Juan Lang : cryptui: Validate OID in add purpose dialog. - wine-commits

19 Dec 2008

Module: wine
Branch: master
Commit: a958c27cdd431f758a4d2e7971aa1f4e85b3b330
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=a958c27cdd431f758a4d2e7971...
Author: Juan Lang juan.lang@gmail.com
Date:   Thu Dec 18 14:05:49 2008 -0800
cryptui: Validate OID in add purpose dialog.
---
dlls/cryptui/cryptui_En.rc |    2 +
 dlls/cryptui/cryptuires.h  |    2 +
 dlls/cryptui/main.c        |   88 +++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 91 insertions(+), 1 deletions(-)

diff --git a/dlls/cryptui/cryptui_En.rc b/dlls/cryptui/cryptui_En.rc
index 5dcb98a..f904fa7 100644
--- a/dlls/cryptui/cryptui_En.rc
+++ b/dlls/cryptui/cryptui_En.rc
@@ -59,6 +59,8 @@ STRINGTABLE DISCARDABLE
     IDS_PROP_FRIENDLY_NAME "Friendly name"
     IDS_PROP_DESCRIPTION "Description"
     IDS_CERTIFICATE_PROPERTIES "Certificate Properties"
+    IDS_CERTIFICATE_PURPOSE_ERROR "Please enter an OID in the form 1.2.3.4"
+    IDS_CERTIFICATE_PURPOSE_EXISTS "The OID you entered already exists."
     IDS_PURPOSE_SERVER_AUTH "Ensures the identify of a remote computer"
     IDS_PURPOSE_CLIENT_AUTH "Proves your identity to a remote computer"
     IDS_PURPOSE_CODE_SIGNING "Ensures software came from software publisher\nProtects software from alteration after publication"
diff --git a/dlls/cryptui/cryptuires.h b/dlls/cryptui/cryptuires.h
index a311531..9e18852 100644
--- a/dlls/cryptui/cryptuires.h
+++ b/dlls/cryptui/cryptuires.h
@@ -56,6 +56,8 @@
 #define IDS_PROP_FRIENDLY_NAME 1036
 #define IDS_PROP_DESCRIPTION 1037
 #define IDS_CERTIFICATE_PROPERTIES 1038
+#define IDS_CERTIFICATE_PURPOSE_ERROR 1039
+#define IDS_CERTIFICATE_PURPOSE_EXISTS 1040
#define IDS_PURPOSE_SERVER_AUTH 1100
 #define IDS_PURPOSE_CLIENT_AUTH 1101
diff --git a/dlls/cryptui/main.c b/dlls/cryptui/main.c
index 7bd835f..7b70578 100644
--- a/dlls/cryptui/main.c
+++ b/dlls/cryptui/main.c
@@ -1593,6 +1593,72 @@ static void add_purpose(HWND hwnd, LPCSTR oid)
     }
 }
+static BOOL is_valid_oid(LPCSTR oid)
+{
+    BOOL ret;
+
+    if (oid[0] != '0' && oid[0] != '1' && oid[0] != '2')
+        ret = FALSE;
+    else if (oid[1] != '.')
+        ret = FALSE;
+    else if (!oid[2])
+        ret = FALSE;
+    else
+    {
+        const char *ptr;
+        BOOL expectNum = TRUE;
+
+        for (ptr = oid + 2, ret = TRUE; ret && *ptr; ptr++)
+        {
+            if (expectNum)
+            {
+                if (!isdigit(*ptr))
+                    ret = FALSE;
+                else if (*(ptr + 1) == '.')
+                    expectNum = FALSE;
+            }
+            else
+            {
+                if (*ptr != '.')
+                    ret = FALSE;
+                else if (!(*(ptr + 1)))
+                    ret = FALSE;
+                else
+                    expectNum = TRUE;
+            }
+        }
+    }
+    return ret;
+}
+
+static BOOL is_oid_in_list(HWND hwnd, LPCSTR oid)
+{
+    HWND lv = GetDlgItem(hwnd, IDC_CERTIFICATE_USAGES);
+    PCCRYPT_OID_INFO oidInfo = CryptFindOIDInfo(CRYPT_OID_INFO_OID_KEY,
+     (void *)oid, CRYPT_ENHKEY_USAGE_OID_GROUP_ID);
+    BOOL ret = FALSE;
+
+    if (oidInfo)
+    {
+        LVFINDINFOW findInfo;
+
+        findInfo.flags = LVFI_PARAM;
+        findInfo.lParam = (LPARAM)oidInfo;
+        if (SendMessageW(lv, LVM_FINDITEMW, -1, (LPARAM)&findInfo) != -1)
+            ret = TRUE;
+    }
+    else
+    {
+        LVFINDINFOA findInfo;
+
+        findInfo.flags = LVFI_STRING;
+        findInfo.psz = oid;
+        if (SendMessageW(lv, LVM_FINDITEMA, -1, (LPARAM)&findInfo) != -1)
+            ret = TRUE;
+    }
+    return ret;
+}
+
 #define MAX_PURPOSE 255
static LRESULT CALLBACK add_purpose_dlg_proc(HWND hwnd, UINT msg,
@@ -1636,11 +1702,31 @@ static LRESULT CALLBACK add_purpose_dlg_proc(HWND hwnd, UINT msg,
                     EndDialog(hwnd, IDCANCEL);
                     ret = TRUE;
                 }
+                else if (!is_valid_oid(buf))
+                {
+                    WCHAR title[MAX_STRING_LEN], error[MAX_STRING_LEN];
+
+                    LoadStringW(hInstance, IDS_CERTIFICATE_PURPOSE_ERROR, error,
+                     sizeof(error) / sizeof(error[0]));
+                    LoadStringW(hInstance, IDS_CERTIFICATE_PROPERTIES, title,
+                     sizeof(title) / sizeof(title[0]));
+                    MessageBoxW(hwnd, error, title, MB_ICONERROR | MB_OK);
+                }
+                else if (is_oid_in_list(
+                 (HWND)GetWindowLongPtrW(hwnd, DWLP_USER), buf))
+                {
+                    WCHAR title[MAX_STRING_LEN], error[MAX_STRING_LEN];
+
+                    LoadStringW(hInstance, IDS_CERTIFICATE_PURPOSE_EXISTS,
+                     error, sizeof(error) / sizeof(error[0]));
+                    LoadStringW(hInstance, IDS_CERTIFICATE_PROPERTIES, title,
+                     sizeof(title) / sizeof(title[0]));
+                    MessageBoxW(hwnd, error, title, MB_ICONEXCLAMATION | MB_OK);
+                }
                 else
                 {
                     HWND parent = (HWND)GetWindowLongPtrW(hwnd, DWLP_USER);
-                    FIXME("validate %s\n", debugstr_a(buf));
                     add_purpose(parent, buf);
                     EndDialog(hwnd, wp);
                     ret = TRUE;

    