2 * Copyright 2002 Mike McCormack for CodeWeavers
3 * Copyright 2004-2006 Juan Lang
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * - As you can see in the stubs below, support for CRLs and CTLs is missing.
21 * Mostly this should be copy-paste work, and some code (e.g. extended
22 * properties) could be shared between them.
23 * - Opening a cert store provider should be morphed to support loading
25 * - The concept of physical stores and locations isn't implemented. (This
26 * doesn't mean registry stores et al aren't implemented. See the PSDK for
27 * registering and enumerating physical stores and locations.)
28 * - Many flags, options and whatnot are unimplemented.
38 #include "wine/debug.h"
39 #include "wine/list.h"
41 #include "wine/exception.h"
42 #include "crypt32_private.h"
44 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
46 #define WINE_CRYPTCERTSTORE_MAGIC 0x74726563
47 /* The following aren't defined in wincrypt.h, as they're "reserved" */
48 #define CERT_CERT_PROP_ID 32
49 #define CERT_CRL_PROP_ID 33
50 #define CERT_CTL_PROP_ID 34
52 /* Some typedefs that make it easier to abstract which type of context we're
55 typedef const void *(WINAPI *CreateContextFunc)(DWORD dwCertEncodingType,
56 const BYTE *pbCertEncoded, DWORD cbCertEncoded);
57 typedef BOOL (WINAPI *AddContextToStoreFunc)(HCERTSTORE hCertStore,
58 const void *context, DWORD dwAddDisposition, const void **ppStoreContext);
59 typedef BOOL (WINAPI *AddEncodedContextToStoreFunc)(HCERTSTORE hCertStore,
60 DWORD dwCertEncodingType, const BYTE *pbEncoded, DWORD cbEncoded,
61 DWORD dwAddDisposition, const void **ppContext);
62 typedef const void *(WINAPI *EnumContextsInStoreFunc)(HCERTSTORE hCertStore,
63 const void *pPrevContext);
64 typedef BOOL (WINAPI *GetContextPropertyFunc)(const void *context,
65 DWORD dwPropID, void *pvData, DWORD *pcbData);
66 typedef BOOL (WINAPI *SetContextPropertyFunc)(const void *context,
67 DWORD dwPropID, DWORD dwFlags, const void *pvData);
68 typedef BOOL (WINAPI *SerializeElementFunc)(const void *context, DWORD dwFlags,
69 BYTE *pbElement, DWORD *pcbElement);
70 typedef BOOL (WINAPI *FreeContextFunc)(const void *context);
71 typedef BOOL (WINAPI *DeleteContextFunc)(const void *context);
73 /* An abstract context (certificate, CRL, or CTL) interface */
74 typedef struct _WINE_CONTEXT_INTERFACE
76 CreateContextFunc create;
77 AddContextToStoreFunc addContextToStore;
78 AddEncodedContextToStoreFunc addEncodedToStore;
79 EnumContextsInStoreFunc enumContextsInStore;
80 GetContextPropertyFunc getProp;
81 SetContextPropertyFunc setProp;
82 SerializeElementFunc serialize;
84 DeleteContextFunc deleteFromStore;
85 } WINE_CONTEXT_INTERFACE, *PWINE_CONTEXT_INTERFACE;
87 static const WINE_CONTEXT_INTERFACE gCertInterface = {
88 (CreateContextFunc)CertCreateCertificateContext,
89 (AddContextToStoreFunc)CertAddCertificateContextToStore,
90 (AddEncodedContextToStoreFunc)CertAddEncodedCertificateToStore,
91 (EnumContextsInStoreFunc)CertEnumCertificatesInStore,
92 (GetContextPropertyFunc)CertGetCertificateContextProperty,
93 (SetContextPropertyFunc)CertSetCertificateContextProperty,
94 (SerializeElementFunc)CertSerializeCertificateStoreElement,
95 (FreeContextFunc)CertFreeCertificateContext,
96 (DeleteContextFunc)CertDeleteCertificateFromStore,
99 static const WINE_CONTEXT_INTERFACE gCRLInterface = {
100 (CreateContextFunc)CertCreateCRLContext,
101 (AddContextToStoreFunc)CertAddCRLContextToStore,
102 (AddEncodedContextToStoreFunc)CertAddEncodedCRLToStore,
103 (EnumContextsInStoreFunc)CertEnumCRLsInStore,
104 (GetContextPropertyFunc)CertGetCRLContextProperty,
105 (SetContextPropertyFunc)CertSetCRLContextProperty,
106 (SerializeElementFunc)CertSerializeCRLStoreElement,
107 (FreeContextFunc)CertFreeCRLContext,
108 (DeleteContextFunc)CertDeleteCRLFromStore,
111 static const WINE_CONTEXT_INTERFACE gCTLInterface = {
112 (CreateContextFunc)CertCreateCTLContext,
113 (AddContextToStoreFunc)CertAddCTLContextToStore,
114 (AddEncodedContextToStoreFunc)CertAddEncodedCTLToStore,
115 (EnumContextsInStoreFunc)CertEnumCTLsInStore,
116 (GetContextPropertyFunc)CertGetCTLContextProperty,
117 (SetContextPropertyFunc)CertSetCTLContextProperty,
118 (SerializeElementFunc)CertSerializeCTLStoreElement,
119 (FreeContextFunc)CertFreeCTLContext,
120 (DeleteContextFunc)CertDeleteCTLFromStore,
123 struct WINE_CRYPTCERTSTORE;
125 typedef struct WINE_CRYPTCERTSTORE * (*StoreOpenFunc)(HCRYPTPROV hCryptProv,
126 DWORD dwFlags, const void *pvPara);
128 struct _WINE_CERT_CONTEXT_REF;
130 /* Called to enumerate the next certificate in a store. The returned pointer
131 * must be newly allocated (via CryptMemAlloc): CertFreeCertificateContext
134 typedef struct _WINE_CERT_CONTEXT_REF * (*EnumCertFunc)
135 (struct WINE_CRYPTCERTSTORE *store, struct _WINE_CERT_CONTEXT_REF *pPrev);
137 struct _WINE_CERT_CONTEXT;
139 /* Called to create a new reference to an existing cert context. Should call
140 * CRYPT_InitCertRef to make sure the reference count is properly updated.
141 * If the store does not provide any additional allocated data (that is, does
142 * not need to implement a FreeCertFunc), it may use CRYPT_CreateCertRef for
145 typedef struct _WINE_CERT_CONTEXT_REF * (*CreateRefFunc)
146 (struct _WINE_CERT_CONTEXT *context, HCERTSTORE store);
148 /* Optional, called when a cert context reference is being freed. Don't free
149 * the ref pointer itself, CertFreeCertificateContext does that.
151 typedef void (*FreeCertFunc)(struct _WINE_CERT_CONTEXT_REF *ref);
153 typedef enum _CertStoreType {
159 /* A cert store is polymorphic through the use of function pointers. A type
160 * is still needed to distinguish collection stores from other types.
161 * On the function pointers:
162 * - closeStore is called when the store's ref count becomes 0
163 * - addCert is called with a PWINE_CERT_CONTEXT as the second parameter
164 * - control is optional, but should be implemented by any store that supports
167 typedef struct WINE_CRYPTCERTSTORE
172 HCRYPTPROV cryptProv;
174 PFN_CERT_STORE_PROV_CLOSE closeStore;
175 PFN_CERT_STORE_PROV_WRITE_CERT addCert;
176 CreateRefFunc createCertRef;
177 EnumCertFunc enumCert;
178 PFN_CERT_STORE_PROV_DELETE_CERT deleteCert;
179 FreeCertFunc freeCert; /* optional */
180 PFN_CERT_STORE_PROV_CONTROL control; /* optional */
181 } WINECRYPT_CERTSTORE, *PWINECRYPT_CERTSTORE;
183 /* A certificate context has pointers to data that are owned by this module,
184 * so rather than duplicate the data every time a certificate context is
185 * copied, I keep a reference count to the data. Thus I have two data
186 * structures, the "true" certificate context (that has the reference count)
187 * and a reference certificate context, that has a pointer to the true context.
188 * Each one can be cast to a PCERT_CONTEXT, though you'll usually be dealing
189 * with the reference version.
191 typedef struct _WINE_CERT_CONTEXT
196 struct list extendedProperties;
197 } WINE_CERT_CONTEXT, *PWINE_CERT_CONTEXT;
199 typedef struct _WINE_CERT_CONTEXT_REF
202 WINE_CERT_CONTEXT *context;
203 } WINE_CERT_CONTEXT_REF, *PWINE_CERT_CONTEXT_REF;
205 /* An extended certificate property in serialized form is prefixed by this
208 typedef struct _WINE_CERT_PROP_HEADER
211 DWORD unknown; /* always 1 */
213 } WINE_CERT_PROP_HEADER, *PWINE_CERT_PROP_HEADER;
215 /* Stores an extended property in a cert. */
216 typedef struct _WINE_CERT_PROPERTY
218 WINE_CERT_PROP_HEADER hdr;
221 } WINE_CERT_PROPERTY, *PWINE_CERT_PROPERTY;
223 /* A mem store has a list of these. They're also returned by the mem store
224 * during enumeration.
226 typedef struct _WINE_CERT_LIST_ENTRY
228 WINE_CERT_CONTEXT_REF cert;
230 } WINE_CERT_LIST_ENTRY, *PWINE_CERT_LIST_ENTRY;
232 typedef struct _WINE_MEMSTORE
234 WINECRYPT_CERTSTORE hdr;
237 } WINE_MEMSTORE, *PWINE_MEMSTORE;
239 typedef struct _WINE_HASH_TO_DELETE
243 } WINE_HASH_TO_DELETE, *PWINE_HASH_TO_DELETE;
245 /* Returned by a provider store during enumeration. */
246 typedef struct _WINE_PROV_CERT_CONTEXT
248 WINE_CERT_CONTEXT_REF cert;
249 PWINE_CERT_CONTEXT_REF childContext;
250 } WINE_PROV_CERT_CONTEXT, *PWINE_PROV_CERT_CONTEXT;
252 typedef struct _WINE_REGSTOREINFO
255 HCRYPTPROV cryptProv;
256 PWINECRYPT_CERTSTORE memStore;
260 struct list certsToDelete;
261 } WINE_REGSTOREINFO, *PWINE_REGSTOREINFO;
263 typedef struct _WINE_STORE_LIST_ENTRY
265 PWINECRYPT_CERTSTORE store;
269 } WINE_STORE_LIST_ENTRY, *PWINE_STORE_LIST_ENTRY;
271 /* Returned by a collection store during enumeration.
272 * Note: relies on the list entry being valid after use, which a number of
273 * conditions might make untrue (reentrancy, closing a collection store before
274 * continuing an enumeration on it, ...). The tests seem to indicate this
275 * sort of unsafety is okay, since Windows isn't well-behaved in these
278 typedef struct _WINE_COLLECTION_CERT_CONTEXT
280 WINE_CERT_CONTEXT_REF cert;
281 PWINE_STORE_LIST_ENTRY entry;
282 PWINE_CERT_CONTEXT_REF childContext;
283 } WINE_COLLECTION_CERT_CONTEXT, *PWINE_COLLECTION_CERT_CONTEXT;
285 typedef struct _WINE_COLLECTIONSTORE
287 WINECRYPT_CERTSTORE hdr;
290 } WINE_COLLECTIONSTORE, *PWINE_COLLECTIONSTORE;
292 typedef struct _WINE_PROVIDERSTORE
294 WINECRYPT_CERTSTORE hdr;
295 DWORD dwStoreProvFlags;
296 PWINECRYPT_CERTSTORE memStore;
297 HCERTSTOREPROV hStoreProv;
298 PFN_CERT_STORE_PROV_CLOSE provCloseStore;
299 PFN_CERT_STORE_PROV_WRITE_CERT provWriteCert;
300 PFN_CERT_STORE_PROV_DELETE_CERT provDeleteCert;
301 PFN_CERT_STORE_PROV_CONTROL provControl;
302 } WINE_PROVIDERSTORE, *PWINE_PROVIDERSTORE;
304 /* Like CertGetCertificateContextProperty, but operates directly on the
305 * WINE_CERT_CONTEXT. Doesn't support special-case properties, since they
306 * are handled by CertGetCertificateContextProperty, and are particular to the
307 * store in which the property exists (which is separate from the context.)
309 static BOOL WINAPI CRYPT_GetCertificateContextProperty(
310 PWINE_CERT_CONTEXT context, DWORD dwPropId, void *pvData, DWORD *pcbData);
312 /* Like CertSetCertificateContextProperty, but operates directly on the
313 * WINE_CERT_CONTEXT. Doesn't handle special cases, since they're handled by
314 * CertSetCertificateContextProperty anyway.
316 static BOOL WINAPI CRYPT_SetCertificateContextProperty(
317 PWINE_CERT_CONTEXT context, DWORD dwPropId, DWORD dwFlags, const void *pvData);
319 /* Helper function for store reading functions and
320 * CertAddSerializedElementToStore. Returns a context of the appropriate type
321 * if it can, or NULL otherwise. Doesn't validate any of the properties in
322 * the serialized context (for example, bad hashes are retained.)
323 * *pdwContentType is set to the type of the returned context.
325 static const void * WINAPI CRYPT_ReadSerializedElement(const BYTE *pbElement,
326 DWORD cbElement, DWORD dwContextTypeFlags, DWORD *pdwContentType);
328 static void CRYPT_InitStore(WINECRYPT_CERTSTORE *store, HCRYPTPROV hCryptProv,
329 DWORD dwFlags, CertStoreType type)
332 store->dwMagic = WINE_CRYPTCERTSTORE_MAGIC;
336 hCryptProv = CRYPT_GetDefaultProvider();
337 dwFlags |= CERT_STORE_NO_CRYPT_RELEASE_FLAG;
339 store->cryptProv = hCryptProv;
340 store->dwOpenFlags = dwFlags;
343 /* Initializes the reference ref to point to pCertContext, which is assumed to
344 * be a PWINE_CERT_CONTEXT, and increments pCertContext's reference count.
345 * Also sets the hCertStore member of the reference to store.
347 static void CRYPT_InitCertRef(PWINE_CERT_CONTEXT_REF ref,
348 PWINE_CERT_CONTEXT context, HCERTSTORE store)
350 TRACE("(%p, %p)\n", ref, context);
351 memcpy(&ref->cert, context, sizeof(ref->cert));
352 ref->context = context;
353 InterlockedIncrement(&context->ref);
354 TRACE("%p's ref count is %ld\n", context, context->ref);
355 ref->cert.hCertStore = store;
358 static PWINE_CERT_CONTEXT_REF CRYPT_CreateCertRef(PWINE_CERT_CONTEXT context,
361 PWINE_CERT_CONTEXT_REF pCertRef = CryptMemAlloc(
362 sizeof(WINE_CERT_CONTEXT_REF));
364 TRACE("(%p, %p)\n", context, store);
366 CRYPT_InitCertRef(pCertRef, context, store);
370 static BOOL WINAPI CRYPT_MemAddCert(HCERTSTORE store, PCCERT_CONTEXT pCert,
371 DWORD dwAddDisposition)
373 WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
374 BOOL add = FALSE, ret;
376 TRACE("(%p, %p, %ld)\n", store, pCert, dwAddDisposition);
378 switch (dwAddDisposition)
380 case CERT_STORE_ADD_ALWAYS:
383 case CERT_STORE_ADD_NEW:
385 BYTE hashToAdd[20], hash[20];
386 DWORD size = sizeof(hashToAdd);
388 ret = CRYPT_GetCertificateContextProperty((PWINE_CERT_CONTEXT)pCert,
389 CERT_HASH_PROP_ID, hashToAdd, &size);
392 PWINE_CERT_LIST_ENTRY cursor;
394 /* Add if no cert with the same hash is found. */
396 EnterCriticalSection(&ms->cs);
397 LIST_FOR_EACH_ENTRY(cursor, &ms->certs, WINE_CERT_LIST_ENTRY, entry)
400 ret = CertGetCertificateContextProperty(&cursor->cert.cert,
401 CERT_HASH_PROP_ID, hash, &size);
402 if (ret && !memcmp(hashToAdd, hash, size))
404 TRACE("found matching certificate, not adding\n");
405 SetLastError(CRYPT_E_EXISTS);
410 LeaveCriticalSection(&ms->cs);
414 case CERT_STORE_ADD_REPLACE_EXISTING:
416 BYTE hashToAdd[20], hash[20];
417 DWORD size = sizeof(hashToAdd);
420 ret = CRYPT_GetCertificateContextProperty((PWINE_CERT_CONTEXT)pCert,
421 CERT_HASH_PROP_ID, hashToAdd, &size);
424 PWINE_CERT_LIST_ENTRY cursor, next;
426 /* Look for existing cert to delete */
427 EnterCriticalSection(&ms->cs);
428 LIST_FOR_EACH_ENTRY_SAFE(cursor, next, &ms->certs,
429 WINE_CERT_LIST_ENTRY, entry)
432 ret = CertGetCertificateContextProperty(&cursor->cert.cert,
433 CERT_HASH_PROP_ID, hash, &size);
434 if (ret && !memcmp(hashToAdd, hash, size))
436 TRACE("found matching certificate, replacing\n");
437 list_remove(&cursor->entry);
438 CertFreeCertificateContext((PCCERT_CONTEXT)cursor);
442 LeaveCriticalSection(&ms->cs);
447 FIXME("Unimplemented add disposition %ld\n", dwAddDisposition);
452 PWINE_CERT_LIST_ENTRY entry = CryptMemAlloc(
453 sizeof(WINE_CERT_LIST_ENTRY));
457 TRACE("adding %p\n", entry);
458 CRYPT_InitCertRef(&entry->cert, (PWINE_CERT_CONTEXT)pCert, store);
459 list_init(&entry->entry);
460 EnterCriticalSection(&ms->cs);
461 list_add_tail(&ms->certs, &entry->entry);
462 LeaveCriticalSection(&ms->cs);
470 TRACE("returning %d\n", ret);
474 static PWINE_CERT_CONTEXT_REF CRYPT_MemEnumCert(PWINECRYPT_CERTSTORE store,
475 PWINE_CERT_CONTEXT_REF pPrev)
477 WINE_MEMSTORE *ms = (WINE_MEMSTORE *)store;
478 PWINE_CERT_LIST_ENTRY prevEntry = (PWINE_CERT_LIST_ENTRY)pPrev, ret;
479 struct list *listNext;
481 TRACE("(%p, %p)\n", store, pPrev);
482 EnterCriticalSection(&ms->cs);
485 listNext = list_next(&ms->certs, &prevEntry->entry);
486 CertFreeCertificateContext((PCCERT_CONTEXT)pPrev);
489 listNext = list_next(&ms->certs, &ms->certs);
492 ret = CryptMemAlloc(sizeof(WINE_CERT_LIST_ENTRY));
495 memcpy(ret, LIST_ENTRY(listNext, WINE_CERT_LIST_ENTRY, entry),
496 sizeof(WINE_CERT_LIST_ENTRY));
497 InterlockedIncrement(&ret->cert.context->ref);
502 SetLastError(CRYPT_E_NOT_FOUND);
505 LeaveCriticalSection(&ms->cs);
507 TRACE("returning %p\n", ret);
508 return (PWINE_CERT_CONTEXT_REF)ret;
511 static void CRYPT_UnrefCertificateContext(PWINE_CERT_CONTEXT_REF ref);
513 static BOOL WINAPI CRYPT_MemDeleteCert(HCERTSTORE hCertStore,
514 PCCERT_CONTEXT pCertContext, DWORD dwFlags)
516 WINE_MEMSTORE *store = (WINE_MEMSTORE *)hCertStore;
517 WINE_CERT_CONTEXT_REF *ref = (WINE_CERT_CONTEXT_REF *)pCertContext;
518 PWINE_CERT_LIST_ENTRY cert, next;
521 /* Find the entry associated with the passed-in context, since the
522 * passed-in context may not be a list entry itself (e.g. if it came from
523 * CertDuplicateCertificateContext.) Pointing to the same context is
524 * a sufficient test of equality.
526 EnterCriticalSection(&store->cs);
527 LIST_FOR_EACH_ENTRY_SAFE(cert, next, &store->certs, WINE_CERT_LIST_ENTRY,
530 if (cert->cert.context == ref->context)
532 TRACE("removing %p\n", cert);
533 /* FIXME: this isn't entirely thread-safe, the entry itself isn't
536 list_remove(&cert->entry);
537 ret = CertFreeCertificateContext((PCCERT_CONTEXT)cert);
538 cert->entry.prev = cert->entry.next = &store->certs;
542 LeaveCriticalSection(&store->cs);
546 static void CRYPT_MemEmptyStore(PWINE_MEMSTORE store)
548 PWINE_CERT_LIST_ENTRY cert, next;
550 EnterCriticalSection(&store->cs);
551 /* Note that CertFreeCertificateContext calls HeapFree on the passed-in
552 * pointer if its ref-count reaches zero. That's okay here because there
553 * aren't any allocated data outside of the WINE_CERT_CONTEXT_REF portion
554 * of the CertListEntry.
556 LIST_FOR_EACH_ENTRY_SAFE(cert, next, &store->certs, WINE_CERT_LIST_ENTRY,
559 TRACE("removing %p\n", cert);
560 list_remove(&cert->entry);
561 CertFreeCertificateContext((PCCERT_CONTEXT)cert);
563 LeaveCriticalSection(&store->cs);
566 static void WINAPI CRYPT_MemCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
568 WINE_MEMSTORE *store = (WINE_MEMSTORE *)hCertStore;
570 TRACE("(%p, %08lx)\n", store, dwFlags);
572 FIXME("Unimplemented flags: %08lx\n", dwFlags);
574 CRYPT_MemEmptyStore(store);
575 DeleteCriticalSection(&store->cs);
579 static WINECRYPT_CERTSTORE *CRYPT_MemOpenStore(HCRYPTPROV hCryptProv,
580 DWORD dwFlags, const void *pvPara)
582 PWINE_MEMSTORE store;
584 TRACE("(%ld, %08lx, %p)\n", hCryptProv, dwFlags, pvPara);
586 if (dwFlags & CERT_STORE_DELETE_FLAG)
588 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
593 store = CryptMemAlloc(sizeof(WINE_MEMSTORE));
596 memset(store, 0, sizeof(WINE_MEMSTORE));
597 CRYPT_InitStore(&store->hdr, hCryptProv, dwFlags, StoreTypeMem);
598 store->hdr.closeStore = CRYPT_MemCloseStore;
599 store->hdr.addCert = CRYPT_MemAddCert;
600 store->hdr.createCertRef = CRYPT_CreateCertRef;
601 store->hdr.enumCert = CRYPT_MemEnumCert;
602 store->hdr.deleteCert = CRYPT_MemDeleteCert;
603 store->hdr.freeCert = NULL;
604 store->hdr.control = NULL;
605 InitializeCriticalSection(&store->cs);
606 list_init(&store->certs);
609 return (PWINECRYPT_CERTSTORE)store;
612 static BOOL WINAPI CRYPT_CollectionAddCert(HCERTSTORE store,
613 PCCERT_CONTEXT pCert, DWORD dwAddDisposition)
615 PWINE_COLLECTIONSTORE cs = (PWINE_COLLECTIONSTORE)store;
616 PWINE_STORE_LIST_ENTRY entry, next;
619 TRACE("(%p, %p, %ld)\n", store, pCert, dwAddDisposition);
622 EnterCriticalSection(&cs->cs);
623 LIST_FOR_EACH_ENTRY_SAFE(entry, next, &cs->stores, WINE_STORE_LIST_ENTRY,
626 if (entry->dwUpdateFlags & CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG)
628 ret = entry->store->addCert(entry->store, pCert, dwAddDisposition);
632 LeaveCriticalSection(&cs->cs);
633 SetLastError(ret ? ERROR_SUCCESS : HRESULT_FROM_WIN32(ERROR_ACCESS_DENIED));
637 static PWINE_CERT_CONTEXT_REF CRYPT_CollectionCreateCertRef(
638 PWINE_CERT_CONTEXT context, HCERTSTORE store)
640 PWINE_COLLECTION_CERT_CONTEXT ret = CryptMemAlloc(
641 sizeof(WINE_COLLECTION_CERT_CONTEXT));
645 /* Initialize to empty for now, just make sure the size is right */
646 CRYPT_InitCertRef((PWINE_CERT_CONTEXT_REF)ret, context, store);
648 ret->childContext = NULL;
650 return (PWINE_CERT_CONTEXT_REF)ret;
653 static void WINAPI CRYPT_CollectionCloseStore(HCERTSTORE store, DWORD dwFlags)
655 PWINE_COLLECTIONSTORE cs = (PWINE_COLLECTIONSTORE)store;
656 PWINE_STORE_LIST_ENTRY entry, next;
658 TRACE("(%p, %08lx)\n", store, dwFlags);
660 LIST_FOR_EACH_ENTRY_SAFE(entry, next, &cs->stores, WINE_STORE_LIST_ENTRY,
663 TRACE("closing %p\n", entry);
664 CertCloseStore((HCERTSTORE)entry->store, dwFlags);
667 DeleteCriticalSection(&cs->cs);
671 /* Advances a collection enumeration by one cert, if possible, where advancing
673 * - calling the current store's enumeration function once, and returning
674 * the enumerated cert if one is returned
675 * - moving to the next store if the current store has no more items, and
676 * recursively calling itself to get the next item.
677 * Returns NULL if the collection contains no more items or on error.
678 * Assumes the collection store's lock is held.
680 static PWINE_COLLECTION_CERT_CONTEXT CRYPT_CollectionAdvanceEnum(
681 PWINE_COLLECTIONSTORE store, PWINE_STORE_LIST_ENTRY storeEntry,
682 PWINE_COLLECTION_CERT_CONTEXT pPrev)
684 PWINE_COLLECTION_CERT_CONTEXT ret;
685 PWINE_CERT_CONTEXT_REF child;
686 struct list *storeNext = list_next(&store->stores, &storeEntry->entry);
688 TRACE("(%p, %p, %p)\n", store, storeEntry, pPrev);
690 child = storeEntry->store->enumCert((HCERTSTORE)storeEntry->store,
691 pPrev ? pPrev->childContext : NULL);
694 pPrev->childContext = NULL;
695 CertFreeCertificateContext((PCCERT_CONTEXT)pPrev);
700 ret = (PWINE_COLLECTION_CERT_CONTEXT)CRYPT_CollectionCreateCertRef(
701 child->context, store);
704 ret->entry = storeEntry;
705 ret->childContext = child;
708 CertFreeCertificateContext((PCCERT_CONTEXT)child);
714 storeEntry = LIST_ENTRY(storeNext, WINE_STORE_LIST_ENTRY, entry);
715 ret = CRYPT_CollectionAdvanceEnum(store, storeEntry, NULL);
719 SetLastError(CRYPT_E_NOT_FOUND);
723 TRACE("returning %p\n", ret);
727 static PWINE_CERT_CONTEXT_REF CRYPT_CollectionEnumCert(
728 PWINECRYPT_CERTSTORE store, PWINE_CERT_CONTEXT_REF pPrev)
730 PWINE_COLLECTIONSTORE cs = (PWINE_COLLECTIONSTORE)store;
731 PWINE_COLLECTION_CERT_CONTEXT prevEntry =
732 (PWINE_COLLECTION_CERT_CONTEXT)pPrev, ret;
734 TRACE("(%p, %p)\n", store, pPrev);
738 EnterCriticalSection(&cs->cs);
739 ret = CRYPT_CollectionAdvanceEnum(cs, prevEntry->entry, prevEntry);
740 LeaveCriticalSection(&cs->cs);
744 EnterCriticalSection(&cs->cs);
745 if (!list_empty(&cs->stores))
747 PWINE_STORE_LIST_ENTRY storeEntry;
749 storeEntry = LIST_ENTRY(cs->stores.next, WINE_STORE_LIST_ENTRY,
751 ret = CRYPT_CollectionAdvanceEnum(cs, storeEntry, prevEntry);
755 SetLastError(CRYPT_E_NOT_FOUND);
758 LeaveCriticalSection(&cs->cs);
760 TRACE("returning %p\n", ret);
761 return (PWINE_CERT_CONTEXT_REF)ret;
764 static BOOL WINAPI CRYPT_CollectionDeleteCert(HCERTSTORE hCertStore,
765 PCCERT_CONTEXT pCertContext, DWORD dwFlags)
767 PWINE_COLLECTION_CERT_CONTEXT context =
768 (PWINE_COLLECTION_CERT_CONTEXT)pCertContext;
771 TRACE("(%p, %p, %08lx)\n", hCertStore, pCertContext, dwFlags);
773 ret = CertDeleteCertificateFromStore((PCCERT_CONTEXT)context->childContext);
775 context->childContext = NULL;
779 static void CRYPT_CollectionFreeCert(PWINE_CERT_CONTEXT_REF ref)
781 PWINE_COLLECTION_CERT_CONTEXT context = (PWINE_COLLECTION_CERT_CONTEXT)ref;
783 TRACE("(%p)\n", ref);
785 if (context->childContext)
786 CertFreeCertificateContext((PCCERT_CONTEXT)context->childContext);
789 static WINECRYPT_CERTSTORE *CRYPT_CollectionOpenStore(HCRYPTPROV hCryptProv,
790 DWORD dwFlags, const void *pvPara)
792 PWINE_COLLECTIONSTORE store;
794 if (dwFlags & CERT_STORE_DELETE_FLAG)
796 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
801 store = CryptMemAlloc(sizeof(WINE_COLLECTIONSTORE));
804 memset(store, 0, sizeof(WINE_COLLECTIONSTORE));
805 CRYPT_InitStore(&store->hdr, hCryptProv, dwFlags,
806 StoreTypeCollection);
807 store->hdr.closeStore = CRYPT_CollectionCloseStore;
808 store->hdr.addCert = CRYPT_CollectionAddCert;
809 store->hdr.createCertRef = CRYPT_CollectionCreateCertRef;
810 store->hdr.enumCert = CRYPT_CollectionEnumCert;
811 store->hdr.deleteCert = CRYPT_CollectionDeleteCert;
812 store->hdr.freeCert = CRYPT_CollectionFreeCert;
813 InitializeCriticalSection(&store->cs);
814 list_init(&store->stores);
817 return (PWINECRYPT_CERTSTORE)store;
820 static void WINAPI CRYPT_ProvCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
822 PWINE_PROVIDERSTORE store = (PWINE_PROVIDERSTORE)hCertStore;
824 TRACE("(%p, %08lx)\n", store, dwFlags);
826 if (store->provCloseStore)
827 store->provCloseStore(store->hStoreProv, dwFlags);
828 if (!(store->dwStoreProvFlags & CERT_STORE_PROV_EXTERNAL_FLAG))
829 CertCloseStore(store->memStore, dwFlags);
833 static BOOL WINAPI CRYPT_ProvAddCert(HCERTSTORE hCertStore, PCCERT_CONTEXT cert,
834 DWORD dwAddDisposition)
836 PWINE_PROVIDERSTORE store = (PWINE_PROVIDERSTORE)hCertStore;
839 TRACE("(%p, %p, %ld)\n", hCertStore, cert, dwAddDisposition);
841 if (store->hdr.dwOpenFlags & CERT_STORE_READONLY_FLAG)
843 SetLastError(ERROR_ACCESS_DENIED);
849 if (store->provWriteCert)
850 ret = store->provWriteCert(store->hStoreProv, cert,
851 CERT_STORE_PROV_WRITE_ADD_FLAG);
853 ret = store->memStore->addCert(store->memStore, cert,
859 static PWINE_CERT_CONTEXT_REF CRYPT_ProvCreateCertRef(
860 PWINE_CERT_CONTEXT context, HCERTSTORE store)
862 PWINE_PROV_CERT_CONTEXT ret = CryptMemAlloc(sizeof(WINE_PROV_CERT_CONTEXT));
866 CRYPT_InitCertRef((PWINE_CERT_CONTEXT_REF)ret, context, store);
867 ret->childContext = NULL;
869 return (PWINE_CERT_CONTEXT_REF)ret;
872 static PWINE_CERT_CONTEXT_REF CRYPT_ProvEnumCert(PWINECRYPT_CERTSTORE store,
873 PWINE_CERT_CONTEXT_REF pPrev)
875 PWINE_PROVIDERSTORE ps = (PWINE_PROVIDERSTORE)store;
876 PWINE_CERT_CONTEXT_REF child;
877 PWINE_PROV_CERT_CONTEXT prev = (PWINE_PROV_CERT_CONTEXT)pPrev, ret = NULL;
879 TRACE("(%p, %p)\n", store, pPrev);
881 child = ps->memStore->enumCert(ps->memStore, prev ? prev->childContext
885 prev->childContext = NULL;
886 CertFreeCertificateContext((PCCERT_CONTEXT)prev);
891 ret = (PWINE_PROV_CERT_CONTEXT)CRYPT_ProvCreateCertRef(child->context,
894 ret->childContext = child;
896 CertFreeCertificateContext((PCCERT_CONTEXT)child);
898 return (PWINE_CERT_CONTEXT_REF)ret;
901 static BOOL WINAPI CRYPT_ProvDeleteCert(HCERTSTORE hCertStore,
902 PCCERT_CONTEXT cert, DWORD dwFlags)
904 PWINE_PROVIDERSTORE store = (PWINE_PROVIDERSTORE)hCertStore;
907 TRACE("(%p, %p, %08lx)\n", hCertStore, cert, dwFlags);
909 if (store->provDeleteCert)
910 ret = store->provDeleteCert(store->hStoreProv, cert, dwFlags);
912 ret = store->memStore->deleteCert(store->memStore, cert, dwFlags);
916 static void CRYPT_ProvFreeCert(PWINE_CERT_CONTEXT_REF ref)
918 PWINE_PROV_CERT_CONTEXT context = (PWINE_PROV_CERT_CONTEXT)ref;
920 TRACE("(%p)\n", ref);
922 if (context->childContext)
923 CertFreeCertificateContext((PCCERT_CONTEXT)context->childContext);
926 static BOOL WINAPI CRYPT_ProvControl(HCERTSTORE hCertStore, DWORD dwFlags,
927 DWORD dwCtrlType, void const *pvCtrlPara)
929 PWINE_PROVIDERSTORE store = (PWINE_PROVIDERSTORE)hCertStore;
932 TRACE("(%p, %08lx, %ld, %p)\n", hCertStore, dwFlags, dwCtrlType,
935 if (store->provControl)
936 ret = store->provControl(store->hStoreProv, dwFlags, dwCtrlType,
941 static PWINECRYPT_CERTSTORE CRYPT_ProvCreateStore(HCRYPTPROV hCryptProv,
942 DWORD dwFlags, PWINECRYPT_CERTSTORE memStore, PCERT_STORE_PROV_INFO pProvInfo)
944 PWINE_PROVIDERSTORE ret = (PWINE_PROVIDERSTORE)CryptMemAlloc(
945 sizeof(WINE_PROVIDERSTORE));
949 CRYPT_InitStore(&ret->hdr, hCryptProv, dwFlags,
951 ret->dwStoreProvFlags = pProvInfo->dwStoreProvFlags;
952 if (ret->dwStoreProvFlags & CERT_STORE_PROV_EXTERNAL_FLAG)
954 CertCloseStore(memStore, 0);
955 ret->memStore = NULL;
958 ret->memStore = memStore;
959 ret->hStoreProv = pProvInfo->hStoreProv;
960 ret->hdr.closeStore = CRYPT_ProvCloseStore;
961 ret->hdr.addCert = CRYPT_ProvAddCert;
962 ret->hdr.createCertRef = CRYPT_ProvCreateCertRef;
963 ret->hdr.enumCert = CRYPT_ProvEnumCert;
964 ret->hdr.deleteCert = CRYPT_ProvDeleteCert;
965 ret->hdr.freeCert = CRYPT_ProvFreeCert;
966 ret->hdr.control = CRYPT_ProvControl;
967 if (pProvInfo->cStoreProvFunc > CERT_STORE_PROV_CLOSE_FUNC)
968 ret->provCloseStore =
969 pProvInfo->rgpvStoreProvFunc[CERT_STORE_PROV_CLOSE_FUNC];
971 ret->provCloseStore = NULL;
972 if (pProvInfo->cStoreProvFunc >
973 CERT_STORE_PROV_WRITE_CERT_FUNC)
974 ret->provWriteCert = pProvInfo->rgpvStoreProvFunc[
975 CERT_STORE_PROV_WRITE_CERT_FUNC];
977 ret->provWriteCert = NULL;
978 if (pProvInfo->cStoreProvFunc >
979 CERT_STORE_PROV_DELETE_CERT_FUNC)
980 ret->provDeleteCert = pProvInfo->rgpvStoreProvFunc[
981 CERT_STORE_PROV_DELETE_CERT_FUNC];
983 ret->provDeleteCert = NULL;
984 if (pProvInfo->cStoreProvFunc >
985 CERT_STORE_PROV_CONTROL_FUNC)
986 ret->provControl = pProvInfo->rgpvStoreProvFunc[
987 CERT_STORE_PROV_CONTROL_FUNC];
989 ret->provControl = NULL;
991 return (PWINECRYPT_CERTSTORE)ret;
994 static PWINECRYPT_CERTSTORE CRYPT_ProvOpenStore(LPCSTR lpszStoreProvider,
995 DWORD dwEncodingType, HCRYPTPROV hCryptProv, DWORD dwFlags, const void *pvPara)
997 static HCRYPTOIDFUNCSET set = NULL;
998 PFN_CERT_DLL_OPEN_STORE_PROV_FUNC provOpenFunc;
999 HCRYPTOIDFUNCADDR hFunc;
1000 PWINECRYPT_CERTSTORE ret = NULL;
1003 set = CryptInitOIDFunctionSet(CRYPT_OID_OPEN_STORE_PROV_FUNC, 0);
1004 CryptGetOIDFunctionAddress(set, dwEncodingType, lpszStoreProvider, 0,
1005 (void **)&provOpenFunc, &hFunc);
1008 CERT_STORE_PROV_INFO provInfo = { 0 };
1010 provInfo.cbSize = sizeof(provInfo);
1011 if (dwFlags & CERT_STORE_DELETE_FLAG)
1012 provOpenFunc(lpszStoreProvider, dwEncodingType, hCryptProv,
1013 dwFlags, pvPara, NULL, &provInfo);
1016 PWINECRYPT_CERTSTORE memStore;
1018 memStore = CRYPT_MemOpenStore(hCryptProv, dwFlags, NULL);
1021 if (provOpenFunc(lpszStoreProvider, dwEncodingType, hCryptProv,
1022 dwFlags, pvPara, memStore, &provInfo))
1023 ret = CRYPT_ProvCreateStore(hCryptProv, dwFlags, memStore,
1026 CertCloseStore(memStore, 0);
1029 CryptFreeOIDFunctionAddress(hFunc, 0);
1032 SetLastError(ERROR_FILE_NOT_FOUND);
1036 static void CRYPT_HashToStr(LPBYTE hash, LPWSTR asciiHash)
1038 static const WCHAR fmt[] = { '%','0','2','X',0 };
1044 for (i = 0; i < 20; i++)
1045 wsprintfW(asciiHash + i * 2, fmt, hash[i]);
1048 static const WCHAR CertsW[] = { 'C','e','r','t','i','f','i','c','a','t','e','s',
1050 static const WCHAR CRLsW[] = { 'C','R','L','s',0 };
1051 static const WCHAR CTLsW[] = { 'C','T','L','s',0 };
1052 static const WCHAR BlobW[] = { 'B','l','o','b',0 };
1054 static void CRYPT_RegReadSerializedFromReg(PWINE_REGSTOREINFO store, HKEY key,
1059 WCHAR subKeyName[MAX_PATH];
1062 DWORD size = sizeof(subKeyName) / sizeof(WCHAR);
1064 rc = RegEnumKeyExW(key, index++, subKeyName, &size, NULL, NULL, NULL,
1070 rc = RegOpenKeyExW(key, subKeyName, 0, KEY_READ, &subKey);
1076 rc = RegQueryValueExW(subKey, BlobW, NULL, NULL, NULL, &size);
1078 buf = CryptMemAlloc(size);
1081 rc = RegQueryValueExW(subKey, BlobW, NULL, NULL, buf,
1085 const void *context;
1088 TRACE("Adding cert with hash %s\n",
1089 debugstr_w(subKeyName));
1090 context = CRYPT_ReadSerializedElement(buf, size,
1091 contextType, &addedType);
1094 const WINE_CONTEXT_INTERFACE *contextInterface;
1099 case CERT_STORE_CERTIFICATE_CONTEXT:
1100 contextInterface = &gCertInterface;
1102 case CERT_STORE_CRL_CONTEXT:
1103 contextInterface = &gCRLInterface;
1105 case CERT_STORE_CTL_CONTEXT:
1106 contextInterface = &gCTLInterface;
1109 contextInterface = NULL;
1111 if (contextInterface)
1113 size = sizeof(hash);
1114 if (contextInterface->getProp(context,
1115 CERT_HASH_PROP_ID, hash, &size))
1117 WCHAR asciiHash[20 * 2 + 1];
1119 CRYPT_HashToStr(hash, asciiHash);
1120 TRACE("comparing %s\n",
1121 debugstr_w(asciiHash));
1122 TRACE("with %s\n", debugstr_w(subKeyName));
1123 if (!lstrcmpW(asciiHash, subKeyName))
1125 TRACE("hash matches, adding\n");
1126 contextInterface->addContextToStore(
1127 store->memStore, context,
1128 CERT_STORE_ADD_REPLACE_EXISTING, NULL);
1131 TRACE("hash doesn't match, ignoring\n");
1133 contextInterface->free(context);
1139 RegCloseKey(subKey);
1141 /* Ignore intermediate errors, continue enumerating */
1147 static void CRYPT_RegReadFromReg(PWINE_REGSTOREINFO store)
1149 static const WCHAR *subKeys[] = { CertsW, CRLsW, CTLsW };
1150 static const DWORD contextFlags[] = { CERT_STORE_CERTIFICATE_CONTEXT_FLAG,
1151 CERT_STORE_CRL_CONTEXT_FLAG, CERT_STORE_CTL_CONTEXT_FLAG };
1154 for (i = 0; i < sizeof(subKeys) / sizeof(subKeys[0]); i++)
1159 rc = RegCreateKeyExW(store->key, subKeys[i], 0, NULL, 0, KEY_READ, NULL,
1163 CRYPT_RegReadSerializedFromReg(store, key, contextFlags[i]);
1169 /* Hash is assumed to be 20 bytes in length (a SHA-1 hash) */
1170 static BOOL CRYPT_WriteSerializedToReg(HKEY key, LPBYTE hash, LPBYTE buf,
1173 WCHAR asciiHash[20 * 2 + 1];
1178 CRYPT_HashToStr(hash, asciiHash);
1179 rc = RegCreateKeyExW(key, asciiHash, 0, NULL, 0, KEY_ALL_ACCESS, NULL,
1183 rc = RegSetValueExW(subKey, BlobW, 0, REG_BINARY, buf, len);
1184 RegCloseKey(subKey);
1196 static BOOL CRYPT_SerializeContextsToReg(HKEY key,
1197 const WINE_CONTEXT_INTERFACE *contextInterface, HCERTSTORE memStore)
1199 const void *context = NULL;
1203 context = contextInterface->enumContextsInStore(memStore, context);
1207 DWORD hashSize = sizeof(hash);
1209 ret = contextInterface->getProp(context, CERT_HASH_PROP_ID, hash,
1216 ret = contextInterface->serialize(context, 0, NULL, &size);
1218 buf = CryptMemAlloc(size);
1221 ret = contextInterface->serialize(context, 0, buf, &size);
1223 ret = CRYPT_WriteSerializedToReg(key, hash, buf, size);
1230 } while (ret && context != NULL);
1232 contextInterface->free(context);
1236 static BOOL CRYPT_RegWriteToReg(PWINE_REGSTOREINFO store)
1238 static const WCHAR *subKeys[] = { CertsW, CRLsW, CTLsW };
1239 static const WINE_CONTEXT_INTERFACE *interfaces[] = { &gCertInterface,
1240 &gCRLInterface, &gCTLInterface };
1241 struct list *listToDelete[] = { &store->certsToDelete, NULL, NULL };
1245 for (i = 0; ret && i < sizeof(subKeys) / sizeof(subKeys[0]); i++)
1248 LONG rc = RegCreateKeyExW(store->key, subKeys[i], 0, NULL, 0,
1249 KEY_ALL_ACCESS, NULL, &key, NULL);
1253 if (listToDelete[i])
1255 PWINE_HASH_TO_DELETE toDelete, next;
1256 WCHAR asciiHash[20 * 2 + 1];
1258 EnterCriticalSection(&store->cs);
1259 LIST_FOR_EACH_ENTRY_SAFE(toDelete, next, listToDelete[i],
1260 WINE_HASH_TO_DELETE, entry)
1264 CRYPT_HashToStr(toDelete->hash, asciiHash);
1265 TRACE("Removing %s\n", debugstr_w(asciiHash));
1266 rc = RegDeleteKeyW(key, asciiHash);
1267 if (rc != ERROR_SUCCESS && rc != ERROR_FILE_NOT_FOUND)
1272 list_remove(&toDelete->entry);
1273 CryptMemFree(toDelete);
1275 LeaveCriticalSection(&store->cs);
1277 ret = CRYPT_SerializeContextsToReg(key, interfaces[i],
1290 /* If force is true or the registry store is dirty, writes the contents of the
1291 * store to the registry.
1293 static BOOL CRYPT_RegFlushStore(PWINE_REGSTOREINFO store, BOOL force)
1297 if (store->dirty || force)
1298 ret = CRYPT_RegWriteToReg(store);
1304 static void WINAPI CRYPT_RegCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
1306 PWINE_REGSTOREINFO store = (PWINE_REGSTOREINFO)hCertStore;
1308 TRACE("(%p, %08lx)\n", store, dwFlags);
1310 FIXME("Unimplemented flags: %08lx\n", dwFlags);
1312 CRYPT_RegFlushStore(store, FALSE);
1313 RegCloseKey(store->key);
1314 DeleteCriticalSection(&store->cs);
1315 CryptMemFree(store);
1318 static BOOL WINAPI CRYPT_RegWriteCert(HCERTSTORE hCertStore,
1319 PCCERT_CONTEXT cert, DWORD dwFlags)
1321 PWINE_REGSTOREINFO store = (PWINE_REGSTOREINFO)hCertStore;
1324 TRACE("(%p, %p, %ld)\n", hCertStore, cert, dwFlags);
1326 if (dwFlags & CERT_STORE_PROV_WRITE_ADD_FLAG)
1328 store->dirty = TRUE;
1336 static BOOL WINAPI CRYPT_RegDeleteCert(HCERTSTORE hCertStore,
1337 PCCERT_CONTEXT pCertContext, DWORD dwFlags)
1339 PWINE_REGSTOREINFO store = (PWINE_REGSTOREINFO)hCertStore;
1342 TRACE("(%p, %p, %08lx)\n", store, pCertContext, dwFlags);
1344 if (store->dwOpenFlags & CERT_STORE_READONLY_FLAG)
1346 SetLastError(ERROR_ACCESS_DENIED);
1351 PWINE_HASH_TO_DELETE toDelete =
1352 CryptMemAlloc(sizeof(WINE_HASH_TO_DELETE));
1356 DWORD size = sizeof(toDelete->hash);
1358 ret = CertGetCertificateContextProperty(pCertContext,
1359 CERT_HASH_PROP_ID, toDelete->hash, &size);
1362 list_init(&toDelete->entry);
1363 EnterCriticalSection(&store->cs);
1364 list_add_tail(&store->certsToDelete, &toDelete->entry);
1365 LeaveCriticalSection(&store->cs);
1368 CryptMemFree(toDelete);
1373 store->dirty = TRUE;
1378 static BOOL WINAPI CRYPT_RegControl(HCERTSTORE hCertStore, DWORD dwFlags,
1379 DWORD dwCtrlType, void const *pvCtrlPara)
1381 PWINE_REGSTOREINFO store = (PWINE_REGSTOREINFO)hCertStore;
1386 case CERT_STORE_CTRL_RESYNC:
1387 CRYPT_RegFlushStore(store, FALSE);
1388 CRYPT_MemEmptyStore((PWINE_MEMSTORE)store->memStore);
1389 CRYPT_RegReadFromReg(store);
1392 case CERT_STORE_CTRL_COMMIT:
1393 ret = CRYPT_RegFlushStore(store,
1394 dwFlags & CERT_STORE_CTRL_COMMIT_FORCE_FLAG);
1397 FIXME("%ld: stub\n", dwCtrlType);
1403 /* Copied from shlwapi's SHDeleteKeyW, and reformatted to match this file. */
1404 static DWORD CRYPT_RecurseDeleteKey(HKEY hKey, LPCWSTR lpszSubKey)
1406 DWORD dwRet, dwKeyCount = 0, dwMaxSubkeyLen = 0, dwSize, i;
1407 WCHAR szNameBuf[MAX_PATH], *lpszName = szNameBuf;
1410 TRACE("(hkey=%p,%s)\n", hKey, debugstr_w(lpszSubKey));
1412 dwRet = RegOpenKeyExW(hKey, lpszSubKey, 0, KEY_READ, &hSubKey);
1415 /* Find how many subkeys there are */
1416 dwRet = RegQueryInfoKeyW(hSubKey, NULL, NULL, NULL, &dwKeyCount,
1417 &dwMaxSubkeyLen, NULL, NULL, NULL, NULL, NULL, NULL);
1421 if (dwMaxSubkeyLen > sizeof(szNameBuf)/sizeof(WCHAR))
1423 /* Name too big: alloc a buffer for it */
1424 lpszName = CryptMemAlloc(dwMaxSubkeyLen*sizeof(WCHAR));
1428 dwRet = ERROR_NOT_ENOUGH_MEMORY;
1431 /* Recursively delete all the subkeys */
1432 for (i = 0; i < dwKeyCount && !dwRet; i++)
1434 dwSize = dwMaxSubkeyLen;
1435 dwRet = RegEnumKeyExW(hSubKey, i, lpszName, &dwSize, NULL,
1438 dwRet = CRYPT_RecurseDeleteKey(hSubKey, lpszName);
1441 if (lpszName != szNameBuf)
1443 /* Free buffer if allocated */
1444 CryptMemFree(lpszName);
1449 RegCloseKey(hSubKey);
1451 dwRet = RegDeleteKeyW(hKey, lpszSubKey);
1456 static void *regProvFuncs[] = {
1457 CRYPT_RegCloseStore,
1458 NULL, /* CERT_STORE_PROV_READ_CERT_FUNC */
1460 CRYPT_RegDeleteCert,
1461 NULL, /* CERT_STORE_PROV_SET_CERT_PROPERTY_FUNC */
1462 NULL, /* CERT_STORE_PROV_READ_CRL_FUNC */
1463 NULL, /* CERT_STORE_PROV_WRITE_CRL_FUNC */
1464 NULL, /* CERT_STORE_PROV_DELETE_CRL_FUNC */
1465 NULL, /* CERT_STORE_PROV_SET_CRL_PROPERTY_FUNC */
1466 NULL, /* CERT_STORE_PROV_READ_CTL_FUNC */
1467 NULL, /* CERT_STORE_PROV_WRITE_CTL_FUNC */
1468 NULL, /* CERT_STORE_PROV_DELETE_CTL_FUNC */
1469 NULL, /* CERT_STORE_PROV_SET_CTL_PROPERTY_FUNC */
1473 static WINECRYPT_CERTSTORE *CRYPT_RegOpenStore(HCRYPTPROV hCryptProv,
1474 DWORD dwFlags, const void *pvPara)
1476 PWINECRYPT_CERTSTORE store = NULL;
1478 TRACE("(%ld, %08lx, %p)\n", hCryptProv, dwFlags, pvPara);
1480 if (dwFlags & CERT_STORE_DELETE_FLAG)
1482 DWORD rc = CRYPT_RecurseDeleteKey((HKEY)pvPara, CertsW);
1484 if (rc == ERROR_SUCCESS || rc == ERROR_NO_MORE_ITEMS)
1485 rc = CRYPT_RecurseDeleteKey((HKEY)pvPara, CRLsW);
1486 if (rc == ERROR_SUCCESS || rc == ERROR_NO_MORE_ITEMS)
1487 rc = CRYPT_RecurseDeleteKey((HKEY)pvPara, CTLsW);
1488 if (rc == ERROR_NO_MORE_ITEMS)
1496 if (DuplicateHandle(GetCurrentProcess(), (HANDLE)pvPara,
1497 GetCurrentProcess(), (LPHANDLE)&key,
1498 dwFlags & CERT_STORE_READONLY_FLAG ? KEY_READ : KEY_ALL_ACCESS,
1501 PWINECRYPT_CERTSTORE memStore;
1503 memStore = CRYPT_MemOpenStore(hCryptProv, dwFlags, NULL);
1506 PWINE_REGSTOREINFO regInfo = CryptMemAlloc(
1507 sizeof(WINE_REGSTOREINFO));
1511 CERT_STORE_PROV_INFO provInfo = { 0 };
1513 regInfo->dwOpenFlags = dwFlags;
1514 regInfo->cryptProv = hCryptProv;
1515 regInfo->memStore = memStore;
1517 InitializeCriticalSection(®Info->cs);
1518 list_init(®Info->certsToDelete);
1519 CRYPT_RegReadFromReg(regInfo);
1520 regInfo->dirty = FALSE;
1521 provInfo.cbSize = sizeof(provInfo);
1522 provInfo.cStoreProvFunc = sizeof(regProvFuncs) /
1523 sizeof(regProvFuncs[0]);
1524 provInfo.rgpvStoreProvFunc = regProvFuncs;
1525 provInfo.hStoreProv = regInfo;
1526 store = CRYPT_ProvCreateStore(hCryptProv, dwFlags, memStore,
1532 TRACE("returning %p\n", store);
1536 /* FIXME: this isn't complete for the Root store, in which the top-level
1537 * self-signed CA certs reside. Adding a cert to the Root store should present
1538 * the user with a dialog indicating the consequences of doing so, and asking
1539 * the user to confirm whether the cert should be added.
1541 static PWINECRYPT_CERTSTORE CRYPT_SysRegOpenStoreW(HCRYPTPROV hCryptProv,
1542 DWORD dwFlags, const void *pvPara)
1544 static const WCHAR fmt[] = { '%','s','\\','%','s',0 };
1545 LPCWSTR storeName = (LPCWSTR)pvPara;
1547 PWINECRYPT_CERTSTORE store = NULL;
1552 TRACE("(%ld, %08lx, %s)\n", hCryptProv, dwFlags,
1553 debugstr_w((LPCWSTR)pvPara));
1557 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
1562 switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
1564 case CERT_SYSTEM_STORE_LOCAL_MACHINE:
1565 root = HKEY_LOCAL_MACHINE;
1566 base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
1568 case CERT_SYSTEM_STORE_CURRENT_USER:
1569 root = HKEY_CURRENT_USER;
1570 base = CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH;
1572 case CERT_SYSTEM_STORE_CURRENT_SERVICE:
1573 /* hklm\Software\Microsoft\Cryptography\Services\servicename\
1574 * SystemCertificates
1576 FIXME("CERT_SYSTEM_STORE_CURRENT_SERVICE, %s: stub\n",
1577 debugstr_w(storeName));
1579 case CERT_SYSTEM_STORE_SERVICES:
1580 /* hklm\Software\Microsoft\Cryptography\Services\servicename\
1581 * SystemCertificates
1583 FIXME("CERT_SYSTEM_STORE_SERVICES, %s: stub\n",
1584 debugstr_w(storeName));
1586 case CERT_SYSTEM_STORE_USERS:
1587 /* hku\user sid\Software\Microsoft\SystemCertificates */
1588 FIXME("CERT_SYSTEM_STORE_USERS, %s: stub\n",
1589 debugstr_w(storeName));
1591 case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
1592 root = HKEY_CURRENT_USER;
1593 base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
1595 case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
1596 root = HKEY_LOCAL_MACHINE;
1597 base = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
1599 case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
1600 /* hklm\Software\Microsoft\EnterpriseCertificates */
1601 FIXME("CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE, %s: stub\n",
1602 debugstr_w(storeName));
1605 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
1609 storePath = CryptMemAlloc((lstrlenW(base) + lstrlenW(storeName) + 2) *
1615 REGSAM sam = dwFlags & CERT_STORE_READONLY_FLAG ? KEY_READ :
1618 wsprintfW(storePath, fmt, base, storeName);
1619 if (dwFlags & CERT_STORE_OPEN_EXISTING_FLAG)
1620 rc = RegOpenKeyExW(root, storePath, 0, sam, &key);
1625 rc = RegCreateKeyExW(root, storePath, 0, NULL, 0, sam, NULL,
1627 if (!rc && dwFlags & CERT_STORE_CREATE_NEW_FLAG &&
1628 disp == REG_OPENED_EXISTING_KEY)
1631 rc = ERROR_FILE_EXISTS;
1636 store = CRYPT_RegOpenStore(hCryptProv, dwFlags, key);
1641 CryptMemFree(storePath);
1646 static PWINECRYPT_CERTSTORE CRYPT_SysRegOpenStoreA(HCRYPTPROV hCryptProv,
1647 DWORD dwFlags, const void *pvPara)
1650 PWINECRYPT_CERTSTORE ret = NULL;
1652 TRACE("(%ld, %08lx, %s)\n", hCryptProv, dwFlags,
1653 debugstr_a((LPCSTR)pvPara));
1657 SetLastError(ERROR_FILE_NOT_FOUND);
1660 len = MultiByteToWideChar(CP_ACP, 0, (LPCSTR)pvPara, -1, NULL, 0);
1663 LPWSTR storeName = CryptMemAlloc(len * sizeof(WCHAR));
1667 MultiByteToWideChar(CP_ACP, 0, (LPCSTR)pvPara, -1, storeName, len);
1668 ret = CRYPT_SysRegOpenStoreW(hCryptProv, dwFlags, storeName);
1669 CryptMemFree(storeName);
1675 static PWINECRYPT_CERTSTORE CRYPT_SysOpenStoreW(HCRYPTPROV hCryptProv,
1676 DWORD dwFlags, const void *pvPara)
1678 HCERTSTORE store = 0;
1681 TRACE("(%ld, %08lx, %s)\n", hCryptProv, dwFlags,
1682 debugstr_w((LPCWSTR)pvPara));
1686 SetLastError(ERROR_FILE_NOT_FOUND);
1689 /* This returns a different error than system registry stores if the
1690 * location is invalid.
1692 switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)
1694 case CERT_SYSTEM_STORE_LOCAL_MACHINE:
1695 case CERT_SYSTEM_STORE_CURRENT_USER:
1696 case CERT_SYSTEM_STORE_CURRENT_SERVICE:
1697 case CERT_SYSTEM_STORE_SERVICES:
1698 case CERT_SYSTEM_STORE_USERS:
1699 case CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY:
1700 case CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY:
1701 case CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE:
1705 SetLastError(ERROR_FILE_NOT_FOUND);
1710 HCERTSTORE regStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W,
1711 0, hCryptProv, dwFlags, pvPara);
1715 store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
1716 CERT_STORE_CREATE_NEW_FLAG, NULL);
1719 CertAddStoreToCollection(store, regStore,
1720 dwFlags & CERT_STORE_READONLY_FLAG ? 0 :
1721 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1722 CertCloseStore(regStore, 0);
1726 return (PWINECRYPT_CERTSTORE)store;
1729 static PWINECRYPT_CERTSTORE CRYPT_SysOpenStoreA(HCRYPTPROV hCryptProv,
1730 DWORD dwFlags, const void *pvPara)
1733 PWINECRYPT_CERTSTORE ret = NULL;
1735 TRACE("(%ld, %08lx, %s)\n", hCryptProv, dwFlags,
1736 debugstr_a((LPCSTR)pvPara));
1740 SetLastError(ERROR_FILE_NOT_FOUND);
1743 len = MultiByteToWideChar(CP_ACP, 0, (LPCSTR)pvPara, -1, NULL, 0);
1746 LPWSTR storeName = CryptMemAlloc(len * sizeof(WCHAR));
1750 MultiByteToWideChar(CP_ACP, 0, (LPCSTR)pvPara, -1, storeName, len);
1751 ret = CRYPT_SysOpenStoreW(hCryptProv, dwFlags, storeName);
1752 CryptMemFree(storeName);
1758 HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider,
1759 DWORD dwMsgAndCertEncodingType, HCRYPTPROV hCryptProv, DWORD dwFlags,
1762 WINECRYPT_CERTSTORE *hcs;
1763 StoreOpenFunc openFunc = NULL;
1765 TRACE("(%s, %08lx, %08lx, %08lx, %p)\n", debugstr_a(lpszStoreProvider),
1766 dwMsgAndCertEncodingType, hCryptProv, dwFlags, pvPara);
1768 if (!HIWORD(lpszStoreProvider))
1770 switch (LOWORD(lpszStoreProvider))
1772 case (int)CERT_STORE_PROV_MEMORY:
1773 openFunc = CRYPT_MemOpenStore;
1775 case (int)CERT_STORE_PROV_REG:
1776 openFunc = CRYPT_RegOpenStore;
1778 case (int)CERT_STORE_PROV_COLLECTION:
1779 openFunc = CRYPT_CollectionOpenStore;
1781 case (int)CERT_STORE_PROV_SYSTEM_A:
1782 openFunc = CRYPT_SysOpenStoreA;
1784 case (int)CERT_STORE_PROV_SYSTEM_W:
1785 openFunc = CRYPT_SysOpenStoreW;
1787 case (int)CERT_STORE_PROV_SYSTEM_REGISTRY_A:
1788 openFunc = CRYPT_SysRegOpenStoreA;
1790 case (int)CERT_STORE_PROV_SYSTEM_REGISTRY_W:
1791 openFunc = CRYPT_SysRegOpenStoreW;
1794 if (LOWORD(lpszStoreProvider))
1795 FIXME("unimplemented type %d\n", LOWORD(lpszStoreProvider));
1798 else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_MEMORY))
1799 openFunc = CRYPT_MemOpenStore;
1800 else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_SYSTEM))
1801 openFunc = CRYPT_SysOpenStoreW;
1802 else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_COLLECTION))
1803 openFunc = CRYPT_CollectionOpenStore;
1804 else if (!strcasecmp(lpszStoreProvider, sz_CERT_STORE_PROV_SYSTEM_REGISTRY))
1805 openFunc = CRYPT_SysRegOpenStoreW;
1808 FIXME("unimplemented type %s\n", lpszStoreProvider);
1813 hcs = CRYPT_ProvOpenStore(lpszStoreProvider, dwMsgAndCertEncodingType,
1814 hCryptProv, dwFlags, pvPara);
1816 hcs = openFunc(hCryptProv, dwFlags, pvPara);
1817 return (HCERTSTORE)hcs;
1820 HCERTSTORE WINAPI CertOpenSystemStoreA(HCRYPTPROV hProv,
1821 LPCSTR szSubSystemProtocol)
1825 if (szSubSystemProtocol)
1827 int len = MultiByteToWideChar(CP_ACP, 0, szSubSystemProtocol, -1, NULL,
1829 LPWSTR param = CryptMemAlloc(len * sizeof(WCHAR));
1833 MultiByteToWideChar(CP_ACP, 0, szSubSystemProtocol, -1, param, len);
1834 ret = CertOpenSystemStoreW(hProv, param);
1835 CryptMemFree(param);
1839 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
1843 HCERTSTORE WINAPI CertOpenSystemStoreW(HCRYPTPROV hProv,
1844 LPCWSTR szSubSystemProtocol)
1848 if (!szSubSystemProtocol)
1850 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
1854 /* FIXME: needs some tests. It seems to open both HKEY_LOCAL_MACHINE and
1855 * HKEY_CURRENT_USER stores, but I'm not sure under what conditions, if any,
1858 ret = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, hProv,
1859 CERT_STORE_CREATE_NEW_FLAG, NULL);
1862 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W,
1863 0, hProv, CERT_SYSTEM_STORE_LOCAL_MACHINE, szSubSystemProtocol);
1867 CertAddStoreToCollection(ret, store,
1868 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1869 CertCloseStore(store, 0);
1871 store = CertOpenStore(CERT_STORE_PROV_SYSTEM_REGISTRY_W,
1872 0, hProv, CERT_SYSTEM_STORE_CURRENT_USER, szSubSystemProtocol);
1875 CertAddStoreToCollection(ret, store,
1876 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
1877 CertCloseStore(store, 0);
1883 BOOL WINAPI CertSaveStore(HCERTSTORE hCertStore, DWORD dwMsgAndCertEncodingType,
1884 DWORD dwSaveAs, DWORD dwSaveTo, void* pvSaveToPara, DWORD dwFlags)
1886 FIXME("(%p,%ld,%ld,%ld,%p,%08lx) stub!\n", hCertStore,
1887 dwMsgAndCertEncodingType, dwSaveAs, dwSaveTo, pvSaveToPara, dwFlags);
1891 PCCRL_CONTEXT WINAPI CertCreateCRLContext( DWORD dwCertEncodingType,
1892 const BYTE* pbCrlEncoded, DWORD cbCrlEncoded)
1897 TRACE("%08lx %p %08lx\n", dwCertEncodingType, pbCrlEncoded, cbCrlEncoded);
1899 /* FIXME: semi-stub, need to use CryptDecodeObjectEx to decode the CRL. */
1900 pcrl = CryptMemAlloc( sizeof (CRL_CONTEXT) );
1904 data = CryptMemAlloc( cbCrlEncoded );
1907 CryptMemFree( pcrl );
1911 pcrl->dwCertEncodingType = dwCertEncodingType;
1912 pcrl->pbCrlEncoded = data;
1913 pcrl->cbCrlEncoded = cbCrlEncoded;
1914 pcrl->pCrlInfo = NULL;
1915 pcrl->hCertStore = 0;
1920 /* Decodes the encoded certificate and creates the certificate context for it.
1921 * The reference count is initially zero, so you must create a reference to it
1922 * to avoid leaking memory.
1924 static PWINE_CERT_CONTEXT CRYPT_CreateCertificateContext(
1925 DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded)
1927 PWINE_CERT_CONTEXT cert = NULL;
1929 PCERT_SIGNED_CONTENT_INFO signedCert = NULL;
1930 PCERT_INFO certInfo = NULL;
1933 TRACE("(%08lx, %p, %ld)\n", dwCertEncodingType, pbCertEncoded,
1936 /* First try to decode it as a signed cert. */
1937 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT, pbCertEncoded,
1938 cbCertEncoded, CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
1939 (BYTE *)&signedCert, &size);
1943 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED,
1944 signedCert->ToBeSigned.pbData, signedCert->ToBeSigned.cbData,
1945 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
1946 (BYTE *)&certInfo, &size);
1947 LocalFree(signedCert);
1949 /* Failing that, try it as an unsigned cert */
1953 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_CERT_TO_BE_SIGNED,
1954 pbCertEncoded, cbCertEncoded,
1955 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
1956 (BYTE *)&certInfo, &size);
1962 cert = CryptMemAlloc(sizeof(WINE_CERT_CONTEXT));
1965 data = CryptMemAlloc(cbCertEncoded);
1972 memcpy(data, pbCertEncoded, cbCertEncoded);
1973 cert->cert.dwCertEncodingType = dwCertEncodingType;
1974 cert->cert.pbCertEncoded = data;
1975 cert->cert.cbCertEncoded = cbCertEncoded;
1976 cert->cert.pCertInfo = certInfo;
1977 cert->cert.hCertStore = 0;
1979 InitializeCriticalSection(&cert->cs);
1980 list_init(&cert->extendedProperties);
1987 static void CRYPT_FreeCert(PWINE_CERT_CONTEXT context)
1989 PWINE_CERT_PROPERTY prop, next;
1991 CryptMemFree(context->cert.pbCertEncoded);
1992 LocalFree(context->cert.pCertInfo);
1993 DeleteCriticalSection(&context->cs);
1994 LIST_FOR_EACH_ENTRY_SAFE(prop, next, &context->extendedProperties,
1995 WINE_CERT_PROPERTY, entry)
1997 list_remove(&prop->entry);
1998 CryptMemFree(prop->pbData);
2001 CryptMemFree(context);
2004 PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType,
2005 const BYTE *pbCertEncoded, DWORD cbCertEncoded)
2007 PWINE_CERT_CONTEXT cert;
2008 PWINE_CERT_CONTEXT_REF ret = NULL;
2010 TRACE("(%08lx, %p, %ld)\n", dwCertEncodingType, pbCertEncoded,
2013 cert = CRYPT_CreateCertificateContext(dwCertEncodingType, pbCertEncoded,
2016 ret = CRYPT_CreateCertRef(cert, 0);
2017 return (PCCERT_CONTEXT)ret;
2020 /* Since the properties are stored in a list, this is a tad inefficient
2021 * (O(n^2)) since I have to find the previous position every time.
2023 DWORD WINAPI CertEnumCertificateContextProperties(PCCERT_CONTEXT pCertContext,
2026 PWINE_CERT_CONTEXT_REF ref = (PWINE_CERT_CONTEXT_REF)pCertContext;
2029 TRACE("(%p, %ld)\n", pCertContext, dwPropId);
2031 EnterCriticalSection(&ref->context->cs);
2034 PWINE_CERT_PROPERTY cursor = NULL;
2036 LIST_FOR_EACH_ENTRY(cursor, &ref->context->extendedProperties,
2037 WINE_CERT_PROPERTY, entry)
2039 if (cursor->hdr.propID == dwPropId)
2044 if (cursor->entry.next != &ref->context->extendedProperties)
2045 ret = LIST_ENTRY(cursor->entry.next, WINE_CERT_PROPERTY,
2053 else if (!list_empty(&ref->context->extendedProperties))
2054 ret = LIST_ENTRY(ref->context->extendedProperties.next,
2055 WINE_CERT_PROPERTY, entry)->hdr.propID;
2058 LeaveCriticalSection(&ref->context->cs);
2062 static BOOL CRYPT_GetCertHashProp(PWINE_CERT_CONTEXT context, DWORD dwPropId,
2063 ALG_ID algID, const BYTE *toHash, DWORD toHashLen, void *pvData,
2066 BOOL ret = CryptHashCertificate(0, algID, 0, toHash, toHashLen, pvData,
2070 CRYPT_DATA_BLOB blob = { *pcbData, pvData };
2072 ret = CRYPT_SetCertificateContextProperty(context, dwPropId,
2078 static BOOL WINAPI CRYPT_GetCertificateContextProperty(
2079 PWINE_CERT_CONTEXT context, DWORD dwPropId, void *pvData, DWORD *pcbData)
2081 PWINE_CERT_PROPERTY prop;
2084 TRACE("(%p, %ld, %p, %p)\n", context, dwPropId, pvData, pcbData);
2086 EnterCriticalSection(&context->cs);
2089 LIST_FOR_EACH_ENTRY(prop, &context->extendedProperties,
2090 WINE_CERT_PROPERTY, entry)
2092 if (prop->hdr.propID == dwPropId)
2096 *pcbData = prop->hdr.cb;
2099 else if (*pcbData < prop->hdr.cb)
2101 SetLastError(ERROR_MORE_DATA);
2102 *pcbData = prop->hdr.cb;
2106 memcpy(pvData, prop->pbData, prop->hdr.cb);
2107 *pcbData = prop->hdr.cb;
2116 /* Implicit properties */
2119 case CERT_SHA1_HASH_PROP_ID:
2120 ret = CRYPT_GetCertHashProp(context, dwPropId, CALG_SHA1,
2121 context->cert.pbCertEncoded, context->cert.cbCertEncoded, pvData,
2124 case CERT_MD5_HASH_PROP_ID:
2125 ret = CRYPT_GetCertHashProp(context, dwPropId, CALG_MD5,
2126 context->cert.pbCertEncoded, context->cert.cbCertEncoded, pvData,
2129 case CERT_SUBJECT_NAME_MD5_HASH_PROP_ID:
2130 ret = CRYPT_GetCertHashProp(context, dwPropId, CALG_MD5,
2131 context->cert.pCertInfo->Subject.pbData,
2132 context->cert.pCertInfo->Subject.cbData,
2135 case CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID:
2136 ret = CRYPT_GetCertHashProp(context, dwPropId, CALG_MD5,
2137 context->cert.pCertInfo->SubjectPublicKeyInfo.PublicKey.pbData,
2138 context->cert.pCertInfo->SubjectPublicKeyInfo.PublicKey.cbData,
2141 case CERT_SIGNATURE_HASH_PROP_ID:
2142 case CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID:
2143 FIXME("implicit property %ld\n", dwPropId);
2144 SetLastError(CRYPT_E_NOT_FOUND);
2147 SetLastError(CRYPT_E_NOT_FOUND);
2150 LeaveCriticalSection(&context->cs);
2151 TRACE("returning %d\n", ret);
2155 BOOL WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT pCertContext,
2156 DWORD dwPropId, void *pvData, DWORD *pcbData)
2158 PWINE_CERT_CONTEXT_REF ref = (PWINE_CERT_CONTEXT_REF)pCertContext;
2161 TRACE("(%p, %ld, %p, %p)\n", pCertContext, dwPropId, pvData, pcbData);
2163 /* Special cases for invalid/special prop IDs.
2168 case CERT_CERT_PROP_ID:
2169 case CERT_CRL_PROP_ID:
2170 case CERT_CTL_PROP_ID:
2171 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
2173 case CERT_ACCESS_STATE_PROP_ID:
2176 *pcbData = sizeof(DWORD);
2179 else if (*pcbData < sizeof(DWORD))
2181 SetLastError(ERROR_MORE_DATA);
2182 *pcbData = sizeof(DWORD);
2189 if (pCertContext->hCertStore)
2191 PWINECRYPT_CERTSTORE store =
2192 (PWINECRYPT_CERTSTORE)pCertContext->hCertStore;
2194 if (!(store->dwOpenFlags & CERT_STORE_READONLY_FLAG))
2195 state |= CERT_ACCESS_STATE_WRITE_PERSIST_FLAG;
2197 *(DWORD *)pvData = state;
2202 ret = CRYPT_GetCertificateContextProperty(ref->context, dwPropId,
2204 TRACE("returning %d\n", ret);
2208 /* Copies cbData bytes from pbData to the context's property with ID
2211 static BOOL CRYPT_SaveCertificateContextProperty(PWINE_CERT_CONTEXT context,
2212 DWORD dwPropId, const BYTE *pbData, size_t cbData)
2219 data = CryptMemAlloc(cbData);
2221 memcpy(data, pbData, cbData);
2225 if (!cbData || data)
2227 PWINE_CERT_PROPERTY prop;
2229 EnterCriticalSection(&context->cs);
2230 LIST_FOR_EACH_ENTRY(prop, &context->extendedProperties,
2231 WINE_CERT_PROPERTY, entry)
2233 if (prop->hdr.propID == dwPropId)
2236 if (prop && prop->entry.next != &context->extendedProperties)
2238 CryptMemFree(prop->pbData);
2239 prop->hdr.cb = cbData;
2240 prop->pbData = cbData ? data : NULL;
2245 prop = CryptMemAlloc(sizeof(WINE_CERT_PROPERTY));
2248 prop->hdr.propID = dwPropId;
2249 prop->hdr.unknown = 1;
2250 prop->hdr.cb = cbData;
2251 list_init(&prop->entry);
2252 prop->pbData = cbData ? data : NULL;
2253 list_add_tail(&context->extendedProperties, &prop->entry);
2259 LeaveCriticalSection(&context->cs);
2264 static BOOL WINAPI CRYPT_SetCertificateContextProperty(
2265 PWINE_CERT_CONTEXT context, DWORD dwPropId, DWORD dwFlags, const void *pvData)
2269 TRACE("(%p, %ld, %08lx, %p)\n", context, dwPropId, dwFlags, pvData);
2273 PWINE_CERT_PROPERTY prop, next;
2275 EnterCriticalSection(&context->cs);
2276 LIST_FOR_EACH_ENTRY_SAFE(prop, next, &context->extendedProperties,
2277 WINE_CERT_PROPERTY, entry)
2279 if (prop->hdr.propID == dwPropId)
2281 list_remove(&prop->entry);
2282 CryptMemFree(prop->pbData);
2286 LeaveCriticalSection(&context->cs);
2293 case CERT_AUTO_ENROLL_PROP_ID:
2294 case CERT_CTL_USAGE_PROP_ID:
2295 case CERT_DESCRIPTION_PROP_ID:
2296 case CERT_FRIENDLY_NAME_PROP_ID:
2297 case CERT_HASH_PROP_ID:
2298 case CERT_KEY_IDENTIFIER_PROP_ID:
2299 case CERT_MD5_HASH_PROP_ID:
2300 case CERT_NEXT_UPDATE_LOCATION_PROP_ID:
2301 case CERT_PUBKEY_ALG_PARA_PROP_ID:
2302 case CERT_PVK_FILE_PROP_ID:
2303 case CERT_SIGNATURE_HASH_PROP_ID:
2304 case CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID:
2305 case CERT_SUBJECT_NAME_MD5_HASH_PROP_ID:
2306 case CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID:
2307 case CERT_ENROLLMENT_PROP_ID:
2308 case CERT_CROSS_CERT_DIST_POINTS_PROP_ID:
2309 case CERT_RENEWAL_PROP_ID:
2311 PCRYPT_DATA_BLOB blob = (PCRYPT_DATA_BLOB)pvData;
2313 ret = CRYPT_SaveCertificateContextProperty(context, dwPropId,
2314 blob->pbData, blob->cbData);
2317 case CERT_DATE_STAMP_PROP_ID:
2318 ret = CRYPT_SaveCertificateContextProperty(context, dwPropId,
2319 pvData, sizeof(FILETIME));
2322 FIXME("%ld: stub\n", dwPropId);
2325 TRACE("returning %d\n", ret);
2329 BOOL WINAPI CertSetCertificateContextProperty(PCCERT_CONTEXT pCertContext,
2330 DWORD dwPropId, DWORD dwFlags, const void *pvData)
2332 PWINE_CERT_CONTEXT_REF ref = (PWINE_CERT_CONTEXT_REF)pCertContext;
2335 TRACE("(%p, %ld, %08lx, %p)\n", pCertContext, dwPropId, dwFlags, pvData);
2337 /* Handle special cases for "read-only"/invalid prop IDs. Windows just
2338 * crashes on most of these, I'll be safer.
2343 case CERT_ACCESS_STATE_PROP_ID:
2344 case CERT_CERT_PROP_ID:
2345 case CERT_CRL_PROP_ID:
2346 case CERT_CTL_PROP_ID:
2347 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
2350 ret = CRYPT_SetCertificateContextProperty(ref->context, dwPropId,
2352 TRACE("returning %d\n", ret);
2356 /* Only the reference portion of the context is duplicated. The returned
2357 * context has the cert store set to 0, to prevent the store's certificate free
2358 * function from getting called on partial data.
2359 * FIXME: is this okay? Needs a test.
2361 PCCERT_CONTEXT WINAPI CertDuplicateCertificateContext(
2362 PCCERT_CONTEXT pCertContext)
2364 PWINE_CERT_CONTEXT_REF ref = (PWINE_CERT_CONTEXT_REF)pCertContext, ret;
2366 TRACE("(%p)\n", pCertContext);
2369 ret = CryptMemAlloc(sizeof(WINE_CERT_CONTEXT_REF));
2372 memcpy(ret, ref, sizeof(*ret));
2373 ret->cert.hCertStore = 0;
2374 InterlockedIncrement(&ret->context->ref);
2379 return (PCCERT_CONTEXT)ret;
2382 BOOL WINAPI CertAddCertificateContextToStore(HCERTSTORE hCertStore,
2383 PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition,
2384 PCCERT_CONTEXT *ppStoreContext)
2386 PWINECRYPT_CERTSTORE store = (PWINECRYPT_CERTSTORE)hCertStore;
2387 PWINE_CERT_CONTEXT_REF ref = (PWINE_CERT_CONTEXT_REF)pCertContext;
2388 PWINE_CERT_CONTEXT cert;
2391 TRACE("(%p, %p, %08lx, %p)\n", hCertStore, pCertContext,
2392 dwAddDisposition, ppStoreContext);
2394 /* FIXME: some tests needed to verify return codes */
2397 SetLastError(ERROR_INVALID_PARAMETER);
2400 if (store->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2402 SetLastError(ERROR_INVALID_PARAMETER);
2406 cert = CRYPT_CreateCertificateContext(ref->context->cert.dwCertEncodingType,
2407 ref->context->cert.pbCertEncoded, ref->context->cert.cbCertEncoded);
2410 PWINE_CERT_PROPERTY prop;
2413 EnterCriticalSection(&ref->context->cs);
2414 LIST_FOR_EACH_ENTRY(prop, &ref->context->extendedProperties,
2415 WINE_CERT_PROPERTY, entry)
2417 ret = CRYPT_SaveCertificateContextProperty(cert, prop->hdr.propID,
2418 prop->pbData, prop->hdr.cb);
2422 LeaveCriticalSection(&ref->context->cs);
2425 ret = store->addCert(store, (PCCERT_CONTEXT)cert, dwAddDisposition);
2426 if (ret && ppStoreContext)
2427 *ppStoreContext = (PCCERT_CONTEXT)store->createCertRef(cert,
2431 CRYPT_FreeCert(cert);
2438 BOOL WINAPI CertAddEncodedCertificateToStore(HCERTSTORE hCertStore,
2439 DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded,
2440 DWORD dwAddDisposition, PCCERT_CONTEXT *ppCertContext)
2442 WINECRYPT_CERTSTORE *hcs = (WINECRYPT_CERTSTORE *)hCertStore;
2445 TRACE("(%p, %08lx, %p, %ld, %08lx, %p)\n", hCertStore, dwCertEncodingType,
2446 pbCertEncoded, cbCertEncoded, dwAddDisposition, ppCertContext);
2450 else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2454 PWINE_CERT_CONTEXT cert = CRYPT_CreateCertificateContext(
2455 dwCertEncodingType, pbCertEncoded, cbCertEncoded);
2459 ret = hcs->addCert(hcs, (PCCERT_CONTEXT)cert, dwAddDisposition);
2460 if (ret && ppCertContext)
2461 *ppCertContext = (PCCERT_CONTEXT)hcs->createCertRef(cert,
2464 CRYPT_FreeCert(cert);
2472 PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore(HCERTSTORE hCertStore,
2473 PCCERT_CONTEXT pPrev)
2475 WINECRYPT_CERTSTORE *hcs = (WINECRYPT_CERTSTORE *)hCertStore;
2476 PWINE_CERT_CONTEXT_REF prev = (PWINE_CERT_CONTEXT_REF)pPrev;
2479 TRACE("(%p, %p)\n", hCertStore, pPrev);
2482 else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2485 ret = (PCCERT_CONTEXT)hcs->enumCert(hcs, prev);
2489 BOOL WINAPI CertDeleteCertificateFromStore(PCCERT_CONTEXT pCertContext)
2493 TRACE("(%p)\n", pCertContext);
2497 else if (!pCertContext->hCertStore)
2500 CertFreeCertificateContext(pCertContext);
2504 PWINECRYPT_CERTSTORE hcs =
2505 (PWINECRYPT_CERTSTORE)pCertContext->hCertStore;
2507 if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2510 ret = hcs->deleteCert(hcs, pCertContext, 0);
2511 CertFreeCertificateContext(pCertContext);
2516 BOOL WINAPI CertAddEncodedCRLToStore(HCERTSTORE hCertStore,
2517 DWORD dwCertEncodingType, const BYTE *pbCrlEncoded, DWORD cbCrlEncoded,
2518 DWORD dwAddDisposition, PCCRL_CONTEXT *ppCrlContext)
2520 FIXME("(%p, %08lx, %p, %ld, %08lx, %p): stub\n", hCertStore,
2521 dwCertEncodingType, pbCrlEncoded, cbCrlEncoded, dwAddDisposition,
2526 BOOL WINAPI CertAddCRLContextToStore( HCERTSTORE hCertStore,
2527 PCCRL_CONTEXT pCrlContext, DWORD dwAddDisposition,
2528 PCCRL_CONTEXT* ppStoreContext )
2530 FIXME("%p %p %08lx %p\n", hCertStore, pCrlContext,
2531 dwAddDisposition, ppStoreContext);
2535 BOOL WINAPI CertFreeCRLContext( PCCRL_CONTEXT pCrlContext)
2537 FIXME("%p\n", pCrlContext );
2542 BOOL WINAPI CertDeleteCRLFromStore(PCCRL_CONTEXT pCrlContext)
2544 FIXME("(%p): stub\n", pCrlContext);
2548 PCCRL_CONTEXT WINAPI CertEnumCRLsInStore(HCERTSTORE hCertStore,
2549 PCCRL_CONTEXT pPrev)
2551 FIXME("(%p, %p): stub\n", hCertStore, pPrev);
2555 PCCTL_CONTEXT WINAPI CertCreateCTLContext(DWORD dwCertEncodingType,
2556 const BYTE* pbCtlEncoded, DWORD cbCtlEncoded)
2558 FIXME("(%08lx, %p, %08lx): stub\n", dwCertEncodingType, pbCtlEncoded,
2563 BOOL WINAPI CertAddEncodedCTLToStore(HCERTSTORE hCertStore,
2564 DWORD dwMsgAndCertEncodingType, const BYTE *pbCtlEncoded, DWORD cbCtlEncoded,
2565 DWORD dwAddDisposition, PCCTL_CONTEXT *ppCtlContext)
2567 FIXME("(%p, %08lx, %p, %ld, %08lx, %p): stub\n", hCertStore,
2568 dwMsgAndCertEncodingType, pbCtlEncoded, cbCtlEncoded, dwAddDisposition,
2573 BOOL WINAPI CertAddCTLContextToStore(HCERTSTORE hCertStore,
2574 PCCTL_CONTEXT pCtlContext, DWORD dwAddDisposition,
2575 PCCTL_CONTEXT* ppStoreContext)
2577 FIXME("(%p, %p, %08lx, %p): stub\n", hCertStore, pCtlContext,
2578 dwAddDisposition, ppStoreContext);
2582 BOOL WINAPI CertFreeCTLContext(PCCTL_CONTEXT pCtlContext)
2584 FIXME("(%p): stub\n", pCtlContext );
2588 BOOL WINAPI CertDeleteCTLFromStore(PCCTL_CONTEXT pCtlContext)
2590 FIXME("(%p): stub\n", pCtlContext);
2594 PCCTL_CONTEXT WINAPI CertEnumCTLsInStore(HCERTSTORE hCertStore,
2595 PCCTL_CONTEXT pPrev)
2597 FIXME("(%p, %p): stub\n", hCertStore, pPrev);
2602 BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
2604 WINECRYPT_CERTSTORE *hcs = (WINECRYPT_CERTSTORE *) hCertStore;
2606 TRACE("(%p, %08lx)\n", hCertStore, dwFlags);
2611 if ( hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC )
2614 if (InterlockedDecrement(&hcs->ref) == 0)
2616 TRACE("%p's ref count is 0, freeing\n", hcs);
2618 if (!(hcs->dwOpenFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG))
2619 CryptReleaseContext(hcs->cryptProv, 0);
2620 hcs->closeStore(hcs, dwFlags);
2623 TRACE("%p's ref count is %ld\n", hcs, hcs->ref);
2627 BOOL WINAPI CertControlStore(HCERTSTORE hCertStore, DWORD dwFlags,
2628 DWORD dwCtrlType, void const *pvCtrlPara)
2630 WINECRYPT_CERTSTORE *hcs = (WINECRYPT_CERTSTORE *)hCertStore;
2633 TRACE("(%p, %08lx, %ld, %p)\n", hCertStore, dwFlags, dwCtrlType,
2638 else if (hcs->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
2643 ret = hcs->control(hCertStore, dwFlags, dwCtrlType, pvCtrlPara);
2650 BOOL WINAPI CertGetCRLContextProperty(PCCRL_CONTEXT pCRLContext,
2651 DWORD dwPropId, void *pvData, DWORD *pcbData)
2653 FIXME("(%p, %ld, %p, %p): stub\n", pCRLContext, dwPropId, pvData, pcbData);
2657 BOOL WINAPI CertSetCRLContextProperty(PCCRL_CONTEXT pCRLContext,
2658 DWORD dwPropId, DWORD dwFlags, const void *pvData)
2660 FIXME("(%p, %ld, %08lx, %p): stub\n", pCRLContext, dwPropId, dwFlags,
2665 BOOL WINAPI CertSerializeCRLStoreElement(PCCRL_CONTEXT pCrlContext,
2666 DWORD dwFlags, BYTE *pbElement, DWORD *pcbElement)
2668 FIXME("(%p, %08lx, %p, %p): stub\n", pCrlContext, dwFlags, pbElement,
2673 BOOL WINAPI CertGetCTLContextProperty(PCCTL_CONTEXT pCTLContext,
2674 DWORD dwPropId, void *pvData, DWORD *pcbData)
2676 FIXME("(%p, %ld, %p, %p): stub\n", pCTLContext, dwPropId, pvData, pcbData);
2680 BOOL WINAPI CertSetCTLContextProperty(PCCTL_CONTEXT pCTLContext,
2681 DWORD dwPropId, DWORD dwFlags, const void *pvData)
2683 FIXME("(%p, %ld, %08lx, %p): stub\n", pCTLContext, dwPropId, dwFlags,
2688 BOOL WINAPI CertSerializeCTLStoreElement(PCCTL_CONTEXT pCtlContext,
2689 DWORD dwFlags, BYTE *pbElement, DWORD *pcbElement)
2691 FIXME("(%p, %08lx, %p, %p): stub\n", pCtlContext, dwFlags, pbElement,
2696 BOOL WINAPI CertSerializeCertificateStoreElement(PCCERT_CONTEXT pCertContext,
2697 DWORD dwFlags, BYTE *pbElement, DWORD *pcbElement)
2701 TRACE("(%p, %08lx, %p, %p)\n", pCertContext, dwFlags, pbElement,
2706 PWINE_CERT_CONTEXT_REF ref = (PWINE_CERT_CONTEXT_REF)pCertContext;
2707 DWORD bytesNeeded = sizeof(WINE_CERT_PROP_HEADER) +
2708 pCertContext->cbCertEncoded;
2709 PWINE_CERT_PROPERTY prop;
2711 EnterCriticalSection(&ref->context->cs);
2712 LIST_FOR_EACH_ENTRY(prop, &ref->context->extendedProperties,
2713 WINE_CERT_PROPERTY, entry)
2714 bytesNeeded += sizeof(WINE_CERT_PROP_HEADER) + prop->hdr.cb;
2717 *pcbElement = bytesNeeded;
2720 else if (*pcbElement < bytesNeeded)
2722 *pcbElement = bytesNeeded;
2723 SetLastError(ERROR_MORE_DATA);
2728 PWINE_CERT_PROP_HEADER hdr;
2730 LIST_FOR_EACH_ENTRY(prop, &ref->context->extendedProperties,
2731 WINE_CERT_PROPERTY, entry)
2733 memcpy(pbElement, &prop->hdr, sizeof(WINE_CERT_PROP_HEADER));
2734 pbElement += sizeof(WINE_CERT_PROP_HEADER);
2737 memcpy(pbElement, prop->pbData, prop->hdr.cb);
2738 pbElement += prop->hdr.cb;
2741 hdr = (PWINE_CERT_PROP_HEADER)pbElement;
2742 hdr->propID = CERT_CERT_PROP_ID;
2744 hdr->cb = pCertContext->cbCertEncoded;
2745 memcpy(pbElement + sizeof(WINE_CERT_PROP_HEADER),
2746 pCertContext->pbCertEncoded, pCertContext->cbCertEncoded);
2749 LeaveCriticalSection(&ref->context->cs);
2756 /* Looks for the property with ID propID in the buffer buf. Returns a pointer
2757 * to its header if a valid header is found, NULL if not. Valid means the
2758 * length of thte property won't overrun buf, and the unknown field is 1.
2760 static const WINE_CERT_PROP_HEADER *CRYPT_findPropID(const BYTE *buf,
2761 DWORD size, DWORD propID)
2763 const WINE_CERT_PROP_HEADER *ret = NULL;
2766 while (size && !ret && !done)
2768 if (size < sizeof(WINE_CERT_PROP_HEADER))
2770 SetLastError(CRYPT_E_FILE_ERROR);
2775 const WINE_CERT_PROP_HEADER *hdr =
2776 (const WINE_CERT_PROP_HEADER *)buf;
2778 size -= sizeof(WINE_CERT_PROP_HEADER);
2779 buf += sizeof(WINE_CERT_PROP_HEADER);
2782 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
2785 else if (!hdr->propID)
2787 /* assume a zero prop ID means the data are uninitialized, so
2792 else if (hdr->unknown != 1)
2794 SetLastError(ERROR_FILE_NOT_FOUND);
2797 else if (hdr->propID == propID)
2809 static const void * WINAPI CRYPT_ReadSerializedElement(const BYTE *pbElement,
2810 DWORD cbElement, DWORD dwContextTypeFlags, DWORD *pdwContentType)
2812 const void *context;
2814 TRACE("(%p, %ld, %08lx, %p)\n", pbElement, cbElement, dwContextTypeFlags,
2819 SetLastError(ERROR_END_OF_MEDIA);
2825 const WINE_CONTEXT_INTERFACE *contextInterface = NULL;
2826 const WINE_CERT_PROP_HEADER *hdr = NULL;
2832 if (dwContextTypeFlags == CERT_STORE_ALL_CONTEXT_FLAG)
2834 hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CERT_PROP_ID);
2836 type = CERT_STORE_CERTIFICATE_CONTEXT;
2839 hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CRL_PROP_ID);
2841 type = CERT_STORE_CRL_CONTEXT;
2844 hdr = CRYPT_findPropID(pbElement, cbElement,
2847 type = CERT_STORE_CTL_CONTEXT;
2851 else if (dwContextTypeFlags & CERT_STORE_CERTIFICATE_CONTEXT_FLAG)
2853 hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CERT_PROP_ID);
2854 type = CERT_STORE_CERTIFICATE_CONTEXT;
2856 else if (dwContextTypeFlags & CERT_STORE_CRL_CONTEXT_FLAG)
2858 hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CRL_PROP_ID);
2859 type = CERT_STORE_CRL_CONTEXT;
2861 else if (dwContextTypeFlags & CERT_STORE_CTL_CONTEXT_FLAG)
2863 hdr = CRYPT_findPropID(pbElement, cbElement, CERT_CTL_PROP_ID);
2864 type = CERT_STORE_CTL_CONTEXT;
2869 case CERT_STORE_CERTIFICATE_CONTEXT:
2870 contextInterface = &gCertInterface;
2872 case CERT_STORE_CRL_CONTEXT:
2873 contextInterface = &gCRLInterface;
2875 case CERT_STORE_CTL_CONTEXT:
2876 contextInterface = &gCTLInterface;
2879 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
2886 context = contextInterface->create(X509_ASN_ENCODING,
2887 (BYTE *)hdr + sizeof(WINE_CERT_PROP_HEADER), hdr->cb);
2890 BOOL noMoreProps = FALSE;
2892 while (!noMoreProps && ret)
2894 if (cbElement < sizeof(WINE_CERT_PROP_HEADER))
2898 const WINE_CERT_PROP_HEADER *hdr =
2899 (const WINE_CERT_PROP_HEADER *)pbElement;
2901 TRACE("prop is %ld\n", hdr->propID);
2902 cbElement -= sizeof(WINE_CERT_PROP_HEADER);
2903 pbElement += sizeof(WINE_CERT_PROP_HEADER);
2904 if (cbElement < hdr->cb)
2906 SetLastError(HRESULT_FROM_WIN32(
2907 ERROR_INVALID_PARAMETER));
2910 else if (!hdr->propID)
2912 /* Like in CRYPT_findPropID, stop if the propID is zero
2916 else if (hdr->unknown != 1)
2918 SetLastError(ERROR_FILE_NOT_FOUND);
2921 else if (hdr->propID != CERT_CERT_PROP_ID &&
2922 hdr->propID != CERT_CRL_PROP_ID && hdr->propID !=
2925 /* Have to create a blob for most types, but not
2928 switch (hdr->propID)
2930 case CERT_AUTO_ENROLL_PROP_ID:
2931 case CERT_CTL_USAGE_PROP_ID:
2932 case CERT_DESCRIPTION_PROP_ID:
2933 case CERT_FRIENDLY_NAME_PROP_ID:
2934 case CERT_HASH_PROP_ID:
2935 case CERT_KEY_IDENTIFIER_PROP_ID:
2936 case CERT_MD5_HASH_PROP_ID:
2937 case CERT_NEXT_UPDATE_LOCATION_PROP_ID:
2938 case CERT_PUBKEY_ALG_PARA_PROP_ID:
2939 case CERT_PVK_FILE_PROP_ID:
2940 case CERT_SIGNATURE_HASH_PROP_ID:
2941 case CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID:
2942 case CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID:
2943 case CERT_ENROLLMENT_PROP_ID:
2944 case CERT_CROSS_CERT_DIST_POINTS_PROP_ID:
2945 case CERT_RENEWAL_PROP_ID:
2947 CRYPT_DATA_BLOB blob = { hdr->cb,
2948 (LPBYTE)pbElement };
2950 ret = contextInterface->setProp(context,
2951 hdr->propID, 0, &blob);
2954 case CERT_DATE_STAMP_PROP_ID:
2955 ret = contextInterface->setProp(context,
2956 hdr->propID, 0, pbElement);
2959 FIXME("prop ID %ld: stub\n", hdr->propID);
2962 pbElement += hdr->cb;
2963 cbElement -= hdr->cb;
2971 *pdwContentType = type;
2975 contextInterface->free(context);
2982 SetLastError(STATUS_ACCESS_VIOLATION);
2989 BOOL WINAPI CertAddSerializedElementToStore(HCERTSTORE hCertStore,
2990 const BYTE *pbElement, DWORD cbElement, DWORD dwAddDisposition, DWORD dwFlags,
2991 DWORD dwContextTypeFlags, DWORD *pdwContentType, const void **ppvContext)
2993 const void *context;
2997 TRACE("(%p, %p, %ld, %08lx, %08lx, %08lx, %p, %p)\n", hCertStore,
2998 pbElement, cbElement, dwAddDisposition, dwFlags, dwContextTypeFlags,
2999 pdwContentType, ppvContext);
3001 /* Call the internal function, then delete the hashes. Tests show this
3002 * function uses real hash values, not whatever's stored in the hash
3005 context = CRYPT_ReadSerializedElement(pbElement, cbElement,
3006 dwContextTypeFlags, &type);
3009 const WINE_CONTEXT_INTERFACE *contextInterface = NULL;
3013 case CERT_STORE_CERTIFICATE_CONTEXT:
3014 contextInterface = &gCertInterface;
3016 case CERT_STORE_CRL_CONTEXT:
3017 contextInterface = &gCRLInterface;
3019 case CERT_STORE_CTL_CONTEXT:
3020 contextInterface = &gCTLInterface;
3023 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3025 if (contextInterface)
3027 contextInterface->setProp(context, CERT_HASH_PROP_ID, 0, NULL);
3028 contextInterface->setProp(context, CERT_MD5_HASH_PROP_ID, 0, NULL);
3029 contextInterface->setProp(context, CERT_SIGNATURE_HASH_PROP_ID, 0,
3032 *pdwContentType = type;
3033 ret = contextInterface->addContextToStore(hCertStore, context,
3034 dwAddDisposition, ppvContext);
3035 contextInterface->free(context);
3045 static void CRYPT_UnrefCertificateContext(PWINE_CERT_CONTEXT_REF ref)
3047 if (InterlockedDecrement(&ref->context->ref) == 0)
3049 TRACE("%p's ref count is 0, freeing\n", ref->context);
3050 CRYPT_FreeCert(ref->context);
3053 TRACE("%p's ref count is %ld\n", ref->context, ref->context->ref);
3056 BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
3058 TRACE("(%p)\n", pCertContext);
3062 PWINE_CERT_CONTEXT_REF ref = (PWINE_CERT_CONTEXT_REF)pCertContext;
3063 PWINECRYPT_CERTSTORE store = (PWINECRYPT_CERTSTORE)ref->cert.hCertStore;
3065 CRYPT_UnrefCertificateContext(ref);
3066 if (store && store->dwMagic == WINE_CRYPTCERTSTORE_MAGIC &&
3068 store->freeCert(ref);
3069 TRACE("freeing %p\n", ref);
3075 PCCERT_CONTEXT WINAPI CertFindCertificateInStore(HCERTSTORE hCertStore,
3076 DWORD dwCertEncodingType, DWORD dwFlags, DWORD dwType,
3077 const void *pvPara, PCCERT_CONTEXT pPrevCertContext)
3079 FIXME("stub: %p %ld %ld %ld %p %p\n", hCertStore, dwCertEncodingType,
3080 dwFlags, dwType, pvPara, pPrevCertContext);
3081 SetLastError(CRYPT_E_NOT_FOUND);
3085 BOOL WINAPI CertAddStoreToCollection(HCERTSTORE hCollectionStore,
3086 HCERTSTORE hSiblingStore, DWORD dwUpdateFlags, DWORD dwPriority)
3088 PWINE_COLLECTIONSTORE collection = (PWINE_COLLECTIONSTORE)hCollectionStore;
3089 WINECRYPT_CERTSTORE *sibling = (WINECRYPT_CERTSTORE *)hSiblingStore;
3090 PWINE_STORE_LIST_ENTRY entry;
3093 TRACE("(%p, %p, %08lx, %ld)\n", hCollectionStore, hSiblingStore,
3094 dwUpdateFlags, dwPriority);
3096 if (!collection || !sibling)
3098 if (collection->hdr.dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
3100 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3103 if (collection->hdr.type != StoreTypeCollection)
3105 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3108 if (sibling->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
3110 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3114 entry = CryptMemAlloc(sizeof(WINE_STORE_LIST_ENTRY));
3117 InterlockedIncrement(&sibling->ref);
3118 TRACE("sibling %p's ref count is %ld\n", sibling, sibling->ref);
3119 entry->store = sibling;
3120 entry->dwUpdateFlags = dwUpdateFlags;
3121 entry->dwPriority = dwPriority;
3122 list_init(&entry->entry);
3123 TRACE("%p: adding %p, priority %ld\n", collection, entry, dwPriority);
3124 EnterCriticalSection(&collection->cs);
3127 PWINE_STORE_LIST_ENTRY cursor;
3130 LIST_FOR_EACH_ENTRY(cursor, &collection->stores,
3131 WINE_STORE_LIST_ENTRY, entry)
3133 if (cursor->dwPriority < dwPriority)
3135 list_add_before(&cursor->entry, &entry->entry);
3141 list_add_tail(&collection->stores, &entry->entry);
3144 list_add_tail(&collection->stores, &entry->entry);
3145 LeaveCriticalSection(&collection->cs);
3153 void WINAPI CertRemoveStoreFromCollection(HCERTSTORE hCollectionStore,
3154 HCERTSTORE hSiblingStore)
3156 PWINE_COLLECTIONSTORE collection = (PWINE_COLLECTIONSTORE)hCollectionStore;
3157 WINECRYPT_CERTSTORE *sibling = (WINECRYPT_CERTSTORE *)hSiblingStore;
3158 PWINE_STORE_LIST_ENTRY store, next;
3160 TRACE("(%p, %p)\n", hCollectionStore, hSiblingStore);
3162 if (!collection || !sibling)
3164 if (collection->hdr.dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
3166 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3169 if (collection->hdr.type != StoreTypeCollection)
3171 if (sibling->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
3173 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3176 EnterCriticalSection(&collection->cs);
3177 LIST_FOR_EACH_ENTRY_SAFE(store, next, &collection->stores,
3178 WINE_STORE_LIST_ENTRY, entry)
3180 if (store->store == sibling)
3182 list_remove(&store->entry);
3183 CertCloseStore(store->store, 0);
3184 CryptMemFree(store);
3188 LeaveCriticalSection(&collection->cs);
3191 PCRYPT_ATTRIBUTE WINAPI CertFindAttribute(LPCSTR pszObjId, DWORD cAttr,
3192 CRYPT_ATTRIBUTE rgAttr[])
3194 PCRYPT_ATTRIBUTE ret = NULL;
3197 TRACE("%s %ld %p\n", debugstr_a(pszObjId), cAttr, rgAttr);
3203 SetLastError(ERROR_INVALID_PARAMETER);
3207 for (i = 0; !ret && i < cAttr; i++)
3208 if (rgAttr[i].pszObjId && !strcmp(pszObjId, rgAttr[i].pszObjId))
3213 PCERT_EXTENSION WINAPI CertFindExtension(LPCSTR pszObjId, DWORD cExtensions,
3214 CERT_EXTENSION rgExtensions[])
3216 PCERT_EXTENSION ret = NULL;
3219 TRACE("%s %ld %p\n", debugstr_a(pszObjId), cExtensions, rgExtensions);
3225 SetLastError(ERROR_INVALID_PARAMETER);
3229 for (i = 0; !ret && i < cExtensions; i++)
3230 if (rgExtensions[i].pszObjId && !strcmp(pszObjId,
3231 rgExtensions[i].pszObjId))
3232 ret = &rgExtensions[i];
3236 PCERT_RDN_ATTR WINAPI CertFindRDNAttr(LPCSTR pszObjId, PCERT_NAME_INFO pName)
3238 PCERT_RDN_ATTR ret = NULL;
3241 TRACE("%s %p\n", debugstr_a(pszObjId), pName);
3245 SetLastError(ERROR_INVALID_PARAMETER);
3249 for (i = 0; !ret && i < pName->cRDN; i++)
3250 for (j = 0; !ret && j < pName->rgRDN[i].cRDNAttr; j++)
3251 if (pName->rgRDN[i].rgRDNAttr[j].pszObjId && !strcmp(pszObjId,
3252 pName->rgRDN[i].rgRDNAttr[j].pszObjId))
3253 ret = &pName->rgRDN[i].rgRDNAttr[j];
3257 LONG WINAPI CertVerifyTimeValidity(LPFILETIME pTimeToVerify,
3258 PCERT_INFO pCertInfo)
3267 GetSystemTime(&sysTime);
3268 SystemTimeToFileTime(&sysTime, &fileTime);
3269 pTimeToVerify = &fileTime;
3271 if ((ret = CompareFileTime(pTimeToVerify, &pCertInfo->NotBefore)) >= 0)
3273 ret = CompareFileTime(pTimeToVerify, &pCertInfo->NotAfter);
3280 BOOL WINAPI CryptHashCertificate(HCRYPTPROV hCryptProv, ALG_ID Algid,
3281 DWORD dwFlags, const BYTE *pbEncoded, DWORD cbEncoded, BYTE *pbComputedHash,
3282 DWORD *pcbComputedHash)
3285 HCRYPTHASH hHash = 0;
3287 TRACE("(%ld, %d, %08lx, %p, %ld, %p, %p)\n", hCryptProv, Algid, dwFlags,
3288 pbEncoded, cbEncoded, pbComputedHash, pcbComputedHash);
3291 hCryptProv = CRYPT_GetDefaultProvider();
3296 ret = CryptCreateHash(hCryptProv, Algid, 0, 0, &hHash);
3299 ret = CryptHashData(hHash, pbEncoded, cbEncoded, 0);
3301 ret = CryptGetHashParam(hHash, HP_HASHVAL, pbComputedHash,
3302 pcbComputedHash, 0);
3303 CryptDestroyHash(hHash);
3309 BOOL WINAPI CryptSignCertificate(HCRYPTPROV hCryptProv, DWORD dwKeySpec,
3310 DWORD dwCertEncodingType, const BYTE *pbEncodedToBeSigned,
3311 DWORD cbEncodedToBeSigned, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm,
3312 const void *pvHashAuxInfo, BYTE *pbSignature, DWORD *pcbSignature)
3318 TRACE("(%08lx, %ld, %ld, %p, %ld, %p, %p, %p, %p)\n", hCryptProv,
3319 dwKeySpec, dwCertEncodingType, pbEncodedToBeSigned, cbEncodedToBeSigned,
3320 pSignatureAlgorithm, pvHashAuxInfo, pbSignature, pcbSignature);
3322 algID = CertOIDToAlgId(pSignatureAlgorithm->pszObjId);
3325 SetLastError(NTE_BAD_ALGID);
3330 SetLastError(ERROR_INVALID_PARAMETER);
3334 ret = CryptCreateHash(hCryptProv, algID, 0, 0, &hHash);
3337 ret = CryptHashData(hHash, pbEncodedToBeSigned, cbEncodedToBeSigned, 0);
3339 ret = CryptSignHashW(hHash, dwKeySpec, NULL, 0, pbSignature,
3341 CryptDestroyHash(hHash);
3346 BOOL WINAPI CryptVerifyCertificateSignature(HCRYPTPROV hCryptProv,
3347 DWORD dwCertEncodingType, const BYTE *pbEncoded, DWORD cbEncoded,
3348 PCERT_PUBLIC_KEY_INFO pPublicKey)
3350 return CryptVerifyCertificateSignatureEx(hCryptProv, dwCertEncodingType,
3351 CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB, (void *)pbEncoded,
3352 CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY, pPublicKey, 0, NULL);
3355 BOOL WINAPI CryptVerifyCertificateSignatureEx(HCRYPTPROV hCryptProv,
3356 DWORD dwCertEncodingType, DWORD dwSubjectType, void *pvSubject,
3357 DWORD dwIssuerType, void *pvIssuer, DWORD dwFlags, void *pvReserved)
3360 CRYPT_DATA_BLOB subjectBlob;
3362 TRACE("(%08lx, %ld, %ld, %p, %ld, %p, %08lx, %p)\n", hCryptProv,
3363 dwCertEncodingType, dwSubjectType, pvSubject, dwIssuerType, pvIssuer,
3364 dwFlags, pvReserved);
3366 switch (dwSubjectType)
3368 case CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB:
3370 PCRYPT_DATA_BLOB blob = (PCRYPT_DATA_BLOB)pvSubject;
3372 subjectBlob.pbData = blob->pbData;
3373 subjectBlob.cbData = blob->cbData;
3376 case CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT:
3378 PCERT_CONTEXT context = (PCERT_CONTEXT)pvSubject;
3380 subjectBlob.pbData = context->pbCertEncoded;
3381 subjectBlob.cbData = context->cbCertEncoded;
3384 case CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL:
3386 PCRL_CONTEXT context = (PCRL_CONTEXT)pvSubject;
3388 subjectBlob.pbData = context->pbCrlEncoded;
3389 subjectBlob.cbData = context->cbCrlEncoded;
3393 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3399 PCERT_SIGNED_CONTENT_INFO signedCert = NULL;
3402 ret = CryptDecodeObjectEx(dwCertEncodingType, X509_CERT,
3403 subjectBlob.pbData, subjectBlob.cbData,
3404 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
3405 (BYTE *)&signedCert, &size);
3408 switch (dwIssuerType)
3410 case CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY:
3412 PCERT_PUBLIC_KEY_INFO pubKeyInfo =
3413 (PCERT_PUBLIC_KEY_INFO)pvIssuer;
3414 ALG_ID algID = CertOIDToAlgId(pubKeyInfo->Algorithm.pszObjId);
3420 ret = CryptImportPublicKeyInfoEx(hCryptProv,
3421 dwCertEncodingType, pubKeyInfo, algID, 0, NULL, &key);
3426 ret = CryptCreateHash(hCryptProv, algID, 0, 0, &hash);
3429 ret = CryptHashData(hash,
3430 signedCert->ToBeSigned.pbData,
3431 signedCert->ToBeSigned.cbData, 0);
3434 ret = CryptVerifySignatureW(hash,
3435 signedCert->Signature.pbData,
3436 signedCert->Signature.cbData, key, NULL, 0);
3438 CryptDestroyHash(hash);
3440 CryptDestroyKey(key);
3445 SetLastError(NTE_BAD_ALGID);
3450 case CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT:
3451 case CRYPT_VERIFY_CERT_SIGN_ISSUER_CHAIN:
3452 FIXME("issuer type %ld: stub\n", dwIssuerType);
3455 case CRYPT_VERIFY_CERT_SIGN_ISSUER_NULL:
3458 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3463 FIXME("unimplemented for NULL signer\n");
3464 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3469 SetLastError(HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER));
3472 LocalFree(signedCert);
3478 BOOL WINAPI CryptVerifyMessageSignature(/*PCRYPT_VERIFY_MESSAGE_PARA*/ void* pVerifyPara,
3479 DWORD dwSignerIndex, const BYTE* pbSignedBlob, DWORD cbSignedBlob,
3480 BYTE* pbDecoded, DWORD* pcbDecoded, PCCERT_CONTEXT* ppSignerCert)
3482 FIXME("stub: %p, %ld, %p, %ld, %p, %p, %p\n",
3483 pVerifyPara, dwSignerIndex, pbSignedBlob, cbSignedBlob,
3484 pbDecoded, pcbDecoded, ppSignerCert);