archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/inetcore/outlookexpress/inetcomm/ess/essmime.cpp

445 lines
14 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. #ifdef SMIME_V3
  2. #include <windows.h>
  3. #include <mimeole.h>
  4. #include <essout.h>
  6. #include "badstrfunctions.h"
  8. #include "demand.h"
  9. #include "crypttls.h"
  10. #include "demand2.h"
  12. extern CRYPT_DECODE_PARA CryptDecodeAlloc;
  13. #define szOID_MSFT_ATTR_SEQUENCE "1.3.6.1.4.1.311.16.1.1"
  15. /////////////////////////////////////////////////////////////////////////
  17. typedef struct {
  18. DWORD cNames;
  19. CERT_NAME_BLOB * rgNames;
  20. } ReceiptNames;
  22. HRESULT SetNames(ReceiptNames * pnames, DWORD cNames, CERT_NAME_BLOB * rgNames)
  23. {
  24. DWORD cb;
  25. DWORD i;
  26. LPBYTE pb;
  28. if (pnames->rgNames != NULL) {
  29. free(pnames->rgNames);
  30. pnames->rgNames = NULL;
  31. pnames->cNames = 0;
  32. }
  34. for (i=0, cb=cNames*sizeof(CERT_NAME_BLOB); i<cNames; i++) {
  35. cb += rgNames[i].cbData;
  36. }
  38. pnames->rgNames = (CERT_NAME_BLOB *) malloc(cb);
  39. if (pnames->rgNames == NULL) {
  40. return E_OUTOFMEMORY;
  41. }
  43. pb = (LPBYTE) &pnames->rgNames[cNames];
  44. for (i=0; i<cNames; i++) {
  45. pnames->rgNames[i].pbData = pb;
  46. pnames->rgNames[i].cbData = rgNames[i].cbData;
  47. memcpy(pb, rgNames[i].pbData, rgNames[i].cbData);
  48. pb += rgNames[i].cbData;
  49. }
  51. pnames->cNames = cNames;
  52. return S_OK;
  53. }
  55. HRESULT MergeNames(ReceiptNames * pnames, DWORD cNames, CERT_NAME_BLOB * rgNames)
  56. {
  57. DWORD cb;
  58. DWORD i;
  59. DWORD i1;
  60. LPBYTE pb;
  61. CERT_NAME_BLOB * p;
  63. for (i=0, cb=0; i<pnames->cNames; i++) {
  64. cb += pnames->rgNames[i].cbData;
  65. }
  67. for (i=0; i<cNames; i++) {
  68. cb += rgNames[i].cbData;
  69. }
  71. p = (CERT_NAME_BLOB *) malloc(cb + (pnames->cNames + cNames) *
  72. sizeof(CERT_NAME_BLOB));
  73. if (p == NULL) {
  74. return E_OUTOFMEMORY;
  75. }
  77. pb = (LPBYTE) &p[pnames->cNames + cNames];
  78. for (i=0, i1=0; i<pnames->cNames; i++, i1++) {
  79. p[i1].pbData = pb;
  80. p[i1].cbData = pnames->rgNames[i].cbData;
  81. memcpy(pb, pnames->rgNames[i].pbData, pnames->rgNames[i].cbData);
  82. pb += pnames->rgNames[i].cbData;
  83. }
  85. for (i=0; i<pnames->cNames; i++, i1++) {
  86. p[i1].pbData = pb;
  87. p[i1].cbData = rgNames[i].cbData;
  88. memcpy(pb, rgNames[i].pbData, rgNames[i].cbData);
  89. pb += rgNames[i].cbData;
  90. }
  92. free(pnames->rgNames);
  93. pnames->rgNames = p;
  94. pnames->cNames = i1;
  96. return S_OK;
  97. }
  99. /////////////////////////////////////////////////////////////////////////
  101. MIMEOLEAPI MimeOleCreateReceipt(IMimeMessage * pMsgSrc, PCX509CERT pCertToSign,
  102. HWND hwndDlg, IMimeMessage ** ppMessage,
  103. const CERT_ALT_NAME_INFO * pMyNames)
  104. {
  105. DWORD cb;
  106. DWORD cLayers;
  107. DWORD dwReceiptsFrom;
  108. BOOL fSkipAddress = FALSE;
  109. HRESULT hr;
  110. DWORD i;
  111. DWORD i1;
  112. DWORD i2;
  113. DWORD iAttr;
  114. DWORD iLayer;
  115. PCRYPT_ATTRIBUTES pattrs = NULL;
  116. IMimeBody * pbody = NULL;
  117. LPBYTE pbReceiptReq = NULL;
  118. IMimeAddressTable * pmatbl = NULL;
  119. IMimeBody * pmb = NULL;
  120. IMimeMessage * pmm = NULL;
  121. PSMIME_RECEIPT_REQUEST preq = NULL;
  122. LPSTREAM pstm = NULL;
  123. ReceiptNames receiptsTo = {0, NULL};
  124. PROPVARIANT * rgpvAuthAttr = NULL;
  125. PROPVARIANT var;
  127. //
  128. // Get the Layer Count
  129. // Get the Authenticated Attributes
  130. // Decode Receipt Request
  131. // Set ReceiptsFrom from the request
  132. // For Each layer
  133. // is mlExpansion in this layer? No -- Skip to next layer
  134. // Receipt for First Tier only? Yes - return S_FALSE
  135. // Policy override on mlExpansion?
  136. // None - return S_FALSE
  137. // insteadOf - set ReceiptsFrom from mlExpansion History
  138. // inAdditionTo - add to ReceiptsFrom
  139. // Is my name in ReceiptsFrom list? No -- return S_FALSE
  140. // Setup new IMimeMessage
  141. // Attach receipt body
  142. // Address from Receipt Request
  143. // return S_OK
  145. // Obtain the body of the message
  147. hr = pMsgSrc->BindToObject(HBODY_ROOT, IID_IMimeBody, (LPVOID *) &pbody);
  148. if (FAILED(hr)) {
  149. goto CommonExit;
  150. }
  152. // Get the set of authenticated attributes on all layers of S/MIME in the
  153. // message.
  155. hr = pbody->GetOption(OID_SECURITY_SIGNATURE_COUNT, &var);
  156. if (FAILED(hr)) {
  157. goto GeneralFail;
  158. }
  159. cLayers = var.ulVal;
  161. hr = pbody->GetOption(OID_SECURITY_AUTHATTR_RG, &var);
  162. if (FAILED(hr)) {
  163. goto CommonExit;
  164. }
  165. rgpvAuthAttr = var.capropvar.pElems;
  167. // Create a stream object to hold the receipt and put the receipt into the
  168. // stream -- this supplies the body of the receipt message.
  170. hr = MimeOleCreateVirtualStream(&pstm);
  171. if (FAILED(hr)) {
  172. goto CommonExit;
  173. }
  175. hr = pbody->GetOption(OID_SECURITY_RECEIPT, &var);
  176. if (FAILED(hr)) {
  177. goto CommonExit;
  178. }
  180. hr = pstm->Write(var.blob.pBlobData, var.blob.cbSize, NULL);
  181. if (FAILED(hr)) {
  182. goto CommonExit;
  183. }
  185. //
  186. // Walk through each layer of authenticated attributes processing the
  187. // two relevant attributes.
  188. //
  190. for (iLayer=0; iLayer<cLayers; iLayer++) {
  191. if (rgpvAuthAttr[iLayer].blob.cbSize == 0) {
  192. continue;
  193. }
  195. //
  196. // Decode the attributes at this layer of S/MIME
  197. //
  199. if (!CryptDecodeObjectEx(X509_ASN_ENCODING, szOID_MSFT_ATTR_SEQUENCE,
  200. rgpvAuthAttr[iLayer].blob.pBlobData,
  201. rgpvAuthAttr[iLayer].blob.cbSize,
  202. CRYPT_ENCODE_ALLOC_FLAG, &CryptDecodeAlloc,
  203. &pattrs, &cb)) {
  204. goto GeneralFail;
  205. }
  207. //
  208. // Walk through each attribute looking for
  209. // if innermost layer - the receipt request
  210. // else - a Mail List expansion history
  211. //
  213. for (iAttr=0; iAttr<pattrs->cAttr; iAttr++) {
  214. if (iLayer==0) {
  215. if (strcmp(pattrs->rgAttr[iAttr].pszObjId,
  216. szOID_SMIME_Receipt_Request) == 0) {
  217. //
  218. // Crack the contents of the receipt request
  219. //
  221. if (!CryptDecodeObjectEx(X509_ASN_ENCODING,
  222. szOID_SMIME_Receipt_Request,
  223. pattrs->rgAttr[iAttr].rgValue[0].pbData,
  224. pattrs->rgAttr[iAttr].rgValue[0].cbData,
  225. CRYPT_DECODE_ALLOC_FLAG,
  226. &CryptDecodeAlloc, &preq, &cb)) {
  227. goto GeneralFail;
  228. }
  230. //
  231. // Initialize the ReceiptsTo list
  232. //
  234. if (preq->cReceiptsTo != 0) {
  235. SetNames(&receiptsTo, preq->cReceiptsTo, preq->rgReceiptsTo);
  236. }
  238. // Who are receipts from?
  240. dwReceiptsFrom = preq->ReceiptsFrom.AllOrFirstTier;
  241. }
  242. else if (strcmp(pattrs->rgAttr[iAttr].pszObjId,
  243. szOID_RSA_messageDigest) == 0) {
  244. ;
  245. }
  246. }
  247. else if ((iLayer != 0) && (strcmp(pattrs->rgAttr[iAttr].pszObjId,
  248. szOID_SMIME_MLExpansion_History) == 0)) {
  249. //
  250. // If receipts are from first tier only and we see this attribute
  251. // we are not first tier by definition.
  252. //
  254. if (dwReceiptsFrom == SMIME_RECEIPTS_FROM_FIRST_TIER) {
  255. hr = S_FALSE;
  256. goto CommonExit;
  257. }
  259. PSMIME_ML_EXPANSION_HISTORY pmlhist = NULL;
  261. //
  262. // Crack the attribute
  263. //
  265. if (!CryptDecodeObjectEx(X509_ASN_ENCODING,
  266. szOID_SMIME_MLExpansion_History,
  267. pattrs->rgAttr[iAttr].rgValue[0].pbData,
  268. pattrs->rgAttr[iAttr].rgValue[0].cbData,
  269. CRYPT_ENCODE_ALLOC_FLAG,
  270. &CryptDecodeAlloc, &pmlhist, &cb)) {
  271. goto GeneralFail;
  272. }
  274. PSMIME_MLDATA pMLData = &pmlhist->rgMLData[pmlhist->cMLData-1];
  276. switch( pMLData->dwPolicy) {
  277. // No receipt is to be returned
  278. case SMIME_MLPOLICY_NONE:
  279. hr = S_FALSE;
  280. free(pmlhist);
  281. goto CommonExit;
  283. // Return receipt to a new list
  284. case SMIME_MLPOLICY_INSTEAD_OF:
  285. SetNames(&receiptsTo, pMLData->cNames, pMLData->rgNames);
  286. break;
  288. case SMIME_MLPOLICY_IN_ADDITION_TO:
  289. MergeNames(&receiptsTo, pMLData->cNames, pMLData->rgNames);
  290. break;
  292. case SMIME_MLPOLICY_NO_CHANGE:
  293. break;
  295. default:
  296. free(pmlhist);
  297. goto GeneralFail;
  298. }
  300. free(pmlhist);
  301. break;
  302. }
  303. }
  305. free(pattrs);
  306. pattrs = NULL;
  307. }
  309. //
  310. // Am I on the ReceiptsFrom List --
  311. //
  313. if (preq->ReceiptsFrom.cNames != 0) {
  314. BOOL fFoundMe = FALSE;
  316. for (i=0; !fFoundMe && (i<preq->ReceiptsFrom.cNames); i++) {
  317. CERT_ALT_NAME_INFO * pname = NULL;
  319. if (!CryptDecodeObjectEx(X509_ASN_ENCODING, X509_ALTERNATE_NAME,
  320. preq->ReceiptsFrom.rgNames[i].pbData,
  321. preq->ReceiptsFrom.rgNames[i].cbData,
  322. CRYPT_ENCODE_ALLOC_FLAG,
  323. &CryptDecodeAlloc, &pname, &cb)) {
  324. goto GeneralFail;
  325. }
  327. for (i1=0; i1<pname->cAltEntry; i1++) {
  328. for (i2=0; i2<pMyNames->cAltEntry; i2++) {
  329. if (pname->rgAltEntry[i1].dwAltNameChoice !=
  330. pMyNames->rgAltEntry[i1].dwAltNameChoice) {
  331. continue;
  332. }
  334. switch (pname->rgAltEntry[i1].dwAltNameChoice) {
  335. case CERT_ALT_NAME_RFC822_NAME:
  336. if (lstrcmpW(pname->rgAltEntry[i1].pwszRfc822Name,
  337. pMyNames->rgAltEntry[i1].pwszRfc822Name) == 0) {
  338. fFoundMe = TRUE;
  339. goto FoundMe;
  340. }
  341. }
  342. }
  343. }
  345. FoundMe:
  346. free(pname);
  347. }
  349. if (!fFoundMe) {
  350. hr = S_FALSE;
  351. goto CommonExit;
  352. }
  353. }
  355. hr = MimeOleCreateMessage(NULL, &pmm);
  356. if (FAILED(hr)) {
  357. goto CommonExit;
  358. }
  360. hr = pmm->BindToObject(HBODY_ROOT, IID_IMimeBody, (LPVOID *) &pmb);
  361. if (FAILED(hr)) {
  362. goto CommonExit;
  363. }
  365. hr = pmb->SetData(IET_BINARY, "OID", szOID_SMIME_ContentType_Receipt,
  366. IID_IStream, pstm);
  367. if (FAILED(hr)) {
  368. goto CommonExit;
  369. }
  371. //
  372. // Address the receipt back to the receipients
  373. //
  375. hr = pmm->GetAddressTable(&pmatbl);
  376. if (FAILED(hr)) {
  377. goto CommonExit;
  378. }
  380. for (i=0; i<receiptsTo.cNames; i++) {
  381. CERT_ALT_NAME_INFO * pname = NULL;
  383. if (!CryptDecodeObjectEx(X509_ASN_ENCODING, X509_ALTERNATE_NAME,
  384. receiptsTo.rgNames[i].pbData,
  385. receiptsTo.rgNames[i].cbData,
  386. CRYPT_ENCODE_ALLOC_FLAG,
  387. &CryptDecodeAlloc, &pname, &cb)) {
  388. goto GeneralFail;
  389. }
  391. for (i1=0; i1<pname->cAltEntry; i1++) {
  392. char cch;
  393. char rgch[256];
  395. if (pname->rgAltEntry[i1].dwAltNameChoice == CERT_ALT_NAME_RFC822_NAME) {
  396. cch = WideCharToMultiByte(CP_ACP, 0,
  397. pname->rgAltEntry[i1].pwszRfc822Name,
  398. -1, rgch, sizeof(rgch), NULL, NULL);
  399. if (cch > 0) {
  400. hr = pmatbl->AppendRfc822(IAT_TO, IET_UNICODE,
  401. rgch);
  402. if (FAILED(hr)) {
  403. goto CommonExit;
  404. }
  405. }
  406. break;
  407. }
  408. }
  410. if (i1 == pname->cAltEntry) {
  411. fSkipAddress = TRUE;
  412. }
  413. }
  415. #ifdef DEBUG
  416. {
  417. LPSTREAM pstmTmp = NULL;
  418. hr = MimeOleCreateVirtualStream(&pstmTmp);
  419. pmm->Save(pstmTmp, TRUE);
  420. pstmTmp->Release();
  421. }
  422. #endif // DEBUG
  424. hr = S_OK;
  425. *ppMessage = pmm;
  426. pmm->AddRef();
  428. CommonExit:
  429. CoTaskMemFree(var.blob.pBlobData);
  430. if (preq != NULL) free(preq);
  431. if (pbReceiptReq != NULL) CoTaskMemFree(pbReceiptReq);
  432. if (rgpvAuthAttr != NULL) CoTaskMemFree(rgpvAuthAttr);
  433. if (pattrs != NULL) free(pattrs);
  434. if (pstm != NULL) pstm->Release();
  435. if (pmatbl != NULL) pmatbl->Release();
  436. if (pmb != NULL) pmb->Release();
  437. if (pmm != NULL) pmm->Release();
  438. if (pbody != NULL) pbody->Release();
  439. return hr;
  441. GeneralFail:
  442. hr = E_FAIL;
  443. goto CommonExit;
  444. }
  445. #endif // SMIME_V3