ReactOS 0.4.17-dev-381-g2ec7c03
unixlib.c
Go to the documentation of this file.
1/*
2 * Copyright 2019 Hans Leidekker for CodeWeavers
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 */
18
19#if 0
20#pragma makedep unix
21#endif
22
23#include "config.h"
24
25#include <stdarg.h>
26#include <stdlib.h>
27#include <dirent.h>
28#include <fcntl.h>
29#include <unistd.h>
30#include <dlfcn.h>
31#include <sys/stat.h>
32#ifdef __APPLE__
33#include <Security/Security.h>
34#endif
35#ifdef SONAME_LIBGNUTLS
36#include <gnutls/pkcs12.h>
37#endif
38
39#include "ntstatus.h"
40#define WIN32_NO_STATUS
41#include "windef.h"
42#include "winbase.h"
43#include "winternl.h"
44#include "wincrypt.h"
45#include "crypt32_private.h"
46#include "wine/debug.h"
47
48WINE_DEFAULT_DEBUG_CHANNEL(crypt);
49
50#ifdef SONAME_LIBGNUTLS
51
52WINE_DECLARE_DEBUG_CHANNEL(winediag);
53
54/* Not present in gnutls version < 3.0 */
55int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12, const char *password,
56 gnutls_x509_privkey_t *key, gnutls_x509_crt_t **chain, unsigned int *chain_len,
57 gnutls_x509_crt_t **extra_certs, unsigned int *extra_certs_len,
58 gnutls_x509_crl_t * crl, unsigned int flags);
59
60int gnutls_x509_privkey_get_pk_algorithm2(gnutls_x509_privkey_t, unsigned int*);
61
62static void *libgnutls_handle;
63#define MAKE_FUNCPTR(f) static typeof(f) * p##f
64MAKE_FUNCPTR(gnutls_global_deinit);
65MAKE_FUNCPTR(gnutls_global_init);
66MAKE_FUNCPTR(gnutls_global_set_log_function);
67MAKE_FUNCPTR(gnutls_global_set_log_level);
68MAKE_FUNCPTR(gnutls_perror);
69MAKE_FUNCPTR(gnutls_pkcs12_deinit);
70MAKE_FUNCPTR(gnutls_pkcs12_import);
71MAKE_FUNCPTR(gnutls_pkcs12_init);
72MAKE_FUNCPTR(gnutls_pkcs12_simple_parse);
73MAKE_FUNCPTR(gnutls_x509_crt_export);
74MAKE_FUNCPTR(gnutls_x509_privkey_export_rsa_raw2);
75MAKE_FUNCPTR(gnutls_x509_privkey_get_pk_algorithm2);
76#undef MAKE_FUNCPTR
77
78static void gnutls_log( int level, const char *msg )
79{
80 TRACE( "<%d> %s", level, msg );
81}
82
83static NTSTATUS process_attach( void *args )
84{
85 const char *env_str;
86 int ret;
87
88 if ((env_str = getenv("GNUTLS_SYSTEM_PRIORITY_FILE")))
89 {
90 WARN("GNUTLS_SYSTEM_PRIORITY_FILE is %s.\n", debugstr_a(env_str));
91 }
92 else
93 {
94 WARN("Setting GNUTLS_SYSTEM_PRIORITY_FILE to \"/dev/null\".\n");
95 setenv("GNUTLS_SYSTEM_PRIORITY_FILE", "/dev/null", 0);
96 }
97
98 if (!(libgnutls_handle = dlopen( SONAME_LIBGNUTLS, RTLD_NOW )))
99 {
100 ERR_(winediag)( "failed to load libgnutls, no support for pfx import/export\n" );
101 return STATUS_DLL_NOT_FOUND;
102 }
103
104#define LOAD_FUNCPTR(f) \
105 if (!(p##f = dlsym( libgnutls_handle, #f ))) \
106 { \
107 ERR( "failed to load %s\n", #f ); \
108 goto fail; \
109 }
110
111 LOAD_FUNCPTR(gnutls_global_deinit)
112 LOAD_FUNCPTR(gnutls_global_init)
113 LOAD_FUNCPTR(gnutls_global_set_log_function)
114 LOAD_FUNCPTR(gnutls_global_set_log_level)
115 LOAD_FUNCPTR(gnutls_perror)
116 LOAD_FUNCPTR(gnutls_pkcs12_deinit)
117 LOAD_FUNCPTR(gnutls_pkcs12_import)
118 LOAD_FUNCPTR(gnutls_pkcs12_init)
119 LOAD_FUNCPTR(gnutls_pkcs12_simple_parse)
120 LOAD_FUNCPTR(gnutls_x509_crt_export)
121 LOAD_FUNCPTR(gnutls_x509_privkey_export_rsa_raw2)
122 LOAD_FUNCPTR(gnutls_x509_privkey_get_pk_algorithm2)
123#undef LOAD_FUNCPTR
124
125 if ((ret = pgnutls_global_init()) != GNUTLS_E_SUCCESS)
126 {
127 pgnutls_perror( ret );
128 goto fail;
129 }
130
131 if (TRACE_ON( crypt ))
132 {
133 char *env = getenv("GNUTLS_DEBUG_LEVEL");
134 int level = env ? atoi(env) : 4;
135 pgnutls_global_set_log_level(level);
136 pgnutls_global_set_log_function( gnutls_log );
137 }
138
139 return TRUE;
140
141fail:
142 dlclose( libgnutls_handle );
143 libgnutls_handle = NULL;
144 return STATUS_DLL_INIT_FAILED;
145}
146
147static NTSTATUS process_detach( void *args )
148{
149 pgnutls_global_deinit();
150 dlclose( libgnutls_handle );
151 libgnutls_handle = NULL;
152 return STATUS_SUCCESS;
153}
154#define RSA_MAGIC_KEY ('R' | ('S' << 8) | ('A' << 16) | ('2' << 24))
155#define RSA_PUBEXP 65537
156
157struct cert_store_data
158{
159 gnutls_pkcs12_t p12;
160 gnutls_x509_privkey_t key;
161 gnutls_x509_crt_t *chain;
162 unsigned int key_bitlen;
163 unsigned int chain_len;
164};
165
166static struct cert_store_data *get_store_data( cert_store_data_t data )
167{
168 return (struct cert_store_data *)(ULONG_PTR)data;
169}
170
171static NTSTATUS import_store_key( void *args )
172{
173 struct import_store_key_params *params = args;
174 struct cert_store_data *data = get_store_data( params->data );
175 int i, ret;
176 unsigned int bitlen = data->key_bitlen;
177 gnutls_datum_t m, e, d, p, q, u, e1, e2;
178 BLOBHEADER *hdr;
179 RSAPUBKEY *rsakey;
180 BYTE *src, *dst;
181 DWORD size;
182
183 size = sizeof(*hdr) + sizeof(*rsakey) + (bitlen * 9 / 16);
184 if (!params->buf || *params->buf_size < size)
185 {
186 *params->buf_size = size;
187 return STATUS_BUFFER_TOO_SMALL;
188 }
189
190 if ((ret = pgnutls_x509_privkey_export_rsa_raw2( data->key, &m, &e, &d, &p, &q, &u, &e1, &e2 )) < 0)
191 {
192 pgnutls_perror( ret );
193 return STATUS_INVALID_PARAMETER;
194 }
195
196 hdr = params->buf;
197 hdr->bType = PRIVATEKEYBLOB;
198 hdr->bVersion = CUR_BLOB_VERSION;
199 hdr->reserved = 0;
200 hdr->aiKeyAlg = CALG_RSA_KEYX;
201
202 rsakey = (RSAPUBKEY *)(hdr + 1);
203 rsakey->magic = RSA_MAGIC_KEY;
204 rsakey->bitlen = bitlen;
205 rsakey->pubexp = RSA_PUBEXP;
206
207 dst = (BYTE *)(rsakey + 1);
208 if (m.size == bitlen / 8 + 1 && !m.data[0]) src = m.data + 1;
209 else if (m.size != bitlen / 8) goto done;
210 else src = m.data;
211 for (i = bitlen / 8 - 1; i >= 0; i--) *dst++ = src[i];
212
213 if (p.size == bitlen / 16 + 1 && !p.data[0]) src = p.data + 1;
214 else if (p.size != bitlen / 16) goto done;
215 else src = p.data;
216 for (i = bitlen / 16 - 1; i >= 0; i--) *dst++ = src[i];
217
218 if (q.size == bitlen / 16 + 1 && !q.data[0]) src = q.data + 1;
219 else if (q.size != bitlen / 16) goto done;
220 else src = q.data;
221 for (i = bitlen / 16 - 1; i >= 0; i--) *dst++ = src[i];
222
223 if (e1.size == bitlen / 16 + 1 && !e1.data[0]) src = e1.data + 1;
224 else if (e1.size != bitlen / 16) goto done;
225 else src = e1.data;
226 for (i = bitlen / 16 - 1; i >= 0; i--) *dst++ = src[i];
227
228 if (e2.size == bitlen / 16 + 1 && !e2.data[0]) src = e2.data + 1;
229 else if (e2.size != bitlen / 16) goto done;
230 else src = e2.data;
231 for (i = bitlen / 16 - 1; i >= 0; i--) *dst++ = src[i];
232
233 if (u.size == bitlen / 16 + 1 && !u.data[0]) src = u.data + 1;
234 else if (u.size != bitlen / 16) goto done;
235 else src = u.data;
236 for (i = bitlen / 16 - 1; i >= 0; i--) *dst++ = src[i];
237
238 if (d.size == bitlen / 8 + 1 && !d.data[0]) src = d.data + 1;
239 else if (d.size != bitlen / 8) goto done;
240 else src = d.data;
241 for (i = bitlen / 8 - 1; i >= 0; i--) *dst++ = src[i];
242
243done:
244 free( m.data );
245 free( e.data );
246 free( d.data );
247 free( p.data );
248 free( q.data );
249 free( u.data );
250 free( e1.data );
251 free( e2.data );
252 return STATUS_SUCCESS;
253}
254
255static char *password_to_ascii( const WCHAR *str )
256{
257 char *ret;
258 unsigned int i = 0;
259
260 if (!(ret = malloc( (lstrlenW(str) + 1) * sizeof(*ret) ))) return NULL;
261 while (*str)
262 {
263 if (*str > 0x7f) WARN( "password contains non-ascii characters\n" );
264 ret[i++] = *str++;
265 }
266 ret[i] = 0;
267 return ret;
268}
269
270static NTSTATUS open_cert_store( void *args )
271{
272 struct open_cert_store_params *params = args;
273 gnutls_pkcs12_t p12;
274 gnutls_datum_t pfx_data;
275 gnutls_x509_privkey_t key;
276 gnutls_x509_crt_t *chain;
277 unsigned int chain_len;
278 unsigned int bitlen;
279 char *pwd = NULL;
280 int ret;
281 struct cert_store_data *store_data;
282
283 if (!libgnutls_handle) return STATUS_DLL_NOT_FOUND;
284 if (params->password && !(pwd = password_to_ascii( params->password ))) return STATUS_NO_MEMORY;
285
286 if ((ret = pgnutls_pkcs12_init( &p12 )) < 0) goto error;
287
288 pfx_data.data = params->pfx->pbData;
289 pfx_data.size = params->pfx->cbData;
290 if ((ret = pgnutls_pkcs12_import( p12, &pfx_data, GNUTLS_X509_FMT_DER, 0 )) < 0) goto error;
291
292 if ((ret = pgnutls_pkcs12_simple_parse( p12, pwd ? pwd : "", &key, &chain, &chain_len, NULL, NULL, NULL, 0 )) < 0)
293 goto error;
294
295 if ((ret = pgnutls_x509_privkey_get_pk_algorithm2( key, &bitlen )) < 0)
296 goto error;
297
298 free( pwd );
299
300 if (ret != GNUTLS_PK_RSA)
301 {
302 FIXME( "key algorithm %u not supported\n", ret );
303 pgnutls_pkcs12_deinit( p12 );
304 return STATUS_INVALID_PARAMETER;
305 }
306
307 store_data = malloc( sizeof(*store_data) );
308 store_data->p12 = p12;
309 store_data->key = key;
310 store_data->chain = chain;
311 store_data->key_bitlen = bitlen;
312 store_data->chain_len = chain_len;
313 *params->data_ret = (ULONG_PTR)store_data;
314 return STATUS_SUCCESS;
315
316error:
317 pgnutls_perror( ret );
318 pgnutls_pkcs12_deinit( p12 );
319 free( pwd );
320 return STATUS_INVALID_PARAMETER;
321}
322
323static NTSTATUS import_store_cert( void *args )
324{
325 struct import_store_cert_params *params = args;
326 struct cert_store_data *data = get_store_data( params->data );
327 size_t size = 0;
328 int ret;
329
330 if (params->index >= data->chain_len) return STATUS_NO_MORE_ENTRIES;
331
332 if ((ret = pgnutls_x509_crt_export( data->chain[params->index], GNUTLS_X509_FMT_DER, NULL, &size )) != GNUTLS_E_SHORT_MEMORY_BUFFER)
333 return STATUS_INVALID_PARAMETER;
334
335 if (!params->buf || *params->buf_size < size)
336 {
337 *params->buf_size = size;
338 return STATUS_BUFFER_TOO_SMALL;
339 }
340 if ((ret = pgnutls_x509_crt_export( data->chain[params->index], GNUTLS_X509_FMT_DER, params->buf, &size )) < 0)
341 return STATUS_INVALID_PARAMETER;
342
343 return STATUS_SUCCESS;
344}
345
346static NTSTATUS close_cert_store( void *args )
347{
348 struct close_cert_store_params *params = args;
349 struct cert_store_data *data = get_store_data( params->data );
350
351 if (params->data)
352 {
353 pgnutls_pkcs12_deinit( data->p12 );
354 free( data );
355 }
356 return STATUS_SUCCESS;
357}
358
359#else /* SONAME_LIBGNUTLS */
360
361static NTSTATUS process_attach( void *args ) { return STATUS_SUCCESS; }
362static NTSTATUS process_detach( void *args ) { return STATUS_SUCCESS; }
363static NTSTATUS open_cert_store( void *args ) { return STATUS_DLL_NOT_FOUND; }
364static NTSTATUS import_store_key( void *args ) { return STATUS_DLL_NOT_FOUND; }
365static NTSTATUS import_store_cert( void *args ) { return STATUS_DLL_NOT_FOUND; }
366static NTSTATUS close_cert_store( void *args ) { return STATUS_DLL_NOT_FOUND; }
367
368#endif /* SONAME_LIBGNUTLS */
369
370struct root_cert
371{
372 struct list entry;
373 SIZE_T size;
374 BYTE data[1];
375};
376
377static struct list root_cert_list = LIST_INIT(root_cert_list);
378
379static BYTE *add_cert( SIZE_T size )
380{
381 struct root_cert *cert = malloc( offsetof( struct root_cert, data[size] ));
382
383 if (!cert) return NULL;
384 cert->size = size;
385 list_add_tail( &root_cert_list, &cert->entry );
386 return cert->data;
387}
388
389struct DynamicBuffer
390{
391 DWORD allocated;
392 DWORD used;
393 char *data;
394};
395
396static inline void reset_buffer(struct DynamicBuffer *buffer)
397{
398 buffer->used = 0;
399 if (buffer->data) buffer->data[0] = 0;
400}
401
402static void add_line_to_buffer(struct DynamicBuffer *buffer, LPCSTR line)
403{
404 if (buffer->used + strlen(line) + 1 > buffer->allocated)
405 {
406 DWORD new_size = max( max( buffer->allocated * 2, 1024 ), buffer->used + strlen(line) + 1 );
407 void *ptr = realloc( buffer->data, new_size );
408 if (!ptr) return;
409 buffer->data = ptr;
410 buffer->allocated = new_size;
411 if (!buffer->used) buffer->data[0] = 0;
412 }
413 strcpy( buffer->data + buffer->used, line );
414 buffer->used += strlen(line);
415}
416
417#define BASE64_DECODE_PADDING 0x100
418#define BASE64_DECODE_WHITESPACE 0x200
419#define BASE64_DECODE_INVALID 0x300
420
421static inline int decodeBase64Byte(char c)
422{
423 int ret = BASE64_DECODE_INVALID;
424
425 if (c >= 'A' && c <= 'Z')
426 ret = c - 'A';
427 else if (c >= 'a' && c <= 'z')
428 ret = c - 'a' + 26;
429 else if (c >= '0' && c <= '9')
430 ret = c - '0' + 52;
431 else if (c == '+')
432 ret = 62;
433 else if (c == '/')
434 ret = 63;
435 else if (c == '=')
436 ret = BASE64_DECODE_PADDING;
437 else if (c == ' ' || c == '\t' || c == '\r' || c == '\n')
438 ret = BASE64_DECODE_WHITESPACE;
439 return ret;
440}
441
442static BOOL base64_to_cert( const char *str )
443{
444 DWORD i, valid, out, hasPadding;
445 BYTE block[4], *data;
446
447 for (i = valid = out = hasPadding = 0; str[i]; i++)
448 {
449 int d = decodeBase64Byte( str[i] );
450 if (d == BASE64_DECODE_INVALID) return FALSE;
451 if (d == BASE64_DECODE_WHITESPACE) continue;
452
453 /* When padding starts, data is not acceptable */
454 if (hasPadding && d != BASE64_DECODE_PADDING) return FALSE;
455
456 /* Padding after a full block (like "VVVV=") is ok and stops decoding */
457 if (d == BASE64_DECODE_PADDING && (valid & 3) == 0) break;
458
459 valid++;
460 if (d == BASE64_DECODE_PADDING)
461 {
462 hasPadding = 1;
463 /* When padding reaches a full block, stop decoding */
464 if ((valid & 3) == 0) break;
465 continue;
466 }
467
468 /* out is incremented in the 4-char block as follows: "1-23" */
469 if ((valid & 3) != 2) out++;
470 }
471 /* Fail if the block has bad padding; omitting padding is fine */
472 if ((valid & 3) != 0 && hasPadding) return FALSE;
473
474 if (!(data = add_cert( out ))) return FALSE;
475 for (i = valid = out = 0; str[i]; i++)
476 {
477 int d = decodeBase64Byte( str[i] );
478 if (d == BASE64_DECODE_WHITESPACE) continue;
479 if (d == BASE64_DECODE_PADDING) break;
480 block[valid & 3] = d;
481 valid += 1;
482 switch (valid & 3)
483 {
484 case 1:
485 data[out++] = (block[0] << 2);
486 break;
487 case 2:
488 data[out-1] = (block[0] << 2) | (block[1] >> 4);
489 break;
490 case 3:
491 data[out++] = (block[1] << 4) | (block[2] >> 2);
492 break;
493 case 0:
494 data[out++] = (block[2] << 6) | (block[3] >> 0);
495 break;
496 }
497 }
498 return TRUE;
499}
500
501/* Reads the file fd, and imports any certificates in it into store. */
502static void import_certs_from_file( int fd )
503{
504 FILE *fp = fdopen(fd, "r");
505 char line[1024];
506 BOOL in_cert = FALSE;
507 struct DynamicBuffer saved_cert = { 0, 0, NULL };
508 int num_certs = 0;
509
510 if (!fp) return;
511 TRACE("\n");
512 while (fgets(line, sizeof(line), fp))
513 {
514 static const char header[] = "-----BEGIN CERTIFICATE-----";
515 static const char trailer[] = "-----END CERTIFICATE-----";
516
517 if (!strncmp(line, header, strlen(header)))
518 {
519 TRACE("begin new certificate\n");
520 in_cert = TRUE;
521 reset_buffer(&saved_cert);
522 }
523 else if (!strncmp(line, trailer, strlen(trailer)))
524 {
525 TRACE("end of certificate, adding cert\n");
526 in_cert = FALSE;
527 if (base64_to_cert( saved_cert.data )) num_certs++;
528 }
529 else if (in_cert) add_line_to_buffer(&saved_cert, line);
530 }
531 free( saved_cert.data );
532 TRACE("Read %d certs\n", num_certs);
533 fclose(fp);
534}
535
536static void import_certs_from_path(LPCSTR path, BOOL allow_dir);
537
538static BOOL check_buffer_resize(char **ptr_buf, size_t *buf_size, size_t check_size)
539{
540 if (check_size > *buf_size)
541 {
542 void *ptr = realloc(*ptr_buf, check_size);
543
544 if (!ptr) return FALSE;
545 *buf_size = check_size;
546 *ptr_buf = ptr;
547 }
548 return TRUE;
549}
550
551/* Opens path, which must be a directory, and imports certificates from every
552 * file in the directory into store.
553 * Returns TRUE if any certificates were successfully imported.
554 */
555static void import_certs_from_dir( LPCSTR path )
556{
557 DIR *dir;
558
559 dir = opendir(path);
560 if (dir)
561 {
562 size_t path_len = strlen(path), bufsize = 0;
563 char *filebuf = NULL;
564
565 struct dirent *entry;
566 while ((entry = readdir(dir)))
567 {
568 if (strcmp(entry->d_name, ".") && strcmp(entry->d_name, ".."))
569 {
570 size_t name_len = strlen(entry->d_name);
571
572 if (!check_buffer_resize(&filebuf, &bufsize, path_len + 1 + name_len + 1)) break;
573 snprintf(filebuf, bufsize, "%s/%s", path, entry->d_name);
574 import_certs_from_path(filebuf, FALSE);
575 }
576 }
577 free(filebuf);
578 closedir(dir);
579 }
580}
581
582/* Opens path, which may be a file or a directory, and imports any certificates
583 * it finds into store.
584 * Returns TRUE if any certificates were successfully imported.
585 */
586static void import_certs_from_path(LPCSTR path, BOOL allow_dir)
587{
588 int fd;
589
590 TRACE("(%s, %d)\n", debugstr_a(path), allow_dir);
591
592 fd = open(path, O_RDONLY);
593 if (fd != -1)
594 {
595 struct stat st;
596
597 if (fstat(fd, &st) == 0)
598 {
599 if (S_ISREG(st.st_mode))
600 import_certs_from_file(fd);
601 else if (S_ISDIR(st.st_mode))
602 {
603 if (allow_dir)
604 import_certs_from_dir(path);
605 else
606 WARN("%s is a directory and directories are disallowed\n",
607 debugstr_a(path));
608 }
609 else
610 ERR("%s: invalid file type\n", path);
611 }
612 close(fd);
613 }
614}
615
616static const char * const CRYPT_knownLocations[] = {
617 "/etc/ssl/certs/ca-certificates.crt",
618 "/etc/ssl/certs",
619 "/etc/pki/tls/certs/ca-bundle.crt",
620 "/usr/share/ca-certificates/ca-bundle.crt",
621 "/usr/local/share/certs/",
622 "/etc/sfw/openssl/certs",
623 "/etc/security/cacerts", /* Android */
624};
625
626static void load_root_certs(void)
627{
628 unsigned int i;
629
630#ifdef __APPLE__
631 const SecTrustSettingsDomain domains[] = {
632 kSecTrustSettingsDomainSystem,
633 kSecTrustSettingsDomainAdmin,
634 kSecTrustSettingsDomainUser
635 };
636 OSStatus status;
637 CFArrayRef certs;
638 DWORD domain;
639
640 for (domain = 0; domain < ARRAY_SIZE(domains); domain++)
641 {
642 status = SecTrustSettingsCopyCertificates(domains[domain], &certs);
643 if (status == noErr)
644 {
645 for (i = 0; i < CFArrayGetCount(certs); i++)
646 {
647 SecCertificateRef cert = (SecCertificateRef)CFArrayGetValueAtIndex(certs, i);
648 CFDataRef certData;
649 if ((status = SecItemExport(cert, kSecFormatX509Cert, 0, NULL, &certData)) == noErr)
650 {
651 BYTE *data = add_cert( CFDataGetLength(certData) );
652 if (data) memcpy( data, CFDataGetBytePtr(certData), CFDataGetLength(certData) );
653 CFRelease(certData);
654 }
655 else
656 WARN("could not export certificate %u to X509 format: 0x%08x\n", i, (unsigned int)status);
657 }
658 CFRelease(certs);
659 }
660 }
661#endif
662
663 for (i = 0; i < ARRAY_SIZE(CRYPT_knownLocations) && list_empty(&root_cert_list); i++)
664 import_certs_from_path( CRYPT_knownLocations[i], TRUE );
665}
666
667static NTSTATUS enum_root_certs( void *args )
668{
669 struct enum_root_certs_params *params = args;
670 static BOOL loaded;
671 struct list *ptr;
672 struct root_cert *cert;
673
674 if (!loaded) load_root_certs();
675 loaded = TRUE;
676
677 if (!(ptr = list_head( &root_cert_list ))) return STATUS_NO_MORE_ENTRIES;
678 cert = LIST_ENTRY( ptr, struct root_cert, entry );
679 *params->needed = cert->size;
680 if (cert->size <= params->size)
681 {
682 memcpy( params->buffer, cert->data, cert->size );
683 list_remove( &cert->entry );
684 free( cert );
685 }
686 return STATUS_SUCCESS;
687}
688
689const unixlib_entry_t __wine_unix_call_funcs[] =
690{
691 process_attach,
692 process_detach,
693 open_cert_store,
694 import_store_key,
695 import_store_cert,
696 close_cert_store,
697 enum_root_certs,
698};
699
700C_ASSERT( ARRAYSIZE(__wine_unix_call_funcs) == unix_funcs_count );
701
702#ifdef _WIN64
703
704typedef ULONG PTR32;
705
706typedef struct
707{
708 DWORD cbData;
709 PTR32 pbData;
710} CRYPT_DATA_BLOB32;
711
712static NTSTATUS wow64_open_cert_store( void *args )
713{
714 struct
715 {
716 PTR32 pfx;
717 PTR32 password;
718 PTR32 data_ret;
719 } const *params32 = args;
720
721 const CRYPT_DATA_BLOB32 *pfx32 = ULongToPtr( params32->pfx );
722 CRYPT_DATA_BLOB pfx = { pfx32->cbData, ULongToPtr( pfx32->pbData ) };
723 struct open_cert_store_params params =
724 {
725 &pfx,
726 ULongToPtr( params32->password ),
727 ULongToPtr( params32->data_ret )
728 };
729
730 return open_cert_store( &params );
731}
732
733static NTSTATUS wow64_import_store_key( void *args )
734{
735 struct
736 {
737 cert_store_data_t data;
738 PTR32 buf;
739 PTR32 buf_size;
740 } const *params32 = args;
741
742 struct import_store_key_params params =
743 {
744 params32->data,
745 ULongToPtr( params32->buf ),
746 ULongToPtr( params32->buf_size )
747 };
748
749 return import_store_key( &params );
750}
751
752static NTSTATUS wow64_import_store_cert( void *args )
753{
754 struct
755 {
756 cert_store_data_t data;
757 unsigned int index;
758 PTR32 buf;
759 PTR32 buf_size;
760 } const *params32 = args;
761
762 struct import_store_cert_params params =
763 {
764 params32->data,
765 params32->index,
766 ULongToPtr( params32->buf ),
767 ULongToPtr( params32->buf_size )
768 };
769
770 return import_store_cert( &params );
771}
772
773static NTSTATUS wow64_enum_root_certs( void *args )
774{
775 struct
776 {
777 PTR32 buffer;
778 DWORD size;
779 PTR32 needed;
780 } const *params32 = args;
781
782 struct enum_root_certs_params params =
783 {
784 ULongToPtr( params32->buffer ),
785 params32->size,
786 ULongToPtr( params32->needed )
787 };
788
789 return enum_root_certs( &params );
790}
791
792const unixlib_entry_t __wine_unix_call_wow64_funcs[] =
793{
794 process_attach,
795 process_detach,
796 wow64_open_cert_store,
797 wow64_import_store_key,
798 wow64_import_store_cert,
799 close_cert_store,
800 wow64_enum_root_certs,
801};
802
803C_ASSERT( ARRAYSIZE(__wine_unix_call_wow64_funcs) == unix_funcs_count );
804
805#endif /* _WIN64 */
close
#define close
Definition: acwin.h:99
fstat
#define fstat
Definition: acwin.h:101
dir
unsigned int dir
Definition: maze.c:112
msg
#define msg(x)
Definition: auth_time.c:54
WINE_DEFAULT_DEBUG_CHANNEL
#define WINE_DEFAULT_DEBUG_CHANNEL(t)
Definition: precomp.h:23
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
S_ISDIR
#define S_ISDIR(mode)
Definition: various.h:18
index
#define index(s, c)
Definition: various.h:29
S_ISREG
#define S_ISREG(mode)
Definition: various.h:17
pwd
void pwd(int argc, const char *argv[])
Definition: cmds.c:1401
ARRAY_SIZE
#define ARRAY_SIZE(A)
Definition: main.h:20
list_remove
static void list_remove(struct list_entry *entry)
Definition: list.h:90
list_empty
static int list_empty(struct list_entry *head)
Definition: list.h:58
list_add_tail
static void list_add_tail(struct list_entry *head, struct list_entry *entry)
Definition: list.h:83
FIXME
#define FIXME(fmt,...)
Definition: precomp.h:53
WARN
#define WARN(fmt,...)
Definition: precomp.h:61
ERR
#define ERR(fmt,...)
Definition: precomp.h:57
ULongToPtr
#define ULongToPtr(ul)
Definition: basetsd.h:86
basic_filebuf< char, char_traits< char > >
list
Definition: list.h:37
crypt32_private.h
cert_store_data_t
UINT64 cert_store_data_t
Definition: crypt32_private.h:468
unix_funcs_count
@ unix_funcs_count
Definition: crypt32_private.h:513
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: d3dkmdt.h:51
env
static LPCWSTR LPCWSTR LPCWSTR env
Definition: db.cpp:171
realloc
#define realloc
Definition: debug_ros.c:6
free
#define free
Definition: debug_ros.c:5
malloc
#define malloc
Definition: debug_ros.c:4
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
TRACE_ON
#define TRACE_ON(x)
Definition: compat.h:75
WINE_DECLARE_DEBUG_CHANNEL
#define WINE_DECLARE_DEBUG_CHANNEL(x)
Definition: compat.h:45
lstrlenW
#define lstrlenW
Definition: compat.h:750
process_detach
static void process_detach(void)
Definition: main.c:94
getenv
char *CDECL getenv(const char *name)
Definition: environ.c:227
fclose
int CDECL fclose(FILE *file)
Definition: file.c:3757
fgets
char *CDECL fgets(char *s, int size, FILE *file)
Definition: file.c:3903
O_RDONLY
#define O_RDONLY
Definition: fcntl.h:34
open
#define open
Definition: io.h:44
fdopen
_ACRTIMP int __cdecl _ACRTIMP int __cdecl _ACRTIMP int __cdecl _ACRTIMP int __cdecl _ACRTIMP int __cdecl _ACRTIMP int __cdecl _ACRTIMP int __cdecl _ACRTIMP int __cdecl static FILE * fdopen(int fd, const char *mode)
Definition: stdio.h:480
atoi
_ACRTIMP int __cdecl atoi(const char *)
Definition: string.c:1720
strlen
_ACRTIMP size_t __cdecl strlen(const char *)
Definition: string.c:1597
strcmp
_ACRTIMP int __cdecl strcmp(const char *, const char *)
Definition: string.c:3324
strncmp
_ACRTIMP int __cdecl strncmp(const char *, const char *, size_t)
Definition: string.c:3335
ret
return ret
Definition: mutex.c:146
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
LOAD_FUNCPTR
#define LOAD_FUNCPTR(f)
new_size
size_t const new_size
Definition: expand.cpp:66
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
valid
BOOLEAN valid
Definition: fxregistryapi.cpp:1474
level
GLint level
Definition: gl.h:1546
data
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
q
GLdouble GLdouble GLdouble GLdouble q
Definition: gl.h:2063
src
GLenum src
Definition: glext.h:6340
buffer
GLuint buffer
Definition: glext.h:5915
size
GLsizeiptr size
Definition: glext.h:5919
c
const GLubyte * c
Definition: glext.h:8905
params
GLenum const GLfloat * params
Definition: glext.h:5645
buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
dst
GLenum GLenum dst
Definition: glext.h:6340
flags
GLbitfield flags
Definition: glext.h:7161
p
GLfloat GLfloat p
Definition: glext.h:8902
bufsize
GLenum GLuint GLsizei bufsize
Definition: glext.h:7473
m
const GLfloat * m
Definition: glext.h:10848
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
u
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble * u
Definition: glfuncs.h:240
C_ASSERT
#define C_ASSERT(e)
Definition: intsafe.h:73
hdr
char hdr[14]
Definition: iptest.cpp:33
entry
uint32_t entry
Definition: isohybrid.c:63
d
#define d
Definition: ke_i.h:81
e
#define e
Definition: ke_i.h:82
debugstr_a
#define debugstr_a
Definition: kernel32.h:31
error
#define error(str)
Definition: mkdosfs.c:1605
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
ptr
static PVOID ptr
Definition: dispmode.c:27
path_len
static DWORD path_len
Definition: batch.c:31
crl
static const BYTE crl[]
Definition: message.c:817
cert
static BYTE cert[]
Definition: msg.c:1374
loaded
BOOL loaded
Definition: xmlview.c:54
RTLD_NOW
#define RTLD_NOW
Definition: port.h:100
password
static WCHAR password[]
Definition: url.c:33
STATUS_DLL_NOT_FOUND
#define STATUS_DLL_NOT_FOUND
Definition: ntstatus.h:639
STATUS_NO_MORE_ENTRIES
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:285
STATUS_DLL_INIT_FAILED
#define STATUS_DLL_INIT_FAILED
Definition: ntstatus.h:652
WCHAR
short WCHAR
Definition: pedump.c:58
cbData
_In_opt_ _In_opt_ _In_ _In_ DWORD cbData
Definition: shlwapi.h:761
str
const WCHAR * str
Definition: rpc_transport.c:2696
MAKE_FUNCPTR
#define MAKE_FUNCPTR(f)
Definition: schannel_mbedtls_lazyload.h:25
offsetof
#define offsetof(TYPE, MEMBER)
Definition: sdbstringtable.c:26
closedir
int __cdecl closedir(DIR *)
opendir
DIR *__cdecl opendir(const char *)
readdir
struct dirent *__cdecl readdir(DIR *)
ERR_
#define ERR_(ch,...)
Definition: debug.h:156
strcpy
strcpy
Definition: string.h:131
fd
static int fd
Definition: io.c:51
args
#define args
Definition: format.c:66
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
DIR
Definition: dirent.h:40
DynamicBuffer::allocated
DWORD allocated
Definition: unixlib.c:391
DynamicBuffer::used
DWORD used
Definition: unixlib.c:392
DynamicBuffer::data
char * data
Definition: unixlib.c:393
_CRYPTOAPI_BLOB
Definition: wincrypt.h:110
_CRYPTOAPI_BLOB::cbData
DWORD cbData
Definition: wincrypt.h:111
_PUBLICKEYSTRUC
Definition: wincrypt.h:144
_RSAPUBKEY
Definition: wincrypt.h:151
_RSAPUBKEY::pubexp
DWORD pubexp
Definition: wincrypt.h:154
_RSAPUBKEY::bitlen
DWORD bitlen
Definition: wincrypt.h:153
_RSAPUBKEY::magic
DWORD magic
Definition: wincrypt.h:152
_iobuf
Definition: corecrt_wstdio.h:27
args
Definition: match.c:390
close_cert_store_params
Definition: crypt32_private.h:493
dirent
Definition: dirent.h:25
domain
Definition: cookie.c:42
enum_root_certs_params
Definition: crypt32_private.h:498
import_store_cert_params
Definition: crypt32_private.h:485
import_store_cert_params::data
cert_store_data_t data
Definition: crypt32_private.h:486
import_store_key_params
Definition: crypt32_private.h:478
import_store_key_params::data
cert_store_data_t data
Definition: crypt32_private.h:479
import_store_key_params::buf_size
DWORD * buf_size
Definition: crypt32_private.h:481
key
Definition: copy.c:22
line
Definition: parser.c:49
list_head
Definition: list.h:15
open_cert_store_params
Definition: crypt32_private.h:471
open_cert_store_params::pfx
CRYPT_DATA_BLOB * pfx
Definition: crypt32_private.h:472
root_cert
Definition: unixlib.c:371
root_cert::entry
struct list entry
Definition: unixlib.c:372
root_cert::size
SIZE_T size
Definition: unixlib.c:373
stat
Definition: stat.h:66
stat::st_mode
unsigned short st_mode
Definition: stat.h:69
status
Definition: ps.c:97
max
#define max(a, b)
Definition: svc.c:63
LIST_INIT
#define LIST_INIT(head)
Definition: queue.h:197
LIST_ENTRY
#define LIST_ENTRY(type)
Definition: queue.h:175
chain
struct sock * chain
Definition: tcpcore.h:1
LPCSTR
const char * LPCSTR
Definition: typedefs.h:52
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
import_certs_from_file
static void import_certs_from_file(int fd)
Definition: unixlib.c:502
import_store_key
static NTSTATUS import_store_key(void *args)
Definition: unixlib.c:364
CRYPT_knownLocations
static const char *const CRYPT_knownLocations[]
Definition: unixlib.c:616
__wine_unix_call_funcs
const unixlib_entry_t __wine_unix_call_funcs[]
Definition: unixlib.c:689
base64_to_cert
static BOOL base64_to_cert(const char *str)
Definition: unixlib.c:442
add_cert
static BYTE * add_cert(SIZE_T size)
Definition: unixlib.c:379
BASE64_DECODE_PADDING
#define BASE64_DECODE_PADDING
Definition: unixlib.c:417
close_cert_store
static NTSTATUS close_cert_store(void *args)
Definition: unixlib.c:366
import_certs_from_dir
static void import_certs_from_dir(LPCSTR path)
Definition: unixlib.c:555
enum_root_certs
static NTSTATUS enum_root_certs(void *args)
Definition: unixlib.c:667
add_line_to_buffer
static void add_line_to_buffer(struct DynamicBuffer *buffer, LPCSTR line)
Definition: unixlib.c:402
import_store_cert
static NTSTATUS import_store_cert(void *args)
Definition: unixlib.c:365
BASE64_DECODE_WHITESPACE
#define BASE64_DECODE_WHITESPACE
Definition: unixlib.c:418
import_certs_from_path
static void import_certs_from_path(LPCSTR path, BOOL allow_dir)
Definition: unixlib.c:586
process_attach
static NTSTATUS process_attach(void *args)
Definition: unixlib.c:361
BASE64_DECODE_INVALID
#define BASE64_DECODE_INVALID
Definition: unixlib.c:419
reset_buffer
static void reset_buffer(struct DynamicBuffer *buffer)
Definition: unixlib.c:396
root_cert_list
static struct list root_cert_list
Definition: unixlib.c:377
decodeBase64Byte
static int decodeBase64Byte(char c)
Definition: unixlib.c:421
load_root_certs
static void load_root_certs(void)
Definition: unixlib.c:626
check_buffer_resize
static BOOL check_buffer_resize(char **ptr_buf, size_t *buf_size, size_t check_size)
Definition: unixlib.c:538
open_cert_store
static NTSTATUS open_cert_store(void *args)
Definition: unixlib.c:363
out
wchar_t tm const _CrtWcstime_Writes_and_advances_ptr_ count wchar_t ** out
Definition: wcsftime.cpp:383
PRIVATEKEYBLOB
#define PRIVATEKEYBLOB
Definition: wincrypt.h:2445
CALG_RSA_KEYX
#define CALG_RSA_KEYX
Definition: wincrypt.h:2080
CUR_BLOB_VERSION
#define CUR_BLOB_VERSION
Definition: wincrypt.h:2451
snprintf
#define snprintf
Definition: wintirpc.h:48
block
static unsigned int block
Definition: xmlmemory.c:101
BYTE
unsigned char BYTE
Definition: xxhash.c:193