You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1865 lines
50 KiB
1865 lines
50 KiB
/*===================================================================
|
|
Microsoft Denali
|
|
|
|
Microsoft Confidential.
|
|
Copyright 1996 Microsoft Corporation. All Rights Reserved.
|
|
|
|
Component: Request, Response objects
|
|
|
|
File: clcert.cpp
|
|
|
|
Owner: DGottner
|
|
|
|
This file contains the code for the implementation of the
|
|
Request.ClientCertificate
|
|
===================================================================*/
|
|
|
|
#include "denpre.h"
|
|
#pragma hdrstop
|
|
|
|
#include <schnlsp.h>
|
|
|
|
#include "objbase.h"
|
|
#include "request.h"
|
|
#include "clcert.h"
|
|
|
|
#include "memchk.h"
|
|
|
|
#pragma warning (disable: 4355) // ignore: "'this' used in base member init
|
|
|
|
#define UUENCODEDSIZE(a) ((((a)+3)*4)/3+1)
|
|
|
|
#define BLOB_AS_ARRAY
|
|
|
|
HRESULT
|
|
SetVariantAsByteArray(
|
|
VARIANT* pvarReturn,
|
|
DWORD cbLen,
|
|
LPBYTE pbIn
|
|
);
|
|
|
|
//
|
|
// Taken from NCSA HTTP and wwwlib.
|
|
//
|
|
// NOTE: These conform to RFC1113, which is slightly different then the Unix
|
|
// uuencode and uudecode!
|
|
//
|
|
|
|
const int _pr2six[256]={
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,62,64,64,64,63,
|
|
52,53,54,55,56,57,58,59,60,61,64,64,64,64,64,64,64,0,1,2,3,4,5,6,7,8,9,
|
|
10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,64,64,64,64,64,64,26,27,
|
|
28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64
|
|
};
|
|
|
|
char _six2pr[64] = {
|
|
'A','B','C','D','E','F','G','H','I','J','K','L','M',
|
|
'N','O','P','Q','R','S','T','U','V','W','X','Y','Z',
|
|
'a','b','c','d','e','f','g','h','i','j','k','l','m',
|
|
'n','o','p','q','r','s','t','u','v','w','x','y','z',
|
|
'0','1','2','3','4','5','6','7','8','9','+','/'
|
|
};
|
|
|
|
const int _pr2six64[256]={
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15,
|
|
16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,
|
|
40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,
|
|
0,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
|
|
64,64,64,64,64,64,64,64,64,64,64,64,64
|
|
};
|
|
|
|
char _six2pr64[64] = {
|
|
'`','!','"','#','$','%','&','\'','(',')','*','+',',',
|
|
'-','.','/','0','1','2','3','4','5','6','7','8','9',
|
|
':',';','<','=','>','?','@','A','B','C','D','E','F',
|
|
'G','H','I','J','K','L','M','N','O','P','Q','R','S',
|
|
'T','U','V','W','X','Y','Z','[','\\',']','^','_'
|
|
};
|
|
|
|
/*------------------------------------------------------------------
|
|
* X B F
|
|
*/
|
|
|
|
BOOL XBF::Extend( int cA )
|
|
{
|
|
if ( cA > m_cAlloc )
|
|
{
|
|
int cNew = (( cA + XBF_EXTEND )/XBF_EXTEND)*XBF_EXTEND;
|
|
LPSTR pN = (LPSTR)malloc( cNew );
|
|
if ( pN == NULL )
|
|
{
|
|
return FALSE;
|
|
}
|
|
if ( m_cSize )
|
|
{
|
|
memcpy( pN, m_pV, m_cSize );
|
|
}
|
|
if ( m_cAlloc )
|
|
{
|
|
free( m_pV );
|
|
}
|
|
m_pV = pN;
|
|
m_cAlloc = cNew;
|
|
}
|
|
return TRUE;
|
|
}
|
|
|
|
/*------------------------------------------------------------------
|
|
* C C l C e r t S u p p o r t E r r
|
|
*/
|
|
|
|
/*===================================================================
|
|
CClCertSupportErr::CClCertSupportErr
|
|
|
|
constructor
|
|
===================================================================*/
|
|
|
|
CClCertSupportErr::CClCertSupportErr(CClCert *pClCert)
|
|
{
|
|
m_pClCert = pClCert;
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CClCertSupportErr::QueryInterface
|
|
CClCertSupportErr::AddRef
|
|
CClCertSupportErr::Release
|
|
|
|
Delegating IUnknown members for CClCertSupportErr object.
|
|
===================================================================*/
|
|
|
|
STDMETHODIMP CClCertSupportErr::QueryInterface(const IID &idInterface, void **ppvObj)
|
|
{
|
|
return m_pClCert->QueryInterface(idInterface, ppvObj);
|
|
}
|
|
|
|
STDMETHODIMP_(ULONG) CClCertSupportErr::AddRef()
|
|
{
|
|
return m_pClCert->AddRef();
|
|
}
|
|
|
|
STDMETHODIMP_(ULONG) CClCertSupportErr::Release()
|
|
{
|
|
return m_pClCert->Release();
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CClCertSupportErr::InterfaceSupportsErrorInfo
|
|
|
|
Report back to OA about which interfaces we support that return
|
|
error information
|
|
===================================================================*/
|
|
|
|
STDMETHODIMP CClCertSupportErr::InterfaceSupportsErrorInfo(const GUID &idInterface)
|
|
{
|
|
if (idInterface == IID_IDispatch)
|
|
return S_OK;
|
|
|
|
return S_FALSE;
|
|
}
|
|
|
|
|
|
|
|
/*------------------------------------------------------------------
|
|
* C R e a d C l C e r t
|
|
*/
|
|
|
|
/*===================================================================
|
|
CReadClCert::CReadClCert
|
|
|
|
constructor
|
|
===================================================================*/
|
|
|
|
CReadClCert::CReadClCert(CClCert *pClCert)
|
|
{
|
|
m_pClCert = pClCert;
|
|
CDispatch::Init(IID_IRequestDictionary);
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CReadClCert::QueryInterface
|
|
CReadClCert::AddRef
|
|
CReadClCert::Release
|
|
|
|
Delegating IUnknown members for CReadClCert object.
|
|
===================================================================*/
|
|
|
|
STDMETHODIMP CReadClCert::QueryInterface(const IID &idInterface, void **ppvObj)
|
|
{
|
|
return m_pClCert->QueryInterface(idInterface, ppvObj);
|
|
}
|
|
|
|
STDMETHODIMP_(ULONG) CReadClCert::AddRef()
|
|
{
|
|
return m_pClCert->AddRef();
|
|
}
|
|
|
|
STDMETHODIMP_(ULONG) CReadClCert::Release()
|
|
{
|
|
return m_pClCert->Release();
|
|
}
|
|
|
|
|
|
/*===================================================================
|
|
CReadClCert::get_Item
|
|
|
|
Retrieve a value in the clcert dictionary.
|
|
===================================================================*/
|
|
|
|
STDMETHODIMP CReadClCert::get_Item(VARIANT varKey, VARIANT *pVarReturn)
|
|
{
|
|
VariantInit(pVarReturn); // default return value is Empty
|
|
VARIANT *pvarKey = &varKey;
|
|
HRESULT hres;
|
|
|
|
// BUG 937: VBScript passes VT_VARIANT|VT_BYREF when passing obect
|
|
// produced by IEnumVariant
|
|
//
|
|
// Use VariantResolveDispatch which will:
|
|
//
|
|
// * Copy BYREF variants for us using VariantCopyInd
|
|
// * handle E_OUTOFMEMORY for us
|
|
// * get the default value from an IDispatch, which seems
|
|
// like an appropriate conversion.
|
|
//
|
|
VARIANT varKeyCopy;
|
|
VariantInit(&varKeyCopy);
|
|
if (V_VT(pvarKey) != VT_BSTR) {
|
|
if (FAILED(VariantResolveDispatch(&varKeyCopy, &varKey, IID_IRequestDictionary, IDE_REQUEST)))
|
|
goto LExit;
|
|
|
|
pvarKey = &varKeyCopy;
|
|
}
|
|
|
|
switch (V_VT(pvarKey)) {
|
|
case VT_BSTR:
|
|
break;
|
|
|
|
case VT_ERROR:
|
|
if (V_ERROR(pvarKey) == DISP_E_PARAMNOTFOUND) {
|
|
// simple value, URLEncoding NOT a good idea in this case
|
|
if (m_pClCert->m_szValue) {
|
|
V_VT(pVarReturn) = VT_BSTR;
|
|
switch( m_pClCert->m_veType ) {
|
|
case VT_BSTR: {
|
|
BSTR bstrT;
|
|
if ( FAILED(SysAllocStringFromSz(m_pClCert->m_szValue, 0, &bstrT )) ) {
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
VariantClear(&varKeyCopy);
|
|
return E_FAIL;
|
|
}
|
|
V_BSTR(pVarReturn) = bstrT;
|
|
break;
|
|
}
|
|
|
|
case VT_DATE:
|
|
V_VT(pVarReturn) = VT_DATE;
|
|
V_DATE(pVarReturn) = *(UNALIGNED64 DATE*)m_pClCert->m_szValue;
|
|
break;
|
|
|
|
case VT_I4:
|
|
V_VT(pVarReturn) = VT_I4;
|
|
V_I4(pVarReturn) = *(UNALIGNED64 DWORD*)m_pClCert->m_szValue;
|
|
break;
|
|
|
|
case VT_BLOB:
|
|
#if defined(BLOB_AS_ARRAY)
|
|
if ( FAILED( hres = SetVariantAsByteArray( pVarReturn,
|
|
m_pClCert->m_cLen,
|
|
(LPBYTE)m_pClCert->m_szValue ) ) ) {
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
VariantClear(&varKeyCopy);
|
|
return hres;
|
|
}
|
|
#else
|
|
V_BSTR(pVarReturn) = SysAllocStringByteLen(m_pClCert->m_szValue, m_pClCert->m_cLen );
|
|
#endif
|
|
break;
|
|
|
|
default:
|
|
Assert( FALSE );
|
|
}
|
|
}
|
|
|
|
// dictionary value, must URLEncode to prevent '&', '=' from being misinterpreted
|
|
else {
|
|
}
|
|
|
|
VariantClear(&varKeyCopy);
|
|
return S_OK;
|
|
}
|
|
|
|
default:
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_EXPECTING_STR);
|
|
VariantClear(&varKeyCopy);
|
|
return E_FAIL;
|
|
}
|
|
LExit:
|
|
VariantClear(&varKeyCopy);
|
|
return S_OK;
|
|
}
|
|
|
|
/*===================================================================
|
|
CReadClCert::get_Key
|
|
|
|
Function called from DispInvoke to get keys from the QueryString collection.
|
|
|
|
Parameters:
|
|
vKey VARIANT [in], which parameter to get the key of
|
|
pvarReturn VARIANT *, [out] value of the requested parameter
|
|
|
|
Returns:
|
|
S_OK on success, E_FAIL on failure.
|
|
===================================================================*/
|
|
|
|
HRESULT CReadClCert::get_Key(VARIANT varKey, VARIANT *pVar)
|
|
{
|
|
return E_NOTIMPL;
|
|
}
|
|
|
|
/*===================================================================
|
|
CReadClCert::get_Count
|
|
|
|
Parameters:
|
|
pcValues - count is stored in *pcValues
|
|
===================================================================*/
|
|
|
|
STDMETHODIMP CReadClCert::get_Count(int *pcValues)
|
|
{
|
|
HRESULT hrReturn = S_OK;
|
|
|
|
*pcValues = 0;
|
|
|
|
return hrReturn;
|
|
}
|
|
|
|
/*===================================================================
|
|
CReadClCert::get__NewEnum
|
|
|
|
Return an enumerator object.
|
|
===================================================================*/
|
|
|
|
STDMETHODIMP CReadClCert::get__NewEnum(IUnknown **ppEnum)
|
|
{
|
|
*ppEnum = NULL;
|
|
return E_NOTIMPL;
|
|
}
|
|
|
|
|
|
|
|
/*------------------------------------------------------------------
|
|
* C C l C e r t
|
|
*/
|
|
|
|
/*===================================================================
|
|
CClCert::CClCert
|
|
|
|
constructor
|
|
===================================================================*/
|
|
|
|
CClCert::CClCert(IUnknown *pUnkOuter, PFNDESTROYED pfnDestroy)
|
|
: m_ReadClCertInterface(this),
|
|
m_ClCertSupportErrorInfo(this)
|
|
{
|
|
m_szValue = NULL;
|
|
m_veType = VT_BSTR;
|
|
m_pfnDestroy = pfnDestroy;
|
|
m_cRefs = 1;
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CClCert::~CClCert
|
|
|
|
Destructor
|
|
===================================================================*/
|
|
|
|
CClCert::~CClCert()
|
|
{
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CClCert::Init
|
|
|
|
initialize the clcert. This initializes the clcert's value hashing
|
|
table
|
|
===================================================================*/
|
|
|
|
HRESULT CClCert::Init()
|
|
{
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CClCert::QueryInterface
|
|
CClCert::AddRef
|
|
CClCert::Release
|
|
|
|
IUnknown members for CClCert object.
|
|
|
|
Note on CClCert::QueryInterface: The Query for IDispatch is
|
|
ambiguous because it can either refer to DIRequestDictionary or
|
|
DIWriteClCert. To resolve this, we resolve requests for IDispatch
|
|
to IRequestDictionary.
|
|
===================================================================*/
|
|
|
|
STDMETHODIMP CClCert::QueryInterface(const IID &idInterface, void **ppvObj)
|
|
{
|
|
if (idInterface == IID_IUnknown)
|
|
*ppvObj = this;
|
|
|
|
else if (idInterface == IID_IRequestDictionary || idInterface == IID_IDispatch)
|
|
*ppvObj = &m_ReadClCertInterface;
|
|
|
|
else if (idInterface == IID_ISupportErrorInfo)
|
|
*ppvObj = &m_ClCertSupportErrorInfo;
|
|
|
|
else
|
|
*ppvObj = NULL;
|
|
|
|
if (*ppvObj != NULL)
|
|
{
|
|
static_cast<IUnknown *>(*ppvObj)->AddRef();
|
|
return S_OK;
|
|
}
|
|
|
|
return ResultFromScode(E_NOINTERFACE);
|
|
}
|
|
|
|
|
|
STDMETHODIMP_(ULONG) CClCert::AddRef()
|
|
{
|
|
return ++m_cRefs;
|
|
}
|
|
|
|
|
|
STDMETHODIMP_(ULONG) CClCert::Release(void)
|
|
{
|
|
if (--m_cRefs != 0)
|
|
return m_cRefs;
|
|
|
|
if (m_pfnDestroy != NULL)
|
|
(*m_pfnDestroy)();
|
|
|
|
delete this;
|
|
return 0;
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CClCert::AddValue
|
|
|
|
Set the clcert's primary value. One you set the primary value,
|
|
you can't reset it.
|
|
===================================================================*/
|
|
|
|
HRESULT CClCert::AddValue(char *szValue, VARENUM ve, UINT l )
|
|
{
|
|
if (m_szValue != NULL) // clcert already is marked as single-valued
|
|
return E_FAIL;
|
|
|
|
m_szValue = szValue;
|
|
|
|
m_veType = ve;
|
|
m_cLen = l;
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CClCert::GetHTTPClCertSize
|
|
|
|
Return the number of bytes required for the expansion of the clcert
|
|
===================================================================*/
|
|
|
|
size_t CClCert::GetHTTPClCertSize()
|
|
{
|
|
if (m_szValue)
|
|
return URLEncodeLen(m_szValue);
|
|
else
|
|
return 1;
|
|
}
|
|
|
|
|
|
/*===================================================================
|
|
CClCert::GetHTTPClCert
|
|
|
|
Return the URL Encoded value a single clcert
|
|
|
|
Parameters:
|
|
szBuffer - pointer to the destination buffer to store the
|
|
URL encoded value
|
|
|
|
Returns:
|
|
Returns a pointer to the terminating NUL character.
|
|
===================================================================*/
|
|
|
|
char *CClCert::GetHTTPClCert(char *szBuffer)
|
|
{
|
|
if (m_szValue)
|
|
return URLEncode(szBuffer, m_szValue);
|
|
|
|
else
|
|
{
|
|
char *szDest = szBuffer;
|
|
*szDest = '\0';
|
|
|
|
return szDest;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CClCert::GetClCertHeaderSize
|
|
|
|
Return the number of bytes required to allocate for the "Set-ClCert" header.
|
|
|
|
Parameters:
|
|
szName - the name of the cookie (the size of the name is added to the value)
|
|
|
|
Returns:
|
|
Returns 0 if *this does not contain a cookie value.
|
|
===================================================================*/
|
|
|
|
size_t CClCert::GetClCertHeaderSize(const char *szName)
|
|
{
|
|
int cbClCert = sizeof "Set-ClCert: "; // initialize and add NUL terminator now
|
|
|
|
// Add size of the URL Encoded name, a character for the '=', and the size
|
|
// of the URL Encoded cookie value. URLEncodeLen, and GetHttpClCertSize
|
|
// compensate for the NUL terminator, so we actually SUBTRACT 1. (-2 for
|
|
// these two function calls, +1 for the '=' sign
|
|
//
|
|
cbClCert += URLEncodeLen(szName) + GetHTTPClCertSize() - 1;
|
|
|
|
return cbClCert;
|
|
}
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CClCert::GetClCertHeader
|
|
|
|
Construct the appropriate "Set-ClCert" header for a clcert.
|
|
|
|
Parameters:
|
|
szName - the name of the clcert (the size of the name is added to the value)
|
|
|
|
Returns:
|
|
Returns 0 if *this does not contain a clcert value.
|
|
===================================================================*/
|
|
|
|
char *CClCert::GetClCertHeader(const char *szName, char *szBuffer)
|
|
{
|
|
// write out the clcert name and value
|
|
//
|
|
char *szDest = strcpyExA(szBuffer, "Set-ClCert: ");
|
|
szDest = URLEncode(szDest, szName);
|
|
szDest = strcpyExA(szDest, "=");
|
|
szDest = GetHTTPClCert(szDest);
|
|
|
|
return szDest;
|
|
}
|
|
|
|
|
|
|
|
/*------------------------------------------------------------------
|
|
* C C e r t R e q u e s t
|
|
*/
|
|
|
|
|
|
/*===================================================================
|
|
CCertRequest::AddStringPair
|
|
|
|
Add a string element in the collection
|
|
|
|
Parameters:
|
|
Source - variable type ( CLCERT, COOKIE, ... )
|
|
szName - name of element
|
|
szValue - ptr to value as string
|
|
pxbf - ptr to buffer where to store name
|
|
|
|
Returns:
|
|
S_OK if success, E_OUTOFMEMORY or E_FAIL otherwise
|
|
===================================================================*/
|
|
|
|
HRESULT
|
|
CCertRequest::AddStringPair(
|
|
CollectionType Source,
|
|
LPSTR szName,
|
|
LPSTR szValue,
|
|
XBF *pxbf,
|
|
BOOL fDuplicate,
|
|
UINT lCodePage
|
|
)
|
|
{
|
|
HRESULT hResult;
|
|
CRequestHit *pReqHit;
|
|
|
|
if ( fDuplicate )
|
|
{
|
|
if ( (szValue = pxbf->AddStringZ( szValue )) == NULL )
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
}
|
|
|
|
if (FAILED(hResult = AddName( szName, &pReqHit, pxbf)))
|
|
{
|
|
if ( hResult == E_FAIL )
|
|
{
|
|
// assume duplicate value found
|
|
// if out of memore, OUT_OF_MEMORY would have been returned
|
|
|
|
hResult = S_OK;
|
|
}
|
|
return hResult;
|
|
}
|
|
|
|
if (FAILED(hResult = pReqHit->AddValue( Source, szValue, NULL, lCodePage )))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
/*===================================================================
|
|
CCertRequest::AddDatePair
|
|
|
|
Add a date element in the collection
|
|
|
|
Parameters:
|
|
Source - variable type ( CLCERT, COOKIE, ... )
|
|
szName - name of element
|
|
pValue - ptr to date as FILETIME
|
|
pxbf - ptr to buffer where to store name
|
|
|
|
Returns:
|
|
S_OK if success, E_OUTOFMEMORY or E_FAIL otherwise
|
|
===================================================================*/
|
|
|
|
HRESULT
|
|
CCertRequest::AddDatePair(
|
|
CollectionType Source,
|
|
LPSTR szName,
|
|
FILETIME* pValue,
|
|
XBF *pxbf
|
|
)
|
|
{
|
|
HRESULT hResult;
|
|
CRequestHit *pReqHit;
|
|
DATE Date;
|
|
SYSTEMTIME st;
|
|
LPBYTE pVal;
|
|
|
|
if ( !FileTimeToSystemTime( pValue, &st ) )
|
|
{
|
|
return E_FAIL;
|
|
}
|
|
|
|
SystemTimeToVariantTime( &st, &Date );
|
|
|
|
if ( (pVal = (LPBYTE)pxbf->AddBlob( (LPSTR)&Date, sizeof(Date) )) == NULL )
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
if (FAILED(hResult = AddName( szName, &pReqHit, pxbf)))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
if (FAILED(hResult = pReqHit->AddCertValue( VT_DATE, pVal, sizeof(Date) )))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CCertRequest::AddDwordPair
|
|
|
|
Add a DWORD element in the collection
|
|
|
|
Parameters:
|
|
Source - variable type ( CLCERT, COOKIE, ... )
|
|
szName - name of element
|
|
pValue - ptr to date as DWORD
|
|
pxbf - ptr to buffer where to store name
|
|
|
|
Returns:
|
|
S_OK if success, E_OUTOFMEMORY or E_FAIL otherwise
|
|
===================================================================*/
|
|
|
|
HRESULT
|
|
CCertRequest::AddDwordPair(
|
|
CollectionType Source,
|
|
LPSTR szName,
|
|
DWORD* pValue,
|
|
XBF *pxbf
|
|
)
|
|
{
|
|
HRESULT hResult;
|
|
CRequestHit *pReqHit;
|
|
LPBYTE pVal;
|
|
|
|
if ( (pVal = (LPBYTE)pxbf->AddBlob( (LPSTR)pValue, sizeof(DWORD) )) == NULL )
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
if (FAILED(hResult = AddName( szName, &pReqHit, pxbf)))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
if (FAILED(hResult = pReqHit->AddCertValue( VT_I4, pVal, sizeof(DWORD) )))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
|
|
|
|
/*===================================================================
|
|
CCertRequest::AddBinaryPair
|
|
|
|
Add a binary element in the collection
|
|
Each byte is converted to UNICODE character so that mid() & asc() work
|
|
|
|
Parameters:
|
|
Source - variable type ( CLCERT, COOKIE, ... )
|
|
szName - name of element
|
|
pValue - ptr to value as byte array
|
|
cValue - # of bytes pointed to by pValue
|
|
pxbf - ptr to buffer where to store name
|
|
|
|
Returns:
|
|
S_OK if success, E_OUTOFMEMORY or E_FAIL otherwise
|
|
===================================================================*/
|
|
|
|
HRESULT
|
|
CCertRequest::AddBinaryPair(
|
|
CollectionType Source,
|
|
LPSTR szName,
|
|
LPBYTE pValue,
|
|
DWORD cValue,
|
|
XBF *pxbf,
|
|
UINT lCodePage
|
|
)
|
|
{
|
|
HRESULT hResult;
|
|
CRequestHit *pReqHit;
|
|
LPBYTE pVal;
|
|
|
|
#if defined(BLOB_AS_ARRAY)
|
|
|
|
if ( (pVal = (LPBYTE)pxbf->ReserveRange( cValue )) == NULL )
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
memcpy( pVal, pValue, cValue );
|
|
|
|
pxbf->SkipRange( cValue );
|
|
|
|
if (FAILED(hResult = AddName( szName, &pReqHit, pxbf)))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
if (FAILED(hResult = pReqHit->AddCertValue( VT_BLOB, pVal, cValue )))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
#else
|
|
|
|
if ( (pVal = (LPBYTE)pxbf->ReserveRange( cValue * sizeof(WCHAR), sizeof(WCHAR))) == NULL )
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
if ( !(cValue = MultiByteToWideChar( lCodePage, 0, (LPSTR)pValue, cValue, (WCHAR*)pVal, cValue)) )
|
|
{
|
|
return E_FAIL;
|
|
}
|
|
|
|
pxbf->SkipRange( cValue * sizeof(WCHAR), sizeof(WCHAR));
|
|
|
|
if (FAILED(hResult = AddName( szName, &pReqHit, pxbf)))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
if (FAILED(hResult = pReqHit->AddCertValue( VT_BLOB, pVal, cValue * sizeof(WCHAR) )))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
#endif
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
BOOL IISuuencode( BYTE * bufin,
|
|
DWORD nbytes,
|
|
BYTE * outptr,
|
|
BOOL fBase64 )
|
|
{
|
|
unsigned int i;
|
|
char *six2pr = fBase64 ? _six2pr64 : _six2pr;
|
|
|
|
for (i=0; i<nbytes; i += 3) {
|
|
*(outptr++) = six2pr[*bufin >> 2]; /* c1 */
|
|
*(outptr++) = six2pr[((*bufin << 4) & 060) | ((bufin[1] >> 4) & 017)]; /*c2*/
|
|
*(outptr++) = six2pr[((bufin[1] << 2) & 074) | ((bufin[2] >> 6) & 03)];/*c3*/
|
|
*(outptr++) = six2pr[bufin[2] & 077]; /* c4 */
|
|
|
|
bufin += 3;
|
|
}
|
|
|
|
/* If nbytes was not a multiple of 3, then we have encoded too
|
|
* many characters. Adjust appropriately.
|
|
*/
|
|
if(i == nbytes+1) {
|
|
/* There were only 2 bytes in that last group */
|
|
outptr[-1] = '=';
|
|
} else if(i == nbytes+2) {
|
|
/* There was only 1 byte in that last group */
|
|
outptr[-1] = '=';
|
|
outptr[-2] = '=';
|
|
}
|
|
|
|
*outptr = '\0';
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
/*===================================================================
|
|
CCertRequest::AddUuBinaryPair
|
|
|
|
Add a binary element in the collection
|
|
buffer is uuencoded then converted to UNICODE character so that mid() & asc() work
|
|
|
|
Parameters:
|
|
Source - variable type ( CLCERT, COOKIE, ... )
|
|
szName - name of element
|
|
pValue - ptr to value as byte array
|
|
cValue - # of bytes pointed to by pValue
|
|
pxbf - ptr to buffer where to store name
|
|
|
|
Returns:
|
|
S_OK if success, E_OUTOFMEMORY or E_FAIL otherwise
|
|
===================================================================*/
|
|
|
|
HRESULT
|
|
CCertRequest::AddUuBinaryPair(
|
|
CollectionType Source,
|
|
LPSTR szName,
|
|
LPBYTE pValue,
|
|
DWORD cValue,
|
|
XBF *pxbf,
|
|
UINT lCodePage
|
|
)
|
|
{
|
|
HRESULT hResult;
|
|
CRequestHit *pReqHit;
|
|
LPBYTE pVal;
|
|
|
|
if ( (pVal = (LPBYTE)pxbf->ReserveRange( UUENCODEDSIZE(cValue) )) == NULL )
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
if ( !IISuuencode( (LPBYTE)pValue, cValue, pVal, FALSE ) )
|
|
{
|
|
return E_FAIL;
|
|
}
|
|
|
|
Assert( (strlen((LPSTR)pVal)+1) <= UUENCODEDSIZE(cValue) );
|
|
|
|
pxbf->SkipRange( strlen((LPSTR)pVal)+1 );
|
|
|
|
if (FAILED(hResult = AddName( szName, &pReqHit, pxbf)))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
if (FAILED(hResult = pReqHit->AddValue( Source, (LPSTR)pVal, NULL, lCodePage )))
|
|
{
|
|
return hResult;
|
|
}
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
/*===================================================================
|
|
CCertRequest::AddName
|
|
|
|
Add a named entry to the collection
|
|
|
|
Parameters:
|
|
szName - name of entry
|
|
ppReqHit - updated with ptr to created entry
|
|
pxbf - ptr to buffer where to store name
|
|
|
|
Returns:
|
|
S_OK if success, E_OUTOFMEMORY or E_FAIL otherwise
|
|
===================================================================*/
|
|
|
|
HRESULT
|
|
CCertRequest::AddName(
|
|
LPSTR szName,
|
|
CRequestHit **ppReqHit,
|
|
XBF *pxbf
|
|
)
|
|
{
|
|
if ( (szName = pxbf->AddStringZ( szName )) == NULL )
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
// Add this object to the Request
|
|
CRequestHit *pRequestHit = (CRequestHit *)(pReq->CertStoreFindElem(szName, strlen(szName)));
|
|
if (pRequestHit == NULL)
|
|
{
|
|
pRequestHit = new CRequestHit;
|
|
if (pRequestHit == NULL)
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
if (FAILED(pRequestHit->Init(szName)))
|
|
{
|
|
delete pRequestHit;
|
|
return E_FAIL;
|
|
}
|
|
|
|
pReq->CertStoreAddElem( (CLinkElem*) pRequestHit );
|
|
}
|
|
else if (pRequestHit->m_pClCertData) // a clcert by this name already exists
|
|
{
|
|
return E_FAIL;
|
|
}
|
|
|
|
if (!pReq->m_pData->m_ClCerts.AddRequestHit(pRequestHit))
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
*ppReqHit = pRequestHit;
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
typedef struct _MAP_ASN {
|
|
LPSTR pAsnName;
|
|
LPSTR pTextName;
|
|
} MAP_ASN;
|
|
|
|
|
|
//
|
|
// definition of ASN.1 <> X.509 name conversion
|
|
//
|
|
|
|
MAP_ASN aMapAsn[] = {
|
|
{ szOID_COUNTRY_NAME, "C" },
|
|
{ szOID_ORGANIZATION_NAME, "O" },
|
|
{ szOID_ORGANIZATIONAL_UNIT_NAME, "OU" },
|
|
{ szOID_COMMON_NAME, "CN" },
|
|
{ szOID_LOCALITY_NAME, "L" },
|
|
{ szOID_STATE_OR_PROVINCE_NAME, "S" },
|
|
{ szOID_TITLE, "T" },
|
|
{ szOID_GIVEN_NAME, "GN" },
|
|
{ szOID_INITIALS, "I" },
|
|
{ "1.2.840.113549.1.9.1", "EMAIL" },
|
|
} ;
|
|
|
|
|
|
LPSTR MapAsnName(
|
|
LPSTR pAsnName
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Convert ASN.1 name ( as ANSI string ) to X.509 member name
|
|
|
|
Arguments:
|
|
|
|
pAsnName - ASN.1 name
|
|
|
|
Return Value:
|
|
|
|
ptr to converted name if ASN.1 name was recognized, else ASN.1 name
|
|
|
|
--*/
|
|
{
|
|
UINT x;
|
|
for ( x = 0 ; x < sizeof(aMapAsn)/sizeof(MAP_ASN) ; ++x )
|
|
{
|
|
if ( !strcmp( pAsnName, aMapAsn[x].pAsnName ) )
|
|
{
|
|
return aMapAsn[x].pTextName;
|
|
}
|
|
}
|
|
|
|
return pAsnName;
|
|
}
|
|
|
|
|
|
BOOL
|
|
DecodeRdn(
|
|
CERT_NAME_BLOB* pNameBlob,
|
|
PCERT_NAME_INFO* ppNameInfo
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Create a PNAME_INFO from PNAME_BLOB
|
|
|
|
Arguments:
|
|
|
|
pNameBlob - ptr to name blob to decode
|
|
ppNameInfo - updated with ptr to name info
|
|
|
|
Return Value:
|
|
|
|
TRUE on success, FALSE on failure
|
|
|
|
--*/
|
|
{
|
|
PCERT_NAME_INFO pNameInfo = NULL;
|
|
DWORD cbNameInfo;
|
|
|
|
if (!CryptDecodeObject(X509_ASN_ENCODING,
|
|
(LPCSTR)X509_NAME,
|
|
pNameBlob->pbData,
|
|
pNameBlob->cbData,
|
|
0,
|
|
NULL,
|
|
&cbNameInfo))
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_CERTIFICATE_BAD_CERT);
|
|
return FALSE;
|
|
}
|
|
|
|
if (NULL == (pNameInfo = (PCERT_NAME_INFO)malloc(cbNameInfo)))
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
return FALSE;
|
|
}
|
|
|
|
if (!CryptDecodeObject(X509_ASN_ENCODING,
|
|
(LPCSTR)X509_NAME,
|
|
pNameBlob->pbData,
|
|
pNameBlob->cbData,
|
|
0,
|
|
pNameInfo,
|
|
&cbNameInfo))
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_CERTIFICATE_BAD_CERT);
|
|
free( pNameInfo );
|
|
return FALSE;
|
|
}
|
|
|
|
*ppNameInfo = pNameInfo;
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
|
|
VOID
|
|
FreeDecodedRdn(
|
|
PCERT_NAME_INFO pNameInfo
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Free a PNAME_BLOB created by DecodeRdn()
|
|
|
|
Arguments:
|
|
|
|
pNameInfo - ptr to name info created by DecodeRdn()
|
|
|
|
Return Value:
|
|
|
|
None
|
|
|
|
--*/
|
|
{
|
|
free( pNameInfo );
|
|
}
|
|
|
|
|
|
BOOL
|
|
BuildRdnList(
|
|
PCERT_NAME_INFO pNameInfo,
|
|
XBF* pxbf,
|
|
BOOL fXt
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Build a clear text representation of the Rdn list in pNameInfo
|
|
Format as "C=US, O=Ms, CN=name"
|
|
|
|
Arguments:
|
|
|
|
pNameInfo - ptr to name info
|
|
pxbf - ptr to buffer receiving output
|
|
fXt - TRUE if buffer to be extended, FALSE does not extend ( buffer
|
|
must be big enough before calling this function or FALSE will
|
|
be returned )
|
|
|
|
Return Value:
|
|
|
|
TRUE on success, FALSE on failure
|
|
|
|
--*/
|
|
{
|
|
DWORD cRDN;
|
|
DWORD cAttr;
|
|
PCERT_RDN pRDN;
|
|
PCERT_RDN_ATTR pAttr;
|
|
BOOL fFirst = TRUE;
|
|
|
|
for (cRDN = pNameInfo->cRDN, pRDN = pNameInfo->rgRDN; cRDN > 0; cRDN--, pRDN++)
|
|
{
|
|
for ( cAttr = pRDN->cRDNAttr, pAttr = pRDN->rgRDNAttr ; cAttr > 0 ; cAttr--, ++pAttr )
|
|
{
|
|
if ( !fFirst )
|
|
{
|
|
if ( !pxbf->AddBlob( ", ", sizeof(", ")-1, fXt ) )
|
|
{
|
|
return FALSE;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
fFirst = FALSE;
|
|
}
|
|
|
|
if ( pAttr->dwValueType == CERT_RDN_UNICODE_STRING )
|
|
{
|
|
INT iRet;
|
|
BYTE abBuffer[ 512 ];
|
|
DWORD cbNameBuffer;
|
|
PBYTE pNameBuffer = NULL;
|
|
|
|
//
|
|
// Need to convert unicode string to MBCS :(
|
|
//
|
|
|
|
iRet = WideCharToMultiByte( CP_ACP,
|
|
0,
|
|
(LPWSTR) pAttr->Value.pbData,
|
|
-1,
|
|
NULL,
|
|
0,
|
|
NULL,
|
|
NULL );
|
|
|
|
if ( !iRet )
|
|
{
|
|
return FALSE;
|
|
}
|
|
else
|
|
{
|
|
cbNameBuffer = (DWORD) iRet;
|
|
if ( (DWORD) iRet > sizeof( abBuffer ) )
|
|
{
|
|
pNameBuffer = (PBYTE) LocalAlloc( LPTR,
|
|
(DWORD) iRet );
|
|
if ( !pNameBuffer )
|
|
{
|
|
return FALSE;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
pNameBuffer = abBuffer;
|
|
}
|
|
}
|
|
|
|
iRet = WideCharToMultiByte( CP_ACP,
|
|
0,
|
|
(LPWSTR) pAttr->Value.pbData,
|
|
-1,
|
|
(LPSTR) pNameBuffer,
|
|
cbNameBuffer,
|
|
NULL,
|
|
NULL );
|
|
|
|
if ( !iRet )
|
|
{
|
|
if ( pNameBuffer != abBuffer )
|
|
{
|
|
LocalFree( pNameBuffer );
|
|
}
|
|
return FALSE;
|
|
}
|
|
|
|
//
|
|
// Now stuff the MBCS string back into the blob. I do this
|
|
// because there is other code that re-reads and re-processes
|
|
// the CRYPTAPI blob.
|
|
//
|
|
|
|
if ( cbNameBuffer <= pAttr->Value.cbData )
|
|
{
|
|
memcpy( pAttr->Value.pbData,
|
|
pNameBuffer,
|
|
cbNameBuffer );
|
|
pAttr->Value.cbData = cbNameBuffer;
|
|
pAttr->dwValueType = CERT_RDN_OCTET_STRING;
|
|
}
|
|
|
|
if ( pNameBuffer != abBuffer )
|
|
{
|
|
LocalFree( pNameBuffer );
|
|
pNameBuffer = NULL;
|
|
}
|
|
}
|
|
|
|
if ( !pxbf->AddString( MapAsnName( pAttr->pszObjId ), fXt ) ||
|
|
!pxbf->AddBlob( "=", sizeof("=")-1, fXt ) ||
|
|
!pxbf->AddString( (LPSTR) pAttr->Value.pbData, fXt ) )
|
|
{
|
|
return FALSE;
|
|
}
|
|
}
|
|
}
|
|
|
|
return pxbf->AddBlob( "", sizeof(""), fXt ) != NULL;
|
|
}
|
|
|
|
|
|
/*===================================================================
|
|
CCertRequest::ParseRDNS
|
|
|
|
Function called to parse a certificate into a OA collection
|
|
|
|
Parameters:
|
|
pNameInfo - ptr to name structure ( cf. CAPI 2 )
|
|
pszPrefix - prefix to prepend to members name
|
|
pxbf - ptr to buffer to hold result
|
|
|
|
Returns:
|
|
S_OK on success, E_OUTOFMEMORY if out of memory or E_FAIL for
|
|
other errors
|
|
===================================================================*/
|
|
|
|
HRESULT
|
|
CCertRequest::ParseRDNS(
|
|
PCERT_NAME_INFO pNameInfo,
|
|
LPSTR pszPrefix,
|
|
XBF *pxbf,
|
|
UINT lCodePage
|
|
)
|
|
{
|
|
DWORD cRDN;
|
|
DWORD cAttr;
|
|
PCERT_RDN pRDN;
|
|
PCERT_RDN_ATTR pAttr;
|
|
DWORD cRDNs;
|
|
DWORD cAttrs;
|
|
PCERT_RDN pRDNs;
|
|
PCERT_RDN_ATTR pAttrs;
|
|
LPSTR pszFullName = NULL;
|
|
HRESULT hRes = S_OK;
|
|
LPSTR pName;
|
|
UINT cL;
|
|
LPSTR pVal = NULL;
|
|
|
|
|
|
for (cRDN = pNameInfo->cRDN, pRDN = pNameInfo->rgRDN; cRDN > 0; cRDN--, pRDN++)
|
|
{
|
|
for ( cAttr = pRDN->cRDNAttr, pAttr = pRDN->rgRDNAttr ; cAttr > 0 ; cAttr--, ++pAttr )
|
|
{
|
|
if ( pAttr->dwValueType & 0x80000000 )
|
|
{
|
|
continue;
|
|
}
|
|
|
|
// scan for attr of same name
|
|
|
|
pAttr->dwValueType |= 0x80000000;
|
|
cL = 0;
|
|
pVal = NULL;
|
|
for ( cRDNs = cRDN, pRDNs = pRDN;
|
|
cRDNs > 0;
|
|
cRDNs--, pRDNs++)
|
|
{
|
|
for ( cAttrs = pRDNs->cRDNAttr, pAttrs = pRDNs->rgRDNAttr ;
|
|
cAttrs > 0 ;
|
|
cAttrs--, ++pAttrs )
|
|
{
|
|
if ( !(pAttrs->dwValueType & 0x80000000) &&
|
|
!strcmp( pAttr->pszObjId, pAttrs->pszObjId ) )
|
|
{
|
|
cL += strlen( (LPSTR)pAttrs->Value.pbData ) + 1;
|
|
}
|
|
}
|
|
}
|
|
|
|
//
|
|
// if attributes of the same name found, concatenate their
|
|
// values separated by ';'
|
|
//
|
|
|
|
if ( cL )
|
|
{
|
|
pVal = (LPSTR)malloc( cL + strlen((LPSTR)pAttr->Value.pbData) + 1 );
|
|
if ( pVal == NULL )
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
strcpy( pVal, (LPSTR)pAttr->Value.pbData );
|
|
for ( cRDNs = cRDN, pRDNs = pRDN;
|
|
cRDNs > 0;
|
|
cRDNs--, pRDNs++)
|
|
{
|
|
for ( cAttrs = pRDNs->cRDNAttr, pAttrs = pRDNs->rgRDNAttr ;
|
|
cAttrs > 0 ;
|
|
cAttrs--, ++pAttrs )
|
|
{
|
|
if ( !(pAttrs->dwValueType & 0x80000000) &&
|
|
!strcmp( pAttr->pszObjId, pAttrs->pszObjId ) )
|
|
{
|
|
strcat( pVal, ";" );
|
|
strcat( pVal, (LPSTR)pAttrs->Value.pbData );
|
|
pAttrs->dwValueType |= 0x80000000;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
pName = MapAsnName( pAttr->pszObjId );
|
|
if ( (pszFullName = (LPSTR)malloc( strlen(pszPrefix)+strlen(pName)+1 )) == NULL )
|
|
{
|
|
hRes = E_OUTOFMEMORY;
|
|
goto cleanup;
|
|
}
|
|
strcpy( pszFullName, pszPrefix );
|
|
strcat( pszFullName, pName );
|
|
if ( (hRes = AddStringPair( CLCERT,
|
|
pszFullName,
|
|
pVal ? pVal : (LPSTR)pAttr->Value.pbData,
|
|
pxbf,
|
|
TRUE,
|
|
lCodePage )) != S_OK )
|
|
{
|
|
if ( pVal != NULL )
|
|
{
|
|
free( pVal );
|
|
}
|
|
goto cleanup;
|
|
}
|
|
if ( pVal != NULL )
|
|
{
|
|
free( pVal );
|
|
pVal = NULL;
|
|
}
|
|
free( pszFullName );
|
|
pszFullName = NULL;
|
|
}
|
|
}
|
|
|
|
cleanup:
|
|
if ( pszFullName != NULL )
|
|
{
|
|
free( pszFullName );
|
|
}
|
|
|
|
return hRes;
|
|
}
|
|
|
|
|
|
/*===================================================================
|
|
CCertRequest::ParseCertificate
|
|
|
|
Function called to parse a certificate into a OA collection
|
|
|
|
Parameters:
|
|
pspcRCI - client certificate structure
|
|
|
|
Returns:
|
|
S_OK on success, E_OUTOFMEMORY if out of memory or E_FAIL for
|
|
other errors
|
|
===================================================================*/
|
|
|
|
HRESULT
|
|
CCertRequest::ParseCertificate(
|
|
LPBYTE pbCert,
|
|
DWORD cCert,
|
|
DWORD dwEncoding,
|
|
DWORD dwFlags,
|
|
UINT lCodePage
|
|
)
|
|
{
|
|
XBF xbf( pReq->GetCertStoreBuf(), pReq->GetCertStoreSize() );
|
|
HRESULT hRes = S_OK;
|
|
PCERT_NAME_INFO pNameInfo = NULL;
|
|
UINT cStore;
|
|
UINT x;
|
|
LPSTR pVal;
|
|
PCCERT_CONTEXT pCert;
|
|
|
|
|
|
if (NULL == (pCert = CertCreateCertificateContext(dwEncoding,
|
|
pbCert,
|
|
cCert))) {
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
hRes = E_FAIL;
|
|
goto cleanup;
|
|
}
|
|
|
|
// estimate size of buffer holding values
|
|
|
|
cStore = pCert->cbCertEncoded + // for clear text format
|
|
sizeof("ISSUER") +
|
|
sizeof("BINARYISSUER") + (UUENCODEDSIZE(pCert->pCertInfo->Issuer.cbData)*sizeof(WCHAR)) +
|
|
sizeof("BINARYSUBJECT") + (UUENCODEDSIZE(pCert->pCertInfo->Subject.cbData)*sizeof(WCHAR)) +
|
|
sizeof("SUBJECT") + ((pCert->cbCertEncoded + 2) * 2 * sizeof(WCHAR)) + // store fields
|
|
sizeof("CERTIFICATE") + ((pCert->cbCertEncoded +2)* sizeof(WCHAR)) +
|
|
sizeof("SERIALNUMBER") + (pCert->pCertInfo->SerialNumber.cbData * 3) +
|
|
sizeof("PUBLICKEY") + ((pCert->pCertInfo->SubjectPublicKeyInfo.PublicKey.cbData+2) * sizeof(WCHAR)) +
|
|
sizeof("VALIDFROM") + sizeof(DATE) +
|
|
sizeof("VALIDUNTIL") + sizeof(DATE) +
|
|
sizeof("FLAGS") + sizeof(DWORD) +
|
|
sizeof("ENCODING") + sizeof(DWORD);
|
|
;
|
|
|
|
if ( !xbf.Extend( cStore ) ) {
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
hRes = E_OUTOFMEMORY;
|
|
goto cleanup;
|
|
}
|
|
|
|
//
|
|
// Build Issuer clear text format & fields collection
|
|
//
|
|
|
|
if ( !DecodeRdn( &pCert->pCertInfo->Issuer, &pNameInfo ) )
|
|
{
|
|
hRes = E_FAIL;
|
|
goto cleanup;
|
|
}
|
|
pVal = xbf.ReserveRange( 0 );
|
|
if ( !BuildRdnList( pNameInfo, &xbf, FALSE ) )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
hRes = E_FAIL;
|
|
goto cleanup;
|
|
}
|
|
if ( (hRes = AddStringPair( CLCERT, "ISSUER", pVal, &xbf, FALSE, lCodePage ))
|
|
!= S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddUuBinaryPair( CLCERT,
|
|
"BINARYISSUER",
|
|
pCert->pCertInfo->Issuer.pbData,
|
|
pCert->pCertInfo->Issuer.cbData,
|
|
&xbf,
|
|
lCodePage ))!=S_OK ) {
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=ParseRDNS( pNameInfo, "ISSUER", &xbf, lCodePage )) != S_OK ) {
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
FreeDecodedRdn( pNameInfo );
|
|
|
|
//
|
|
// Build Subject clear text format & fields collection
|
|
//
|
|
|
|
if ( !DecodeRdn( &pCert->pCertInfo->Subject, &pNameInfo ) )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
return E_FAIL;
|
|
}
|
|
pVal = xbf.ReserveRange( 0 );
|
|
if ( !BuildRdnList( pNameInfo, &xbf, FALSE ) )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
hRes = E_FAIL;
|
|
goto cleanup;
|
|
}
|
|
if ( (hRes = AddStringPair( CLCERT, "SUBJECT", pVal, &xbf, FALSE, lCodePage ))
|
|
!= S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddUuBinaryPair( CLCERT,
|
|
"BINARYSUBJECT",
|
|
pCert->pCertInfo->Subject.pbData,
|
|
pCert->pCertInfo->Subject.cbData,
|
|
&xbf,
|
|
lCodePage ))!=S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=ParseRDNS( pNameInfo, "SUBJECT", &xbf, lCodePage )) != S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
FreeDecodedRdn( pNameInfo );
|
|
|
|
if ( (hRes=AddBinaryPair( CLCERT, "CERTIFICATE", pCert->pbCertEncoded, pCert->cbCertEncoded, &xbf, lCodePage ))!=S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
//
|
|
// SerialNumber
|
|
// The certificate's serial number. (Decoded as a multiple byte integer.
|
|
// SerialNumber.pbData[0] is the least significant byte. SerialNumber.pbData[
|
|
// SerialNumber.cbData - 1] is the most significant byte.)
|
|
//
|
|
char achSerNum[128];
|
|
UINT cbSN;
|
|
|
|
DBG_ASSERT(pCert->pCertInfo->SerialNumber.cbData > 1);
|
|
cbSN = pCert->pCertInfo->SerialNumber.cbData;
|
|
if (cbSN > 0 && cbSN < sizeof(achSerNum)/3)
|
|
{
|
|
cbSN--;
|
|
}
|
|
else
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
UINT iOffSet;
|
|
for ( x = 0, iOffSet = 0; x < pCert->pCertInfo->SerialNumber.cbData ; ++x )
|
|
{
|
|
iOffSet = (cbSN-x)*3; // start with the least significant byte
|
|
achSerNum[iOffSet] = "0123456789abcdef"[((LPBYTE)pCert->pCertInfo->SerialNumber.pbData)[x]>>4];
|
|
achSerNum[iOffSet+1] = "0123456789abcdef"[pCert->pCertInfo->SerialNumber.pbData[x]&0x0f];
|
|
if ( x != 0 ) {
|
|
achSerNum[iOffSet+2] = '-';
|
|
}
|
|
else
|
|
{
|
|
achSerNum[iOffSet+2] = '\0';
|
|
}
|
|
}
|
|
|
|
if ( (hRes=AddStringPair( CLCERT, "SERIALNUMBER", achSerNum, &xbf, TRUE, lCodePage ))!=S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddBinaryPair( CLCERT, "PUBLICKEY", pCert->pCertInfo->SubjectPublicKeyInfo.PublicKey.pbData, pCert->pCertInfo->SubjectPublicKeyInfo.PublicKey.cbData, &xbf, lCodePage ))!=S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddDatePair( CLCERT, "VALIDFROM", &pCert->pCertInfo->NotBefore, &xbf ))!=S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddDatePair( CLCERT, "VALIDUNTIL", &pCert->pCertInfo->NotAfter, &xbf ))!=S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddDwordPair( CLCERT, "FLAGS", &dwFlags, &xbf ))!=S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddDwordPair( CLCERT, "ENCODING", &dwEncoding, &xbf ))!=S_OK )
|
|
{
|
|
ExceptionId(IID_IRequestDictionary, IDE_REQUEST, IDE_OOM);
|
|
goto cleanup;
|
|
}
|
|
|
|
cleanup:
|
|
if ( pCert )
|
|
{
|
|
CertFreeCertificateContext( pCert );
|
|
}
|
|
|
|
pReq->SetCertStore( xbf.QueryBuf(), xbf.QueryAllocSize() );
|
|
|
|
xbf.Reset();
|
|
|
|
return hRes;
|
|
}
|
|
|
|
|
|
/*===================================================================
|
|
CCertRequest::NoCertificate
|
|
|
|
Function called to create NULL certificate info into a OA collection
|
|
|
|
Parameters:
|
|
None
|
|
|
|
Returns:
|
|
S_OK on success, E_OUTOFMEMORY if out of memory or E_FAIL for
|
|
other errors
|
|
===================================================================*/
|
|
|
|
HRESULT
|
|
CCertRequest::NoCertificate(
|
|
)
|
|
{
|
|
#if 1
|
|
|
|
return S_OK;
|
|
|
|
#else
|
|
|
|
XBF xbf( pReq->GetCertStoreBuf(), pReq->GetCertStoreSize() );
|
|
HRESULT hRes = S_OK;
|
|
UINT cStore;
|
|
FILETIME ft;
|
|
|
|
// estimate size of buffer holding values
|
|
|
|
cStore =
|
|
sizeof("ISSUER") + 2*sizeof(WCHAR) +
|
|
sizeof("BINARYISSUER") + 2*sizeof(WCHAR) +
|
|
sizeof("BINARYSUBJECT") + 2*sizeof(WCHAR) +
|
|
sizeof("SUBJECT") + 2*sizeof(WCHAR) +
|
|
sizeof("CERTIFICATE") + 2 * sizeof(WCHAR) +
|
|
sizeof("SERIALNUMBER") + 2 * sizeof(WCHAR) +
|
|
sizeof("PUBLICKEY") + 2 * sizeof(WCHAR) +
|
|
sizeof("VALIDFROM") + sizeof(DATE) +
|
|
sizeof("VALIDUNTIL") + sizeof(DATE)
|
|
;
|
|
|
|
if ( !xbf.Extend( cStore ) )
|
|
{
|
|
hRes = E_OUTOFMEMORY;
|
|
goto cleanup;
|
|
}
|
|
|
|
ft.dwLowDateTime = 0;
|
|
ft.dwHighDateTime = 0;
|
|
|
|
//
|
|
// Build Issuer clear text format & fields collection
|
|
//
|
|
|
|
if ( (hRes = AddStringPair( CLCERT, "ISSUER", "", &xbf, FALSE, lCodePage ))
|
|
!= S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes = AddStringPair( CLCERT, "BINARYISSUER", "", &xbf, FALSE, lCodePage ))
|
|
!= S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes = AddStringPair( CLCERT, "SUBJECT", "", &xbf, FALSE, lCodePage ))
|
|
!= S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes = AddStringPair( CLCERT, "BINARYSUBJECT", "", &xbf, FALSE, lCodePage ))
|
|
!= S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes = AddStringPair( CLCERT, "CERTIFICATE", "", &xbf, FALSE, lCodePage ))
|
|
!= S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddStringPair( CLCERT, "SERIALNUMBER", "", &xbf, TRUE, lCodePage ))!=S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddStringPair( CLCERT, "PUBLICKEY", "", &xbf, TRUE, lCodePage ))!=S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddDatePair( CLCERT, "VALIDFROM", &ft, &xbf ))!=S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
if ( (hRes=AddDatePair( CLCERT, "VALIDUNTIL", &ft, &xbf ))!=S_OK )
|
|
{
|
|
goto cleanup;
|
|
}
|
|
|
|
cleanup:
|
|
|
|
pReq->SetCertStore( xbf.QueryBuf(), xbf.QueryAllocSize() );
|
|
|
|
xbf.Reset();
|
|
|
|
return hRes;
|
|
|
|
#endif
|
|
}
|
|
|
|
|
|
/*===================================================================
|
|
RequestSupportTerminate
|
|
|
|
Function called to initialize certificate support
|
|
|
|
Parameters:
|
|
None
|
|
|
|
Returns:
|
|
TRUE on success, otherwise FALSE
|
|
===================================================================*/
|
|
|
|
BOOL
|
|
RequestSupportInit(
|
|
)
|
|
{
|
|
return TRUE;
|
|
}
|
|
|
|
|
|
/*===================================================================
|
|
RequestSupportTerminate
|
|
|
|
Function called to terminate certificate support
|
|
|
|
Parameters:
|
|
None
|
|
|
|
Returns:
|
|
Nothing
|
|
===================================================================*/
|
|
|
|
VOID
|
|
RequestSupportTerminate(
|
|
)
|
|
{
|
|
}
|
|
|
|
|
|
HRESULT
|
|
SetVariantAsByteArray(
|
|
VARIANT* pvarReturn,
|
|
DWORD cbLen,
|
|
LPBYTE pbIn
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Create variant as byte array
|
|
|
|
Arguments:
|
|
|
|
pVarReturn - ptr to created variant
|
|
cbLen - byte count
|
|
pbIn - byte array
|
|
|
|
Returns:
|
|
|
|
COM status
|
|
|
|
--*/
|
|
{
|
|
HRESULT hr;
|
|
SAFEARRAYBOUND rgsabound[1];
|
|
BYTE * pbData = NULL;
|
|
|
|
// Set the variant type of the output parameter
|
|
|
|
V_VT(pvarReturn) = VT_ARRAY|VT_UI1;
|
|
V_ARRAY(pvarReturn) = NULL;
|
|
|
|
// Allocate a SafeArray for the data
|
|
|
|
rgsabound[0].lLbound = 0;
|
|
rgsabound[0].cElements = cbLen;
|
|
|
|
V_ARRAY(pvarReturn) = SafeArrayCreate(VT_UI1, 1, rgsabound);
|
|
if (V_ARRAY(pvarReturn) == NULL)
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
if (FAILED(SafeArrayAccessData(V_ARRAY(pvarReturn), (void **) &pbData)))
|
|
{
|
|
return E_UNEXPECTED;
|
|
}
|
|
|
|
memcpy(pbData, pbIn, cbLen );
|
|
|
|
SafeArrayUnaccessData(V_ARRAY(pvarReturn));
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|