archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/snapin/certmgr/storersop.cpp

460 lines
16 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1997-2001.
  5. //
  6. // File: StoreRSOP.cpp
  7. //
  8. // Contents: Implementation of CCertStoreRSOP
  9. //
  10. //----------------------------------------------------------------------------
  11. #include "stdafx.h"
  12. #include <gpedit.h>
  13. #include "cookie.h"
  14. #include "StoreRSOP.h"
  15. #include "certifct.h"
  17. USE_HANDLE_MACROS("CERTMGR(StoreRSOP.cpp)")
  19. #ifdef _DEBUG
  20. #ifndef ALPHA
  21. #define new DEBUG_NEW
  22. #endif
  23. #undef THIS_FILE
  24. static char THIS_FILE[] = __FILE__;
  25. #endif
  27. extern GUID g_guidExtension;
  28. extern GUID g_guidRegExt;
  29. extern GUID g_guidSnapin;
  32. ///////////////////////////////////////////////////////////////////////////////
  33. ///////////////////////////////////////////////////////////////////////////////
  34. CCertStoreRSOP::CCertStoreRSOP (
  35. DWORD dwFlags,
  36. LPCWSTR lpcszMachineName,
  37. LPCWSTR objectName,
  38. const CString & pcszLogStoreName,
  39. const CString & pcszPhysStoreName,
  40. CRSOPObjectArray& rsopObjectArray,
  41. const GUID& compDataGUID,
  42. IConsole* pConsole)
  43. : CCertStore (CERTMGR_LOG_STORE_RSOP,
  44. CERT_STORE_PROV_SYSTEM, dwFlags, lpcszMachineName, objectName,
  45. pcszLogStoreName, pcszPhysStoreName,
  46. StoreNameToType (pcszLogStoreName),
  47. 0,
  48. pConsole),
  49. m_fIsComputerType (false),
  50. m_fIsNullEFSPolicy (true) // assume NULL policy until proven otherwise
  51. {
  52. _TRACE (1, L"Entering CCertStoreRSOP::CCertStoreRSOP - %s\n",
  53. (LPCWSTR) pcszLogStoreName);
  54. ASSERT (CERTMGR_LOG_STORE_RSOP == m_objecttype);
  55. if ( ::IsEqualGUID (compDataGUID, NODEID_User) )
  56. {
  57. m_fIsComputerType = false;
  58. m_dwFlags |= CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY;
  59. }
  60. else if ( ::IsEqualGUID (compDataGUID, NODEID_Machine) )
  61. {
  62. m_fIsComputerType = true;
  63. m_dwFlags |= CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY;
  64. }
  65. else
  66. ASSERT (0);
  68. int nIndex = 0;
  69. INT_PTR nUpperBound = rsopObjectArray.GetUpperBound ();
  70. bool bFound = false;
  71. CString storePath = CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH;
  72. storePath += L"\\";
  73. storePath += m_pcszStoreName;
  74. size_t nStoreLen = storePath.GetLength ();
  76. while ( nUpperBound >= nIndex )
  77. {
  78. CRSOPObject* pObject = rsopObjectArray.GetAt (nIndex);
  79. if ( pObject )
  80. {
  81. // Only add if
  82. // 1. Precedence is 1
  83. // 2. The object belongs to this store
  84. // 3. The valueName is not empty
  85. if ( 1 == pObject->GetPrecedence () )
  86. {
  87. // Consider only entries from this store
  88. if ( !wcsncmp (storePath, pObject->GetRegistryKey (), nStoreLen) )
  89. {
  90. bFound = true;
  91. if ( !pObject->GetValueName ().IsEmpty () )
  92. {
  93. CRSOPObject* pNewObject = new CRSOPObject (*pObject);
  94. if ( pNewObject )
  95. m_rsopObjectArray.Add (pNewObject);
  96. }
  97. }
  98. else if ( bFound )
  99. {
  100. // Since the list is sorted, and we've already found the
  101. // desired RSOP objects and no longer are finding them,
  102. // there aren't any more. We can optimize and break here.
  103. break;
  104. }
  105. }
  106. }
  107. else
  108. break;
  110. nIndex++;
  111. }
  113. _TRACE (-1, L"Leaving CCertStoreRSOP::CCertStoreRSOP - %s\n",
  114. (LPCWSTR) pcszLogStoreName);
  115. }
  118. CCertStoreRSOP::~CCertStoreRSOP ()
  119. {
  120. _TRACE (1, L"Entering CCertStoreRSOP::~CCertStoreRSOP - %s\n",
  121. (LPCWSTR) m_pcszStoreName);
  122. ASSERT (CERTMGR_LOG_STORE_RSOP == m_objecttype);
  123. INT_PTR nUpperBound = m_rsopObjectArray.GetUpperBound ();
  124. int nIndex = 0;
  126. while (nUpperBound >= nIndex)
  127. {
  128. CRSOPObject* pObject = m_rsopObjectArray.GetAt (nIndex);
  129. if ( pObject )
  130. {
  131. delete pObject;
  132. }
  133. else
  134. break;
  136. nIndex++;
  137. }
  139. _TRACE (-1, L"Leaving CCertStoreRSOP::~CCertStoreRSOP - %s\n",
  140. (LPCWSTR) m_pcszStoreName);
  141. }
  143. HCERTSTORE CCertStoreRSOP::GetStoreHandle (BOOL bSilent /*= FALSE*/, HRESULT* phr /* = 0*/)
  144. {
  145. _TRACE (1, L"Entering CCertStoreRSOP::GetStoreHandle - %s\n",
  146. (LPCWSTR) m_pcszStoreName);
  147. ASSERT (CERTMGR_LOG_STORE_RSOP == m_objecttype);
  149. if ( !m_hCertStore )
  150. {
  151. DWORD dwErr = 0;
  153. //open a generic memory store
  154. m_hCertStore = ::CertOpenStore (CERT_STORE_PROV_MEMORY,
  155. 0, NULL,
  156. CERT_STORE_SET_LOCALIZED_NAME_FLAG | CERT_STORE_MAXIMUM_ALLOWED_FLAG,
  157. NULL);
  158. if ( m_hCertStore )
  159. {
  160. // Certificates, CTLs and other objects are either stored integrally in a
  161. // value called "Blob" or broken up into multiple parts. In this case, we'll
  162. // first see "BlobCount", which tells us how many parts there are, then
  163. // "BlobLength" which tells us the total byte length and finally
  164. // "Blob0", "Blob1", etc. to "Blob<BlobCount-1>"
  165. // Check for Certificates
  166. GetBlobs ();
  167. }
  168. else
  169. {
  170. dwErr = GetLastError ();
  171. if ( phr )
  172. *phr = HRESULT_FROM_WIN32 (dwErr);
  173. _TRACE (0, L"CertOpenStore (CERT_STORE_PROV_MEMORY) failed: 0x%x\n", dwErr);
  174. }
  176. if ( !m_hCertStore && !m_bUnableToOpenMsgDisplayed
  177. && !bSilent &&
  178. (USERDS_STORE != GetStoreType ()) )
  179. {
  180. m_bUnableToOpenMsgDisplayed = true;
  181. CString caption;
  182. CString text;
  183. int iRetVal = 0;
  185. VERIFY (caption.LoadString (IDS_CERTIFICATE_MANAGER));
  186. text.FormatMessage (IDS_UNABLE_TO_OPEN_STORE, GetStoreName (),
  187. GetSystemMessage (dwErr));
  188. if ( m_pConsole )
  189. m_pConsole->MessageBox (text, caption, MB_OK, &iRetVal);
  190. }
  191. }
  193. _TRACE (-1, L"Leaving CCertStoreRSOP::GetStoreHandle - %s\n",
  194. (LPCWSTR) m_pcszStoreName);
  196. return m_hCertStore;
  197. }
  200. HRESULT CCertStoreRSOP::GetBlobs ()
  201. {
  202. HRESULT hr = S_OK;
  203. INT_PTR nUpperBound = m_rsopObjectArray.GetUpperBound ();
  204. int nIndex = 0;
  206. while (nUpperBound >= nIndex)
  207. {
  208. CRSOPObject* pObject = m_rsopObjectArray.GetAt (nIndex);
  209. if ( pObject )
  210. {
  211. if ( STR_BLOB == pObject->GetValueName () )
  212. {
  213. // If this is a single, serialized cert, get it and
  214. // add it to the store
  215. BYTE* pByte = pObject->GetBlob ();
  216. ASSERT (pByte);
  217. if ( pByte )
  218. {
  219. if ( !CertAddSerializedElementToStore (
  220. m_hCertStore,
  221. pByte,
  222. (DWORD) pObject->GetBlobLength (),
  223. CERT_STORE_ADD_ALWAYS,
  224. 0,
  225. CERT_STORE_ALL_CONTEXT_FLAG,
  226. NULL,
  227. NULL) )
  228. {
  229. _TRACE (0, L"CertAddSerializedElementToStore () failed: 0x%x\n",
  230. GetLastError ());
  231. }
  232. }
  233. }
  234. else if ( STR_BLOBCOUNT == pObject->GetValueName () )
  235. {
  236. CString szBaseRegKey = pObject->GetRegistryKey ();
  237. DWORD dwBlobCount = pObject->GetDWORDValue ();
  238. if ( dwBlobCount > 0 )
  239. {
  240. nIndex++;
  241. if (nUpperBound >= nIndex)
  242. {
  243. // Get the blob length
  244. pObject = m_rsopObjectArray.GetAt (nIndex);
  245. if ( pObject )
  246. {
  247. if ( STR_BLOBLENGTH == pObject->GetValueName () )
  248. {
  249. DWORD dwBlobLength = pObject->GetDWORDValue ();
  250. if ( dwBlobLength )
  251. {
  252. BYTE* pbyLob = new BYTE[dwBlobLength];
  253. if ( pbyLob )
  254. {
  255. size_t nTotalBlobLength = 0;
  256. BYTE* pbyLobPtr = pbyLob;
  257. for (DWORD dwBlob = 0; dwBlob < dwBlobCount; dwBlob++)
  258. {
  259. nIndex++;
  260. if ( nUpperBound >= nIndex )
  261. {
  262. WCHAR szName[16];
  263. wsprintf (szName, L"%s%d", STR_BLOB, dwBlob);
  264. CString szRegKey = szBaseRegKey;
  265. szRegKey += L"\\";
  266. szRegKey += szName;
  268. pObject = m_rsopObjectArray.GetAt (nIndex);
  269. if ( pObject )
  270. {
  271. if ( szRegKey == pObject->GetRegistryKey () &&
  272. STR_BLOB == pObject->GetValueName () )
  273. {
  274. BYTE* pByte = pObject->GetBlob ();
  275. if ( pByte )
  276. {
  277. memcpy (pbyLobPtr, pByte, pObject->GetBlobLength ());
  278. pbyLobPtr += pObject->GetBlobLength ();
  279. nTotalBlobLength += pObject->GetBlobLength ();
  280. }
  281. else
  282. {
  283. ASSERT (0);
  284. hr = E_UNEXPECTED;
  285. break;
  286. }
  287. }
  288. else
  289. {
  290. ASSERT (0);
  291. hr = E_UNEXPECTED;
  292. break;
  293. }
  294. }
  295. else
  296. {
  297. ASSERT (0);
  298. hr = E_UNEXPECTED;
  299. break;
  300. }
  301. }
  302. else
  303. {
  304. ASSERT (0);
  305. hr = E_UNEXPECTED;
  306. break;
  307. }
  308. }
  310. if ( SUCCEEDED (hr) && nTotalBlobLength == (size_t) dwBlobLength )
  311. {
  312. if ( !CertAddSerializedElementToStore (
  313. m_hCertStore,
  314. pbyLob,
  315. dwBlobLength,
  316. CERT_STORE_ADD_ALWAYS,
  317. 0,
  318. CERT_STORE_ALL_CONTEXT_FLAG,
  319. NULL,
  320. NULL) )
  321. {
  322. _TRACE (0, L"CertAddSerializedElementToStore () failed: 0x%x\n",
  323. GetLastError ());
  324. }
  325. }
  327. delete [] pbyLob;
  328. }
  329. else
  330. {
  331. hr = E_OUTOFMEMORY;
  332. break;
  333. }
  334. }
  335. else
  336. {
  337. ASSERT (0);
  338. hr = E_UNEXPECTED;
  339. break;
  340. }
  341. }
  342. else
  343. {
  344. ASSERT (0);
  345. hr = E_UNEXPECTED;
  346. break;
  347. }
  348. }
  349. else
  350. {
  351. ASSERT (0);
  352. hr = E_UNEXPECTED;
  353. break;
  354. }
  355. }
  356. else
  357. {
  358. ASSERT (0);
  359. hr = E_UNEXPECTED;
  360. break;
  361. }
  362. }
  363. }
  364. }
  365. else
  366. break;
  368. nIndex++;
  369. }
  371. return hr;
  372. }
  374. bool CCertStoreRSOP::CanContain(CertificateManagerObjectType nodeType)
  375. {
  376. _TRACE (1, L"Entering CCertStoreRSOP::CanContain - %s\n",
  377. (LPCWSTR) m_pcszStoreName);
  378. ASSERT (CERTMGR_LOG_STORE_RSOP == m_objecttype);
  379. bool bCanContain = false;
  381. switch (nodeType)
  382. {
  383. case CERTMGR_CERTIFICATE:
  384. if ( ROOT_STORE == GetStoreType () ||
  385. EFS_STORE == GetStoreType () )
  386. {
  387. bCanContain = true;
  388. }
  389. break;
  391. case CERTMGR_CTL:
  392. if ( TRUST_STORE == GetStoreType () )
  393. {
  394. bCanContain = true;
  395. }
  396. break;
  398. default:
  399. break;
  400. }
  402. _TRACE (-1, L"Leaving CCertStoreRSOP::CanContain - %s\n",
  403. (LPCWSTR) m_pcszStoreName);
  404. return bCanContain;
  405. }
  408. bool CCertStoreRSOP::IsMachineStore()
  409. {
  410. _TRACE (0, L"Entering and leaving CCertStoreRSOP::IsMachineStore - %s\n",
  411. (LPCWSTR) m_pcszStoreName);
  412. ASSERT (CERTMGR_LOG_STORE_RSOP == m_objecttype);
  414. if (m_dwFlags & CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY)
  415. return true;
  416. else
  417. return false;
  418. }
  421. void CCertStoreRSOP::FinalCommit()
  422. {
  423. _TRACE (1, L"Entering CCertStoreRSOP::FinalCommit - %s\n",
  424. (LPCWSTR) m_pcszStoreName);
  425. ASSERT (CERTMGR_LOG_STORE_RSOP == m_objecttype);
  426. // Called only from destructor
  427. // Cannot commit here for GPT: GPT has already freed all pertinent data
  428. _TRACE (-1, L"Leaving CCertStoreRSOP::FinalCommit - %s\n",
  429. (LPCWSTR) m_pcszStoreName);
  430. }
  433. bool CCertStoreRSOP::IsNullEFSPolicy()
  434. {
  435. _TRACE (1, L"Entering CCertStoreRSOP::IsNullEFSPolicy - %s\n",
  436. (LPCWSTR) m_pcszStoreName);
  437. GetStoreHandle (); // to initialize
  438. Close ();
  439. _TRACE (-1, L"Leaving CCertStoreRSOP::IsNullEFSPolicy - %s\n",
  440. (LPCWSTR) m_pcszStoreName);
  441. return m_fIsNullEFSPolicy;
  442. }
  444. void CCertStoreRSOP::AllowEmptyEFSPolicy()
  445. {
  446. _TRACE (1, L"Entering CCertStoreRSOP::AllowEmptyEFSPolicy - %s\n",
  447. (LPCWSTR) m_pcszStoreName);
  448. m_fIsNullEFSPolicy = false;
  449. _TRACE (-1, L"Leaving CCertStoreRSOP::AllowEmptyEFSPolicy - %s\n",
  450. (LPCWSTR) m_pcszStoreName);
  451. }
  453. PCCERT_CONTEXT CCertStoreRSOP::EnumCertificates (PCCERT_CONTEXT pPrevCertContext)
  454. {
  455. PCCERT_CONTEXT pCertContext = CCertStore::EnumCertificates (pPrevCertContext);
  457. if ( pCertContext )
  458. m_fIsNullEFSPolicy = false;
  460. return pCertContext;
  461. }