archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/cryptoapi/common/keysvc/certpcli.cpp

271 lines
6.6 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (C) 1996, 1997 Microsoft Corporation
  5. Module Name:
  7. nt5wrap.cpp
  9. Abstract:
  11. Client side CryptXXXData calls.
  13. Client funcs are preceeded by "CS" == Client Side
  14. Server functions are preceeded by "SS" == Server Side
  16. Author:
  18. Scott Field (sfield) 14-Aug-97
  20. Revisions:
  22. Todds 04-Sep-97 Ported to .dll
  23. Matt Thomlinson (mattt) 09-Oct-97 Moved to common area for link by crypt32
  24. philh 03-Dec-97 Added I_CertProtectFunction
  25. philh 29-Sep-98 Renamed I_CertProtectFunction to
  26. I_CertCltProtectFunction.
  27. I_CertProtectFunction was moved to
  28. ..\ispu\pki\certstor\protroot.cpp
  29. petesk 25-Jan-00 Moved to keysvc
  31. --*/
  35. #include <windows.h>
  36. #include <wincrypt.h>
  37. #include <cryptui.h>
  38. #include "unicode.h"
  39. #include "waitsvc.h"
  40. #include "certprot.h"
  42. // midl generated files
  44. #include "keyrpc.h"
  45. #include "lenroll.h"
  46. #include "keysvc.h"
  47. #include "keysvcc.h"
  48. #include "cerrpc.h"
  52. // fwds
  53. RPC_STATUS CertBindA(
  54. RPC_BINDING_HANDLE *phBind
  55. );
  58. RPC_STATUS CertUnbindA(
  59. RPC_BINDING_HANDLE *phBind
  60. );
  65. BOOL
  66. WINAPI
  67. I_CertCltProtectFunction(
  68. IN DWORD dwFuncId,
  69. IN DWORD dwFlags,
  70. IN OPTIONAL LPCWSTR pwszIn,
  71. IN OPTIONAL BYTE *pbIn,
  72. IN DWORD cbIn,
  73. OUT OPTIONAL BYTE **ppbOut,
  74. OUT OPTIONAL DWORD *pcbOut
  75. )
  76. {
  77. BOOL fResult;
  78. DWORD dwRetVal;
  79. RPC_BINDING_HANDLE h = NULL;
  80. RPC_STATUS RpcStatus;
  82. BYTE *pbSSOut = NULL;
  83. DWORD cbSSOut = 0;
  84. BYTE rgbIn[1];
  86. if (NULL == pwszIn)
  87. pwszIn = L"";
  88. if (NULL == pbIn) {
  89. pbIn = rgbIn;
  90. cbIn = 0;
  91. }
  93. if (!FIsWinNT5()) {
  94. SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
  95. goto ErrorReturn;
  96. }
  98. RpcStatus = CertBindA(&h);
  99. if (RPC_S_OK != RpcStatus) {
  100. SetLastError(RpcStatus);
  101. goto ErrorReturn;
  102. }
  105. __try {
  106. dwRetVal = SSCertProtectFunction(
  107. h,
  108. dwFuncId,
  109. dwFlags,
  110. pwszIn,
  111. pbIn,
  112. cbIn,
  113. &pbSSOut,
  114. &cbSSOut
  115. );
  116. } __except(EXCEPTION_EXECUTE_HANDLER) {
  117. dwRetVal = GetExceptionCode();
  118. }
  120. CertUnbindA(&h);
  122. if (ERROR_SUCCESS != dwRetVal) {
  123. if (RPC_S_UNKNOWN_IF == dwRetVal)
  124. dwRetVal = ERROR_CALL_NOT_IMPLEMENTED;
  125. SetLastError(dwRetVal);
  126. goto ErrorReturn;
  127. }
  129. fResult = TRUE;
  130. CommonReturn:
  131. if (ppbOut)
  132. *ppbOut = pbSSOut;
  133. else if (pbSSOut)
  134. midl_user_free(pbSSOut);
  136. if (pcbOut)
  137. *pcbOut = cbSSOut;
  139. return fResult;
  141. ErrorReturn:
  142. fResult = FALSE;
  143. goto CommonReturn;
  144. }
  148. static RPC_STATUS CertBindA(RPC_BINDING_HANDLE *phBind)
  149. {
  150. static BOOL fDone = FALSE;
  151. RPC_STATUS RpcStatus = RPC_S_OK;
  152. unsigned char * pszBinding = NULL;
  153. RPC_BINDING_HANDLE hBind = NULL;
  154. RPC_SECURITY_QOS RpcSecurityQOS;
  155. SID_IDENTIFIER_AUTHORITY SIDAuth = SECURITY_NT_AUTHORITY;
  156. PSID pSID = NULL;
  157. WCHAR szName[64];
  158. DWORD cbName = 64;
  159. WCHAR szDomainName[256]; // max domain is 255
  160. DWORD cbDomainName = 256;
  161. SID_NAME_USE Use;
  163. //
  164. // wait for the service to be available before attempting bind
  165. //
  167. WaitForCryptService(L"CryptSvc", &fDone);
  170. RpcStatus = RpcStringBindingComposeA(
  171. NULL,
  172. (unsigned char*)KEYSVC_LOCAL_PROT_SEQ,
  173. NULL,
  174. (unsigned char*)KEYSVC_LOCAL_ENDPOINT,
  175. NULL,
  176. &pszBinding
  177. );
  178. if (RPC_S_OK != RpcStatus)
  179. goto ErrorReturn;
  181. RpcStatus = RpcBindingFromStringBindingA(pszBinding, &hBind);
  182. if (RPC_S_OK != RpcStatus)
  183. goto ErrorReturn;
  185. RpcStatus = RpcEpResolveBinding(
  186. hBind,
  187. ICertProtectFunctions_v1_0_c_ifspec
  188. );
  189. if (RPC_S_OK != RpcStatus)
  190. goto ErrorReturn;
  192. //
  193. // Set the autorization so that we will only call a Local Service process
  194. //
  195. memset(&RpcSecurityQOS, 0, sizeof(RpcSecurityQOS));
  196. RpcSecurityQOS.Version = RPC_C_SECURITY_QOS_VERSION;
  197. RpcSecurityQOS.Capabilities = RPC_C_QOS_CAPABILITIES_MUTUAL_AUTH;
  198. RpcSecurityQOS.IdentityTracking = RPC_C_QOS_IDENTITY_DYNAMIC;
  199. RpcSecurityQOS.ImpersonationType = RPC_C_IMP_LEVEL_IMPERSONATE;
  201. if (AllocateAndInitializeSid(&SIDAuth, 1,
  202. SECURITY_LOCAL_SYSTEM_RID,
  203. 0, 0, 0, 0, 0, 0, 0,
  204. &pSID) == 0)
  205. {
  206. RpcStatus = RPC_S_OUT_OF_MEMORY;
  207. goto ErrorReturn;
  208. }
  210. if (LookupAccountSidW(NULL,
  211. pSID,
  212. szName,
  213. &cbName,
  214. szDomainName,
  215. &cbDomainName,
  216. &Use) == 0)
  217. {
  218. RpcStatus = RPC_S_UNKNOWN_PRINCIPAL;
  219. goto ErrorReturn;
  220. }
  222. RpcStatus = RpcBindingSetAuthInfoExW(
  223. hBind,
  224. szName,
  225. RPC_C_AUTHN_LEVEL_PKT,
  226. RPC_C_AUTHN_WINNT,
  227. NULL,
  228. 0,
  229. &RpcSecurityQOS
  230. );
  231. if (RPC_S_OK != RpcStatus)
  232. goto ErrorReturn;
  234. CommonReturn:
  235. if (NULL != pszBinding) {
  236. RpcStringFreeA(&pszBinding);
  237. }
  239. if (NULL != pSID) {
  240. FreeSid(pSID);
  241. }
  243. *phBind = hBind;
  244. return RpcStatus;
  246. ErrorReturn:
  247. if (NULL != hBind)
  248. {
  249. RpcBindingFree(&hBind);
  250. hBind = NULL;
  251. }
  253. goto CommonReturn;
  254. }
  258. static RPC_STATUS CertUnbindA(RPC_BINDING_HANDLE *phBind)
  259. {
  260. RPC_STATUS RpcStatus;
  262. if (NULL != *phBind) {
  263. RpcStatus = RpcBindingFree(phBind);
  264. } else {
  265. RpcStatus = RPC_S_OK;
  266. }
  268. return RpcStatus;
  269. }