crypt32: Separate construction of signer handles from signer info.
This commit is contained in:
Juan Lang
Alexandre Julliard
parent
c4dd74d84c
commit
bfbc159d1e
|
|
@ -617,14 +617,6 @@ static BOOL CRYPT_IsValidSigner(CMSG_SIGNER_ENCODE_INFO_WITH_CMS *signer)
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
typedef struct _CSignerHandles
|
|
||||||
{
|
|
||||||
HCRYPTPROV prov;
|
|
||||||
HCRYPTHASH contentHash;
|
|
||||||
HCRYPTHASH authAttrHash;
|
|
||||||
HCRYPTKEY key;
|
|
||||||
} CSignerHandles;
|
|
||||||
|
|
||||||
static BOOL CRYPT_ConstructBlob(CRYPT_DATA_BLOB *out, const CRYPT_DATA_BLOB *in)
|
static BOOL CRYPT_ConstructBlob(CRYPT_DATA_BLOB *out, const CRYPT_DATA_BLOB *in)
|
||||||
{
|
{
|
||||||
BOOL ret = TRUE;
|
BOOL ret = TRUE;
|
||||||
|
|
@ -722,62 +714,33 @@ static BOOL CRYPT_ConstructAttributes(CRYPT_ATTRIBUTES *out,
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Constructs a CSignerHandles with a copy of crypt_prov (not add-ref'ed - the
|
/* Constructs a CMSG_SIGNER_INFO from a CMSG_SIGNER_ENCODE_INFO_WITH_CMS. */
|
||||||
* caller must do this if necessary), a hash handle based on HashAlgorithm, and
|
static BOOL CSignerInfo_Construct(CMSG_SIGNER_INFO *info,
|
||||||
* an authenticated attributes hash handle if hasAuthAttrs is TRUE.
|
CMSG_SIGNER_ENCODE_INFO_WITH_CMS *in)
|
||||||
*/
|
|
||||||
static BOOL CSignerHandles_Construct(CSignerHandles *handles,
|
|
||||||
HCRYPTPROV crypt_prov, CRYPT_ALGORITHM_IDENTIFIER *HashAlgorithm,
|
|
||||||
BOOL hasAuthAttrs)
|
|
||||||
{
|
|
||||||
ALG_ID algID;
|
|
||||||
BOOL ret;
|
|
||||||
|
|
||||||
handles->prov = crypt_prov;
|
|
||||||
algID = CertOIDToAlgId(HashAlgorithm->pszObjId);
|
|
||||||
ret = CryptCreateHash(handles->prov, algID, 0, 0, &handles->contentHash);
|
|
||||||
if (ret && hasAuthAttrs)
|
|
||||||
ret = CryptCreateHash(handles->prov, algID, 0, 0,
|
|
||||||
&handles->authAttrHash);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Constructs both a CSignerHandles and a CMSG_SIGNER_INFO from a
|
|
||||||
* CMSG_SIGNER_ENCODE_INFO_WITH_CMS.
|
|
||||||
*/
|
|
||||||
static BOOL CSignerInfo_Construct(CSignerHandles *handles,
|
|
||||||
CMSG_SIGNER_INFO *info, CMSG_SIGNER_ENCODE_INFO_WITH_CMS *in, DWORD open_flags)
|
|
||||||
{
|
{
|
||||||
BOOL ret;
|
BOOL ret;
|
||||||
|
|
||||||
if (!(open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG))
|
/* Note: needs to change if CMS fields are supported */
|
||||||
CryptContextAddRef(in->hCryptProv, NULL, 0);
|
info->dwVersion = CMSG_SIGNER_INFO_V1;
|
||||||
ret = CSignerHandles_Construct(handles, in->hCryptProv, &in->HashAlgorithm,
|
ret = CRYPT_ConstructBlob(&info->Issuer, &in->pCertInfo->Issuer);
|
||||||
in->cAuthAttr > 0);
|
|
||||||
if (ret)
|
if (ret)
|
||||||
{
|
ret = CRYPT_ConstructBlob(&info->SerialNumber,
|
||||||
/* Note: needs to change if CMS fields are supported */
|
&in->pCertInfo->SerialNumber);
|
||||||
info->dwVersion = CMSG_SIGNER_INFO_V1;
|
/* Assumption: algorithm IDs will point to static strings, not
|
||||||
ret = CRYPT_ConstructBlob(&info->Issuer, &in->pCertInfo->Issuer);
|
* stack-based ones, so copying the pointer values is safe.
|
||||||
if (ret)
|
*/
|
||||||
ret = CRYPT_ConstructBlob(&info->SerialNumber,
|
info->HashAlgorithm.pszObjId = in->HashAlgorithm.pszObjId;
|
||||||
&in->pCertInfo->SerialNumber);
|
if (ret)
|
||||||
/* Assumption: algorithm IDs will point to static strings, not
|
ret = CRYPT_ConstructBlob(&info->HashAlgorithm.Parameters,
|
||||||
* stack-based ones, so copying the pointer values is safe.
|
&in->HashAlgorithm.Parameters);
|
||||||
*/
|
memset(&info->HashEncryptionAlgorithm, 0,
|
||||||
info->HashAlgorithm.pszObjId = in->HashAlgorithm.pszObjId;
|
sizeof(info->HashEncryptionAlgorithm));
|
||||||
if (ret)
|
if (ret)
|
||||||
ret = CRYPT_ConstructBlob(&info->HashAlgorithm.Parameters,
|
ret = CRYPT_ConstructAttributes(&info->AuthAttrs,
|
||||||
&in->HashAlgorithm.Parameters);
|
(CRYPT_ATTRIBUTES *)&in->cAuthAttr);
|
||||||
memset(&info->HashEncryptionAlgorithm, 0,
|
if (ret)
|
||||||
sizeof(info->HashEncryptionAlgorithm));
|
ret = CRYPT_ConstructAttributes(&info->UnauthAttrs,
|
||||||
if (ret)
|
(CRYPT_ATTRIBUTES *)&in->cUnauthAttr);
|
||||||
ret = CRYPT_ConstructAttributes(&info->AuthAttrs,
|
|
||||||
(CRYPT_ATTRIBUTES *)&in->cAuthAttr);
|
|
||||||
if (ret)
|
|
||||||
ret = CRYPT_ConstructAttributes(&info->UnauthAttrs,
|
|
||||||
(CRYPT_ATTRIBUTES *)&in->cUnauthAttr);
|
|
||||||
}
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -807,6 +770,14 @@ static void CSignerInfo_Free(CMSG_SIGNER_INFO *info)
|
||||||
CryptMemFree(info->UnauthAttrs.rgAttr);
|
CryptMemFree(info->UnauthAttrs.rgAttr);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
typedef struct _CSignerHandles
|
||||||
|
{
|
||||||
|
HCRYPTPROV prov;
|
||||||
|
HCRYPTHASH contentHash;
|
||||||
|
HCRYPTHASH authAttrHash;
|
||||||
|
HCRYPTKEY key;
|
||||||
|
} CSignerHandles;
|
||||||
|
|
||||||
typedef struct _CSignedMsgData
|
typedef struct _CSignedMsgData
|
||||||
{
|
{
|
||||||
CRYPT_SIGNED_INFO *info;
|
CRYPT_SIGNED_INFO *info;
|
||||||
|
|
@ -820,6 +791,26 @@ typedef struct _CSignedEncodeMsg
|
||||||
CSignedMsgData msg_data;
|
CSignedMsgData msg_data;
|
||||||
} CSignedEncodeMsg;
|
} CSignedEncodeMsg;
|
||||||
|
|
||||||
|
/* Constructs a CSignerHandles with a copy of crypt_prov (not add-ref'ed - the
|
||||||
|
* caller must do this if necessary), a hash handle based on HashAlgorithm, and
|
||||||
|
* an authenticated attributes hash handle if hasAuthAttrs is TRUE.
|
||||||
|
*/
|
||||||
|
static BOOL CSignerHandles_Construct(CSignerHandles *handles,
|
||||||
|
HCRYPTPROV crypt_prov, CRYPT_ALGORITHM_IDENTIFIER *HashAlgorithm,
|
||||||
|
BOOL hasAuthAttrs)
|
||||||
|
{
|
||||||
|
ALG_ID algID;
|
||||||
|
BOOL ret;
|
||||||
|
|
||||||
|
handles->prov = crypt_prov;
|
||||||
|
algID = CertOIDToAlgId(HashAlgorithm->pszObjId);
|
||||||
|
ret = CryptCreateHash(handles->prov, algID, 0, 0, &handles->contentHash);
|
||||||
|
if (ret && hasAuthAttrs)
|
||||||
|
ret = CryptCreateHash(handles->prov, algID, 0, 0,
|
||||||
|
&handles->authAttrHash);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
static void CSignedMsgData_CloseHandles(CSignedMsgData *msg_data)
|
static void CSignedMsgData_CloseHandles(CSignedMsgData *msg_data)
|
||||||
{
|
{
|
||||||
DWORD i;
|
DWORD i;
|
||||||
|
|
@ -1217,9 +1208,22 @@ static HCRYPTMSG CSignedEncodeMsg_Open(DWORD dwFlags,
|
||||||
memset(msg->msg_data.info->rgSignerInfo, 0,
|
memset(msg->msg_data.info->rgSignerInfo, 0,
|
||||||
msg->msg_data.info->cSignerInfo * sizeof(CMSG_SIGNER_INFO));
|
msg->msg_data.info->cSignerInfo * sizeof(CMSG_SIGNER_INFO));
|
||||||
for (i = 0; ret && i < msg->msg_data.info->cSignerInfo; i++)
|
for (i = 0; ret && i < msg->msg_data.info->cSignerInfo; i++)
|
||||||
ret = CSignerInfo_Construct(&msg->msg_data.signerHandles[i],
|
{
|
||||||
|
ret = CSignerInfo_Construct(
|
||||||
&msg->msg_data.info->rgSignerInfo[i],
|
&msg->msg_data.info->rgSignerInfo[i],
|
||||||
&info->rgSigners[i], dwFlags);
|
&info->rgSigners[i]);
|
||||||
|
if (ret)
|
||||||
|
{
|
||||||
|
if (!(dwFlags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG))
|
||||||
|
CryptContextAddRef(info->rgSigners[i].hCryptProv,
|
||||||
|
NULL, 0);
|
||||||
|
ret = CSignerHandles_Construct(
|
||||||
|
&msg->msg_data.signerHandles[i],
|
||||||
|
info->rgSigners[i].hCryptProv,
|
||||||
|
&info->rgSigners[i].HashAlgorithm,
|
||||||
|
info->rgSigners[i].cAuthAttr > 0);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
ret = FALSE;
|
ret = FALSE;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue