Juan Lang : crypt32: Implement decoding cert policy constraints.
Alexandre Julliard
julliard at winehq.org
Mon Nov 9 15:14:17 CST 2009
Module: wine
Branch: master
Commit: fbcce9f308ed2b8fb2c28f040170791df203de26
URL: http://source.winehq.org/git/wine.git/?a=commit;h=fbcce9f308ed2b8fb2c28f040170791df203de26
Author: Juan Lang <juan.lang at gmail.com>
Date: Fri Nov 6 12:47:15 2009 -0800
crypt32: Implement decoding cert policy constraints.
---
dlls/crypt32/decode.c | 138 +++++++++++++++++++++++++++++++++++++++++++
dlls/crypt32/tests/encode.c | 2 -
2 files changed, 138 insertions(+), 2 deletions(-)
diff --git a/dlls/crypt32/decode.c b/dlls/crypt32/decode.c
index f1da624..d6288b6 100644
--- a/dlls/crypt32/decode.c
+++ b/dlls/crypt32/decode.c
@@ -3685,6 +3685,139 @@ static BOOL WINAPI CRYPT_AsnDecodeCertPolicyMappings(DWORD dwCertEncodingType,
return ret;
}
+static BOOL CRYPT_AsnDecodeRequireExplicit(const BYTE *pbEncoded,
+ DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
+ DWORD *pcbDecoded)
+{
+ BOOL ret;
+ DWORD skip, size = sizeof(skip);
+
+ if (!cbEncoded)
+ {
+ SetLastError(CRYPT_E_ASN1_EOD);
+ return FALSE;
+ }
+ if (pbEncoded[0] != (ASN_CONTEXT | 0))
+ {
+ SetLastError(CRYPT_E_ASN1_BADTAG);
+ return FALSE;
+ }
+ if ((ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
+ &skip, &size, pcbDecoded)))
+ {
+ DWORD bytesNeeded = MEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO,
+ fRequireExplicitPolicy, fInhibitPolicyMapping);
+
+ if (!pvStructInfo)
+ *pcbStructInfo = bytesNeeded;
+ else if (*pcbStructInfo < bytesNeeded)
+ {
+ *pcbStructInfo = bytesNeeded;
+ SetLastError(ERROR_MORE_DATA);
+ ret = FALSE;
+ }
+ else
+ {
+ CERT_POLICY_CONSTRAINTS_INFO *info =
+ (CERT_POLICY_CONSTRAINTS_INFO *)((BYTE *)pvStructInfo -
+ offsetof(CERT_POLICY_CONSTRAINTS_INFO, fRequireExplicitPolicy));
+
+ *pcbStructInfo = bytesNeeded;
+ /* The BOOL is implicit: if the integer is present, then it's
+ * TRUE.
+ */
+ info->fRequireExplicitPolicy = TRUE;
+ info->dwRequireExplicitPolicySkipCerts = skip;
+ }
+ }
+ return ret;
+}
+
+static BOOL CRYPT_AsnDecodeInhibitMapping(const BYTE *pbEncoded,
+ DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
+ DWORD *pcbDecoded)
+{
+ BOOL ret;
+ DWORD skip, size = sizeof(skip);
+
+ if (!cbEncoded)
+ {
+ SetLastError(CRYPT_E_ASN1_EOD);
+ return FALSE;
+ }
+ if (pbEncoded[0] != (ASN_CONTEXT | 1))
+ {
+ SetLastError(CRYPT_E_ASN1_BADTAG);
+ return FALSE;
+ }
+ if ((ret = CRYPT_AsnDecodeIntInternal(pbEncoded, cbEncoded, dwFlags,
+ &skip, &size, pcbDecoded)))
+ {
+ DWORD bytesNeeded = FINALMEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO,
+ fInhibitPolicyMapping);
+
+ if (!pvStructInfo)
+ *pcbStructInfo = bytesNeeded;
+ else if (*pcbStructInfo < bytesNeeded)
+ {
+ *pcbStructInfo = bytesNeeded;
+ SetLastError(ERROR_MORE_DATA);
+ ret = FALSE;
+ }
+ else
+ {
+ CERT_POLICY_CONSTRAINTS_INFO *info =
+ (CERT_POLICY_CONSTRAINTS_INFO *)((BYTE *)pvStructInfo -
+ offsetof(CERT_POLICY_CONSTRAINTS_INFO, fInhibitPolicyMapping));
+
+ *pcbStructInfo = bytesNeeded;
+ /* The BOOL is implicit: if the integer is present, then it's
+ * TRUE.
+ */
+ info->fInhibitPolicyMapping = TRUE;
+ info->dwInhibitPolicyMappingSkipCerts = skip;
+ }
+ }
+ return ret;
+}
+
+static BOOL WINAPI CRYPT_AsnDecodeCertPolicyConstraints(
+ DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded,
+ DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara,
+ void *pvStructInfo, DWORD *pcbStructInfo)
+{
+ BOOL ret = FALSE;
+
+ TRACE("%p, %d, %08x, %p, %p, %d\n", pbEncoded, cbEncoded, dwFlags,
+ pDecodePara, pvStructInfo, pvStructInfo ? *pcbStructInfo : 0);
+
+ __TRY
+ {
+ struct AsnDecodeSequenceItem items[] = {
+ { ASN_CONTEXT | 0,
+ offsetof(CERT_POLICY_CONSTRAINTS_INFO, fRequireExplicitPolicy),
+ CRYPT_AsnDecodeRequireExplicit,
+ MEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO, fRequireExplicitPolicy,
+ fInhibitPolicyMapping), TRUE, FALSE, 0, 0 },
+ { ASN_CONTEXT | 1,
+ offsetof(CERT_POLICY_CONSTRAINTS_INFO, fInhibitPolicyMapping),
+ CRYPT_AsnDecodeInhibitMapping,
+ FINALMEMBERSIZE(CERT_POLICY_CONSTRAINTS_INFO, fInhibitPolicyMapping),
+ TRUE, FALSE, 0, 0 },
+ };
+
+ ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
+ pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
+ pcbStructInfo, NULL, NULL);
+ }
+ __EXCEPT_PAGE_FAULT
+ {
+ SetLastError(STATUS_ACCESS_VIOLATION);
+ }
+ __ENDTRY
+ return ret;
+}
+
#define RSA1_MAGIC 0x31415352
struct DECODED_RSA_PUB_KEY
@@ -5550,6 +5683,9 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
case LOWORD(X509_POLICY_MAPPINGS):
decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
break;
+ case LOWORD(X509_POLICY_CONSTRAINTS):
+ decodeFunc = CRYPT_AsnDecodeCertPolicyConstraints;
+ break;
case LOWORD(PKCS7_SIGNER_INFO):
decodeFunc = CRYPT_AsnDecodePKCSSignerInfo;
break;
@@ -5596,6 +5732,8 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
decodeFunc = CRYPT_AsnDecodeCertPolicies;
else if (!strcmp(lpszStructType, szOID_POLICY_MAPPINGS))
decodeFunc = CRYPT_AsnDecodeCertPolicyMappings;
+ else if (!strcmp(lpszStructType, szOID_POLICY_CONSTRAINTS))
+ decodeFunc = CRYPT_AsnDecodeCertPolicyConstraints;
else if (!strcmp(lpszStructType, szOID_ENHANCED_KEY_USAGE))
decodeFunc = CRYPT_AsnDecodeEnhancedKeyUsage;
else if (!strcmp(lpszStructType, szOID_ISSUING_DIST_POINT))
diff --git a/dlls/crypt32/tests/encode.c b/dlls/crypt32/tests/encode.c
index 0ca870a..6e6c6f3 100644
--- a/dlls/crypt32/tests/encode.c
+++ b/dlls/crypt32/tests/encode.c
@@ -7643,7 +7643,6 @@ static void test_decodeCertPolicyConstraints(DWORD dwEncoding)
ret = pCryptDecodeObjectEx(dwEncoding, X509_POLICY_CONSTRAINTS,
emptySequence, sizeof(emptySequence), CRYPT_DECODE_ALLOC_FLAG, NULL,
&info, &size);
- todo_wine {
ok(ret, "CryptDecodeObjectEx failed: %08x\n", GetLastError());
if (ret)
{
@@ -7699,7 +7698,6 @@ static void test_decodeCertPolicyConstraints(DWORD dwEncoding)
info->dwInhibitPolicyMappingSkipCerts);
LocalFree(info);
}
- }
}
/* Free *pInfo with HeapFree */
More information about the wine-cvs
mailing list