
1620 msg->type = CMSG_SIGNED;
1624 CRYPT_CONTENT_INFO *info;
1627 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_CONTENT_INFO,
1628 msg->msg_data.pbData, msg->msg_data.cbData, CRYPT_DECODE_ALLOC_FLAG,
1629 NULL, (LPBYTE)&info, &size);
1632 if (!strcmp(info->pszObjId, szOID_RSA_data))
1633 ret = CDecodeMsg_DecodeContent(msg, &info->Content, CMSG_DATA);
1634 else if (!strcmp(info->pszObjId, szOID_RSA_digestedData))
1635 ret = CDecodeMsg_DecodeContent(msg, &info->Content,
1637 else if (!strcmp(info->pszObjId, szOID_RSA_envelopedData))
1638 ret = CDecodeMsg_DecodeContent(msg, &info->Content,
1640 else if (!strcmp(info->pszObjId, szOID_RSA_signedData))
1641 ret = CDecodeMsg_DecodeContent(msg, &info->Content,
1645 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1655 static BOOL CDecodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
1656 DWORD cbData, BOOL fFinal)
1658 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
1661 TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
1663 if (msg->base.state == MsgStateFinalized)
1664 SetLastError(CRYPT_E_MSG_ERROR);
1665 else if (msg->base.streamed)
1667 FIXME("(%p, %p, %d, %d): streamed update stub\n", hCryptMsg, pbData,
1671 if (msg->base.open_flags & CMSG_DETACHED_FLAG &&
1672 msg->base.state != MsgStateDataFinalized)
1674 ret = CDecodeMsg_CopyData(msg, pbData, cbData);
1675 msg->base.state = MsgStateDataFinalized;
1679 FIXME("(%p, %p, %d, %d): detached update stub\n", hCryptMsg,
1680 pbData, cbData, fFinal);
1682 msg->base.state = MsgStateFinalized;
1687 ret = CDecodeMsg_CopyData(msg, pbData, cbData);
1688 if (msg->base.state == MsgStateInit)
1689 msg->base.state = MsgStateUpdated;
1695 SetLastError(CRYPT_E_MSG_ERROR);
1698 if (msg->base.state == MsgStateInit)
1700 ret = CDecodeMsg_CopyData(msg, pbData, cbData);
1702 ret = CDecodeMsg_DecodeContent(msg, &msg->msg_data,
1704 if (msg->base.open_flags & CMSG_DETACHED_FLAG)
1705 msg->base.state = MsgStateDataFinalized;
1707 msg->base.state = MsgStateFinalized;
1709 else if (msg->base.state == MsgStateDataFinalized)
1711 FIXME("(%p, %p, %d, %d): detached update stub\n", hCryptMsg,
1712 pbData, cbData, fFinal);
1714 msg->base.state = MsgStateFinalized;
1721 static BOOL CDecodeHashMsg_GetParam(CDecodeMsg *msg, DWORD dwParamType,
1722 DWORD dwIndex, void *pvData, DWORD *pcbData)
1726 switch (dwParamType)
1728 case CMSG_TYPE_PARAM:
1729 ret = CRYPT_CopyParam(pvData, pcbData, &msg->type, sizeof(msg->type));
1731 case CMSG_HASH_ALGORITHM_PARAM:
1733 CRYPT_DATA_BLOB blob;
1735 ret = ContextPropertyList_FindProperty(msg->properties, dwParamType,
1739 ret = CRYPT_CopyParam(pvData, pcbData, blob.pbData, blob.cbData);
1741 CRYPT_FixUpAlgorithmID((CRYPT_ALGORITHM_IDENTIFIER *)pvData);
1744 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1747 case CMSG_COMPUTED_HASH_PARAM:
1750 CRYPT_ALGORITHM_IDENTIFIER *hashAlgoID = NULL;
1754 CryptMsgGetParam(msg, CMSG_HASH_ALGORITHM_PARAM, 0, NULL, &size);
1755 hashAlgoID = CryptMemAlloc(size);
1756 ret = CryptMsgGetParam(msg, CMSG_HASH_ALGORITHM_PARAM, 0,
1759 algID = CertOIDToAlgId(hashAlgoID->pszObjId);
1760 ret = CryptCreateHash(msg->crypt_prov, algID, 0, 0, &msg->u.hash);
1763 CRYPT_DATA_BLOB content;
1765 ret = ContextPropertyList_FindProperty(msg->properties,
1766 CMSG_CONTENT_PARAM, &content);
1768 ret = CryptHashData(msg->u.hash, content.pbData,
1771 CryptMemFree(hashAlgoID);
1776 ret = CryptGetHashParam(msg->u.hash, HP_HASHVAL, pvData, pcbData,
1781 CRYPT_DATA_BLOB blob;
1783 ret = ContextPropertyList_FindProperty(msg->properties, dwParamType,
1786 ret = CRYPT_CopyParam(pvData, pcbData, blob.pbData, blob.cbData);
1788 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1794 /* nextData is an in/out parameter - on input it's the memory location in
1795 * which a copy of in's data should be made, and on output it's the memory
1796 * location immediately after out's copy of in's data.
1798 static inline void CRYPT_CopyBlob(CRYPT_DATA_BLOB *out,
1799 const CRYPT_DATA_BLOB *in, LPBYTE *nextData)
1801 out->cbData = in->cbData;
1804 out->pbData = *nextData;
1805 memcpy(out->pbData, in->pbData, in->cbData);
1806 *nextData += in->cbData;
1810 static inline void CRYPT_CopyAlgorithmId(CRYPT_ALGORITHM_IDENTIFIER *out,
1811 const CRYPT_ALGORITHM_IDENTIFIER *in, LPBYTE *nextData)
1815 out->pszObjId = (LPSTR)*nextData;
1816 strcpy(out->pszObjId, in->pszObjId);
1817 *nextData += strlen(out->pszObjId) + 1;
1819 CRYPT_CopyBlob(&out->Parameters, &in->Parameters, nextData);
1822 static inline void CRYPT_CopyAttributes(CRYPT_ATTRIBUTES *out,
1823 const CRYPT_ATTRIBUTES *in, LPBYTE *nextData)
1825 out->cAttr = in->cAttr;
1830 if ((*nextData - (LPBYTE)0) % sizeof(DWORD_PTR))
1831 *nextData += (*nextData - (LPBYTE)0) % sizeof(DWORD_PTR);
1832 out->rgAttr = (CRYPT_ATTRIBUTE *)*nextData;
1833 *nextData += in->cAttr * sizeof(CRYPT_ATTRIBUTE);
1834 for (i = 0; i < in->cAttr; i++)
1836 if (in->rgAttr[i].pszObjId)
1838 out->rgAttr[i].pszObjId = (LPSTR)*nextData;
1839 strcpy(out->rgAttr[i].pszObjId, in->rgAttr[i].pszObjId);
1840 *nextData += strlen(in->rgAttr[i].pszObjId) + 1;
1842 if (in->rgAttr[i].cValue)
1846 out->rgAttr[i].cValue = in->rgAttr[i].cValue;
1847 if ((*nextData - (LPBYTE)0) % sizeof(DWORD_PTR))
1848 *nextData += (*nextData - (LPBYTE)0) % sizeof(DWORD_PTR);
1849 out->rgAttr[i].rgValue = (PCRYPT_DATA_BLOB)*nextData;
1850 *nextData += in->rgAttr[i].cValue * sizeof(CRYPT_DATA_BLOB);
1851 for (j = 0; j < in->rgAttr[i].cValue; j++)
1852 CRYPT_CopyBlob(&out->rgAttr[i].rgValue[j],
1853 &in->rgAttr[i].rgValue[j], nextData);
1859 static DWORD CRYPT_SizeOfAttributes(const CRYPT_ATTRIBUTES *attr)
1861 DWORD size = attr->cAttr * sizeof(CRYPT_ATTRIBUTE), i, j;
1863 for (i = 0; i < attr->cAttr; i++)
1865 if (attr->rgAttr[i].pszObjId)
1866 size += strlen(attr->rgAttr[i].pszObjId) + 1;
1868 if (size % sizeof(DWORD_PTR))
1869 size += size % sizeof(DWORD_PTR);
1870 size += attr->rgAttr[i].cValue * sizeof(CRYPT_DATA_BLOB);
1871 for (j = 0; j < attr->rgAttr[i].cValue; j++)
1872 size += attr->rgAttr[i].rgValue[j].cbData;
1874 /* align pointer again to be conservative */
1875 if (size % sizeof(DWORD_PTR))
1876 size += size % sizeof(DWORD_PTR);
1880 static BOOL CRYPT_CopySignerInfo(void *pvData, DWORD *pcbData,
1881 const CMSG_SIGNER_INFO *in)
1883 DWORD size = sizeof(CMSG_SIGNER_INFO);
1886 TRACE("(%p, %d, %p)\n", pvData, pvData ? *pcbData : 0, in);
1888 size += in->Issuer.cbData;
1889 size += in->SerialNumber.cbData;
1890 if (in->HashAlgorithm.pszObjId)
1891 size += strlen(in->HashAlgorithm.pszObjId) + 1;
1892 size += in->HashAlgorithm.Parameters.cbData;
1893 if (in->HashEncryptionAlgorithm.pszObjId)
1894 size += strlen(in->HashEncryptionAlgorithm.pszObjId) + 1;
1895 size += in->HashEncryptionAlgorithm.Parameters.cbData;
1896 size += in->EncryptedHash.cbData;
1898 if (size % sizeof(DWORD_PTR))
1899 size += size % sizeof(DWORD_PTR);
1900 size += CRYPT_SizeOfAttributes(&in->AuthAttrs);
1901 size += CRYPT_SizeOfAttributes(&in->UnauthAttrs);
1907 else if (*pcbData < size)
1910 SetLastError(ERROR_MORE_DATA);
1915 LPBYTE nextData = (BYTE *)pvData + sizeof(CMSG_SIGNER_INFO);
1916 CMSG_SIGNER_INFO *out = (CMSG_SIGNER_INFO *)pvData;
1918 out->dwVersion = in->dwVersion;
1919 CRYPT_CopyBlob(&out->Issuer, &in->Issuer, &nextData);
1920 CRYPT_CopyBlob(&out->SerialNumber, &in->SerialNumber, &nextData);
1921 CRYPT_CopyAlgorithmId(&out->HashAlgorithm, &in->HashAlgorithm,
1923 CRYPT_CopyAlgorithmId(&out->HashEncryptionAlgorithm,
1924 &in->HashEncryptionAlgorithm, &nextData);
1925 CRYPT_CopyBlob(&out->EncryptedHash, &in->EncryptedHash, &nextData);
1927 if ((nextData - (LPBYTE)0) % sizeof(DWORD_PTR))
1928 nextData += (nextData - (LPBYTE)0) % sizeof(DWORD_PTR);
1929 CRYPT_CopyAttributes(&out->AuthAttrs, &in->AuthAttrs, &nextData);
1930 CRYPT_CopyAttributes(&out->UnauthAttrs, &in->UnauthAttrs, &nextData);
1933 TRACE("returning %d\n", ret);
1937 static BOOL CRYPT_CopySignerCertInfo(void *pvData, DWORD *pcbData,
1938 const CMSG_SIGNER_INFO *in)
1940 DWORD size = sizeof(CERT_INFO);
1943 TRACE("(%p, %d, %p)\n", pvData, pvData ? *pcbData : 0, in);
1945 size += in->Issuer.cbData;
1946 size += in->SerialNumber.cbData;
1952 else if (*pcbData < size)
1955 SetLastError(ERROR_MORE_DATA);
1960 LPBYTE nextData = (BYTE *)pvData + sizeof(CERT_INFO);
1961 CERT_INFO *out = (CERT_INFO *)pvData;
1963 memset(out, 0, sizeof(CERT_INFO));
1964 CRYPT_CopyBlob(&out->Issuer, &in->Issuer, &nextData);
1965 CRYPT_CopyBlob(&out->SerialNumber, &in->SerialNumber, &nextData);
1968 TRACE("returning %d\n", ret);
1972 static BOOL CDecodeSignedMsg_GetParam(CDecodeMsg *msg, DWORD dwParamType,
1973 DWORD dwIndex, void *pvData, DWORD *pcbData)
1977 switch (dwParamType)
1979 case CMSG_TYPE_PARAM:
1980 ret = CRYPT_CopyParam(pvData, pcbData, &msg->type, sizeof(msg->type));
1982 case CMSG_CONTENT_PARAM:
1983 if (msg->u.signed_data.info)
1985 if (!strcmp(msg->u.signed_data.info->content.pszObjId,
1988 CRYPT_DATA_BLOB *blob;
1991 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
1992 msg->u.signed_data.info->content.Content.pbData,
1993 msg->u.signed_data.info->content.Content.cbData,
1994 CRYPT_DECODE_ALLOC_FLAG, NULL, (LPBYTE)&blob, &size);
1997 ret = CRYPT_CopyParam(pvData, pcbData, blob->pbData,
2003 ret = CRYPT_CopyParam(pvData, pcbData,
2004 msg->u.signed_data.info->content.Content.pbData,
2005 msg->u.signed_data.info->content.Content.cbData);
2008 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2010 case CMSG_INNER_CONTENT_TYPE_PARAM:
2011 if (msg->u.signed_data.info)
2012 ret = CRYPT_CopyParam(pvData, pcbData,
2013 msg->u.signed_data.info->content.pszObjId,
2014 strlen(msg->u.signed_data.info->content.pszObjId) + 1);
2016 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2018 case CMSG_SIGNER_COUNT_PARAM:
2019 if (msg->u.signed_data.info)
2020 ret = CRYPT_CopyParam(pvData, pcbData,
2021 &msg->u.signed_data.info->cSignerInfo, sizeof(DWORD));
2023 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2025 case CMSG_SIGNER_INFO_PARAM:
2026 if (msg->u.signed_data.info)
2028 if (dwIndex >= msg->u.signed_data.info->cSignerInfo)
2029 SetLastError(CRYPT_E_INVALID_INDEX);
2031 ret = CRYPT_CopySignerInfo(pvData, pcbData,
2032 &msg->u.signed_data.info->rgSignerInfo[dwIndex]);
2035 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2037 case CMSG_SIGNER_CERT_INFO_PARAM:
2038 if (msg->u.signed_data.info)
2040 if (dwIndex >= msg->u.signed_data.info->cSignerInfo)
2041 SetLastError(CRYPT_E_INVALID_INDEX);
2043 ret = CRYPT_CopySignerCertInfo(pvData, pcbData,
2044 &msg->u.signed_data.info->rgSignerInfo[dwIndex]);
2047 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2049 case CMSG_CERT_COUNT_PARAM:
2050 if (msg->u.signed_data.info)
2051 ret = CRYPT_CopyParam(pvData, pcbData,
2052 &msg->u.signed_data.info->cCertEncoded, sizeof(DWORD));
2054 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2056 case CMSG_CERT_PARAM:
2057 if (msg->u.signed_data.info)
2059 if (dwIndex >= msg->u.signed_data.info->cCertEncoded)
2060 SetLastError(CRYPT_E_INVALID_INDEX);
2062 ret = CRYPT_CopyParam(pvData, pcbData,
2063 msg->u.signed_data.info->rgCertEncoded[dwIndex].pbData,
2064 msg->u.signed_data.info->rgCertEncoded[dwIndex].cbData);
2067 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2069 case CMSG_CRL_COUNT_PARAM:
2070 if (msg->u.signed_data.info)
2071 ret = CRYPT_CopyParam(pvData, pcbData,
2072 &msg->u.signed_data.info->cCrlEncoded, sizeof(DWORD));
2074 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2076 case CMSG_CRL_PARAM:
2077 if (msg->u.signed_data.info)
2079 if (dwIndex >= msg->u.signed_data.info->cCrlEncoded)
2080 SetLastError(CRYPT_E_INVALID_INDEX);
2082 ret = CRYPT_CopyParam(pvData, pcbData,
2083 msg->u.signed_data.info->rgCrlEncoded[dwIndex].pbData,
2084 msg->u.signed_data.info->rgCrlEncoded[dwIndex].cbData);
2087 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2089 case CMSG_COMPUTED_HASH_PARAM:
2090 if (msg->u.signed_data.info)
2092 if (dwIndex >= msg->u.signed_data.cSignerHandle)
2093 SetLastError(CRYPT_E_INVALID_INDEX);
2095 ret = CryptGetHashParam(
2096 msg->u.signed_data.signerHandles[dwIndex].contentHash,
2097 HP_HASHVAL, pvData, pcbData, 0);
2100 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2102 case CMSG_ATTR_CERT_COUNT_PARAM:
2103 if (msg->u.signed_data.info)
2105 DWORD attrCertCount = 0;
2107 ret = CRYPT_CopyParam(pvData, pcbData,
2108 &attrCertCount, sizeof(DWORD));
2111 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2113 case CMSG_ATTR_CERT_PARAM:
2114 if (msg->u.signed_data.info)
2115 SetLastError(CRYPT_E_INVALID_INDEX);
2117 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2120 FIXME("unimplemented for %d\n", dwParamType);
2121 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2126 static BOOL CDecodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
2127 DWORD dwIndex, void *pvData, DWORD *pcbData)
2129 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
2135 ret = CDecodeHashMsg_GetParam(msg, dwParamType, dwIndex, pvData,
2139 ret = CDecodeSignedMsg_GetParam(msg, dwParamType, dwIndex, pvData,
2143 switch (dwParamType)
2145 case CMSG_TYPE_PARAM:
2146 ret = CRYPT_CopyParam(pvData, pcbData, &msg->type,
2151 CRYPT_DATA_BLOB blob;
2153 ret = ContextPropertyList_FindProperty(msg->properties, dwParamType,
2156 ret = CRYPT_CopyParam(pvData, pcbData, blob.pbData,
2159 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2166 static BOOL CDecodeHashMsg_VerifyHash(CDecodeMsg *msg)
2169 CRYPT_DATA_BLOB hashBlob;
2171 ret = ContextPropertyList_FindProperty(msg->properties,
2172 CMSG_HASH_DATA_PARAM, &hashBlob);
2175 DWORD computedHashSize = 0;
2177 ret = CDecodeHashMsg_GetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0, NULL,
2179 if (hashBlob.cbData == computedHashSize)
2181 LPBYTE computedHash = CryptMemAlloc(computedHashSize);
2185 ret = CDecodeHashMsg_GetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0,
2186 computedHash, &computedHashSize);
2188 ret = !memcmp(hashBlob.pbData, computedHash,
2190 CryptMemFree(computedHash);
2199 static BOOL CDecodeSignedMsg_VerifySignatureWithKey(CDecodeMsg *msg,
2200 HCRYPTPROV prov, DWORD signerIndex, PCERT_PUBLIC_KEY_INFO keyInfo)
2206 prov = msg->crypt_prov;
2207 ret = CryptImportPublicKeyInfo(prov, X509_ASN_ENCODING, keyInfo, &key);
2211 CRYPT_HASH_BLOB reversedHash;
2213 if (msg->u.signed_data.info->rgSignerInfo[signerIndex].AuthAttrs.cAttr)
2214 hash = msg->u.signed_data.signerHandles[signerIndex].authAttrHash;
2216 hash = msg->u.signed_data.signerHandles[signerIndex].contentHash;
2217 ret = CRYPT_ConstructBlob(&reversedHash,
2218 &msg->u.signed_data.info->rgSignerInfo[signerIndex].EncryptedHash);
2221 CRYPT_ReverseBytes(&reversedHash);
2222 ret = CryptVerifySignatureW(hash, reversedHash.pbData,
2223 reversedHash.cbData, key, NULL, 0);
2224 CryptMemFree(reversedHash.pbData);
2226 CryptDestroyKey(key);
2231 static BOOL CDecodeSignedMsg_VerifySignature(CDecodeMsg *msg, PCERT_INFO info)
2236 for (i = 0; !ret && i < msg->u.signed_data.info->cSignerInfo; i++)
2238 ret = CertCompareCertificateName(X509_ASN_ENCODING,
2239 &msg->u.signed_data.info->rgSignerInfo[i].Issuer, &info->Issuer);
2242 ret = CertCompareIntegerBlob(
2243 &msg->u.signed_data.info->rgSignerInfo[i].SerialNumber,
2244 &info->SerialNumber);
2250 ret = CDecodeSignedMsg_VerifySignatureWithKey(msg, 0, i,
2251 &info->SubjectPublicKeyInfo);
2253 SetLastError(CRYPT_E_SIGNER_NOT_FOUND);
2258 static BOOL CDecodeSignedMsg_VerifySignatureEx(CDecodeMsg *msg,
2259 PCMSG_CTRL_VERIFY_SIGNATURE_EX_PARA para)
2263 if (para->cbSize != sizeof(CMSG_CTRL_VERIFY_SIGNATURE_EX_PARA))
2264 SetLastError(ERROR_INVALID_PARAMETER);
2265 else if (para->dwSignerIndex >= msg->u.signed_data.info->cSignerInfo)
2266 SetLastError(CRYPT_E_SIGNER_NOT_FOUND);
2269 switch (para->dwSignerType)
2271 case CMSG_VERIFY_SIGNER_PUBKEY:
2272 ret = CDecodeSignedMsg_VerifySignatureWithKey(msg,
2273 para->hCryptProv, para->dwSignerIndex,
2274 (PCERT_PUBLIC_KEY_INFO)para->pvSigner);
2276 case CMSG_VERIFY_SIGNER_CERT:
2278 PCCERT_CONTEXT cert = (PCCERT_CONTEXT)para->pvSigner;
2280 ret = CDecodeSignedMsg_VerifySignatureWithKey(msg, para->hCryptProv,
2281 para->dwSignerIndex, &cert->pCertInfo->SubjectPublicKeyInfo);
2285 FIXME("unimplemented for signer type %d\n", para->dwSignerType);
2286 SetLastError(CRYPT_E_SIGNER_NOT_FOUND);
2292 static BOOL CDecodeMsg_Control(HCRYPTMSG hCryptMsg, DWORD dwFlags,
2293 DWORD dwCtrlType, const void *pvCtrlPara)
2295 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
2300 case CMSG_CTRL_VERIFY_SIGNATURE:
2304 ret = CDecodeSignedMsg_VerifySignature(msg, (PCERT_INFO)pvCtrlPara);
2307 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2310 case CMSG_CTRL_DECRYPT:
2314 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2317 case CMSG_CTRL_VERIFY_HASH:
2321 ret = CDecodeHashMsg_VerifyHash(msg);
2324 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2327 case CMSG_CTRL_VERIFY_SIGNATURE_EX:
2331 ret = CDecodeSignedMsg_VerifySignatureEx(msg,
2332 (PCMSG_CTRL_VERIFY_SIGNATURE_EX_PARA)pvCtrlPara);
2335 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2339 SetLastError(CRYPT_E_CONTROL_TYPE);
2344 HCRYPTMSG WINAPI CryptMsgOpenToDecode(DWORD dwMsgEncodingType, DWORD dwFlags,
2345 DWORD dwMsgType, HCRYPTPROV_LEGACY hCryptProv, PCERT_INFO pRecipientInfo,
2346 PCMSG_STREAM_INFO pStreamInfo)
2350 TRACE("(%08x, %08x, %08x, %08lx, %p, %p)\n", dwMsgEncodingType,
2351 dwFlags, dwMsgType, hCryptProv, pRecipientInfo, pStreamInfo);
2353 if (GET_CMSG_ENCODING_TYPE(dwMsgEncodingType) != PKCS_7_ASN_ENCODING)
2355 SetLastError(E_INVALIDARG);
2358 msg = CryptMemAlloc(sizeof(CDecodeMsg));
2361 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
2362 CDecodeMsg_Close, CDecodeMsg_GetParam, CDecodeMsg_Update,
2363 CDecodeMsg_Control);
2364 msg->type = dwMsgType;
2366 msg->crypt_prov = hCryptProv;
2369 msg->crypt_prov = CRYPT_GetDefaultProvider();
2370 msg->base.open_flags &= ~CMSG_CRYPT_RELEASE_CONTEXT_FLAG;
2372 memset(&msg->u, 0, sizeof(msg->u));
2373 msg->msg_data.cbData = 0;
2374 msg->msg_data.pbData = NULL;
2375 msg->properties = ContextPropertyList_Create();
2380 HCRYPTMSG WINAPI CryptMsgDuplicate(HCRYPTMSG hCryptMsg)
2382 TRACE("(%p)\n", hCryptMsg);
2386 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2388 InterlockedIncrement(&msg->ref);
2393 BOOL WINAPI CryptMsgClose(HCRYPTMSG hCryptMsg)
2395 TRACE("(%p)\n", hCryptMsg);
2399 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2401 if (InterlockedDecrement(&msg->ref) == 0)
2403 TRACE("freeing %p\n", msg);
2412 BOOL WINAPI CryptMsgUpdate(HCRYPTMSG hCryptMsg, const BYTE *pbData,
2413 DWORD cbData, BOOL fFinal)
2415 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2417 TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
2419 return msg->update(hCryptMsg, pbData, cbData, fFinal);
2422 BOOL WINAPI CryptMsgGetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
2423 DWORD dwIndex, void *pvData, DWORD *pcbData)
2425 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2427 TRACE("(%p, %d, %d, %p, %p)\n", hCryptMsg, dwParamType, dwIndex,
2429 return msg->get_param(hCryptMsg, dwParamType, dwIndex, pvData, pcbData);
2432 BOOL WINAPI CryptMsgControl(HCRYPTMSG hCryptMsg, DWORD dwFlags,
2433 DWORD dwCtrlType, const void *pvCtrlPara)
2435 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2437 TRACE("(%p, %08x, %d, %p)\n", hCryptMsg, dwFlags, dwCtrlType,
2439 return msg->control(hCryptMsg, dwFlags, dwCtrlType, pvCtrlPara);
2442 HCERTSTORE WINAPI CryptGetMessageCertificates(DWORD dwMsgAndCertEncodingType,
2443 HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const BYTE* pbSignedBlob,
2446 CRYPT_DATA_BLOB blob = { cbSignedBlob, (LPBYTE)pbSignedBlob };
2448 TRACE("(%08x, %ld, %d08x %p, %d)\n", dwMsgAndCertEncodingType, hCryptProv,
2449 dwFlags, pbSignedBlob, cbSignedBlob);
2451 return CertOpenStore(CERT_STORE_PROV_PKCS7, dwMsgAndCertEncodingType,
2452 hCryptProv, dwFlags, &blob);
2455 LONG WINAPI CryptGetMessageSignerCount(DWORD dwMsgEncodingType,
2456 const BYTE *pbSignedBlob, DWORD cbSignedBlob)
2461 TRACE("(%08x, %p, %d)\n", dwMsgEncodingType, pbSignedBlob, cbSignedBlob);
2463 msg = CryptMsgOpenToDecode(dwMsgEncodingType, 0, 0, 0, NULL, NULL);
2466 if (CryptMsgUpdate(msg, pbSignedBlob, cbSignedBlob, TRUE))
2468 DWORD size = sizeof(count);
2470 CryptMsgGetParam(msg, CMSG_SIGNER_COUNT_PARAM, 0, &count, &size);
2477 static CERT_INFO *CRYPT_GetSignerCertInfoFromMsg(HCRYPTMSG msg,
2478 DWORD dwSignerIndex)
2480 CERT_INFO *certInfo = NULL;
2483 if (CryptMsgGetParam(msg, CMSG_SIGNER_CERT_INFO_PARAM, dwSignerIndex, NULL,
2486 certInfo = CryptMemAlloc(size);
2489 if (!CryptMsgGetParam(msg, CMSG_SIGNER_CERT_INFO_PARAM,
2490 dwSignerIndex, certInfo, &size))
2492 CryptMemFree(certInfo);
2500 static PCCERT_CONTEXT WINAPI CRYPT_DefaultGetSignerCertificate(void *pvGetArg,
2501 DWORD dwCertEncodingType, PCERT_INFO pSignerId, HCERTSTORE hMsgCertStore)
2503 return CertFindCertificateInStore(hMsgCertStore, dwCertEncodingType, 0,
2504 CERT_FIND_SUBJECT_CERT, pSignerId, NULL);
2507 static inline PCCERT_CONTEXT CRYPT_GetSignerCertificate(HCRYPTMSG msg,
2508 PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, PCERT_INFO certInfo, HCERTSTORE store)
2510 PFN_CRYPT_GET_SIGNER_CERTIFICATE getCert;
2512 if (pVerifyPara->pfnGetSignerCertificate)
2513 getCert = pVerifyPara->pfnGetSignerCertificate;
2515 getCert = CRYPT_DefaultGetSignerCertificate;
2516 return getCert(pVerifyPara->pvGetArg,
2517 pVerifyPara->dwMsgAndCertEncodingType, certInfo, store);
2520 BOOL WINAPI CryptVerifyMessageSignature(PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara,
2521 DWORD dwSignerIndex, const BYTE* pbSignedBlob, DWORD cbSignedBlob,
2522 BYTE* pbDecoded, DWORD* pcbDecoded, PCCERT_CONTEXT* ppSignerCert)
2526 CRYPT_CONTENT_INFO *contentInfo;
2528 TRACE("(%p, %d, %p, %d, %p, %p, %p)\n",
2529 pVerifyPara, dwSignerIndex, pbSignedBlob, cbSignedBlob,
2530 pbDecoded, pcbDecoded, ppSignerCert);
2533 *ppSignerCert = NULL;
2537 pVerifyPara->cbSize != sizeof(CRYPT_VERIFY_MESSAGE_PARA) ||
2538 GET_CMSG_ENCODING_TYPE(pVerifyPara->dwMsgAndCertEncodingType) !=
2539 PKCS_7_ASN_ENCODING)
2541 SetLastError(E_INVALIDARG);
2545 ret = CryptDecodeObjectEx(pVerifyPara->dwMsgAndCertEncodingType,
2546 PKCS_CONTENT_INFO, pbSignedBlob, cbSignedBlob,
2547 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
2548 (LPBYTE)&contentInfo, &size);
2551 if (strcmp(contentInfo->pszObjId, szOID_RSA_signedData))
2553 SetLastError(CRYPT_E_UNEXPECTED_MSG_TYPE);
2558 HCRYPTMSG msg = CryptMsgOpenToDecode(
2559 pVerifyPara->dwMsgAndCertEncodingType, 0, CMSG_SIGNED,
2560 pVerifyPara->hCryptProv, NULL, NULL);
2564 ret = CryptMsgUpdate(msg, contentInfo->Content.pbData,
2565 contentInfo->Content.cbData, TRUE);
2566 if (ret && pcbDecoded)
2567 ret = CRYPT_CopyParam(pbDecoded, pcbDecoded,
2568 contentInfo->Content.pbData, contentInfo->Content.cbData);
2571 CERT_INFO *certInfo = CRYPT_GetSignerCertInfoFromMsg(msg,
2577 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MSG,
2578 pVerifyPara->dwMsgAndCertEncodingType,
2579 pVerifyPara->hCryptProv, 0, msg);
2583 PCCERT_CONTEXT cert = CRYPT_GetSignerCertificate(
2584 msg, pVerifyPara, certInfo, store);
2588 ret = CryptMsgControl(msg, 0,
2589 CMSG_CTRL_VERIFY_SIGNATURE, cert->pCertInfo);
2590 if (ret && ppSignerCert)
2591 *ppSignerCert = cert;
2593 CertFreeCertificateContext(cert);
2595 CertCloseStore(store, 0);
2598 CryptMemFree(certInfo);
2603 LocalFree(contentInfo);
2605 TRACE("returning %d\n", ret);
projects / wine / blob