Module: wine Branch: master Commit: 85d2cbbe53e577daba7ca3f857e3e7226ecb6d1d URL: https://source.winehq.org/git/wine.git/?a=commit;h=85d2cbbe53e577daba7ca3f85...
Author: Hans Leidekker hans@codeweavers.com Date: Thu Mar 10 14:15:49 2022 +0100
crypt32: Add partial support for encoding signed OCSP requests.
Signed-off-by: Hans Leidekker hans@codeweavers.com Signed-off-by: Alexandre Julliard julliard@winehq.org
---
dlls/crypt32/encode.c | 30 ++++++++++++++++++++++++++++++ dlls/crypt32/tests/encode.c | 24 +++++++++++++++++++++++- 2 files changed, 53 insertions(+), 1 deletion(-)
diff --git a/dlls/crypt32/encode.c b/dlls/crypt32/encode.c index 3391e61679c..8086ad2fc0a 100644 --- a/dlls/crypt32/encode.c +++ b/dlls/crypt32/encode.c @@ -4664,6 +4664,33 @@ static BOOL WINAPI CRYPT_AsnEncodeOCSPRequest(DWORD dwCertEncodingType, return ret; }
+static BOOL WINAPI CRYPT_AsnEncodeOCSPSignedRequest(DWORD dwCertEncodingType, + LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags, + PCRYPT_ENCODE_PARA pEncodePara, BYTE *pbEncoded, DWORD *pcbEncoded) +{ + BOOL ret; + + __TRY + { + const OCSP_SIGNED_REQUEST_INFO *info = pvStructInfo; + struct AsnEncodeSequenceItem items[] = { + { &info->ToBeSigned, CRYPT_CopyEncodedBlob, 0 }, + }; + + if (info->pOptionalSignatureInfo) FIXME("pOptionalSignatureInfo not supported\n"); + + ret = CRYPT_AsnEncodeSequence(dwCertEncodingType, items, + ARRAY_SIZE(items), dwFlags, pEncodePara, pbEncoded, pcbEncoded); + } + __EXCEPT_PAGE_FAULT + { + SetLastError(STATUS_ACCESS_VIOLATION); + ret = FALSE; + } + __ENDTRY + return ret; +} + static CryptEncodeObjectExFunc CRYPT_GetBuiltinEncoder(DWORD dwCertEncodingType, LPCSTR lpszStructType) { @@ -4807,6 +4834,9 @@ static CryptEncodeObjectExFunc CRYPT_GetBuiltinEncoder(DWORD dwCertEncodingType, case LOWORD(OCSP_REQUEST): encodeFunc = CRYPT_AsnEncodeOCSPRequest; break; + case LOWORD(OCSP_SIGNED_REQUEST): + encodeFunc = CRYPT_AsnEncodeOCSPSignedRequest; + break; default: FIXME("Unimplemented encoder for lpszStructType OID %d\n", LOWORD(lpszStructType)); } diff --git a/dlls/crypt32/tests/encode.c b/dlls/crypt32/tests/encode.c index 747b4a7d18f..c47fd823673 100644 --- a/dlls/crypt32/tests/encode.c +++ b/dlls/crypt32/tests/encode.c @@ -8667,6 +8667,14 @@ static void test_encodeOCSPRequestInfo(DWORD dwEncoding) 0x0c, 0x0b, 0x4e, 0xc0, 0x09, 0x8a, 0xab, 0xd8, 0x04, 0x14, 0xb7, 0x6b, 0xa2, 0xea, 0xa8, 0xaa, 0x84, 0x8c, 0x79, 0xea, 0xb4, 0xda, 0x0f, 0x98, 0xb2, 0xc5, 0x95, 0x76, 0xb9, 0xf4, 0x02, 0x10, 0xb1, 0xc1, 0x87, 0x54, 0x54, 0xac, 0x1e, 0x55, 0x40, 0xfb, 0xef, 0xd9, 0x6d, 0x8f, 0x49, 0x08}; + static const BYTE expected4[] = + {0x30, 0x6a, 0x30, 0x68, 0xa1, 0x17, 0x82, 0x15, 0x2a, 0x2e, 0x63, 0x6d, 0x2e, 0x73, 0x74, 0x65, + 0x61, 0x6d, 0x70, 0x6f, 0x77, 0x65, 0x72, 0x65, 0x64, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x4d, 0x30, + 0x4b, 0x30, 0x49, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, + 0xe4, 0xe3, 0x95, 0xa2, 0x29, 0xd3, 0xd4, 0xc1, 0xc3, 0x1f, 0xf0, 0x98, 0x0c, 0x0b, 0x4e, 0xc0, + 0x09, 0x8a, 0xab, 0xd8, 0x04, 0x14, 0xb7, 0x6b, 0xa2, 0xea, 0xa8, 0xaa, 0x84, 0x8c, 0x79, 0xea, + 0xb4, 0xda, 0x0f, 0x98, 0xb2, 0xc5, 0x95, 0x76, 0xb9, 0xf4, 0x02, 0x10, 0xb1, 0xc1, 0x87, 0x54, + 0x54, 0xac, 0x1e, 0x55, 0x40, 0xfb, 0xef, 0xd9, 0x6d, 0x8f, 0x49, 0x08}; static const BYTE issuer_name[] = {0xe4, 0xe3 ,0x95, 0xa2, 0x29, 0xd3, 0xd4, 0xc1, 0xc3, 0x1f, 0xf0, 0x98, 0x0c, 0x0b, 0x4e, 0xc0, 0x09, 0x8a, 0xab, 0xd8}; @@ -8678,8 +8686,9 @@ static void test_encodeOCSPRequestInfo(DWORD dwEncoding) OCSP_REQUEST_ENTRY entry[2]; CERT_ALT_NAME_ENTRY name; OCSP_REQUEST_INFO info; + OCSP_SIGNED_REQUEST_INFO info_signed; DWORD size; - BYTE *buf; + BYTE *buf, *buf2; BOOL ret;
memset(&entry, 0, sizeof(entry)); @@ -8707,7 +8716,20 @@ static void test_encodeOCSPRequestInfo(DWORD dwEncoding) ok(ret, "got %08lx\n", GetLastError()); ok(size == sizeof(expected), "got %lu\n", size); ok(!memcmp(buf, expected, sizeof(expected)), "unexpected value\n"); + + /* wrapped in OCSP_SIGNED_REQUEST_INFO */ + info_signed.ToBeSigned.cbData = size; + info_signed.ToBeSigned.pbData = buf; + info_signed.pOptionalSignatureInfo = NULL; + size = 0; + SetLastError(0xdeadbeef); + ret = pCryptEncodeObjectEx(dwEncoding, OCSP_SIGNED_REQUEST, &info_signed, CRYPT_ENCODE_ALLOC_FLAG, NULL, + &buf2, &size); + ok(ret, "got %08lx\n", GetLastError()); + ok(size == sizeof(expected4), "got %lu\n", size); + ok(!memcmp(buf2, expected4, sizeof(expected4)), "unexpected value\n"); LocalFree(buf); + LocalFree(buf2);
/* two entries */ entry[1].CertId.HashAlgorithm.pszObjId = (char *)szOID_OIWSEC_sha1;