archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/inetcore/outlookexpress/inetcomm/mimeole/smimetst/encode.cpp

499 lines
17 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. #define INITGUID
  2. #define DEFINE_STRCONST
  4. #include <windows.h>
  5. #include <ole2.h>
  7. #include <initguid.h>
  8. #include <mimeole.h>
  10. #include "encode.h"
  12. #define CORg(command) \
  13. if (FAILED(command)) { \
  14. goto Error; \
  15. }
  17. #define CPRg(command) \
  18. if (! (command)) { \
  19. goto Error; \
  20. }
  23. static LPWSTR s_rgwszValues[] = { NULL };
  25. #define DEBUGFILE 1
  26. #define MAX_LAYERS 3
  28. //------------------------------------------------------------------
  29. //------------------------------------------------------------------
  30. HRESULT WriteBSTRToMultibyteToStream( const BSTR bstrStr, IStream** ppStream )
  31. {
  32. HRESULT hr = S_OK;
  33. LARGE_INTEGER liZero = {0}; // for ->Seek()
  35. char* pszMessage = NULL;
  36. int len = 0;
  38. if (!ppStream) return E_INVALIDARG;
  40. len = wcslen(bstrStr);
  41. CPRg(pszMessage = new char[len + 1]);
  42. WideCharToMultiByte(CP_ACP, 0, bstrStr, len,
  43. pszMessage, len + 1,
  44. NULL, NULL );
  45. pszMessage[len] = '\0';
  47. CORg(CreateStreamOnHGlobal(NULL, TRUE, ppStream));
  48. CORg((*ppStream)->Seek(liZero, STREAM_SEEK_SET, NULL));
  49. CORg((*ppStream)->Write(pszMessage, len, NULL));
  50. CORg((*ppStream)->Seek(liZero, STREAM_SEEK_SET, NULL));
  51. Error:
  52. if (pszMessage) delete[] pszMessage;
  53. return hr;
  54. }
  56. //------------------------------------------------------------------
  57. SMimeEncode::SMimeEncode() :
  58. m_dwFlags(0),
  59. m_stmOutput(NULL),
  60. m_szSignAlg(NULL),
  61. m_szEncryptAlg(NULL),
  62. m_szBody(NULL),
  63. m_SigningCertInner(NULL),
  64. m_SigningCertOuter(NULL),
  65. m_EncryptionCert(NULL),
  66. m_hCryptProv(NULL),
  67. m_hMYCertStore(NULL),
  68. m_hCACertStore(NULL),
  69. m_hABCertStore(NULL),
  70. m_szSenderEmail(NULL),
  71. m_szSenderName(NULL),
  72. m_szRecipientEmail(NULL),
  73. m_szRecipientName(NULL),
  74. m_szOutputFile(NULL)
  75. {
  77. }
  79. #define APPEND_SEPERATOR(subject) \
  80. if (lstrlen(subject)) { \
  81. lstrcat(subject, " | "); \
  82. }
  85. //------------------------------------------------------------------
  86. SMimeEncode::~SMimeEncode()
  87. {
  88. // BUGBUG: Should clean up any allocated members
  89. }
  91. //------------------------------------------------------------------
  92. HRESULT SMimeEncode::HrConfig(
  93. DWORD dwFlags,
  94. LPTSTR lpszBody,
  95. HCRYPTPROV hCryptProv,
  96. HCERTSTORE hMYCertStore,
  97. HCERTSTORE hCACertStore,
  98. HCERTSTORE hABCertStore,
  99. PCCERT_CONTEXT lpSigningCertInner,
  100. PCCERT_CONTEXT lpSigningCertOuter,
  101. PCCERT_CONTEXT lpEncryptionCert,
  102. LPTSTR lpszSenderEmail,
  103. LPTSTR lpszSenderName,
  104. LPTSTR lpszRecipientEmail,
  105. LPTSTR lpszRecipientName,
  106. LPTSTR lpszOutputFile
  107. )
  108. {
  109. HRESULT hr = S_OK;
  110. static char szSubject[257] = "";
  112. if (dwFlags & encode_Encrypt) {
  113. // specify an encryption algorithm
  114. // BUGBUG: Hardcoded in Encode
  115. }
  117. if (dwFlags & encode_InnerSign) {
  118. // specify a signing algorithm
  119. // BUGBUG: Hardcoded in Encode
  120. }
  123. if (dwFlags & encode_OuterSign) {
  124. // specify a signing algorithm
  125. // BUGBUG: Hardcoded in Encode
  126. }
  128. m_dwFlags = dwFlags;
  129. m_szBody = lpszBody;
  130. m_hCryptProv = hCryptProv;
  131. m_hMYCertStore = hMYCertStore;
  132. m_hCACertStore = hCACertStore;
  133. m_hABCertStore = hABCertStore;
  134. m_SigningCertInner = (PCERT_CONTEXT)lpSigningCertInner;
  135. m_SigningCertOuter = (PCERT_CONTEXT)lpSigningCertOuter;
  136. m_EncryptionCert = (PCERT_CONTEXT)lpEncryptionCert;
  137. m_szSenderEmail = lpszSenderEmail;
  138. m_szRecipientEmail = lpszRecipientEmail;
  139. m_szOutputFile = lpszOutputFile;
  141. // Set a meaningful subject
  142. lstrcpy(szSubject, "");
  143. if (dwFlags & encode_InnerSign) {
  144. APPEND_SEPERATOR(szSubject);
  145. if (dwFlags & encode_InnerClear) {
  146. lstrcat(szSubject, "Clear Sign");
  147. } else {
  148. lstrcat(szSubject, "Opaque Sign");
  149. }
  150. }
  151. if (dwFlags & encode_Encrypt) {
  152. APPEND_SEPERATOR(szSubject);
  153. lstrcat(szSubject, "Encrypt");
  154. }
  155. if (dwFlags & encode_OuterSign) {
  156. APPEND_SEPERATOR(szSubject);
  157. if (dwFlags & encode_OuterClear) {
  158. lstrcat(szSubject, "Clear Sign");
  159. } else {
  160. lstrcat(szSubject, "Opaque Sign");
  161. }
  162. }
  163. m_szSubject = szSubject;
  165. return(hr);
  166. }
  168. //------------------------------------------------------------------
  169. HRESULT SMimeEncode::HrExecute(void) {
  170. // Using the SMIME engine:
  171. //
  172. // Build the message tree (attach the body)
  173. // CoCreateInstance( CLSID_IMimeSecurity )
  174. // InitNew()
  175. // pSMIMEEngine->EncodeBody( IMimeMessageTree*,
  176. // hRoot,
  177. // SEF_??? | EBF_RECURSE ) OR ???
  178. // HrEncodeOpaque( psi, pTree, hbody, pencoderoot, pstmOut ) ????
  179. //
  180. HRESULT hr = S_OK;
  181. LARGE_INTEGER liZero = {0}; // for ->Seek()
  182. IStream* pBuildStream = NULL; // scratch stream
  183. IStream* pResultStream = NULL; // scratch stream
  184. IMimeMessage* pMimeRoot = NULL; // message in process
  185. IMimeBody* pMimeRootBody = NULL; // another version
  186. IMimeInternational* pCharSet = NULL;
  187. HCHARSET HCharset = 0;
  188. SYSTEMTIME stNow;
  189. PROPVARIANT var;
  190. HBODY hbBody;
  191. IMimeSecurity* pMimeSecurity = NULL;
  192. ULONG dwSecurityType = MST_NONE;
  193. IPersistFile* pIPFFileStore = NULL;
  194. HRESULT hrLocal = S_OK;
  195. WCHAR szwFileName[MAX_PATH + 1];
  196. CHAR szFrom[2 * (MAX_PATH + 1) + 1];
  198. // Multilayer stuff
  199. BOOL fTripleWrap = m_dwFlags & encode_OuterSign;
  200. ULONG ulSecurityLayers = 0;
  201. ULONG iEncryptLayer = (ULONG)-1;
  202. ULONG iInnerSignLayer = (ULONG)-1;
  203. ULONG iOuterSignLayer = (ULONG)-1;
  204. // Arrays of option values to set
  205. DWORD rgdwSecurityType[MAX_LAYERS] = {0};
  206. PCCERT_CONTEXT rgdwCertSigning[MAX_LAYERS] = {0};
  207. HCERTSTORE rgdwhCertStore[MAX_LAYERS] = {0}; // optional
  208. DWORD rgdwUserValidity[MAX_LAYERS] = {0}; // decode only
  209. DWORD rgdwROMsgValidity[MAX_LAYERS] = {0}; // decode only
  210. FILETIME rgftSigntime[MAX_LAYERS] = {0}; // optional
  211. PROPVARIANT rgpvAlgHash[MAX_LAYERS] = {0};
  212. PROPVARIANT rgpvSymcaps[MAX_LAYERS] = {0};
  213. PROPVARIANT rgpvAuthattr[MAX_LAYERS] = {0}; // optional
  214. PROPVARIANT rgpvUnauthattr[MAX_LAYERS] = {0}; // optional
  217. // This is the ALOGORITHM ID for SHA1, default supported signing alg
  218. const BYTE c_SHA1_ALGORITHM_ID[] =
  219. {0x30, 0x09, 0x30, 0x07, 0x06, 0x05, 0x2B, 0x0E,
  220. 0x03, 0x02, 0x1A};
  222. // This is the ALOGORITHM ID for RC2 -- 40 bit, the default encrypt
  223. const BYTE c_RC2_40_ALGORITHM_ID[] =
  224. {0x30, 0x0F, 0x30, 0x0D, 0x06, 0x08, 0x2A, 0x86,
  225. 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x02, 0x02, 0x01,
  226. 0x28};
  229. // get the signing cert from my store
  230. if (! m_hCryptProv || ! m_hMYCertStore || ! m_hCACertStore || ! m_hABCertStore) {
  231. hr = E_FAIL;
  232. goto Error;
  233. }
  236. // Create the Message object
  237. //
  238. CORg(CoCreateInstance(CLSID_IMimeMessage, NULL, CLSCTX_INPROC_SERVER,
  239. IID_IMimeMessage, (LPVOID*)&pMimeRoot));
  241. CORg(pMimeRoot->InitNew());
  244. CORg(CreateStreamOnHGlobal( NULL, TRUE, &pBuildStream));
  245. CORg(pBuildStream->Seek(liZero, STREAM_SEEK_SET, NULL));
  246. CORg(pBuildStream->Write(m_szBody, lstrlen(m_szBody), NULL));
  247. CORg(pBuildStream->Seek(liZero, STREAM_SEEK_SET, NULL));
  249. CORg(pMimeRoot->SetTextBody(TXT_PLAIN, IET_8BIT, NULL, pBuildStream, &hbBody));
  251. // Create the formatted From address
  252. if (m_szSenderName) {
  253. lstrcpy(szFrom, "\"");
  254. lstrcat(szFrom, m_szSenderName);
  255. lstrcat(szFrom, "\" ");
  256. } else {
  257. lstrcpy(szFrom, "");
  258. }
  259. lstrcat(szFrom, "<");
  260. lstrcat(szFrom, m_szSenderEmail);
  261. lstrcat(szFrom, ">");
  263. var.vt = VT_LPSTR;
  264. var.pszVal = szFrom; // From Email
  266. CORg(hr = pMimeRoot->SetProp(PIDTOSTR(PID_HDR_FROM), 0, &var));
  269. var.vt = VT_LPSTR; // ignored?
  270. var.pszVal = (LPSTR) STR_MIME_TEXT_PLAIN;
  271. CORg(pMimeRoot->SetBodyProp(hbBody, STR_HDR_CNTTYPE, 0, &var));
  273. var.vt = VT_LPSTR; // ignored?
  274. var.pszVal = (LPSTR) STR_ENC_QP;
  275. CORg(pMimeRoot->SetBodyProp(hbBody, STR_HDR_CNTXFER, 0, &var));
  277. // Set subject
  278. var.vt = VT_LPSTR;
  279. var.pszVal = (LPSTR) m_szSubject;
  280. CORg(pMimeRoot->SetBodyProp(hbBody, STR_HDR_SUBJECT, 0, &var));
  282. CORg(pMimeRoot->BindToObject(HBODY_ROOT, IID_IMimeBody, (LPVOID*)&pMimeRootBody));
  285. //
  286. // Set the security options
  287. //
  289. // How many layers?
  290. if (m_dwFlags & encode_InnerSign) {
  291. iInnerSignLayer = ulSecurityLayers;
  292. ulSecurityLayers++;
  293. }
  294. if (m_dwFlags & encode_Encrypt) {
  295. iEncryptLayer = ulSecurityLayers; // index in arrays
  296. ulSecurityLayers++;
  297. }
  298. if (m_dwFlags & encode_OuterSign) {
  299. iOuterSignLayer = ulSecurityLayers;
  300. ulSecurityLayers++;
  301. }
  304. // Set up for Inner Signing
  305. if (m_dwFlags & encode_InnerSign) {
  306. // specifiy the Security Type for this layer
  307. rgdwSecurityType[iInnerSignLayer] = m_dwFlags & encode_InnerClear ? MST_THIS_SIGN : MST_THIS_BLOBSIGN;
  308. dwSecurityType |= m_dwFlags & encode_InnerClear ? MST_THIS_SIGN : MST_THIS_BLOBSIGN;
  310. // Specify the Signing Time for this layer
  311. GetSystemTime(&stNow);
  312. SystemTimeToFileTime(&stNow, &rgftSigntime[iInnerSignLayer]);
  314. // specify the signature alg for this layer
  315. rgpvAlgHash[iInnerSignLayer].vt = VT_BLOB;
  316. rgpvAlgHash[iInnerSignLayer].blob.cbSize = sizeof(c_SHA1_ALGORITHM_ID);
  317. rgpvAlgHash[iInnerSignLayer].blob.pBlobData = (BYTE*)c_SHA1_ALGORITHM_ID;
  319. // Specify the signing cert for this layer
  320. rgdwCertSigning[iInnerSignLayer] = m_SigningCertInner;
  322. // HCERTSTORE rgdwhCertStore[MAX_LAYERS] = {0}; // optional
  323. // PROPVARIANT rgpvSymcaps[MAX_LAYERS] = {0};
  324. // PROPVARIANT rgpvAuthattr[MAX_LAYERS] = {0}; // optional
  325. // PROPVARIANT rgpvUnauthattr[MAX_LAYERS] = {0}; // optional
  326. }
  328. // Set up for Outer Signing
  329. if (m_dwFlags & encode_OuterSign) {
  330. // specifiy the Security Type for this layer
  331. rgdwSecurityType[iOuterSignLayer] = m_dwFlags & encode_InnerClear ? MST_THIS_SIGN : MST_THIS_BLOBSIGN;
  332. dwSecurityType |= m_dwFlags & encode_OuterClear ? MST_THIS_SIGN : MST_THIS_BLOBSIGN;
  334. // Specify the Signing Time for this layer
  335. GetSystemTime(&stNow);
  336. SystemTimeToFileTime(&stNow, &rgftSigntime[iOuterSignLayer]);
  338. // specify the signature alg for this layer
  339. rgpvAlgHash[iOuterSignLayer].vt = VT_BLOB;
  340. rgpvAlgHash[iOuterSignLayer].blob.cbSize = sizeof(c_SHA1_ALGORITHM_ID);
  341. rgpvAlgHash[iOuterSignLayer].blob.pBlobData = (BYTE*)c_SHA1_ALGORITHM_ID;
  343. // Specify the signing cert for this layer
  344. rgdwCertSigning[iOuterSignLayer] = m_SigningCertOuter;
  346. // HCERTSTORE rgdwhCertStore[MAX_LAYERS] = {0}; // optional
  347. // PROPVARIANT rgpvSymcaps[MAX_LAYERS] = {0};
  348. // PROPVARIANT rgpvAuthattr[MAX_LAYERS] = {0}; // optional
  349. // PROPVARIANT rgpvUnauthattr[MAX_LAYERS] = {0}; // optional
  350. }
  352. // Set up for Encrypting
  353. if (m_dwFlags & encode_Encrypt) {
  354. HCERTSTORE aCertStores[3];
  356. //
  357. // BUGBUG: Hardcoded to RC2 40-bit
  358. var.vt = VT_BLOB;
  359. var.blob.cbSize = sizeof( c_RC2_40_ALGORITHM_ID );
  360. var.blob.pBlobData = (BYTE*) c_RC2_40_ALGORITHM_ID;
  361. CORg(hr = pMimeRootBody->SetOption(OID_SECURITY_ALG_BULK, &var));
  363. // for encryption, get to the right cert store....
  364. //
  365. var.caul.cElems = 3;
  366. aCertStores[0] = CertDuplicateStore(m_hCACertStore);
  367. aCertStores[1] = CertDuplicateStore(m_hMYCertStore);
  368. aCertStores[2] = CertDuplicateStore(m_hABCertStore);
  369. var.caul.pElems = (ULONG*)aCertStores;
  370. CORg(hr = pMimeRootBody->SetOption(OID_SECURITY_SEARCHSTORES, &var));
  372. var.vt = VT_VECTOR | VT_UI4;
  373. var.caul.cElems = 1;
  374. var.caul.pElems = (ULONG*)&m_EncryptionCert;
  375. CORg(pMimeRootBody->SetOption(OID_SECURITY_RG_CERT_ENCRYPT, &var));
  377. #ifdef BUGBUG // This isn't right, is it?
  378. // include the cert...
  379. var.vt = VT_VECTOR | VT_UI4;
  380. var.caul.cElems = 1;
  381. var.caul.pElems = (ULONG*)&m_EncryptionCert;
  382. CORg(pMimeRootBody->SetOption(OID_SECURITY_RG_CERT_BAG, &var));
  383. #endif // OLD_STUFF
  385. dwSecurityType |= MST_THIS_ENCRYPT;
  386. rgdwSecurityType[iEncryptLayer] = MST_THIS_ENCRYPT;
  387. }
  389. // Set the OID_SECURITY_TYPE
  390. if (fTripleWrap) {
  391. var.vt = VT_VECTOR | VT_UI4;
  392. var.caul.cElems = ulSecurityLayers;
  393. var.caul.pElems = rgdwSecurityType;
  394. CORg(pMimeRootBody->SetOption(OID_SECURITY_TYPE_RG, &var));
  396. var.vt = VT_VECTOR | VT_FILETIME;
  397. var.cafiletime.cElems = ulSecurityLayers;
  398. var.cafiletime.pElems = rgftSigntime;
  399. CORg(pMimeRootBody->SetOption(OID_SECURITY_SIGNTIME_RG, &var));
  401. var.vt = VT_VECTOR | VT_UI4;
  402. var.caul.cElems = ulSecurityLayers;
  403. var.caul.pElems = (DWORD *)rgdwCertSigning;
  404. CORg(pMimeRootBody->SetOption(OID_SECURITY_CERT_SIGNING_RG, &var));
  406. var.vt = VT_VECTOR | VT_VARIANT;
  407. var.capropvar.cElems = ulSecurityLayers;
  408. var.capropvar.pElems = rgpvAlgHash;
  409. CORg(pMimeRootBody->SetOption(OID_SECURITY_ALG_HASH_RG, &var));
  411. var.vt = VT_VECTOR | VT_VARIANT;
  412. var.capropvar.cElems = ulSecurityLayers;
  413. var.capropvar.pElems = rgpvAlgHash;
  414. CORg(pMimeRootBody->SetOption(OID_SECURITY_ALG_HASH_RG, &var));
  416. } else {
  417. // Security Type
  418. var.vt = VT_UI4;
  419. var.ulVal = dwSecurityType;
  420. CORg(pMimeRootBody->SetOption(OID_SECURITY_TYPE, &var));
  422. if (dwSecurityType & MST_SIGN_MASK) {
  423. // Signing Time
  424. var.vt = VT_FILETIME;
  425. memcpy(&var.filetime, &rgftSigntime[iInnerSignLayer], sizeof(FILETIME));
  426. CORg(pMimeRootBody->SetOption(OID_SECURITY_SIGNTIME, &var));
  428. // Hash Algorithm
  429. var.vt = VT_BLOB;
  430. memcpy(&var.blob, &rgpvAlgHash[iInnerSignLayer].blob, sizeof(BLOB));
  431. CORg(hr = pMimeRootBody->SetOption(OID_SECURITY_ALG_HASH, &var));
  433. // Signing Cert
  434. var.vt = VT_UI4;
  435. var.ulVal = (ULONG)m_SigningCertInner;
  436. CORg(pMimeRootBody->SetOption(OID_SECURITY_CERT_SIGNING, &var));
  437. }
  438. }
  441. // Set the HWND for CAPI calls
  442. var.vt = VT_UI4;
  443. var.ulVal = 0;
  444. CORg(pMimeRootBody->SetOption(OID_SECURITY_HWND_OWNER, &var));
  447. // all built, get rid of the shadow pointer we are holding
  448. //
  449. pMimeRootBody->Release();
  450. pMimeRootBody = NULL;
  452. pMimeRoot->Commit(0);
  454. // SMIME Engine
  455. //
  456. CORg(CoCreateInstance(CLSID_IMimeSecurity, NULL, CLSCTX_INPROC_SERVER,
  457. IID_IMimeSecurity, (LPVOID*) &pMimeSecurity));
  459. CORg(pMimeSecurity->InitNew());
  461. // ERRORMESSAGE( Unable to encrypt/encode string )
  462. CORg(pMimeSecurity->EncodeBody(pMimeRoot, HBODY_ROOT,
  463. EBF_RECURSE | SEF_SENDERSCERTPROVIDED | SEF_ENCRYPTWITHNOSENDERCERT |
  464. EBF_COMMITIFDIRTY));
  466. // Get an Hcharset to force the encoding correctly
  467. //
  468. CORg(CoCreateInstance(CLSID_IMimeInternational, NULL, CLSCTX_INPROC_SERVER,
  469. IID_IMimeInternational, (LPVOID*)&pCharSet));
  471. CORg(pCharSet->FindCharset("UTF-8", &HCharset));
  473. CORg(pMimeRoot->SetCharset(HCharset, // HCharset
  474. CSET_APPLY_ALL)); // Applytype
  477. // dump it to a file
  478. //
  479. MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, m_szOutputFile, -1, szwFileName, MAX_PATH);
  480. CORg(pMimeRoot->QueryInterface(IID_IPersistFile, (LPVOID*)&pIPFFileStore));
  481. CORg(pIPFFileStore->Save(szwFileName, FALSE));
  484. // extract the whole message into a stream
  485. //
  486. CORg(CreateStreamOnHGlobal(NULL, TRUE, &pResultStream));
  487. CORg(pMimeRoot->Save(pResultStream, FALSE));
  489. Error:
  490. if (pBuildStream) pBuildStream->Release();
  491. if (pResultStream) pResultStream->Release();
  492. if (pMimeRoot) pMimeRoot->Release();
  493. if (pMimeRootBody) pMimeRootBody->Release();
  494. if (pCharSet) pCharSet->Release();
  495. if (pMimeSecurity) pMimeSecurity->Release();
  496. if (pIPFFileStore) pIPFFileStore->Release();
  498. return(hr);
  499. }