2 * Copyright 2002 Mike McCormack for CodeWeavers
3 * Copyright 2005 Juan Lang
4 * Copyright 2006 Paul Vriens
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
32 #include "wine/debug.h"
33 #include "wine/list.h"
35 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
37 static const WCHAR szOID[] = {
38 'S','o','f','t','w','a','r','e','\\',
39 'M','i','c','r','o','s','o','f','t','\\',
40 'C','r','y','p','t','o','g','r','a','p','h','y','\\',
42 'E','n','c','o','d','i','n','g','T','y','p','e',' ','0','\\',
43 'C','r','y','p','t','S','I','P','D','l','l', 0 };
45 static const WCHAR szPutSigned[] = {
46 'P','u','t','S','i','g','n','e','d','D','a','t','a','M','s','g','\\',0};
47 static const WCHAR szGetSigned[] = {
48 'G','e','t','S','i','g','n','e','d','D','a','t','a','M','s','g','\\',0};
49 static const WCHAR szRemoveSigned[] = {
50 'R','e','m','o','v','e','S','i','g','n','e','d','D','a','t','a','M','s','g','\\',0};
51 static const WCHAR szCreate[] = {
52 'C','r','e','a','t','e','I','n','d','i','r','e','c','t','D','a','t','a','\\',0};
53 static const WCHAR szVerify[] = {
54 'V','e','r','i','f','y','I','n','d','i','r','e','c','t','D','a','t','a','\\',0};
55 static const WCHAR szIsMyFile[] = {
56 'I','s','M','y','F','i','l','e','T','y','p','e','\\',0};
57 static const WCHAR szIsMyFile2[] = {
58 'I','s','M','y','F','i','l','e','T','y','p','e','2','\\',0};
60 static const WCHAR szDllName[] = { 'D','l','l',0 };
61 static const WCHAR szFuncName[] = { 'F','u','n','c','N','a','m','e',0 };
63 /* convert a guid to a wide character string */
64 static void CRYPT_guid2wstr( const GUID *guid, LPWSTR wstr )
68 sprintf(str, "{%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X}",
69 guid->Data1, guid->Data2, guid->Data3,
70 guid->Data4[0], guid->Data4[1], guid->Data4[2], guid->Data4[3],
71 guid->Data4[4], guid->Data4[5], guid->Data4[6], guid->Data4[7] );
72 MultiByteToWideChar( CP_ACP, 0, str, -1, wstr, 40 );
75 /***********************************************************************
76 * CRYPT_SIPDeleteFunction
78 * Helper function for CryptSIPRemoveProvider
80 static LONG CRYPT_SIPDeleteFunction( const GUID *guid, LPCWSTR szKey )
82 WCHAR szFullKey[ 0x100 ];
83 LONG r = ERROR_SUCCESS;
85 /* max length of szFullKey depends on our code only, so we won't overrun */
86 lstrcpyW( szFullKey, szOID );
87 lstrcatW( szFullKey, szKey );
88 CRYPT_guid2wstr( guid, &szFullKey[ lstrlenW( szFullKey ) ] );
90 r = RegDeleteKeyW(HKEY_LOCAL_MACHINE, szFullKey);
95 /***********************************************************************
96 * CryptSIPRemoveProvider (CRYPT32.@)
98 * Remove a SIP provider and its functions from the registry.
101 * pgProv [I] Pointer to a GUID for this SIP provider
105 * Failure: FALSE. (Look at GetLastError()).
108 * Registry errors are always reported via SetLastError(). Every registry
109 * deletion will be tried.
111 BOOL WINAPI CryptSIPRemoveProvider(GUID *pgProv)
113 LONG r = ERROR_SUCCESS;
114 LONG remove_error = ERROR_SUCCESS;
116 TRACE("%s\n", debugstr_guid(pgProv));
120 SetLastError(ERROR_INVALID_PARAMETER);
125 #define CRYPT_SIPREMOVEPROV( key ) \
126 r = CRYPT_SIPDeleteFunction( pgProv, key); \
127 if (r != ERROR_SUCCESS) remove_error = r
129 CRYPT_SIPREMOVEPROV( szPutSigned);
130 CRYPT_SIPREMOVEPROV( szGetSigned);
131 CRYPT_SIPREMOVEPROV( szRemoveSigned);
132 CRYPT_SIPREMOVEPROV( szCreate);
133 CRYPT_SIPREMOVEPROV( szVerify);
134 CRYPT_SIPREMOVEPROV( szIsMyFile);
135 CRYPT_SIPREMOVEPROV( szIsMyFile2);
137 #undef CRYPT_SIPREMOVEPROV
139 if (remove_error != ERROR_SUCCESS)
141 SetLastError(remove_error);
149 * Helper for CryptSIPAddProvider
151 * Add a registry key containing a dll name and function under
152 * "Software\\Microsoft\\Cryptography\\OID\\EncodingType 0\\<func>\\<guid>"
154 static LONG CRYPT_SIPWriteFunction( const GUID *guid, LPCWSTR szKey,
155 LPCWSTR szDll, LPCWSTR szFunction )
157 WCHAR szFullKey[ 0x100 ];
158 LONG r = ERROR_SUCCESS;
162 return ERROR_SUCCESS;
164 /* max length of szFullKey depends on our code only, so we won't overrun */
165 lstrcpyW( szFullKey, szOID );
166 lstrcatW( szFullKey, szKey );
167 CRYPT_guid2wstr( guid, &szFullKey[ lstrlenW( szFullKey ) ] );
169 TRACE("key is %s\n", debugstr_w( szFullKey ) );
171 r = RegCreateKeyW( HKEY_LOCAL_MACHINE, szFullKey, &hKey );
172 if( r != ERROR_SUCCESS ) goto error_close_key;
174 /* write the values */
175 r = RegSetValueExW( hKey, szFuncName, 0, REG_SZ, (const BYTE*) szFunction,
176 ( lstrlenW( szFunction ) + 1 ) * sizeof (WCHAR) );
177 if( r != ERROR_SUCCESS ) goto error_close_key;
178 r = RegSetValueExW( hKey, szDllName, 0, REG_SZ, (const BYTE*) szDll,
179 ( lstrlenW( szDll ) + 1) * sizeof (WCHAR) );
188 /***********************************************************************
189 * CryptSIPAddProvider (CRYPT32.@)
191 * Add a SIP provider and its functions to the registry.
194 * psNewProv [I] Pointer to a structure with information about
195 * the functions this SIP provider can perform.
199 * Failure: FALSE. (Look at GetLastError()).
202 * Registry errors are always reported via SetLastError(). If a
203 * registry error occurs the rest of the registry write operations
206 BOOL WINAPI CryptSIPAddProvider(SIP_ADD_NEWPROVIDER *psNewProv)
208 LONG r = ERROR_SUCCESS;
210 TRACE("%p\n", psNewProv);
213 psNewProv->cbStruct != sizeof(SIP_ADD_NEWPROVIDER) ||
214 !psNewProv->pwszGetFuncName ||
215 !psNewProv->pwszPutFuncName ||
216 !psNewProv->pwszCreateFuncName ||
217 !psNewProv->pwszVerifyFuncName ||
218 !psNewProv->pwszRemoveFuncName)
220 SetLastError(ERROR_INVALID_PARAMETER);
224 TRACE("%s %s %s %s %s\n",
225 debugstr_guid( psNewProv->pgSubject ),
226 debugstr_w( psNewProv->pwszDLLFileName ),
227 debugstr_w( psNewProv->pwszMagicNumber ),
228 debugstr_w( psNewProv->pwszIsFunctionName ),
229 debugstr_w( psNewProv->pwszIsFunctionNameFmt2 ) );
231 #define CRYPT_SIPADDPROV( key, field ) \
232 r = CRYPT_SIPWriteFunction( psNewProv->pgSubject, key, \
233 psNewProv->pwszDLLFileName, psNewProv->field); \
234 if (r != ERROR_SUCCESS) goto end_function
236 CRYPT_SIPADDPROV( szPutSigned, pwszPutFuncName );
237 CRYPT_SIPADDPROV( szGetSigned, pwszGetFuncName );
238 CRYPT_SIPADDPROV( szRemoveSigned, pwszRemoveFuncName );
239 CRYPT_SIPADDPROV( szCreate, pwszCreateFuncName );
240 CRYPT_SIPADDPROV( szVerify, pwszVerifyFuncName );
241 CRYPT_SIPADDPROV( szIsMyFile, pwszIsFunctionName );
242 CRYPT_SIPADDPROV( szIsMyFile2, pwszIsFunctionNameFmt2 );
244 #undef CRYPT_SIPADDPROV
248 if (r != ERROR_SUCCESS)
257 /***********************************************************************
258 * CryptSIPRetrieveSubjectGuid (CRYPT32.@)
260 * Determine the right SIP GUID for the given file.
263 * FileName [I] Filename.
264 * hFileIn [I] Optional handle to the file.
265 * pgSubject [O] The SIP's GUID.
268 * Success: TRUE. pgSubject contains the SIP GUID.
269 * Failure: FALSE. (Look at GetLastError()).
272 * On failure pgSubject will contain a NULL GUID.
273 * The handle is always preferred above the filename.
275 BOOL WINAPI CryptSIPRetrieveSubjectGuid
276 (LPCWSTR FileName, HANDLE hFileIn, GUID *pgSubject)
283 IMAGE_DOS_HEADER *dos;
284 /* FIXME, find out if there is a name for this GUID */
285 static const GUID unknown = { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
286 static const GUID cabGUID = { 0xc689aaba, 0x8e78, 0x11d0, {0x8c,0x47,0x00,0xc0,0x4f,0xc2,0x95,0xee }};
287 static const BYTE cabHdr[] = { 'M','S','C','F' };
289 TRACE("(%s %p %p)\n", wine_dbgstr_w(FileName), hFileIn, pgSubject);
291 if (!pgSubject || (!FileName && !hFileIn))
293 SetLastError(ERROR_INVALID_PARAMETER);
297 /* Set pgSubject to zero's */
298 memset(pgSubject, 0 , sizeof(GUID));
301 /* Use the given handle, make sure not to close this one ourselves */
305 hFile = CreateFileW(FileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
306 /* Last error is set by CreateFile */
307 if (hFile == INVALID_HANDLE_VALUE) return FALSE;
310 hFilemapped = CreateFileMappingA(hFile, NULL, PAGE_READONLY, 0, 0, NULL);
311 /* Last error is set by CreateFileMapping */
312 if (!hFilemapped) goto cleanup3;
314 pMapped = MapViewOfFile(hFilemapped, FILE_MAP_READ, 0, 0, 0);
315 /* Last error is set by MapViewOfFile */
316 if (!pMapped) goto cleanup2;
318 /* Native checks it right here */
319 fileSize = GetFileSize(hFile, NULL);
322 SetLastError(ERROR_INVALID_PARAMETER);
326 /* As everything is in place now we start looking at the file header */
327 dos = (IMAGE_DOS_HEADER *)pMapped;
328 if (dos->e_magic == IMAGE_DOS_SIGNATURE)
330 *pgSubject = unknown;
335 /* Quick-n-dirty check for a cab file. FIXME: use FDIIsCabinet instead? */
336 if (!memcmp(pMapped, cabHdr, sizeof(cabHdr)))
338 *pgSubject = cabGUID;
345 * There is a lot more to be checked:
346 * - Check for the keys CryptSIPDllIsMyFileType and CryptSIPDllIsMyFileType2
347 * under HKLM\Software\Microsoft\Cryptography\OID\EncodingType 0. Here are
348 * functions listed that need check if a SIP Provider can deal with the
352 /* Let's set the most common error for now */
353 SetLastError(TRUST_E_SUBJECT_FORM_UNKNOWN);
355 /* The 3 different cleanups are here because we shouldn't overwrite the last error */
357 UnmapViewOfFile(pMapped);
359 CloseHandle(hFilemapped);
361 /* If we didn't open this one we shouldn't close it (hFile is a copy) */
362 if (!hFileIn) CloseHandle(hFile);
367 static LONG CRYPT_OpenSIPFunctionKey(const GUID *guid, LPCWSTR function,
370 WCHAR szFullKey[ 0x100 ];
372 lstrcpyW(szFullKey, szOID);
373 lstrcatW(szFullKey, function);
374 CRYPT_guid2wstr(guid, &szFullKey[lstrlenW(szFullKey)]);
375 return RegOpenKeyExW(HKEY_LOCAL_MACHINE, szFullKey, 0, KEY_READ, key);
378 /* Loads the function named function for the SIP specified by pgSubject, and
379 * returns it if found. Returns NULL on error. If the function is loaded,
380 * *pLib is set to the library in which it is found.
382 static void *CRYPT_LoadSIPFunc(const GUID *pgSubject, LPCWSTR function,
388 WCHAR dllName[MAX_PATH];
389 char functionName[MAX_PATH];
393 TRACE("(%s, %s)\n", debugstr_guid(pgSubject), debugstr_w(function));
395 r = CRYPT_OpenSIPFunctionKey(pgSubject, function, &key);
398 /* Read the DLL entry */
399 size = sizeof(dllName);
400 r = RegQueryValueExW(key, szDllName, NULL, NULL, (LPBYTE)dllName, &size);
403 /* Read the Function entry */
404 size = sizeof(functionName);
405 r = RegQueryValueExA(key, "FuncName", NULL, NULL, (LPBYTE)functionName,
409 lib = LoadLibraryW(dllName);
412 func = GetProcAddress(lib, functionName);
420 TRACE("returning %p\n", func);
424 typedef struct _WINE_SIP_PROVIDER {
426 SIP_DISPATCH_INFO info;
430 static struct list providers = { &providers, &providers };
431 static CRITICAL_SECTION providers_cs;
432 static CRITICAL_SECTION_DEBUG providers_cs_debug =
435 { &providers_cs_debug.ProcessLocksList,
436 &providers_cs_debug.ProcessLocksList },
437 0, 0, { (DWORD_PTR)(__FILE__ ": providers_cs") }
439 static CRITICAL_SECTION providers_cs = { &providers_cs_debug, -1, 0, 0, 0, 0 };
441 static void CRYPT_CacheSIP(const GUID *pgSubject, SIP_DISPATCH_INFO *info)
443 WINE_SIP_PROVIDER *prov = CryptMemAlloc(sizeof(WINE_SIP_PROVIDER));
447 prov->subject = *pgSubject;
449 EnterCriticalSection(&providers_cs);
450 list_add_tail(&providers, &prov->entry);
451 LeaveCriticalSection(&providers_cs);
455 static WINE_SIP_PROVIDER *CRYPT_GetCachedSIP(const GUID *pgSubject)
457 WINE_SIP_PROVIDER *provider = NULL, *ret = NULL;
459 EnterCriticalSection(&providers_cs);
460 LIST_FOR_EACH_ENTRY(provider, &providers, WINE_SIP_PROVIDER, entry)
462 if (IsEqualGUID(pgSubject, &provider->subject))
465 if (provider && IsEqualGUID(pgSubject, &provider->subject))
467 LeaveCriticalSection(&providers_cs);
471 static inline BOOL CRYPT_IsSIPCached(const GUID *pgSubject)
473 return CRYPT_GetCachedSIP(pgSubject) != NULL;
476 void crypt_sip_free(void)
478 WINE_SIP_PROVIDER *prov, *next;
480 LIST_FOR_EACH_ENTRY_SAFE(prov, next, &providers, WINE_SIP_PROVIDER, entry)
482 list_remove(&prov->entry);
483 FreeLibrary(prov->info.hSIP);
488 /* Loads the SIP for pgSubject into the global cache. Returns FALSE if the
489 * SIP isn't registered or is invalid.
491 static BOOL CRYPT_LoadSIP(const GUID *pgSubject)
493 SIP_DISPATCH_INFO sip = { 0 };
494 HMODULE lib = NULL, temp = NULL;
496 sip.pfGet = CRYPT_LoadSIPFunc(pgSubject, szGetSigned, &lib);
499 sip.pfPut = CRYPT_LoadSIPFunc(pgSubject, szPutSigned, &temp);
500 if (!sip.pfPut || temp != lib)
503 sip.pfCreate = CRYPT_LoadSIPFunc(pgSubject, szCreate, &temp);
504 if (!sip.pfCreate || temp != lib)
507 sip.pfVerify = CRYPT_LoadSIPFunc(pgSubject, szVerify, &temp);
508 if (!sip.pfVerify || temp != lib)
511 sip.pfRemove = CRYPT_LoadSIPFunc(pgSubject, szRemoveSigned, &temp);
512 if (!sip.pfRemove || temp != lib)
516 CRYPT_CacheSIP(pgSubject, &sip);
522 SetLastError(TRUST_E_SUBJECT_FORM_UNKNOWN);
526 /***********************************************************************
527 * CryptSIPLoad (CRYPT32.@)
529 * Load some internal crypt32 functions into a SIP_DISPATCH_INFO structure.
532 * pgSubject [I] The GUID.
534 * pSipDispatch [I] The loaded functions.
537 * Success: TRUE. pSipDispatch contains the functions.
538 * Failure: FALSE. (Look at GetLastError()).
541 * CryptSIPLoad uses caching for the list of GUIDs and whether a SIP is
544 * An application calls CryptSipLoad which will return a structure with the
545 * function addresses of some internal crypt32 functions. The application will
546 * then call these functions which will be forwarded to the appropriate SIP.
548 * CryptSIPLoad will load the needed SIP but doesn't unload this dll. The unloading
549 * is done when crypt32 is unloaded.
551 BOOL WINAPI CryptSIPLoad
552 (const GUID *pgSubject, DWORD dwFlags, SIP_DISPATCH_INFO *pSipDispatch)
554 TRACE("(%s %d %p)\n", debugstr_guid(pgSubject), dwFlags, pSipDispatch);
556 if (!pgSubject || dwFlags != 0 || !pSipDispatch)
558 SetLastError(ERROR_INVALID_PARAMETER);
561 if (!CRYPT_IsSIPCached(pgSubject) && !CRYPT_LoadSIP(pgSubject))
564 pSipDispatch->hSIP = NULL;
565 pSipDispatch->pfGet = CryptSIPGetSignedDataMsg;
566 pSipDispatch->pfPut = CryptSIPPutSignedDataMsg;
567 pSipDispatch->pfCreate = CryptSIPCreateIndirectData;
568 pSipDispatch->pfVerify = CryptSIPVerifyIndirectData;
569 pSipDispatch->pfRemove = CryptSIPRemoveSignedDataMsg;
574 /***********************************************************************
575 * CryptSIPCreateIndirectData (CRYPT32.@)
577 BOOL WINAPI CryptSIPCreateIndirectData(SIP_SUBJECTINFO* pSubjectInfo, DWORD* pcbIndirectData,
578 SIP_INDIRECT_DATA* pIndirectData)
580 WINE_SIP_PROVIDER *sip;
583 TRACE("(%p %p %p)\n", pSubjectInfo, pcbIndirectData, pIndirectData);
585 if ((sip = CRYPT_GetCachedSIP(pSubjectInfo->pgSubjectType)))
586 ret = sip->info.pfCreate(pSubjectInfo, pcbIndirectData, pIndirectData);
587 TRACE("returning %d\n", ret);
591 /***********************************************************************
592 * CryptSIPGetSignedDataMsg (CRYPT32.@)
594 BOOL WINAPI CryptSIPGetSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo, DWORD* pdwEncodingType,
595 DWORD dwIndex, DWORD* pcbSignedDataMsg, BYTE* pbSignedDataMsg)
597 WINE_SIP_PROVIDER *sip;
600 TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
601 pcbSignedDataMsg, pbSignedDataMsg);
603 if ((sip = CRYPT_GetCachedSIP(pSubjectInfo->pgSubjectType)))
604 ret = sip->info.pfGet(pSubjectInfo, pdwEncodingType, dwIndex,
605 pcbSignedDataMsg, pbSignedDataMsg);
606 TRACE("returning %d\n", ret);
610 /***********************************************************************
611 * CryptSIPPutSignedDataMsg (CRYPT32.@)
613 BOOL WINAPI CryptSIPPutSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo, DWORD pdwEncodingType,
614 DWORD* pdwIndex, DWORD cbSignedDataMsg, BYTE* pbSignedDataMsg)
616 WINE_SIP_PROVIDER *sip;
619 TRACE("(%p %d %p %d %p)\n", pSubjectInfo, pdwEncodingType, pdwIndex,
620 cbSignedDataMsg, pbSignedDataMsg);
622 if ((sip = CRYPT_GetCachedSIP(pSubjectInfo->pgSubjectType)))
623 ret = sip->info.pfPut(pSubjectInfo, pdwEncodingType, pdwIndex,
624 cbSignedDataMsg, pbSignedDataMsg);
625 TRACE("returning %d\n", ret);
629 /***********************************************************************
630 * CryptSIPRemoveSignedDataMsg (CRYPT32.@)
632 BOOL WINAPI CryptSIPRemoveSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo,
635 WINE_SIP_PROVIDER *sip;
638 TRACE("(%p %d)\n", pSubjectInfo, dwIndex);
640 if ((sip = CRYPT_GetCachedSIP(pSubjectInfo->pgSubjectType)))
641 ret = sip->info.pfRemove(pSubjectInfo, dwIndex);
642 TRACE("returning %d\n", ret);
646 /***********************************************************************
647 * CryptSIPVerifyIndirectData (CRYPT32.@)
649 BOOL WINAPI CryptSIPVerifyIndirectData(SIP_SUBJECTINFO* pSubjectInfo,
650 SIP_INDIRECT_DATA* pIndirectData)
652 WINE_SIP_PROVIDER *sip;
655 TRACE("(%p %p)\n", pSubjectInfo, pIndirectData);
657 if ((sip = CRYPT_GetCachedSIP(pSubjectInfo->pgSubjectType)))
658 ret = sip->info.pfVerify(pSubjectInfo, pIndirectData);
659 TRACE("returning %d\n", ret);
projects / wine / blob