wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2024-11-21 16:46:54 -08:00
Code Issues Packages Projects Releases Wiki Activity

Rebase against cba24001e482fa8a8a1fbf5d5390539e2792b1aa

Browse Source
This commit is contained in:
Zebediah Figura 2018-06-20 17:58:17 -05:00
parent b27ebc675a
commit 78878ee3b9
4 changed files with 9 additions and 254 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
patches/crypt32-ECDSA_Cert_Chains/0006-crypt32-tests-Basic-tests-for-decoding-ECDSA-signed-.patch
View File

@ -1,18 +1,17 @@
From 929e67829c47d2fcb99f0aac8ac983f0c3a56836 Mon Sep 17 00:00:00 2001
From 484fbc0054dadaf4a410ae3497ccf3338ef7d81c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Wed, 27 Sep 2017 18:31:07 +0200
Subject: crypt32/tests: Basic tests for decoding ECDSA signed certificate.
---
dlls/crypt32/tests/encode.c | 168 ++++++++++++++++++++++++++++++++++++++++++++
include/wincrypt.h | 15 ++++
2 files changed, 183 insertions(+)
1 file changed, 168 insertions(+)
diff --git a/dlls/crypt32/tests/encode.c b/dlls/crypt32/tests/encode.c
index 8cb384c3395..fa389c41ff1 100644
index a4daec0..729f3e4 100644
--- a/dlls/crypt32/tests/encode.c
+++ b/dlls/crypt32/tests/encode.c
@@ -8352,6 +8352,173 @@ static void testPortPublicKeyInfo(void)
@@ -8509,6 +8509,173 @@ static void testPortPublicKeyInfo(void)
ok(ret,"CryptAcquireContextA failed\n");
}
@ -186,66 +185,12 @@ index 8cb384c3395..fa389c41ff1 100644
START_TEST(encode)
{
static const DWORD encodings[] = { X509_ASN_ENCODING, PKCS_7_ASN_ENCODING,
@@ -8445,4 +8612,5 @@ START_TEST(encode)
@@ -8602,4 +8769,5 @@ START_TEST(encode)
test_decodeRsaPrivateKey(encodings[i]);
}
testPortPublicKeyInfo();
+ testECDSACert();
}
diff --git a/include/wincrypt.h b/include/wincrypt.h
index 8b120206cd8..22ff350923a 100644
--- a/include/wincrypt.h
+++ b/include/wincrypt.h
@@ -288,6 +288,11 @@ typedef struct _CERT_KEY_ATTRIBUTES_INFO {
PCERT_PRIVATE_KEY_VALIDITY pPrivateKeyUsagePeriod;
} CERT_KEY_ATTRIBUTES_INFO, *PCERT_KEY_ATTRIBUTES_INFO;
+typedef struct _CERT_ECC_SIGNATURE {
+ CRYPT_UINT_BLOB r;
+ CRYPT_UINT_BLOB s;
+} CERT_ECC_SIGNATURE, *PCERT_ECC_SIGNATURE;
+
/* byte 0 */
#define CERT_DIGITAL_SIGNATURE_KEY_USAGE 0x80
#define CERT_NON_REPUDIATION_KEY_USAGE 0x40
@@ -2878,6 +2883,12 @@ typedef struct _CTL_FIND_SUBJECT_PARA
#define szOID_X957 "1.2.840.10040"
#define szOID_X957_DSA "1.2.840.10040.4.1"
#define szOID_X957_SHA1DSA "1.2.840.10040.4.3"
+#define szOID_ECC_PUBLIC_KEY "1.2.840.10045.2.1"
+#define szOID_ECC_CURVE_P256 "1.2.840.10045.3.1.7"
+#define szOID_ECDSA_SPECIFIED "1.2.840.10045.4.3"
+#define szOID_ECDSA_SHA256 "1.2.840.10045.4.3.2"
+#define szOID_ECDSA_SHA384 "1.2.840.10045.4.3.3"
+#define szOID_ECDSA_SHA512 "1.2.840.10045.4.3.4"
#define szOID_DS "2.5"
#define szOID_DSALG "2.5.8"
#define szOID_DSALG_CRPT "2.5.8.1"
@@ -2919,6 +2930,8 @@ typedef struct _CTL_FIND_SUBJECT_PARA
#define szOID_OIWDIR_SIGN "1.3.14.7.2.3"
#define szOID_OIWDIR_md2 "1.3.14.7.2.2.1"
#define szOID_OIWDIR_md2RSA "1.3.14.7.2.3.1"
+#define szOID_ECC_CURVE_P384 "1.3.132.0.34"
+#define szOID_ECC_CURVE_P521 "1.3.132.0.35"
#define szOID_INFOSEC "2.16.840.1.101.2.1"
#define szOID_INFOSEC_sdnsSignature "2.16.840.1.101.2.1.1.1"
#define szOID_INFOSEC_mosaicSignature "2.16.840.1.101.2.1.1.2"
@@ -3224,6 +3237,7 @@ typedef struct _CTL_FIND_SUBJECT_PARA
#define X509_PKIX_POLICY_QUALIFIER_USERNOTICE ((LPCSTR)46)
#define X509_DH_PUBLICKEY X509_MULTI_BYTE_UINT
#define X509_DH_PARAMETERS ((LPCSTR)47)
+#define X509_ECC_SIGNATURE ((LPCSTR)47)
#define PKCS_ATTRIBUTES ((LPCSTR)48)
#define PKCS_SORTED_CTL ((LPCSTR)49)
#define X942_DH_PARAMETERS ((LPCSTR)50)
@@ -3241,6 +3255,7 @@ typedef struct _CTL_FIND_SUBJECT_PARA
#define CMC_ADD_EXTENSIONS ((LPCSTR)62)
#define CMC_ADD_ATTRIBUTES ((LPCSTR)63)
#define X509_CERTIFICATE_TEMPLATE ((LPCSTR)64)
+#define X509_OBJECT_IDENTIFIER ((LPCSTR)73)
#define PKCS7_SIGNER_INFO ((LPCSTR)500)
#define CMS_SIGNER_INFO ((LPCSTR)501)
--
2.14.1
2.7.4

109
patches/crypt32-ECDSA_Cert_Chains/0007-crypt32-Implement-decoding-of-X509_OBJECT_IDENTIFIER.patch
View File

@ -1,109 +0,0 @@
From e271981b27492ce0612b5c2b7b0c18fd747ce2a7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Wed, 27 Sep 2017 19:08:43 +0200
Subject: crypt32: Implement decoding of X509_OBJECT_IDENTIFIER.
---
dlls/crypt32/decode.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
dlls/crypt32/tests/encode.c | 8 ++++----
2 files changed, 49 insertions(+), 4 deletions(-)
diff --git a/dlls/crypt32/decode.c b/dlls/crypt32/decode.c
index ddeb0552906..6b124f9db7d 100644
--- a/dlls/crypt32/decode.c
+++ b/dlls/crypt32/decode.c
@@ -5890,6 +5890,46 @@ BOOL CRYPT_AsnDecodePKCSEnvelopedData(const BYTE *pbEncoded, DWORD cbEncoded,
return ret;
}
+static BOOL WINAPI CRYPT_AsnDecodeObjectIdentifier(DWORD dwCertEncodingType,
+ LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
+ PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
+{
+ DWORD bytesNeeded = 0;
+ BOOL ret;
+
+ __TRY
+ {
+ ret = CRYPT_AsnDecodeOidInternal(pbEncoded, cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
+ NULL, &bytesNeeded, NULL);
+ if (ret)
+ {
+ if (!pvStructInfo)
+ *pcbStructInfo = bytesNeeded;
+ else if ((ret = CRYPT_DecodeEnsureSpace(dwFlags, pDecodePara, pvStructInfo, pcbStructInfo, bytesNeeded)))
+ {
+ LPSTR *info;
+
+ if (dwFlags & CRYPT_DECODE_ALLOC_FLAG)
+ pvStructInfo = *(BYTE **)pvStructInfo;
+
+ info = pvStructInfo;
+ *info = (void *)((BYTE *)info + sizeof(*info));
+ ret = CRYPT_AsnDecodeOidInternal(pbEncoded, cbEncoded, dwFlags & ~CRYPT_DECODE_ALLOC_FLAG,
+ pvStructInfo, &bytesNeeded, NULL);
+ if (!ret && (dwFlags & CRYPT_DECODE_ALLOC_FLAG))
+ CRYPT_FreeSpace(pDecodePara, info);
+ }
+ }
+ }
+ __EXCEPT_PAGE_FAULT
+ {
+ SetLastError(STATUS_ACCESS_VIOLATION);
+ ret = FALSE;
+ }
+ __ENDTRY
+ return ret;
+}
+
static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
LPCSTR lpszStructType)
{
@@ -6029,6 +6069,9 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
case LOWORD(CMS_SIGNER_INFO):
decodeFunc = CRYPT_AsnDecodeCMSSignerInfo;
break;
+ case LOWORD(X509_OBJECT_IDENTIFIER):
+ decodeFunc = CRYPT_AsnDecodeObjectIdentifier;
+ break;
}
}
else if (!strcmp(lpszStructType, szOID_CERT_EXTENSIONS))
@@ -6083,6 +6126,8 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
decodeFunc = CRYPT_AsnDecodePolicyQualifierUserNotice;
else if (!strcmp(lpszStructType, szOID_CTL))
decodeFunc = CRYPT_AsnDecodeCTL;
+ else if (!strcmp(lpszStructType, szOID_ECC_PUBLIC_KEY))
+ decodeFunc = CRYPT_AsnDecodeObjectIdentifier;
return decodeFunc;
}
diff --git a/dlls/crypt32/tests/encode.c b/dlls/crypt32/tests/encode.c
index fa389c41ff1..574b1e95351 100644
--- a/dlls/crypt32/tests/encode.c
+++ b/dlls/crypt32/tests/encode.c
@@ -8489,8 +8489,8 @@ static void testECDSACert(void)
ecc_curve = NULL;
ret = pCryptDecodeObjectEx(X509_ASN_ENCODING, X509_OBJECT_IDENTIFIER, pubkey->Algorithm.Parameters.pbData,
pubkey->Algorithm.Parameters.cbData, decode_flags, NULL, &ecc_curve, &size);
- todo_wine ok(ret || broken(GetLastError() == ERROR_FILE_NOT_FOUND /* < Vista */),
- "CryptDecodeObjectEx failed with %d\n", GetLastError());
+ ok(ret || broken(GetLastError() == ERROR_FILE_NOT_FOUND /* < Vista */),
+ "CryptDecodeObjectEx failed with %d\n", GetLastError());
if (ret)
{
ok(!strcmp(*ecc_curve, szOID_ECC_CURVE_P256), "Expected 1.2.840.10045.3.1.7, got %s\n", *ecc_curve);
@@ -8500,8 +8500,8 @@ static void testECDSACert(void)
ecc_curve = NULL;
ret = pCryptDecodeObjectEx(X509_ASN_ENCODING, szOID_ECC_PUBLIC_KEY, pubkey->Algorithm.Parameters.pbData,
pubkey->Algorithm.Parameters.cbData, decode_flags, NULL, &ecc_curve, &size);
- todo_wine ok(ret || broken(GetLastError() == ERROR_FILE_NOT_FOUND /* < Vista */),
- "CryptDecodeObjectEx failed with %d\n", GetLastError());
+ ok(ret || broken(GetLastError() == ERROR_FILE_NOT_FOUND /* < Vista */),
+ "CryptDecodeObjectEx failed with %d\n", GetLastError());
if (ret)
{
ok(!strcmp(*ecc_curve, szOID_ECC_CURVE_P256), "Expected 1.2.840.10045.3.1.7, got %s\n", *ecc_curve);
--
2.14.1

76
patches/crypt32-ECDSA_Cert_Chains/0008-crypt32-Implement-decoding-of-X509_ECC_SIGNATURE.patch
View File

@ -1,76 +0,0 @@
From 4f3a56480857ec2b17c6bb6dd53f40420aebdc3b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Thu, 28 Sep 2017 05:35:49 +0200
Subject: crypt32: Implement decoding of X509_ECC_SIGNATURE.
---
dlls/crypt32/decode.c | 32 ++++++++++++++++++++++++++++++++
dlls/crypt32/tests/encode.c | 2 +-
2 files changed, 33 insertions(+), 1 deletion(-)
diff --git a/dlls/crypt32/decode.c b/dlls/crypt32/decode.c
index 6b124f9db7d..02392ec6bf0 100644
--- a/dlls/crypt32/decode.c
+++ b/dlls/crypt32/decode.c
@@ -5930,6 +5930,35 @@ static BOOL WINAPI CRYPT_AsnDecodeObjectIdentifier(DWORD dwCertEncodingType,
return ret;
}
+static BOOL WINAPI CRYPT_AsnDecodeEccSignature(DWORD dwCertEncodingType,
+ LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags,
+ PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
+{
+ BOOL ret;
+ struct AsnDecodeSequenceItem items[] = {
+ { ASN_INTEGER, offsetof(CERT_ECC_SIGNATURE, r),
+ CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_UINT_BLOB), FALSE,
+ TRUE, offsetof(CERT_ECC_SIGNATURE, r.pbData), 0 },
+ { ASN_INTEGER, offsetof(CERT_ECC_SIGNATURE, s),
+ CRYPT_AsnDecodeUnsignedIntegerInternal, sizeof(CRYPT_UINT_BLOB), FALSE,
+ TRUE, offsetof(CERT_ECC_SIGNATURE, s.pbData), 0 },
+ };
+
+ __TRY
+ {
+ ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
+ pbEncoded, cbEncoded, dwFlags, pDecodePara, pvStructInfo,
+ pcbStructInfo, NULL, NULL);
+ }
+ __EXCEPT_PAGE_FAULT
+ {
+ SetLastError(STATUS_ACCESS_VIOLATION);
+ ret = FALSE;
+ }
+ __ENDTRY
+ return ret;
+}
+
static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
LPCSTR lpszStructType)
{
@@ -6072,6 +6101,9 @@ static CryptDecodeObjectExFunc CRYPT_GetBuiltinDecoder(DWORD dwCertEncodingType,
case LOWORD(X509_OBJECT_IDENTIFIER):
decodeFunc = CRYPT_AsnDecodeObjectIdentifier;
break;
+ case LOWORD(X509_ECC_SIGNATURE):
+ decodeFunc = CRYPT_AsnDecodeEccSignature;
+ break;
}
}
else if (!strcmp(lpszStructType, szOID_CERT_EXTENSIONS))
diff --git a/dlls/crypt32/tests/encode.c b/dlls/crypt32/tests/encode.c
index 574b1e95351..5ab828151fa 100644
--- a/dlls/crypt32/tests/encode.c
+++ b/dlls/crypt32/tests/encode.c
@@ -8434,7 +8434,7 @@ static void testECDSACert(void)
ecc_sig = NULL;
ret = pCryptDecodeObjectEx(X509_ASN_ENCODING, X509_ECC_SIGNATURE, info->Signature.pbData,
info->Signature.cbData, decode_flags, NULL, &ecc_sig, &size);
- todo_wine ok(ret, "CryptDecodeObjectEx failed with %d\n", GetLastError());
+ ok(ret, "CryptDecodeObjectEx failed with %d\n", GetLastError());
if (ret)
{
ok(ecc_sig->r.cbData == 32, "Expected 32 bytes, got %d\n", ecc_sig->r.cbData);
--
2.14.1

11
patches/patchinstall.sh
View File

@ -52,7 +52,7 @@ usage()
# Get the upstream commit sha
upstream_commit()
{
echo "e6fc86e4a0a8396a345ae21fbe7be9210441d307"
echo "cba24001e482fa8a8a1fbf5d5390539e2792b1aa"
}
# Show version information
@ -2727,14 +2727,11 @@ fi
# | * [#35902] Implement support for validating ECDSA certificate chains
# |
# | Modified files:
# | * dlls/crypt32/Makefile.in, dlls/crypt32/cert.c, dlls/crypt32/chain.c, dlls/crypt32/crypt32_private.h,
# | dlls/crypt32/decode.c, dlls/crypt32/oid.c, dlls/crypt32/tests/chain.c, dlls/crypt32/tests/encode.c,
# | dlls/crypt32/tests/oid.c, include/wincrypt.h
# | * dlls/crypt32/Makefile.in, dlls/crypt32/cert.c, dlls/crypt32/chain.c, dlls/crypt32/crypt32_private.h, dlls/crypt32/oid.c,
# | dlls/crypt32/tests/chain.c, dlls/crypt32/tests/encode.c, dlls/crypt32/tests/oid.c, include/wincrypt.h
# |
if test "$enable_crypt32_ECDSA_Cert_Chains" -eq 1; then
patch_apply crypt32-ECDSA_Cert_Chains/0006-crypt32-tests-Basic-tests-for-decoding-ECDSA-signed-.patch
patch_apply crypt32-ECDSA_Cert_Chains/0007-crypt32-Implement-decoding-of-X509_OBJECT_IDENTIFIER.patch
patch_apply crypt32-ECDSA_Cert_Chains/0008-crypt32-Implement-decoding-of-X509_ECC_SIGNATURE.patch
patch_apply crypt32-ECDSA_Cert_Chains/0009-crypt32-tests-Add-basic-test-for-ecdsa-oid.patch
patch_apply crypt32-ECDSA_Cert_Chains/0010-crypt32-Add-oids-for-sha256ECDSA-and-sha384ECDSA.patch
patch_apply crypt32-ECDSA_Cert_Chains/0011-crypt32-Correctly-return-how-the-issuer-of-a-self-si.patch
@ -2742,8 +2739,6 @@ if test "$enable_crypt32_ECDSA_Cert_Chains" -eq 1; then
patch_apply crypt32-ECDSA_Cert_Chains/0013-crypt32-Implement-verification-of-ECDSA-signatures.patch
(
printf '%s\n' '+ { "Michael Müller", "crypt32/tests: Basic tests for decoding ECDSA signed certificate.", 1 },';
printf '%s\n' '+ { "Michael Müller", "crypt32: Implement decoding of X509_OBJECT_IDENTIFIER.", 1 },';
printf '%s\n' '+ { "Michael Müller", "crypt32: Implement decoding of X509_ECC_SIGNATURE.", 1 },';
printf '%s\n' '+ { "Michael Müller", "crypt32/tests: Add basic test for ecdsa oid.", 1 },';
printf '%s\n' '+ { "Michael Müller", "crypt32: Add oids for sha256ECDSA and sha384ECDSA.", 1 },';
printf '%s\n' '+ { "Michael Müller", "crypt32: Correctly return how the issuer of a self signed certificate was checked.", 1 },';