archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/base/fs/utils/runas/utils.cpp

345 lines
8.8 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. //=============================================================================
  2. // Copyright (c) 2000 Microsoft Corporation
  3. //
  4. // utils.cpp
  5. //
  6. // Credential manager user interface utility functions.
  7. //
  8. // Created 06/06/2000 johnstep (John Stephens)
  9. //=============================================================================
  11. #include "cred_pch.h"
  12. #include "utils.h"
  15. //=============================================================================
  16. // CreduiIsRemovableCertificate
  17. //
  18. // Arguments:
  19. // certContext (in) - certificate context to query
  20. //
  21. // Returns TRUE if the certificate has a removable component (such as a smart
  22. // card) or FALSE otherwise.
  23. //
  24. // Created 04/09/2000 johnstep (John Stephens)
  25. //=============================================================================
  27. BOOL
  28. CreduiIsRemovableCertificate(
  29. CONST CERT_CONTEXT *certContext
  30. )
  31. {
  32. BOOL isRemovable = FALSE;
  34. // First, determine the buffer size:
  36. DWORD bufferSize = 0;
  38. if (CertGetCertificateContextProperty(
  39. certContext,
  40. CERT_KEY_PROV_INFO_PROP_ID,
  41. NULL,
  42. &bufferSize))
  43. {
  44. // Allocate the buffer on the stack:
  46. CRYPT_KEY_PROV_INFO *provInfo;
  48. __try
  49. {
  50. provInfo = static_cast<CRYPT_KEY_PROV_INFO *>(alloca(bufferSize));
  51. }
  52. __except(EXCEPTION_EXECUTE_HANDLER)
  53. {
  54. provInfo = NULL;
  55. }
  57. if (provInfo != NULL)
  58. {
  59. if (CertGetCertificateContextProperty(
  60. certContext,
  61. CERT_KEY_PROV_INFO_PROP_ID,
  62. provInfo,
  63. &bufferSize))
  64. {
  65. HCRYPTPROV provContext;
  67. if (CryptAcquireContext(
  68. &provContext,
  69. NULL,
  70. provInfo->pwszProvName,
  71. provInfo->dwProvType,
  72. CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
  73. {
  74. DWORD impType;
  75. DWORD impTypeSize = sizeof impType;
  77. if (CryptGetProvParam(
  78. provContext,
  79. PP_IMPTYPE,
  80. reinterpret_cast<BYTE *>(&impType),
  81. &impTypeSize,
  82. 0))
  83. {
  84. if (impType & CRYPT_IMPL_REMOVABLE)
  85. {
  86. isRemovable = TRUE;
  87. }
  88. }
  90. if (!CryptReleaseContext(provContext, 0))
  91. {
  92. CreduiDebugLog(
  93. "CreduiIsRemovableCertificate: "
  94. "CryptReleaseContext failed: %u\n",
  95. GetLastError());
  96. }
  97. }
  98. }
  99. }
  100. }
  102. return isRemovable;
  103. }
  105. //=============================================================================
  106. // CreduiGetCertificateDisplayName
  107. //
  108. // Arguments:
  109. // certContext (in)
  110. // displayName (out)
  111. // displayNameMaxChars (in)
  112. // certificateString (in)
  113. //
  114. // Returns TRUE if a display name was stored or FALSE otherwise.
  115. //
  116. // Created 06/12/2000 johnstep (John Stephens)
  117. //=============================================================================
  119. BOOL
  120. CreduiGetCertificateDisplayName(
  121. CONST CERT_CONTEXT *certContext,
  122. WCHAR *displayName,
  123. ULONG displayNameMaxChars,
  124. WCHAR *certificateString
  125. )
  126. {
  127. BOOL success = FALSE;
  129. WCHAR *tempName;
  130. ULONG tempNameMaxChars = displayNameMaxChars / 2 - 1;
  132. __try
  133. {
  134. tempName =
  135. static_cast<WCHAR *>(
  136. alloca(tempNameMaxChars * sizeof (WCHAR)));
  137. }
  138. __except(EXCEPTION_EXECUTE_HANDLER)
  139. {
  140. tempName = NULL;
  141. }
  143. if (tempName == NULL)
  144. {
  145. return FALSE;
  146. }
  148. displayName[0] = L'\0';
  149. tempName[0] = L'\0';
  151. if (CertGetNameString(
  152. certContext,
  153. CERT_NAME_FRIENDLY_DISPLAY_TYPE,
  154. 0,
  155. NULL,
  156. tempName,
  157. tempNameMaxChars))
  158. {
  159. success = TRUE;
  160. lstrcpy(displayName, tempName);
  161. }
  163. if (CertGetNameString(
  164. certContext,
  165. CERT_NAME_FRIENDLY_DISPLAY_TYPE,
  166. CERT_NAME_ISSUER_FLAG,
  167. NULL,
  168. tempName,
  169. tempNameMaxChars))
  170. {
  171. if (lstrcmpi(displayName, tempName) != 0)
  172. {
  173. success = TRUE;
  175. WCHAR *where = &displayName[lstrlen(displayName)];
  177. if (where > displayName)
  178. {
  179. *where++ = L' ';
  180. *where++ = L'-';
  181. *where++ = L' ';
  182. }
  184. lstrcpy(where, tempName);
  185. }
  186. }
  188. return success;
  189. }
  191. //=============================================================================
  192. // CreduiGetCertDisplayNameFromMarshaledName
  193. //
  194. // Arguments:
  195. // marshaledName (in)
  196. // displayName (out)
  197. // displayNameMaxChars (in)
  198. // onlyRemovable (in) - only get name if for a "removable" certificate
  199. //
  200. // Returns TRUE if a display name was stored or FALSE otherwise.
  201. //
  202. // Created 07/24/2000 johnstep (John Stephens)
  203. //=============================================================================
  205. BOOL
  206. CreduiGetCertDisplayNameFromMarshaledName(
  207. WCHAR *marshaledName,
  208. WCHAR *displayName,
  209. ULONG displayNameMaxChars,
  210. BOOL onlyRemovable
  211. )
  212. {
  213. BOOL success = FALSE;
  215. CRED_MARSHAL_TYPE credMarshalType;
  216. CERT_CREDENTIAL_INFO *certCredInfo;
  218. if (CredUnmarshalCredential(
  219. marshaledName,
  220. &credMarshalType,
  221. reinterpret_cast<VOID **>(&certCredInfo)))
  222. {
  223. if (credMarshalType == CertCredential)
  224. {
  225. HCERTSTORE certStore;
  226. CONST CERT_CONTEXT *certContext;
  228. certStore = CertOpenSystemStore(NULL, L"MY");
  230. if (certStore != NULL)
  231. {
  232. CRYPT_HASH_BLOB hashBlob;
  234. hashBlob.cbData = CERT_HASH_LENGTH;
  235. hashBlob.pbData = reinterpret_cast<BYTE *>(
  236. certCredInfo->rgbHashOfCert);
  238. certContext = CertFindCertificateInStore(
  239. certStore,
  240. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  241. 0,
  242. CERT_FIND_SHA1_HASH,
  243. &hashBlob,
  244. NULL);
  246. if (certContext != NULL)
  247. {
  248. // If onlyRemovable is TRUE, check to see if this is a
  249. // certificate with a removable hardware component; this
  250. // usually means a smart card:
  252. if (!onlyRemovable ||
  253. CreduiIsRemovableCertificate(certContext))
  254. {
  255. success =
  256. CreduiGetCertificateDisplayName(
  257. certContext,
  258. displayName,
  259. displayNameMaxChars,
  260. NULL);
  261. }
  263. CertFreeCertificateContext(certContext);
  264. }
  266. // CertCloseStore returns FALSE if it fails. We could try
  267. // again, depending on the error returned by GetLastError:
  269. CertCloseStore(certStore, 0);
  270. }
  271. }
  273. CredFree(static_cast<VOID *>(certCredInfo));
  274. }
  276. return success;
  277. }
  279. LPWSTR
  280. GetAccountDomainName(
  281. VOID
  282. )
  283. /*++
  285. Routine Description:
  287. Returns the name of the account domain for this machine.
  289. For workstatations, the account domain is the netbios computer name.
  290. For DCs, the account domain is the netbios domain name.
  292. Arguments:
  294. None.
  296. Return Values:
  298. Returns a pointer to the name. The name should be free using NetApiBufferFree.
  300. NULL - on error.
  302. --*/
  303. {
  304. BOOL CreduiIsDomainController = FALSE;
  305. DWORD WinStatus;
  307. LPWSTR AllocatedName = NULL;
  309. OSVERSIONINFOEXW versionInfo;
  310. versionInfo.dwOSVersionInfoSize = sizeof OSVERSIONINFOEXW;
  312. if (GetVersionEx(reinterpret_cast<OSVERSIONINFOW *>(&versionInfo)))
  313. {
  314. CreduiIsDomainController = (versionInfo.wProductType == VER_NT_DOMAIN_CONTROLLER);
  315. }
  317. //
  318. // If this machine is a domain controller,
  319. // get the domain name.
  320. //
  322. if ( CreduiIsDomainController ) {
  324. WinStatus = NetpGetDomainName( &AllocatedName );
  326. if ( WinStatus != NO_ERROR ) {
  327. return NULL;
  328. }
  330. //
  331. // Otherwise, the 'account domain' is the computername
  332. //
  334. } else {
  336. WinStatus = NetpGetComputerName( &AllocatedName );
  338. if ( WinStatus != NO_ERROR ) {
  339. return NULL;
  340. }
  342. }
  344. return AllocatedName;
  345. }