archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/services/ca/ocmsetup/cspenum.cpp

642 lines
15 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 1997 - 1999
  6. //
  7. // File: cspenum.cpp
  8. //
  9. //--------------------------------------------------------------------------
  11. #include <pch.cpp>
  13. #pragma hdrstop
  15. #include <tchar.h>
  16. #include <assert.h>
  18. #include "initcert.h"
  19. #include "cscsp.h"
  20. #include "cspenum.h"
  21. #include "certmsg.h"
  24. #define __dwFILE__ __dwFILE_OCMSETUP_CSPENUM_CPP__
  27. WCHAR const g_wszRegKeyCSP[] = wszREGKEYCSP;
  28. WCHAR const g_wszRegKeyEncryptionCSP[] = wszREGKEYENCRYPTIONCSP;
  29. WCHAR const g_wszRegProviderType[] = wszREGPROVIDERTYPE;
  30. WCHAR const g_wszRegProvider[] = wszREGPROVIDER;
  31. WCHAR const g_wszRegHashAlgorithm[] = wszHASHALGORITHM;
  32. TCHAR const g_wszRegEncryptionAlgorithm[] = wszENCRYPTIONALGORITHM;
  33. WCHAR const g_wszRegMachineKeyset[] = wszMACHINEKEYSET;
  34. WCHAR const g_wszRegKeySize[] = wszREGKEYSIZE;
  37. // Hash Enumeration code begins
  38. // move point to link list top
  39. CSP_HASH*
  40. topHashInfoList(CSP_HASH *pHashInfoList)
  41. {
  42. while (pHashInfoList->last)
  43. {
  44. pHashInfoList = pHashInfoList->last;
  45. }
  46. return pHashInfoList;
  47. }
  49. // move point to link list end
  50. CSP_HASH*
  51. endHashInfoList(CSP_HASH *pHashInfoList)
  52. {
  53. while (pHashInfoList->next)
  54. {
  55. pHashInfoList = pHashInfoList->next;
  56. }
  57. return pHashInfoList;
  58. }
  60. // add one more CSP_INFO
  61. void
  62. addHashInfo(CSP_HASH *pHashInfoList, CSP_HASH *pHashInfo)
  63. {
  64. // add
  65. pHashInfoList->next = pHashInfo;
  66. pHashInfo->last = pHashInfoList;
  67. }
  69. // add one more CSP_INFO to end
  70. void
  71. addHashInfoToEnd(CSP_HASH *pHashInfoList, CSP_HASH *pHashInfo)
  72. {
  73. // go to end
  74. pHashInfoList = endHashInfoList(pHashInfoList);
  75. // add
  76. pHashInfoList->next = pHashInfo;
  77. pHashInfo->last = pHashInfoList;
  78. }
  80. CSP_HASH *
  81. newHashInfo(
  82. ALG_ID idAlg,
  83. CHAR *pszName)
  84. {
  85. CSP_HASH *pHashInfo = NULL;
  87. if (NULL != pszName)
  88. {
  89. pHashInfo = (CSP_HASH*)LocalAlloc(LMEM_FIXED, sizeof(CSP_HASH));
  90. if (NULL == pHashInfo)
  91. {
  92. SetLastError((DWORD) E_OUTOFMEMORY);
  93. }
  94. else
  95. {
  96. pHashInfo->pwszName = (WCHAR*)LocalAlloc(LMEM_FIXED,
  97. (strlen(pszName)+1)*sizeof(WCHAR));
  98. if (NULL == pHashInfo->pwszName)
  99. {
  100. LocalFree(pHashInfo);
  101. SetLastError((DWORD) E_OUTOFMEMORY);
  102. return NULL;
  103. }
  104. else
  105. {
  106. // create a new one
  107. pHashInfo->idAlg = idAlg;
  108. mbstowcs(pHashInfo->pwszName, pszName, strlen(pszName)+1);
  109. pHashInfo->last = NULL;
  110. pHashInfo->next = NULL;
  111. }
  112. }
  113. }
  114. return pHashInfo;
  115. }
  118. void
  119. freeHashInfo(CSP_HASH *pHashInfo)
  120. {
  121. if (pHashInfo)
  122. {
  123. if (pHashInfo->pwszName)
  124. {
  125. LocalFree(pHashInfo->pwszName);
  126. }
  127. LocalFree(pHashInfo);
  128. }
  129. }
  131. void
  132. freeHashInfoList(
  133. CSP_HASH *pHashInfoList)
  134. {
  135. CSP_HASH *pNext;
  137. if (pHashInfoList)
  138. {
  139. // go top
  140. pHashInfoList = topHashInfoList(pHashInfoList);
  141. do
  142. {
  143. pNext = pHashInfoList->next;
  144. freeHashInfo(pHashInfoList);
  145. pHashInfoList = pNext;
  146. } while (pHashInfoList);
  147. }
  148. }
  150. HRESULT
  151. GetHashList(
  152. DWORD dwProvType,
  153. WCHAR *pwszProvName,
  154. CSP_HASH **pHashInfoList)
  155. {
  156. HRESULT hr;
  157. HCRYPTPROV hProv = NULL;
  158. CHAR *pszName = NULL;
  159. DWORD i;
  160. ALG_ID *pidAlg;
  161. DWORD cbData;
  162. BYTE *pbData;
  163. DWORD dwFlags;
  165. BOOL fSupportSigningFlag = FALSE; // none-ms csp likely
  166. PROV_ENUMALGS_EX EnumAlgsEx;
  167. PROV_ENUMALGS EnumAlgs;
  169. CSP_HASH *pHashInfo = NULL;
  170. CSP_HASH *pHashInfoNode;
  172. if (NULL == pwszProvName)
  173. {
  174. // the reason why I check this because
  175. // NULL is a valid input for CryptAcquireContext()
  176. hr = E_INVALIDARG;
  177. _JumpError(hr, error, "no provider name");
  178. }
  179. if (!myCertSrvCryptAcquireContext(
  180. &hProv,
  181. NULL,
  182. pwszProvName,
  183. dwProvType,
  184. CRYPT_VERIFYCONTEXT,
  185. FALSE))
  186. {
  187. hr = myHLastError();
  188. if (NULL != hProv)
  189. {
  190. hProv = NULL;
  191. _PrintError(hr, "CSP returns a non-null handle");
  192. }
  193. _JumpErrorStr(hr, error, "myCertSrvCryptAcquireContext", pwszProvName);
  194. }
  196. // check if csp support signing flag
  197. if (CryptGetProvParam(hProv, PP_ENUMEX_SIGNING_PROT, NULL, &cbData, 0))
  198. {
  199. fSupportSigningFlag = TRUE;
  200. }
  202. dwFlags = CRYPT_FIRST;
  203. for (i = 0; ; dwFlags = 0, i++)
  204. {
  205. DWORD const *pdwProtocols;
  207. if (fSupportSigningFlag)
  208. {
  209. pdwProtocols = &EnumAlgsEx.dwProtocols;
  210. pidAlg = &EnumAlgsEx.aiAlgid;
  211. cbData = sizeof(EnumAlgsEx);
  212. pbData = (BYTE *) &EnumAlgsEx;
  213. }
  214. else
  215. {
  216. pdwProtocols = NULL;
  217. pidAlg = &EnumAlgs.aiAlgid;
  218. cbData = sizeof(EnumAlgs);
  219. pbData = (BYTE *) &EnumAlgs;
  220. }
  221. ZeroMemory(pbData, cbData);
  222. if (!CryptGetProvParam(
  223. hProv,
  224. fSupportSigningFlag?
  225. PP_ENUMALGS_EX : PP_ENUMALGS,
  226. pbData,
  227. &cbData,
  228. dwFlags))
  229. {
  230. hr = myHLastError();
  231. if (HRESULT_FROM_WIN32(ERROR_NO_MORE_ITEMS) == hr)
  232. {
  233. // out of for loop
  234. break;
  235. }
  236. _JumpError(hr, error, "CryptGetProvParam");
  237. }
  238. if (ALG_CLASS_HASH == GET_ALG_CLASS(*pidAlg))
  239. {
  240. if (fSupportSigningFlag)
  241. {
  242. if (0 == (CRYPT_FLAG_SIGNING & *pdwProtocols))
  243. {
  244. // this means this hash doesn't support signing
  245. continue; // skip
  246. }
  247. pszName = EnumAlgsEx.szLongName;
  248. pszName = EnumAlgsEx.szName;
  249. }
  250. else
  251. {
  252. pszName = EnumAlgs.szName;
  253. }
  255. pHashInfoNode = newHashInfo(*pidAlg, pszName); // 2nd parm: name
  256. if (NULL == pHashInfoNode)
  257. {
  258. hr = E_OUTOFMEMORY;
  259. _JumpError(hr, error, "newHashInfo");
  260. }
  262. if (NULL == pHashInfo)
  263. {
  264. pHashInfo = pHashInfoNode;
  265. }
  266. else
  267. {
  268. // add to temp list
  269. addHashInfoToEnd(pHashInfo, pHashInfoNode);
  270. }
  271. }
  272. }
  274. // pass it back to caller
  275. *pHashInfoList = pHashInfo;
  276. pHashInfo = NULL;
  277. hr = S_OK;
  279. error:
  280. if (NULL != pHashInfo)
  281. {
  282. freeHashInfoList(pHashInfo);
  283. }
  284. if (NULL != hProv)
  285. {
  286. CryptReleaseContext(hProv, 0);
  287. }
  288. return hr;
  289. }
  292. // CSP Enumeration code begins
  293. // move point to link list top
  294. CSP_INFO*
  295. topCSPInfoList(CSP_INFO *pCSPInfoList)
  296. {
  297. while (pCSPInfoList->last)
  298. {
  299. pCSPInfoList = pCSPInfoList->last;
  300. }
  301. return pCSPInfoList;
  302. }
  305. // move point to link list end
  306. CSP_INFO*
  307. endCSPInfoList(CSP_INFO *pCSPInfoList)
  308. {
  309. while (pCSPInfoList->next)
  310. {
  311. pCSPInfoList = pCSPInfoList->next;
  312. }
  313. return pCSPInfoList;
  314. }
  316. // find first matched csp info from the list
  317. CSP_INFO*
  318. findCSPInfoFromList(
  319. CSP_INFO *pCSPInfoList,
  320. WCHAR const *pwszProvName,
  321. const DWORD dwProvType)
  322. {
  323. while (NULL != pCSPInfoList)
  324. {
  325. if (0 == mylstrcmpiL(pCSPInfoList->pwszProvName, pwszProvName) &&
  326. pCSPInfoList->dwProvType == dwProvType)
  327. {
  328. // found it
  329. break;
  330. }
  331. pCSPInfoList = pCSPInfoList->next;
  332. }
  333. return pCSPInfoList;
  334. }
  336. // add one more CSP_INFO
  337. void
  338. addCSPInfo(CSP_INFO *pCSPInfoList, CSP_INFO *pCSPInfo)
  339. {
  340. // add
  341. pCSPInfoList->next = pCSPInfo;
  342. pCSPInfo->last = pCSPInfoList;
  343. }
  346. // add one more CSP_INFO to end
  347. void
  348. addCSPInfoToEnd(CSP_INFO *pCSPInfoList, CSP_INFO *pCSPInfo)
  349. {
  350. // go to end
  351. pCSPInfoList = endCSPInfoList(pCSPInfoList);
  352. // add
  353. pCSPInfoList->next = pCSPInfo;
  354. pCSPInfo->last = pCSPInfoList;
  355. }
  358. void
  359. freeCSPInfo(CSP_INFO *pCSPInfo)
  360. {
  361. if (pCSPInfo)
  362. {
  363. if (pCSPInfo->pwszProvName)
  364. {
  365. LocalFree(pCSPInfo->pwszProvName);
  366. }
  367. if (pCSPInfo->pHashList)
  368. {
  369. freeHashInfoList(pCSPInfo->pHashList);
  370. }
  371. LocalFree(pCSPInfo);
  372. }
  373. }
  376. CSP_INFO *
  377. newCSPInfo(
  378. DWORD dwProvType,
  379. WCHAR *pwszProvName)
  380. {
  381. CSP_INFO *pCSPInfo = NULL;
  382. CSP_HASH *pHashList = NULL;
  384. if (NULL != pwszProvName)
  385. {
  386. // get all hash algorithms under this csp
  387. if (S_OK != GetHashList(dwProvType, pwszProvName, &pHashList))
  388. {
  389. // certsrv needs csp with hash support
  390. goto done;
  391. }
  392. else
  393. {
  394. pCSPInfo = (CSP_INFO*)LocalAlloc(LMEM_FIXED, sizeof(CSP_INFO));
  395. if (NULL == pCSPInfo)
  396. {
  397. freeHashInfoList(pHashList);
  398. SetLastError((DWORD) E_OUTOFMEMORY);
  399. }
  400. else
  401. {
  402. pCSPInfo->pwszProvName = (WCHAR*)LocalAlloc(LMEM_FIXED,
  403. (wcslen(pwszProvName) + 1) * sizeof(WCHAR));
  404. if (NULL == pCSPInfo->pwszProvName)
  405. {
  406. freeHashInfoList(pHashList);
  407. LocalFree(pCSPInfo);
  408. pCSPInfo = NULL;
  409. SetLastError((DWORD) E_OUTOFMEMORY);
  410. goto done;
  411. }
  412. else
  413. {
  414. // create a new one
  415. pCSPInfo->dwProvType = dwProvType;
  416. pCSPInfo->fMachineKeyset = TRUE; // assume???
  417. wcscpy(pCSPInfo->pwszProvName, pwszProvName);
  418. pCSPInfo->pHashList = pHashList;
  419. pCSPInfo->last = NULL;
  420. pCSPInfo->next = NULL;
  421. }
  422. }
  423. }
  424. }
  425. done:
  426. return pCSPInfo;
  427. }
  430. void
  431. FreeCSPInfoList(CSP_INFO *pCSPInfoList)
  432. {
  433. CSP_INFO *pNext;
  435. if (pCSPInfoList)
  436. {
  437. // go top
  438. pCSPInfoList = topCSPInfoList(pCSPInfoList);
  439. do
  440. {
  441. pNext = pCSPInfoList->next;
  442. freeCSPInfo(pCSPInfoList);
  443. pCSPInfoList = pNext;
  444. } while (pCSPInfoList);
  445. }
  446. }
  448. HRESULT
  449. GetCSPInfoList(CSP_INFO **pCSPInfoList)
  450. {
  451. HRESULT hr;
  452. long i;
  453. DWORD dwProvType;
  454. WCHAR *pwszProvName = NULL;
  455. CSP_INFO *pCSPInfo = NULL;
  456. CSP_INFO *pCSPInfoNode;
  458. for (i = 0; ; i++)
  459. {
  460. // get provider name
  462. hr = myEnumProviders(
  463. i,
  464. NULL,
  465. 0,
  466. &dwProvType,
  467. &pwszProvName);
  468. if (S_OK != hr)
  469. {
  470. hr = myHLastError();
  471. CSASSERT(
  472. HRESULT_FROM_WIN32(ERROR_NO_MORE_ITEMS) == hr ||
  473. NTE_FAIL == hr);
  474. if (HRESULT_FROM_WIN32(ERROR_NO_MORE_ITEMS) == hr ||
  475. NTE_FAIL == hr)
  476. {
  477. // no more providers under type, terminate loop
  478. break;
  479. }
  481. // invalid CSP entry, skip it
  483. continue;
  484. }
  486. if (PROV_RSA_FULL == dwProvType ||
  487. PROV_RSA_SIG == dwProvType ||
  488. PROV_DSS == dwProvType ||
  489. PROV_MS_EXCHANGE == dwProvType ||
  490. PROV_SSL == dwProvType)
  491. {
  492. if (NULL == pCSPInfo)
  493. {
  494. // first csp info
  495. pCSPInfo = newCSPInfo(dwProvType, pwszProvName);
  496. }
  497. else
  498. {
  499. // create a node
  500. pCSPInfoNode = newCSPInfo(dwProvType, pwszProvName);
  501. if (NULL != pCSPInfoNode)
  502. {
  503. // add to list
  504. addCSPInfoToEnd(pCSPInfo, pCSPInfoNode);
  505. }
  506. }
  507. }
  508. LocalFree(pwszProvName);
  509. pwszProvName = NULL;
  510. }
  512. // pass back to caller
  514. *pCSPInfoList = pCSPInfo;
  515. hr = S_OK;
  517. //error:
  518. if (NULL != pwszProvName)
  519. {
  520. LocalFree(pwszProvName);
  521. }
  522. return(hr);
  523. }
  526. HRESULT
  527. SetCertSrvCSP(
  528. IN BOOL fEncryptionCSP,
  529. IN WCHAR const *pwszCAName,
  530. IN DWORD dwProvType,
  531. IN WCHAR const *pwszProvName,
  532. IN ALG_ID idAlg,
  533. IN BOOL fMachineKeyset,
  534. IN DWORD dwKeySize)
  535. {
  536. HRESULT hr;
  537. HKEY hCertSrvKey = NULL;
  538. HKEY hCertSrvCAKey = NULL;
  539. HKEY hCertSrvCSPKey = NULL;
  540. DWORD dwDisposition;
  542. hr = RegCreateKeyEx(
  543. HKEY_LOCAL_MACHINE,
  544. wszREGKEYCONFIGPATH,
  545. 0,
  546. NULL,
  547. REG_OPTION_NON_VOLATILE,
  548. KEY_ALL_ACCESS,
  549. NULL,
  550. &hCertSrvKey,
  551. &dwDisposition);
  552. _JumpIfErrorStr(hr, error, "RegCreateKeyEx", wszREGKEYCONFIGPATH);
  554. hr = RegCreateKeyEx(
  555. hCertSrvKey,
  556. pwszCAName,
  557. 0,
  558. NULL,
  559. REG_OPTION_NON_VOLATILE,
  560. KEY_ALL_ACCESS,
  561. NULL,
  562. &hCertSrvCAKey,
  563. &dwDisposition);
  564. _JumpIfErrorStr(hr, error, "RegCreateKeyEx", pwszCAName);
  566. hr = RegCreateKeyEx(
  567. hCertSrvCAKey,
  568. fEncryptionCSP? g_wszRegKeyEncryptionCSP : g_wszRegKeyCSP,
  569. 0,
  570. NULL,
  571. REG_OPTION_NON_VOLATILE,
  572. KEY_ALL_ACCESS,
  573. NULL,
  574. &hCertSrvCSPKey,
  575. &dwDisposition);
  576. _JumpIfErrorStr(hr, error, "RegCreateKeyEx", g_wszRegKeyCSP);
  578. hr = RegSetValueEx(
  579. hCertSrvCSPKey,
  580. g_wszRegProviderType,
  581. 0,
  582. REG_DWORD,
  583. (BYTE const *) &dwProvType,
  584. sizeof(dwProvType));
  585. _JumpIfErrorStr(hr, error, "RegSetValueEx", g_wszRegProviderType);
  587. hr = RegSetValueEx(
  588. hCertSrvCSPKey,
  589. g_wszRegProvider,
  590. 0,
  591. REG_SZ,
  592. (BYTE const *) pwszProvName,
  593. wcslen(pwszProvName) * sizeof(WCHAR));
  594. _JumpIfErrorStr(hr, error, "RegSetValueEx", g_wszRegProvider);
  596. hr = RegSetValueEx(
  597. hCertSrvCSPKey,
  598. fEncryptionCSP?
  599. g_wszRegEncryptionAlgorithm :
  600. g_wszRegHashAlgorithm,
  601. 0,
  602. REG_DWORD, // questionable???
  603. (BYTE const *) &idAlg,
  604. sizeof(idAlg));
  605. _JumpIfErrorStr(hr, error, "RegSetValueEx", g_wszRegHashAlgorithm);
  607. hr = RegSetValueEx(
  608. hCertSrvCSPKey,
  609. g_wszRegMachineKeyset,
  610. 0,
  611. REG_DWORD,
  612. (BYTE const *) &fMachineKeyset,
  613. sizeof(fMachineKeyset));
  614. _JumpIfErrorStr(hr, error, "RegSetValueEx", g_wszRegMachineKeyset);
  616. if (0 != dwKeySize)
  617. {
  618. hr = RegSetValueEx(
  619. hCertSrvCSPKey,
  620. g_wszRegKeySize,
  621. 0,
  622. REG_DWORD,
  623. (BYTE const *) &dwKeySize,
  624. sizeof(dwKeySize));
  625. _JumpIfErrorStr(hr, error, "RegSetValueEx", g_wszRegKeySize);
  626. }
  628. error:
  629. if (NULL != hCertSrvCSPKey)
  630. {
  631. RegCloseKey(hCertSrvCSPKey);
  632. }
  633. if (NULL != hCertSrvCAKey)
  634. {
  635. RegCloseKey(hCertSrvCAKey);
  636. }
  637. if (NULL != hCertSrvKey)
  638. {
  639. RegCloseKey(hCertSrvKey);
  640. }
  641. return(myHError(hr));
  642. }