dd/d00/pfx_8c_source.html

/*

 * Copyright 2019 Hans Leidekker for CodeWeavers

 *

 * This library is free software; you can redistribute it and/or

 * modify it under the terms of the GNU Lesser General Public

 * License as published by the Free Software Foundation; either

 * version 2.1 of the License, or (at your option) any later version.

 *

 * This library is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

 * Lesser General Public License for more details.

 *

 * You should have received a copy of the GNU Lesser General Public

 * License along with this library; if not, write to the Free Software

 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA

 */


#include <stdarg.h>


#include "ntstatus.h"

#define WIN32_NO_STATUS

#include "windef.h"

#include "winbase.h"

#include "wincrypt.h"

#ifdef __REACTOS__

#include <winnls.h>

#endif

#include "snmp.h"

#include "crypt32_private.h"


#include "wine/debug.h"


WINE_DEFAULT_DEBUG_CHANNEL(crypt);


static HCRYPTPROV import_key( cert_store_data_t data, DWORD flags )

{

    HCRYPTPROV prov = 0;

    HCRYPTKEY cryptkey;

    DWORD size, acquire_flags;

    void *key;

    struct import_store_key_params params = { data, NULL, &size };


    if (CRYPT32_CALL( import_store_key, &params ) != STATUS_BUFFER_TOO_SMALL) return 0;


    acquire_flags = (flags & CRYPT_MACHINE_KEYSET) | CRYPT_NEWKEYSET;

    if (!CryptAcquireContextW( &prov, NULL, MS_ENHANCED_PROV_W, PROV_RSA_FULL, acquire_flags ))

    {

        if (GetLastError() != NTE_EXISTS) return 0;


        acquire_flags &= ~CRYPT_NEWKEYSET;

        if (!CryptAcquireContextW( &prov, NULL, MS_ENHANCED_PROV_W, PROV_RSA_FULL, acquire_flags ))

        {

            WARN( "CryptAcquireContextW failed %08lx\n", GetLastError() );

            return 0;

        }

    }


    params.buf = key = CryptMemAlloc( size );

    if (CRYPT32_CALL( import_store_key, &params ) ||

        !CryptImportKey( prov, key, size, 0, flags & CRYPT_EXPORTABLE, &cryptkey ))

    {

        WARN( "CryptImportKey failed %08lx\n", GetLastError() );

        CryptReleaseContext( prov, 0 );

        CryptMemFree( key );

        return 0;

    }

    CryptDestroyKey( cryptkey );

    CryptMemFree( key );

    return prov;

}


static BOOL set_key_context( const void *ctx, HCRYPTPROV prov )

{

    CERT_KEY_CONTEXT key_ctx;

    key_ctx.cbSize     = sizeof(key_ctx);

    key_ctx.hCryptProv = prov;

    key_ctx.dwKeySpec  = AT_KEYEXCHANGE;

    return CertSetCertificateContextProperty( ctx, CERT_KEY_CONTEXT_PROP_ID, 0, &key_ctx );

}


static WCHAR *get_provider_property( HCRYPTPROV prov, DWORD prop_id, DWORD *len )

{

    DWORD size = 0;

    WCHAR *ret;

    char *str;


    CryptGetProvParam( prov, prop_id, NULL, &size, 0 );

    if (!size) return NULL;

    if (!(str = CryptMemAlloc( size ))) return NULL;

    CryptGetProvParam( prov, prop_id, (BYTE *)str, &size, 0 );


    *len = MultiByteToWideChar( CP_ACP, 0, str, -1, NULL, 0 );

    if ((ret = CryptMemAlloc( *len * sizeof(WCHAR) ))) MultiByteToWideChar( CP_ACP, 0, str, -1, ret, *len );

    CryptMemFree( str );

    return ret;

}


static BOOL set_key_prov_info( const void *ctx, HCRYPTPROV prov )

{

    CRYPT_KEY_PROV_INFO *prov_info;

    DWORD size, len_container, len_name;

    WCHAR *ptr, *container, *name;

    BOOL ret;


    if (!(container = get_provider_property( prov, PP_CONTAINER, &len_container ))) return FALSE;

    if (!(name = get_provider_property( prov, PP_NAME, &len_name )))

    {

        CryptMemFree( container );

        return FALSE;

    }

    if (!(prov_info = CryptMemAlloc( sizeof(*prov_info) + (len_container + len_name) * sizeof(WCHAR) )))

    {

        CryptMemFree( container );

        CryptMemFree( name );

        return FALSE;

    }


    ptr = (WCHAR *)(prov_info + 1);

    prov_info->pwszContainerName = ptr;

    lstrcpyW( prov_info->pwszContainerName, container );


    ptr += len_container;

    prov_info->pwszProvName = ptr;

    lstrcpyW( prov_info->pwszProvName, name );


    size = sizeof(prov_info->dwProvType);

    CryptGetProvParam( prov, PP_PROVTYPE, (BYTE *)&prov_info->dwProvType, &size, 0 );


    prov_info->dwFlags     = 0;

    prov_info->cProvParam  = 0;

    prov_info->rgProvParam = NULL;

    size = sizeof(prov_info->dwKeySpec);

    CryptGetProvParam( prov, PP_KEYSPEC, (BYTE *)&prov_info->dwKeySpec, &size, 0 );


    ret = CertSetCertificateContextProperty( ctx, CERT_KEY_PROV_INFO_PROP_ID, 0, prov_info );


    CryptMemFree( prov_info );

    CryptMemFree( name );

    CryptMemFree( container );

    return ret;

}


HCERTSTORE WINAPI PFXImportCertStore( CRYPT_DATA_BLOB *pfx, const WCHAR *password, DWORD flags )

{

    DWORD i = 0, size;

    HCERTSTORE store = NULL;

    HCRYPTPROV prov = 0;

    cert_store_data_t data = 0;

    struct open_cert_store_params open_params = { pfx, password, &data };

    struct close_cert_store_params close_params;


    if (!pfx)

    {

        SetLastError( ERROR_INVALID_PARAMETER );

        return NULL;

    }

    if (flags & ~(CRYPT_EXPORTABLE|CRYPT_USER_KEYSET|CRYPT_MACHINE_KEYSET|PKCS12_NO_PERSIST_KEY))

    {

        FIXME( "flags %08lx not supported\n", flags );

        return NULL;

    }

    if (CRYPT32_CALL( open_cert_store, &open_params )) return NULL;


    prov = import_key( data, flags );

    if (!prov) goto error;


    if (!(store = CertOpenStore( CERT_STORE_PROV_MEMORY, 0, 0, 0, NULL )))

    {

        WARN( "CertOpenStore failed %08lx\n", GetLastError() );

        goto error;

    }


    for (;;)

    {

        const void *ctx = NULL;

        void *cert;

        struct import_store_cert_params import_params = { data, i, NULL, &size };


        if (CRYPT32_CALL( import_store_cert, &import_params ) != STATUS_BUFFER_TOO_SMALL) break;

        import_params.buf = cert = CryptMemAlloc( size );

        if (!CRYPT32_CALL( import_store_cert, &import_params ))

            ctx = CertCreateContext( CERT_STORE_CERTIFICATE_CONTEXT, X509_ASN_ENCODING, cert, size, 0, NULL );

        CryptMemFree( cert );

        if (!ctx)

        {

            WARN( "CertCreateContext failed %08lx\n", GetLastError() );

            goto error;

        }

        if (flags & PKCS12_NO_PERSIST_KEY)

        {

            if (!set_key_context( ctx, prov ))

            {

                WARN( "failed to set context property %08lx\n", GetLastError() );

                CertFreeCertificateContext( ctx );

                goto error;

            }

        }

        else if (!set_key_prov_info( ctx, prov ))

        {

            WARN( "failed to set provider info property %08lx\n", GetLastError() );

            CertFreeCertificateContext( ctx );

            goto error;

        }

        if (!CertAddCertificateContextToStore( store, ctx, CERT_STORE_ADD_ALWAYS, NULL ))

        {

            WARN( "CertAddCertificateContextToStore failed %08lx\n", GetLastError() );

            CertFreeCertificateContext( ctx );

            goto error;

        }

        CertFreeCertificateContext( ctx );

        i++;

    }

    close_params.data = data;

    CRYPT32_CALL( close_cert_store, &close_params );

    return store;


error:

    CryptReleaseContext( prov, 0 );

    CertCloseStore( store, 0 );

    close_params.data = data;

    CRYPT32_CALL( close_cert_store, &close_params );

    return NULL;

}


BOOL WINAPI PFXVerifyPassword( CRYPT_DATA_BLOB *pfx, const WCHAR *password, DWORD flags )

{

    FIXME( "(%p, %p, %08lx): stub\n", pfx, password, flags );

    return FALSE;

}


BOOL WINAPI PFXExportCertStore( HCERTSTORE store, CRYPT_DATA_BLOB *pfx, const WCHAR *password, DWORD flags )

{

    return PFXExportCertStoreEx( store, pfx, password, NULL, flags );

}


BOOL WINAPI PFXExportCertStoreEx( HCERTSTORE store, CRYPT_DATA_BLOB *pfx, const WCHAR *password, void *reserved,

                                  DWORD flags )

{

    FIXME( "(%p, %p, %p, %p, %08lx): stub\n", store, pfx, password, reserved, flags );

    return FALSE;

}

WINE_DEFAULT_DEBUG_CHANNEL
#define WINE_DEFAULT_DEBUG_CHANNEL(t)
Definition: precomp.h:23

FIXME
#define FIXME(fmt,...)
Definition: precomp.h:53

WARN
#define WARN(fmt,...)
Definition: precomp.h:61

crypt32_private.h

cert_store_data_t
UINT64 cert_store_data_t
Definition: crypt32_private.h:468

CRYPT32_CALL
#define CRYPT32_CALL(func, params)
Definition: crypt32_private.h:516

NULL
#define NULL
Definition: types.h:112

FALSE
#define FALSE
Definition: types.h:117

CryptDestroyKey
BOOL WINAPI CryptDestroyKey(HCRYPTKEY hKey)
Definition: crypt.c:911

CryptReleaseContext
BOOL WINAPI CryptReleaseContext(HCRYPTPROV hProv, DWORD dwFlags)
Definition: crypt.c:641

CryptAcquireContextW
BOOL WINAPI CryptAcquireContextW(HCRYPTPROV *phProv, LPCWSTR pszContainer, LPCWSTR pszProvider, DWORD dwProvType, DWORD dwFlags)
Definition: crypt.c:362

CryptGetProvParam
BOOL WINAPI CryptGetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags)
Definition: crypt.c:1667

CryptImportKey
BOOL WINAPI CryptImportKey(HCRYPTPROV hProv, const BYTE *pbData, DWORD dwDataLen, HCRYPTKEY hPubKey, DWORD dwFlags, HCRYPTKEY *phKey)
Definition: crypt.c:1820

CertAddCertificateContextToStore
BOOL WINAPI CertAddCertificateContextToStore(HCERTSTORE hCertStore, PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition, PCCERT_CONTEXT *ppStoreContext)
Definition: cert.c:284

CertFreeCertificateContext
BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
Definition: cert.c:369

CertSetCertificateContextProperty
BOOL WINAPI CertSetCertificateContextProperty(PCCERT_CONTEXT pCertContext, DWORD dwPropId, DWORD dwFlags, const void *pvData)
Definition: cert.c:838

CertCreateContext
const void *WINAPI CertCreateContext(DWORD dwContextType, DWORD dwEncodingType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, PCERT_CREATE_CONTEXT_PARA pCreatePara)
Definition: cert.c:3876

CryptMemAlloc
LPVOID WINAPI CryptMemAlloc(ULONG cbSize)
Definition: main.c:136

CryptMemFree
VOID WINAPI CryptMemFree(LPVOID pv)
Definition: main.c:146

CertOpenStore
HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider, DWORD dwMsgAndCertEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara)
Definition: store.c:809

CertCloseStore
BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
Definition: store.c:1121

ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101

CP_ACP
#define CP_ACP
Definition: compat.h:109

SetLastError
#define SetLastError(x)
Definition: compat.h:752

lstrcpyW
#define lstrcpyW
Definition: compat.h:749

MultiByteToWideChar
#define MultiByteToWideChar
Definition: compat.h:110

ret
return ret
Definition: mutex.c:146

reserved
r reserved
Definition: btrfs.c:3006

BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94

DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95

data
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950

size
GLsizeiptr size
Definition: glext.h:5919

params
GLenum const GLfloat * params
Definition: glext.h:5645

flags
GLbitfield flags
Definition: glext.h:7161

len
GLenum GLsizei len
Definition: glext.h:6722

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

void
Definition: nsiface.idl:2307

error
#define error(str)
Definition: mkdosfs.c:1605

ptr
static PVOID ptr
Definition: dispmode.c:27

cert
static BYTE cert[]
Definition: msg.c:1374

password
static WCHAR password[]
Definition: url.c:33

ntstatus.h

WCHAR
short WCHAR
Definition: pedump.c:58

set_key_context
static BOOL set_key_context(const void *ctx, HCRYPTPROV prov)
Definition: pfx.c:73

PFXVerifyPassword
BOOL WINAPI PFXVerifyPassword(CRYPT_DATA_BLOB *pfx, const WCHAR *password, DWORD flags)
Definition: pfx.c:226

PFXExportCertStoreEx
BOOL WINAPI PFXExportCertStoreEx(HCERTSTORE store, CRYPT_DATA_BLOB *pfx, const WCHAR *password, void *reserved, DWORD flags)
Definition: pfx.c:237

PFXExportCertStore
BOOL WINAPI PFXExportCertStore(HCERTSTORE store, CRYPT_DATA_BLOB *pfx, const WCHAR *password, DWORD flags)
Definition: pfx.c:232

PFXImportCertStore
HCERTSTORE WINAPI PFXImportCertStore(CRYPT_DATA_BLOB *pfx, const WCHAR *password, DWORD flags)
Definition: pfx.c:144

import_key
static HCRYPTPROV import_key(cert_store_data_t data, DWORD flags)
Definition: pfx.c:36

set_key_prov_info
static BOOL set_key_prov_info(const void *ctx, HCRYPTPROV prov)
Definition: pfx.c:99

get_provider_property
static WCHAR * get_provider_property(HCRYPTPROV prov, DWORD prop_id, DWORD *len)
Definition: pfx.c:82

str
const WCHAR * str
Definition: rpc_transport.c:2696

debug.h

STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69

_CERT_KEY_CONTEXT
Definition: wincrypt.h:227

_CERT_KEY_CONTEXT::hCryptProv
HCRYPTPROV hCryptProv
Definition: wincrypt.h:229

_CERT_KEY_CONTEXT::dwKeySpec
DWORD dwKeySpec
Definition: wincrypt.h:230

_CERT_KEY_CONTEXT::cbSize
DWORD cbSize
Definition: wincrypt.h:228

_CRYPTOAPI_BLOB
Definition: wincrypt.h:110

_CRYPT_KEY_PROV_INFO
Definition: wincrypt.h:217

_CRYPT_KEY_PROV_INFO::pwszContainerName
LPWSTR pwszContainerName
Definition: wincrypt.h:218

_CRYPT_KEY_PROV_INFO::dwKeySpec
DWORD dwKeySpec
Definition: wincrypt.h:224

_CRYPT_KEY_PROV_INFO::dwProvType
DWORD dwProvType
Definition: wincrypt.h:220

_CRYPT_KEY_PROV_INFO::cProvParam
DWORD cProvParam
Definition: wincrypt.h:222

_CRYPT_KEY_PROV_INFO::dwFlags
DWORD dwFlags
Definition: wincrypt.h:221

_CRYPT_KEY_PROV_INFO::rgProvParam
PCRYPT_KEY_PROV_PARAM rgProvParam
Definition: wincrypt.h:223

_CRYPT_KEY_PROV_INFO::pwszProvName
LPWSTR pwszProvName
Definition: wincrypt.h:219

close_cert_store_params
Definition: crypt32_private.h:493

close_cert_store_params::data
cert_store_data_t data
Definition: crypt32_private.h:494

container
Definition: metafile.c:156

import_store_cert_params
Definition: crypt32_private.h:485

import_store_cert_params::buf
void * buf
Definition: crypt32_private.h:488

import_store_key_params
Definition: crypt32_private.h:478

key
Definition: copy.c:22

name
Definition: name.c:39

open_cert_store_params
Definition: crypt32_private.h:471

open_cert_store_params::pfx
CRYPT_DATA_BLOB * pfx
Definition: crypt32_private.h:472

ctx
Definition: dbghelp_private.h:571

import_store_key
static NTSTATUS import_store_key(void *args)
Definition: unixlib.c:364

close_cert_store
static NTSTATUS close_cert_store(void *args)
Definition: unixlib.c:366

import_store_cert
static NTSTATUS import_store_cert(void *args)
Definition: unixlib.c:365

open_cert_store
static NTSTATUS open_cert_store(void *args)
Definition: unixlib.c:363

winbase.h

GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042

wincrypt.h

CRYPT_NEWKEYSET
#define CRYPT_NEWKEYSET
Definition: wincrypt.h:2274

PROV_RSA_FULL
#define PROV_RSA_FULL
Definition: wincrypt.h:2243

CERT_KEY_CONTEXT_PROP_ID
#define CERT_KEY_CONTEXT_PROP_ID
Definition: wincrypt.h:2837

HCRYPTPROV
ULONG_PTR HCRYPTPROV
Definition: wincrypt.h:55

CRYPT_USER_KEYSET
#define CRYPT_USER_KEYSET
Definition: wincrypt.h:4320

CERT_KEY_PROV_INFO_PROP_ID
#define CERT_KEY_PROV_INFO_PROP_ID
Definition: wincrypt.h:2833

PP_KEYSPEC
#define PP_KEYSPEC
Definition: wincrypt.h:2318

AT_KEYEXCHANGE
#define AT_KEYEXCHANGE
Definition: wincrypt.h:2239

X509_ASN_ENCODING
#define X509_ASN_ENCODING
Definition: wincrypt.h:2501

CERT_STORE_PROV_MEMORY
#define CERT_STORE_PROV_MEMORY
Definition: wincrypt.h:2455

PKCS12_NO_PERSIST_KEY
#define PKCS12_NO_PERSIST_KEY
Definition: wincrypt.h:4327

CERT_STORE_CERTIFICATE_CONTEXT
#define CERT_STORE_CERTIFICATE_CONTEXT
Definition: wincrypt.h:3121

PP_NAME
#define PP_NAME
Definition: wincrypt.h:2289

HCRYPTKEY
ULONG_PTR HCRYPTKEY
Definition: wincrypt.h:58

CERT_STORE_ADD_ALWAYS
#define CERT_STORE_ADD_ALWAYS
Definition: wincrypt.h:2654

PP_CONTAINER
#define PP_CONTAINER
Definition: wincrypt.h:2291

PP_PROVTYPE
#define PP_PROVTYPE
Definition: wincrypt.h:2300

MS_ENHANCED_PROV_W
static const WCHAR MS_ENHANCED_PROV_W[]
Definition: wincrypt.h:2129

CRYPT_EXPORTABLE
#define CRYPT_EXPORTABLE
Definition: wincrypt.h:2410

CRYPT_MACHINE_KEYSET
#define CRYPT_MACHINE_KEYSET
Definition: wincrypt.h:2276

windef.h

WINAPI
#define WINAPI
Definition: msvc.h:6

NTE_EXISTS
#define NTE_EXISTS
Definition: winerror.h:4262

winnls.h

BYTE
unsigned char BYTE
Definition: xxhash.c:193