|
|
//+--------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1996 - 1999
//
// File: certlib.cpp
//
// Contents: Cert Server wrapper routines
//
//---------------------------------------------------------------------------
#include <pch.cpp>
#pragma hdrstop
#include <stdlib.h>
#include <time.h>
#include <locale.h>
extern "C" {#include <luidate.h>
}#include <wininet.h>
#include "csdisp.h"
#include "csprop.h"
#include <winnlsp.h>
#include <winldap.h>
#include <ntsecapi.h>
#include "csldap.h"
#include <tfc.h>
#include "cainfop.h"
#include <dsgetdc.h>
#include <lm.h>
#define __dwFILE__ __dwFILE_CERTLIB_CERTLIB_CPP__
#define wszSANITIZEESCAPECHAR L"!"
#define wszURLESCAPECHAR L"%"
#define wcSANITIZEESCAPECHAR L'!'
charPrintableChar(char ch){ if (ch < ' ' || ch > '~') { ch = '.'; } return(ch);}
VOIDmydbgDumpHex( IN DWORD dwSubSysId, IN DWORD Flags, IN BYTE const *pb, IN ULONG cb){ if (DbgIsSSActive(dwSubSysId)) { DumpHex(Flags, pb, cb); }}
VOIDDumpHex( IN DWORD Flags, IN BYTE const *pb, IN ULONG cb){ char const *pszsep; ULONG r; ULONG i; ULONG cbremain; BOOL fZero = FALSE; DWORD cchIndent; DWORD cchAsciiSep; char szAddress[8 + 1]; char szHexDump[1 + 1 + 3 * 16 + 1]; char szAsciiDump[16 + 1]; char *psz;
cchIndent = DH_INDENTMASK & Flags; if ((DH_MULTIADDRESS & Flags) && 16 >= cb) { Flags |= DH_NOADDRESS; } cbremain = 0; for (r = 0; r < cb; r += 16) { szAddress[0] = '\0'; if (0 == (DH_NOADDRESS & Flags)) { sprintf(szAddress, 64 * 1024 < cb? "%06x": "%04x", r); CSASSERT(strlen(szAddress) < ARRAYSIZE(szAddress)); }
cbremain = cb - r; if (r != 0 && pb[r] == 0 && cbremain >= 16) { ULONG j;
for (j = r + 1; j < cb; j++) { if (pb[j] != 0) { break; } } if (j == cb) { fZero = TRUE; break; } }
psz = szHexDump; for (i = 0; i < min(cbremain, 16); i++) { pszsep = " "; if ((i % 8) == 0) // 0 or 8
{ pszsep = " "; if (i == 0) // 0
{ if (0 == (DH_NOTABPREFIX & Flags)) { pszsep = "\t"; } else if (DH_NOADDRESS & Flags) { pszsep = ""; } } } CSASSERT(strlen(pszsep) <= 2); psz += sprintf(psz, "%hs%02x", pszsep, pb[r + i]); } *psz = '\0'; CSASSERT(strlen(szHexDump) < ARRAYSIZE(szHexDump));
cchAsciiSep = 0; szAsciiDump[0] = '\0'; if (0 == (DH_NOASCIIHEX & Flags) && 0 != i) { cchAsciiSep = 3 + (16 - i)*3 + ((i <= 8)? 1 : 0); for (i = 0; i < min(cbremain, 16); i++) { szAsciiDump[i] = PrintableChar(pb[r + i]); } szAsciiDump[i] = '\0'; CSASSERT(strlen(szAsciiDump) < ARRAYSIZE(szAsciiDump)); } char szBuf[ sizeof(szAddress) + sizeof(szHexDump) + 3 + sizeof(szAsciiDump)]; _snprintf( szBuf, ARRAYSIZE(szBuf), "%hs%hs%*hs%hs", szAddress, szHexDump, cchAsciiSep, "", szAsciiDump); szBuf[ARRAYSIZE(szBuf) - 1] = '\0'; CSASSERT(strlen(szBuf) + 1 < ARRAYSIZE(szBuf));
#define szFMTHEXDUMP "%*hs%hs\n"
if (DH_PRIVATEDATA & Flags) { wprintf(TEXT(szFMTHEXDUMP), cchIndent, "", szBuf); } else { CONSOLEPRINT7((MAXDWORD, szFMTHEXDUMP, cchIndent, "", szBuf)); } } if (fZero) { CONSOLEPRINT1((MAXDWORD, "\tRemaining %lx bytes are zero\n", cbremain)); }}
HRESULTmyDateToFileTime( IN DATE const *pDate, OUT FILETIME *pft){ SYSTEMTIME st; HRESULT hr = S_OK;
if (*pDate == 0.0) { GetSystemTime(&st); } else { if (!VariantTimeToSystemTime(*pDate, &st)) { hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA); _JumpError(hr, error, "VariantTimeToSystemTime"); } }
if (!SystemTimeToFileTime(&st, pft)) { hr = myHLastError(); _JumpError(hr, error, "SystemTimeToFileTime"); }
error: return(hr);}
HRESULTmyMakeExprDate( IN OUT DATE *pDate, IN LONG lDelta, IN enum ENUM_PERIOD enumPeriod){ HRESULT hr; FILETIME ft;
hr = myDateToFileTime(pDate, &ft); _JumpIfError(hr, error, "myDateToFileTime");
myMakeExprDateTime(&ft, lDelta, enumPeriod);
hr = myFileTimeToDate(&ft, pDate); _JumpIfError(hr, error, "myFileTimeToDate");
error: return(hr);}
typedef struct _UNITSTABLE{ WCHAR const *pwszString; enum ENUM_PERIOD enumPeriod;} UNITSTABLE;
UNITSTABLE g_aut[] ={ { wszPERIODSECONDS, ENUM_PERIOD_SECONDS }, { wszPERIODMINUTES, ENUM_PERIOD_MINUTES }, { wszPERIODHOURS, ENUM_PERIOD_HOURS }, { wszPERIODDAYS, ENUM_PERIOD_DAYS }, { wszPERIODWEEKS, ENUM_PERIOD_WEEKS }, { wszPERIODMONTHS, ENUM_PERIOD_MONTHS }, { wszPERIODYEARS, ENUM_PERIOD_YEARS },};#define CUNITSTABLEMAX (sizeof(g_aut)/sizeof(g_aut[0]))
HRESULTmyTranslatePeriodUnits( IN WCHAR const *pwszPeriod, IN LONG lCount, OUT enum ENUM_PERIOD *penumPeriod, OUT LONG *plCount){ HRESULT hr; UNITSTABLE const *put;
for (put = g_aut; put < &g_aut[CUNITSTABLEMAX]; put++) { if (0 == mylstrcmpiS(pwszPeriod, put->pwszString)) { *penumPeriod = put->enumPeriod; if (0 > lCount) { lCount = MAXLONG; } *plCount = lCount; hr = S_OK; goto error; } } hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
error: CSASSERT(hr == S_OK); return(hr);}
HRESULTmyTranslateUnlocalizedPeriodString( IN enum ENUM_PERIOD enumPeriod, OUT WCHAR const **ppwszPeriodString){ HRESULT hr; UNITSTABLE const *put;
*ppwszPeriodString = NULL; for (put = g_aut; put < &g_aut[CUNITSTABLEMAX]; put++) { if (enumPeriod == put->enumPeriod) { *ppwszPeriodString = put->pwszString; hr = S_OK; goto error; } } hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
error: CSASSERT(hr == S_OK); return(hr);}
HRESULTmyFileTimePeriodToWszTimePeriod( IN FILETIME const *pftGMT, IN BOOL fExact, OUT WCHAR **ppwszTimePeriod){ HRESULT hr; DWORD cPeriodUnits; PERIODUNITS *rgPeriodUnits = NULL; WCHAR const *pwszUnitSep; DWORD i; WCHAR awc[MAX_PATH]; WCHAR *pwsz;
*ppwszTimePeriod = NULL; hr = caTranslateFileTimePeriodToPeriodUnits( pftGMT, fExact, &cPeriodUnits, &rgPeriodUnits); _JumpIfError(hr, error, "caTranslateFileTimePeriodToPeriodUnits");
CSASSERT(0 < cPeriodUnits); pwszUnitSep = L""; pwsz = awc; for (i = 0; i < cPeriodUnits; i++) { WCHAR const *pwszPeriodString;
hr = myTranslateUnlocalizedPeriodString( rgPeriodUnits[i].enumPeriod, &pwszPeriodString); _JumpIfError(hr, error, "myTranslateUnlocalizedPeriodString");
pwsz += wsprintf( pwsz, L"%ws%u %ws", pwszUnitSep, rgPeriodUnits[i].lCount, pwszPeriodString); pwszUnitSep = L", "; } hr = myDupString(awc, ppwszTimePeriod); _JumpIfError(hr, error, "myDupString");
error: if (NULL != rgPeriodUnits) { LocalFree(rgPeriodUnits); } return(hr);}
HRESULTmyFileTimeToDate( IN FILETIME const *pft, OUT DATE *pDate){ SYSTEMTIME st; HRESULT hr = S_OK;
if (!FileTimeToSystemTime(pft, &st)) { hr = myHLastError(); _JumpError(hr, error, "FileTimeToSystemTime"); } if (!SystemTimeToVariantTime(&st, pDate)) { hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA); _JumpError(hr, error, "SystemTimeToVariantTime"); }
error: return(hr);}
HRESULTmySystemTimeToGMTSystemTime( IN OUT SYSTEMTIME *pSys){ // Conversion path: SystemTimeLocal -> ftLocal -> ftGMT -> SystemTimeGMT
FILETIME ftLocal, ftGMT; HRESULT hr = S_OK;
if (!SystemTimeToFileTime(pSys, &ftLocal)) { hr = myHLastError(); _JumpError(hr, error, "SystemTimeToFileTime"); }
if (!LocalFileTimeToFileTime(&ftLocal, &ftGMT)) { hr = myHLastError(); _JumpError(hr, error, "LocalFileTimeToFileTime"); }
if (!FileTimeToSystemTime(&ftGMT, pSys)) { hr = myHLastError(); _JumpError(hr, error, "FileTimeToSystemTime"); }
error: return hr;}
HRESULTmyGMTFileTimeToWszLocalTime( IN FILETIME const *pftGMT, IN BOOL fSeconds, OUT WCHAR **ppwszLocalTime){ HRESULT hr; FILETIME ftLocal;
*ppwszLocalTime = NULL;
if (!FileTimeToLocalFileTime(pftGMT, &ftLocal)) { hr = myHLastError(); _JumpError(hr, error, "FileTimeToLocalFileTime"); } hr = myFileTimeToWszTime(&ftLocal, fSeconds, ppwszLocalTime); _JumpIfError(hr, error, "myFileTimeToWszTime");
error: return(hr);}
HRESULTmyFileTimeToWszTime( IN FILETIME const *pft, IN BOOL fSeconds, OUT WCHAR **ppwszTime){ HRESULT hr; SYSTEMTIME st; WCHAR awcDate[128]; WCHAR awcTime[128]; WCHAR *pwsz;
*ppwszTime = NULL;
if (!FileTimeToSystemTime(pft, &st)) { hr = myHLastError(); _JumpError(hr, error, "FileTimeToSystemTime"); }
if (0 == GetDateFormat( LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, awcDate, sizeof(awcDate)/sizeof(awcDate[0]))) { hr = myHLastError(); _JumpError(hr, error, "GetDateFormat"); }
if (0 == GetTimeFormat( LOCALE_USER_DEFAULT, TIME_NOSECONDS, &st, NULL, awcTime, sizeof(awcTime)/sizeof(awcTime[0]))) { hr = myHLastError(); _JumpError(hr, error, "GetTimeFormat"); }
if (fSeconds) { wsprintf( &awcTime[wcslen(awcTime)], L" %02u.%03us", st.wSecond, st.wMilliseconds); }
pwsz = (WCHAR *) LocalAlloc( LMEM_FIXED, (wcslen(awcDate) + 1 + wcslen(awcTime) + 1) * sizeof(WCHAR)); if (NULL == pwsz) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } wcscpy(pwsz, awcDate); wcscat(pwsz, L" "); wcscat(pwsz, awcTime);
*ppwszTime = pwsz; hr = S_OK;
error: return(hr);}
HRESULTmyGMTDateToWszLocalTime( IN DATE const *pDateGMT, IN BOOL fSeconds, OUT WCHAR **ppwszLocalTime){ HRESULT hr; FILETIME ftGMT;
*ppwszLocalTime = NULL;
hr = myDateToFileTime(pDateGMT, &ftGMT); _JumpIfError(hr, error, "myDateToFileTime");
hr = myGMTFileTimeToWszLocalTime(&ftGMT, fSeconds, ppwszLocalTime); _JumpIfError(hr, error, "FileTimeToLocalFileTime");
hr = S_OK;
error: return(hr);}
HRESULTmyWszLocalTimeToGMTDate( IN WCHAR const *pwszLocalTime, OUT DATE *pDateGMT){ HRESULT hr; FILETIME ftGMT;
hr = myWszLocalTimeToGMTFileTime(pwszLocalTime, &ftGMT); _JumpIfError2(hr, error, "myWszLocalTimeToGMTFileTime", E_INVALIDARG);
hr = myFileTimeToDate(&ftGMT, pDateGMT); _JumpIfError(hr, error, "myFileTimeToDate");
error: return(hr);}
HRESULTmyWszLocalTimeToGMTFileTime( IN WCHAR const *pwszLocalTime, OUT FILETIME *pftGMT){ HRESULT hr; time_t time; USHORT parselen; struct tm *ptm; SYSTEMTIME stLocal; FILETIME ftLocal; char *pszLocalTime = NULL;
if (!ConvertWszToSz(&pszLocalTime, pwszLocalTime, -1)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "ConvertWszToSz"); }
hr = LUI_ParseDateTime(pszLocalTime, (time_t *) &time, &parselen, 0); if (S_OK != hr) { _PrintError2(hr, "LUI_ParseDateTime", hr); hr = E_INVALIDARG; _JumpError2(hr, error, "LUI_ParseDateTime", hr); }
DBGPRINT(( DBG_SS_CERTLIBI, "myWszLocalTimeToGMTDate = %ws: %x -- %ws\n", pwszLocalTime, time, _wctime(&time)));
ptm = gmtime(&time); if (ptm == NULL) { hr = E_UNEXPECTED; _JumpError(hr, error, "gmTime"); }
stLocal.wYear = (WORD) ptm->tm_year + 1900; stLocal.wMonth = (WORD) ptm->tm_mon + 1; stLocal.wDayOfWeek = (WORD) ptm->tm_wday; stLocal.wDay = (WORD) ptm->tm_mday; stLocal.wHour = (WORD) ptm->tm_hour; stLocal.wMinute = (WORD) ptm->tm_min; stLocal.wSecond = (WORD) ptm->tm_sec; stLocal.wMilliseconds = 0;
DBGPRINT(( DBG_SS_CERTLIBI, "%u/%u/%u %u:%02u:%02u.%03u DayOfWeek=%u\n", stLocal.wMonth, stLocal.wDay, stLocal.wYear, stLocal.wHour, stLocal.wMinute, stLocal.wSecond, stLocal.wMilliseconds, stLocal.wDayOfWeek));
if (!SystemTimeToFileTime(&stLocal, &ftLocal)) { hr = myHLastError(); _JumpError(hr, error, "SystemTimeToFileTime"); }
if (!LocalFileTimeToFileTime(&ftLocal, pftGMT)) { hr = myHLastError(); _JumpError(hr, error, "LocalFileTimeToFileTime"); }
error: if (NULL != pszLocalTime) { LocalFree(pszLocalTime); } return(hr);}
// counts # of string in a multisz string
DWORD CountMultiSz(LPCWSTR pcwszString){ DWORD dwCount = 0;
if(!pcwszString) return 0; while(*pcwszString) { dwCount++; pcwszString += wcslen(pcwszString)+1; } return dwCount;}
//
// myRegValueToVariant and myVariantToRegValue map registry values
// to/from variant:
//
// REG_SZ <-> VT_BSTR
// REG_BINARY <-> VT_ARRAY|VT_UI1
// REG_DWORD <-> VT_I4 (VT_I2)
// REG_MULTI_SZ <-> VT_ARRAY|VT_BSTR
//
HRESULT myRegValueToVariant( IN DWORD dwType, IN DWORD cbValue, IN BYTE const *pbValue, OUT VARIANT *pVar){ HRESULT hr = S_OK; SAFEARRAYBOUND sab; LPWSTR pwszCrtString = (LPWSTR)pbValue; BSTR bstr = NULL; SAFEARRAY* psa;
VariantInit(pVar);
switch(dwType) { case REG_SZ: if(sizeof(WCHAR)<=cbValue) cbValue -= sizeof(WCHAR); V_BSTR(pVar) = NULL; if (!ConvertWszToBstr( &(V_BSTR(pVar)), (WCHAR const *) pbValue, cbValue)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "ConvertWszToBstr"); } V_VT(pVar) = VT_BSTR; break;
case REG_BINARY: sab.cElements = cbValue; sab.lLbound = 0; psa = SafeArrayCreate( VT_UI1, 1, &sab); if(!psa) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "SafeArrayCreate"); } for(DWORD c=0; c<sab.cElements; c++) { hr = SafeArrayPutElement(psa, (LONG*)&c, (LPVOID)&pbValue[c]); _JumpIfError(hr, error, "SafeArrayPutElement"); } V_VT(pVar) = VT_ARRAY|VT_UI1; V_ARRAY(pVar) = psa; break;
case REG_DWORD: V_VT(pVar) = VT_I4; V_I4(pVar) = *(LONG const *) pbValue; break;
case REG_MULTI_SZ: sab.cElements = CountMultiSz((LPCWSTR)pbValue); sab.lLbound = 0; psa = SafeArrayCreate( VT_BSTR, 1, &sab); if(!psa) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "SafeArrayCreate"); } for(DWORD cStr=0; cStr<sab.cElements; cStr++) { if(!ConvertWszToBstr( &bstr, pwszCrtString, -1)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "ConvertWszToBstr"); }
hr = SafeArrayPutElement(psa, (LONG*)&cStr, bstr); _JumpIfError(hr, error, "SafeArrayPutElement");
pwszCrtString += wcslen(pwszCrtString)+1;
SysFreeString(bstr); bstr = NULL; } V_VT(pVar) = VT_ARRAY|VT_BSTR; V_ARRAY(pVar) = psa; break;
default: hr = E_INVALIDARG; _JumpError(hr, error, "invalid type"); }
error: if(bstr) SysFreeString(bstr); return hr;}
HRESULTmyVariantToRegValue( IN VARIANT const *pvarPropertyValue, OUT DWORD *pdwType, OUT DWORD *pcbprop, OUT BYTE **ppbprop){ HRESULT hr = S_OK; DWORD cbprop = 0; BYTE *pbprop = NULL; // no free
LONG lLbound, lUbound; void * pData = NULL; LPSAFEARRAY psa = NULL; // no free
BSTR bstr = NULL; // no free
*ppbprop = NULL; *pcbprop = 0;
switch (pvarPropertyValue->vt) { case VT_BYREF|VT_BSTR: case VT_BSTR: bstr = (pvarPropertyValue->vt & VT_BYREF)? *V_BSTRREF(pvarPropertyValue): V_BSTR(pvarPropertyValue);
*pdwType = REG_SZ;
if (NULL == bstr) { bstr = L""; }
pbprop = (BYTE *) bstr; cbprop = (wcslen(bstr) + 1) * sizeof(WCHAR); break;
case VT_BYREF|VT_ARRAY|VT_UI1: case VT_ARRAY|VT_UI1: psa = (pvarPropertyValue->vt & VT_BYREF)? *V_ARRAYREF(pvarPropertyValue): V_ARRAY(pvarPropertyValue); *pdwType = REG_BINARY; if(1!=SafeArrayGetDim(psa)) { hr = E_INVALIDARG; _JumpError(hr, error, "only 1 dim array of bytes allowed"); } hr = SafeArrayGetLBound( psa, 1, &lLbound); _JumpIfError(hr, error, "SafeArrayGetLBound");
hr = SafeArrayGetUBound( psa, 1, &lUbound); _JumpIfError(hr, error, "SafeArrayGetLBound");
hr = SafeArrayAccessData(psa, &pData); _JumpIfError(hr, error, "SafeArrayGetLBound"); cbprop = lUbound-lLbound+1; pbprop = (LPBYTE)pData; break;
case VT_BYREF|VT_I2: case VT_I2: *pdwType = REG_DWORD; pbprop = (BYTE *)((pvarPropertyValue->vt & VT_BYREF)? V_I2REF(pvarPropertyValue): &V_I2(pvarPropertyValue)); cbprop = sizeof(V_I2(pvarPropertyValue)); break;
case VT_BYREF|VT_I4: case VT_I4: *pdwType = REG_DWORD; pbprop = (BYTE *) ((pvarPropertyValue->vt & VT_BYREF)? V_I4REF(pvarPropertyValue): &V_I4(pvarPropertyValue)); cbprop = sizeof(pvarPropertyValue->lVal); break;
case VT_BYREF|VT_ARRAY|VT_BSTR: case VT_ARRAY|VT_BSTR: psa = (pvarPropertyValue->vt & VT_BYREF)? *V_ARRAYREF(pvarPropertyValue): V_ARRAY(pvarPropertyValue);
*pdwType = REG_MULTI_SZ; if(1!=SafeArrayGetDim(psa)) { hr = E_INVALIDARG; _JumpError(hr, error, "only 1 dim array of bstr allowed"); } hr = SafeArrayGetLBound( psa, 1, &lLbound); _JumpIfError(hr, error, "SafeArrayGetLBound");
hr = SafeArrayGetUBound( psa, 1, &lUbound); _JumpIfError(hr, error, "SafeArrayGetLBound");
hr = SafeArrayAccessData(psa, &pData); _JumpIfError(hr, error, "SafeArrayGetLBound"); for(LONG c=0;c<=lUbound-lLbound;c++) { BSTR str = ((BSTR *) pData)[c];
if (NULL == str) { hr = E_POINTER; _JumpError(hr, error, "BSTR NULL"); } cbprop += wcslen(str)+1; } cbprop += 1; cbprop *= sizeof(WCHAR);
{ BYTE* pbprop2 = (BYTE *) LocalAlloc(LMEM_FIXED, cbprop); if (NULL == pbprop2) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } *ppbprop = pbprop2;
for(LONG c=0;c<=lUbound-lLbound;c++) { wcscpy((LPWSTR)pbprop2, ((BSTR*)pData)[c]); pbprop2 += (wcslen((LPWSTR)pbprop2)+1)*sizeof(WCHAR); } *(LPWSTR)pbprop2 = L'\0'; } break;
default: hr = E_INVALIDARG; _JumpError(hr, error, "invalid variant type"); }
if (NULL != pbprop) { *ppbprop = (BYTE *) LocalAlloc(LMEM_FIXED, cbprop); if (NULL == *ppbprop) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); }
CopyMemory(*ppbprop, pbprop, cbprop); }
*pcbprop = cbprop;
error:
if(pData) { CSASSERT(psa); SafeArrayUnaccessData(psa); } return(hr);}
HRESULTmyUnmarshalVariant( IN DWORD PropType, IN DWORD cbValue, IN BYTE const *pbValue, OUT VARIANT *pvarValue){ HRESULT hr = S_OK;
CSASSERT(NULL != pvarValue); VariantInit(pvarValue);
// pb = NULL, cb = 0 always returns VT_EMPTY
if (NULL == pbValue) { CSASSERT(0 == cbValue); CSASSERT(VT_EMPTY == pvarValue->vt); goto error; }
switch (PROPTYPE_MASK & PropType) { case PROPTYPE_STRING: if (0 == (PROPMARSHAL_LOCALSTRING & PropType) && sizeof(WCHAR) <= cbValue) { cbValue -= sizeof(WCHAR); } if (*(WCHAR const*)(pbValue+cbValue) != L'\0' && wcslen((WCHAR const *) pbValue) * sizeof(WCHAR) != cbValue) { hr = E_INVALIDARG; _JumpError(hr, error, "bad string len"); } // FALLTHROUGH:
case PROPTYPE_BINARY:// CSASSERT(0 != cbValue);
pvarValue->bstrVal = NULL; if (!ConvertWszToBstr( &pvarValue->bstrVal, (WCHAR const *) pbValue, cbValue)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "ConvertWszToBstr"); } pvarValue->vt = VT_BSTR; break;
case PROPTYPE_LONG: if (sizeof(LONG) != cbValue) { hr = E_INVALIDARG; _JumpError(hr, error, "bad PROPTYPE_LONG len"); } pvarValue->vt = VT_I4; pvarValue->lVal = *(LONG const *) pbValue; break;
case PROPTYPE_DATE: if (sizeof(FILETIME) != cbValue) { hr = E_INVALIDARG; _JumpError(hr, error, "bad PROPTYPE_DATE len"); } hr = myFileTimeToDate( (FILETIME const *) pbValue, &pvarValue->date); _JumpIfError(hr, error, "myFileTimeToDate");
pvarValue->vt = VT_DATE; break;
default: hr = E_INVALIDARG; _JumpError(hr, error, "PropType parameter"); }
error: return(hr);}
HRESULTmyUnmarshalFormattedVariant( IN DWORD Flags, IN DWORD PropId, IN DWORD PropType, IN DWORD cbValue, IN BYTE const *pbValue, OUT VARIANT *pvarValue){ HRESULT hr; BSTR strCert; hr = myUnmarshalVariant( PropType, cbValue, pbValue, pvarValue); _JumpIfError(hr, error, "myUnmarshalVariant");
if (PROPTYPE_BINARY == (PROPTYPE_MASK & PropType)) { CSASSERT(VT_BSTR == pvarValue->vt);
CSASSERT(CSExpr(CV_OUT_BASE64HEADER == CRYPT_STRING_BASE64HEADER)); CSASSERT(CSExpr(CV_OUT_BASE64 == CRYPT_STRING_BASE64)); CSASSERT(CSExpr(CV_OUT_BINARY == CRYPT_STRING_BINARY)); CSASSERT(CSExpr(CV_OUT_BASE64REQUESTHEADER == CRYPT_STRING_BASE64REQUESTHEADER)); CSASSERT(CSExpr(CV_OUT_HEX == CRYPT_STRING_HEX)); CSASSERT(CSExpr(CV_OUT_HEXASCII == CRYPT_STRING_HEXASCII)); CSASSERT(CSExpr(CV_OUT_HEXADDR == CRYPT_STRING_HEXADDR)); CSASSERT(CSExpr(CV_OUT_HEXASCIIADDR == CRYPT_STRING_HEXASCIIADDR));
switch (Flags) { case CV_OUT_BASE64HEADER: if (CR_PROP_BASECRL == PropId || CR_PROP_DELTACRL == PropId) { Flags = CV_OUT_BASE64X509CRLHEADER; } else if (MAXDWORD == PropId) { Flags = CV_OUT_BASE64REQUESTHEADER; } break;
case CV_OUT_BASE64: case CV_OUT_BINARY: case CV_OUT_BASE64REQUESTHEADER: case CV_OUT_BASE64X509CRLHEADER: case CV_OUT_HEX: case CV_OUT_HEXASCII: case CV_OUT_HEXADDR: case CV_OUT_HEXASCIIADDR: break;
default: hr = E_INVALIDARG; _JumpError(hr, error, "Flags"); }
if (CV_OUT_BINARY != Flags) { strCert = NULL; hr = EncodeCertString(pbValue, cbValue, Flags, &strCert); _JumpIfError(hr, error, "EncodeCertString");
SysFreeString(pvarValue->bstrVal); pvarValue->bstrVal = strCert; } } hr = S_OK;
error: return(hr);}
HRESULTmyMarshalVariant( IN VARIANT const *pvarPropertyValue, IN DWORD PropType, OUT DWORD *pcbprop, OUT BYTE **ppbprop){ HRESULT hr = S_OK; DWORD cbprop = 0; BYTE *pbprop = NULL; BSTR str = NULL; FILETIME ft; LONG lval;
*ppbprop = NULL;
// VT_EMPTY always produces same result: *ppbprop = NULL, *pcbprop = 0
if (VT_EMPTY != pvarPropertyValue->vt) { switch (PROPTYPE_MASK & PropType) { case PROPTYPE_BINARY: case PROPTYPE_STRING: switch (pvarPropertyValue->vt) { case VT_BYREF | VT_BSTR: if (NULL != pvarPropertyValue->pbstrVal) { str = *pvarPropertyValue->pbstrVal; } break;
case VT_BSTR: str = pvarPropertyValue->bstrVal; break; } if (NULL == str) { if (PROPTYPE_STRING == (PROPTYPE_MASK & PropType) && (PROPMARSHAL_NULLBSTROK & PropType) && VT_NULL == pvarPropertyValue->vt) { cbprop = 0; } else { hr = E_INVALIDARG; _JumpError( pvarPropertyValue->vt, error, "variant BSTR type/value"); } } else { pbprop = (BYTE *) str; if (PROPTYPE_BINARY == (PROPTYPE_MASK & PropType)) { cbprop = SysStringByteLen(str) + sizeof(WCHAR); } else { cbprop = (wcslen(str) + 1) * sizeof(WCHAR); } } break;
case PROPTYPE_LONG: // VB likes to send small constant integers as VT_I2
if (VT_I2 == pvarPropertyValue->vt) { lval = pvarPropertyValue->iVal; } else if (VT_I4 == pvarPropertyValue->vt) { lval = pvarPropertyValue->lVal; } else if (VT_EMPTY == pvarPropertyValue->vt) { pbprop = NULL; cbprop = 0; break; } else { hr = E_INVALIDARG; _JumpError(pvarPropertyValue->vt, error, "variant LONG type"); } pbprop = (BYTE *) &lval; cbprop = sizeof(lval); break;
case PROPTYPE_DATE: if (VT_DATE == pvarPropertyValue->vt) { hr = myDateToFileTime(&pvarPropertyValue->date, &ft); _JumpIfError(hr, error, "myDateToFileTime"); } else if (VT_EMPTY == pvarPropertyValue->vt) { pbprop = NULL; cbprop = 0; break; } else { hr = E_INVALIDARG; _JumpError(pvarPropertyValue->vt, error, "variant DATE type"); }
pbprop = (BYTE *) &ft; cbprop = sizeof(ft); break;
default: hr = E_INVALIDARG; _JumpError(pvarPropertyValue->vt, error, "variant type/value"); } if (NULL != pbprop) { *ppbprop = (BYTE *) LocalAlloc(LMEM_FIXED, cbprop); if (NULL == *ppbprop) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } CopyMemory(*ppbprop, pbprop, cbprop); if (NULL != str && sizeof(WCHAR) <= cbprop && ((PROPMARSHAL_LOCALSTRING & PropType) || PROPTYPE_BINARY == (PROPTYPE_MASK & PropType))) { cbprop -= sizeof(WCHAR); } } } *pcbprop = cbprop;
error: return(hr);}
BOOLmyIsMinusSignString( IN WCHAR const *pwsz){ return( NULL != pwsz && L'\0' != pwsz[0] && L'\0' == pwsz[1] && myIsMinusSign(pwsz[0]));}
// IsCharRegKeyChar -- Determines if a character is valid for use in a file
// name AND in a registry key name.
#define wszInvalidFileAndKeyChars L"<>\"/\\:|?*"
#define wszUnsafeURLChars L"#\"&<>[]^`{}|"
#define wszUnsafeDSChars L"()='\"`,;+"
BOOLmyIsCharSanitized( IN WCHAR wc){ BOOL fCharOk = TRUE; if (L' ' > wc || L'~' < wc || NULL != wcschr( wszInvalidFileAndKeyChars wszUnsafeURLChars wszSANITIZEESCAPECHAR wszURLESCAPECHAR wszUnsafeDSChars, wc)) { fCharOk = FALSE; } return(fCharOk);}
HRESULTmySanitizeName( IN WCHAR const *pwszName, OUT WCHAR **ppwszNameOut){ HRESULT hr = S_OK; WCHAR const *pwszPassedName; WCHAR *pwszDst; WCHAR *pwszOut = NULL; WCHAR wcChar; DWORD dwSize;
*ppwszNameOut = NULL; pwszPassedName = pwszName;
dwSize = 0;
if (NULL == pwszName) { hr = E_POINTER; _JumpError(hr, error, "pwszName NULL"); }
while (L'\0' != (wcChar = *pwszPassedName++)) { if (myIsCharSanitized(wcChar)) { dwSize++; } else { dwSize += 5; // format !XXXX
} } if (0 == dwSize) { goto error; // done
}
pwszOut = (WCHAR *) LocalAlloc(LMEM_ZEROINIT, (dwSize + 1) * sizeof(WCHAR)); if (NULL == pwszOut) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); }
pwszDst = pwszOut; while (L'\0' != (wcChar = *pwszName++)) { if (myIsCharSanitized(wcChar)) { *pwszDst++ = wcChar; } else { pwszDst += wsprintf( pwszDst, L"%ws%04x", wszSANITIZEESCAPECHAR, wcChar); } } *pwszDst = wcChar; // L'\0' terminator
*ppwszNameOut = pwszOut; pwszOut = NULL;
hr = S_OK;error: if (NULL != pwszOut) { LocalFree(pwszOut); } return(hr);}
BOOLScanHexEscapeDigits( IN WCHAR const *pwszHex, OUT WCHAR *pwcRevert){ BOOL ret = FALSE; DWORD i; WCHAR wc; WCHAR wszValue[5];
for (i = 0; i < 4; i++) { wc = pwszHex[i]; wszValue[i] = wc; if (!isascii(wc) || !isxdigit((char) wc)) { goto error; } } wszValue[4] = L'\0'; if (1 != swscanf(wszValue, L"%04x", &i)) { goto error; } *pwcRevert = (WCHAR) i; ret = TRUE;
error: return(ret);}
// This function will truncate the output if pwszName contains "!0000".
// The output string is L'\0' terminated, so the length is not returned.
HRESULTmyRevertSanitizeName( IN WCHAR const *pwszName, OUT WCHAR **ppwszNameOut){ HRESULT hr; DWORD cwc; WCHAR wc; WCHAR wcRevert; WCHAR *pwszRevert;
*ppwszNameOut = NULL;
if (NULL == pwszName) { hr = E_POINTER; _JumpError(hr, error, "NULL sanitized name"); } cwc = wcslen(pwszName); *ppwszNameOut = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR)); if (NULL == *ppwszNameOut) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Out of memory"); }
pwszRevert = *ppwszNameOut; while (L'\0' != *pwszName) { wc = *pwszName++;
if (wcSANITIZEESCAPECHAR == wc && ScanHexEscapeDigits(pwszName, &wcRevert)) { wc = wcRevert; pwszName += 4; } *pwszRevert++ = wc; } *pwszRevert = L'\0'; CSASSERT(wcslen(*ppwszNameOut) <= cwc); hr = S_OK;
error: return hr;}
#define cwcCNMAX 64 // 64 chars max for DS CN
#define cwcCHOPHASHMAX (1 + 5) // "-%05hu" decimal USHORT hash digits
#define cwcCHOPBASE (cwcCNMAX - (cwcCHOPHASHMAX + cwcSUFFIXMAX))
HRESULTmySanitizedNameToDSName( IN WCHAR const *pwszSanitizedName, OUT WCHAR **ppwszNameOut){ HRESULT hr; DWORD cwc; DWORD cwcCopy; WCHAR wszDSName[cwcCHOPBASE + cwcCHOPHASHMAX + 1];
*ppwszNameOut = NULL;
if (NULL == pwszSanitizedName) { hr = E_POINTER; _JumpError(hr, error, "NULL sanitized name"); } cwc = wcslen(pwszSanitizedName); cwcCopy = cwc; if (cwcCHOPBASE < cwcCopy) { cwcCopy = cwcCHOPBASE; } CopyMemory(wszDSName, pwszSanitizedName, cwcCopy * sizeof(WCHAR)); wszDSName[cwcCopy] = L'\0';
if (cwcCHOPBASE < cwc) { // Hash the rest of the name into a USHORT
USHORT usHash = 0; DWORD i; WCHAR *pwsz;
// Truncate an incomplete sanitized Unicode character
pwsz = wcsrchr(wszDSName, L'!'); if (NULL != pwsz && wcslen(pwsz) < 5) { cwcCopy -= wcslen(pwsz); *pwsz = L'\0'; }
for (i = cwcCopy; i < cwc; i++) { USHORT usLowBit = (USHORT) ((0x8000 & usHash)? 1 : 0);
usHash = ((usHash << 1) | usLowBit) + pwszSanitizedName[i]; } wsprintf(&wszDSName[cwcCopy], L"-%05hu", usHash); CSASSERT(wcslen(wszDSName) < ARRAYSIZE(wszDSName)); }
hr = myDupString(wszDSName, ppwszNameOut); _JumpIfError(hr, error, "myDupString");
DBGPRINT((DBG_SS_CERTLIBI, "mySanitizedNameToDSName(%ws)\n", *ppwszNameOut));
error: return(hr);}
HRESULTCertNameToHashString( IN CERT_NAME_BLOB const *pCertName, OUT WCHAR **ppwszHash){ HRESULT hr = S_OK; WCHAR wszHash[CBMAX_CRYPT_HASH_LEN * 3]; // 20 bytes @ 3 WCHARs/byte
DWORD cbString; HCRYPTPROV hProv = NULL; HCRYPTHASH hHash = NULL; BYTE rgbHashVal[CBMAX_CRYPT_HASH_LEN]; DWORD cbHashVal;
if (0 == pCertName->cbData) { hr = E_INVALIDARG; _JumpError(hr, error, "empty cert name"); }
CSASSERT(NULL != ppwszHash);
// get a cryptographic provider
if (!CryptAcquireContext( &hProv, NULL, // container
MS_DEF_PROV, // provider name
PROV_RSA_FULL, // provider type
CRYPT_VERIFYCONTEXT)) // dwflags
{ hr = myHLastError(); _JumpError(hr, error, "CryptAcquireContext"); }
// get a hash
if (!CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash)) { hr = myHLastError(); _JumpError(hr, error, "CryptCreateHash"); }
// hash the name
if (!CryptHashData(hHash, pCertName->pbData, pCertName->cbData, 0)) { hr = myHLastError(); _JumpError(hr, error, "CryptHashData"); }
cbHashVal = CBMAX_CRYPT_HASH_LEN; if (!CryptGetHashParam(hHash, HP_HASHVAL, rgbHashVal, &cbHashVal, 0)) { hr = myHLastError(); _JumpError(hr, error, "CryptGetHashParam"); }
cbString = sizeof(wszHash); hr = MultiByteIntegerToWszBuf( TRUE, // byte multiple
cbHashVal, rgbHashVal, &cbString, wszHash); _JumpIfError(hr, error, "MultiByteIntegerToWszBuf");
// Generated string looks like this:
//
// 04 e7 23 92 98 9f d8 45 80 c9 ef 87 81 29 41 5d bc 4f 63 20
//
// We need to trim the spaces. We'll do it inplace.
{ WCHAR *pwcSrc; WCHAR *pwcDest;
for (pwcSrc = pwcDest = wszHash; L'\0' != *pwcSrc; pwcSrc++) { if (L' ' != *pwcSrc) { *pwcDest++ = *pwcSrc; } } *pwcDest = L'\0'; }
*ppwszHash = (WCHAR *) LocalAlloc(LMEM_FIXED, cbString); _JumpIfAllocFailed(*ppwszHash, error);
wcscpy(*ppwszHash, wszHash);
error: if (NULL != hHash) { CryptDestroyHash(hHash); } if (NULL != hProv) { CryptReleaseContext(hProv, 0); } return(hr);}
HRESULTmyCombineStrings( IN WCHAR const *pwszNew, IN BOOL fAppendNew, OPTIONAL IN WCHAR const *pwszSeparator, IN OUT WCHAR **ppwszInOut){ HRESULT hr; DWORD cwc; WCHAR *pwsz;
if (NULL == pwszSeparator) { pwszSeparator = L""; } cwc = wcslen(pwszNew); if (NULL != *ppwszInOut) { cwc += wcslen(*ppwszInOut) + wcslen(pwszSeparator); } pwsz = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR)); if (NULL == pwsz) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Policy:LocalAlloc"); } *pwsz = L'\0'; if (fAppendNew) { if (NULL != *ppwszInOut) { wcscat(pwsz, *ppwszInOut); wcscat(pwsz, pwszSeparator); } wcscat(pwsz, pwszNew); } else { wcscat(pwsz, pwszNew); if (NULL != *ppwszInOut) { wcscat(pwsz, pwszSeparator); wcscat(pwsz, *ppwszInOut); } } if (NULL != *ppwszInOut) { LocalFree(*ppwszInOut); } *ppwszInOut = pwsz; hr = S_OK;
error: return(hr);}
HRESULTmyAppendString( IN WCHAR const *pwszNew, OPTIONAL IN WCHAR const *pwszSeparator, IN OUT WCHAR **ppwszInOut){ return(myCombineStrings(pwszNew, TRUE, pwszSeparator, ppwszInOut));}
HRESULTmyPrependString( IN WCHAR const *pwszNew, OPTIONAL IN WCHAR const *pwszSeparator, IN OUT WCHAR **ppwszInOut){ return(myCombineStrings(pwszNew, FALSE, pwszSeparator, ppwszInOut));}
HRESULTmyGetRDNAttributeFromNameBlob( IN CERT_NAME_BLOB const *pNameBlob, IN LPCSTR pcszAttributeOID, OUT WCHAR **ppwszCN){ HRESULT hr; CERT_NAME_INFO *pNameInfo = NULL; DWORD cbNameInfo; CERT_RDN *prdn; CERT_RDN *prdnEnd; WCHAR const *pwszCN = NULL;
*ppwszCN = NULL;
if (!myDecodeName( X509_ASN_ENCODING, X509_UNICODE_NAME, pNameBlob->pbData, pNameBlob->cbData, CERTLIB_USE_LOCALALLOC, &pNameInfo, &cbNameInfo)) { hr = myHLastError(); _JumpError(hr, error, "myDecodeName"); }
for ( prdn = pNameInfo->rgRDN, prdnEnd = &prdn[pNameInfo->cRDN]; NULL == pwszCN && prdn < prdnEnd; prdn++) { CERT_RDN_ATTR *prdna; CERT_RDN_ATTR *prdnaEnd;
for ( prdna = prdn->rgRDNAttr, prdnaEnd = &prdna[prdn->cRDNAttr]; prdna < prdnaEnd; prdna++) { CSASSERT( prdna->dwValueType == CERT_RDN_PRINTABLE_STRING || prdna->dwValueType == CERT_RDN_UNICODE_STRING || prdna->dwValueType == CERT_RDN_TELETEX_STRING || prdna->dwValueType == CERT_RDN_IA5_STRING || prdna->dwValueType == CERT_RDN_UTF8_STRING);
if (0 != strcmp(pcszAttributeOID, prdna->pszObjId) || NULL == prdna->Value.pbData || sizeof(WCHAR) > prdna->Value.cbData || L'\0' == *(WCHAR *) prdna->Value.pbData) { continue; } pwszCN = (WCHAR const *) prdna->Value.pbData; //break; don't break, we're interested in the last CN found, not the first
} } if (NULL != pwszCN) { hr = myDupString(pwszCN, ppwszCN); _JumpIfError(hr, error, "myDupString"); } else { hr = HRESULT_FROM_WIN32(ERROR_NOT_FOUND); }
error: if (NULL != pNameInfo) { LocalFree(pNameInfo); } return(hr);}
HRESULTmyGetCommonName( IN CERT_NAME_BLOB const *pNameBlob, IN BOOL fAllowDefault, OUT WCHAR **ppwszCN){ HRESULT hr;
hr = myGetRDNAttributeFromNameBlob(pNameBlob, szOID_COMMON_NAME, ppwszCN); if (S_OK != hr) { _PrintError(hr, "myGetRDNAttributeFromNameBlob"); *ppwszCN = NULL; if (HRESULT_FROM_WIN32(ERROR_NOT_FOUND) != hr) { _JumpError(hr, error, "myGetRDNAttributeFromNameBlob"); } } if (NULL == *ppwszCN) { if (!fAllowDefault) { hr = CERTSRV_E_BAD_REQUESTSUBJECT; _JumpError(hr, error, "No CN"); }
hr = CertNameToHashString(pNameBlob, ppwszCN); _JumpIfError(hr, error, "CertNameToHashString"); } hr = S_OK;
error: return(hr);}
// Decode OCTET string, and convert UTF8 string to Unicode.
// Can return S_OK and NULL pointer.
HRESULTmyDecodeCMCRegInfo( IN BYTE const *pbOctet, IN DWORD cbOctet, OUT WCHAR **ppwszRA){ HRESULT hr; CRYPT_DATA_BLOB *pBlob = NULL; DWORD cb;
*ppwszRA = NULL; if (!myDecodeObject( X509_ASN_ENCODING, X509_OCTET_STRING, pbOctet, cbOctet, CERTLIB_USE_LOCALALLOC, (VOID **) &pBlob, &cb)) { hr = myHLastError(); _JumpError(hr, error, "myDecodeObject"); } if (0 != pBlob->cbData && NULL != pBlob->pbData) { if (!myConvertUTF8ToWsz( ppwszRA, (CHAR const *) pBlob->pbData, pBlob->cbData)) { hr = myHLastError(); _JumpError(hr, error, "myConvertUTF8ToWsz"); } } hr = S_OK;
error: if (NULL != pBlob) { LocalFree(pBlob); } return(hr);}
DWORDmyGetCertNameProperty( IN BOOL fFirstRDN, // else last matching RDN
IN CERT_NAME_INFO const *pNameInfo, IN char const *pszObjId, OUT WCHAR const **ppwszName){ HRESULT hr; CERT_RDN_ATTR const *prdnaT; CERT_RDN const *prdn; CERT_RDN const *prdnEnd;
prdnaT = NULL; for ( prdn = pNameInfo->rgRDN, prdnEnd = &prdn[pNameInfo->cRDN]; prdn < prdnEnd; prdn++) { CERT_RDN_ATTR *prdna; CERT_RDN_ATTR *prdnaEnd;
for ( prdna = prdn->rgRDNAttr, prdnaEnd = &prdna[prdn->cRDNAttr]; prdna < prdnaEnd; prdna++) { if (0 == strcmp(prdna->pszObjId, pszObjId)) { prdnaT = prdna; if (fFirstRDN) { goto done; } } } } if (NULL == prdnaT) { hr = CERTSRV_E_PROPERTY_EMPTY; goto error; }
done: *ppwszName = (WCHAR const *) prdnaT->Value.pbData; hr = S_OK;
error: return(hr);
}
VOIDmyUuidCreate( OUT UUID *pUuid){ HRESULT hr; BYTE *pb;
ZeroMemory(pUuid, sizeof(*pUuid)); hr = UuidCreate(pUuid); if (S_OK != hr) { BYTE *pbEnd; CSASSERT((HRESULT) RPC_S_UUID_LOCAL_ONLY == hr);
// No net card? Fake up a GUID:
pb = (BYTE *) pUuid; pbEnd = (BYTE *) pb + sizeof(*pUuid);
GetSystemTimeAsFileTime((FILETIME *) pb); pb += sizeof(FILETIME);
while (pb < pbEnd) { *(DWORD *) pb = GetTickCount(); pb += sizeof(DWORD); } CSASSERT(pb == pbEnd); }}
VOIDmyGenerateGuidSerialNumber( OUT GUID *pguidSerialNumber){ BYTE *pb;
myUuidCreate(pguidSerialNumber);
pb = &((BYTE *) pguidSerialNumber)[sizeof(*pguidSerialNumber) - 1];
// make sure the last byte is never zero
if (0 == *pb) { *pb = 'z'; }
// Some clients can't handle negative serial numbers:
*pb &= 0x7f;}
BOOLmyAreBlobsSame( IN BYTE const *pbData1, IN DWORD cbData1, IN BYTE const *pbData2, IN DWORD cbData2){ BOOL ret = FALSE;
if (cbData1 != cbData2) { goto error; } if (NULL != pbData1 && NULL != pbData2) { if (0 != memcmp(pbData1, pbData2, cbData1)) { goto error; } }
// else at least one is NULL -- they'd better both be NULL, & the count 0.
else if (pbData1 != pbData2 || 0 != cbData1) { goto error; } ret = TRUE;
error: return(ret);}
BOOLmyAreSerialNumberBlobsSame( IN CRYPT_INTEGER_BLOB const *pBlob1, IN CRYPT_INTEGER_BLOB const *pBlob2){ DWORD cbData1 = pBlob1->cbData; DWORD cbData2 = pBlob2->cbData;
if (NULL != pBlob1->pbData) { while (0 != cbData1 && 0 == pBlob1->pbData[cbData1 - 1]) { cbData1--; } } if (NULL != pBlob2->pbData) { while (0 != cbData2 && 0 == pBlob2->pbData[cbData2 - 1]) { cbData2--; } } return(myAreBlobsSame(pBlob1->pbData, cbData1, pBlob2->pbData, cbData2));}
// myAreCertContextBlobsSame -- return TRUE if the certs are identical.
BOOLmyAreCertContextBlobsSame( IN CERT_CONTEXT const *pcc1, IN CERT_CONTEXT const *pcc2){ return(myAreBlobsSame( pcc1->pbCertEncoded, pcc1->cbCertEncoded, pcc2->pbCertEncoded, pcc2->cbCertEncoded));}
WCHAR const g_wszCert[] = L"cert";
HRESULTmyIsDirWriteable( IN WCHAR const *pwszPath, IN BOOL fFilePath){ HRESULT hr; WCHAR *pwszBase; WCHAR *pwsz; WCHAR wszDir[MAX_PATH]; WCHAR wszTempFile[MAX_PATH];
if (fFilePath && iswalpha(pwszPath[0]) && L':' == pwszPath[1] && L'\0' == pwszPath[2]) { hr = HRESULT_FROM_WIN32(ERROR_BAD_PATHNAME); _JumpErrorStr(hr, error, "not a file path", pwszPath); } if (!GetFullPathName( pwszPath, ARRAYSIZE(wszDir), wszDir, &pwsz)) { hr = myHLastError(); _JumpErrorStr(hr, error, "GetFullPathName", pwszPath); } if (fFilePath) { if (NULL == pwsz) { hr = HRESULT_FROM_WIN32(ERROR_BAD_PATHNAME); _JumpErrorStr(hr, error, "not a file path", pwszPath); } pwszBase = wszDir; if (iswalpha(wszDir[0]) && L':' == wszDir[1] && L'\\' == wszDir[2]) { pwszBase += 3; } else if (L'\\' == wszDir[0] && L'\\' == wszDir[1]) { pwszBase += 2; }
if (pwsz > pwszBase && L'\\' == pwsz[-1]) { pwsz--; } *pwsz = L'\0'; }
if (!GetTempFileName(wszDir, g_wszCert, 0, wszTempFile)) { hr = myHLastError(); _JumpErrorStr(hr, error, "GetTempFileName", wszDir);
} if (!DeleteFile(wszTempFile)) { hr = myHLastError(); _JumpErrorStr(hr, error, "DeleteFile", wszTempFile); } hr = S_OK;
error: return(hr);}
HRESULTmyGetComputerObjectName( IN EXTENDED_NAME_FORMAT NameFormat, OUT WCHAR **ppwszComputerObjectName){ HRESULT hr; WCHAR *pwszComputerObjectName = NULL; DWORD cwc;
*ppwszComputerObjectName = NULL;
cwc = 0; if (!GetComputerObjectName(NameFormat, NULL, &cwc)) { hr = myHLastError(); if (HRESULT_FROM_WIN32(ERROR_INSUFFICIENT_BUFFER) != hr) { _JumpError(hr, error, "GetComputerObjectName"); } }
pwszComputerObjectName = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwszComputerObjectName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); }
if (!GetComputerObjectName(NameFormat, pwszComputerObjectName, &cwc)) { hr = myHLastError(); _JumpError(hr, error, "GetComputerObjectName"); }
*ppwszComputerObjectName = pwszComputerObjectName; pwszComputerObjectName = NULL; hr = S_OK;
error: if (NULL != pwszComputerObjectName) { LocalFree(pwszComputerObjectName); } return(hr);}
HRESULTmyGetComputerNames( OUT WCHAR **ppwszDnsName, OUT WCHAR **ppwszOldName){ HRESULT hr; DWORD cwc; WCHAR *pwszOldName = NULL;
*ppwszOldName = NULL; *ppwszDnsName = NULL;
cwc = MAX_COMPUTERNAME_LENGTH + 1; pwszOldName = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwszOldName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } if (!GetComputerName(pwszOldName, &cwc)) { hr = myHLastError(); _JumpError(hr, error, "GetComputerName"); }
hr = myGetMachineDnsName(ppwszDnsName); _JumpIfError(hr, error, "myGetMachineDnsName");
*ppwszOldName = pwszOldName; pwszOldName = NULL;
error: if (NULL != pwszOldName) { LocalFree(pwszOldName); } return(hr);}
HRESULTmyGetComputerNameEx( IN COMPUTER_NAME_FORMAT NameFormat, OUT WCHAR **ppwszName){ HRESULT hr; WCHAR *pwszName = NULL; DWORD cwc;
*ppwszName = NULL;
cwc = 0; if (!GetComputerNameEx(NameFormat, NULL, &cwc)) { hr = myHLastError(); if (HRESULT_FROM_WIN32(ERROR_MORE_DATA) != hr) { _JumpError(hr, error, "GetComputerNameEx"); } } pwszName = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwszName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } if (!GetComputerNameEx(NameFormat, pwszName, &cwc)) { hr = myHLastError(); _JumpError(hr, error, "GetComputerNameEx"); }
*ppwszName = pwszName; pwszName = NULL; hr = S_OK;
error: if (NULL != pwszName) { LocalFree(pwszName); } return(hr);}
typedef LANGID (WINAPI FNSETTHREADUILANGUAGE)( IN WORD wReserved);
LANGIDmySetThreadUILanguage( IN WORD wReserved){ HMODULE hModule; LANGID lang = 0; HANDLE hStdOut; static FNSETTHREADUILANGUAGE *s_pfn = NULL;
// Make the SetThreadUILanguage call only if a console exists:
// FILE_TYPE_CHAR (what about FILE_TYPE_PIPE, FILE_TYPE_DISK)
hStdOut = GetStdHandle(STD_OUTPUT_HANDLE); if (INVALID_HANDLE_VALUE != hStdOut && FILE_TYPE_CHAR == (~FILE_TYPE_REMOTE & GetFileType(hStdOut))) { if (NULL == s_pfn) { hModule = GetModuleHandle(TEXT("kernel32.dll")); if (NULL == hModule) { goto error; }
// load system function
s_pfn = (FNSETTHREADUILANGUAGE *) GetProcAddress( hModule, "SetThreadUILanguage"); if (NULL == s_pfn) { goto error; } } lang = (*s_pfn)(wReserved); }
error: return(lang);}
HRESULTmyFormConfigString( IN WCHAR const *pwszServer, IN WCHAR const *pwszCAName, OUT WCHAR **ppwszConfig){ HRESULT hr; WCHAR *pwszConfig = NULL;
*ppwszConfig = NULL;
pwszConfig = (WCHAR *) LocalAlloc(LPTR, (wcslen(pwszServer) + wcslen(pwszCAName) + 2) * sizeof(WCHAR)); if (NULL == pwszConfig) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); }
wcscpy(pwszConfig, pwszServer); wcscat(pwszConfig, L"\\"); wcscat(pwszConfig, pwszCAName);
*ppwszConfig = pwszConfig;
hr = S_OK;error: return hr;}
HRESULTmyCLSIDToWsz( IN CLSID const *pclsid, OUT WCHAR **ppwsz){ HRESULT hr; WCHAR *pwsz = NULL; WCHAR *pwsz1; WCHAR *pwsz2;
*ppwsz = NULL; hr = StringFromCLSID(*pclsid, &pwsz); _JumpIfError(hr, error, "StringFromCLSID");
for (pwsz1 = pwsz; L'\0' != *pwsz1; pwsz1++) { if (L'A' <= *pwsz1 && L'F' >= *pwsz1) { *pwsz1 += L'a' - L'A'; } }
pwsz1 = pwsz; pwsz2 = &pwsz[wcslen(pwsz) - 1]; if (wcLBRACE == *pwsz1 && wcRBRACE == *pwsz2) { pwsz1++; *pwsz2 = L'\0'; } hr = myDupString(pwsz1, ppwsz); _JumpIfError(hr, error, "myDupString");
error: if (NULL != pwsz) { CoTaskMemFree(pwsz); } return(hr);}
HRESULTmyLoadRCString( IN HINSTANCE hInstance, IN int iRCId, OUT WCHAR **ppwsz){#define CS_RCALLOCATEBLOCK 256
HRESULT hr; WCHAR *pwszTemp = NULL; int sizeTemp; int size; int cBlocks = 1;
*ppwsz = NULL;
size = 0; while (NULL == pwszTemp) { sizeTemp = cBlocks * CS_RCALLOCATEBLOCK;
pwszTemp = (WCHAR*)LocalAlloc(LMEM_FIXED | LMEM_ZEROINIT, sizeTemp * sizeof(WCHAR)); if (NULL == pwszTemp) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); }
size = LoadString( hInstance, iRCId, pwszTemp, sizeTemp); if (0 == size) { hr = myHLastError(); DBGPRINT(( DBG_SS_CERTLIB, "myLoadRCString(hInstance=%x, iRCId=%u) --> %x\n", hInstance, iRCId, hr)); if (S_OK != hr && HRESULT_FROM_WIN32(ERROR_RESOURCE_NAME_NOT_FOUND) != hr) { _JumpError(hr, error, "LoadString"); } }
if (size < sizeTemp - 1) { // ok, size is big enough
break; } ++cBlocks; LocalFree(pwszTemp); pwszTemp = NULL; }
*ppwsz = (WCHAR*) LocalAlloc(LPTR, (size+1) * sizeof(WCHAR)); if (NULL == *ppwsz) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } if (0 == size) { // two possible cases, 1) real empty string or
// 2) id not found in resource. either case make it empty string
**ppwsz = L'\0'; } else { // copy it
wcscpy(*ppwsz, pwszTemp); }
hr = S_OK;error: if (NULL != pwszTemp) { LocalFree(pwszTemp); } return hr;}
HRESULT_IsConfigLocal( IN WCHAR const *pwszConfig, IN WCHAR const *pwszDnsName, IN WCHAR const *pwszOldName, OPTIONAL OUT WCHAR **ppwszMachine, OUT BOOL *pfLocal){ HRESULT hr; WCHAR *pwszMachine = NULL; WCHAR const *pwsz; DWORD cwc;
*pfLocal = FALSE; if (NULL != ppwszMachine) { *ppwszMachine = NULL; }
while (L'\\' == *pwszConfig) { pwszConfig++; } pwsz = wcschr(pwszConfig, L'\\'); if (NULL != pwsz) { cwc = SAFE_SUBTRACT_POINTERS(pwsz, pwszConfig); } else { cwc = wcslen(pwszConfig); } pwszMachine = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR)); if (NULL == pwszMachine) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } CopyMemory(pwszMachine, pwszConfig, cwc * sizeof(WCHAR)); pwszMachine[cwc] = L'\0';
if (0 == mylstrcmpiL(pwszMachine, pwszDnsName) || 0 == mylstrcmpiL(pwszMachine, pwszOldName)) { *pfLocal = TRUE; } if (NULL != ppwszMachine) { *ppwszMachine = pwszMachine; pwszMachine = NULL; } hr = S_OK;
error: if (NULL != pwszMachine) { LocalFree(pwszMachine); } return(hr);}
HRESULTmyIsConfigLocal( IN WCHAR const *pwszConfig, OPTIONAL OUT WCHAR **ppwszMachine, OUT BOOL *pfLocal){ HRESULT hr; WCHAR *pwszDnsName = NULL; WCHAR *pwszOldName = NULL;
*pfLocal = FALSE; if (NULL != ppwszMachine) { *ppwszMachine = NULL; }
hr = myGetComputerNames(&pwszDnsName, &pwszOldName); _JumpIfError(hr, error, "myGetComputerNames");
hr = _IsConfigLocal( pwszConfig, pwszDnsName, pwszOldName, ppwszMachine, pfLocal); _JumpIfError(hr, error, "_IsConfigLocal");
error: if (NULL != pwszDnsName) { LocalFree(pwszDnsName); } if (NULL != pwszOldName) { LocalFree(pwszOldName); } return(hr);}
HRESULTmyIsConfigLocal2( IN WCHAR const *pwszConfig, IN WCHAR const *pwszDnsName, IN WCHAR const *pwszOldName, OUT BOOL *pfLocal){ HRESULT hr; hr = _IsConfigLocal( pwszConfig, pwszDnsName, pwszOldName, NULL, pfLocal); _JumpIfError(hr, error, "_IsConfigLocal");
error: return(hr);}
HRESULTmyGetConfig( IN DWORD dwUIFlag, OUT WCHAR **ppwszConfig){ HRESULT hr; HRESULT hr2; BSTR strConfig = NULL; WCHAR *pwszConfig = NULL; WCHAR *pwszActiveCA = NULL; WCHAR *pwszCommonName = NULL; WCHAR *pwszDnsName = NULL;
CSASSERT(NULL != ppwszConfig); *ppwszConfig = NULL;
hr = ConfigGetConfig(DISPSETUP_COM, dwUIFlag, &strConfig); if (S_OK != hr) { if (CC_LOCALCONFIG != dwUIFlag) { _JumpError(hr, error, "ConfigGetConfig"); } hr2 = hr;
hr = myGetCertRegStrValue( NULL, NULL, NULL, wszREGACTIVE, &pwszActiveCA); _PrintIfError(hr, "myGetCertRegStrValue");
if (S_OK == hr) { hr = myGetCertRegStrValue( pwszActiveCA, NULL, NULL, wszREGCOMMONNAME, &pwszCommonName); _PrintIfError(hr, "myGetCertRegStrValue"); } if (S_OK != hr) { hr = hr2; _JumpError(hr, error, "ConfigGetConfig"); } hr = myGetMachineDnsName(&pwszDnsName); _JumpIfError(hr, error, "myGetMachineDnsName");
hr = myFormConfigString(pwszDnsName, pwszCommonName, &pwszConfig); _JumpIfError(hr, error, "myFormConfigString");
if (!ConvertWszToBstr(&strConfig, pwszConfig, MAXDWORD)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "ConvertWszToBstr"); } } *ppwszConfig = (WCHAR *) LocalAlloc( LMEM_FIXED, SysStringByteLen(strConfig) + sizeof(WCHAR)); if (NULL == *ppwszConfig) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } wcscpy(*ppwszConfig, strConfig); CSASSERT( wcslen(*ppwszConfig) * sizeof(WCHAR) == SysStringByteLen(strConfig)); hr = S_OK;
error: if (NULL != pwszActiveCA) { LocalFree(pwszActiveCA); } if (NULL != pwszCommonName) { LocalFree(pwszCommonName); } if (NULL != pwszDnsName) { LocalFree(pwszDnsName); } if (NULL != pwszConfig) { LocalFree(pwszConfig); } if (NULL != strConfig) { SysFreeString(strConfig); } return(hr);}
HRESULTmyBuildPathAndExt( IN WCHAR const *pwszDir, IN WCHAR const *pwszFile, OPTIONAL IN WCHAR const *pwszExt, OUT WCHAR **ppwszPath){ HRESULT hr; WCHAR *pwsz; DWORD cwc;
*ppwszPath = NULL; cwc = wcslen(pwszDir) + 1 + wcslen(pwszFile) + 1; if (NULL != pwszExt) { cwc += wcslen(pwszExt); }
pwsz = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwsz) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } wcscpy(pwsz, pwszDir); if (L'\\' != pwsz[wcslen(pwsz) - 1]) { wcscat(pwsz, L"\\"); } wcscat(pwsz, pwszFile); if (NULL != pwszExt) { wcscat(pwsz, pwszExt); } *ppwszPath = pwsz; hr = S_OK;
error: return(hr);}
HRESULTmyDeleteFilePattern( IN WCHAR const *pwszDir, OPTIONAL IN WCHAR const *pwszPattern, // defaults to L"*.*"
IN BOOL fRecurse){ HRESULT hr; HRESULT hr2; HANDLE hf; WIN32_FIND_DATA wfd; WCHAR *pwszFindPath = NULL; WCHAR *pwszDeleteFile; WCHAR *pwszDeletePath = NULL;
DBGPRINT(( DBG_SS_CERTLIBI, "myDeleteFilePattern(%ws, %ws, %ws)\n", pwszDir, pwszPattern, fRecurse? L"Recurse" : L"NO Recurse"));
if (NULL == pwszPattern) { pwszPattern = L"*.*"; }
hr = myBuildPathAndExt(pwszDir, pwszPattern, NULL, &pwszFindPath); _JumpIfError(hr, error, "myBuildPathAndExt");
pwszDeletePath = (WCHAR *) LocalAlloc( LMEM_FIXED, (wcslen(pwszDir) + 1 + MAX_PATH) * sizeof(WCHAR)); if (NULL == pwszDeletePath) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } wcscpy(pwszDeletePath, pwszFindPath); pwszDeleteFile = wcsrchr(pwszDeletePath, L'\\'); CSASSERT(NULL != pwszDeleteFile); pwszDeleteFile++;
hf = FindFirstFile(pwszFindPath, &wfd); if (INVALID_HANDLE_VALUE == hf) { hr = myHLastError(); if (HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND) == hr || HRESULT_FROM_WIN32(ERROR_PATH_NOT_FOUND) == hr) { hr = S_OK; goto error; } _JumpErrorStr(hr, error, "FindFirstFile", pwszFindPath); } do { wcscpy(pwszDeleteFile, wfd.cFileName); if (wfd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { if (fRecurse && 0 != lstrcmp(L".", wfd.cFileName) && 0 != lstrcmp(L"..", wfd.cFileName)) { DBGPRINT(( DBG_SS_CERTLIBI, "myDeleteFilePattern(DIR): %ws\n", pwszDeletePath)); hr2 = myRemoveFilesAndDirectory(pwszDeletePath, TRUE); if (S_OK != hr2) { if (S_OK == hr) { hr = hr2; // only return first error
} _PrintErrorStr(hr2, "myRemoveFilesAndDirectory", pwszDeletePath); } } } else { DBGPRINT(( DBG_SS_CERTLIBI, "myDeleteFilePattern: %ws\n", pwszDeletePath)); if (!DeleteFile(pwszDeletePath)) { hr2 = myHLastError(); if (S_OK == hr) { hr = hr2; // only return first error
} _PrintErrorStr(hr2, "DeleteFile", pwszDeletePath); } } } while (FindNextFile(hf, &wfd)); FindClose(hf);
error: if (NULL != pwszFindPath) { LocalFree(pwszFindPath); } if (NULL != pwszDeletePath) { LocalFree(pwszDeletePath); } return(hr);}
HRESULTmyRemoveFilesAndDirectory( IN WCHAR const *pwszPath, IN BOOL fRecurse){ HRESULT hr; HRESULT hr2;
hr = myDeleteFilePattern(pwszPath, NULL, fRecurse); if (S_OK != hr) { _PrintErrorStr(hr, "myDeleteFilePattern", pwszPath); } if (!RemoveDirectory(pwszPath)) { hr2 = myHLastError(); if (HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND) != hr2 && HRESULT_FROM_WIN32(ERROR_PATH_NOT_FOUND) != hr2) { if (S_OK == hr) { hr = hr2; // only return first error
} _JumpErrorStr(hr2, error, "RemoveDirectory", pwszPath); } }
error: return(hr);}
BOOLmyIsFullPath( IN WCHAR const *pwszPath, OUT DWORD *pdwFlag){ BOOL fFullPath = FALSE;
*pdwFlag = 0; if (NULL != pwszPath) { if (L'\\' == pwszPath[0] && L'\\' == pwszPath[1]) { fFullPath = TRUE; *pdwFlag = UNC_PATH; } else if (iswalpha(pwszPath[0]) && L':' == pwszPath[1] && L'\\' == pwszPath[2]) { fFullPath = TRUE; *pdwFlag = LOCAL_PATH; } } return(fFullPath);}
// Convert local full path to UNC, as in c:\foo... --> \\server\c$\foo...
// If pwszServer is NULL or empty, preserve the local full path
HRESULTmyConvertLocalPathToUNC( OPTIONAL IN WCHAR const *pwszServer, IN WCHAR const *pwszFile, OUT WCHAR **ppwszFileUNC){ HRESULT hr; DWORD cwc; WCHAR const *pwsz; WCHAR *pwszDst; WCHAR *pwszFileUNC = NULL;
if (!iswalpha(pwszFile[0]) || L':' != pwszFile[1] || L'\\' != pwszFile[2]) { hr = E_INVALIDARG; _JumpError(hr, error, "non-local path"); } if (NULL != pwszServer && L'\0' == *pwszServer) { pwszServer = NULL; } cwc = wcslen(pwszFile) + 1; if (NULL != pwszServer) { cwc += 2 + wcslen(pwszServer) + 1; }
pwszFileUNC = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwszFileUNC) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc pwszFiles"); }
pwsz = pwszFile; pwszDst = pwszFileUNC; if (NULL != pwszServer) { wcscpy(pwszDst, L"\\\\"); // --> "\\"
wcscat(pwszDst, pwszServer); // --> "\\server"
pwszDst += wcslen(pwszDst); *pwszDst++ = L'\\'; // --> "\\server\"
*pwszDst++ = *pwsz++; // --> "\\server\c"
*pwszDst++ = L'$'; // --> "\\server\c$"
pwsz++; // skip colon
} wcscpy(pwszDst, pwsz); // --> "\\server\c$\foo..."
*ppwszFileUNC = pwszFileUNC; hr = S_OK;
error: return(hr);}
WCHAR const *LocalStart( IN WCHAR const *pwsz, OUT BOOL *pfUNC){ WCHAR const *pwc;
*pfUNC = FALSE; pwc = pwsz; if (L'\\' != *pwc) { pwc++; } if (L'\\' == pwc[0] || L'\\' == pwc[1]) { pwc = wcschr(&pwc[2], L'\\'); if (NULL != pwc && iswalpha(pwc[1]) && L'$' == pwc[2] && L'\\' == pwc[3]) { pwsz = &pwc[1]; *pfUNC = TRUE; } } return(pwsz);}
ULONGmyLocalPathwcslen( IN WCHAR const *pwsz){ BOOL fUNC;
return(wcslen(LocalStart(pwsz, &fUNC)));}
VOIDmyLocalPathwcscpy( OUT WCHAR *pwszOut, IN WCHAR const *pwszIn){ BOOL fUNC;
wcscpy(pwszOut, LocalStart(pwszIn, &fUNC)); if (fUNC) { CSASSERT(L'$' == pwszOut[1]); pwszOut[1] = L':'; }}
HRESULTmyConvertUNCPathToLocal( IN WCHAR const *pwszUNCPath, OUT WCHAR **ppwszLocalPath){ HRESULT hr; DWORD cwc; WCHAR *pwszLocalPath; CSASSERT(NULL != pwszUNCPath); CSASSERT(NULL != ppwszLocalPath); *ppwszLocalPath = NULL;
if (L'\\' != pwszUNCPath[0] || L'\\' != pwszUNCPath[1]) { hr = E_INVALIDARG; _JumpError(hr, error, "bad parm"); } cwc = myLocalPathwcslen(pwszUNCPath) + 1; pwszLocalPath = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwszLocalPath) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } myLocalPathwcscpy(pwszLocalPath, pwszUNCPath); *ppwszLocalPath = pwszLocalPath; hr = S_OK;
error: return(hr);}
//+-------------------------------------------------------------------------
// Description: create any number of directories in one call
//--------------------------------------------------------------------------
HRESULTmyCreateNestedDirectories( WCHAR const *pwszDirectory){ HRESULT hr;
WCHAR rgszDir[MAX_PATH]; // static buffer
WCHAR *pszNext = const_cast<WCHAR*>(pwszDirectory); // point to end of current directory
// skip "X:\"
if ((pszNext[1] == L':') && (pszNext[2] == L'\\')) pszNext += 3;
while (pszNext) // incr past
{ DWORD ch;
// find the next occurence of '\'
pszNext = wcschr(pszNext, L'\\'); if (pszNext == NULL) { // last directory: copy everything
wcscpy(rgszDir, pwszDirectory); } else { // else copy up to Next ptr
ch = SAFE_SUBTRACT_POINTERS(pszNext, pwszDirectory); if (0 != ch) { CopyMemory(rgszDir, pwszDirectory, ch*sizeof(WCHAR)); // zero-term
rgszDir[ch] = L'\0'; // incr past '\\'
pszNext++; } else { //if ch = 0, means the first char is \, skip CreateDirectory
pszNext++; //must shift to next char to get out of loop
continue; } } // UNDONE: PeteSk - add in directory security
if (!CreateDirectory(rgszDir, NULL)) { hr = myHLastError(); if (HRESULT_FROM_WIN32(ERROR_ALREADY_EXISTS) != hr) { // something must be wrong with the path
_JumpError(hr, error, "CreateDirectory"); } } }
hr = S_OK; error: return hr;}
HRESULTmyUncanonicalizeURLParm( IN WCHAR const *pwszParmIn, OUT WCHAR **ppwszParmOut){ HRESULT hr; DWORD cwc; WCHAR *pwszCanon = NULL; WCHAR *pwszUncanon = NULL; static const WCHAR s_wszLdap[] = L"ldap:///";
*ppwszParmOut = NULL;
cwc = WSZARRAYSIZE(s_wszLdap) + wcslen(pwszParmIn); pwszCanon = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR)); if (NULL == pwszCanon) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } wcscpy(pwszCanon, s_wszLdap); wcscat(&pwszCanon[WSZARRAYSIZE(s_wszLdap)], pwszParmIn);
hr = myInternetUncanonicalizeURL(pwszCanon, &pwszUncanon); _JumpIfError(hr, error, "myInternetUncanonicalizeURL");
hr = myDupString(&pwszUncanon[WSZARRAYSIZE(s_wszLdap)], ppwszParmOut); _JumpIfError(hr, error, "myDupString");
error: if (NULL != pwszCanon) { LocalFree(pwszCanon); } if (NULL != pwszUncanon) { LocalFree(pwszUncanon); } return(hr);}
// myFormatCertsrvStringArray FormatMessage arguments:
//
// %1 -- Machine full DNS name: pwszServerName_p1_2;
//
// %2 -- Machine short name: first DNS component of pwszServerName_p1_2
//
// %3 -- Sanitized CA name: pwszSanitizedName_p3_7
//
// %4 -- Cert Filename Suffix:
// if 0 == iCert_p4 && MAXDWORD == iCertTarget_p4: L""
// else if MAXDWORD != iCertTarget_p4 L"(%u-%u)"
// else L"(%u)"
//
// %5 -- DS DN path to Domain root: pwszDomainDN_p5
//
// %6 -- DS DN path to Configuration container: pwszConfigDN_p6
//
// %7 -- Sanitized CA name, truncated and hash suffix added if too long:
// pwszSanitizedName_p3_7
//
// %8 -- CRL Filename/Key Name Suffix: L"" if 0 == iCRL_p8; else L"(%u)"
//
// %9 -- CRL Filename Suffix: L"" if !fDeltaCRL_p9; else L"+"
//
// %10 -- DS CRL attribute: L"" if !fDSAttrib_p10_11; depends on fDeltaCRL_p9
//
// %11 -- DS CA Cert attribute: L"" if !fDSAttrib_p10_11
//
// %12 -- DS user cert attribute
//
// %13 -- DS KRA cert attribute
//
// %14 -- DS cross cert pair attribute
HRESULT myFormatCertsrvStringArray( IN BOOL fURL, IN LPCWSTR pwszServerName_p1_2, IN LPCWSTR pwszSanitizedName_p3_7, IN DWORD iCert_p4, IN DWORD iCertTarget_p4, IN LPCWSTR pwszDomainDN_p5, IN LPCWSTR pwszConfigDN_p6, IN DWORD iCRL_p8, IN BOOL fDeltaCRL_p9, IN BOOL fDSAttrib_p10_11, IN DWORD cStrings, IN LPCWSTR *apwszStringsIn, OUT LPWSTR *apwszStringsOut){ HRESULT hr = S_OK; LPCWSTR apwszInsertionArray[100]; // 100 'cause this is the max number of insertion numbers allowed by FormatMessage
LPWSTR pwszCurrent = NULL; BSTR strShortMachineName = NULL; DWORD i; WCHAR *pwszSanitizedDSName = NULL; WCHAR wszCertSuffix[2 * cwcFILENAMESUFFIXMAX]; WCHAR wszCRLSuffix[cwcFILENAMESUFFIXMAX]; WCHAR wszDeltaCRLSuffix[cwcFILENAMESUFFIXMAX]; WCHAR const *pwszT;
ZeroMemory(apwszStringsOut, cStrings * sizeof(apwszStringsOut[0])); ZeroMemory(apwszInsertionArray, sizeof(apwszInsertionArray));
// Format the template into a real name
// Initialize the insertion string array.
//+================================================
// Machine DNS name (%1)
CSASSERT(L'1' == wszFCSAPARM_SERVERDNSNAME[1]); apwszInsertionArray[1 - 1] = pwszServerName_p1_2;
//+================================================
// Short Machine Name (%2)
CSASSERT(L'2' == wszFCSAPARM_SERVERSHORTNAME[1]); strShortMachineName = SysAllocString(pwszServerName_p1_2); if (strShortMachineName == NULL) { hr = E_OUTOFMEMORY; _JumpIfError(hr, error, "SysAllocString"); }
pwszCurrent = wcschr(strShortMachineName, L'.'); if (NULL != pwszCurrent) { *pwszCurrent = 0; } apwszInsertionArray[2 - 1] = strShortMachineName;
//+================================================
// sanitized name (%3)
CSASSERT(L'3' == wszFCSAPARM_SANITIZEDCANAME[1]); apwszInsertionArray[3 - 1] = pwszSanitizedName_p3_7;
//+================================================
// Cert filename suffix (%4) | (%4-%4)
CSASSERT(L'4' == wszFCSAPARM_CERTFILENAMESUFFIX[1]); wszCertSuffix[0] = L'\0'; if (0 != iCert_p4 || MAXDWORD != iCertTarget_p4) { wsprintf( wszCertSuffix, MAXDWORD != iCertTarget_p4? L"(%u-%u)" : L"(%u)", iCert_p4, iCertTarget_p4); } apwszInsertionArray[4 - 1] = wszCertSuffix;
//+================================================
// Domain DN (%5)
if (NULL == pwszDomainDN_p5 || L'\0' == *pwszDomainDN_p5) { pwszDomainDN_p5 = L"DC=UnavailableDomainDN"; } CSASSERT(L'5' == wszFCSAPARM_DOMAINDN[1]); apwszInsertionArray[5 - 1] = pwszDomainDN_p5;
//+================================================
// Config DN (%6)
if (NULL == pwszConfigDN_p6 || L'\0' == *pwszConfigDN_p6) { pwszConfigDN_p6 = L"DC=UnavailableConfigDN"; } CSASSERT(L'6' == wszFCSAPARM_CONFIGDN[1]); apwszInsertionArray[6 - 1] = pwszConfigDN_p6;
// Don't pass pwszSanitizedName_p3_7 to SysAllocStringLen with the extended
// length to avoid faulting past end of pwszSanitizedName_p3_7.
//+================================================
// Sanitized Short Name (%7)
CSASSERT(L'7' == wszFCSAPARM_SANITIZEDCANAMEHASH[1]); hr = mySanitizedNameToDSName(pwszSanitizedName_p3_7, &pwszSanitizedDSName); _JumpIfError(hr, error, "mySanitizedNameToDSName");
apwszInsertionArray[7 - 1] = pwszSanitizedDSName;
//+================================================
// CRL filename suffix (%8)
CSASSERT(L'8' == wszFCSAPARM_CRLFILENAMESUFFIX[1]); wszCRLSuffix[0] = L'\0'; if (0 != iCRL_p8) { wsprintf(wszCRLSuffix, L"(%u)", iCRL_p8); } apwszInsertionArray[8 - 1] = wszCRLSuffix;
//+================================================
// Delta CRL filename suffix (%9)
CSASSERT(L'9' == wszFCSAPARM_CRLDELTAFILENAMESUFFIX[1]); wszDeltaCRLSuffix[0] = L'\0'; if (fDeltaCRL_p9) { wcscpy(wszDeltaCRLSuffix, L"+"); } apwszInsertionArray[9 - 1] = wszDeltaCRLSuffix;
//+================================================
// CRL attribute (%10)
CSASSERT(L'1' == wszFCSAPARM_DSCRLATTRIBUTE[1]); CSASSERT(L'0' == wszFCSAPARM_DSCRLATTRIBUTE[2]); pwszT = L""; if (fDSAttrib_p10_11) { pwszT = fDeltaCRL_p9? wszDSSEARCHDELTACRLATTRIBUTE : wszDSSEARCHBASECRLATTRIBUTE; } apwszInsertionArray[10 - 1] = pwszT;
//+================================================
// CA cert attribute (%11)
CSASSERT(L'1' == wszFCSAPARM_DSCACERTATTRIBUTE[1]); CSASSERT(L'1' == wszFCSAPARM_DSCACERTATTRIBUTE[2]); pwszT = L""; if (fDSAttrib_p10_11) { pwszT = wszDSSEARCHCACERTATTRIBUTE; } apwszInsertionArray[11 - 1] = pwszT;
//+================================================
// User cert attribute (%12)
CSASSERT(L'1' == wszFCSAPARM_DSUSERCERTATTRIBUTE[1]); CSASSERT(L'2' == wszFCSAPARM_DSUSERCERTATTRIBUTE[2]); pwszT = L""; if (fDSAttrib_p10_11) { pwszT = wszDSSEARCHUSERCERTATTRIBUTE; } apwszInsertionArray[12 - 1] = pwszT;
//+================================================
// KRA cert attribute (%13)
CSASSERT(L'1' == wszFCSAPARM_DSKRACERTATTRIBUTE[1]); CSASSERT(L'3' == wszFCSAPARM_DSKRACERTATTRIBUTE[2]); pwszT = L""; if (fDSAttrib_p10_11) { pwszT = wszDSSEARCHKRACERTATTRIBUTE; } apwszInsertionArray[13 - 1] = pwszT;
//+================================================
// Cross cert pair attribute (%14)
CSASSERT(L'1' == wszFCSAPARM_DSCROSSCERTPAIRATTRIBUTE[1]); CSASSERT(L'4' == wszFCSAPARM_DSCROSSCERTPAIRATTRIBUTE[2]); pwszT = L""; if (fDSAttrib_p10_11) { pwszT = wszDSSEARCHCROSSCERTPAIRATTRIBUTE; } apwszInsertionArray[14 - 1] = pwszT;
//+================================================
// Now format the strings...
for (i = 0; i < cStrings; i++) { if (0 == FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_STRING | FORMAT_MESSAGE_ARGUMENT_ARRAY, (VOID *) apwszStringsIn[i], 0, // dwMessageID
0, // dwLanguageID
(LPWSTR) &apwszStringsOut[i], wcslen(apwszStringsIn[i]), (va_list *) apwszInsertionArray)) { hr = myHLastError(); _JumpError(hr, error, "FormatMessage"); } if (fURL) { WCHAR *pwsz; hr = myInternetCanonicalizeUrl(apwszStringsOut[i], &pwsz); _JumpIfError(hr, error, "myInternetCanonicalizeUrl");
LocalFree(apwszStringsOut[i]); apwszStringsOut[i] = pwsz; } }
error: if (S_OK != hr) { for (i = 0; i < cStrings; i++) { if (NULL != apwszStringsOut[i]) { LocalFree(apwszStringsOut[i]); apwszStringsOut[i] = NULL; } } } if (NULL != strShortMachineName) { SysFreeString(strShortMachineName); } if (NULL != pwszSanitizedDSName) { LocalFree(pwszSanitizedDSName); } return (hr);}
HRESULTmyAllocIndexedName( IN WCHAR const *pwszName, IN DWORD Index, IN DWORD IndexTarget, OUT WCHAR **ppwszIndexedName){ HRESULT hr; WCHAR wszIndex[1 + 2 * cwcDWORDSPRINTF + 3]; // L"(%u-%u)"
WCHAR *pwszIndexedName;
*ppwszIndexedName = NULL; wszIndex[0] = L'\0'; if (0 != Index || MAXDWORD != IndexTarget) { wsprintf( wszIndex, MAXDWORD != IndexTarget? L"(%u-%u)" : L"(%u)", Index, IndexTarget); } pwszIndexedName = (WCHAR *) LocalAlloc( LMEM_FIXED, (wcslen(pwszName) + wcslen(wszIndex) + 1) * sizeof(WCHAR)); if (NULL == pwszIndexedName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } wcscpy(pwszIndexedName, pwszName); wcscat(pwszIndexedName, wszIndex); *ppwszIndexedName = pwszIndexedName; hr = S_OK;
error: return(hr);}
int myWtoI( IN WCHAR const *string, OUT BOOL *pfValid){ HRESULT hr; WCHAR wszBuf[16]; WCHAR *pwszT = wszBuf; int cTmp = ARRAYSIZE(wszBuf); int i = 0; WCHAR const *pwsz; BOOL fSawDigit = FALSE; CSASSERT(NULL != pfValid); *pfValid = FALSE;
cTmp = FoldString(MAP_FOLDDIGITS, string, -1, pwszT, cTmp); if (cTmp == 0) { hr = myHLastError(); if (HRESULT_FROM_WIN32(ERROR_INSUFFICIENT_BUFFER) == hr) { hr = S_OK; cTmp = FoldString(MAP_FOLDDIGITS, string, -1, NULL, 0);
pwszT = (WCHAR *) LocalAlloc(LMEM_FIXED, cTmp * sizeof(WCHAR)); if (NULL == pwszT) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); }
cTmp = FoldString(MAP_FOLDDIGITS, string, -1, pwszT, cTmp); if (cTmp == 0) { hr = myHLastError(); } } _JumpIfError(hr, error, "FoldString"); } pwsz = pwszT; while (iswspace(*pwsz)) { pwsz++; } if (L'0' == *pwsz && (L'x' == pwsz[1] || L'X' == pwsz[1])) { pwsz += 2; while (iswxdigit(*pwsz)) { i <<= 4; if (iswdigit(*pwsz)) { i |= *pwsz - L'0'; } else if (L'A' <= *pwsz && L'F' >= *pwsz) { i |= *pwsz - L'A' + 10; } else { i |= *pwsz - L'a' + 10; } fSawDigit = TRUE; pwsz++; } } else { while (iswdigit(*pwsz)) { fSawDigit = TRUE; pwsz++; } i = _wtoi(pwszT); } while (iswspace(*pwsz)) { pwsz++; } if (L'\0' == *pwsz) { *pfValid = fSawDigit; }
error: if (NULL != pwszT && pwszT != wszBuf) { LocalFree(pwszT); } return(i);}
HRESULTmyGetEnvString( OUT WCHAR **ppwszOut, IN WCHAR const *pwszVariable){ HRESULT hr; WCHAR awcBuf[MAX_PATH]; DWORD len;
len = GetEnvironmentVariable(pwszVariable, awcBuf, ARRAYSIZE(awcBuf)); if (0 == len) { hr = myHLastError(); _JumpErrorStr2( hr, error, "GetEnvironmentVariable", pwszVariable, HRESULT_FROM_WIN32(ERROR_ENVVAR_NOT_FOUND)); } if (ARRAYSIZE(awcBuf) <= len) { hr = HRESULT_FROM_WIN32(ERROR_BUFFER_OVERFLOW); _JumpError(hr, error, "GetEnvironmentVariable"); } *ppwszOut = (WCHAR *) LocalAlloc( LMEM_FIXED, (wcslen(awcBuf) + 1) * sizeof(WCHAR)); if (NULL == *ppwszOut) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } wcscpy(*ppwszOut, awcBuf); hr = S_OK;
error: return(hr);}
BOOLIsValidAttributeChar( IN WCHAR wc){ BOOL fOk = TRUE;
if (myIsMinusSign(wc) || iswspace(wc)) { fOk = FALSE; } return(fOk);}
// myParseNextAttribute -- destructively parse a name, value attribute pair.
// Allow CR and/or LF delimiters -- MAC web pages seem to convert LFs into CRs.
HRESULTmyParseNextAttribute( IN OUT WCHAR **ppwszBuf, IN BOOL fURL, // Use = and & instead of : and \r\n
OUT WCHAR const **ppwszName, OUT WCHAR const **ppwszValue){ HRESULT hr; WCHAR *pwszBuf = *ppwszBuf; WCHAR wcSep = fURL? L'=' : L':'; WCHAR *wszTerm = fURL? L"&" : L"\r\n";
for (;;) { WCHAR *pwcToken; WCHAR *pwcDst; WCHAR *pwc; WCHAR const *pwszTerm; WCHAR wszQuote[2];
// Find the beginning of the next token
while (iswspace(*pwszBuf)) { pwszBuf++; } pwcToken = pwszBuf; pwszBuf = wcschr(pwszBuf, wcSep); if (NULL == pwszBuf) { hr = S_FALSE; goto error; }
// If there's a wszTerm char before the next wcSep char, start over.
pwc = &pwcToken[wcscspn(pwcToken, wszTerm)]; if (pwc < pwszBuf) { pwszBuf = pwc + 1; continue; } for (pwc = pwcDst = pwcToken; pwc < pwszBuf; pwc++) { if (IsValidAttributeChar(*pwc)) { *pwcDst++ = *pwc; } } pwszBuf++; // skip past the wcSep before it gets stomped
*pwcDst = L'\0'; // may stomp the wcSep separator
*ppwszName = pwcToken;
// Find beginning of Value string
while (NULL == wcschr(wszTerm, *pwszBuf) && iswspace(*pwszBuf)) { pwszBuf++; } wszQuote[0] = L'\0'; pwszTerm = wszTerm; if (fURL && (L'"' == *pwszBuf || L'\'' == *pwszBuf)) { wszQuote[0] = *pwszBuf; wszQuote[1] = L'\0'; pwszTerm = wszQuote; pwszBuf++; } pwcToken = pwszBuf;
// find end of Value string
pwc = &pwcToken[wcscspn(pwcToken, pwszTerm)]; pwszBuf = pwc; if (L'\0' != *pwszBuf) { // for case when last Value *is* terminated by a wszTerm char:
*pwszBuf++ = L'\0'; }
// trim trailing whitespace from Value string
while (--pwc >= pwcToken && iswspace(*pwc)) { *pwc = L'\0'; } if (L'\0' != wszQuote[0] && pwc >= pwcToken && wszQuote[0] == *pwc) { *pwc = L'\0'; } if (L'\0' == **ppwszName || L'\0' == *pwcToken) { continue; } *ppwszValue = pwcToken; break; } hr = S_OK;
error: *ppwszBuf = pwszBuf; return(hr);}
// Destructively parse an old-style 4 byte IP Address.
HRESULTinfParseIPV4Address( IN WCHAR *pwszValue, OUT BYTE *pb, IN OUT DWORD *pcb){ HRESULT hr; DWORD cb;
DBGPRINT((DBG_SS_CERTLIBI, "infParseIPV4Address(%ws)\n", pwszValue)); if (CB_IPV4ADDRESS > *pcb) { hr = HRESULT_FROM_WIN32(ERROR_BUFFER_OVERFLOW); _JumpError(hr, error, "buffer too small"); } for (cb = 0; cb < CB_IPV4ADDRESS; cb++) { WCHAR *pwszNext; BOOL fValid; DWORD dw; pwszNext = &pwszValue[wcscspn(pwszValue, L".")]; if (L'.' == *pwszNext) { *pwszNext++ = L'\0'; } dw = myWtoI(pwszValue, &fValid); if (!fValid || 255 < dw) { hr = E_INVALIDARG; _JumpErrorStr(hr, error, "bad IP Address digit string", pwszValue); } pb[cb] = (BYTE) dw; pwszValue = pwszNext; } if (L'\0' != *pwszValue) { hr = E_INVALIDARG; _JumpError(hr, error, "extra data"); } *pcb = cb; DBGPRINT(( DBG_SS_CERTLIBI, "infParseIPV4Address: %u.%u.%u.%u\n", pb[0], pb[1], pb[2], pb[3])); hr = S_OK;
error: return(hr);}
// Destructively parse a new-style 16 byte IP Address.
#define MAKE16(b0, b1) (((b0) << 8) | (b1))
HRESULTinfParseIPV6AddressSub( IN WCHAR *pwszValue, OUT BYTE *pb, IN OUT DWORD *pcb){ HRESULT hr; DWORD cbMax = *pcb; DWORD cb;
DBGPRINT((DBG_SS_CERTLIBI, "infParseIPV6AddressSub(%ws)\n", pwszValue)); ZeroMemory(pb, cbMax);
for (cb = 0; cb < cbMax; cb += 2) { WCHAR *pwszNext; BOOL fValid; DWORD dw; WCHAR awc[7]; pwszNext = &pwszValue[wcscspn(pwszValue, L":")]; if (L':' == *pwszNext) { *pwszNext++ = L'\0'; } if (L'\0' == *pwszValue) { break; } if (4 < wcslen(pwszValue)) { hr = E_INVALIDARG; _JumpErrorStr(hr, error, "too many IP Address digits", pwszValue); } wcscpy(awc, L"0x"); wcscat(awc, pwszValue); CSASSERT(wcslen(awc) < ARRAYSIZE(awc));
dw = myWtoI(awc, &fValid); if (!fValid || 64 * 1024 <= dw) { hr = E_INVALIDARG; _JumpErrorStr(hr, error, "bad IP Address digit string", pwszValue); } pb[cb] = (BYTE) (dw >> 8); pb[cb + 1] = (BYTE) dw; pwszValue = pwszNext; } if (L'\0' != *pwszValue) { hr = E_INVALIDARG; _JumpErrorStr(hr, error, "extra data", pwszValue); } *pcb = cb; hr = S_OK;
error: return(hr);}
// Destructively parse a new-style 16 byte IP Address.
HRESULTinfParseIPV6Address( IN WCHAR *pwszValue, OUT BYTE *pb, IN OUT DWORD *pcb){ HRESULT hr; DWORD cbMax; WCHAR *pwsz; WCHAR *pwszLeft; WCHAR *pwszRight; BYTE abRight[CB_IPV6ADDRESS]; DWORD cbLeft; DWORD cbRight; DWORD i; BOOL fV4Compat;
DBGPRINT((DBG_SS_CERTLIBI, "infParseIPV6Address(%ws)\n", pwszValue)); if (CB_IPV6ADDRESS > *pcb) { hr = HRESULT_FROM_WIN32(ERROR_BUFFER_OVERFLOW); _JumpError(hr, error, "buffer too small"); } ZeroMemory(pb, CB_IPV6ADDRESS); cbMax = CB_IPV6ADDRESS;
// If there's a period after the last colon, an IP V4 Address is attached.
// Parse it as an IP V4 Address, and reduce the expected size of the IP V6
// Address to be parsed from eight to six 16-bit address chunks.
pwsz = wcsrchr(pwszValue, L':'); if (NULL != pwsz) { if (NULL != wcschr(pwsz, L'.')) { DWORD cb = CB_IPV4ADDRESS;
hr = infParseIPV4Address( &pwsz[1], &pb[CB_IPV6ADDRESS - CB_IPV4ADDRESS], &cb); _JumpIfError(hr, error, "infParseIPV4Address");
CSASSERT(CB_IPV4ADDRESS == cb);
pwsz[1] = L'\0'; // get rid of the trailing IP V4 Address
// drop the trailing colon -- if it's not part of a double colon.
if (pwsz > pwszValue && L':' != *--pwsz) { pwsz[1] = L'\0'; } cbMax -= CB_IPV4ADDRESS; } } cbLeft = 0; cbRight = 0; pwszLeft = pwszValue; pwszRight = wcsstr(pwszValue, L"::"); if (NULL != pwszRight) { *pwszRight = L'\0'; pwszRight += 2; if (L'\0' != *pwszRight) { cbRight = cbMax; hr = infParseIPV6AddressSub(pwszRight, abRight, &cbRight); _JumpIfError(hr, error, "infParseIPV6AddressSub"); } }
if (L'\0' != *pwszLeft) { cbLeft = cbMax; hr = infParseIPV6AddressSub(pwszLeft, pb, &cbLeft); _JumpIfError(hr, error, "infParseIPV6AddressSub"); } if (NULL == pwszRight && cbLeft != cbMax) { hr = E_INVALIDARG; _JumpError(hr, error, "too few IP Address chunks"); } if (cbLeft + cbRight + (NULL != pwszRight? 1 : 0) > cbMax) { hr = E_INVALIDARG; _JumpError(hr, error, "too many IP Address chunks"); } if (0 != cbRight) { CopyMemory(&pb[cbMax - cbRight], abRight, cbRight); } *pcb = CB_IPV6ADDRESS;
fV4Compat = TRUE; for (i = 0; i < CB_IPV6ADDRESS - CB_IPV4ADDRESS - 2; i++) { if (0 != pb[i]) { fV4Compat = FALSE; break; } } if (fV4Compat) { CSASSERT(i == CB_IPV6ADDRESS - CB_IPV4ADDRESS - 2); fV4Compat = (0 == pb[i] && 0 == pb[i + 1]) || (0xff == pb[i] && 0xff == pb[i + 1]); } if (fV4Compat) { CSASSERT(i == CB_IPV6ADDRESS - CB_IPV4ADDRESS - 2); DBGPRINT(( DBG_SS_CERTLIBI, "infParseIPV6Address: ::%hs%u.%u.%u.%u\n", 0 == pb[i]? "" : "ffff:", pb[12], pb[13], pb[14], pb[15])); } else { DBGPRINT(( DBG_SS_CERTLIBI, "infParseIPV6Address: %x:%x:%x:%x:%x:%x:%x:%x\n", MAKE16(pb[0], pb[1]), MAKE16(pb[2], pb[3]), MAKE16(pb[4], pb[5]), MAKE16(pb[6], pb[7]), MAKE16(pb[8], pb[9]), MAKE16(pb[10], pb[11]), MAKE16(pb[12], pb[13]), MAKE16(pb[14], pb[15]))); } hr = S_OK;
error: return(hr);}
HRESULTmyParseIPAddress( IN WCHAR const *pwszValue, OUT BYTE *pbData, OUT DWORD *pcbData){ HRESULT hr; DWORD cb = *pcbData; WCHAR *pwszDup = NULL;
// if pwszValue is an empty string, return zero length.
*pcbData = 0; if (L'\0' != *pwszValue) { hr = myDupString(pwszValue, &pwszDup); _JumpIfError(hr, error, "myDupString");
if (NULL == wcschr(pwszDup, L':')) { hr = infParseIPV4Address(pwszDup, pbData, &cb); _JumpIfError(hr, error, "infParseIPV4Address"); } else { hr = infParseIPV6Address(pwszDup, pbData, &cb); _JumpIfError(hr, error, "infParseIPV6Address"); } *pcbData = cb; DBGDUMPHEX(( DBG_SS_CERTLIBI, DH_NOADDRESS | DH_NOTABPREFIX | 8, pbData, *pcbData)); } hr = S_OK;
error: if (NULL != pwszDup) { LocalFree(pwszDup); } return(hr);}
HRESULTmyBuildOSVersionAttribute( OUT BYTE **ppbVersion, OUT DWORD *pcbVersion){ HRESULT hr; DWORD i; OSVERSIONINFO osvInfo; CERT_NAME_VALUE cnvOSVer;#define cwcVERSIONMAX 128
WCHAR wszVersion[12 * 4 + cwcVERSIONMAX];
*ppbVersion = NULL; ZeroMemory(&osvInfo, sizeof(osvInfo));
// get the OSVersion
osvInfo.dwOSVersionInfoSize = sizeof(osvInfo); if (!GetVersionEx(&osvInfo)) { hr = myHLastError(); _JumpError(hr, error, "GetVersionEx"); } for (i = 0; ; i++) { swprintf( wszVersion, 0 == i? L"%d.%d.%d.%d.%.*ws" : L"%d.%d.%d.%d", osvInfo.dwMajorVersion, osvInfo.dwMinorVersion, osvInfo.dwBuildNumber, osvInfo.dwPlatformId, cwcVERSIONMAX, osvInfo.szCSDVersion); CSASSERT(ARRAYSIZE(wszVersion) > wcslen(wszVersion));
cnvOSVer.dwValueType = CERT_RDN_IA5_STRING; cnvOSVer.Value.pbData = (BYTE *) wszVersion; cnvOSVer.Value.cbData = 0;
if (!myEncodeObject( X509_ASN_ENCODING, X509_UNICODE_ANY_STRING, &cnvOSVer, 0, CERTLIB_USE_LOCALALLOC, ppbVersion, pcbVersion)) { hr = myHLastError(); _PrintError(hr, "myEncodeObject"); if (0 == i) { continue; } goto error; } break; } hr = S_OK;
error: return(hr);}
WCHAR const *myFixTemplateCase( IN WCHAR const *pwszCertType){ DWORD i; static WCHAR const *apwszCertType[] = { wszCERTTYPE_CA, wszCERTTYPE_SUBORDINATE_CA, wszCERTTYPE_CROSS_CA, };
for (i = 0; i < ARRAYSIZE(apwszCertType); i++) { if (0 == mylstrcmpiS(pwszCertType, apwszCertType[i])) { pwszCertType = apwszCertType[i]; break; } } return(pwszCertType);}
HRESULTmyBuildCertTypeExtension( IN WCHAR const *pwszCertType, OUT CERT_EXTENSION *pExt){ HRESULT hr; CERT_TEMPLATE_EXT Template; CERT_NAME_VALUE NameValue; LPCSTR pszStructType; char *pszObjId = NULL; VOID *pv; char *pszObjIdExt;
if (!ConvertWszToSz(&pszObjId, pwszCertType, -1)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "ConvertWszToSz"); } hr = myVerifyObjIdA(pszObjId); if (S_OK == hr) { ZeroMemory(&Template, sizeof(Template));
Template.pszObjId = pszObjId; //Template.dwMajorVersion = 0;
//Template.fMinorVersion = FALSE; // TRUE for a minor version
//Template.dwMinorVersion = 0;
pszStructType = X509_CERTIFICATE_TEMPLATE; pv = &Template; pszObjIdExt = szOID_CERTIFICATE_TEMPLATE; } else { NameValue.dwValueType = CERT_RDN_UNICODE_STRING; NameValue.Value.pbData = (BYTE *) myFixTemplateCase(pwszCertType); NameValue.Value.cbData = 0;
pszStructType = X509_UNICODE_ANY_STRING; pv = &NameValue; pszObjIdExt = szOID_ENROLL_CERTTYPE_EXTENSION; } if (!myEncodeObject( X509_ASN_ENCODING, pszStructType, pv, 0, CERTLIB_USE_LOCALALLOC, &pExt->Value.pbData, &pExt->Value.cbData)) { hr = myHLastError(); _JumpError(hr, error, "myEncodeObject"); } pExt->pszObjId = pszObjIdExt; pExt->fCritical = FALSE; hr = S_OK;
error: if (NULL != pszObjId) { LocalFree(pszObjId); } return(hr);}
VOIDmyPackExtensionArray( IN BOOL fFreeData, IN OUT DWORD *pcExt, IN OUT CERT_EXTENSION **prgExt){ CERT_EXTENSION *rgExt = *prgExt; DWORD cExt = *pcExt; DWORD i; DWORD j; CERT_EXTENSION *pExti; CERT_EXTENSION *pExtj;
for (i = 0; i < cExt; i++) { pExti = &rgExt[i];
if (NULL != pExti->pszObjId) { for (j = i + 1; j < cExt; j++) { pExtj = &rgExt[j];
if (NULL != pExtj->pszObjId && 0 == strcmp(pExti->pszObjId, pExtj->pszObjId)) { if (fFreeData) { LocalFree(pExtj->pszObjId); if (NULL != pExtj->Value.pbData) { LocalFree(pExtj->Value.pbData); } } pExtj->pszObjId = NULL; pExtj->Value.pbData = NULL; } } if (NULL == pExti->Value.pbData) { if (fFreeData) { LocalFree(pExti->pszObjId); } pExti->pszObjId = NULL; } } } for (i = j = 0; i < cExt; i++) { pExti = &rgExt[i]; pExtj = &rgExt[j];
CSASSERT((NULL != pExti->pszObjId) ^ (NULL == pExti->Value.pbData)); if (NULL != pExti->pszObjId && NULL != pExti->Value.pbData) { *pExtj = *pExti; j++; } } if (j < cExt) { ZeroMemory(&rgExt[j], (cExt - j) * sizeof(rgExt[0])); *pcExt = j; }}
HRESULTmyMergeExtensions( IN DWORD cExtOrg, IN CERT_EXTENSION *rgExtOrg, IN DWORD cExtInf, IN CERT_EXTENSION *rgExtInf, OUT DWORD *pcExtMerged, OUT CERT_EXTENSION **prgExtMerged){ HRESULT hr; CERT_EXTENSION *rgExtMerged;
*prgExtMerged = NULL;
rgExtMerged = (CERT_EXTENSION *) LocalAlloc( LMEM_FIXED, (cExtInf + cExtOrg) * sizeof(rgExtMerged[0])); if (NULL == rgExtMerged) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } if (0 != cExtInf) { CopyMemory( &rgExtMerged[0], &rgExtInf[0], cExtInf * sizeof(rgExtMerged[0])); } if (0 != cExtOrg) { CopyMemory( &rgExtMerged[cExtInf], &rgExtOrg[0], cExtOrg * sizeof(rgExtMerged[0])); } *pcExtMerged = cExtInf + cExtOrg; *prgExtMerged = rgExtMerged; myPackExtensionArray(FALSE, pcExtMerged, prgExtMerged); hr = S_OK;
error: return(hr);}
BOOLIsWhistler(VOID){ HRESULT hr; OSVERSIONINFO ovi; static BOOL s_fDone = FALSE; static BOOL s_fWhistler = FALSE;
if (!s_fDone) { s_fDone = TRUE;
// get and confirm platform info
ovi.dwOSVersionInfoSize = sizeof(ovi); if (!GetVersionEx(&ovi)) { hr = myHLastError(); _JumpError(hr, error, "GetVersionEx"); } if (VER_PLATFORM_WIN32_NT != ovi.dwPlatformId) { hr = ERROR_CANCELLED; _JumpError(hr, error, "Not a supported OS"); } if (5 < ovi.dwMajorVersion || (5 <= ovi.dwMajorVersion && 0 < ovi.dwMinorVersion)) { s_fWhistler = TRUE; } }
error: return(s_fWhistler);}
static BOOLGetFlags( OUT DWORD *pdw){ HRESULT hr = S_FALSE; *pdw = 0;
#if defined(_ALLOW_GET_FLAGS_)
hr = myGetCertRegDWValue(NULL, NULL, NULL, L"SFlags", pdw); if (S_OK == hr) { DBGPRINT(( DBG_SS_CERTLIB, "CertSrv\\Configuration\\SFlags override: %u\n", *pdw)); }#endif
return(S_OK == hr);}
BOOLFIsAdvancedServer(VOID){ HRESULT hr; OSVERSIONINFOEX ovi; static BOOL s_fDone = FALSE; static BOOL s_fIsAdvSvr = FALSE;
if (!s_fDone) { s_fDone = TRUE;
// get and confirm platform info
ovi.dwOSVersionInfoSize = sizeof(ovi); if (!GetVersionEx((OSVERSIONINFO *) &ovi)) { hr = myHLastError(); _JumpError(hr, error, "GetVersionEx"); } if (VER_PLATFORM_WIN32_NT != ovi.dwPlatformId) { hr = ERROR_CANCELLED; _JumpError(hr, error, "Not a supported OS"); } // if server or DC, if DTC or ADS bits are set, return TRUE
s_fIsAdvSvr = (ovi.wProductType == VER_NT_SERVER || ovi.wProductType == VER_NT_DOMAIN_CONTROLLER) && (ovi.wSuiteMask & VER_SUITE_DATACENTER || ovi.wSuiteMask & VER_SUITE_ENTERPRISE);
{ DWORD dw;
if (GetFlags(&dw)) { s_fIsAdvSvr = dw; } } }
error: return(s_fIsAdvSvr);}
BOOLFIsServer(VOID){ HRESULT hr; OSVERSIONINFOEX ovi; static BOOL s_fDone = FALSE; static BOOL s_fIsSvr = FALSE;
if (!s_fDone) { s_fDone = TRUE;
// get and confirm platform info
ovi.dwOSVersionInfoSize = sizeof(ovi); if (!GetVersionEx((OSVERSIONINFO *) &ovi)) { hr = myHLastError(); _JumpError(hr, error, "GetVersionEx"); } if (VER_PLATFORM_WIN32_NT != ovi.dwPlatformId) { hr = ERROR_CANCELLED; _JumpError(hr, error, "Not a supported OS"); } // if server or DC, if DTC or ADS bits are set, return TRUE
s_fIsSvr = (ovi.wProductType == VER_NT_SERVER || ovi.wProductType == VER_NT_DOMAIN_CONTROLLER) && 0 == ((VER_SUITE_PERSONAL | VER_SUITE_BLADE) & ovi.wSuiteMask);
if (!s_fIsSvr && VER_NT_WORKSTATION == ovi.wProductType) { DWORD dw;
if (GetFlags(&dw)) { s_fIsSvr = TRUE; } } }
error: return(s_fIsSvr);}
HRESULTmyAddLogSourceToRegistry( IN LPWSTR pwszMsgDLL, IN LPWSTR pwszApp){ HRESULT hr=S_OK; DWORD dwData=0; WCHAR const *pwszRegPath = L"SYSTEM\\CurrentControlSet\\Services\\EventLog\\Application\\"; WCHAR NameBuf[MAX_PATH];
HKEY hkey = NULL;
if (wcslen(pwszRegPath) + wcslen(pwszApp) >= ARRAYSIZE(NameBuf)) { hr = HRESULT_FROM_WIN32(ERROR_BUFFER_OVERFLOW); _JumpErrorStr(hr, error, "NameBuf", pwszApp); } wcscpy(NameBuf, pwszRegPath); wcscat(NameBuf, pwszApp);
// Create a new key for our application
hr = RegOpenKey(HKEY_LOCAL_MACHINE, NameBuf, &hkey); if (S_OK != hr) { hr = RegCreateKey(HKEY_LOCAL_MACHINE, NameBuf, &hkey); _JumpIfError(hr, error, "RegCreateKey"); }
// Add the Event-ID message-file name to the subkey
hr = RegSetValueEx( hkey, L"EventMessageFile", 0, REG_EXPAND_SZ, (const BYTE *) pwszMsgDLL, (wcslen(pwszMsgDLL) + 1) * sizeof(WCHAR)); _JumpIfError(hr, error, "RegSetValueEx");
// Set the supported types flags and add it to the subkey
dwData = EVENTLOG_ERROR_TYPE | EVENTLOG_WARNING_TYPE | EVENTLOG_INFORMATION_TYPE;
hr = RegSetValueEx( hkey, L"TypesSupported", 0, REG_DWORD, (LPBYTE) &dwData, sizeof(DWORD)); _JumpIfError(hr, error, "RegSetValueEx");
error: if (NULL != hkey) { RegCloseKey(hkey); } return(myHError(hr));}
HRESULTmyDupStringA( IN CHAR const *pszIn, IN CHAR **ppszOut){ DWORD cb; HRESULT hr;
cb = (strlen(pszIn) + 1) * sizeof(CHAR); *ppszOut = (CHAR *) LocalAlloc(LMEM_FIXED, cb); if (NULL == *ppszOut) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } CopyMemory(*ppszOut, pszIn, cb); hr = S_OK;
error: return(hr);}
HRESULTmyIsCurrentUserBuiltinAdmin( OUT bool *pfIsMember){ HANDLE hAccessToken = NULL, hDupToken = NULL; PSID psidAdministrators = NULL; SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY; HRESULT hr = S_OK; BOOL fIsMember = FALSE;
CSASSERT(pfIsMember);
if (!AllocateAndInitializeSid( &siaNtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &psidAdministrators)) { hr = myHLastError(); _JumpError(hr, error, "AllocateAndInitializeSid"); }
{ HANDLE hThread = GetCurrentThread(); if (NULL == hThread) { hr = myHLastError(); _JumpIfError(hr, error, "GetCurrentThread"); }
// Get the access token for current thread
if (!OpenThreadToken( hThread, TOKEN_QUERY | TOKEN_DUPLICATE, FALSE, &hAccessToken)) { hr = myHLastError();
if(hr==HRESULT_FROM_WIN32(ERROR_NO_TOKEN)) { HANDLE hProcess = GetCurrentProcess(); if (NULL == hProcess) { hr = myHLastError(); _JumpError(hr, error, "GetCurrentProcess"); }
if (!OpenProcessToken(hProcess, TOKEN_DUPLICATE, &hAccessToken)) { hr = myHLastError(); _JumpError(hr, error, "OpenProcessToken"); } } else { _JumpError(hr, error, "OpenThreadToken"); } } }
// CheckTokenMembership must operate on impersonation token, so make one
if (!DuplicateToken(hAccessToken, SecurityIdentification, &hDupToken)) { hr = myHLastError(); _JumpError(hr, error, "DuplicateToken"); }
if (!CheckTokenMembership( hDupToken, psidAdministrators, &fIsMember)) { hr = myHLastError(); _JumpError(hr, error, "CheckTokenMembership"); }
*pfIsMember = fIsMember?true:false;
hr = S_OK;
error: if (hAccessToken) CloseHandle(hAccessToken);
if (hDupToken) CloseHandle(hDupToken);
// Free the SID we allocated
if (psidAdministrators) FreeSid(psidAdministrators);
return(hr);}
HRESULTmySetRegistryLocalPathString( IN HKEY hkey, IN WCHAR const *pwszRegValueName, IN WCHAR const *pwszUNCPath){ HRESULT hr; WCHAR *pwszLocalPath = NULL;
hr = myConvertUNCPathToLocal(pwszUNCPath, &pwszLocalPath); _JumpIfError(hr, error, "myConvertUNCPathToLocal");
hr = RegSetValueEx( hkey, pwszRegValueName, 0, REG_SZ, (BYTE *) pwszLocalPath, (wcslen(pwszLocalPath) + 1) * sizeof(WCHAR)); _JumpIfError(hr, error, "RegSetValueEx");
error: if (NULL != pwszLocalPath) { LocalFree(pwszLocalPath); } return(hr);}
HRESULTmyLocalMachineIsDomainMember( OUT bool *pfIsDomainMember){ HRESULT hr = S_OK; NTSTATUS status; LSA_HANDLE PolicyHandle = NULL; PPOLICY_PRIMARY_DOMAIN_INFO pPDI = NULL; LSA_OBJECT_ATTRIBUTES ObjectAttributes;
CSASSERT(pfIsDomainMember);
*pfIsDomainMember = FALSE;
ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));
status = LsaOpenPolicy( NULL, &ObjectAttributes, GENERIC_READ | POLICY_VIEW_LOCAL_INFORMATION, &PolicyHandle);
if(ERROR_SUCCESS != status) { hr = myHError(LsaNtStatusToWinError(status)); _JumpError(hr, error, "LsaOpenPolicy"); }
status = LsaQueryInformationPolicy( PolicyHandle, PolicyPrimaryDomainInformation, (PVOID*)&pPDI); if(status) { hr = myHError(LsaNtStatusToWinError(status)); _JumpError(hr, error, "LsaQueryInformationPolicy"); }
if( pPDI->Sid ) { // domain member if has domain SID
*pfIsDomainMember = TRUE; }
error: if(pPDI) { LsaFreeMemory((LPVOID)pPDI); }
if(PolicyHandle) { LsaClose(PolicyHandle); }
return hr;}
HRESULTmyComputeMAC( IN WCHAR const *pcwsFileName, OUT WCHAR **ppwszMAC){ HRESULT hr; HANDLE hFile = INVALID_HANDLE_VALUE; HANDLE hFileMapping = NULL; BYTE *pbFile = NULL;
DWORD cbImage, cbImageHigh = 0; __int64 icbImage, icbHashed; WCHAR rgwszMAC[CBMAX_CRYPT_HASH_LEN * 3]; // 20 bytes @ 3 WCHARs/byte
DWORD cbString;
DWORD dwFileMappingSize; HCRYPTPROV hProv = NULL; HCRYPTHASH hHash = NULL; BYTE rgbHashVal[CBMAX_CRYPT_HASH_LEN]; DWORD cbHashVal = sizeof(rgbHashVal);
*ppwszMAC = NULL;
// find allocation granularity we can use
SYSTEM_INFO systemInfo; GetSystemInfo(&systemInfo); dwFileMappingSize = systemInfo.dwAllocationGranularity;
// get the file size
hFile = CreateFile( pcwsFileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0); if (INVALID_HANDLE_VALUE == hFile) { hr = myHLastError(); if (S_OK == hr) { _PrintError(hr, "CreateFile"); hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND); } _JumpErrorStr(hr, error, "CreateFile", pcwsFileName); }
if (0xffffffff == (cbImage = GetFileSize(hFile, &cbImageHigh))) { hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND); _JumpError(hr, error, "GetFileSize"); } icbImage = ((__int64) cbImageHigh << 32) | cbImage;
// create mapping, indicating we will map the entire file sooner or later
hFileMapping = CreateFileMapping(hFile, NULL, PAGE_READONLY, 0, 0, NULL); if(hFileMapping == NULL) { hr = myHLastError(); _JumpError(hr, error, "CreateFileMapping"); }
// get a cryptographic provider
if (!CryptAcquireContext( &hProv, NULL, // container
MS_DEF_PROV, // provider name
PROV_RSA_FULL, // provider type
CRYPT_VERIFYCONTEXT)) // dwflags
{ hr = myHLastError(); _JumpError(hr, error, "CryptAcquireContext"); }
// get a hash
if (!CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash)) { hr = myHLastError(); _JumpError(hr, error, "CryptCreateHash"); }
// begin looping over data
for (icbHashed = 0; icbHashed < icbImage; icbHashed += dwFileMappingSize) { DWORD cbBytesLeft = (DWORD) min( (__int64) dwFileMappingSize, icbImage - icbHashed);
// map the next blob into memory
pbFile = (BYTE *) MapViewOfFile( hFileMapping, FILE_MAP_READ, (DWORD) (icbHashed>>32), //hi32
(DWORD) (icbHashed), //lo32
cbBytesLeft); // max num bytes to map
if (NULL == pbFile) { hr = myHLastError(); _JumpError(hr, error, "MapViewOfFile"); }
// hash file
if (!CryptHashData(hHash, pbFile, cbBytesLeft, 0)) { hr = myHLastError(); _JumpError(hr, error, "CryptHashData"); }
// unmap this portion
if (!UnmapViewOfFile(pbFile)) { pbFile = NULL; hr = myHLastError(); _JumpError(hr, error, "UnmapViewOfFile"); } pbFile = NULL; } // end looping over data
// retry the hash
if (!CryptGetHashParam(hHash, HP_HASHVAL, rgbHashVal, &cbHashVal, 0)) { hr = myHLastError(); _JumpError(hr, error, "CryptGetHashParam"); }
cbString = sizeof(rgwszMAC); hr = MultiByteIntegerToWszBuf( TRUE, // byte multiple
cbHashVal, rgbHashVal, &cbString, rgwszMAC); _JumpIfError(hr, error, "MultiByteIntegerToWszBuf");
hr = myDupString(rgwszMAC, ppwszMAC); _JumpIfError(hr, error, "myDupString");
error: if (NULL != pbFile) { UnmapViewOfFile(pbFile); } if (NULL != hFileMapping) { CloseHandle(hFileMapping); } if (INVALID_HANDLE_VALUE != hFile) { CloseHandle(hFile); } if (NULL != hHash) { if (!CryptDestroyHash(hHash)) { if (hr == S_OK) { hr = myHLastError(); } } } if (NULL != hProv) { if (!CryptReleaseContext(hProv, 0)) { if (hr == S_OK) { hr = myHLastError(); } } } return(hr);}
HRESULTmyHExceptionCodePrintLineFile( IN EXCEPTION_POINTERS const *pep, IN DWORD dwLineFile){ return(myHExceptionCodePrint( pep, NULL, __LINEFILETOFILE__(dwLineFile), __LINEFILETOLINE__(dwLineFile)));}
BOOLmyShouldPrintError( IN HRESULT hr, IN HRESULT hrquiet){ BOOL fPrint = TRUE;
if (myIsDelayLoadHResult(hr)) {#if DBG_CERTSRV
if (!DbgIsSSActive(DBG_SS_MODLOAD))#endif
{ fPrint = FALSE; } } if (S_OK != hrquiet && hrquiet == hr) {#if DBG_CERTSRV
if (!DbgIsSSActive(DBG_SS_NOQUIET))#endif
{ fPrint = FALSE; } } return(fPrint);}
VOIDCSPrintErrorLineFileData2( OPTIONAL IN WCHAR const *pwszData, IN DWORD dwLineFile, IN HRESULT hr, IN HRESULT hrquiet){ WCHAR awchr[cwcHRESULTSTRING];
if (DbgIsSSActive(DBG_SS_ERROR) && myShouldPrintError(hr, hrquiet)) { DbgPrintf( MAXDWORD, "%u.%u.%u: %ws%ws%ws\n", __LINEFILETOFILE__(dwLineFile), __LINEFILETOLINE__(dwLineFile), 0, myHResultToString(awchr, hr), NULL != pwszData? L": " : L"", NULL != pwszData? pwszData : L"");
DBGPRINT(( DBG_SS_ERROR, "%u.%u.%u: %ws%ws%ws\n", __LINEFILETOFILE__(dwLineFile), __LINEFILETOLINE__(dwLineFile), 0, myHResultToString(awchr, hr), NULL != pwszData? L": " : L"", NULL != pwszData? pwszData : L"")); }}
VOIDCSPrintErrorLineFile( IN DWORD dwLineFile, IN HRESULT hr){ CSPrintErrorLineFileData2(NULL, dwLineFile, hr, S_OK);}
VOIDCSPrintErrorLineFile2( IN DWORD dwLineFile, IN HRESULT hr, IN HRESULT hrquiet){ CSPrintErrorLineFileData2(NULL, dwLineFile, hr, hrquiet);}
VOIDCSPrintErrorLineFileData( OPTIONAL IN WCHAR const *pwszData, IN DWORD dwLineFile, IN HRESULT hr){ CSPrintErrorLineFileData2(pwszData, dwLineFile, hr, S_OK);}
// Finds a template in list based on name or OID.
// Caller is responsible for CACloseCertType(hCertType) in case of success
HRESULTmyFindCertTypeByNameOrOID( IN const HCERTTYPE &hCertTypeList, IN OPTIONAL LPCWSTR pcwszCertName, IN OPTIONAL LPCWSTR pcwszCertOID, OUT HCERTTYPE& hCertType){ HRESULT hr; HCERTTYPE hCrtCertType; HCERTTYPE hPrevCertType;
CSASSERT(pcwszCertName || pcwszCertOID);
hCertType = NULL; hCrtCertType = hCertTypeList;
while (NULL != hCrtCertType) { LPWSTR *apwszCrtCertType; BOOL fFound;
hr = CAGetCertTypeProperty( hCrtCertType, CERTTYPE_PROP_CN, &apwszCrtCertType); _JumpIfError(hr, error, "CAGetCertTypeProperty CERTTYPE_PROP_CN");
if (NULL != apwszCrtCertType) { fFound = NULL != apwszCrtCertType[0] && NULL != pcwszCertName && 0 == mylstrcmpiS(apwszCrtCertType[0], pcwszCertName);
CAFreeCertTypeProperty(hCrtCertType, apwszCrtCertType); if (fFound) { break; } }
hr = CAGetCertTypeProperty( hCrtCertType, CERTTYPE_PROP_OID, &apwszCrtCertType);
// ignore errors, V1 templates don't have OIDs
if (S_OK == hr && NULL != apwszCrtCertType) { fFound = NULL != apwszCrtCertType[0] && NULL != pcwszCertOID && 0 == mylstrcmpiS(apwszCrtCertType[0], pcwszCertOID);
CAFreeCertTypeProperty(hCrtCertType, apwszCrtCertType); if (fFound) { break; } } hPrevCertType = hCrtCertType; hr = CAEnumNextCertType(hPrevCertType, &hCrtCertType); _JumpIfError(hr, error, "CAEnumNextCertType");
// hold on to the initial list
if (hCertTypeList != hPrevCertType) { CACloseCertType(hPrevCertType); } } if (NULL == hCrtCertType) { hr = HRESULT_FROM_WIN32(ERROR_NOT_FOUND); _JumpError2(hr, error, "NULL hCrtCertType", hr); } hCertType = hCrtCertType; hCrtCertType = NULL; hr = S_OK; error: if (NULL != hCrtCertType && hCertTypeList != hCrtCertType) { CACloseCertType(hCrtCertType); } return(hr);}
///////////////////////////////////////////////////////////////////////////////
// ConvertToString*
///////////////////////////////////////////////////////////////////////////////
HRESULT ConvertToStringI2I4( LONG lVal, LPWSTR *ppwszOut){ WCHAR wszVal[cwcDWORDSPRINTF]; // big enough to hold a LONG as string
_itow(lVal, wszVal, 10); *ppwszOut = (LPWSTR) LocalAlloc( LMEM_FIXED, sizeof(WCHAR)*(wcslen(wszVal)+1)); if(!*ppwszOut) { return E_OUTOFMEMORY; } wcscpy(*ppwszOut, wszVal); return S_OK;}
///////////////////////////////////////////////////////////////////////////////
HRESULT ConvertToStringUI2UI4( ULONG ulVal, LPWSTR *ppwszOut){ WCHAR wszVal[cwcDWORDSPRINTF]; // big enough to hold a LONG as string
_itow(ulVal, wszVal, 10); *ppwszOut = (LPWSTR) LocalAlloc( LMEM_FIXED, sizeof(WCHAR)*(wcslen(wszVal)+1)); if(!*ppwszOut) { return E_OUTOFMEMORY; } wcscpy(*ppwszOut, wszVal); return S_OK;}
///////////////////////////////////////////////////////////////////////////////
HRESULT ConvertToStringUI8( ULARGE_INTEGER *puliVal, LPWSTR *ppwszOut){ WCHAR wszVal[cwcULONG_INTEGERSPRINTF]; // big enough to hold a LONG as string
_ui64tow(puliVal->QuadPart, wszVal, 10); *ppwszOut = (LPWSTR) LocalAlloc( LMEM_FIXED, sizeof(WCHAR)*(wcslen(wszVal)+1)); if(!*ppwszOut) { return E_OUTOFMEMORY; } wcscpy(*ppwszOut, wszVal); return S_OK;}
///////////////////////////////////////////////////////////////////////////////
HRESULT ConvertToStringWSZ( LPCWSTR pcwszVal, LPWSTR *ppwszOut, bool fDoublePercentsInString)
{ if(fDoublePercentsInString) { // replace each occurence of % with %%
return DoublePercentsInString( pcwszVal, ppwszOut); } else { *ppwszOut = (LPWSTR) LocalAlloc( LMEM_FIXED, sizeof(WCHAR)*(wcslen(pcwszVal)+1)); if(!*ppwszOut) { return E_OUTOFMEMORY; } wcscpy(*ppwszOut, pcwszVal); } return S_OK;}
///////////////////////////////////////////////////////////////////////////////
HRESULT ConvertToStringArrayUI1( LPSAFEARRAY psa, LPWSTR *ppwszOut){ SafeArrayEnum<BYTE> saenum(psa); if(!saenum.IsValid()) { return E_INVALIDARG; } BYTE b; // byte array is formated as "0x00 0x00..." ie 5
// chars per byte
*ppwszOut = (LPWSTR) LocalAlloc( LMEM_FIXED, sizeof(WCHAR)*(saenum.GetCount()*5 + 1));
if(!*ppwszOut) return E_OUTOFMEMORY;
LPWSTR pwszCrt = *ppwszOut; while(S_OK==saenum.Next(b)) { wsprintf(pwszCrt, L"0x%02X ", b); // eg "0x0f" or "0xa4"
pwszCrt+=5; } return S_OK;}
///////////////////////////////////////////////////////////////////////////////
HRESULT ConvertToStringArrayBSTR( LPSAFEARRAY psa, LPWSTR *ppwszOut, bool fDoublePercentsInString){ SafeArrayEnum<BSTR> saenum(psa); if(!saenum.IsValid()) { return E_INVALIDARG; } DWORD dwLen = 1; BSTR bstr;
while(S_OK==saenum.Next(bstr)) { dwLen+=2*wcslen(bstr)+10; }
*ppwszOut = (LPWSTR) LocalAlloc( LMEM_FIXED, sizeof(WCHAR)*(dwLen));
if(!*ppwszOut) return E_OUTOFMEMORY; **ppwszOut = L'\0'; saenum.Reset();
WCHAR* pwszTemp = NULL;
while(S_OK==saenum.Next(bstr)) { if(fDoublePercentsInString) { if (NULL != pwszTemp) { LocalFree(pwszTemp); pwszTemp = NULL; } if (S_OK != DoublePercentsInString(bstr, &pwszTemp)) { LocalFree(*ppwszOut); *ppwszOut = NULL; return E_OUTOFMEMORY; } wcscat(*ppwszOut, pwszTemp); } else { wcscat(*ppwszOut, bstr); } wcscat(*ppwszOut, L"\n"); }
LOCAL_FREE(pwszTemp);
return S_OK;}
///////////////////////////////////////////////////////////////////////////////
HRESULT DoublePercentsInString( LPCWSTR pcwszIn, LPWSTR *ppwszOut){ const WCHAR *pchSrc; WCHAR *pchDest;
*ppwszOut = (LPWSTR) LocalAlloc( LMEM_FIXED, sizeof(WCHAR)*(2*wcslen(pcwszIn)+1));
if(!*ppwszOut) return E_OUTOFMEMORY;
for(pchSrc = pcwszIn, pchDest = *ppwszOut; L'\0'!=*pchSrc; pchSrc++, pchDest++) { *pchDest = *pchSrc; if(L'%'==*pchSrc) *(++pchDest) = L'%'; } *pchDest = L'\0';
return S_OK;}
HRESULTConvertToStringDATE( IN DATE const *pDate, IN BOOL fGMT, OUT LPWSTR *ppwszOut){ HRESULT hr; FILETIME ft;
hr = myDateToFileTime(pDate, &ft); if (S_OK == hr) { if (fGMT) { hr = myFileTimeToWszTime(&ft, FALSE, ppwszOut); } else { hr = myGMTFileTimeToWszLocalTime(&ft, FALSE, ppwszOut); } } return(hr);}
typedef DWORD (WINAPI fnDsEnumerateDomainTrusts) ( IN LPWSTR ServerName OPTIONAL, IN ULONG Flags, OUT PDS_DOMAIN_TRUSTSW *Domains, OUT PULONG DomainCount );
typedef NET_API_STATUS (NET_API_FUNCTION fnNetApiBufferFree) ( IN LPVOID Buffer );
///////////////////////////////////////////////////////////////////////////////
HRESULT myGetComputerDomainSid(PSID& rpsidDomain){ HRESULT hr = S_OK; PDS_DOMAIN_TRUSTS pDomainInfo = NULL; ULONG cDomainInfo = 0; HMODULE hModule = NULL; fnDsEnumerateDomainTrusts *pfnDsEnumerateDomainTrusts = NULL; fnNetApiBufferFree *pfnNetApiBufferFree = NULL;
hModule = LoadLibrary(L"netapi32.dll"); if (NULL == hModule) { hr = myHLastError(); _JumpError(hr, error, "LoadLibrary(netapi32.dll)"); }
pfnDsEnumerateDomainTrusts = (fnDsEnumerateDomainTrusts *) GetProcAddress( hModule, "DsEnumerateDomainTrustsW"); if (NULL == pfnDsEnumerateDomainTrusts) { hr = myHLastError(); _JumpError(hr, error, "DsEnumerateDomainTrustsW"); }
pfnNetApiBufferFree = (fnNetApiBufferFree *) GetProcAddress( hModule, "NetApiBufferFree"); if(NULL == pfnNetApiBufferFree) { hr = myHLastError(); _JumpError(hr, error, "NetApiBufferFree"); }
hr = (*pfnDsEnumerateDomainTrusts)( NULL, DS_DOMAIN_PRIMARY, &pDomainInfo, &cDomainInfo); _JumpIfError(hr, error, "DsEnumerateDomainTrusts");
CSASSERT(1==cDomainInfo);
rpsidDomain = (PSID)LocalAlloc( LMEM_FIXED, GetLengthSid(pDomainInfo->DomainSid)); _JumpIfAllocFailed(rpsidDomain, error);
CopySid( GetLengthSid(pDomainInfo->DomainSid), rpsidDomain, pDomainInfo->DomainSid);error: if(pDomainInfo) { (*pfnNetApiBufferFree)(pDomainInfo); } if(hModule) { FreeLibrary(hModule); } return hr;}
///////////////////////////////////////////////////////////////////////////////
HRESULT myGetSidFromRid( DWORD dwGroupRid, OPTIONAL PSID *ppSid, OPTIONAL LPWSTR* ppwszSid){ HRESULT hr; LPWSTR pwszDomain = NULL; LPWSTR pwszDomainSid = NULL; PSID psidDomain = NULL; LPWSTR pwszSid = NULL; PSID psid = NULL; static const cchRid = 10;
hr = myGetComputerDomainSid(psidDomain); _JumpIfError(hr, error, "myGetComputerDomainSid");
if(!ConvertSidToStringSid( psidDomain, &pwszDomainSid)) { hr = myHLastError(); _JumpError(hr, error, "ConvertSidToStringSid"); } myRegisterMemAlloc(pwszDomainSid, -1, CSM_LOCALALLOC);
pwszSid = (LPWSTR) LocalAlloc(LMEM_FIXED, sizeof(WCHAR)*(wcslen(pwszDomainSid)+cchRid+2)); // add 2 for dash and '\0'
_JumpIfAllocFailed(pwszSid, error);
wsprintf(pwszSid, L"%s-%d", pwszDomainSid, dwGroupRid);
if(ppSid) { if(!ConvertStringSidToSid( pwszSid, &psid)) { hr = myHLastError(); _JumpErrorStr(hr, error, "ConvertSidToStringSid", pwszSid); } myRegisterMemAlloc(psid, -1, CSM_LOCALALLOC); *ppSid = psid; psid = NULL; }
if(ppwszSid) { *ppwszSid = pwszSid; pwszSid = NULL; }
hr = S_OK;
error: LOCAL_FREE(pwszDomain); LOCAL_FREE(pwszDomainSid); LOCAL_FREE(psidDomain); LOCAL_FREE(psid); LOCAL_FREE(pwszSid); return hr;}
HRESULTmyEncodeUTF8( IN WCHAR const *pwszIn, OUT BYTE **ppbOut, OUT DWORD *pcbOut){ HRESULT hr; CERT_NAME_VALUE name; *ppbOut = NULL; name.dwValueType = CERT_RDN_UTF8_STRING; name.Value.pbData = (BYTE *) pwszIn; name.Value.cbData = 0;
if (!myEncodeObject( X509_ASN_ENCODING, X509_UNICODE_ANY_STRING, &name, 0, CERTLIB_USE_LOCALALLOC, ppbOut, pcbOut)) { hr = myHLastError(); _JumpError(hr, error, "myEncodeObject"); } hr = S_OK;
error: return(hr);}
HRESULTmyEncodeOtherNameBinary( IN WCHAR const *pwszIn, OUT BYTE **ppbOut, OUT DWORD *pcbOut){ HRESULT hr; CRYPT_DATA_BLOB blob;
*ppbOut = NULL; blob.pbData = NULL;
if (0 == _wcsnicmp(wszPROPUTF8TAG, pwszIn, WSZARRAYSIZE(wszPROPUTF8TAG))) { hr = myEncodeUTF8( &pwszIn[WSZARRAYSIZE(wszPROPUTF8TAG)], ppbOut, pcbOut); _JumpIfError(hr, error, "Policy:myEncodeUTF8"); } else { WCHAR const *pwsz; BOOL fOctet = FALSE;
if (0 == _wcsnicmp( wszPROPOCTETTAG, pwszIn, WSZARRAYSIZE(wszPROPOCTETTAG))) { pwsz = &pwszIn[WSZARRAYSIZE(wszPROPOCTETTAG)]; fOctet = TRUE; } else if (0 == _wcsnicmp(wszPROPASNTAG, pwszIn, WSZARRAYSIZE(wszPROPASNTAG))) { pwsz = &pwszIn[WSZARRAYSIZE(wszPROPASNTAG)]; } else { hr = HRESULT_FROM_WIN32(ERROR_DS_BAD_ATT_SCHEMA_SYNTAX); _JumpError(hr, error, "Policy:polReencodeBinary"); }
// CryptStringToBinaryW(CRYPT_STRING_BASE64) fails on empty strings,
// because zero length means use wcslen + 1, which passes the L'\0'
// terminator to the base 64 conversion code.
if (L'\0' == *pwsz) { *ppbOut = (BYTE *) LocalAlloc(LMEM_FIXED, 0); if (NULL == *ppbOut) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } *pcbOut = 0; } else { hr = myCryptStringToBinary( pwsz, wcslen(pwsz), CRYPT_STRING_BASE64, ppbOut, pcbOut, NULL, NULL); _JumpIfError(hr, error, "myCryptStringToBinary"); }
if (fOctet) { blob.pbData = *ppbOut; blob.cbData = *pcbOut; *ppbOut = NULL;
if (!myEncodeObject( X509_ASN_ENCODING, X509_OCTET_STRING, &blob, 0, CERTLIB_USE_LOCALALLOC, ppbOut, pcbOut)) { hr = myHLastError(); _JumpError(hr, error, "Policy:myEncodeObject"); } } } hr = S_OK;
error: if (NULL != blob.pbData) { LocalFree(blob.pbData); } return(hr);}
// Wrappers to make sure zeroing memory survives compiler optimizations.
// Use to wipe private key and password data.
VOID myZeroDataString( IN WCHAR *pwsz){ HRESULT hr;
hr = S_OK; __try { SecureZeroMemory(pwsz, wcslen(pwsz) * sizeof(*pwsz)); } __except(hr = myHEXCEPTIONCODE(), EXCEPTION_EXECUTE_HANDLER) { _PrintError(hr, "Exception"); }}
VOID myZeroDataStringA( IN char *psz){ HRESULT hr;
hr = S_OK; __try { SecureZeroMemory(psz, strlen(psz) * sizeof(*psz)); } __except(hr = myHEXCEPTIONCODE(), EXCEPTION_EXECUTE_HANDLER) { _PrintError(hr, "Exception"); }}
// Locale-independent case-ignore string compare
intmylstrcmpiL( IN WCHAR const *pwsz1, IN WCHAR const *pwsz2){ // CSTR_LESS_THAN(1) - CSTR_EQUAL(2) == -1 string 1 less than string 2
// CSTR_EQUAL(2) - CSTR_EQUAL(2) == 0 string 1 equal to string 2
// CSTR_GREATER_THAN(3) - CSTR_EQUAL(2) == 1 string 1 greater than string 2
return(CompareString( IsWhistler()? LOCALE_INVARIANT : MAKELCID( MAKELANGID(LANG_ENGLISH, SUBLANG_ENGLISH_US), SORT_DEFAULT), NORM_IGNORECASE, pwsz1, -1, pwsz2, -1) - CSTR_EQUAL);}
// Locale-independent case-ignore string compare
// asserts the static string contains a strict subset of 7-bit ASCII characters.
intmylstrcmpiS( IN WCHAR const *pwszDynamic, IN WCHAR const *pwszStatic){#if DBG_CERTSRV
WCHAR const *pwszS;
for (pwszS = pwszStatic; L'\0' != *pwszS; pwszS++) { CSASSERT(L' ' <= *pwszS && L'~' >= *pwszS); }#endif //DBG_CERTSRV
return(mylstrcmpiL(pwszDynamic, pwszStatic));}
HRESULTmyGetLong( WCHAR const *pwszIn, LONG *pLong){ HRESULT hr = E_INVALIDARG; WCHAR const *pwsz; LONG l;
pwsz = pwszIn; if (NULL == pwsz) { _JumpError(hr, error, "NULL parm"); } if (L'\0' == *pwsz) { _JumpError(hr, error, "empty string"); } if (L'0' == *pwsz && (L'x' == pwsz[1] || L'X' == pwsz[1])) { pwsz += 2; l = 0; for ( ; L'\0' != *pwsz; pwsz++) { if (!iswxdigit(*pwsz)) { _JumpErrorStr(hr, error, "Non-hex digit", pwszIn); } l <<= 4; if (iswdigit(*pwsz)) { l |= *pwsz - L'0'; } else if (L'A' <= *pwsz && L'F' >= *pwsz) { l |= *pwsz - L'A' + 10; } else { l |= *pwsz - L'a' + 10; } } *pLong = l; } else { for ( ; L'\0' != *pwsz; pwsz++) { if (!iswdigit(*pwsz)) { _JumpErrorStr2(hr, error, "Non-decimal digit", pwszIn, hr); } } *pLong = _wtol(pwszIn); } hr = S_OK; //wprintf(L"myGetLong(%ws) --> %x (%d)\n", pwszIn, *pLong, *pLong);
error: return(hr);}
HRESULTmyGetSignedLong( WCHAR const *pwszIn, LONG *pLong){ HRESULT hr = E_INVALIDARG; WCHAR const *pwsz; LONG sign = 1;
pwsz = pwszIn; if (NULL == pwsz) { _JumpError(hr, error, "NULL parm"); } if (myIsMinusSign(*pwsz)) { pwsz++; sign = -1; } else if (L'+' == *pwsz) { pwsz++; } hr = myGetLong(pwsz, pLong); _JumpIfError2(hr, error, "myGetLong", hr);
*pLong *= sign; //wprintf(L"myGetSignedLong(%ws) --> %x (%d)\n", pwszIn, *pLong, *pLong);
error: return(hr);}
|
