crypt32: Allow CMS fields to be set when opening a signed message to encode.

dlls/crypt32/msg.c

@@ -632,15 +632,62 @@ static BOOL CRYPT_IsValidSigner(CMSG_SIGNER_ENCODE_INFO_WITH_CMS *signer)
         SetLastError(E_INVALIDARG);
         return FALSE;
     }
-    if (!signer->pCertInfo->SerialNumber.cbData)
+    if (signer->cbSize == sizeof(CMSG_SIGNER_ENCODE_INFO))
     {
-        SetLastError(E_INVALIDARG);
-        return FALSE;
+        if (!signer->pCertInfo->SerialNumber.cbData)
+        {
+            SetLastError(E_INVALIDARG);
+            return FALSE;
+        }
+        if (!signer->pCertInfo->Issuer.cbData)
+        {
+            SetLastError(E_INVALIDARG);
+            return FALSE;
+        }
     }
-    if (!signer->pCertInfo->Issuer.cbData)
+    else if (signer->cbSize == sizeof(CMSG_SIGNER_ENCODE_INFO_WITH_CMS))
     {
-        SetLastError(E_INVALIDARG);
-        return FALSE;
+        switch (signer->SignerId.dwIdChoice)
+        {
+        case 0:
+            if (!signer->pCertInfo->SerialNumber.cbData)
+            {
+                SetLastError(E_INVALIDARG);
+                return FALSE;
+            }
+            if (!signer->pCertInfo->Issuer.cbData)
+            {
+                SetLastError(E_INVALIDARG);
+                return FALSE;
+            }
+            break;
+        case CERT_ID_ISSUER_SERIAL_NUMBER:
+            if (!signer->SignerId.IssuerSerialNumber.SerialNumber.cbData)
+            {
+                SetLastError(E_INVALIDARG);
+                return FALSE;
+            }
+            if (!signer->SignerId.IssuerSerialNumber.Issuer.cbData)
+            {
+                SetLastError(E_INVALIDARG);
+                return FALSE;
+            }
+            break;
+        case CERT_ID_KEY_IDENTIFIER:
+            if (!signer->SignerId.KeyId.cbData)
+            {
+                SetLastError(E_INVALIDARG);
+                return FALSE;
+            }
+            break;
+        default:
+            SetLastError(E_INVALIDARG);
+        }
+        if (signer->HashEncryptionAlgorithm.pszObjId)
+        {
+            FIXME("CMSG_SIGNER_ENCODE_INFO with CMS fields unsupported\n");
+            return FALSE;
+        }
     }
     if (!signer->hCryptProv)
     {
@@ -652,19 +699,6 @@ static BOOL CRYPT_IsValidSigner(CMSG_SIGNER_ENCODE_INFO_WITH_CMS *signer)
         SetLastError(CRYPT_E_UNKNOWN_ALGO);
         return FALSE;
     }
-    if (signer->cbSize == sizeof(CMSG_SIGNER_ENCODE_INFO_WITH_CMS))
-    {
-        if (signer->SignerId.dwIdChoice)
-        {
-            FIXME("CMSG_SIGNER_ENCODE_INFO with CMS fields unsupported\n");
-            return FALSE;
-        }
-        if (signer->HashEncryptionAlgorithm.pszObjId)
-        {
-            FIXME("CMSG_SIGNER_ENCODE_INFO with CMS fields unsupported\n");
-            return FALSE;
-        }
-    }
     return TRUE;
 }
 

dlls/crypt32/tests/msg.c

@@ -1106,6 +1106,24 @@ static void test_signed_msg_open(void)
         CryptMsgClose(msg);
     }
 
+    /* pCertInfo must still be set, but can be empty if the SignerId's issuer
+     * and serial number are set.
+     */
+    certInfo.Issuer.cbData = 0;
+    certInfo.SerialNumber.cbData = 0;
+    signer.SignerId.dwIdChoice = CERT_ID_ISSUER_SERIAL_NUMBER;
+    signer.SignerId.IssuerSerialNumber.Issuer.cbData =
+     sizeof(encodedCommonName);
+    signer.SignerId.IssuerSerialNumber.Issuer.pbData =
+     (BYTE *)encodedCommonName;
+    signer.SignerId.IssuerSerialNumber.SerialNumber.cbData =
+     sizeof(serialNum);
+    signer.SignerId.IssuerSerialNumber.SerialNumber.pbData = (BYTE *)serialNum;
+    msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
+     NULL, NULL);
+    ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
+    CryptMsgClose(msg);
+
     CryptReleaseContext(signer.hCryptProv, 0);
     pCryptAcquireContextA(&signer.hCryptProv, cspNameA, MS_DEF_PROV_A,
      PROV_RSA_FULL, CRYPT_DELETEKEYSET);