2 * Copyright 2007 Juan Lang
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
24 #include "wine/debug.h"
25 #include "wine/exception.h"
26 #include "crypt32_private.h"
28 WINE_DEFAULT_DEBUG_CHANNEL(crypt);
30 /* Called when a message's ref count reaches zero. Free any message-specific
33 typedef void (*CryptMsgCloseFunc)(HCRYPTMSG msg);
35 typedef BOOL (*CryptMsgGetParamFunc)(HCRYPTMSG hCryptMsg, DWORD dwParamType,
36 DWORD dwIndex, void *pvData, DWORD *pcbData);
38 typedef BOOL (*CryptMsgUpdateFunc)(HCRYPTMSG hCryptMsg, const BYTE *pbData,
39 DWORD cbData, BOOL fFinal);
41 typedef BOOL (*CryptMsgControlFunc)(HCRYPTMSG hCryptMsg, DWORD dwFlags,
42 DWORD dwCtrlType, const void *pvCtrlPara);
44 BOOL CRYPT_DefaultMsgControl(HCRYPTMSG hCryptMsg, DWORD dwFlags,
45 DWORD dwCtrlType, const void *pvCtrlPara)
47 TRACE("(%p, %08x, %d, %p)\n", hCryptMsg, dwFlags, dwCtrlType, pvCtrlPara);
48 SetLastError(E_INVALIDARG);
52 typedef enum _CryptMsgState {
55 MsgStateDataFinalized,
59 typedef struct _CryptMsgBase
64 CMSG_STREAM_INFO stream_info;
66 CryptMsgCloseFunc close;
67 CryptMsgUpdateFunc update;
68 CryptMsgGetParamFunc get_param;
69 CryptMsgControlFunc control;
72 static inline void CryptMsgBase_Init(CryptMsgBase *msg, DWORD dwFlags,
73 PCMSG_STREAM_INFO pStreamInfo, CryptMsgCloseFunc close,
74 CryptMsgGetParamFunc get_param, CryptMsgUpdateFunc update,
75 CryptMsgControlFunc control)
78 msg->open_flags = dwFlags;
82 msg->stream_info = *pStreamInfo;
86 msg->streamed = FALSE;
87 memset(&msg->stream_info, 0, sizeof(msg->stream_info));
90 msg->get_param = get_param;
92 msg->control = control;
93 msg->state = MsgStateInit;
96 typedef struct _CDataEncodeMsg
99 DWORD bare_content_len;
103 static const BYTE empty_data_content[] = { 0x04,0x00 };
105 static void CDataEncodeMsg_Close(HCRYPTMSG hCryptMsg)
107 CDataEncodeMsg *msg = (CDataEncodeMsg *)hCryptMsg;
109 if (msg->bare_content != empty_data_content)
110 LocalFree(msg->bare_content);
113 static BOOL WINAPI CRYPT_EncodeContentLength(DWORD dwCertEncodingType,
114 LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
115 PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
117 DWORD dataLen = *(DWORD *)pvStructInfo;
121 /* Trick: report bytes needed based on total message length, even though
122 * the message isn't available yet. The caller will use the length
123 * reported here to encode its length.
125 CRYPT_EncodeLen(dataLen, NULL, &lenBytes);
127 *pcbEncoded = 1 + lenBytes + dataLen;
130 if ((ret = CRYPT_EncodeEnsureSpace(dwFlags, pEncodePara, pbEncoded,
131 pcbEncoded, 1 + lenBytes)))
133 if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
134 pbEncoded = *(BYTE **)pbEncoded;
135 *pbEncoded++ = ASN_OCTETSTRING;
136 CRYPT_EncodeLen(dataLen, pbEncoded,
143 static BOOL CRYPT_EncodeDataContentInfoHeader(CDataEncodeMsg *msg,
144 CRYPT_DATA_BLOB *header)
148 if (msg->base.streamed && msg->base.stream_info.cbContent == 0xffffffff)
150 static const BYTE headerValue[] = { 0x30,0x80,0x06,0x09,0x2a,0x86,0x48,
151 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x80,0x24,0x80 };
153 header->pbData = LocalAlloc(0, sizeof(headerValue));
156 header->cbData = sizeof(headerValue);
157 memcpy(header->pbData, headerValue, sizeof(headerValue));
165 struct AsnConstructedItem constructed = { 0,
166 &msg->base.stream_info.cbContent, CRYPT_EncodeContentLength };
167 struct AsnEncodeSequenceItem items[2] = {
168 { szOID_RSA_data, CRYPT_AsnEncodeOid, 0 },
169 { &constructed, CRYPT_AsnEncodeConstructed, 0 },
172 ret = CRYPT_AsnEncodeSequence(X509_ASN_ENCODING, items,
173 sizeof(items) / sizeof(items[0]), CRYPT_ENCODE_ALLOC_FLAG, NULL,
174 (LPBYTE)&header->pbData, &header->cbData);
177 /* Trick: subtract the content length from the reported length,
178 * as the actual content hasn't come yet.
180 header->cbData -= msg->base.stream_info.cbContent;
186 static BOOL CDataEncodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
187 DWORD cbData, BOOL fFinal)
189 CDataEncodeMsg *msg = (CDataEncodeMsg *)hCryptMsg;
192 if (msg->base.state == MsgStateFinalized)
193 SetLastError(CRYPT_E_MSG_ERROR);
194 else if (msg->base.streamed)
198 if (msg->base.state != MsgStateUpdated)
200 CRYPT_DATA_BLOB header;
202 ret = CRYPT_EncodeDataContentInfoHeader(msg, &header);
205 ret = msg->base.stream_info.pfnStreamOutput(
206 msg->base.stream_info.pvArg, header.pbData, header.cbData,
208 LocalFree(header.pbData);
211 /* Curiously, every indefinite-length streamed update appears to
212 * get its own tag and length, regardless of fFinal.
214 if (msg->base.stream_info.cbContent == 0xffffffff)
219 ret = CRYPT_EncodeContentLength(X509_ASN_ENCODING, NULL,
220 &cbData, CRYPT_ENCODE_ALLOC_FLAG, NULL, (BYTE *)&header,
224 ret = msg->base.stream_info.pfnStreamOutput(
225 msg->base.stream_info.pvArg, header, headerLen,
232 ret = msg->base.stream_info.pfnStreamOutput(
233 msg->base.stream_info.pvArg, (BYTE *)pbData, cbData,
235 msg->base.state = MsgStateUpdated;
239 msg->base.state = MsgStateFinalized;
240 if (msg->base.stream_info.cbContent == 0xffffffff)
242 BYTE indefinite_trailer[6] = { 0 };
244 ret = msg->base.stream_info.pfnStreamOutput(
245 msg->base.stream_info.pvArg, (BYTE *)pbData, cbData,
248 ret = msg->base.stream_info.pfnStreamOutput(
249 msg->base.stream_info.pvArg, indefinite_trailer,
250 sizeof(indefinite_trailer), TRUE);
253 ret = msg->base.stream_info.pfnStreamOutput(
254 msg->base.stream_info.pvArg, (BYTE *)pbData, cbData, TRUE);
259 SetLastError(STATUS_ACCESS_VIOLATION);
268 if (msg->base.open_flags & CMSG_DETACHED_FLAG)
269 SetLastError(E_INVALIDARG);
271 SetLastError(CRYPT_E_MSG_ERROR);
275 msg->base.state = MsgStateFinalized;
277 SetLastError(E_INVALIDARG);
280 CRYPT_DATA_BLOB blob = { cbData, (LPBYTE)pbData };
282 /* non-streamed data messages don't allow non-final updates,
283 * don't bother checking whether data already exist, they can't.
285 ret = CryptEncodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
286 &blob, CRYPT_ENCODE_ALLOC_FLAG, NULL, &msg->bare_content,
287 &msg->bare_content_len);
294 static BOOL CRYPT_CopyParam(void *pvData, DWORD *pcbData, const void *src,
301 else if (*pcbData < len)
304 SetLastError(ERROR_MORE_DATA);
310 memcpy(pvData, src, len);
315 static BOOL CDataEncodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
316 DWORD dwIndex, void *pvData, DWORD *pcbData)
318 CDataEncodeMsg *msg = (CDataEncodeMsg *)hCryptMsg;
323 case CMSG_CONTENT_PARAM:
324 if (msg->base.streamed)
325 SetLastError(E_INVALIDARG);
328 CRYPT_CONTENT_INFO info;
329 char rsa_data[] = "1.2.840.113549.1.7.1";
331 info.pszObjId = rsa_data;
332 info.Content.cbData = msg->bare_content_len;
333 info.Content.pbData = msg->bare_content;
334 ret = CryptEncodeObject(X509_ASN_ENCODING, PKCS_CONTENT_INFO, &info,
338 case CMSG_BARE_CONTENT_PARAM:
339 if (msg->base.streamed)
340 SetLastError(E_INVALIDARG);
342 ret = CRYPT_CopyParam(pvData, pcbData, msg->bare_content,
343 msg->bare_content_len);
346 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
351 static HCRYPTMSG CDataEncodeMsg_Open(DWORD dwFlags, const void *pvMsgEncodeInfo,
352 LPSTR pszInnerContentObjID, PCMSG_STREAM_INFO pStreamInfo)
358 SetLastError(E_INVALIDARG);
361 msg = CryptMemAlloc(sizeof(CDataEncodeMsg));
364 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
365 CDataEncodeMsg_Close, CDataEncodeMsg_GetParam, CDataEncodeMsg_Update,
366 CRYPT_DefaultMsgControl);
367 msg->bare_content_len = sizeof(empty_data_content);
368 msg->bare_content = (LPBYTE)empty_data_content;
370 return (HCRYPTMSG)msg;
373 typedef struct _CHashEncodeMsg
378 CRYPT_DATA_BLOB data;
381 static void CHashEncodeMsg_Close(HCRYPTMSG hCryptMsg)
383 CHashEncodeMsg *msg = (CHashEncodeMsg *)hCryptMsg;
385 CryptMemFree(msg->data.pbData);
386 CryptDestroyHash(msg->hash);
387 if (msg->base.open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG)
388 CryptReleaseContext(msg->prov, 0);
391 static BOOL CRYPT_EncodePKCSDigestedData(CHashEncodeMsg *msg, void *pvData,
396 DWORD size = sizeof(algID);
398 ret = CryptGetHashParam(msg->hash, HP_ALGID, (BYTE *)&algID, &size, 0);
401 CRYPT_DIGESTED_DATA digestedData = { 0 };
402 char oid_rsa_data[] = szOID_RSA_data;
404 digestedData.version = CMSG_HASHED_DATA_PKCS_1_5_VERSION;
405 digestedData.DigestAlgorithm.pszObjId = (LPSTR)CertAlgIdToOID(algID);
406 /* FIXME: what about digestedData.DigestAlgorithm.Parameters? */
407 /* Quirk: OID is only encoded messages if an update has happened */
408 if (msg->base.state != MsgStateInit)
409 digestedData.ContentInfo.pszObjId = oid_rsa_data;
410 if (!(msg->base.open_flags & CMSG_DETACHED_FLAG) && msg->data.cbData)
412 ret = CRYPT_AsnEncodeOctets(0, NULL, &msg->data,
413 CRYPT_ENCODE_ALLOC_FLAG, NULL,
414 (LPBYTE)&digestedData.ContentInfo.Content.pbData,
415 &digestedData.ContentInfo.Content.cbData);
417 if (msg->base.state == MsgStateFinalized)
419 size = sizeof(DWORD);
420 ret = CryptGetHashParam(msg->hash, HP_HASHSIZE,
421 (LPBYTE)&digestedData.hash.cbData, &size, 0);
424 digestedData.hash.pbData = CryptMemAlloc(
425 digestedData.hash.cbData);
426 ret = CryptGetHashParam(msg->hash, HP_HASHVAL,
427 digestedData.hash.pbData, &digestedData.hash.cbData, 0);
431 ret = CRYPT_AsnEncodePKCSDigestedData(&digestedData, pvData,
433 CryptMemFree(digestedData.hash.pbData);
434 LocalFree(digestedData.ContentInfo.Content.pbData);
439 static BOOL CHashEncodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
440 DWORD dwIndex, void *pvData, DWORD *pcbData)
442 CHashEncodeMsg *msg = (CHashEncodeMsg *)hCryptMsg;
445 TRACE("(%p, %d, %d, %p, %p)\n", hCryptMsg, dwParamType, dwIndex,
450 case CMSG_BARE_CONTENT_PARAM:
451 if (msg->base.streamed)
452 SetLastError(E_INVALIDARG);
454 ret = CRYPT_EncodePKCSDigestedData(msg, pvData, pcbData);
456 case CMSG_CONTENT_PARAM:
458 CRYPT_CONTENT_INFO info;
460 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0, NULL,
461 &info.Content.cbData);
464 info.Content.pbData = CryptMemAlloc(info.Content.cbData);
465 if (info.Content.pbData)
467 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0,
468 info.Content.pbData, &info.Content.cbData);
471 char oid_rsa_hashed[] = szOID_RSA_hashedData;
473 info.pszObjId = oid_rsa_hashed;
474 ret = CryptEncodeObjectEx(X509_ASN_ENCODING,
475 PKCS_CONTENT_INFO, &info, 0, NULL, pvData, pcbData);
477 CryptMemFree(info.Content.pbData);
484 case CMSG_COMPUTED_HASH_PARAM:
485 ret = CryptGetHashParam(msg->hash, HP_HASHVAL, (BYTE *)pvData, pcbData,
488 case CMSG_VERSION_PARAM:
489 if (msg->base.state != MsgStateFinalized)
490 SetLastError(CRYPT_E_MSG_ERROR);
493 DWORD version = CMSG_HASHED_DATA_PKCS_1_5_VERSION;
495 /* Since the data are always encoded as octets, the version is
496 * always 0 (see rfc3852, section 7)
498 ret = CRYPT_CopyParam(pvData, pcbData, &version, sizeof(version));
502 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
507 static BOOL CHashEncodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
508 DWORD cbData, BOOL fFinal)
510 CHashEncodeMsg *msg = (CHashEncodeMsg *)hCryptMsg;
513 TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
515 if (msg->base.state == MsgStateFinalized)
516 SetLastError(CRYPT_E_MSG_ERROR);
517 else if (msg->base.streamed || (msg->base.open_flags & CMSG_DETACHED_FLAG))
519 /* Doesn't do much, as stream output is never called, and you
520 * can't get the content.
522 ret = CryptHashData(msg->hash, pbData, cbData, 0);
523 msg->base.state = fFinal ? MsgStateFinalized : MsgStateUpdated;
528 SetLastError(CRYPT_E_MSG_ERROR);
531 ret = CryptHashData(msg->hash, pbData, cbData, 0);
534 msg->data.pbData = CryptMemAlloc(cbData);
535 if (msg->data.pbData)
537 memcpy(msg->data.pbData + msg->data.cbData, pbData, cbData);
538 msg->data.cbData += cbData;
543 msg->base.state = MsgStateFinalized;
549 static HCRYPTMSG CHashEncodeMsg_Open(DWORD dwFlags, const void *pvMsgEncodeInfo,
550 LPSTR pszInnerContentObjID, PCMSG_STREAM_INFO pStreamInfo)
553 const CMSG_HASHED_ENCODE_INFO *info =
554 (const CMSG_HASHED_ENCODE_INFO *)pvMsgEncodeInfo;
558 if (info->cbSize != sizeof(CMSG_HASHED_ENCODE_INFO))
560 SetLastError(E_INVALIDARG);
563 if (!(algID = CertOIDToAlgId(info->HashAlgorithm.pszObjId)))
565 SetLastError(CRYPT_E_UNKNOWN_ALGO);
568 if (info->hCryptProv)
569 prov = info->hCryptProv;
572 prov = CRYPT_GetDefaultProvider();
573 dwFlags &= ~CMSG_CRYPT_RELEASE_CONTEXT_FLAG;
575 msg = CryptMemAlloc(sizeof(CHashEncodeMsg));
578 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
579 CHashEncodeMsg_Close, CHashEncodeMsg_GetParam, CHashEncodeMsg_Update,
580 CRYPT_DefaultMsgControl);
582 msg->data.cbData = 0;
583 msg->data.pbData = NULL;
584 if (!CryptCreateHash(prov, algID, 0, 0, &msg->hash))
590 return (HCRYPTMSG)msg;
593 typedef struct _CMSG_SIGNER_ENCODE_INFO_WITH_CMS
596 PCERT_INFO pCertInfo;
597 HCRYPTPROV hCryptProv;
599 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
602 PCRYPT_ATTRIBUTE rgAuthAttr;
604 PCRYPT_ATTRIBUTE rgUnauthAttr;
606 CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
607 void *pvHashEncryptionAuxInfo;
608 } CMSG_SIGNER_ENCODE_INFO_WITH_CMS, *PCMSG_SIGNER_ENCODE_INFO_WITH_CMS;
610 typedef struct _CMSG_SIGNED_ENCODE_INFO_WITH_CMS
614 PCMSG_SIGNER_ENCODE_INFO_WITH_CMS rgSigners;
616 PCERT_BLOB rgCertEncoded;
618 PCRL_BLOB rgCrlEncoded;
619 DWORD cAttrCertEncoded;
620 PCERT_BLOB rgAttrCertEncoded;
621 } CMSG_SIGNED_ENCODE_INFO_WITH_CMS, *PCMSG_SIGNED_ENCODE_INFO_WITH_CMS;
623 static BOOL CRYPT_IsValidSigner(CMSG_SIGNER_ENCODE_INFO_WITH_CMS *signer)
625 if (signer->cbSize != sizeof(CMSG_SIGNER_ENCODE_INFO) &&
626 signer->cbSize != sizeof(CMSG_SIGNER_ENCODE_INFO_WITH_CMS))
628 SetLastError(E_INVALIDARG);
631 if (signer->cbSize == sizeof(CMSG_SIGNER_ENCODE_INFO_WITH_CMS))
633 FIXME("CMSG_SIGNER_ENCODE_INFO with CMS fields unsupported\n");
636 if (!signer->pCertInfo->SerialNumber.cbData)
638 SetLastError(E_INVALIDARG);
641 if (!signer->pCertInfo->Issuer.cbData)
643 SetLastError(E_INVALIDARG);
646 if (!signer->hCryptProv)
648 SetLastError(E_INVALIDARG);
651 if (!CertOIDToAlgId(signer->HashAlgorithm.pszObjId))
653 SetLastError(CRYPT_E_UNKNOWN_ALGO);
659 static BOOL CRYPT_ConstructBlob(CRYPT_DATA_BLOB *out, const CRYPT_DATA_BLOB *in)
663 out->cbData = in->cbData;
666 out->pbData = CryptMemAlloc(out->cbData);
668 memcpy(out->pbData, in->pbData, out->cbData);
677 typedef struct _BlobArray
680 PCRYPT_DATA_BLOB blobs;
683 static BOOL CRYPT_ConstructBlobArray(BlobArray *out, const BlobArray *in)
687 out->cBlobs = in->cBlobs;
690 out->blobs = CryptMemAlloc(out->cBlobs * sizeof(CRYPT_DATA_BLOB));
695 memset(out->blobs, 0, out->cBlobs * sizeof(CRYPT_DATA_BLOB));
696 for (i = 0; ret && i < out->cBlobs; i++)
697 ret = CRYPT_ConstructBlob(&out->blobs[i], &in->blobs[i]);
705 static void CRYPT_FreeBlobArray(BlobArray *array)
709 for (i = 0; i < array->cBlobs; i++)
710 CryptMemFree(array->blobs[i].pbData);
711 CryptMemFree(array->blobs);
714 static BOOL CRYPT_ConstructAttribute(CRYPT_ATTRIBUTE *out,
715 const CRYPT_ATTRIBUTE *in)
719 out->pszObjId = CryptMemAlloc(strlen(in->pszObjId) + 1);
722 strcpy(out->pszObjId, in->pszObjId);
723 ret = CRYPT_ConstructBlobArray((BlobArray *)&out->cValue,
724 (const BlobArray *)&in->cValue);
731 static BOOL CRYPT_ConstructAttributes(CRYPT_ATTRIBUTES *out,
732 const CRYPT_ATTRIBUTES *in)
736 out->cAttr = in->cAttr;
739 out->rgAttr = CryptMemAlloc(out->cAttr * sizeof(CRYPT_ATTRIBUTE));
744 memset(out->rgAttr, 0, out->cAttr * sizeof(CRYPT_ATTRIBUTE));
745 for (i = 0; ret && i < out->cAttr; i++)
746 ret = CRYPT_ConstructAttribute(&out->rgAttr[i], &in->rgAttr[i]);
756 /* Constructs a CMSG_SIGNER_INFO from a CMSG_SIGNER_ENCODE_INFO_WITH_CMS. */
757 static BOOL CSignerInfo_Construct(CMSG_SIGNER_INFO *info,
758 CMSG_SIGNER_ENCODE_INFO_WITH_CMS *in)
762 /* Note: needs to change if CMS fields are supported */
763 info->dwVersion = CMSG_SIGNER_INFO_V1;
764 ret = CRYPT_ConstructBlob(&info->Issuer, &in->pCertInfo->Issuer);
766 ret = CRYPT_ConstructBlob(&info->SerialNumber,
767 &in->pCertInfo->SerialNumber);
768 /* Assumption: algorithm IDs will point to static strings, not
769 * stack-based ones, so copying the pointer values is safe.
771 info->HashAlgorithm.pszObjId = in->HashAlgorithm.pszObjId;
773 ret = CRYPT_ConstructBlob(&info->HashAlgorithm.Parameters,
774 &in->HashAlgorithm.Parameters);
775 memset(&info->HashEncryptionAlgorithm, 0,
776 sizeof(info->HashEncryptionAlgorithm));
778 ret = CRYPT_ConstructAttributes(&info->AuthAttrs,
779 (CRYPT_ATTRIBUTES *)&in->cAuthAttr);
781 ret = CRYPT_ConstructAttributes(&info->UnauthAttrs,
782 (CRYPT_ATTRIBUTES *)&in->cUnauthAttr);
786 static void CSignerInfo_Free(CMSG_SIGNER_INFO *info)
790 CryptMemFree(info->Issuer.pbData);
791 CryptMemFree(info->SerialNumber.pbData);
792 CryptMemFree(info->HashAlgorithm.Parameters.pbData);
793 CryptMemFree(info->EncryptedHash.pbData);
794 for (i = 0; i < info->AuthAttrs.cAttr; i++)
796 for (j = 0; j < info->AuthAttrs.rgAttr[i].cValue; j++)
797 CryptMemFree(info->AuthAttrs.rgAttr[i].rgValue[j].pbData);
798 CryptMemFree(info->AuthAttrs.rgAttr[i].rgValue);
799 CryptMemFree(info->AuthAttrs.rgAttr[i].pszObjId);
801 CryptMemFree(info->AuthAttrs.rgAttr);
802 for (i = 0; i < info->UnauthAttrs.cAttr; i++)
804 for (j = 0; j < info->UnauthAttrs.rgAttr[i].cValue; j++)
805 CryptMemFree(info->UnauthAttrs.rgAttr[i].rgValue[j].pbData);
806 CryptMemFree(info->UnauthAttrs.rgAttr[i].rgValue);
807 CryptMemFree(info->UnauthAttrs.rgAttr[i].pszObjId);
809 CryptMemFree(info->UnauthAttrs.rgAttr);
812 typedef struct _CSignerHandles
814 HCRYPTHASH contentHash;
815 HCRYPTHASH authAttrHash;
818 typedef struct _CSignedMsgData
820 CRYPT_SIGNED_INFO *info;
822 CSignerHandles *signerHandles;
825 /* Constructs the signer handles for the signerIndex'th signer of msg_data.
826 * Assumes signerIndex is a valid idnex, and that msg_data's info has already
829 static BOOL CSignedMsgData_ConstructSignerHandles(CSignedMsgData *msg_data,
830 DWORD signerIndex, HCRYPTPROV crypt_prov)
835 algID = CertOIDToAlgId(
836 msg_data->info->rgSignerInfo[signerIndex].HashAlgorithm.pszObjId);
837 ret = CryptCreateHash(crypt_prov, algID, 0, 0,
838 &msg_data->signerHandles->contentHash);
839 if (ret && msg_data->info->rgSignerInfo[signerIndex].AuthAttrs.cAttr > 0)
840 ret = CryptCreateHash(crypt_prov, algID, 0, 0,
841 &msg_data->signerHandles->authAttrHash);
845 /* Allocates a CSignedMsgData's handles. Assumes its info has already been
848 static BOOL CSignedMsgData_AllocateHandles(CSignedMsgData *msg_data)
852 if (msg_data->info->cSignerInfo)
854 msg_data->signerHandles =
855 CryptMemAlloc(msg_data->info->cSignerInfo * sizeof(CSignerHandles));
856 if (msg_data->signerHandles)
858 msg_data->cSignerHandle = msg_data->info->cSignerInfo;
859 memset(msg_data->signerHandles, 0,
860 msg_data->info->cSignerInfo * sizeof(CSignerHandles));
864 msg_data->cSignerHandle = 0;
870 msg_data->cSignerHandle = 0;
871 msg_data->signerHandles = NULL;
876 static void CSignedMsgData_CloseHandles(CSignedMsgData *msg_data)
880 for (i = 0; i < msg_data->cSignerHandle; i++)
882 if (msg_data->signerHandles[i].contentHash)
883 CryptDestroyHash(msg_data->signerHandles[i].contentHash);
884 if (msg_data->signerHandles[i].authAttrHash)
885 CryptDestroyHash(msg_data->signerHandles[i].authAttrHash);
887 CryptMemFree(msg_data->signerHandles);
888 msg_data->signerHandles = NULL;
889 msg_data->cSignerHandle = 0;
892 static BOOL CSignedMsgData_UpdateHash(CSignedMsgData *msg_data,
893 const BYTE *pbData, DWORD cbData)
898 for (i = 0; ret && i < msg_data->cSignerHandle; i++)
899 ret = CryptHashData(msg_data->signerHandles[i].contentHash, pbData,
904 static BOOL CRYPT_AppendAttribute(CRYPT_ATTRIBUTES *out,
905 const CRYPT_ATTRIBUTE *in)
909 out->rgAttr = CryptMemRealloc(out->rgAttr,
910 (out->cAttr + 1) * sizeof(CRYPT_ATTRIBUTE));
913 ret = CRYPT_ConstructAttribute(&out->rgAttr[out->cAttr], in);
920 static BOOL CSignedMsgData_AppendMessageDigestAttribute(
921 CSignedMsgData *msg_data, DWORD signerIndex)
925 CRYPT_HASH_BLOB hash = { 0, NULL }, encodedHash = { 0, NULL };
926 char messageDigest[] = szOID_RSA_messageDigest;
927 CRYPT_ATTRIBUTE messageDigestAttr = { messageDigest, 1, &encodedHash };
929 size = sizeof(DWORD);
930 ret = CryptGetHashParam(
931 msg_data->signerHandles[signerIndex].contentHash, HP_HASHSIZE,
932 (LPBYTE)&hash.cbData, &size, 0);
935 hash.pbData = CryptMemAlloc(hash.cbData);
936 ret = CryptGetHashParam(
937 msg_data->signerHandles[signerIndex].contentHash, HP_HASHVAL,
938 hash.pbData, &hash.cbData, 0);
941 ret = CRYPT_AsnEncodeOctets(0, NULL, &hash, CRYPT_ENCODE_ALLOC_FLAG,
942 NULL, (LPBYTE)&encodedHash.pbData, &encodedHash.cbData);
945 ret = CRYPT_AppendAttribute(
946 &msg_data->info->rgSignerInfo[signerIndex].AuthAttrs,
948 LocalFree(encodedHash.pbData);
951 CryptMemFree(hash.pbData);
961 static BOOL CSignedMsgData_UpdateAuthenticatedAttributes(
962 CSignedMsgData *msg_data, SignOrVerify flag)
967 TRACE("(%p)\n", msg_data);
969 for (i = 0; ret && i < msg_data->info->cSignerInfo; i++)
971 if (msg_data->info->rgSignerInfo[i].AuthAttrs.cAttr)
975 BYTE oid_rsa_data_encoded[] = { 0x06,0x09,0x2a,0x86,0x48,0x86,
976 0xf7,0x0d,0x01,0x07,0x01 };
977 CRYPT_DATA_BLOB content = { sizeof(oid_rsa_data_encoded),
978 oid_rsa_data_encoded };
979 char contentType[] = szOID_RSA_contentType;
980 CRYPT_ATTRIBUTE contentTypeAttr = { contentType, 1, &content };
982 /* FIXME: does this depend on inner OID? */
983 ret = CRYPT_AppendAttribute(
984 &msg_data->info->rgSignerInfo[i].AuthAttrs, &contentTypeAttr);
986 ret = CSignedMsgData_AppendMessageDigestAttribute(msg_data,
994 ret = CryptEncodeObjectEx(X509_ASN_ENCODING, PKCS_ATTRIBUTES,
995 &msg_data->info->rgSignerInfo[i].AuthAttrs,
996 CRYPT_ENCODE_ALLOC_FLAG, NULL, (LPBYTE)&encodedAttrs, &size);
1000 msg_data->signerHandles[i].authAttrHash, encodedAttrs,
1002 LocalFree(encodedAttrs);
1007 TRACE("returning %d\n", ret);
1011 static void CRYPT_ReverseBytes(CRYPT_HASH_BLOB *hash)
1016 for (i = 0; i < hash->cbData / 2; i++)
1018 tmp = hash->pbData[hash->cbData - i - 1];
1019 hash->pbData[hash->cbData - i - 1] = hash->pbData[i];
1020 hash->pbData[i] = tmp;
1024 static BOOL CSignedMsgData_Sign(CSignedMsgData *msg_data)
1029 TRACE("(%p)\n", msg_data);
1031 for (i = 0; ret && i < msg_data->info->cSignerInfo; i++)
1035 if (msg_data->info->rgSignerInfo[i].AuthAttrs.cAttr)
1036 hash = msg_data->signerHandles[i].authAttrHash;
1038 hash = msg_data->signerHandles[i].contentHash;
1039 ret = CryptSignHashW(hash, AT_SIGNATURE, NULL, 0, NULL,
1040 &msg_data->info->rgSignerInfo[i].EncryptedHash.cbData);
1043 msg_data->info->rgSignerInfo[i].EncryptedHash.pbData =
1045 msg_data->info->rgSignerInfo[i].EncryptedHash.cbData);
1046 if (msg_data->info->rgSignerInfo[i].EncryptedHash.pbData)
1048 ret = CryptSignHashW(hash, AT_SIGNATURE, NULL, 0,
1049 msg_data->info->rgSignerInfo[i].EncryptedHash.pbData,
1050 &msg_data->info->rgSignerInfo[i].EncryptedHash.cbData);
1053 &msg_data->info->rgSignerInfo[i].EncryptedHash);
1062 static BOOL CSignedMsgData_Update(CSignedMsgData *msg_data,
1063 const BYTE *pbData, DWORD cbData, BOOL fFinal, SignOrVerify flag)
1065 BOOL ret = CSignedMsgData_UpdateHash(msg_data, pbData, cbData);
1069 ret = CSignedMsgData_UpdateAuthenticatedAttributes(msg_data, flag);
1070 if (ret && flag == Sign)
1071 ret = CSignedMsgData_Sign(msg_data);
1076 typedef struct _CSignedEncodeMsg
1079 CRYPT_DATA_BLOB data;
1080 CSignedMsgData msg_data;
1083 static void CSignedEncodeMsg_Close(HCRYPTMSG hCryptMsg)
1085 CSignedEncodeMsg *msg = (CSignedEncodeMsg *)hCryptMsg;
1088 CryptMemFree(msg->data.pbData);
1089 CRYPT_FreeBlobArray((BlobArray *)&msg->msg_data.info->cCertEncoded);
1090 CRYPT_FreeBlobArray((BlobArray *)&msg->msg_data.info->cCrlEncoded);
1091 for (i = 0; i < msg->msg_data.info->cSignerInfo; i++)
1092 CSignerInfo_Free(&msg->msg_data.info->rgSignerInfo[i]);
1093 CSignedMsgData_CloseHandles(&msg->msg_data);
1094 CryptMemFree(msg->msg_data.info->rgSignerInfo);
1095 CryptMemFree(msg->msg_data.info);
1098 static BOOL CSignedEncodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
1099 DWORD dwIndex, void *pvData, DWORD *pcbData)
1101 CSignedEncodeMsg *msg = (CSignedEncodeMsg *)hCryptMsg;
1104 switch (dwParamType)
1106 case CMSG_CONTENT_PARAM:
1108 CRYPT_CONTENT_INFO info;
1110 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0, NULL,
1111 &info.Content.cbData);
1114 info.Content.pbData = CryptMemAlloc(info.Content.cbData);
1115 if (info.Content.pbData)
1117 ret = CryptMsgGetParam(hCryptMsg, CMSG_BARE_CONTENT_PARAM, 0,
1118 info.Content.pbData, &info.Content.cbData);
1121 char oid_rsa_signed[] = szOID_RSA_signedData;
1123 info.pszObjId = oid_rsa_signed;
1124 ret = CryptEncodeObjectEx(X509_ASN_ENCODING,
1125 PKCS_CONTENT_INFO, &info, 0, NULL, pvData, pcbData);
1127 CryptMemFree(info.Content.pbData);
1134 case CMSG_BARE_CONTENT_PARAM:
1136 CRYPT_SIGNED_INFO info;
1137 char oid_rsa_data[] = szOID_RSA_data;
1139 info = *msg->msg_data.info;
1140 /* Quirk: OID is only encoded messages if an update has happened */
1141 if (msg->base.state != MsgStateInit)
1142 info.content.pszObjId = oid_rsa_data;
1144 info.content.pszObjId = NULL;
1145 if (msg->data.cbData)
1147 CRYPT_DATA_BLOB blob = { msg->data.cbData, msg->data.pbData };
1149 ret = CryptEncodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
1150 &blob, CRYPT_ENCODE_ALLOC_FLAG, NULL,
1151 &info.content.Content.pbData, &info.content.Content.cbData);
1155 info.content.Content.cbData = 0;
1156 info.content.Content.pbData = NULL;
1161 ret = CRYPT_AsnEncodePKCSSignedInfo(&info, pvData, pcbData);
1162 LocalFree(info.content.Content.pbData);
1166 case CMSG_COMPUTED_HASH_PARAM:
1167 if (dwIndex >= msg->msg_data.cSignerHandle)
1168 SetLastError(CRYPT_E_INVALID_INDEX);
1170 ret = CryptGetHashParam(
1171 msg->msg_data.signerHandles[dwIndex].contentHash, HP_HASHVAL,
1172 pvData, pcbData, 0);
1174 case CMSG_ENCODED_SIGNER:
1175 if (dwIndex >= msg->msg_data.info->cSignerInfo)
1176 SetLastError(CRYPT_E_INVALID_INDEX);
1178 ret = CryptEncodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
1179 PKCS7_SIGNER_INFO, &msg->msg_data.info->rgSignerInfo[dwIndex], 0,
1180 NULL, pvData, pcbData);
1182 case CMSG_VERSION_PARAM:
1183 ret = CRYPT_CopyParam(pvData, pcbData, &msg->msg_data.info->version,
1184 sizeof(msg->msg_data.info->version));
1187 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1192 static BOOL CSignedEncodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
1193 DWORD cbData, BOOL fFinal)
1195 CSignedEncodeMsg *msg = (CSignedEncodeMsg *)hCryptMsg;
1198 if (msg->base.state == MsgStateFinalized)
1199 SetLastError(CRYPT_E_MSG_ERROR);
1200 else if (msg->base.streamed || (msg->base.open_flags & CMSG_DETACHED_FLAG))
1202 ret = CSignedMsgData_Update(&msg->msg_data, pbData, cbData, fFinal,
1204 if (msg->base.streamed)
1205 FIXME("streamed partial stub\n");
1206 msg->base.state = fFinal ? MsgStateFinalized : MsgStateUpdated;
1211 SetLastError(CRYPT_E_MSG_ERROR);
1216 msg->data.pbData = CryptMemAlloc(cbData);
1217 if (msg->data.pbData)
1219 memcpy(msg->data.pbData, pbData, cbData);
1220 msg->data.cbData = cbData;
1227 ret = CSignedMsgData_Update(&msg->msg_data, pbData, cbData,
1229 msg->base.state = MsgStateFinalized;
1235 static HCRYPTMSG CSignedEncodeMsg_Open(DWORD dwFlags,
1236 const void *pvMsgEncodeInfo, LPSTR pszInnerContentObjID,
1237 PCMSG_STREAM_INFO pStreamInfo)
1239 const CMSG_SIGNED_ENCODE_INFO_WITH_CMS *info =
1240 (const CMSG_SIGNED_ENCODE_INFO_WITH_CMS *)pvMsgEncodeInfo;
1242 CSignedEncodeMsg *msg;
1244 if (info->cbSize != sizeof(CMSG_SIGNED_ENCODE_INFO) &&
1245 info->cbSize != sizeof(CMSG_SIGNED_ENCODE_INFO_WITH_CMS))
1247 SetLastError(E_INVALIDARG);
1250 if (info->cbSize == sizeof(CMSG_SIGNED_ENCODE_INFO_WITH_CMS))
1252 FIXME("CMSG_SIGNED_ENCODE_INFO with CMS fields unsupported\n");
1255 for (i = 0; i < info->cSigners; i++)
1256 if (!CRYPT_IsValidSigner(&info->rgSigners[i]))
1258 msg = CryptMemAlloc(sizeof(CSignedEncodeMsg));
1263 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
1264 CSignedEncodeMsg_Close, CSignedEncodeMsg_GetParam,
1265 CSignedEncodeMsg_Update, CRYPT_DefaultMsgControl);
1266 msg->data.cbData = 0;
1267 msg->data.pbData = NULL;
1268 msg->msg_data.info = CryptMemAlloc(sizeof(CRYPT_SIGNED_INFO));
1269 if (msg->msg_data.info)
1271 memset(msg->msg_data.info, 0, sizeof(CRYPT_SIGNED_INFO));
1272 msg->msg_data.info->version = CMSG_SIGNED_DATA_V1;
1280 msg->msg_data.info->rgSignerInfo =
1281 CryptMemAlloc(info->cSigners * sizeof(CMSG_SIGNER_INFO));
1282 if (msg->msg_data.info->rgSignerInfo)
1284 msg->msg_data.info->cSignerInfo = info->cSigners;
1285 memset(msg->msg_data.info->rgSignerInfo, 0,
1286 msg->msg_data.info->cSignerInfo * sizeof(CMSG_SIGNER_INFO));
1287 ret = CSignedMsgData_AllocateHandles(&msg->msg_data);
1288 for (i = 0; ret && i < msg->msg_data.info->cSignerInfo; i++)
1290 ret = CSignerInfo_Construct(
1291 &msg->msg_data.info->rgSignerInfo[i],
1292 &info->rgSigners[i]);
1295 ret = CSignedMsgData_ConstructSignerHandles(
1296 &msg->msg_data, i, info->rgSigners[i].hCryptProv);
1297 if (dwFlags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG)
1298 CryptReleaseContext(info->rgSigners[i].hCryptProv,
1308 msg->msg_data.info->cSignerInfo = 0;
1309 msg->msg_data.signerHandles = NULL;
1310 msg->msg_data.cSignerHandle = 0;
1314 ret = CRYPT_ConstructBlobArray(
1315 (BlobArray *)&msg->msg_data.info->cCertEncoded,
1316 (const BlobArray *)&info->cCertEncoded);
1318 ret = CRYPT_ConstructBlobArray(
1319 (BlobArray *)&msg->msg_data.info->cCrlEncoded,
1320 (const BlobArray *)&info->cCrlEncoded);
1323 CSignedEncodeMsg_Close(msg);
1330 static inline const char *MSG_TYPE_STR(DWORD type)
1334 #define _x(x) case (x): return #x
1338 _x(CMSG_SIGNED_AND_ENVELOPED);
1343 return wine_dbg_sprintf("unknown (%d)", type);
1347 HCRYPTMSG WINAPI CryptMsgOpenToEncode(DWORD dwMsgEncodingType, DWORD dwFlags,
1348 DWORD dwMsgType, const void *pvMsgEncodeInfo, LPSTR pszInnerContentObjID,
1349 PCMSG_STREAM_INFO pStreamInfo)
1351 HCRYPTMSG msg = NULL;
1353 TRACE("(%08x, %08x, %08x, %p, %s, %p)\n", dwMsgEncodingType, dwFlags,
1354 dwMsgType, pvMsgEncodeInfo, debugstr_a(pszInnerContentObjID), pStreamInfo);
1356 if (GET_CMSG_ENCODING_TYPE(dwMsgEncodingType) != PKCS_7_ASN_ENCODING)
1358 SetLastError(E_INVALIDARG);
1364 msg = CDataEncodeMsg_Open(dwFlags, pvMsgEncodeInfo,
1365 pszInnerContentObjID, pStreamInfo);
1368 msg = CHashEncodeMsg_Open(dwFlags, pvMsgEncodeInfo,
1369 pszInnerContentObjID, pStreamInfo);
1372 msg = CSignedEncodeMsg_Open(dwFlags, pvMsgEncodeInfo,
1373 pszInnerContentObjID, pStreamInfo);
1375 case CMSG_ENVELOPED:
1376 FIXME("unimplemented for type %s\n", MSG_TYPE_STR(dwMsgType));
1378 case CMSG_SIGNED_AND_ENVELOPED:
1379 case CMSG_ENCRYPTED:
1380 /* defined but invalid, fall through */
1382 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1387 typedef struct _CDecodeMsg
1391 HCRYPTPROV crypt_prov;
1394 CSignedMsgData signed_data;
1396 CRYPT_DATA_BLOB msg_data;
1397 PCONTEXT_PROPERTY_LIST properties;
1400 static void CDecodeMsg_Close(HCRYPTMSG hCryptMsg)
1402 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
1404 if (msg->base.open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG)
1405 CryptReleaseContext(msg->crypt_prov, 0);
1410 CryptDestroyHash(msg->u.hash);
1413 if (msg->u.signed_data.info)
1415 LocalFree(msg->u.signed_data.info);
1416 CSignedMsgData_CloseHandles(&msg->u.signed_data);
1420 CryptMemFree(msg->msg_data.pbData);
1421 ContextPropertyList_Free(msg->properties);
1424 static BOOL CDecodeMsg_CopyData(CDecodeMsg *msg, const BYTE *pbData,
1431 if (msg->msg_data.cbData)
1432 msg->msg_data.pbData = CryptMemRealloc(msg->msg_data.pbData,
1433 msg->msg_data.cbData + cbData);
1435 msg->msg_data.pbData = CryptMemAlloc(cbData);
1436 if (msg->msg_data.pbData)
1438 memcpy(msg->msg_data.pbData + msg->msg_data.cbData, pbData, cbData);
1439 msg->msg_data.cbData += cbData;
1447 static BOOL CDecodeMsg_DecodeDataContent(CDecodeMsg *msg, CRYPT_DER_BLOB *blob)
1450 CRYPT_DATA_BLOB *data;
1453 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
1454 blob->pbData, blob->cbData, CRYPT_DECODE_ALLOC_FLAG, NULL, (LPBYTE)&data,
1458 ret = ContextPropertyList_SetProperty(msg->properties,
1459 CMSG_CONTENT_PARAM, data->pbData, data->cbData);
1465 static void CDecodeMsg_SaveAlgorithmID(CDecodeMsg *msg, DWORD param,
1466 const CRYPT_ALGORITHM_IDENTIFIER *id)
1468 static const BYTE nullParams[] = { ASN_NULL, 0 };
1469 CRYPT_ALGORITHM_IDENTIFIER *copy;
1470 DWORD len = sizeof(CRYPT_ALGORITHM_IDENTIFIER);
1472 /* Linearize algorithm id */
1473 len += strlen(id->pszObjId) + 1;
1474 len += id->Parameters.cbData;
1475 copy = CryptMemAlloc(len);
1479 (LPSTR)((BYTE *)copy + sizeof(CRYPT_ALGORITHM_IDENTIFIER));
1480 strcpy(copy->pszObjId, id->pszObjId);
1481 copy->Parameters.pbData = (BYTE *)copy->pszObjId + strlen(id->pszObjId)
1483 /* Trick: omit NULL parameters */
1484 if (id->Parameters.cbData == sizeof(nullParams) &&
1485 !memcmp(id->Parameters.pbData, nullParams, sizeof(nullParams)))
1487 copy->Parameters.cbData = 0;
1488 len -= sizeof(nullParams);
1491 copy->Parameters.cbData = id->Parameters.cbData;
1492 if (copy->Parameters.cbData)
1493 memcpy(copy->Parameters.pbData, id->Parameters.pbData,
1494 id->Parameters.cbData);
1495 ContextPropertyList_SetProperty(msg->properties, param, (BYTE *)copy,
1501 static inline void CRYPT_FixUpAlgorithmID(CRYPT_ALGORITHM_IDENTIFIER *id)
1503 id->pszObjId = (LPSTR)((BYTE *)id + sizeof(CRYPT_ALGORITHM_IDENTIFIER));
1504 id->Parameters.pbData = (BYTE *)id->pszObjId + strlen(id->pszObjId) + 1;
1507 static BOOL CDecodeMsg_DecodeHashedContent(CDecodeMsg *msg,
1508 CRYPT_DER_BLOB *blob)
1511 CRYPT_DIGESTED_DATA *digestedData;
1514 ret = CRYPT_AsnDecodePKCSDigestedData(blob->pbData, blob->cbData,
1515 CRYPT_DECODE_ALLOC_FLAG, NULL, (CRYPT_DIGESTED_DATA *)&digestedData,
1519 ContextPropertyList_SetProperty(msg->properties, CMSG_VERSION_PARAM,
1520 (const BYTE *)&digestedData->version, sizeof(digestedData->version));
1521 CDecodeMsg_SaveAlgorithmID(msg, CMSG_HASH_ALGORITHM_PARAM,
1522 &digestedData->DigestAlgorithm);
1523 ContextPropertyList_SetProperty(msg->properties,
1524 CMSG_INNER_CONTENT_TYPE_PARAM,
1525 (const BYTE *)digestedData->ContentInfo.pszObjId,
1526 digestedData->ContentInfo.pszObjId ?
1527 strlen(digestedData->ContentInfo.pszObjId) + 1 : 0);
1528 if (digestedData->ContentInfo.Content.cbData)
1529 CDecodeMsg_DecodeDataContent(msg,
1530 &digestedData->ContentInfo.Content);
1532 ContextPropertyList_SetProperty(msg->properties,
1533 CMSG_CONTENT_PARAM, NULL, 0);
1534 ContextPropertyList_SetProperty(msg->properties, CMSG_HASH_DATA_PARAM,
1535 digestedData->hash.pbData, digestedData->hash.cbData);
1536 LocalFree(digestedData);
1541 static BOOL CDecodeMsg_DecodeSignedContent(CDecodeMsg *msg,
1542 CRYPT_DER_BLOB *blob)
1545 CRYPT_SIGNED_INFO *signedInfo;
1548 ret = CRYPT_AsnDecodePKCSSignedInfo(blob->pbData, blob->cbData,
1549 CRYPT_DECODE_ALLOC_FLAG, NULL, (CRYPT_SIGNED_INFO *)&signedInfo,
1555 msg->u.signed_data.info = signedInfo;
1556 ret = CSignedMsgData_AllocateHandles(&msg->u.signed_data);
1557 for (i = 0; ret && i < msg->u.signed_data.info->cSignerInfo; i++)
1558 ret = CSignedMsgData_ConstructSignerHandles(&msg->u.signed_data, i,
1562 /* Now that we have all the content, update the hash handles with
1563 * it. Have to decode it if the type is szOID_RSA_data.
1565 if (msg->u.signed_data.info->content.Content.cbData)
1567 if (!strcmp(msg->u.signed_data.info->content.pszObjId,
1570 CRYPT_DATA_BLOB *blob;
1572 ret = CryptDecodeObjectEx(X509_ASN_ENCODING,
1574 msg->u.signed_data.info->content.Content.pbData,
1575 msg->u.signed_data.info->content.Content.cbData,
1576 CRYPT_DECODE_ALLOC_FLAG, NULL, (LPBYTE)&blob, &size);
1579 ret = CSignedMsgData_Update(&msg->u.signed_data,
1580 blob->pbData, blob->cbData, TRUE, Verify);
1585 ret = CSignedMsgData_Update(&msg->u.signed_data,
1586 msg->u.signed_data.info->content.Content.pbData,
1587 msg->u.signed_data.info->content.Content.cbData, TRUE,
1594 /* Decodes the content in blob as the type given, and updates the value
1595 * (type, parameters, etc.) of msg based on what blob contains.
1596 * It doesn't just use msg's type, to allow a recursive call from an implicitly
1597 * typed message once the outer content info has been decoded.
1599 static BOOL CDecodeMsg_DecodeContent(CDecodeMsg *msg, CRYPT_DER_BLOB *blob,
1607 if ((ret = CDecodeMsg_DecodeDataContent(msg, blob)))
1608 msg->type = CMSG_DATA;
1611 if ((ret = CDecodeMsg_DecodeHashedContent(msg, blob)))
1612 msg->type = CMSG_HASHED;
1614 case CMSG_ENVELOPED:
1615 FIXME("unimplemented for type %s\n", MSG_TYPE_STR(type));
1619 if ((ret = CDecodeMsg_DecodeSignedContent(msg, blob)))
1620 msg->type = CMSG_SIGNED;
1624 CRYPT_CONTENT_INFO *info;
1627 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_CONTENT_INFO,
1628 msg->msg_data.pbData, msg->msg_data.cbData, CRYPT_DECODE_ALLOC_FLAG,
1629 NULL, (LPBYTE)&info, &size);
1632 if (!strcmp(info->pszObjId, szOID_RSA_data))
1633 ret = CDecodeMsg_DecodeContent(msg, &info->Content, CMSG_DATA);
1634 else if (!strcmp(info->pszObjId, szOID_RSA_digestedData))
1635 ret = CDecodeMsg_DecodeContent(msg, &info->Content,
1637 else if (!strcmp(info->pszObjId, szOID_RSA_envelopedData))
1638 ret = CDecodeMsg_DecodeContent(msg, &info->Content,
1640 else if (!strcmp(info->pszObjId, szOID_RSA_signedData))
1641 ret = CDecodeMsg_DecodeContent(msg, &info->Content,
1645 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1655 static BOOL CDecodeMsg_Update(HCRYPTMSG hCryptMsg, const BYTE *pbData,
1656 DWORD cbData, BOOL fFinal)
1658 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
1661 TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
1663 if (msg->base.state == MsgStateFinalized)
1664 SetLastError(CRYPT_E_MSG_ERROR);
1665 else if (msg->base.streamed)
1667 FIXME("(%p, %p, %d, %d): streamed update stub\n", hCryptMsg, pbData,
1671 if (msg->base.open_flags & CMSG_DETACHED_FLAG &&
1672 msg->base.state != MsgStateDataFinalized)
1674 ret = CDecodeMsg_CopyData(msg, pbData, cbData);
1675 msg->base.state = MsgStateDataFinalized;
1677 ret = CDecodeMsg_DecodeContent(msg, &msg->msg_data,
1682 FIXME("(%p, %p, %d, %d): detached update stub\n", hCryptMsg,
1683 pbData, cbData, fFinal);
1685 msg->base.state = MsgStateFinalized;
1690 ret = CDecodeMsg_CopyData(msg, pbData, cbData);
1691 if (msg->base.state == MsgStateInit)
1692 msg->base.state = MsgStateUpdated;
1698 SetLastError(CRYPT_E_MSG_ERROR);
1701 if (msg->base.state == MsgStateInit)
1703 ret = CDecodeMsg_CopyData(msg, pbData, cbData);
1705 ret = CDecodeMsg_DecodeContent(msg, &msg->msg_data,
1707 if (msg->base.open_flags & CMSG_DETACHED_FLAG)
1708 msg->base.state = MsgStateDataFinalized;
1710 msg->base.state = MsgStateFinalized;
1712 else if (msg->base.state == MsgStateDataFinalized)
1714 FIXME("(%p, %p, %d, %d): detached update stub\n", hCryptMsg,
1715 pbData, cbData, fFinal);
1717 msg->base.state = MsgStateFinalized;
1724 static BOOL CDecodeHashMsg_GetParam(CDecodeMsg *msg, DWORD dwParamType,
1725 DWORD dwIndex, void *pvData, DWORD *pcbData)
1729 switch (dwParamType)
1731 case CMSG_TYPE_PARAM:
1732 ret = CRYPT_CopyParam(pvData, pcbData, &msg->type, sizeof(msg->type));
1734 case CMSG_HASH_ALGORITHM_PARAM:
1736 CRYPT_DATA_BLOB blob;
1738 ret = ContextPropertyList_FindProperty(msg->properties, dwParamType,
1742 ret = CRYPT_CopyParam(pvData, pcbData, blob.pbData, blob.cbData);
1744 CRYPT_FixUpAlgorithmID((CRYPT_ALGORITHM_IDENTIFIER *)pvData);
1747 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1750 case CMSG_COMPUTED_HASH_PARAM:
1753 CRYPT_ALGORITHM_IDENTIFIER *hashAlgoID = NULL;
1757 CryptMsgGetParam(msg, CMSG_HASH_ALGORITHM_PARAM, 0, NULL, &size);
1758 hashAlgoID = CryptMemAlloc(size);
1759 ret = CryptMsgGetParam(msg, CMSG_HASH_ALGORITHM_PARAM, 0,
1762 algID = CertOIDToAlgId(hashAlgoID->pszObjId);
1763 ret = CryptCreateHash(msg->crypt_prov, algID, 0, 0, &msg->u.hash);
1766 CRYPT_DATA_BLOB content;
1768 ret = ContextPropertyList_FindProperty(msg->properties,
1769 CMSG_CONTENT_PARAM, &content);
1771 ret = CryptHashData(msg->u.hash, content.pbData,
1774 CryptMemFree(hashAlgoID);
1779 ret = CryptGetHashParam(msg->u.hash, HP_HASHVAL, pvData, pcbData,
1784 CRYPT_DATA_BLOB blob;
1786 ret = ContextPropertyList_FindProperty(msg->properties, dwParamType,
1789 ret = CRYPT_CopyParam(pvData, pcbData, blob.pbData, blob.cbData);
1791 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
1797 /* nextData is an in/out parameter - on input it's the memory location in
1798 * which a copy of in's data should be made, and on output it's the memory
1799 * location immediately after out's copy of in's data.
1801 static inline void CRYPT_CopyBlob(CRYPT_DATA_BLOB *out,
1802 const CRYPT_DATA_BLOB *in, LPBYTE *nextData)
1804 out->cbData = in->cbData;
1807 out->pbData = *nextData;
1808 memcpy(out->pbData, in->pbData, in->cbData);
1809 *nextData += in->cbData;
1813 static inline void CRYPT_CopyAlgorithmId(CRYPT_ALGORITHM_IDENTIFIER *out,
1814 const CRYPT_ALGORITHM_IDENTIFIER *in, LPBYTE *nextData)
1818 out->pszObjId = (LPSTR)*nextData;
1819 strcpy(out->pszObjId, in->pszObjId);
1820 *nextData += strlen(out->pszObjId) + 1;
1822 CRYPT_CopyBlob(&out->Parameters, &in->Parameters, nextData);
1825 static inline void CRYPT_CopyAttributes(CRYPT_ATTRIBUTES *out,
1826 const CRYPT_ATTRIBUTES *in, LPBYTE *nextData)
1828 out->cAttr = in->cAttr;
1833 if ((*nextData - (LPBYTE)0) % sizeof(DWORD_PTR))
1834 *nextData += (*nextData - (LPBYTE)0) % sizeof(DWORD_PTR);
1835 out->rgAttr = (CRYPT_ATTRIBUTE *)*nextData;
1836 *nextData += in->cAttr * sizeof(CRYPT_ATTRIBUTE);
1837 for (i = 0; i < in->cAttr; i++)
1839 if (in->rgAttr[i].pszObjId)
1841 out->rgAttr[i].pszObjId = (LPSTR)*nextData;
1842 strcpy(out->rgAttr[i].pszObjId, in->rgAttr[i].pszObjId);
1843 *nextData += strlen(in->rgAttr[i].pszObjId) + 1;
1845 if (in->rgAttr[i].cValue)
1849 out->rgAttr[i].cValue = in->rgAttr[i].cValue;
1850 if ((*nextData - (LPBYTE)0) % sizeof(DWORD_PTR))
1851 *nextData += (*nextData - (LPBYTE)0) % sizeof(DWORD_PTR);
1852 out->rgAttr[i].rgValue = (PCRYPT_DATA_BLOB)*nextData;
1853 *nextData += in->rgAttr[i].cValue * sizeof(CRYPT_DATA_BLOB);
1854 for (j = 0; j < in->rgAttr[i].cValue; j++)
1855 CRYPT_CopyBlob(&out->rgAttr[i].rgValue[j],
1856 &in->rgAttr[i].rgValue[j], nextData);
1862 static DWORD CRYPT_SizeOfAttributes(const CRYPT_ATTRIBUTES *attr)
1864 DWORD size = attr->cAttr * sizeof(CRYPT_ATTRIBUTE), i, j;
1866 for (i = 0; i < attr->cAttr; i++)
1868 if (attr->rgAttr[i].pszObjId)
1869 size += strlen(attr->rgAttr[i].pszObjId) + 1;
1871 if (size % sizeof(DWORD_PTR))
1872 size += size % sizeof(DWORD_PTR);
1873 size += attr->rgAttr[i].cValue * sizeof(CRYPT_DATA_BLOB);
1874 for (j = 0; j < attr->rgAttr[i].cValue; j++)
1875 size += attr->rgAttr[i].rgValue[j].cbData;
1877 /* align pointer again to be conservative */
1878 if (size % sizeof(DWORD_PTR))
1879 size += size % sizeof(DWORD_PTR);
1883 static BOOL CRYPT_CopySignerInfo(void *pvData, DWORD *pcbData,
1884 const CMSG_SIGNER_INFO *in)
1886 DWORD size = sizeof(CMSG_SIGNER_INFO);
1889 TRACE("(%p, %d, %p)\n", pvData, pvData ? *pcbData : 0, in);
1891 size += in->Issuer.cbData;
1892 size += in->SerialNumber.cbData;
1893 if (in->HashAlgorithm.pszObjId)
1894 size += strlen(in->HashAlgorithm.pszObjId) + 1;
1895 size += in->HashAlgorithm.Parameters.cbData;
1896 if (in->HashEncryptionAlgorithm.pszObjId)
1897 size += strlen(in->HashEncryptionAlgorithm.pszObjId) + 1;
1898 size += in->HashEncryptionAlgorithm.Parameters.cbData;
1899 size += in->EncryptedHash.cbData;
1901 if (size % sizeof(DWORD_PTR))
1902 size += size % sizeof(DWORD_PTR);
1903 size += CRYPT_SizeOfAttributes(&in->AuthAttrs);
1904 size += CRYPT_SizeOfAttributes(&in->UnauthAttrs);
1910 else if (*pcbData < size)
1913 SetLastError(ERROR_MORE_DATA);
1918 LPBYTE nextData = (BYTE *)pvData + sizeof(CMSG_SIGNER_INFO);
1919 CMSG_SIGNER_INFO *out = (CMSG_SIGNER_INFO *)pvData;
1921 out->dwVersion = in->dwVersion;
1922 CRYPT_CopyBlob(&out->Issuer, &in->Issuer, &nextData);
1923 CRYPT_CopyBlob(&out->SerialNumber, &in->SerialNumber, &nextData);
1924 CRYPT_CopyAlgorithmId(&out->HashAlgorithm, &in->HashAlgorithm,
1926 CRYPT_CopyAlgorithmId(&out->HashEncryptionAlgorithm,
1927 &in->HashEncryptionAlgorithm, &nextData);
1928 CRYPT_CopyBlob(&out->EncryptedHash, &in->EncryptedHash, &nextData);
1930 if ((nextData - (LPBYTE)0) % sizeof(DWORD_PTR))
1931 nextData += (nextData - (LPBYTE)0) % sizeof(DWORD_PTR);
1932 CRYPT_CopyAttributes(&out->AuthAttrs, &in->AuthAttrs, &nextData);
1933 CRYPT_CopyAttributes(&out->UnauthAttrs, &in->UnauthAttrs, &nextData);
1936 TRACE("returning %d\n", ret);
1940 static BOOL CRYPT_CopySignerCertInfo(void *pvData, DWORD *pcbData,
1941 const CMSG_SIGNER_INFO *in)
1943 DWORD size = sizeof(CERT_INFO);
1946 TRACE("(%p, %d, %p)\n", pvData, pvData ? *pcbData : 0, in);
1948 size += in->Issuer.cbData;
1949 size += in->SerialNumber.cbData;
1955 else if (*pcbData < size)
1958 SetLastError(ERROR_MORE_DATA);
1963 LPBYTE nextData = (BYTE *)pvData + sizeof(CERT_INFO);
1964 CERT_INFO *out = (CERT_INFO *)pvData;
1966 memset(out, 0, sizeof(CERT_INFO));
1967 CRYPT_CopyBlob(&out->Issuer, &in->Issuer, &nextData);
1968 CRYPT_CopyBlob(&out->SerialNumber, &in->SerialNumber, &nextData);
1971 TRACE("returning %d\n", ret);
1975 static BOOL CDecodeSignedMsg_GetParam(CDecodeMsg *msg, DWORD dwParamType,
1976 DWORD dwIndex, void *pvData, DWORD *pcbData)
1980 switch (dwParamType)
1982 case CMSG_TYPE_PARAM:
1983 ret = CRYPT_CopyParam(pvData, pcbData, &msg->type, sizeof(msg->type));
1985 case CMSG_CONTENT_PARAM:
1986 if (msg->u.signed_data.info)
1988 if (!strcmp(msg->u.signed_data.info->content.pszObjId,
1991 CRYPT_DATA_BLOB *blob;
1994 ret = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_OCTET_STRING,
1995 msg->u.signed_data.info->content.Content.pbData,
1996 msg->u.signed_data.info->content.Content.cbData,
1997 CRYPT_DECODE_ALLOC_FLAG, NULL, (LPBYTE)&blob, &size);
2000 ret = CRYPT_CopyParam(pvData, pcbData, blob->pbData,
2006 ret = CRYPT_CopyParam(pvData, pcbData,
2007 msg->u.signed_data.info->content.Content.pbData,
2008 msg->u.signed_data.info->content.Content.cbData);
2011 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2013 case CMSG_INNER_CONTENT_TYPE_PARAM:
2014 if (msg->u.signed_data.info)
2015 ret = CRYPT_CopyParam(pvData, pcbData,
2016 msg->u.signed_data.info->content.pszObjId,
2017 strlen(msg->u.signed_data.info->content.pszObjId) + 1);
2019 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2021 case CMSG_SIGNER_COUNT_PARAM:
2022 if (msg->u.signed_data.info)
2023 ret = CRYPT_CopyParam(pvData, pcbData,
2024 &msg->u.signed_data.info->cSignerInfo, sizeof(DWORD));
2026 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2028 case CMSG_SIGNER_INFO_PARAM:
2029 if (msg->u.signed_data.info)
2031 if (dwIndex >= msg->u.signed_data.info->cSignerInfo)
2032 SetLastError(CRYPT_E_INVALID_INDEX);
2034 ret = CRYPT_CopySignerInfo(pvData, pcbData,
2035 &msg->u.signed_data.info->rgSignerInfo[dwIndex]);
2038 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2040 case CMSG_SIGNER_CERT_INFO_PARAM:
2041 if (msg->u.signed_data.info)
2043 if (dwIndex >= msg->u.signed_data.info->cSignerInfo)
2044 SetLastError(CRYPT_E_INVALID_INDEX);
2046 ret = CRYPT_CopySignerCertInfo(pvData, pcbData,
2047 &msg->u.signed_data.info->rgSignerInfo[dwIndex]);
2050 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2052 case CMSG_CERT_COUNT_PARAM:
2053 if (msg->u.signed_data.info)
2054 ret = CRYPT_CopyParam(pvData, pcbData,
2055 &msg->u.signed_data.info->cCertEncoded, sizeof(DWORD));
2057 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2059 case CMSG_CERT_PARAM:
2060 if (msg->u.signed_data.info)
2062 if (dwIndex >= msg->u.signed_data.info->cCertEncoded)
2063 SetLastError(CRYPT_E_INVALID_INDEX);
2065 ret = CRYPT_CopyParam(pvData, pcbData,
2066 msg->u.signed_data.info->rgCertEncoded[dwIndex].pbData,
2067 msg->u.signed_data.info->rgCertEncoded[dwIndex].cbData);
2070 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2072 case CMSG_CRL_COUNT_PARAM:
2073 if (msg->u.signed_data.info)
2074 ret = CRYPT_CopyParam(pvData, pcbData,
2075 &msg->u.signed_data.info->cCrlEncoded, sizeof(DWORD));
2077 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2079 case CMSG_CRL_PARAM:
2080 if (msg->u.signed_data.info)
2082 if (dwIndex >= msg->u.signed_data.info->cCrlEncoded)
2083 SetLastError(CRYPT_E_INVALID_INDEX);
2085 ret = CRYPT_CopyParam(pvData, pcbData,
2086 msg->u.signed_data.info->rgCrlEncoded[dwIndex].pbData,
2087 msg->u.signed_data.info->rgCrlEncoded[dwIndex].cbData);
2090 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2092 case CMSG_COMPUTED_HASH_PARAM:
2093 if (msg->u.signed_data.info)
2095 if (dwIndex >= msg->u.signed_data.cSignerHandle)
2096 SetLastError(CRYPT_E_INVALID_INDEX);
2098 ret = CryptGetHashParam(
2099 msg->u.signed_data.signerHandles[dwIndex].contentHash,
2100 HP_HASHVAL, pvData, pcbData, 0);
2103 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2105 case CMSG_ATTR_CERT_COUNT_PARAM:
2106 if (msg->u.signed_data.info)
2108 DWORD attrCertCount = 0;
2110 ret = CRYPT_CopyParam(pvData, pcbData,
2111 &attrCertCount, sizeof(DWORD));
2114 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2116 case CMSG_ATTR_CERT_PARAM:
2117 if (msg->u.signed_data.info)
2118 SetLastError(CRYPT_E_INVALID_INDEX);
2120 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2123 FIXME("unimplemented for %d\n", dwParamType);
2124 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2129 static BOOL CDecodeMsg_GetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
2130 DWORD dwIndex, void *pvData, DWORD *pcbData)
2132 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
2138 ret = CDecodeHashMsg_GetParam(msg, dwParamType, dwIndex, pvData,
2142 ret = CDecodeSignedMsg_GetParam(msg, dwParamType, dwIndex, pvData,
2146 switch (dwParamType)
2148 case CMSG_TYPE_PARAM:
2149 ret = CRYPT_CopyParam(pvData, pcbData, &msg->type,
2154 CRYPT_DATA_BLOB blob;
2156 ret = ContextPropertyList_FindProperty(msg->properties, dwParamType,
2159 ret = CRYPT_CopyParam(pvData, pcbData, blob.pbData,
2162 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2169 static BOOL CDecodeHashMsg_VerifyHash(CDecodeMsg *msg)
2172 CRYPT_DATA_BLOB hashBlob;
2174 ret = ContextPropertyList_FindProperty(msg->properties,
2175 CMSG_HASH_DATA_PARAM, &hashBlob);
2178 DWORD computedHashSize = 0;
2180 ret = CDecodeHashMsg_GetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0, NULL,
2182 if (hashBlob.cbData == computedHashSize)
2184 LPBYTE computedHash = CryptMemAlloc(computedHashSize);
2188 ret = CDecodeHashMsg_GetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0,
2189 computedHash, &computedHashSize);
2191 ret = !memcmp(hashBlob.pbData, computedHash,
2193 CryptMemFree(computedHash);
2202 static BOOL CDecodeSignedMsg_VerifySignatureWithKey(CDecodeMsg *msg,
2203 HCRYPTPROV prov, DWORD signerIndex, PCERT_PUBLIC_KEY_INFO keyInfo)
2209 prov = msg->crypt_prov;
2210 ret = CryptImportPublicKeyInfo(prov, X509_ASN_ENCODING, keyInfo, &key);
2214 CRYPT_HASH_BLOB reversedHash;
2216 if (msg->u.signed_data.info->rgSignerInfo[signerIndex].AuthAttrs.cAttr)
2217 hash = msg->u.signed_data.signerHandles[signerIndex].authAttrHash;
2219 hash = msg->u.signed_data.signerHandles[signerIndex].contentHash;
2220 ret = CRYPT_ConstructBlob(&reversedHash,
2221 &msg->u.signed_data.info->rgSignerInfo[signerIndex].EncryptedHash);
2224 CRYPT_ReverseBytes(&reversedHash);
2225 ret = CryptVerifySignatureW(hash, reversedHash.pbData,
2226 reversedHash.cbData, key, NULL, 0);
2227 CryptMemFree(reversedHash.pbData);
2229 CryptDestroyKey(key);
2234 static BOOL CDecodeSignedMsg_VerifySignature(CDecodeMsg *msg, PCERT_INFO info)
2239 for (i = 0; !ret && i < msg->u.signed_data.info->cSignerInfo; i++)
2241 ret = CertCompareCertificateName(X509_ASN_ENCODING,
2242 &msg->u.signed_data.info->rgSignerInfo[i].Issuer, &info->Issuer);
2245 ret = CertCompareIntegerBlob(
2246 &msg->u.signed_data.info->rgSignerInfo[i].SerialNumber,
2247 &info->SerialNumber);
2253 ret = CDecodeSignedMsg_VerifySignatureWithKey(msg, 0, i,
2254 &info->SubjectPublicKeyInfo);
2256 SetLastError(CRYPT_E_SIGNER_NOT_FOUND);
2261 static BOOL CDecodeSignedMsg_VerifySignatureEx(CDecodeMsg *msg,
2262 PCMSG_CTRL_VERIFY_SIGNATURE_EX_PARA para)
2266 if (para->cbSize != sizeof(CMSG_CTRL_VERIFY_SIGNATURE_EX_PARA))
2267 SetLastError(ERROR_INVALID_PARAMETER);
2268 else if (para->dwSignerIndex >= msg->u.signed_data.info->cSignerInfo)
2269 SetLastError(CRYPT_E_SIGNER_NOT_FOUND);
2272 switch (para->dwSignerType)
2274 case CMSG_VERIFY_SIGNER_PUBKEY:
2275 ret = CDecodeSignedMsg_VerifySignatureWithKey(msg,
2276 para->hCryptProv, para->dwSignerIndex,
2277 (PCERT_PUBLIC_KEY_INFO)para->pvSigner);
2279 case CMSG_VERIFY_SIGNER_CERT:
2281 PCCERT_CONTEXT cert = (PCCERT_CONTEXT)para->pvSigner;
2283 ret = CDecodeSignedMsg_VerifySignatureWithKey(msg, para->hCryptProv,
2284 para->dwSignerIndex, &cert->pCertInfo->SubjectPublicKeyInfo);
2288 FIXME("unimplemented for signer type %d\n", para->dwSignerType);
2289 SetLastError(CRYPT_E_SIGNER_NOT_FOUND);
2295 static BOOL CDecodeMsg_Control(HCRYPTMSG hCryptMsg, DWORD dwFlags,
2296 DWORD dwCtrlType, const void *pvCtrlPara)
2298 CDecodeMsg *msg = (CDecodeMsg *)hCryptMsg;
2303 case CMSG_CTRL_VERIFY_SIGNATURE:
2307 ret = CDecodeSignedMsg_VerifySignature(msg, (PCERT_INFO)pvCtrlPara);
2310 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2313 case CMSG_CTRL_DECRYPT:
2317 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2320 case CMSG_CTRL_VERIFY_HASH:
2324 ret = CDecodeHashMsg_VerifyHash(msg);
2327 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2330 case CMSG_CTRL_VERIFY_SIGNATURE_EX:
2334 ret = CDecodeSignedMsg_VerifySignatureEx(msg,
2335 (PCMSG_CTRL_VERIFY_SIGNATURE_EX_PARA)pvCtrlPara);
2338 SetLastError(CRYPT_E_INVALID_MSG_TYPE);
2342 SetLastError(CRYPT_E_CONTROL_TYPE);
2347 HCRYPTMSG WINAPI CryptMsgOpenToDecode(DWORD dwMsgEncodingType, DWORD dwFlags,
2348 DWORD dwMsgType, HCRYPTPROV_LEGACY hCryptProv, PCERT_INFO pRecipientInfo,
2349 PCMSG_STREAM_INFO pStreamInfo)
2353 TRACE("(%08x, %08x, %08x, %08lx, %p, %p)\n", dwMsgEncodingType,
2354 dwFlags, dwMsgType, hCryptProv, pRecipientInfo, pStreamInfo);
2356 if (GET_CMSG_ENCODING_TYPE(dwMsgEncodingType) != PKCS_7_ASN_ENCODING)
2358 SetLastError(E_INVALIDARG);
2361 msg = CryptMemAlloc(sizeof(CDecodeMsg));
2364 CryptMsgBase_Init((CryptMsgBase *)msg, dwFlags, pStreamInfo,
2365 CDecodeMsg_Close, CDecodeMsg_GetParam, CDecodeMsg_Update,
2366 CDecodeMsg_Control);
2367 msg->type = dwMsgType;
2369 msg->crypt_prov = hCryptProv;
2372 msg->crypt_prov = CRYPT_GetDefaultProvider();
2373 msg->base.open_flags &= ~CMSG_CRYPT_RELEASE_CONTEXT_FLAG;
2375 memset(&msg->u, 0, sizeof(msg->u));
2376 msg->msg_data.cbData = 0;
2377 msg->msg_data.pbData = NULL;
2378 msg->properties = ContextPropertyList_Create();
2383 HCRYPTMSG WINAPI CryptMsgDuplicate(HCRYPTMSG hCryptMsg)
2385 TRACE("(%p)\n", hCryptMsg);
2389 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2391 InterlockedIncrement(&msg->ref);
2396 BOOL WINAPI CryptMsgClose(HCRYPTMSG hCryptMsg)
2398 TRACE("(%p)\n", hCryptMsg);
2402 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2404 if (InterlockedDecrement(&msg->ref) == 0)
2406 TRACE("freeing %p\n", msg);
2415 BOOL WINAPI CryptMsgUpdate(HCRYPTMSG hCryptMsg, const BYTE *pbData,
2416 DWORD cbData, BOOL fFinal)
2418 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2420 TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
2422 return msg->update(hCryptMsg, pbData, cbData, fFinal);
2425 BOOL WINAPI CryptMsgGetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
2426 DWORD dwIndex, void *pvData, DWORD *pcbData)
2428 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2430 TRACE("(%p, %d, %d, %p, %p)\n", hCryptMsg, dwParamType, dwIndex,
2432 return msg->get_param(hCryptMsg, dwParamType, dwIndex, pvData, pcbData);
2435 BOOL WINAPI CryptMsgControl(HCRYPTMSG hCryptMsg, DWORD dwFlags,
2436 DWORD dwCtrlType, const void *pvCtrlPara)
2438 CryptMsgBase *msg = (CryptMsgBase *)hCryptMsg;
2440 TRACE("(%p, %08x, %d, %p)\n", hCryptMsg, dwFlags, dwCtrlType,
2442 return msg->control(hCryptMsg, dwFlags, dwCtrlType, pvCtrlPara);
2445 HCERTSTORE WINAPI CryptGetMessageCertificates(DWORD dwMsgAndCertEncodingType,
2446 HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const BYTE* pbSignedBlob,
2449 CRYPT_DATA_BLOB blob = { cbSignedBlob, (LPBYTE)pbSignedBlob };
2451 TRACE("(%08x, %ld, %d08x %p, %d)\n", dwMsgAndCertEncodingType, hCryptProv,
2452 dwFlags, pbSignedBlob, cbSignedBlob);
2454 return CertOpenStore(CERT_STORE_PROV_PKCS7, dwMsgAndCertEncodingType,
2455 hCryptProv, dwFlags, &blob);
2458 LONG WINAPI CryptGetMessageSignerCount(DWORD dwMsgEncodingType,
2459 const BYTE *pbSignedBlob, DWORD cbSignedBlob)
2464 TRACE("(%08x, %p, %d)\n", dwMsgEncodingType, pbSignedBlob, cbSignedBlob);
2466 msg = CryptMsgOpenToDecode(dwMsgEncodingType, 0, 0, 0, NULL, NULL);
2469 if (CryptMsgUpdate(msg, pbSignedBlob, cbSignedBlob, TRUE))
2471 DWORD size = sizeof(count);
2473 CryptMsgGetParam(msg, CMSG_SIGNER_COUNT_PARAM, 0, &count, &size);
2480 static CERT_INFO *CRYPT_GetSignerCertInfoFromMsg(HCRYPTMSG msg,
2481 DWORD dwSignerIndex)
2483 CERT_INFO *certInfo = NULL;
2486 if (CryptMsgGetParam(msg, CMSG_SIGNER_CERT_INFO_PARAM, dwSignerIndex, NULL,
2489 certInfo = CryptMemAlloc(size);
2492 if (!CryptMsgGetParam(msg, CMSG_SIGNER_CERT_INFO_PARAM,
2493 dwSignerIndex, certInfo, &size))
2495 CryptMemFree(certInfo);
2503 static PCCERT_CONTEXT WINAPI CRYPT_DefaultGetSignerCertificate(void *pvGetArg,
2504 DWORD dwCertEncodingType, PCERT_INFO pSignerId, HCERTSTORE hMsgCertStore)
2506 return CertFindCertificateInStore(hMsgCertStore, dwCertEncodingType, 0,
2507 CERT_FIND_SUBJECT_CERT, pSignerId, NULL);
2510 static inline PCCERT_CONTEXT CRYPT_GetSignerCertificate(HCRYPTMSG msg,
2511 PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, PCERT_INFO certInfo, HCERTSTORE store)
2513 PFN_CRYPT_GET_SIGNER_CERTIFICATE getCert;
2515 if (pVerifyPara->pfnGetSignerCertificate)
2516 getCert = pVerifyPara->pfnGetSignerCertificate;
2518 getCert = CRYPT_DefaultGetSignerCertificate;
2519 return getCert(pVerifyPara->pvGetArg,
2520 pVerifyPara->dwMsgAndCertEncodingType, certInfo, store);
2523 BOOL WINAPI CryptVerifyMessageSignature(PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara,
2524 DWORD dwSignerIndex, const BYTE* pbSignedBlob, DWORD cbSignedBlob,
2525 BYTE* pbDecoded, DWORD* pcbDecoded, PCCERT_CONTEXT* ppSignerCert)
2529 CRYPT_CONTENT_INFO *contentInfo;
2531 TRACE("(%p, %d, %p, %d, %p, %p, %p)\n",
2532 pVerifyPara, dwSignerIndex, pbSignedBlob, cbSignedBlob,
2533 pbDecoded, pcbDecoded, ppSignerCert);
2536 *ppSignerCert = NULL;
2540 pVerifyPara->cbSize != sizeof(CRYPT_VERIFY_MESSAGE_PARA) ||
2541 GET_CMSG_ENCODING_TYPE(pVerifyPara->dwMsgAndCertEncodingType) !=
2542 PKCS_7_ASN_ENCODING)
2544 SetLastError(E_INVALIDARG);
2548 ret = CryptDecodeObjectEx(pVerifyPara->dwMsgAndCertEncodingType,
2549 PKCS_CONTENT_INFO, pbSignedBlob, cbSignedBlob,
2550 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
2551 (LPBYTE)&contentInfo, &size);
2554 if (strcmp(contentInfo->pszObjId, szOID_RSA_signedData))
2556 SetLastError(CRYPT_E_UNEXPECTED_MSG_TYPE);
2561 HCRYPTMSG msg = CryptMsgOpenToDecode(
2562 pVerifyPara->dwMsgAndCertEncodingType, 0, CMSG_SIGNED,
2563 pVerifyPara->hCryptProv, NULL, NULL);
2567 ret = CryptMsgUpdate(msg, contentInfo->Content.pbData,
2568 contentInfo->Content.cbData, TRUE);
2569 if (ret && pcbDecoded)
2570 ret = CRYPT_CopyParam(pbDecoded, pcbDecoded,
2571 contentInfo->Content.pbData, contentInfo->Content.cbData);
2574 CERT_INFO *certInfo = CRYPT_GetSignerCertInfoFromMsg(msg,
2580 HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MSG,
2581 pVerifyPara->dwMsgAndCertEncodingType,
2582 pVerifyPara->hCryptProv, 0, msg);
2586 PCCERT_CONTEXT cert = CRYPT_GetSignerCertificate(
2587 msg, pVerifyPara, certInfo, store);
2591 ret = CryptMsgControl(msg, 0,
2592 CMSG_CTRL_VERIFY_SIGNATURE, cert->pCertInfo);
2593 if (ret && ppSignerCert)
2594 *ppSignerCert = cert;
2596 CertFreeCertificateContext(cert);
2598 CertCloseStore(store, 0);
2601 CryptMemFree(certInfo);
2606 LocalFree(contentInfo);
2608 TRACE("returning %d\n", ret);
projects / wine / blob