net/cert/sha256_legacy_support_win.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef NET_CERT_SHA256_LEGACY_SUPPORT_WIN_H_
#define NET_CERT_SHA256_LEGACY_SUPPORT_WIN_H_

#include <windows.h>

#include "base/strings/string_piece.h"
#include "crypto/wincrypt_shim.h"
#include "net/base/net_export.h"

namespace net {

namespace sha256_interception {

typedef BOOL (WINAPI* CryptVerifyCertificateSignatureExFunc)(
    HCRYPTPROV_LEGACY provider,
    DWORD encoding_type,
    DWORD subject_type,
    void* subject_data,
    DWORD issuer_type,
    void* issuer_data,
    DWORD flags,
    void* extra);

// Interception function meant to be called whenever
// CryptVerifyCertificateSignatureEx is called. Note that the calling
// conventions do not match, as the caller is expected to ensure that their
// interposed function handles the calling conventions and provides a pointer
// to the original CryptVerifyCertificateSignatureEx (e.g. to handle parameters
// and keys that are not supported).
NET_EXPORT BOOL CryptVerifyCertificateSignatureExHook(
    CryptVerifyCertificateSignatureExFunc original_func,
    HCRYPTPROV_LEGACY provider,
    DWORD encoding_type,
    DWORD subject_type,
    void* subject_data,
    DWORD issuer_type,
    void* issuer_data,
    DWORD flags,
    void* extra);

// Returns true if |subject_type| a supported subject type for interception.
bool IsSupportedSubjectType(DWORD subject_type);

// Returns true if |issuer_type| is a supported issuer type for interception.
bool IsSupportedIssuerType(DWORD issuer_type);

// Returns the encoded form of |subject_data| or an empty StringPiece if not
// supported.
base::StringPiece GetSubjectSignature(DWORD subject_type,
                                      void* subject_data);

// Returns the public key of |issuer_data| or NULL if not supported.
PCERT_PUBLIC_KEY_INFO GetIssuerPublicKey(DWORD issuer_type,
                                         void* issuer_data);

}  // namespace sha256_interception

}  // namespace net

#endif  // NET_CERT_SHA256_LEGACY_SUPPORT_WIN_H_