archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/inetcore/outlookexpress/inetcomm/mimeole/smime.h

348 lines
13 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*
  2. ** s m i m e . h
  3. **
  4. ** Purpose: class for cryptographically enhanced mail.
  5. **
  6. ** Owner: t-erikne
  7. ** Created: 8/27/96
  8. **
  9. ** Copyright (C) Microsoft Corp. 1996-1998
  10. */
  12. #ifndef __SMIME_H
  13. #define __SMIME_H
  15. #include <mimeole.h>
  17. #ifndef __WINCRYPT_H__
  18. #include "wincrypt.h"
  19. #endif
  21. #ifdef SMIME_V3
  22. // #include "..\ess\essout.h"
  23. #endif // SMIME_V3
  25. #define szOID_INFOSEC_keyExchangeAlgorithm "2.16.840.1.101.2.1.1.22"
  27. #include "capitype.h"
  28. #include "cryptdbg.h"
  30. // WinCrypt.h helper
  32. #define DOUTL_SMIME CRYPT_LEVEL
  34. class CCAPIStm;
  36. extern CRYPT_ENCODE_PARA CryptEncodeAlloc;
  37. extern CRYPT_DECODE_PARA CryptDecodeAlloc;
  40. #ifdef MAC
  41. /*
  42. ** An array of function pointers, needed because we dynalink to
  43. ** CRYPT32.DLL. Note that not all of the crypto functions come
  44. ** from this DLL. I also use functions from ADVAPI32: the CAPI 1
  45. ** functions. These are not represented in this table and do not
  46. ** need to use GetProcAddress.
  47. ** Typedefs come from capitype.h, local to our project.
  48. */
  50. typedef struct tagCAPIfuncs {
  51. CERTENUMCERTIFICATESINSTORE *EnumCerts;
  52. CERTNAMETOSTRA *CertNameToStr;
  53. } CAPIfuncs, *PCAPIfuncs;
  54. #endif // MAC
  57. /////////////////////////////////////////////////////////////////////////////
  58. //
  59. // Structure definitions
  60. //
  62. typedef enum {
  63. ENCRYPT_ITEM_TRANSPORT = 1,
  64. ENCRYPT_ITEM_AGREEMENT = 2,
  65. ENCRYPT_ITEM_MAILLIST = 3
  66. } ENCRYPT_ITEM_TYPE;
  68. typedef struct tagEncryptItem {
  69. DWORD dwTagType;
  70. union {
  71. struct {
  72. BLOB blobAlg;
  73. DWORD cCert;
  74. PCCERT_CONTEXT * rgpccert;
  75. } Transport;
  76. struct {
  77. BLOB blobAlg;
  78. DWORD cCert;
  79. PCCERT_CONTEXT * rgpccert;
  80. PCCERT_CONTEXT pccertSender;
  81. } Agreement;
  82. struct {
  83. BLOB blobAlg; // AlgId + AuxInfo
  84. BLOB blobKeyId; // Data_Blob KeyID
  85. FILETIME date; // Date
  86. BLOB blobOctet; // Other attribute (oid, any)
  87. #ifdef SMIME_V3
  88. HCRYPTPROV hprov; // hprov
  89. HCRYPTKEY hkey; // hkey
  90. #else // !SMIME_V3
  91. BLOB blobKeyMaterial;
  92. #endif // SMIME_V3
  93. } MailList;
  94. };
  95. } EncryptItem;
  97. typedef struct tagEncryptItems {
  98. DWORD cItems;
  99. EncryptItem * rgItems;
  100. } EncryptItems;
  102. //
  103. // Notes about the [directions]
  104. // [sgn] - signing -- in for sign ops
  105. // [ver] - verification -- out for sign ops
  106. // [enc] - encryption -- in for encrypt ops
  107. // [dec] - decryption -- out for encrypt ops
  108. // [in] = [sgn,enc]
  109. // [out] = [ver,dec]
  110. //
  112. typedef struct {
  113. DWORD ulValidity; // Validity bits for each signature
  114. PCCERT_CONTEXT pccert; // Signer certificate
  115. BLOB blobHashAlg; // Hash algorithm for signer
  116. BLOB blobAuth; // authenticated attributes
  117. BLOB blobUnauth; // unauthenticated attributes
  118. #ifdef SMIME_V3
  119. BLOB blobReceipt; // Receipt to be returned
  120. BLOB blobHash; // Hash of message
  121. #endif // SMIME_V3
  122. } SignerData;
  124. class CSECURITY_LAYER_DATA : public IUnknown
  125. {
  126. friend class CSMime; // Allow CSMime access to our private data
  127. friend class CCAPIStm; // Allow CCAPIStm access to our private data
  128. public:
  129. CSECURITY_LAYER_DATA(void);
  130. ~CSECURITY_LAYER_DATA(void);
  132. // --------------------------------------------------------------------
  133. // IUnknown
  134. // --------------------------------------------------------------------
  135. STDMETHODIMP QueryInterface(REFIID, LPVOID *);
  136. STDMETHODIMP_(ULONG) AddRef(void);
  137. STDMETHODIMP_(ULONG) Release(void);
  139. //private: // private data
  140. DWORD m_cRef;
  141. DWORD m_dwMsgEnhancement; // sign? encrypt?
  142. BOOL m_fCertInLayer; // TRUE if there is a cert included in this layer
  144. // The following elements exist one for each signer on the current layer
  145. DWORD m_cSigners; // Count of signers
  146. SignerData * m_rgSigners; // Signer Data
  148. // The following items exist to encrypt the current layer
  149. DWORD m_cEncryptItems; // Encrypt Item count
  150. #ifdef SMIME_V3
  151. CRYPT_ALGORITHM_IDENTIFIER m_ContentEncryptAlgorithm; // Content AlgId
  152. void * m_pvEncryptAuxInfo; // Aux info
  153. CMSG_RECIPIENT_ENCODE_INFO * m_rgRecipientInfo; // Array of Recpient Infos
  154. CRYPT_DATA_BLOB m_blobUnprotectAttrs; // Unprotected attributes
  155. HCERTSTORE m_hstoreEncrypt; // Encrypt cert store
  156. #else // !SMIME_V3
  157. EncryptItem * m_rgEncryptItems; // count of Encrypt Items
  158. #endif // SMIME_V3
  160. // The following items exists for a decrypted message
  161. DWORD m_ulDecValidity;
  162. BLOB m_blobDecAlg; // Decryption Algorithm
  163. PCCERT_CONTEXT m_pccertDecrypt; // Decryption Certificate
  165. // These are items common to both encryption and signing
  166. HCERTSTORE m_hcertstor; // message cert store
  167. // Cert Bag for signing
  168. // Originator Info for encryption
  169. //
  171. CSECURITY_LAYER_DATA * m_psldInner; // down link
  172. CSECURITY_LAYER_DATA * m_psldOuter; // up link
  173. };
  174. typedef class CSECURITY_LAYER_DATA SECURITY_LAYER_DATA;
  175. typedef SECURITY_LAYER_DATA * PSECURITY_LAYER_DATA;
  178. // -------------------------------------------------------------------
  179. // SMIMEINFO:
  180. // bidirectional communication struct for passing parameter
  181. // info to/from the en/decode functions
  182. //
  183. // dwMsgEnhancement [inout]
  184. // fCertWithMsg [ver]
  185. // ulMsgValidity [out]
  186. // ietRequested [in]
  187. // -------------------------------------------------------------------
  188. struct SMIMEINFOtag { // si
  189. DWORD dwMsgEnhancement;
  190. PSECURITY_LAYER_DATA psldLayers; // outermost layer
  191. PSECURITY_LAYER_DATA psldEncrypt; // encryption layer
  192. PSECURITY_LAYER_DATA psldInner; // innermost layer
  193. ULONG cStores; // size of rgStores
  194. HCERTSTORE * rgStores; // array of cert stores
  195. BOOL fCertWithMsg;
  196. ULONG ulMsgValidity;
  197. ENCODINGTYPE ietRequested;
  198. HCRYPTPROV hProv;
  199. #ifdef SMIME_V3
  200. LPSTR pszInnerContent; // Inner content (NULL ->> id-data)
  201. DWORD cbInnerContent; // Inner content size if != id-data
  202. LPWSTR pwszKeyPrompt; // Key password prompt
  203. #endif // SMIME_V3
  204. };
  205. typedef struct SMIMEINFOtag SMIMEINFO;
  206. typedef SMIMEINFO *PSMIMEINFO;
  207. typedef const SMIMEINFO *PCSMIMEINFO;
  210. /////////////////////////////////////////////////////////////////////////////
  211. //
  212. // Class begins
  213. //
  215. class CSMime :
  216. public IMimeSecurity
  217. {
  218. public:
  219. //
  220. // ctor and dtor
  221. //
  222. CSMime(void);
  223. ~CSMime();
  225. //
  226. // IUnknown methods
  227. //
  228. STDMETHODIMP QueryInterface(REFIID, LPVOID *);
  229. STDMETHODIMP_(ULONG) AddRef(void);
  230. STDMETHODIMP_(ULONG) Release(void);
  232. //
  233. // IMimeSecurity methods
  234. //
  235. STDMETHODIMP InitNew();
  236. STDMETHODIMP CheckInit();
  238. STDMETHODIMP EncodeMessage(IMimeMessageTree *const pTree, DWORD dwFlags);
  239. STDMETHODIMP DecodeMessage(IMimeMessageTree *const pTree, DWORD dwFlags);
  240. STDMETHODIMP EncodeBody(IMimeMessageTree *const pTree, HBODY hEncodeRoot, DWORD dwFlags);
  241. STDMETHODIMP DecodeBody(IMimeMessageTree *const pTree, HBODY hDecodeRoot, DWORD dwFlags);
  243. STDMETHODIMP EnumCertificates(HCAPICERTSTORE hc, DWORD dwUsage, PCX509CERT pPrev, PCX509CERT *pCert);
  244. STDMETHODIMP GetCertificateName(const PCX509CERT pX509Cert, const CERTNAMETYPE cn, LPSTR *ppszName);
  245. STDMETHODIMP GetMessageType(const HWND hwndParent, IMimeBody *const pBody, DWORD *const pdwSecType);
  247. STDMETHODIMP GetCertData(const PCX509CERT pX509Cert, const CERTDATAID dataid, LPPROPVARIANT pValue);
  249. // Other methods
  250. HRESULT EncodeMessage2(IMimeMessageTree * const pTree, DWORD dwFlags,
  251. HWND hwnd);
  252. HRESULT DecodeMessage2(IMimeMessageTree * const pTree, DWORD dwFlags,
  253. HWND hwnd, IMimeSecurityCallback * pCallback);
  254. HRESULT EncodeBody2(IMimeMessageTree *const pTree, HBODY hEncodeRoot,
  255. DWORD dwFlags, HWND hwnd);
  256. HRESULT DecodeBody2(IMimeMessageTree *const pTree, HBODY hDecodeRoot,
  257. DWORD dwFlags, SMIMEINFO * psiOuterOp, HWND hwnd,
  258. IMimeSecurityCallback * pCallback);
  260. //
  261. // Implementation methods
  262. //
  263. static void UnloadAll(void);
  264. static HRESULT HrGetCertsFromThumbprints(THUMBBLOB *const rgThumbprint, X509CERTRESULT *const pResults);
  265. static HRESULT StaticGetMessageType(HWND hwndParent, IMimeBody *const pBody, DWORD *const pdwSecType);
  267. protected:
  268. static HRESULT StaticCheckInit();
  270. struct CERTARRAY {
  271. DWORD cCerts;
  272. PCCERT_CONTEXT *rgpCerts;
  273. };
  274. typedef CERTARRAY *PCERTARRAY;
  275. typedef const CERTARRAY *PCCERTARRAY;
  277. HRESULT DecodeBody (IMimeMessageTree *const pTree, HBODY hDecodeRoot, DWORD dwFlags, SMIMEINFO * psiOuterOp);
  279. HRESULT HrEncodeOpaque (SMIMEINFO *const psi, IMimeMessageTree *pTree, HBODY hEncodeRoot, IMimeBody *pEncodeRoot, LPSTREAM lpstmOut, HWND hwnd);
  280. HRESULT HrDecodeOpaque (DWORD dwFlags, SMIMEINFO *const psi, IMimeBody *const pBody, IStream *const pstmOut, HWND hwnd, IMimeSecurityCallback * pCallback);
  281. HRESULT HrEncodeClearSigned (SMIMEINFO *const psi, IMimeMessageTree *const pTree, const HBODY hEncodeRoot, IMimeBody *const pEncodeRoot, LPSTREAM lpstmOut, BOOL fCommit, HWND hwnd);
  282. HRESULT HrDecodeClearSigned (DWORD dwFlags, SMIMEINFO *const psi, IMimeMessageTree *const pTree, const HBODY hData, const HBODY hSig, HWND hwnd, IMimeSecurityCallback * pCallback);
  284. static BOOL FSign(const DWORD dwAction)
  285. { return BOOL(dwAction & MST_SIGN_MASK); }
  286. static BOOL FClearSign(const DWORD dwAction)
  287. { return (FSign(dwAction) && !(dwAction & MST_BLOB_FLAG)); }
  288. static BOOL FEncrypt(const DWORD dwAction)
  289. { return BOOL(dwAction & MST_ENCRYPT_MASK); }
  291. static HRESULT HrGetNeededAddresses(const DWORD dwTypes, IMimeMessageTree *pTree, IMimeAddressTable **ppAdrTable, IMimeEnumAddressTypes **ppEnum);
  292. static HRESULT HrGetCertificates(IMimeAddressTable *const pAdrTable, IMimeEnumAddressTypes *pEnum, const DWORD dwType, const BOOL fAlreadyHaveSendersCert, CERTARRAY *rgCerts);
  293. static HRESULT HrGetThumbprints(IMimeEnumAddressTypes *pEnum, const ITHUMBPRINTTYPE ittType, THUMBBLOB *const rgThumbprint);
  294. static HRESULT HrGenerateCertsStatus(X509CERTRESULT *pResults, IMimeAddressTable *const pAdrTable, IMimeEnumAddressTypes *const pEnum, const BOOL fIgnoreSenderError);
  296. HRESULT HrFindUsableCert(HCERTSTORE hCertStore, BYTE dwKeySpec, PCCERT_CONTEXT pPrevCert, PCCERT_CONTEXT *ppCert);
  298. static HRESULT OptionsToSMIMEINFO(BOOL fEncode, IMimeMessageTree *const pmm, IMimeBody *pBody, SMIMEINFO *psi);
  299. static HRESULT SMIMEINFOToOptions(IMimeMessageTree *const pTree, const SMIMEINFO *psi, HBODY hBody);
  300. static HRESULT MergeSMIMEINFO( SMIMEINFO * psiOut, SMIMEINFO * psiInner);
  301. static void FreeSMIMEINFO(SMIMEINFO *psi);
  303. #ifdef DEBUG
  304. void DumpAlgorithms();
  305. #endif
  307. private:
  308. static HRESULT HrInitCAPI();
  309. static void UnloadCAPI();
  311. static HRESULT CAPISTMtoSMIMEINFO(CCAPIStm *pcapistm, SMIMEINFO *psi);
  312. static void MergeSMIMEINFOs(const SMIMEINFO *const psiOuter, SMIMEINFO *const psiInner);
  314. UINT m_cRef;
  315. CRITICAL_SECTION m_cs;
  316. #ifdef MAC
  317. static CAPIfuncs ms_CAPI;
  318. static LPCSTR ms_rgszFuncNames[];
  319. #endif // MAC
  320. };
  322. inline BOOL IsOpaqueSecureContentType(IMimePropertySet *pSet)
  323. {
  324. return (
  325. S_OK == pSet->IsContentType(STR_CNT_APPLICATION, STR_SUB_XPKCS7MIME) ||
  326. S_OK == pSet->IsContentType(STR_CNT_APPLICATION, STR_SUB_PKCS7MIME));
  327. }
  329. inline BOOL IsSecureContentType(IMimePropertySet *pSet)
  330. {
  331. return (
  332. S_OK == pSet->IsContentType(STR_CNT_MULTIPART, STR_SUB_SIGNED) ||
  333. IsOpaqueSecureContentType(pSet));
  334. }
  336. BOOL IsSMimeProtocol(LPMIMEPROPERTYSET lpPropSet);
  338. #ifdef SMIME_V3
  339. void FreeRecipientInfoContent(PCMS_RECIPIENT_INFO pRecipInfo);
  340. HRESULT HrCopyOID(LPCSTR psz, LPSTR * ppsz);
  341. HRESULT HrCopyCryptDataBlob(const CRYPT_DATA_BLOB * pblobSrc, PCRYPT_DATA_BLOB pblobDst);
  342. HRESULT HrCopyCryptBitBlob(const CRYPT_BIT_BLOB * pblobSrc, PCRYPT_BIT_BLOB pblobDst);
  343. HRESULT HrCopyCryptAlgorithm(const CRYPT_ALGORITHM_IDENTIFIER * pAlgSrc,
  344. PCRYPT_ALGORITHM_IDENTIFIER pAlgDst);
  345. HRESULT HrCopyCertId(const CERT_ID * pcertidSrc, PCERT_ID pcertidDst);
  346. #endif // SMIME_V3
  348. #endif // _SMIME_H