archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
3.8 GiB
Tree: 1b390dddff
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b390dddff'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/snapin/dsadmin/cert.cpp

298 lines
7.7 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 1997 - 1998
  6. //
  7. // File: cert.cpp
  8. //
  9. //--------------------------------------------------------------------------
  11. /////////////////////////////////////////////////////////////////////
  12. // Cert.cpp
  13. //
  14. // This file is the implementation of the CCertificate object.
  15. //
  16. // GLOSSARY
  17. // - BLOB Binary Large Object
  18. // - DER Distinguished Encoding Rules
  19. // - RDN Relative Distinguished Names
  20. //
  21. // HISTORY
  22. // 19-Jun-97 t-danm Creation.
  23. /////////////////////////////////////////////////////////////////////
  25. #include "stdafx.h"
  26. #include "common.h"
  27. #include "cert.h"
  30. /////////////////////////////////////////////////////////////////////
  31. CCertificate::CCertificate()
  32. {
  33. m_paCertContext = NULL;
  34. m_blobCertData.pbData = NULL;
  35. }
  37. CCertificate::~CCertificate()
  38. {
  39. // Free the certificate
  40. ::CertFreeCertificateContext(m_paCertContext);
  41. delete m_blobCertData.pbData;
  42. }
  45. void DisplaySystemError (HWND hParent, DWORD dwErr)
  46. {
  47. AFX_MANAGE_STATE (AfxGetStaticModuleState ());
  48. LPVOID lpMsgBuf;
  50. FormatMessage (FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM,
  51. NULL,
  52. dwErr,
  53. MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
  54. (LPTSTR) &lpMsgBuf, 0, NULL);
  56. // Display the string.
  57. CString caption;
  58. VERIFY (caption.LoadString (IDS_ADD_CERTIFICATE_MAPPING));
  59. ::MessageBox (hParent, (LPWSTR) lpMsgBuf, (LPCTSTR) caption, MB_OK | MB_ICONINFORMATION);
  60. // Free the buffer.
  61. LocalFree (lpMsgBuf);
  62. }
  64. // This code copied from CertMgr project - LOCATE.C
  65. BOOL CCertificate::FLoadCertificate (LPCTSTR szFile)
  66. {
  67. ASSERT (szFile);
  68. if ( !szFile )
  69. return FALSE;
  71. BOOL bReturn = FALSE;
  72. PVOID FileNameVoidP = (PVOID) szFile;
  73. PCCERT_CONTEXT pCertContext = NULL;
  74. DWORD dwEncodingType = 0;
  75. DWORD dwContentType = 0;
  76. DWORD dwFormatType = 0;
  78. // NB. It's possible to read in a serialized store at this point, too.
  79. // We've have to add the UI to display the certs in the file so the
  80. // user could pick one. Use CryptUIDlgSelectCertificate ().
  81. bReturn = ::CryptQueryObject (
  82. CERT_QUERY_OBJECT_FILE,
  83. FileNameVoidP,
  84. CERT_QUERY_CONTENT_FLAG_ALL, //CERT_QUERY_CONTENT_CERT | CERT_QUERY_CONTENT_SERIALIZED_CERT,
  85. CERT_QUERY_FORMAT_FLAG_ALL,
  86. 0,
  87. &dwEncodingType,
  88. &dwContentType,
  89. &dwFormatType,
  90. NULL,
  91. NULL,
  92. (const void **)&pCertContext);
  94. ASSERT (bReturn);
  95. if ( bReturn )
  96. {
  97. //
  98. // Success. See what we get back.
  99. //
  101. if ( (dwContentType != CERT_QUERY_CONTENT_CERT) || !pCertContext )
  102. {
  103. //
  104. // Not a valid cert file.
  105. //
  106. if ( pCertContext )
  107. ::CertFreeCertificateContext (pCertContext);
  109. CString text;
  110. CString caption;
  112. VERIFY (text.LoadString (IDS_CERTFILEFORMATERR));
  113. VERIFY (caption.LoadString (IDS_ADD_CERTIFICATE_MAPPING));
  114. MessageBox (NULL, text, caption, MB_OK | MB_ICONINFORMATION);
  115. bReturn = FALSE;
  116. }
  117. else
  118. {
  119. // Cert context is valid - let's save it to the global handle
  120. m_paCertContext = pCertContext;
  121. }
  122. }
  123. else
  124. {
  125. DWORD dwErr = GetLastError ();
  127. DisplaySystemError (NULL, dwErr);
  128. }
  130. return bReturn;
  131. }
  134. /////////////////////////////////////////////////////////////////////
  135. // This routine is a wrapper to API ::CertNameToStr() automatically
  136. // calculating the length of the output string and returning the data
  137. // into the CString object.
  138. void CCertificate::CertNameToCString(
  139. IN DWORD dwCertEncodingType,
  140. IN CERT_NAME_BLOB * pName,
  141. OUT CString * pstrData)
  142. {
  143. ASSERT(pstrData != NULL);
  144. // Calculate how many characters are needed
  145. int cch = ::CertNameToStr(
  146. IN dwCertEncodingType,
  147. IN pName,
  148. IN c_dwCertNameStrType,
  149. NULL, 0);
  150. TCHAR * pchT = pstrData->GetBuffer(cch);
  151. ASSERT(pchT != NULL);
  152. ASSERT(lstrlen(pchT) == 0);
  153. (void)::CertNameToStr(
  154. IN dwCertEncodingType,
  155. IN pName,
  156. IN c_dwCertNameStrType,
  157. OUT pchT, IN cch);
  158. pstrData->ReleaseBuffer();
  159. } // CCertificate::CertNameToCString()
  162. /////////////////////////////////////////////////////////////////////
  163. void CCertificate::GetIssuer(OUT CString * pstrName)
  164. {
  165. ASSERT(pstrName != NULL);
  166. ASSERT(m_paCertContext != NULL);
  167. ASSERT(m_paCertContext->pCertInfo != NULL);
  169. CERT_INFO * pCertInfo = m_paCertContext->pCertInfo;
  171. BOOL fSelfIssued = CertCompareCertificateName(
  172. m_paCertContext->dwCertEncodingType,
  173. &pCertInfo->Subject,
  174. &pCertInfo->Issuer);
  175. if (fSelfIssued)
  176. {
  177. // Self issued certificate
  178. GetSubject(OUT pstrName);
  179. return;
  180. }
  181. // Get the issuer
  182. CertNameToCString(
  183. IN m_paCertContext->dwCertEncodingType,
  184. IN &pCertInfo->Issuer,
  185. OUT pstrName);
  186. } // CCertificate::GetIssuer()
  189. /////////////////////////////////////////////////////////////////////
  190. void CCertificate::GetSubject(OUT CString * pstrName)
  191. {
  192. ASSERT(pstrName != NULL);
  193. ASSERT(m_paCertContext != NULL);
  194. ASSERT(m_paCertContext->pCertInfo != NULL);
  196. CertNameToCString(
  197. IN m_paCertContext->dwCertEncodingType,
  198. IN &m_paCertContext->pCertInfo->Subject,
  199. OUT pstrName);
  200. } // CCertificate::GetSubject()
  203. /////////////////////////////////////////////////////////////////////
  204. void CCertificate::GetAltSubject(OUT CString * pstrName)
  205. {
  206. ASSERT(pstrName != NULL);
  207. ASSERT(m_paCertContext != NULL);
  208. ASSERT(m_paCertContext->pCertInfo != NULL);
  210. pstrName->Empty();
  211. CERT_INFO * pCertInfo = m_paCertContext->pCertInfo;
  212. CERT_EXTENSION * pCertExtension;
  214. // Search for the AltSubject in the extensions
  215. pCertExtension = ::CertFindExtension(
  216. IN szOID_SUBJECT_ALT_NAME, // Same as X509_ALTERNATE_NAME
  217. IN pCertInfo->cExtension,
  218. IN pCertInfo->rgExtension);
  219. if (pCertExtension == NULL)
  220. return; // No AltSubject
  222. DWORD dwErr = ERROR_SUCCESS;
  223. BOOL fSuccess;
  224. DWORD cbData = 0;
  225. // Find out how many bytes are needed for AltSubject
  226. fSuccess = ::CryptDecodeObject(
  227. m_paCertContext->dwCertEncodingType,
  228. X509_ALTERNATE_NAME,
  229. IN pCertExtension->Value.pbData,
  230. IN pCertExtension->Value.cbData,
  231. 0, // dwFlags
  232. NULL,
  233. INOUT &cbData);
  234. if (!fSuccess)
  235. {
  236. dwErr = ::GetLastError();
  237. TRACE1("CryptDecodeObject() returned error %u", dwErr);
  238. return;
  239. }
  240. ASSERT(cbData > 0);
  241. BYTE * pbDataT = new BYTE[cbData];
  243. // Decode the AltSubject name
  244. fSuccess = ::CryptDecodeObject(
  245. m_paCertContext->dwCertEncodingType,
  246. X509_ALTERNATE_NAME,
  247. IN pCertExtension->Value.pbData,
  248. IN pCertExtension->Value.cbData,
  249. 0, // dwFlags
  250. OUT pbDataT,
  251. INOUT &cbData);
  252. if (!fSuccess)
  253. {
  254. dwErr = ::GetLastError();
  255. TRACE1("CryptDecodeObject() returned error %u", dwErr);
  256. }
  257. else
  258. {
  259. CERT_ALT_NAME_INFO * pCertAltNameInfo = (CERT_ALT_NAME_INFO *)pbDataT;
  260. CERT_ALT_NAME_ENTRY * pEntry = pCertAltNameInfo->rgAltEntry;
  261. ASSERT(pEntry != NULL);
  262. for (UINT i = 0; i < pCertAltNameInfo->cAltEntry; i++, pEntry++)
  263. {
  264. if (pEntry->dwAltNameChoice == CERT_ALT_NAME_DNS_NAME)
  265. {
  266. *pstrName = pEntry->pwszDNSName;
  267. break;
  268. }
  270. } // for
  271. } // if...else
  272. delete pbDataT;
  273. } // CCertificate::GetAltSubject()
  275. /////////////////////////////////////////////////////////////////////
  276. void CCertificate::GetSimString(OUT CString * pstrData)
  277. {
  278. ASSERT(pstrData != NULL);
  280. CString strIssuer;
  281. CString strSubject;
  282. CString strAltSubject;
  283. GetIssuer(OUT &strIssuer);
  284. GetSubject(OUT &strSubject);
  285. GetAltSubject(OUT &strAltSubject);
  287. LPTSTR * pargzpszIssuer = ParseSimString(strIssuer);
  288. LPTSTR * pargzpszSubject = ParseSimString(strSubject);
  289. LPTSTR * pargzpszAltSubject = ParseSimString(strAltSubject);
  291. // Make a "X509" string
  292. UnsplitX509String(OUT pstrData, pargzpszIssuer, pargzpszSubject, pargzpszAltSubject);
  294. delete pargzpszIssuer;
  295. delete pargzpszSubject;
  296. delete pargzpszAltSubject;
  297. } // CCertificate::GetSimString()