archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/base/win32/fusion/tools/certinfo/certinfo.cpp

438 lines
12 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include "windows.h"
  2. #include "stdio.h"
  3. #include "wchar.h"
  4. #include "wincrypt.h"
  5. #include "stddef.h"
  7. #ifndef NUMBER_OF
  8. #define NUMBER_OF(x) (sizeof(x)/sizeof(*(x)))
  9. #endif
  11. static const WCHAR wchMicrosoftLogo[] =
  12. L"Microsoft (R) Side-By-Side Public Key Token Extractor 1.1.3.0\n"
  13. L"Copyright (C) Microsoft Corporation 2000-2002. All Rights Reserved\n\n";
  16. #define STRONG_NAME_BYTE_LENGTH ( 8 )
  18. typedef struct _SXS_PUBLIC_KEY_INFO
  19. {
  20. unsigned int SigAlgID;
  21. unsigned int HashAlgID;
  22. ULONG KeyLength;
  23. BYTE pbKeyInfo[1];
  24. } SXS_PUBLIC_KEY_INFO, *PSXS_PUBLIC_KEY_INFO;
  27. #define BUFFER_SIZE ( 8192 )
  29. BOOL
  30. ParseArgs( WCHAR **argv, int argc, PCWSTR* ppcwszFilename, BOOL *fQuiet )
  31. {
  32. if ( fQuiet )
  33. *fQuiet = FALSE;
  34. if ( ppcwszFilename )
  35. *ppcwszFilename = NULL;
  37. if (argv == NULL)
  38. return FALSE;
  40. if ( !fQuiet || !ppcwszFilename )
  41. {
  42. return FALSE;
  43. }
  45. for ( int i = 1; i < argc; i++ )
  46. {
  47. if (argv[i] == NULL)
  48. {
  49. ::fwprintf(stderr, L"Bad parameter in argument list\n");
  50. return FALSE;
  51. }
  53. if ( ( argv[i][0] == L'-' ) || ( argv[i][0] == L'/' ) )
  54. {
  55. PCWSTR pval = argv[i] + 1;
  56. if (::_wcsicmp(pval, L"nologo") == 0)
  57. {
  58. }
  59. else if (::_wcsicmp(pval, L"quiet") == 0)
  60. {
  61. if ( fQuiet ) *fQuiet = TRUE;
  62. }
  63. else if (::_wcsicmp(pval, L"?") == 0 )
  64. {
  65. return FALSE;
  66. }
  67. else
  68. {
  69. ::fwprintf(stderr, L"Unrecognized parameter %ls\n", argv[i]);
  70. return FALSE;
  71. }
  72. }
  73. else
  74. {
  75. if ( *ppcwszFilename == NULL )
  76. {
  77. *ppcwszFilename = argv[i];
  78. }
  79. else
  80. {
  81. ::fwprintf(stderr, L"Only one filename parameter at a time.\n");
  82. return FALSE;
  83. }
  84. }
  85. }
  87. return TRUE;
  88. }
  91. void DispUsage( PCWSTR pcwszExeName )
  92. {
  93. const static WCHAR wchUsage[] =
  94. L"Extracts public key tokens from certificate files, in a format\n"
  95. L"usable in Side-By-Side assembly identities.\n"
  96. L"\n"
  97. L"Usage:\n"
  98. L"\n"
  99. L"%ls <filename.cer> [-quiet]\n";
  101. ::wprintf(wchUsage, pcwszExeName);
  102. }
  104. BOOL
  105. HashAndSwizzleKey(
  106. HCRYPTPROV hProvider,
  107. BYTE *pbPublicKeyBlob,
  108. SIZE_T cbPublicKeyBlob,
  109. BYTE *pbKeyToken,
  110. SIZE_T &cbKeyToken
  111. )
  112. {
  113. BOOL fResult = FALSE;
  114. HCRYPTHASH hHash = NULL;
  115. DWORD dwHashSize, dwHashSizeSize;
  116. ULONG top = STRONG_NAME_BYTE_LENGTH - 1;
  117. ULONG bottom = 0;
  120. if (cbKeyToken < STRONG_NAME_BYTE_LENGTH) {
  121. return FALSE;
  122. }
  124. if ( !::CryptCreateHash( hProvider, CALG_SHA1, NULL, 0, &hHash ) )
  125. {
  126. ::fwprintf(stderr, L"Unable to create cryptological hash object, error %ld\n", ::GetLastError());
  127. goto Exit;
  128. }
  130. if ( !::CryptHashData( hHash, pbPublicKeyBlob, static_cast<DWORD>(cbPublicKeyBlob), 0 ) )
  131. {
  132. ::fwprintf(stderr, L"Unable to hash public key information, error %ld\n", ::GetLastError());
  133. goto Exit;
  134. }
  136. if ( !::CryptGetHashParam( hHash, HP_HASHSIZE, (PBYTE)&dwHashSize, &(dwHashSizeSize = sizeof(dwHashSize)), 0))
  137. {
  138. ::fwprintf(stderr, L"Unable to determine size of hashed public key bits, error %ld\n", ::GetLastError());
  139. goto Exit;
  140. }
  142. if ( dwHashSize > cbKeyToken )
  143. {
  144. ::fwprintf(stderr, L"Hashed data is too large - space for %ld bytes, got %ld.\n",
  145. cbKeyToken, dwHashSize);
  146. goto Exit;
  147. }
  149. if ( !::CryptGetHashParam( hHash, HP_HASHVAL, pbKeyToken, &(dwHashSize = (DWORD)cbKeyToken), 0))
  150. {
  151. ::fwprintf(stderr, L"Unable to get hash of public key bits, error %ld\n", ::GetLastError());
  152. goto Exit;
  153. }
  155. cbKeyToken = dwHashSize;
  157. if (cbKeyToken < STRONG_NAME_BYTE_LENGTH)
  158. {
  159. ::fwprintf(stderr, L"Internal error - length of hash object (%d) is less than strong name length (%d)\n",
  160. cbKeyToken,
  161. STRONG_NAME_BYTE_LENGTH);
  162. goto Exit;
  163. }
  165. //
  166. // Now, move down the last eight bytes, then reverse them.
  167. //
  168. ::memmove(pbKeyToken,
  169. pbKeyToken + (cbKeyToken - STRONG_NAME_BYTE_LENGTH),
  170. STRONG_NAME_BYTE_LENGTH);
  172. while ( bottom < top )
  173. {
  174. const BYTE b = pbKeyToken[top];
  175. pbKeyToken[top] = pbKeyToken[bottom];
  176. pbKeyToken[bottom] = b;
  177. bottom++;
  178. top--;
  179. }
  181. //
  182. // The tokens are always this long.
  183. //
  184. cbKeyToken = STRONG_NAME_BYTE_LENGTH;
  186. fResult = TRUE;
  187. Exit:
  188. if ( hHash != NULL )
  189. {
  190. ::CryptDestroyHash(hHash);
  191. hHash = NULL;
  192. }
  193. return fResult;
  194. }
  197. BOOL
  198. GetTokenOfKey(
  199. PCERT_PUBLIC_KEY_INFO pKeyInfo,
  200. PBYTE prgbBuffer,
  201. SIZE_T &cbPublicKeyTokenLength
  202. )
  203. {
  204. PBYTE rgbWorkingSpace = NULL;
  205. DWORD dwRequiredSpace = 0;
  206. PSXS_PUBLIC_KEY_INFO pKeyBlobWorkspace = NULL;
  207. HCRYPTPROV hContext = NULL;
  208. HCRYPTKEY hCryptKey = NULL;
  209. BOOL fResult = FALSE;
  211. if ( !CryptAcquireContext(&hContext, NULL, NULL, PROV_RSA_FULL, CRYPT_SILENT | CRYPT_VERIFYCONTEXT))
  212. {
  213. ::fwprintf(stderr, L"Unable to aquire cryptological context, error %ld.\n", ::GetLastError());
  214. goto Exit;
  215. }
  217. ::ZeroMemory(prgbBuffer, cbPublicKeyTokenLength);
  219. //
  220. // Set up the public key info blob for hashing. Import the key to a real
  221. // HCRYPTKEY, then export the bits back out to a buffer. Set up the various
  222. // other settings in the blob as well, the type of key and the alg. used to
  223. // sign it.
  224. //
  225. if ( !::CryptImportPublicKeyInfoEx(
  226. hContext,
  227. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  228. pKeyInfo,
  229. CALG_RSA_SIGN,
  230. 0,
  231. NULL,
  232. &hCryptKey) )
  233. {
  234. ::fwprintf(stderr, L"Unable to import the public key from this certificate. Error %ld.\n", ::GetLastError());
  235. goto Exit;
  236. }
  238. if (!::CryptExportKey(hCryptKey, NULL, PUBLICKEYBLOB, 0, NULL, &dwRequiredSpace))
  239. {
  240. ::fwprintf(stderr, L"Unable to get required space for exporting public key data\n");
  241. goto Exit;
  242. }
  244. dwRequiredSpace += sizeof(SXS_PUBLIC_KEY_INFO);
  245. rgbWorkingSpace = (PBYTE)HeapAlloc(GetProcessHeap(), 0, dwRequiredSpace);
  246. if (rgbWorkingSpace == NULL)
  247. {
  248. ::fwprintf(stderr, L"Not enough memory to export public key data\n");
  249. goto Exit;
  250. }
  252. pKeyBlobWorkspace = reinterpret_cast<PSXS_PUBLIC_KEY_INFO>(rgbWorkingSpace);
  253. pKeyBlobWorkspace->KeyLength = dwRequiredSpace - offsetof(SXS_PUBLIC_KEY_INFO, pbKeyInfo);
  255. if ( !::CryptExportKey(
  256. hCryptKey,
  257. NULL,
  258. PUBLICKEYBLOB,
  259. 0,
  260. pKeyBlobWorkspace->pbKeyInfo,
  261. &pKeyBlobWorkspace->KeyLength) )
  262. {
  263. ::fwprintf(stderr, L"Unable to extract public key bits from this certificate. Error %ld.\n", ::GetLastError());
  264. goto Exit;
  265. }
  267. pKeyBlobWorkspace->SigAlgID = CALG_RSA_SIGN;
  268. pKeyBlobWorkspace->HashAlgID = CALG_SHA1;
  270. //
  271. // We now need to hash the public key bytes with SHA1.
  272. //
  273. dwRequiredSpace = pKeyBlobWorkspace->KeyLength + offsetof(SXS_PUBLIC_KEY_INFO, pbKeyInfo);
  274. if (!::HashAndSwizzleKey(
  275. hContext,
  276. (PBYTE)pKeyBlobWorkspace,
  277. dwRequiredSpace,
  278. prgbBuffer,
  279. cbPublicKeyTokenLength))
  280. {
  281. goto Exit;
  282. }
  284. fResult = TRUE;
  285. Exit:
  286. if ( hCryptKey != NULL )
  287. {
  288. ::CryptDestroyKey(hCryptKey);
  289. hCryptKey = NULL;
  290. }
  291. if (rgbWorkingSpace != NULL)
  292. {
  293. ::HeapFree(GetProcessHeap(), 0, rgbWorkingSpace);
  294. rgbWorkingSpace = NULL;
  295. }
  296. if ( hContext != NULL )
  297. {
  298. ::CryptReleaseContext(hContext, 0);
  299. hContext = NULL;
  300. }
  302. return fResult;
  304. }
  307. int __cdecl wmain( int argc, WCHAR *argv[] )
  308. {
  309. HCERTSTORE hCertStore = NULL;
  310. PCCERT_CONTEXT pCertContext = NULL;
  311. BOOL fNoLogoDisplay = FALSE;
  312. BOOL fQuiet = FALSE;
  313. DWORD STRONG_NAME_LENGTH = 8;
  314. PCWSTR pcwszFilename = NULL;
  315. DWORD dwRetVal = ERROR_SUCCESS;
  317. //
  318. // Quick check - are we to display the logo?
  319. for ( int j = 0; j < argc; j++ )
  320. {
  321. if (::_wcsicmp(argv[j], L"-nologo") == 0)
  322. fNoLogoDisplay = TRUE;
  323. }
  325. if ( !fNoLogoDisplay )
  326. {
  327. ::fputws(wchMicrosoftLogo, stdout);
  328. }
  330. //
  331. // Now go look for the arguments.
  332. //
  333. if ((argc < 2) || !ParseArgs( argv, argc, &pcwszFilename, &fQuiet ))
  334. {
  335. ::DispUsage( argv[0] );
  336. dwRetVal = ERROR_INVALID_PARAMETER;
  337. goto Exit;
  338. }
  339. else if ( !pcwszFilename )
  340. {
  341. ::DispUsage( argv[0] );
  342. dwRetVal = ERROR_INVALID_PARAMETER;
  343. goto Exit;
  344. }
  346. hCertStore = ::CertOpenStore(
  347. CERT_STORE_PROV_FILENAME,
  348. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  349. NULL,
  350. CERT_STORE_OPEN_EXISTING_FLAG,
  351. (void*)pcwszFilename);
  353. if ( !hCertStore )
  354. {
  355. ::fwprintf(
  356. stderr,
  357. L"Unable to open the input file %ls, error %ld\n",
  358. pcwszFilename,
  359. dwRetVal = ::GetLastError());
  360. goto Exit;
  361. }
  363. while ( pCertContext = ::CertEnumCertificatesInStore( hCertStore, pCertContext ) )
  364. {
  365. if ( !pCertContext->pCertInfo )
  366. {
  367. ::fwprintf( stderr, L"Oddity with file %ls - Certificate information not decodable\n", pcwszFilename );
  368. continue;
  369. }
  371. // NTRAID#NTBUG9 - 536275 - jonwis - 2002/04/25 - Stack buffers are bad, replace with heap allocated blobs
  372. WCHAR wsNiceName[BUFFER_SIZE] = { L'\0' };
  373. BYTE bBuffer[BUFFER_SIZE];
  374. SIZE_T cbBuffer = BUFFER_SIZE;
  375. DWORD dwKeyLength = 0;
  376. PCERT_PUBLIC_KEY_INFO pKeyInfo = &(pCertContext->pCertInfo->SubjectPublicKeyInfo);
  377. DWORD dwDump = 0;
  379. dwDump = ::CertGetNameStringW(
  380. pCertContext,
  381. CERT_NAME_FRIENDLY_DISPLAY_TYPE,
  382. CERT_NAME_ISSUER_FLAG,
  383. NULL,
  384. wsNiceName,
  385. BUFFER_SIZE
  386. );
  388. if ( dwDump == 0 )
  389. {
  390. ::fwprintf(stderr, L"Unable to get certificate name string! Error %ld.", GetLastError());
  391. ::wcsncpy(wsNiceName, L"(Unknown)", NUMBER_OF(wsNiceName));
  392. wsNiceName[NUMBER_OF(wsNiceName) - 1] = 0;
  393. }
  395. if ( !fQuiet )
  396. {
  397. dwKeyLength = CertGetPublicKeyLength( X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, pKeyInfo );
  399. ::wprintf(L"\nCertificate: \"%ls\" - %ld bits long\n", wsNiceName, dwKeyLength);
  401. if ( dwKeyLength < 2048 )
  402. {
  403. ::wprintf(L"\tWarning! This key is too short to sign SxS assemblies with.\n\tSigning keys need to be 2048 bits or more.\n");
  404. }
  405. }
  407. if (!::GetTokenOfKey( pKeyInfo, bBuffer, cbBuffer ))
  408. {
  409. ::fwprintf(stderr, L"Unable to generate public key token for this certificate.\n");
  410. }
  411. else
  412. {
  413. if ( !fQuiet ) ::wprintf(L"\tpublicKeyToken=\"");
  414. for ( SIZE_T i = 0; i < cbBuffer; i++ )
  415. {
  416. ::wprintf(L"%02x", bBuffer[i] );
  417. }
  418. if ( !fQuiet )
  419. ::wprintf(L"\"\n");
  420. else
  421. ::wprintf(L"\n");
  423. }
  425. }
  427. Exit:
  429. if ( hCertStore != NULL )
  430. {
  431. ::CertCloseStore(hCertStore, CERT_CLOSE_STORE_FORCE_FLAG);
  432. hCertStore = NULL;
  433. }
  435. return dwRetVal;
  436. }