[PATCH 2/3] crypt32: Add partial support for encoding signed OCSP requests.

Thu Mar 10 07:15:49 CST 2022

Signed-off-by: Hans Leidekker <hans at codeweavers.com>
---
 dlls/crypt32/encode.c       | 30 ++++++++++++++++++++++++++++++
 dlls/crypt32/tests/encode.c | 24 +++++++++++++++++++++++-
 2 files changed, 53 insertions(+), 1 deletion(-)

diff --git a/dlls/crypt32/encode.c b/dlls/crypt32/encode.c
index 3391e61679c..8086ad2fc0a 100644
--- a/dlls/crypt32/encode.c
+++ b/dlls/crypt32/encode.c
@@ -4664,6 +4664,33 @@ static BOOL WINAPI CRYPT_AsnEncodeOCSPRequest(DWORD dwCertEncodingType,
     return ret;
 }
 
+static BOOL WINAPI CRYPT_AsnEncodeOCSPSignedRequest(DWORD dwCertEncodingType,
+ LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags,
+ PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded)
+{
+    BOOL ret;
+
+    __TRY
+    {
+        const OCSP_SIGNED_REQUEST_INFO *info = pvStructInfo;
+        struct AsnEncodeSequenceItem items[] = {
+         { &info->ToBeSigned, CRYPT_CopyEncodedBlob, 0 },
+        };
+
+        if (info->pOptionalSignatureInfo) FIXME("pOptionalSignatureInfo not supported\n");
+
+        ret = CRYPT_AsnEncodeSequence(dwCertEncodingType, items,
+         ARRAY_SIZE(items), dwFlags, pEncodePara, pbEncoded, pcbEncoded);
+    }
+    __EXCEPT_PAGE_FAULT
+    {
+        SetLastError(STATUS_ACCESS_VIOLATION);
+        ret = FALSE;
+    }
+    __ENDTRY
+    return ret;
+}
+
 static CryptEncodeObjectExFunc CRYPT_GetBuiltinEncoder(DWORD dwCertEncodingType,
  LPCSTR lpszStructType)
 {
@@ -4807,6 +4834,9 @@ static CryptEncodeObjectExFunc CRYPT_GetBuiltinEncoder(DWORD dwCertEncodingType,
         case LOWORD(OCSP_REQUEST):
             encodeFunc = CRYPT_AsnEncodeOCSPRequest;
             break;
+        case LOWORD(OCSP_SIGNED_REQUEST):
+            encodeFunc = CRYPT_AsnEncodeOCSPSignedRequest;
+            break;
         default:
             FIXME("Unimplemented encoder for lpszStructType OID %d\n", LOWORD(lpszStructType));
         }
diff --git a/dlls/crypt32/tests/encode.c b/dlls/crypt32/tests/encode.c
index 747b4a7d18f..c47fd823673 100644
--- a/dlls/crypt32/tests/encode.c
+++ b/dlls/crypt32/tests/encode.c
@@ -8667,6 +8667,14 @@ static void test_encodeOCSPRequestInfo(DWORD dwEncoding)
          0x0c, 0x0b, 0x4e, 0xc0, 0x09, 0x8a, 0xab, 0xd8, 0x04, 0x14, 0xb7, 0x6b, 0xa2, 0xea, 0xa8, 0xaa,
          0x84, 0x8c, 0x79, 0xea, 0xb4, 0xda, 0x0f, 0x98, 0xb2, 0xc5, 0x95, 0x76, 0xb9, 0xf4, 0x02, 0x10,
          0xb1, 0xc1, 0x87, 0x54, 0x54, 0xac, 0x1e, 0x55, 0x40, 0xfb, 0xef, 0xd9, 0x6d, 0x8f, 0x49, 0x08};
+    static const BYTE expected4[] =
+        {0x30, 0x6a, 0x30, 0x68, 0xa1, 0x17, 0x82, 0x15, 0x2a, 0x2e, 0x63, 0x6d, 0x2e, 0x73, 0x74, 0x65,
+         0x61, 0x6d, 0x70, 0x6f, 0x77, 0x65, 0x72, 0x65, 0x64, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x4d, 0x30,
+         0x4b, 0x30, 0x49, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14,
+         0xe4, 0xe3, 0x95, 0xa2, 0x29, 0xd3, 0xd4, 0xc1, 0xc3, 0x1f, 0xf0, 0x98, 0x0c, 0x0b, 0x4e, 0xc0,
+         0x09, 0x8a, 0xab, 0xd8, 0x04, 0x14, 0xb7, 0x6b, 0xa2, 0xea, 0xa8, 0xaa, 0x84, 0x8c, 0x79, 0xea,
+         0xb4, 0xda, 0x0f, 0x98, 0xb2, 0xc5, 0x95, 0x76, 0xb9, 0xf4, 0x02, 0x10, 0xb1, 0xc1, 0x87, 0x54,
+         0x54, 0xac, 0x1e, 0x55, 0x40, 0xfb, 0xef, 0xd9, 0x6d, 0x8f, 0x49, 0x08};
     static const BYTE issuer_name[] =
         {0xe4, 0xe3 ,0x95, 0xa2, 0x29, 0xd3, 0xd4, 0xc1, 0xc3, 0x1f, 0xf0, 0x98, 0x0c, 0x0b, 0x4e, 0xc0,
          0x09, 0x8a, 0xab, 0xd8};
@@ -8678,8 +8686,9 @@ static void test_encodeOCSPRequestInfo(DWORD dwEncoding)
     OCSP_REQUEST_ENTRY entry[2];
     CERT_ALT_NAME_ENTRY name;
     OCSP_REQUEST_INFO info;
+    OCSP_SIGNED_REQUEST_INFO info_signed;
     DWORD size;
-    BYTE *buf;
+    BYTE *buf, *buf2;
     BOOL ret;
 
     memset(&entry, 0, sizeof(entry));
@@ -8707,7 +8716,20 @@ static void test_encodeOCSPRequestInfo(DWORD dwEncoding)
     ok(ret, "got %08lx\n", GetLastError());
     ok(size == sizeof(expected), "got %lu\n", size);
     ok(!memcmp(buf, expected, sizeof(expected)), "unexpected value\n");
+
+    /* wrapped in OCSP_SIGNED_REQUEST_INFO */
+    info_signed.ToBeSigned.cbData      = size;
+    info_signed.ToBeSigned.pbData      = buf;
+    info_signed.pOptionalSignatureInfo = NULL;
+    size = 0;
+    SetLastError(0xdeadbeef);
+    ret = pCryptEncodeObjectEx(dwEncoding, OCSP_SIGNED_REQUEST, &info_signed, CRYPT_ENCODE_ALLOC_FLAG, NULL,
+                               &buf2, &size);
+    ok(ret, "got %08lx\n", GetLastError());
+    ok(size == sizeof(expected4), "got %lu\n", size);
+    ok(!memcmp(buf2, expected4, sizeof(expected4)), "unexpected value\n");
     LocalFree(buf);
+    LocalFree(buf2);
 
     /* two entries */
     entry[1].CertId.HashAlgorithm.pszObjId = (char *)szOID_OIWSEC_sha1;
-- 
2.30.2


