archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/admin/snapin/dsadmin/cert.cpp

303 lines
8.1 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 1997 - 2002
  6. //
  7. // File: cert.cpp
  8. //
  9. //--------------------------------------------------------------------------
  11. /////////////////////////////////////////////////////////////////////
  12. // Cert.cpp
  13. //
  14. // This file is the implementation of the CCertificate object.
  15. //
  16. // GLOSSARY
  17. // - BLOB Binary Large Object
  18. // - DER Distinguished Encoding Rules
  19. // - RDN Relative Distinguished Names
  20. //
  21. // HISTORY
  22. // 19-Jun-97 t-danm Creation.
  23. /////////////////////////////////////////////////////////////////////
  25. #include "stdafx.h"
  26. #include "common.h"
  27. #include "cert.h"
  30. /////////////////////////////////////////////////////////////////////
  31. CCertificate::CCertificate()
  32. {
  33. m_paCertContext = NULL;
  34. m_blobCertData.pbData = NULL;
  35. }
  37. CCertificate::~CCertificate()
  38. {
  39. // Free the certificate
  40. ::CertFreeCertificateContext(m_paCertContext);
  41. delete m_blobCertData.pbData;
  42. }
  45. void DisplaySystemError (HWND hParent, DWORD dwErr)
  46. {
  47. AFX_MANAGE_STATE (AfxGetStaticModuleState ());
  48. CThemeContextActivator activator;
  50. LPVOID lpMsgBuf = 0;
  52. FormatMessage (FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM,
  53. NULL,
  54. dwErr,
  55. MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
  56. (LPTSTR) &lpMsgBuf, 0, NULL);
  58. // Display the string.
  59. CString caption;
  60. //NTRAID#NTBUG9-571300-2002/03/10-jmessec LoadString can fail...
  61. VERIFY (caption.LoadString (IDS_ADD_CERTIFICATE_MAPPING));
  62. ::MessageBox (hParent, (LPWSTR) lpMsgBuf, (LPCTSTR) caption, MB_OK | MB_ICONINFORMATION);
  63. // Free the buffer.
  64. LocalFree (lpMsgBuf);
  65. }
  67. // This code copied from CertMgr project - LOCATE.C
  68. BOOL CCertificate::FLoadCertificate (LPCTSTR szFile)
  69. {
  70. CThemeContextActivator activator;
  72. ASSERT (szFile);
  73. if ( !szFile )
  74. return FALSE;
  76. BOOL bReturn = FALSE;
  77. PVOID FileNameVoidP = (PVOID) szFile;
  78. PCCERT_CONTEXT pCertContext = NULL;
  79. DWORD dwEncodingType = 0;
  80. DWORD dwContentType = 0;
  81. DWORD dwFormatType = 0;
  83. // NB. It's possible to read in a serialized store at this point, too.
  84. // We've have to add the UI to display the certs in the file so the
  85. // user could pick one. Use CryptUIDlgSelectCertificate ().
  86. bReturn = ::CryptQueryObject (
  87. CERT_QUERY_OBJECT_FILE,
  88. FileNameVoidP,
  89. CERT_QUERY_CONTENT_FLAG_ALL, //CERT_QUERY_CONTENT_CERT | CERT_QUERY_CONTENT_SERIALIZED_CERT,
  90. CERT_QUERY_FORMAT_FLAG_ALL,
  91. 0,
  92. &dwEncodingType,
  93. &dwContentType,
  94. &dwFormatType,
  95. NULL,
  96. NULL,
  97. (const void **)&pCertContext);
  99. ASSERT (bReturn);
  100. if ( bReturn )
  101. {
  102. //
  103. // Success. See what we get back.
  104. //
  106. if ( (dwContentType != CERT_QUERY_CONTENT_CERT) || !pCertContext )
  107. {
  108. //
  109. // Not a valid cert file.
  110. //
  111. if ( pCertContext )
  112. ::CertFreeCertificateContext (pCertContext);
  114. CString text;
  115. CString caption;
  117. VERIFY (text.LoadString (IDS_CERTFILEFORMATERR));
  118. VERIFY (caption.LoadString (IDS_ADD_CERTIFICATE_MAPPING));
  119. MessageBox (NULL, text, caption, MB_OK | MB_ICONINFORMATION);
  120. bReturn = FALSE;
  121. }
  122. else
  123. {
  124. // Cert context is valid - let's save it to the global handle
  125. m_paCertContext = pCertContext;
  126. }
  127. }
  128. else
  129. {
  130. DWORD dwErr = GetLastError ();
  132. DisplaySystemError (NULL, dwErr);
  133. }
  135. return bReturn;
  136. }
  139. /////////////////////////////////////////////////////////////////////
  140. // This routine is a wrapper to API ::CertNameToStr() automatically
  141. // calculating the length of the output string and returning the data
  142. // into the CString object.
  143. void CCertificate::CertNameToCString(
  144. IN DWORD dwCertEncodingType,
  145. IN CERT_NAME_BLOB * pName,
  146. OUT CString * pstrData)
  147. {
  148. ASSERT(pstrData != NULL);
  149. // Calculate how many characters are needed
  150. int cch = ::CertNameToStr(
  151. IN dwCertEncodingType,
  152. IN pName,
  153. IN c_dwCertNameStrType,
  154. NULL, 0);
  155. TCHAR * pchT = pstrData->GetBuffer(cch);
  156. ASSERT(pchT != NULL);
  157. ASSERT(lstrlen(pchT) == 0);
  158. (void)::CertNameToStr(
  159. IN dwCertEncodingType,
  160. IN pName,
  161. IN c_dwCertNameStrType,
  162. OUT pchT, IN cch);
  163. pstrData->ReleaseBuffer();
  164. } // CCertificate::CertNameToCString()
  167. /////////////////////////////////////////////////////////////////////
  168. void CCertificate::GetIssuer(OUT CString * pstrName)
  169. {
  170. ASSERT(pstrName != NULL);
  171. ASSERT(m_paCertContext != NULL);
  172. ASSERT(m_paCertContext->pCertInfo != NULL);
  174. CERT_INFO * pCertInfo = m_paCertContext->pCertInfo;
  176. BOOL fSelfIssued = CertCompareCertificateName(
  177. m_paCertContext->dwCertEncodingType,
  178. &pCertInfo->Subject,
  179. &pCertInfo->Issuer);
  180. if (fSelfIssued)
  181. {
  182. // Self issued certificate
  183. GetSubject(OUT pstrName);
  184. return;
  185. }
  186. // Get the issuer
  187. CertNameToCString(
  188. IN m_paCertContext->dwCertEncodingType,
  189. IN &pCertInfo->Issuer,
  190. OUT pstrName);
  191. } // CCertificate::GetIssuer()
  194. /////////////////////////////////////////////////////////////////////
  195. void CCertificate::GetSubject(OUT CString * pstrName)
  196. {
  197. ASSERT(pstrName != NULL);
  198. ASSERT(m_paCertContext != NULL);
  199. ASSERT(m_paCertContext->pCertInfo != NULL);
  201. CertNameToCString(
  202. IN m_paCertContext->dwCertEncodingType,
  203. IN &m_paCertContext->pCertInfo->Subject,
  204. OUT pstrName);
  205. } // CCertificate::GetSubject()
  208. /////////////////////////////////////////////////////////////////////
  209. void CCertificate::GetAltSubject(OUT CString * pstrName)
  210. {
  211. ASSERT(pstrName != NULL);
  212. ASSERT(m_paCertContext != NULL);
  213. ASSERT(m_paCertContext->pCertInfo != NULL);
  215. pstrName->Empty();
  216. CERT_INFO * pCertInfo = m_paCertContext->pCertInfo;
  217. CERT_EXTENSION * pCertExtension;
  219. // Search for the AltSubject in the extensions
  220. pCertExtension = ::CertFindExtension(
  221. IN szOID_SUBJECT_ALT_NAME, // Same as X509_ALTERNATE_NAME
  222. IN pCertInfo->cExtension,
  223. IN pCertInfo->rgExtension);
  224. if (pCertExtension == NULL)
  225. return; // No AltSubject
  227. DWORD dwErr = ERROR_SUCCESS;
  228. BOOL fSuccess;
  229. DWORD cbData = 0;
  230. // Find out how many bytes are needed for AltSubject
  231. fSuccess = ::CryptDecodeObject(
  232. m_paCertContext->dwCertEncodingType,
  233. X509_ALTERNATE_NAME,
  234. IN pCertExtension->Value.pbData,
  235. IN pCertExtension->Value.cbData,
  236. 0, // dwFlags
  237. NULL,
  238. INOUT &cbData);
  239. if (!fSuccess)
  240. {
  241. dwErr = ::GetLastError();
  242. TRACE1("CryptDecodeObject() returned error %u", dwErr);
  243. return;
  244. }
  245. ASSERT(cbData > 0);
  246. BYTE * pbDataT = new BYTE[cbData];
  248. // Decode the AltSubject name
  249. fSuccess = ::CryptDecodeObject(
  250. m_paCertContext->dwCertEncodingType,
  251. X509_ALTERNATE_NAME,
  252. IN pCertExtension->Value.pbData,
  253. IN pCertExtension->Value.cbData,
  254. 0, // dwFlags
  255. OUT pbDataT,
  256. INOUT &cbData);
  257. if (!fSuccess)
  258. {
  259. dwErr = ::GetLastError();
  260. TRACE1("CryptDecodeObject() returned error %u", dwErr);
  261. }
  262. else
  263. {
  264. CERT_ALT_NAME_INFO * pCertAltNameInfo = (CERT_ALT_NAME_INFO *)pbDataT;
  265. CERT_ALT_NAME_ENTRY * pEntry = pCertAltNameInfo->rgAltEntry;
  266. ASSERT(pEntry != NULL);
  267. for (UINT i = 0; i < pCertAltNameInfo->cAltEntry; i++, pEntry++)
  268. {
  269. if (pEntry->dwAltNameChoice == CERT_ALT_NAME_DNS_NAME)
  270. {
  271. *pstrName = pEntry->pwszDNSName;
  272. break;
  273. }
  275. } // for
  276. } // if...else
  277. delete [] pbDataT;
  278. } // CCertificate::GetAltSubject()
  280. /////////////////////////////////////////////////////////////////////
  281. void CCertificate::GetSimString(OUT CString * pstrData)
  282. {
  283. ASSERT(pstrData != NULL);
  285. CString strIssuer;
  286. CString strSubject;
  287. CString strAltSubject;
  288. GetIssuer(OUT &strIssuer);
  289. GetSubject(OUT &strSubject);
  290. GetAltSubject(OUT &strAltSubject);
  292. LPTSTR * pargzpszIssuer = ParseSimString(strIssuer);
  293. LPTSTR * pargzpszSubject = ParseSimString(strSubject);
  294. LPTSTR * pargzpszAltSubject = ParseSimString(strAltSubject);
  296. // Make a "X509" string
  297. UnsplitX509String(OUT pstrData, pargzpszIssuer, pargzpszSubject, pargzpszAltSubject);
  299. delete pargzpszIssuer;
  300. delete pargzpszSubject;
  301. delete pargzpszAltSubject;
  302. } // CCertificate::GetSimString()