Source code of Windows XP (NT5)
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
//+-------------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright (C) Microsoft Corporation, 1997 - 1999
//
// File: certwrap.h
//
//--------------------------------------------------------------------------
#ifndef _CERTWRAP_H_
#define _CERTWRAP_H_
#include <iads.h>
#include <adshlp.h>
// fwd
class CertSvrMachine;
class CertSvrCA { protected:
HCERTSTORE m_hCACertStore; // our cert store
BOOL m_fCertStoreOpenAttempted; HRESULT m_hrCACertStoreOpen;
HCERTSTORE m_hRootCertStore; // root store on machine
BOOL m_fRootStoreOpenAttempted; HRESULT m_hrRootCertStoreOpen;
HCERTSTORE m_hKRACertStore; // KRA store on machine
BOOL m_fKRAStoreOpenAttempted; HRESULT m_hrKRACertStoreOpen;
BOOL m_fIsUsingDS; BOOL m_fIsUsingDSKnown;
ENUM_CATYPES m_enumCAType; BOOL m_fCATypeKnown;
BOOL m_fAdvancedServer; BOOL m_fAdvancedServerKnown;
DWORD m_dwRoles; BOOL m_fRolesKnown;
public: CertSvrMachine* m_pParentMachine;
CString m_strServer; CString m_strCommonName; CString m_strSanitizedName; CString m_strConfig; CString m_strComment; CString m_strCAObjectDN;
BSTR m_bstrConfig; // oft used as BSTR
public: CertSvrCA(CertSvrMachine* pParent); ~CertSvrCA();
public:
DWORD GetMyRoles(); BOOL AccessAllowed(DWORD dwAccess);
HRESULT GetConfigEntry( LPWSTR szConfigSubKey, LPWSTR szConfigEntry, VARIANT *pvarOut);
HRESULT SetConfigEntry( LPWSTR szConfigSubKey, LPWSTR szConfigEntry, VARIANT *pvarIn);
DWORD DeleteConfigEntry( LPWSTR szConfigSubKey, LPWSTR szConfigEntry);
ENUM_CATYPES GetCAType(); BOOL FIsUsingDS(); BOOL FIsIncompleteInstallation(); BOOL FIsRequestOutstanding(); BOOL FIsAdvancedServer(); BOOL FDoesSecurityNeedUpgrade(); BOOL FDoesServerAllowForeignCerts();
DWORD GetCACertStore(HCERTSTORE* phCertStore); // class frees
DWORD GetRootCertStore(HCERTSTORE* phCertStore); // class frees
DWORD GetKRACertStore(HCERTSTORE* phCertStore); // class frees
DWORD GetCurrentCRL(PCCRL_CONTEXT* ppCRLCtxt, BOOL fBaseCRL); // use CertFreeCRLContext()
DWORD GetCRLByKeyIndex(PCCRL_CONTEXT* ppCRLCtxt, BOOL fBaseCRL, int iKeyIndex); // use CertFreeCRLContext()
DWORD GetCACertByKeyIndex(PCCERT_CONTEXT*ppCertCtxt, int iKeyIndex); // use CertFreeCertificateContext()
HRESULT FixEnrollmentObject();
protected:
HRESULT IsCAAllowedFullControl( PSECURITY_DESCRIPTOR pSDRead, PSID pSid, bool& fAllowed); HRESULT AllowCAFullControl( PSECURITY_DESCRIPTOR pSDRead, PSID pSid, PSECURITY_DESCRIPTOR& pSDWrite);
HRESULT GetCAFlagsFromDS( PDWORD pdwFlags); };
class CertSvrMachine { friend CComponentDataImpl;
public:
// IPersistStream interface members
STDMETHOD(Load)(IStream *pStm); STDMETHOD(Save)(IStream *pStm, BOOL fClearDirty); STDMETHOD(GetSizeMax)(int *pcbSize);
#if DBG
bool m_bInitializedCD; bool m_bLoadedCD; bool m_bDestroyedCD; #endif
public: CString m_strMachineNamePersist; // Machine name to persist into .msc file
CString m_strMachineName; // Effective machine name
DWORD m_dwServiceStatus; //
HKEY m_hCachedConfigBaseKey; // base registry key
BOOL m_bAttemptedBaseKeyOpen;
BOOL m_fIsWhistlerMachine; BOOL m_fIsWhistlerMachineKnown;
protected:
CArray<CertSvrCA*, CertSvrCA*> m_CAList;
public: CertSvrMachine(); ~CertSvrMachine();
ULONG AddRef() { return(InterlockedIncrement(&m_cRef)); } ULONG Release() { ULONG cRef = InterlockedDecrement(&m_cRef);
if (0 == cRef) { delete this; } return cRef; }
private: DWORD RetrieveCertSvrCAs(DWORD dwFlags);
LONG m_cRef;
BOOL m_fLocalIsKnown, m_fIsLocal;
void Init();
public: HRESULT GetAdmin(ICertAdmin** ppAdmin); HRESULT GetAdmin2(ICertAdmin2** ppAdmin, bool fIgnoreServiceDown = false);
// Fills local cache with CAs for current machine
DWORD PrepareData(HWND hwndParent);
// enum CAs on current machine
LPCWSTR GetCaCommonNameAtPos(DWORD iPos); CertSvrCA* GetCaAtPos(DWORD iPos);
HRESULT GetRootConfigEntry( LPWSTR szConfigEntry, VARIANT *pvarOut);
DWORD GetCaCount() { return m_CAList.GetSize(); }
BOOL FIsWhistlerMachine();
// control CA on current machine
DWORD CertSvrStartStopService(HWND hwndParent, BOOL fStartSvc); DWORD RefreshServiceStatus(); DWORD GetCertSvrServiceStatus() { return m_dwServiceStatus; }; BOOL IsCertSvrServiceRunning() { return (m_dwServiceStatus == SERVICE_RUNNING); };
BOOL IsLocalMachine() { if (!m_fLocalIsKnown) { m_fLocalIsKnown = TRUE; m_fIsLocal = FIsCurrentMachine(m_strMachineName); } return m_fIsLocal; };
};
#endif // _CERTWRAP_H_
|