archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 9769ad7c3d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9769ad7c3d'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/snapin/certmgr/ctl.cpp

546 lines
13 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1997-2001.
  5. //
  6. // File: CTL.cpp
  7. //
  8. // Contents: implementation of the CCTL class.
  9. //
  10. //----------------------------------------------------------------------------
  12. #include "stdafx.h"
  13. #include "CTL.h"
  14. #include "certifct.h"
  17. USE_HANDLE_MACROS("CERTMGR(ctl.cpp)")
  19. ////////////////////////////////////////////////////////////
  20. // Construction/Destruction
  21. //////////////////////////////////////////////////////////////////////
  23. CCTL::CCTL (const PCCTL_CONTEXT pCTLContext,
  24. CCertStore& rCertStore,
  25. CertificateManagerObjectType objectType,
  26. CTypedPtrList<CPtrList, CCertStore*>* pStoreList) :
  27. CCertMgrCookie (objectType),
  28. m_pCTLContext (::CertDuplicateCTLContext (pCTLContext)),
  29. m_rCertStore (rCertStore),
  30. m_pStoreCollection (0),
  31. m_hExtraStore (0)
  32. {
  33. _TRACE (1, L"Entering CCTL::CCTL\n");
  34. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  35. CERTMGR_CTL == m_objecttype);
  36. m_rCertStore.AddRef ();
  37. ASSERT (m_pCTLContext);
  38. if ( m_pCTLContext )
  39. m_pCTLInfo = m_pCTLContext->pCtlInfo;
  41. m_pStoreCollection = new CCertStore (CERTMGR_LOG_STORE, CERT_STORE_PROV_COLLECTION, 0,
  42. L"", L"", L"", L"", NO_SPECIAL_TYPE, 0, rCertStore.m_pConsole);
  43. if ( m_pStoreCollection )
  44. {
  45. m_pStoreCollection->AddStoreToCollection (m_rCertStore);
  47. m_hExtraStore = CertOpenStore(
  48. CERT_STORE_PROV_MSG,
  49. X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  50. NULL,
  51. NULL,
  52. (const void *) pCTLContext->hCryptMsg);
  53. if ( m_hExtraStore )
  54. m_pStoreCollection->AddStoreToCollection (m_hExtraStore);
  55. else
  56. {
  57. _TRACE (0, L"CertOpenStore (CERT_STORE_PROV_MSG) failed: 0x%x\n",
  58. GetLastError ());
  59. }
  60. if ( pStoreList )
  61. {
  62. for (POSITION pos = pStoreList->GetHeadPosition (); pos; )
  63. {
  64. CCertStore* pStore = pStoreList->GetNext (pos);
  65. ASSERT (pStore);
  66. if ( pStore )
  67. {
  68. m_pStoreCollection->AddStoreToCollection (*pStore);
  69. }
  70. pStore->AddRef ();
  71. m_storeList.AddTail (pStore);
  72. }
  73. }
  74. }
  75. _TRACE (-1, L"Leaving CCTL::CCTL\n");
  76. }
  78. CCTL::~CCTL()
  79. {
  80. _TRACE (1, L"Entering CCTL::~CCTL\n");
  81. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  82. CERTMGR_CTL == m_objecttype);
  85. if ( m_pStoreCollection )
  86. {
  87. delete m_pStoreCollection;
  88. m_pStoreCollection = 0;
  89. }
  91. CCertStore* pStore = 0;
  93. // Clean up store list
  94. while (!m_storeList.IsEmpty () )
  95. {
  96. pStore = m_storeList.RemoveHead ();
  97. ASSERT (pStore);
  98. if ( pStore )
  99. pStore->Release ();
  100. }
  102. if ( m_hExtraStore )
  103. {
  104. CertCloseStore (m_hExtraStore, 0);
  105. m_hExtraStore = 0;
  106. }
  108. m_rCertStore.Release ();
  109. if ( m_pCTLContext )
  110. ::CertFreeCTLContext (m_pCTLContext);
  111. _TRACE (-1, L"Leaving CCTL::~CCTL\n");
  112. }
  115. PCCTL_CONTEXT CCTL::GetCTLContext() const
  116. {
  117. _TRACE (1, L"Entering CCTL::GetCTLContext\n");
  118. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  119. CERTMGR_CTL == m_objecttype);
  120. _TRACE (-1, L"Leaving CCTL::GetCTLContext\n");
  121. return m_pCTLContext;
  122. }
  124. CCertStore& CCTL::GetCertStore() const
  125. {
  126. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  127. CERTMGR_CTL == m_objecttype);
  128. return m_rCertStore;
  129. }
  131. CString CCTL::GetIssuerName ()
  132. {
  133. _TRACE (1, L"Entering CCTL::GetIssuerName\n");
  134. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  135. CERTMGR_CTL == m_objecttype);
  136. ASSERT (m_pCTLInfo);
  137. if ( m_pCTLInfo )
  138. {
  139. // Decode issuer name if not already present
  140. if ( m_szIssuerName.IsEmpty () )
  141. {
  142. HRESULT hResult = GetSignerInfo (m_szIssuerName);
  143. if ( !SUCCEEDED (hResult) )
  144. VERIFY (m_szIssuerName.LoadString (IDS_NOT_AVAILABLE));
  145. }
  146. }
  148. _TRACE (-1, L"Leaving CCTL::GetIssuerName\n");
  149. return m_szIssuerName;
  150. }
  152. CString CCTL::GetEffectiveDate()
  153. {
  154. _TRACE (1, L"Entering CCTL::GetEffectiveDate\n");
  155. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  156. CERTMGR_CTL == m_objecttype);
  157. ASSERT (m_pCTLInfo);
  158. if ( m_pCTLInfo )
  159. {
  160. // Format date/time string if not already present
  161. if ( m_szEffectiveDate.IsEmpty () )
  162. {
  163. HRESULT hResult = FormatDate (m_pCTLInfo->ThisUpdate, m_szEffectiveDate);
  164. if ( !SUCCEEDED (hResult) )
  165. m_szEffectiveDate = _T("");
  166. }
  167. }
  168. else
  169. m_szEffectiveDate = _T("");
  171. _TRACE (-1, L"Leaving CCTL::GetEffectiveDate\n");
  172. return m_szEffectiveDate;
  173. }
  175. CString CCTL::GetNextUpdate()
  176. {
  177. _TRACE (1, L"Entering CCTL::GetNextUpdate\n");
  178. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  179. CERTMGR_CTL == m_objecttype);
  180. ASSERT (m_pCTLInfo);
  181. if ( m_pCTLInfo )
  182. {
  183. // Format date/time string if not already present
  184. if ( m_szNextUpdate.IsEmpty () )
  185. {
  186. HRESULT hResult = FormatDate (m_pCTLInfo->NextUpdate, m_szNextUpdate);
  187. if ( !SUCCEEDED (hResult) )
  188. m_szNextUpdate = _T("");
  189. }
  190. }
  191. else
  192. m_szNextUpdate = _T("");
  194. _TRACE (-1, L"Leaving CCTL::GetNextUpdate\n");
  195. return m_szNextUpdate;
  196. }
  198. CString CCTL::GetPurpose()
  199. {
  200. _TRACE (1, L"Entering CCTL::GetPurpose\n");
  201. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  202. CERTMGR_CTL == m_objecttype);
  203. ASSERT (m_pCTLInfo);
  204. if ( m_pCTLInfo )
  205. {
  206. // Format date/time string if not already present
  207. if ( m_szPurpose.IsEmpty () )
  208. FormatEnhancedKeyUsagePropertyString (m_szPurpose);
  209. }
  210. _TRACE (-1, L"Leaving CCTL::GetPurpose\n");
  211. return m_szPurpose;
  212. }
  215. void CCTL::FormatEnhancedKeyUsagePropertyString (CString& string)
  216. {
  217. _TRACE (1, L"Entering CCTL::FormatEnhancedKeyUsagePropertyString\n");
  218. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  219. CERTMGR_CTL == m_objecttype);
  220. ASSERT (m_pCTLInfo);
  221. if ( m_pCTLInfo )
  222. {
  223. CString usageName;
  224. CTL_USAGE& usage = m_pCTLInfo->SubjectUsage;
  227. for (DWORD dwIndex = 0; dwIndex < usage.cUsageIdentifier; dwIndex++)
  228. {
  229. if ( MyGetOIDInfo (usageName, usage.rgpszUsageIdentifier[dwIndex]) )
  230. {
  231. // add delimeter if not first iteration
  232. if ( dwIndex )
  233. string += _T(", ");
  234. string += usageName;
  235. }
  236. }
  237. }
  238. _TRACE (-1, L"Leaving CCTL::FormatEnhancedKeyUsagePropertyString\n");
  239. }
  242. HRESULT CCTL::GetSignerInfo (CString & signerName)
  243. {
  244. _TRACE (1, L"Entering CCTL::GetSignerInfo\n");
  245. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  246. CERTMGR_CTL == m_objecttype);
  247. HRESULT hResult = S_OK;
  249. //
  250. // Use CryptMsg to crack the encoded PKCS7 Signed Message
  251. //
  252. HCRYPTMSG hMsg = ::CryptMsgOpenToDecode (X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
  253. 0,
  254. 0,
  255. 0,
  256. NULL,
  257. NULL);
  258. ASSERT (hMsg);
  259. if ( hMsg )
  260. {
  261. BOOL bResult = ::CryptMsgUpdate (hMsg, m_pCTLContext->pbCtlEncoded,
  262. m_pCTLContext->cbCtlEncoded, TRUE);
  263. ASSERT (bResult);
  264. if ( bResult )
  265. {
  266. //
  267. // get the encoded signer BLOB
  268. //
  269. DWORD cbEncodedSigner = 0;
  270. bResult = ::CryptMsgGetParam (hMsg, CMSG_ENCODED_SIGNER, 0, NULL,
  271. &cbEncodedSigner);
  272. if ( bResult && cbEncodedSigner )
  273. {
  274. BYTE* pbEncodedSigner = (PBYTE) ::LocalAlloc (LPTR, cbEncodedSigner);
  275. if ( pbEncodedSigner )
  276. {
  277. bResult = ::CryptMsgGetParam (hMsg, CMSG_ENCODED_SIGNER, 0,
  278. pbEncodedSigner, &cbEncodedSigner);
  279. ASSERT (bResult);
  280. if ( bResult )
  281. {
  282. DWORD cbSignerInfo = 0;
  283. //
  284. // decode the EncodedSigner info
  285. //
  286. bResult = ::CryptDecodeObject (
  287. PKCS_7_ASN_ENCODING | CRYPT_ASN_ENCODING,
  288. PKCS7_SIGNER_INFO,
  289. pbEncodedSigner,
  290. cbEncodedSigner,
  291. 0,
  292. NULL,
  293. &cbSignerInfo);
  294. ASSERT (bResult);
  295. if ( bResult )
  296. {
  297. PCMSG_SIGNER_INFO pbSignerInfo = (PCMSG_SIGNER_INFO) ::LocalAlloc (LPTR, cbSignerInfo);
  298. if ( pbSignerInfo )
  299. {
  300. bResult = ::CryptDecodeObject (
  301. PKCS_7_ASN_ENCODING|CRYPT_ASN_ENCODING,
  302. PKCS7_SIGNER_INFO,
  303. pbEncodedSigner,
  304. cbEncodedSigner,
  305. 0,
  306. pbSignerInfo,
  307. &cbSignerInfo);
  308. ASSERT (bResult);
  309. if ( bResult )
  310. {
  311. DWORD cbCertInfo = 0;
  312. //
  313. // get the signers cert context
  314. //
  315. bResult = ::CryptMsgGetParam (hMsg,
  316. CMSG_SIGNER_CERT_INFO_PARAM,
  317. 0,
  318. NULL,
  319. &cbCertInfo);
  320. ASSERT (bResult);
  321. if ( bResult && cbEncodedSigner )
  322. {
  323. CERT_INFO* pCertInfo = (CERT_INFO *) ::LocalAlloc (LPTR, cbCertInfo);
  324. if ( pCertInfo )
  325. {
  326. bResult = ::CryptMsgGetParam (hMsg,
  327. CMSG_SIGNER_CERT_INFO_PARAM,
  328. 0,
  329. pCertInfo,
  330. &cbCertInfo);
  331. ASSERT (bResult);
  332. if ( bResult )
  333. {
  334. CCertificate* pCert =
  335. m_pStoreCollection->GetSubjectCertificate (pCertInfo);
  336. if ( pCert )
  337. {
  338. signerName = pCert->GetSubjectName ();
  339. pCert->Release ();
  340. }
  341. else
  342. hResult = E_FAIL;
  343. }
  345. ::LocalFree (pCertInfo);
  346. }
  347. else
  348. {
  349. hResult = E_OUTOFMEMORY;
  350. }
  351. }
  352. }
  353. ::LocalFree (pbSignerInfo);
  354. }
  355. else
  356. {
  357. hResult = E_OUTOFMEMORY;
  358. }
  359. }
  360. }
  361. ::LocalFree (pbEncodedSigner);
  362. }
  363. else
  364. {
  365. hResult = E_OUTOFMEMORY;
  366. }
  367. }
  368. else
  369. hResult = E_FAIL;
  370. }
  371. bResult = ::CryptMsgClose (hMsg);
  372. ASSERT (bResult);
  373. }
  374. else
  375. hResult = E_UNEXPECTED;
  377. _TRACE (-1, L"Leaving CCTL::GetSignerInfo\n");
  378. return hResult;
  379. }
  382. int CCTL::CompareEffectiveDate (const CCTL& ctl) const
  383. {
  384. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  385. CERTMGR_CTL == m_objecttype);
  386. int compVal = 0;
  388. ASSERT (m_pCTLInfo && ctl.m_pCTLInfo);
  389. if ( m_pCTLInfo && ctl.m_pCTLInfo )
  390. {
  391. compVal = ::CompareFileTime (&m_pCTLInfo->ThisUpdate,
  392. &ctl.m_pCTLInfo->ThisUpdate);
  393. }
  395. return compVal;
  396. }
  398. int CCTL::CompareNextUpdate (const CCTL& ctl) const
  399. {
  400. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  401. CERTMGR_CTL == m_objecttype);
  402. int compVal = 0;
  404. ASSERT (m_pCTLInfo && ctl.m_pCTLInfo);
  405. if ( m_pCTLInfo && ctl.m_pCTLInfo )
  406. {
  407. compVal = ::CompareFileTime (&m_pCTLInfo->NextUpdate,
  408. &ctl.m_pCTLInfo->NextUpdate);
  409. }
  411. return compVal;
  412. }
  414. CString CCTL::GetFriendlyName()
  415. {
  416. _TRACE (1, L"Entering CCTL::GetFriendlyName\n");
  417. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  418. CERTMGR_CTL == m_objecttype);
  419. ASSERT (m_pCTLContext);
  420. if ( m_pCTLContext && m_szFriendlyName.IsEmpty () )
  421. {
  422. DWORD cbData = 0;
  423. BOOL bResult = ::CertGetCTLContextProperty (
  424. m_pCTLContext,
  425. CERT_FRIENDLY_NAME_PROP_ID,
  426. NULL,
  427. &cbData);
  428. if ( bResult )
  429. {
  430. LPWSTR pszName = new WCHAR[cbData];
  431. if ( pszName )
  432. {
  433. ::ZeroMemory (pszName, cbData * sizeof (WCHAR));
  434. bResult = ::CertGetCTLContextProperty (
  435. m_pCTLContext,
  436. CERT_FRIENDLY_NAME_PROP_ID,
  437. pszName,
  438. &cbData);
  439. ASSERT (bResult);
  440. if ( bResult )
  441. {
  442. m_szFriendlyName = pszName;
  443. }
  444. else
  445. {
  446. VERIFY (m_szFriendlyName.LoadString (IDS_NOT_AVAILABLE));
  447. }
  448. delete [] pszName;
  449. }
  450. }
  451. else
  452. {
  453. if ( GetLastError () == CRYPT_E_NOT_FOUND )
  454. {
  455. VERIFY (m_szFriendlyName.LoadString (IDS_NONE));
  456. }
  457. else
  458. {
  459. ASSERT (0);
  460. VERIFY (m_szFriendlyName.LoadString (IDS_NOT_AVAILABLE));
  461. }
  462. }
  463. }
  464. _TRACE (-1, L"Leaving CCTL::GetFriendlyName\n");
  465. return m_szFriendlyName;
  466. }
  468. SPECIAL_STORE_TYPE CCTL::GetStoreType() const
  469. {
  470. ASSERT (CERTMGR_AUTO_CERT_REQUEST == m_objecttype ||
  471. CERTMGR_CTL == m_objecttype);
  472. return m_rCertStore.GetStoreType ();
  473. }
  475. void CCTL::Refresh()
  476. {
  477. m_szEffectiveDate = L"";
  478. m_szFriendlyName = L"";
  479. m_szIssuerName = L"";
  480. m_szNextUpdate = L"";
  481. m_szPurpose = L"";
  482. }
  485. BOOL CCTL::DeleteFromStore()
  486. {
  487. _TRACE (1, L"Entering CCTL::DeleteFromStore\n");
  488. BOOL bResult = FALSE;
  490. PCCTL_CONTEXT pCTLContext = GetNewCTLContext ();
  491. if ( pCTLContext )
  492. {
  493. bResult = ::CertDeleteCTLFromStore (pCTLContext);
  494. if ( bResult )
  495. {
  496. m_rCertStore.InvalidateCertCount ();
  497. m_rCertStore.SetDirty ();
  498. HRESULT hr = m_rCertStore.Commit ();
  499. if ( SUCCEEDED (hr) )
  500. m_rCertStore.Resync ();
  501. else
  502. bResult = FALSE;
  503. }
  504. m_rCertStore.Close ();
  505. }
  507. _TRACE (-1, L"Leaving CCTL::DeleteFromStore\n");
  508. return bResult;
  509. }
  511. PCCTL_CONTEXT CCTL::GetNewCTLContext()
  512. {
  513. _TRACE (1, L"Entering CCTL::GetNewCTLContext\n");
  514. PCCTL_CONTEXT pCTLContext = 0;
  515. HCERTSTORE hCertStore = m_rCertStore.GetStoreHandle ();
  516. if ( hCertStore )
  517. {
  518. DWORD cbData = 20;
  519. BYTE certHash[20];
  520. BOOL bReturn = ::CertGetCTLContextProperty (
  521. m_pCTLContext,
  522. CERT_SHA1_HASH_PROP_ID,
  523. &certHash,
  524. &cbData);
  525. ASSERT (bReturn);
  526. if ( bReturn )
  527. {
  528. CRYPT_DATA_BLOB blob = {sizeof (certHash), certHash};
  529. pCTLContext = CertFindCTLInStore(
  530. hCertStore,
  531. 0,
  532. 0,
  533. CTL_FIND_SHA1_HASH,
  534. &blob,
  535. 0);
  536. if ( pCTLContext )
  537. {
  538. ::CertFreeCTLContext (m_pCTLContext);
  539. m_pCTLContext = ::CertDuplicateCTLContext (pCTLContext);
  540. }
  541. }
  542. }
  544. _TRACE (-1, L"Leaving CCTL::GetNewCTLContext\n");
  545. return pCTLContext;
  546. }