Juan Lang : cryptui: Validate OID in add purpose dialog.
Alexandre Julliard
julliard at winehq.org
Fri Dec 19 11:19:24 CST 2008
Module: wine
Branch: master
Commit: a958c27cdd431f758a4d2e7971aa1f4e85b3b330
URL: http://source.winehq.org/git/wine.git/?a=commit;h=a958c27cdd431f758a4d2e7971aa1f4e85b3b330
Author: Juan Lang <juan.lang at gmail.com>
Date: Thu Dec 18 14:05:49 2008 -0800
cryptui: Validate OID in add purpose dialog.
---
dlls/cryptui/cryptui_En.rc | 2 +
dlls/cryptui/cryptuires.h | 2 +
dlls/cryptui/main.c | 88 +++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 91 insertions(+), 1 deletions(-)
diff --git a/dlls/cryptui/cryptui_En.rc b/dlls/cryptui/cryptui_En.rc
index 5dcb98a..f904fa7 100644
--- a/dlls/cryptui/cryptui_En.rc
+++ b/dlls/cryptui/cryptui_En.rc
@@ -59,6 +59,8 @@ STRINGTABLE DISCARDABLE
IDS_PROP_FRIENDLY_NAME "Friendly name"
IDS_PROP_DESCRIPTION "Description"
IDS_CERTIFICATE_PROPERTIES "Certificate Properties"
+ IDS_CERTIFICATE_PURPOSE_ERROR "Please enter an OID in the form 1.2.3.4"
+ IDS_CERTIFICATE_PURPOSE_EXISTS "The OID you entered already exists."
IDS_PURPOSE_SERVER_AUTH "Ensures the identify of a remote computer"
IDS_PURPOSE_CLIENT_AUTH "Proves your identity to a remote computer"
IDS_PURPOSE_CODE_SIGNING "Ensures software came from software publisher\nProtects software from alteration after publication"
diff --git a/dlls/cryptui/cryptuires.h b/dlls/cryptui/cryptuires.h
index a311531..9e18852 100644
--- a/dlls/cryptui/cryptuires.h
+++ b/dlls/cryptui/cryptuires.h
@@ -56,6 +56,8 @@
#define IDS_PROP_FRIENDLY_NAME 1036
#define IDS_PROP_DESCRIPTION 1037
#define IDS_CERTIFICATE_PROPERTIES 1038
+#define IDS_CERTIFICATE_PURPOSE_ERROR 1039
+#define IDS_CERTIFICATE_PURPOSE_EXISTS 1040
#define IDS_PURPOSE_SERVER_AUTH 1100
#define IDS_PURPOSE_CLIENT_AUTH 1101
diff --git a/dlls/cryptui/main.c b/dlls/cryptui/main.c
index 7bd835f..7b70578 100644
--- a/dlls/cryptui/main.c
+++ b/dlls/cryptui/main.c
@@ -1593,6 +1593,72 @@ static void add_purpose(HWND hwnd, LPCSTR oid)
}
}
+static BOOL is_valid_oid(LPCSTR oid)
+{
+ BOOL ret;
+
+ if (oid[0] != '0' && oid[0] != '1' && oid[0] != '2')
+ ret = FALSE;
+ else if (oid[1] != '.')
+ ret = FALSE;
+ else if (!oid[2])
+ ret = FALSE;
+ else
+ {
+ const char *ptr;
+ BOOL expectNum = TRUE;
+
+ for (ptr = oid + 2, ret = TRUE; ret && *ptr; ptr++)
+ {
+ if (expectNum)
+ {
+ if (!isdigit(*ptr))
+ ret = FALSE;
+ else if (*(ptr + 1) == '.')
+ expectNum = FALSE;
+ }
+ else
+ {
+ if (*ptr != '.')
+ ret = FALSE;
+ else if (!(*(ptr + 1)))
+ ret = FALSE;
+ else
+ expectNum = TRUE;
+ }
+ }
+ }
+ return ret;
+}
+
+static BOOL is_oid_in_list(HWND hwnd, LPCSTR oid)
+{
+ HWND lv = GetDlgItem(hwnd, IDC_CERTIFICATE_USAGES);
+ PCCRYPT_OID_INFO oidInfo = CryptFindOIDInfo(CRYPT_OID_INFO_OID_KEY,
+ (void *)oid, CRYPT_ENHKEY_USAGE_OID_GROUP_ID);
+ BOOL ret = FALSE;
+
+ if (oidInfo)
+ {
+ LVFINDINFOW findInfo;
+
+ findInfo.flags = LVFI_PARAM;
+ findInfo.lParam = (LPARAM)oidInfo;
+ if (SendMessageW(lv, LVM_FINDITEMW, -1, (LPARAM)&findInfo) != -1)
+ ret = TRUE;
+ }
+ else
+ {
+ LVFINDINFOA findInfo;
+
+ findInfo.flags = LVFI_STRING;
+ findInfo.psz = oid;
+ if (SendMessageW(lv, LVM_FINDITEMA, -1, (LPARAM)&findInfo) != -1)
+ ret = TRUE;
+ }
+ return ret;
+}
+
#define MAX_PURPOSE 255
static LRESULT CALLBACK add_purpose_dlg_proc(HWND hwnd, UINT msg,
@@ -1636,11 +1702,31 @@ static LRESULT CALLBACK add_purpose_dlg_proc(HWND hwnd, UINT msg,
EndDialog(hwnd, IDCANCEL);
ret = TRUE;
}
+ else if (!is_valid_oid(buf))
+ {
+ WCHAR title[MAX_STRING_LEN], error[MAX_STRING_LEN];
+
+ LoadStringW(hInstance, IDS_CERTIFICATE_PURPOSE_ERROR, error,
+ sizeof(error) / sizeof(error[0]));
+ LoadStringW(hInstance, IDS_CERTIFICATE_PROPERTIES, title,
+ sizeof(title) / sizeof(title[0]));
+ MessageBoxW(hwnd, error, title, MB_ICONERROR | MB_OK);
+ }
+ else if (is_oid_in_list(
+ (HWND)GetWindowLongPtrW(hwnd, DWLP_USER), buf))
+ {
+ WCHAR title[MAX_STRING_LEN], error[MAX_STRING_LEN];
+
+ LoadStringW(hInstance, IDS_CERTIFICATE_PURPOSE_EXISTS,
+ error, sizeof(error) / sizeof(error[0]));
+ LoadStringW(hInstance, IDS_CERTIFICATE_PROPERTIES, title,
+ sizeof(title) / sizeof(title[0]));
+ MessageBoxW(hwnd, error, title, MB_ICONEXCLAMATION | MB_OK);
+ }
else
{
HWND parent = (HWND)GetWindowLongPtrW(hwnd, DWLP_USER);
- FIXME("validate %s\n", debugstr_a(buf));
add_purpose(parent, buf);
EndDialog(hwnd, wp);
ret = TRUE;
More information about the wine-cvs
mailing list