archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 9769ad7c3d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9769ad7c3d'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/csps/cryptoflex/slbiop/iop.cpp

761 lines
23 KiB
Raw Normal View History

Add source files
4 years ago
  1. // iop.cpp -- Definition of CIOP
  3. // (c) Copyright Schlumberger Technology Corp., unpublished work, created
  4. // 2000. This computer program includes Confidential, Proprietary
  5. // Information and is a Trade Secret of Schlumberger Technology Corp. All
  6. // use, disclosure, and/or reproduction is prohibited unless authorized
  7. // in writing. All Rights Reserved.
  9. #include <tchar.h>
  10. #include <string>
  12. #include <scuOsExc.h>
  13. #include <scuOsVersion.h>
  14. #include <scuArrayP.h>
  15. #include "iop.h"
  16. #include <aclapi.h>
  18. #include "LockWrap.h"
  20. using namespace std;
  22. namespace
  23. {
  24. char g_szSLBRegistryPath[] = "SOFTWARE\\Schlumberger";
  25. char g_szTerminalsName[] = "Smart Cards and Terminals";
  26. char g_szCardName[] = "Smart Cards";
  27. char g_szCrypto4KName[] = "Cryptoflex 4K";
  28. char g_szOldCrypto8KName[] = "Cryptoflex 8K (no RSA key generation)";
  29. char g_szNewCrypto8KName[] = "Cryptoflex 8K (with RSA key generation)";
  30. char g_szCrypto8KV2Name[] = "Cryptoflex 8K (V2)";
  31. char g_szAccessName[] = "Cyberflex Access 16K";
  32. char g_sze_gateName[] = "Schlumberger Cryptoflex e-gate";
  33. char g_szCrypto16KName[] = "Cryptoflex 16K";
  34. char g_szAccessCampus[] = "Schlumberger Cyberflex Access Campus";
  35. char g_szCryptoActivCard[] = "Schlumberger Cryptoflex ActivCard";
  37. string
  38. CardPath()
  39. {
  40. static string sPath = string(g_szSLBRegistryPath) +
  41. string("\\") + string(g_szTerminalsName) + string("\\") +
  42. string(g_szCardName);
  44. return sPath;
  45. }
  47. #if defined(SLBIOP_WAIT_FOR_RM_STARTUP)
  49. HANDLE GetSCResourceManagerStartedEvent(void)
  50. {
  51. typedef HANDLE (*LPCALAISACCESSEVENT)(void);
  53. HANDLE hReturn = NULL;
  55. try
  56. {
  57. HMODULE hWinScard = GetModuleHandle(TEXT("WINSCARD.DLL"));
  58. if (NULL != hWinScard)
  59. {
  60. LPCALAISACCESSEVENT pfCalais =
  61. (LPCALAISACCESSEVENT)GetProcAddress(hWinScard,
  62. "SCardAccessStartedEvent");
  63. if (NULL != pfCalais)
  64. {
  65. hReturn = (*pfCalais)();
  66. }
  67. }
  68. }
  69. catch (...)
  70. {
  71. hReturn = NULL;
  72. }
  74. return hReturn;
  76. }
  78. #endif // defined(SLBIOP_WAIT_FOR_RM_STARTUP)
  80. }
  82. namespace iop
  83. {
  86. CIOP::CIOP()
  87. : m_hContext(NULL)
  88. {
  89. // Ensure that resorce manager is running, then Establish context
  91. if (!CIOP::WaitForSCManager())
  92. throw Exception(ccResourceManagerDisabled);
  94. HRESULT hResult = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &m_hContext);
  95. if (SCARD_S_SUCCESS != hResult)
  96. throw scu::OsException(hResult);
  97. }
  99. CIOP::~CIOP()
  100. {
  101. SCardReleaseContext(m_hContext);
  102. }
  104. CSmartCard *
  105. CIOP::Connect(const char* szReaderName,
  106. bool fExclusiveMode)
  107. {
  108. HRESULT hResult = NOERROR;
  109. DWORD dwShare = (fExclusiveMode ? SCARD_SHARE_EXCLUSIVE : SCARD_SHARE_SHARED);
  110. DWORD dwProtocol;
  111. SCARDHANDLE hCard;
  113. // Grab our Mutex. This is a hack around an RM bug.
  115. CIOPLock TempLock(szReaderName); // This is ok as long as one do not try to do SCard locking
  116. CIOPMutex tempMutex(&TempLock);
  118. // Connect to the reader
  120. hResult = SCardConnect(m_hContext, szReaderName, dwShare,
  121. SCARD_PROTOCOL_T0, &hCard, &dwProtocol);
  123. if (hResult != SCARD_S_SUCCESS)
  124. throw scu::OsException(hResult);
  126. // Get the ATR and determine card type
  128. DWORD dwBufferLen = 0;
  129. DWORD dwState;
  130. BYTE bATR[CSmartCard::cMaxAtrLength];
  131. DWORD dwATRLen = sizeof bATR / sizeof *bATR;
  133. hResult = SCardStatus(hCard,NULL, &dwBufferLen, &dwState,
  134. &dwProtocol, bATR, &dwATRLen);
  136. if (hResult != SCARD_S_SUCCESS)
  137. throw scu::OsException(hResult);
  139. // Create a SmartCard of the right type.
  140. CSmartCard *psc = CreateCard(bATR, dwATRLen, hCard, szReaderName, dwShare);
  142. return psc;
  143. }
  145. // This function creates a smart card of the appropriate type
  147. CSmartCard * CIOP::CreateCard(const BYTE* bATR,
  148. const DWORD dwLength,
  149. const SCARDHANDLE hCard,
  150. const char* szReaderName,
  151. const DWORD dwShareMode)
  152. {
  153. ////////////////////////////////////
  154. // Open path to registered keys //
  155. ////////////////////////////////////
  157. HKEY hkCardKey;
  158. HKEY hkTestKey;
  160. RegOpenKeyEx(HKEY_LOCAL_MACHINE, CardPath().c_str(), NULL,
  161. KEY_READ, &hkCardKey);
  163. //////////////////////////////////////////////
  164. // Enumerate subkeys to find an ATR match //
  165. //////////////////////////////////////////////
  167. FILETIME fileTime;
  168. char szATR[] = "ATR";
  169. char szMask[] = "ATR Mask";
  170. char szCardType[] = "Card Type";
  171. char sBuffer[MAX_PATH + 1];
  172. BYTE bATRtest[CSmartCard::cMaxAtrLength];
  173. BYTE bMask[CSmartCard::cMaxAtrLength];
  175. BYTE type;
  176. char szCardName[MAX_PATH + 1];
  177. DWORD dwBufferSize = sizeof(sBuffer);
  178. DWORD dwATRSize = sizeof bATRtest / sizeof *bATRtest;
  179. DWORD dwMaskSize = sizeof bMask / sizeof *bMask;
  180. DWORD dwTypeSize = 1;
  181. DWORD index = 0;
  184. LONG iRetVal = RegEnumKeyEx(hkCardKey, index, sBuffer,
  185. &dwBufferSize, NULL, NULL, NULL,
  186. &fileTime);
  188. while (iRetVal == ERROR_SUCCESS)
  189. {
  190. strcpy(szCardName, sBuffer);
  192. RegOpenKeyEx(hkCardKey, sBuffer, NULL, KEY_READ, &hkTestKey);
  193. RegQueryValueEx(hkTestKey, szATR, NULL, NULL, bATRtest, &dwATRSize);
  194. RegQueryValueEx(hkTestKey, szMask, NULL, NULL, bMask, &dwMaskSize);
  195. RegQueryValueEx(hkTestKey, szCardType, NULL, NULL, &type, &dwTypeSize);
  197. if (dwATRSize == dwLength)
  198. {
  199. scu::AutoArrayPtr<BYTE> aabMaskedATR(new BYTE[dwATRSize]);
  200. for (DWORD count = 0; count < dwATRSize; count++)
  201. aabMaskedATR[count] = bATR[count] & bMask[count];
  203. if (!memcmp(aabMaskedATR.Get(), bATRtest, dwATRSize))
  204. break;
  205. }
  207. index++;
  208. dwBufferSize = sizeof(sBuffer);
  209. dwATRSize = sizeof bATRtest / sizeof *bATRtest;
  210. dwMaskSize = sizeof bMask / sizeof *bMask;
  211. RegCloseKey(hkTestKey);
  212. iRetVal = RegEnumKeyEx(hkCardKey, index, sBuffer, &dwBufferSize, NULL, NULL, NULL, &fileTime);
  213. }
  215. // if loop was broken, iRetVal is still ERROR_SUCCESS, and type holds correct card to use
  216. CSmartCard *retVal = NULL;
  218. if (iRetVal == ERROR_SUCCESS)
  219. {
  220. switch (type)
  221. {
  222. case CRYPTO_CARD: retVal = new CCryptoCard(hCard,
  223. szReaderName,
  224. m_hContext,
  225. dwShareMode);
  226. break;
  227. case ACCESS_CARD: retVal = new CAccessCard(hCard,
  228. szReaderName,
  229. m_hContext,
  230. dwShareMode);
  231. break;
  232. default: throw Exception(ccUnknownCard);
  233. break;
  234. }
  235. }
  236. // loop wasn't broken, i.e., ATR not found. Try to make an Access Card.
  237. else
  238. retVal = new CAccessCard(hCard, szReaderName, m_hContext,
  239. dwShareMode);
  241. retVal->setCardName(szCardName);
  242. return retVal;
  243. }
  246. void
  247. CIOP::ListReaders(char* szReadersList, int &iSizeOfList)
  248. {
  249. DWORD dwSize = static_cast<DWORD>(iSizeOfList);
  250. LONG lRet;
  251. lRet = SCardListReaders(m_hContext, NULL, szReadersList, &dwSize);
  252. iSizeOfList = static_cast<int>(dwSize);
  253. if (SCARD_S_SUCCESS != lRet)
  254. throw scu::OsException(lRet);
  255. }
  257. void
  258. CIOP::ListKnownCards(char* szCardList, int& iSizeOfList)
  259. {
  260. ////////////////////////////////////
  261. // Open path to registered keys //
  262. ////////////////////////////////////
  264. LONG rv;
  265. HKEY hkCardKey;
  267. rv = RegOpenKeyEx(HKEY_LOCAL_MACHINE, CardPath().c_str(), NULL,
  268. KEY_READ, &hkCardKey);
  269. if(ERROR_SUCCESS != rv)
  270. throw scu::OsException(rv);
  272. ///////////////////////////////////////////
  273. // Enumerate subkeys to get card names //
  274. ///////////////////////////////////////////
  276. FILETIME fileTime;
  277. char sBuffer[1024];
  278. DWORD dwBufferSize = sizeof sBuffer / sizeof *sBuffer;
  279. int iTotalSize = 0;
  280. int index = 0;
  282. memset(sBuffer, 0, dwBufferSize);
  284. scu::AutoArrayPtr<char> aaszCardListBuffer(new char[iSizeOfList]);
  285. memset(aaszCardListBuffer.Get(), 0, iSizeOfList);
  287. rv = RegEnumKeyEx(hkCardKey, index++, sBuffer, &dwBufferSize,
  288. NULL, NULL, NULL, &fileTime);
  289. while (rv == ERROR_SUCCESS)
  290. {
  291. if (iTotalSize + dwBufferSize <= iSizeOfList - 2) // spare two chars for trailing nulls
  292. {
  293. strcpy((aaszCardListBuffer.Get() + iTotalSize), sBuffer);
  294. iTotalSize += dwBufferSize;
  296. aaszCardListBuffer[iTotalSize++] = 0;
  297. }
  298. else
  299. {
  300. iTotalSize += dwBufferSize + 1;
  301. }
  303. dwBufferSize = sizeof sBuffer / sizeof *sBuffer;
  304. memset(sBuffer, 0, dwBufferSize);
  306. rv = RegEnumKeyEx(hkCardKey, index++, sBuffer, &dwBufferSize,
  307. NULL, NULL, NULL, &fileTime);
  308. }
  310. bool fRetVal = (iTotalSize <= iSizeOfList - 1); // spare byte for final null terminator
  311. if (fRetVal)
  312. {
  313. aaszCardListBuffer[iTotalSize++] = 0;
  315. memcpy(szCardList, aaszCardListBuffer.Get(), iTotalSize);
  316. }
  317. else
  318. iTotalSize++; // spare byte for final null terminator
  320. iSizeOfList = iTotalSize;
  322. rv = RegCloseKey(hkCardKey);
  323. if (ERROR_SUCCESS != rv)
  324. throw scu::OsException(rv);
  325. }
  327. void
  328. CIOP::RegisterCard(const char* szCardName,
  329. const BYTE* bATR,
  330. BYTE bATRLength,
  331. const BYTE* bATRMask,
  332. BYTE bATRMaskLength,
  333. const BYTE* bProperties,
  334. cardType type)
  335. {
  336. HKEY hkCardKey;
  337. DWORD dwCreateFlag;
  338. BYTE bCardType = (BYTE)type;
  339. char szATR[] = "ATR";
  340. char szATRMask[] = "ATR Mask";
  341. char szCardType[] = "Card Type";
  342. char szProperties[] = "Properties";
  344. string sCardRegPath(CardPath());
  345. sCardRegPath.append("\\");
  346. sCardRegPath.append(szCardName);
  348. LONG rv = RegCreateKeyEx(HKEY_LOCAL_MACHINE,
  349. sCardRegPath.c_str(), NULL, NULL, NULL,
  350. KEY_ALL_ACCESS, NULL, &hkCardKey, &dwCreateFlag);
  352. if(ERROR_SUCCESS!=rv)
  353. throw scu::OsException(rv);
  355. if (dwCreateFlag == REG_CREATED_NEW_KEY)
  356. {
  357. rv = RegSetValueEx(hkCardKey, szATR, NULL, REG_BINARY, bATR,
  358. bATRLength);
  359. if (ERROR_SUCCESS==rv)
  360. {
  361. rv = RegSetValueEx(hkCardKey, szATRMask, NULL,
  362. REG_BINARY, bATRMask,
  363. bATRMaskLength);
  364. if (ERROR_SUCCESS==rv)
  365. {
  366. rv = RegSetValueEx(hkCardKey, szCardType, NULL,
  367. REG_BINARY, &bCardType, 1);
  368. if (ERROR_SUCCESS==rv)
  369. rv = RegSetValueEx(hkCardKey, szProperties, NULL,
  370. REG_BINARY, bProperties, 512);
  371. }
  372. }
  373. }
  375. LONG rv2 = RegCloseKey(hkCardKey);
  376. if (ERROR_SUCCESS!=rv) // an error occured earlier
  377. throw scu::OsException(rv);
  379. if (ERROR_SUCCESS != rv2)
  380. throw scu::OsException(rv2);
  383. // return (dwCreateFlag == REG_CREATED_NEW_KEY);
  384. }
  386. void
  387. CIOP::RegisterDefaultCards()
  388. {
  389. BYTE bMask[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
  390. BYTE bAccessMask[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00 };
  391. BYTE bCMask[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00 };
  392. BYTE bMaskLength = 9;
  393. BYTE bATRLength = 9;
  395. BYTE bProperties[512];
  396. memset(bProperties, 0, sizeof(bProperties));
  398. // Register Cryptoflex 16K
  399. BYTE b16KCryptoATR[] = { 0x3B, 0x95, 0x15, 0x40, 0xFF, 0x63,
  400. 0x01, 0x01, 0x00, 0x00 };
  401. BYTE b16KCryptoMask[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  402. 0xFF, 0xFF, 0x00, 0x00 };
  404. RegisterCard(g_szCrypto16KName, b16KCryptoATR,
  405. sizeof b16KCryptoATR / sizeof *b16KCryptoATR, b16KCryptoMask,
  406. sizeof b16KCryptoMask / sizeof *b16KCryptoMask,
  407. bProperties, CRYPTO_CARD);
  409. // Register e-gate
  410. BYTE be_gateATR[] = { 0x3B, 0x95, 0x00, 0x40, 0xFF, 0x62,
  411. 0x01, 0x01, 0x00, 0x00 };
  412. BYTE be_gateMask[] = { 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF,
  413. 0xFF, 0xFF, 0x00, 0x00 };
  415. RegisterCard(g_sze_gateName, be_gateATR,
  416. sizeof be_gateATR / sizeof *be_gateATR, be_gateMask,
  417. sizeof be_gateMask / sizeof *be_gateMask,
  418. bProperties, CRYPTO_CARD);
  420. // Register Cyberflex Access card
  421. BYTE bAccessATR[] = { 0x3B, 0x16, 0x94, 0x81, 0x10, 0x06, 0x01, 0x00, 0x00 };
  423. RegisterCard(g_szAccessName, bAccessATR, bATRLength, bAccessMask,
  424. bMaskLength, bProperties, ACCESS_CARD);
  426. // Register old Cryptoflex 8K card
  427. BYTE bOldCryptoATR[] = { 0x3B, 0x85, 0x40, 0x20, 0x68, 0x01, 0x01, 0x00, 0x00 };
  429. RegisterCard(g_szOldCrypto8KName, bOldCryptoATR, bATRLength, bMask,
  430. bMaskLength, bProperties, CRYPTO_CARD);
  432. // Register new Cryptoflex 8K card
  433. BYTE bNewCryptoATR[] = { 0x3B, 0x85, 0x40, 0x20, 0x68, 0x01, 0x01, 0x05, 0x01 };
  435. RegisterCard(g_szNewCrypto8KName, bNewCryptoATR, bATRLength, bMask,
  436. bMaskLength, bProperties, CRYPTO_CARD);
  438. // Register another new Cryptoflex 8K card
  439. BYTE bCrypto8KV2ATR[] = { 0x3B, 0x95, 0x15, 0x40, 0x00, 0x68, 0x01, 0x02, 0x00, 0x00 };
  440. BYTE bCrypto8KV2Mask[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00 };
  442. RegisterCard(g_szCrypto8KV2Name, bCrypto8KV2ATR, sizeof(bCrypto8KV2ATR), bCrypto8KV2Mask,
  443. sizeof(bCrypto8KV2Mask), bProperties, CRYPTO_CARD);
  445. // Register Cryptoflex 4K card
  446. BYTE b4KCryptoATR[] = { 0x3B, 0xE2, 0x00, 0x00, 0x40, 0x20, 0x49, 0x00 };
  447. bATRLength = 8;
  448. bMaskLength = 8;
  450. RegisterCard(g_szCrypto4KName, b4KCryptoATR, bATRLength, bCMask,
  451. bMaskLength, bProperties, CRYPTO_CARD);
  453. // Register Cyberflex Access Campus
  454. BYTE be_AccessCampusATR[] = { 0x3B, 0x23, 0x00, 0x35, 0x13, 0x80 };
  455. BYTE be_AccessCampusMask[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
  457. RegisterCard(g_szAccessCampus, be_AccessCampusATR,
  458. sizeof be_AccessCampusATR / sizeof *be_AccessCampusATR,
  459. be_AccessCampusMask,
  460. sizeof be_AccessCampusMask / sizeof *be_AccessCampusMask,
  461. bProperties, ACCESS_CARD);
  463. // Register Cryptoflex ActivCard
  464. BYTE bCryptoActivCardATR[] = { 0x3B, 0x05, 0x68, 0x01, 0x01,
  465. 0x02, 0x05 };
  466. BYTE bCryptoActivCardMask[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  467. 0xFF, 0xFF };
  469. RegisterCard(g_szCryptoActivCard, bCryptoActivCardATR,
  470. sizeof(bCryptoActivCardATR), bCryptoActivCardMask,
  471. sizeof(bCryptoActivCardMask), bProperties, CRYPTO_CARD);
  473. }
  475. #if defined(SLBIOP_USE_SECURITY_ATTRIBUTES)
  476. void
  477. CIOP::InitIOPSecurityAttrs(CSecurityAttributes *psa)
  478. {
  480. DWORD dwRes;
  481. PSID pEveryoneSID = NULL, pAdminSID = NULL;
  482. PACL pACL = NULL;
  483. PSECURITY_DESCRIPTOR pSD = NULL;
  484. EXPLICIT_ACCESS ea;
  485. SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
  486. SID_IDENTIFIER_AUTHORITY SIDAuthNT = SECURITY_NT_AUTHORITY;
  487. bool fErrorFound = false;
  489. // Create a well-known SID for the Everyone group.
  490. if(!AllocateAndInitializeSid(&SIDAuthWorld, 1,
  491. SECURITY_WORLD_RID,
  492. 0, 0, 0, 0, 0, 0, 0, &pEveryoneSID))
  493. throw scu::OsException(GetLastError());
  495. // Initialize an EXPLICIT_ACCESS structure for an ACE.
  496. // The ACE will allow Everyone read access to the key.
  497. ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
  498. ea.grfAccessPermissions = SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL;
  499. ea.grfAccessMode = SET_ACCESS;
  500. ea.grfInheritance= NO_INHERITANCE;
  501. ea.Trustee.TrusteeForm = TRUSTEE_IS_SID;
  502. ea.Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
  503. ea.Trustee.ptstrName = (LPTSTR) pEveryoneSID;
  505. #if 0
  506. // Create a SID for the BUILTIN\Administrators group.
  507. if (!AllocateAndInitializeSid(&SIDAuthNT, 2,
  508. SECURITY_BUILTIN_DOMAIN_RID,
  509. DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0,
  510. 0, 0, &pAdminSID))
  511. throw scu::OsException(GetLastError());
  513. // Initialize an EXPLICIT_ACCESS structure for an ACE.
  514. // The ACE will allow the Administrators group full access to the key.
  515. ea.grfAccessPermissions = SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL;
  516. ea.grfAccessMode = SET_ACCESS;
  517. ea.grfInheritance= NO_INHERITANCE;
  518. ea.Trustee.TrusteeForm = TRUSTEE_IS_SID;
  519. ea.Trustee.TrusteeType = TRUSTEE_IS_GROUP;
  520. ea.Trustee.ptstrName = (LPTSTR) pAdminSID;
  521. #endif // 0
  522. // Create a new ACL that contains the new ACEs.
  523. dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL);
  524. if (ERROR_SUCCESS != dwRes)
  525. {
  526. fErrorFound = true;
  527. }
  528. else
  529. {
  530. // Initialize a security descriptor.
  531. pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
  532. if (pSD == NULL)
  533. {
  534. fErrorFound = true;
  535. }
  536. else if (!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION))
  537. {
  538. fErrorFound = true;
  539. }
  540. // Add the ACL to the security descriptor.
  541. else if (!SetSecurityDescriptorDacl(pSD,
  542. TRUE, // fDaclPresent flag
  543. pACL,
  544. FALSE)) // not a default DACL
  545. {
  546. fErrorFound = true;
  547. }
  548. else
  549. {
  550. if (!IsValidSecurityDescriptor(pSD))
  551. {
  552. fErrorFound = true;
  553. }
  554. else
  555. {
  556. // Initialize a security attributes structure.
  557. psa->sa.nLength = sizeof(SECURITY_ATTRIBUTES);
  558. psa->sa.lpSecurityDescriptor = pSD;
  559. psa->sa.bInheritHandle = FALSE;
  560. psa->pEveryoneSID = pEveryoneSID;
  561. psa->pACL = pACL;
  562. }
  563. }
  564. }
  566. DWORD dwLastError = GetLastError();
  568. if (true == fErrorFound)
  569. {
  570. if (NULL != pACL)
  571. {
  572. LocalFree(pACL);
  573. pACL = NULL;
  574. }
  575. if (NULL != pSD)
  576. {
  577. LocalFree(pSD);
  578. pSD = NULL;
  579. }
  580. if (NULL != pEveryoneSID)
  581. {
  582. FreeSid(pEveryoneSID);
  583. pEveryoneSID = NULL;
  584. }
  585. throw scu::OsException(dwLastError);
  586. }
  587. #if 0
  588. // Create a new ACL that contains the new ACEs.
  589. dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL);
  590. if (ERROR_SUCCESS != dwRes)
  591. throw scu::OsException(GetLastError());
  593. // Initialize a security descriptor.
  594. pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
  595. if (pSD == NULL)
  596. throw scu::OsException(GetLastError());
  598. if (!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION))
  599. throw scu::OsException(GetLastError());
  601. // Add the ACL to the security descriptor.
  602. if (!SetSecurityDescriptorDacl(pSD,
  603. TRUE, // fDaclPresent flag
  604. pACL,
  605. FALSE)) // not a default DACL
  606. throw scu::OsException(GetLastError());
  608. // Initialize a security attributes structure.
  609. psa->nLength = sizeof(SECURITY_ATTRIBUTES);
  610. psa->lpSecurityDescriptor = pSD;
  611. psa->bInheritHandle = FALSE;
  613. if (!IsValidSecurityDescriptor(pSD))
  614. throw scu::OsException(GetLastError());
  615. #endif
  616. }
  618. #endif // defined(SLBIOP_USE_SECURITY_ATTRIBUTES)
  621. bool CIOP::WaitForSCManager()
  622. {
  623. #if defined(SLBIOP_WAIT_FOR_RM_STARTUP)
  624. // Wait for the SCManager to start, time out at dwTimeout seconds.
  626. HANDLE hStarted = GetSCResourceManagerStartedEvent();
  627. if (hStarted)
  628. {
  629. if (WaitForSingleObject(hStarted, 60 * 1000) == WAIT_OBJECT_0)
  630. return true;
  631. }
  633. return false;
  635. #else // defined(SLBIOP_WAIT_FOR_RM_STARTUP)
  637. return true;
  639. #endif // defined(SLBIOP_WAIT_FOR_RM_STARTUP)
  641. }
  646. } // namespace iop
  649. STDAPI DllGetVersion(DLLVERSIONINFO *dvi)
  650. {
  651. dvi->dwBuildNumber = 0;
  652. dvi->dwMajorVersion = 0;
  653. dvi->dwMinorVersion = 9;
  655. return 0;
  656. }
  658. STDAPI DllRegisterServer()
  659. {
  660. // Ensure default cards are registered to the system
  661. HRESULT hResult = ERROR_SUCCESS;
  662. try
  663. {
  664. iop::CIOP::RegisterDefaultCards();
  665. }
  667. catch (scu::OsException const &rExc)
  668. {
  669. hResult = rExc.Cause();
  670. }
  672. return hResult;
  673. }
  675. STDAPI DllUnregisterServer()
  676. {
  677. HRESULT hResult = NOERROR;
  679. LONG rv;
  680. HKEY hkSLBKey;
  681. HKEY hkTerminalsKey;
  682. HKEY hkCardsKey;
  685. bool bSLBKey = false, bTerminalsKey = false, bCardsKey = false;
  687. try
  688. {
  689. rv = RegOpenKeyEx(HKEY_LOCAL_MACHINE, g_szSLBRegistryPath, NULL, KEY_ALL_ACCESS, &hkSLBKey);
  690. if(rv!=ERROR_SUCCESS) throw scu::OsException(rv);
  691. bSLBKey = true;
  693. RegOpenKeyEx(hkSLBKey, g_szTerminalsName, NULL, KEY_ALL_ACCESS, &hkTerminalsKey);
  694. if(rv!=ERROR_SUCCESS) throw scu::OsException(rv);
  695. bTerminalsKey = true;
  697. RegOpenKeyEx(hkTerminalsKey, g_szCardName, NULL, KEY_ALL_ACCESS, &hkCardsKey);
  698. if(rv!=ERROR_SUCCESS) throw scu::OsException(rv);
  699. bCardsKey = true;
  701. rv = RegDeleteKey(hkCardsKey, g_szCrypto4KName);
  702. if(rv!=ERROR_SUCCESS) hResult = E_UNEXPECTED;
  704. rv = RegDeleteKey(hkCardsKey, g_szOldCrypto8KName);
  705. if(rv!=ERROR_SUCCESS) hResult = E_UNEXPECTED;
  707. rv = RegDeleteKey(hkCardsKey, g_szNewCrypto8KName);
  708. if(rv!=ERROR_SUCCESS) hResult = E_UNEXPECTED;
  710. rv = RegDeleteKey(hkCardsKey, g_szCrypto8KV2Name);
  711. if(rv!=ERROR_SUCCESS) hResult = E_UNEXPECTED;
  713. rv = RegDeleteKey(hkCardsKey, g_szAccessName);
  714. if(rv!=ERROR_SUCCESS) hResult = E_UNEXPECTED;
  716. rv = RegDeleteKey(hkCardsKey, g_sze_gateName);
  717. if(rv!=ERROR_SUCCESS) hResult = E_UNEXPECTED;
  719. rv = RegDeleteKey(hkCardsKey, g_szCrypto16KName);
  720. if(rv!=ERROR_SUCCESS) hResult = E_UNEXPECTED;
  722. rv = RegDeleteKey(hkCardsKey, g_szAccessCampus);
  723. if(rv!=ERROR_SUCCESS) hResult = E_UNEXPECTED;
  725. rv = RegDeleteKey(hkCardsKey, g_szCryptoActivCard);
  726. if(rv!=ERROR_SUCCESS) hResult = E_UNEXPECTED;
  728. rv = RegCloseKey (hkCardsKey);
  729. if(rv!=ERROR_SUCCESS) throw scu::OsException(rv);
  730. bCardsKey = false;
  732. rv = RegDeleteKey(hkTerminalsKey, g_szCardName);
  733. if(rv!=ERROR_SUCCESS) throw scu::OsException(rv);
  734. bCardsKey = false;
  736. rv = RegCloseKey (hkTerminalsKey);
  737. if(rv!=ERROR_SUCCESS) throw scu::OsException(rv);
  738. bTerminalsKey = false;
  740. rv = RegDeleteKey(hkSLBKey, g_szTerminalsName);
  741. if(rv!=ERROR_SUCCESS) throw scu::OsException(rv);
  742. bCardsKey = false;
  744. rv = RegCloseKey(hkSLBKey);
  745. if(rv!=ERROR_SUCCESS) throw scu::OsException(rv);
  746. bSLBKey = false;
  747. }
  748. catch(...)
  749. {
  750. hResult = E_UNEXPECTED;
  751. }
  753. if(bCardsKey) RegCloseKey (hkCardsKey);
  754. if(bTerminalsKey) RegCloseKey (hkTerminalsKey);
  755. if(bSLBKey) RegCloseKey (hkSLBKey);
  757. return hResult;
  758. }