wintrust: Fix CryptSIPGetSignedMsg (from PE file).
This commit is contained in:
parent
3a6196b79e
commit
3a945c3987
|
@ -1016,16 +1016,27 @@ static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
|
||||||
{
|
{
|
||||||
BOOL ret;
|
BOOL ret;
|
||||||
WIN_CERTIFICATE *pCert = NULL;
|
WIN_CERTIFICATE *pCert = NULL;
|
||||||
|
HANDLE file;
|
||||||
|
|
||||||
TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
|
TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
|
||||||
pcbSignedDataMsg, pbSignedDataMsg);
|
pcbSignedDataMsg, pbSignedDataMsg);
|
||||||
|
|
||||||
|
if(pSubjectInfo->hFile && pSubjectInfo->hFile!=INVALID_HANDLE_VALUE)
|
||||||
|
file = pSubjectInfo->hFile;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
file = CreateFileW(pSubjectInfo->pwsFileName, GENERIC_READ,
|
||||||
|
FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
|
||||||
|
if(file == INVALID_HANDLE_VALUE)
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
if (!pbSignedDataMsg)
|
if (!pbSignedDataMsg)
|
||||||
{
|
{
|
||||||
WIN_CERTIFICATE cert;
|
WIN_CERTIFICATE cert;
|
||||||
|
|
||||||
/* app hasn't passed buffer, just get the length */
|
/* app hasn't passed buffer, just get the length */
|
||||||
ret = ImageGetCertificateHeader(pSubjectInfo->hFile, dwIndex, &cert);
|
ret = ImageGetCertificateHeader(file, dwIndex, &cert);
|
||||||
if (ret)
|
if (ret)
|
||||||
{
|
{
|
||||||
switch (cert.wCertificateType)
|
switch (cert.wCertificateType)
|
||||||
|
@ -1044,7 +1055,7 @@ static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
|
||||||
{
|
{
|
||||||
DWORD len = 0;
|
DWORD len = 0;
|
||||||
|
|
||||||
ret = ImageGetCertificateData(pSubjectInfo->hFile, dwIndex, NULL, &len);
|
ret = ImageGetCertificateData(file, dwIndex, NULL, &len);
|
||||||
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
|
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
|
||||||
goto error;
|
goto error;
|
||||||
pCert = HeapAlloc(GetProcessHeap(), 0, len);
|
pCert = HeapAlloc(GetProcessHeap(), 0, len);
|
||||||
|
@ -1053,10 +1064,10 @@ static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
|
||||||
ret = FALSE;
|
ret = FALSE;
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
ret = ImageGetCertificateData(pSubjectInfo->hFile, dwIndex, pCert,
|
ret = ImageGetCertificateData(file, dwIndex, pCert, &len);
|
||||||
&len);
|
|
||||||
if (!ret)
|
if (!ret)
|
||||||
goto error;
|
goto error;
|
||||||
|
pCert->dwLength -= FIELD_OFFSET(WIN_CERTIFICATE, bCertificate);
|
||||||
if (*pcbSignedDataMsg < pCert->dwLength)
|
if (*pcbSignedDataMsg < pCert->dwLength)
|
||||||
{
|
{
|
||||||
*pcbSignedDataMsg = pCert->dwLength;
|
*pcbSignedDataMsg = pCert->dwLength;
|
||||||
|
@ -1066,6 +1077,7 @@ static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
memcpy(pbSignedDataMsg, pCert->bCertificate, pCert->dwLength);
|
memcpy(pbSignedDataMsg, pCert->bCertificate, pCert->dwLength);
|
||||||
|
*pcbSignedDataMsg = pCert->dwLength;
|
||||||
switch (pCert->wCertificateType)
|
switch (pCert->wCertificateType)
|
||||||
{
|
{
|
||||||
case WIN_CERT_TYPE_X509:
|
case WIN_CERT_TYPE_X509:
|
||||||
|
@ -1083,6 +1095,8 @@ static BOOL WINTRUST_GetSignedMsgFromPEFile(SIP_SUBJECTINFO *pSubjectInfo,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
error:
|
error:
|
||||||
|
if(pSubjectInfo->hFile != file)
|
||||||
|
CloseHandle(file);
|
||||||
HeapFree(GetProcessHeap(), 0, pCert);
|
HeapFree(GetProcessHeap(), 0, pCert);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -1351,6 +1365,12 @@ BOOL WINAPI CryptSIPGetSignedDataMsg(SIP_SUBJECTINFO* pSubjectInfo, DWORD* pdwEn
|
||||||
TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
|
TRACE("(%p %p %d %p %p)\n", pSubjectInfo, pdwEncodingType, dwIndex,
|
||||||
pcbSignedDataMsg, pbSignedDataMsg);
|
pcbSignedDataMsg, pbSignedDataMsg);
|
||||||
|
|
||||||
|
if(!pSubjectInfo)
|
||||||
|
{
|
||||||
|
SetLastError(ERROR_INVALID_PARAMETER);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
if (!memcmp(pSubjectInfo->pgSubjectType, &unknown, sizeof(unknown)))
|
if (!memcmp(pSubjectInfo->pgSubjectType, &unknown, sizeof(unknown)))
|
||||||
ret = WINTRUST_GetSignedMsgFromPEFile(pSubjectInfo, pdwEncodingType,
|
ret = WINTRUST_GetSignedMsgFromPEFile(pSubjectInfo, pdwEncodingType,
|
||||||
dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
|
dwIndex, pcbSignedDataMsg, pbSignedDataMsg);
|
||||||
|
|
Loading…
Reference in New Issue