archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/snapin/certmgr/cookie.cpp

1530 lines
49 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1997-2002.
  5. //
  6. // File: Cookie.cpp
  7. //
  8. // Contents: Implementation of CCertMgrCookie and related classes
  9. //
  10. //----------------------------------------------------------------------------
  13. #include "stdafx.h"
  14. #include <gpedit.h>
  15. #include "cookie.h"
  16. #include "storegpe.h"
  17. #pragma warning(push, 3)
  18. #include <atlimpl.cpp>
  19. #pragma warning(pop)
  21. DECLARE_INFOLEVEL(CertificateManagerSnapin)
  23. USE_HANDLE_MACROS("CERTMGR(cookie.cpp)")
  25. #ifdef _DEBUG
  26. #ifndef ALPHA
  27. #define new DEBUG_NEW
  28. #endif
  29. #undef THIS_FILE
  30. static char THIS_FILE[] = __FILE__;
  31. #endif
  33. #include "stdcooki.cpp"
  34. #include "stdutils.cpp"
  35. #include "certifct.h"
  38. //
  39. // CCertMgrCookie
  40. //
  42. // returns <0, 0 or >0
  45. CCertMgrCookie::CCertMgrCookie (CertificateManagerObjectType objecttype,
  46. LPCWSTR lpcszMachineName,
  47. LPCWSTR objectName)
  48. : CStoresMachineName (lpcszMachineName),
  49. m_objecttype (objecttype),
  50. m_objectName (objectName),
  51. m_resultDataID (0),
  52. m_nOpenPageCount (0),
  53. m_bIsSelected (false)
  54. {
  55. ASSERT (IsValidObjectType (m_objecttype));
  56. if ( m_objectName.IsEmpty () )
  57. {
  58. AFX_MANAGE_STATE (AfxGetStaticModuleState ());
  59. VERIFY (m_objectName.LoadString (IDS_CERTIFICATE_MANAGER));
  60. }
  61. }
  63. CCertMgrCookie::~CCertMgrCookie ()
  64. {
  65. }
  68. HRESULT CCertMgrCookie::CompareSimilarCookies( CCookie* pOtherCookie, int* pnResult )
  69. {
  70. ASSERT (pOtherCookie);
  72. CCertMgrCookie* pcookie = reinterpret_cast <CCertMgrCookie*>(pOtherCookie);
  73. ASSERT (pcookie);
  74. if ( pcookie && m_objecttype != pcookie->m_objecttype )
  75. {
  76. *pnResult = ((int)m_objecttype) - ((int)pcookie->m_objecttype); // arbitrary ordering
  77. return S_OK;
  78. }
  80. return E_UNEXPECTED;
  81. }
  83. CCookie* CCertMgrCookie::QueryBaseCookie(int i)
  84. {
  85. ASSERT(!i);
  86. return (CCookie*)this;
  87. }
  89. int CCertMgrCookie::QueryNumCookies()
  90. {
  91. return 1;
  92. }
  94. LPCWSTR CCertMgrCookie::GetObjectName()
  95. {
  96. return m_objectName;
  97. }
  99. HRESULT CCertMgrCookie::Commit()
  100. {
  101. return S_OK;
  102. }
  104. UINT CCertMgrCookie::IncrementOpenPageCount ()
  105. {
  106. m_nOpenPageCount++;
  107. return m_nOpenPageCount;
  108. }
  110. UINT CCertMgrCookie::DecrementOpenPageCount ()
  111. {
  112. ASSERT (0 != m_nOpenPageCount);
  113. if ( 0 != m_nOpenPageCount )
  114. m_nOpenPageCount--;
  116. return m_nOpenPageCount;
  117. }
  119. bool CCertMgrCookie::HasOpenPropertyPages () const
  120. {
  121. return (0 != m_nOpenPageCount) ? true : false;
  122. }
  124. void CCertMgrCookie::SetSelected(bool bIsSelected)
  125. {
  126. m_bIsSelected = bIsSelected;
  127. }
  129. bool CCertMgrCookie::IsSelected() const
  130. {
  131. return m_bIsSelected;
  132. }
  134. ///////////////////////////////////////////////////////////////////////////////
  135. ///////////////////////////////////////////////////////////////////////////////
  136. CCertStore::CCertStore (
  137. CertificateManagerObjectType objecttype,
  138. LPCSTR pszStoreProv,
  139. DWORD dwFlags,
  140. LPCWSTR lpcszMachineName,
  141. LPCWSTR objectName,
  142. const CString & pcszLogStoreName,
  143. const CString & pcszPhysStoreName,
  144. const SPECIAL_STORE_TYPE storeType,
  145. const DWORD dwLocation,
  146. IConsole* pConsole,
  147. bool fIsComputerType /*= false*/)
  148. : CCertMgrCookie (objecttype,
  149. lpcszMachineName,
  150. objectName),
  151. m_hCertStore (0),
  152. m_dwFlags (dwFlags),
  153. m_storeProvider (pszStoreProv),
  154. m_pcszStoreName (pcszLogStoreName),
  155. m_storeType (storeType),
  156. m_bReadOnly (false),
  157. m_bUnableToOpenMsgDisplayed (false),
  158. m_dwLocation (dwLocation),
  159. m_pConsole (pConsole),
  160. m_bDirty (false),
  161. m_fReadOnlyFlagChecked (false),
  162. m_nCertCount (0),
  163. m_fCertCountValid (false),
  164. m_nLockCnt (0),
  165. m_fIsComputerType (fIsComputerType)
  166. {
  167. _TRACE (1, L"Entering CCertStore::CCertStore LS: %s PS: %s\n",
  168. (LPCWSTR) pcszLogStoreName,
  169. (LPCWSTR) pcszPhysStoreName);
  170. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  171. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  172. CERTMGR_LOG_STORE == m_objecttype ||
  173. CERTMGR_PHYS_STORE == m_objecttype);
  174. if ( CERT_STORE_PROV_COLLECTION != pszStoreProv )
  175. {
  176. ASSERT (!pcszLogStoreName.IsEmpty ());
  177. if ( !pcszPhysStoreName.IsEmpty () )
  178. m_pcszStoreName += _T("\\") + pcszPhysStoreName;
  179. }
  180. ASSERT (m_pConsole);
  181. if ( m_pConsole )
  182. m_pConsole->AddRef ();
  183. _TRACE (-1, L"Leaving CCertStore::CCertStore - %s\n",
  184. (LPCWSTR) m_pcszStoreName);
  185. }
  188. CCertStore::~CCertStore ()
  189. {
  190. _TRACE (1, L"Entering CCertStore::~CCertStore - %s\n",
  191. (LPCWSTR) m_pcszStoreName);
  192. Close (true); // force close
  193. if ( m_pConsole )
  194. m_pConsole->Release ();
  195. _TRACE (-1, L"Leaving CCertStore::~CCertStore - %s\n",
  196. (LPCWSTR) m_pcszStoreName);
  197. }
  199. HCERTSTORE CCertStore::GetStoreHandle (BOOL bSilent /* = FALSE*/, HRESULT* phr /* = 0*/)
  200. {
  201. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  202. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  203. CERTMGR_LOG_STORE == m_objecttype ||
  204. CERTMGR_PHYS_STORE == m_objecttype);
  206. DWORD dwErr = 0;
  207. if ( !m_hCertStore )
  208. {
  209. void* pvPara = 0;
  211. if ( CERT_STORE_PROV_COLLECTION != m_storeProvider )
  212. pvPara = (void*)(LPCWSTR) m_pcszStoreName;
  213. m_dwFlags |= CERT_STORE_SET_LOCALIZED_NAME_FLAG;
  215. _TRACE (0, L"Opening %s store\n", (LPCWSTR) m_pcszStoreName);
  216. m_hCertStore = ::CertOpenStore (m_storeProvider,
  217. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  218. NULL,
  219. m_dwFlags | CERT_STORE_MAXIMUM_ALLOWED_FLAG,
  220. pvPara);
  221. if ( !m_hCertStore )
  222. {
  223. dwErr = GetLastError ();
  224. if ( phr )
  225. *phr = HRESULT_FROM_WIN32 (dwErr);
  226. _TRACE (0, L"Open of %s store failed. 0x%x\n", (LPCWSTR) m_pcszStoreName,
  227. dwErr);
  228. _TRACE (0, L"Opening %s store (read-only)\n", (LPCWSTR) m_pcszStoreName);
  229. m_dwFlags |= CERT_STORE_READONLY_FLAG;
  230. m_hCertStore = ::CertOpenStore (m_storeProvider,
  231. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  232. NULL,
  233. m_dwFlags,
  234. pvPara);
  235. if ( m_hCertStore )
  236. m_bReadOnly = true;
  237. else
  238. {
  239. dwErr = GetLastError ();
  240. if ( phr )
  241. *phr = HRESULT_FROM_WIN32 (dwErr);
  242. _TRACE (0, L"CertOpenStore (%s) failed: 0x%x\n",
  243. (PCWSTR) m_pcszStoreName, dwErr);
  244. }
  245. }
  246. if ( !m_hCertStore )
  247. {
  248. dwErr = GetLastError ();
  249. if ( phr )
  250. *phr = HRESULT_FROM_WIN32 (dwErr);
  251. _TRACE (0, L"Open of %s store (read-only) failed. 0x%x\n",
  252. (LPCWSTR) m_pcszStoreName, dwErr);
  253. if ( CERT_STORE_PROV_FILENAME_W == m_storeProvider)
  254. {
  255. _TRACE (0, L"Open %s store (file-based).\n", (LPCWSTR) m_pcszStoreName);
  256. DWORD cbData = 0;
  257. BYTE* pbData = NULL;
  259. //get the BLOB from the file
  260. // ISSUE
  261. // NTRAID Bug9 538824: Certmgr: Memory leak if CertOpenStore fails.
  262. HRESULT hr = RetrieveBLOBFromFile ((LPCWSTR) m_pcszStoreName,
  263. &cbData, &pbData);
  264. if ( SUCCEEDED (hr) )
  265. {
  266. //open a generic memory store
  267. m_hCertStore = ::CertOpenStore (CERT_STORE_PROV_MEMORY,
  268. 0, NULL,
  269. CERT_STORE_SET_LOCALIZED_NAME_FLAG | CERT_STORE_MAXIMUM_ALLOWED_FLAG,
  270. NULL);
  273. if ( m_hCertStore )
  274. {
  275. if ( !CertAddSerializedElementToStore (
  276. m_hCertStore,
  277. pbData,
  278. cbData,
  279. CERT_STORE_ADD_ALWAYS,
  280. 0,
  281. CERT_STORE_ALL_CONTEXT_FLAG,
  282. NULL,
  283. NULL) )
  284. {
  285. // CertAddSerializedElementToStore failed. This means this is probably a
  286. // base64 certificate or a store containing a base64 certificate. Open it
  287. // up with CryptQueryObject.
  288. _TRACE (0, L"CCertStore::GetStoreHandle () - File input is not a serialized element.\n");
  289. DWORD dwMsgAndCertEncodingType = 0;
  290. DWORD dwContentType = 0;
  291. DWORD dwFormatType = 0;
  292. PCERT_CONTEXT pCertContext = 0;
  293. CERT_BLOB certBlob;
  294. HCERTSTORE hCertStore = 0;
  296. // security review 2/27/2002 BryanWal ok
  297. ::ZeroMemory (&certBlob, sizeof (certBlob));
  298. certBlob.cbData = cbData;
  299. certBlob.pbData = pbData;
  300. BOOL bResult = ::CryptQueryObject (
  301. CERT_QUERY_OBJECT_BLOB, // CERT_QUERY_OBJECT_FILE,
  302. (void *) &certBlob, //(LPCWSTR) m_pcszStoreName,
  303. CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT |
  304. CERT_QUERY_CONTENT_FLAG_CERT |
  305. CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED |
  306. CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED |
  307. CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
  308. CERT_QUERY_FORMAT_FLAG_ALL,
  309. 0,
  310. &dwMsgAndCertEncodingType,
  311. &dwContentType,
  312. &dwFormatType,
  313. &hCertStore,
  314. NULL,
  315. (const void **) &pCertContext);
  316. if ( bResult && pCertContext )
  317. {
  318. // The file contains a certificate context
  319. hr = AddCertificateContext (pCertContext, 0, false);
  320. }
  321. else if ( bResult && hCertStore )
  322. {
  323. // The file contains a certificate store, so close the temporary memory store we created
  324. // and assign the returned store handle to the global handle.
  325. ::CertCloseStore (m_hCertStore, CERT_CLOSE_STORE_FORCE_FLAG);
  326. m_hCertStore = hCertStore;
  327. }
  328. else
  329. {
  330. CString caption;
  331. CString message;
  332. int iRetVal = 0;
  334. VERIFY (caption.LoadString (IDS_CERTIFICATE_MANAGER));
  335. VERIFY (message.LoadString (IDS_UNKNOWN_CERT_FILE_TYPE));
  337. if ( m_pConsole )
  338. m_pConsole->MessageBox (message, caption, MB_ICONWARNING | MB_OK, &iRetVal);
  339. }
  340. }
  341. }
  342. else
  343. {
  344. free (pbData);
  345. dwErr = GetLastError ();
  346. _TRACE (0, L"CertOpenStore (%s) failed: 0x%x\n",
  347. (PCWSTR) m_pcszStoreName, dwErr);
  348. }
  349. }
  350. else
  351. {
  352. _TRACE (0, L"CCertStore::GetStoreHandle () - Unable to retrieve BLOB from file: %x.\n", hr);
  353. }
  354. if ( phr )
  355. *phr = hr;
  356. }
  357. }
  358. else
  359. {
  360. _TRACE (0, L"Open of %s store succeeded.\n", (LPCWSTR) m_pcszStoreName);
  361. }
  362. }
  364. if ( !m_hCertStore && !m_bUnableToOpenMsgDisplayed && !bSilent &&
  365. (USERDS_STORE != GetStoreType ()) )
  366. {
  367. m_bUnableToOpenMsgDisplayed = true;
  368. CString caption;
  369. CString text;
  370. int iRetVal = 0;
  372. VERIFY (caption.LoadString (IDS_CERTIFICATE_MANAGER));
  373. text.FormatMessage (IDS_UNABLE_TO_OPEN_STORE, GetStoreName (),
  374. GetSystemMessage (dwErr));
  375. if ( m_pConsole )
  376. m_pConsole->MessageBox ( text, caption, MB_OK, &iRetVal);
  377. }
  379. return m_hCertStore;
  380. }
  383. //--------------------------------------------------------------------------------
  384. //
  385. //get the bytes from the file name
  386. //
  387. // Note; Memory is allocated via malloc. S_OK is returned
  388. // via succees
  389. //
  390. //
  391. //
  392. //---------------------------------------------------------------------------------
  393. HRESULT CCertStore::RetrieveBLOBFromFile (LPCWSTR pwszFileName, DWORD *pcb, BYTE **ppb)
  394. {
  395. _TRACE (1, L"Entering CCertStore::RetrieveBLOBFromFile - %s\n",
  396. (LPCWSTR) m_pcszStoreName);
  397. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  398. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  399. CERTMGR_LOG_STORE == m_objecttype ||
  400. CERTMGR_PHYS_STORE == m_objecttype);
  401. HRESULT hr = S_OK;
  402. HANDLE hFile = NULL;
  403. DWORD dwBytesRead = 0;
  405. if(!pcb || !ppb || !pwszFileName)
  406. return E_INVALIDARG;
  408. *ppb=NULL;
  409. *pcb=0;
  411. // security review 2/27/2002 BryanWal - file name comes from command-line
  412. // ISSUE: Check valid length of path and file name here
  413. // NTRAID Bug9 566232 Security: Certmgr: Check valid file name and path length before call to Create File
  414. // What is a reasonable file size? PhilH says there is no real limit.
  415. hFile = ::CreateFile (pwszFileName,
  416. GENERIC_READ,
  417. FILE_SHARE_READ,
  418. NULL, // lpsa
  419. OPEN_EXISTING,
  420. FILE_ATTRIBUTE_NORMAL,
  421. NULL);
  422. if (INVALID_HANDLE_VALUE != hFile )
  423. {
  424. *pcb = GetFileSize(hFile, NULL);
  425. if ( INVALID_FILE_SIZE != *pcb )
  426. {
  427. *ppb = (BYTE *)malloc(*pcb);
  429. if ( *ppb )
  430. {
  431. // Read the pkcs7 message
  432. // security review 2/27/2002 BryanWal
  433. // What is a reasonable file size? PhilH says there is no real limit.
  434. if ( !ReadFile(hFile,
  435. *ppb,
  436. *pcb,
  437. &dwBytesRead,
  438. NULL) ||
  439. dwBytesRead != *pcb )
  440. {
  441. free(*ppb);
  442. *ppb=NULL;
  443. hr = HRESULT_FROM_WIN32(GetLastError());;
  444. }
  445. }
  446. else
  447. hr = E_OUTOFMEMORY;
  448. }
  449. else
  450. {
  451. DWORD dwErr = GetLastError ();
  452. _TRACE (0, L"GetFileSize () returned 0x%x\n", dwErr);
  453. hr = HRESULT_FROM_WIN32 (dwErr);
  454. }
  456. //close the file handle
  457. CloseHandle(hFile);
  458. }
  459. else
  460. {
  461. DWORD dwErr = GetLastError ();
  462. _TRACE (0, L"CreateFile (OPEN_EXISTING, %s) failed: 0x%x\n", pwszFileName, dwErr);
  463. hr = HRESULT_FROM_WIN32 (dwErr);
  464. }
  467. _TRACE (-1, L"Leaving CCertStore::RetrieveBLOBFromFile - %s\n",
  468. (LPCWSTR) m_pcszStoreName);
  469. return S_OK;
  470. }
  474. bool CCertStore::IsReadOnly ()
  475. {
  476. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  477. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  478. CERTMGR_LOG_STORE == m_objecttype ||
  479. CERTMGR_PHYS_STORE == m_objecttype);
  481. // GetCertStore () sets the read-only checked flag
  482. // Optimization: If the flag is true, it's already been set.
  483. if ( !m_fReadOnlyFlagChecked )
  484. {
  485. GetStoreHandle ();
  486. Close ();
  487. m_fReadOnlyFlagChecked = true;
  488. }
  490. return m_bReadOnly;
  491. }
  494. HRESULT CCertStore::Commit()
  495. {
  496. _TRACE (1, L"Entering CCertStore::Commit - %s\n",
  497. (LPCWSTR) m_pcszStoreName);
  498. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  499. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  500. CERTMGR_LOG_STORE == m_objecttype ||
  501. CERTMGR_PHYS_STORE == m_objecttype);
  502. HRESULT hr = CCertMgrCookie::Commit ();
  504. if ( m_hCertStore && !m_bReadOnly && m_bDirty )
  505. {
  506. BOOL bResult = ::CertControlStore (m_hCertStore, 0,
  507. CERT_STORE_CTRL_COMMIT, NULL);
  508. if ( bResult )
  509. m_bDirty = false;
  510. else
  511. {
  512. DWORD dwErr = GetLastError ();
  513. hr = HRESULT_FROM_WIN32 (dwErr);
  515. if ( E_ACCESSDENIED == hr )
  516. {
  517. m_bReadOnly = true;
  518. m_dwFlags |= CERT_STORE_READONLY_FLAG;
  519. }
  520. else
  521. {
  522. LPVOID lpMsgBuf = 0;
  524. // security review 2/27/2002 BryanWal - ok - message from system
  525. FormatMessage (FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM,
  526. NULL,
  527. dwErr,
  528. MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
  529. (LPWSTR) &lpMsgBuf, 0, NULL);
  531. // Display the string.
  532. CString caption;
  533. CString message;
  534. int iRetVal = 0;
  536. VERIFY (caption.LoadString (IDS_CERTIFICATE_MANAGER));
  537. message.FormatMessage (IDS_CANT_SAVE_STORE, GetStoreName (), (LPWSTR) lpMsgBuf);
  538. if ( m_pConsole )
  539. m_pConsole->MessageBox ((LPCWSTR) message, (LPCWSTR) caption,
  540. MB_OK, &iRetVal);
  541. // Free the buffer.
  542. LocalFree (lpMsgBuf);
  543. }
  544. }
  545. }
  547. _TRACE (-1, L"Leaving CCertStore::Commit - %s\n",
  548. (LPCWSTR) m_pcszStoreName);
  549. return hr;
  550. }
  553. bool CCertStore::ContainsCertificates()
  554. {
  555. _TRACE (1, L"Entering CCertStore::ContainsCertificates - %s\n",
  556. (LPCWSTR) m_pcszStoreName);
  557. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  558. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  559. CERTMGR_LOG_STORE == m_objecttype ||
  560. CERTMGR_PHYS_STORE == m_objecttype);
  561. bool bResult = false;
  563. bResult = (GetCertCount () > 0);
  564. _TRACE (-1, L"Leaving CCertStore::ContainsCertificates - %s\n",
  565. (LPCWSTR) m_pcszStoreName);
  566. return bResult;
  567. }
  569. bool CCertStore::ContainsCRLs()
  570. {
  571. _TRACE (1, L"Entering CCertStore::ContainsCRLs - %s\n",
  572. (LPCWSTR) m_pcszStoreName);
  573. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  574. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  575. CERTMGR_LOG_STORE == m_objecttype ||
  576. CERTMGR_PHYS_STORE == m_objecttype);
  577. bool bResult = false;
  578. PCCRL_CONTEXT pCRLContext = EnumCRLs (0);
  579. if ( !pCRLContext )
  580. bResult = false;
  581. else
  582. {
  583. ::CertFreeCRLContext (pCRLContext);
  584. bResult = true;
  585. }
  586. Close ();
  588. _TRACE (-1, L"Leaving CCertStore::ContainsCRLs - %s\n",
  589. (LPCWSTR) m_pcszStoreName);
  590. return bResult;
  591. }
  593. bool CCertStore::ContainsCTLs()
  594. {
  595. _TRACE (1, L"Entering CCertStore::ContainsCTLs - %s\n",
  596. (LPCWSTR) m_pcszStoreName);
  597. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  598. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  599. CERTMGR_LOG_STORE == m_objecttype ||
  600. CERTMGR_PHYS_STORE == m_objecttype);
  601. bool bResult = false;
  602. PCCTL_CONTEXT pCTLContext = EnumCTLs (0);
  603. if ( !pCTLContext )
  604. bResult = false;
  605. else
  606. {
  607. ::CertFreeCTLContext (pCTLContext);
  608. bResult = true;
  609. }
  610. Close ();
  612. _TRACE (-1, L"Leaving CCertStore::ContainsCTLs - %s\n",
  613. (LPCWSTR) m_pcszStoreName);
  614. return bResult;
  615. }
  618. LPCWSTR CCertStore::GetLocalizedName()
  619. {
  620. // _TRACE (1, L"Entering CCertStore::GetLocalizedName - %s\n",
  621. // (LPCWSTR) m_pcszStoreName);
  622. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  623. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  624. CERTMGR_LOG_STORE == m_objecttype ||
  625. CERTMGR_PHYS_STORE == m_objecttype);
  626. if ( m_localizedName.IsEmpty () )
  627. {
  628. m_localizedName = ::CryptFindLocalizedName (GetObjectName ());
  629. if ( m_localizedName.IsEmpty () )
  630. {
  631. DWORD cbLocalizedName;
  632. HCERTSTORE hStore = 0;
  633. bool bStoreOpenedByThisMethod = false;
  635. // NTRAID# 366562 Safer: Inconsistent drag-and-drop behavior for certificate rules
  636. if ( m_hCertStore )
  637. hStore = m_hCertStore;
  638. else
  639. {
  640. hStore = GetStoreHandle ();
  641. bStoreOpenedByThisMethod = true;
  642. }
  644. if ( hStore )
  645. {
  646. if ( CertGetStoreProperty(
  647. hStore,
  648. CERT_STORE_LOCALIZED_NAME_PROP_ID,
  649. NULL,
  650. &cbLocalizedName))
  651. {
  652. LPWSTR pwszLocalizedName = new WCHAR[cbLocalizedName/sizeof (WCHAR)];
  653. if ( pwszLocalizedName )
  654. {
  655. // security review 2/27/2002 BryanWal ok
  656. ::ZeroMemory (pwszLocalizedName, cbLocalizedName);
  657. if ( CertGetStoreProperty(
  658. hStore,
  659. CERT_STORE_LOCALIZED_NAME_PROP_ID,
  660. pwszLocalizedName,
  661. &cbLocalizedName
  662. ))
  663. {
  664. m_localizedName = pwszLocalizedName;
  665. if ( m_localizedName == m_pcszStoreName )
  666. m_localizedName = GetObjectName ();
  667. }
  669. delete [] pwszLocalizedName;
  670. }
  671. }
  673. if ( bStoreOpenedByThisMethod )
  674. Close ();
  675. }
  676. }
  678. // If it's still empty, get the object name
  679. if ( m_localizedName.IsEmpty () )
  680. m_localizedName = GetObjectName ();
  681. }
  682. // _TRACE (-1, L"Leaving CCertStore::GetLocalizedName - %s\n",
  683. // (LPCWSTR) m_pcszStoreName);
  684. return (LPCWSTR) m_localizedName;
  685. }
  687. CString CCertStore::GetStoreName() const
  688. {
  689. // _TRACE (0, L"Entering and leaving CCertStore::GetStoreName - %s\n",
  690. // (LPCWSTR) m_pcszStoreName);
  691. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  692. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  693. CERTMGR_LOG_STORE == m_objecttype ||
  694. CERTMGR_PHYS_STORE == m_objecttype);
  695. return m_pcszStoreName;
  696. }
  699. HRESULT CCertStore::AddCertificateContext(
  700. PCCERT_CONTEXT pContext,
  701. LPCONSOLE pConsole,
  702. bool bDeletePrivateKey,
  703. PCCERT_CONTEXT* ppNewCertContext,
  704. bool* pbCertWasReplaced)
  705. {
  706. AFX_MANAGE_STATE(AfxGetStaticModuleState());
  707. _TRACE (1, L"Entering CCertStore::AddCertificateContext - %s\n",
  708. (LPCWSTR) m_pcszStoreName);
  709. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  710. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  711. CERTMGR_LOG_STORE == m_objecttype ||
  712. CERTMGR_PHYS_STORE == m_objecttype);
  713. ASSERT (pContext);
  714. if ( !pContext )
  715. return E_POINTER;
  717. if ( pbCertWasReplaced )
  718. *pbCertWasReplaced = false;
  720. HRESULT hr = S_OK;
  721. HCERTSTORE hCertStore = GetStoreHandle (FALSE, &hr);
  723. if ( hCertStore )
  724. {
  725. PCCERT_CONTEXT pNewContext = 0;
  727. BOOL bResult = ::CertAddCertificateContextToStore (hCertStore,
  728. ::CertDuplicateCertificateContext (pContext), CERT_STORE_ADD_NEW,
  729. &pNewContext);
  730. if ( !bResult )
  731. {
  732. DWORD dwErr = GetLastError ();
  733. _TRACE (0, L"CertAddCertificateContextToStore () failed: 0x%x\n", dwErr);
  735. if ( CRYPT_E_EXISTS == dwErr )
  736. {
  737. if ( pConsole ) // if !pConsole then no popup is desired
  738. {
  739. CCertificate cert (pContext, this);
  740. CString text;
  741. CString caption;
  742. int iRetVal = 0;
  745. text.FormatMessage (IDS_DUPLICATE_CERT,
  746. (PCWSTR) GetLocalizedName (),
  747. (PCWSTR) cert.GetFriendlyName (),
  748. (PCWSTR) cert.GetSubjectName ());
  749. VERIFY (caption.LoadString (IDS_CERTIFICATE_MANAGER));
  750. hr = pConsole->MessageBox (text, caption,
  751. MB_YESNO | MB_DEFBUTTON2, &iRetVal);
  752. if ( IDYES == iRetVal )
  753. {
  754. bResult = ::CertAddCertificateContextToStore (hCertStore,
  755. ::CertDuplicateCertificateContext (pContext),
  756. CERT_STORE_ADD_REPLACE_EXISTING,
  757. &pNewContext);
  758. if ( bResult )
  759. {
  760. if ( pbCertWasReplaced )
  761. *pbCertWasReplaced = true;
  762. }
  763. else
  764. {
  765. hr = HRESULT_FROM_WIN32 (GetLastError ());
  766. }
  767. }
  768. else
  769. hr = HRESULT_FROM_WIN32 (CRYPT_E_EXISTS);
  770. }
  771. }
  772. else
  773. {
  774. hr = HRESULT_FROM_WIN32 (dwErr);
  775. }
  776. }
  777. else
  778. {
  779. m_fCertCountValid = false;
  780. SetDirty ();
  781. ASSERT (pNewContext);
  782. if ( bDeletePrivateKey )
  783. {
  784. ::CertSetCertificateContextProperty (pNewContext,
  785. CERT_KEY_PROV_INFO_PROP_ID, 0, NULL);
  786. }
  787. }
  789. if ( pNewContext && ppNewCertContext)
  790. *ppNewCertContext = pNewContext;
  791. Close ();
  792. }
  793. else
  794. hr = E_FAIL;
  796. _TRACE (-1, L"Leaving CCertStore::AddCertificateContext - %s\n",
  797. (LPCWSTR) m_pcszStoreName);
  798. return hr;
  799. }
  801. void CCertStore::IncrementCertCount ()
  802. {
  803. m_nCertCount++;
  804. }
  806. int CCertStore::GetCertCount()
  807. {
  808. _TRACE (1, L"Entering CCertStore::GetCertCount - %s\n",
  809. (LPCWSTR) m_pcszStoreName);
  810. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  811. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  812. CERTMGR_LOG_STORE == m_objecttype ||
  813. CERTMGR_PHYS_STORE == m_objecttype);
  814. if ( !m_fCertCountValid )
  815. {
  816. PCCERT_CONTEXT pCertContext = 0;
  819. m_nCertCount = 0;
  820. while ( 1 )
  821. {
  822. pCertContext = EnumCertificates (pCertContext);
  823. if ( pCertContext )
  824. m_nCertCount++;
  825. else
  826. break;
  827. }
  828. Close ();
  829. m_fCertCountValid = true;
  830. }
  831. _TRACE (-1, L"Leaving CCertStore::GetCertCount - %s\n",
  832. (LPCWSTR) m_pcszStoreName);
  833. return m_nCertCount;
  834. }
  837. BOOL CCertStore::operator ==(CCertStore &rStore)
  838. {
  839. _TRACE (1, L"Entering CCertStore::operator == - %s\n",
  840. (LPCWSTR) m_pcszStoreName);
  841. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  842. CERTMGR_LOG_STORE == m_objecttype ||
  843. CERTMGR_PHYS_STORE == m_objecttype);
  844. BOOL bResult = FALSE;
  846. if ( GetStoreHandle () == rStore.GetStoreHandle () )
  847. bResult = TRUE;
  849. Close ();
  850. rStore.Close ();
  851. _TRACE (-1, L"Leaving CCertStore::operator == - %s\n",
  852. (LPCWSTR) m_pcszStoreName);
  853. return bResult;
  854. }
  856. CCertificate* CCertStore::GetSubjectCertificate(PCERT_INFO pCertId)
  857. {
  858. _TRACE (1, L"Entering CCertStore::GetSubjectCertificate - %s\n",
  859. (LPCWSTR) m_pcszStoreName);
  860. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  861. CERTMGR_LOG_STORE == m_objecttype ||
  862. CERTMGR_PHYS_STORE == m_objecttype);
  863. CCertificate* pCert = 0;
  865. HCERTSTORE hCertStore = GetStoreHandle ();
  866. if ( hCertStore )
  867. {
  868. PCCERT_CONTEXT pSignerCert =
  869. ::CertGetSubjectCertificateFromStore (
  870. hCertStore,
  871. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  872. pCertId);
  873. if ( pSignerCert )
  874. {
  875. pCert = new CCertificate (pSignerCert, this);
  876. }
  877. Close ();
  878. }
  880. _TRACE (-1, L"Leaving CCertStore::GetSubjectCertificate - %s\n",
  881. (LPCWSTR) m_pcszStoreName);
  882. return pCert;
  883. }
  885. PCCERT_CONTEXT CCertStore::EnumCertificates(PCCERT_CONTEXT pPrevCertContext)
  886. {
  887. // _TRACE (1, L"Entering CCertStore::EnumCertificates - %s\n",
  888. // (LPCWSTR) m_pcszStoreName);
  889. PCCERT_CONTEXT pCertContext = 0;
  891. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  892. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  893. CERTMGR_LOG_STORE == m_objecttype ||
  894. CERTMGR_PHYS_STORE == m_objecttype);
  895. HCERTSTORE hCertStore = GetStoreHandle ();
  896. if ( hCertStore )
  897. pCertContext = ::CertEnumCertificatesInStore (hCertStore, pPrevCertContext);
  900. m_fCertCountValid = false;
  902. // _TRACE (-1, L"Leaving CCertStore::EnumCertificates - %s\n",
  903. // (LPCWSTR) m_pcszStoreName);
  904. return pCertContext;
  905. }
  907. PCCTL_CONTEXT CCertStore::EnumCTLs(PCCTL_CONTEXT pPrevCtlContext)
  908. {
  909. _TRACE (1, L"Entering CCertStore::EnumCTLs - %s\n",
  910. (LPCWSTR) m_pcszStoreName);
  911. PCCTL_CONTEXT pCTLContext = 0;
  914. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  915. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  916. CERTMGR_LOG_STORE == m_objecttype ||
  917. CERTMGR_PHYS_STORE == m_objecttype);
  919. HCERTSTORE hCertStore = GetStoreHandle ();
  920. if ( hCertStore )
  921. pCTLContext = ::CertEnumCTLsInStore (hCertStore, pPrevCtlContext);
  923. _TRACE (-1, L"Leaving CCertStore::EnumCTLs - %s\n",
  924. (LPCWSTR) m_pcszStoreName);
  925. return pCTLContext;
  926. }
  928. PCCRL_CONTEXT CCertStore::EnumCRLs(PCCRL_CONTEXT pPrevCrlContext)
  929. {
  930. _TRACE (1, L"Entering CCertStore::EnumCRLs - %s\n",
  931. (LPCWSTR) m_pcszStoreName);
  932. PCCRL_CONTEXT pCRLContext = 0;
  934. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  935. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  936. CERTMGR_LOG_STORE == m_objecttype ||
  937. CERTMGR_PHYS_STORE == m_objecttype);
  938. HCERTSTORE hCertStore = GetStoreHandle ();
  939. if ( hCertStore )
  940. pCRLContext = ::CertEnumCRLsInStore (hCertStore, pPrevCrlContext);
  942. _TRACE (1, L"Entering CCertStore::EnumCRLs - %s\n",
  943. (LPCWSTR) m_pcszStoreName);
  944. return pCRLContext;
  945. }
  947. PCCERT_CONTEXT CCertStore::FindCertificate(
  948. DWORD dwFindFlags,
  949. DWORD dwFindType,
  950. const void * pvFindPara,
  951. PCCERT_CONTEXT pPrevCertContext)
  952. {
  953. _TRACE (1, L"Entering CCertStore::FindCertificate - %s\n",
  954. (LPCWSTR) m_pcszStoreName);
  955. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  956. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  957. CERTMGR_LOG_STORE == m_objecttype ||
  958. CERTMGR_PHYS_STORE == m_objecttype);
  959. PCCERT_CONTEXT pCertContext = 0;
  960. HCERTSTORE hCertStore = GetStoreHandle ();
  961. if ( hCertStore )
  962. pCertContext = ::CertFindCertificateInStore (hCertStore,
  963. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  964. dwFindFlags, dwFindType, pvFindPara, pPrevCertContext);
  966. _TRACE (-1, L"Leaving CCertStore::FindCertificate - %s\n",
  967. (LPCWSTR) m_pcszStoreName);
  968. return pCertContext;
  969. }
  972. void CCertStore::FinalCommit()
  973. {
  974. _TRACE (1, L"Entering CCertStore::FinalCommit - %s\n",
  975. (LPCWSTR) m_pcszStoreName);
  976. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  977. CERTMGR_LOG_STORE == m_objecttype ||
  978. CERTMGR_PHYS_STORE == m_objecttype);
  979. // Called only from destructor
  980. if ( m_hCertStore && m_bDirty )
  981. ::CertControlStore (m_hCertStore, 0, CERT_STORE_CTRL_COMMIT, NULL);
  982. _TRACE (-1, L"Leaving CCertStore::FinalCommit - %s\n",
  983. (LPCWSTR) m_pcszStoreName);
  984. }
  986. bool CCertStore::AddCTLContext(PCCTL_CONTEXT pCtlContext)
  987. {
  988. _TRACE (1, L"Entering CCertStore::AddCTLContext - %s\n",
  989. (LPCWSTR) m_pcszStoreName);
  990. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  991. CERTMGR_LOG_STORE == m_objecttype ||
  992. CERTMGR_PHYS_STORE == m_objecttype);
  993. BOOL bResult = FALSE;
  994. HCERTSTORE hCertStore = GetStoreHandle ();
  995. if ( hCertStore )
  996. {
  997. bResult = ::CertAddCTLContextToStore (hCertStore,
  998. pCtlContext,
  999. CERT_STORE_ADD_NEW,
  1000. 0);
  1001. Close ();
  1002. }
  1003. if ( bResult )
  1004. SetDirty ();
  1006. _TRACE (-1, L"Leaving CCertStore::AddCTLContext - %s\n",
  1007. (LPCWSTR) m_pcszStoreName);
  1008. return bResult ? true : false;
  1009. }
  1011. bool CCertStore::AddCRLContext(PCCRL_CONTEXT pCrlContext)
  1012. {
  1013. _TRACE (1, L"Entering CCertStore::AddCRLContext - %s\n",
  1014. (LPCWSTR) m_pcszStoreName);
  1015. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  1016. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  1017. CERTMGR_LOG_STORE == m_objecttype ||
  1018. CERTMGR_PHYS_STORE == m_objecttype);
  1019. BOOL bResult = FALSE;
  1020. HCERTSTORE hCertStore = GetStoreHandle ();
  1021. if ( hCertStore )
  1022. {
  1023. bResult = ::CertAddCRLContextToStore (hCertStore,
  1024. pCrlContext,
  1025. CERT_STORE_ADD_NEW,
  1026. 0);
  1027. Close ();
  1028. }
  1029. if ( bResult )
  1030. SetDirty ();
  1031. _TRACE (-1, L"Leaving CCertStore::AddCRLContext - %s\n",
  1032. (LPCWSTR) m_pcszStoreName);
  1033. return bResult ? true : false;
  1034. }
  1036. PCCRL_CONTEXT CCertStore::GetCRL(PCCERT_CONTEXT pIssuerContext, PCCRL_CONTEXT pPrevCrlContext, DWORD * pdwFlags)
  1037. {
  1038. _TRACE (1, L"Entering CCertStore::GetCRL - %s\n",
  1039. (LPCWSTR) m_pcszStoreName);
  1040. PCCRL_CONTEXT pCRLContext = 0;
  1042. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  1043. CERTMGR_LOG_STORE == m_objecttype ||
  1044. CERTMGR_PHYS_STORE == m_objecttype);
  1045. HCERTSTORE hCertStore = GetStoreHandle ();
  1046. if ( hCertStore )
  1047. {
  1048. pCRLContext = ::CertGetCRLFromStore (hCertStore, pIssuerContext,
  1049. pPrevCrlContext, pdwFlags);
  1050. Close ();
  1051. }
  1053. _TRACE (-1, L"Leaving CCertStore::GetCRL - %s\n",
  1054. (LPCWSTR) m_pcszStoreName);
  1055. return pCRLContext;
  1056. }
  1058. HRESULT CCertStore::Resync()
  1059. {
  1060. _TRACE (1, L"Entering CCertStore::Resync - %s\n",
  1061. (LPCWSTR) m_pcszStoreName);
  1062. HRESULT hr = S_OK;
  1064. // 256803 CertMgr: F5 refresh of Certificates Current User - Active
  1065. // Directory User Object, overwrites UserCerificate DS object resulting
  1066. // in data loss
  1067. // Close (true);
  1068. if ( (CERT_STORE_PROV_COLLECTION != m_storeProvider) &&
  1069. !m_bReadOnly &&
  1070. CERTMGR_LOG_STORE_RSOP != m_objecttype )
  1071. {
  1072. FinalCommit ();
  1073. }
  1075. HCERTSTORE hCertStore = GetStoreHandle (FALSE);
  1076. if ( hCertStore )
  1077. {
  1078. BOOL bResult = ::CertControlStore (hCertStore, 0,
  1079. CERT_STORE_CTRL_RESYNC, NULL);
  1080. if ( !bResult )
  1081. {
  1082. DWORD dwErr = GetLastError ();
  1083. ASSERT (ERROR_NOT_SUPPORTED == dwErr);
  1084. if ( ERROR_NOT_SUPPORTED != dwErr )
  1085. hr = HRESULT_FROM_WIN32 (dwErr);
  1086. }
  1087. }
  1088. m_fCertCountValid = false;
  1090. _TRACE (-1, L"Leaving CCertStore::Resync - %s\n",
  1091. (LPCWSTR) m_pcszStoreName);
  1092. return hr;
  1093. }
  1097. int CCertStore::GetCTLCount()
  1098. {
  1099. _TRACE (1, L"Entering CCertStore::GetCTLCount - %s\n",
  1100. (LPCWSTR) m_pcszStoreName);
  1101. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  1102. CERTMGR_LOG_STORE == m_objecttype ||
  1103. CERTMGR_PHYS_STORE == m_objecttype ||
  1104. CERTMGR_LOG_STORE_RSOP == m_objecttype);
  1105. int nCTLCount = 0;
  1106. PCCTL_CONTEXT pCTLContext = 0;
  1109. while ( 1 )
  1110. {
  1111. pCTLContext = EnumCTLs (pCTLContext);
  1112. if ( pCTLContext )
  1113. nCTLCount++;
  1114. else
  1115. break;
  1116. }
  1118. _TRACE (-1, L"Leaving CCertStore::GetCTLCount - %s\n",
  1119. (LPCWSTR) m_pcszStoreName);
  1120. return nCTLCount;
  1121. }
  1123. HRESULT CCertStore::AddStoreToCollection(HCERTSTORE hSiblingStore, DWORD dwUpdateFlags, DWORD dwPriority)
  1124. {
  1125. _TRACE (1, L"Entering CCertStore::AddStoreToCollection - %s\n",
  1126. (LPCWSTR) m_pcszStoreName);
  1127. HRESULT hr = S_OK;
  1128. HCERTSTORE hCertStore = GetStoreHandle ();
  1129. if ( hCertStore && hSiblingStore)
  1130. {
  1131. BOOL bResult = ::CertAddStoreToCollection (hCertStore,
  1132. hSiblingStore,
  1133. dwUpdateFlags,
  1134. dwPriority);
  1135. if ( bResult )
  1136. SetDirty ();
  1137. else
  1138. {
  1139. DWORD dwErr = GetLastError ();
  1140. ASSERT (ERROR_NOT_SUPPORTED == dwErr);
  1141. if ( ERROR_NOT_SUPPORTED != dwErr )
  1142. hr = HRESULT_FROM_WIN32 (dwErr);
  1143. }
  1144. }
  1145. else
  1146. hr = E_FAIL;
  1148. Close ();
  1149. _TRACE (-1, L"Leaving CCertStore::AddStoreToCollection - %s\n",
  1150. (LPCWSTR) m_pcszStoreName);
  1151. return hr;
  1152. }
  1154. HRESULT CCertStore::AddStoreToCollection(CCertStore& siblingStore, DWORD dwUpdateFlags, DWORD dwPriority)
  1155. {
  1156. _TRACE (1, L"Entering CCertStore::AddStoreToCollection - %s\n",
  1157. (LPCWSTR) m_pcszStoreName);
  1158. HRESULT hr = S_OK;
  1159. HCERTSTORE hSiblingStore = siblingStore.GetStoreHandle ();
  1160. if ( hSiblingStore)
  1161. {
  1162. hr = AddStoreToCollection (hSiblingStore, dwUpdateFlags, dwPriority);
  1163. }
  1164. else
  1165. hr = E_FAIL;
  1167. _TRACE (-1, L"Leaving CCertStore::AddStoreToCollection - %s\n",
  1168. (LPCWSTR) m_pcszStoreName);
  1169. return hr;
  1170. }
  1172. void CCertStore::SetDirty()
  1173. {
  1174. _TRACE (1, L"Entering CCertStore::SetDirty - %s\n",
  1175. (LPCWSTR) m_pcszStoreName);
  1176. m_bDirty = true;
  1177. _TRACE (-1, L"Leaving CCertStore::SetDirty - %s\n",
  1178. (LPCWSTR) m_pcszStoreName);
  1179. }
  1181. void CCertStore::Close(bool bForceClose)
  1182. {
  1183. // _TRACE (1, L"Entering CCertStore::Close - %s\n",
  1184. // (LPCWSTR) m_pcszStoreName);
  1185. ASSERT (CERTMGR_LOG_STORE_GPE == m_objecttype ||
  1186. CERTMGR_LOG_STORE_RSOP == m_objecttype ||
  1187. CERTMGR_LOG_STORE == m_objecttype ||
  1188. CERTMGR_PHYS_STORE == m_objecttype);
  1189. if ( CERTMGR_LOG_STORE_GPE == m_objecttype || bForceClose )
  1190. {
  1191. if ( m_hCertStore && m_nLockCnt <= 0 )
  1192. {
  1193. if ( (CERT_STORE_PROV_COLLECTION != m_storeProvider) &&
  1194. !m_bReadOnly &&
  1195. CERTMGR_LOG_STORE_RSOP != m_objecttype )
  1196. {
  1197. FinalCommit ();
  1198. }
  1199. ::CertCloseStore (m_hCertStore, 0);
  1200. _TRACE (-1, L"Leaving%s store closed\n", (LPCWSTR) m_pcszStoreName);
  1201. m_hCertStore = 0;
  1202. m_bDirty = false;
  1203. }
  1204. }
  1205. // _TRACE (-1, L"Leaving CCertStore::Close - %s\n",
  1206. // (LPCWSTR) m_pcszStoreName);
  1207. }
  1209. BOOL CCertStore::AddEncodedCTL(DWORD dwMsgAndCertEncodingType, const BYTE *pbCtlEncoded, DWORD cbCtlEncoded, DWORD dwAddDisposition, PCCTL_CONTEXT *ppCtlContext)
  1210. {
  1211. BOOL bResult = FALSE;
  1213. HCERTSTORE hCertStore = GetStoreHandle ();
  1214. if ( hCertStore )
  1215. {
  1216. bResult = ::CertAddEncodedCTLToStore (hCertStore,
  1217. dwMsgAndCertEncodingType,
  1218. pbCtlEncoded,
  1219. cbCtlEncoded,
  1220. dwAddDisposition, ppCtlContext);
  1221. if ( bResult )
  1222. {
  1223. m_bDirty = true;
  1224. Commit ();
  1225. }
  1226. Close ();
  1227. }
  1229. return bResult;
  1230. }
  1232. void CCertStore::InvalidateCertCount()
  1233. {
  1234. m_fCertCountValid = false;
  1235. }
  1237. void CCertStore::Lock()
  1238. {
  1239. m_nLockCnt++;
  1240. }
  1242. void CCertStore::Unlock()
  1243. {
  1244. ASSERT (m_nLockCnt > 0);
  1245. m_nLockCnt--;
  1246. }
  1248. ///////////////////////////////////////////////////////////////////////////////
  1249. ///////////////////////////////////////////////////////////////////////////////
  1250. CContainerCookie::CContainerCookie (CCertStore& rStore,
  1251. CertificateManagerObjectType objectType,
  1252. LPCWSTR lpcszMachineName,
  1253. LPCWSTR objectName)
  1254. : CCertMgrCookie (objectType, lpcszMachineName, objectName),
  1255. m_rCertStore (rStore)
  1256. {
  1257. m_rCertStore.AddRef ();
  1258. ASSERT (CERTMGR_CRL_CONTAINER == m_objecttype ||
  1259. CERTMGR_CTL_CONTAINER == m_objecttype ||
  1260. CERTMGR_CERT_CONTAINER == m_objecttype);
  1261. }
  1264. CContainerCookie::~CContainerCookie ()
  1265. {
  1266. ASSERT (CERTMGR_CRL_CONTAINER == m_objecttype ||
  1267. CERTMGR_CTL_CONTAINER == m_objecttype ||
  1268. CERTMGR_CERT_CONTAINER == m_objecttype);
  1269. m_rCertStore.Release ();
  1270. }
  1273. CCertStore& CContainerCookie::GetCertStore () const
  1274. {
  1275. ASSERT (CERTMGR_CRL_CONTAINER == m_objecttype ||
  1276. CERTMGR_CTL_CONTAINER == m_objecttype ||
  1277. CERTMGR_CERT_CONTAINER == m_objecttype);
  1278. return m_rCertStore;
  1279. }
  1282. HRESULT CContainerCookie::Commit()
  1283. {
  1284. ASSERT (CERTMGR_CRL_CONTAINER == m_objecttype ||
  1285. CERTMGR_CTL_CONTAINER == m_objecttype ||
  1286. CERTMGR_CERT_CONTAINER == m_objecttype);
  1287. CCertMgrCookie::Commit ();
  1289. return m_rCertStore.Commit ();
  1290. }
  1294. ///////////////////////////////////////////////////////////////////////////////
  1295. ///////////////////////////////////////////////////////////////////////////////
  1296. CUsageCookie::CUsageCookie (
  1297. CertificateManagerObjectType objecttype,
  1298. LPCWSTR lpcszMachineName,
  1299. LPCWSTR objectName)
  1300. : CCertMgrCookie (objecttype, lpcszMachineName, objectName),
  1301. m_OIDListPos (0),
  1302. m_nCertCount (0)
  1303. {
  1304. ASSERT (CERTMGR_USAGE == m_objecttype);
  1305. }
  1307. CUsageCookie::~CUsageCookie ()
  1308. {
  1309. ASSERT (CERTMGR_USAGE == m_objecttype);
  1310. LPSTR pszOID = 0;
  1311. while ( !m_OIDList.IsEmpty () )
  1312. {
  1313. pszOID = m_OIDList.RemoveHead ();
  1314. ASSERT (pszOID);
  1315. if ( pszOID )
  1316. delete [] pszOID;
  1317. }
  1318. }
  1320. void CUsageCookie::AddOID (LPCSTR pszNewOID)
  1321. {
  1322. ASSERT (pszNewOID);
  1323. if ( !pszNewOID )
  1324. return;
  1326. ASSERT (CERTMGR_USAGE == m_objecttype);
  1327. // security review 2/27/2002 BryanWal ok - the OID comes from CryptoAPI
  1328. size_t cchNewOID = strlen (pszNewOID);
  1329. LPSTR pszOID = new char[cchNewOID+1];
  1330. if ( pszOID )
  1331. {
  1332. // security review 2/27/2002 BryanWal ok
  1333. ::ZeroMemory (pszOID, cchNewOID + 1);
  1334. // security review 2/27/2002 BryanWal
  1335. strcpy (pszOID, pszNewOID);
  1336. m_OIDList.AddTail (pszOID);
  1337. }
  1338. }
  1340. LPSTR CUsageCookie::GetFirstOID ()
  1341. {
  1342. ASSERT (CERTMGR_USAGE == m_objecttype);
  1343. LPSTR pszOID = 0;
  1345. m_OIDListPos = m_OIDList.GetHeadPosition ();
  1346. if ( m_OIDListPos )
  1347. pszOID = m_OIDList.GetNext (m_OIDListPos);
  1349. return pszOID;
  1350. }
  1352. LPSTR CUsageCookie::GetNextOID ()
  1353. {
  1354. ASSERT (CERTMGR_USAGE == m_objecttype);
  1355. LPSTR pszOID = 0;
  1357. if ( m_OIDListPos )
  1358. pszOID = m_OIDList.GetNext (m_OIDListPos);
  1360. return pszOID;
  1361. }
  1363. int CUsageCookie::GetOIDCount () const
  1364. {
  1365. ASSERT (CERTMGR_USAGE == m_objecttype);
  1366. return (int)m_OIDList.GetCount ();
  1367. }
  1369. void CUsageCookie::SetCertCount(int nCertCount)
  1370. {
  1371. m_nCertCount = nCertCount;
  1372. }
  1374. int CUsageCookie::GetCertCount() const
  1375. {
  1376. return m_nCertCount;
  1377. }
  1379. ///////////////////////////////////////////////////////////////////////////////
  1380. ///////////////////////////////////////////////////////////////////////////////
  1381. SPECIAL_STORE_TYPE GetSpecialStoreType (PCWSTR pwszStoreName)
  1382. {
  1383. ASSERT (pwszStoreName);
  1384. if ( !pwszStoreName )
  1385. return NO_SPECIAL_TYPE;
  1387. SPECIAL_STORE_TYPE storeType = NO_SPECIAL_TYPE;
  1389. // security review 2/27/2002 BryanWal ok
  1390. if ( !_wcsicmp (pwszStoreName, MY_SYSTEM_STORE_NAME) )
  1391. storeType = MY_STORE;
  1392. else if ( !_wcsicmp (pwszStoreName, CA_SYSTEM_STORE_NAME) )
  1393. storeType = CA_STORE;
  1394. else if ( !_wcsicmp (pwszStoreName, ROOT_SYSTEM_STORE_NAME) )
  1395. storeType = ROOT_STORE;
  1396. else if ( !_wcsicmp (pwszStoreName, TRUST_SYSTEM_STORE_NAME) )
  1397. storeType = TRUST_STORE;
  1398. else if ( !_wcsicmp (pwszStoreName, USERDS_SYSTEM_STORE_NAME) )
  1399. storeType = USERDS_STORE;
  1400. else if ( !_wcsicmp (pwszStoreName, ACRS_SYSTEM_STORE_NAME) )
  1401. storeType = ACRS_STORE;
  1402. else if ( !_wcsicmp (pwszStoreName, REQUEST_SYSTEM_STORE_NAME) )
  1403. storeType = REQUEST_STORE;
  1404. else
  1405. {
  1406. // The stores might be concatenated with machine or services names.
  1407. // Check for the token preceded by a slash.
  1408. CString revStoreName (pwszStoreName);
  1409. revStoreName.MakeReverse ();
  1410. revStoreName.MakeUpper ();
  1411. CString revToken (MY_SYSTEM_STORE_NAME);
  1412. revToken.MakeReverse ();
  1413. revToken += L"\\";
  1415. if ( 0 == revStoreName.Find (revToken) )
  1416. {
  1417. storeType = MY_STORE;
  1418. goto Found;
  1419. }
  1421. revToken = CA_SYSTEM_STORE_NAME;
  1422. revToken.MakeReverse ();
  1423. revToken += L"\\";
  1424. if ( 0 == revStoreName.Find (revToken) )
  1425. {
  1426. storeType = CA_STORE;
  1427. goto Found;
  1428. }
  1430. revToken = ROOT_SYSTEM_STORE_NAME;
  1431. revToken.MakeReverse ();
  1432. revToken += L"\\";
  1433. if ( 0 == revStoreName.Find (revToken) )
  1434. {
  1435. storeType = ROOT_STORE;
  1436. goto Found;
  1437. }
  1439. revToken = TRUST_SYSTEM_STORE_NAME;
  1440. revToken.MakeReverse ();
  1441. revToken += L"\\";
  1442. if ( 0 == revStoreName.Find (revToken) )
  1443. {
  1444. storeType = TRUST_STORE;
  1445. goto Found;
  1446. }
  1448. revToken = USERDS_SYSTEM_STORE_NAME;
  1449. revToken.MakeReverse ();
  1450. revToken += L"\\";
  1451. if ( 0 == revStoreName.Find (revToken) )
  1452. {
  1453. storeType = USERDS_STORE;
  1454. goto Found;
  1455. }
  1457. revToken = ACRS_SYSTEM_STORE_NAME;
  1458. revToken.MakeReverse ();
  1459. revToken += L"\\";
  1460. if ( 0 == revStoreName.Find (revToken) )
  1461. {
  1462. storeType = ACRS_STORE;
  1463. goto Found;
  1464. }
  1466. revToken = REQUEST_SYSTEM_STORE_NAME;
  1467. revToken.MakeReverse ();
  1468. revToken += L"\\";
  1469. if ( 0 == revStoreName.Find (revToken) )
  1470. {
  1471. storeType = REQUEST_STORE;
  1472. goto Found;
  1473. }
  1474. }
  1476. Found:
  1478. return storeType;
  1479. }
  1481. ///////////////////////////////////////////////////////////////////////////////
  1482. ///////////////////////////////////////////////////////////////////////////////
  1483. CEnrollmentNodeCookie::CEnrollmentNodeCookie (
  1484. CertificateManagerObjectType objecttype,
  1485. LPCWSTR objectName,
  1486. IGPEInformation* pGPEInformation)
  1487. : CCertMgrCookie (objecttype, 0, objectName),
  1488. m_pGPEInformation (pGPEInformation)
  1489. {
  1490. if ( m_pGPEInformation )
  1491. m_pGPEInformation->AddRef ();
  1492. }
  1494. CEnrollmentNodeCookie::~CEnrollmentNodeCookie ()
  1495. {
  1496. if ( m_pGPEInformation )
  1497. m_pGPEInformation->Release ();
  1498. }
  1500. IGPEInformation* CEnrollmentNodeCookie::GetGPEInformation ()
  1501. {
  1502. return m_pGPEInformation;
  1503. }
  1505. void CCertMgrCookie::Refresh()
  1506. {
  1508. }
  1511. SPECIAL_STORE_TYPE StoreNameToType (const CString& szStoreName)
  1512. {
  1513. SPECIAL_STORE_TYPE type = NO_SPECIAL_TYPE;
  1515. if ( szStoreName == ACRS_SYSTEM_STORE_NAME )
  1516. type = ACRS_STORE;
  1517. else if ( szStoreName == ROOT_SYSTEM_STORE_NAME )
  1518. type = ROOT_STORE;
  1519. else if ( szStoreName == TRUST_SYSTEM_STORE_NAME )
  1520. type = TRUST_STORE;
  1521. else if ( szStoreName == EFS_SYSTEM_STORE_NAME )
  1522. type = EFS_STORE;
  1523. else if ( szStoreName == SAFER_TRUSTED_PUBLISHER_STORE_NAME )
  1524. type = SAFER_TRUSTED_PUBLISHER_STORE;
  1525. else if ( szStoreName == SAFER_DISALLOWED_STORE_NAME )
  1526. type = SAFER_DISALLOWED_STORE;
  1528. return type;
  1529. }