mirror of
git://source.winehq.org/git/wine.git
synced 2024-09-20 08:38:01 +00:00
crypt32: Implement decoding cert policy constraints.
This commit is contained in:
parent
32ad424972
commit
fbcce9f308
|
@ -3685,6 +3685,139 @@ static BOOL WINAPI CRYPT_AsnDecodeCertPolicyMappings(DWORD dwCertEncodingType,
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static BOOL CRYPT_AsnDecodeRequireExplicit(const BYTE *pbEncoded,
|
||||||
|
DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
|
||||||
|
DWORD *pcbDecoded)
|
||||||
|
{
|
||||||
|
BOOL ret;
|
||||||
|
DWORD skip, size = sizeof(skip);
|
||||||
|
|
||||||
|
if (!cbEncoded)
|
||||||
|
{
|
||||||
|
SetLastError(CRYPT_E_ASN1_EOD);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
if (pbEncoded[0] != (ASN_CONTEXT | 0))
|
||||||
|
{
|
||||||
|
SetLastError(CRYPT_E_ASN1_BADTAG);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
if ((ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
|
||||||
|
&skip, &size, pcbDecoded)))
|
||||||
|
{
|
||||||
|
DWORD bytesNeeded = MEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO,
|
||||||
|
fRequireExplicitPolicy, fInhibitPolicyMapping);
|
||||||
|
|
||||||
|
if (!pvStructInfo)
|
||||||
|
*pcbStructInfo = bytesNeeded;
|
||||||
|
else if (*pcbStructInfo < bytesNeeded)
|
||||||
|
{
|
||||||
|
*pcbStructInfo = bytesNeeded;
|
||||||
|
SetLastError(ERROR_MORE_DATA);
|
||||||
|
ret = FALSE;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
CERT_POLICY_CONSTRAINTS_INFO *info =
|
||||||
|
(CERT_POLICY_CONSTRAINTS_INFO *)((BYTE *)pvStructInfo -
|
||||||
|
offsetof(CERT_POLICY_CONSTRAINTS_INFO, fRequireExplicitPolicy));
|
||||||
|
|
||||||
|
*pcbStructInfo = bytesNeeded;
|
||||||
|
/* The BOOL is implicit: if the integer is present, then it's
|
||||||
|
* TRUE.
|
||||||
|
*/
|
||||||
|
info->fRequireExplicitPolicy = TRUE;
|
||||||
|
info->dwRequireExplicitPolicySkipCerts = skip;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static BOOL CRYPT_AsnDecodeInhibitMapping(const BYTE *pbEncoded,
|
||||||
|
DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
|
||||||
|
DWORD *pcbDecoded)
|
||||||
|
{
|
||||||
|
BOOL ret;
|
||||||
|
DWORD skip, size = sizeof(skip);
|
||||||
|
|
||||||
|
if (!cbEncoded)
|
||||||
|
{
|
||||||
|
SetLastError(CRYPT_E_ASN1_EOD);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
if (pbEncoded[0] != (ASN_CONTEXT | 1))
|
||||||
|
{
|
||||||
|
SetLastError(CRYPT_E_ASN1_BADTAG);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
if ((ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
|
||||||
|
&skip, &size, pcbDecoded)))
|
||||||
|
{
|
||||||
|
DWORD bytesNeeded = FINALMEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO,
|
||||||
|
fInhibitPolicyMapping);
|
||||||
|
|
||||||
|
if (!pvStructInfo)
|
||||||
|
*pcbStructInfo = bytesNeeded;
|
||||||
|
else if (*pcbStructInfo < bytesNeeded)
|
||||||
|
{
|
||||||
|
*pcbStructInfo = bytesNeeded;
|
||||||
|
SetLastError(ERROR_MORE_DATA);
|
||||||
|
ret = FALSE;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
CERT_POLICY_CONSTRAINTS_INFO *info =
|
||||||
|
(CERT_POLICY_CONSTRAINTS_INFO *)((BYTE *)pvStructInfo -
|
||||||
|
offsetof(CERT_POLICY_CONSTRAINTS_INFO, fInhibitPolicyMapping));
|
||||||
|
|
||||||
|
*pcbStructInfo = bytesNeeded;
|
||||||
|
/* The BOOL is implicit: if the integer is present, then it's
|
||||||
|
* TRUE.
|
||||||
|
*/
|
||||||
|
info->fInhibitPolicyMapping = TRUE;
|
||||||
|
info->dwInhibitPolicyMappingSkipCerts = skip;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static BOOL WINAPI CRYPT_AsnDecodeCertPolicyConstraints(
|
||||||
|
DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded,
|
||||||
|
DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
|
||||||
|
void *pvStructInfo, DWORD *pcbStructInfo)
|
||||||
|
{
|
||||||
|
BOOL ret = FALSE;
|
||||||
|
|
||||||
|
TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
|
||||||
|
pDecodePara, pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
|
||||||
|
|
||||||
|
__TRY
|
||||||
|
{
|
||||||
|
struct AsnDecodeSequenceItem items[] = {
|
||||||
|
{ ASN_CONTEXT | 0,
|
||||||
|
offsetof(CERT_POLICY_CONSTRAINTS_INFO, fRequireExplicitPolicy),
|
||||||
|
CRYPT_AsnDecodeRequireExplicit,
|
||||||
|
MEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO, fRequireExplicitPolicy,
|
||||||
|
fInhibitPolicyMapping), TRUE, FALSE, 0, 0 },
|
||||||
|
{ ASN_CONTEXT | 1,
|
||||||
|
offsetof(CERT_POLICY_CONSTRAINTS_INFO, fInhibitPolicyMapping),
|
||||||
|
CRYPT_AsnDecodeInhibitMapping,
|
||||||
|
FINALMEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO, fInhibitPolicyMapping),
|
||||||
|
TRUE, FALSE, 0, 0 },
|
||||||
|
};
|
||||||
|
|
||||||
|
ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
|
||||||
|
pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
|
||||||
|
pcbStructInfo, NULL, NULL);
|
||||||
|
}
|
||||||
|
__EXCEPT_PAGE_FAULT
|
||||||
|
{
|
||||||
|
SetLastError(STATUS_ACCESS_VIOLATION);
|
||||||
|
}
|
||||||
|
__ENDTRY
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
#define RSA1_MAGIC 0x31415352
|
#define RSA1_MAGIC 0x31415352
|
||||||
|
|
||||||
struct DECODED_RSA_PUB_KEY
|
struct DECODED_RSA_PUB_KEY
|
||||||
|
@ -5550,6 +5683,9 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
|
||||||
case LOWORD(X509_POLICY_MAPPINGS):
|
case LOWORD(X509_POLICY_MAPPINGS):
|
||||||
decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
|
decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
|
||||||
break;
|
break;
|
||||||
|
case LOWORD(X509_POLICY_CONSTRAINTS):
|
||||||
|
decodeFunc = CRYPT_AsnDecodeCertPolicyConstraints;
|
||||||
|
break;
|
||||||
case LOWORD(PKCS7_SIGNER_INFO):
|
case LOWORD(PKCS7_SIGNER_INFO):
|
||||||
decodeFunc = CRYPT_AsnDecodePKCSSignerInfo;
|
decodeFunc = CRYPT_AsnDecodePKCSSignerInfo;
|
||||||
break;
|
break;
|
||||||
|
@ -5596,6 +5732,8 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
|
||||||
decodeFunc = CRYPT_AsnDecodeCertPolicies;
|
decodeFunc = CRYPT_AsnDecodeCertPolicies;
|
||||||
else if (!strcmp(lpszStructType, szOID_POLICY_MAPPINGS))
|
else if (!strcmp(lpszStructType, szOID_POLICY_MAPPINGS))
|
||||||
decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
|
decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
|
||||||
|
else if (!strcmp(lpszStructType, szOID_POLICY_CONSTRAINTS))
|
||||||
|
decodeFunc = CRYPT_AsnDecodeCertPolicyConstraints;
|
||||||
else if (!strcmp(lpszStructType, szOID_ENHANCED_KEY_USAGE))
|
else if (!strcmp(lpszStructType, szOID_ENHANCED_KEY_USAGE))
|
||||||
decodeFunc = CRYPT_AsnDecodeEnhancedKeyUsage;
|
decodeFunc = CRYPT_AsnDecodeEnhancedKeyUsage;
|
||||||
else if (!strcmp(lpszStructType, szOID_ISSUING_DIST_POINT))
|
else if (!strcmp(lpszStructType, szOID_ISSUING_DIST_POINT))
|
||||||
|
|
|
@ -7643,7 +7643,6 @@ static void test_decodeCertPolicyConstraints(DWORD dwEncoding)
|
||||||
ret = pCryptDecodeObjectEx(dwEncoding, X509_POLICY_CONSTRAINTS,
|
ret = pCryptDecodeObjectEx(dwEncoding, X509_POLICY_CONSTRAINTS,
|
||||||
emptySequence, sizeof(emptySequence), CRYPT_DECODE_ALLOC_FLAG, NULL,
|
emptySequence, sizeof(emptySequence), CRYPT_DECODE_ALLOC_FLAG, NULL,
|
||||||
&info, &size);
|
&info, &size);
|
||||||
todo_wine {
|
|
||||||
ok(ret, "CryptDecodeObjectEx failed: %08x\n", GetLastError());
|
ok(ret, "CryptDecodeObjectEx failed: %08x\n", GetLastError());
|
||||||
if (ret)
|
if (ret)
|
||||||
{
|
{
|
||||||
|
@ -7699,7 +7698,6 @@ static void test_decodeCertPolicyConstraints(DWORD dwEncoding)
|
||||||
info->dwInhibitPolicyMappingSkipCerts);
|
info->dwInhibitPolicyMappingSkipCerts);
|
||||||
LocalFree(info);
|
LocalFree(info);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Free *pInfo with HeapFree */
|
/* Free *pInfo with HeapFree */
|
||||||
|
|
Loading…
Reference in a new issue