ReactOS 0.4.16-dev-1946-g52006dd
Macros | Typedefs | Functions | Variables
crl.c File Reference
#include <assert.h>
#include <stdarg.h>
#include "windef.h"
#include "winbase.h"
#include "wincrypt.h"
#include "wine/debug.h"
#include "wine/unicode.h"
#include "crypt32_private.h"
Include dependency graph for crl.c:

Go to the source code of this file.

Macros

#define NONAMELESSUNION
 

Typedefs

typedef BOOL(* CrlCompareFunc) (PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (crypt)
 
static void CRL_free (context_t *context)
 
static context_tCRL_clone (context_t *context, WINECRYPT_CERTSTORE *store, BOOL use_link)
 
PCCRL_CONTEXT WINAPI CertCreateCRLContext (DWORD dwCertEncodingType, const BYTE *pbCrlEncoded, DWORD cbCrlEncoded)
 
BOOL WINAPI CertAddEncodedCRLToStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, const BYTE *pbCrlEncoded, DWORD cbCrlEncoded, DWORD dwAddDisposition, PCCRL_CONTEXT *ppCrlContext)
 
static BOOL compare_crl_any (PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
 
static BOOL compare_crl_issued_by (PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
 
static BOOL compare_crl_existing (PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
 
static BOOL compare_crl_issued_for (PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
 
PCCRL_CONTEXT WINAPI CertFindCRLInStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void *pvFindPara, PCCRL_CONTEXT pPrevCrlContext)
 
PCCRL_CONTEXT WINAPI CertGetCRLFromStore (HCERTSTORE hCertStore, PCCERT_CONTEXT pIssuerContext, PCCRL_CONTEXT pPrevCrlContext, DWORD *pdwFlags)
 
PCCRL_CONTEXT WINAPI CertDuplicateCRLContext (PCCRL_CONTEXT pCrlContext)
 
BOOL WINAPI CertFreeCRLContext (PCCRL_CONTEXT pCrlContext)
 
DWORD WINAPI CertEnumCRLContextProperties (PCCRL_CONTEXT pCRLContext, DWORD dwPropId)
 
static BOOL CRLContext_SetProperty (crl_t *crl, DWORD dwPropId, DWORD dwFlags, const void *pvData)
 
static BOOL CRLContext_GetHashProp (crl_t *crl, DWORD dwPropId, ALG_ID algID, const BYTE *toHash, DWORD toHashLen, void *pvData, DWORD *pcbData)
 
static BOOL CRLContext_GetProperty (crl_t *crl, DWORD dwPropId, void *pvData, DWORD *pcbData)
 
BOOL WINAPI CertGetCRLContextProperty (PCCRL_CONTEXT pCRLContext, DWORD dwPropId, void *pvData, DWORD *pcbData)
 
BOOL WINAPI CertSetCRLContextProperty (PCCRL_CONTEXT pCRLContext, DWORD dwPropId, DWORD dwFlags, const void *pvData)
 
static BOOL compare_dist_point_name (const CRL_DIST_POINT_NAME *name1, const CRL_DIST_POINT_NAME *name2)
 
static BOOL match_dist_point_with_issuing_dist_point (const CRL_DIST_POINT *distPoint, const CRL_ISSUING_DIST_POINT *idp)
 
BOOL WINAPI CertIsValidCRLForCertificate (PCCERT_CONTEXT pCert, PCCRL_CONTEXT pCrl, DWORD dwFlags, void *pvReserved)
 
static PCRL_ENTRY CRYPT_FindCertificateInCRL (PCERT_INFO cert, const CRL_INFO *crl)
 
BOOL WINAPI CertFindCertificateInCRL (PCCERT_CONTEXT pCert, PCCRL_CONTEXT pCrlContext, DWORD dwFlags, void *pvReserved, PCRL_ENTRY *ppCrlEntry)
 
BOOL WINAPI CertVerifyCRLRevocation (DWORD dwCertEncodingType, PCERT_INFO pCertId, DWORD cCrlInfo, PCRL_INFO rgpCrlInfo[])
 
LONG WINAPI CertVerifyCRLTimeValidity (LPFILETIME pTimeToVerify, PCRL_INFO pCrlInfo)
 

Variables

static const context_vtbl_t crl_vtbl
 

Macro Definition Documentation

◆ NONAMELESSUNION

#define NONAMELESSUNION

Definition at line 22 of file crl.c.

Typedef Documentation

◆ CrlCompareFunc

typedef BOOL(* CrlCompareFunc) (PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)

Definition at line 151 of file crl.c.

Function Documentation

◆ CertAddEncodedCRLToStore()

BOOL WINAPI CertAddEncodedCRLToStore ( HCERTSTORE  hCertStore,
DWORD  dwCertEncodingType,
const BYTE pbCrlEncoded,
DWORD  cbCrlEncoded,
DWORD  dwAddDisposition,
PCCRL_CONTEXT ppCrlContext 
)

Definition at line 129 of file crl.c.

132{
133 PCCRL_CONTEXT crl = CertCreateCRLContext(dwCertEncodingType,
134 pbCrlEncoded, cbCrlEncoded);
135 BOOL ret;
136
137 TRACE("(%p, %08x, %p, %d, %08x, %p)\n", hCertStore, dwCertEncodingType,
138 pbCrlEncoded, cbCrlEncoded, dwAddDisposition, ppCrlContext);
139
140 if (crl)
141 {
142 ret = CertAddCRLContextToStore(hCertStore, crl, dwAddDisposition,
143 ppCrlContext);
144 CertFreeCRLContext(crl);
145 }
146 else
147 ret = FALSE;
148 return ret;
149}
FALSE
#define FALSE
Definition: types.h:117
CertFreeCRLContext
BOOL WINAPI CertFreeCRLContext(PCCRL_CONTEXT pCrlContext)
Definition: crl.c:386
CertCreateCRLContext
PCCRL_CONTEXT WINAPI CertCreateCRLContext(DWORD dwCertEncodingType, const BYTE *pbCrlEncoded, DWORD cbCrlEncoded)
Definition: crl.c:85
CertAddCRLContextToStore
BOOL WINAPI CertAddCRLContextToStore(HCERTSTORE hCertStore, PCCRL_CONTEXT pCrlContext, DWORD dwAddDisposition, PCCRL_CONTEXT *ppStoreContext)
Definition: store.c:960
ret
return ret
Definition: mutex.c:146
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
crl
static const BYTE crl[]
Definition: message.c:817
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_CRL_CONTEXT
Definition: wincrypt.h:730

Referenced by CRYPT_MsgOpenStore(), test_crypt_ui_wiz_import(), test_I_UpdateStore(), test_verifyRevocation(), testAddCRL(), testCloseStore(), testFileNameStore(), testFileStore(), testFindCRL(), testGetCRLFromStore(), testIsValidCRLForCert(), and testVerifyRevocation().

◆ CertCreateCRLContext()

PCCRL_CONTEXT WINAPI CertCreateCRLContext ( DWORD  dwCertEncodingType,
const BYTE pbCrlEncoded,
DWORD  cbCrlEncoded 
)

Definition at line 85 of file crl.c.

87{
88 crl_t *crl = NULL;
89 BOOL ret;
90 PCRL_INFO crlInfo = NULL;
91 BYTE *data = NULL;
92 DWORD size = 0;
93
94 TRACE("(%08x, %p, %d)\n", dwCertEncodingType, pbCrlEncoded,
95 cbCrlEncoded);
96
97 if ((dwCertEncodingType & CERT_ENCODING_TYPE_MASK) != X509_ASN_ENCODING)
98 {
99 SetLastError(E_INVALIDARG);
100 return NULL;
101 }
102 ret = CryptDecodeObjectEx(dwCertEncodingType, X509_CERT_CRL_TO_BE_SIGNED,
103 pbCrlEncoded, cbCrlEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL,
104 &crlInfo, &size);
105 if (!ret)
106 return NULL;
107
108 crl = (crl_t*)Context_CreateDataContext(sizeof(CRL_CONTEXT), &crl_vtbl, &empty_store);
109 if (!crl)
110 return NULL;
111
112 data = CryptMemAlloc(cbCrlEncoded);
113 if (!data)
114 {
115 Context_Release(&crl->base);
116 return NULL;
117 }
118
119 memcpy(data, pbCrlEncoded, cbCrlEncoded);
120 crl->ctx.dwCertEncodingType = dwCertEncodingType;
121 crl->ctx.pbCrlEncoded = data;
122 crl->ctx.cbCrlEncoded = cbCrlEncoded;
123 crl->ctx.pCrlInfo = crlInfo;
124 crl->ctx.hCertStore = &empty_store;
125
126 return &crl->ctx;
127}
CryptDecodeObjectEx
BOOL WINAPI CryptDecodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
Definition: decode.c:6286
E_INVALIDARG
#define E_INVALIDARG
Definition: ddrawi.h:101
NULL
#define NULL
Definition: types.h:112
Context_Release
void Context_Release(context_t *context)
Definition: context.c:106
Context_CreateDataContext
context_t * Context_CreateDataContext(size_t contextSize, const context_vtbl_t *vtbl, WINECRYPT_CERTSTORE *store)
Definition: context.c:28
crl_vtbl
static const context_vtbl_t crl_vtbl
Definition: crl.c:40
CryptMemAlloc
LPVOID WINAPI CryptMemAlloc(ULONG cbSize)
Definition: main.c:131
empty_store
WINECRYPT_CERTSTORE empty_store
Definition: store.c:1564
SetLastError
#define SetLastError(x)
Definition: compat.h:752
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
data
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
size
GLsizeiptr size
Definition: glext.h:5919
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
_CRL_INFO
Definition: wincrypt.h:503
crl_t
Definition: crypt32_private.h:207
CERT_ENCODING_TYPE_MASK
#define CERT_ENCODING_TYPE_MASK
Definition: wincrypt.h:2494
X509_ASN_ENCODING
#define X509_ASN_ENCODING
Definition: wincrypt.h:2501
CRYPT_DECODE_ALLOC_FLAG
#define CRYPT_DECODE_ALLOC_FLAG
Definition: wincrypt.h:3612
X509_CERT_CRL_TO_BE_SIGNED
#define X509_CERT_CRL_TO_BE_SIGNED
Definition: wincrypt.h:3519
BYTE
unsigned char BYTE
Definition: xxhash.c:193

Referenced by CertAddEncodedCRLToStore(), CertCreateContext(), test_crypt_ui_wiz_import(), test_sign_message(), testAddCRL(), testCreateCRL(), testCRLProperties(), testDupCRL(), testEmptyStore(), testFindCertInCRL(), testIsValidCRLForCert(), and testVerifyCRLRevocation().

◆ CertDuplicateCRLContext()

PCCRL_CONTEXT WINAPI CertDuplicateCRLContext ( PCCRL_CONTEXT  pCrlContext)

Definition at line 378 of file crl.c.

379{
380 TRACE("(%p)\n", pCrlContext);
381 if (pCrlContext)
382 Context_AddRef(&crl_from_ptr(pCrlContext)->base);
383 return pCrlContext;
384}
crl_from_ptr
static crl_t * crl_from_ptr(const CRL_CONTEXT *ptr)
Definition: crypt32_private.h:212
Context_AddRef
void Context_AddRef(context_t *context)
Definition: context.c:78

Referenced by CertAddCRLContextToStore(), and testDupCRL().

◆ CertEnumCRLContextProperties()

DWORD WINAPI CertEnumCRLContextProperties ( PCCRL_CONTEXT  pCRLContext,
DWORD  dwPropId 
)

Definition at line 395 of file crl.c.

397{
398 TRACE("(%p, %d)\n", pCRLContext, dwPropId);
399
400 return ContextPropertyList_EnumPropIDs(crl_from_ptr(pCRLContext)->base.properties, dwPropId);
401}
ContextPropertyList_EnumPropIDs
DWORD ContextPropertyList_EnumPropIDs(CONTEXT_PROPERTY_LIST *list, DWORD id) DECLSPEC_HIDDEN
Definition: proplist.c:170

Referenced by testCRLProperties().

◆ CertFindCertificateInCRL()

BOOL WINAPI CertFindCertificateInCRL ( PCCERT_CONTEXT  pCert,
PCCRL_CONTEXT  pCrlContext,
DWORD  dwFlags,
void pvReserved,
PCRL_ENTRY ppCrlEntry 
)

Definition at line 750 of file crl.c.

753{
754 TRACE("(%p, %p, %08x, %p, %p)\n", pCert, pCrlContext, dwFlags, pvReserved,
755 ppCrlEntry);
756
757 *ppCrlEntry = CRYPT_FindCertificateInCRL(pCert->pCertInfo,
758 pCrlContext->pCrlInfo);
759 return TRUE;
760}
TRUE
#define TRUE
Definition: types.h:120
CRYPT_FindCertificateInCRL
static PCRL_ENTRY CRYPT_FindCertificateInCRL(PCERT_INFO cert, const CRL_INFO *crl)
Definition: crl.c:738
pvReserved
static LPCWSTR LPVOID pvReserved
Definition: asmcache.c:749
dwFlags
_In_ LPWSTR _In_ DWORD _In_ DWORD _In_ DWORD dwFlags
Definition: netsh.h:141
_CERT_CONTEXT::pCertInfo
PCERT_INFO pCertInfo
Definition: wincrypt.h:491
_CRL_CONTEXT::pCrlInfo
PCRL_INFO pCrlInfo
Definition: wincrypt.h:734

Referenced by testFindCertInCRL(), testFindCRL(), verify_cert_revocation_with_crl_offline(), and verify_cert_revocation_with_crl_online().

◆ CertFindCRLInStore()

PCCRL_CONTEXT WINAPI CertFindCRLInStore ( HCERTSTORE  hCertStore,
DWORD  dwCertEncodingType,
DWORD  dwFindFlags,
DWORD  dwFindType,
const void pvFindPara,
PCCRL_CONTEXT  pPrevCrlContext 
)

Definition at line 287 of file crl.c.

290{
291 PCCRL_CONTEXT ret;
292 CrlCompareFunc compare;
293
294 TRACE("(%p, %d, %d, %d, %p, %p)\n", hCertStore, dwCertEncodingType,
295 dwFindFlags, dwFindType, pvFindPara, pPrevCrlContext);
296
297 switch (dwFindType)
298 {
299 case CRL_FIND_ANY:
300 compare = compare_crl_any;
301 break;
302 case CRL_FIND_ISSUED_BY:
303 compare = compare_crl_issued_by;
304 break;
305 case CRL_FIND_EXISTING:
306 compare = compare_crl_existing;
307 break;
308 case CRL_FIND_ISSUED_FOR:
309 compare = compare_crl_issued_for;
310 break;
311 default:
312 FIXME("find type %08x unimplemented\n", dwFindType);
313 compare = NULL;
314 }
315
316 if (compare)
317 {
318 BOOL matches = FALSE;
319
320 ret = pPrevCrlContext;
321 do {
322 ret = CertEnumCRLsInStore(hCertStore, ret);
323 if (ret)
324 matches = compare(ret, dwFindType, dwFindFlags, pvFindPara);
325 } while (ret != NULL && !matches);
326 if (!ret)
327 SetLastError(CRYPT_E_NOT_FOUND);
328 }
329 else
330 {
331 SetLastError(CRYPT_E_NOT_FOUND);
332 ret = NULL;
333 }
334 return ret;
335}
compare
#define compare
Definition: CShellDesktop.cpp:45
FIXME
#define FIXME(fmt,...)
Definition: precomp.h:53
compare_crl_issued_by
static BOOL compare_crl_issued_by(PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
Definition: crl.c:160
CrlCompareFunc
BOOL(* CrlCompareFunc)(PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
Definition: crl.c:151
compare_crl_issued_for
static BOOL compare_crl_issued_for(PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
Definition: crl.c:276
compare_crl_any
static BOOL compare_crl_any(PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
Definition: crl.c:154
compare_crl_existing
static BOOL compare_crl_existing(PCCRL_CONTEXT pCrlContext, DWORD dwType, DWORD dwFlags, const void *pvPara)
Definition: crl.c:259
CertEnumCRLsInStore
PCCRL_CONTEXT WINAPI CertEnumCRLsInStore(HCERTSTORE hCertStore, PCCRL_CONTEXT pPrev)
Definition: store.c:1101
matches
#define matches(FN)
Definition: match.h:70
compare
Definition: bug.cpp:8
CRL_FIND_ANY
#define CRL_FIND_ANY
Definition: wincrypt.h:3074
CRL_FIND_ISSUED_FOR
#define CRL_FIND_ISSUED_FOR
Definition: wincrypt.h:3077
CRL_FIND_ISSUED_BY
#define CRL_FIND_ISSUED_BY
Definition: wincrypt.h:3075
CRL_FIND_EXISTING
#define CRL_FIND_EXISTING
Definition: wincrypt.h:3076
CRYPT_E_NOT_FOUND
#define CRYPT_E_NOT_FOUND
Definition: winerror.h:4421

Referenced by CertAddCRLContextToStore(), CertGetCRLFromStore(), testFindCRL(), and verify_cert_revocation().

◆ CertFreeCRLContext()

BOOL WINAPI CertFreeCRLContext ( PCCRL_CONTEXT  pCrlContext)

Definition at line 386 of file crl.c.

387{
388 TRACE("(%p)\n", pCrlContext);
389
390 if (pCrlContext)
391 Context_Release(&crl_from_ptr(pCrlContext)->base);
392 return TRUE;
393}

Referenced by CertAddCRLContextToStore(), CertAddEncodedCRLToStore(), CertDeleteCRLFromStore(), check_store_context_type(), CRL_clone(), CRYPT_CreateAny(), test_crypt_ui_wiz_import(), test_retrieveObjectByUrl(), test_sign_message(), testAddCRL(), testCloseStore(), testCreateCRL(), testCRLProperties(), testDupCRL(), testEmptyStore(), testFindCertInCRL(), testFindCRL(), testGetCRLFromStore(), testIsValidCRLForCert(), testVerifyCRLRevocation(), verify_cert_revocation(), and verify_cert_revocation_from_dist_points_ext().

◆ CertGetCRLContextProperty()

BOOL WINAPI CertGetCRLContextProperty ( PCCRL_CONTEXT  pCRLContext,
DWORD  dwPropId,
void pvData,
DWORD pcbData 
)

Definition at line 472 of file crl.c.

474{
475 BOOL ret;
476
477 TRACE("(%p, %d, %p, %p)\n", pCRLContext, dwPropId, pvData, pcbData);
478
479 switch (dwPropId)
480 {
481 case 0:
482 case CERT_CERT_PROP_ID:
483 case CERT_CRL_PROP_ID:
484 case CERT_CTL_PROP_ID:
485 SetLastError(E_INVALIDARG);
486 ret = FALSE;
487 break;
488 case CERT_ACCESS_STATE_PROP_ID:
489 if (!pvData)
490 {
491 *pcbData = sizeof(DWORD);
492 ret = TRUE;
493 }
494 else if (*pcbData < sizeof(DWORD))
495 {
496 SetLastError(ERROR_MORE_DATA);
497 *pcbData = sizeof(DWORD);
498 ret = FALSE;
499 }
500 else
501 {
502 ret = CertGetStoreProperty(pCRLContext->hCertStore, dwPropId, pvData, pcbData);
503 }
504 break;
505 default:
506 ret = CRLContext_GetProperty(crl_from_ptr(pCRLContext), dwPropId, pvData, pcbData);
507 }
508 return ret;
509}
CERT_CTL_PROP_ID
#define CERT_CTL_PROP_ID
Definition: crypt32_private.h:148
CERT_CRL_PROP_ID
#define CERT_CRL_PROP_ID
Definition: crypt32_private.h:147
CERT_CERT_PROP_ID
#define CERT_CERT_PROP_ID
Definition: crypt32_private.h:146
ERROR_MORE_DATA
#define ERROR_MORE_DATA
Definition: dderror.h:13
CRLContext_GetProperty
static BOOL CRLContext_GetProperty(crl_t *crl, DWORD dwPropId, void *pvData, DWORD *pcbData)
Definition: crl.c:421
CertGetStoreProperty
BOOL WINAPI CertGetStoreProperty(HCERTSTORE hCertStore, DWORD dwPropId, void *pvData, DWORD *pcbData)
Definition: store.c:1172
pvData
_In_ LPWSTR _In_ DWORD _In_ LPCVOID pvData
Definition: netsh.h:116
DWORD
#define DWORD
Definition: nt_native.h:44
pcbData
_In_ _Out_writes_opt_ pcchValueName _Inout_opt_ LPDWORD _Out_opt_ _Out_writes_bytes_to_opt_ pcbData _Inout_opt_ LPDWORD pcbData
Definition: shlwapi.h:757
_CRL_CONTEXT::hCertStore
HCERTSTORE hCertStore
Definition: wincrypt.h:735
CERT_ACCESS_STATE_PROP_ID
#define CERT_ACCESS_STATE_PROP_ID
Definition: wincrypt.h:2847

Referenced by checkCRLHash(), and testCRLProperties().

◆ CertGetCRLFromStore()

PCCRL_CONTEXT WINAPI CertGetCRLFromStore ( HCERTSTORE  hCertStore,
PCCERT_CONTEXT  pIssuerContext,
PCCRL_CONTEXT  pPrevCrlContext,
DWORD pdwFlags 
)

Definition at line 337 of file crl.c.

339{
340 static const DWORD supportedFlags = CERT_STORE_SIGNATURE_FLAG |
341 CERT_STORE_TIME_VALIDITY_FLAG | CERT_STORE_BASE_CRL_FLAG |
342 CERT_STORE_DELTA_CRL_FLAG;
343 PCCRL_CONTEXT ret;
344
345 TRACE("(%p, %p, %p, %08x)\n", hCertStore, pIssuerContext, pPrevCrlContext,
346 *pdwFlags);
347
348 if (*pdwFlags & ~supportedFlags)
349 {
350 SetLastError(E_INVALIDARG);
351 return NULL;
352 }
353 if (pIssuerContext)
354 ret = CertFindCRLInStore(hCertStore, pIssuerContext->dwCertEncodingType,
355 0, CRL_FIND_ISSUED_BY, pIssuerContext, pPrevCrlContext);
356 else
357 ret = CertFindCRLInStore(hCertStore, 0, 0, CRL_FIND_ANY, NULL,
358 pPrevCrlContext);
359 if (ret)
360 {
361 if (*pdwFlags & CERT_STORE_TIME_VALIDITY_FLAG)
362 {
363 if (0 == CertVerifyCRLTimeValidity(NULL, ret->pCrlInfo))
364 *pdwFlags &= ~CERT_STORE_TIME_VALIDITY_FLAG;
365 }
366 if (*pdwFlags & CERT_STORE_SIGNATURE_FLAG)
367 {
368 if (CryptVerifyCertificateSignatureEx(0, ret->dwCertEncodingType,
369 CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL, (void *)ret,
370 CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, (void *)pIssuerContext, 0,
371 NULL))
372 *pdwFlags &= ~CERT_STORE_SIGNATURE_FLAG;
373 }
374 }
375 return ret;
376}
CryptVerifyCertificateSignatureEx
BOOL WINAPI CryptVerifyCertificateSignatureEx(HCRYPTPROV_LEGACY hCryptProv, DWORD dwCertEncodingType, DWORD dwSubjectType, void *pvSubject, DWORD dwIssuerType, void *pvIssuer, DWORD dwFlags, void *pvReserved)
Definition: cert.c:2717
CertFindCRLInStore
PCCRL_CONTEXT WINAPI CertFindCRLInStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void *pvFindPara, PCCRL_CONTEXT pPrevCrlContext)
Definition: crl.c:287
CertVerifyCRLTimeValidity
LONG WINAPI CertVerifyCRLTimeValidity(LPFILETIME pTimeToVerify, PCRL_INFO pCrlInfo)
Definition: crl.c:776
_CERT_CONTEXT::dwCertEncodingType
DWORD dwCertEncodingType
Definition: wincrypt.h:488
CERT_STORE_BASE_CRL_FLAG
#define CERT_STORE_BASE_CRL_FLAG
Definition: wincrypt.h:3622
CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL
#define CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL
Definition: wincrypt.h:3628
CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT
#define CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT
Definition: wincrypt.h:3632
CERT_STORE_SIGNATURE_FLAG
#define CERT_STORE_SIGNATURE_FLAG
Definition: wincrypt.h:3616
CERT_STORE_TIME_VALIDITY_FLAG
#define CERT_STORE_TIME_VALIDITY_FLAG
Definition: wincrypt.h:3617
CERT_STORE_DELTA_CRL_FLAG
#define CERT_STORE_DELTA_CRL_FLAG
Definition: wincrypt.h:3623

Referenced by CertVerifySubjectCertificateContext(), and testGetCRLFromStore().

◆ CertIsValidCRLForCertificate()

BOOL WINAPI CertIsValidCRLForCertificate ( PCCERT_CONTEXT  pCert,
PCCRL_CONTEXT  pCrl,
DWORD  dwFlags,
void pvReserved 
)

Definition at line 681 of file crl.c.

683{
684 PCERT_EXTENSION ext;
685 BOOL ret;
686
687 TRACE("(%p, %p, %08x, %p)\n", pCert, pCrl, dwFlags, pvReserved);
688
689 if (!pCert)
690 return TRUE;
691
692 if ((ext = CertFindExtension(szOID_ISSUING_DIST_POINT,
693 pCrl->pCrlInfo->cExtension, pCrl->pCrlInfo->rgExtension)))
694 {
695 CRL_ISSUING_DIST_POINT *idp;
696 DWORD size;
697
698 if ((ret = CryptDecodeObjectEx(pCrl->dwCertEncodingType,
699 X509_ISSUING_DIST_POINT, ext->Value.pbData, ext->Value.cbData,
700 CRYPT_DECODE_ALLOC_FLAG, NULL, &idp, &size)))
701 {
702 if ((ext = CertFindExtension(szOID_CRL_DIST_POINTS,
703 pCert->pCertInfo->cExtension, pCert->pCertInfo->rgExtension)))
704 {
705 CRL_DIST_POINTS_INFO *distPoints;
706
707 if ((ret = CryptDecodeObjectEx(pCert->dwCertEncodingType,
708 X509_CRL_DIST_POINTS, ext->Value.pbData, ext->Value.cbData,
709 CRYPT_DECODE_ALLOC_FLAG, NULL, &distPoints, &size)))
710 {
711 DWORD i;
712
713 ret = FALSE;
714 for (i = 0; !ret && i < distPoints->cDistPoint; i++)
715 ret = match_dist_point_with_issuing_dist_point(
716 &distPoints->rgDistPoint[i], idp);
717 if (!ret)
718 SetLastError(CRYPT_E_NO_MATCH);
719 LocalFree(distPoints);
720 }
721 }
722 else
723 {
724 /* no CRL dist points extension in cert, can't match the CRL
725 * (which has an issuing dist point extension)
726 */
727 ret = FALSE;
728 SetLastError(CRYPT_E_NO_MATCH);
729 }
730 LocalFree(idp);
731 }
732 }
733 else
734 ret = TRUE;
735 return ret;
736}
CertFindExtension
PCERT_EXTENSION WINAPI CertFindExtension(LPCSTR pszObjId, DWORD cExtensions, CERT_EXTENSION rgExtensions[])
Definition: cert.c:2028
match_dist_point_with_issuing_dist_point
static BOOL match_dist_point_with_issuing_dist_point(const CRL_DIST_POINT *distPoint, const CRL_ISSUING_DIST_POINT *idp)
Definition: crl.c:646
ext
static const WCHAR *const ext[]
Definition: module.c:53
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
_CERT_EXTENSION
Definition: wincrypt.h:238
_CERT_INFO::rgExtension
PCERT_EXTENSION rgExtension
Definition: wincrypt.h:261
_CERT_INFO::cExtension
DWORD cExtension
Definition: wincrypt.h:260
_CRL_CONTEXT::dwCertEncodingType
DWORD dwCertEncodingType
Definition: wincrypt.h:731
_CRL_DIST_POINTS_INFO
Definition: wincrypt.h:540
_CRL_DIST_POINTS_INFO::rgDistPoint
PCRL_DIST_POINT rgDistPoint
Definition: wincrypt.h:542
_CRL_DIST_POINTS_INFO::cDistPoint
DWORD cDistPoint
Definition: wincrypt.h:541
_CRL_INFO::cExtension
DWORD cExtension
Definition: wincrypt.h:511
_CRL_INFO::rgExtension
PCERT_EXTENSION rgExtension
Definition: wincrypt.h:512
_CRL_ISSUING_DIST_POINT
Definition: wincrypt.h:575
X509_ISSUING_DIST_POINT
#define X509_ISSUING_DIST_POINT
Definition: wincrypt.h:3576
szOID_CRL_DIST_POINTS
#define szOID_CRL_DIST_POINTS
Definition: wincrypt.h:3352
szOID_ISSUING_DIST_POINT
#define szOID_ISSUING_DIST_POINT
Definition: wincrypt.h:3350
X509_CRL_DIST_POINTS
#define X509_CRL_DIST_POINTS
Definition: wincrypt.h:3554
CRYPT_E_NO_MATCH
#define CRYPT_E_NO_MATCH
Definition: winerror.h:4426

Referenced by testIsValidCRLForCert().

◆ CertSetCRLContextProperty()

BOOL WINAPI CertSetCRLContextProperty ( PCCRL_CONTEXT  pCRLContext,
DWORD  dwPropId,
DWORD  dwFlags,
const void pvData 
)

Definition at line 566 of file crl.c.

568{
569 BOOL ret;
570
571 TRACE("(%p, %d, %08x, %p)\n", pCRLContext, dwPropId, dwFlags, pvData);
572
573 /* Handle special cases for "read-only"/invalid prop IDs. Windows just
574 * crashes on most of these, I'll be safer.
575 */
576 switch (dwPropId)
577 {
578 case 0:
579 case CERT_ACCESS_STATE_PROP_ID:
580 case CERT_CERT_PROP_ID:
581 case CERT_CRL_PROP_ID:
582 case CERT_CTL_PROP_ID:
583 SetLastError(E_INVALIDARG);
584 return FALSE;
585 }
586 ret = CRLContext_SetProperty(crl_from_ptr(pCRLContext), dwPropId, dwFlags, pvData);
587 TRACE("returning %d\n", ret);
588 return ret;
589}
CRLContext_SetProperty
static BOOL CRLContext_SetProperty(crl_t *crl, DWORD dwPropId, DWORD dwFlags, const void *pvData)
Definition: crl.c:511

Referenced by testCRLProperties().

◆ CertVerifyCRLRevocation()

BOOL WINAPI CertVerifyCRLRevocation ( DWORD  dwCertEncodingType,
PCERT_INFO  pCertId,
DWORD  cCrlInfo,
PCRL_INFO  rgpCrlInfo[] 
)

Definition at line 762 of file crl.c.

764{
765 DWORD i;
766 PCRL_ENTRY entry = NULL;
767
768 TRACE("(%08x, %p, %d, %p)\n", dwCertEncodingType, pCertId, cCrlInfo,
769 rgpCrlInfo);
770
771 for (i = 0; !entry && i < cCrlInfo; i++)
772 entry = CRYPT_FindCertificateInCRL(pCertId, rgpCrlInfo[i]);
773 return entry == NULL;
774}
entry
uint32_t entry
Definition: isohybrid.c:63
_CRL_ENTRY
Definition: wincrypt.h:496

Referenced by CertVerifySubjectCertificateContext(), and testVerifyCRLRevocation().

◆ CertVerifyCRLTimeValidity()

LONG WINAPI CertVerifyCRLTimeValidity ( LPFILETIME  pTimeToVerify,
PCRL_INFO  pCrlInfo 
)

Definition at line 776 of file crl.c.

778{
779 FILETIME fileTime;
780 LONG ret;
781
782 if (!pTimeToVerify)
783 {
784 GetSystemTimeAsFileTime(&fileTime);
785 pTimeToVerify = &fileTime;
786 }
787 if ((ret = CompareFileTime(pTimeToVerify, &pCrlInfo->ThisUpdate)) >= 0)
788 {
789 ret = CompareFileTime(pTimeToVerify, &pCrlInfo->NextUpdate);
790 if (ret < 0)
791 ret = 0;
792 }
793 return ret;
794}
GetSystemTimeAsFileTime
VOID WINAPI GetSystemTimeAsFileTime(OUT PFILETIME lpFileTime)
Definition: time.c:128
CompareFileTime
LONG WINAPI CompareFileTime(IN CONST FILETIME *lpFileTime1, IN CONST FILETIME *lpFileTime2)
Definition: time.c:106
LONG
long LONG
Definition: pedump.c:60
_CRL_INFO::NextUpdate
FILETIME NextUpdate
Definition: wincrypt.h:508
_CRL_INFO::ThisUpdate
FILETIME ThisUpdate
Definition: wincrypt.h:507
_FILETIME
Definition: mapidefs.h:60

Referenced by CertGetCRLFromStore().

◆ compare_crl_any()

static BOOL compare_crl_any ( PCCRL_CONTEXT  pCrlContext,
DWORD  dwType,
DWORD  dwFlags,
const void pvPara 
)
static

Definition at line 154 of file crl.c.

156{
157 return TRUE;
158}

Referenced by CertFindCRLInStore().

◆ compare_crl_existing()

static BOOL compare_crl_existing ( PCCRL_CONTEXT  pCrlContext,
DWORD  dwType,
DWORD  dwFlags,
const void pvPara 
)
static

Definition at line 259 of file crl.c.

261{
262 BOOL ret;
263
264 if (pvPara)
265 {
266 PCCRL_CONTEXT crl = pvPara;
267
268 ret = CertCompareCertificateName(pCrlContext->dwCertEncodingType,
269 &pCrlContext->pCrlInfo->Issuer, &crl->pCrlInfo->Issuer);
270 }
271 else
272 ret = TRUE;
273 return ret;
274}
CertCompareCertificateName
BOOL WINAPI CertCompareCertificateName(DWORD dwCertEncodingType, PCERT_NAME_BLOB pCertName1, PCERT_NAME_BLOB pCertName2)
Definition: cert.c:1180
_CRL_INFO::Issuer
CERT_NAME_BLOB Issuer
Definition: wincrypt.h:506

Referenced by CertFindCRLInStore().

◆ compare_crl_issued_by()

static BOOL compare_crl_issued_by ( PCCRL_CONTEXT  pCrlContext,
DWORD  dwType,
DWORD  dwFlags,
const void pvPara 
)
static

Definition at line 160 of file crl.c.

162{
163 BOOL ret;
164
165 if (pvPara)
166 {
167 PCCERT_CONTEXT issuer = pvPara;
168
169 ret = CertCompareCertificateName(issuer->dwCertEncodingType,
170 &issuer->pCertInfo->Subject, &pCrlContext->pCrlInfo->Issuer);
171 if (ret && (dwFlags & CRL_FIND_ISSUED_BY_SIGNATURE_FLAG))
172 ret = CryptVerifyCertificateSignatureEx(0,
173 issuer->dwCertEncodingType,
174 CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL, (void *)pCrlContext,
175 CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, (void *)issuer, 0, NULL);
176 if (ret && (dwFlags & CRL_FIND_ISSUED_BY_AKI_FLAG))
177 {
178 PCERT_EXTENSION ext = CertFindExtension(
179 szOID_AUTHORITY_KEY_IDENTIFIER2, pCrlContext->pCrlInfo->cExtension,
180 pCrlContext->pCrlInfo->rgExtension);
181
182 if (ext)
183 {
184 CERT_AUTHORITY_KEY_ID2_INFO *info;
185 DWORD size;
186
187 if ((ret = CryptDecodeObjectEx(X509_ASN_ENCODING,
188 X509_AUTHORITY_KEY_ID2, ext->Value.pbData, ext->Value.cbData,
189 CRYPT_DECODE_ALLOC_FLAG, NULL, &info, &size)))
190 {
191 if (info->AuthorityCertIssuer.cAltEntry &&
192 info->AuthorityCertSerialNumber.cbData)
193 {
194 PCERT_ALT_NAME_ENTRY directoryName = NULL;
195 DWORD i;
196
197 for (i = 0; !directoryName &&
198 i < info->AuthorityCertIssuer.cAltEntry; i++)
199 if (info->AuthorityCertIssuer.rgAltEntry[i].
200 dwAltNameChoice == CERT_ALT_NAME_DIRECTORY_NAME)
201 directoryName =
202 &info->AuthorityCertIssuer.rgAltEntry[i];
203 if (directoryName)
204 {
205 ret = CertCompareCertificateName(
206 issuer->dwCertEncodingType,
207 &issuer->pCertInfo->Subject,
208 &directoryName->u.DirectoryName);
209 if (ret)
210 ret = CertCompareIntegerBlob(
211 &issuer->pCertInfo->SerialNumber,
212 &info->AuthorityCertSerialNumber);
213 }
214 else
215 {
216 FIXME("no supported name type in authority key id2\n");
217 ret = FALSE;
218 }
219 }
220 else if (info->KeyId.cbData)
221 {
222 DWORD size;
223
224 ret = CertGetCertificateContextProperty(issuer,
225 CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size);
226 if (ret && size == info->KeyId.cbData)
227 {
228 LPBYTE buf = CryptMemAlloc(size);
229
230 if (buf)
231 {
232 CertGetCertificateContextProperty(issuer,
233 CERT_KEY_IDENTIFIER_PROP_ID, buf, &size);
234 ret = !memcmp(buf, info->KeyId.pbData, size);
235 CryptMemFree(buf);
236 }
237 else
238 ret = FALSE;
239 }
240 else
241 ret = FALSE;
242 }
243 else
244 {
245 FIXME("unsupported value for AKI extension\n");
246 ret = FALSE;
247 }
248 LocalFree(info);
249 }
250 }
251 /* else: a CRL without an AKI matches any cert */
252 }
253 }
254 else
255 ret = TRUE;
256 return ret;
257}
memcmp
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
Definition: utclib.c:112
CertGetCertificateContextProperty
BOOL WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT pCertContext, DWORD dwPropId, void *pvData, DWORD *pcbData)
Definition: cert.c:551
CertCompareIntegerBlob
BOOL WINAPI CertCompareIntegerBlob(PCRYPT_INTEGER_BLOB pInt1, PCRYPT_INTEGER_BLOB pInt2)
Definition: cert.c:1221
CryptMemFree
VOID WINAPI CryptMemFree(LPVOID pv)
Definition: main.c:141
issuer
static WCHAR issuer[MAX_STRING_RESOURCE_LEN]
Definition: object.c:1905
buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
_CERT_ALT_NAME_ENTRY
Definition: wincrypt.h:341
_CERT_ALT_NAME_ENTRY::DirectoryName
CERT_NAME_BLOB DirectoryName
Definition: wincrypt.h:347
_CERT_AUTHORITY_KEY_ID2_INFO
Definition: wincrypt.h:471
_CERT_CONTEXT
Definition: wincrypt.h:487
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
X509_AUTHORITY_KEY_ID2
#define X509_AUTHORITY_KEY_ID2
Definition: wincrypt.h:3550
CRL_FIND_ISSUED_BY_AKI_FLAG
#define CRL_FIND_ISSUED_BY_AKI_FLAG
Definition: wincrypt.h:3079
CERT_KEY_IDENTIFIER_PROP_ID
#define CERT_KEY_IDENTIFIER_PROP_ID
Definition: wincrypt.h:2853
CERT_ALT_NAME_DIRECTORY_NAME
#define CERT_ALT_NAME_DIRECTORY_NAME
Definition: wincrypt.h:358
CRL_FIND_ISSUED_BY_SIGNATURE_FLAG
#define CRL_FIND_ISSUED_BY_SIGNATURE_FLAG
Definition: wincrypt.h:3080
szOID_AUTHORITY_KEY_IDENTIFIER2
#define szOID_AUTHORITY_KEY_IDENTIFIER2
Definition: wincrypt.h:3356

Referenced by CertFindCRLInStore().

◆ compare_crl_issued_for()

static BOOL compare_crl_issued_for ( PCCRL_CONTEXT  pCrlContext,
DWORD  dwType,
DWORD  dwFlags,
const void pvPara 
)
static

Definition at line 276 of file crl.c.

278{
279 const CRL_FIND_ISSUED_FOR_PARA *para = pvPara;
280 BOOL ret;
281
282 ret = CertCompareCertificateName(para->pIssuerCert->dwCertEncodingType,
283 &para->pIssuerCert->pCertInfo->Issuer, &pCrlContext->pCrlInfo->Issuer);
284 return ret;
285}
_CERT_INFO::Issuer
CERT_NAME_BLOB Issuer
Definition: wincrypt.h:253
_CRL_FIND_ISSUED_FOR_PARA
Definition: wincrypt.h:3085
_CRL_FIND_ISSUED_FOR_PARA::pIssuerCert
PCCERT_CONTEXT pIssuerCert
Definition: wincrypt.h:3087

Referenced by CertFindCRLInStore().

◆ compare_dist_point_name()

static BOOL compare_dist_point_name ( const CRL_DIST_POINT_NAME name1,
const CRL_DIST_POINT_NAME name2 
)
static

Definition at line 591 of file crl.c.

593{
594 BOOL match;
595
596 if (name1->dwDistPointNameChoice == name2->dwDistPointNameChoice)
597 {
598 match = TRUE;
599 if (name1->dwDistPointNameChoice == CRL_DIST_POINT_FULL_NAME)
600 {
601 if (name1->u.FullName.cAltEntry == name2->u.FullName.cAltEntry)
602 {
603 DWORD i;
604
605 for (i = 0; match && i < name1->u.FullName.cAltEntry; i++)
606 {
607 const CERT_ALT_NAME_ENTRY *entry1 =
608 &name1->u.FullName.rgAltEntry[i];
609 const CERT_ALT_NAME_ENTRY *entry2 =
610 &name2->u.FullName.rgAltEntry[i];
611
612 if (entry1->dwAltNameChoice == entry2->dwAltNameChoice)
613 {
614 switch (entry1->dwAltNameChoice)
615 {
616 case CERT_ALT_NAME_URL:
617 match = !strcmpiW(entry1->u.pwszURL,
618 entry2->u.pwszURL);
619 break;
620 case CERT_ALT_NAME_DIRECTORY_NAME:
621 match = (entry1->u.DirectoryName.cbData ==
622 entry2->u.DirectoryName.cbData) &&
623 !memcmp(entry1->u.DirectoryName.pbData,
624 entry2->u.DirectoryName.pbData,
625 entry1->u.DirectoryName.cbData);
626 break;
627 default:
628 FIXME("unimplemented for type %d\n",
629 entry1->dwAltNameChoice);
630 match = FALSE;
631 }
632 }
633 else
634 match = FALSE;
635 }
636 }
637 else
638 match = FALSE;
639 }
640 }
641 else
642 match = FALSE;
643 return match;
644}
name1
static WCHAR name1[]
Definition: record.c:34
name2
static WCHAR name2[]
Definition: record.c:35
_CERT_ALT_NAME_ENTRY::pwszURL
LPWSTR pwszURL
Definition: wincrypt.h:348
_CERT_ALT_NAME_ENTRY::dwAltNameChoice
DWORD dwAltNameChoice
Definition: wincrypt.h:342
_CRYPTOAPI_BLOB::cbData
DWORD cbData
Definition: wincrypt.h:111
_CRYPTOAPI_BLOB::pbData
BYTE * pbData
Definition: wincrypt.h:112
match
Definition: match.c:28
CERT_ALT_NAME_URL
#define CERT_ALT_NAME_URL
Definition: wincrypt.h:360
CRL_DIST_POINT_FULL_NAME
#define CRL_DIST_POINT_FULL_NAME
Definition: wincrypt.h:523
strcmpiW
#define strcmpiW(s1, s2)
Definition: unicode.h:45

Referenced by match_dist_point_with_issuing_dist_point().

◆ CRL_clone()

static context_t * CRL_clone ( context_t context,
WINECRYPT_CERTSTORE store,
BOOL  use_link 
)
static

Definition at line 42 of file crl.c.

43{
44 crl_t *crl;
45
46 if(use_link) {
47 crl = (crl_t*)Context_CreateLinkContext(sizeof(CRL_CONTEXT), context, store);
48 if(!crl)
49 return NULL;
50 }else {
51 const crl_t *cloned = (const crl_t*)context;
52 DWORD size = 0;
53 BOOL res;
54
55 crl = (crl_t*)Context_CreateDataContext(sizeof(CRL_CONTEXT), &crl_vtbl, store);
56 if(!crl)
57 return NULL;
58
59 Context_CopyProperties(&crl->ctx, &cloned->ctx);
60
61 crl->ctx.dwCertEncodingType = cloned->ctx.dwCertEncodingType;
62 crl->ctx.pbCrlEncoded = CryptMemAlloc(cloned->ctx.cbCrlEncoded);
63 memcpy(crl->ctx.pbCrlEncoded, cloned->ctx.pbCrlEncoded, cloned->ctx.cbCrlEncoded);
64 crl->ctx.cbCrlEncoded = cloned->ctx.cbCrlEncoded;
65
66 /* FIXME: We don't need to decode the object here, we could just clone crl info. */
67 res = CryptDecodeObjectEx(crl->ctx.dwCertEncodingType, X509_CERT_CRL_TO_BE_SIGNED,
68 crl->ctx.pbCrlEncoded, crl->ctx.cbCrlEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL,
69 &crl->ctx.pCrlInfo, &size);
70 if(!res) {
71 CertFreeCRLContext(&crl->ctx);
72 return NULL;
73 }
74 }
75
76 crl->ctx.hCertStore = store;
77 return &crl->base;
78}
Context_CreateLinkContext
context_t * Context_CreateLinkContext(unsigned int contextSize, context_t *linked, WINECRYPT_CERTSTORE *store)
Definition: context.c:54
Context_CopyProperties
void Context_CopyProperties(const void *to, const void *from)
Definition: context.c:123
res
GLuint res
Definition: glext.h:9613
_CRL_CONTEXT::cbCrlEncoded
DWORD cbCrlEncoded
Definition: wincrypt.h:733
_CRL_CONTEXT::pbCrlEncoded
BYTE * pbCrlEncoded
Definition: wincrypt.h:732
context
Definition: http.c:7252
crl_t::ctx
CRL_CONTEXT ctx
Definition: crypt32_private.h:209

◆ CRL_free()

static void CRL_free ( context_t context)
static

Definition at line 32 of file crl.c.

33{
34 crl_t *crl = (crl_t*)context;
35
36 CryptMemFree(crl->ctx.pbCrlEncoded);
37 LocalFree(crl->ctx.pCrlInfo);
38}

◆ CRLContext_GetHashProp()

static BOOL CRLContext_GetHashProp ( crl_t crl,
DWORD  dwPropId,
ALG_ID  algID,
const BYTE toHash,
DWORD  toHashLen,
void pvData,
DWORD pcbData 
)
static

Definition at line 406 of file crl.c.

409{
410 BOOL ret = CryptHashCertificate(0, algID, 0, toHash, toHashLen, pvData,
411 pcbData);
412 if (ret && pvData)
413 {
414 CRYPT_DATA_BLOB blob = { *pcbData, pvData };
415
416 ret = CRLContext_SetProperty(crl, dwPropId, 0, &blob);
417 }
418 return ret;
419}
CryptHashCertificate
BOOL WINAPI CryptHashCertificate(HCRYPTPROV_LEGACY hCryptProv, ALG_ID Algid, DWORD dwFlags, const BYTE *pbEncoded, DWORD cbEncoded, BYTE *pbComputedHash, DWORD *pcbComputedHash)
Definition: cert.c:2187
_CRYPTOAPI_BLOB
Definition: wincrypt.h:110
blob
Definition: image.c:134

Referenced by CRLContext_GetProperty().

◆ CRLContext_GetProperty()

static BOOL CRLContext_GetProperty ( crl_t crl,
DWORD  dwPropId,
void pvData,
DWORD pcbData 
)
static

Definition at line 421 of file crl.c.

423{
424 BOOL ret;
425 CRYPT_DATA_BLOB blob;
426
427 TRACE("(%p, %d, %p, %p)\n", crl, dwPropId, pvData, pcbData);
428
429 if (crl->base.properties)
430 ret = ContextPropertyList_FindProperty(crl->base.properties, dwPropId, &blob);
431 else
432 ret = FALSE;
433 if (ret)
434 {
435 if (!pvData)
436 *pcbData = blob.cbData;
437 else if (*pcbData < blob.cbData)
438 {
439 SetLastError(ERROR_MORE_DATA);
440 *pcbData = blob.cbData;
441 ret = FALSE;
442 }
443 else
444 {
445 memcpy(pvData, blob.pbData, blob.cbData);
446 *pcbData = blob.cbData;
447 }
448 }
449 else
450 {
451 /* Implicit properties */
452 switch (dwPropId)
453 {
454 case CERT_SHA1_HASH_PROP_ID:
455 ret = CRLContext_GetHashProp(crl, dwPropId, CALG_SHA1,
456 crl->ctx.pbCrlEncoded, crl->ctx.cbCrlEncoded, pvData,
457 pcbData);
458 break;
459 case CERT_MD5_HASH_PROP_ID:
460 ret = CRLContext_GetHashProp(crl, dwPropId, CALG_MD5,
461 crl->ctx.pbCrlEncoded, crl->ctx.cbCrlEncoded, pvData,
462 pcbData);
463 break;
464 default:
465 SetLastError(CRYPT_E_NOT_FOUND);
466 }
467 }
468 TRACE("returning %d\n", ret);
469 return ret;
470}
ContextPropertyList_FindProperty
BOOL ContextPropertyList_FindProperty(CONTEXT_PROPERTY_LIST *list, DWORD id, PCRYPT_DATA_BLOB blob) DECLSPEC_HIDDEN
Definition: proplist.c:72
CRLContext_GetHashProp
static BOOL CRLContext_GetHashProp(crl_t *crl, DWORD dwPropId, ALG_ID algID, const BYTE *toHash, DWORD toHashLen, void *pvData, DWORD *pcbData)
Definition: crl.c:406
CERT_MD5_HASH_PROP_ID
#define CERT_MD5_HASH_PROP_ID
Definition: wincrypt.h:2836
CALG_SHA1
#define CALG_SHA1
Definition: wincrypt.h:2060
CALG_MD5
#define CALG_MD5
Definition: wincrypt.h:2058
CERT_SHA1_HASH_PROP_ID
#define CERT_SHA1_HASH_PROP_ID
Definition: wincrypt.h:2834

Referenced by CertGetCRLContextProperty().

◆ CRLContext_SetProperty()

static BOOL CRLContext_SetProperty ( crl_t crl,
DWORD  dwPropId,
DWORD  dwFlags,
const void pvData 
)
static

Definition at line 511 of file crl.c.

513{
514 BOOL ret;
515
516 TRACE("(%p, %d, %08x, %p)\n", crl, dwPropId, dwFlags, pvData);
517
518 if (!crl->base.properties)
519 ret = FALSE;
520 else if (!pvData)
521 {
522 ContextPropertyList_RemoveProperty(crl->base.properties, dwPropId);
523 ret = TRUE;
524 }
525 else
526 {
527 switch (dwPropId)
528 {
529 case CERT_AUTO_ENROLL_PROP_ID:
530 case CERT_CTL_USAGE_PROP_ID: /* same as CERT_ENHKEY_USAGE_PROP_ID */
531 case CERT_DESCRIPTION_PROP_ID:
532 case CERT_FRIENDLY_NAME_PROP_ID:
533 case CERT_HASH_PROP_ID:
534 case CERT_KEY_IDENTIFIER_PROP_ID:
535 case CERT_MD5_HASH_PROP_ID:
536 case CERT_NEXT_UPDATE_LOCATION_PROP_ID:
537 case CERT_PUBKEY_ALG_PARA_PROP_ID:
538 case CERT_PVK_FILE_PROP_ID:
539 case CERT_SIGNATURE_HASH_PROP_ID:
540 case CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID:
541 case CERT_SUBJECT_NAME_MD5_HASH_PROP_ID:
542 case CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID:
543 case CERT_ENROLLMENT_PROP_ID:
544 case CERT_CROSS_CERT_DIST_POINTS_PROP_ID:
545 case CERT_RENEWAL_PROP_ID:
546 {
547 PCRYPT_DATA_BLOB blob = (PCRYPT_DATA_BLOB)pvData;
548
549 ret = ContextPropertyList_SetProperty(crl->base.properties, dwPropId,
550 blob->pbData, blob->cbData);
551 break;
552 }
553 case CERT_DATE_STAMP_PROP_ID:
554 ret = ContextPropertyList_SetProperty(crl->base.properties, dwPropId,
555 pvData, sizeof(FILETIME));
556 break;
557 default:
558 FIXME("%d: stub\n", dwPropId);
559 ret = FALSE;
560 }
561 }
562 TRACE("returning %d\n", ret);
563 return ret;
564}
ContextPropertyList_SetProperty
BOOL ContextPropertyList_SetProperty(CONTEXT_PROPERTY_LIST *list, DWORD id, const BYTE *pbData, size_t cbData) DECLSPEC_HIDDEN
Definition: proplist.c:95
ContextPropertyList_RemoveProperty
void ContextPropertyList_RemoveProperty(CONTEXT_PROPERTY_LIST *list, DWORD id) DECLSPEC_HIDDEN
Definition: proplist.c:149
CERT_PVK_FILE_PROP_ID
#define CERT_PVK_FILE_PROP_ID
Definition: wincrypt.h:2845
CERT_CROSS_CERT_DIST_POINTS_PROP_ID
#define CERT_CROSS_CERT_DIST_POINTS_PROP_ID
Definition: wincrypt.h:2856
CERT_ENROLLMENT_PROP_ID
#define CERT_ENROLLMENT_PROP_ID
Definition: wincrypt.h:2859
CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID
#define CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID
Definition: wincrypt.h:2857
CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID
#define CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID
Definition: wincrypt.h:2858
CERT_DESCRIPTION_PROP_ID
#define CERT_DESCRIPTION_PROP_ID
Definition: wincrypt.h:2846
PCRYPT_DATA_BLOB
struct _CRYPTOAPI_BLOB * PCRYPT_DATA_BLOB
CERT_NEXT_UPDATE_LOCATION_PROP_ID
#define CERT_NEXT_UPDATE_LOCATION_PROP_ID
Definition: wincrypt.h:2843
CERT_PUBKEY_ALG_PARA_PROP_ID
#define CERT_PUBKEY_ALG_PARA_PROP_ID
Definition: wincrypt.h:2855
CERT_AUTO_ENROLL_PROP_ID
#define CERT_AUTO_ENROLL_PROP_ID
Definition: wincrypt.h:2854
CERT_FRIENDLY_NAME_PROP_ID
#define CERT_FRIENDLY_NAME_PROP_ID
Definition: wincrypt.h:2844
CERT_CTL_USAGE_PROP_ID
#define CERT_CTL_USAGE_PROP_ID
Definition: wincrypt.h:2842
CERT_HASH_PROP_ID
#define CERT_HASH_PROP_ID
Definition: wincrypt.h:2835
CERT_RENEWAL_PROP_ID
#define CERT_RENEWAL_PROP_ID
Definition: wincrypt.h:2871
CERT_SIGNATURE_HASH_PROP_ID
#define CERT_SIGNATURE_HASH_PROP_ID
Definition: wincrypt.h:2848
CERT_SUBJECT_NAME_MD5_HASH_PROP_ID
#define CERT_SUBJECT_NAME_MD5_HASH_PROP_ID
Definition: wincrypt.h:2862
CERT_DATE_STAMP_PROP_ID
#define CERT_DATE_STAMP_PROP_ID
Definition: wincrypt.h:2860

Referenced by CertSetCRLContextProperty(), and CRLContext_GetHashProp().

◆ CRYPT_FindCertificateInCRL()

static PCRL_ENTRY CRYPT_FindCertificateInCRL ( PCERT_INFO  cert,
const CRL_INFO crl 
)
static

Definition at line 738 of file crl.c.

739{
740 DWORD i;
741 PCRL_ENTRY entry = NULL;
742
743 for (i = 0; !entry && i < crl->cCRLEntry; i++)
744 if (CertCompareIntegerBlob(&crl->rgCRLEntry[i].SerialNumber,
745 &cert->SerialNumber))
746 entry = &crl->rgCRLEntry[i];
747 return entry;
748}
cert
static BYTE cert[]
Definition: msg.c:1374

Referenced by CertFindCertificateInCRL(), and CertVerifyCRLRevocation().

◆ match_dist_point_with_issuing_dist_point()

static BOOL match_dist_point_with_issuing_dist_point ( const CRL_DIST_POINT distPoint,
const CRL_ISSUING_DIST_POINT idp 
)
static

Definition at line 646 of file crl.c.

648{
649 BOOL match;
650
651 /* While RFC 5280, section 4.2.1.13 recommends against segmenting
652 * CRL distribution points by reasons, it doesn't preclude doing so.
653 * "This profile RECOMMENDS against segmenting CRLs by reason code."
654 * If the issuing distribution point for this CRL is only valid for
655 * some reasons, only match if the reasons covered also match the
656 * reasons in the CRL distribution point.
657 */
658 if (idp->OnlySomeReasonFlags.cbData)
659 {
660 if (idp->OnlySomeReasonFlags.cbData == distPoint->ReasonFlags.cbData)
661 {
662 DWORD i;
663
664 match = TRUE;
665 for (i = 0; match && i < distPoint->ReasonFlags.cbData; i++)
666 if (idp->OnlySomeReasonFlags.pbData[i] !=
667 distPoint->ReasonFlags.pbData[i])
668 match = FALSE;
669 }
670 else
671 match = FALSE;
672 }
673 else
674 match = TRUE;
675 if (match)
676 match = compare_dist_point_name(&idp->DistPointName,
677 &distPoint->DistPointName);
678 return match;
679}
compare_dist_point_name
static BOOL compare_dist_point_name(const CRL_DIST_POINT_NAME *name1, const CRL_DIST_POINT_NAME *name2)
Definition: crl.c:591
_CRL_DIST_POINT::ReasonFlags
CRYPT_BIT_BLOB ReasonFlags
Definition: wincrypt.h:528
_CRL_DIST_POINT::DistPointName
CRL_DIST_POINT_NAME DistPointName
Definition: wincrypt.h:527
_CRL_ISSUING_DIST_POINT::DistPointName
CRL_DIST_POINT_NAME DistPointName
Definition: wincrypt.h:576
_CRL_ISSUING_DIST_POINT::OnlySomeReasonFlags
CRYPT_BIT_BLOB OnlySomeReasonFlags
Definition: wincrypt.h:579
_CRYPT_BIT_BLOB::pbData
BYTE * pbData
Definition: wincrypt.h:206
_CRYPT_BIT_BLOB::cbData
DWORD cbData
Definition: wincrypt.h:205

Referenced by CertIsValidCRLForCertificate().

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( crypt  )

Variable Documentation

◆ crl_vtbl

static const context_vtbl_t crl_vtbl
static
Initial value:
= {
CRL_free,
CRL_clone
}
CRL_clone
static context_t * CRL_clone(context_t *context, WINECRYPT_CERTSTORE *store, BOOL use_link)
Definition: crl.c:42
CRL_free
static void CRL_free(context_t *context)
Definition: crl.c:32

Definition at line 40 of file crl.c.

Referenced by CertCreateCRLContext(), and CRL_clone().