cryptnet: Implement CryptRetrieveObjectByUrlW for the file: protocol.

2007-10-22 10:22:16 -07:00 · 2007-10-22 10:22:16 -07:00 · 681a408aa6
parent 1fbb0f6a5a
commit 681a408aa6
3 changed files with 551 additions and 15 deletions
--- a/dlls/cryptnet/Makefile.in
+++ b/dlls/cryptnet/Makefile.in
@ -5,6 +5,7 @@ VPATH     = @srcdir@
 MODULE    = cryptnet.dll
 IMPORTLIB = libcryptnet.$(IMPLIBEXT)
 IMPORTS   = crypt32 kernel32
+DELAYIMPORTS = wininet

 C_SRCS = \
 	cryptnet_main.c
--- a/dlls/cryptnet/cryptnet_main.c
+++ b/dlls/cryptnet/cryptnet_main.c
@ -25,6 +25,7 @@
 #include "winbase.h"
 #include "winnt.h"
 #include "winnls.h"
+#include "wininet.h"
 #define NONAMELESSUNION
 #include "wincrypt.h"

@ -330,6 +331,516 @@ BOOL WINAPI CryptRetrieveObjectByUrlA(LPCSTR pszURL, LPCSTR pszObjectOid,
    return ret;
 }

+static void WINAPI CRYPT_FreeBlob(LPCSTR pszObjectOid,
+ PCRYPT_BLOB_ARRAY pObject, void *pvFreeContext)
+{
+    DWORD i;
+
+    for (i = 0; i < pObject->cBlob; i++)
+        CryptMemFree(pObject->rgBlob[i].pbData);
+    CryptMemFree(pObject->rgBlob);
+}
+
+static BOOL WINAPI FTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
+ LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
+ PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
+ void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
+ PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
+{
+    FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
+     debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
+     ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
+
+    pObject->cBlob = 0;
+    pObject->rgBlob = NULL;
+    *ppfnFreeObject = CRYPT_FreeBlob;
+    *ppvFreeContext = NULL;
+    return FALSE;
+}
+
+static BOOL WINAPI HTTP_RetrieveEncodedObjectW(LPCWSTR pszURL,
+ LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
+ PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
+ void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
+ PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
+{
+    FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
+     debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
+     ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
+
+    pObject->cBlob = 0;
+    pObject->rgBlob = NULL;
+    *ppfnFreeObject = CRYPT_FreeBlob;
+    *ppvFreeContext = NULL;
+    return FALSE;
+}
+
+static BOOL WINAPI File_RetrieveEncodedObjectW(LPCWSTR pszURL,
+ LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
+ PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
+ void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
+ PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
+{
+    URL_COMPONENTSW components = { sizeof(components), 0 };
+    BOOL ret;
+
+    TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
+     debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, pObject,
+     ppfnFreeObject, ppvFreeContext, hAsyncRetrieve, pCredentials, pAuxInfo);
+
+    pObject->cBlob = 0;
+    pObject->rgBlob = NULL;
+    *ppfnFreeObject = CRYPT_FreeBlob;
+    *ppvFreeContext = NULL;
+
+    components.dwUrlPathLength = 1;
+    ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
+    if (ret)
+    {
+        LPWSTR path;
+
+        /* 3 == lstrlenW(L"c:") + 1 */
+        path = CryptMemAlloc((components.dwUrlPathLength + 3) * sizeof(WCHAR));
+        if (path)
+        {
+            HANDLE hFile;
+
+            /* Try to create the file directly - Wine handles / in pathnames */
+            lstrcpynW(path, components.lpszUrlPath,
+             components.dwUrlPathLength + 1);
+            hFile = CreateFileW(path, GENERIC_READ, 0, NULL, OPEN_EXISTING,
+             FILE_ATTRIBUTE_NORMAL, NULL);
+            if (hFile == INVALID_HANDLE_VALUE)
+            {
+                /* Try again on the current drive */
+                GetCurrentDirectoryW(components.dwUrlPathLength, path);
+                if (path[1] == ':')
+                {
+                    lstrcpynW(path + 2, components.lpszUrlPath,
+                     components.dwUrlPathLength + 1);
+                    hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
+                     OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
+                }
+                if (hFile == INVALID_HANDLE_VALUE)
+                {
+                    /* Try again on the Windows drive */
+                    GetWindowsDirectoryW(path, components.dwUrlPathLength);
+                    if (path[1] == ':')
+                    {
+                        lstrcpynW(path + 2, components.lpszUrlPath,
+                         components.dwUrlPathLength + 1);
+                        hFile = CreateFileW(path, GENERIC_READ, 0, NULL,
+                         OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
+                    }
+                }
+            }
+            if (hFile != INVALID_HANDLE_VALUE)
+            {
+                LARGE_INTEGER size;
+
+                if ((ret = GetFileSizeEx(hFile, &size)))
+                {
+                    if (size.HighPart)
+                    {
+                        WARN("file too big\n");
+                        SetLastError(ERROR_INVALID_DATA);
+                        ret = FALSE;
+                    }
+                    else
+                    {
+                        CRYPT_DATA_BLOB blob;
+
+                        blob.pbData = CryptMemAlloc(size.LowPart);
+                        if (blob.pbData)
+                        {
+                            blob.cbData = size.LowPart;
+                            ret = ReadFile(hFile, blob.pbData, size.LowPart,
+                             &blob.cbData, NULL);
+                            if (ret)
+                            {
+                                pObject->rgBlob =
+                                 CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
+                                if (pObject->rgBlob)
+                                {
+                                    pObject->cBlob = 1;
+                                    memcpy(pObject->rgBlob, &blob,
+                                     sizeof(CRYPT_DATA_BLOB));
+                                }
+                                else
+                                {
+                                    SetLastError(ERROR_OUTOFMEMORY);
+                                    ret = FALSE;
+                                }
+                            }
+                            if (!ret)
+                                CryptMemFree(blob.pbData);
+                            else
+                            {
+                                if (pAuxInfo && pAuxInfo->cbSize >=
+                                 offsetof(CRYPT_RETRIEVE_AUX_INFO,
+                                 pLastSyncTime) + sizeof(PFILETIME) &&
+                                 pAuxInfo->pLastSyncTime)
+                                    GetFileTime(hFile, NULL, NULL,
+                                     pAuxInfo->pLastSyncTime);
+                            }
+                        }
+                        else
+                        {
+                            SetLastError(ERROR_OUTOFMEMORY);
+                            ret = FALSE;
+                        }
+                    }
+                }
+                CloseHandle(hFile);
+            }
+            else
+                ret = FALSE;
+            CryptMemFree(path);
+        }
+    }
+    return ret;
+}
+
+typedef BOOL (WINAPI *SchemeDllRetrieveEncodedObjectW)(LPCWSTR pwszUrl,
+ LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
+ PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
+ void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
+ PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
+
+static BOOL CRYPT_GetRetrieveFunction(LPCWSTR pszURL,
+ SchemeDllRetrieveEncodedObjectW *pFunc, HCRYPTOIDFUNCADDR *phFunc)
+{
+    URL_COMPONENTSW components = { sizeof(components), 0 };
+    BOOL ret;
+
+    *pFunc = NULL;
+    *phFunc = 0;
+    components.dwSchemeLength = 1;
+    ret = InternetCrackUrlW(pszURL, 0, ICU_DECODE, &components);
+    if (ret)
+    {
+        /* Microsoft always uses CryptInitOIDFunctionSet/
+         * CryptGetOIDFunctionAddress, but there doesn't seem to be a pressing
+         * reason to do so for builtin schemes.
+         */
+        switch (components.nScheme)
+        {
+        case INTERNET_SCHEME_FTP:
+            *pFunc = FTP_RetrieveEncodedObjectW;
+            break;
+        case INTERNET_SCHEME_HTTP:
+            *pFunc = HTTP_RetrieveEncodedObjectW;
+            break;
+        case INTERNET_SCHEME_FILE:
+            *pFunc = File_RetrieveEncodedObjectW;
+            break;
+        default:
+        {
+            int len = WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
+             components.dwSchemeLength, NULL, 0, NULL, NULL);
+
+            if (len)
+            {
+                LPSTR scheme = CryptMemAlloc(len);
+
+                if (scheme)
+                {
+                    static HCRYPTOIDFUNCSET set = NULL;
+
+                    if (!set)
+                        set = CryptInitOIDFunctionSet(
+                         SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC, 0);
+                    WideCharToMultiByte(CP_ACP, 0, components.lpszScheme,
+                     components.dwSchemeLength, scheme, len, NULL, NULL);
+                    ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING,
+                     scheme, 0, (void **)pFunc, phFunc);
+                    CryptMemFree(scheme);
+                }
+                else
+                {
+                    SetLastError(ERROR_OUTOFMEMORY);
+                    ret = FALSE;
+                }
+            }
+            else
+                ret = FALSE;
+        }
+        }
+    }
+    return ret;
+}
+
+static BOOL WINAPI CRYPT_CreateBlob(LPCSTR pszObjectOid,
+ DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
+{
+    DWORD size, i;
+    CRYPT_BLOB_ARRAY *context;
+    BOOL ret = FALSE;
+
+    size = sizeof(CRYPT_BLOB_ARRAY) + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
+    for (i = 0; i < pObject->cBlob; i++)
+        size += pObject->rgBlob[i].cbData;
+    context = CryptMemAlloc(size);
+    if (context)
+    {
+        LPBYTE nextData;
+
+        context->cBlob = 0;
+        context->rgBlob =
+         (CRYPT_DATA_BLOB *)((LPBYTE)context + sizeof(CRYPT_BLOB_ARRAY));
+        nextData =
+         (LPBYTE)context->rgBlob + pObject->cBlob * sizeof(CRYPT_DATA_BLOB);
+        for (i = 0; i < pObject->cBlob; i++)
+        {
+            memcpy(nextData, pObject->rgBlob[i].pbData,
+             pObject->rgBlob[i].cbData);
+            context->rgBlob[i].pbData = nextData;
+            context->rgBlob[i].cbData = pObject->rgBlob[i].cbData;
+            nextData += pObject->rgBlob[i].cbData;
+            context->cBlob++;
+        }
+        *ppvContext = context;
+        ret = TRUE;
+    }
+    return ret;
+}
+
+typedef BOOL (WINAPI *AddContextToStore)(HCERTSTORE hCertStore,
+ const void *pContext, DWORD dwAddDisposition, const void **ppStoreContext);
+
+static BOOL CRYPT_CreateContext(PCRYPT_BLOB_ARRAY pObject,
+ DWORD dwExpectedContentTypeFlags, AddContextToStore addFunc, void **ppvContext)
+{
+    BOOL ret = TRUE;
+
+    if (!pObject->cBlob)
+    {
+        SetLastError(ERROR_INVALID_DATA);
+        *ppvContext = NULL;
+        ret = FALSE;
+    }
+    else if (pObject->cBlob == 1)
+    {
+        if (!CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
+         dwExpectedContentTypeFlags, CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL,
+         NULL, NULL, NULL, NULL, (const void **)ppvContext))
+        {
+            SetLastError(CRYPT_E_NO_MATCH);
+            ret = FALSE;
+        }
+    }
+    else
+    {
+        HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
+         CERT_STORE_CREATE_NEW_FLAG, NULL);
+
+        if (store)
+        {
+            DWORD i;
+            const void *context;
+
+            for (i = 0; i < pObject->cBlob; i++)
+            {
+                if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
+                 &pObject->rgBlob[i], dwExpectedContentTypeFlags,
+                 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, NULL, NULL, NULL,
+                 NULL, &context))
+                {
+                    if (!addFunc(store, context, CERT_STORE_ADD_ALWAYS, NULL))
+                        ret = FALSE;
+                }
+                else
+                {
+                    SetLastError(CRYPT_E_NO_MATCH);
+                    ret = FALSE;
+                }
+            }
+        }
+        else
+            ret = FALSE;
+        *ppvContext = store;
+    }
+    return ret;
+}
+
+static BOOL WINAPI CRYPT_CreateCert(LPCSTR pszObjectOid,
+ DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
+{
+    return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CERT,
+     (AddContextToStore)CertAddCertificateContextToStore, ppvContext);
+}
+
+static BOOL WINAPI CRYPT_CreateCRL(LPCSTR pszObjectOid,
+ DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
+{
+    return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CRL,
+     (AddContextToStore)CertAddCRLContextToStore, ppvContext);
+}
+
+static BOOL WINAPI CRYPT_CreateCTL(LPCSTR pszObjectOid,
+ DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
+{
+    return CRYPT_CreateContext(pObject, CERT_QUERY_CONTENT_FLAG_CTL,
+     (AddContextToStore)CertAddCTLContextToStore, ppvContext);
+}
+
+static BOOL WINAPI CRYPT_CreatePKCS7(LPCSTR pszObjectOid,
+ DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
+{
+    BOOL ret;
+
+    if (!pObject->cBlob)
+    {
+        SetLastError(ERROR_INVALID_DATA);
+        *ppvContext = NULL;
+        ret = FALSE;
+    }
+    else if (pObject->cBlob == 1)
+        ret = CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &pObject->rgBlob[0],
+         CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
+         CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED, CERT_QUERY_FORMAT_FLAG_BINARY,
+         0, NULL, NULL, NULL, (HCERTSTORE *)ppvContext, NULL, NULL);
+    else
+    {
+        FIXME("multiple messages unimplemented\n");
+        ret = FALSE;
+    }
+    return ret;
+}
+
+static BOOL WINAPI CRYPT_CreateAny(LPCSTR pszObjectOid,
+ DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext)
+{
+    BOOL ret;
+
+    if (!pObject->cBlob)
+    {
+        SetLastError(ERROR_INVALID_DATA);
+        *ppvContext = NULL;
+        ret = FALSE;
+    }
+    else
+    {
+        HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
+         CERT_STORE_CREATE_NEW_FLAG, NULL);
+
+        if (store)
+        {
+            HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
+             CERT_STORE_CREATE_NEW_FLAG, NULL);
+
+            if (memStore)
+            {
+                CertAddStoreToCollection(store, memStore,
+                 CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 0);
+                CertCloseStore(memStore, 0);
+            }
+            else
+            {
+                CertCloseStore(store, 0);
+                store = NULL;
+            }
+        }
+        if (store)
+        {
+            DWORD i;
+
+            ret = TRUE;
+            for (i = 0; i < pObject->cBlob; i++)
+            {
+                DWORD contentType, expectedContentTypes =
+                 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
+                 CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED |
+                 CERT_QUERY_CONTENT_FLAG_CERT |
+                 CERT_QUERY_CONTENT_FLAG_CRL |
+                 CERT_QUERY_CONTENT_FLAG_CTL;
+                HCERTSTORE contextStore;
+                const void *context;
+
+                if (CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
+                 &pObject->rgBlob[i], expectedContentTypes,
+                 CERT_QUERY_FORMAT_FLAG_BINARY, 0, NULL, &contentType, NULL,
+                 &contextStore, NULL, &context))
+                {
+                    switch (contentType)
+                    {
+                    case CERT_QUERY_CONTENT_CERT:
+                        if (!CertAddCertificateContextToStore(store,
+                         (PCCERT_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
+                            ret = FALSE;
+                        break;
+                    case CERT_QUERY_CONTENT_CRL:
+                        if (!CertAddCRLContextToStore(store,
+                         (PCCRL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
+                             ret = FALSE;
+                        break;
+                    case CERT_QUERY_CONTENT_CTL:
+                        if (!CertAddCTLContextToStore(store,
+                         (PCCTL_CONTEXT)context, CERT_STORE_ADD_ALWAYS, NULL))
+                             ret = FALSE;
+                        break;
+                    default:
+                        CertAddStoreToCollection(store, contextStore, 0, 0);
+                    }
+                }
+                else
+                    ret = FALSE;
+            }
+        }
+        else
+            ret = FALSE;
+        *ppvContext = store;
+    }
+    return ret;
+}
+
+typedef BOOL (WINAPI *ContextDllCreateObjectContext)(LPCSTR pszObjectOid,
+ DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContext);
+
+static BOOL CRYPT_GetCreateFunction(LPCSTR pszObjectOid,
+ ContextDllCreateObjectContext *pFunc, HCRYPTOIDFUNCADDR *phFunc)
+{
+    BOOL ret = TRUE;
+
+    *pFunc = NULL;
+    *phFunc = 0;
+    if (!HIWORD(pszObjectOid))
+    {
+        switch (LOWORD(pszObjectOid))
+        {
+        case 0:
+            *pFunc = CRYPT_CreateBlob;
+            break;
+        case LOWORD(CONTEXT_OID_CERTIFICATE):
+            *pFunc = CRYPT_CreateCert;
+            break;
+        case LOWORD(CONTEXT_OID_CRL):
+            *pFunc = CRYPT_CreateCRL;
+            break;
+        case LOWORD(CONTEXT_OID_CTL):
+            *pFunc = CRYPT_CreateCTL;
+            break;
+        case LOWORD(CONTEXT_OID_PKCS7):
+            *pFunc = CRYPT_CreatePKCS7;
+            break;
+        case LOWORD(CONTEXT_OID_CAPI2_ANY):
+            *pFunc = CRYPT_CreateAny;
+            break;
+        }
+    }
+    if (!*pFunc)
+    {
+        static HCRYPTOIDFUNCSET set = NULL;
+
+        if (!set)
+            set = CryptInitOIDFunctionSet(
+             CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC, 0);
+        ret = CryptGetOIDFunctionAddress(set, X509_ASN_ENCODING, pszObjectOid,
+         0, (void **)pFunc, phFunc);
+    }
+    return ret;
+}
+
 /***********************************************************************
 *    CryptRetrieveObjectByUrlW (CRYPTNET.@)
 */
@ -338,10 +849,43 @@ BOOL WINAPI CryptRetrieveObjectByUrlW(LPCWSTR pszURL, LPCSTR pszObjectOid,
 HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify,
 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
 {
-    FIXME("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
+    BOOL ret;
+    SchemeDllRetrieveEncodedObjectW retrieve;
+    ContextDllCreateObjectContext create;
+    HCRYPTOIDFUNCADDR hRetrieve = 0, hCreate = 0;
+
+    TRACE("(%s, %s, %08x, %d, %p, %p, %p, %p, %p)\n", debugstr_w(pszURL),
     debugstr_a(pszObjectOid), dwRetrievalFlags, dwTimeout, ppvObject,
     hAsyncRetrieve, pCredentials, pvVerify, pAuxInfo);
+
+    if (!pszURL)
+    {
+        SetLastError(ERROR_INVALID_PARAMETER);
        return FALSE;
+    }
+    ret = CRYPT_GetRetrieveFunction(pszURL, &retrieve, &hRetrieve);
+    if (ret)
+        ret = CRYPT_GetCreateFunction(pszObjectOid, &create, &hCreate);
+    if (ret)
+    {
+        CRYPT_BLOB_ARRAY object = { 0, NULL };
+        PFN_FREE_ENCODED_OBJECT_FUNC freeObject;
+        void *freeContext;
+
+        ret = retrieve(pszURL, pszObjectOid, dwRetrievalFlags, dwTimeout,
+         &object, &freeObject, &freeContext, hAsyncRetrieve, pCredentials,
+         pAuxInfo);
+        if (ret)
+        {
+            ret = create(pszObjectOid, dwRetrievalFlags, &object, ppvObject);
+            freeObject(pszObjectOid, &object, freeContext);
+        }
+    }
+    if (hCreate)
+        CryptFreeOIDFunctionAddress(hCreate, 0);
+    if (hRetrieve)
+        CryptFreeOIDFunctionAddress(hRetrieve, 0);
+    return ret;
 }

 /***********************************************************************
--- a/dlls/cryptnet/tests/cryptnet.c
+++ b/dlls/cryptnet/tests/cryptnet.c
@ -286,9 +286,7 @@ static void test_retrieveObjectByUrl(void)
    pBlobArray = (CRYPT_BLOB_ARRAY *)0xdeadbeef;
    ret = CryptRetrieveObjectByUrlA(url, NULL, 0, 0, (void **)&pBlobArray,
     NULL, NULL, NULL, NULL);
-    todo_wine
    ok(ret, "CryptRetrieveObjectByUrlA failed: %d\n", GetLastError());
-    todo_wine
    ok(pBlobArray && pBlobArray != (CRYPT_BLOB_ARRAY *)0xdeadbeef,
     "Expected a valid pointer\n");
    if (pBlobArray && pBlobArray != (CRYPT_BLOB_ARRAY *)0xdeadbeef)
@ -302,7 +300,6 @@ static void test_retrieveObjectByUrl(void)
    cert = (PCCERT_CONTEXT)0xdeadbeef;
    ret = CryptRetrieveObjectByUrlA(url, CONTEXT_OID_CERTIFICATE, 0, 0,
     (void **)&cert, NULL, NULL, NULL, NULL);
-    todo_wine
    ok(cert && cert != (PCCERT_CONTEXT)0xdeadbeef, "Expected a cert\n");
    if (cert && cert != (PCCERT_CONTEXT)0xdeadbeef)
        CertFreeCertificateContext(cert);
@ -310,17 +307,14 @@ static void test_retrieveObjectByUrl(void)
    SetLastError(0xdeadbeef);
    ret = CryptRetrieveObjectByUrlA(url, CONTEXT_OID_CRL, 0, 0, (void **)&crl,
     NULL, NULL, NULL, NULL);
-    todo_wine
    ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
     "Expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
-    todo_wine
    ok(crl == NULL, "Expected CRL to be NULL\n");
    if (crl && crl != (PCCRL_CONTEXT)0xdeadbeef)
        CertFreeCRLContext(crl);
    store = (HCERTSTORE)0xdeadbeef;
    ret = CryptRetrieveObjectByUrlA(url, CONTEXT_OID_CAPI2_ANY, 0, 0,
     (void **)&store, NULL, NULL, NULL, NULL);
-    todo_wine
    ok(ret, "CryptRetrieveObjectByUrlA failed: %d\n", GetLastError());
    if (store && store != (HCERTSTORE)0xdeadbeef)
    {
@ -338,25 +332,21 @@ static void test_retrieveObjectByUrl(void)
    /* Are file URLs cached? */
    ret = CryptRetrieveObjectByUrlA(url, CONTEXT_OID_CERTIFICATE,
     CRYPT_CACHE_ONLY_RETRIEVAL, 0, (void **)&cert, NULL, NULL, NULL, NULL);
-    todo_wine
    ok(ret, "CryptRetrieveObjectByUrlA failed: %08x\n", GetLastError());
    if (cert && cert != (PCCERT_CONTEXT)0xdeadbeef)
        CertFreeCertificateContext(cert);
    ret = CryptRetrieveObjectByUrlA(url, CONTEXT_OID_CERTIFICATE, 0, 0,
     (void **)&cert, NULL, NULL, NULL, &aux);
-    todo_wine
    ok(ret, "CryptRetrieveObjectByUrlA failed: %08x\n", GetLastError());
    if (cert && cert != (PCCERT_CONTEXT)0xdeadbeef)
        CertFreeCertificateContext(cert);
    aux.cbSize = sizeof(aux);
    ret = CryptRetrieveObjectByUrlA(url, CONTEXT_OID_CERTIFICATE, 0, 0,
     (void **)&cert, NULL, NULL, NULL, &aux);
-    todo_wine
    ok(ret, "CryptRetrieveObjectByUrlA failed: %08x\n", GetLastError());
    aux.pLastSyncTime = &ft;
    ret = CryptRetrieveObjectByUrlA(url, CONTEXT_OID_CERTIFICATE, 0, 0,
     (void **)&cert, NULL, NULL, NULL, &aux);
-    todo_wine
    ok(ft.dwLowDateTime || ft.dwHighDateTime,
     "Expected last sync time to be set\n");
    DeleteFileA(tmpfile);
@ -364,9 +354,10 @@ static void test_retrieveObjectByUrl(void)
    SetLastError(0xdeadbeef);
    ret = CryptRetrieveObjectByUrlA(url, CONTEXT_OID_CERTIFICATE,
     CRYPT_CACHE_ONLY_RETRIEVAL, 0, (void **)&cert, NULL, NULL, NULL, NULL);
-    todo_wine
-    ok(!ret && GetLastError() == ERROR_FILE_NOT_FOUND,
-     "Expected ERROR_FILE_NOT_FOUND, got %d\n", GetLastError());
+    ok(!ret && (GetLastError() == ERROR_FILE_NOT_FOUND ||
+     GetLastError() == ERROR_PATH_NOT_FOUND),
+     "Expected ERROR_FILE_NOT_FOUND or ERROR_PATH_NOT_FOUND, got %d\n",
+     GetLastError());
 }

 START_TEST(cryptnet)