archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/ds/security/cryptoapi/test/capi20/tcopycer/tcopycer.cpp

539 lines
18 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  2. //+-------------------------------------------------------------------------
  3. //
  4. // Microsoft Windows
  5. //
  6. // Copyright (C) Microsoft Corporation, 1995 - 1996
  7. //
  8. // File: tcopycer.cpp
  9. //
  10. // Contents: Cert Store Copy Cert/CRL/CTL context API Tests
  11. //
  12. // See Usage() for list of test options.
  13. //
  14. //
  15. // Functions: main
  16. //
  17. // History: 11-Apr-96 philh created
  18. // 07-Jun-96 HelleS Added printing the command line
  19. // and Failed or Passed at the end.
  20. // 20-Aug-96 jeffspel name changes
  21. //
  22. //--------------------------------------------------------------------------
  25. #include <windows.h>
  26. #include <assert.h>
  27. #include "wincrypt.h"
  28. #include "certtest.h"
  30. #include <stdlib.h>
  31. #include <stdio.h>
  32. #include <string.h>
  33. #include <memory.h>
  34. #include <time.h>
  37. static void Usage(void)
  38. {
  39. printf("Usage: tcopycer [options] <Src StoreName> <Dst StoreName>\n");
  40. printf("Options are:\n");
  41. printf(" -h - This message\n");
  42. printf(" -s - Dst \"StoreName\" System store\n");
  43. printf(" -7 - PKCS# 7 save for Dst if filename\n");
  44. printf(" -S - Src \"StoreName\" System store\n");
  45. printf(" -R - Replace certs that exist\n");
  46. printf(" -I - Replace certs with property inheritance\n");
  47. printf(" -A - Always add a new cert\n");
  48. printf(" -b<number> - Add Base CRL having specified number\n");
  49. printf(" -f<number> - Add Freshest CRL having specified number\n");
  50. printf(" -a[<ValueString>] - Only certs matching name attribute value\n");
  51. printf("\n");
  52. printf("-b and/or -f only copy the CRL having the specified number\n");
  53. printf("-b and/or -f delete all CRLs unless -A is also specified\n");
  54. printf("\n");
  55. }
  57. static void DisplayFindAttr(DWORD cRDNAttr, CERT_RDN_ATTR rgRDNAttr[])
  58. {
  59. DWORD i;
  61. for (i = 0; i < cRDNAttr; i++) {
  62. LPSTR pszObjId = rgRDNAttr[i].pszObjId;
  63. LPSTR pszValue = (LPSTR) rgRDNAttr[i].Value.pbData;
  64. printf(" [%d] ", i);
  65. if (pszObjId)
  66. printf("%s ", pszObjId);
  67. if (rgRDNAttr[i].dwValueType)
  68. printf("ValueType: %d ", rgRDNAttr[i].dwValueType);
  69. if (pszValue == NULL)
  70. pszValue = "<NONE>";
  71. printf("Value: %s\n", pszValue);
  72. }
  73. }
  75. int _cdecl main(int argc, char * argv[])
  76. {
  77. int ReturnStatus = 0;
  78. BOOL fSrcSystemStore = FALSE;
  79. BOOL fDstSystemStore = FALSE;
  80. LPSTR pszSrcStoreFilename = NULL;
  81. LPSTR pszDstStoreFilename = NULL;
  83. BOOL fPKCS7Save = FALSE;
  84. DWORD dwAddDisposition = CERT_STORE_ADD_USE_EXISTING;
  86. HANDLE hSrcStore = NULL;
  87. HANDLE hDstStore = NULL;
  89. #define MAX_RDN_ATTR 20
  90. DWORD cRDNAttr = 0;
  91. CERT_RDN_ATTR rgRDNAttr[MAX_RDN_ATTR + 1];
  92. memset (rgRDNAttr, 0, sizeof(rgRDNAttr));
  93. CERT_RDN NameRDN;
  95. BOOL fBaseOrFreshestCrl = FALSE;
  96. int iBaseCrl = -1;
  97. int iFreshestCrl = -1;
  99. while (--argc>0)
  100. {
  101. if (**++argv == '-')
  102. {
  103. switch(argv[0][1])
  104. {
  105. case 's':
  106. fDstSystemStore = TRUE;
  107. break;
  108. case '7':
  109. fPKCS7Save = TRUE;
  110. break;
  111. case 'S':
  112. fSrcSystemStore = TRUE;
  113. break;
  114. case 'R':
  115. dwAddDisposition = CERT_STORE_ADD_REPLACE_EXISTING;
  116. break;
  117. case 'A':
  118. dwAddDisposition = CERT_STORE_ADD_ALWAYS;
  119. break;
  120. case 'I':
  121. dwAddDisposition =
  122. CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES;
  123. break;
  124. case 'a':
  125. if (cRDNAttr >= MAX_RDN_ATTR) {
  126. printf("Maximum number of attributes: %d\n", MAX_RDN_ATTR);
  127. Usage();
  128. return -1;
  129. }
  130. rgRDNAttr[cRDNAttr].Value.cbData = strlen(argv[0] + 2);
  131. if (rgRDNAttr[cRDNAttr].Value.cbData == 0)
  132. rgRDNAttr[cRDNAttr].Value.pbData = NULL;
  133. else
  134. rgRDNAttr[cRDNAttr].Value.pbData = (BYTE *) (argv[0] + 2);
  135. cRDNAttr++;
  136. break;
  137. case 'b':
  138. iBaseCrl = atoi(argv[0]+2);
  139. fBaseOrFreshestCrl = TRUE;
  140. break;
  141. case 'f':
  142. iFreshestCrl = atoi(argv[0]+2);
  143. fBaseOrFreshestCrl = TRUE;
  144. break;
  145. case 'h':
  146. default:
  147. goto BadUsage;
  149. }
  150. } else {
  151. if (pszSrcStoreFilename == NULL)
  152. pszSrcStoreFilename = argv[0];
  153. else if (pszDstStoreFilename == NULL)
  154. pszDstStoreFilename = argv[0];
  155. else {
  156. printf("too many store filenames\n");
  157. goto BadUsage;
  158. }
  159. }
  160. }
  163. if (pszDstStoreFilename == NULL) {
  164. printf("missing store filename\n");
  165. goto BadUsage;
  166. }
  168. printf("command line: %s\n", GetCommandLine());
  170. // Attempt to open the source and destination stores
  171. hSrcStore = OpenStore(fSrcSystemStore, pszSrcStoreFilename);
  172. if (hSrcStore == NULL)
  173. goto ErrorReturn;
  174. hDstStore = OpenStore(fDstSystemStore, pszDstStoreFilename);
  175. if (hDstStore == NULL) {
  176. if (!CertCloseStore(hSrcStore, 0))
  177. PrintLastError("CertCloseStore");
  178. goto ErrorReturn;
  179. }
  181. if (cRDNAttr) {
  182. printf("Copy certs matching attribute values::\n");
  183. DisplayFindAttr(cRDNAttr, rgRDNAttr);
  184. NameRDN.cRDNAttr = cRDNAttr;
  185. NameRDN.rgRDNAttr = rgRDNAttr;
  186. }
  188. if (!fBaseOrFreshestCrl)
  189. {
  190. DWORD dwCopyCnt = 0;
  191. PCCERT_CONTEXT pCert = NULL;
  192. int i = 0;
  194. while (TRUE) {
  195. BOOL fResult;
  197. if (cRDNAttr) {
  198. pCert = CertFindCertificateInStore(
  199. hSrcStore,
  200. dwCertEncodingType,
  201. 0, // dwFindFlags,
  202. CERT_FIND_SUBJECT_ATTR,
  203. &NameRDN,
  204. pCert
  205. );
  206. if (pCert) {
  207. printf("===== Copy Cert %d =====\n", i++);
  208. DisplayCert(pCert, DISPLAY_BRIEF_FLAG);
  209. }
  210. } else
  211. pCert = CertEnumCertificatesInStore(
  212. hSrcStore,
  213. pCert
  214. );
  215. if (pCert == NULL)
  216. break;
  217. if (!(fResult = CertAddCertificateContextToStore(
  218. hDstStore,
  219. pCert,
  220. CERT_STORE_ADD_NEW,
  221. NULL))) {
  222. if (GetLastError() == CRYPT_E_EXISTS) {
  223. printf("Cert %d already exists in store\n", dwCopyCnt);
  225. DWORD dwNewer;
  227. if (dwAddDisposition == CERT_STORE_ADD_REPLACE_EXISTING)
  228. dwNewer = CERT_STORE_ADD_NEWER;
  229. else if (dwAddDisposition ==
  230. CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES)
  231. dwNewer = CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES;
  232. else
  233. dwNewer = 0;
  235. fResult = FALSE;
  236. if (dwNewer) {
  237. fResult = CertAddCertificateContextToStore(
  238. hDstStore,
  239. pCert,
  240. dwNewer,
  241. NULL);
  242. if (fResult)
  243. printf("Added newer cert\n");
  244. else {
  245. DWORD dwErr = GetLastError();
  246. if (dwErr == CRYPT_E_EXISTS)
  247. printf("Didn't add older cert\n");
  248. else
  249. PrintLastError("Cert: CERT_ADD_NEWER");
  250. }
  251. }
  254. if (!fResult)
  255. fResult = CertAddCertificateContextToStore(
  256. hDstStore,
  257. pCert,
  258. dwAddDisposition,
  259. NULL);
  260. }
  261. }
  262. if (!fResult) {
  263. PrintLastError("CertAddCertificateContextToStore");
  264. ReturnStatus = -1;
  265. CertFreeCertificateContext(pCert);
  266. break;
  267. } else {
  268. dwCopyCnt++;
  270. }
  272. }
  273. printf("Copied %d certificates\n", dwCopyCnt);
  275. }
  277. if (fBaseOrFreshestCrl) {
  278. DWORD fCopyCrl = FALSE;
  279. PCCRL_CONTEXT pCrl;
  281. if (dwAddDisposition != CERT_STORE_ADD_ALWAYS) {
  282. // Delete all existing CRLs from the destination store
  284. pCrl = NULL;
  285. while (pCrl = CertEnumCRLsInStore(hDstStore, pCrl)) {
  286. PCCRL_CONTEXT pDeleteCrl = CertDuplicateCRLContext(pCrl);
  287. if (!CertDeleteCRLFromStore(pDeleteCrl))
  288. PrintLastError("CertDeleteCRLFromStore");
  289. }
  290. }
  292. pCrl = NULL;
  293. while (pCrl = CertEnumCRLsInStore(hSrcStore, pCrl)) {
  294. PCERT_EXTENSION pDeltaExt;
  295. PCERT_EXTENSION pBaseExt;
  296. DWORD cbInt;
  297. int iNum;
  299. pDeltaExt = CertFindExtension(
  300. szOID_DELTA_CRL_INDICATOR,
  301. pCrl->pCrlInfo->cExtension,
  302. pCrl->pCrlInfo->rgExtension
  303. );
  304. pBaseExt = CertFindExtension(
  305. szOID_CRL_NUMBER,
  306. pCrl->pCrlInfo->cExtension,
  307. pCrl->pCrlInfo->rgExtension
  308. );
  309. if (pDeltaExt) {
  310. // Freshest, delta CRL
  311. if (0 <= iFreshestCrl) {
  312. cbInt = sizeof(iNum);
  313. if (!CryptDecodeObject(
  314. pCrl->dwCertEncodingType,
  315. X509_INTEGER,
  316. pDeltaExt->Value.pbData,
  317. pDeltaExt->Value.cbData,
  318. 0, // dwFlags
  319. &iNum,
  320. &cbInt
  321. ))
  322. PrintLastError("CryptDecodeObject(DeltaCrlNumber)");
  323. else if (iFreshestCrl == iNum) {
  324. if (CertAddCRLContextToStore(
  325. hDstStore,
  326. pCrl,
  327. CERT_STORE_ADD_ALWAYS,
  328. NULL
  329. )) {
  330. printf("Added freshest CRL %d\n", iNum);
  331. fCopyCrl = TRUE;
  332. } else
  333. PrintLastError("CertAddCRLContextToStore(Freshest)");
  334. }
  335. }
  336. } else if (pBaseExt) {
  337. // Base CRL
  338. if (0 <= iBaseCrl) {
  339. cbInt = sizeof(iNum);
  340. if (!CryptDecodeObject(
  341. pCrl->dwCertEncodingType,
  342. X509_INTEGER,
  343. pBaseExt->Value.pbData,
  344. pBaseExt->Value.cbData,
  345. 0, // dwFlags
  346. &iNum,
  347. &cbInt
  348. ))
  349. PrintLastError("CryptDecodeObject(BaseCrlNumber)");
  350. else if (iBaseCrl == iNum) {
  351. if (CertAddCRLContextToStore(
  352. hDstStore,
  353. pCrl,
  354. CERT_STORE_ADD_ALWAYS,
  355. NULL
  356. )) {
  357. printf("Added base CRL %d\n", iNum);
  358. fCopyCrl = TRUE;
  359. } else
  360. PrintLastError("CertAddCRLContextToStore(Base)");
  361. }
  362. }
  363. }
  364. }
  366. if (!fCopyCrl)
  367. printf("failed => no base or freshest, delta CRLs copied\n");
  369. } else if (cRDNAttr == 0) {
  370. DWORD dwCopyCnt;
  371. PCCRL_CONTEXT pCrl = NULL;
  372. PCCTL_CONTEXT pCtl = NULL;
  373. DWORD dwFlags;
  375. dwCopyCnt = 0;
  376. while (TRUE) {
  377. BOOL fResult;
  379. dwFlags = 0;
  380. pCrl = CertGetCRLFromStore(
  381. hSrcStore,
  382. NULL, // pIssuerContext
  383. pCrl,
  384. &dwFlags);
  385. if (pCrl == NULL)
  386. break;
  387. if (!(fResult = CertAddCRLContextToStore(
  388. hDstStore,
  389. pCrl,
  390. CERT_STORE_ADD_NEW,
  391. NULL))) {
  392. if (GetLastError() == CRYPT_E_EXISTS) {
  393. printf("CRL %d already exists in store\n", dwCopyCnt);
  395. DWORD dwNewer;
  397. if (dwAddDisposition == CERT_STORE_ADD_REPLACE_EXISTING)
  398. dwNewer = CERT_STORE_ADD_NEWER;
  399. else if (dwAddDisposition ==
  400. CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES)
  401. dwNewer = CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES;
  402. else
  403. dwNewer = 0;
  405. fResult = FALSE;
  406. if (dwNewer) {
  407. fResult = CertAddCRLContextToStore(
  408. hDstStore,
  409. pCrl,
  410. dwNewer,
  411. NULL);
  412. if (fResult)
  413. printf("Added newer CRL\n");
  414. else {
  415. DWORD dwErr = GetLastError();
  416. if (dwErr == CRYPT_E_EXISTS)
  417. printf("Didn't add older CRL\n");
  418. else
  419. PrintLastError("CRL: CERT_ADD_NEWER");
  420. }
  421. }
  423. if (!fResult)
  424. fResult = CertAddCRLContextToStore(
  425. hDstStore,
  426. pCrl,
  427. dwAddDisposition,
  428. NULL);
  429. }
  430. }
  431. if (!fResult) {
  432. PrintLastError("CertAddCRLContextToStore");
  433. ReturnStatus = -1;
  434. CertFreeCRLContext(pCrl);
  435. break;
  436. } else
  437. dwCopyCnt++;
  439. }
  440. printf("Copied %d CRLs\n", dwCopyCnt);
  442. dwCopyCnt = 0;
  443. while (TRUE) {
  444. BOOL fResult;
  446. dwFlags = 0;
  447. pCtl = CertEnumCTLsInStore(
  448. hSrcStore,
  449. pCtl
  450. );
  451. if (pCtl == NULL)
  452. break;
  453. if (!(fResult = CertAddCTLContextToStore(
  454. hDstStore,
  455. pCtl,
  456. CERT_STORE_ADD_NEW,
  457. NULL))) {
  458. if (GetLastError() == CRYPT_E_EXISTS) {
  459. printf("CTL %d already exists in store\n", dwCopyCnt);
  461. DWORD dwNewer;
  463. if (dwAddDisposition == CERT_STORE_ADD_REPLACE_EXISTING)
  464. dwNewer = CERT_STORE_ADD_NEWER;
  465. else if (dwAddDisposition ==
  466. CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES)
  467. dwNewer = CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES;
  468. else
  469. dwNewer = 0;
  471. fResult = FALSE;
  472. if (dwNewer) {
  473. fResult = CertAddCTLContextToStore(
  474. hDstStore,
  475. pCtl,
  476. dwNewer,
  477. NULL);
  478. if (fResult)
  479. printf("Added newer CTL\n");
  480. else {
  481. DWORD dwErr = GetLastError();
  482. if (dwErr == CRYPT_E_EXISTS)
  483. printf("Didn't add older CTL\n");
  484. else
  485. PrintLastError("CTL: CERT_ADD_NEWER");
  486. }
  487. }
  489. if (!fResult)
  490. fResult = CertAddCTLContextToStore(
  491. hDstStore,
  492. pCtl,
  493. dwAddDisposition,
  494. NULL);
  495. }
  496. }
  497. if (!fResult) {
  498. PrintLastError("CertAddCTLContextToStore");
  499. ReturnStatus = -1;
  500. CertFreeCTLContext(pCtl);
  501. break;
  502. } else
  503. dwCopyCnt++;
  505. }
  506. printf("Copied %d CTLs\n", dwCopyCnt);
  508. }
  510. if (!fDstSystemStore)
  511. SaveStoreEx(hDstStore, fPKCS7Save, pszDstStoreFilename);
  513. if (!CertCloseStore(hSrcStore, 0))
  514. {
  515. PrintLastError("CertCloseStore(hSrcStore)");
  516. ReturnStatus = -1;
  517. }
  518. if (!CertCloseStore(hDstStore, 0))
  519. {
  521. PrintLastError("CertCloseStore(hDstStore)");
  522. ReturnStatus = -1;
  523. }
  524. if (-1 == ReturnStatus)
  525. goto ErrorReturn;
  526. ReturnStatus = 0;
  527. goto CommonReturn;
  529. BadUsage:
  530. Usage();
  531. ErrorReturn:
  532. ReturnStatus = -1;
  533. CommonReturn:
  534. if (!ReturnStatus)
  535. printf("Passed\n");
  536. else
  537. printf("Failed\n");
  538. return ReturnStatus;
  539. }