|
|
/*++
Copyright (c) 1996 Microsoft Corporation
Module Name :
comobj.hxx
Abstract:
This module defines DCOM Admin Ex APIs used for Certificate information replication.
Author:
Philippe Choquier ( Phillich ) 23-Jun-97 Alex Mallet (amallet) 17-Feb-1998
--*/#ifndef _CERTCOMOBJ_HXX_
#define _CERTCOMOBJ_HXX_
#include <wincrypt.h>
#include <iadmw.h>
#define RANDOM_SEED_SIZE 16 //size of random bits used to generate session key, in bytes
typedef BOOL(WINAPI * PFN_SSLGETDEFAULTISSUERS)( PBYTE, LPDWORD) ;
//
// Structure used to hold information to open a cert store - basically, all the parameters
// you need to call CertOpenSystemStore()
//
typedef struct OpenCertStoreInfo { //
// Parameters used in call to CryptAcquireContext() to get handle to crypt provider
//
LPWSTR pszContainer; LPWSTR pszProvider; DWORD dwProvType; DWORD dwFlags;
LPWSTR pszStoreName; HCERTSTORE hCertStore;} OPEN_CERT_STORE_INFO, *POPEN_CERT_STORE_INFO;
OPEN_CERT_STORE_INFO* AllocateCertStoreInfo();
VOID DeallocateCertStoreInfo( IN OPEN_CERT_STORE_INFO *pInfo );
struct _CertChainEntry { PCCERT_CONTEXT pcCert; //certificate context for this entry
LPWSTR pszStoreName; //store the certificate came from
BOOL fDynName; //whether store name was allocated dynamically or not
LIST_ENTRY ListEntry;};
void FreeCertChain( LIST_ENTRY *pChain );
typedef struct _CertChainEntry CertChainEntry;
class CADMEXCOM_IMSAdminReplication;class CADMEXCOM_IMSAdminCryptoCapabilities;
class CADMEXCOM : public IUnknown {
public: CADMEXCOM(); ~CADMEXCOM();
HRESULT _stdcall QueryInterface(REFIID riid, void **ppObject);
ULONG _stdcall AddRef();
ULONG _stdcall Release();
private: ULONG m_dwRefCount; CADMEXCOM_IMSAdminReplication* m_pIMSAdminReplication; CADMEXCOM_IMSAdminCryptoCapabilities* m_pIMSAdminCryptoCapabilities;} ;
class CADMEXCOM_IMSAdminReplication : public IMSAdminReplication {
public:
CADMEXCOM_IMSAdminReplication( CADMEXCOM*pAdmExCom ); ~CADMEXCOM_IMSAdminReplication();
HRESULT STDMETHODCALLTYPE GetSignature( /* [in] */ DWORD dwBufferSize, /* [size_is][out] */ unsigned char __RPC_FAR *pbBuffer, /* [out] */ DWORD __RPC_FAR *pdwMDRequiredBufferSize); HRESULT STDMETHODCALLTYPE Propagate( /* [in] */ DWORD dwBufferSize, /* [size_is][in] */ unsigned char __RPC_FAR *pszBuffer);
HRESULT STDMETHODCALLTYPE Propagate2( /* [in] */ DWORD dwBufferSize, /* [size_is][in] */ unsigned char __RPC_FAR *pszBuffer, /* [in] */ DWORD dwSignatureMismatch );
HRESULT STDMETHODCALLTYPE Serialize( /* [in] */ DWORD dwBufferSize, /* [size_is][out] */ unsigned char __RPC_FAR *pbBuffer, /* [out] */ DWORD __RPC_FAR *pdwMDRequiredBufferSize); HRESULT STDMETHODCALLTYPE DeSerialize( /* [in] */ DWORD dwBufferSize, /* [size_is][in] */ unsigned char __RPC_FAR *pbBuffer);
HRESULT _stdcall QueryInterface(REFIID riid, void **ppObject) { return m_pAdmExCom->QueryInterface( riid, ppObject ); }
ULONG _stdcall AddRef() { return m_pAdmExCom->AddRef(); }
ULONG _stdcall Release() { return m_pAdmExCom->Release(); }
private: CADMEXCOM* m_pAdmExCom; IMSAdminBase *m_pMB; BYTE m_rgbSeed[RANDOM_SEED_SIZE]; BOOL m_fGotSeed;} ;
class CADMEXCOM_IMSAdminCryptoCapabilities : public IMSAdminCryptoCapabilities {public: CADMEXCOM_IMSAdminCryptoCapabilities( CADMEXCOM*pAdmExCom ); ~CADMEXCOM_IMSAdminCryptoCapabilities(); BOOL LoadSchannel();
HRESULT _stdcall GetProtocols( /* [in] */ DWORD dwBufferSize, /* [size_is][out] */ unsigned char __RPC_FAR *pbBuffer, /* [out] */ DWORD __RPC_FAR *pdwMDRequiredBufferSize);
HRESULT _stdcall GetMaximumCipherStrength( /* [out] */ LPDWORD pdwMaximumCipherStrength );
HRESULT _stdcall GetRootCertificates( /* [in] */ DWORD dwBufferSize, /* [size_is][out] */ unsigned char __RPC_FAR *pbBuffer, /* [out] */ DWORD __RPC_FAR *pdwMDRequiredBufferSize);
HRESULT _stdcall GetSupportedAlgs( /* [in] */ DWORD dwBufferSize, /* [size_is][out] */ DWORD __RPC_FAR *pbBuffer, /* [out] */ DWORD __RPC_FAR *pdwMDRequiredBufferSize);
HRESULT _stdcall SetCAList( /*[in] */ DWORD dwBufferSize, /*[in, size_is(dwBufferSize)] */ unsigned char __RPC_FAR *pbBuffer );
HRESULT _stdcall QueryInterface(REFIID riid, void **ppObject) { return m_pAdmExCom->QueryInterface( riid, ppObject ); }
ULONG _stdcall AddRef() { return m_pAdmExCom->AddRef(); }
ULONG _stdcall Release() { return m_pAdmExCom->Release(); }
private: CADMEXCOM* m_pAdmExCom; HINSTANCE m_hSchannel; PFN_SSLGETDEFAULTISSUERS m_pfnGetDefaultIssuers; //
// sspi entrypoints
//
ACQUIRE_CREDENTIALS_HANDLE_FN_W m_pfnAcquireCredentialsHandle; FREE_CONTEXT_BUFFER_FN m_pfnFreeContextBuffer; FREE_CREDENTIALS_HANDLE_FN m_pfnFreeCredentialsHandle; QUERY_CREDENTIALS_ATTRIBUTES_FN m_pfnQueryCredentialsAttributes; HINSTANCE m_hSspi; CredHandle m_hCred; BOOL m_fHasCredHandle;} ;
class CADMEXCOMSrvFactory : public IClassFactory {public:
CADMEXCOMSrvFactory(); ~CADMEXCOMSrvFactory();
HRESULT _stdcall QueryInterface(REFIID riid, void** ppObject);
ULONG _stdcall AddRef();
ULONG _stdcall Release();
HRESULT _stdcall CreateInstance(IUnknown *pUnkOuter, REFIID riid, void ** pObject);
HRESULT _stdcall LockServer(BOOL fLock);
private:
ULONG m_dwRefCount;};
HRESULTGetConfigurationInformation( DWORD dwInfoType, HCRYPTKEY *phKey, IMSAdminBase *pMB, unsigned char __RPC_FAR *pbBuffer, DWORD dwBufferSize, DWORD __RPC_FAR *pdwMDRequiredBufferSize );
HRESULT ReadServerCert( IN IMSAdminBase *pMB, IN METADATA_HANDLE hHandle, IN LPCWSTR pszPath, OUT PCCERT_CONTEXT *ppcCertContext, OUT OPEN_CERT_STORE_INFO **ppStoreInfo );
HRESULT ReadServerCTL( IN IMSAdminBase *pMB, IN METADATA_HANDLE hHandle, IN LPCWSTR pszPath, OUT PCCTL_CONTEXT *ppcCTL );
HRESULT GetInstanceReplicationInfo( IN DWORD dwInfoType, IN LPCWSTR pszInstanceNum, IN IMSAdminBase *pMB, IN METADATA_HANDLE hHandle, OUT BYTE **ppbReplicationInfo, IN OUT DWORD *pdwBufferSize, IN OUT DWORD *pdwPosition );
HRESULT GetCertReplicationInfo( IN DWORD dwInfoType, IN IMSAdminBase *pMB, IN METADATA_HANDLE hHandle, IN LPCWSTR pszPath, OUT BYTE **ppbReplicationInfo, IN OUT DWORD *pdwBufferSize, IN OUT DWORD *pdwPosition ) ;
HRESULT GetCTLReplicationInfo( DWORD dwInfoType, IN IMSAdminBase *pMB, IN METADATA_HANDLE hHandle, IN LPCWSTR pszPath, OUT BYTE **ppbReplicationBuffer, IN OUT DWORD *pdwBufferSize, IN OUT DWORD *pdwPosition );
HRESULT RetrieveBlobFromMetabase( IN IMSAdminBase *pMB, IN METADATA_HANDLE hHandle, IN LPCWSTR pszPath, IN OUT PMETADATA_RECORD pMDR, IN DWORD dwSizeHint OPTIONAL = 0);
OPEN_CERT_STORE_INFO* ReadCertStoreInfoFromMB( IN IMSAdminBase *pMB, IN METADATA_HANDLE hHandle, IN LPCWSTR pszPath, IN BOOL fCTL );
HRESULT ConstructCertChain( PCCERT_CONTEXT pcLeafCert, LPWSTR pszLeafCertStore, LIST_ENTRY *pCertChain, PBOOL pfCompleteChain );
HRESULT BuildCTLDescription( IN PCCTL_CONTEXT pcCTL, OUT LIST_ENTRY *pCTLCerts, OUT PCCERT_CONTEXT *ppcSigner );
HRESULT GetCertChainSignature( IN LIST_ENTRY *pChain, OUT PBYTE *ppbSignature, IN OUT DWORD *pdwBufferSize, IN OUT DWORD *pdwPosition );
HRESULT GetCTLSignature( PCCTL_CONTEXT pcCTL, LIST_ENTRY *pCTLCertsChain, PCCERT_CONTEXT pcSignerCert, PBYTE *ppbReplicationBuffer, DWORD *pdwBufferSize, DWORD *pdwPosition );
HRESULT SerializeCertChain( IN LIST_ENTRY *pChain, IN OPEN_CERT_STORE_INFO *pStoreInfo, OUT PBYTE *ppbChainBuffer, IN OUT DWORD *pdwBufferSize, IN OUT DWORD *pdwPosition );
HRESULT SerializeCTL( PCCTL_CONTEXT pcCTL, LIST_ENTRY *pCTLCertChain, PCCERT_CONTEXT pcSigner, PBYTE *ppbReplicationBuffer, DWORD *pdwBufferSize, DWORD *pdwPosition );
HRESULT DeserializeInstanceInfo( IN OUT BYTE **ppbPosition, IN BYTE *pbEnd, OUT DWORD *pdwInstance );
HRESULT DeserializeServerCert( IN OUT BYTE **ppbBuffer, IN BYTE *pbEnd );
HRESULT DeserializeServerCTL( IN OUT BYTE **ppbBuffer, IN BYTE *pbEnd );
BOOL ResizeBuffer( IN OUT BYTE **ppbBuffer, IN DWORD dwMinResize, IN OUT DWORD *pdwPresentSize );
BOOL MBPathHasCAPIInfo( IN IMSAdminBase *pMB, METADATA_HANDLE hHandle, IN LPCWSTR pszPath, IN DWORD *adwProperties, IN DWORD cProperties );
HRESULT GenerateHash( IN OPTIONAL HCRYPTPROV *phProv, IN ALG_ID aiAlg, IN BYTE *pbData, IN DWORD cbData, OUT BYTE **ppbHashBuffer, IN OUT DWORD *pcbHashSize, OUT OPTIONAL HCRYPTHASH *phHash );
BOOL IsSelfSignedCert( IN PCCERT_CONTEXT pCertContext );
HRESULT ExportAndSerializeServerPK( IN PCCERT_CONTEXT pcCert, IN OUT BYTE **ppbChainBuffer, IN OUT DWORD *pdwBufferSize, IN OUT DWORD *pdwPosition );
HRESULT DeserializeAndImportServerPK( IN OUT BYTE **ppbBuffer, IN BYTE *pbEnd, OUT HCRYPTKEY *phKey, OUT PCRYPT_KEY_PROV_INFO pCKPI );
HRESULT GenerateSessionKey( IN IMSAdminBase *pMB, OUT HCRYPTKEY *phKey, OUT BYTE *rgbRandom );
VOID DeleteKey( IN HCRYPTKEY *phKey, IN LPCWSTR pszKeyContainer );
VOID DeleteSessionKey( IN HCRYPTKEY *phKey );
DWORD SizeOfCKPI( IN CRYPT_KEY_PROV_INFO *pInfo );
VOID SerializeCKPI( OUT BYTE *pbBuffer, IN CRYPT_KEY_PROV_INFO *pInfo, OUT DWORD *pdwPosition );
BOOL DeserializeCKPI( IN OUT BYTE **ppbBuffer, OUT CRYPT_KEY_PROV_INFO *pInfo );
HRESULT DistributeCerts( IN HCERTSTORE hMemStore, IN BYTE *rgbCertHash, IN PCRYPT_KEY_PROV_INFO pCKPI );
HRESULT ReadSessionKeySeed( IN IMSAdminBase *pMB, OUT BYTE **ppbbSeed, OUT DWORD *pcbSeed );
HRESULT RegenerateSessionKey( IN IMSAdminBase *pMB, OUT HCRYPTKEY *phSessionKey );
HRESULT EncryptBuffer( IN HCRYPTKEY hKey, IN OUT PBYTE *ppbReplicationInfo, IN OUT DWORD *pdwBufferSize, IN OUT DWORD *pdwPosition );
HRESULT DecryptBuffer( IN HCRYPTKEY hKey, IN PBYTE pbEncrypted, IN DWORD cbEncrypted, OUT BYTE **ppbDecrypted, OUT BYTE **ppbEndDecrypted );
HRESULT DeleteMBSessionKeyInfo ( IN IMSAdminBase *pMB );
BOOL CertMatchesHash( IN PCCERT_CONTEXT pCert, IN BYTE *rgbHash, OUT BOOL *pfMatch);
BOOL IsReplicableCert( IN PCCERT_CONTEXT pCert );
BOOL SetLocalSystemSecurityOnKeyContainer( IN HCRYPTPROV hProv );
BOOL IsFortezzaCert( IN PCCERT_CONTEXT pCert );
LPWSTR mystrdup(LPWSTR pszIn IN);
BOOL IsNumber( LPCWSTR pszName );
#endif // _CERTCOMOBJ_HXX_
|
