Commit 3ac7df1a authored by Nikolay Sivov's avatar Nikolay Sivov Committed by Alexandre Julliard

secur32: Simplify parameters structure of credentials allocation call.

parent fe9c2ab3
......@@ -545,8 +545,9 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
ULONG_PTR handle;
SECURITY_STATUS status = SEC_E_OK;
const CERT_CONTEXT *cert = NULL;
DATA_BLOB key_blob = {0};
struct allocate_certificate_credentials_params params;
struct allocate_certificate_credentials_params params = { 0 };
BYTE *key_blob = NULL;
ULONG key_size = 0;
TRACE("schanCred %p, phCredential %p, ptsExpiry %p\n", schanCred, phCredential, ptsExpiry);
......@@ -581,12 +582,18 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
creds->credential_use = SECPKG_CRED_OUTBOUND;
creds->enabled_protocols = enabled_protocols;
if (cert && !(key_blob.pbData = get_key_blob(cert, &key_blob.cbData))) goto fail;
if (cert && !(key_blob = get_key_blob(cert, &key_size))) goto fail;
params.c = creds;
params.ctx = cert;
params.key_blob = &key_blob;
if (cert)
{
params.cert_encoding = cert->dwCertEncodingType;
params.cert_size = cert->cbCertEncoded;
params.cert_blob = cert->pbCertEncoded;
}
params.key_size = key_size;
params.key_blob = key_blob;
if (GNUTLS_CALL( allocate_certificate_credentials, &params )) goto fail;
RtlFreeHeap(GetProcessHeap(), 0, key_blob.pbData);
RtlFreeHeap(GetProcessHeap(), 0, key_blob);
handle = schan_alloc_handle(creds, SCHAN_HANDLE_CRED);
if (handle == SCHAN_INVALID_HANDLE) goto fail;
......@@ -605,7 +612,7 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
fail:
free(creds);
RtlFreeHeap(GetProcessHeap(), 0, key_blob.pbData);
RtlFreeHeap(GetProcessHeap(), 0, key_blob);
return SEC_E_INTERNAL_ERROR;
}
......
......@@ -1038,19 +1038,19 @@ static ULONG set_component(gnutls_datum_t *comp, BYTE *data, ULONG len, ULONG *b
return comp->size;
}
static gnutls_x509_privkey_t get_x509_key(const DATA_BLOB *key_blob)
static gnutls_x509_privkey_t get_x509_key(ULONG key_size, const BYTE *key_blob)
{
gnutls_privkey_t key = NULL;
gnutls_x509_privkey_t x509key = NULL;
gnutls_datum_t m, e, d, p, q, u, e1, e2;
BYTE *ptr;
RSAPUBKEY *rsakey;
DWORD size = key_blob->cbData;
DWORD size = key_size;
int ret;
if (size < sizeof(BLOBHEADER)) return NULL;
rsakey = (RSAPUBKEY *)(key_blob->pbData + sizeof(BLOBHEADER));
rsakey = (RSAPUBKEY *)(key_blob + sizeof(BLOBHEADER));
TRACE("RSA key bitlen %u pubexp %u\n", (unsigned)rsakey->bitlen, (unsigned)rsakey->pubexp);
size -= sizeof(BLOBHEADER) + FIELD_OFFSET(RSAPUBKEY, pubexp);
......@@ -1082,16 +1082,15 @@ static gnutls_x509_privkey_t get_x509_key(const DATA_BLOB *key_blob)
return x509key;
}
static gnutls_x509_crt_t get_x509_crt(const CERT_CONTEXT *ctx)
static gnutls_x509_crt_t get_x509_crt(const struct allocate_certificate_credentials_params *params)
{
gnutls_datum_t data;
gnutls_x509_crt_t crt;
int ret;
if (!ctx) return FALSE;
if (ctx->dwCertEncodingType != X509_ASN_ENCODING)
if (params->cert_encoding != X509_ASN_ENCODING)
{
FIXME("encoding type %u not supported\n", (unsigned)ctx->dwCertEncodingType);
FIXME("encoding type %u not supported\n", (unsigned)params->cert_encoding);
return NULL;
}
......@@ -1101,8 +1100,8 @@ static gnutls_x509_crt_t get_x509_crt(const CERT_CONTEXT *ctx)
return NULL;
}
data.data = ctx->pbCertEncoded;
data.size = ctx->cbCertEncoded;
data.data = params->cert_blob;
data.size = params->cert_size;
if ((ret = pgnutls_x509_crt_import(crt, &data, GNUTLS_X509_FMT_DER)) < 0)
{
pgnutls_perror(ret);
......@@ -1128,19 +1127,19 @@ static NTSTATUS schan_allocate_certificate_credentials( void *args )
return STATUS_INTERNAL_ERROR;
}
if (!params->ctx)
if (!params->cert_blob)
{
params->c->credentials = creds;
return STATUS_SUCCESS;
}
if (!(crt = get_x509_crt(params->ctx)))
if (!(crt = get_x509_crt(params)))
{
pgnutls_certificate_free_credentials(creds);
return STATUS_INTERNAL_ERROR;
}
if (!(key = get_x509_key(params->key_blob)))
if (!(key = get_x509_key(params->key_size, params->key_blob)))
{
pgnutls_x509_crt_deinit(crt);
pgnutls_certificate_free_credentials(creds);
......
......@@ -115,8 +115,11 @@ struct session_params
struct allocate_certificate_credentials_params
{
schan_credentials *c;
const CERT_CONTEXT *ctx;
const DATA_BLOB *key_blob;
ULONG cert_encoding;
ULONG cert_size;
BYTE *cert_blob;
ULONG key_size;
BYTE *key_blob;
};
struct create_session_params
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment