archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/ds/security/cryptoapi/test/capi20/teku/teku.cpp

473 lines
12 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows NT Security
  4. // Copyright (C) Microsoft Corporation, 1997 - 1998
  5. //
  6. // File: teku.cpp
  7. //
  8. // Contents: Cert Enhanced Key Usage tests
  9. //
  10. // History: 27-May-97 kirtd Created
  11. //
  12. //----------------------------------------------------------------------------
  13. #include <windows.h>
  14. #include <assert.h>
  15. #include "wincrypt.h"
  16. #include "certtest.h"
  18. #include <stdlib.h>
  19. #include <stdio.h>
  20. #include <string.h>
  21. #include <memory.h>
  22. #include <time.h>
  24. #define szOID_STUFF1 "2.2.2.4"
  25. #define szOID_STUFF2 "2.2.2.5"
  26. //+---------------------------------------------------------------------------
  27. //
  28. // Function: Usage
  29. //
  30. // Synopsis: prints the usage statement
  31. //
  32. //----------------------------------------------------------------------------
  33. static void Usage(void)
  34. {
  35. printf("Usage: teku [options]\n");
  36. printf("Options are:\n");
  37. printf(" -h - This message\n");
  38. printf(" -f<filename> - Cert file (.CER)\n");
  39. printf(" -s<store name> - Place cert in store\n");
  40. printf("\n");
  41. }
  43. //+---------------------------------------------------------------------------
  44. //
  45. // Function: GetAndDisplayEKU
  46. //
  47. // Synopsis: gets and displays enhanced key usage
  48. //
  49. //----------------------------------------------------------------------------
  50. static void GetAndDisplayEKU (PCCERT_CONTEXT pCertContext, DWORD dwFlags)
  51. {
  52. DWORD cbUsage;
  53. DWORD cCount;
  54. PCERT_ENHKEY_USAGE pUsage;
  56. //
  57. // Get the usage
  58. //
  60. if ( CertGetEnhancedKeyUsage(
  61. pCertContext,
  62. dwFlags,
  63. NULL,
  64. &cbUsage
  65. ) == FALSE )
  66. {
  67. if ( GetLastError() == CRYPT_E_NOT_FOUND )
  68. {
  69. printf("No enhanced key usage present\n\n");
  70. }
  71. else
  72. {
  73. printf(
  74. "Error: Could not get enhanced key usage %x\n\n",
  75. GetLastError()
  76. );
  77. }
  79. return;
  80. }
  82. pUsage = (PCERT_ENHKEY_USAGE)new BYTE [cbUsage];
  83. if ( pUsage != NULL )
  84. {
  85. if ( CertGetEnhancedKeyUsage(
  86. pCertContext,
  87. dwFlags,
  88. pUsage,
  89. &cbUsage
  90. ) == FALSE )
  91. {
  92. if ( GetLastError() == CRYPT_E_NOT_FOUND )
  93. {
  94. printf("No enhanced key usage present\n\n");
  95. }
  96. else
  97. {
  98. printf(
  99. "Error: Could not get enhanced key usage %x\n\n",
  100. GetLastError()
  101. );
  102. }
  104. delete pUsage;
  105. return;
  106. }
  107. }
  108. else
  109. {
  110. printf("Out of Memory!\n\n");
  111. return;
  112. }
  114. //
  115. // Display the usage
  116. //
  118. printf(
  119. "%d enhanced key usage OID(s) present:\n",
  120. pUsage->cUsageIdentifier
  121. );
  123. for ( cCount = 0; cCount < pUsage->cUsageIdentifier; cCount++ )
  124. {
  125. printf("\t%s\n", pUsage->rgpszUsageIdentifier[cCount]);
  126. }
  127. printf("\n");
  129. //
  130. // Cleanup
  131. //
  133. delete pUsage;
  134. }
  136. //+---------------------------------------------------------------------------
  137. //
  138. // Function: GetAndDisplayAllEKUForms
  139. //
  140. // Synopsis: displays all EKU forms
  141. //
  142. //----------------------------------------------------------------------------
  143. static void GetAndDisplayAllEKUForms (PCCERT_CONTEXT pCertContext)
  144. {
  145. //
  146. // Get and display EKU extension
  147. //
  149. printf("Certificate EKU extension\n\n");
  150. GetAndDisplayEKU(pCertContext, CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG);
  152. //
  153. // Get and display EKU property
  154. //
  156. printf("Certificate EKU property\n\n");
  157. GetAndDisplayEKU(pCertContext, CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG);
  159. //
  160. // Get and display both EKU extension and property
  161. //
  163. printf("Certificate EKU extension and property\n\n");
  164. GetAndDisplayEKU(
  165. pCertContext,
  166. CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG |
  167. CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG
  168. );
  169. }
  171. //+---------------------------------------------------------------------------
  172. //
  173. // Function: main
  174. //
  175. // Synopsis: main program entry point
  176. //
  177. //----------------------------------------------------------------------------
  178. int _cdecl main(int argc, char * argv[])
  179. {
  180. LPSTR pszCertFile = NULL;
  181. DWORD cbEncoded;
  182. LPBYTE pbEncoded;
  183. PCCERT_CONTEXT pCertContext;
  184. PCCERT_CONTEXT pContextToUse;
  185. LPSTR pszStore = NULL;
  186. HCERTSTORE hStore;
  188. while ( --argc > 0 )
  189. {
  190. if ( **++argv == '-' )
  191. {
  192. switch( argv[0][1] )
  193. {
  194. case 'f':
  195. case 'F':
  196. pszCertFile = argv[0]+2;
  197. if ( *pszCertFile == '\0' )
  198. {
  199. printf("Need to specify filename\n");
  200. Usage();
  201. return( -1 );
  202. }
  203. break;
  204. case 's':
  205. case 'S':
  206. pszStore = argv[0]+2;
  207. if ( *pszStore == '\0' )
  208. {
  209. printf("Need to specify store name\n");
  210. Usage();
  211. return( -1 );
  212. }
  213. break;
  214. default:
  215. Usage();
  216. return -1;
  217. }
  218. }
  219. }
  221. printf("command line: %s\n", GetCommandLineA());
  223. //
  224. // For now we must have a certificate file to process
  225. //
  227. if ( pszCertFile == NULL )
  228. {
  229. printf("Must specify a certificate file to process\n");
  230. Usage();
  231. return( -1 );
  232. }
  234. //
  235. // Use our input to get a certificate context to play with
  236. //
  238. if ( ReadDERFromFile(pszCertFile, &pbEncoded, &cbEncoded) == FALSE )
  239. {
  240. printf("Error reading CERT!\n");
  241. return(-1);
  242. }
  244. pCertContext = CertCreateCertificateContext(
  245. X509_ASN_ENCODING,
  246. pbEncoded,
  247. cbEncoded
  248. );
  250. TestFree(pbEncoded);
  252. if ( pCertContext == NULL )
  253. {
  254. printf( "Error create certificate context\n" );
  255. return( -1 );
  256. }
  258. //
  259. // If store action is requested ...
  260. //
  262. if ( pszStore != NULL )
  263. {
  264. hStore = CertOpenStore(
  265. CERT_STORE_PROV_SYSTEM_A,
  266. 0,
  267. NULL,
  268. CERT_SYSTEM_STORE_CURRENT_USER,
  269. pszStore
  270. );
  272. if ( hStore == NULL )
  273. {
  274. CertFreeCertificateContext( pCertContext );
  275. printf( "Error creating system store %lx\n", GetLastError() );
  276. return( -1 );
  277. }
  279. if ( CertEnumCertificatesInStore( hStore, NULL ) != NULL )
  280. {
  281. CertFreeCertificateContext( pCertContext );
  282. CertCloseStore( hStore, 0 );
  283. printf( "Must be a new or empty store\n" );
  284. return( -1 );
  285. }
  287. if ( CertAddCertificateContextToStore(
  288. hStore,
  289. pCertContext,
  290. CERT_STORE_ADD_NEW,
  291. NULL
  292. ) == FALSE )
  293. {
  294. CertFreeCertificateContext( pCertContext );
  295. CertCloseStore( hStore, 0 );
  296. printf( "Error creating system store %lx\n", GetLastError() );
  297. return( -1 );
  298. }
  300. CertFreeCertificateContext( pCertContext );
  302. pCertContext = CertEnumCertificatesInStore( hStore, NULL );
  303. if ( pCertContext == NULL )
  304. {
  305. CertCloseStore( hStore, 0 );
  306. printf( "Error finding certificate from store\n" );
  307. return( -1 );
  308. }
  310. printf( "hStore = %p\n", hStore );
  311. printf( "pCertContext->hCertStore = %p\n", pCertContext->hCertStore );
  313. pContextToUse = CertDuplicateCertificateContext( pCertContext );
  315. printf( "pContextToUse->hCertStore = %p\n", pContextToUse->hCertStore );
  317. CertCloseStore( hStore, 0 );
  319. printf( "pContextToUse->hCertStore = %p\n", pContextToUse->hCertStore );
  320. }
  321. else
  322. {
  323. pContextToUse = CertDuplicateCertificateContext( pCertContext );
  324. CertFreeCertificateContext( pCertContext );
  325. }
  327. //
  328. // Get and display all EKU forms
  329. //
  331. GetAndDisplayAllEKUForms(pContextToUse);
  333. //
  334. // Add a identifier property
  335. //
  337. printf("Adding %s enhanced key usage OID to the cert\n", szOID_STUFF1);
  339. if ( CertAddEnhancedKeyUsageIdentifier(
  340. pContextToUse,
  341. szOID_STUFF1
  342. ) == FALSE )
  343. {
  344. printf("Error adding key usage identifier %x\n", GetLastError());
  345. CertFreeCertificateContext(pContextToUse);
  346. return( -1 );
  347. }
  349. //
  350. // Get and display all forms
  351. //
  353. GetAndDisplayAllEKUForms(pContextToUse);
  355. //
  356. // Add another identifier property
  357. //
  359. printf("Adding %s enhanced key usage OID to the cert\n", szOID_STUFF2);
  361. if ( CertAddEnhancedKeyUsageIdentifier(
  362. pContextToUse,
  363. szOID_STUFF2
  364. ) == FALSE )
  365. {
  366. printf("Error adding key usage identifier %x\n", GetLastError());
  367. CertFreeCertificateContext(pContextToUse);
  368. return( -1 );
  369. }
  371. //
  372. // Get and display all forms
  373. //
  375. GetAndDisplayAllEKUForms(pContextToUse);
  377. if ( pszStore != NULL )
  378. {
  379. CertFreeCertificateContext( pContextToUse );
  381. hStore = CertOpenStore(
  382. CERT_STORE_PROV_SYSTEM_A,
  383. 0,
  384. NULL,
  385. CERT_SYSTEM_STORE_CURRENT_USER,
  386. pszStore
  387. );
  389. if ( hStore == NULL )
  390. {
  391. printf( "Error creating system store %lx\n", GetLastError() );
  392. return( -1 );
  393. }
  395. pContextToUse = CertEnumCertificatesInStore( hStore, NULL );
  396. if ( pContextToUse != NULL )
  397. {
  398. pContextToUse = CertDuplicateCertificateContext( pContextToUse );
  399. }
  400. else
  401. {
  402. printf( "Error enumerating certificate in store\n" );
  403. CertCloseStore( hStore, 0 );
  404. return( -1 );
  405. }
  407. CertCloseStore( hStore, 0 );
  409. printf( "Check EKUs after playing with store\n" );
  410. GetAndDisplayAllEKUForms(pContextToUse);
  411. }
  414. //
  415. // Remove an OID
  416. //
  418. printf("Removing %s enhanced key usage OID from the cert\n", szOID_STUFF2);
  420. if ( CertRemoveEnhancedKeyUsageIdentifier(
  421. pContextToUse,
  422. szOID_STUFF2
  423. ) == FALSE )
  424. {
  425. printf("Error removing key usage identifier %x\n", GetLastError());
  426. CertFreeCertificateContext(pContextToUse);
  427. return( -1 );
  428. }
  430. //
  431. // Get and display all forms
  432. //
  434. GetAndDisplayAllEKUForms(pContextToUse);
  436. //
  437. // Remove an OID
  438. //
  440. printf("Removing %s enhanced key usage OID from the cert\n", szOID_STUFF1);
  442. if ( CertRemoveEnhancedKeyUsageIdentifier(
  443. pContextToUse,
  444. szOID_STUFF1
  445. ) == FALSE )
  446. {
  447. printf("Error removing key usage identifier %x\n", GetLastError());
  448. CertFreeCertificateContext(pContextToUse);
  449. return( -1 );
  450. }
  452. //
  453. // Get and display all forms
  454. //
  456. GetAndDisplayAllEKUForms(pContextToUse);
  458. //
  459. // Free the certificate context
  460. //
  462. if ( pszStore != NULL )
  463. {
  464. CertDeleteCertificateFromStore( pContextToUse );
  465. }
  467. CertFreeCertificateContext(pContextToUse);
  469. printf("Test succeeded\n");
  471. return 0;
  472. }
  474.