archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/cryptoapi/mincrypt/test/tminver/licexample.cpp

114 lines
3.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+-------------------------------------------------------------------------
  2. // File: licexample.cpp
  3. //
  4. // Contents: An example calling the minasn1 and mincrypt APIs to parse
  5. // the certificates in a PKCS #7 Signed Data, find a certificate
  6. // having the license extension and validate this certificate
  7. // up to a baked in and trusted root. Returns a pointer
  8. // to the license data within the verified certificate.
  9. //--------------------------------------------------------------------------
  11. #include <windows.h>
  12. #include "minasn1.h"
  13. #include "mincrypt.h"
  15. #define MAX_LICENSE_CERT_CNT 20
  16. #define MAX_LICENSE_EXT_CNT 20
  18. // #define szOID_ESL_LICENSE_EXT "1.3.6.1.4.1.311.41.3"
  19. const BYTE rgbOID_ESL_LICENSE_EXT[] =
  20. {0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x29, 0x03};
  21. const CRYPT_DER_BLOB ESL_LICENSE_EXTEncodedOIDBlob = {
  22. sizeof(rgbOID_ESL_LICENSE_EXT),
  23. (BYTE *) rgbOID_ESL_LICENSE_EXT
  24. };
  27. // Returns ERROR_SUCCESS if able to find and successfully verify the
  28. // certificate containing the license data. Returns pointer to the
  29. // license data bytes in the encoded data.
  30. LONG
  31. GetAndVerifyLicenseDataFromPKCS7SignedData(
  32. IN const BYTE *pbEncoded,
  33. IN DWORD cbEncoded,
  34. OUT const BYTE **ppbLicenseData,
  35. OUT DWORD *pcbLicenseData
  36. )
  37. {
  38. LONG lErr;
  39. const BYTE *pbLicenseData;
  40. DWORD cbLicenseData;
  41. DWORD cCert;
  42. CRYPT_DER_BLOB rgrgCertBlob[MAX_LICENSE_CERT_CNT][MINASN1_CERT_BLOB_CNT];
  43. PCRYPT_DER_BLOB rgLicenseCertBlob;
  44. DWORD iCert;
  46. // Parse the PKCS #7 to get the bag of certs.
  47. cCert = MAX_LICENSE_CERT_CNT;
  48. if (0 >= MinAsn1ExtractParsedCertificatesFromSignedData(
  49. pbEncoded,
  50. cbEncoded,
  51. &cCert,
  52. rgrgCertBlob
  53. ))
  54. goto ParseError;
  56. // Loop through the certs. Parse the cert's extensions. Attempt to
  57. // find the license extension.
  58. rgLicenseCertBlob = NULL;
  59. for (iCert = 0; iCert < cCert; iCert++) {
  60. DWORD cExt;
  61. CRYPT_DER_BLOB rgrgExtBlob[MAX_LICENSE_EXT_CNT][MINASN1_EXT_BLOB_CNT];
  62. PCRYPT_DER_BLOB rgLicenseExtBlob;
  64. cExt = MAX_LICENSE_EXT_CNT;
  65. if (0 >= MinAsn1ParseExtensions(
  66. &rgrgCertBlob[iCert][MINASN1_CERT_EXTS_IDX],
  67. &cExt,
  68. rgrgExtBlob
  69. ))
  70. continue;
  72. rgLicenseExtBlob = MinAsn1FindExtension(
  73. (PCRYPT_DER_BLOB) &ESL_LICENSE_EXTEncodedOIDBlob,
  74. cExt,
  75. rgrgExtBlob
  76. );
  78. if (NULL != rgLicenseExtBlob) {
  79. pbLicenseData = rgLicenseExtBlob[MINASN1_EXT_VALUE_IDX].pbData;
  80. cbLicenseData = rgLicenseExtBlob[MINASN1_EXT_VALUE_IDX].cbData;
  81. rgLicenseCertBlob = rgrgCertBlob[iCert];
  83. break;
  84. }
  85. }
  87. if (NULL == rgLicenseCertBlob)
  88. goto NoLicenseCert;
  90. // Verify the License certificate chain to a baked in trusted root.
  91. lErr = MinCryptVerifyCertificate(
  92. rgLicenseCertBlob,
  93. cCert,
  94. rgrgCertBlob
  95. );
  97. CommonReturn:
  98. *ppbLicenseData = pbLicenseData;
  99. *pcbLicenseData = cbLicenseData;
  100. return lErr;
  102. ErrorReturn:
  103. pbLicenseData = NULL;
  104. cbLicenseData = 0;
  105. goto CommonReturn;
  107. ParseError:
  108. lErr = CRYPT_E_BAD_MSG;
  109. goto ErrorReturn;
  111. NoLicenseCert:
  112. lErr = ERROR_NOT_FOUND;
  113. goto ErrorReturn;
  114. }