archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/cryptoapi/pki/activex/capicom/extendedkeyusage.cpp

480 lines
11 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  3. Microsoft Windows, Copyright (C) Microsoft Corporation, 2000
  5. File: ExtendedKeyUsage.cpp
  7. Content: Implementation of CExtendedKeyUsage.
  9. History: 11-15-99 dsie created
  11. ------------------------------------------------------------------------------*/
  13. #include "StdAfx.h"
  14. #include "CAPICOM.h"
  15. #include "ExtendedKeyUsage.h"
  16. #include "CertHlpr.h"
  18. ////////////////////////////////////////////////////////////////////////////////
  19. //
  20. // Exported functions.
  21. //
  23. /*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  25. Function : CreateExtendedKeyUsageObject
  27. Synopsis : Create an IExtendedKeyUsage object and populate the object
  28. with EKU data from the certificate.
  30. Parameter: PCCERT_CONTEXT pCertContext - Pointer to CERT_CONTEXT.
  32. IExtendedKeyUsage ** ppIExtendedKeyUsage - Pointer to pointer to
  33. IExtendedKeyUsage
  34. object.
  36. Remark :
  38. ------------------------------------------------------------------------------*/
  40. HRESULT CreateExtendedKeyUsageObject (PCCERT_CONTEXT pCertContext,
  41. IExtendedKeyUsage ** ppIExtendedKeyUsage)
  42. {
  43. HRESULT hr = S_OK;
  44. CComObject<CExtendedKeyUsage> * pCExtendedKeyUsage = NULL;
  46. DebugTrace("Entering CreateExtendedKeyUsageObject().\n");
  48. //
  49. // Sanity check.
  50. //
  51. ATLASSERT(pCertContext);
  52. ATLASSERT(ppIExtendedKeyUsage);
  54. try
  55. {
  56. //
  57. // Create the object. Note that the ref count will still be 0
  58. // after the object is created.
  59. //
  60. if (FAILED(hr = CComObject<CExtendedKeyUsage>::CreateInstance(&pCExtendedKeyUsage)))
  61. {
  62. DebugTrace("Error [%#x]: CComObject<CExtendedKeyUsage>::CreateInstance() failed.\n", hr);
  63. goto ErrorExit;
  64. }
  66. //
  67. // Initialize object.
  68. //
  69. if (FAILED(hr = pCExtendedKeyUsage->Init(pCertContext)))
  70. {
  71. DebugTrace("Error [%#x]: pCExtendedKeyUsage->Init() failed.\n", hr);
  72. goto ErrorExit;
  73. }
  75. //
  76. // Return interface pointer to caller.
  77. //
  78. if (FAILED(hr = pCExtendedKeyUsage->QueryInterface(ppIExtendedKeyUsage)))
  79. {
  80. DebugTrace("Error [%#x]: pCExtendedKeyUsage->QueryInterface() failed.\n", hr);
  81. goto ErrorExit;
  82. }
  83. }
  85. catch(...)
  86. {
  87. hr = E_POINTER;
  89. DebugTrace("Exception: invalid parameter.\n");
  90. goto ErrorExit;
  91. }
  93. CommonExit:
  95. DebugTrace("Leaving CreateExtendedKeyUsageObject().\n");
  97. return hr;
  99. ErrorExit:
  100. //
  101. // Sanity check.
  102. //
  103. ATLASSERT(FAILED(hr));
  105. if (pCExtendedKeyUsage)
  106. {
  107. delete pCExtendedKeyUsage;
  108. }
  110. goto CommonExit;
  111. }
  114. ////////////////////////////////////////////////////////////////////////////////
  115. //
  116. // CExtendedKeyUsage
  117. //
  119. /*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  121. Function : CExtendedKeyUsage::get_IsPresent
  123. Synopsis : Check to see if the EKU extension is present.
  125. Parameter: VARIANT_BOOL * pVal - Pointer to VARIANT_BOOL to receive result.
  127. Remark : Note that this function may return VARIANT_TRUE even if there is
  128. no EKU extension found in the certificate, because CAPI will
  129. take intersection of EKU with EKU extended property (i.e. no
  130. EKU extension, but there is EKU extended property.)
  132. ------------------------------------------------------------------------------*/
  134. STDMETHODIMP CExtendedKeyUsage::get_IsPresent (VARIANT_BOOL * pVal)
  135. {
  136. HRESULT hr = S_OK;
  138. DebugTrace("Entering CExtendedKeyUsage::get_IsPresent().\n");
  140. try
  141. {
  142. //
  143. // Lock access to this object.
  144. //
  145. m_Lock.Lock();
  147. //
  148. // Check parameters.
  149. //
  150. if (NULL == pVal)
  151. {
  152. hr = E_INVALIDARG;
  154. DebugTrace("Error [%#x]: Parameter pVal is NULL.\n", hr);
  155. goto ErrorExit;
  156. }
  158. //
  159. // Return result.
  160. //
  161. *pVal = m_bIsPresent;
  162. }
  164. catch(...)
  165. {
  166. hr = E_POINTER;
  168. DebugTrace("Exception: invalid parameter.\n");
  169. goto ErrorExit;
  170. }
  172. UnlockExit:
  173. //
  174. // Unlock access to this object.
  175. //
  176. m_Lock.Unlock();
  178. DebugTrace("Leaving CExtendedKeyUsage::get_IsPresent().\n");
  180. return hr;
  182. ErrorExit:
  183. //
  184. // Sanity check.
  185. //
  186. ATLASSERT(FAILED(hr));
  188. ReportError(hr);
  190. goto UnlockExit;
  191. }
  193. /*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  195. Function : CExtendedKeyUsage::get_IsCritical
  197. Synopsis : Check to see if the EKU extension is marked critical.
  199. Parameter: VARIANT_BOOL * pVal - Pointer to VARIANT_BOOL to receive result.
  201. Remark :
  203. ------------------------------------------------------------------------------*/
  205. STDMETHODIMP CExtendedKeyUsage::get_IsCritical (VARIANT_BOOL * pVal)
  206. {
  207. HRESULT hr = S_OK;
  209. DebugTrace("Entering CExtendedKeyUsage::get_IsCritical().\n");
  211. try
  212. {
  213. //
  214. // Lock access to this object.
  215. //
  216. m_Lock.Lock();
  218. //
  219. // Check parameters.
  220. //
  221. if (NULL == pVal)
  222. {
  223. hr = E_INVALIDARG;
  225. DebugTrace("Error [%#x]: Parameter pVal is NULL.\n", hr);
  226. goto ErrorExit;
  227. }
  229. //
  230. // Return result.
  231. //
  232. *pVal = m_bIsCritical;
  233. }
  235. catch(...)
  236. {
  237. hr = E_POINTER;
  239. DebugTrace("Exception: invalid parameter.\n");
  240. goto ErrorExit;
  241. }
  243. UnlockExit:
  244. //
  245. // Unlock access to this object.
  246. //
  247. m_Lock.Unlock();
  249. DebugTrace("Leaving CExtendedKeyUsage::get_IsCritical().\n");
  251. return hr;
  253. ErrorExit:
  254. //
  255. // Sanity check.
  256. //
  257. ATLASSERT(FAILED(hr));
  259. ReportError(hr);
  261. goto UnlockExit;
  262. }
  264. /*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  266. Function : CExtendedKeyUsage::get_EKUs
  268. Synopsis : Return an EKUs collection object representing all EKUs in the
  269. certificate.
  271. Parameter: IEKUs ** pVal - Pointer to pointer to IEKUs to receive the
  272. interface pointer.
  274. Remark :
  276. ------------------------------------------------------------------------------*/
  278. STDMETHODIMP CExtendedKeyUsage::get_EKUs (IEKUs ** pVal)
  279. {
  280. HRESULT hr = S_OK;
  282. DebugTrace("Entering CExtendedKeyUsage::get_EKUs().\n");
  284. try
  285. {
  286. //
  287. // Lock access to this object.
  288. //
  289. m_Lock.Lock();
  291. //
  292. // Check parameters.
  293. //
  294. if (NULL == pVal)
  295. {
  296. hr = E_INVALIDARG;
  298. DebugTrace("Error [%#x]: Parameter pVal is NULL.\n", hr);
  299. goto ErrorExit;
  300. }
  302. //
  303. // Sanity check.
  304. //
  305. ATLASSERT(m_pIEKUs);
  307. //
  308. // Return interface pointer to user.
  309. //
  310. if (FAILED(hr = m_pIEKUs->QueryInterface(pVal)))
  311. {
  312. DebugTrace("Error [%#x]: m_pIEKUs->QueryInterface() failed.\n", hr);
  313. goto ErrorExit;
  314. }
  315. }
  317. catch(...)
  318. {
  319. hr = E_POINTER;
  321. DebugTrace("Exception: invalid parameter.\n");
  322. goto ErrorExit;
  323. }
  325. UnlockExit:
  326. //
  327. // Unlock access to this object.
  328. //
  329. m_Lock.Unlock();
  331. DebugTrace("Leaving CExtendedKeyUsage::get_EKUs().\n");
  333. return hr;
  335. ErrorExit:
  336. //
  337. // Sanity check.
  338. //
  339. ATLASSERT(FAILED(hr));
  341. ReportError(hr);
  343. goto UnlockExit;
  344. }
  347. ////////////////////////////////////////////////////////////////////////////////
  348. //
  349. // Private methods.
  350. //
  352. /*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  354. Function : CExtendedKeyUsage::Init
  356. Synopsis : Initialize the object.
  358. Parameter: PCCERT_CONTEXT pCertContext - Pointer to CERT_CONTEXT.
  360. Remark : This method is not part of the COM interface (it is a normal C++
  361. member function). We need it to initialize the object created
  362. internally by us with CERT_CONTEXT.
  364. Since it is only a normal C++ member function, this function can
  365. only be called from a C++ class pointer, not an interface pointer.
  367. ------------------------------------------------------------------------------*/
  369. STDMETHODIMP CExtendedKeyUsage::Init (PCCERT_CONTEXT pCertContext)
  370. {
  371. HRESULT hr = S_OK;
  372. PCERT_ENHKEY_USAGE pUsage = NULL;
  373. VARIANT_BOOL bIsPresent = VARIANT_FALSE;
  374. VARIANT_BOOL bIsCritical = VARIANT_FALSE;
  376. CERT_EXTENSION * pCertExtension;
  378. DebugTrace("Entering CExtendedKeyUsage::Init().\n");
  380. //
  381. // Sanity check.
  382. //
  383. ATLASSERT(pCertContext);
  385. //
  386. // Get EKU usages (extension and property).
  387. //
  388. hr = ::GetEnhancedKeyUsage(pCertContext, 0, &pUsage);
  390. switch (hr)
  391. {
  392. case S_OK:
  393. {
  394. //
  395. // See if EKU present or not, if so, we mark it as PRESENT,
  396. // otherwise, we mark it as NOT PRESENT (which means
  397. // is valid for all usages).
  398. //
  399. if (0 != pUsage->cUsageIdentifier)
  400. {
  401. //
  402. // Mark as present.
  403. //
  404. bIsPresent = VARIANT_TRUE;
  405. }
  406. break;
  407. }
  409. case CERT_E_WRONG_USAGE:
  410. {
  411. //
  412. // No valid usage. So marked as PRESENT.
  413. //
  414. hr = S_OK;
  415. bIsPresent = VARIANT_TRUE;
  416. break;
  417. }
  419. default:
  420. {
  421. DebugTrace("Error [%#x]: GetEnhancedKeyUsage() failed.\n", hr);
  422. goto ErrorExit;
  423. break;
  424. }
  425. }
  427. //
  428. // Find the extension to see if mark critical.
  429. //
  430. if (pCertExtension = ::CertFindExtension(szOID_ENHANCED_KEY_USAGE ,
  431. pCertContext->pCertInfo->cExtension,
  432. pCertContext->pCertInfo->rgExtension))
  433. {
  434. //
  435. // Need to do this since CAPI takes the intersection of EKU with
  436. // EKU extended property, which means we may not have a EKU extension
  437. // in the cert at all.
  438. //
  439. if (pCertExtension->fCritical)
  440. {
  441. bIsCritical = VARIANT_TRUE;
  442. }
  443. }
  445. //
  446. // Create the EKUs collection object.
  447. //
  448. if (FAILED(hr = ::CreateEKUsObject(pUsage, &m_pIEKUs)))
  449. {
  450. DebugTrace("Error [%#x]: CreateEKUsObject() failed.\n", hr);
  451. goto CommonExit;
  452. }
  454. //
  455. // Update member variables.
  456. //
  457. m_bIsPresent = bIsPresent;
  458. m_bIsCritical = bIsCritical;
  460. CommonExit:
  461. //
  462. // Free resource.
  463. //
  464. if (pUsage)
  465. {
  466. ::CoTaskMemFree(pUsage);
  467. }
  469. DebugTrace("Leaving CExtendedKeyUsage::Init().\n");
  471. return hr;
  473. ErrorExit:
  474. //
  475. // Sanity check.
  476. //
  477. ATLASSERT(FAILED(hr));
  479. goto CommonExit;
  480. }