crypt32/tests: Make some variables static.
[wine] / dlls / crypt32 / message.c
1 /*
2  * Copyright 2007 Juan Lang
3  *
4  * This library is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU Lesser General Public
6  * License as published by the Free Software Foundation; either
7  * version 2.1 of the License, or (at your option) any later version.
8  *
9  * This library is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12  * Lesser General Public License for more details.
13  *
14  * You should have received a copy of the GNU Lesser General Public
15  * License along with this library; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17  */
18
19 #include <stdarg.h>
20 #include "windef.h"
21 #include "winbase.h"
22 #include "wincrypt.h"
23
24 #include "wine/debug.h"
25
26 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
27
28 HCERTSTORE WINAPI CryptGetMessageCertificates(DWORD dwMsgAndCertEncodingType,
29  HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const BYTE* pbSignedBlob,
30  DWORD cbSignedBlob)
31 {
32     CRYPT_DATA_BLOB blob = { cbSignedBlob, (LPBYTE)pbSignedBlob };
33
34     TRACE("(%08x, %ld, %d08x %p, %d)\n", dwMsgAndCertEncodingType, hCryptProv,
35      dwFlags, pbSignedBlob, cbSignedBlob);
36
37     return CertOpenStore(CERT_STORE_PROV_PKCS7, dwMsgAndCertEncodingType,
38      hCryptProv, dwFlags, &blob);
39 }
40
41 LONG WINAPI CryptGetMessageSignerCount(DWORD dwMsgEncodingType,
42  const BYTE *pbSignedBlob, DWORD cbSignedBlob)
43 {
44     HCRYPTMSG msg;
45     LONG count = -1;
46
47     TRACE("(%08x, %p, %d)\n", dwMsgEncodingType, pbSignedBlob, cbSignedBlob);
48
49     msg = CryptMsgOpenToDecode(dwMsgEncodingType, 0, 0, 0, NULL, NULL);
50     if (msg)
51     {
52         if (CryptMsgUpdate(msg, pbSignedBlob, cbSignedBlob, TRUE))
53         {
54             DWORD size = sizeof(count);
55
56             CryptMsgGetParam(msg, CMSG_SIGNER_COUNT_PARAM, 0, &count, &size);
57         }
58         CryptMsgClose(msg);
59     }
60     return count;
61 }
62
63 static CERT_INFO *CRYPT_GetSignerCertInfoFromMsg(HCRYPTMSG msg,
64  DWORD dwSignerIndex)
65 {
66     CERT_INFO *certInfo = NULL;
67     DWORD size;
68
69     if (CryptMsgGetParam(msg, CMSG_SIGNER_CERT_INFO_PARAM, dwSignerIndex, NULL,
70      &size))
71     {
72         certInfo = CryptMemAlloc(size);
73         if (certInfo)
74         {
75             if (!CryptMsgGetParam(msg, CMSG_SIGNER_CERT_INFO_PARAM,
76              dwSignerIndex, certInfo, &size))
77             {
78                 CryptMemFree(certInfo);
79                 certInfo = NULL;
80             }
81         }
82     }
83     else
84         SetLastError(CRYPT_E_UNEXPECTED_MSG_TYPE);
85     return certInfo;
86 }
87
88 static PCCERT_CONTEXT WINAPI CRYPT_DefaultGetSignerCertificate(void *pvGetArg,
89  DWORD dwCertEncodingType, PCERT_INFO pSignerId, HCERTSTORE hMsgCertStore)
90 {
91     return CertFindCertificateInStore(hMsgCertStore, dwCertEncodingType, 0,
92      CERT_FIND_SUBJECT_CERT, pSignerId, NULL);
93 }
94
95 static inline PCCERT_CONTEXT CRYPT_GetSignerCertificate(HCRYPTMSG msg,
96  PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, PCERT_INFO certInfo, HCERTSTORE store)
97 {
98     PFN_CRYPT_GET_SIGNER_CERTIFICATE getCert;
99
100     if (pVerifyPara->pfnGetSignerCertificate)
101         getCert = pVerifyPara->pfnGetSignerCertificate;
102     else
103         getCert = CRYPT_DefaultGetSignerCertificate;
104     return getCert(pVerifyPara->pvGetArg,
105      pVerifyPara->dwMsgAndCertEncodingType, certInfo, store);
106 }
107
108 BOOL WINAPI CryptVerifyDetachedMessageSignature(
109  PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, DWORD dwSignerIndex,
110  const BYTE *pbDetachedSignBlob, DWORD cbDetachedSignBlob, DWORD cToBeSigned,
111  const BYTE *rgpbToBeSigned[], DWORD rgcbToBeSigned[],
112  PCCERT_CONTEXT *ppSignerCert)
113 {
114     BOOL ret = FALSE;
115     HCRYPTMSG msg;
116
117     TRACE("(%p, %d, %p, %d, %d, %p, %p, %p)\n", pVerifyPara, dwSignerIndex,
118      pbDetachedSignBlob, cbDetachedSignBlob, cToBeSigned, rgpbToBeSigned,
119      rgcbToBeSigned, ppSignerCert);
120
121     if (ppSignerCert)
122         *ppSignerCert = NULL;
123     if (!pVerifyPara ||
124      pVerifyPara->cbSize != sizeof(CRYPT_VERIFY_MESSAGE_PARA) ||
125      GET_CMSG_ENCODING_TYPE(pVerifyPara->dwMsgAndCertEncodingType) !=
126      PKCS_7_ASN_ENCODING)
127     {
128         SetLastError(E_INVALIDARG);
129         return FALSE;
130     }
131
132     msg = CryptMsgOpenToDecode(pVerifyPara->dwMsgAndCertEncodingType,
133      CMSG_DETACHED_FLAG, 0, pVerifyPara->hCryptProv, NULL, NULL);
134     if (msg)
135     {
136         ret = CryptMsgUpdate(msg, pbDetachedSignBlob, cbDetachedSignBlob, TRUE);
137         if (ret)
138         {
139             DWORD i;
140
141             for (i = 0; ret && i < cToBeSigned; i++)
142                 ret = CryptMsgUpdate(msg, rgpbToBeSigned[i], rgcbToBeSigned[i],
143                  i == cToBeSigned - 1 ? TRUE : FALSE);
144         }
145         if (ret)
146         {
147             CERT_INFO *certInfo = CRYPT_GetSignerCertInfoFromMsg(msg,
148              dwSignerIndex);
149
150             ret = FALSE;
151             if (certInfo)
152             {
153                 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MSG,
154                  pVerifyPara->dwMsgAndCertEncodingType,
155                  pVerifyPara->hCryptProv, 0, msg);
156
157                 if (store)
158                 {
159                     PCCERT_CONTEXT cert = CRYPT_GetSignerCertificate(
160                      msg, pVerifyPara, certInfo, store);
161
162                     if (cert)
163                     {
164                         ret = CryptMsgControl(msg, 0,
165                          CMSG_CTRL_VERIFY_SIGNATURE, cert->pCertInfo);
166                         if (ret && ppSignerCert)
167                             *ppSignerCert = cert;
168                         else
169                             CertFreeCertificateContext(cert);
170                     }
171                     else
172                         SetLastError(CRYPT_E_NOT_FOUND);
173                     CertCloseStore(store, 0);
174                 }
175                 CryptMemFree(certInfo);
176             }
177         }
178         CryptMsgClose(msg);
179     }
180     TRACE("returning %d\n", ret);
181     return ret;
182 }
183
184 BOOL WINAPI CryptVerifyMessageSignature(PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara,
185  DWORD dwSignerIndex, const BYTE* pbSignedBlob, DWORD cbSignedBlob,
186  BYTE* pbDecoded, DWORD* pcbDecoded, PCCERT_CONTEXT* ppSignerCert)
187 {
188     BOOL ret = FALSE;
189     HCRYPTMSG msg;
190
191     TRACE("(%p, %d, %p, %d, %p, %p, %p)\n",
192      pVerifyPara, dwSignerIndex, pbSignedBlob, cbSignedBlob,
193      pbDecoded, pcbDecoded, ppSignerCert);
194
195     if (ppSignerCert)
196         *ppSignerCert = NULL;
197     if (!pVerifyPara ||
198      pVerifyPara->cbSize != sizeof(CRYPT_VERIFY_MESSAGE_PARA) ||
199      GET_CMSG_ENCODING_TYPE(pVerifyPara->dwMsgAndCertEncodingType) !=
200      PKCS_7_ASN_ENCODING)
201     {
202         if(pcbDecoded)
203             *pcbDecoded = 0;
204         SetLastError(E_INVALIDARG);
205         return FALSE;
206     }
207
208     msg = CryptMsgOpenToDecode(pVerifyPara->dwMsgAndCertEncodingType, 0, 0,
209      pVerifyPara->hCryptProv, NULL, NULL);
210     if (msg)
211     {
212         ret = CryptMsgUpdate(msg, pbSignedBlob, cbSignedBlob, TRUE);
213         if (ret)
214         {
215             CERT_INFO *certInfo = CRYPT_GetSignerCertInfoFromMsg(msg,
216              dwSignerIndex);
217
218             ret = FALSE;
219             if (certInfo)
220             {
221                 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MSG,
222                  pVerifyPara->dwMsgAndCertEncodingType,
223                  pVerifyPara->hCryptProv, 0, msg);
224
225                 if (store)
226                 {
227                     PCCERT_CONTEXT cert = CRYPT_GetSignerCertificate(
228                      msg, pVerifyPara, certInfo, store);
229
230                     if (cert)
231                     {
232                         ret = CryptMsgControl(msg, 0,
233                          CMSG_CTRL_VERIFY_SIGNATURE, cert->pCertInfo);
234                         if (ret && ppSignerCert)
235                             *ppSignerCert = cert;
236                         else
237                             CertFreeCertificateContext(cert);
238                     }
239                     CertCloseStore(store, 0);
240                 }
241             }
242             CryptMemFree(certInfo);
243         }
244         if (ret)
245         {
246             /* The caller is expected to pass a valid pointer to pcbDecoded
247              * when the message verifies successfully.
248              */
249             if (pcbDecoded)
250                 ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, pbDecoded,
251                  pcbDecoded);
252             else
253             {
254                 SetLastError(CRYPT_E_NOT_FOUND);
255                 ret = FALSE;
256             }
257         }
258         CryptMsgClose(msg);
259     }
260     if(!ret && pcbDecoded)
261         *pcbDecoded = 0;
262     TRACE("returning %d\n", ret);
263     return ret;
264 }
265
266 BOOL WINAPI CryptHashMessage(PCRYPT_HASH_MESSAGE_PARA pHashPara,
267  BOOL fDetachedHash, DWORD cToBeHashed, const BYTE *rgpbToBeHashed[],
268  DWORD rgcbToBeHashed[], BYTE *pbHashedBlob, DWORD *pcbHashedBlob,
269  BYTE *pbComputedHash, DWORD *pcbComputedHash)
270 {
271     DWORD i, flags;
272     BOOL ret = FALSE;
273     HCRYPTMSG msg;
274     CMSG_HASHED_ENCODE_INFO info;
275
276     TRACE("(%p, %d, %d, %p, %p, %p, %p, %p, %p)\n", pHashPara, fDetachedHash,
277      cToBeHashed, rgpbToBeHashed, rgcbToBeHashed, pbHashedBlob, pcbHashedBlob,
278      pbComputedHash, pcbComputedHash);
279
280     if (pHashPara->cbSize != sizeof(CRYPT_HASH_MESSAGE_PARA))
281     {
282         SetLastError(E_INVALIDARG);
283         return FALSE;
284     }
285     /* Native seems to ignore any encoding type other than the expected
286      * PKCS_7_ASN_ENCODING
287      */
288     if (GET_CMSG_ENCODING_TYPE(pHashPara->dwMsgEncodingType) !=
289      PKCS_7_ASN_ENCODING)
290         return TRUE;
291     /* Native also seems to do nothing if the output parameter isn't given */
292     if (!pcbHashedBlob)
293         return TRUE;
294
295     flags = fDetachedHash ? CMSG_DETACHED_FLAG : 0;
296     memset(&info, 0, sizeof(info));
297     info.cbSize = sizeof(info);
298     info.hCryptProv = pHashPara->hCryptProv;
299     memcpy(&info.HashAlgorithm, &pHashPara->HashAlgorithm,
300      sizeof(info.HashAlgorithm));
301     info.pvHashAuxInfo = pHashPara->pvHashAuxInfo;
302     msg = CryptMsgOpenToEncode(pHashPara->dwMsgEncodingType, flags, CMSG_HASHED,
303      &info, NULL, NULL);
304     if (msg)
305     {
306         for (i = 0, ret = TRUE; ret && i < cToBeHashed; i++)
307             ret = CryptMsgUpdate(msg, rgpbToBeHashed[i], rgcbToBeHashed[i],
308              i == cToBeHashed - 1 ? TRUE : FALSE);
309         if (ret)
310         {
311             ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, pbHashedBlob,
312              pcbHashedBlob);
313             if (ret && pcbComputedHash)
314                 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0,
315                  pbComputedHash, pcbComputedHash);
316         }
317         CryptMsgClose(msg);
318     }
319     return ret;
320 }
321
322 BOOL WINAPI CryptVerifyDetachedMessageHash(PCRYPT_HASH_MESSAGE_PARA pHashPara,
323  BYTE *pbDetachedHashBlob, DWORD cbDetachedHashBlob, DWORD cToBeHashed,
324  const BYTE *rgpbToBeHashed[], DWORD rgcbToBeHashed[], BYTE *pbComputedHash,
325  DWORD *pcbComputedHash)
326 {
327     HCRYPTMSG msg;
328     BOOL ret = FALSE;
329
330     TRACE("(%p, %p, %d, %d, %p, %p, %p, %p)\n", pHashPara, pbDetachedHashBlob,
331      cbDetachedHashBlob, cToBeHashed, rgpbToBeHashed, rgcbToBeHashed,
332      pbComputedHash, pcbComputedHash);
333
334     if (pHashPara->cbSize != sizeof(CRYPT_HASH_MESSAGE_PARA))
335     {
336         SetLastError(E_INVALIDARG);
337         return FALSE;
338     }
339     if (GET_CMSG_ENCODING_TYPE(pHashPara->dwMsgEncodingType) !=
340      PKCS_7_ASN_ENCODING)
341     {
342         SetLastError(E_INVALIDARG);
343         return FALSE;
344     }
345     msg = CryptMsgOpenToDecode(pHashPara->dwMsgEncodingType, CMSG_DETACHED_FLAG,
346      0, pHashPara->hCryptProv, NULL, NULL);
347     if (msg)
348     {
349         DWORD i;
350
351         ret = CryptMsgUpdate(msg, pbDetachedHashBlob, cbDetachedHashBlob, TRUE);
352         if (ret)
353         {
354             if (cToBeHashed)
355             {
356                 for (i = 0; ret && i < cToBeHashed; i++)
357                 {
358                     ret = CryptMsgUpdate(msg, rgpbToBeHashed[i],
359                      rgcbToBeHashed[i], i == cToBeHashed - 1 ? TRUE : FALSE);
360                 }
361             }
362             else
363                 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
364         }
365         if (ret)
366         {
367             ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_HASH, NULL);
368             if (ret && pcbComputedHash)
369                 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0,
370                  pbComputedHash, pcbComputedHash);
371         }
372         CryptMsgClose(msg);
373     }
374     return ret;
375 }
376
377 BOOL WINAPI CryptVerifyMessageHash(PCRYPT_HASH_MESSAGE_PARA pHashPara,
378  BYTE *pbHashedBlob, DWORD cbHashedBlob, BYTE *pbToBeHashed,
379  DWORD *pcbToBeHashed, BYTE *pbComputedHash, DWORD *pcbComputedHash)
380 {
381     HCRYPTMSG msg;
382     BOOL ret = FALSE;
383
384     TRACE("(%p, %p, %d, %p, %p, %p, %p)\n", pHashPara, pbHashedBlob,
385      cbHashedBlob, pbToBeHashed, pcbToBeHashed, pbComputedHash,
386      pcbComputedHash);
387
388     if (pHashPara->cbSize != sizeof(CRYPT_HASH_MESSAGE_PARA))
389     {
390         SetLastError(E_INVALIDARG);
391         return FALSE;
392     }
393     if (GET_CMSG_ENCODING_TYPE(pHashPara->dwMsgEncodingType) !=
394      PKCS_7_ASN_ENCODING)
395     {
396         SetLastError(E_INVALIDARG);
397         return FALSE;
398     }
399     msg = CryptMsgOpenToDecode(pHashPara->dwMsgEncodingType, 0, 0,
400      pHashPara->hCryptProv, NULL, NULL);
401     if (msg)
402     {
403         ret = CryptMsgUpdate(msg, pbHashedBlob, cbHashedBlob, TRUE);
404         if (ret)
405         {
406             ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_HASH, NULL);
407             if (ret && pcbToBeHashed)
408                 ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0,
409                  pbToBeHashed, pcbToBeHashed);
410             if (ret && pcbComputedHash)
411                 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0,
412                  pbComputedHash, pcbComputedHash);
413         }
414         CryptMsgClose(msg);
415     }
416     return ret;
417 }
418
419 BOOL WINAPI CryptSignMessage(PCRYPT_SIGN_MESSAGE_PARA pSignPara,
420  BOOL fDetachedSignature, DWORD cToBeSigned, const BYTE *rgpbToBeSigned[],
421  DWORD rgcbToBeSigned[], BYTE *pbSignedBlob, DWORD *pcbSignedBlob)
422 {
423     HCRYPTPROV hCryptProv;
424     BOOL ret, freeProv = FALSE;
425     DWORD i, keySpec;
426     PCERT_BLOB certBlob = NULL;
427     PCRL_BLOB crlBlob = NULL;
428     CMSG_SIGNED_ENCODE_INFO signInfo;
429     CMSG_SIGNER_ENCODE_INFO signer;
430     HCRYPTMSG msg = 0;
431
432     TRACE("(%p, %d, %d, %p, %p, %p, %p)\n", pSignPara, fDetachedSignature,
433      cToBeSigned, rgpbToBeSigned, rgcbToBeSigned, pbSignedBlob, pcbSignedBlob);
434
435     if (pSignPara->cbSize != sizeof(CRYPT_SIGN_MESSAGE_PARA) ||
436      GET_CMSG_ENCODING_TYPE(pSignPara->dwMsgEncodingType) !=
437      PKCS_7_ASN_ENCODING)
438     {
439         *pcbSignedBlob = 0;
440         SetLastError(E_INVALIDARG);
441         return FALSE;
442     }
443     if (!pSignPara->pSigningCert)
444         return TRUE;
445
446     ret = CryptAcquireCertificatePrivateKey(pSignPara->pSigningCert,
447      CRYPT_ACQUIRE_CACHE_FLAG, NULL, &hCryptProv, &keySpec, &freeProv);
448     if (!ret)
449         return FALSE;
450
451     memset(&signer, 0, sizeof(signer));
452     signer.cbSize = sizeof(signer);
453     signer.pCertInfo = pSignPara->pSigningCert->pCertInfo;
454     signer.hCryptProv = hCryptProv;
455     signer.dwKeySpec = keySpec;
456     signer.HashAlgorithm = pSignPara->HashAlgorithm;
457     signer.pvHashAuxInfo = pSignPara->pvHashAuxInfo;
458     signer.cAuthAttr = pSignPara->cAuthAttr;
459     signer.rgAuthAttr = pSignPara->rgAuthAttr;
460     signer.cUnauthAttr = pSignPara->cUnauthAttr;
461     signer.rgUnauthAttr = pSignPara->rgUnauthAttr;
462
463     memset(&signInfo, 0, sizeof(signInfo));
464     signInfo.cbSize = sizeof(signInfo);
465     signInfo.cSigners = 1;
466     signInfo.rgSigners = &signer;
467
468     if (pSignPara->cMsgCert)
469     {
470         certBlob = CryptMemAlloc(sizeof(CERT_BLOB) * pSignPara->cMsgCert);
471         if (certBlob)
472         {
473             for (i = 0; i < pSignPara->cMsgCert; ++i)
474             {
475                 certBlob[i].cbData = pSignPara->rgpMsgCert[i]->cbCertEncoded;
476                 certBlob[i].pbData = pSignPara->rgpMsgCert[i]->pbCertEncoded;
477             }
478             signInfo.cCertEncoded = pSignPara->cMsgCert;
479             signInfo.rgCertEncoded = certBlob;
480         }
481         else
482             ret = FALSE;
483     }
484     if (pSignPara->cMsgCrl)
485     {
486         crlBlob = CryptMemAlloc(sizeof(CRL_BLOB) * pSignPara->cMsgCrl);
487         if (crlBlob)
488         {
489             for (i = 0; i < pSignPara->cMsgCrl; ++i)
490             {
491                 crlBlob[i].cbData = pSignPara->rgpMsgCrl[i]->cbCrlEncoded;
492                 crlBlob[i].pbData = pSignPara->rgpMsgCrl[i]->pbCrlEncoded;
493             }
494             signInfo.cCrlEncoded = pSignPara->cMsgCrl;
495             signInfo.rgCrlEncoded = crlBlob;
496         }
497         else
498             ret = FALSE;
499     }
500     if (pSignPara->dwFlags || pSignPara->dwInnerContentType)
501         FIXME("unimplemented feature\n");
502
503     if (ret)
504         msg = CryptMsgOpenToEncode(pSignPara->dwMsgEncodingType,
505          fDetachedSignature ? CMSG_DETACHED_FLAG : 0, CMSG_SIGNED, &signInfo,
506          NULL, NULL);
507     if (msg)
508     {
509         if (cToBeSigned)
510         {
511             for (i = 0; ret && i < cToBeSigned; ++i)
512             {
513                 ret = CryptMsgUpdate(msg, rgpbToBeSigned[i], rgcbToBeSigned[i],
514                  i == cToBeSigned - 1 ? TRUE : FALSE);
515             }
516         }
517         else
518             ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
519         if (ret)
520             ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, pbSignedBlob,
521              pcbSignedBlob);
522         CryptMsgClose(msg);
523     }
524     else
525         ret = FALSE;
526
527     CryptMemFree(crlBlob);
528     CryptMemFree(certBlob);
529     if (freeProv)
530         CryptReleaseContext(hCryptProv, 0);
531     return ret;
532 }
533
534 BOOL WINAPI CryptEncryptMessage(PCRYPT_ENCRYPT_MESSAGE_PARA pEncryptPara,
535  DWORD cRecipientCert, PCCERT_CONTEXT rgpRecipientCert[],
536  const BYTE *pbToBeEncrypted, DWORD cbToBeEncrypted, BYTE *pbEncryptedBlob,
537  DWORD *pcbEncryptedBlob)
538 {
539     FIXME("(%p, %d, %p, %p, %d, %p, %p): stub\n", pEncryptPara, cRecipientCert,
540      rgpRecipientCert, pbToBeEncrypted, cbToBeEncrypted, pbEncryptedBlob,
541      pcbEncryptedBlob);
542     return FALSE;
543 }