archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetsrv/iis/iisrearc/iisplus/sfwp/dll/servercert.hxx

340 lines
6.8 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #ifndef _SERVERCERT_HXX_
  2. #define _SERVERCERT_HXX_
  3. /*++
  5. Copyright (c) 1998 Microsoft Corporation
  7. Module Name :
  8. servercert.hxx
  10. Abstract:
  11. Server Certificate wrapper
  13. Author:
  14. Bilal Alam (BAlam) 29-March-2000
  16. Environment:
  17. Win32 - User Mode
  19. Project:
  20. Stream Filter Worker Process
  21. --*/
  22. class CREDENTIAL_ID
  23. {
  24. public:
  25. CREDENTIAL_ID()
  26. {
  27. _cbCredentialId = 0;
  28. }
  30. HRESULT
  31. Append(
  32. BYTE * pbHash,
  33. DWORD cbHash
  34. )
  35. {
  36. if ( !_bufId.Resize( _cbCredentialId + cbHash ) )
  37. {
  38. return HRESULT_FROM_WIN32( GetLastError() );
  39. }
  41. memcpy( (PBYTE) _bufId.QueryPtr() + _cbCredentialId,
  42. pbHash,
  43. cbHash );
  45. _cbCredentialId += cbHash;
  47. return NO_ERROR;
  48. }
  50. VOID *
  51. QueryBuffer(
  52. VOID
  53. )
  54. {
  55. return _bufId.QueryPtr();
  56. }
  58. DWORD
  59. QuerySize(
  60. VOID
  61. )
  62. {
  63. return _cbCredentialId;
  64. }
  66. static
  67. bool
  68. IsEqual(
  69. CREDENTIAL_ID * pId1,
  70. CREDENTIAL_ID * pId2
  71. )
  72. {
  73. return ( pId1->_cbCredentialId == pId2->_cbCredentialId ) &&
  74. ( !memcmp( pId1->_bufId.QueryPtr(),
  75. pId2->_bufId.QueryPtr(),
  76. min( pId1->_cbCredentialId, pId2->_cbCredentialId ) ) );
  78. }
  80. private:
  81. BUFFER _bufId;
  82. DWORD _cbCredentialId;
  83. };
  85. class SERVER_CERT_HASH;
  86. class CERT_STORE;
  88. #define SERVER_CERT_SIGNATURE (DWORD)'RCRS'
  89. #define SERVER_CERT_SIGNATURE_FREE (DWORD)'rcrs'
  91. class SERVER_CERT
  92. {
  93. public:
  94. SERVER_CERT(
  95. IN CREDENTIAL_ID * pCredentialId
  96. );
  98. virtual
  99. ~SERVER_CERT();
  101. BOOL
  102. CheckSignature(
  103. VOID
  104. ) const
  105. {
  106. return _dwSignature == SERVER_CERT_SIGNATURE;
  107. }
  109. CREDENTIAL_ID *
  110. QueryCredentialId(
  111. VOID
  112. ) const
  113. {
  114. return _pCredentialId;
  115. }
  117. VOID
  118. ReferenceServerCert(
  119. VOID
  120. )
  121. {
  122. InterlockedIncrement( &_cRefs );
  123. }
  125. VOID
  126. DereferenceServerCert(
  127. VOID
  128. )
  129. {
  130. if ( !InterlockedDecrement( &_cRefs ) )
  131. {
  132. delete this;
  133. }
  134. }
  136. PCCERT_CONTEXT *
  137. QueryCertContext(
  138. VOID
  139. )
  140. {
  141. return &_pCertContext;
  142. }
  144. HCERTSTORE
  145. QueryStore(
  146. VOID
  147. ) const
  148. {
  149. return _pCertStore->QueryStore();
  150. }
  152. STRA *
  153. QueryIssuer(
  154. VOID
  155. )
  156. {
  157. return &_strIssuer;
  158. }
  160. STRA *
  161. QuerySubject(
  162. VOID
  163. )
  164. {
  165. return &_strSubject;
  166. }
  168. USHORT
  169. QueryPublicKeySize(
  170. VOID
  171. ) const
  172. {
  173. return _usPublicKeySize;
  174. }
  176. BOOL
  177. QueryUsesHardwareAccelerator(
  178. VOID
  179. ) const
  180. {
  181. return _fUsesHardwareAccelerator;
  182. }
  185. HRESULT
  186. SetupCertificate(
  187. IN PBYTE pbSslCertHash,
  188. IN DWORD cbSslCertHash,
  189. IN WCHAR * pszSslCertStoreName
  190. );
  192. static
  193. HRESULT
  194. Initialize(
  195. VOID
  196. );
  198. static
  199. VOID
  200. Terminate(
  201. VOID
  202. );
  204. static
  205. HRESULT
  206. GetServerCertificate(
  207. IN PBYTE pbSslCertHash,
  208. IN DWORD cbSslCertHash,
  209. IN WCHAR * pszSslCertStoreName,
  210. OUT SERVER_CERT ** ppServerCert
  211. );
  213. static
  214. HRESULT
  215. BuildCredentialId(
  216. IN PBYTE pbSslCertHash,
  217. IN DWORD cbSslCertHash,
  218. OUT CREDENTIAL_ID * pCredentialId
  219. );
  221. static
  222. HRESULT
  223. FlushByStore(
  224. IN CERT_STORE * pCertStore
  225. );
  227. static
  228. VOID
  229. Cleanup(
  230. VOID
  231. );
  233. static
  234. LK_PREDICATE
  235. CertStorePredicate(
  236. IN SERVER_CERT * pServerCert,
  237. IN void * pvState
  238. );
  240. private:
  241. HRESULT DetermineUseOfSSLHardwareAccelerator(
  242. VOID
  243. );
  245. DWORD _dwSignature;
  246. LONG _cRefs;
  247. PCCERT_CONTEXT _pCertContext;
  248. CERT_STORE * _pCertStore;
  249. CREDENTIAL_ID * _pCredentialId;
  250. USHORT _usPublicKeySize;
  251. STRA _strIssuer;
  252. STRA _strSubject;
  253. //
  254. // indication that SSL hardware accelerator is used
  255. // (since currently there is no reliable way to ask
  256. // schannel of CAPI if SSL hardware accelerator is indeed used
  257. // we use optimistic lookup of config info based on magic
  258. // instructions from John Banes (see Windows Bugs 510131)
  259. // and based on that we make educated guess
  260. // The only purpose to care about this is for performance tuning
  261. // of the threadpool
  262. //
  263. BOOL _fUsesHardwareAccelerator;
  265. static SERVER_CERT_HASH * sm_pServerCertHash;
  266. };
  268. class SERVER_CERT_HASH
  269. : public CTypedHashTable<
  270. SERVER_CERT_HASH,
  271. SERVER_CERT,
  272. CREDENTIAL_ID *
  273. >
  274. {
  275. public:
  276. SERVER_CERT_HASH()
  277. : CTypedHashTable< SERVER_CERT_HASH,
  278. SERVER_CERT,
  279. CREDENTIAL_ID * > ( "SERVER_CERT_HASH" )
  280. {
  281. }
  283. static
  284. CREDENTIAL_ID *
  285. ExtractKey(
  286. const SERVER_CERT * pServerCert
  287. )
  288. {
  289. return pServerCert->QueryCredentialId();
  290. }
  292. static
  293. DWORD
  294. CalcKeyHash(
  295. CREDENTIAL_ID * pCredentialId
  296. )
  297. {
  298. return HashBlob( pCredentialId->QueryBuffer(),
  299. pCredentialId->QuerySize() );
  300. }
  302. static
  303. bool
  304. EqualKeys(
  305. CREDENTIAL_ID * pId1,
  306. CREDENTIAL_ID * pId2
  307. )
  308. {
  309. return CREDENTIAL_ID::IsEqual( pId1, pId2 );
  310. }
  312. static
  313. void
  314. AddRefRecord(
  315. SERVER_CERT * pServerCert,
  316. int nIncr
  317. )
  318. {
  319. if ( nIncr == +1 )
  320. {
  321. pServerCert->ReferenceServerCert();
  322. }
  323. else if ( nIncr == -1 )
  324. {
  325. pServerCert->DereferenceServerCert();
  326. }
  327. }
  328. private:
  329. //
  330. // Not implemented methods
  331. // Declarations present to prevent compiler
  332. // to generate default ones.
  333. //
  334. SERVER_CERT_HASH( const SERVER_CERT_HASH& );
  335. SERVER_CERT_HASH& operator=( const SERVER_CERT_HASH& );
  338. };
  340. #endif