secur32: Simplify parameters structure of credentials allocation call.

Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>

secur32: Simplify parameters structure of credentials allocation call.
3ac7df1a · Nikolay Sivov · Alexandre Julliard · fe9c2ab3 · 3ac7df1a · 3ac7df1a
Commit 3ac7df1a authored May 27, 2022 by Nikolay Sivov Committed by Alexandre Julliard May 27, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 21 deletions

schannel.c dlls/secur32/schannel.c +14 -7

schannel_gnutls.c dlls/secur32/schannel_gnutls.c +11 -12

secur32_priv.h dlls/secur32/secur32_priv.h +5 -2

No files found.
--- a/dlls/secur32/schannel.c
+++ b/dlls/secur32/schannel.c
@@ -545,8 +545,9 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
    ULONG_PTR handle;
    SECURITY_STATUS status = SEC_E_OK;
    const CERT_CONTEXT *cert = NULL;
-    DATA_BLOB key_blob = {0};
-    struct allocate_certificate_credentials_params params;
+    struct allocate_certificate_credentials_params params = { 0 };
+    BYTE *key_blob = NULL;
+    ULONG key_size = 0;

    TRACE("schanCred %p, phCredential %p, ptsExpiry %p\n", schanCred, phCredential, ptsExpiry);

@@ -581,12 +582,18 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
    creds->credential_use = SECPKG_CRED_OUTBOUND;
    creds->enabled_protocols = enabled_protocols;

-    if (cert && !(key_blob.pbData = get_key_blob(cert, &key_blob.cbData))) goto fail;
+    if (cert && !(key_blob = get_key_blob(cert, &key_size))) goto fail;
    params.c = creds;
-    params.ctx = cert;
-    params.key_blob = &key_blob;
+    if (cert)
+    {
+        params.cert_encoding = cert->dwCertEncodingType;
+        params.cert_size = cert->cbCertEncoded;
+        params.cert_blob = cert->pbCertEncoded;
+    }
+    params.key_size = key_size;
+    params.key_blob = key_blob;
    if (GNUTLS_CALL( allocate_certificate_credentials, &params )) goto fail;
-    RtlFreeHeap(GetProcessHeap(), 0, key_blob.pbData);
+    RtlFreeHeap(GetProcessHeap(), 0, key_blob);

    handle = schan_alloc_handle(creds, SCHAN_HANDLE_CRED);
    if (handle == SCHAN_INVALID_HANDLE) goto fail;
@@ -605,7 +612,7 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,

 fail:
    free(creds);
-    RtlFreeHeap(GetProcessHeap(), 0, key_blob.pbData);
+    RtlFreeHeap(GetProcessHeap(), 0, key_blob);
    return SEC_E_INTERNAL_ERROR;
 }


--- a/dlls/secur32/schannel_gnutls.c
+++ b/dlls/secur32/schannel_gnutls.c
@@ -1038,19 +1038,19 @@ static ULONG set_component(gnutls_datum_t *comp, BYTE *data, ULONG len, ULONG *b
    return comp->size;
 }

-static gnutls_x509_privkey_t get_x509_key(const DATA_BLOB *key_blob)
+static gnutls_x509_privkey_t get_x509_key(ULONG key_size, const BYTE *key_blob)
 {
    gnutls_privkey_t key = NULL;
    gnutls_x509_privkey_t x509key = NULL;
    gnutls_datum_t m, e, d, p, q, u, e1, e2;
    BYTE *ptr;
    RSAPUBKEY *rsakey;
-    DWORD size = key_blob->cbData;
+    DWORD size = key_size;
    int ret;

    if (size < sizeof(BLOBHEADER)) return NULL;

-    rsakey = (RSAPUBKEY *)(key_blob->pbData + sizeof(BLOBHEADER));
+    rsakey = (RSAPUBKEY *)(key_blob + sizeof(BLOBHEADER));
    TRACE("RSA key bitlen %u pubexp %u\n", (unsigned)rsakey->bitlen, (unsigned)rsakey->pubexp);

    size -= sizeof(BLOBHEADER) + FIELD_OFFSET(RSAPUBKEY, pubexp);
@@ -1082,16 +1082,15 @@ static gnutls_x509_privkey_t get_x509_key(const DATA_BLOB *key_blob)
    return x509key;
 }

-static gnutls_x509_crt_t get_x509_crt(const CERT_CONTEXT *ctx)
+static gnutls_x509_crt_t get_x509_crt(const struct allocate_certificate_credentials_params *params)
 {
    gnutls_datum_t data;
    gnutls_x509_crt_t crt;
    int ret;

-    if (!ctx) return FALSE;
-    if (ctx->dwCertEncodingType != X509_ASN_ENCODING)
+    if (params->cert_encoding != X509_ASN_ENCODING)
    {
-        FIXME("encoding type %u not supported\n", (unsigned)ctx->dwCertEncodingType);
+        FIXME("encoding type %u not supported\n", (unsigned)params->cert_encoding);
        return NULL;
    }

@@ -1101,8 +1100,8 @@ static gnutls_x509_crt_t get_x509_crt(const CERT_CONTEXT *ctx)
        return NULL;
    }

-    data.data = ctx->pbCertEncoded;
-    data.size = ctx->cbCertEncoded;
+    data.data = params->cert_blob;
+    data.size = params->cert_size;
    if ((ret = pgnutls_x509_crt_import(crt, &data, GNUTLS_X509_FMT_DER)) < 0)
    {
        pgnutls_perror(ret);
@@ -1128,19 +1127,19 @@ static NTSTATUS schan_allocate_certificate_credentials( void *args )
        return STATUS_INTERNAL_ERROR;
    }

-    if (!params->ctx)
+    if (!params->cert_blob)
    {
        params->c->credentials = creds;
        return STATUS_SUCCESS;
    }

-    if (!(crt = get_x509_crt(params->ctx)))
+    if (!(crt = get_x509_crt(params)))
    {
        pgnutls_certificate_free_credentials(creds);
        return STATUS_INTERNAL_ERROR;
    }

-    if (!(key = get_x509_key(params->key_blob)))
+    if (!(key = get_x509_key(params->key_size, params->key_blob)))
    {
        pgnutls_x509_crt_deinit(crt);
        pgnutls_certificate_free_credentials(creds);

--- a/dlls/secur32/secur32_priv.h
+++ b/dlls/secur32/secur32_priv.h
@@ -115,8 +115,11 @@ struct session_params
 struct allocate_certificate_credentials_params
 {
    schan_credentials *c;
-    const CERT_CONTEXT *ctx;
-    const DATA_BLOB *key_blob;
+    ULONG cert_encoding;
+    ULONG cert_size;
+    BYTE *cert_blob;
+    ULONG key_size;
+    BYTE *key_blob;
 };

 struct create_session_params