From 9adcf560aef29cbdfa0d9c884b5bb697c082d499 Mon Sep 17 00:00:00 2001 From: Juan Lang Date: Tue, 9 May 2006 23:21:44 -0700 Subject: [PATCH] crypt32: Implement CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT in CryptVerifyCertificateSignatureEx. --- dlls/crypt32/cert.c | 83 ++++++++++++++++++++++++--------------------- 1 file changed, 44 insertions(+), 39 deletions(-) diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c index f44cc63768..ca0505d6f8 100644 --- a/dlls/crypt32/cert.c +++ b/dlls/crypt32/cert.c @@ -193,6 +193,41 @@ BOOL WINAPI CryptVerifyCertificateSignature(HCRYPTPROV hCryptProv, CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY, pPublicKey, 0, NULL); } +static BOOL CRYPT_VerifyCertSignatureFromPublicKeyInfo(HCRYPTPROV hCryptProv, + DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pubKeyInfo, + PCERT_SIGNED_CONTENT_INFO signedCert) +{ + BOOL ret; + ALG_ID algID = CertOIDToAlgId(pubKeyInfo->Algorithm.pszObjId); + HCRYPTKEY key; + + /* Load the default provider if necessary */ + if (!hCryptProv) + hCryptProv = CRYPT_GetDefaultProvider(); + ret = CryptImportPublicKeyInfoEx(hCryptProv, dwCertEncodingType, + pubKeyInfo, algID, 0, NULL, &key); + if (ret) + { + HCRYPTHASH hash; + + /* Some key algorithms aren't hash algorithms, so map them */ + if (algID == CALG_RSA_SIGN || algID == CALG_RSA_KEYX) + algID = CALG_SHA1; + ret = CryptCreateHash(hCryptProv, algID, 0, 0, &hash); + if (ret) + { + ret = CryptHashData(hash, signedCert->ToBeSigned.pbData, + signedCert->ToBeSigned.cbData, 0); + if (ret) + ret = CryptVerifySignatureW(hash, signedCert->Signature.pbData, + signedCert->Signature.cbData, key, NULL, 0); + CryptDestroyHash(hash); + } + CryptDestroyKey(key); + } + return ret; +} + BOOL WINAPI CryptVerifyCertificateSignatureEx(HCRYPTPROV hCryptProv, DWORD dwCertEncodingType, DWORD dwSubjectType, void *pvSubject, DWORD dwIssuerType, void *pvIssuer, DWORD dwFlags, void *pvReserved) @@ -249,48 +284,18 @@ BOOL WINAPI CryptVerifyCertificateSignatureEx(HCRYPTPROV hCryptProv, switch (dwIssuerType) { case CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY: - { - PCERT_PUBLIC_KEY_INFO pubKeyInfo = - (PCERT_PUBLIC_KEY_INFO)pvIssuer; - ALG_ID algID = CertOIDToAlgId(pubKeyInfo->Algorithm.pszObjId); - - if (algID) - { - HCRYPTKEY key; - - ret = CryptImportPublicKeyInfoEx(hCryptProv, - dwCertEncodingType, pubKeyInfo, algID, 0, NULL, &key); - if (ret) - { - HCRYPTHASH hash; - - ret = CryptCreateHash(hCryptProv, algID, 0, 0, &hash); - if (ret) - { - ret = CryptHashData(hash, - signedCert->ToBeSigned.pbData, - signedCert->ToBeSigned.cbData, 0); - if (ret) - { - ret = CryptVerifySignatureW(hash, - signedCert->Signature.pbData, - signedCert->Signature.cbData, key, NULL, 0); - } - CryptDestroyHash(hash); - } - CryptDestroyKey(key); - } - } - else - { - SetLastError(NTE_BAD_ALGID); - ret = FALSE; - } + ret = CRYPT_VerifyCertSignatureFromPublicKeyInfo(hCryptProv, + dwCertEncodingType, (PCERT_PUBLIC_KEY_INFO)pvIssuer, + signedCert); break; - } case CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT: + ret = CRYPT_VerifyCertSignatureFromPublicKeyInfo(hCryptProv, + dwCertEncodingType, + &((PCCERT_CONTEXT)pvIssuer)->pCertInfo->SubjectPublicKeyInfo, + signedCert); + break; case CRYPT_VERIFY_CERT_SIGN_ISSUER_CHAIN: - FIXME("issuer type %ld: stub\n", dwIssuerType); + FIXME("CRYPT_VERIFY_CERT_SIGN_ISSUER_CHAIN: stub\n"); ret = FALSE; break; case CRYPT_VERIFY_CERT_SIGN_ISSUER_NULL: -- 2.32.0.93.g670b81a890