archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 1b390dddff
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b390dddff'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/cryptoapi/pki/chain/extract.cpp

510 lines
14 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows NT Security
  4. // Copyright (C) Microsoft Corporation, 1997 - 2000
  5. //
  6. // File: extract.cpp
  7. //
  8. // Contents: Chain Cabinet Extraction
  9. //
  10. // Functions: ExtractAuthRootAutoUpdateCtlFromCab
  11. //
  12. // History: 11-Nov-00 philh Created
  13. //
  14. //----------------------------------------------------------------------------
  15. #include <global.hxx>
  16. #include <setupapi.h>
  17. #include <dbgdef.h>
  18. #include <userenv.h>
  20. #define CHAIN_CHAR_LEN(sz) (sizeof(sz) / sizeof(sz[0]))
  22. //+===========================================================================
  23. // Extract helper functions
  24. //============================================================================
  26. //+-------------------------------------------------------------------------
  27. // Allocate and read a blob from a file.
  28. //
  29. // The allocated bytes must be freed by calling PkiFree().
  30. //--------------------------------------------------------------------------
  31. BOOL WINAPI
  32. ReadBlobFromFileA(
  33. IN LPCSTR pszFileName,
  34. OUT BYTE **ppb,
  35. OUT DWORD *pcb
  36. )
  37. {
  38. BOOL fResult;
  39. HANDLE hFile;
  40. BYTE *pb = NULL;
  41. DWORD cb = 0;
  42. DWORD cbRead = 0;
  44. hFile = CreateFileA(
  45. pszFileName,
  46. GENERIC_READ,
  47. FILE_SHARE_READ | FILE_SHARE_WRITE,
  48. NULL, // lpsa
  49. OPEN_EXISTING,
  50. 0, // fdwAttrsAndFlags
  51. NULL // TemplateFile
  52. );
  53. if (INVALID_HANDLE_VALUE == hFile)
  54. goto CreateFileError;
  56. cb = GetFileSize(hFile, NULL);
  57. if (0 == cb)
  58. goto EmptyFile;
  60. if (NULL == (pb = (BYTE *) PkiNonzeroAlloc(cb)))
  61. goto OutOfMemory;
  63. if (!ReadFile(hFile, pb, cb, &cbRead, NULL))
  64. goto ReadFileError;
  65. if (cbRead != cb)
  66. goto InvalidFileLengthError;
  68. fResult = TRUE;
  69. CommonReturn:
  70. if (INVALID_HANDLE_VALUE != hFile) {
  71. DWORD dwLastErr = GetLastError();
  72. CloseHandle(hFile);
  73. SetLastError(dwLastErr);
  74. }
  76. *ppb = pb;
  77. *pcb = cb;
  79. return fResult;
  81. ErrorReturn:
  82. if (pb) {
  83. PkiFree(pb);
  84. pb = NULL;
  85. }
  86. cb = 0;
  87. fResult = FALSE;
  88. goto CommonReturn;
  90. TRACE_ERROR(CreateFileError)
  91. SET_ERROR(EmptyFile, ERROR_INVALID_DATA)
  92. TRACE_ERROR(OutOfMemory)
  93. TRACE_ERROR(ReadFileError)
  94. SET_ERROR(InvalidFileLengthError, ERROR_INVALID_DATA)
  95. }
  97. //+-------------------------------------------------------------------------
  98. // Write the blob to the specified file
  99. //--------------------------------------------------------------------------
  100. BOOL WINAPI
  101. WriteBlobToFileA(
  102. IN LPCSTR pszFileName,
  103. IN const BYTE *pb,
  104. IN DWORD cb
  105. )
  106. {
  107. BOOL fResult;
  108. HANDLE hFile;
  109. DWORD cbWritten;
  111. hFile = CreateFileA(
  112. pszFileName,
  113. GENERIC_WRITE,
  114. 0, // fdwShareMode
  115. NULL, // lpsa
  116. CREATE_ALWAYS,
  117. 0, // fdwAttrsAndFlags
  118. 0); // TemplateFile
  119. if (INVALID_HANDLE_VALUE == hFile)
  120. goto CreateFileError;
  122. if (!WriteFile(hFile, pb, cb, &cbWritten, NULL))
  123. goto WriteFileError;
  125. fResult = TRUE;
  126. CommonReturn:
  127. if (INVALID_HANDLE_VALUE != hFile) {
  128. DWORD dwLastErr = GetLastError();
  129. CloseHandle(hFile);
  130. SetLastError(dwLastErr);
  131. }
  133. return fResult;
  135. ErrorReturn:
  136. fResult = FALSE;
  137. goto CommonReturn;
  139. TRACE_ERROR(CreateFileError)
  140. TRACE_ERROR(WriteFileError)
  141. }
  144. typedef struct _EXTRACT_CAB_FILE_CONTEXT_A {
  145. LPCSTR pszFileInCab;
  146. LPCSTR pszTempTargetFileName; // MAX_PATH array
  147. BOOL fDidExtract;
  148. } EXTRACT_CAB_FILE_CONTEXT_A, *PEXTRACT_CAB_FILE_CONTEXT_A;
  150. //+-------------------------------------------------------------------------
  151. // Callback called by SetupIterateCabinetA to extract the file.
  152. //--------------------------------------------------------------------------
  153. UINT CALLBACK
  154. ExtractCabFileCallbackA(
  155. IN PVOID Context,
  156. IN UINT Notification,
  157. IN UINT_PTR Param1,
  158. IN UINT_PTR Param2
  159. )
  160. {
  161. UINT uRet;
  162. PEXTRACT_CAB_FILE_CONTEXT_A pCabFileContext =
  163. (PEXTRACT_CAB_FILE_CONTEXT_A) Context;
  165. switch (Notification) {
  166. case SPFILENOTIFY_FILEINCABINET:
  167. {
  168. PFILE_IN_CABINET_INFO_A pInfo =
  169. (PFILE_IN_CABINET_INFO_A) Param1;
  171. if (0 == _stricmp(pCabFileContext->pszFileInCab,
  172. pInfo->NameInCabinet)) {
  173. strncpy(pInfo->FullTargetName,
  174. pCabFileContext->pszTempTargetFileName,
  175. CHAIN_CHAR_LEN(pInfo->FullTargetName));
  176. uRet = FILEOP_DOIT;
  177. } else
  178. uRet = FILEOP_SKIP;
  179. }
  180. break;
  182. case SPFILENOTIFY_FILEEXTRACTED:
  183. {
  184. PFILEPATHS_A pInfo = (PFILEPATHS_A) Param1;
  186. uRet = pInfo->Win32Error;
  188. if (NO_ERROR == uRet &&
  189. 0 == _stricmp(pCabFileContext->pszTempTargetFileName,
  190. pInfo->Target))
  191. pCabFileContext->fDidExtract = TRUE;
  192. }
  193. break;
  195. default:
  196. uRet = NO_ERROR;
  197. }
  199. return uRet;
  200. }
  202. typedef BOOL (WINAPI *PFN_SETUP_ITERATE_CABINET_A)(
  203. IN PCSTR CabinetFile,
  204. IN DWORD Reserved,
  205. IN PSP_FILE_CALLBACK_A MsgHandler,
  206. IN PVOID Context
  207. );
  209. //+-------------------------------------------------------------------------
  210. // Load setupapi.dll and call SetupIterateCabinetA to extract and
  211. // expand the specified file in the cab.
  212. //--------------------------------------------------------------------------
  213. BOOL WINAPI
  214. ExtractFileFromCabFileA(
  215. IN LPCSTR pszFileInCab,
  216. IN const CHAR szTempCabFileName[MAX_PATH],
  217. IN const CHAR szTempTargetFileName[MAX_PATH]
  218. )
  219. {
  220. BOOL fResult;
  221. HMODULE hDll = NULL;
  222. PFN_SETUP_ITERATE_CABINET_A pfnSetupIterateCabinetA;
  223. EXTRACT_CAB_FILE_CONTEXT_A CabFileContext;
  225. if (NULL == (hDll = LoadLibraryA("setupapi.dll")))
  226. goto LoadSetupApiDllError;
  228. if (NULL == (pfnSetupIterateCabinetA =
  229. (PFN_SETUP_ITERATE_CABINET_A) GetProcAddress(
  230. hDll, "SetupIterateCabinetA")))
  231. goto SetupIterateCabinetAProcAddressError;
  233. memset(&CabFileContext, 0, sizeof(CabFileContext));
  234. CabFileContext.pszFileInCab = pszFileInCab;
  235. CabFileContext.pszTempTargetFileName = szTempTargetFileName;
  237. if (!pfnSetupIterateCabinetA(
  238. szTempCabFileName,
  239. 0, // Reserved
  240. ExtractCabFileCallbackA,
  241. &CabFileContext
  242. ))
  243. goto SetupIterateCabinetError;
  245. if (!CabFileContext.fDidExtract)
  246. goto NoCabFileExtracted;
  248. fResult = TRUE;
  250. CommonReturn:
  251. if (hDll) {
  252. DWORD dwLastErr = GetLastError();
  253. FreeLibrary(hDll);
  254. SetLastError(dwLastErr);
  255. }
  256. return fResult;
  257. ErrorReturn:
  258. fResult = FALSE;
  259. goto CommonReturn;
  261. TRACE_ERROR(LoadSetupApiDllError)
  262. TRACE_ERROR(SetupIterateCabinetAProcAddressError)
  263. TRACE_ERROR(SetupIterateCabinetError)
  264. SET_ERROR(NoCabFileExtracted, ERROR_FILE_NOT_FOUND)
  265. }
  267. typedef BOOL (WINAPI *PFN_EXPAND_ENVIRONMENT_STRINGS_FOR_USER_A)(
  268. IN HANDLE hToken,
  269. IN LPCSTR lpSrc,
  270. OUT LPSTR lpDest,
  271. IN DWORD dwSize
  272. );
  274. //+-------------------------------------------------------------------------
  275. // Get the thread's temp directory. We may be doing thread impersonation.
  276. //
  277. // Returns 0 if unable to get a thread temp path
  278. //--------------------------------------------------------------------------
  279. DWORD WINAPI
  280. I_GetThreadTempPathA(
  281. OUT CHAR szTempPath[MAX_PATH]
  282. )
  283. {
  284. DWORD cch;
  285. HANDLE hToken = NULL;
  286. HMODULE hDll = NULL;
  287. PFN_EXPAND_ENVIRONMENT_STRINGS_FOR_USER_A
  288. pfnExpandEnvironmentStringsForUserA;
  290. if (!FIsWinNT5())
  291. return 0;
  293. if (!OpenThreadToken(
  294. GetCurrentThread(),
  295. TOKEN_QUERY | TOKEN_IMPERSONATE,
  296. TRUE,
  297. &hToken
  298. ))
  299. // We aren't impersonating. Default to the system environment
  300. // variables.
  301. hToken = NULL;
  303. if (NULL == (hDll = LoadLibraryA("userenv.dll")))
  304. goto LoadUserenvDllError;
  306. if (NULL == (pfnExpandEnvironmentStringsForUserA =
  307. (PFN_EXPAND_ENVIRONMENT_STRINGS_FOR_USER_A) GetProcAddress(hDll,
  308. "ExpandEnvironmentStringsForUserA")))
  309. goto ExpandEnvironmentStringsForUserAProcAddressError;
  311. szTempPath[0] = L'\0';
  312. if (!pfnExpandEnvironmentStringsForUserA(
  313. hToken,
  314. "%Temp%\\",
  315. szTempPath,
  316. MAX_PATH - 1
  317. ) || '\0' == szTempPath[0])
  318. goto ExpandTempError;
  320. szTempPath[MAX_PATH - 1] = '\0';
  321. cch = strlen(szTempPath);
  323. CommonReturn:
  324. if (hToken)
  325. CloseHandle(hToken);
  326. if (hDll)
  327. FreeLibrary(hDll);
  329. return cch;
  330. ErrorReturn:
  331. cch = 0;
  332. goto CommonReturn;
  334. TRACE_ERROR(LoadUserenvDllError)
  335. TRACE_ERROR(ExpandEnvironmentStringsForUserAProcAddressError)
  336. TRACE_ERROR(ExpandTempError)
  337. }
  339. //+-------------------------------------------------------------------------
  340. // Extract, expand and allocate an in-memory blob for the specified
  341. // file from the in-memory cab.
  342. //
  343. // The allocated bytes must be freed by calling PkiFree().
  344. //--------------------------------------------------------------------------
  345. BOOL WINAPI
  346. ExtractBlobFromCabA(
  347. IN const BYTE *pbCab,
  348. IN DWORD cbCab,
  349. IN LPCSTR pszFileInCab,
  350. OUT BYTE **ppb,
  351. OUT DWORD *pcb
  352. )
  353. {
  354. BOOL fResult;
  355. DWORD dwLastErr = 0;
  356. BYTE *pb = NULL;
  357. DWORD cb;
  359. CHAR szTempPath[MAX_PATH];
  360. CHAR szTempCabFileName[MAX_PATH]; szTempCabFileName[0] = '\0';
  361. CHAR szTempTargetFileName[MAX_PATH]; szTempTargetFileName[0] = '\0';
  362. DWORD cch;
  364. // Get temp filenames for the cabinet and extracted target
  365. cch = GetTempPathA(CHAIN_CHAR_LEN(szTempPath), szTempPath);
  366. if (0 == cch || (CHAIN_CHAR_LEN(szTempPath) - 1) < cch)
  367. goto GetTempPathError;
  369. if (0 == GetTempFileNameA(szTempPath, "Cab", 0, szTempCabFileName)) {
  370. dwLastErr = GetLastError();
  372. // If we are doing thread impersonation, we may not have access to the
  373. // process's temp directory. Try to get the impersonated thread's
  374. // temp directory.
  375. cch = I_GetThreadTempPathA(szTempPath);
  376. if (0 != cch)
  377. cch = GetTempFileNameA(szTempPath, "Cab", 0, szTempCabFileName);
  379. if (0 == cch) {
  380. SetLastError(dwLastErr);
  381. szTempCabFileName[0] = '\0';
  382. goto GetTempCabFileNameError;
  383. }
  384. }
  386. szTempCabFileName[CHAIN_CHAR_LEN(szTempCabFileName) - 1] = '\0';
  388. if (0 == GetTempFileNameA(szTempPath, "Tar", 0, szTempTargetFileName)) {
  389. szTempTargetFileName[0] = '\0';
  390. goto GetTempTargetFileNameError;
  391. }
  392. szTempTargetFileName[CHAIN_CHAR_LEN(szTempTargetFileName) - 1] = '\0';
  394. // Write the cab bytes to the temporary cab file
  395. if (!WriteBlobToFileA(szTempCabFileName, pbCab, cbCab))
  396. goto WriteCabFileError;
  398. // Extract the specified file from the temporary cab file
  399. if (!ExtractFileFromCabFileA(
  400. pszFileInCab, szTempCabFileName, szTempTargetFileName))
  401. goto ExtractFileFromCabFileError;
  403. // Read and allocate the bytes from the temporary target file
  404. if (!ReadBlobFromFileA(szTempTargetFileName, &pb, &cb))
  405. goto ReadTargetFileError;
  407. fResult = TRUE;
  409. CommonReturn:
  410. // Delete the temp files
  411. if ('\0' != szTempCabFileName)
  412. DeleteFileA(szTempCabFileName);
  413. if ('\0' != szTempTargetFileName)
  414. DeleteFileA(szTempTargetFileName);
  416. *ppb = pb;
  417. *pcb = cb;
  419. SetLastError(dwLastErr);
  420. return fResult;
  422. ErrorReturn:
  423. dwLastErr = GetLastError();
  424. if (pb) {
  425. PkiFree(pb);
  426. pb = NULL;
  427. }
  428. cb = 0;
  429. fResult = FALSE;
  430. goto CommonReturn;
  432. TRACE_ERROR(GetTempPathError)
  433. TRACE_ERROR(GetTempCabFileNameError)
  434. TRACE_ERROR(GetTempTargetFileNameError)
  435. TRACE_ERROR(WriteCabFileError)
  436. TRACE_ERROR(ExtractFileFromCabFileError)
  437. TRACE_ERROR(ReadTargetFileError)
  438. }
  441. //+---------------------------------------------------------------------------
  442. //
  443. // Function: ExtractAuthRootAutoUpdateCtlFromCab
  444. //
  445. // Synopsis: Extract the authroot.stl file from the cabinet blob
  446. // and create the AuthRoot Auto Update CTL.
  447. //
  448. // Assumption: Chain engine isn't locked in the calling thread.
  449. //
  450. //----------------------------------------------------------------------------
  451. PCCTL_CONTEXT WINAPI
  452. ExtractAuthRootAutoUpdateCtlFromCab (
  453. IN PCRYPT_BLOB_ARRAY pcbaCab
  454. )
  455. {
  456. PCRYPT_DATA_BLOB pCabBlob;
  457. PCCTL_CONTEXT pCtl = NULL;
  458. BYTE *pbEncodedCtl = NULL;
  459. DWORD cbEncodedCtl;
  460. CERT_CREATE_CONTEXT_PARA CreateContextPara;
  462. // Get the cab blob
  463. pCabBlob = pcbaCab->rgBlob;
  464. if (0 == pcbaCab->cBlob || 0 == pCabBlob->cbData)
  465. goto InvalidCabBlob;
  467. // Extract, expand and create an in-memory blob for the stl file in the
  468. // in-memory cab
  469. if (!ExtractBlobFromCabA(
  470. pCabBlob->pbData,
  471. pCabBlob->cbData,
  472. CERT_AUTH_ROOT_CTL_FILENAME_A,
  473. &pbEncodedCtl,
  474. &cbEncodedCtl
  475. ))
  476. goto ExtractStlFromCabError;
  478. // Create the Ctl from the extracted bytes
  479. memset(&CreateContextPara, 0, sizeof(CreateContextPara));
  480. CreateContextPara.cbSize = sizeof(CreateContextPara);
  481. CreateContextPara.pfnFree = PkiFree;
  483. pCtl = (PCCTL_CONTEXT) CertCreateContext(
  484. CERT_STORE_CTL_CONTEXT,
  485. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  486. pbEncodedCtl,
  487. cbEncodedCtl,
  488. CERT_CREATE_CONTEXT_NOCOPY_FLAG,
  489. &CreateContextPara
  490. );
  491. // For NO_COPY_FLAG, pbEncodedCtl is always freed, even for an error
  492. pbEncodedCtl = NULL;
  493. if (NULL == pCtl)
  494. goto CreateCtlError;
  496. CommonReturn:
  497. return pCtl;
  499. ErrorReturn:
  500. assert(NULL == pCtl);
  501. if (pbEncodedCtl)
  502. PkiFree(pbEncodedCtl);
  504. goto CommonReturn;
  506. SET_ERROR(InvalidCabBlob, ERROR_INVALID_DATA)
  507. TRACE_ERROR(ExtractStlFromCabError)
  508. TRACE_ERROR(CreateCtlError)
  509. }