Commit bfbc159d authored by Juan Lang's avatar Juan Lang Committed by Alexandre Julliard

crypt32: Separate construction of signer handles from signer info.

parent c4dd74d8
......@@ -617,14 +617,6 @@ static BOOL CRYPT_IsValidSigner(CMSG_SIGNER_ENCODE_INFO_WITH_CMS *signer)
return TRUE;
}
typedef struct _CSignerHandles
{
HCRYPTPROV prov;
HCRYPTHASH contentHash;
HCRYPTHASH authAttrHash;
HCRYPTKEY key;
} CSignerHandles;
static BOOL CRYPT_ConstructBlob(CRYPT_DATA_BLOB *out, const CRYPT_DATA_BLOB *in)
{
BOOL ret = TRUE;
......@@ -722,40 +714,12 @@ static BOOL CRYPT_ConstructAttributes(CRYPT_ATTRIBUTES *out,
return ret;
}
/* Constructs a CSignerHandles with a copy of crypt_prov (not add-ref'ed - the
* caller must do this if necessary), a hash handle based on HashAlgorithm, and
* an authenticated attributes hash handle if hasAuthAttrs is TRUE.
*/
static BOOL CSignerHandles_Construct(CSignerHandles *handles,
HCRYPTPROV crypt_prov, CRYPT_ALGORITHM_IDENTIFIER *HashAlgorithm,
BOOL hasAuthAttrs)
/* Constructs a CMSG_SIGNER_INFO from a CMSG_SIGNER_ENCODE_INFO_WITH_CMS. */
static BOOL CSignerInfo_Construct(CMSG_SIGNER_INFO *info,
CMSG_SIGNER_ENCODE_INFO_WITH_CMS *in)
{
ALG_ID algID;
BOOL ret;
handles->prov = crypt_prov;
algID = CertOIDToAlgId(HashAlgorithm->pszObjId);
ret = CryptCreateHash(handles->prov, algID, 0, 0, &handles->contentHash);
if (ret && hasAuthAttrs)
ret = CryptCreateHash(handles->prov, algID, 0, 0,
&handles->authAttrHash);
return ret;
}
/* Constructs both a CSignerHandles and a CMSG_SIGNER_INFO from a
* CMSG_SIGNER_ENCODE_INFO_WITH_CMS.
*/
static BOOL CSignerInfo_Construct(CSignerHandles *handles,
CMSG_SIGNER_INFO *info, CMSG_SIGNER_ENCODE_INFO_WITH_CMS *in, DWORD open_flags)
{
BOOL ret;
if (!(open_flags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG))
CryptContextAddRef(in->hCryptProv, NULL, 0);
ret = CSignerHandles_Construct(handles, in->hCryptProv, &in->HashAlgorithm,
in->cAuthAttr > 0);
if (ret)
{
/* Note: needs to change if CMS fields are supported */
info->dwVersion = CMSG_SIGNER_INFO_V1;
ret = CRYPT_ConstructBlob(&info->Issuer, &in->pCertInfo->Issuer);
......@@ -777,7 +741,6 @@ static BOOL CSignerInfo_Construct(CSignerHandles *handles,
if (ret)
ret = CRYPT_ConstructAttributes(&info->UnauthAttrs,
(CRYPT_ATTRIBUTES *)&in->cUnauthAttr);
}
return ret;
}
......@@ -807,6 +770,14 @@ static void CSignerInfo_Free(CMSG_SIGNER_INFO *info)
CryptMemFree(info->UnauthAttrs.rgAttr);
}
typedef struct _CSignerHandles
{
HCRYPTPROV prov;
HCRYPTHASH contentHash;
HCRYPTHASH authAttrHash;
HCRYPTKEY key;
} CSignerHandles;
typedef struct _CSignedMsgData
{
CRYPT_SIGNED_INFO *info;
......@@ -820,6 +791,26 @@ typedef struct _CSignedEncodeMsg
CSignedMsgData msg_data;
} CSignedEncodeMsg;
/* Constructs a CSignerHandles with a copy of crypt_prov (not add-ref'ed - the
* caller must do this if necessary), a hash handle based on HashAlgorithm, and
* an authenticated attributes hash handle if hasAuthAttrs is TRUE.
*/
static BOOL CSignerHandles_Construct(CSignerHandles *handles,
HCRYPTPROV crypt_prov, CRYPT_ALGORITHM_IDENTIFIER *HashAlgorithm,
BOOL hasAuthAttrs)
{
ALG_ID algID;
BOOL ret;
handles->prov = crypt_prov;
algID = CertOIDToAlgId(HashAlgorithm->pszObjId);
ret = CryptCreateHash(handles->prov, algID, 0, 0, &handles->contentHash);
if (ret && hasAuthAttrs)
ret = CryptCreateHash(handles->prov, algID, 0, 0,
&handles->authAttrHash);
return ret;
}
static void CSignedMsgData_CloseHandles(CSignedMsgData *msg_data)
{
DWORD i;
......@@ -1217,9 +1208,22 @@ static HCRYPTMSG CSignedEncodeMsg_Open(DWORD dwFlags,
memset(msg->msg_data.info->rgSignerInfo, 0,
msg->msg_data.info->cSignerInfo * sizeof(CMSG_SIGNER_INFO));
for (i = 0; ret && i < msg->msg_data.info->cSignerInfo; i++)
ret = CSignerInfo_Construct(&msg->msg_data.signerHandles[i],
{
ret = CSignerInfo_Construct(
&msg->msg_data.info->rgSignerInfo[i],
&info->rgSigners[i], dwFlags);
&info->rgSigners[i]);
if (ret)
{
if (!(dwFlags & CMSG_CRYPT_RELEASE_CONTEXT_FLAG))
CryptContextAddRef(info->rgSigners[i].hCryptProv,
NULL, 0);
ret = CSignerHandles_Construct(
&msg->msg_data.signerHandles[i],
info->rgSigners[i].hCryptProv,
&info->rgSigners[i].HashAlgorithm,
info->rgSigners[i].cAuthAttr > 0);
}
}
}
else
ret = FALSE;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment