Commit 71f58158 authored by Paul Gofman's avatar Paul Gofman Committed by Alexandre Julliard

wintrust: Load secondary signatures in SoftpubLoadSignature().

parent 2f5ad179
......@@ -830,6 +830,57 @@ static DWORD WINTRUST_VerifySigner(CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
return err;
}
static void load_secondary_signatures(CRYPT_PROVIDER_DATA *data, HCRYPTMSG msg)
{
CRYPT_PROVIDER_SIGSTATE *s = data->pSigState;
CRYPT_ATTRIBUTES *attrs;
unsigned int i, j;
DWORD size;
if (!CryptMsgGetParam(msg, CMSG_SIGNER_UNAUTH_ATTR_PARAM, 0, NULL, &size))
return;
if (!(attrs = data->psPfns->pfnAlloc(size)))
{
ERR("No memory.\n");
return;
}
if (!CryptMsgGetParam(msg, CMSG_SIGNER_UNAUTH_ATTR_PARAM, 0, attrs, &size))
goto done;
for (i = 0; i < attrs->cAttr; ++i)
{
if (strcmp(attrs->rgAttr[i].pszObjId, szOID_NESTED_SIGNATURE))
continue;
if (!(s->rhSecondarySigs = data->psPfns->pfnAlloc(attrs->rgAttr[i].cValue * sizeof(*s->rhSecondarySigs))))
{
ERR("No memory");
goto done;
}
s->cSecondarySigs = 0;
for (j = 0; j < attrs->rgAttr[i].cValue; ++j)
{
if (!(msg = CryptMsgOpenToDecode(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL)))
{
ERR("Could not create crypt message.\n");
goto done;
}
if (!CryptMsgUpdate(msg, attrs->rgAttr[i].rgValue[j].pbData, attrs->rgAttr[i].rgValue[j].cbData, TRUE))
{
ERR("Could not update crypt message, err %lu.\n", GetLastError());
CryptMsgClose(msg);
goto done;
}
s->rhSecondarySigs[j] = msg;
++s->cSecondarySigs;
}
break;
}
done:
data->psPfns->pfnFree(attrs);
}
HRESULT WINAPI SoftpubLoadSignature(CRYPT_PROVIDER_DATA *data)
{
DWORD err = ERROR_SUCCESS;
......@@ -854,7 +905,10 @@ HRESULT WINAPI SoftpubLoadSignature(CRYPT_PROVIDER_DATA *data)
data->pSigState->fSupportMultiSig = TRUE;
data->pSigState->dwCryptoPolicySupport = WSS_SIGTRUST_SUPPORT | WSS_OBJTRUST_SUPPORT | WSS_CERTTRUST_SUPPORT;
if (data->hMsg)
{
data->pSigState->hPrimarySig = CryptMsgDuplicate(data->hMsg);
load_secondary_signatures(data, data->pSigState->hPrimarySig);
}
}
if (!err && data->hMsg)
......
......@@ -1840,7 +1840,7 @@ static void test_multiple_signatures(void)
ok(prov->pSigState->fSupportMultiSig, "Got %d.\n", prov->pSigState->fSupportMultiSig);
ok(prov->pSigState->dwCryptoPolicySupport == (WSS_SIGTRUST_SUPPORT | WSS_OBJTRUST_SUPPORT
| WSS_CERTTRUST_SUPPORT), "Got %#lx.\n", prov->pSigState->dwCryptoPolicySupport);
todo_wine ok(prov->pSigState->cSecondarySigs == 2, "Got %lu.\n", prov->pSigState->cSecondarySigs);
ok(prov->pSigState->cSecondarySigs == 2, "Got %lu.\n", prov->pSigState->cSecondarySigs);
size = sizeof(buf);
bret = CryptMsgGetParam(prov->pSigState->hPrimarySig, CMSG_SIGNER_CERT_INFO_PARAM, 0, buf, &size);
......
......@@ -475,6 +475,8 @@ CRYPT_PROVIDER_SGNR * WINAPI WTHelperGetProvSignerFromChain(
CRYPT_PROVIDER_DATA * WINAPI WTHelperProvDataFromStateData(HANDLE hStateData);
CRYPT_PROVIDER_PRIVDATA * WINAPI WTHelperGetProvPrivateDataFromChain(CRYPT_PROVIDER_DATA *,GUID *);
#define szOID_NESTED_SIGNATURE "1.3.6.1.4.1.311.2.4.1"
#define SPC_INDIRECT_DATA_OBJID "1.3.6.1.4.1.311.2.1.4"
#define SPC_SP_AGENCY_INFO_OBJID "1.3.6.1.4.1.311.2.1.10"
#define SPC_STATEMENT_TYPE_OBJID "1.3.6.1.4.1.311.2.1.11"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment