Commit 226fd5cb authored by Hans Leidekker's avatar Hans Leidekker Committed by Alexandre Julliard

crypt32: Initial implementation of PFXImportCertStore.

parent 2ca9aa16
......@@ -4,6 +4,7 @@ IMPORTLIB = crypt32
IMPORTS = user32 advapi32 bcrypt
DELAYIMPORTS = cryptnet
EXTRALIBS = $(SECURITY_LIBS)
EXTRAINCL = $(GNUTLS_CFLAGS)
C_SRCS = \
base64.c \
......@@ -21,6 +22,7 @@ C_SRCS = \
msg.c \
object.c \
oid.c \
pfx.c \
proplist.c \
protectdata.c \
provstore.c \
......
......@@ -451,4 +451,7 @@ void init_empty_store(void) DECLSPEC_HIDDEN;
*/
#define IS_INTOID(x) (((ULONG_PTR)(x) >> 16) == 0)
BOOL gnutls_initialize(void) DECLSPEC_HIDDEN;
void gnutls_uninitialize(void) DECLSPEC_HIDDEN;
#endif
......@@ -6393,17 +6393,3 @@ BOOL WINAPI PFXIsPFXBlob(CRYPT_DATA_BLOB *pPFX)
ret = FALSE;
return ret;
}
HCERTSTORE WINAPI PFXImportCertStore(CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword,
DWORD dwFlags)
{
FIXME_(crypt)("(%p, %p, %08x): stub\n", pPFX, szPassword, dwFlags);
return NULL;
}
BOOL WINAPI PFXVerifyPassword(CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword,
DWORD dwFlags)
{
FIXME_(crypt)("(%p, %p, %08x): stub\n", pPFX, szPassword, dwFlags);
return FALSE;
}
......@@ -4758,20 +4758,6 @@ BOOL WINAPI CryptEncodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType,
return ret;
}
BOOL WINAPI PFXExportCertStore(HCERTSTORE hStore, CRYPT_DATA_BLOB *pPFX,
LPCWSTR szPassword, DWORD dwFlags)
{
return PFXExportCertStoreEx(hStore, pPFX, szPassword, NULL, dwFlags);
}
BOOL WINAPI PFXExportCertStoreEx(HCERTSTORE hStore, CRYPT_DATA_BLOB *pPFX,
LPCWSTR szPassword, void *pvReserved, DWORD dwFlags)
{
FIXME_(crypt)("(%p, %p, %p, %p, %08x): stub\n", hStore, pPFX, szPassword,
pvReserved, dwFlags);
return FALSE;
}
BOOL WINAPI CryptExportPublicKeyInfo(HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProv, DWORD dwKeySpec,
DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, DWORD *pcbInfo)
{
......
......@@ -54,6 +54,9 @@ BOOL WINAPI DllMain(HINSTANCE hInst, DWORD fdwReason, PVOID pvReserved)
DisableThreadLibraryCalls(hInst);
init_empty_store();
crypt_oid_init();
#ifdef SONAME_LIBGNUTLS
gnutls_initialize();
#endif
break;
case DLL_PROCESS_DETACH:
if (pvReserved) break;
......@@ -61,6 +64,9 @@ BOOL WINAPI DllMain(HINSTANCE hInst, DWORD fdwReason, PVOID pvReserved)
crypt_sip_free();
default_chain_engine_free();
if (hDefProv) CryptReleaseContext(hDefProv, 0);
#ifdef SONAME_LIBGNUTLS
gnutls_uninitialize();
#endif
break;
}
return TRUE;
......
/*
* Copyright 2019 Hans Leidekker for CodeWeavers
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include "config.h"
#include "wine/port.h"
#include <stdarg.h>
#ifdef SONAME_LIBGNUTLS
#include <gnutls/pkcs12.h>
#endif
#include "windef.h"
#include "winbase.h"
#include "wincrypt.h"
#include "snmp.h"
#include "wine/debug.h"
#include "wine/heap.h"
#include "wine/library.h"
WINE_DEFAULT_DEBUG_CHANNEL(crypt);
#ifdef SONAME_LIBGNUTLS
WINE_DECLARE_DEBUG_CHANNEL(winediag);
static void *libgnutls_handle;
#define MAKE_FUNCPTR(f) static typeof(f) * p##f
MAKE_FUNCPTR(gnutls_global_deinit);
MAKE_FUNCPTR(gnutls_global_init);
MAKE_FUNCPTR(gnutls_global_set_log_function);
MAKE_FUNCPTR(gnutls_global_set_log_level);
MAKE_FUNCPTR(gnutls_perror);
MAKE_FUNCPTR(gnutls_pkcs12_deinit);
MAKE_FUNCPTR(gnutls_pkcs12_import);
MAKE_FUNCPTR(gnutls_pkcs12_init);
MAKE_FUNCPTR(gnutls_pkcs12_simple_parse);
MAKE_FUNCPTR(gnutls_x509_crt_export);
#undef MAKE_FUNCPTR
static void gnutls_log( int level, const char *msg )
{
TRACE( "<%d> %s", level, msg );
}
BOOL gnutls_initialize(void)
{
int ret;
if (!(libgnutls_handle = wine_dlopen( SONAME_LIBGNUTLS, RTLD_NOW, NULL, 0 )))
{
ERR_(winediag)( "failed to load libgnutls, no support for pfx import/export\n" );
return FALSE;
}
#define LOAD_FUNCPTR(f) \
if (!(p##f = wine_dlsym( libgnutls_handle, #f, NULL, 0 ))) \
{ \
ERR( "failed to load %s\n", #f ); \
goto fail; \
}
LOAD_FUNCPTR(gnutls_global_deinit)
LOAD_FUNCPTR(gnutls_global_init)
LOAD_FUNCPTR(gnutls_global_set_log_function)
LOAD_FUNCPTR(gnutls_global_set_log_level)
LOAD_FUNCPTR(gnutls_perror)
LOAD_FUNCPTR(gnutls_pkcs12_deinit)
LOAD_FUNCPTR(gnutls_pkcs12_import)
LOAD_FUNCPTR(gnutls_pkcs12_init)
LOAD_FUNCPTR(gnutls_pkcs12_simple_parse)
LOAD_FUNCPTR(gnutls_x509_crt_export)
#undef LOAD_FUNCPTR
if ((ret = pgnutls_global_init()) != GNUTLS_E_SUCCESS)
{
pgnutls_perror( ret );
goto fail;
}
if (TRACE_ON( crypt ))
{
pgnutls_global_set_log_level( 4 );
pgnutls_global_set_log_function( gnutls_log );
}
return TRUE;
fail:
wine_dlclose( libgnutls_handle, NULL, 0 );
libgnutls_handle = NULL;
return FALSE;
}
void gnutls_uninitialize(void)
{
pgnutls_global_deinit();
wine_dlclose( libgnutls_handle, NULL, 0 );
libgnutls_handle = NULL;
}
#endif
HCERTSTORE WINAPI PFXImportCertStore( CRYPT_DATA_BLOB *pfx, const WCHAR *password, DWORD flags )
{
#ifdef SONAME_LIBGNUTLS
gnutls_pkcs12_t p12;
gnutls_datum_t pfx_data;
gnutls_x509_privkey_t key;
gnutls_x509_crt_t *chain;
unsigned int chain_len, i;
HCERTSTORE store = NULL;
int ret;
TRACE( "(%p, %p, %08x)\n", pfx, password, flags );
if (!pfx)
{
SetLastError( ERROR_INVALID_PARAMETER );
return NULL;
}
if (password)
{
FIXME( "password not supported\n" );
return NULL;
}
if (flags & ~(CRYPT_EXPORTABLE|CRYPT_USER_KEYSET|PKCS12_NO_PERSIST_KEY))
{
FIXME( "flags %08x not supported\n", flags );
return NULL;
}
if ((ret = pgnutls_pkcs12_init( &p12 )) < 0)
{
pgnutls_perror( ret );
return NULL;
}
pfx_data.data = pfx->pbData;
pfx_data.size = pfx->cbData;
if ((ret = pgnutls_pkcs12_import( p12, &pfx_data, GNUTLS_X509_FMT_DER, 0 )) < 0)
{
pgnutls_perror( ret );
return NULL;
}
if ((ret = pgnutls_pkcs12_simple_parse( p12, "", &key, &chain, &chain_len, NULL, NULL, NULL, 0 )) < 0)
{
pgnutls_perror( ret );
goto error;
}
if (!(store = CertOpenStore( CERT_STORE_PROV_MEMORY, 0, 0, 0, NULL )))
{
WARN( "CertOpenStore failed %08x\n", GetLastError() );
goto error;
}
if (chain_len > 1) FIXME( "handle certificate chain\n" );
for (i = 0; i < chain_len; i++)
{
const void *ctx;
BYTE *crt_data;
size_t size = 0;
if ((ret = pgnutls_x509_crt_export( chain[i], GNUTLS_X509_FMT_DER, NULL, &size )) != GNUTLS_E_SHORT_MEMORY_BUFFER)
{
pgnutls_perror( ret );
goto error;
}
if (!(crt_data = heap_alloc( size ))) goto error;
if ((ret = pgnutls_x509_crt_export( chain[i], GNUTLS_X509_FMT_DER, crt_data, &size )) < 0)
{
pgnutls_perror( ret );
heap_free( crt_data );
goto error;
}
if (!(ctx = CertCreateContext( CERT_STORE_CERTIFICATE_CONTEXT, X509_ASN_ENCODING, crt_data, size, 0, NULL )))
{
WARN( "CertCreateContext failed %08x\n", GetLastError() );
heap_free( crt_data );
goto error;
}
heap_free( crt_data );
if (!CertAddCertificateContextToStore( store, ctx, CERT_STORE_ADD_ALWAYS, NULL ))
{
WARN( "CertAddCertificateContextToStore failed %08x\n", GetLastError() );
CertFreeCertificateContext( ctx );
goto error;
}
CertFreeCertificateContext( ctx );
}
pgnutls_pkcs12_deinit( p12 );
return store;
error:
CertCloseStore( store, 0 );
pgnutls_pkcs12_deinit( p12 );
return NULL;
#endif
FIXME( "(%p, %p, %08x)\n", pfx, password, flags );
return NULL;
}
BOOL WINAPI PFXVerifyPassword( CRYPT_DATA_BLOB *pfx, const WCHAR *password, DWORD flags )
{
FIXME( "(%p, %p, %08x): stub\n", pfx, password, flags );
return FALSE;
}
BOOL WINAPI PFXExportCertStore( HCERTSTORE store, CRYPT_DATA_BLOB *pfx, const WCHAR *password, DWORD flags )
{
return PFXExportCertStoreEx( store, pfx, password, NULL, flags );
}
BOOL WINAPI PFXExportCertStoreEx( HCERTSTORE store, CRYPT_DATA_BLOB *pfx, const WCHAR *password, void *reserved,
DWORD flags )
{
FIXME( "(%p, %p, %p, %p, %08x): stub\n", store, pfx, password, reserved, flags );
return FALSE;
}
......@@ -3969,8 +3969,16 @@ typedef BOOL (WINAPI *PFN_CMSG_IMPORT_KEY_TRANS)(
#define CMSG_ENCODE_HASHED_SUBJECT_IDENTIFIER_FLAG 0x2
/* PFXImportCertStore flags */
#define CRYPT_USER_KEYSET 0x00001000
#define PKCS12_IMPORT_RESERVED_MASK 0xffff0000
#define CRYPT_USER_KEYSET 0x00001000
#define PKCS12_IMPORT_SILENT 0x00000040
#define PKCS12_PREFER_CNG_KSP 0x00000100
#define PKCS12_ALWAYS_CNG_KSP 0x00000200
#define PKCS12_ONLY_CERTIFICATES 0x00000400
#define PKCS12_ONLY_NOT_ENCRYPTED_CERTIFICATES 0x00000800
#define PKCS12_ALLOW_OVERWRITE_KEY 0x00004000
#define PKCS12_NO_PERSIST_KEY 0x00008000
#define PKCS12_VIRTUAL_ISOLATION_KEY 0x00010000
#define PKCS12_IMPORT_RESERVED_MASK 0xffff0000
/* PFXExportCertStore flags */
#define REPORT_NO_PRIVATE_KEY 0x00000001
#define REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY 0x00000002
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment