archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/ds/security/services/ca/certlib/inf.cpp

5634 lines
127 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. //+--------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1996 - 1999
  5. //
  6. // File: inf.cpp
  7. //
  8. // Contents: Cert Server INF file processing routines
  9. //
  10. //---------------------------------------------------------------------------
  12. #include <pch.cpp>
  14. #pragma hdrstop
  16. #include <certca.h>
  18. #include "csdisp.h"
  19. #include "initcert.h"
  20. #include "clibres.h"
  21. #include "csber.h"
  23. #define __dwFILE__ __dwFILE_CERTLIB_INF_CPP__
  25. #define wszBSCAPOLICYFILE L"\\" wszCAPOLICYFILE
  26. #define wszINFKEY_CONTINUE L"_continue_"
  27. #define wszINFKEY_VERSION L"Version"
  28. #define wszINFSECTION_EXTENSIONS L"Extensions"
  29. #define cwcINFLINEMAX 1024
  31. #define wcBOM (WCHAR) 0xfffe
  32. #define wcBOMBIGENDIAN (WCHAR) 0xfeff
  34. static WCHAR *s_pwszSection = NULL;
  35. static WCHAR *s_pwszKey = NULL;
  36. static WCHAR *s_pwszValue = NULL;
  37. static HRESULT s_hr = S_OK;
  39. static WCHAR g_wcBOM = L'\0';
  40. static BOOL g_fIgnoreReferencedSections = FALSE;
  42. VOID
  43. infClearString(
  44. IN OUT WCHAR **ppwsz)
  45. {
  46. if (NULL != ppwsz && NULL != *ppwsz)
  47. {
  48. LocalFree(*ppwsz);
  49. *ppwsz = NULL;
  50. }
  51. }
  54. BOOL
  55. infCopyString(
  56. OPTIONAL IN WCHAR const *pwszIn,
  57. OPTIONAL OUT WCHAR **ppwszOut)
  58. {
  59. HRESULT hr;
  61. if (NULL != pwszIn && NULL == *ppwszOut)
  62. {
  63. hr = myDupString(pwszIn, ppwszOut);
  64. _JumpIfError(hr, error, "myDupString");
  65. }
  66. hr = S_OK;
  68. error:
  69. return(S_OK == hr);
  70. }
  73. #define INFSTRINGSELECT(pwsz) (NULL != (pwsz)? (pwsz) : L"")
  75. #if DBG_CERTSRV
  76. # define INFSETERROR(hr, pwszSection, pwszKey, pwszValue) \
  77. { \
  78. _PrintError3(hr, "infSetError", ERROR_LINE_NOT_FOUND, S_FALSE); \
  79. infSetError(hr, pwszSection, pwszKey, pwszValue, __LINE__); \
  80. }
  81. #else
  82. # define INFSETERROR infSetError
  83. #endif
  86. VOID
  87. infSetError(
  88. IN HRESULT hr,
  89. OPTIONAL IN WCHAR const *pwszSection,
  90. OPTIONAL IN WCHAR const *pwszKey,
  91. OPTIONAL IN WCHAR const *pwszValue
  92. DBGPARM(IN DWORD dwLine))
  93. {
  94. DBGPRINT((
  95. DBG_SS_CERTLIBI,
  96. "inf.cpp(%u): infSetError Begin: [%ws] %ws = %ws\n",
  97. dwLine,
  98. INFSTRINGSELECT(pwszSection),
  99. INFSTRINGSELECT(pwszKey),
  100. INFSTRINGSELECT(pwszValue)));
  101. s_hr = hr;
  102. infCopyString(pwszSection, &s_pwszSection);
  103. infCopyString(pwszKey, &s_pwszKey);
  104. infCopyString(pwszValue, &s_pwszValue);
  105. DBGPRINT((
  106. DBG_SS_CERTLIBI,
  107. "inf.cpp(%u): infSetError End: [%ws] %ws = %ws\n",
  108. dwLine,
  109. INFSTRINGSELECT(s_pwszSection),
  110. INFSTRINGSELECT(s_pwszKey),
  111. INFSTRINGSELECT(s_pwszValue)));
  112. }
  115. WCHAR *
  116. myInfGetError()
  117. {
  118. DWORD cwc = 1;
  119. WCHAR *pwsz = NULL;
  121. if (NULL != s_pwszSection)
  122. {
  123. cwc += wcslen(s_pwszSection) + 2;
  124. }
  125. if (NULL != s_pwszKey)
  126. {
  127. cwc += wcslen(s_pwszKey) + 1 + 2;
  128. }
  129. if (NULL != s_pwszValue)
  130. {
  131. cwc += wcslen(s_pwszValue) + 1;
  132. }
  133. if (1 == cwc)
  134. {
  135. goto error;
  136. }
  137. pwsz = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR));
  138. if (NULL == pwsz)
  139. {
  140. goto error;
  141. }
  142. *pwsz = L'\0';
  143. if (NULL != s_pwszSection)
  144. {
  145. wcscat(pwsz, wszLBRACKET);
  146. wcscat(pwsz, s_pwszSection);
  147. wcscat(pwsz, wszRBRACKET);
  148. }
  149. if (NULL != s_pwszKey && L'\0' != s_pwszKey[0])
  150. {
  151. wcscat(pwsz, L" ");
  152. wcscat(pwsz, s_pwszKey);
  153. wcscat(pwsz, L" =");
  154. }
  155. if (NULL != s_pwszValue && L'\0' != s_pwszValue[0])
  156. {
  157. wcscat(pwsz, L" ");
  158. wcscat(pwsz, s_pwszValue);
  159. }
  160. error:
  161. return(pwsz);
  162. }
  165. VOID
  166. myInfClearError()
  167. {
  168. s_hr = S_OK;
  169. infClearString(&s_pwszSection);
  170. infClearString(&s_pwszKey);
  171. infClearString(&s_pwszValue);
  172. }
  175. typedef struct _SECTIONINFO {
  176. DWORD dwRefCount;
  177. WCHAR *pwszSection;
  178. struct _SECTIONINFO *pNext;
  179. } SECTIONINFO;
  181. SECTIONINFO *g_pSectionInfo = NULL;
  184. HRESULT
  185. infSaveSectionName(
  186. IN WCHAR const *pwszSection)
  187. {
  188. HRESULT hr;
  189. SECTIONINFO *psi = NULL;
  191. if (0 != LSTRCMPIS(pwszSection, wszINFKEY_VERSION))
  192. {
  193. psi = (SECTIONINFO *) LocalAlloc(
  194. LMEM_FIXED | LMEM_ZEROINIT,
  195. sizeof(*psi));
  196. if (NULL == psi)
  197. {
  198. hr = E_OUTOFMEMORY;
  199. _JumpError(hr, error, "LocalAlloc");
  200. }
  201. hr = myDupString(pwszSection, &psi->pwszSection);
  202. _JumpIfError(hr, error, "myDupString");
  204. psi->pNext = g_pSectionInfo;
  205. g_pSectionInfo = psi;
  206. psi = NULL;
  207. }
  208. hr = S_OK;
  210. error:
  211. if (NULL != psi)
  212. {
  213. LocalFree(psi);
  214. }
  215. return(hr);
  216. }
  219. VOID
  220. infFreeSectionNames()
  221. {
  222. SECTIONINFO *psi;
  224. psi = g_pSectionInfo;
  225. g_pSectionInfo = NULL;
  226. while (NULL != psi)
  227. {
  228. SECTIONINFO *psiNext;
  230. if (NULL != psi->pwszSection)
  231. {
  232. LocalFree(psi->pwszSection);
  233. }
  234. psiNext = psi->pNext;
  235. LocalFree(psi);
  236. psi = psiNext;
  237. }
  238. }
  241. HRESULT
  242. myInfGetUnreferencedSectionNames(
  243. OUT WCHAR **ppwszzSectionNames)
  244. {
  245. HRESULT hr;
  246. DWORD cwc;
  247. SECTIONINFO *psi;
  249. *ppwszzSectionNames = NULL;
  251. cwc = 0;
  252. for (psi = g_pSectionInfo; NULL != psi; psi = psi->pNext)
  253. {
  254. if (0 == psi->dwRefCount)
  255. {
  256. cwc += wcslen(psi->pwszSection) + 3;
  257. }
  258. }
  259. if (0 != cwc)
  260. {
  261. WCHAR *pwszz;
  262. WCHAR *pwsz;
  264. pwszz = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR));
  265. if (NULL == pwszz)
  266. {
  267. hr = E_OUTOFMEMORY;
  268. _JumpError(hr, error, "LocalAlloc");
  269. }
  270. pwsz = pwszz;
  271. for (psi = g_pSectionInfo; NULL != psi; psi = psi->pNext)
  272. {
  273. if (0 == psi->dwRefCount)
  274. {
  275. *pwsz++ = wcLBRACKET;
  276. wcscpy(pwsz, psi->pwszSection);
  277. pwsz += wcslen(pwsz);
  278. *pwsz++ = wcRBRACKET;
  279. *pwsz++ = L'\0';
  280. }
  281. }
  282. *pwsz = L'\0';
  283. CSASSERT(cwc == SAFE_SUBTRACT_POINTERS(pwsz, pwszz));
  284. *ppwszzSectionNames = pwszz;
  285. }
  286. hr = S_OK;
  288. error:
  289. return(hr);
  290. }
  293. HRESULT
  294. infReferenceSectionName(
  295. IN WCHAR const *pwszSection)
  296. {
  297. HRESULT hr;
  298. SECTIONINFO *psi;
  300. if (!g_fIgnoreReferencedSections)
  301. {
  302. for (psi = g_pSectionInfo; NULL != psi; psi = psi->pNext)
  303. {
  304. if (0 == mylstrcmpiL(pwszSection, psi->pwszSection))
  305. {
  306. psi->dwRefCount++;
  307. break;
  308. }
  309. }
  310. if (NULL == psi)
  311. {
  312. hr = SPAPI_E_LINE_NOT_FOUND; // don't ignore this error
  313. _JumpError(hr, error, "unexpected section");
  314. }
  315. }
  316. hr = S_OK;
  318. error:
  319. return(hr);
  320. }
  323. HRESULT
  324. inffopen(
  325. IN WCHAR const *pwszfn,
  326. OUT FILE **ppf)
  327. {
  328. HRESULT hr;
  329. FILE *pf = NULL;
  331. *ppf = NULL;
  332. g_fIgnoreReferencedSections = FALSE;
  333. g_wcBOM = L'\0';
  335. pf = _wfopen(pwszfn, L"r"); // Assume Ansi INF file
  336. if (NULL == pf)
  337. {
  338. hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND);
  339. _JumpError(hr, error, "_wfopen");
  340. }
  341. g_wcBOM = (WCHAR) fgetc(pf) << 8;
  342. g_wcBOM |= fgetc(pf);
  343. if (!feof(pf))
  344. {
  345. if (wcBOM == g_wcBOM) // Oops, Unicode INF file
  346. {
  347. fclose(pf);
  348. pf = _wfopen(pwszfn, L"rb");
  349. if (NULL == pf)
  350. {
  351. hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND);
  352. _JumpError(hr, error, "fopen");
  353. }
  354. }
  355. else if (wcBOMBIGENDIAN == g_wcBOM)
  356. {
  357. g_fIgnoreReferencedSections = TRUE;
  358. fclose(pf);
  359. pf = NULL;
  360. }
  361. else
  362. {
  363. if (fseek(pf, 0L, SEEK_SET))
  364. {
  365. hr = HRESULT_FROM_WIN32(ERROR_HANDLE_EOF);
  366. _JumpError(hr, error, "fseek");
  367. }
  368. }
  369. }
  370. *ppf = pf;
  371. hr = S_OK;
  373. error:
  374. return(hr);
  375. }
  378. WCHAR *
  379. inffgetws(
  380. OUT WCHAR *pwcLine,
  381. IN DWORD cwcLine,
  382. IN FILE *pfInf)
  383. {
  384. HRESULT hr;
  385. WCHAR *pwc = NULL;
  386. WCHAR *pwsz = NULL;
  387. char achLine[cwcINFLINEMAX];
  388. char *pch;
  390. if (wcBOM == g_wcBOM)
  391. {
  392. pwc = fgetws(pwcLine, cwcLine, pfInf);
  393. }
  394. else
  395. {
  396. pch = fgets(achLine, ARRAYSIZE(achLine), pfInf);
  397. if (NULL == pch)
  398. {
  399. goto error;
  400. }
  401. if (!myConvertSzToWsz(&pwsz, achLine, -1))
  402. {
  403. hr = E_OUTOFMEMORY;
  404. _JumpError(hr, error, "myConvertSzToWsz");
  405. }
  406. wcsncpy(pwcLine, pwsz, cwcLine);
  407. pwcLine[cwcLine - 1] = L'\0';
  408. pwc = pwcLine;
  409. }
  411. error:
  412. if (NULL != pwsz)
  413. {
  414. LocalFree(pwsz);
  415. }
  416. return(pwc);
  417. }
  420. #define ISBLANK(ch) (L' ' == (ch) || L'\t' == (ch))
  422. HRESULT
  423. infCollectSectionNames(
  424. IN WCHAR const *pwszfnInf)
  425. {
  426. HRESULT hr;
  427. FILE *pfInf = NULL;
  428. WCHAR awcLine[cwcINFLINEMAX];
  429. WCHAR *pwszEnd;
  431. hr = inffopen(pwszfnInf, &pfInf);
  432. _JumpIfError(hr, error, "inffopen");
  434. if (!g_fIgnoreReferencedSections)
  435. {
  436. while (NULL != inffgetws(awcLine, ARRAYSIZE(awcLine), pfInf))
  437. {
  438. WCHAR *pwsz;
  440. awcLine[wcscspn(awcLine, L";=\r\n")] = L'\0';
  441. pwsz = wcschr(awcLine, wcLBRACKET);
  442. if (NULL == pwsz)
  443. {
  444. continue;
  445. }
  446. pwsz++;
  447. pwszEnd = wcschr(awcLine, wcRBRACKET);
  448. if (NULL == pwszEnd)
  449. {
  450. continue;
  451. }
  452. *pwszEnd = L'\0';
  453. while (ISBLANK(*pwsz))
  454. {
  455. pwsz++;
  456. }
  457. while (--pwszEnd >= pwsz && ISBLANK(*pwszEnd))
  458. {
  459. *pwszEnd = L'\0';
  460. }
  461. hr = infSaveSectionName(pwsz);
  462. _JumpIfError(hr, error, "infSaveSectionName");
  463. }
  464. }
  465. hr = S_OK;
  467. error:
  468. if (NULL != pfInf)
  469. {
  470. fclose(pfInf);
  471. }
  472. return(hr);
  473. }
  476. HRESULT
  477. infGetCurrentKeyValueAndAlloc(
  478. IN OUT INFCONTEXT *pInfContext,
  479. IN DWORD Index,
  480. OUT WCHAR **ppwszValue)
  481. {
  482. HRESULT hr;
  483. WCHAR *pwszValue = NULL;
  484. DWORD cwc;
  486. if (!SetupGetStringField(pInfContext, Index, NULL, 0, &cwc))
  487. {
  488. hr = myHLastError();
  489. _JumpError2(hr, error, "SetupGetStringField", E_INVALIDARG);
  490. }
  491. pwszValue = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR));
  492. if (NULL == pwszValue)
  493. {
  494. hr = E_OUTOFMEMORY;
  495. _JumpError(hr, error, "LocalAlloc");
  496. }
  497. if (!SetupGetStringField(pInfContext, Index, pwszValue, cwc, NULL))
  498. {
  499. hr = myHLastError();
  500. _JumpError(hr, error, "SetupGetStringField");
  501. }
  502. *ppwszValue = pwszValue;
  503. pwszValue = NULL;
  504. hr = S_OK;
  506. error:
  507. if (NULL != pwszValue)
  508. {
  509. LocalFree(pwszValue);
  510. }
  511. return(hr);
  512. }
  515. HRESULT
  516. infGetCurrentKeyValue(
  517. IN OUT INFCONTEXT *pInfContext,
  518. OPTIONAL IN WCHAR const *pwszSection, // for error logging only
  519. OPTIONAL IN WCHAR const *pwszKey, // for error logging only
  520. IN DWORD Index,
  521. IN BOOL fLastValue,
  522. OUT WCHAR **ppwszValue)
  523. {
  524. HRESULT hr;
  525. WCHAR *pwszValue = NULL;
  526. WCHAR *pwszValueExtra = NULL;
  527. WCHAR *pwszValueError = NULL;
  528. DWORD cwc;
  529. WCHAR *pwszT = NULL;
  530. INFCONTEXT InfContext;
  532. *ppwszValue = NULL;
  534. hr = infGetCurrentKeyValueAndAlloc(pInfContext, Index, &pwszValue);
  535. _JumpIfError2(hr, error, "infGetCurrentKeyValueAndAlloc", E_INVALIDARG);
  537. if (1 == Index)
  538. {
  539. InfContext = *pInfContext;
  540. for (;;)
  541. {
  542. WCHAR *pwsz;
  544. if (!SetupFindNextLine(&InfContext, &InfContext))
  545. {
  546. break;
  547. }
  549. hr = infGetCurrentKeyValueAndAlloc(&InfContext, 0, &pwszT);
  550. _JumpIfError2(hr, error, "infGetCurrentKeyValueAndAlloc", E_INVALIDARG);
  552. if (0 != LSTRCMPIS(pwszT, wszINFKEY_CONTINUE))
  553. {
  554. break;
  555. }
  556. LocalFree(pwszT);
  557. pwszT = NULL;
  559. hr = infGetCurrentKeyValueAndAlloc(&InfContext, 1, &pwszT);
  560. _JumpIfError2(hr, error, "infGetCurrentKeyValueAndAlloc", E_INVALIDARG);
  562. cwc = wcslen(pwszValue) + wcslen(pwszT);
  563. pwsz = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR));
  564. if (NULL == pwsz)
  565. {
  566. hr = E_OUTOFMEMORY;
  567. _JumpError(hr, error, "LocalAlloc");
  568. }
  569. wcscpy(pwsz, pwszValue);
  570. wcscat(pwsz, pwszT);
  572. LocalFree(pwszValue);
  573. pwszValue = pwsz;
  575. LocalFree(pwszT);
  576. pwszT = NULL;
  577. }
  578. }
  580. if (fLastValue)
  581. {
  582. DWORD cValue;
  584. cValue = SetupGetFieldCount(pInfContext);
  585. if (Index != cValue)
  586. {
  587. DWORD i;
  589. for (i = Index + 5; i > Index; i--)
  590. {
  591. hr = infGetCurrentKeyValue(
  592. pInfContext,
  593. pwszSection,
  594. pwszKey,
  595. i,
  596. FALSE, // fLastValue
  597. &pwszValueExtra);
  598. if (S_OK == hr)
  599. {
  600. DWORD j;
  602. cwc = wcslen(pwszValue) + i - 1 + wcslen(pwszValueExtra);
  603. pwszValueError = (WCHAR *) LocalAlloc(
  604. LMEM_FIXED,
  605. (cwc + 1) * sizeof(WCHAR));
  606. if (NULL == pwszValueError)
  607. {
  608. hr = E_OUTOFMEMORY;
  609. _JumpError(hr, error, "LocalAlloc");
  610. }
  612. pwszValueError[0] = L'\0';
  613. for (j = 1; j < Index; j++)
  614. {
  615. wcscat(pwszValueError, L",");
  616. }
  617. wcscat(pwszValueError, pwszValue);
  618. for (j = Index; j < i; j++)
  619. {
  620. wcscat(pwszValueError, L",");
  621. }
  622. wcscat(pwszValueError, pwszValueExtra);
  623. CSASSERT(wcslen(pwszValueError) == cwc);
  625. hr = HRESULT_FROM_WIN32(ERROR_MORE_DATA);
  626. INFSETERROR(hr, pwszSection, pwszKey, pwszValueError);
  627. _PrintErrorStr(hr, "extra values", pwszKey);
  628. _JumpErrorStr(hr, error, "extra values", pwszValueError);
  629. }
  630. }
  631. }
  632. }
  633. *ppwszValue = pwszValue;
  634. pwszValue = NULL;
  635. hr = S_OK;
  637. error:
  638. if (NULL != pwszT)
  639. {
  640. LocalFree(pwszT);
  641. }
  642. if (NULL != pwszValue)
  643. {
  644. LocalFree(pwszValue);
  645. }
  646. if (NULL != pwszValueExtra)
  647. {
  648. LocalFree(pwszValueExtra);
  649. }
  650. if (NULL != pwszValueError)
  651. {
  652. LocalFree(pwszValueError);
  653. }
  654. return(hr);
  655. }
  658. HRESULT
  659. infFindNextKey(
  660. IN WCHAR const *pwszKey,
  661. IN OUT INFCONTEXT *pInfContext)
  662. {
  663. HRESULT hr;
  664. WCHAR *pwszKeyT = NULL;
  666. for (;;)
  667. {
  668. if (!SetupFindNextLine(pInfContext, pInfContext))
  669. {
  670. hr = myHLastError();
  671. _PrintErrorStr2(hr, "SetupFindNextLine", pwszKey, hr);
  672. if ((HRESULT) ERROR_LINE_NOT_FOUND == hr)
  673. {
  674. hr = S_FALSE;
  675. }
  676. _JumpError2(hr, error, "SetupFindNextLine", hr);
  677. }
  678. if (NULL != pwszKeyT)
  679. {
  680. LocalFree(pwszKeyT);
  681. pwszKeyT = NULL;
  682. }
  683. hr = infGetCurrentKeyValue(
  684. pInfContext,
  685. NULL, // pwszSection
  686. NULL, // pwszKey
  687. 0,
  688. FALSE, // fLastValue
  689. &pwszKeyT);
  690. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  692. if (0 == mylstrcmpiL(pwszKey, pwszKeyT))
  693. {
  694. break;
  695. }
  696. }
  697. hr = S_OK;
  699. error:
  700. if (NULL != pwszKeyT)
  701. {
  702. LocalFree(pwszKeyT);
  703. }
  704. return(hr);
  705. }
  708. HRESULT
  709. infSetupFindFirstLine(
  710. IN HINF hInf,
  711. IN WCHAR const *pwszSection,
  712. OPTIONAL IN WCHAR const *pwszKey,
  713. IN BOOL fUniqueKey,
  714. IN DWORD cValueMax,
  715. OPTIONAL WCHAR const * const *ppwszValidKeys,
  716. IN BOOL fUniqueValidKeys,
  717. OUT INFCONTEXT *pInfContext)
  718. {
  719. HRESULT hr;
  720. WCHAR *pwszValue = NULL;
  721. WCHAR *pwszKeyT = NULL;
  722. WCHAR *pwszValueT = NULL;
  724. if (!SetupFindFirstLine(hInf, pwszSection, pwszKey, pInfContext))
  725. {
  726. // if the [Section] or Key = does not exist, see if the section is
  727. // completely empty. It exists and is empty if SetupGetLineCount
  728. // returns 0, or if the Empty key is found in the section.
  730. hr = myHLastError();
  731. if ((HRESULT) ERROR_LINE_NOT_FOUND == hr &&
  732. (0 == SetupGetLineCount(hInf, pwszSection) ||
  733. SetupFindFirstLine(
  734. hInf,
  735. pwszSection,
  736. wszINFKEY_EMPTY,
  737. pInfContext)))
  738. {
  739. hr = infReferenceSectionName(pwszSection);
  740. _JumpIfErrorStr(hr, error, "infReferenceSectionName", pwszKey);
  742. hr = S_FALSE; // Section exists, but is empty
  743. }
  744. _JumpErrorStr3(
  745. hr,
  746. error,
  747. "SetupFindFirstLine",
  748. pwszSection,
  749. ERROR_LINE_NOT_FOUND,
  750. S_FALSE);
  751. }
  752. hr = infReferenceSectionName(pwszSection);
  753. _JumpIfErrorStr(hr, error, "infReferenceSectionName", pwszKey);
  755. if (NULL != pwszKey)
  756. {
  757. if (fUniqueKey)
  758. {
  759. INFCONTEXT InfContext = *pInfContext;
  761. hr = infFindNextKey(pwszKey, &InfContext);
  762. if (S_OK == hr)
  763. {
  764. hr = infGetCurrentKeyValue(
  765. &InfContext,
  766. pwszSection,
  767. pwszKey,
  768. 1,
  769. FALSE, // fLastValue
  770. &pwszValue);
  771. _PrintIfError(hr, "infGetCurrentKeyValue");
  773. hr = HRESULT_FROM_WIN32(RPC_S_ENTRY_ALREADY_EXISTS);
  774. INFSETERROR(hr, pwszSection, pwszKey, pwszValue);
  775. _JumpErrorStr(hr, error, "duplicate key", pwszKey);
  776. }
  777. }
  778. if (0 != cValueMax)
  779. {
  780. hr = infGetCurrentKeyValue(
  781. pInfContext,
  782. pwszSection,
  783. pwszKey,
  784. cValueMax,
  785. TRUE, // fLastValue
  786. &pwszValue);
  787. _JumpIfErrorStr(hr, error, "infGetCurrentKeyValue", pwszKey);
  788. }
  789. }
  790. if (NULL != ppwszValidKeys)
  791. {
  792. INFCONTEXT InfContext;
  793. WCHAR const * const *ppwszKey;
  795. if (!SetupFindFirstLine(hInf, pwszSection, NULL, &InfContext))
  796. {
  797. hr = myHLastError();
  798. _JumpErrorStr(hr, error, "SetupFindFirstLine", pwszSection)
  799. }
  800. for (;;)
  801. {
  802. hr = infGetCurrentKeyValue(
  803. &InfContext,
  804. pwszSection,
  805. NULL, // pwszKey
  806. 0,
  807. FALSE, // fLastValue
  808. &pwszKeyT);
  809. _JumpIfErrorStr(hr, error, "infGetCurrentKeyValue", pwszSection);
  811. for (ppwszKey = ppwszValidKeys; NULL != *ppwszKey; ppwszKey++)
  812. {
  813. if (0 == mylstrcmpiL(*ppwszKey, pwszKeyT))
  814. {
  815. break;
  816. }
  817. }
  818. if (NULL == *ppwszKey)
  819. {
  820. hr = infGetCurrentKeyValue(
  821. &InfContext,
  822. pwszSection,
  823. pwszKeyT,
  824. 1,
  825. FALSE, // fLastValue
  826. &pwszValueT);
  827. _PrintIfError(hr, "infGetCurrentKeyValue");
  828. hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
  829. INFSETERROR(hr, pwszSection, pwszKeyT, pwszValueT);
  830. _JumpErrorStr(hr, error, "invalid key", pwszKeyT);
  831. }
  832. if (fUniqueValidKeys)
  833. {
  834. INFCONTEXT InfContextT = InfContext;
  836. hr = infFindNextKey(pwszKeyT, &InfContextT);
  837. if (S_OK == hr)
  838. {
  839. hr = infGetCurrentKeyValue(
  840. &InfContextT,
  841. pwszSection,
  842. pwszKeyT,
  843. 1,
  844. FALSE, // fLastValue
  845. &pwszValueT);
  846. _PrintIfError(hr, "infGetCurrentKeyValue");
  848. hr = HRESULT_FROM_WIN32(RPC_S_ENTRY_ALREADY_EXISTS);
  849. INFSETERROR(hr, pwszSection, pwszKeyT, pwszValueT);
  850. _JumpErrorStr(hr, error, "duplicate key", pwszKeyT);
  851. }
  852. }
  853. LocalFree(pwszKeyT);
  854. pwszKeyT = NULL;
  856. if (!SetupFindNextLine(&InfContext, &InfContext))
  857. {
  858. hr = myHLastError();
  859. _PrintErrorStr2(hr, "SetupFindNextLine", pwszSection, hr);
  860. break;
  861. }
  862. }
  863. }
  864. hr = S_OK;
  866. error:
  867. if (NULL != pwszKeyT)
  868. {
  869. LocalFree(pwszKeyT);
  870. }
  871. if (NULL != pwszValueT)
  872. {
  873. LocalFree(pwszValueT);
  874. }
  875. if (NULL != pwszValue)
  876. {
  877. LocalFree(pwszValue);
  878. }
  879. return(hr);
  880. }
  883. HRESULT
  884. infBuildPolicyElement(
  885. IN OUT INFCONTEXT *pInfContext,
  886. OPTIONAL OUT CERT_POLICY_QUALIFIER_INFO *pcpqi)
  887. {
  888. HRESULT hr;
  889. WCHAR *pwszKey = NULL;
  890. BOOL fURL = FALSE;
  891. BOOL fNotice = FALSE;
  892. WCHAR *pwszValue = NULL;
  893. WCHAR *pwszURL = NULL;
  894. BYTE *pbData = NULL;
  895. DWORD cbData;
  897. hr = infGetCurrentKeyValue(
  898. pInfContext,
  899. NULL, // pwszSection
  900. NULL, // pwszKey
  901. 0,
  902. FALSE, // fLastValue
  903. &pwszKey);
  904. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  906. DBGPRINT((DBG_SS_CERTLIBI, "Element = %ws\n", pwszKey));
  908. if (0 == LSTRCMPIS(pwszKey, wszINFKEY_URL))
  909. {
  910. fURL = TRUE;
  911. }
  912. else
  913. if (0 == LSTRCMPIS(pwszKey, wszINFKEY_NOTICE))
  914. {
  915. fNotice = TRUE;
  916. }
  917. else
  918. {
  919. if (0 != LSTRCMPIS(pwszKey, wszINFKEY_OID) &&
  920. 0 != LSTRCMPIS(pwszKey, wszINFKEY_CONTINUE))
  921. {
  922. hr = E_INVALIDARG;
  923. _JumpErrorStr(hr, error, "unknown key", pwszKey);
  924. }
  925. hr = S_FALSE; // Skip this key
  926. _JumpError2(hr, error, "skip OID key", hr);
  927. }
  929. hr = infGetCurrentKeyValue(
  930. pInfContext,
  931. NULL, // pwszSection
  932. pwszKey,
  933. 1,
  934. TRUE, // fLastValue
  935. &pwszValue);
  936. _JumpIfErrorStr(hr, error, "infGetCurrentKeyValue", pwszKey);
  938. DBGPRINT((DBG_SS_CERTLIBI, "%ws = %ws\n", pwszKey, pwszValue));
  940. if (fURL)
  941. {
  942. CERT_NAME_VALUE NameValue;
  944. hr = myInternetCanonicalizeUrl(pwszValue, &pwszURL);
  945. _JumpIfError(hr, error, "myInternetCanonicalizeUrl");
  947. NameValue.dwValueType = CERT_RDN_IA5_STRING;
  948. NameValue.Value.pbData = (BYTE *) pwszURL;
  949. NameValue.Value.cbData = 0;
  951. if (NULL != pcpqi)
  952. {
  953. CSILOG(S_OK, IDS_ILOG_CAPOLICY_ELEMENT, pwszURL, NULL, NULL);
  954. }
  956. if (!myEncodeObject(
  957. X509_ASN_ENCODING,
  958. X509_UNICODE_NAME_VALUE,
  959. &NameValue,
  960. 0,
  961. CERTLIB_USE_LOCALALLOC,
  962. &pbData,
  963. &cbData))
  964. {
  965. hr = myHLastError();
  966. _JumpError(hr, error, "myEncodeObject");
  967. }
  968. }
  969. else
  970. {
  971. CERT_POLICY_QUALIFIER_USER_NOTICE UserNotice;
  973. ZeroMemory(&UserNotice, sizeof(UserNotice));
  974. UserNotice.pszDisplayText = pwszValue;
  976. if (NULL != pcpqi)
  977. {
  978. CSILOG(S_OK, IDS_ILOG_CAPOLICY_ELEMENT, pwszValue, NULL, NULL);
  979. }
  981. if (!myEncodeObject(
  982. X509_ASN_ENCODING,
  983. X509_PKIX_POLICY_QUALIFIER_USERNOTICE,
  984. &UserNotice,
  985. 0,
  986. CERTLIB_USE_LOCALALLOC,
  987. &pbData,
  988. &cbData))
  989. {
  990. hr = myHLastError();
  991. _JumpError(hr, error, "myEncodeObject");
  992. }
  993. }
  994. if (NULL != pcpqi)
  995. {
  996. pcpqi->pszPolicyQualifierId = fURL?
  997. szOID_PKIX_POLICY_QUALIFIER_CPS :
  998. szOID_PKIX_POLICY_QUALIFIER_USERNOTICE;
  999. pcpqi->Qualifier.pbData = pbData;
  1000. pcpqi->Qualifier.cbData = cbData;
  1001. pbData = NULL;
  1002. }
  1003. hr = S_OK;
  1005. error:
  1006. if (S_OK != hr && S_FALSE != hr)
  1007. {
  1008. INFSETERROR(hr, NULL, pwszKey, pwszValue);
  1009. }
  1010. if (NULL != pwszKey)
  1011. {
  1012. LocalFree(pwszKey);
  1013. }
  1014. if (NULL != pwszValue)
  1015. {
  1016. LocalFree(pwszValue);
  1017. }
  1018. if (NULL != pwszURL)
  1019. {
  1020. LocalFree(pwszURL);
  1021. }
  1022. if (NULL != pbData)
  1023. {
  1024. LocalFree(pbData);
  1025. }
  1026. return(hr);
  1027. }
  1030. HRESULT
  1031. infBuildPolicy(
  1032. IN HINF hInf,
  1033. IN WCHAR const *pwszSection,
  1034. IN OUT CERT_POLICY_INFO *pcpi)
  1035. {
  1036. HRESULT hr;
  1037. INFCONTEXT InfContext;
  1038. DWORD i;
  1039. WCHAR *pwszValue = NULL;
  1040. static WCHAR const * const s_apwszKeys[] =
  1041. {
  1042. wszINFKEY_OID,
  1043. wszINFKEY_URL,
  1044. wszINFKEY_NOTICE,
  1045. wszINFKEY_CONTINUE,
  1046. NULL
  1047. };
  1049. CSASSERT(NULL != hInf && INVALID_HANDLE_VALUE != hInf);
  1050. hr = infSetupFindFirstLine(
  1051. hInf,
  1052. pwszSection,
  1053. wszINFKEY_OID,
  1054. TRUE, // fUniqueKey
  1055. 1, // cValueMax
  1056. s_apwszKeys,
  1057. FALSE, // fUniqueValidKeys
  1058. &InfContext);
  1059. if (S_OK != hr)
  1060. {
  1061. if ((HRESULT) ERROR_LINE_NOT_FOUND == hr)
  1062. {
  1063. hr = SPAPI_E_LINE_NOT_FOUND; // don't ignore this error
  1064. }
  1065. INFSETERROR(hr, NULL, wszINFKEY_OID, NULL);
  1066. _JumpErrorStr(hr, error, "infSetupFindFirstLine", pwszSection);
  1067. }
  1068. hr = infGetCurrentKeyValue(
  1069. &InfContext,
  1070. pwszSection,
  1071. wszINFKEY_OID,
  1072. 1,
  1073. TRUE, // fLastValue
  1074. &pwszValue);
  1075. _JumpIfErrorStr(hr, error, "infGetCurrentKeyValue", wszINFKEY_OID);
  1077. hr = myVerifyObjId(pwszValue);
  1078. _JumpIfErrorStr(hr, error, "myVerifyObjId", pwszValue);
  1080. if (!ConvertWszToSz(&pcpi->pszPolicyIdentifier, pwszValue, -1))
  1081. {
  1082. hr = E_OUTOFMEMORY;
  1083. _JumpError(hr, error, "ConvertWszToSz");
  1084. }
  1085. DBGPRINT((DBG_SS_CERTLIBI, "OID = %hs\n", pcpi->pszPolicyIdentifier));
  1087. hr = infSetupFindFirstLine(
  1088. hInf,
  1089. pwszSection,
  1090. NULL, // pwszKey
  1091. FALSE, // fUniqueKey
  1092. 0, // cValueMax
  1093. NULL, // apwszKeys
  1094. FALSE, // fUniqueValidKeys
  1095. &InfContext);
  1096. _JumpIfErrorStr(hr, error, "infSetupFindFirstLine", pwszSection);
  1098. for (i = 0; ; )
  1099. {
  1100. hr = infBuildPolicyElement(&InfContext, NULL);
  1101. if (S_FALSE != hr)
  1102. {
  1103. _JumpIfErrorStr(hr, error, "infBuildPolicyElement", pwszSection);
  1105. i++;
  1106. }
  1108. if (!SetupFindNextLine(&InfContext, &InfContext))
  1109. {
  1110. hr = myHLastError();
  1111. _PrintErrorStr2(hr, "SetupFindNextLine", pwszSection, hr);
  1112. break;
  1113. }
  1114. }
  1116. pcpi->cPolicyQualifier = i;
  1117. pcpi->rgPolicyQualifier = (CERT_POLICY_QUALIFIER_INFO *) LocalAlloc(
  1118. LMEM_FIXED | LMEM_ZEROINIT,
  1119. pcpi->cPolicyQualifier *
  1120. sizeof(pcpi->rgPolicyQualifier[0]));
  1121. if (NULL == pcpi->rgPolicyQualifier)
  1122. {
  1123. hr = E_OUTOFMEMORY;
  1124. _JumpError(hr, error, "LocalAlloc");
  1125. }
  1127. hr = infSetupFindFirstLine(
  1128. hInf,
  1129. pwszSection,
  1130. NULL, // pwszKey
  1131. FALSE, // fUniqueKey
  1132. 0, // cValueMax
  1133. NULL, // apwszKeys
  1134. FALSE, // fUniqueValidKeys
  1135. &InfContext);
  1136. _JumpIfErrorStr(hr, error, "infSetupFindFirstLine", pwszSection);
  1138. for (i = 0; ; )
  1139. {
  1140. // handle one URL or text message
  1142. hr = infBuildPolicyElement(&InfContext, &pcpi->rgPolicyQualifier[i]);
  1143. if (S_FALSE != hr)
  1144. {
  1145. _JumpIfErrorStr(hr, error, "infBuildPolicyElement", pwszSection);
  1147. i++;
  1148. }
  1149. if (!SetupFindNextLine(&InfContext, &InfContext))
  1150. {
  1151. hr = myHLastError();
  1152. _PrintErrorStr2(hr, "SetupFindNextLine", pwszSection, hr);
  1153. break;
  1154. }
  1155. }
  1156. CSASSERT(i == pcpi->cPolicyQualifier);
  1157. hr = S_OK;
  1159. error:
  1160. if (S_OK != hr && S_FALSE != hr)
  1161. {
  1162. INFSETERROR(hr, pwszSection, NULL, L"");
  1163. }
  1164. CSILOG(hr, IDS_ILOG_CAPOLICY_BUILD, pwszSection, pwszValue, NULL);
  1165. if (NULL != pwszValue)
  1166. {
  1167. LocalFree(pwszValue);
  1168. }
  1169. return(hr);
  1170. }
  1173. VOID
  1174. infFreePolicy(
  1175. IN OUT CERT_POLICY_INFO *pcpi)
  1176. {
  1177. DWORD i;
  1178. CERT_POLICY_QUALIFIER_INFO *pcpqi;
  1180. if (NULL != pcpi->pszPolicyIdentifier)
  1181. {
  1182. LocalFree(pcpi->pszPolicyIdentifier);
  1183. }
  1184. if (NULL != pcpi->rgPolicyQualifier)
  1185. {
  1186. for (i = 0; i < pcpi->cPolicyQualifier; i++)
  1187. {
  1188. pcpqi = &pcpi->rgPolicyQualifier[i];
  1189. if (NULL != pcpqi->Qualifier.pbData)
  1190. {
  1191. LocalFree(pcpqi->Qualifier.pbData);
  1192. }
  1193. }
  1194. LocalFree(pcpi->rgPolicyQualifier);
  1195. }
  1196. }
  1199. HRESULT
  1200. myInfOpenFile(
  1201. OPTIONAL IN WCHAR const *pwszfnPolicy,
  1202. OUT HINF *phInf,
  1203. OUT DWORD *pErrorLine)
  1204. {
  1205. HRESULT hr;
  1206. WCHAR wszPath[MAX_PATH];
  1207. UINT ErrorLine;
  1208. DWORD Flags;
  1210. *phInf = INVALID_HANDLE_VALUE;
  1211. *pErrorLine = 0;
  1212. myInfClearError();
  1214. if (NULL == pwszfnPolicy)
  1215. {
  1216. DWORD cwc;
  1218. cwc = GetEnvironmentVariable(
  1219. L"SystemRoot",
  1220. wszPath,
  1221. ARRAYSIZE(wszPath) - ARRAYSIZE(wszBSCAPOLICYFILE));
  1222. if (0 == cwc ||
  1223. ARRAYSIZE(wszPath) - ARRAYSIZE(wszBSCAPOLICYFILE) <= cwc)
  1224. {
  1225. hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND);
  1226. _JumpError(hr, error, "GetEnvironmentVariable");
  1227. }
  1228. wcscat(wszPath, wszBSCAPOLICYFILE);
  1229. pwszfnPolicy = wszPath;
  1230. }
  1231. else
  1232. {
  1233. if (NULL == wcschr(pwszfnPolicy, L'\\'))
  1234. {
  1235. if (ARRAYSIZE(wszPath) <= 2 + wcslen(pwszfnPolicy))
  1236. {
  1237. hr = HRESULT_FROM_WIN32(ERROR_FILENAME_EXCED_RANGE);
  1238. _JumpErrorStr(hr, error, "filename too long", pwszfnPolicy);
  1239. }
  1240. wcscpy(wszPath, L".\\");
  1241. wcscat(wszPath, pwszfnPolicy);
  1242. pwszfnPolicy = wszPath;
  1243. }
  1244. }
  1245. hr = infCollectSectionNames(pwszfnPolicy);
  1246. _JumpIfErrorStr(hr, error, "infCollectSectionNames", pwszfnPolicy);
  1248. Flags = INF_STYLE_WIN4;
  1249. for (;;)
  1250. {
  1251. ErrorLine = 0;
  1252. *phInf = SetupOpenInfFile(
  1253. pwszfnPolicy,
  1254. NULL,
  1255. Flags,
  1256. &ErrorLine);
  1257. *pErrorLine = ErrorLine;
  1258. if (INVALID_HANDLE_VALUE != *phInf)
  1259. {
  1260. break;
  1261. }
  1262. hr = myHLastError();
  1263. if ((HRESULT) ERROR_WRONG_INF_STYLE == hr && INF_STYLE_WIN4 == Flags)
  1264. {
  1265. Flags = INF_STYLE_OLDNT;
  1266. continue;
  1267. }
  1268. CSILOG(
  1269. hr,
  1270. IDS_ILOG_CAPOLICY_OPEN_FAILED,
  1271. pwszfnPolicy,
  1272. NULL,
  1273. 0 == *pErrorLine? NULL : pErrorLine);
  1274. _JumpErrorStr(hr, error, "SetupOpenInfFile", pwszfnPolicy);
  1275. }
  1276. CSILOG(S_OK, IDS_ILOG_CAPOLICY_OPEN, pwszfnPolicy, NULL, NULL);
  1277. hr = S_OK;
  1279. error:
  1280. DBGPRINT((
  1281. DBG_SS_CERTLIBI,
  1282. "myInfOpenFile(%ws) hr=%x --> h=%x\n",
  1283. pwszfnPolicy,
  1284. hr,
  1285. *phInf));
  1286. return(hr);
  1287. }
  1290. VOID
  1291. myInfCloseFile(
  1292. IN HINF hInf)
  1293. {
  1294. if (NULL != hInf && INVALID_HANDLE_VALUE != hInf)
  1295. {
  1296. WCHAR *pwszInfError = myInfGetError();
  1298. SetupCloseInfFile(hInf);
  1299. CSILOG(S_OK, IDS_ILOG_CAPOLICY_CLOSE, pwszInfError, NULL, NULL);
  1300. if (NULL != pwszInfError)
  1301. {
  1302. LocalFree(pwszInfError);
  1303. }
  1304. }
  1305. myInfClearError();
  1306. infFreeSectionNames();
  1307. DBGPRINT((DBG_SS_CERTLIBI, "myInfCloseFile(%x)\n", hInf));
  1308. }
  1311. HRESULT
  1312. myInfParseBooleanValue(
  1313. IN WCHAR const *pwszValue,
  1314. OUT BOOL *pfValue)
  1315. {
  1316. HRESULT hr;
  1317. DWORD i;
  1318. static WCHAR const * const s_apwszTrue[] = { L"True", L"Yes", L"On", L"1" };
  1319. static WCHAR const * const s_apwszFalse[] = { L"False", L"No", L"Off", L"0" };
  1321. *pfValue = FALSE;
  1322. for (i = 0; i < ARRAYSIZE(s_apwszTrue); i++)
  1323. {
  1324. if (0 == mylstrcmpiL(pwszValue, s_apwszTrue[i]))
  1325. {
  1326. *pfValue = TRUE;
  1327. break;
  1328. }
  1329. }
  1330. if (i == ARRAYSIZE(s_apwszTrue))
  1331. {
  1332. for (i = 0; i < ARRAYSIZE(s_apwszFalse); i++)
  1333. {
  1334. if (0 == mylstrcmpiL(pwszValue, s_apwszFalse[i]))
  1335. {
  1336. break;
  1337. }
  1338. }
  1339. if (i == ARRAYSIZE(s_apwszFalse))
  1340. {
  1341. hr = E_INVALIDARG;
  1342. _JumpErrorStr(hr, error, "bad boolean value string", pwszValue);
  1343. }
  1344. }
  1345. hr = S_OK;
  1347. error:
  1348. if (S_OK != hr)
  1349. {
  1350. INFSETERROR(hr, NULL, NULL, pwszValue);
  1351. }
  1352. return(hr);
  1353. }
  1356. HRESULT
  1357. myInfGetBooleanValue(
  1358. IN HINF hInf,
  1359. IN WCHAR const *pwszSection,
  1360. IN WCHAR const *pwszKey,
  1361. IN BOOL fIgnoreMissingKey,
  1362. OUT BOOL *pfValue)
  1363. {
  1364. HRESULT hr;
  1365. INFCONTEXT InfContext;
  1366. WCHAR *pwszValue = NULL;
  1368. *pfValue = FALSE;
  1369. myInfClearError();
  1371. CSASSERT(NULL != hInf && INVALID_HANDLE_VALUE != hInf);
  1373. hr = infSetupFindFirstLine(
  1374. hInf,
  1375. pwszSection,
  1376. pwszKey, // pwszKey
  1377. TRUE, // fUniqueKey
  1378. 1, // cValueMax
  1379. NULL, // apwszKeys
  1380. FALSE, // fUniqueValidKeys
  1381. &InfContext);
  1382. _PrintIfErrorStr3(
  1383. hr,
  1384. "infSetupFindFirstLine",
  1385. pwszSection,
  1386. ERROR_LINE_NOT_FOUND,
  1387. S_FALSE);
  1388. _JumpIfErrorStr3(
  1389. hr,
  1390. error,
  1391. "infSetupFindFirstLine",
  1392. pwszKey,
  1393. ERROR_LINE_NOT_FOUND,
  1394. S_FALSE);
  1396. hr = infGetCurrentKeyValue(
  1397. &InfContext,
  1398. pwszSection,
  1399. pwszKey,
  1400. 1,
  1401. TRUE, // fLastValue
  1402. &pwszValue);
  1403. _JumpIfErrorStr(hr, error, "infGetCurrentKeyValue", pwszKey);
  1405. DBGPRINT((
  1406. DBG_SS_CERTLIBI,
  1407. "myInfGetBooleanValue --> '%ws'\n",
  1408. pwszValue));
  1410. hr = myInfParseBooleanValue(pwszValue, pfValue);
  1411. _JumpIfError(hr, error, "myInfParseBooleanValue");
  1413. error:
  1414. if (S_OK != hr &&
  1415. ((HRESULT) ERROR_LINE_NOT_FOUND != hr || !fIgnoreMissingKey))
  1416. {
  1417. INFSETERROR(hr, pwszSection, pwszKey, pwszValue);
  1418. CSILOG(hr, IDS_ILOG_BAD_BOOLEAN, pwszSection, pwszKey, NULL);
  1419. }
  1420. DBGPRINT((
  1421. DBG_SS_CERTLIBI,
  1422. "myInfGetBooleanValue(%ws, %ws) hr=%x --> f=%d\n",
  1423. pwszSection,
  1424. pwszKey,
  1425. hr,
  1426. *pfValue));
  1427. if (NULL != pwszValue)
  1428. {
  1429. LocalFree(pwszValue);
  1430. }
  1431. return(hr);
  1432. }
  1435. HRESULT
  1436. infGetCriticalFlag(
  1437. IN HINF hInf,
  1438. IN WCHAR const *pwszSection,
  1439. IN BOOL fDefault,
  1440. OUT BOOL *pfCritical)
  1441. {
  1442. HRESULT hr;
  1444. hr = myInfGetBooleanValue(
  1445. hInf,
  1446. pwszSection,
  1447. wszINFKEY_CRITICAL,
  1448. TRUE,
  1449. pfCritical);
  1450. if (S_OK != hr)
  1451. {
  1452. *pfCritical = fDefault;
  1453. if ((HRESULT) ERROR_LINE_NOT_FOUND != hr && S_FALSE != hr)
  1454. {
  1455. _JumpErrorStr(hr, error, "myInfGetBooleanValue", pwszSection);
  1456. }
  1457. hr = S_OK;
  1458. }
  1460. error:
  1461. DBGPRINT((
  1462. DBG_SS_CERTLIBI,
  1463. "infGetCriticalFlag(%ws) hr=%x --> f=%d\n",
  1464. pwszSection,
  1465. hr,
  1466. *pfCritical));
  1467. return(hr);
  1468. }
  1471. //+------------------------------------------------------------------------
  1472. // infGetPolicyStatementExtensionSub -- build policy extension from INF file
  1473. //
  1474. // [pwszSection]
  1475. // Policies = LegalPolicy, LimitedUsePolicy, ExtraPolicy
  1476. //
  1477. // [LegalPolicy]
  1478. // OID = 1.3.6.1.4.1.311.21.43
  1479. // Notice = "Legal policy statement text."
  1480. //
  1481. // [LimitedUsePolicy]
  1482. // OID = 1.3.6.1.4.1.311.21.47
  1483. // URL = "http://http.site.com/some where/default.asp"
  1484. // URL = "ftp://ftp.site.com/some where else/default.asp"
  1485. // Notice = "Limited use policy statement text."
  1486. // URL = "ldap://ldap.site.com/some where else again/default.asp"
  1487. //
  1488. // [ExtraPolicy]
  1489. // OID = 1.3.6.1.4.1.311.21.53
  1490. // URL = http://extra.site.com/Extra Policy/default.asp
  1491. //
  1492. // Return S_OK if extension has been constructed from the INF file
  1493. // Return S_FALSE if empty section detected in INF file
  1494. // Return other error if no section detected in INF file
  1495. //-------------------------------------------------------------------------
  1497. HRESULT
  1498. infGetPolicyStatementExtensionSub(
  1499. IN HINF hInf,
  1500. IN WCHAR const *pwszSection,
  1501. IN char const *pszObjId,
  1502. OUT CERT_EXTENSION *pext)
  1503. {
  1504. HRESULT hr;
  1505. CERT_POLICIES_INFO PoliciesInfo;
  1506. INFCONTEXT InfContext;
  1507. DWORD i;
  1508. WCHAR *pwszValue = NULL;
  1509. static WCHAR const * const s_apwszKeys[] =
  1510. { wszINFKEY_POLICIES, wszINFKEY_CRITICAL, NULL };
  1512. ZeroMemory(&PoliciesInfo, sizeof(PoliciesInfo));
  1513. ZeroMemory(pext, sizeof(*pext));
  1515. CSASSERT(NULL != hInf && INVALID_HANDLE_VALUE != hInf);
  1516. hr = infSetupFindFirstLine(
  1517. hInf,
  1518. pwszSection,
  1519. wszINFKEY_POLICIES,
  1520. TRUE, // fUniqueKey
  1521. 0, // cValueMax
  1522. s_apwszKeys,
  1523. TRUE, // fUniqueValidKeys
  1524. &InfContext);
  1525. if (S_OK != hr)
  1526. {
  1527. CSILOG(
  1528. hr,
  1529. IDS_ILOG_CAPOLICY_NOKEY,
  1530. pwszSection,
  1531. wszINFKEY_POLICIES,
  1532. NULL);
  1533. _JumpErrorStr3(
  1534. hr,
  1535. error,
  1536. "infSetupFindFirstLine",
  1537. pwszSection,
  1538. S_FALSE,
  1539. (HRESULT) ERROR_LINE_NOT_FOUND);
  1540. }
  1542. // First, count the policies.
  1544. PoliciesInfo.cPolicyInfo = SetupGetFieldCount(&InfContext);
  1545. if (0 == PoliciesInfo.cPolicyInfo)
  1546. {
  1547. hr = S_FALSE;
  1548. _JumpError(hr, error, "SetupGetFieldCount");
  1549. }
  1551. // Next, allocate memory.
  1553. PoliciesInfo.rgPolicyInfo = (CERT_POLICY_INFO *) LocalAlloc(
  1554. LMEM_FIXED | LMEM_ZEROINIT,
  1555. PoliciesInfo.cPolicyInfo * sizeof(PoliciesInfo.rgPolicyInfo[0]));
  1556. if (NULL == PoliciesInfo.rgPolicyInfo)
  1557. {
  1558. hr = E_OUTOFMEMORY;
  1559. _JumpError(hr, error, "LocalAlloc");
  1560. }
  1562. // Finally! Fill in the policies data.
  1564. for (i = 0; i < PoliciesInfo.cPolicyInfo; i++)
  1565. {
  1566. if (NULL != pwszValue)
  1567. {
  1568. LocalFree(pwszValue);
  1569. pwszValue = NULL;
  1570. }
  1571. hr = infGetCurrentKeyValue(
  1572. &InfContext,
  1573. pwszSection,
  1574. wszINFKEY_POLICIES,
  1575. i + 1,
  1576. FALSE, // fLastValue
  1577. &pwszValue);
  1578. _JumpIfErrorStr(hr, error, "infGetCurrentKeyValue", wszINFKEY_POLICIES);
  1580. DBGPRINT((DBG_SS_CERTLIBI, "%ws[%u] = %ws\n", wszINFKEY_POLICIES, i, pwszValue));
  1582. hr = infBuildPolicy(hInf, pwszValue, &PoliciesInfo.rgPolicyInfo[i]);
  1583. _JumpIfErrorStr(hr, error, "infBuildPolicy", pwszValue);
  1584. }
  1586. hr = infGetCriticalFlag(hInf, pwszSection, FALSE, &pext->fCritical);
  1587. _JumpIfError(hr, error, "infGetCriticalFlag");
  1589. if (!myEncodeObject(
  1590. X509_ASN_ENCODING,
  1591. X509_CERT_POLICIES,
  1592. &PoliciesInfo,
  1593. 0,
  1594. CERTLIB_USE_LOCALALLOC,
  1595. &pext->Value.pbData,
  1596. &pext->Value.cbData))
  1597. {
  1598. hr = myHLastError();
  1599. _JumpError(hr, error, "myEncodeObject");
  1600. }
  1602. error:
  1603. if (S_OK != hr && S_FALSE != hr)
  1604. {
  1605. INFSETERROR(hr, pwszSection, wszINFKEY_POLICIES, pwszValue);
  1606. }
  1607. CSILOG(hr, IDS_ILOG_CAPOLICY_EXTENSION, pwszValue, NULL, NULL);
  1608. pext->pszObjId = const_cast<char *>(pszObjId); // on error, too!
  1610. if (NULL != PoliciesInfo.rgPolicyInfo)
  1611. {
  1612. for (i = 0; i < PoliciesInfo.cPolicyInfo; i++)
  1613. {
  1614. infFreePolicy(&PoliciesInfo.rgPolicyInfo[i]);
  1615. }
  1616. LocalFree(PoliciesInfo.rgPolicyInfo);
  1617. }
  1618. if (NULL != pwszValue)
  1619. {
  1620. LocalFree(pwszValue);
  1621. }
  1622. return(hr);
  1623. }
  1626. //+------------------------------------------------------------------------
  1627. // myInfGetPolicyStatementExtension -- build policy extension from INF file
  1628. //
  1629. // [PolicyStatementExtension]
  1630. // Policies = LegalPolicy, LimitedUsePolicy, ExtraPolicy
  1631. // ...
  1632. //
  1633. // OR
  1634. //
  1635. // [CAPolicy]
  1636. // Policies = LegalPolicy, LimitedUsePolicy, ExtraPolicy
  1637. // ...
  1638. //
  1639. // Return S_OK if extension has been constructed from the INF file
  1640. // Return S_FALSE if empty section detected in INF file
  1641. // Return other error if no section detected in INF file
  1642. //-------------------------------------------------------------------------
  1644. FNMYINFGETEXTENSION myInfGetPolicyStatementExtension;
  1646. HRESULT
  1647. myInfGetPolicyStatementExtension(
  1648. IN HINF hInf,
  1649. OUT CERT_EXTENSION *pext)
  1650. {
  1651. HRESULT hr;
  1653. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  1654. {
  1655. hr = E_HANDLE;
  1656. _JumpError2(hr, error, "hInf", hr);
  1657. }
  1658. myInfClearError();
  1659. hr = infGetPolicyStatementExtensionSub(
  1660. hInf,
  1661. wszINFSECTION_POLICYSTATEMENT,
  1662. szOID_CERT_POLICIES,
  1663. pext);
  1664. if (S_OK != hr)
  1665. {
  1666. HRESULT hr2;
  1668. hr2 = infGetPolicyStatementExtensionSub(
  1669. hInf,
  1670. wszINFSECTION_CAPOLICY,
  1671. szOID_CERT_POLICIES,
  1672. pext);
  1673. if (S_OK == hr2 ||
  1674. (S_FALSE == hr2 && (HRESULT) ERROR_LINE_NOT_FOUND == hr))
  1675. {
  1676. hr = hr2;
  1677. }
  1678. }
  1679. _JumpIfErrorStr3(
  1680. hr,
  1681. error,
  1682. "infGetPolicyStatementExtensionSub",
  1683. wszINFSECTION_POLICYSTATEMENT,
  1684. ERROR_LINE_NOT_FOUND,
  1685. S_FALSE);
  1687. error:
  1688. DBGPRINT((
  1689. DBG_SS_CERTLIBI,
  1690. "myInfGetPolicyStatementExtension hr=%x --> f=%d, cb=%x\n",
  1691. hr,
  1692. pext->fCritical,
  1693. pext->Value.cbData));
  1694. return(hr);
  1695. }
  1698. //+------------------------------------------------------------------------
  1699. // myInfGetApplicationPolicyStatementExtension -- build application policy
  1700. // extension from INF file
  1701. //
  1702. // [ApplicationPolicyStatementExtension]
  1703. // Policies = LegalPolicy, LimitedUsePolicy, ExtraPolicy
  1704. // ...
  1705. //
  1706. // Return S_OK if extension has been constructed from the INF file
  1707. // Return S_FALSE if empty section detected in INF file
  1708. // Return other error if no section detected in INF file
  1709. //-------------------------------------------------------------------------
  1711. FNMYINFGETEXTENSION myInfGetApplicationPolicyStatementExtension;
  1713. HRESULT
  1714. myInfGetApplicationPolicyStatementExtension(
  1715. IN HINF hInf,
  1716. OUT CERT_EXTENSION *pext)
  1717. {
  1718. HRESULT hr;
  1720. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  1721. {
  1722. hr = E_HANDLE;
  1723. _JumpError2(hr, error, "hInf", hr);
  1724. }
  1725. myInfClearError();
  1726. hr = infGetPolicyStatementExtensionSub(
  1727. hInf,
  1728. wszINFSECTION_APPLICATIONPOLICYSTATEMENT,
  1729. szOID_APPLICATION_CERT_POLICIES,
  1730. pext);
  1731. _JumpIfErrorStr3(
  1732. hr,
  1733. error,
  1734. "infGetPolicyStatementExtensionSub",
  1735. wszINFSECTION_APPLICATIONPOLICYSTATEMENT,
  1736. S_FALSE,
  1737. (HRESULT) ERROR_LINE_NOT_FOUND);
  1739. error:
  1740. DBGPRINT((
  1741. DBG_SS_CERTLIBI,
  1742. "myInfGetApplicationPolicyStatementExtension hr=%x --> f=%d, cb=%x\n",
  1743. hr,
  1744. pext->fCritical,
  1745. pext->Value.cbData));
  1746. return(hr);
  1747. }
  1750. HRESULT
  1751. myInfGetCRLPublicationParams(
  1752. IN HINF hInf,
  1753. IN WCHAR const *pwszKeyCRLPeriodString,
  1754. IN WCHAR const *pwszKeyCRLPeriodCount,
  1755. OUT WCHAR **ppwszCRLPeriodString,
  1756. OUT DWORD *pdwCRLPeriodCount)
  1757. {
  1758. HRESULT hr;
  1759. WCHAR const *pwszKey;
  1761. // Retrieve units count and string. If either fails, both are discarded.
  1763. *ppwszCRLPeriodString = NULL;
  1764. pwszKey = pwszKeyCRLPeriodCount;
  1765. hr = myInfGetNumericKeyValue(
  1766. hInf,
  1767. TRUE, // fLog
  1768. wszINFSECTION_CERTSERVER,
  1769. pwszKey,
  1770. 1,
  1771. TRUE, // fLastValue
  1772. pdwCRLPeriodCount);
  1773. _JumpIfErrorStr2(
  1774. hr,
  1775. error,
  1776. "myInfGetNumericKeyValue",
  1777. pwszKeyCRLPeriodCount,
  1778. ERROR_LINE_NOT_FOUND);
  1780. pwszKey = pwszKeyCRLPeriodString;
  1781. hr = myInfGetKeyValue(
  1782. hInf,
  1783. TRUE, // fLog
  1784. wszINFSECTION_CERTSERVER,
  1785. pwszKey,
  1786. 1,
  1787. TRUE, // fLastValue
  1788. ppwszCRLPeriodString);
  1789. _JumpIfErrorStr2(
  1790. hr,
  1791. error,
  1792. "myInfGetKeyValue",
  1793. pwszKeyCRLPeriodString,
  1794. ERROR_LINE_NOT_FOUND);
  1796. error:
  1797. if (S_OK != hr)
  1798. {
  1799. INFSETERROR(hr, wszINFSECTION_CERTSERVER, pwszKey, NULL);
  1800. }
  1801. return(hr);
  1802. }
  1805. //+------------------------------------------------------------------------
  1806. // myInfGetKeyValue -- fetch a string value from INF file
  1807. //
  1808. // [pwszSection]
  1809. // pwszKey = string
  1810. //
  1811. // Returns: allocated string key value
  1812. //-------------------------------------------------------------------------
  1814. HRESULT
  1815. myInfGetKeyValue(
  1816. IN HINF hInf,
  1817. IN BOOL fLog,
  1818. IN WCHAR const *pwszSection,
  1819. IN WCHAR const *pwszKey,
  1820. IN DWORD Index,
  1821. IN BOOL fLastValue,
  1822. OUT WCHAR **ppwszValue)
  1823. {
  1824. HRESULT hr;
  1825. INFCONTEXT InfContext;
  1826. WCHAR *pwszValue = NULL;
  1828. *ppwszValue = NULL;
  1829. myInfClearError();
  1831. CSASSERT(NULL != hInf && INVALID_HANDLE_VALUE != hInf);
  1832. hr = infSetupFindFirstLine(
  1833. hInf,
  1834. pwszSection,
  1835. pwszKey,
  1836. TRUE, // fUniqueKey
  1837. fLastValue? Index : 0, // cValueMax
  1838. NULL, // apwszKeys
  1839. FALSE, // fUniqueValidKeys
  1840. &InfContext);
  1841. if (S_OK != hr)
  1842. {
  1843. if (fLog)
  1844. {
  1845. CSILOG(hr, IDS_ILOG_CAPOLICY_NOKEY, pwszSection, pwszKey, NULL);
  1846. }
  1847. _JumpErrorStr2(
  1848. hr,
  1849. error,
  1850. "infSetupFindFirstLine",
  1851. pwszKey,
  1852. ERROR_LINE_NOT_FOUND);
  1853. }
  1855. hr = infGetCurrentKeyValue(
  1856. &InfContext,
  1857. pwszSection,
  1858. pwszKey,
  1859. Index,
  1860. fLastValue,
  1861. &pwszValue);
  1862. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  1864. *ppwszValue = pwszValue;
  1865. pwszValue = NULL;
  1866. hr = S_OK;
  1868. //wprintf(L"%ws = %ws\n", pwszKey, *ppwszValue);
  1870. error:
  1871. if (NULL != pwszValue)
  1872. {
  1873. LocalFree(pwszValue);
  1874. }
  1875. if (S_OK != hr && fLog)
  1876. {
  1877. INFSETERROR(hr, pwszSection, pwszKey, NULL);
  1878. }
  1879. return(hr);
  1880. }
  1883. //+------------------------------------------------------------------------
  1884. // myInfGetNumericKeyValue -- fetch a numeric value from INF file
  1885. //
  1886. // [pwszSection]
  1887. // pwszKey = 2048
  1888. //
  1889. // Returns: DWORD key value
  1890. //-------------------------------------------------------------------------
  1892. HRESULT
  1893. myInfGetNumericKeyValue(
  1894. IN HINF hInf,
  1895. IN BOOL fLog,
  1896. IN WCHAR const *pwszSection,
  1897. IN WCHAR const *pwszKey,
  1898. IN DWORD Index,
  1899. IN BOOL fLastValue,
  1900. OUT DWORD *pdwValue)
  1901. {
  1902. HRESULT hr;
  1903. INFCONTEXT InfContext;
  1904. WCHAR *pwszValue = NULL;
  1905. INT Value;
  1907. myInfClearError();
  1908. CSASSERT(NULL != hInf && INVALID_HANDLE_VALUE != hInf);
  1910. hr = infSetupFindFirstLine(
  1911. hInf,
  1912. pwszSection,
  1913. pwszKey,
  1914. TRUE, // fUniqueKey
  1915. fLastValue? Index : 0, // cValueMax
  1916. NULL, // apwszKeys
  1917. FALSE, // fUniqueValidKeys
  1918. &InfContext);
  1919. if (S_OK != hr)
  1920. {
  1921. if (fLog)
  1922. {
  1923. CSILOG(hr, IDS_ILOG_CAPOLICY_NOKEY, pwszSection, pwszKey, NULL);
  1924. }
  1925. _PrintErrorStr2(
  1926. hr,
  1927. "infSetupFindFirstLine",
  1928. pwszKey,
  1929. ERROR_LINE_NOT_FOUND);
  1930. _JumpErrorStr2(
  1931. hr,
  1932. error,
  1933. "infSetupFindFirstLine",
  1934. pwszSection,
  1935. ERROR_LINE_NOT_FOUND);
  1936. }
  1937. if (fLastValue)
  1938. {
  1939. hr = infGetCurrentKeyValue(
  1940. &InfContext,
  1941. pwszSection,
  1942. pwszKey,
  1943. Index,
  1944. fLastValue,
  1945. &pwszValue);
  1946. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  1947. }
  1949. if (!SetupGetIntField(&InfContext, Index, &Value))
  1950. {
  1951. hr = myHLastError();
  1952. if (fLog)
  1953. {
  1954. CSILOG(hr, IDS_ILOG_BAD_NUMERICFIELD, pwszSection, pwszKey, NULL);
  1955. }
  1956. _JumpErrorStr(hr, error, "SetupGetIntField", pwszKey);
  1957. }
  1958. *pdwValue = Value;
  1959. DBGPRINT((DBG_SS_CERTLIBI, "%ws = %u\n", pwszKey, *pdwValue));
  1960. hr = S_OK;
  1962. error:
  1963. if (NULL != pwszValue)
  1964. {
  1965. LocalFree(pwszValue);
  1966. }
  1967. if (S_OK != hr && fLog)
  1968. {
  1969. INFSETERROR(hr, pwszSection, pwszKey, NULL);
  1970. }
  1971. return(hr);
  1972. }
  1975. //+------------------------------------------------------------------------
  1976. // myInfGetKeyLength -- fetch the renewal key length from CAPolicy.inf
  1977. //
  1978. // [certsrv_server]
  1979. // RenewalKeyLength = 2048
  1980. //
  1981. // Returns: DWORD key kength
  1982. //-------------------------------------------------------------------------
  1984. HRESULT
  1985. myInfGetKeyLength(
  1986. IN HINF hInf,
  1987. OUT DWORD *pdwKeyLength)
  1988. {
  1989. HRESULT hr;
  1991. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  1992. {
  1993. hr = E_HANDLE;
  1994. _JumpError2(hr, error, "hInf", hr);
  1995. }
  1996. myInfClearError();
  1997. hr = myInfGetNumericKeyValue(
  1998. hInf,
  1999. TRUE, // fLog
  2000. wszINFSECTION_CERTSERVER,
  2001. wszINFKEY_RENEWALKEYLENGTH,
  2002. 1,
  2003. TRUE, // fLastValue
  2004. pdwKeyLength);
  2005. _JumpIfErrorStr2(
  2006. hr,
  2007. error,
  2008. "myInfGetNumericKeyValue",
  2009. wszINFKEY_RENEWALKEYLENGTH,
  2010. ERROR_LINE_NOT_FOUND);
  2012. error:
  2013. DBGPRINT((
  2014. DBG_SS_CERTLIBI,
  2015. "myInfGetKeyLength hr=%x --> len=%x\n",
  2016. hr,
  2017. *pdwKeyLength));
  2018. return(hr);
  2019. }
  2022. //+------------------------------------------------------------------------
  2023. // infGetValidityPeriodSub -- fetch validity period & units from CAPolicy.inf
  2024. //
  2025. // [certsrv_server]
  2026. // xxxxValidityPeriod = Years (string)
  2027. // xxxxValidityPeriodUnits = 8 (count)
  2028. //
  2029. // Returns: validity period count and enum
  2030. //-------------------------------------------------------------------------
  2032. HRESULT
  2033. infGetValidityPeriodSub(
  2034. IN HINF hInf,
  2035. IN BOOL fLog,
  2036. IN WCHAR const *pwszInfKeyNameCount,
  2037. IN WCHAR const *pwszInfKeyNameString,
  2038. OPTIONAL IN WCHAR const *pwszValidityPeriodCount,
  2039. OPTIONAL IN WCHAR const *pwszValidityPeriodString,
  2040. OUT DWORD *pdwValidityPeriodCount,
  2041. OUT ENUM_PERIOD *penumValidityPeriod)
  2042. {
  2043. HRESULT hr;
  2044. WCHAR *pwszStringValue = NULL;
  2045. BOOL fValidCount = TRUE;
  2046. UINT idsLog = IDS_ILOG_BAD_VALIDITY_STRING;
  2048. *pdwValidityPeriodCount = 0;
  2049. *penumValidityPeriod = ENUM_PERIOD_INVALID;
  2051. hr = S_OK;
  2052. if (NULL == pwszValidityPeriodCount && NULL == pwszValidityPeriodString)
  2053. {
  2054. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  2055. {
  2056. hr = E_HANDLE;
  2057. _JumpError2(hr, error, "hInf", hr);
  2058. }
  2060. hr = myInfGetNumericKeyValue(
  2061. hInf,
  2062. fLog,
  2063. wszINFSECTION_CERTSERVER,
  2064. pwszInfKeyNameCount,
  2065. 1,
  2066. TRUE, // fLastValue
  2067. pdwValidityPeriodCount);
  2068. _JumpIfErrorStr2(
  2069. hr,
  2070. error,
  2071. "myInfGetNumericKeyValue",
  2072. pwszInfKeyNameCount,
  2073. ERROR_LINE_NOT_FOUND);
  2075. hr = myInfGetKeyValue(
  2076. hInf,
  2077. fLog,
  2078. wszINFSECTION_CERTSERVER,
  2079. pwszInfKeyNameString,
  2080. 1,
  2081. TRUE, // fLastValue
  2082. &pwszStringValue);
  2083. if (S_OK != hr && fLog)
  2084. {
  2085. INFSETERROR(hr, wszINFSECTION_CERTSERVER, pwszInfKeyNameString, NULL);
  2086. }
  2087. _JumpIfErrorStr(hr, error, "myInfGetKeyValue", pwszInfKeyNameString);
  2089. pwszValidityPeriodString = pwszStringValue;
  2090. }
  2091. else
  2092. {
  2093. if (NULL != pwszValidityPeriodCount)
  2094. {
  2095. *pdwValidityPeriodCount = myWtoI(
  2096. pwszValidityPeriodCount,
  2097. &fValidCount);
  2098. }
  2099. idsLog = IDS_ILOG_BAD_VALIDITY_STRING_UNATTEND;
  2100. }
  2102. DBGPRINT((
  2103. DBG_SS_CERTLIBI,
  2104. "%ws = %u -- %ws = %ws\n",
  2105. pwszInfKeyNameCount,
  2106. *pdwValidityPeriodCount,
  2107. pwszInfKeyNameString,
  2108. pwszValidityPeriodString));
  2110. if (NULL != pwszValidityPeriodString)
  2111. {
  2112. if (0 == LSTRCMPIS(pwszValidityPeriodString, wszPERIODYEARS))
  2113. {
  2114. *penumValidityPeriod = ENUM_PERIOD_YEARS;
  2115. }
  2116. else if (0 == LSTRCMPIS(pwszValidityPeriodString, wszPERIODMONTHS))
  2117. {
  2118. *penumValidityPeriod = ENUM_PERIOD_MONTHS;
  2119. }
  2120. else if (0 == LSTRCMPIS(pwszValidityPeriodString, wszPERIODWEEKS))
  2121. {
  2122. *penumValidityPeriod = ENUM_PERIOD_WEEKS;
  2123. }
  2124. else if (0 == LSTRCMPIS(pwszValidityPeriodString, wszPERIODDAYS))
  2125. {
  2126. *penumValidityPeriod = ENUM_PERIOD_DAYS;
  2127. }
  2128. else if (fLog)
  2129. {
  2130. INFSETERROR(
  2131. hr,
  2132. wszINFSECTION_CERTSERVER,
  2133. pwszInfKeyNameString,
  2134. pwszValidityPeriodString);
  2135. }
  2136. }
  2138. DBGPRINT((
  2139. DBG_SS_CERTLIBI,
  2140. "%ws = %u (%ws)\n",
  2141. pwszInfKeyNameString,
  2142. *penumValidityPeriod,
  2143. pwszValidityPeriodString));
  2145. if (!fValidCount ||
  2146. (ENUM_PERIOD_YEARS == *penumValidityPeriod &&
  2147. fValidCount && 9999 < *pdwValidityPeriodCount))
  2148. {
  2149. hr = E_INVALIDARG;
  2150. if (fLog)
  2151. {
  2152. WCHAR awcCount[cwcDWORDSPRINTF];
  2154. if (NULL == pwszValidityPeriodCount)
  2155. {
  2156. wsprintf(awcCount, L"%d", *pdwValidityPeriodCount);
  2157. }
  2158. INFSETERROR(
  2159. hr,
  2160. wszINFSECTION_CERTSERVER,
  2161. pwszInfKeyNameCount,
  2162. NULL != pwszValidityPeriodCount?
  2163. pwszValidityPeriodCount : awcCount);
  2164. CSILOG(
  2165. hr,
  2166. idsLog,
  2167. wszINFSECTION_CERTSERVER,
  2168. NULL == pwszValidityPeriodCount? pwszInfKeyNameCount : NULL,
  2169. pdwValidityPeriodCount);
  2170. }
  2171. _JumpIfErrorStr(
  2172. hr,
  2173. error,
  2174. "bad ValidityPeriod count value",
  2175. pwszValidityPeriodCount);
  2176. }
  2177. hr = S_OK;
  2179. error:
  2180. if (NULL != pwszStringValue)
  2181. {
  2182. LocalFree(pwszStringValue);
  2183. }
  2184. return(hr);
  2185. }
  2188. //+------------------------------------------------------------------------
  2189. // myInfGetValidityPeriod -- fetch renewal period & units from CAPolicy.inf
  2190. //
  2191. // [certsrv_server]
  2192. // xxxxValidityPeriod = Years (string)
  2193. // xxxxValidityPeriodUnits = 8 (count)
  2194. //
  2195. // Returns: validity period count and enum
  2196. //-------------------------------------------------------------------------
  2198. HRESULT
  2199. myInfGetValidityPeriod(
  2200. IN HINF hInf,
  2201. OPTIONAL IN WCHAR const *pwszValidityPeriodCount,
  2202. OPTIONAL IN WCHAR const *pwszValidityPeriodString,
  2203. OUT DWORD *pdwValidityPeriodCount,
  2204. OUT ENUM_PERIOD *penumValidityPeriod,
  2205. OPTIONAL OUT BOOL *pfSwap)
  2206. {
  2207. HRESULT hr;
  2209. if ((NULL == hInf || INVALID_HANDLE_VALUE == hInf) &&
  2210. NULL == pwszValidityPeriodCount &&
  2211. NULL == pwszValidityPeriodString)
  2212. {
  2213. hr = E_HANDLE;
  2214. _JumpError2(hr, error, "hInf", hr);
  2215. }
  2216. myInfClearError();
  2218. if (NULL != pfSwap)
  2219. {
  2220. *pfSwap = FALSE;
  2221. }
  2223. // Try correct order:
  2224. // [certsrv_server]
  2225. // xxxxValidityPeriod = Years (string)
  2226. // xxxxValidityPeriodUnits = 8 (count)
  2228. hr = infGetValidityPeriodSub(
  2229. hInf,
  2230. TRUE,
  2231. wszINFKEY_RENEWALVALIDITYPERIODCOUNT,
  2232. wszINFKEY_RENEWALVALIDITYPERIODSTRING,
  2233. pwszValidityPeriodCount,
  2234. pwszValidityPeriodString,
  2235. pdwValidityPeriodCount,
  2236. penumValidityPeriod);
  2237. _PrintIfError2(hr, "infGetValidityPeriodSub", ERROR_LINE_NOT_FOUND);
  2239. if (S_OK != hr)
  2240. {
  2241. // Try backwards:
  2242. // [certsrv_server]
  2243. // xxxxValidityPeriodUnits = Years (string)
  2244. // xxxxValidityPeriod = 8 (count)
  2246. hr = infGetValidityPeriodSub(
  2247. hInf,
  2248. FALSE,
  2249. wszINFKEY_RENEWALVALIDITYPERIODSTRING,
  2250. wszINFKEY_RENEWALVALIDITYPERIODCOUNT,
  2251. pwszValidityPeriodString,
  2252. pwszValidityPeriodCount,
  2253. pdwValidityPeriodCount,
  2254. penumValidityPeriod);
  2255. _JumpIfError2(
  2256. hr,
  2257. error,
  2258. "infGetValidityPeriodSub",
  2259. ERROR_LINE_NOT_FOUND);
  2261. if (NULL != pfSwap)
  2262. {
  2263. *pfSwap = TRUE;
  2264. }
  2265. }
  2267. error:
  2268. DBGPRINT((
  2269. DBG_SS_CERTLIBI,
  2270. "myInfGetValidityPeriod hr=%x --> c=%d, enum=%d\n",
  2271. hr,
  2272. *pdwValidityPeriodCount,
  2273. *penumValidityPeriod));
  2274. return(hr);
  2275. }
  2278. //+------------------------------------------------------------------------
  2279. // myInfGetKeyList -- fetch a list of key values from CAPolicy.inf
  2280. //
  2281. // [pwszSection]
  2282. // pwszKey = Value1
  2283. // pwszKey = Value2
  2284. //
  2285. // Returns: double null terminated list of values
  2286. //-------------------------------------------------------------------------
  2288. HRESULT
  2289. myInfGetKeyList(
  2290. IN HINF hInf,
  2291. IN WCHAR const *pwszSection,
  2292. OPTIONAL IN WCHAR const *pwszKey,
  2293. OPTIONAL WCHAR const * const *ppwszValidKeys,
  2294. OPTIONAL OUT BOOL *pfCritical,
  2295. OPTIONAL OUT WCHAR **ppwszz)
  2296. {
  2297. HRESULT hr;
  2298. INFCONTEXT InfContext;
  2299. DWORD iVal;
  2300. DWORD cwc;
  2301. WCHAR *pwsz;
  2302. WCHAR **apwszVal = NULL;
  2303. DWORD cVal;
  2305. if (NULL != pfCritical)
  2306. {
  2307. *pfCritical = FALSE;
  2308. }
  2309. if (NULL != ppwszz)
  2310. {
  2311. *ppwszz = NULL;
  2312. }
  2313. myInfClearError();
  2314. cVal = 0;
  2315. if (NULL == pwszKey)
  2316. {
  2317. if (NULL == ppwszValidKeys || NULL != pfCritical || NULL != ppwszz)
  2318. {
  2319. hr = E_INVALIDARG;
  2320. _JumpErrorStr(hr, error, "NULL/non-NULL parms", pwszSection);
  2321. }
  2322. }
  2323. else if (NULL == ppwszz)
  2324. {
  2325. hr = E_INVALIDARG;
  2326. _JumpErrorStr(hr, error, "ppwszz parms", pwszKey);
  2327. }
  2329. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  2330. {
  2331. hr = E_HANDLE;
  2332. _JumpError2(hr, error, "hInf", hr);
  2333. }
  2334. hr = infSetupFindFirstLine(
  2335. hInf,
  2336. pwszSection,
  2337. pwszKey,
  2338. FALSE, // fUniqueKey
  2339. NULL == pwszKey? 0 : 1, // cValueMax
  2340. ppwszValidKeys,
  2341. FALSE, // fUniqueValidKeys
  2342. &InfContext);
  2343. if (S_OK != hr)
  2344. {
  2345. CSILOG(hr, IDS_ILOG_CAPOLICY_NOKEY, pwszSection, pwszKey, NULL);
  2346. _JumpErrorStr3(
  2347. hr,
  2348. error,
  2349. "infSetupFindFirstLine",
  2350. pwszSection,
  2351. S_FALSE,
  2352. (HRESULT) ERROR_LINE_NOT_FOUND);
  2353. }
  2355. if (NULL != pwszKey)
  2356. {
  2357. for (;;)
  2358. {
  2359. cVal++;
  2360. hr = infFindNextKey(pwszKey, &InfContext);
  2361. if (S_FALSE == hr)
  2362. {
  2363. break;
  2364. }
  2365. _JumpIfErrorStr(hr, error, "infFindNextKey", pwszKey);
  2366. }
  2368. apwszVal = (WCHAR **) LocalAlloc(
  2369. LMEM_FIXED | LMEM_ZEROINIT,
  2370. cVal * sizeof(apwszVal[0]));
  2371. if (NULL == apwszVal)
  2372. {
  2373. hr = E_OUTOFMEMORY;
  2374. _JumpError(hr, error, "LocalAlloc");
  2375. }
  2377. hr = infSetupFindFirstLine(
  2378. hInf,
  2379. pwszSection,
  2380. pwszKey,
  2381. FALSE, // fUniqueKey
  2382. 1, // cValueMax
  2383. NULL, // apwszKeys
  2384. FALSE, // fUniqueValidKeys
  2385. &InfContext);
  2386. _JumpIfErrorStr(hr, error, "infSetupFindFirstLine", pwszSection);
  2388. cwc = 1;
  2389. iVal = 0;
  2390. for (;;)
  2391. {
  2392. hr = infGetCurrentKeyValue(
  2393. &InfContext,
  2394. pwszSection,
  2395. pwszKey,
  2396. 1,
  2397. TRUE, // fLastValue
  2398. &apwszVal[iVal]);
  2399. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  2401. DBGPRINT((DBG_SS_CERTLIBI, "%ws = %ws\n", pwszKey, apwszVal[iVal]));
  2403. cwc += wcslen(apwszVal[iVal]) + 1;
  2404. iVal++;
  2406. hr = infFindNextKey(pwszKey, &InfContext);
  2407. if (S_FALSE == hr)
  2408. {
  2409. break;
  2410. }
  2411. _JumpIfErrorStr(hr, error, "infFindNextKey", pwszKey);
  2412. }
  2413. CSASSERT(iVal == cVal);
  2415. *ppwszz = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR));
  2416. if (NULL == *ppwszz)
  2417. {
  2418. hr = E_OUTOFMEMORY;
  2419. _JumpError(hr, error, "LocalAlloc");
  2420. }
  2421. pwsz = *ppwszz;
  2422. for (iVal = 0; iVal < cVal; iVal++)
  2423. {
  2424. wcscpy(pwsz, apwszVal[iVal]);
  2425. pwsz += wcslen(pwsz) + 1;
  2426. }
  2427. *pwsz = L'\0';
  2428. CSASSERT(cwc == 1 + SAFE_SUBTRACT_POINTERS(pwsz, *ppwszz));
  2430. if (NULL != pfCritical)
  2431. {
  2432. hr = infGetCriticalFlag(hInf, pwszSection, FALSE, pfCritical);
  2433. _JumpIfError(hr, error, "infGetCriticalFlag");
  2434. }
  2435. }
  2436. hr = S_OK;
  2438. error:
  2439. if (S_OK != hr)
  2440. {
  2441. INFSETERROR(hr, pwszSection, pwszKey, NULL);
  2442. }
  2443. if (NULL != apwszVal)
  2444. {
  2445. for (iVal = 0; iVal < cVal; iVal++)
  2446. {
  2447. if (NULL != apwszVal[iVal])
  2448. {
  2449. LocalFree(apwszVal[iVal]);
  2450. }
  2451. }
  2452. LocalFree(apwszVal);
  2453. }
  2454. return(hr);
  2455. }
  2458. //+------------------------------------------------------------------------
  2459. // myInfGetCRLDistributionPoints -- fetch CDP URLs from CAPolicy.inf
  2460. //
  2461. // [CRLDistributionPoint]
  2462. // URL = http://CRLhttp.site.com/Public/MyCA.crl
  2463. // URL = ftp://CRLftp.site.com/Public/MyCA.crl
  2464. //
  2465. // Returns: double null terminated list of CDP URLs
  2466. //-------------------------------------------------------------------------
  2468. HRESULT
  2469. myInfGetCRLDistributionPoints(
  2470. IN HINF hInf,
  2471. OUT BOOL *pfCritical,
  2472. OUT WCHAR **ppwszz)
  2473. {
  2474. HRESULT hr;
  2475. static WCHAR const * const s_apwszKeys[] =
  2476. { wszINFKEY_URL, wszINFKEY_CRITICAL, NULL };
  2478. hr = myInfGetKeyList(
  2479. hInf,
  2480. wszINFSECTION_CDP,
  2481. wszINFKEY_URL,
  2482. s_apwszKeys,
  2483. pfCritical,
  2484. ppwszz);
  2485. _JumpIfErrorStr4(
  2486. hr,
  2487. error,
  2488. "myInfGetKeyList",
  2489. wszINFSECTION_CDP,
  2490. ERROR_LINE_NOT_FOUND,
  2491. S_FALSE,
  2492. E_HANDLE);
  2494. error:
  2495. DBGPRINT((
  2496. DBG_SS_CERTLIBI,
  2497. "myInfGetCRLDistributionPoints hr=%x --> f=%d\n",
  2498. hr,
  2499. *pfCritical));
  2500. return(hr);
  2501. }
  2504. //+------------------------------------------------------------------------
  2505. // myInfGetAuthorityInformationAccess -- fetch AIA URLs from CAPolicy.inf
  2506. //
  2507. // [AuthorityInformationAccess]
  2508. // URL = http://CRThttp.site.com/Public/MyCA.crt
  2509. // URL = ftp://CRTftp.site.com/Public/MyCA.crt
  2510. //
  2511. // Returns: double null terminated list of AIA URLs
  2512. //-------------------------------------------------------------------------
  2514. HRESULT
  2515. myInfGetAuthorityInformationAccess(
  2516. IN HINF hInf,
  2517. OUT BOOL *pfCritical,
  2518. OUT WCHAR **ppwszz)
  2519. {
  2520. HRESULT hr;
  2521. static WCHAR const * const s_apwszKeys[] =
  2522. { wszINFKEY_URL, wszINFKEY_CRITICAL, NULL };
  2524. hr = myInfGetKeyList(
  2525. hInf,
  2526. wszINFSECTION_AIA,
  2527. wszINFKEY_URL,
  2528. s_apwszKeys,
  2529. pfCritical,
  2530. ppwszz);
  2531. _JumpIfErrorStr4(
  2532. hr,
  2533. error,
  2534. "myInfGetKeyList",
  2535. wszINFSECTION_AIA,
  2536. ERROR_LINE_NOT_FOUND,
  2537. S_FALSE,
  2538. E_HANDLE);
  2540. error:
  2541. DBGPRINT((
  2542. DBG_SS_CERTLIBI,
  2543. "myInfGetAuthorityInformationAccess hr=%x --> f=%d\n",
  2544. hr,
  2545. *pfCritical));
  2546. return(hr);
  2547. }
  2550. //+------------------------------------------------------------------------
  2551. // myInfGetEnhancedKeyUsage -- fetch EKU OIDS from CAPolicy.inf
  2552. //
  2553. // [EnhancedKeyUsage]
  2554. // OID = 1.2.3.4.5
  2555. // OID = 1.2.3.4.6
  2556. //
  2557. // Returns: double null terminated list of EKU OIDs
  2558. //-------------------------------------------------------------------------
  2560. HRESULT
  2561. myInfGetEnhancedKeyUsage(
  2562. IN HINF hInf,
  2563. OUT BOOL *pfCritical,
  2564. OUT WCHAR **ppwszz)
  2565. {
  2566. HRESULT hr;
  2567. WCHAR *pwszz = NULL;
  2568. WCHAR const *pwsz;
  2569. static WCHAR const * const s_apwszKeys[] =
  2570. { wszINFKEY_OID, wszINFKEY_CRITICAL, NULL };
  2572. *ppwszz = NULL;
  2574. hr = myInfGetKeyList(
  2575. hInf,
  2576. wszINFSECTION_EKU,
  2577. wszINFKEY_OID,
  2578. s_apwszKeys,
  2579. pfCritical,
  2580. &pwszz);
  2581. _JumpIfErrorStr4(
  2582. hr,
  2583. error,
  2584. "myInfGetKeyList",
  2585. wszINFSECTION_EKU,
  2586. ERROR_LINE_NOT_FOUND,
  2587. S_FALSE,
  2588. E_HANDLE);
  2590. for (pwsz = pwszz; L'\0' != *pwsz; pwsz += wcslen(pwsz) + 1)
  2591. {
  2592. hr = myVerifyObjId(pwsz);
  2593. if (S_OK != hr)
  2594. {
  2595. INFSETERROR(hr, wszINFSECTION_EKU, wszINFKEY_OID, pwsz);
  2596. _JumpErrorStr(hr, error, "myVerifyObjId", pwsz);
  2597. }
  2598. }
  2599. *ppwszz = pwszz;
  2600. pwszz = NULL;
  2602. error:
  2603. DBGPRINT((
  2604. DBG_SS_CERTLIBI,
  2605. "myInfGetEnhancedKeyUsage hr=%x --> f=%d\n",
  2606. hr,
  2607. *pfCritical));
  2608. if (NULL != pwszz)
  2609. {
  2610. LocalFree(pwszz);
  2611. }
  2612. return(hr);
  2613. }
  2616. //+--------------------------------------------------------------------------
  2617. // infGetBasicConstraints2CAExtension -- fetch basic constraints extension
  2618. // from INF file, setting the SubjectType flag to CA
  2619. //
  2620. // If the INF handle is bad, or if the INF section does not exist, construct
  2621. // a default extension only if fDefault is set, otherwise fail.
  2622. //
  2623. // [BasicConstraintsExtension]
  2624. // ; Subject Type is not supported -- always set to CA
  2625. // ; maximum subordinate CA path length
  2626. // PathLength = 3
  2627. //
  2628. // Return S_OK if extension has been constructed from INF file.
  2629. //
  2630. // Returns: encoded basic constraints extension
  2631. //+--------------------------------------------------------------------------
  2633. HRESULT
  2634. infGetBasicConstraints2CAExtension(
  2635. IN BOOL fDefault,
  2636. IN HINF hInf,
  2637. OUT CERT_EXTENSION *pext)
  2638. {
  2639. HRESULT hr;
  2640. CERT_BASIC_CONSTRAINTS2_INFO bc2i;
  2641. INFCONTEXT InfContext;
  2642. static WCHAR const * const s_apwszKeys[] =
  2643. { wszINFKEY_PATHLENGTH, wszINFKEY_CRITICAL, NULL };
  2645. ZeroMemory(pext, sizeof(*pext));
  2646. ZeroMemory(&bc2i, sizeof(bc2i));
  2647. myInfClearError();
  2649. pext->fCritical = TRUE; // default value for both INF and default cases
  2650. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  2651. {
  2652. if (!fDefault)
  2653. {
  2654. hr = E_HANDLE;
  2655. _JumpError2(hr, error, "hInf", hr);
  2656. }
  2657. }
  2658. else
  2659. {
  2660. hr = infSetupFindFirstLine(
  2661. hInf,
  2662. wszINFSECTION_BASICCONSTRAINTS,
  2663. NULL, // pwszKey
  2664. FALSE, // fUniqueKey
  2665. 0, // cValueMax
  2666. s_apwszKeys,
  2667. TRUE, // fUniqueValidKeys
  2668. &InfContext);
  2669. if (S_OK != hr)
  2670. {
  2671. if (!fDefault)
  2672. {
  2673. _JumpErrorStr3(
  2674. hr,
  2675. error,
  2676. "infSetupFindFirstLine",
  2677. wszINFSECTION_BASICCONSTRAINTS,
  2678. S_FALSE,
  2679. (HRESULT) ERROR_LINE_NOT_FOUND);
  2680. }
  2681. }
  2682. else
  2683. {
  2684. hr = infGetCriticalFlag(
  2685. hInf,
  2686. wszINFSECTION_BASICCONSTRAINTS,
  2687. pext->fCritical, // fDefault
  2688. &pext->fCritical);
  2689. _JumpIfError(hr, error, "infGetCriticalFlag");
  2691. bc2i.fPathLenConstraint = TRUE;
  2692. hr = myInfGetNumericKeyValue(
  2693. hInf,
  2694. TRUE, // fLog
  2695. wszINFSECTION_BASICCONSTRAINTS,
  2696. wszINFKEY_PATHLENGTH,
  2697. 1,
  2698. TRUE, // fLastValue
  2699. &bc2i.dwPathLenConstraint);
  2700. if (S_OK != hr)
  2701. {
  2702. _PrintErrorStr2(
  2703. hr,
  2704. "myInfGetNumericKeyValue",
  2705. wszINFKEY_PATHLENGTH,
  2706. ERROR_LINE_NOT_FOUND);
  2707. if ((HRESULT) ERROR_LINE_NOT_FOUND != hr)
  2708. {
  2709. goto error;
  2710. }
  2711. bc2i.dwPathLenConstraint = 0;
  2712. bc2i.fPathLenConstraint = FALSE;
  2713. }
  2714. }
  2715. }
  2716. bc2i.fCA = TRUE;
  2718. if (!myEncodeObject(
  2719. X509_ASN_ENCODING,
  2720. X509_BASIC_CONSTRAINTS2,
  2721. &bc2i,
  2722. 0,
  2723. CERTLIB_USE_LOCALALLOC,
  2724. &pext->Value.pbData,
  2725. &pext->Value.cbData))
  2726. {
  2727. hr = myHLastError();
  2728. _JumpError(hr, error, "myEncodeObject");
  2729. }
  2730. hr = S_OK;
  2732. error:
  2733. if (S_OK != hr)
  2734. {
  2735. INFSETERROR(hr, wszINFSECTION_BASICCONSTRAINTS, NULL, NULL);
  2736. }
  2737. pext->pszObjId = szOID_BASIC_CONSTRAINTS2; // on error, too!
  2738. DBGPRINT((
  2739. DBG_SS_CERTLIBI,
  2740. "myInfGetBasicConstraints2CAExtension hr=%x --> f=%d, cb=%x\n",
  2741. hr,
  2742. pext->fCritical,
  2743. pext->Value.cbData));
  2744. return(hr);
  2745. }
  2747. //+--------------------------------------------------------------------------
  2748. // myInfGetBasicConstraints2CAExtension -- fetch basic constraints extension
  2749. // from INF file, setting the SubjectType flag to CA
  2750. //
  2751. // [BasicConstraintsExtension]
  2752. // ; Subject Type is not supported -- always set to CA
  2753. // ; maximum subordinate CA path length
  2754. // PathLength = 3
  2755. //
  2756. // Return S_OK if extension has been constructed from INF file.
  2757. //
  2758. // Returns: encoded basic constraints extension
  2759. //+--------------------------------------------------------------------------
  2761. FNMYINFGETEXTENSION myInfGetBasicConstraints2CAExtension;
  2763. HRESULT
  2764. myInfGetBasicConstraints2CAExtension(
  2765. IN HINF hInf,
  2766. OUT CERT_EXTENSION *pext)
  2767. {
  2768. HRESULT hr;
  2770. hr = infGetBasicConstraints2CAExtension(FALSE, hInf, pext);
  2771. _JumpIfError3(
  2772. hr,
  2773. error,
  2774. "infGetBasicConstraints2CAExtension",
  2775. S_FALSE,
  2776. (HRESULT) ERROR_LINE_NOT_FOUND);
  2778. error:
  2779. return(hr);
  2780. }
  2783. FNMYINFGETEXTENSION myInfGetBasicConstraints2CAExtensionOrDefault;
  2785. HRESULT
  2786. myInfGetBasicConstraints2CAExtensionOrDefault(
  2787. IN HINF hInf,
  2788. OUT CERT_EXTENSION *pext)
  2789. {
  2790. HRESULT hr;
  2792. hr = infGetBasicConstraints2CAExtension(TRUE, hInf, pext);
  2793. _JumpIfError(hr, error, "infGetBasicConstraints2CAExtension");
  2795. error:
  2796. return(hr);
  2797. }
  2800. //+--------------------------------------------------------------------------
  2801. // myInfGetEnhancedKeyUsageExtension -- fetch EKU extension from INF file
  2802. //
  2803. // [EnhancedKeyUsageExtension]
  2804. // OID = 1.2.3.4.5
  2805. // OID = 1.2.3.4.6
  2806. //
  2807. // Return S_OK if extension has been constructed from INF file.
  2808. // Return S_FALSE if empty section detected in INF file
  2809. // Return other error if no section detected in INF file
  2810. //
  2811. // Returns: encoded enhanced key usage extension
  2812. //+--------------------------------------------------------------------------
  2814. FNMYINFGETEXTENSION myInfGetEnhancedKeyUsageExtension;
  2816. HRESULT
  2817. myInfGetEnhancedKeyUsageExtension(
  2818. IN HINF hInf,
  2819. OUT CERT_EXTENSION *pext)
  2820. {
  2821. HRESULT hr;
  2822. DWORD i;
  2823. DWORD cEKU = 0;
  2824. WCHAR *pwszzEKU = NULL;
  2825. WCHAR *pwszCurrentEKU;
  2826. CERT_ENHKEY_USAGE ceku;
  2828. ceku.rgpszUsageIdentifier = NULL;
  2829. ceku.cUsageIdentifier = 0;
  2830. ZeroMemory(pext, sizeof(*pext));
  2831. myInfClearError();
  2833. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  2834. {
  2835. hr = E_HANDLE;
  2836. _JumpError2(hr, error, "hInf", hr);
  2837. }
  2838. hr = myInfGetEnhancedKeyUsage(hInf, &pext->fCritical, &pwszzEKU);
  2839. _JumpIfError3(
  2840. hr,
  2841. error,
  2842. "myInfGetEnhancedKeyUsage",
  2843. S_FALSE,
  2844. (HRESULT) ERROR_LINE_NOT_FOUND);
  2846. pwszCurrentEKU = pwszzEKU;
  2847. if (NULL != pwszCurrentEKU)
  2848. {
  2849. while (L'\0' != *pwszCurrentEKU)
  2850. {
  2851. cEKU++;
  2852. pwszCurrentEKU += wcslen(pwszCurrentEKU) + 1;
  2853. }
  2854. }
  2855. if (0 == cEKU)
  2856. {
  2857. hr = S_FALSE;
  2858. goto error;
  2859. }
  2861. ceku.cUsageIdentifier = cEKU;
  2862. ceku.rgpszUsageIdentifier = (char **) LocalAlloc(
  2863. LMEM_FIXED | LMEM_ZEROINIT,
  2864. sizeof(ceku.rgpszUsageIdentifier[0]) * cEKU);
  2865. if (NULL == ceku.rgpszUsageIdentifier)
  2866. {
  2867. hr = E_OUTOFMEMORY;
  2868. _JumpIfError(hr, error, "LocalAlloc");
  2869. }
  2871. cEKU = 0;
  2872. pwszCurrentEKU = pwszzEKU;
  2873. while (L'\0' != *pwszCurrentEKU)
  2874. {
  2875. if (!ConvertWszToSz(&ceku.rgpszUsageIdentifier[cEKU], pwszCurrentEKU, -1))
  2876. {
  2877. hr = E_OUTOFMEMORY;
  2878. _JumpError(hr, error, "ConvertWszToSz");
  2879. }
  2880. cEKU++;
  2881. pwszCurrentEKU += wcslen(pwszCurrentEKU) + 1;
  2882. }
  2883. CSASSERT(ceku.cUsageIdentifier == cEKU);
  2885. if (!myEncodeObject(
  2886. X509_ASN_ENCODING,
  2887. X509_ENHANCED_KEY_USAGE,
  2888. &ceku,
  2889. 0,
  2890. CERTLIB_USE_LOCALALLOC,
  2891. &pext->Value.pbData,
  2892. &pext->Value.cbData))
  2893. {
  2894. hr = myHLastError();
  2895. _JumpIfError(hr, error, "myEncodeObject");
  2896. }
  2898. error:
  2899. if (S_OK != hr && E_HANDLE != hr)
  2900. {
  2901. INFSETERROR(hr, wszINFSECTION_EKU, NULL, NULL);
  2902. }
  2903. pext->pszObjId = szOID_ENHANCED_KEY_USAGE; // on error, too!
  2904. DBGPRINT((
  2905. DBG_SS_CERTLIBI,
  2906. "myInfGetEnhancedKeyUsageExtension hr=%x --> f=%d, cb=%x\n",
  2907. hr,
  2908. pext->fCritical,
  2909. pext->Value.cbData));
  2910. if (NULL != ceku.rgpszUsageIdentifier)
  2911. {
  2912. for (i = 0; i < ceku.cUsageIdentifier; i++)
  2913. {
  2914. if (NULL != ceku.rgpszUsageIdentifier[i])
  2915. {
  2916. LocalFree(ceku.rgpszUsageIdentifier[i]);
  2917. }
  2918. }
  2919. LocalFree(ceku.rgpszUsageIdentifier);
  2920. }
  2921. if (NULL != pwszzEKU)
  2922. {
  2923. LocalFree(pwszzEKU);
  2924. }
  2925. return(hr);
  2926. }
  2929. HRESULT
  2930. infAddAttribute(
  2931. IN CRYPT_ATTR_BLOB const *pAttribute,
  2932. IN OUT DWORD *pcAttribute,
  2933. IN OUT CRYPT_ATTR_BLOB **ppaAttribute)
  2934. {
  2935. HRESULT hr;
  2936. CRYPT_ATTR_BLOB *pAttribT;
  2938. if (NULL == *ppaAttribute)
  2939. {
  2940. CSASSERT(0 == *pcAttribute);
  2941. pAttribT = (CRYPT_ATTR_BLOB *) LocalAlloc(
  2942. LMEM_FIXED,
  2943. sizeof(**ppaAttribute));
  2944. }
  2945. else
  2946. {
  2947. CSASSERT(0 != *pcAttribute);
  2948. pAttribT = (CRYPT_ATTR_BLOB *) LocalReAlloc(
  2949. *ppaAttribute,
  2950. (*pcAttribute + 1) * sizeof(**ppaAttribute),
  2951. LMEM_MOVEABLE);
  2952. }
  2953. if (NULL == pAttribT)
  2954. {
  2955. hr = E_OUTOFMEMORY;
  2956. _JumpError(
  2957. hr,
  2958. error,
  2959. NULL == *ppaAttribute? "LocalAlloc" : "LocalReAlloc");
  2960. }
  2961. *ppaAttribute = pAttribT;
  2962. pAttribT[(*pcAttribute)++] = *pAttribute;
  2963. hr = S_OK;
  2965. error:
  2966. return(hr);
  2967. }
  2970. VOID
  2971. myInfFreeRequestAttributes(
  2972. IN DWORD cAttribute,
  2973. IN OUT CRYPT_ATTR_BLOB *paAttribute)
  2974. {
  2975. if (NULL != paAttribute)
  2976. {
  2977. DWORD i;
  2979. for (i = 0; i < cAttribute; i++)
  2980. {
  2981. if (NULL != paAttribute[i].pbData)
  2982. {
  2983. LocalFree(paAttribute[i].pbData);
  2984. }
  2985. }
  2986. LocalFree(paAttribute);
  2987. }
  2988. }
  2991. //+------------------------------------------------------------------------
  2992. // myInfGetRequestAttributes -- fetch request attributes from INF file
  2993. //
  2994. // [RequestAttributes]
  2995. // AttributeName1 = AttributeValue1
  2996. // AttributeName2 = AttributeValue2
  2997. // ...
  2998. // AttributeNameN = AttributeValueN
  2999. //
  3000. // Returns: array of encoded attribute blobs
  3001. //-------------------------------------------------------------------------
  3003. HRESULT
  3004. myInfGetRequestAttributes(
  3005. IN HINF hInf,
  3006. OUT DWORD *pcAttribute,
  3007. OUT CRYPT_ATTR_BLOB **ppaAttribute,
  3008. OUT WCHAR **ppwszTemplateName)
  3009. {
  3010. HRESULT hr;
  3011. INFCONTEXT InfContext;
  3012. WCHAR *pwszName = NULL;
  3013. WCHAR *pwszValue = NULL;
  3014. DWORD cAttribute = 0;
  3015. CRYPT_ATTR_BLOB Attribute;
  3016. WCHAR *pwszTemplateName = NULL;
  3018. *ppwszTemplateName = NULL;
  3019. *pcAttribute = 0;
  3020. *ppaAttribute = NULL;
  3021. Attribute.pbData = NULL;
  3022. myInfClearError();
  3024. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  3025. {
  3026. hr = E_HANDLE;
  3027. _JumpError2(hr, error, "hInf", hr);
  3028. }
  3029. hr = infSetupFindFirstLine(
  3030. hInf,
  3031. wszINFSECTION_REQUESTATTRIBUTES,
  3032. NULL, // pwszKey
  3033. FALSE, // fUniqueKey
  3034. 0, // cValueMax
  3035. NULL, // apwszKeys
  3036. FALSE, // fUniqueValidKeys
  3037. &InfContext);
  3038. _JumpIfErrorStr2(
  3039. hr,
  3040. error,
  3041. "infSetupFindFirstLine",
  3042. wszINFSECTION_REQUESTATTRIBUTES,
  3043. ERROR_LINE_NOT_FOUND);
  3045. for (;;)
  3046. {
  3047. CRYPT_ENROLLMENT_NAME_VALUE_PAIR NamePair;
  3049. if (NULL != pwszName)
  3050. {
  3051. LocalFree(pwszName);
  3052. pwszName = NULL;
  3053. }
  3054. if (NULL != pwszValue)
  3055. {
  3056. LocalFree(pwszValue);
  3057. pwszValue = NULL;
  3058. }
  3059. hr = infGetCurrentKeyValue(
  3060. &InfContext,
  3061. wszINFSECTION_REQUESTATTRIBUTES,
  3062. NULL, // pwszKey
  3063. 0,
  3064. FALSE, // fLastValue
  3065. &pwszName);
  3066. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  3068. hr = infGetCurrentKeyValue(
  3069. &InfContext,
  3070. wszINFSECTION_REQUESTATTRIBUTES,
  3071. pwszName,
  3072. 1,
  3073. TRUE, // fLastValue
  3074. &pwszValue);
  3075. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  3077. //wprintf(L"%ws = %ws\n", pwszName, pwszValue);
  3079. NamePair.pwszName = pwszName;
  3080. NamePair.pwszValue = pwszValue;
  3082. if (0 == LSTRCMPIS(pwszName, wszPROPCERTTEMPLATE))
  3083. {
  3084. if (NULL != pwszTemplateName)
  3085. {
  3086. hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
  3087. _JumpError(hr, error, "Duplicate cert template");
  3088. }
  3089. pwszTemplateName = pwszValue;
  3090. pwszValue = NULL;
  3091. }
  3093. if (!myEncodeObject(
  3094. X509_ASN_ENCODING,
  3095. // X509__ENROLLMENT_NAME_VALUE_PAIR
  3096. szOID_ENROLLMENT_NAME_VALUE_PAIR,
  3097. &NamePair,
  3098. 0,
  3099. CERTLIB_USE_LOCALALLOC,
  3100. &Attribute.pbData,
  3101. &Attribute.cbData))
  3102. {
  3103. hr = myHLastError();
  3104. _JumpError(hr, error, "myEncodeObject");
  3105. }
  3107. hr = infAddAttribute(&Attribute, &cAttribute, ppaAttribute);
  3108. _JumpIfError(hr, error, "infAddAttribute");
  3110. Attribute.pbData = NULL;
  3112. if (!SetupFindNextLine(&InfContext, &InfContext))
  3113. {
  3114. hr = myHLastError();
  3115. _PrintError2(hr, "SetupFindNextLine(end)", hr);
  3116. break;
  3117. }
  3118. }
  3119. *pcAttribute = cAttribute;
  3120. cAttribute = 0;
  3121. *ppwszTemplateName = pwszTemplateName;
  3122. pwszTemplateName = NULL;
  3124. hr = S_OK;
  3126. error:
  3127. if (S_OK != hr)
  3128. {
  3129. INFSETERROR(hr, wszINFSECTION_REQUESTATTRIBUTES, pwszName, pwszValue);
  3130. }
  3131. if (NULL != pwszName)
  3132. {
  3133. LocalFree(pwszName);
  3134. }
  3135. if (NULL != pwszValue)
  3136. {
  3137. LocalFree(pwszValue);
  3138. }
  3139. if (NULL != pwszTemplateName)
  3140. {
  3141. LocalFree(pwszTemplateName);
  3142. }
  3143. if (NULL != Attribute.pbData)
  3144. {
  3145. LocalFree(Attribute.pbData);
  3146. }
  3147. if (0 != cAttribute)
  3148. {
  3149. myInfFreeRequestAttributes(cAttribute, *ppaAttribute);
  3150. *ppaAttribute = NULL;
  3151. }
  3153. DBGPRINT((
  3154. DBG_SS_CERTLIBI,
  3155. "myInfGetRequestAttributes hr=%x --> c=%d\n",
  3156. hr,
  3157. *pcAttribute));
  3158. return(hr);
  3159. }
  3162. typedef struct _SUBTREEINFO
  3163. {
  3164. BOOL fEmptyDefault;
  3165. DWORD dwInfMinMaxIndexBase;
  3166. DWORD dwAltNameChoice;
  3167. WCHAR const *pwszKey;
  3168. } SUBTREEINFO;
  3170. SUBTREEINFO g_aSubTreeInfo[] = {
  3171. { TRUE, 2, CERT_ALT_NAME_OTHER_NAME, wszINFKEY_UPN },
  3172. { TRUE, 2, CERT_ALT_NAME_RFC822_NAME, wszINFKEY_EMAIL },
  3173. { TRUE, 2, CERT_ALT_NAME_DNS_NAME, wszINFKEY_DNS },
  3174. { TRUE, 2, CERT_ALT_NAME_DIRECTORY_NAME, wszINFKEY_DIRECTORYNAME },
  3175. { TRUE, 2, CERT_ALT_NAME_URL, wszINFKEY_URL },
  3176. { TRUE, 3, CERT_ALT_NAME_IP_ADDRESS, wszINFKEY_IPADDRESS },
  3177. { FALSE, 2, CERT_ALT_NAME_REGISTERED_ID, wszINFKEY_REGISTEREDID },
  3178. { FALSE, 3, CERT_ALT_NAME_OTHER_NAME, wszINFKEY_OTHERNAME },
  3179. };
  3180. #define CSUBTREEINFO ARRAYSIZE(g_aSubTreeInfo)
  3182. #define STII_OTHERNAMEUPN 0 // CERT_ALT_NAME_OTHER_NAME pOtherName
  3183. #define STII_RFC822NAME 1 // CERT_ALT_NAME_RFC822_NAME pwszRfc822Name
  3184. #define STII_DNSNAME 2 // CERT_ALT_NAME_DNS_NAME pwszDNSName
  3185. #define STII_DIRECTORYNAME 3 // CERT_ALT_NAME_DIRECTORY_NAME DirectoryName
  3186. #define STII_URL 4 // CERT_ALT_NAME_URL pwszURL
  3187. #define STII_IPADDRESS 5 // CERT_ALT_NAME_IP_ADDRESS IPAddress
  3188. #define STII_REGISTEREDID 6 // CERT_ALT_NAME_REGISTERED_ID pszRegisteredID
  3189. #define STII_OTHERNAMEOID 7 // CERT_ALT_NAME_OTHER_NAME pOtherName
  3192. VOID
  3193. infFreeGeneralSubTreeElement(
  3194. IN OUT CERT_GENERAL_SUBTREE *pSubTree)
  3195. {
  3196. CERT_ALT_NAME_ENTRY *pName = &pSubTree->Base;
  3197. VOID **ppv = NULL;
  3199. DBGPRINT((
  3200. DBG_SS_CERTLIBI,
  3201. "infFreeGeneralSubTreeElement: p=%x, choice=%x\n",
  3202. pSubTree,
  3203. pName->dwAltNameChoice));
  3204. switch (pName->dwAltNameChoice)
  3205. {
  3206. case CERT_ALT_NAME_OTHER_NAME:
  3207. ppv = (VOID **) &pName->pOtherName;
  3208. if (NULL != pName->pOtherName)
  3209. {
  3210. if (NULL != pName->pOtherName->Value.pbData)
  3211. {
  3212. DBGPRINT((
  3213. DBG_SS_CERTLIBI,
  3214. "infFreeGeneralSubTreeElement: p=%x, Free(other.pbData=%x)\n",
  3215. pSubTree,
  3216. pName->pOtherName->Value.pbData));
  3217. LocalFree(pName->pOtherName->Value.pbData);
  3218. }
  3219. if (NULL != pName->pOtherName->pszObjId)
  3220. {
  3221. DBGPRINT((
  3222. DBG_SS_CERTLIBI,
  3223. "infFreeGeneralSubTreeElement: p=%x, Free(other.pszObjId=%x)\n",
  3224. pSubTree,
  3225. pName->pOtherName->pszObjId));
  3226. LocalFree(pName->pOtherName->pszObjId);
  3227. }
  3228. }
  3229. break;
  3231. case CERT_ALT_NAME_RFC822_NAME:
  3232. ppv = (VOID **) &pName->pwszRfc822Name;
  3233. break;
  3235. case CERT_ALT_NAME_DNS_NAME:
  3236. ppv = (VOID **) &pName->pwszDNSName;
  3237. break;
  3239. case CERT_ALT_NAME_DIRECTORY_NAME:
  3240. ppv = (VOID **) &pName->DirectoryName.pbData;
  3241. break;
  3243. case CERT_ALT_NAME_URL:
  3244. ppv = (VOID **) &pName->pwszURL;
  3245. break;
  3247. case CERT_ALT_NAME_IP_ADDRESS:
  3248. ppv = (VOID **) &pName->IPAddress.pbData;
  3249. break;
  3251. case CERT_ALT_NAME_REGISTERED_ID:
  3252. ppv = (VOID **) &pName->pszRegisteredID;
  3253. break;
  3254. }
  3255. if (NULL != ppv && NULL != *ppv)
  3256. {
  3257. DBGPRINT((
  3258. DBG_SS_CERTLIBI,
  3259. "infFreeGeneralSubTreeElement: p=%x, Free(pv=%x)\n",
  3260. pSubTree,
  3261. *ppv));
  3262. LocalFree(*ppv);
  3263. }
  3264. }
  3267. VOID
  3268. infFreeGeneralSubTree(
  3269. IN DWORD cSubTree,
  3270. IN OUT CERT_GENERAL_SUBTREE *pSubTree)
  3271. {
  3272. if (NULL != pSubTree)
  3273. {
  3274. DWORD i;
  3276. DBGPRINT((
  3277. DBG_SS_CERTLIBI,
  3278. "infFreeGeneralSubTree: p=%x, c=%x\n",
  3279. pSubTree,
  3280. cSubTree));
  3281. for (i = 0; i < cSubTree; i++)
  3282. {
  3283. infFreeGeneralSubTreeElement(&pSubTree[i]);
  3284. }
  3285. LocalFree(pSubTree);
  3286. }
  3287. }
  3290. HRESULT
  3291. infParseIPAddressAndMask(
  3292. IN WCHAR const *pwszIPAddress,
  3293. IN WCHAR const *pwszIPAddressMask,
  3294. OUT BYTE **ppbData,
  3295. OUT DWORD *pcbData)
  3296. {
  3297. HRESULT hr;
  3298. BYTE ab[2 * CB_IPV6ADDRESS];
  3299. DWORD cb;
  3300. DWORD cbAddress;
  3301. DWORD cbMask=0;
  3302. WCHAR const *pwszValue = pwszIPAddress;
  3304. *ppbData = NULL;
  3305. *pcbData = 0;
  3307. // if pwszValue is an empty string, encode zero length blob.
  3309. cb = 0;
  3310. if (L'\0' != *pwszIPAddress && L'\0' != *pwszIPAddressMask)
  3311. {
  3312. cbAddress = sizeof(ab) / 2;
  3314. hr = myParseIPAddress(pwszIPAddress, ab, &cbAddress);
  3315. _JumpIfError(hr, error, "myParseIPAddress");
  3317. if (L'\0' != *pwszIPAddressMask)
  3318. {
  3319. cbMask = sizeof(ab) / 2;
  3320. pwszValue = pwszIPAddressMask;
  3321. hr = myParseIPAddress(pwszIPAddressMask, &ab[cbAddress], &cbMask);
  3322. _JumpIfError(hr, error, "infParseIPMask");
  3323. }
  3324. if (cbAddress != cbMask)
  3325. {
  3326. hr = E_INVALIDARG;
  3327. _JumpError(hr, error, "address and mask lengths differ");
  3328. }
  3329. cb = cbAddress + cbMask;
  3330. }
  3331. else if (L'\0' != *pwszIPAddress || L'\0' != *pwszIPAddressMask)
  3332. {
  3333. hr = E_INVALIDARG;
  3334. _JumpError(hr, error, "address or mask missing");
  3335. }
  3337. *ppbData = (BYTE *) LocalAlloc(LMEM_FIXED, cb);
  3338. if (NULL == *ppbData)
  3339. {
  3340. hr = E_OUTOFMEMORY;
  3341. _JumpError(hr, error, "LocalAlloc");
  3342. }
  3343. *pcbData = cb;
  3344. CopyMemory(*ppbData, ab, cb);
  3345. DBGDUMPHEX((
  3346. DBG_SS_CERTLIBI,
  3347. DH_NOADDRESS | DH_NOTABPREFIX | 8,
  3348. *ppbData,
  3349. *pcbData));
  3350. hr = S_OK;
  3352. error:
  3353. if (S_OK != hr)
  3354. {
  3355. INFSETERROR(hr, NULL, NULL, pwszValue);
  3356. }
  3357. return(hr);
  3358. }
  3361. HRESULT
  3362. infVerifySubtreeElement(
  3363. IN CERT_GENERAL_SUBTREE const *pSubTree)
  3364. {
  3365. HRESULT hr;
  3366. BYTE *pb = NULL;
  3367. DWORD cb;
  3368. CERT_NAME_CONSTRAINTS_INFO *pnci = NULL;
  3369. CERT_NAME_CONSTRAINTS_INFO nci;
  3371. ZeroMemory(&nci, sizeof(nci));
  3372. nci.cPermittedSubtree = 1;
  3373. nci.rgPermittedSubtree = const_cast<CERT_GENERAL_SUBTREE *>(pSubTree);
  3375. if (!myEncodeObject(
  3376. X509_ASN_ENCODING,
  3377. X509_NAME_CONSTRAINTS,
  3378. &nci,
  3379. 0,
  3380. CERTLIB_USE_LOCALALLOC,
  3381. &pb,
  3382. &cb))
  3383. {
  3384. hr = myHLastError();
  3385. _JumpError(hr, error, "myEncodeObject");
  3386. }
  3387. if (!myDecodeObject(
  3388. X509_ASN_ENCODING,
  3389. X509_NAME_CONSTRAINTS,
  3390. pb,
  3391. cb,
  3392. CERTLIB_USE_LOCALALLOC,
  3393. (VOID **) &pnci,
  3394. &cb))
  3395. {
  3396. hr = myHLastError();
  3397. _JumpError(hr, error, "myDecodeObject");
  3398. }
  3399. hr = S_OK;
  3401. error:
  3402. if (NULL != pb)
  3403. {
  3404. LocalFree(pb);
  3405. }
  3406. if (NULL != pnci)
  3407. {
  3408. LocalFree(pnci);
  3409. }
  3410. return(hr);
  3411. }
  3414. // [NameConstraintsPermitted]/[NameConstraintsExcluded]
  3415. // ; the numeric second and third arguments are optional
  3416. // ; when present, the second argument is the minimum depth
  3417. // ; when present, the third argument is the maximum depth
  3418. // ; The IETF recommends against specifying dwMinimum & dwMaximum
  3419. // DNS = [email protected]
  3420. // DNS = domain1.domain.com, 3, 6
  3422. HRESULT
  3423. infBuildSubTreeElement(
  3424. IN OUT INFCONTEXT *pInfContext,
  3425. OPTIONAL IN WCHAR const *pwszEmptyEntry, // NULL means read INF file
  3426. IN DWORD iSubTreeInfo,
  3427. OPTIONAL OUT CERT_GENERAL_SUBTREE *pSubTree)
  3428. {
  3429. HRESULT hr;
  3430. SUBTREEINFO const *pSubTreeInfo = &g_aSubTreeInfo[iSubTreeInfo];
  3431. CERT_GENERAL_SUBTREE SubTree;
  3432. WCHAR *pwszValueRead = NULL;
  3433. WCHAR *pwszValueRead2 = NULL;
  3434. WCHAR const *pwszValue = NULL;
  3435. WCHAR const *pwszValue2;
  3437. ZeroMemory(&SubTree, sizeof(SubTree));
  3438. if (NULL != pSubTree)
  3439. {
  3440. ZeroMemory(pSubTree, sizeof(*pSubTree));
  3441. }
  3443. // If pwszEmptyEntry is NULL, read the value from the INF file.
  3444. // Otherwise, encode the specified (empty string) value.
  3446. if (NULL == pwszEmptyEntry)
  3447. {
  3448. INT Value;
  3450. hr = infGetCurrentKeyValue(
  3451. pInfContext,
  3452. NULL, // pwszSection
  3453. NULL, // pwszKey
  3454. 1,
  3455. 2 == pSubTreeInfo->dwInfMinMaxIndexBase, // fLastValue
  3456. &pwszValueRead);
  3457. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  3459. pwszValue = pwszValueRead;
  3461. if (!SetupGetIntField(
  3462. pInfContext,
  3463. pSubTreeInfo->dwInfMinMaxIndexBase,
  3464. &Value))
  3465. {
  3466. hr = myHLastError();
  3467. _PrintError2(hr, "SetupGetIntField:2", hr);
  3469. Value = 0;
  3470. }
  3471. SubTree.dwMinimum = Value;
  3472. SubTree.fMaximum = TRUE;
  3474. if (!SetupGetIntField(
  3475. pInfContext,
  3476. pSubTreeInfo->dwInfMinMaxIndexBase + 1,
  3477. &Value))
  3478. {
  3479. hr = myHLastError();
  3480. _PrintError2(hr, "SetupGetIntField:3", hr);
  3482. Value = 0;
  3483. SubTree.fMaximum = FALSE;
  3484. }
  3485. SubTree.dwMaximum = Value;
  3486. }
  3487. else
  3488. {
  3489. pwszValue = pwszEmptyEntry;
  3490. }
  3492. SubTree.Base.dwAltNameChoice = pSubTreeInfo->dwAltNameChoice;
  3493. if (NULL != pSubTree)
  3494. {
  3495. WCHAR **ppwsz = NULL;
  3497. CSASSERT(CSUBTREEINFO > iSubTreeInfo);
  3498. switch (iSubTreeInfo)
  3499. {
  3500. case STII_OTHERNAMEUPN:
  3501. case STII_OTHERNAMEOID:
  3502. {
  3503. CERT_NAME_VALUE nameUpn;
  3505. SubTree.Base.pOtherName = (CERT_OTHER_NAME *) LocalAlloc(
  3506. LMEM_FIXED | LMEM_ZEROINIT,
  3507. sizeof(*SubTree.Base.pOtherName));
  3508. if (NULL == SubTree.Base.pOtherName)
  3509. {
  3510. hr = E_OUTOFMEMORY;
  3511. _JumpError(hr, error, "LocalAlloc");
  3512. }
  3513. if (STII_OTHERNAMEUPN == iSubTreeInfo)
  3514. {
  3515. hr = myDupStringA(
  3516. szOID_NT_PRINCIPAL_NAME,
  3517. &SubTree.Base.pOtherName->pszObjId);
  3518. _JumpIfError(hr, error, "myDupStringA");
  3520. nameUpn.dwValueType = CERT_RDN_UTF8_STRING;
  3521. nameUpn.Value.pbData = (BYTE *) pwszValue;
  3522. nameUpn.Value.cbData = 0;
  3524. if (!myEncodeObject(
  3525. X509_ASN_ENCODING,
  3526. X509_UNICODE_ANY_STRING,
  3527. &nameUpn,
  3528. 0,
  3529. CERTLIB_USE_LOCALALLOC,
  3530. &SubTree.Base.pOtherName->Value.pbData,
  3531. &SubTree.Base.pOtherName->Value.cbData))
  3532. {
  3533. hr = myHLastError();
  3534. _JumpError(hr, error, "myEncodeObject");
  3535. }
  3536. }
  3537. else
  3538. {
  3539. hr = myVerifyObjId(pwszValue);
  3540. _JumpIfErrorStr(hr, error, "myVerifyObjId", pwszValue);
  3542. if (!myConvertWszToSz(
  3543. &SubTree.Base.pOtherName->pszObjId,
  3544. pwszValue,
  3545. -1))
  3546. {
  3547. hr = E_OUTOFMEMORY;
  3548. _JumpError(hr, error, "ConvertWszToSz");
  3549. }
  3550. if (NULL == pwszEmptyEntry)
  3551. {
  3552. hr = infGetCurrentKeyValue(
  3553. pInfContext,
  3554. NULL, // pwszSection
  3555. NULL, // pwszKey
  3556. 2,
  3557. TRUE, // fLastValue
  3558. &pwszValueRead2);
  3559. _PrintIfError2(hr, "infGetCurrentKeyValue", hr);
  3561. pwszValue2 = pwszValueRead2;
  3562. }
  3563. else
  3564. {
  3565. pwszValue2 = pwszEmptyEntry;
  3566. }
  3567. if (NULL == pwszValue2 || L'\0' == *pwszValue2)
  3568. {
  3569. pwszValue2 = wszPROPOCTETTAG;
  3570. }
  3571. hr = myEncodeOtherNameBinary(
  3572. pwszValue2,
  3573. &SubTree.Base.pOtherName->Value.pbData,
  3574. &SubTree.Base.pOtherName->Value.cbData);
  3575. _JumpIfError(hr, error, "myEncodeOtherNameBinary");
  3576. }
  3577. DBGPRINT((
  3578. DBG_SS_CERTLIBI,
  3579. "infBuildSubTreeElement: p=%x, OtherName=%x,%x,%x\n",
  3580. pSubTree,
  3581. SubTree.Base.pOtherName,
  3582. SubTree.Base.pOtherName->pszObjId,
  3583. SubTree.Base.pOtherName->Value.pbData));
  3584. break;
  3585. }
  3587. case STII_RFC822NAME:
  3588. ppwsz = &SubTree.Base.pwszRfc822Name;
  3589. break;
  3591. case STII_DNSNAME:
  3592. ppwsz = &SubTree.Base.pwszDNSName;
  3593. break;
  3595. case STII_DIRECTORYNAME:
  3596. hr = myCertStrToName(
  3597. X509_ASN_ENCODING,
  3598. pwszValue, // pszX500
  3599. CERT_NAME_STR_REVERSE_FLAG,
  3600. NULL, // pvReserved
  3601. &SubTree.Base.DirectoryName.pbData,
  3602. &SubTree.Base.DirectoryName.cbData,
  3603. NULL); // ppszError
  3604. _JumpIfError(hr, error, "myCertStrToName");
  3606. DBGPRINT((
  3607. DBG_SS_CERTLIBI,
  3608. "infBuildSubTreeElement: p=%x, DirName=%x\n",
  3609. pSubTree,
  3610. SubTree.Base.DirectoryName.pbData));
  3611. break;
  3613. case STII_URL:
  3614. ppwsz = &SubTree.Base.pwszURL;
  3615. break;
  3617. case STII_IPADDRESS:
  3619. // convert INF string value to binary IP Address
  3621. if (NULL == pwszEmptyEntry)
  3622. {
  3623. hr = infGetCurrentKeyValue(
  3624. pInfContext,
  3625. NULL, // pwszSection
  3626. NULL, // pwszKey
  3627. 2,
  3628. TRUE, // fLastValue
  3629. &pwszValueRead2);
  3630. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  3632. pwszValue2 = pwszValueRead2;
  3633. }
  3634. else
  3635. {
  3636. pwszValue2 = pwszEmptyEntry;
  3637. }
  3639. hr = infParseIPAddressAndMask(
  3640. pwszValue,
  3641. pwszValue2,
  3642. &SubTree.Base.IPAddress.pbData,
  3643. &SubTree.Base.IPAddress.cbData);
  3644. _JumpIfError(hr, error, "infParseIPAddressAndMask");
  3646. DBGPRINT((
  3647. DBG_SS_CERTLIBI,
  3648. "infBuildSubTreeElement: p=%x, IPAddress=%x\n",
  3649. pSubTree,
  3650. SubTree.Base.IPAddress.pbData));
  3651. break;
  3653. case STII_REGISTEREDID:
  3654. if (!myConvertWszToSz(
  3655. &SubTree.Base.pszRegisteredID,
  3656. pwszValue,
  3657. -1))
  3658. {
  3659. hr = E_OUTOFMEMORY;
  3660. _JumpError(hr, error, "ConvertWszToSz");
  3661. }
  3662. DBGPRINT((
  3663. DBG_SS_CERTLIBI,
  3664. "infBuildSubTreeElement: p=%x, psz=%x\n",
  3665. pSubTree,
  3666. SubTree.Base.pszRegisteredID));
  3667. break;
  3669. }
  3670. if (NULL != ppwsz)
  3671. {
  3672. hr = myDupString(pwszValue, ppwsz);
  3673. _JumpIfError(hr, error, "myDupString");
  3675. DBGPRINT((
  3676. DBG_SS_CERTLIBI,
  3677. "infBuildSubTreeElement: p=%x, pwsz=%x\n",
  3678. pSubTree,
  3679. *ppwsz));
  3680. }
  3681. hr = infVerifySubtreeElement(&SubTree);
  3682. _JumpIfErrorStr(hr, error, "infVerifySubTreeElement", pSubTreeInfo->pwszKey);
  3684. *pSubTree = SubTree;
  3685. ZeroMemory(&SubTree, sizeof(SubTree));
  3686. }
  3687. hr = S_OK;
  3689. error:
  3690. if (S_OK != hr)
  3691. {
  3692. INFSETERROR(hr, NULL, NULL, pwszValue);
  3693. }
  3694. infFreeGeneralSubTreeElement(&SubTree);
  3695. if (NULL != pwszValueRead)
  3696. {
  3697. LocalFree(pwszValueRead);
  3698. }
  3699. if (NULL != pwszValueRead2)
  3700. {
  3701. LocalFree(pwszValueRead2);
  3702. }
  3703. return(hr);
  3704. }
  3707. HRESULT
  3708. infGetGeneralSubTreeByType(
  3709. IN HINF hInf,
  3710. IN WCHAR const *pwszSection,
  3711. OPTIONAL IN WCHAR const *pwszEmptyEntry,
  3712. IN DWORD iSubTreeInfo,
  3713. IN OUT DWORD *pcName,
  3714. OPTIONAL OUT CERT_GENERAL_SUBTREE *pSubTree)
  3715. {
  3716. HRESULT hr;
  3717. SUBTREEINFO const *pSubTreeInfo = &g_aSubTreeInfo[iSubTreeInfo];
  3718. INFCONTEXT InfContext;
  3719. DWORD iName;
  3720. DWORD cName = MAXDWORD;
  3721. BOOL fIgnore = FALSE;
  3723. if (NULL == pSubTree)
  3724. {
  3725. *pcName = 0;
  3726. }
  3727. else
  3728. {
  3729. cName = *pcName;
  3730. }
  3732. // If pwszEmptyEntry is NULL, read the value from the INF file.
  3733. // Otherwise, encode the specified (empty string) value.
  3735. if (!SetupFindFirstLine(
  3736. hInf,
  3737. pwszSection,
  3738. pSubTreeInfo->pwszKey,
  3739. &InfContext))
  3740. {
  3741. hr = myHLastError();
  3742. _PrintErrorStr2(
  3743. hr,
  3744. "SetupFindFirstLine",
  3745. pwszSection,
  3746. ERROR_LINE_NOT_FOUND);
  3748. // INF file entry does not exist. Create an empty name constraints
  3749. // entry only if asked to do so (if pwszEmptyEntry is non-NULL).
  3751. if (NULL == pwszEmptyEntry)
  3752. {
  3753. fIgnore = (HRESULT) ERROR_LINE_NOT_FOUND == hr;
  3754. goto error;
  3755. }
  3756. }
  3757. else
  3758. {
  3759. // INF file entry exists; don't create an empty name constraints entry.
  3761. pwszEmptyEntry = NULL;
  3762. }
  3764. for (iName = 0; ; )
  3765. {
  3766. CSASSERT(NULL == pSubTree || iName < cName);
  3767. hr = infBuildSubTreeElement(
  3768. &InfContext,
  3769. pwszEmptyEntry,
  3770. iSubTreeInfo,
  3771. pSubTree);
  3772. _JumpIfErrorStr(hr, error, "infBuildSubTreeElement", pSubTreeInfo->pwszKey);
  3773. DBGPRINT((
  3774. DBG_SS_CERTLIBI,
  3775. "infBuildSubTreeElement: &p[%u]=%x, type=%ws\n",
  3776. iName,
  3777. pSubTree,
  3778. pSubTreeInfo->pwszKey));
  3779. iName++;
  3780. if (NULL != pSubTree)
  3781. {
  3782. pSubTree++;
  3783. }
  3785. if (NULL == pwszEmptyEntry)
  3786. {
  3787. hr = infFindNextKey(pSubTreeInfo->pwszKey, &InfContext);
  3788. }
  3789. else
  3790. {
  3791. hr = S_FALSE;
  3792. }
  3793. if (S_FALSE == hr)
  3794. {
  3795. break;
  3796. }
  3797. _JumpIfErrorStr(hr, error, "infFindNextKey", pSubTreeInfo->pwszKey);
  3798. }
  3799. DBGPRINT((
  3800. DBG_SS_CERTLIBI,
  3801. "infGetGeneralSubTreeByType: i=%x, c=%x\n",
  3802. iName,
  3803. cName));
  3804. CSASSERT(NULL == pSubTree || iName <= cName);
  3805. *pcName = iName;
  3806. hr = S_OK;
  3808. error:
  3809. if (S_OK != hr && !fIgnore)
  3810. {
  3811. INFSETERROR(hr, pwszSection, pSubTreeInfo->pwszKey, NULL);
  3812. }
  3813. return(hr);
  3814. }
  3817. HRESULT
  3818. infGetGeneralSubTree(
  3819. IN HINF hInf,
  3820. IN WCHAR const *pwszSection,
  3821. IN WCHAR const *pwszKey, // key value is sub-section name
  3822. OPTIONAL IN WCHAR const *pwszEmptyEntry,
  3823. OUT DWORD *pcSubTree,
  3824. OUT CERT_GENERAL_SUBTREE **ppSubTree)
  3825. {
  3826. HRESULT hr;
  3827. WCHAR *pwszSubTreeSection = NULL;
  3828. DWORD cSubTree = 0;
  3829. CERT_GENERAL_SUBTREE *rgSubTree = NULL;
  3830. CERT_GENERAL_SUBTREE *pSubTree;
  3831. DWORD iSubTreeInfo;
  3832. DWORD count;
  3833. DWORD cRemain;
  3834. SUBTREEINFO const *pSubTreeInfo;
  3835. INFCONTEXT InfContext;
  3836. static WCHAR const * const s_apwszKeys[] =
  3837. {
  3838. wszINFKEY_UPN,
  3839. wszINFKEY_EMAIL,
  3840. wszINFKEY_DNS,
  3841. wszINFKEY_DIRECTORYNAME,
  3842. wszINFKEY_URL,
  3843. wszINFKEY_IPADDRESS,
  3844. wszINFKEY_REGISTEREDID,
  3845. wszINFKEY_OTHERNAME,
  3846. NULL
  3847. };
  3849. *pcSubTree = 0;
  3850. *ppSubTree = NULL;
  3852. CSASSERT(NULL != hInf && INVALID_HANDLE_VALUE != hInf);
  3854. hr = myInfGetKeyValue(
  3855. hInf,
  3856. TRUE, // fLog
  3857. pwszSection,
  3858. pwszKey,
  3859. 1,
  3860. TRUE, // fLastValue
  3861. &pwszSubTreeSection);
  3862. _JumpIfErrorStr2(
  3863. hr,
  3864. error,
  3865. "myInfGetKeyValue",
  3866. pwszKey,
  3867. ERROR_LINE_NOT_FOUND);
  3869. hr = infSetupFindFirstLine(
  3870. hInf,
  3871. pwszSubTreeSection,
  3872. NULL, // pwszKey
  3873. FALSE, // fUniqueKey
  3874. 0, // cValueMax
  3875. s_apwszKeys,
  3876. FALSE, // fUniqueValidKeys
  3877. &InfContext);
  3879. // if S_FALSE is returned if the section is empty. In this case,
  3880. // allow execution to continue, to fill in the empty permitted names.
  3882. if (S_OK != hr &&
  3883. S_FALSE != hr)
  3884. {
  3885. if ((HRESULT) ERROR_LINE_NOT_FOUND == hr)
  3886. {
  3887. hr = SPAPI_E_LINE_NOT_FOUND; // don't ignore this error
  3888. }
  3889. INFSETERROR(hr, pwszSubTreeSection, L"", L"");
  3890. _JumpErrorStr(hr, error, "infSetupFindFirstLine", pwszSubTreeSection);
  3891. }
  3893. for (iSubTreeInfo = 0; iSubTreeInfo < CSUBTREEINFO; iSubTreeInfo++)
  3894. {
  3895. pSubTreeInfo = &g_aSubTreeInfo[iSubTreeInfo];
  3897. hr = infGetGeneralSubTreeByType(
  3898. hInf,
  3899. pwszSubTreeSection,
  3900. pSubTreeInfo->fEmptyDefault? pwszEmptyEntry : NULL,
  3901. iSubTreeInfo,
  3902. &count,
  3903. NULL);
  3904. DBGPRINT((
  3905. DBG_SS_CERTLIBI,
  3906. "infGetGeneralSubTreeByType(%ws, %ws, NULL) -> hr=%x, c=%x\n",
  3907. pwszSubTreeSection,
  3908. pSubTreeInfo->pwszKey,
  3909. hr,
  3910. count));
  3911. if (S_OK != hr)
  3912. {
  3913. _PrintErrorStr2(
  3914. hr,
  3915. "infGetGeneralSubTreeByType",
  3916. pSubTreeInfo->pwszKey,
  3917. ERROR_LINE_NOT_FOUND);
  3918. if ((HRESULT) ERROR_LINE_NOT_FOUND != hr)
  3919. {
  3920. _JumpErrorStr(
  3921. hr,
  3922. error,
  3923. "infGetGeneralSubTreeByType",
  3924. pSubTreeInfo->pwszKey);
  3925. }
  3926. count = 0;
  3927. }
  3928. cSubTree += count;
  3929. }
  3930. if (0 == cSubTree)
  3931. {
  3932. hr = SPAPI_E_LINE_NOT_FOUND; // don't ignore this error
  3933. INFSETERROR(hr, pwszSubTreeSection, L"", L"");
  3934. _JumpErrorStr(hr, error, "infSetupFindFirstLine", pwszSubTreeSection);
  3935. }
  3936. rgSubTree = (CERT_GENERAL_SUBTREE *) LocalAlloc(
  3937. LMEM_FIXED | LMEM_ZEROINIT,
  3938. cSubTree * sizeof(rgSubTree[0]));
  3939. if (NULL == rgSubTree)
  3940. {
  3941. hr = E_OUTOFMEMORY;
  3942. _JumpError(hr, error, "LocalAlloc");
  3943. }
  3944. DBGPRINT((
  3945. DBG_SS_CERTLIBI,
  3946. "infGetGeneralSubTree: rg=%x, total=%x\n",
  3947. rgSubTree,
  3948. cSubTree));
  3950. pSubTree = rgSubTree;
  3951. cRemain = cSubTree;
  3952. for (iSubTreeInfo = 0; iSubTreeInfo < CSUBTREEINFO; iSubTreeInfo++)
  3953. {
  3954. pSubTreeInfo = &g_aSubTreeInfo[iSubTreeInfo];
  3955. count = cRemain;
  3956. hr = infGetGeneralSubTreeByType(
  3957. hInf,
  3958. pwszSubTreeSection,
  3959. pSubTreeInfo->fEmptyDefault? pwszEmptyEntry : NULL,
  3960. iSubTreeInfo,
  3961. &count,
  3962. pSubTree);
  3963. DBGPRINT((
  3964. DBG_SS_CERTLIBI,
  3965. "infGetGeneralSubTreeByType(%ws, %ws, &p[%x]=%x) -> hr=%x, c=%x\n",
  3966. pwszSubTreeSection,
  3967. pSubTreeInfo->pwszKey,
  3968. SAFE_SUBTRACT_POINTERS(pSubTree, rgSubTree),
  3969. pSubTree,
  3970. hr,
  3971. count));
  3972. if (S_OK != hr)
  3973. {
  3974. _PrintErrorStr2(
  3975. hr,
  3976. "infGetGeneralSubTreeByType",
  3977. pSubTreeInfo->pwszKey,
  3978. ERROR_LINE_NOT_FOUND);
  3979. if ((HRESULT) ERROR_LINE_NOT_FOUND != hr)
  3980. {
  3981. _JumpErrorStr(
  3982. hr,
  3983. error,
  3984. "infGetGeneralSubTreeByType",
  3985. pSubTreeInfo->pwszKey);
  3986. }
  3987. if (0 < cRemain)
  3988. {
  3989. ZeroMemory(pSubTree, sizeof(*pSubTree));
  3990. }
  3991. count = 0;
  3992. }
  3993. cRemain -= count;
  3994. pSubTree += count;
  3995. }
  3996. CSASSERT(0 == cRemain);
  3997. *pcSubTree = cSubTree;
  3998. *ppSubTree = rgSubTree;
  3999. rgSubTree = NULL;
  4000. hr = S_OK;
  4002. error:
  4003. if (S_OK != hr)
  4004. {
  4005. INFSETERROR(hr, pwszSection, pwszKey, pwszSubTreeSection);
  4006. }
  4007. if (NULL != pwszSubTreeSection)
  4008. {
  4009. LocalFree(pwszSubTreeSection);
  4010. }
  4011. if (NULL != rgSubTree)
  4012. {
  4013. infFreeGeneralSubTree(cSubTree, rgSubTree);
  4014. }
  4015. return(hr);
  4016. }
  4019. //+------------------------------------------------------------------------
  4020. // myInfGetNameConstraintsExtension -- fetch name constraints extension from INF file
  4021. //
  4022. // [NameConstraintsExtension]
  4023. // Include = NameConstraintsPermitted
  4024. // Exclude = NameConstraintsExcluded
  4025. //
  4026. // [NameConstraintsPermitted]
  4027. // ; the numeric second and third arguments are optional
  4028. // ; when present, the second argument is the minimum depth
  4029. // ; when present, the third argument is the maximum depth
  4030. // ; The IETF recommends against specifying dwMinimum & dwMaximum
  4031. // DNS = [email protected]
  4032. // DNS = domain1.domain.com, 3, 6
  4033. //
  4034. // [NameConstraintsExcluded]
  4035. // DNS = domain.com
  4036. // DNS = domain2.com
  4037. //
  4038. // Returns: encoded name constraints extension
  4039. //-------------------------------------------------------------------------
  4041. FNMYINFGETEXTENSION myInfGetNameConstraintsExtension;
  4043. HRESULT
  4044. myInfGetNameConstraintsExtension(
  4045. IN HINF hInf,
  4046. OUT CERT_EXTENSION *pext)
  4047. {
  4048. HRESULT hr;
  4049. WCHAR const *pwszKey = NULL;
  4050. CERT_NAME_CONSTRAINTS_INFO NameConstraints;
  4051. INFCONTEXT InfContext;
  4052. static WCHAR const * const s_apwszKeys[] =
  4053. { wszINFKEY_EXCLUDE, wszINFKEY_INCLUDE, wszINFKEY_CRITICAL, NULL };
  4055. ZeroMemory(&NameConstraints, sizeof(NameConstraints));
  4056. ZeroMemory(pext, sizeof(*pext));
  4057. myInfClearError();
  4059. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  4060. {
  4061. hr = E_HANDLE;
  4062. _JumpError2(hr, error, "hInf", hr);
  4063. }
  4064. hr = infSetupFindFirstLine(
  4065. hInf,
  4066. wszINFSECTION_NAMECONSTRAINTS,
  4067. NULL, // pwszKey
  4068. FALSE, // fUniqueKey
  4069. 0, // cValueMax
  4070. s_apwszKeys,
  4071. TRUE, // fUniqueValidKeys
  4072. &InfContext);
  4073. _JumpIfErrorStr2(
  4074. hr,
  4075. error,
  4076. "infSetupFindFirstLine",
  4077. wszINFSECTION_NAMECONSTRAINTS,
  4078. ERROR_LINE_NOT_FOUND);
  4080. pwszKey = wszINFKEY_INCLUDE;
  4081. hr = infGetGeneralSubTree(
  4082. hInf,
  4083. wszINFSECTION_NAMECONSTRAINTS,
  4084. pwszKey,
  4085. L"",
  4086. &NameConstraints.cPermittedSubtree,
  4087. &NameConstraints.rgPermittedSubtree);
  4088. _PrintIfErrorStr2(
  4089. hr,
  4090. "infGetGeneralSubTree",
  4091. pwszKey,
  4092. ERROR_LINE_NOT_FOUND);
  4093. if (S_OK != hr && (HRESULT) ERROR_LINE_NOT_FOUND != hr)
  4094. {
  4095. goto error;
  4096. }
  4098. pwszKey = wszINFKEY_EXCLUDE;
  4099. hr = infGetGeneralSubTree(
  4100. hInf,
  4101. wszINFSECTION_NAMECONSTRAINTS,
  4102. pwszKey,
  4103. NULL,
  4104. &NameConstraints.cExcludedSubtree,
  4105. &NameConstraints.rgExcludedSubtree);
  4106. _PrintIfErrorStr2(
  4107. hr,
  4108. "infGetGeneralSubTree",
  4109. pwszKey,
  4110. ERROR_LINE_NOT_FOUND);
  4111. if (S_OK != hr && (HRESULT) ERROR_LINE_NOT_FOUND != hr)
  4112. {
  4113. goto error;
  4114. }
  4115. pwszKey = NULL;
  4117. if (NULL == NameConstraints.rgPermittedSubtree &&
  4118. NULL == NameConstraints.rgExcludedSubtree)
  4119. {
  4120. hr = S_FALSE;
  4121. _JumpError2(hr, error, "no data", hr);
  4122. }
  4123. hr = infGetCriticalFlag(
  4124. hInf,
  4125. wszINFSECTION_NAMECONSTRAINTS,
  4126. FALSE,
  4127. &pext->fCritical);
  4128. _JumpIfError(hr, error, "infGetCriticalFlag");
  4130. if (!myEncodeObject(
  4131. X509_ASN_ENCODING,
  4132. X509_NAME_CONSTRAINTS,
  4133. &NameConstraints,
  4134. 0,
  4135. CERTLIB_USE_LOCALALLOC,
  4136. &pext->Value.pbData,
  4137. &pext->Value.cbData))
  4138. {
  4139. hr = myHLastError();
  4140. _JumpError(hr, error, "myEncodeObject");
  4141. }
  4143. error:
  4144. if (S_OK != hr && S_FALSE != hr)
  4145. {
  4146. INFSETERROR(hr, wszINFSECTION_NAMECONSTRAINTS, pwszKey, NULL);
  4147. }
  4148. pext->pszObjId = szOID_NAME_CONSTRAINTS; // on error, too!
  4150. if (NULL != NameConstraints.rgPermittedSubtree)
  4151. {
  4152. infFreeGeneralSubTree(
  4153. NameConstraints.cPermittedSubtree,
  4154. NameConstraints.rgPermittedSubtree);
  4155. }
  4156. if (NULL != NameConstraints.rgExcludedSubtree)
  4157. {
  4158. infFreeGeneralSubTree(
  4159. NameConstraints.cExcludedSubtree,
  4160. NameConstraints.rgExcludedSubtree);
  4161. }
  4162. DBGPRINT((
  4163. DBG_SS_CERTLIBI,
  4164. "myInfGetNameConstraintsExtension hr=%x --> f=%d, cb=%x\n",
  4165. hr,
  4166. pext->fCritical,
  4167. pext->Value.cbData));
  4168. return(hr);
  4169. }
  4172. VOID
  4173. infFreePolicyMappings(
  4174. IN DWORD cPolicyMapping,
  4175. IN OUT CERT_POLICY_MAPPING *pPolicyMapping)
  4176. {
  4177. if (NULL != pPolicyMapping)
  4178. {
  4179. DWORD i;
  4181. for (i = 0; i < cPolicyMapping; i++)
  4182. {
  4183. CERT_POLICY_MAPPING *pMap = &pPolicyMapping[i];
  4185. if (NULL != pMap->pszIssuerDomainPolicy)
  4186. {
  4187. LocalFree(pMap->pszIssuerDomainPolicy);
  4188. }
  4189. if (NULL != pMap->pszSubjectDomainPolicy)
  4190. {
  4191. LocalFree(pMap->pszSubjectDomainPolicy);
  4192. }
  4193. }
  4194. LocalFree(pPolicyMapping);
  4195. }
  4196. }
  4199. HRESULT
  4200. infGetPolicyMappingsSub(
  4201. IN HINF hInf,
  4202. IN WCHAR const *pwszSection,
  4203. IN OUT DWORD *pcPolicyMapping,
  4204. OPTIONAL OUT CERT_POLICY_MAPPING *pPolicyMapping)
  4205. {
  4206. HRESULT hr;
  4207. INFCONTEXT InfContext;
  4208. WCHAR *pwszIssuer = NULL;
  4209. WCHAR *pwszSubject = NULL;
  4210. DWORD cPolicyMappingIn;
  4211. DWORD cPolicyMapping = 0;
  4213. cPolicyMappingIn = MAXDWORD;
  4214. if (NULL != pPolicyMapping)
  4215. {
  4216. cPolicyMappingIn = *pcPolicyMapping;
  4217. }
  4218. *pcPolicyMapping = 0;
  4220. CSASSERT(NULL != hInf && INVALID_HANDLE_VALUE != hInf);
  4222. cPolicyMapping = 0;
  4223. hr = infSetupFindFirstLine(
  4224. hInf,
  4225. pwszSection,
  4226. NULL, // pwszKey
  4227. FALSE, // fUniqueKey
  4228. 0, // cValueMax
  4229. NULL, // apwszKeys
  4230. FALSE, // fUniqueValidKeys
  4231. &InfContext);
  4232. _JumpIfErrorStr3(
  4233. hr,
  4234. error,
  4235. "infSetupFindFirstLine",
  4236. pwszSection,
  4237. S_FALSE,
  4238. (HRESULT) ERROR_LINE_NOT_FOUND);
  4240. for (;;)
  4241. {
  4242. if (NULL != pwszIssuer)
  4243. {
  4244. LocalFree(pwszIssuer);
  4245. pwszIssuer = NULL;
  4246. }
  4247. if (NULL != pwszSubject)
  4248. {
  4249. LocalFree(pwszSubject);
  4250. pwszSubject = NULL;
  4251. }
  4252. hr = infGetCurrentKeyValue(
  4253. &InfContext,
  4254. pwszSection,
  4255. NULL, // pwszKey
  4256. 0,
  4257. FALSE, // fLastValue
  4258. &pwszIssuer);
  4259. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  4261. if (!iswdigit(pwszIssuer[0]))
  4262. {
  4263. if (0 != LSTRCMPIS(pwszIssuer, wszINFKEY_CRITICAL))
  4264. {
  4265. hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
  4266. _JumpErrorStr(hr, error, "bad key", pwszIssuer);
  4267. }
  4268. }
  4269. else
  4270. {
  4271. hr = myVerifyObjId(pwszIssuer);
  4272. _JumpIfErrorStr(hr, error, "myVerifyObjId", pwszIssuer);
  4274. hr = infGetCurrentKeyValue(
  4275. &InfContext,
  4276. pwszSection,
  4277. pwszIssuer,
  4278. 1,
  4279. TRUE, // fLastValue
  4280. &pwszSubject);
  4281. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  4283. hr = myVerifyObjId(pwszSubject);
  4284. _JumpIfErrorStr(hr, error, "myVerifyObjId", pwszSubject);
  4286. if (NULL != pPolicyMapping)
  4287. {
  4288. CERT_POLICY_MAPPING *pMap;
  4290. if (cPolicyMappingIn <= cPolicyMapping)
  4291. {
  4292. hr = HRESULT_FROM_WIN32(ERROR_MORE_DATA);
  4293. _JumpError(hr, error, "*pcPolicyMapping");
  4294. }
  4296. pMap = &pPolicyMapping[cPolicyMapping];
  4297. if (!ConvertWszToSz(&pMap->pszIssuerDomainPolicy, pwszIssuer, -1) ||
  4298. !ConvertWszToSz(&pMap->pszSubjectDomainPolicy, pwszSubject, -1))
  4299. {
  4300. hr = E_OUTOFMEMORY;
  4301. _JumpError(hr, error, "ConvertWszToSz");
  4302. }
  4303. }
  4304. DBGPRINT((
  4305. DBG_SS_CERTLIBI,
  4306. "Map[%u]: %ws = %ws\n",
  4307. cPolicyMapping,
  4308. pwszIssuer,
  4309. pwszSubject));
  4311. cPolicyMapping++;
  4312. }
  4313. if (!SetupFindNextLine(&InfContext, &InfContext))
  4314. {
  4315. hr = myHLastError();
  4316. _PrintError2(hr, "SetupFindNextLine", hr);
  4317. break;
  4318. }
  4319. }
  4320. *pcPolicyMapping = cPolicyMapping;
  4321. hr = S_OK;
  4323. error:
  4324. if (S_OK != hr)
  4325. {
  4326. INFSETERROR(hr, pwszSection, pwszIssuer, pwszSubject);
  4327. }
  4328. if (NULL != pwszIssuer)
  4329. {
  4330. LocalFree(pwszIssuer);
  4331. }
  4332. if (NULL != pwszSubject)
  4333. {
  4334. LocalFree(pwszSubject);
  4335. }
  4336. return(hr);
  4337. }
  4340. HRESULT
  4341. infGetPolicyMappings(
  4342. IN HINF hInf,
  4343. IN WCHAR const *pwszSection,
  4344. OUT DWORD *pcPolicyMapping,
  4345. OUT CERT_POLICY_MAPPING **ppPolicyMapping)
  4346. {
  4347. HRESULT hr;
  4348. DWORD cPolicyMapping = 0;
  4349. CERT_POLICY_MAPPING *pPolicyMapping = NULL;
  4351. *pcPolicyMapping = 0;
  4352. *ppPolicyMapping = NULL;
  4354. CSASSERT(NULL != hInf && INVALID_HANDLE_VALUE != hInf);
  4356. cPolicyMapping = 0;
  4357. hr = infGetPolicyMappingsSub(
  4358. hInf,
  4359. pwszSection,
  4360. &cPolicyMapping,
  4361. NULL);
  4362. _JumpIfError3(
  4363. hr,
  4364. error,
  4365. "infGetPolicyMappingsSub",
  4366. S_FALSE,
  4367. (HRESULT) ERROR_LINE_NOT_FOUND);
  4369. *pcPolicyMapping = cPolicyMapping;
  4370. pPolicyMapping = (CERT_POLICY_MAPPING *) LocalAlloc(
  4371. LMEM_FIXED | LMEM_ZEROINIT,
  4372. cPolicyMapping * sizeof(*pPolicyMapping));
  4373. if (NULL == pPolicyMapping)
  4374. {
  4375. hr = E_OUTOFMEMORY;
  4376. _JumpError(hr, error, "LocalAlloc");
  4377. }
  4379. hr = infGetPolicyMappingsSub(
  4380. hInf,
  4381. pwszSection,
  4382. &cPolicyMapping,
  4383. pPolicyMapping);
  4384. _JumpIfError(hr, error, "infGetPolicyMappingsSub");
  4386. CSASSERT(*pcPolicyMapping == cPolicyMapping);
  4387. *ppPolicyMapping = pPolicyMapping;
  4388. pPolicyMapping = NULL;
  4389. hr = S_OK;
  4391. error:
  4392. if (NULL != pPolicyMapping)
  4393. {
  4394. infFreePolicyMappings(*pcPolicyMapping, pPolicyMapping);
  4395. }
  4396. return(hr);
  4397. }
  4400. //+------------------------------------------------------------------------
  4401. // infGetPolicyMappingSub -- fetch policy mapping extension from INF file
  4402. //
  4403. // [pwszSection]
  4404. // ; list of user defined policy mappings
  4405. // ; The first OID is for the Issuer Domain Policy, the second is for the
  4406. // ; Subject Domain Policy. Each entry maps one Issuer Domain policy OID
  4407. // ; to a Subject Domain policy OID
  4408. //
  4409. // 1.3.6.1.4.1.311.21.53 = 1.2.3.4.87
  4410. // 1.3.6.1.4.1.311.21.53 = 1.2.3.4.89
  4411. //
  4412. // Returns: encoded policy mapping extension
  4413. //-------------------------------------------------------------------------
  4415. HRESULT
  4416. infGetPolicyMappingExtensionSub(
  4417. IN HINF hInf,
  4418. IN WCHAR const *pwszSection,
  4419. IN char const *pszObjId,
  4420. OUT CERT_EXTENSION *pext)
  4421. {
  4422. HRESULT hr;
  4423. CERT_POLICY_MAPPINGS_INFO PolicyMappings;
  4425. ZeroMemory(&PolicyMappings, sizeof(PolicyMappings));
  4426. ZeroMemory(pext, sizeof(*pext));
  4427. myInfClearError();
  4429. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  4430. {
  4431. hr = E_HANDLE;
  4432. _JumpError2(hr, error, "hInf", hr);
  4433. }
  4434. hr = infGetPolicyMappings(
  4435. hInf,
  4436. pwszSection,
  4437. &PolicyMappings.cPolicyMapping,
  4438. &PolicyMappings.rgPolicyMapping);
  4439. _JumpIfErrorStr3(
  4440. hr,
  4441. error,
  4442. "infGetPolicyMappings",
  4443. pwszSection,
  4444. S_FALSE,
  4445. (HRESULT) ERROR_LINE_NOT_FOUND);
  4447. hr = infGetCriticalFlag(
  4448. hInf,
  4449. pwszSection,
  4450. FALSE,
  4451. &pext->fCritical);
  4452. _JumpIfError(hr, error, "infGetCriticalFlag");
  4454. if (!myEncodeObject(
  4455. X509_ASN_ENCODING,
  4456. X509_POLICY_MAPPINGS,
  4457. &PolicyMappings,
  4458. 0,
  4459. CERTLIB_USE_LOCALALLOC,
  4460. &pext->Value.pbData,
  4461. &pext->Value.cbData))
  4462. {
  4463. hr = myHLastError();
  4464. _JumpError(hr, error, "myEncodeObject");
  4465. }
  4467. error:
  4468. if (S_OK != hr && S_FALSE != hr)
  4469. {
  4470. INFSETERROR(hr, pwszSection, NULL, NULL);
  4471. }
  4472. pext->pszObjId = const_cast<char *>(pszObjId); // on error, too!
  4474. if (NULL != PolicyMappings.rgPolicyMapping)
  4475. {
  4476. infFreePolicyMappings(
  4477. PolicyMappings.cPolicyMapping,
  4478. PolicyMappings.rgPolicyMapping);
  4479. }
  4480. return(hr);
  4481. }
  4484. //+------------------------------------------------------------------------
  4485. // myInfGetPolicyMapping -- fetch policy mapping extension from INF file
  4486. //
  4487. // [PolicyMappingExtension]
  4488. // ; list of user defined policy mappings
  4489. // ; The first OID is for the Issuer Domain Policy, the second is for the
  4490. // ; Subject Domain Policy. Each entry maps one Issuer Domain policy OID
  4491. // ; to a Subject Domain policy OID
  4492. //
  4493. // 1.3.6.1.4.1.311.21.53 = 1.2.3.4.87
  4494. // 1.3.6.1.4.1.311.21.53 = 1.2.3.4.89
  4495. //
  4496. // Returns: encoded policy mapping extension
  4497. //-------------------------------------------------------------------------
  4499. FNMYINFGETEXTENSION myInfGetPolicyMappingExtension;
  4501. HRESULT
  4502. myInfGetPolicyMappingExtension(
  4503. IN HINF hInf,
  4504. OUT CERT_EXTENSION *pext)
  4505. {
  4506. HRESULT hr;
  4508. hr = infGetPolicyMappingExtensionSub(
  4509. hInf,
  4510. wszINFSECTION_POLICYMAPPINGS,
  4511. szOID_POLICY_MAPPINGS,
  4512. pext);
  4513. _JumpIfErrorStr3(
  4514. hr,
  4515. error,
  4516. "infGetPolicyMappingExtensionSub",
  4517. wszINFSECTION_POLICYMAPPINGS,
  4518. S_FALSE,
  4519. (HRESULT) ERROR_LINE_NOT_FOUND);
  4521. error:
  4522. DBGPRINT((
  4523. DBG_SS_CERTLIBI,
  4524. "myInfGetPolicyMappingExtension hr=%x --> f=%d, cb=%x\n",
  4525. hr,
  4526. pext->fCritical,
  4527. pext->Value.cbData));
  4528. return(hr);
  4529. }
  4532. //+------------------------------------------------------------------------
  4533. // myInfGetApplicationPolicyMapping -- fetch application policy mapping
  4534. // extension from INF file
  4535. //
  4536. // [ApplicationPolicyMappingExtension]
  4537. // ; list of user defined policy mappings
  4538. // ; The first OID is for the Issuer Domain Policy, the second is for the
  4539. // ; Subject Domain Policy. Each entry maps one Issuer Domain policy OID
  4540. // ; to a Subject Domain policy OID
  4541. //
  4542. // 1.3.6.1.4.1.311.21.53 = 1.2.3.4.87
  4543. // 1.3.6.1.4.1.311.21.53 = 1.2.3.4.89
  4544. //
  4545. // Returns: encoded policy mapping extension
  4546. //-------------------------------------------------------------------------
  4548. FNMYINFGETEXTENSION myInfGetApplicationPolicyMappingExtension;
  4550. HRESULT
  4551. myInfGetApplicationPolicyMappingExtension(
  4552. IN HINF hInf,
  4553. OUT CERT_EXTENSION *pext)
  4554. {
  4555. HRESULT hr;
  4557. hr = infGetPolicyMappingExtensionSub(
  4558. hInf,
  4559. wszINFSECTION_APPLICATIONPOLICYMAPPINGS,
  4560. szOID_APPLICATION_POLICY_MAPPINGS,
  4561. pext);
  4562. _JumpIfErrorStr3(
  4563. hr,
  4564. error,
  4565. "infGetPolicyMappingExtensionSub",
  4566. wszINFSECTION_APPLICATIONPOLICYMAPPINGS,
  4567. S_FALSE,
  4568. (HRESULT) ERROR_LINE_NOT_FOUND);
  4570. error:
  4571. DBGPRINT((
  4572. DBG_SS_CERTLIBI,
  4573. "myInfGetApplicationPolicyMappingExtension hr=%x --> f=%d, cb=%x\n",
  4574. hr,
  4575. pext->fCritical,
  4576. pext->Value.cbData));
  4577. return(hr);
  4578. }
  4581. //+------------------------------------------------------------------------
  4582. // infGetPolicyConstraintsExtensionSub -- get policy constraints ext from INF
  4583. //
  4584. // [pwszSection]
  4585. // ; consists of two optional DWORDs
  4586. // ; They refer to the depth of the CA hierarchy that requires and inhibits
  4587. // ; Policy Mapping
  4588. // RequireExplicitPolicy = 3
  4589. // InhibitPolicyMapping = 5
  4590. //
  4591. // Returns: encoded policy constraints extension
  4592. //-------------------------------------------------------------------------
  4594. HRESULT
  4595. infGetPolicyConstraintsExtensionSub(
  4596. IN HINF hInf,
  4597. IN WCHAR const *pwszSection,
  4598. IN char const *pszObjId,
  4599. OUT CERT_EXTENSION *pext)
  4600. {
  4601. HRESULT hr;
  4602. CERT_POLICY_CONSTRAINTS_INFO PolicyConstraints;
  4603. WCHAR const *pwszKey = NULL;
  4604. INFCONTEXT InfContext;
  4605. static WCHAR const * const s_apwszKeys[] =
  4606. {
  4607. wszINFKEY_REQUIREEXPLICITPOLICY,
  4608. wszINFKEY_INHIBITPOLICYMAPPING,
  4609. wszINFKEY_CRITICAL,
  4610. NULL
  4611. };
  4613. ZeroMemory(&PolicyConstraints, sizeof(PolicyConstraints));
  4614. ZeroMemory(pext, sizeof(*pext));
  4615. myInfClearError();
  4617. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  4618. {
  4619. hr = E_HANDLE;
  4620. _JumpError2(hr, error, "hInf", hr);
  4621. }
  4623. hr = infSetupFindFirstLine(
  4624. hInf,
  4625. pwszSection,
  4626. NULL, // pwszKey
  4627. FALSE, // fUniqueKey
  4628. 0, // cValueMax
  4629. s_apwszKeys,
  4630. TRUE, // fUniqueValidKeys
  4631. &InfContext);
  4632. _JumpIfErrorStr2(
  4633. hr,
  4634. error,
  4635. "infSetupFindFirstLine",
  4636. pwszSection,
  4637. ERROR_LINE_NOT_FOUND);
  4639. PolicyConstraints.fRequireExplicitPolicy = TRUE;
  4640. pwszKey = wszINFKEY_REQUIREEXPLICITPOLICY;
  4641. hr = myInfGetNumericKeyValue(
  4642. hInf,
  4643. TRUE, // fLog
  4644. pwszSection,
  4645. pwszKey,
  4646. 1,
  4647. TRUE, // fLastValue
  4648. &PolicyConstraints.dwRequireExplicitPolicySkipCerts);
  4649. if (S_OK != hr)
  4650. {
  4651. if ((HRESULT) ERROR_LINE_NOT_FOUND != hr)
  4652. {
  4653. _JumpError(hr, error, "myInfGetNumericKeyValue");
  4654. }
  4655. _PrintErrorStr2(
  4656. hr,
  4657. "myInfGetNumericKeyValue",
  4658. wszINFKEY_REQUIREEXPLICITPOLICY,
  4659. hr);
  4660. PolicyConstraints.dwRequireExplicitPolicySkipCerts = 0;
  4661. PolicyConstraints.fRequireExplicitPolicy = FALSE;
  4662. }
  4664. PolicyConstraints.fInhibitPolicyMapping = TRUE;
  4665. pwszKey = wszINFKEY_INHIBITPOLICYMAPPING;
  4666. hr = myInfGetNumericKeyValue(
  4667. hInf,
  4668. TRUE, // fLog
  4669. pwszSection,
  4670. pwszKey,
  4671. 1,
  4672. TRUE, // fLastValue
  4673. &PolicyConstraints.dwInhibitPolicyMappingSkipCerts);
  4674. if (S_OK != hr)
  4675. {
  4676. if ((HRESULT) ERROR_LINE_NOT_FOUND != hr)
  4677. {
  4678. _JumpError(hr, error, "myInfGetNumericKeyValue");
  4679. }
  4680. _PrintErrorStr2(
  4681. hr,
  4682. "myInfGetNumericKeyValue",
  4683. wszINFKEY_INHIBITPOLICYMAPPING,
  4684. hr);
  4685. PolicyConstraints.dwInhibitPolicyMappingSkipCerts = 0;
  4686. PolicyConstraints.fInhibitPolicyMapping = FALSE;
  4687. }
  4688. pwszKey = NULL;
  4689. if (!PolicyConstraints.fRequireExplicitPolicy &&
  4690. !PolicyConstraints.fInhibitPolicyMapping)
  4691. {
  4692. hr = S_FALSE;
  4693. _JumpError2(hr, error, "no policy constraints", hr);
  4694. }
  4696. hr = infGetCriticalFlag(
  4697. hInf,
  4698. pwszSection,
  4699. FALSE,
  4700. &pext->fCritical);
  4701. _JumpIfError(hr, error, "infGetCriticalFlag");
  4703. if (!myEncodeObject(
  4704. X509_ASN_ENCODING,
  4705. X509_POLICY_CONSTRAINTS,
  4706. &PolicyConstraints,
  4707. 0,
  4708. CERTLIB_USE_LOCALALLOC,
  4709. &pext->Value.pbData,
  4710. &pext->Value.cbData))
  4711. {
  4712. hr = myHLastError();
  4713. _JumpError(hr, error, "myEncodeObject");
  4714. }
  4716. error:
  4717. if (S_OK != hr && S_FALSE != hr)
  4718. {
  4719. INFSETERROR(hr, pwszSection, pwszKey, NULL);
  4720. }
  4721. pext->pszObjId = const_cast<char *>(pszObjId); // on error, too!
  4723. return(hr);
  4724. }
  4727. //+------------------------------------------------------------------------
  4728. // myInfGetPolicyConstraintsExtension -- get policy constraints ext from INF
  4729. //
  4730. // [PolicyConstraintsExtension]
  4731. // ; consists of two optional DWORDs
  4732. // ; They refer to the depth of the CA hierarchy that requires and inhibits
  4733. // ; Policy Mapping
  4734. // RequireExplicitPolicy = 3
  4735. // InhibitPolicyMapping = 5
  4736. //
  4737. // Returns: encoded policy constraints extension
  4738. //-------------------------------------------------------------------------
  4740. FNMYINFGETEXTENSION myInfGetPolicyConstraintsExtension;
  4742. HRESULT
  4743. myInfGetPolicyConstraintsExtension(
  4744. IN HINF hInf,
  4745. OUT CERT_EXTENSION *pext)
  4746. {
  4747. HRESULT hr;
  4749. hr = infGetPolicyConstraintsExtensionSub(
  4750. hInf,
  4751. wszINFSECTION_POLICYCONSTRAINTS,
  4752. szOID_POLICY_CONSTRAINTS,
  4753. pext);
  4754. _JumpIfErrorStr3(
  4755. hr,
  4756. error,
  4757. "infGetPolicyConstraintsExtensionSub",
  4758. wszINFSECTION_POLICYCONSTRAINTS,
  4759. S_FALSE,
  4760. (HRESULT) ERROR_LINE_NOT_FOUND);
  4762. error:
  4763. DBGPRINT((
  4764. DBG_SS_CERTLIBI,
  4765. "myInfGetPolicyConstraintsExtension hr=%x --> f=%d, cb=%x\n",
  4766. hr,
  4767. pext->fCritical,
  4768. pext->Value.cbData));
  4769. return(hr);
  4770. }
  4773. //+------------------------------------------------------------------------
  4774. // myInfGetApplicationPolicyConstraintsExtension -- get application policy
  4775. // constraints extension from INF
  4776. //
  4777. // [ApplicationPolicyConstraintsExtension]
  4778. // ; consists of two optional DWORDs
  4779. // ; They refer to the depth of the CA hierarchy that requires and inhibits
  4780. // ; Policy Mapping
  4781. // RequireExplicitPolicy = 3
  4782. // InhibitPolicyMapping = 5
  4783. //
  4784. // Returns: encoded policy constraints extension
  4785. //-------------------------------------------------------------------------
  4787. FNMYINFGETEXTENSION myInfGetApplicationPolicyConstraintsExtension;
  4789. HRESULT
  4790. myInfGetApplicationPolicyConstraintsExtension(
  4791. IN HINF hInf,
  4792. OUT CERT_EXTENSION *pext)
  4793. {
  4794. HRESULT hr;
  4796. hr = infGetPolicyConstraintsExtensionSub(
  4797. hInf,
  4798. wszINFSECTION_APPLICATIONPOLICYCONSTRAINTS,
  4799. szOID_APPLICATION_POLICY_CONSTRAINTS,
  4800. pext);
  4801. _JumpIfErrorStr3(
  4802. hr,
  4803. error,
  4804. "infGetPolicyConstraintsExtensionSub",
  4805. wszINFSECTION_APPLICATIONPOLICYCONSTRAINTS,
  4806. S_FALSE,
  4807. (HRESULT) ERROR_LINE_NOT_FOUND);
  4809. error:
  4810. DBGPRINT((
  4811. DBG_SS_CERTLIBI,
  4812. "myInfGetApplicationPolicyConstraintsExtension hr=%x --> f=%d, cb=%x\n",
  4813. hr,
  4814. pext->fCritical,
  4815. pext->Value.cbData));
  4816. return(hr);
  4817. }
  4820. //+------------------------------------------------------------------------
  4821. // myInfGetCrossCertDistributionPointsExtension -- fetch Cross CertDist Point
  4822. // URLs from CAPolicy.inf
  4823. //
  4824. // [CrossCertificateDistributionPointsExtension]
  4825. // SyncDeltaTime = 24
  4826. // URL = http://CRLhttp.site.com/Public/MyCA.crt
  4827. // URL = ftp://CRLftp.site.com/Public/MyCA.crt
  4828. //
  4829. // Returns: encoded cross cert dist points extension
  4830. //-------------------------------------------------------------------------
  4832. FNMYINFGETEXTENSION myInfGetCrossCertDistributionPointsExtension;
  4834. HRESULT
  4835. myInfGetCrossCertDistributionPointsExtension(
  4836. IN HINF hInf,
  4837. OUT CERT_EXTENSION *pext)
  4838. {
  4839. HRESULT hr;
  4840. INFCONTEXT InfContext;
  4841. CROSS_CERT_DIST_POINTS_INFO ccdpi;
  4842. CERT_ALT_NAME_INFO AltNameInfo;
  4843. CERT_ALT_NAME_ENTRY *rgAltEntry = NULL;
  4844. WCHAR const *pwsz;
  4845. WCHAR *pwszzURL = NULL;
  4846. DWORD i;
  4847. WCHAR const *pwszKey = NULL;
  4848. static WCHAR const * const s_apwszKeys[] =
  4849. { wszINFKEY_CCDPSYNCDELTATIME, wszINFKEY_URL, wszINFKEY_CRITICAL, NULL };
  4851. ZeroMemory(&ccdpi, sizeof(ccdpi));
  4852. ZeroMemory(&AltNameInfo, sizeof(AltNameInfo));
  4853. ZeroMemory(pext, sizeof(*pext));
  4854. myInfClearError();
  4856. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  4857. {
  4858. hr = E_HANDLE;
  4859. _JumpError2(hr, error, "hInf", hr);
  4860. }
  4862. hr = infSetupFindFirstLine(
  4863. hInf,
  4864. wszINFSECTION_CCDP,
  4865. NULL, // pwszKey
  4866. FALSE, // fUniqueKey
  4867. 0, // cValueMax
  4868. s_apwszKeys,
  4869. FALSE, // fUniqueValidKeys
  4870. &InfContext);
  4871. _JumpIfErrorStr3(
  4872. hr,
  4873. error,
  4874. "infSetupFindFirstLine",
  4875. wszINFSECTION_CCDP,
  4876. S_FALSE,
  4877. (HRESULT) ERROR_LINE_NOT_FOUND);
  4879. pwszKey = wszINFKEY_CCDPSYNCDELTATIME;
  4880. hr = myInfGetNumericKeyValue(
  4881. hInf,
  4882. TRUE, // fLog
  4883. wszINFSECTION_CCDP,
  4884. pwszKey,
  4885. 1,
  4886. TRUE, // fLastValue
  4887. &ccdpi.dwSyncDeltaTime);
  4888. if (S_OK != hr)
  4889. {
  4890. _PrintErrorStr2(
  4891. hr,
  4892. "myInfGetNumericKeyValue",
  4893. pwszKey,
  4894. ERROR_LINE_NOT_FOUND);
  4895. ccdpi.dwSyncDeltaTime = 0;
  4896. }
  4897. pwszKey = wszINFKEY_URL;
  4898. hr = myInfGetKeyList(
  4899. hInf,
  4900. wszINFSECTION_CCDP,
  4901. pwszKey,
  4902. NULL, // apwszKeys
  4903. &pext->fCritical,
  4904. &pwszzURL);
  4905. _JumpIfErrorStr3(
  4906. hr,
  4907. error,
  4908. "myInfGetKeyList",
  4909. pwszKey,
  4910. ERROR_LINE_NOT_FOUND,
  4911. S_FALSE);
  4912. pwszKey = NULL;
  4914. if (NULL != pwszzURL)
  4915. {
  4916. for (pwsz = pwszzURL; L'\0' != *pwsz; pwsz += wcslen(pwsz) + 1)
  4917. {
  4918. AltNameInfo.cAltEntry++;
  4919. }
  4920. }
  4922. if (0 != AltNameInfo.cAltEntry)
  4923. {
  4924. ccdpi.cDistPoint = 1;
  4925. ccdpi.rgDistPoint = &AltNameInfo;
  4927. AltNameInfo.rgAltEntry = (CERT_ALT_NAME_ENTRY *) LocalAlloc(
  4928. LMEM_FIXED | LMEM_ZEROINIT,
  4929. AltNameInfo.cAltEntry * sizeof(AltNameInfo.rgAltEntry[0]));
  4930. if (NULL == AltNameInfo.rgAltEntry)
  4931. {
  4932. hr = E_OUTOFMEMORY;
  4933. _JumpError(hr, error, "LocalAlloc");
  4934. }
  4936. i = 0;
  4937. for (pwsz = pwszzURL; L'\0' != *pwsz; pwsz += wcslen(pwsz) + 1)
  4938. {
  4939. AltNameInfo.rgAltEntry[i].pwszURL = const_cast<WCHAR *>(pwsz);
  4940. AltNameInfo.rgAltEntry[i].dwAltNameChoice = CERT_ALT_NAME_URL;
  4941. i++;
  4942. }
  4943. CSASSERT(i == AltNameInfo.cAltEntry);
  4944. }
  4946. if (!myEncodeObject(
  4947. X509_ASN_ENCODING,
  4948. X509_CROSS_CERT_DIST_POINTS,
  4949. &ccdpi,
  4950. 0,
  4951. CERTLIB_USE_LOCALALLOC,
  4952. &pext->Value.pbData,
  4953. &pext->Value.cbData))
  4954. {
  4955. hr = myHLastError();
  4956. _JumpError(hr, error, "myEncodeObject");
  4957. }
  4959. error:
  4960. if (S_OK != hr && S_FALSE != hr)
  4961. {
  4962. INFSETERROR(hr, wszINFSECTION_CCDP, pwszKey, NULL);
  4963. }
  4964. pext->pszObjId = szOID_CROSS_CERT_DIST_POINTS; // on error, too!
  4966. DBGPRINT((
  4967. DBG_SS_CERTLIBI,
  4968. "myInfGetCrossCertDistributionPointsExtension hr=%x --> f=%d, cb=%x\n",
  4969. hr,
  4970. pext->fCritical,
  4971. pext->Value.cbData));
  4973. if (NULL != AltNameInfo.rgAltEntry)
  4974. {
  4975. LocalFree(AltNameInfo.rgAltEntry);
  4976. }
  4977. if (NULL != pwszzURL)
  4978. {
  4979. LocalFree(pwszzURL);
  4980. }
  4981. if (NULL != rgAltEntry)
  4982. {
  4983. LocalFree(rgAltEntry);
  4984. }
  4985. return(hr);
  4986. }
  4991. HRESULT
  4992. infAddKey(
  4993. IN WCHAR const *pwszName,
  4994. IN OUT DWORD *pcValues,
  4995. IN OUT INFVALUES **prgInfValues,
  4996. OUT INFVALUES **ppInfValues)
  4997. {
  4998. HRESULT hr;
  4999. INFVALUES *rgInfValues;
  5000. WCHAR *pwszKeyT = NULL;
  5002. hr = myDupString(pwszName, &pwszKeyT);
  5003. _JumpIfError(hr, error, "myDupString");
  5005. if (NULL == *prgInfValues)
  5006. {
  5007. CSASSERT(0 == *pcValues);
  5008. rgInfValues = (INFVALUES *) LocalAlloc(
  5009. LMEM_FIXED | LMEM_ZEROINIT,
  5010. sizeof(**prgInfValues));
  5011. }
  5012. else
  5013. {
  5014. CSASSERT(0 != *pcValues);
  5015. rgInfValues = (INFVALUES *) LocalReAlloc(
  5016. *prgInfValues,
  5017. (*pcValues + 1) * sizeof(**prgInfValues),
  5018. LMEM_MOVEABLE | LMEM_ZEROINIT);
  5019. }
  5020. if (NULL == rgInfValues)
  5021. {
  5022. hr = E_OUTOFMEMORY;
  5023. _JumpError(
  5024. hr,
  5025. error,
  5026. NULL == *prgInfValues? "LocalAlloc" : "LocalReAlloc");
  5027. }
  5028. *prgInfValues = rgInfValues;
  5029. *ppInfValues = &rgInfValues[*pcValues];
  5030. (*pcValues)++;
  5031. (*ppInfValues)->pwszKey = pwszKeyT;
  5032. pwszKeyT = NULL;
  5033. hr = S_OK;
  5035. error:
  5036. if (NULL != pwszKeyT)
  5037. {
  5038. LocalFree(pwszKeyT);
  5039. }
  5040. return(hr);
  5041. }
  5044. HRESULT
  5045. infAddValue(
  5046. IN WCHAR const *pwszValue,
  5047. IN OUT INFVALUES *pInfValues)
  5048. {
  5049. HRESULT hr;
  5050. WCHAR *pwszValueT = NULL;
  5051. WCHAR **rgpwszValues = NULL;
  5053. hr = myDupString(pwszValue, &pwszValueT);
  5054. _JumpIfError(hr, error, "myDupString");
  5056. if (NULL == pInfValues->rgpwszValues)
  5057. {
  5058. CSASSERT(0 == pInfValues->cValues);
  5059. rgpwszValues = (WCHAR **) LocalAlloc(
  5060. LMEM_FIXED,
  5061. sizeof(*pInfValues->rgpwszValues));
  5062. }
  5063. else
  5064. {
  5065. CSASSERT(0 != pInfValues->cValues);
  5066. rgpwszValues = (WCHAR **) LocalReAlloc(
  5067. pInfValues->rgpwszValues,
  5068. (pInfValues->cValues + 1) * sizeof(*pInfValues->rgpwszValues),
  5069. LMEM_MOVEABLE);
  5070. }
  5071. if (NULL == rgpwszValues)
  5072. {
  5073. hr = E_OUTOFMEMORY;
  5074. _JumpError(
  5075. hr,
  5076. error,
  5077. NULL == pInfValues->rgpwszValues? "LocalAlloc" : "LocalReAlloc");
  5078. }
  5079. pInfValues->rgpwszValues = rgpwszValues;
  5080. pInfValues->rgpwszValues[pInfValues->cValues] = pwszValueT;
  5081. pInfValues->cValues++;
  5082. pwszValueT = NULL;
  5083. hr = S_OK;
  5085. error:
  5086. if (NULL != pwszValueT)
  5087. {
  5088. LocalFree(pwszValueT);
  5089. }
  5090. return(hr);
  5091. }
  5094. VOID
  5095. myInfFreeSectionValues(
  5096. IN DWORD cInfValues,
  5097. IN OUT INFVALUES *rgInfValues)
  5098. {
  5099. DWORD i;
  5100. DWORD ival;
  5101. INFVALUES *pInfValues;
  5103. if (NULL != rgInfValues)
  5104. {
  5105. for (i = 0; i < cInfValues; i++)
  5106. {
  5107. pInfValues = &rgInfValues[i];
  5109. if (NULL != pInfValues->pwszKey)
  5110. {
  5111. LocalFree(pInfValues->pwszKey);
  5112. }
  5113. if (NULL != pInfValues->rgpwszValues)
  5114. {
  5115. for (ival = 0; ival < pInfValues->cValues; ival++)
  5116. {
  5117. if (NULL != pInfValues->rgpwszValues[ival])
  5118. {
  5119. LocalFree(pInfValues->rgpwszValues[ival]);
  5120. }
  5121. }
  5122. LocalFree(pInfValues->rgpwszValues);
  5123. }
  5124. }
  5125. LocalFree(rgInfValues);
  5126. }
  5127. }
  5130. //+------------------------------------------------------------------------
  5131. // myInfGetSectionValues -- fetch all section values from INF file
  5132. //
  5133. // [pwszSection]
  5134. // KeyName1 = KeyValue1a, KeyValue1b, ...
  5135. // KeyName2 = KeyValue2a, KeyValue2b, ...
  5136. // ...
  5137. // KeyNameN = KeyValueNa, KeyValueNb, ...
  5138. //
  5139. // Returns: array of key names and values
  5140. //-------------------------------------------------------------------------
  5142. HRESULT
  5143. myInfGetSectionValues(
  5144. IN HINF hInf,
  5145. IN WCHAR const *pwszSection,
  5146. OUT DWORD *pcInfValues,
  5147. OUT INFVALUES **prgInfValues)
  5148. {
  5149. HRESULT hr;
  5150. INFCONTEXT InfContext;
  5151. WCHAR *pwszName = NULL;
  5152. WCHAR *pwszValue = NULL;
  5153. DWORD i;
  5154. DWORD cInfValues = 0;
  5155. INFVALUES *rgInfValues = NULL;
  5156. INFVALUES *pInfValues;
  5158. *pcInfValues = 0;
  5159. *prgInfValues = NULL;
  5160. myInfClearError();
  5162. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  5163. {
  5164. hr = E_HANDLE;
  5165. _JumpError2(hr, error, "hInf", hr);
  5166. }
  5167. hr = infSetupFindFirstLine(
  5168. hInf,
  5169. pwszSection,
  5170. NULL, // pwszKey
  5171. FALSE, // fUniqueKey
  5172. 0, // cValueMax
  5173. NULL, // apwszKeys
  5174. FALSE, // fUniqueValidKeys
  5175. &InfContext);
  5176. _JumpIfErrorStr(hr, error, "infSetupFindFirstLine", pwszSection);
  5178. for (;;)
  5179. {
  5180. DWORD cValue;
  5182. if (NULL != pwszName)
  5183. {
  5184. LocalFree(pwszName);
  5185. pwszName = NULL;
  5186. }
  5187. hr = infGetCurrentKeyValue(
  5188. &InfContext,
  5189. pwszSection,
  5190. NULL, // pwszKey
  5191. 0,
  5192. FALSE, // fLastValue
  5193. &pwszName);
  5194. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  5196. //wprintf(L"%ws[0]:\n", pwszName);
  5198. hr = infAddKey(pwszName, &cInfValues, &rgInfValues, &pInfValues);
  5199. _JumpIfError(hr, error, "infAddKey");
  5201. cValue = SetupGetFieldCount(&InfContext);
  5202. if (0 == cValue)
  5203. {
  5204. hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
  5205. INFSETERROR(hr, pwszSection, pwszName, L"");
  5206. _JumpErrorStr(hr, error, "SetupGetFieldCount", pwszName);
  5207. }
  5208. for (i = 0; i < cValue; i++)
  5209. {
  5210. if (NULL != pwszValue)
  5211. {
  5212. LocalFree(pwszValue);
  5213. pwszValue = NULL;
  5214. }
  5215. hr = infGetCurrentKeyValue(
  5216. &InfContext,
  5217. pwszSection,
  5218. pwszName,
  5219. i + 1,
  5220. FALSE, // fLastValue
  5221. &pwszValue);
  5222. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  5224. //wprintf(L"%ws[%u] = %ws\n", pwszName, i, pwszValue);
  5226. hr = infAddValue(pwszValue, pInfValues);
  5227. _JumpIfError(hr, error, "infAddValue");
  5228. }
  5230. if (!SetupFindNextLine(&InfContext, &InfContext))
  5231. {
  5232. hr = myHLastError();
  5233. _PrintError2(hr, "SetupFindNextLine(end)", hr);
  5234. break;
  5235. }
  5236. }
  5237. *pcInfValues = cInfValues;
  5238. *prgInfValues = rgInfValues;
  5239. rgInfValues = NULL;
  5240. hr = S_OK;
  5242. error:
  5243. if (S_OK != hr && S_FALSE != hr)
  5244. {
  5245. INFSETERROR(hr, pwszSection, pwszName, pwszValue);
  5246. }
  5247. if (NULL != rgInfValues)
  5248. {
  5249. myInfFreeSectionValues(cInfValues, rgInfValues);
  5250. }
  5251. if (NULL != pwszName)
  5252. {
  5253. LocalFree(pwszName);
  5254. }
  5255. if (NULL != pwszValue)
  5256. {
  5257. LocalFree(pwszValue);
  5258. }
  5259. DBGPRINT((
  5260. DBG_SS_CERTLIBI,
  5261. "myInfGetSectionValues hr=%x --> c=%d\n",
  5262. hr,
  5263. *pcInfValues));
  5264. return(hr);
  5265. }
  5268. HRESULT
  5269. myInfGetEnableKeyCounting(
  5270. IN HINF hInf,
  5271. OUT BOOL *pfValue)
  5272. {
  5273. HRESULT hr;
  5275. *pfValue = FALSE;
  5276. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  5277. {
  5278. hr = E_HANDLE;
  5279. _JumpError2(hr, error, "hInf", hr);
  5280. }
  5281. myInfClearError();
  5282. hr = myInfGetBooleanValue(
  5283. hInf,
  5284. wszINFSECTION_CERTSERVER,
  5285. wszINFKEY_ENABLEKEYCOUNTING,
  5286. TRUE,
  5287. pfValue);
  5288. _JumpIfError2(hr, error, "myDupString", ERROR_LINE_NOT_FOUND);
  5290. error:
  5291. return(hr);
  5292. }
  5295. VOID
  5296. myInfFreeExtensions(
  5297. IN DWORD cExt,
  5298. IN CERT_EXTENSION *rgExt)
  5299. {
  5300. if (NULL != rgExt)
  5301. {
  5302. DWORD i;
  5304. for (i = 0; i < cExt; i++)
  5305. {
  5306. if (NULL != rgExt[i].pszObjId)
  5307. {
  5308. LocalFree(rgExt[i].pszObjId);
  5309. }
  5310. if (NULL != rgExt[i].Value.pbData)
  5311. {
  5312. LocalFree(rgExt[i].Value.pbData);
  5313. }
  5314. }
  5315. LocalFree(rgExt);
  5316. }
  5317. }
  5320. HRESULT
  5321. infBuildExtension(
  5322. IN OUT INFCONTEXT *pInfContext,
  5323. OPTIONAL OUT CERT_EXTENSION *pExt)
  5324. {
  5325. HRESULT hr;
  5326. WCHAR *pwszKey = NULL;
  5327. char *pszObjId = NULL;
  5328. WCHAR *pwszValue = NULL;
  5329. BYTE *pbData = NULL;
  5330. DWORD cbData;
  5332. hr = infGetCurrentKeyValue(
  5333. pInfContext,
  5334. NULL, // pwszSection
  5335. NULL, // pwszKey
  5336. 0,
  5337. FALSE, // fLastValue
  5338. &pwszKey);
  5339. _JumpIfError(hr, error, "infGetCurrentKeyValue");
  5341. DBGPRINT((DBG_SS_CERTLIBI, "Element = %ws\n", pwszKey));
  5343. if (0 == LSTRCMPIS(pwszKey, wszINFKEY_CRITICAL) ||
  5344. 0 == LSTRCMPIS(pwszKey, wszINFKEY_CONTINUE))
  5345. {
  5346. hr = S_FALSE; // Skip this key
  5347. _JumpError2(hr, error, "skip Critical/_continue_ key", hr);
  5348. }
  5349. if (!myConvertWszToSz(&pszObjId, pwszKey, -1))
  5350. {
  5351. hr = E_OUTOFMEMORY;
  5352. _JumpError(hr, error, "myConvertWszToSz");
  5353. }
  5354. hr = myVerifyObjIdA(pszObjId);
  5355. _JumpIfErrorStr(hr, error, "myVerifyObjIdA", pwszKey);
  5357. DBGPRINT((DBG_SS_CERTLIBI, "OID = %hs\n", pszObjId));
  5359. hr = infGetCurrentKeyValue(
  5360. pInfContext,
  5361. NULL, // pwszSection
  5362. pwszKey,
  5363. 1,
  5364. TRUE, // fLastValue
  5365. &pwszValue);
  5366. _JumpIfErrorStr(hr, error, "infGetCurrentKeyValue", pwszKey);
  5368. DBGPRINT((DBG_SS_CERTLIBI, "%ws = %ws\n", pwszKey, pwszValue));
  5370. cbData = 0;
  5371. if (L'\0' != *pwszValue) // allow empty values
  5372. {
  5373. hr = myCryptStringToBinary(
  5374. pwszValue,
  5375. wcslen(pwszValue),
  5376. CRYPT_STRING_BASE64,
  5377. &pbData,
  5378. &cbData,
  5379. NULL,
  5380. NULL);
  5381. _JumpIfErrorStr(hr, error, "myCryptStringToBinary", pwszKey);
  5382. }
  5384. if (NULL != pExt)
  5385. {
  5386. pExt->pszObjId = pszObjId;
  5387. pExt->Value.pbData = pbData;
  5388. pExt->Value.cbData = cbData;
  5389. pszObjId = NULL;
  5390. pbData = NULL;
  5391. }
  5392. hr = S_OK;
  5394. error:
  5395. if (S_OK != hr && S_FALSE != hr)
  5396. {
  5397. INFSETERROR(hr, NULL, pwszKey, pwszValue);
  5398. }
  5399. if (NULL != pwszKey)
  5400. {
  5401. LocalFree(pwszKey);
  5402. }
  5403. if (NULL != pszObjId)
  5404. {
  5405. LocalFree(pszObjId);
  5406. }
  5407. if (NULL != pwszValue)
  5408. {
  5409. LocalFree(pwszValue);
  5410. }
  5411. if (NULL != pbData)
  5412. {
  5413. LocalFree(pbData);
  5414. }
  5415. return(hr);
  5416. }
  5419. HRESULT
  5420. myInfGetExtensions(
  5421. IN HINF hInf,
  5422. OUT DWORD *pcExt,
  5423. OUT CERT_EXTENSION **ppExt)
  5424. {
  5425. HRESULT hr;
  5426. DWORD i;
  5427. DWORD cExt;
  5428. CERT_EXTENSION *rgExt = NULL;
  5429. DWORD cCritical;
  5430. INFCONTEXT InfContext;
  5431. WCHAR *pwszValue = NULL;
  5432. char *pszObjId = NULL;
  5433. WCHAR *pwszObjIdKey = NULL;
  5434. WCHAR const *pwszSection = wszINFSECTION_EXTENSIONS;
  5435. WCHAR const *pwszKey = wszINFKEY_CRITICAL;
  5436. DWORD j;
  5438. *pcExt = 0;
  5439. *ppExt = NULL;
  5440. cExt = 0;
  5441. if (NULL == hInf || INVALID_HANDLE_VALUE == hInf)
  5442. {
  5443. hr = E_HANDLE;
  5444. _JumpError2(hr, error, "hInf", hr);
  5445. }
  5446. myInfClearError();
  5447. hr = infSetupFindFirstLine(
  5448. hInf,
  5449. pwszSection,
  5450. NULL, // pwszKey
  5451. FALSE, // fUniqueKey
  5452. 0, // cValueMax
  5453. NULL, // apwszKeys
  5454. FALSE, // fUniqueValidKeys
  5455. &InfContext);
  5456. _JumpIfErrorStr2(
  5457. hr,
  5458. error,
  5459. "infSetupFindFirstLine",
  5460. pwszSection,
  5461. ERROR_LINE_NOT_FOUND);
  5463. for (i = 0; ; )
  5464. {
  5465. hr = infBuildExtension(&InfContext, NULL);
  5466. if (S_FALSE != hr)
  5467. {
  5468. _JumpIfErrorStr(hr, error, "infBuildExtension", pwszSection);
  5470. i++;
  5471. }
  5473. if (!SetupFindNextLine(&InfContext, &InfContext))
  5474. {
  5475. hr = myHLastError();
  5476. _PrintErrorStr2(hr, "SetupFindNextLine", pwszSection, hr);
  5477. break;
  5478. }
  5479. }
  5481. cExt = i;
  5482. rgExt = (CERT_EXTENSION *) LocalAlloc(
  5483. LMEM_FIXED | LMEM_ZEROINIT,
  5484. cExt * sizeof(rgExt[0]));
  5485. if (NULL == rgExt)
  5486. {
  5487. hr = E_OUTOFMEMORY;
  5488. _JumpError(hr, error, "LocalAlloc");
  5489. }
  5491. hr = infSetupFindFirstLine(
  5492. hInf,
  5493. pwszSection,
  5494. NULL, // pwszKey
  5495. FALSE, // fUniqueKey
  5496. 0, // cValueMax
  5497. NULL, // apwszKeys
  5498. FALSE, // fUniqueValidKeys
  5499. &InfContext);
  5500. _JumpIfErrorStr(hr, error, "infSetupFindFirstLine", pwszSection);
  5502. for (i = 0; ; )
  5503. {
  5504. // handle one URL or text message
  5506. hr = infBuildExtension(&InfContext, &rgExt[i]);
  5507. if (S_FALSE != hr)
  5508. {
  5509. _JumpIfErrorStr(hr, error, "infBuildExtension", pwszSection);
  5511. for (j = 0; j < i; j++)
  5512. {
  5513. if (0 == strcmp(rgExt[j].pszObjId, rgExt[i].pszObjId))
  5514. {
  5515. if (!myConvertSzToWsz(&pwszObjIdKey, rgExt[i].pszObjId, -1))
  5516. {
  5517. _PrintError(E_OUTOFMEMORY, "myConvertSzToWsz");
  5518. }
  5519. hr = HRESULT_FROM_WIN32(RPC_S_ENTRY_ALREADY_EXISTS);
  5520. INFSETERROR(hr, pwszSection, pwszObjIdKey, NULL);
  5521. _JumpErrorStr(hr, error, "infBuildExtension", pwszObjIdKey);
  5522. }
  5523. }
  5524. i++;
  5525. }
  5526. if (!SetupFindNextLine(&InfContext, &InfContext))
  5527. {
  5528. hr = myHLastError();
  5529. _PrintErrorStr2(hr, "SetupFindNextLine", pwszSection, hr);
  5530. break;
  5531. }
  5532. }
  5533. CSASSERT(i == cExt);
  5535. hr = infSetupFindFirstLine(
  5536. hInf,
  5537. pwszSection,
  5538. pwszKey,
  5539. TRUE, // fUniqueKey
  5540. 0, // cValueMax
  5541. NULL, // apwszKeys
  5542. FALSE, // fUniqueValidKeys
  5543. &InfContext);
  5544. _PrintIfErrorStr2(
  5545. hr,
  5546. "infSetupFindFirstLine",
  5547. pwszKey,
  5548. ERROR_LINE_NOT_FOUND);
  5549. if (S_OK != hr)
  5550. {
  5551. if ((HRESULT) ERROR_LINE_NOT_FOUND != hr)
  5552. {
  5553. INFSETERROR(hr, pwszSection, pwszKey, NULL);
  5554. _JumpErrorStr(hr, error, "infSetupFindFirstLine", pwszKey);
  5555. }
  5556. }
  5557. else
  5558. {
  5559. cCritical = SetupGetFieldCount(&InfContext);
  5560. for (i = 1; i <= cCritical; i++)
  5561. {
  5562. if (NULL != pwszValue)
  5563. {
  5564. LocalFree(pwszValue);
  5565. pwszValue = NULL;
  5566. }
  5567. if (NULL != pszObjId)
  5568. {
  5569. LocalFree(pszObjId);
  5570. pszObjId = NULL;
  5571. }
  5572. hr = infGetCurrentKeyValue(
  5573. &InfContext,
  5574. NULL, // pwszSection
  5575. pwszKey,
  5576. i,
  5577. FALSE, // fLastValue
  5578. &pwszValue);
  5579. _JumpIfErrorStr(hr, error, "infGetCurrentKeyValue", pwszKey);
  5581. if (!myConvertWszToSz(&pszObjId, pwszValue, -1))
  5582. {
  5583. hr = E_OUTOFMEMORY;
  5584. _JumpError(hr, error, "myConvertWszToSz");
  5585. }
  5586. for (j = 0; j < cExt; j++)
  5587. {
  5588. if (NULL != rgExt[j].Value.pbData &&
  5589. 0 != rgExt[j].Value.cbData &&
  5590. 0 == strcmp(rgExt[j].pszObjId, pszObjId))
  5591. {
  5592. if (rgExt[j].fCritical)
  5593. {
  5594. hr = HRESULT_FROM_WIN32(RPC_S_ENTRY_ALREADY_EXISTS);
  5595. INFSETERROR(hr, pwszSection, pwszKey, pwszValue);
  5596. _JumpErrorStr(hr, error, "duplicate OID", pwszValue);
  5597. }
  5598. rgExt[j].fCritical = TRUE;
  5599. break;
  5600. }
  5601. }
  5602. if (j == cExt)
  5603. {
  5604. hr = HRESULT_FROM_WIN32(ERROR_MORE_DATA);
  5605. INFSETERROR(hr, pwszSection, pwszKey, pwszValue);
  5606. _JumpErrorStr(hr, error, "extraneous OID", pwszValue);
  5607. }
  5608. }
  5609. }
  5610. *pcExt = cExt;
  5611. *ppExt = rgExt;
  5612. rgExt = NULL;
  5613. hr = S_OK;
  5615. error:
  5616. if (S_OK != hr && (HRESULT) ERROR_LINE_NOT_FOUND != hr)
  5617. {
  5618. INFSETERROR(hr, pwszSection, NULL, NULL);
  5619. }
  5620. if (NULL != pwszValue)
  5621. {
  5622. LocalFree(pwszValue);
  5623. }
  5624. if (NULL != pszObjId)
  5625. {
  5626. LocalFree(pszObjId);
  5627. }
  5628. if (NULL != pwszObjIdKey)
  5629. {
  5630. LocalFree(pwszObjIdKey);
  5631. }
  5632. myInfFreeExtensions(cExt, rgExt);
  5633. return(hr);
  5634. }