1 /* 2 * Copyright 2004-2007 Juan Lang 3 * 4 * This library is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU Lesser General Public 6 * License as published by the Free Software Foundation; either 7 * version 2.1 of the License, or (at your option) any later version. 8 * 9 * This library is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 * Lesser General Public License for more details. 13 * 14 * You should have received a copy of the GNU Lesser General Public 15 * License along with this library; if not, write to the Free Software 16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA 17 */ 18 #include <assert.h> 19 #include <stdarg.h> 20 #include "windef.h" 21 #include "winbase.h" 22 #include "wincrypt.h" 23 #include "winreg.h" 24 #include "winuser.h" 25 #include "wine/debug.h" 26 #include "crypt32_private.h" 27 28 WINE_DEFAULT_DEBUG_CHANNEL(crypt); 29 30 typedef struct _WINE_HASH_TO_DELETE 31 { 32 BYTE hash[20]; 33 struct list entry; 34 } WINE_HASH_TO_DELETE; 35 36 typedef struct _WINE_REGSTOREINFO 37 { 38 DWORD dwOpenFlags; 39 HCERTSTORE memStore; 40 HKEY key; 41 BOOL dirty; 42 CRITICAL_SECTION cs; 43 struct list certsToDelete; 44 struct list crlsToDelete; 45 struct list ctlsToDelete; 46 } WINE_REGSTOREINFO; 47 48 static void CRYPT_HashToStr(const BYTE *hash, LPWSTR asciiHash) 49 { 50 static const WCHAR fmt[] = { '%','0','2','X',0 }; 51 DWORD i; 52 53 assert(hash); 54 assert(asciiHash); 55 56 for (i = 0; i < 20; i++) 57 wsprintfW(asciiHash + i * 2, fmt, hash[i]); 58 } 59 60 static const WCHAR CertsW[] = { 'C','e','r','t','i','f','i','c','a','t','e','s', 61 0 }; 62 static const WCHAR CRLsW[] = { 'C','R','L','s',0 }; 63 static const WCHAR CTLsW[] = { 'C','T','L','s',0 }; 64 static const WCHAR BlobW[] = { 'B','l','o','b',0 }; 65 66 static void CRYPT_RegReadSerializedFromReg(HKEY key, DWORD contextType, 67 HCERTSTORE store) 68 { 69 LONG rc; 70 DWORD index = 0; 71 WCHAR subKeyName[MAX_PATH]; 72 73 do { 74 DWORD size = ARRAY_SIZE(subKeyName); 75 76 rc = RegEnumKeyExW(key, index++, subKeyName, &size, NULL, NULL, NULL, 77 NULL); 78 if (!rc) 79 { 80 HKEY subKey; 81 82 rc = RegOpenKeyExW(key, subKeyName, 0, KEY_READ, &subKey); 83 if (!rc) 84 { 85 LPBYTE buf = NULL; 86 87 size = 0; 88 rc = RegQueryValueExW(subKey, BlobW, NULL, NULL, NULL, &size); 89 if (!rc) 90 buf = CryptMemAlloc(size); 91 if (buf) 92 { 93 rc = RegQueryValueExW(subKey, BlobW, NULL, NULL, buf, 94 &size); 95 if (!rc) 96 { 97 const void *context; 98 DWORD addedType; 99 100 TRACE("Adding cert with hash %s\n", 101 debugstr_w(subKeyName)); 102 context = CRYPT_ReadSerializedElement(buf, size, 103 contextType, &addedType); 104 if (context) 105 { 106 const WINE_CONTEXT_INTERFACE *contextInterface; 107 BYTE hash[20]; 108 109 switch (addedType) 110 { 111 case CERT_STORE_CERTIFICATE_CONTEXT: 112 contextInterface = pCertInterface; 113 break; 114 case CERT_STORE_CRL_CONTEXT: 115 contextInterface = pCRLInterface; 116 break; 117 case CERT_STORE_CTL_CONTEXT: 118 contextInterface = pCTLInterface; 119 break; 120 default: 121 contextInterface = NULL; 122 } 123 if (contextInterface) 124 { 125 size = sizeof(hash); 126 if (contextInterface->getProp(context, 127 CERT_HASH_PROP_ID, hash, &size)) 128 { 129 WCHAR asciiHash[20 * 2 + 1]; 130 131 CRYPT_HashToStr(hash, asciiHash); 132 TRACE("comparing %s\n", 133 debugstr_w(asciiHash)); 134 TRACE("with %s\n", debugstr_w(subKeyName)); 135 if (!lstrcmpW(asciiHash, subKeyName)) 136 { 137 TRACE("hash matches, adding\n"); 138 contextInterface->addContextToStore( 139 store, context, 140 CERT_STORE_ADD_REPLACE_EXISTING, NULL); 141 } 142 else 143 TRACE("hash doesn't match, ignoring\n"); 144 } 145 Context_Release(context_from_ptr(context)); 146 } 147 } 148 } 149 CryptMemFree(buf); 150 } 151 RegCloseKey(subKey); 152 } 153 /* Ignore intermediate errors, continue enumerating */ 154 rc = ERROR_SUCCESS; 155 } 156 } while (!rc); 157 } 158 159 static void CRYPT_RegReadFromReg(HKEY key, HCERTSTORE store) 160 { 161 static const WCHAR * const subKeys[] = { CertsW, CRLsW, CTLsW }; 162 static const DWORD contextFlags[] = { CERT_STORE_CERTIFICATE_CONTEXT_FLAG, 163 CERT_STORE_CRL_CONTEXT_FLAG, CERT_STORE_CTL_CONTEXT_FLAG }; 164 DWORD i; 165 166 for (i = 0; i < ARRAY_SIZE(subKeys); i++) 167 { 168 HKEY hKey; 169 LONG rc; 170 171 rc = RegCreateKeyExW(key, subKeys[i], 0, NULL, 0, KEY_READ, NULL, 172 &hKey, NULL); 173 if (!rc) 174 { 175 CRYPT_RegReadSerializedFromReg(hKey, contextFlags[i], store); 176 RegCloseKey(hKey); 177 } 178 } 179 } 180 181 /* Hash is assumed to be 20 bytes in length (a SHA-1 hash) */ 182 static BOOL CRYPT_WriteSerializedToReg(HKEY key, DWORD flags, const BYTE *hash, const BYTE *buf, 183 DWORD len) 184 { 185 WCHAR asciiHash[20 * 2 + 1]; 186 LONG rc; 187 HKEY subKey; 188 BOOL ret; 189 190 CRYPT_HashToStr(hash, asciiHash); 191 rc = RegCreateKeyExW(key, asciiHash, 0, NULL, flags, KEY_ALL_ACCESS, NULL, 192 &subKey, NULL); 193 if (!rc) 194 { 195 rc = RegSetValueExW(subKey, BlobW, 0, REG_BINARY, buf, len); 196 RegCloseKey(subKey); 197 } 198 if (!rc) 199 ret = TRUE; 200 else 201 { 202 SetLastError(rc); 203 ret = FALSE; 204 } 205 return ret; 206 } 207 208 BOOL CRYPT_SerializeContextsToReg(HKEY key, DWORD flags, 209 const WINE_CONTEXT_INTERFACE *contextInterface, HCERTSTORE memStore) 210 { 211 const void *context = NULL; 212 BOOL ret; 213 214 do { 215 context = contextInterface->enumContextsInStore(memStore, context); 216 if (context) 217 { 218 BYTE hash[20]; 219 DWORD hashSize = sizeof(hash); 220 221 ret = contextInterface->getProp(context, CERT_HASH_PROP_ID, hash, 222 &hashSize); 223 if (ret) 224 { 225 DWORD size = 0; 226 LPBYTE buf = NULL; 227 228 ret = contextInterface->serialize(context, 0, NULL, &size); 229 if (size) 230 buf = CryptMemAlloc(size); 231 if (buf) 232 { 233 ret = contextInterface->serialize(context, 0, buf, &size); 234 if (ret) 235 ret = CRYPT_WriteSerializedToReg(key, flags, hash, buf, size); 236 } 237 CryptMemFree(buf); 238 } 239 } 240 else 241 ret = TRUE; 242 } while (ret && context != NULL); 243 if (context) 244 Context_Release(context_from_ptr(context)); 245 return ret; 246 } 247 248 static BOOL CRYPT_RegWriteToReg(WINE_REGSTOREINFO *store) 249 { 250 static const WCHAR * const subKeys[] = { CertsW, CRLsW, CTLsW }; 251 const WINE_CONTEXT_INTERFACE * const interfaces[] = { pCertInterface, 252 pCRLInterface, pCTLInterface }; 253 struct list *listToDelete[] = { &store->certsToDelete, &store->crlsToDelete, 254 &store->ctlsToDelete }; 255 BOOL ret = TRUE; 256 DWORD i; 257 258 for (i = 0; ret && i < ARRAY_SIZE(subKeys); i++) 259 { 260 HKEY key; 261 LONG rc = RegCreateKeyExW(store->key, subKeys[i], 0, NULL, 0, 262 KEY_ALL_ACCESS, NULL, &key, NULL); 263 264 if (!rc) 265 { 266 if (listToDelete[i]) 267 { 268 WINE_HASH_TO_DELETE *toDelete, *next; 269 WCHAR asciiHash[20 * 2 + 1]; 270 271 EnterCriticalSection(&store->cs); 272 LIST_FOR_EACH_ENTRY_SAFE(toDelete, next, listToDelete[i], 273 WINE_HASH_TO_DELETE, entry) 274 { 275 LONG rc; 276 277 CRYPT_HashToStr(toDelete->hash, asciiHash); 278 TRACE("Removing %s\n", debugstr_w(asciiHash)); 279 rc = RegDeleteKeyW(key, asciiHash); 280 if (rc != ERROR_SUCCESS && rc != ERROR_FILE_NOT_FOUND) 281 { 282 SetLastError(rc); 283 ret = FALSE; 284 } 285 list_remove(&toDelete->entry); 286 CryptMemFree(toDelete); 287 } 288 LeaveCriticalSection(&store->cs); 289 } 290 ret = CRYPT_SerializeContextsToReg(key, 0, interfaces[i], store->memStore); 291 RegCloseKey(key); 292 } 293 else 294 { 295 SetLastError(rc); 296 ret = FALSE; 297 } 298 } 299 return ret; 300 } 301 302 /* If force is true or the registry store is dirty, writes the contents of the 303 * store to the registry. 304 */ 305 static BOOL CRYPT_RegFlushStore(WINE_REGSTOREINFO *store, BOOL force) 306 { 307 BOOL ret; 308 309 TRACE("(%p, %d)\n", store, force); 310 311 if (store->dirty || force) 312 { 313 ret = CRYPT_RegWriteToReg(store); 314 if (ret) 315 store->dirty = FALSE; 316 } 317 else 318 ret = TRUE; 319 return ret; 320 } 321 322 static void WINAPI CRYPT_RegCloseStore(HCERTSTORE hCertStore, DWORD dwFlags) 323 { 324 WINE_REGSTOREINFO *store = hCertStore; 325 326 TRACE("(%p, %08x)\n", store, dwFlags); 327 if (dwFlags) 328 FIXME("Unimplemented flags: %08x\n", dwFlags); 329 330 CRYPT_RegFlushStore(store, FALSE); 331 RegCloseKey(store->key); 332 store->cs.DebugInfo->Spare[0] = 0; 333 DeleteCriticalSection(&store->cs); 334 CryptMemFree(store); 335 } 336 337 static BOOL CRYPT_RegWriteContext(WINE_REGSTOREINFO *store, 338 const void *context, DWORD dwFlags) 339 { 340 BOOL ret; 341 342 if (dwFlags & CERT_STORE_PROV_WRITE_ADD_FLAG) 343 { 344 store->dirty = TRUE; 345 ret = TRUE; 346 } 347 else 348 ret = FALSE; 349 return ret; 350 } 351 352 static BOOL CRYPT_RegDeleteContext(WINE_REGSTOREINFO *store, 353 struct list *deleteList, const void *context, 354 const WINE_CONTEXT_INTERFACE *contextInterface) 355 { 356 BOOL ret; 357 358 if (store->dwOpenFlags & CERT_STORE_READONLY_FLAG) 359 { 360 SetLastError(ERROR_ACCESS_DENIED); 361 ret = FALSE; 362 } 363 else 364 { 365 WINE_HASH_TO_DELETE *toDelete = CryptMemAlloc(sizeof(WINE_HASH_TO_DELETE)); 366 367 if (toDelete) 368 { 369 DWORD size = sizeof(toDelete->hash); 370 371 ret = contextInterface->getProp(context, CERT_HASH_PROP_ID, 372 toDelete->hash, &size); 373 if (ret) 374 { 375 EnterCriticalSection(&store->cs); 376 list_add_tail(deleteList, &toDelete->entry); 377 LeaveCriticalSection(&store->cs); 378 } 379 else 380 { 381 CryptMemFree(toDelete); 382 ret = FALSE; 383 } 384 } 385 else 386 ret = FALSE; 387 if (ret) 388 store->dirty = TRUE; 389 } 390 return ret; 391 } 392 393 static BOOL WINAPI CRYPT_RegWriteCert(HCERTSTORE hCertStore, 394 PCCERT_CONTEXT cert, DWORD dwFlags) 395 { 396 WINE_REGSTOREINFO *store = hCertStore; 397 398 TRACE("(%p, %p, %d)\n", hCertStore, cert, dwFlags); 399 400 return CRYPT_RegWriteContext(store, cert, dwFlags); 401 } 402 403 static BOOL WINAPI CRYPT_RegDeleteCert(HCERTSTORE hCertStore, 404 PCCERT_CONTEXT pCertContext, DWORD dwFlags) 405 { 406 WINE_REGSTOREINFO *store = hCertStore; 407 408 TRACE("(%p, %p, %08x)\n", store, pCertContext, dwFlags); 409 410 return CRYPT_RegDeleteContext(store, &store->certsToDelete, pCertContext, 411 pCertInterface); 412 } 413 414 static BOOL WINAPI CRYPT_RegWriteCRL(HCERTSTORE hCertStore, 415 PCCRL_CONTEXT crl, DWORD dwFlags) 416 { 417 WINE_REGSTOREINFO *store = hCertStore; 418 419 TRACE("(%p, %p, %d)\n", hCertStore, crl, dwFlags); 420 421 return CRYPT_RegWriteContext(store, crl, dwFlags); 422 } 423 424 static BOOL WINAPI CRYPT_RegDeleteCRL(HCERTSTORE hCertStore, 425 PCCRL_CONTEXT pCrlContext, DWORD dwFlags) 426 { 427 WINE_REGSTOREINFO *store = hCertStore; 428 429 TRACE("(%p, %p, %08x)\n", store, pCrlContext, dwFlags); 430 431 return CRYPT_RegDeleteContext(store, &store->crlsToDelete, pCrlContext, 432 pCRLInterface); 433 } 434 435 static BOOL WINAPI CRYPT_RegWriteCTL(HCERTSTORE hCertStore, 436 PCCTL_CONTEXT ctl, DWORD dwFlags) 437 { 438 WINE_REGSTOREINFO *store = hCertStore; 439 440 TRACE("(%p, %p, %d)\n", hCertStore, ctl, dwFlags); 441 442 return CRYPT_RegWriteContext(store, ctl, dwFlags); 443 } 444 445 static BOOL WINAPI CRYPT_RegDeleteCTL(HCERTSTORE hCertStore, 446 PCCTL_CONTEXT pCtlContext, DWORD dwFlags) 447 { 448 WINE_REGSTOREINFO *store = hCertStore; 449 450 TRACE("(%p, %p, %08x)\n", store, pCtlContext, dwFlags); 451 452 return CRYPT_RegDeleteContext(store, &store->ctlsToDelete, pCtlContext, 453 pCTLInterface); 454 } 455 456 static BOOL WINAPI CRYPT_RegControl(HCERTSTORE hCertStore, DWORD dwFlags, 457 DWORD dwCtrlType, void const *pvCtrlPara) 458 { 459 WINE_REGSTOREINFO *store = hCertStore; 460 BOOL ret = TRUE; 461 462 TRACE("(%p, %08x, %d, %p)\n", hCertStore, dwFlags, dwCtrlType, 463 pvCtrlPara); 464 465 switch (dwCtrlType) 466 { 467 case CERT_STORE_CTRL_RESYNC: 468 { 469 HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 470 CERT_STORE_CREATE_NEW_FLAG, NULL); 471 472 CRYPT_RegFlushStore(store, FALSE); 473 CRYPT_RegReadFromReg(store->key, memStore); 474 I_CertUpdateStore(store->memStore, memStore, 0, 0); 475 CertCloseStore(memStore, 0); 476 break; 477 } 478 case CERT_STORE_CTRL_COMMIT: 479 ret = CRYPT_RegFlushStore(store, 480 dwFlags & CERT_STORE_CTRL_COMMIT_FORCE_FLAG); 481 break; 482 case CERT_STORE_CTRL_AUTO_RESYNC: 483 FIXME("CERT_STORE_CTRL_AUTO_RESYNC: stub\n"); 484 break; 485 case CERT_STORE_CTRL_NOTIFY_CHANGE: 486 FIXME("CERT_STORE_CTRL_NOTIFY_CHANGE: stub\n"); 487 break; 488 default: 489 FIXME("%u: stub\n", dwCtrlType); 490 ret = FALSE; 491 } 492 return ret; 493 } 494 495 static void *regProvFuncs[] = { 496 CRYPT_RegCloseStore, 497 NULL, /* CERT_STORE_PROV_READ_CERT_FUNC */ 498 CRYPT_RegWriteCert, 499 CRYPT_RegDeleteCert, 500 NULL, /* CERT_STORE_PROV_SET_CERT_PROPERTY_FUNC */ 501 NULL, /* CERT_STORE_PROV_READ_CRL_FUNC */ 502 CRYPT_RegWriteCRL, 503 CRYPT_RegDeleteCRL, 504 NULL, /* CERT_STORE_PROV_SET_CRL_PROPERTY_FUNC */ 505 NULL, /* CERT_STORE_PROV_READ_CTL_FUNC */ 506 CRYPT_RegWriteCTL, 507 CRYPT_RegDeleteCTL, 508 NULL, /* CERT_STORE_PROV_SET_CTL_PROPERTY_FUNC */ 509 CRYPT_RegControl, 510 }; 511 512 WINECRYPT_CERTSTORE *CRYPT_RegOpenStore(HCRYPTPROV hCryptProv, DWORD dwFlags, 513 const void *pvPara) 514 { 515 WINECRYPT_CERTSTORE *store = NULL; 516 517 TRACE("(%ld, %08x, %p)\n", hCryptProv, dwFlags, pvPara); 518 519 if (dwFlags & CERT_STORE_DELETE_FLAG) 520 { 521 DWORD rc = RegDeleteTreeW((HKEY)pvPara, CertsW); 522 523 if (rc == ERROR_SUCCESS || rc == ERROR_NO_MORE_ITEMS) 524 rc = RegDeleteTreeW((HKEY)pvPara, CRLsW); 525 if (rc == ERROR_SUCCESS || rc == ERROR_NO_MORE_ITEMS) 526 rc = RegDeleteTreeW((HKEY)pvPara, CTLsW); 527 if (rc == ERROR_NO_MORE_ITEMS) 528 rc = ERROR_SUCCESS; 529 SetLastError(rc); 530 } 531 else 532 { 533 HKEY key; 534 535 if (DuplicateHandle(GetCurrentProcess(), (HANDLE)pvPara, 536 GetCurrentProcess(), (LPHANDLE)&key, 537 dwFlags & CERT_STORE_READONLY_FLAG ? KEY_READ : KEY_ALL_ACCESS, 538 TRUE, 0)) 539 { 540 WINECRYPT_CERTSTORE *memStore; 541 542 memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, hCryptProv, 543 CERT_STORE_CREATE_NEW_FLAG, NULL); 544 if (memStore) 545 { 546 WINE_REGSTOREINFO *regInfo = CryptMemAlloc( 547 sizeof(WINE_REGSTOREINFO)); 548 549 if (regInfo) 550 { 551 CERT_STORE_PROV_INFO provInfo = { 0 }; 552 553 regInfo->dwOpenFlags = dwFlags; 554 regInfo->memStore = memStore; 555 regInfo->key = key; 556 InitializeCriticalSection(®Info->cs); 557 regInfo->cs.DebugInfo->Spare[0] = (DWORD_PTR)(__FILE__ ": PWINE_REGSTOREINFO->cs"); 558 list_init(®Info->certsToDelete); 559 list_init(®Info->crlsToDelete); 560 list_init(®Info->ctlsToDelete); 561 CRYPT_RegReadFromReg(regInfo->key, regInfo->memStore); 562 regInfo->dirty = FALSE; 563 provInfo.cbSize = sizeof(provInfo); 564 provInfo.cStoreProvFunc = ARRAY_SIZE(regProvFuncs); 565 provInfo.rgpvStoreProvFunc = regProvFuncs; 566 provInfo.hStoreProv = regInfo; 567 store = CRYPT_ProvCreateStore(dwFlags, memStore, &provInfo); 568 /* Reg store doesn't need crypto provider, so close it */ 569 if (hCryptProv && 570 !(dwFlags & CERT_STORE_NO_CRYPT_RELEASE_FLAG)) 571 CryptReleaseContext(hCryptProv, 0); 572 } 573 } 574 } 575 } 576 TRACE("returning %p\n", store); 577 return store; 578 } 579