Commit d393709f authored by Hans Leidekker's avatar Hans Leidekker Committed by Alexandre Julliard

crypt32: Parse OCSP responder name.

parent 363f1f49
......@@ -6521,13 +6521,13 @@ static BOOL CRYPT_AsnDecodeOCSPBasicResponseEntriesArray(const BYTE *pbEncoded,
dwFlags, NULL, pvStructInfo, pcbStructInfo, pcbDecoded);
}
static BOOL CRYPT_AsnDecodeResponderID(const BYTE *pbEncoded,
static BOOL CRYPT_AsnDecodeResponderIDByName(const BYTE *pbEncoded,
DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
DWORD *pcbDecoded)
{
OCSP_BASIC_RESPONSE_INFO *info = pvStructInfo;
BYTE tag = pbEncoded[0] & ~3, choice = pbEncoded[0] & 3;
DWORD decodedLen, dataLen, lenBytes, bytesNeeded = sizeof(*info), len;
DWORD dataLen, decodedLen, lenBytes, bytesNeeded = sizeof(*info);
BYTE tag = pbEncoded[0] & ~3;
CERT_NAME_BLOB *blob;
if (tag != (ASN_CONTEXT | ASN_CONSTRUCTOR))
......@@ -6536,15 +6536,78 @@ static BOOL CRYPT_AsnDecodeResponderID(const BYTE *pbEncoded,
SetLastError(CRYPT_E_ASN1_BADTAG);
return FALSE;
}
if (choice > 2)
if (!CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen))
return FALSE;
lenBytes = GET_LEN_BYTES(pbEncoded[1]);
cbEncoded -= 1 + lenBytes;
if (dataLen > cbEncoded)
{
WARN("Unexpected choice %02x\n", choice);
SetLastError(CRYPT_E_ASN1_CORRUPT);
SetLastError(CRYPT_E_ASN1_EOD);
return FALSE;
}
pbEncoded += 1 + lenBytes;
decodedLen = 1 + lenBytes + dataLen;
if (pbEncoded[0] != ASN_SEQUENCE)
{
WARN("Unexpected tag %02x %02x\n", pbEncoded[0], pbEncoded[1]);
SetLastError(CRYPT_E_ASN1_BADTAG);
return FALSE;
}
if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG)) bytesNeeded += dataLen;
if (pvStructInfo && *pcbStructInfo >= bytesNeeded)
info->dwResponderIdChoice = choice;
{
info->dwResponderIdChoice = 1;
blob = &info->u.ByNameResponderId;
blob->cbData = dataLen;
if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
blob->pbData = (BYTE *)pbEncoded;
else if (blob->cbData)
{
blob->pbData = (BYTE *)(info + 1);
memcpy(blob->pbData, pbEncoded, blob->cbData);
}
}
if (pcbDecoded)
*pcbDecoded = decodedLen;
if (!pvStructInfo)
{
*pcbStructInfo = bytesNeeded;
return TRUE;
}
if (*pcbStructInfo < bytesNeeded)
{
SetLastError(ERROR_MORE_DATA);
*pcbStructInfo = bytesNeeded;
return FALSE;
}
*pcbStructInfo = bytesNeeded;
return TRUE;
}
static BOOL CRYPT_AsnDecodeResponderIDByKey(const BYTE *pbEncoded,
DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
DWORD *pcbDecoded)
{
OCSP_BASIC_RESPONSE_INFO *info = pvStructInfo;
DWORD dataLen, decodedLen, lenBytes, bytesNeeded = sizeof(*info), len;
BYTE tag = pbEncoded[0] & ~3;
CRYPT_HASH_BLOB *blob;
if (tag != (ASN_CONTEXT | ASN_CONSTRUCTOR))
{
WARN("Unexpected tag %02x\n", tag);
SetLastError(CRYPT_E_ASN1_BADTAG);
return FALSE;
}
if (!CRYPT_GetLen(pbEncoded, cbEncoded, &dataLen))
return FALSE;
......@@ -6581,7 +6644,8 @@ static BOOL CRYPT_AsnDecodeResponderID(const BYTE *pbEncoded,
if (!(dwFlags & CRYPT_DECODE_NOCOPY_FLAG)) bytesNeeded += len;
if (pvStructInfo && *pcbStructInfo >= bytesNeeded)
{
blob = &info->u.ByNameResponderId;
info->dwResponderIdChoice = 2;
blob = &info->u.ByKeyResponderId;
blob->cbData = len;
if (dwFlags & CRYPT_DECODE_NOCOPY_FLAG)
blob->pbData = (BYTE *)pbEncoded;
......@@ -6612,6 +6676,28 @@ static BOOL CRYPT_AsnDecodeResponderID(const BYTE *pbEncoded,
return TRUE;
}
static BOOL CRYPT_AsnDecodeResponderID(const BYTE *pbEncoded,
DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo,
DWORD *pcbDecoded)
{
BYTE choice = pbEncoded[0] & 3;
TRACE("choice %02x\n", choice);
switch (choice)
{
case 1:
return CRYPT_AsnDecodeResponderIDByName(pbEncoded, cbEncoded, dwFlags,
pvStructInfo, pcbStructInfo, pcbDecoded);
case 2:
return CRYPT_AsnDecodeResponderIDByKey(pbEncoded, cbEncoded, dwFlags,
pvStructInfo, pcbStructInfo, pcbDecoded);
default:
WARN("Unexpected choice %02x\n", choice);
SetLastError(CRYPT_E_ASN1_CORRUPT);
return FALSE;
}
}
static BOOL WINAPI CRYPT_AsnDecodeOCSPBasicResponse(DWORD dwCertEncodingType,
LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
CRYPT_DECODE_PARA *pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
......
......@@ -8673,6 +8673,26 @@ static const BYTE ocsp_basic_response[] = {
0x33, 0x36, 0x30, 0x31, 0x5a
};
static const BYTE ocsp_basic_response2[] = {
0x30, 0x81, 0xbe, 0xa1, 0x34, 0x30, 0x32, 0x31, 0x0b, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x16, 0x30, 0x14,
0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0d, 0x4c, 0x65, 0x74, 0x27, 0x73,
0x20, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x31, 0x0b, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x02, 0x52, 0x33, 0x18, 0x0f, 0x32,
0x30, 0x32, 0x32, 0x31, 0x30, 0x32, 0x30, 0x30, 0x36, 0x30, 0x31, 0x30,
0x30, 0x5a, 0x30, 0x75, 0x30, 0x73, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x05,
0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x48, 0xda, 0xc9,
0xa0, 0xfb, 0x2b, 0xd3, 0x2d, 0x4f, 0xf0, 0xde, 0x68, 0xd2, 0xf5, 0x67,
0xb7, 0x35, 0xf9, 0xb3, 0xc4, 0x04, 0x14, 0x14, 0x2e, 0xb3, 0x17, 0xb7,
0x58, 0x56, 0xcb, 0xae, 0x50, 0x09, 0x40, 0xe6, 0x1f, 0xaf, 0x9d, 0x8b,
0x14, 0xc2, 0xc6, 0x02, 0x12, 0x03, 0x26, 0x1c, 0x82, 0x80, 0xf3, 0x8c,
0x13, 0xef, 0xae, 0x83, 0x9d, 0x89, 0xb9, 0xcd, 0x59, 0x83, 0x5b, 0x80,
0x00, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x32, 0x31, 0x30, 0x32, 0x30, 0x30,
0x36, 0x30, 0x30, 0x30, 0x30, 0x5a, 0xa0, 0x11, 0x18, 0x0f, 0x32, 0x30,
0x32, 0x32, 0x31, 0x30, 0x32, 0x37, 0x30, 0x35, 0x35, 0x39, 0x35, 0x38,
0x5a
};
static const BYTE ocsp_basic_response_revoked[] = {
0x30, 0x81, 0xb1, 0xa2, 0x16, 0x04, 0x14, 0xa4, 0x8d, 0xe5, 0xbe, 0x7c,
0x79, 0xe4, 0x70, 0x23, 0x6d, 0x2e, 0x29, 0x34, 0xad, 0x23, 0x58, 0xdc,
......@@ -8758,22 +8778,36 @@ static void test_decodeOCSPBasicResponseInfo(DWORD dwEncoding)
static const BYTE resp_id2[] = {
0xa4, 0x8d, 0xe5, 0xbe, 0x7c, 0x79, 0xe4, 0x70, 0x23, 0x6d, 0x2e, 0x29, 0x34, 0xad, 0x23, 0x58,
0xdc, 0xf5, 0x31, 0x7f};
static const BYTE resp_id3[] = {
0x30, 0x32, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0d, 0x4c, 0x65, 0x74, 0x27, 0x73, 0x20,
0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03,
0x13, 0x02, 0x52, 0x33};
static const BYTE name_hash[] = {
0xe4, 0xe3, 0x95, 0xa2, 0x29, 0xd3, 0xd4, 0xc1, 0xc3, 0x1f, 0xf0, 0x98, 0x0c, 0x0b, 0x4e, 0xc0,
0x09, 0x8a, 0xab, 0xd8};
static const BYTE name_hash2[] = {
0x74, 0xb4, 0xe7, 0x23, 0x19, 0xc7, 0x65, 0x92, 0x15, 0x40, 0x44, 0x7b, 0xc7, 0xce, 0x3e, 0x90,
0xc2, 0x18, 0x76, 0xeb};
static const BYTE name_hash3[] = {
0x48, 0xda, 0xc9, 0xa0, 0xfb, 0x2b, 0xd3, 0x2d, 0x4f, 0xf0, 0xde, 0x68, 0xd2, 0xf5, 0x67, 0xb7,
0x35, 0xf9, 0xb3, 0xc4};
static const BYTE key_hash[] = {
0xb7, 0x6b, 0xa2, 0xea, 0xa8, 0xaa, 0x84, 0x8c, 0x79, 0xea, 0xb4, 0xda, 0x0f, 0x98, 0xb2, 0xc5,
0x95, 0x76, 0xb9, 0xf4};
static const BYTE key_hash2[] = {
0xa4, 0x8d, 0xe5, 0xbe, 0x7c, 0x79, 0xe4, 0x70, 0x23, 0x6d, 0x2e, 0x29, 0x34, 0xad, 0x23, 0x58,
0xdc, 0xf5, 0x31, 0x7f};
static const BYTE key_hash3[] = {
0x14, 0x2e, 0xb3, 0x17, 0xb7, 0x58, 0x56, 0xcb, 0xae, 0x50, 0x09, 0x40, 0xe6, 0x1f, 0xaf, 0x9d,
0x8b, 0x14, 0xc2, 0xc6};
static const BYTE serial[] = {
0xb1, 0xc1, 0x87, 0x54, 0x54, 0xac, 0x1e, 0x55, 0x40, 0xfb, 0xef, 0xd9, 0x6d, 0x8f, 0x49, 0x08};
static const BYTE serial2[] = {
0x2f, 0x57, 0xa4, 0x85, 0xa2, 0xe3, 0x52, 0x54, 0x9a, 0x3b, 0x85, 0x98, 0xa2, 0x67, 0x2e, 0x0d};
static const BYTE serial3[] = {
0x5b, 0x83, 0x59, 0xcd, 0xb9, 0x89, 0x9d, 0x83, 0xae, 0xef, 0x13, 0x8c, 0xf3, 0x80, 0x82, 0x1c,
0x26, 0x03};
OCSP_BASIC_RESPONSE_INFO *info;
OCSP_BASIC_RESPONSE_ENTRY *entry;
OCSP_BASIC_REVOKED_INFO *revoked;
......@@ -8800,11 +8834,11 @@ static void test_decodeOCSPBasicResponseInfo(DWORD dwEncoding)
ok(entry->CertId.HashAlgorithm.Parameters.cbData == 2, "got %lu\n", entry->CertId.HashAlgorithm.Parameters.cbData);
ok(entry->CertId.HashAlgorithm.Parameters.pbData[0] == 5, "got 0x%02x\n", entry->CertId.HashAlgorithm.Parameters.pbData[0]);
ok(!entry->CertId.HashAlgorithm.Parameters.pbData[1], "got 0x%02x\n", entry->CertId.HashAlgorithm.Parameters.pbData[1]);
ok(entry->CertId.IssuerNameHash.cbData == 20, "got %lu\n", entry->CertId.IssuerNameHash.cbData);
ok(entry->CertId.IssuerNameHash.cbData == sizeof(name_hash), "got %lu\n", entry->CertId.IssuerNameHash.cbData);
ok(!memcmp(entry->CertId.IssuerNameHash.pbData, name_hash, sizeof(name_hash)), "wrong data\n");
ok(entry->CertId.IssuerKeyHash.cbData == 20, "got %lu\n", entry->CertId.IssuerKeyHash.cbData);
ok(entry->CertId.IssuerKeyHash.cbData == sizeof(key_hash), "got %lu\n", entry->CertId.IssuerKeyHash.cbData);
ok(!memcmp(entry->CertId.IssuerKeyHash.pbData, key_hash, sizeof(key_hash)), "wrong data\n");
ok(entry->CertId.SerialNumber.cbData == 16, "got %lu\n", entry->CertId.SerialNumber.cbData);
ok(entry->CertId.SerialNumber.cbData == sizeof(serial), "got %lu\n", entry->CertId.SerialNumber.cbData);
ok(!memcmp(entry->CertId.SerialNumber.pbData, serial, sizeof(serial)), "wrong data\n");
ok(entry->dwCertStatus == 0, "got %lu\n", entry->dwCertStatus);
ok(entry->pRevokedInfo == NULL, "got %p\n", entry->pRevokedInfo);
......@@ -8839,11 +8873,11 @@ static void test_decodeOCSPBasicResponseInfo(DWORD dwEncoding)
ok(entry->CertId.HashAlgorithm.Parameters.cbData == 2, "got %lu\n", entry->CertId.HashAlgorithm.Parameters.cbData);
ok(entry->CertId.HashAlgorithm.Parameters.pbData[0] == 5, "got 0x%02x\n", entry->CertId.HashAlgorithm.Parameters.pbData[0]);
ok(!entry->CertId.HashAlgorithm.Parameters.pbData[1], "got 0x%02x\n", entry->CertId.HashAlgorithm.Parameters.pbData[1]);
ok(entry->CertId.IssuerNameHash.cbData == 20, "got %lu\n", entry->CertId.IssuerNameHash.cbData);
ok(entry->CertId.IssuerNameHash.cbData == sizeof(name_hash2), "got %lu\n", entry->CertId.IssuerNameHash.cbData);
ok(!memcmp(entry->CertId.IssuerNameHash.pbData, name_hash2, sizeof(name_hash2)), "wrong data\n");
ok(entry->CertId.IssuerKeyHash.cbData == 20, "got %lu\n", entry->CertId.IssuerKeyHash.cbData);
ok(entry->CertId.IssuerKeyHash.cbData == sizeof(key_hash2), "got %lu\n", entry->CertId.IssuerKeyHash.cbData);
ok(!memcmp(entry->CertId.IssuerKeyHash.pbData, key_hash2, sizeof(key_hash2)), "wrong data\n");
ok(entry->CertId.SerialNumber.cbData == 16, "got %lu\n", entry->CertId.SerialNumber.cbData);
ok(entry->CertId.SerialNumber.cbData == sizeof(serial2), "got %lu\n", entry->CertId.SerialNumber.cbData);
ok(!memcmp(entry->CertId.SerialNumber.pbData, serial2, sizeof(serial2)), "wrong data\n");
ok(entry->dwCertStatus == 1, "got %lu\n", entry->dwCertStatus);
ok(entry->pRevokedInfo != NULL, "got NULL\n");
......@@ -8863,6 +8897,46 @@ static void test_decodeOCSPBasicResponseInfo(DWORD dwEncoding)
ok(!info->cExtension, "got %lu\n", info->cExtension);
ok(info->rgExtension == NULL, "got %p\n", info->rgExtension);
LocalFree(info);
size = 0;
ret = CryptDecodeObjectEx(dwEncoding, OCSP_BASIC_RESPONSE, ocsp_basic_response2,
sizeof(ocsp_basic_response2), CRYPT_DECODE_ALLOC_FLAG, NULL, &info, &size);
ok(ret, "got %08lx\n", GetLastError());
ok(!info->dwVersion, "got %lu\n", info->dwVersion);
ok(info->dwResponderIdChoice == 1, "got %lu\n", info->dwResponderIdChoice);
ok(info->ByNameResponderId.cbData == sizeof(resp_id3), "got %lu\n", info->ByNameResponderId.cbData);
ok(!memcmp(info->ByNameResponderId.pbData, resp_id3, sizeof(resp_id3)), "wrong data\n");
ok(info->ProducedAt.dwLowDateTime == 1408824832, "got %lu\n", info->ProducedAt.dwLowDateTime);
ok(info->ProducedAt.dwHighDateTime == 30991433, "got %lu\n", info->ProducedAt.dwHighDateTime);
ok(info->cResponseEntry == 1, "got %lu\n", info->cResponseEntry);
ok(info->rgResponseEntry != NULL, "got %p\n", info->rgResponseEntry);
entry = info->rgResponseEntry;
ok(!strcmp(entry->CertId.HashAlgorithm.pszObjId, szOID_OIWSEC_sha1), "got '%s'\n", entry->CertId.HashAlgorithm.pszObjId);
ok(entry->CertId.HashAlgorithm.Parameters.cbData == 2, "got %lu\n", entry->CertId.HashAlgorithm.Parameters.cbData);
ok(entry->CertId.HashAlgorithm.Parameters.pbData[0] == 5, "got 0x%02x\n", entry->CertId.HashAlgorithm.Parameters.pbData[0]);
ok(!entry->CertId.HashAlgorithm.Parameters.pbData[1], "got 0x%02x\n", entry->CertId.HashAlgorithm.Parameters.pbData[1]);
ok(entry->CertId.IssuerNameHash.cbData == sizeof(name_hash3), "got %lu\n", entry->CertId.IssuerNameHash.cbData);
ok(!memcmp(entry->CertId.IssuerNameHash.pbData, name_hash3, sizeof(name_hash3)), "wrong data\n");
ok(entry->CertId.IssuerKeyHash.cbData == sizeof(key_hash3), "got %lu\n", entry->CertId.IssuerKeyHash.cbData);
ok(!memcmp(entry->CertId.IssuerKeyHash.pbData, key_hash3, sizeof(key_hash3)), "wrong data\n");
ok(entry->CertId.SerialNumber.cbData == sizeof(serial3), "got %lu\n", entry->CertId.SerialNumber.cbData);
ok(!memcmp(entry->CertId.SerialNumber.pbData, serial3, sizeof(serial3)), "wrong data\n");
ok(entry->dwCertStatus == 0, "got %lu\n", entry->dwCertStatus);
ok(entry->pRevokedInfo == NULL, "got %p\n", entry->pRevokedInfo);
ok(entry->ThisUpdate.dwLowDateTime == 808824832, "got %lu\n", entry->ThisUpdate.dwLowDateTime);
ok(entry->ThisUpdate.dwHighDateTime == 30991433, "got %lu\n", entry->ThisUpdate.dwHighDateTime);
ok(entry->NextUpdate.dwLowDateTime == 1474872064, "got %lu\n", entry->NextUpdate.dwLowDateTime);
ok(entry->NextUpdate.dwHighDateTime == 30992841, "got %lu\n", entry->NextUpdate.dwHighDateTime);
ok(!entry->cExtension, "got %lu\n", entry->cExtension);
ok(entry->rgExtension == NULL, "got %p\n", entry->rgExtension);
ok(!info->cExtension, "got %lu\n", info->cExtension);
ok(info->rgExtension == NULL, "got %p\n", info->rgExtension);
LocalFree(info);
}
START_TEST(encode)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment