diff --git a/patches/crypt32-ECDSA_Cert_Chains/0009-crypt32-tests-Add-basic-test-for-ecdsa-oid.patch b/patches/crypt32-ECDSA_Cert_Chains/0009-crypt32-tests-Add-basic-test-for-ecdsa-oid.patch deleted file mode 100644 index 6575ef19..00000000 --- a/patches/crypt32-ECDSA_Cert_Chains/0009-crypt32-tests-Add-basic-test-for-ecdsa-oid.patch +++ /dev/null @@ -1,108 +0,0 @@ -From e8fdbe56cb46f23d730bcc32a15510cc770b4ce6 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Michael=20M=C3=BCller?= -Date: Fri, 29 Sep 2017 22:17:15 +0200 -Subject: [PATCH] crypt32/tests: Add basic test for ecdsa oid. - ---- - dlls/crypt32/tests/oid.c | 35 +++++++++++++++++++++++++++++++++++ - include/wincrypt.h | 15 +++++++++++++++ - 2 files changed, 50 insertions(+) - -diff --git a/dlls/crypt32/tests/oid.c b/dlls/crypt32/tests/oid.c -index 8fc67b3..e14f240 100644 ---- a/dlls/crypt32/tests/oid.c -+++ b/dlls/crypt32/tests/oid.c -@@ -22,6 +22,7 @@ - #include - #include - #include -+#define CRYPT_OID_INFO_HAS_EXTRA_FIELDS - #include - #include - -@@ -543,8 +544,10 @@ static void test_enumOIDInfo(void) - - static void test_findOIDInfo(void) - { -+ static WCHAR sha256ECDSA[] = { 's','h','a','2','5','6','E','C','D','S','A',0 }; - static WCHAR sha1[] = { 's','h','a','1',0 }; - static CHAR oid_rsa_md5[] = szOID_RSA_MD5, oid_sha256[] = szOID_NIST_sha256; -+ static CHAR oid_ecda_sha25[] = szOID_ECDSA_SHA256; - ALG_ID alg = CALG_SHA1; - ALG_ID algs[2] = { CALG_MD5, CALG_RSA_SIGN }; - PCCRYPT_OID_INFO info; -@@ -600,6 +603,38 @@ static void test_findOIDInfo(void) - ok(U(*info).Algid == CALG_SHA_256 || U(*info).Algid == -1, - "Expected CALG_MD5 or -1, got %d\n", U(*info).Algid); - } -+ -+ info = CryptFindOIDInfo(CRYPT_OID_INFO_OID_KEY, oid_ecda_sha25, 0); -+ if (info) -+ { -+ DWORD *data; -+ -+ ok(info->cbSize == sizeof(*info), -+ "Expected %d, got %d\n", (int)sizeof(*info), info->cbSize); -+ ok(!strcmp(info->pszOID, oid_ecda_sha25), -+ "Expected %s, got %s\n", oid_ecda_sha25, info->pszOID); -+ ok(!lstrcmpW(info->pwszName, sha256ECDSA), -+ "Expected %s, got %s\n", wine_dbgstr_w(sha256ECDSA), wine_dbgstr_w(info->pwszName)); -+ ok(info->dwGroupId == CRYPT_SIGN_ALG_OID_GROUP_ID, -+ "Expected CRYPT_SIGN_ALG_OID_GROUP_ID, got %u\n", info->dwGroupId); -+ ok(U(*info).Algid == CALG_OID_INFO_CNG_ONLY, -+ "Expected CALG_OID_INFO_CNG_ONLY, got %d\n", U(*info).Algid); -+ -+ data = (DWORD *)info->ExtraInfo.pbData; -+ ok(info->ExtraInfo.cbData == 8, -+ "Expected 8, got %d\n", info->ExtraInfo.cbData); -+ ok(data[0] == CALG_OID_INFO_PARAMETERS, -+ "Expected CALG_OID_INFO_PARAMETERS, got %x\n", data[0]); -+ ok(data[1] == CRYPT_OID_NO_NULL_ALGORITHM_PARA_FLAG, -+ "Expected CRYPT_OID_NO_NULL_ALGORITHM_PARA_FLAG, got %x\n", data[1]); -+ -+ ok(!lstrcmpW(info->pwszCNGAlgid, BCRYPT_SHA256_ALGORITHM), "Expected %s, got %s\n", -+ wine_dbgstr_w(BCRYPT_SHA256_ALGORITHM), wine_dbgstr_w(info->pwszCNGAlgid)); -+ ok(!lstrcmpW(info->pwszCNGExtraAlgid, CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM), "Expected %s, got %s\n", -+ wine_dbgstr_w(CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM), wine_dbgstr_w(info->pwszCNGExtraAlgid)); -+ } -+ else -+ todo_wine win_skip("Host does not support ECDSA_SHA256, skipping test\n"); - } - - START_TEST(oid) -diff --git a/include/wincrypt.h b/include/wincrypt.h -index a7c24e7..373acac 100644 ---- a/include/wincrypt.h -+++ b/include/wincrypt.h -@@ -1244,6 +1244,17 @@ typedef BOOL (WINAPI *PFN_CRYPT_ENUM_OID_FUNC)(DWORD dwEncodingType, - - #define CRYPT_MATCH_ANY_ENCODING_TYPE 0xffffffff - -+#define CALG_OID_INFO_CNG_ONLY 0xffffffff -+#define CALG_OID_INFO_PARAMETERS 0xfffffffe -+ -+#define CRYPT_OID_INFO_HASH_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','H','a','s','h','P','a','r','a','m','e','t','e','r','s',0} -+#define CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','E','C','C','P','a','r','a','m','e','t','e','r','s',0} -+#define CRYPT_OID_INFO_MGF1_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','M','g','f','1','P','a','r','a','m','e','t','e','r','s',0} -+#define CRYPT_OID_INFO_NO_SIGN_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','N','o','S','i','g','n',0} -+#define CRYPT_OID_INFO_OAEP_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','O','A','E','P','P','a','r','a','m','e','t','e','r','s',0} -+#define CRYPT_OID_INFO_ECC_WRAP_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','E','C','C','W','r','a','p','P','a','r','a','m','e','t','e','r','s',0} -+#define CRYPT_OID_INFO_NO_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','N','o','P','a','r','a','m','e','t','e','r','s',0} -+ - typedef struct _CRYPT_OID_INFO { - DWORD cbSize; - LPCSTR pszOID; -@@ -1255,6 +1266,10 @@ typedef struct _CRYPT_OID_INFO { - DWORD dwLength; - } DUMMYUNIONNAME; - CRYPT_DATA_BLOB ExtraInfo; -+#ifdef CRYPT_OID_INFO_HAS_EXTRA_FIELDS -+ LPCWSTR pwszCNGAlgid; -+ LPCWSTR pwszCNGExtraAlgid; -+#endif - } CRYPT_OID_INFO, *PCRYPT_OID_INFO; - typedef const CRYPT_OID_INFO CCRYPT_OID_INFO, *PCCRYPT_OID_INFO; - --- -1.9.1 - diff --git a/patches/crypt32-ECDSA_Cert_Chains/0010-crypt32-Add-oids-for-sha256ECDSA-and-sha384ECDSA.patch b/patches/crypt32-ECDSA_Cert_Chains/0010-crypt32-Add-oids-for-sha256ECDSA-and-sha384ECDSA.patch deleted file mode 100644 index 2e2731be..00000000 --- a/patches/crypt32-ECDSA_Cert_Chains/0010-crypt32-Add-oids-for-sha256ECDSA-and-sha384ECDSA.patch +++ /dev/null @@ -1,102 +0,0 @@ -From 46195d1c3633ba489f99a896012283b467df7fc2 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Michael=20M=C3=BCller?= -Date: Fri, 29 Sep 2017 22:42:56 +0200 -Subject: crypt32: Add oids for sha256ECDSA and sha384ECDSA. - ---- - dlls/crypt32/oid.c | 17 +++++++++++++++++ - dlls/crypt32/tests/oid.c | 2 +- - 2 files changed, 18 insertions(+), 1 deletion(-) - -diff --git a/dlls/crypt32/oid.c b/dlls/crypt32/oid.c -index 7c07b9fcd99..b34c5980d65 100644 ---- a/dlls/crypt32/oid.c -+++ b/dlls/crypt32/oid.c -@@ -25,6 +25,7 @@ - #define NONAMELESSUNION - #include "windef.h" - #include "winbase.h" -+#define CRYPT_OID_INFO_HAS_EXTRA_FIELDS - #include "wincrypt.h" - #include "winreg.h" - #include "winuser.h" -@@ -1080,6 +1081,8 @@ static const WCHAR sha384RSA[] = { 's','h','a','3','8','4','R','S','A',0 }; - static const WCHAR sha512RSA[] = { 's','h','a','5','1','2','R','S','A',0 }; - static const WCHAR mosaicUpdatedSig[] = - { 'm','o','s','a','i','c','U','p','d','a','t','e','d','S','i','g',0 }; -+static const WCHAR sha256ECDSA[] = { 's','h','a','2','5','6','E','C','D','S','A',0 }; -+static const WCHAR sha384ECDSA[] = { 's','h','a','3','8','4','E','C','D','S','A',0 }; - static const WCHAR CN[] = { 'C','N',0 }; - static const WCHAR L[] = { 'L',0 }; - static const WCHAR O[] = { 'O',0 }; -@@ -1126,12 +1129,16 @@ static const DWORD dssSign[2] = { CALG_DSS_SIGN, - static const DWORD mosaicSign[2] = { CALG_DSS_SIGN, - CRYPT_OID_INHIBIT_SIGNATURE_FORMAT_FLAG | - CRYPT_OID_NO_NULL_ALGORITHM_PARA_FLAG }; -+static const DWORD ecdsaSign[2] = { CALG_OID_INFO_PARAMETERS, -+ CRYPT_OID_NO_NULL_ALGORITHM_PARA_FLAG }; - static const CRYPT_DATA_BLOB rsaSignBlob = { sizeof(rsaSign), - (LPBYTE)&rsaSign }; - static const CRYPT_DATA_BLOB dssSignBlob = { sizeof(dssSign), - (LPBYTE)dssSign }; - static const CRYPT_DATA_BLOB mosaicSignBlob = { sizeof(mosaicSign), - (LPBYTE)mosaicSign }; -+static const CRYPT_DATA_BLOB ecdsaSignBlob = { sizeof(ecdsaSign), -+ (LPBYTE)ecdsaSign }; - - static const DWORD ia5String[] = { CERT_RDN_IA5_STRING, 0 }; - static const DWORD numericString[] = { CERT_RDN_NUMERIC_STRING, 0 }; -@@ -1153,6 +1160,8 @@ static const struct OIDInfoConstructor { - UINT Algid; - LPCWSTR pwszName; - const CRYPT_DATA_BLOB *blob; -+ LPCWSTR pwszCNGAlgid; -+ LPCWSTR pwszCNGExtraAlgid; - } oidInfoConstructors[] = { - { 1, szOID_OIWSEC_sha1, CALG_SHA1, sha1, NULL }, - { 1, szOID_OIWSEC_sha1, CALG_SHA1, sha, NULL }, -@@ -1207,6 +1216,10 @@ static const struct OIDInfoConstructor { - { 4, szOID_OIWSEC_dsaSHA1, CALG_SHA1, dsaSHA1, &dssSignBlob }, - { 4, szOID_INFOSEC_mosaicUpdatedSig, CALG_SHA1, mosaicUpdatedSig, - &mosaicSignBlob }, -+ { 4, szOID_ECDSA_SHA256, CALG_OID_INFO_CNG_ONLY, sha256ECDSA, &ecdsaSignBlob, -+ BCRYPT_SHA256_ALGORITHM, CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM }, -+ { 4, szOID_ECDSA_SHA384, CALG_OID_INFO_CNG_ONLY, sha384ECDSA, &ecdsaSignBlob, -+ BCRYPT_SHA384_ALGORITHM, CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM }, - - { 5, szOID_COMMON_NAME, 0, CN, NULL }, - { 5, szOID_LOCALITY_NAME, 0, L, NULL }, -@@ -1422,6 +1435,8 @@ static void init_oid_info(void) - info->info.ExtraInfo.pbData = - oidInfoConstructors[i].blob->pbData; - } -+ info->info.pwszCNGAlgid = oidInfoConstructors[i].pwszCNGAlgid; -+ info->info.pwszCNGExtraAlgid = oidInfoConstructors[i].pwszCNGExtraAlgid; - list_add_tail(&oidInfo, &info->entry); - } - } -@@ -1454,6 +1469,8 @@ static void init_oid_info(void) - info->info.ExtraInfo.pbData = - oidInfoConstructors[i].blob->pbData; - } -+ info->info.pwszCNGAlgid = oidInfoConstructors[i].pwszCNGAlgid; -+ info->info.pwszCNGExtraAlgid = oidInfoConstructors[i].pwszCNGExtraAlgid; - list_add_tail(&oidInfo, &info->entry); - } - } -diff --git a/dlls/crypt32/tests/oid.c b/dlls/crypt32/tests/oid.c -index 567658d515d..fa885efb742 100644 ---- a/dlls/crypt32/tests/oid.c -+++ b/dlls/crypt32/tests/oid.c -@@ -619,7 +619,7 @@ static void test_findOIDInfo(void) - wine_dbgstr_w(CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM), wine_dbgstr_w(info->pwszCNGExtraAlgid)); - } - else -- todo_wine win_skip("Host does not support ECDSA_SHA256, skipping test\n"); -+ win_skip("Host does not support ECDSA_SHA256, skipping test\n"); - } - - START_TEST(oid) --- -2.14.1 - diff --git a/patches/patchinstall.sh b/patches/patchinstall.sh index 08339e88..ce96b833 100755 --- a/patches/patchinstall.sh +++ b/patches/patchinstall.sh @@ -52,7 +52,7 @@ usage() # Get the upstream commit sha upstream_commit() { - echo "9ef8fa2a0bfb559475e17d2562892085f0e2a90f" + echo "58c49279f5d5ac11c0af25053f47845203dffdec" } # Show version information @@ -2738,20 +2738,16 @@ fi # | * [#35902] Implement support for validating ECDSA certificate chains # | # | Modified files: -# | * dlls/crypt32/Makefile.in, dlls/crypt32/cert.c, dlls/crypt32/chain.c, dlls/crypt32/crypt32_private.h, dlls/crypt32/oid.c, -# | dlls/crypt32/tests/chain.c, dlls/crypt32/tests/encode.c, dlls/crypt32/tests/oid.c, include/wincrypt.h +# | * dlls/crypt32/Makefile.in, dlls/crypt32/cert.c, dlls/crypt32/chain.c, dlls/crypt32/crypt32_private.h, +# | dlls/crypt32/tests/chain.c, dlls/crypt32/tests/encode.c # | if test "$enable_crypt32_ECDSA_Cert_Chains" -eq 1; then patch_apply crypt32-ECDSA_Cert_Chains/0006-crypt32-tests-Basic-tests-for-decoding-ECDSA-signed-.patch - patch_apply crypt32-ECDSA_Cert_Chains/0009-crypt32-tests-Add-basic-test-for-ecdsa-oid.patch - patch_apply crypt32-ECDSA_Cert_Chains/0010-crypt32-Add-oids-for-sha256ECDSA-and-sha384ECDSA.patch patch_apply crypt32-ECDSA_Cert_Chains/0011-crypt32-Correctly-return-how-the-issuer-of-a-self-si.patch patch_apply crypt32-ECDSA_Cert_Chains/0012-crypt32-tets-Add-test-for-verifying-an-ecdsa-chain.patch patch_apply crypt32-ECDSA_Cert_Chains/0013-crypt32-Implement-verification-of-ECDSA-signatures.patch ( printf '%s\n' '+ { "Michael Müller", "crypt32/tests: Basic tests for decoding ECDSA signed certificate.", 1 },'; - printf '%s\n' '+ { "Michael Müller", "crypt32/tests: Add basic test for ecdsa oid.", 1 },'; - printf '%s\n' '+ { "Michael Müller", "crypt32: Add oids for sha256ECDSA and sha384ECDSA.", 1 },'; printf '%s\n' '+ { "Michael Müller", "crypt32: Correctly return how the issuer of a self signed certificate was checked.", 1 },'; printf '%s\n' '+ { "Michael Müller", "crypt32/tets: Add test for verifying an ecdsa chain.", 1 },'; printf '%s\n' '+ { "Michael Müller", "crypt32: Implement verification of ECDSA signatures.", 1 },';