Commit bfbc159d authored by Juan Lang's avatar Juan Lang Committed by Alexandre Julliard

crypt32: Separate construction of signer handles from signer info.

parent c4dd74d8
...@@ -617,14 +617,6 @@ static BOOL CRYPT_IsValidSigner(CMSG_SIGNER_ENCODE_INFO_WITH_CMS *signer) ...@@ -617,14 +617,6 @@ static BOOL CRYPT_IsValidSigner(CMSG_SIGNER_ENCODE_INFO_WITH_CMS *signer)
return TRUE; return TRUE;
} }
typedef struct _CSignerHandles
{
HCRYPTPROV prov;
HCRYPTHASH contentHash;
HCRYPTHASH authAttrHash;
HCRYPTKEY key;
} CSignerHandles;
static BOOL CRYPT_ConstructBlob(CRYPT_DATA_BLOB *out, const CRYPT_DATA_BLOB *in) static BOOL CRYPT_ConstructBlob(CRYPT_DATA_BLOB *out, const CRYPT_DATA_BLOB *in)
{ {
BOOL ret = TRUE; BOOL ret = TRUE;
...@@ -722,62 +714,33 @@ static BOOL CRYPT_ConstructAttributes(CRYPT_ATTRIBUTES *out, ...@@ -722,62 +714,33 @@ static BOOL CRYPT_ConstructAttributes(CRYPT_ATTRIBUTES *out,
return ret; return ret;
} }
/* Constructs a CSignerHandles with a copy of crypt_prov (not add-ref'ed - the /* Constructs a CMSG_SIGNER_INFO from a CMSG_SIGNER_ENCODE_INFO_WITH_CMS. */
* caller must do this if necessary), a hash handle based on HashAlgorithm, and static BOOL CSignerInfo_Construct(CMSG_SIGNER_INFO *info,
* an authenticated attributes hash handle if hasAuthAttrs is TRUE. CMSG_SIGNER_ENCODE_INFO_WITH_CMS *in)
*/
static BOOL CSignerHandles_Construct(CSignerHandles *handles,
HCRYPTPROV crypt_prov, CRYPT_ALGORITHM_IDENTIFIER *HashAlgorithm,
BOOL hasAuthAttrs)
{
ALG_ID algID;
BOOL ret;
handles->prov = crypt_prov;
algID = CertOIDToAlgId(HashAlgorithm->pszObjId);
ret = CryptCreateHash(handles->prov, algID, 0, 0, &handles->contentHash);
if (ret && hasAuthAttrs)
ret = CryptCreateHash(handles->prov, algID, 0, 0,
&handles->authAttrHash);
return ret;
}
/* Constructs both a CSignerHandles and a CMSG_SIGNER_INFO from a
* CMSG_SIGNER_ENCODE_INFO_WITH_CMS.
*/
static BOOL CSignerInfo_Construct(CSignerHandles *handles,
CMSG_SIGNER_INFO *info, CMSG_SIGNER_ENCODE_INFO_WITH_CMS *in, DWORD open_flags)
{ {
BOOL ret; BOOL ret;
if (!(open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG)) /* Note: needs to change if CMS fields are supported */
CryptContextAddRef(in->hCryptProv, NULL, 0); info->dwVersion = CMSG_SIGNER_INFO_V1;
ret = CSignerHandles_Construct(handles, in->hCryptProv, &in->HashAlgorithm, ret = CRYPT_ConstructBlob(&info->Issuer, &in->pCertInfo->Issuer);
in->cAuthAttr > 0);
if (ret) if (ret)
{ ret = CRYPT_ConstructBlob(&info->SerialNumber,
/* Note: needs to change if CMS fields are supported */ &in->pCertInfo->SerialNumber);
info->dwVersion = CMSG_SIGNER_INFO_V1; /* Assumption: algorithm IDs will point to static strings, not
ret = CRYPT_ConstructBlob(&info->Issuer, &in->pCertInfo->Issuer); * stack-based ones, so copying the pointer values is safe.
if (ret) */
ret = CRYPT_ConstructBlob(&info->SerialNumber, info->HashAlgorithm.pszObjId = in->HashAlgorithm.pszObjId;
&in->pCertInfo->SerialNumber); if (ret)
/* Assumption: algorithm IDs will point to static strings, not ret = CRYPT_ConstructBlob(&info->HashAlgorithm.Parameters,
* stack-based ones, so copying the pointer values is safe. &in->HashAlgorithm.Parameters);
*/ memset(&info->HashEncryptionAlgorithm, 0,
info->HashAlgorithm.pszObjId = in->HashAlgorithm.pszObjId; sizeof(info->HashEncryptionAlgorithm));
if (ret) if (ret)
ret = CRYPT_ConstructBlob(&info->HashAlgorithm.Parameters, ret = CRYPT_ConstructAttributes(&info->AuthAttrs,
&in->HashAlgorithm.Parameters); (CRYPT_ATTRIBUTES *)&in->cAuthAttr);
memset(&info->HashEncryptionAlgorithm, 0, if (ret)
sizeof(info->HashEncryptionAlgorithm)); ret = CRYPT_ConstructAttributes(&info->UnauthAttrs,
if (ret) (CRYPT_ATTRIBUTES *)&in->cUnauthAttr);
ret = CRYPT_ConstructAttributes(&info->AuthAttrs,
(CRYPT_ATTRIBUTES *)&in->cAuthAttr);
if (ret)
ret = CRYPT_ConstructAttributes(&info->UnauthAttrs,
(CRYPT_ATTRIBUTES *)&in->cUnauthAttr);
}
return ret; return ret;
} }
...@@ -807,6 +770,14 @@ static void CSignerInfo_Free(CMSG_SIGNER_INFO *info) ...@@ -807,6 +770,14 @@ static void CSignerInfo_Free(CMSG_SIGNER_INFO *info)
CryptMemFree(info->UnauthAttrs.rgAttr); CryptMemFree(info->UnauthAttrs.rgAttr);
} }
typedef struct _CSignerHandles
{
HCRYPTPROV prov;
HCRYPTHASH contentHash;
HCRYPTHASH authAttrHash;
HCRYPTKEY key;
} CSignerHandles;
typedef struct _CSignedMsgData typedef struct _CSignedMsgData
{ {
CRYPT_SIGNED_INFO *info; CRYPT_SIGNED_INFO *info;
...@@ -820,6 +791,26 @@ typedef struct _CSignedEncodeMsg ...@@ -820,6 +791,26 @@ typedef struct _CSignedEncodeMsg
CSignedMsgData msg_data; CSignedMsgData msg_data;
} CSignedEncodeMsg; } CSignedEncodeMsg;
/* Constructs a CSignerHandles with a copy of crypt_prov (not add-ref'ed - the
* caller must do this if necessary), a hash handle based on HashAlgorithm, and
* an authenticated attributes hash handle if hasAuthAttrs is TRUE.
*/
static BOOL CSignerHandles_Construct(CSignerHandles *handles,
HCRYPTPROV crypt_prov, CRYPT_ALGORITHM_IDENTIFIER *HashAlgorithm,
BOOL hasAuthAttrs)
{
ALG_ID algID;
BOOL ret;
handles->prov = crypt_prov;
algID = CertOIDToAlgId(HashAlgorithm->pszObjId);
ret = CryptCreateHash(handles->prov, algID, 0, 0, &handles->contentHash);
if (ret && hasAuthAttrs)
ret = CryptCreateHash(handles->prov, algID, 0, 0,
&handles->authAttrHash);
return ret;
}
static void CSignedMsgData_CloseHandles(CSignedMsgData *msg_data) static void CSignedMsgData_CloseHandles(CSignedMsgData *msg_data)
{ {
DWORD i; DWORD i;
...@@ -1217,9 +1208,22 @@ static HCRYPTMSG CSignedEncodeMsg_Open(DWORD dwFlags, ...@@ -1217,9 +1208,22 @@ static HCRYPTMSG CSignedEncodeMsg_Open(DWORD dwFlags,
memset(msg->msg_data.info->rgSignerInfo, 0, memset(msg->msg_data.info->rgSignerInfo, 0,
msg->msg_data.info->cSignerInfo * sizeof(CMSG_SIGNER_INFO)); msg->msg_data.info->cSignerInfo * sizeof(CMSG_SIGNER_INFO));
for (i = 0; ret && i < msg->msg_data.info->cSignerInfo; i++) for (i = 0; ret && i < msg->msg_data.info->cSignerInfo; i++)
ret = CSignerInfo_Construct(&msg->msg_data.signerHandles[i], {
ret = CSignerInfo_Construct(
&msg->msg_data.info->rgSignerInfo[i], &msg->msg_data.info->rgSignerInfo[i],
&info->rgSigners[i], dwFlags); &info->rgSigners[i]);
if (ret)
{
if (!(dwFlags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG))
CryptContextAddRef(info->rgSigners[i].hCryptProv,
NULL, 0);
ret = CSignerHandles_Construct(
&msg->msg_data.signerHandles[i],
info->rgSigners[i].hCryptProv,
&info->rgSigners[i].HashAlgorithm,
info->rgSigners[i].cAuthAttr > 0);
}
}
} }
else else
ret = FALSE; ret = FALSE;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment