archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 1b390dddff
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b390dddff'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/cryptoapi/pkitrust/mssip32/sipobjpe.cpp

272 lines
6.6 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 1996 - 1999
  6. //
  7. // File: SIPObjPE.cpp
  8. //
  9. // Contents: Microsoft SIP Provider
  10. //
  11. // History: 15-Feb-1997 pberkman created
  12. //
  13. //--------------------------------------------------------------------------
  15. #include "global.hxx"
  17. #include "sipobjpe.hxx"
  19. ////////////////////////////////////////////////////////////////////////////
  20. //
  21. // construct/destruct:
  22. //
  24. SIPObjectPE_::SIPObjectPE_(DWORD id) : SIPObject_(id)
  25. {
  26. this->fUseFileMap = FALSE;
  27. }
  29. ////////////////////////////////////////////////////////////////////////////
  30. //
  31. // public:
  32. //
  34. BOOL SIPObjectPE_::RemoveSignedDataMsg(SIP_SUBJECTINFO *pSI,DWORD dwIdx)
  35. {
  36. if (this->FileHandleFromSubject(pSI, GENERIC_READ | GENERIC_WRITE))
  37. {
  38. return(ImageRemoveCertificate(this->hFile, dwIdx));
  39. }
  41. return(FALSE);
  42. }
  44. BOOL SIPObjectPE_::CreateIndirectData(SIP_SUBJECTINFO *pSI,DWORD *pdwDLen,
  45. SIP_INDIRECT_DATA *psData)
  46. {
  47. SPC_LINK PeLink;
  48. BOOL fRet;
  50. memset(&PeInfo,0x00,sizeof(SPC_PE_IMAGE_DATA));
  52. PeLink.dwLinkChoice = SPC_FILE_LINK_CHOICE;
  53. PeLink.pwszFile = OBSOLETE_TEXT_W;
  55. PeInfo.pFile = &PeLink;
  57. this->AllocateAndFillCryptBitBlob(&PeInfo.Flags,pSI->dwFlags,5);
  59. fRet = SIPObject_::CreateIndirectData(pSI, pdwDLen, psData);
  61. this->DestroyCryptBitBlob(&PeInfo.Flags);
  63. return(fRet);
  64. }
  66. BOOL SIPObjectPE_::VerifyIndirectData(SIP_SUBJECTINFO *pSI,
  67. SIP_INDIRECT_DATA *psData)
  68. {
  69. SPC_PE_IMAGE_DATA *pPeInfo;
  70. DWORD cbPeInfo;
  71. BOOL fRet;
  73. pPeInfo = NULL;
  76. if (!(psData))
  77. {
  78. if (this->FileHandleFromSubject(pSI)) // if the file exists, set bad parameter!
  79. {
  80. goto InvalidParameter;
  81. }
  83. goto FileOpenFailed;
  84. }
  86. if (!(this->FileHandleFromSubject(pSI)))
  87. {
  88. goto FileOpenFailed;
  89. }
  91. if (!(TrustDecode(WVT_MODID_MSSIP, (BYTE **)&pPeInfo, &cbPeInfo, 201,
  92. PKCS_7_ASN_ENCODING | X509_ASN_ENCODING, this->GetDataOIDHint(),
  93. psData->Data.Value.pbData, psData->Data.Value.cbData,
  94. CRYPT_DECODE_NOCOPY_FLAG)))
  95. {
  96. goto DecodeError;
  97. }
  100. if (uCertVersion < WIN_CERT_REVISION_2_0)
  101. {
  102. //
  103. // We are looking at a PE that was signed PRIOR to this version.
  104. // We need to:
  105. // 1. if there is "extra" bits at the end (e.g.: InstallShield),
  106. // FAIL!
  107. // 2. if there is no "extra" bits, go through the old
  108. // ImageHelper function to digest. (e.g.: set the version
  109. // flag.)
  110. //
  111. if (!(imagehack_IsImagePEOnly(this->hFile)))
  112. {
  113. goto BadDigest;
  114. }
  115. }
  117. pSI->dwFlags = this->CryptBitBlobToFlags(&pPeInfo->Flags);
  119. fRet = SIPObject_::VerifyIndirectData(pSI, psData);
  121. CommonReturn:
  123. if (pPeInfo)
  124. {
  125. TrustFreeDecode(WVT_MODID_MSSIP, (BYTE **)&pPeInfo);
  126. }
  128. return(fRet);
  130. ErrorReturn:
  131. fRet = FALSE;
  132. goto CommonReturn;
  134. TRACE_ERROR_EX(DBG_SS, FileOpenFailed);
  135. TRACE_ERROR_EX(DBG_SS, DecodeError);
  137. SET_ERROR_VAR_EX(DBG_SS, BadDigest, TRUST_E_BAD_DIGEST);
  138. SET_ERROR_VAR_EX(DBG_SS, InvalidParameter, ERROR_INVALID_PARAMETER);
  139. }
  142. ////////////////////////////////////////////////////////////////////////////
  143. //
  144. // protected:
  145. //
  147. BOOL SIPObjectPE_::PutMessageInFile(SIP_SUBJECTINFO *pSI,
  148. WIN_CERTIFICATE *pWinCert,DWORD *pdwIndex)
  149. {
  150. if (fSizeFileOnly)
  151. {
  152. goto FileResizedError;
  153. }
  155. //
  156. // check to see if we are going to align the file
  157. //
  158. DWORD cbFSize;
  159. DWORD cbCheck;
  160. BOOL fRet;
  162. cbFSize = GetFileSize(this->hFile, NULL);
  163. cbCheck = (cbFSize + 7) & ~7;
  164. cbCheck -= cbFSize;
  166. fRet = ImageAddCertificate(this->hFile, pWinCert, pdwIndex);
  168. if ((fRet) && (cbCheck > 0))
  169. {
  170. //
  171. // we aligned the file, make sure we null out the padding!
  172. //
  173. if (SetFilePointer(this->hFile, cbFSize, NULL, FILE_BEGIN) == 0xFFFFFFFF)
  174. {
  175. goto SetFileError;
  176. }
  178. BYTE buf[8];
  179. DWORD cbWritten;
  181. memset(&buf[0], 0x00, cbCheck);
  183. if (!(WriteFile(this->hFile, &buf[0], cbCheck, &cbWritten, NULL)) || (cbWritten != cbCheck))
  184. {
  185. goto WriteFileError;
  186. }
  187. }
  189. CommonReturn:
  190. return(fRet);
  192. ErrorReturn:
  193. fRet = FALSE;
  194. goto CommonReturn;
  196. TRACE_ERROR_EX(DBG_SS, WriteFileError);
  197. TRACE_ERROR_EX(DBG_SS, SetFileError);
  199. SET_ERROR_VAR_EX(DBG_SS, FileResizedError, CRYPT_E_FILERESIZED);
  200. }
  203. BOOL SIPObjectPE_::GetDigestStream(DIGEST_DATA *pDigestData,
  204. DIGEST_FUNCTION pfnCallBack, DWORD dwFlags)
  205. {
  206. //
  207. // Check the version flag here. We will have set this based
  208. // on which version of the image helper function we want to
  209. // call.
  210. //
  211. if (uCertVersion < WIN_CERT_REVISION_2_0)
  212. {
  213. return(ImageGetDigestStream( this->hFile,
  214. dwFlags,
  215. pfnCallBack,
  216. pDigestData));
  217. }
  219. BOOL fRet;
  220. DWORD dwDiskLength;
  222. fRet = imagehack_AuImageGetDigestStream( this->hFile,
  223. dwFlags,
  224. pfnCallBack,
  225. pDigestData);
  227. dwDiskLength = GetFileSize(this->hFile, NULL);
  229. dwDiskLength = (dwDiskLength + 7) & ~7; // padding before the certs?
  231. dwDiskLength -= GetFileSize(this->hFile, NULL);
  233. if ((fRet) && (dwDiskLength > 0))
  234. {
  235. BYTE *pb;
  237. if (!(pb = (BYTE *)this->SIPNew(dwDiskLength)))
  238. {
  239. return(FALSE);
  240. }
  242. memset(pb, 0x00, dwDiskLength); // imagehlp put nulls before the signature!
  244. fRet = (*pfnCallBack)(pDigestData, pb, dwDiskLength);
  246. delete pb;
  247. }
  249. return(fRet);
  250. }
  252. DWORD SIPObjectPE_::ConvertSPCFlags(DWORD InFlags)
  253. {
  254. DWORD ret;
  256. ret = 0;
  258. if (InFlags & SPC_INC_PE_RESOURCES_FLAG)
  259. {
  260. ret |= CERT_PE_IMAGE_DIGEST_RESOURCES;
  261. }
  262. if (InFlags & SPC_INC_PE_DEBUG_INFO_FLAG)
  263. {
  264. ret |= CERT_PE_IMAGE_DIGEST_DEBUG_INFO;
  265. }
  266. if (InFlags & SPC_INC_PE_IMPORT_ADDR_TABLE_FLAG)
  267. {
  268. ret |= CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO;
  269. }
  271. return(ret);
  272. }