Juan Lang : crypt32: Make it clearer where alg ids come from in
CryptVerifyCertificateSignatureEx .
Alexandre Julliard
julliard at wine.codeweavers.com
Tue Oct 3 13:37:39 CDT 2006
Module: wine
Branch: master
Commit: 44ba993b6ea224104f7aabe9dce67b94e4e43cc9
URL: http://source.winehq.org/git/?p=wine.git;a=commit;h=44ba993b6ea224104f7aabe9dce67b94e4e43cc9
Author: Juan Lang <juan_lang at yahoo.com>
Date: Tue Oct 3 08:32:10 2006 -0700
crypt32: Make it clearer where alg ids come from in CryptVerifyCertificateSignatureEx.
---
dlls/crypt32/cert.c | 43 +++++++++++++++++++++++++++++++++++++------
1 files changed, 37 insertions(+), 6 deletions(-)
diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c
index 78efb5a..80a8ce2 100644
--- a/dlls/crypt32/cert.c
+++ b/dlls/crypt32/cert.c
@@ -1326,22 +1326,53 @@ static BOOL CRYPT_VerifyCertSignatureFro
PCERT_SIGNED_CONTENT_INFO signedCert)
{
BOOL ret;
- ALG_ID algID = CertOIDToAlgId(pubKeyInfo->Algorithm.pszObjId);
HCRYPTKEY key;
+ PCCRYPT_OID_INFO info;
+ ALG_ID pubKeyID, hashID;
+ info = CryptFindOIDInfo(CRYPT_OID_INFO_OID_KEY,
+ pubKeyInfo->Algorithm.pszObjId, 0);
+ if (!info || (info->dwGroupId != CRYPT_PUBKEY_ALG_OID_GROUP_ID &&
+ info->dwGroupId != CRYPT_SIGN_ALG_OID_GROUP_ID))
+ {
+ SetLastError(NTE_BAD_ALGID);
+ return FALSE;
+ }
+ if (info->dwGroupId == CRYPT_PUBKEY_ALG_OID_GROUP_ID)
+ {
+ switch (info->Algid)
+ {
+ case CALG_RSA_KEYX:
+ pubKeyID = CALG_RSA_SIGN;
+ hashID = CALG_SHA1;
+ break;
+ case CALG_RSA_SIGN:
+ pubKeyID = CALG_RSA_SIGN;
+ hashID = CALG_SHA1;
+ break;
+ default:
+ FIXME("unimplemented for %s\n", pubKeyInfo->Algorithm.pszObjId);
+ return FALSE;
+ }
+ }
+ else
+ {
+ hashID = info->Algid;
+ if (info->ExtraInfo.cbData >= sizeof(ALG_ID))
+ pubKeyID = *(ALG_ID *)info->ExtraInfo.pbData;
+ else
+ pubKeyID = hashID;
+ }
/* Load the default provider if necessary */
if (!hCryptProv)
hCryptProv = CRYPT_GetDefaultProvider();
ret = CryptImportPublicKeyInfoEx(hCryptProv, dwCertEncodingType,
- pubKeyInfo, algID, 0, NULL, &key);
+ pubKeyInfo, pubKeyID, 0, NULL, &key);
if (ret)
{
HCRYPTHASH hash;
- /* Some key algorithms aren't hash algorithms, so map them */
- if (algID == CALG_RSA_SIGN || algID == CALG_RSA_KEYX)
- algID = CALG_SHA1;
- ret = CryptCreateHash(hCryptProv, algID, 0, 0, &hash);
+ ret = CryptCreateHash(hCryptProv, hashID, 0, 0, &hash);
if (ret)
{
ret = CryptHashData(hash, signedCert->ToBeSigned.pbData,
More information about the wine-cvs
mailing list