2 * Copyright 2006 Juan Lang for CodeWeavers
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 #define NONAMELESSUNION
27 #include "wine/debug.h"
28 #include "wine/unicode.h"
30 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
32 DWORD WINAPI CertRDNValueToStrA(DWORD dwValueType, PCERT_RDN_VALUE_BLOB pValue,
37 TRACE("(%d, %p, %p, %d)\n", dwValueType, pValue, psz, csz);
41 case CERT_RDN_ANY_TYPE:
43 case CERT_RDN_NUMERIC_STRING:
44 case CERT_RDN_PRINTABLE_STRING:
45 case CERT_RDN_TELETEX_STRING:
46 case CERT_RDN_VIDEOTEX_STRING:
47 case CERT_RDN_IA5_STRING:
48 case CERT_RDN_GRAPHIC_STRING:
49 case CERT_RDN_VISIBLE_STRING:
50 case CERT_RDN_GENERAL_STRING:
56 DWORD chars = min(len, csz - 1);
60 memcpy(psz, pValue->pbData, chars);
66 case CERT_RDN_BMP_STRING:
67 case CERT_RDN_UTF8_STRING:
68 len = WideCharToMultiByte(CP_ACP, 0, (LPCWSTR)pValue->pbData,
69 pValue->cbData / sizeof(WCHAR), NULL, 0, NULL, NULL);
74 DWORD chars = min(pValue->cbData / sizeof(WCHAR), csz - 1);
78 ret = WideCharToMultiByte(CP_ACP, 0, (LPCWSTR)pValue->pbData,
79 chars, psz, csz - 1, NULL, NULL);
85 FIXME("string type %d unimplemented\n", dwValueType);
95 TRACE("returning %d (%s)\n", ret, debugstr_a(psz));
99 DWORD WINAPI CertRDNValueToStrW(DWORD dwValueType, PCERT_RDN_VALUE_BLOB pValue,
100 LPWSTR psz, DWORD csz)
102 DWORD ret = 0, len, i, strLen;
104 TRACE("(%d, %p, %p, %d)\n", dwValueType, pValue, psz, csz);
108 case CERT_RDN_ANY_TYPE:
110 case CERT_RDN_NUMERIC_STRING:
111 case CERT_RDN_PRINTABLE_STRING:
112 case CERT_RDN_TELETEX_STRING:
113 case CERT_RDN_VIDEOTEX_STRING:
114 case CERT_RDN_IA5_STRING:
115 case CERT_RDN_GRAPHIC_STRING:
116 case CERT_RDN_VISIBLE_STRING:
117 case CERT_RDN_GENERAL_STRING:
118 len = pValue->cbData;
125 for (i = 0; i < pValue->cbData && ptr - psz < csz; ptr++, i++)
126 *ptr = pValue->pbData[i];
130 case CERT_RDN_BMP_STRING:
131 case CERT_RDN_UTF8_STRING:
132 strLen = len = pValue->cbData / sizeof(WCHAR);
139 for (i = 0; i < strLen && ptr - psz < csz; ptr++, i++)
140 *ptr = ((LPCWSTR)pValue->pbData)[i];
145 FIXME("string type %d unimplemented\n", dwValueType);
155 TRACE("returning %d (%s)\n", ret, debugstr_w(psz));
159 static inline BOOL is_quotable_char(char c)
178 static DWORD quote_rdn_value_to_str_a(DWORD dwValueType,
179 PCERT_RDN_VALUE_BLOB pValue, LPSTR psz, DWORD csz)
181 DWORD ret = 0, len, i;
182 BOOL needsQuotes = FALSE;
184 TRACE("(%d, %p, %p, %d)\n", dwValueType, pValue, psz, csz);
188 case CERT_RDN_ANY_TYPE:
190 case CERT_RDN_NUMERIC_STRING:
191 case CERT_RDN_PRINTABLE_STRING:
192 case CERT_RDN_TELETEX_STRING:
193 case CERT_RDN_VIDEOTEX_STRING:
194 case CERT_RDN_IA5_STRING:
195 case CERT_RDN_GRAPHIC_STRING:
196 case CERT_RDN_VISIBLE_STRING:
197 case CERT_RDN_GENERAL_STRING:
198 len = pValue->cbData;
199 if (pValue->cbData && isspace(pValue->pbData[0]))
201 if (pValue->cbData && isspace(pValue->pbData[pValue->cbData - 1]))
203 for (i = 0; i < pValue->cbData; i++)
205 if (is_quotable_char(pValue->pbData[i]))
207 if (pValue->pbData[i] == '"')
220 for (i = 0; i < pValue->cbData && ptr - psz < csz; ptr++, i++)
222 *ptr = pValue->pbData[i];
223 if (pValue->pbData[i] == '"' && ptr - psz < csz - 1)
226 if (needsQuotes && ptr - psz < csz)
231 case CERT_RDN_BMP_STRING:
232 case CERT_RDN_UTF8_STRING:
233 len = WideCharToMultiByte(CP_ACP, 0, (LPCWSTR)pValue->pbData,
234 pValue->cbData / sizeof(WCHAR), NULL, 0, NULL, NULL);
235 if (pValue->cbData && isspaceW(((LPCWSTR)pValue->pbData)[0]))
237 if (pValue->cbData &&
238 isspaceW(((LPCWSTR)pValue->pbData)[pValue->cbData / sizeof(WCHAR)-1]))
240 for (i = 0; i < pValue->cbData / sizeof(WCHAR); i++)
242 if (is_quotable_char(((LPCWSTR)pValue->pbData)[i]))
244 if (((LPCWSTR)pValue->pbData)[i] == '"')
257 for (i = 0; i < pValue->cbData / sizeof(WCHAR) &&
258 dst - psz < csz; dst++, i++)
260 LPCWSTR src = (LPCWSTR)pValue->pbData + i;
262 WideCharToMultiByte(CP_ACP, 0, src, 1, dst,
263 csz - (dst - psz) - 1, NULL, NULL);
264 if (*src == '"' && dst - psz < csz - 1)
267 if (needsQuotes && dst - psz < csz)
273 FIXME("string type %d unimplemented\n", dwValueType);
283 TRACE("returning %d (%s)\n", ret, debugstr_a(psz));
287 static DWORD quote_rdn_value_to_str_w(DWORD dwValueType,
288 PCERT_RDN_VALUE_BLOB pValue, LPWSTR psz, DWORD csz)
290 DWORD ret = 0, len, i, strLen;
291 BOOL needsQuotes = FALSE;
293 TRACE("(%d, %p, %p, %d)\n", dwValueType, pValue, psz, csz);
297 case CERT_RDN_ANY_TYPE:
299 case CERT_RDN_NUMERIC_STRING:
300 case CERT_RDN_PRINTABLE_STRING:
301 case CERT_RDN_TELETEX_STRING:
302 case CERT_RDN_VIDEOTEX_STRING:
303 case CERT_RDN_IA5_STRING:
304 case CERT_RDN_GRAPHIC_STRING:
305 case CERT_RDN_VISIBLE_STRING:
306 case CERT_RDN_GENERAL_STRING:
307 len = pValue->cbData;
308 if (pValue->cbData && isspace(pValue->pbData[0]))
310 if (pValue->cbData && isspace(pValue->pbData[pValue->cbData - 1]))
312 for (i = 0; i < pValue->cbData; i++)
314 if (is_quotable_char(pValue->pbData[i]))
316 if (pValue->pbData[i] == '"')
329 for (i = 0; i < pValue->cbData && ptr - psz < csz; ptr++, i++)
331 *ptr = pValue->pbData[i];
332 if (pValue->pbData[i] == '"' && ptr - psz < csz - 1)
335 if (needsQuotes && ptr - psz < csz)
340 case CERT_RDN_BMP_STRING:
341 case CERT_RDN_UTF8_STRING:
342 strLen = len = pValue->cbData / sizeof(WCHAR);
343 if (pValue->cbData && isspace(pValue->pbData[0]))
345 if (pValue->cbData && isspace(pValue->pbData[strLen - 1]))
347 for (i = 0; i < strLen; i++)
349 if (is_quotable_char(((LPCWSTR)pValue->pbData)[i]))
351 if (((LPCWSTR)pValue->pbData)[i] == '"')
364 for (i = 0; i < strLen && ptr - psz < csz; ptr++, i++)
366 *ptr = ((LPCWSTR)pValue->pbData)[i];
367 if (((LPCWSTR)pValue->pbData)[i] == '"' && ptr - psz < csz - 1)
370 if (needsQuotes && ptr - psz < csz)
376 FIXME("string type %d unimplemented\n", dwValueType);
386 TRACE("returning %d (%s)\n", ret, debugstr_w(psz));
390 /* Adds the prefix prefix to the string pointed to by psz, followed by the
391 * character '='. Copies no more than csz characters. Returns the number of
392 * characters copied. If psz is NULL, returns the number of characters that
395 static DWORD CRYPT_AddPrefixA(LPCSTR prefix, LPSTR psz, DWORD csz)
399 TRACE("(%s, %p, %d)\n", debugstr_a(prefix), psz, csz);
403 chars = min(strlen(prefix), csz);
404 memcpy(psz, prefix, chars);
405 *(psz + chars) = '=';
409 chars = lstrlenA(prefix) + 1;
413 DWORD WINAPI CertNameToStrA(DWORD dwCertEncodingType, PCERT_NAME_BLOB pName,
414 DWORD dwStrType, LPSTR psz, DWORD csz)
416 static const DWORD unsupportedFlags = CERT_NAME_STR_NO_QUOTING_FLAG |
417 CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG;
418 static const char commaSep[] = ", ";
419 static const char semiSep[] = "; ";
420 static const char crlfSep[] = "\r\n";
421 static const char plusSep[] = " + ";
422 static const char spaceSep[] = " ";
423 DWORD ret = 0, bytes = 0;
425 CERT_NAME_INFO *info;
427 TRACE("(%d, %p, %08x, %p, %d)\n", dwCertEncodingType, pName, dwStrType,
429 if (dwStrType & unsupportedFlags)
430 FIXME("unsupported flags: %08x\n", dwStrType & unsupportedFlags);
432 bRet = CryptDecodeObjectEx(dwCertEncodingType, X509_NAME, pName->pbData,
433 pName->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, &info, &bytes);
436 DWORD i, j, sepLen, rdnSepLen;
438 BOOL reverse = dwStrType & CERT_NAME_STR_REVERSE_FLAG;
439 const CERT_RDN *rdn = info->rgRDN;
441 if(reverse && info->cRDN > 1) rdn += (info->cRDN - 1);
443 if (dwStrType & CERT_NAME_STR_SEMICOLON_FLAG)
445 else if (dwStrType & CERT_NAME_STR_CRLF_FLAG)
449 sepLen = strlen(sep);
450 if (dwStrType & CERT_NAME_STR_NO_PLUS_FLAG)
454 rdnSepLen = strlen(rdnSep);
455 for (i = 0; (!psz || ret < csz) && i < info->cRDN; i++)
457 for (j = 0; (!psz || ret < csz) && j < rdn->cRDNAttr; j++)
460 char prefixBuf[10]; /* big enough for GivenName */
461 LPCSTR prefix = NULL;
463 if ((dwStrType & 0x000000ff) == CERT_OID_NAME_STR)
464 prefix = rdn->rgRDNAttr[j].pszObjId;
465 else if ((dwStrType & 0x000000ff) == CERT_X500_NAME_STR)
467 PCCRYPT_OID_INFO oidInfo = CryptFindOIDInfo(
468 CRYPT_OID_INFO_OID_KEY,
469 rdn->rgRDNAttr[j].pszObjId,
470 CRYPT_RDN_ATTR_OID_GROUP_ID);
474 WideCharToMultiByte(CP_ACP, 0, oidInfo->pwszName, -1,
475 prefixBuf, sizeof(prefixBuf), NULL, NULL);
479 prefix = rdn->rgRDNAttr[j].pszObjId;
483 /* - 1 is needed to account for the NULL terminator. */
484 chars = CRYPT_AddPrefixA(prefix,
485 psz ? psz + ret : NULL, psz ? csz - ret - 1 : 0);
488 chars = quote_rdn_value_to_str_a(
489 rdn->rgRDNAttr[j].dwValueType,
490 &rdn->rgRDNAttr[j].Value, psz ? psz + ret : NULL,
491 psz ? csz - ret : 0);
494 if (j < rdn->cRDNAttr - 1)
496 if (psz && ret < csz - rdnSepLen - 1)
497 memcpy(psz + ret, rdnSep, rdnSepLen);
501 if (i < info->cRDN - 1)
503 if (psz && ret < csz - sepLen - 1)
504 memcpy(psz + ret, sep, sepLen);
519 TRACE("Returning %s\n", debugstr_a(psz));
523 /* Adds the prefix prefix to the wide-character string pointed to by psz,
524 * followed by the character '='. Copies no more than csz characters. Returns
525 * the number of characters copied. If psz is NULL, returns the number of
526 * characters that would be copied.
527 * Assumes the characters in prefix are ASCII (not multibyte characters.)
529 static DWORD CRYPT_AddPrefixAToW(LPCSTR prefix, LPWSTR psz, DWORD csz)
533 TRACE("(%s, %p, %d)\n", debugstr_a(prefix), psz, csz);
539 chars = min(strlen(prefix), csz);
540 for (i = 0; i < chars; i++)
541 *(psz + i) = prefix[i];
542 *(psz + chars) = '=';
546 chars = lstrlenA(prefix) + 1;
550 /* Adds the prefix prefix to the string pointed to by psz, followed by the
551 * character '='. Copies no more than csz characters. Returns the number of
552 * characters copied. If psz is NULL, returns the number of characters that
555 static DWORD CRYPT_AddPrefixW(LPCWSTR prefix, LPWSTR psz, DWORD csz)
559 TRACE("(%s, %p, %d)\n", debugstr_w(prefix), psz, csz);
563 chars = min(strlenW(prefix), csz);
564 memcpy(psz, prefix, chars * sizeof(WCHAR));
565 *(psz + chars) = '=';
569 chars = lstrlenW(prefix) + 1;
573 static const WCHAR indent[] = { ' ',' ',' ',' ',' ',0 };
575 DWORD cert_name_to_str_with_indent(DWORD dwCertEncodingType, DWORD indentLevel,
576 const CERT_NAME_BLOB *pName, DWORD dwStrType, LPWSTR psz, DWORD csz)
578 static const DWORD unsupportedFlags = CERT_NAME_STR_NO_QUOTING_FLAG |
579 CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG;
580 static const WCHAR commaSep[] = { ',',' ',0 };
581 static const WCHAR semiSep[] = { ';',' ',0 };
582 static const WCHAR crlfSep[] = { '\r','\n',0 };
583 static const WCHAR plusSep[] = { ' ','+',' ',0 };
584 static const WCHAR spaceSep[] = { ' ',0 };
585 DWORD ret = 0, bytes = 0;
587 CERT_NAME_INFO *info;
589 if (dwStrType & unsupportedFlags)
590 FIXME("unsupported flags: %08x\n", dwStrType & unsupportedFlags);
592 bRet = CryptDecodeObjectEx(dwCertEncodingType, X509_NAME, pName->pbData,
593 pName->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, &info, &bytes);
596 DWORD i, j, sepLen, rdnSepLen;
598 BOOL reverse = dwStrType & CERT_NAME_STR_REVERSE_FLAG;
599 const CERT_RDN *rdn = info->rgRDN;
601 if(reverse && info->cRDN > 1) rdn += (info->cRDN - 1);
603 if (dwStrType & CERT_NAME_STR_SEMICOLON_FLAG)
605 else if (dwStrType & CERT_NAME_STR_CRLF_FLAG)
609 sepLen = lstrlenW(sep);
610 if (dwStrType & CERT_NAME_STR_NO_PLUS_FLAG)
614 rdnSepLen = lstrlenW(rdnSep);
615 for (i = 0; (!psz || ret < csz) && i < info->cRDN; i++)
617 for (j = 0; (!psz || ret < csz) && j < rdn->cRDNAttr; j++)
620 LPCSTR prefixA = NULL;
621 LPCWSTR prefixW = NULL;
623 if ((dwStrType & 0x000000ff) == CERT_OID_NAME_STR)
624 prefixA = rdn->rgRDNAttr[j].pszObjId;
625 else if ((dwStrType & 0x000000ff) == CERT_X500_NAME_STR)
627 PCCRYPT_OID_INFO oidInfo = CryptFindOIDInfo(
628 CRYPT_OID_INFO_OID_KEY,
629 rdn->rgRDNAttr[j].pszObjId,
630 CRYPT_RDN_ATTR_OID_GROUP_ID);
633 prefixW = oidInfo->pwszName;
635 prefixA = rdn->rgRDNAttr[j].pszObjId;
637 if (dwStrType & CERT_NAME_STR_CRLF_FLAG)
641 for (k = 0; k < indentLevel; k++)
645 chars = min(strlenW(indent), csz - ret - 1);
646 memcpy(psz + ret, indent, chars * sizeof(WCHAR));
649 chars = strlenW(indent);
655 /* - 1 is needed to account for the NULL terminator. */
656 chars = CRYPT_AddPrefixW(prefixW,
657 psz ? psz + ret : NULL, psz ? csz - ret - 1 : 0);
662 /* - 1 is needed to account for the NULL terminator. */
663 chars = CRYPT_AddPrefixAToW(prefixA,
664 psz ? psz + ret : NULL, psz ? csz - ret - 1 : 0);
667 chars = quote_rdn_value_to_str_w(
668 rdn->rgRDNAttr[j].dwValueType,
669 &rdn->rgRDNAttr[j].Value, psz ? psz + ret : NULL,
670 psz ? csz - ret : 0);
673 if (j < rdn->cRDNAttr - 1)
675 if (psz && ret < csz - rdnSepLen - 1)
676 memcpy(psz + ret, rdnSep, rdnSepLen * sizeof(WCHAR));
680 if (i < info->cRDN - 1)
682 if (psz && ret < csz - sepLen - 1)
683 memcpy(psz + ret, sep, sepLen * sizeof(WCHAR));
701 DWORD WINAPI CertNameToStrW(DWORD dwCertEncodingType, PCERT_NAME_BLOB pName,
702 DWORD dwStrType, LPWSTR psz, DWORD csz)
706 TRACE("(%d, %p, %08x, %p, %d)\n", dwCertEncodingType, pName, dwStrType,
709 ret = cert_name_to_str_with_indent(dwCertEncodingType, 0, pName, dwStrType,
711 TRACE("Returning %s\n", debugstr_w(psz));
715 BOOL WINAPI CertStrToNameA(DWORD dwCertEncodingType, LPCSTR pszX500,
716 DWORD dwStrType, void *pvReserved, BYTE *pbEncoded, DWORD *pcbEncoded,
722 TRACE("(%08x, %s, %08x, %p, %p, %p, %p)\n", dwCertEncodingType,
723 debugstr_a(pszX500), dwStrType, pvReserved, pbEncoded, pcbEncoded,
726 len = MultiByteToWideChar(CP_ACP, 0, pszX500, -1, NULL, 0);
729 LPWSTR x500, errorStr;
731 if ((x500 = CryptMemAlloc(len * sizeof(WCHAR))))
733 MultiByteToWideChar(CP_ACP, 0, pszX500, -1, x500, len);
734 ret = CertStrToNameW(dwCertEncodingType, x500, dwStrType,
735 pvReserved, pbEncoded, pcbEncoded,
736 ppszError ? (LPCWSTR *)&errorStr : NULL);
743 *ppszError = pszX500;
744 for (i = 0; i < errorStr - x500; i++)
745 *ppszError = CharNextA(*ppszError);
754 SetLastError(ERROR_OUTOFMEMORY);
760 SetLastError(CRYPT_E_INVALID_X500_STRING);
762 *ppszError = pszX500;
770 WCHAR buf[10]; /* big enough for L"GivenName" */
771 LPWSTR keyName; /* usually = buf, but may be allocated */
775 static void CRYPT_InitializeKeynameKeeper(struct KeynameKeeper *keeper)
777 keeper->keyName = keeper->buf;
778 keeper->keyLen = sizeof(keeper->buf) / sizeof(keeper->buf[0]);
781 static void CRYPT_FreeKeynameKeeper(struct KeynameKeeper *keeper)
783 if (keeper->keyName != keeper->buf)
784 CryptMemFree(keeper->keyName);
793 static void CRYPT_KeynameKeeperFromTokenW(struct KeynameKeeper *keeper,
794 const struct X500TokenW *key)
796 DWORD len = key->end - key->start;
798 if (len > keeper->keyLen)
800 if (keeper->keyName == keeper->buf)
801 keeper->keyName = CryptMemAlloc(len * sizeof(WCHAR));
803 keeper->keyName = CryptMemRealloc(keeper->keyName,
804 len * sizeof(WCHAR));
805 keeper->keyLen = len;
807 memcpy(keeper->keyName, key->start, (key->end - key->start) *
809 keeper->keyName[len] = '\0';
810 TRACE("Keyname is %s\n", debugstr_w(keeper->keyName));
813 static BOOL CRYPT_GetNextKeyW(LPCWSTR str, struct X500TokenW *token,
818 while (*str && isspaceW(*str))
823 while (*str && *str != '=' && !isspaceW(*str))
825 if (*str && (*str == '=' || isspaceW(*str)))
829 TRACE("missing equals char at %s\n", debugstr_w(token->start));
831 *ppszError = token->start;
832 SetLastError(CRYPT_E_INVALID_X500_STRING);
841 /* Assumes separators are characters in the 0-255 range */
842 static BOOL CRYPT_GetNextValueW(LPCWSTR str, DWORD dwFlags, LPCWSTR separators,
843 struct X500TokenW *token, LPCWSTR *ppszError)
847 TRACE("(%s, %s, %p, %p)\n", debugstr_w(str), debugstr_w(separators), token,
850 while (*str && isspaceW(*str))
855 if (!(dwFlags & CERT_NAME_STR_NO_QUOTING_FLAG) && *str == '"')
859 while (!token->end && ret)
861 while (*str && *str != '"')
865 if (*(str + 1) != '"')
866 token->end = str + 1;
872 TRACE("unterminated quote at %s\n", debugstr_w(str));
875 SetLastError(CRYPT_E_INVALID_X500_STRING);
882 WCHAR map[256] = { 0 };
885 map[*separators++] = 1;
886 while (*str && (*str >= 0xff || !map[*str]))
893 TRACE("missing value at %s\n", debugstr_w(str));
896 SetLastError(CRYPT_E_INVALID_X500_STRING);
902 /* Encodes the string represented by value as the string type type into the
903 * CERT_NAME_BLOB output. If there is an error and ppszError is not NULL,
904 * *ppszError is set to the first failing character. If there is no error,
905 * output's pbData must be freed with LocalFree.
907 static BOOL CRYPT_EncodeValueWithType(DWORD dwCertEncodingType,
908 const struct X500TokenW *value, PCERT_NAME_BLOB output, DWORD type,
911 CERT_NAME_VALUE nameValue = { type, { 0, NULL } };
914 if (value->end > value->start)
919 nameValue.Value.pbData = CryptMemAlloc((value->end - value->start + 1) *
921 if (!nameValue.Value.pbData)
923 SetLastError(ERROR_OUTOFMEMORY);
926 ptr = (LPWSTR)nameValue.Value.pbData;
927 for (i = 0; i < value->end - value->start; i++)
929 *ptr++ = value->start[i];
930 if (value->start[i] == '"')
933 /* The string is NULL terminated because of a quirk in encoding
934 * unicode names values: if the length is given as 0, the value is
935 * assumed to be a NULL-terminated string.
938 nameValue.Value.cbData = (LPBYTE)ptr - nameValue.Value.pbData;
940 ret = CryptEncodeObjectEx(dwCertEncodingType, X509_UNICODE_NAME_VALUE,
941 &nameValue, CRYPT_ENCODE_ALLOC_FLAG, NULL, &output->pbData,
943 if (!ret && ppszError)
945 if (type == CERT_RDN_NUMERIC_STRING &&
946 GetLastError() == CRYPT_E_INVALID_NUMERIC_STRING)
947 *ppszError = value->start + output->cbData;
948 else if (type == CERT_RDN_PRINTABLE_STRING &&
949 GetLastError() == CRYPT_E_INVALID_PRINTABLE_STRING)
950 *ppszError = value->start + output->cbData;
951 else if (type == CERT_RDN_IA5_STRING &&
952 GetLastError() == CRYPT_E_INVALID_IA5_STRING)
953 *ppszError = value->start + output->cbData;
955 CryptMemFree(nameValue.Value.pbData);
959 static BOOL CRYPT_EncodeValue(DWORD dwCertEncodingType,
960 const struct X500TokenW *value, PCERT_NAME_BLOB output, const DWORD *types,
967 for (i = 0; !ret && types[i]; i++)
968 ret = CRYPT_EncodeValueWithType(dwCertEncodingType, value, output,
969 types[i], ppszError);
973 static BOOL CRYPT_ValueToRDN(DWORD dwCertEncodingType, PCERT_NAME_INFO info,
974 PCCRYPT_OID_INFO keyOID, struct X500TokenW *value, DWORD dwStrType, LPCWSTR *ppszError)
978 TRACE("OID %s, value %s\n", debugstr_a(keyOID->pszOID),
979 debugstr_wn(value->start, value->end - value->start));
982 info->rgRDN = CryptMemAlloc(sizeof(CERT_RDN));
984 info->rgRDN = CryptMemRealloc(info->rgRDN,
985 (info->cRDN + 1) * sizeof(CERT_RDN));
988 /* FIXME: support multiple RDN attrs */
989 info->rgRDN[info->cRDN].rgRDNAttr =
990 CryptMemAlloc(sizeof(CERT_RDN_ATTR));
991 if (info->rgRDN[info->cRDN].rgRDNAttr)
993 static const DWORD defaultTypes[] = { CERT_RDN_PRINTABLE_STRING,
994 CERT_RDN_BMP_STRING, 0 };
997 info->rgRDN[info->cRDN].cRDNAttr = 1;
998 info->rgRDN[info->cRDN].rgRDNAttr[0].pszObjId =
999 (LPSTR)keyOID->pszOID;
1000 info->rgRDN[info->cRDN].rgRDNAttr[0].dwValueType =
1001 CERT_RDN_ENCODED_BLOB;
1002 if (keyOID->ExtraInfo.cbData)
1003 types = (const DWORD *)keyOID->ExtraInfo.pbData;
1005 types = defaultTypes;
1007 /* Remove surrounding quotes */
1008 if (value->start[0] == '"' && !(dwStrType & CERT_NAME_STR_NO_QUOTING_FLAG))
1013 ret = CRYPT_EncodeValue(dwCertEncodingType, value,
1014 &info->rgRDN[info->cRDN].rgRDNAttr[0].Value, types, ppszError);
1017 SetLastError(ERROR_OUTOFMEMORY);
1021 SetLastError(ERROR_OUTOFMEMORY);
1025 BOOL WINAPI CertStrToNameW(DWORD dwCertEncodingType, LPCWSTR pszX500,
1026 DWORD dwStrType, void *pvReserved, BYTE *pbEncoded, DWORD *pcbEncoded,
1029 CERT_NAME_INFO info = { 0, NULL };
1031 struct KeynameKeeper keeper;
1035 TRACE("(%08x, %s, %08x, %p, %p, %p, %p)\n", dwCertEncodingType,
1036 debugstr_w(pszX500), dwStrType, pvReserved, pbEncoded, pcbEncoded,
1039 CRYPT_InitializeKeynameKeeper(&keeper);
1041 while (str && *str && ret)
1043 struct X500TokenW token;
1045 ret = CRYPT_GetNextKeyW(str, &token, ppszError);
1046 if (ret && token.start)
1048 PCCRYPT_OID_INFO keyOID;
1050 CRYPT_KeynameKeeperFromTokenW(&keeper, &token);
1051 keyOID = CryptFindOIDInfo(CRYPT_OID_INFO_NAME_KEY, keeper.keyName,
1052 CRYPT_RDN_ATTR_OID_GROUP_ID);
1056 *ppszError = token.start;
1057 SetLastError(CRYPT_E_INVALID_X500_STRING);
1063 while (isspace(*str))
1069 SetLastError(CRYPT_E_INVALID_X500_STRING);
1074 static const WCHAR commaSep[] = { ',',0 };
1075 static const WCHAR semiSep[] = { ';',0 };
1076 static const WCHAR crlfSep[] = { '\r','\n',0 };
1077 static const WCHAR allSepsWithoutPlus[] = { ',',';','\r','\n',0 };
1078 static const WCHAR allSeps[] = { '+',',',';','\r','\n',0 };
1082 if (dwStrType & CERT_NAME_STR_COMMA_FLAG)
1084 else if (dwStrType & CERT_NAME_STR_SEMICOLON_FLAG)
1086 else if (dwStrType & CERT_NAME_STR_CRLF_FLAG)
1088 else if (dwStrType & CERT_NAME_STR_NO_PLUS_FLAG)
1089 sep = allSepsWithoutPlus;
1092 ret = CRYPT_GetNextValueW(str, dwStrType, sep, &token,
1097 ret = CRYPT_ValueToRDN(dwCertEncodingType, &info,
1098 keyOID, &token, dwStrType, ppszError);
1104 CRYPT_FreeKeynameKeeper(&keeper);
1109 ret = CryptEncodeObjectEx(dwCertEncodingType, X509_NAME, &info,
1110 0, NULL, pbEncoded, pcbEncoded);
1112 for (i = 0; i < info.cRDN; i++)
1116 for (j = 0; j < info.rgRDN[i].cRDNAttr; j++)
1117 LocalFree(info.rgRDN[i].rgRDNAttr[j].Value.pbData);
1118 CryptMemFree(info.rgRDN[i].rgRDNAttr);
1120 CryptMemFree(info.rgRDN);
1124 DWORD WINAPI CertGetNameStringA(PCCERT_CONTEXT pCertContext, DWORD dwType,
1125 DWORD dwFlags, void *pvTypePara, LPSTR pszNameString, DWORD cchNameString)
1129 TRACE("(%p, %d, %08x, %p, %p, %d)\n", pCertContext, dwType, dwFlags,
1130 pvTypePara, pszNameString, cchNameString);
1137 nameLen = CertGetNameStringW(pCertContext, dwType, dwFlags, pvTypePara,
1139 wideName = CryptMemAlloc(nameLen * sizeof(WCHAR));
1142 CertGetNameStringW(pCertContext, dwType, dwFlags, pvTypePara,
1144 nameLen = WideCharToMultiByte(CP_ACP, 0, wideName, nameLen,
1145 pszNameString, cchNameString, NULL, NULL);
1146 if (nameLen <= cchNameString)
1150 pszNameString[cchNameString - 1] = '\0';
1151 ret = cchNameString;
1153 CryptMemFree(wideName);
1157 *pszNameString = '\0';
1162 ret = CertGetNameStringW(pCertContext, dwType, dwFlags, pvTypePara,
1167 /* Searches cert's extensions for the alternate name extension with OID
1168 * altNameOID, and if found, searches it for the alternate name type entryType.
1169 * If found, returns a pointer to the entry, otherwise returns NULL.
1170 * Regardless of whether an entry of the desired type is found, if the
1171 * alternate name extension is present, sets *info to the decoded alternate
1172 * name extension, which you must free using LocalFree.
1173 * The return value is a pointer within *info, so don't free *info before
1174 * you're done with the return value.
1176 static PCERT_ALT_NAME_ENTRY cert_find_alt_name_entry(PCCERT_CONTEXT cert,
1177 LPCSTR altNameOID, DWORD entryType, PCERT_ALT_NAME_INFO *info)
1179 PCERT_ALT_NAME_ENTRY entry = NULL;
1180 PCERT_EXTENSION ext = CertFindExtension(altNameOID,
1181 cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
1187 if (CryptDecodeObjectEx(cert->dwCertEncodingType, X509_ALTERNATE_NAME,
1188 ext->Value.pbData, ext->Value.cbData, CRYPT_DECODE_ALLOC_FLAG, NULL,
1193 for (i = 0; !entry && i < (*info)->cAltEntry; i++)
1194 if ((*info)->rgAltEntry[i].dwAltNameChoice == entryType)
1195 entry = &(*info)->rgAltEntry[i];
1203 static DWORD cert_get_name_from_rdn_attr(DWORD encodingType,
1204 const CERT_NAME_BLOB *name, LPCSTR oid, LPWSTR pszNameString, DWORD cchNameString)
1206 CERT_NAME_INFO *nameInfo;
1207 DWORD bytes = 0, ret = 0;
1209 if (CryptDecodeObjectEx(encodingType, X509_NAME, name->pbData,
1210 name->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, &nameInfo, &bytes))
1212 PCERT_RDN_ATTR nameAttr = CertFindRDNAttr(oid, nameInfo);
1215 ret = CertRDNValueToStrW(nameAttr->dwValueType, &nameAttr->Value,
1216 pszNameString, cchNameString);
1217 LocalFree(nameInfo);
1222 DWORD WINAPI CertGetNameStringW(PCCERT_CONTEXT pCertContext, DWORD dwType,
1223 DWORD dwFlags, void *pvTypePara, LPWSTR pszNameString, DWORD cchNameString)
1226 PCERT_NAME_BLOB name;
1229 TRACE("(%p, %d, %08x, %p, %p, %d)\n", pCertContext, dwType,
1230 dwFlags, pvTypePara, pszNameString, cchNameString);
1232 if (dwFlags & CERT_NAME_ISSUER_FLAG)
1234 name = &pCertContext->pCertInfo->Issuer;
1235 altNameOID = szOID_ISSUER_ALT_NAME;
1239 name = &pCertContext->pCertInfo->Subject;
1240 altNameOID = szOID_SUBJECT_ALT_NAME;
1245 case CERT_NAME_EMAIL_TYPE:
1247 CERT_ALT_NAME_INFO *info;
1248 PCERT_ALT_NAME_ENTRY entry = cert_find_alt_name_entry(pCertContext,
1249 altNameOID, CERT_ALT_NAME_RFC822_NAME, &info);
1254 ret = strlenW(entry->u.pwszRfc822Name) + 1;
1255 else if (cchNameString)
1257 ret = min(strlenW(entry->u.pwszRfc822Name), cchNameString - 1);
1258 memcpy(pszNameString, entry->u.pwszRfc822Name,
1259 ret * sizeof(WCHAR));
1260 pszNameString[ret++] = 0;
1266 ret = cert_get_name_from_rdn_attr(pCertContext->dwCertEncodingType,
1267 name, szOID_RSA_emailAddr, pszNameString, cchNameString);
1270 case CERT_NAME_RDN_TYPE:
1272 ret = CertNameToStrW(pCertContext->dwCertEncodingType, name,
1273 *(DWORD *)pvTypePara, pszNameString, cchNameString);
1276 CERT_ALT_NAME_INFO *info;
1277 PCERT_ALT_NAME_ENTRY entry = cert_find_alt_name_entry(pCertContext,
1278 altNameOID, CERT_ALT_NAME_DIRECTORY_NAME, &info);
1281 ret = CertNameToStrW(pCertContext->dwCertEncodingType,
1282 &entry->u.DirectoryName, *(DWORD *)pvTypePara, pszNameString,
1288 case CERT_NAME_ATTR_TYPE:
1289 ret = cert_get_name_from_rdn_attr(pCertContext->dwCertEncodingType,
1290 name, pvTypePara, pszNameString, cchNameString);
1293 CERT_ALT_NAME_INFO *altInfo;
1294 PCERT_ALT_NAME_ENTRY entry = cert_find_alt_name_entry(pCertContext,
1295 altNameOID, CERT_ALT_NAME_DIRECTORY_NAME, &altInfo);
1298 ret = cert_name_to_str_with_indent(X509_ASN_ENCODING, 0,
1299 &entry->u.DirectoryName, 0, pszNameString, cchNameString);
1304 case CERT_NAME_SIMPLE_DISPLAY_TYPE:
1306 static const LPCSTR simpleAttributeOIDs[] = { szOID_COMMON_NAME,
1307 szOID_ORGANIZATIONAL_UNIT_NAME, szOID_ORGANIZATION_NAME,
1308 szOID_RSA_emailAddr };
1309 CERT_NAME_INFO *nameInfo = NULL;
1312 if (CryptDecodeObjectEx(pCertContext->dwCertEncodingType, X509_NAME,
1313 name->pbData, name->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, &nameInfo,
1316 PCERT_RDN_ATTR nameAttr = NULL;
1318 for (i = 0; !nameAttr && i < sizeof(simpleAttributeOIDs) /
1319 sizeof(simpleAttributeOIDs[0]); i++)
1320 nameAttr = CertFindRDNAttr(simpleAttributeOIDs[i], nameInfo);
1322 ret = CertRDNValueToStrW(nameAttr->dwValueType,
1323 &nameAttr->Value, pszNameString, cchNameString);
1324 LocalFree(nameInfo);
1328 CERT_ALT_NAME_INFO *altInfo;
1329 PCERT_ALT_NAME_ENTRY entry = cert_find_alt_name_entry(pCertContext,
1330 altNameOID, CERT_ALT_NAME_RFC822_NAME, &altInfo);
1334 if (!entry && altInfo->cAltEntry)
1335 entry = &altInfo->rgAltEntry[0];
1339 ret = strlenW(entry->u.pwszRfc822Name) + 1;
1340 else if (cchNameString)
1342 ret = min(strlenW(entry->u.pwszRfc822Name),
1344 memcpy(pszNameString, entry->u.pwszRfc822Name,
1345 ret * sizeof(WCHAR));
1346 pszNameString[ret++] = 0;
1354 case CERT_NAME_FRIENDLY_DISPLAY_TYPE:
1356 DWORD cch = cchNameString;
1358 if (CertGetCertificateContextProperty(pCertContext,
1359 CERT_FRIENDLY_NAME_PROP_ID, pszNameString, &cch))
1362 ret = CertGetNameStringW(pCertContext,
1363 CERT_NAME_SIMPLE_DISPLAY_TYPE, dwFlags, pvTypePara, pszNameString,
1367 case CERT_NAME_DNS_TYPE:
1369 CERT_ALT_NAME_INFO *info;
1370 PCERT_ALT_NAME_ENTRY entry = cert_find_alt_name_entry(pCertContext,
1371 altNameOID, CERT_ALT_NAME_DNS_NAME, &info);
1376 ret = strlenW(entry->u.pwszDNSName) + 1;
1377 else if (cchNameString)
1379 ret = min(strlenW(entry->u.pwszDNSName), cchNameString - 1);
1380 memcpy(pszNameString, entry->u.pwszDNSName, ret * sizeof(WCHAR));
1381 pszNameString[ret++] = 0;
1387 ret = cert_get_name_from_rdn_attr(pCertContext->dwCertEncodingType,
1388 name, szOID_COMMON_NAME, pszNameString, cchNameString);
1391 case CERT_NAME_URL_TYPE:
1393 CERT_ALT_NAME_INFO *info;
1394 PCERT_ALT_NAME_ENTRY entry = cert_find_alt_name_entry(pCertContext,
1395 altNameOID, CERT_ALT_NAME_URL, &info);
1400 ret = strlenW(entry->u.pwszURL) + 1;
1401 else if (cchNameString)
1403 ret = min(strlenW(entry->u.pwszURL), cchNameString - 1);
1404 memcpy(pszNameString, entry->u.pwszURL, ret * sizeof(WCHAR));
1405 pszNameString[ret++] = 0;
1413 FIXME("unimplemented for type %d\n", dwType);
1420 else if (cchNameString)
1422 pszNameString[0] = 0;