archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/com/rpc/runtime/mtrt/dumpcert.cxx

416 lines
12 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 1999 - 1999
  6. //
  7. // File: dumpcert.cxx
  8. //
  9. //--------------------------------------------------------------------------
  11. #include "precomp.hxx"
  12. #include <wincrypt.h>
  13. #include <rpcssl.h>
  15. #if 0
  17. stuff clobbered by Unicode -> ANSI port:
  19. wchar_t -> char
  20. WCHAR -> char
  21. L"" -> ""
  22. %S -> %s
  23. W suffix-> A suffix
  24. wcscmp -> strcmp
  25. wmain -> main
  26. LPWSTR -> LPSTR
  28. #endif
  31. #define ByteSwapShort(Value) \
  32. Value = ( (((Value) & 0x00FF) << 8) \
  33. | (((Value) & 0xFF00) >> 8))
  35. #define INITIAL_NAME_LENGTH 100
  37. #define MSSTD_PREFIX_LENGTH 6
  38. const char MSSTD_PREFIX[] = "msstd:";
  40. #define FULLPATH_PREFIX_LENGTH 8
  41. const char FULLPATH_PREFIX[] = "fullsic:";
  43. //------------------------------------------------------------------------
  45. void DumpCertInfo( PCERT_INFO Info );
  46. void RecordErrorAndExit( char * Action, unsigned long Error );
  48. extern "C"
  49. {
  50. int __cdecl
  51. main( int argc,
  52. char * argv[],
  53. char * envp[]
  54. );
  55. }
  59. int __cdecl
  60. main( int argc,
  61. char * argv[],
  62. char * envp[]
  63. )
  64. {
  65. HCERTSTORE Store;
  66. PCCERT_CONTEXT Context = 0;
  67. unsigned Criterion = CERT_FIND_ANY;
  68. void * SearchData = 0;
  69. char * StoreName = "My";
  70. int i;
  71. char * MatchString = 0;
  72. BOOL fMatch = FALSE;
  73. BOOL fOutput = FALSE;
  74. unsigned long OutputFlags = 0;
  75. DWORD StoreFlags = CERT_SYSTEM_STORE_CURRENT_USER;
  77. for (i=1; i < argc; ++i)
  78. {
  79. if (0 == strcmp(argv[i], "-subject"))
  80. {
  81. Criterion = CERT_FIND_SUBJECT_STR_W;
  82. ++i;
  83. if (i >= argc)
  84. {
  85. printf("-subject must be followed by a subject name or substring\n");
  86. return 1;
  87. }
  89. SearchData = argv[i];
  90. }
  91. else if (0 == strcmp(argv[i], "-issuer"))
  92. {
  93. Criterion = CERT_FIND_ISSUER_STR_W;
  94. ++i;
  95. if (i >= argc)
  96. {
  97. printf("-issuer must be followed by an issuer name or substring\n");
  98. return 1;
  99. }
  100. SearchData = argv[i];
  101. }
  102. else if (0 == strcmp(argv[i], "-store"))
  103. {
  104. ++i;
  105. if (i >= argc)
  106. {
  107. printf("-store must be followed by a store name, such as 'Root' or 'My'\n");
  108. return 1;
  109. }
  110. StoreName = argv[i];
  111. }
  112. else if (0 == strcmp(argv[i], "-location"))
  113. {
  114. ++i;
  116. if (i >= argc)
  117. {
  118. printf("-location must be followed by 'USER:' or by 'HKLM'\n");
  119. return 1;
  120. }
  122. if (0 == strcmp(argv[i], "USER:"))
  123. {
  124. StoreFlags = CERT_SYSTEM_STORE_CURRENT_USER;
  125. }
  126. else if (0 == strcmp(argv[i], "HKLM"))
  127. {
  128. StoreFlags = CERT_SYSTEM_STORE_LOCAL_MACHINE;
  129. }
  130. else
  131. {
  132. printf("-location must be followed by 'USER:' or by 'HKLM'\n");
  133. return 1;
  134. }
  135. }
  136. else if (0 == strcmp(argv[i], "-output"))
  137. {
  138. fOutput = TRUE;
  139. ++i;
  141. if(i >= argc)
  142. {
  143. printf("-output must be followed by 'msstd' or by 'fullsic'\n");
  144. return 1;
  145. }
  147. if (0 == strcmp(argv[i], "fullsic"))
  148. {
  149. OutputFlags = RPC_C_FULL_CERT_CHAIN;
  150. }
  151. else if (0 == strcmp(argv[i], "msstd"))
  152. {
  153. OutputFlags = 0;
  154. }
  155. else
  156. {
  157. printf("-output must be followed by 'msstd' or by 'fullsic'\n");
  158. return 1;
  159. }
  160. }
  161. else if (0 == strcmp(argv[i], "-match"))
  162. {
  163. fMatch = TRUE;
  165. ++i;
  166. if(i >= argc)
  167. {
  168. printf("-match must be followed by '@filename', listing the name of the file containing the match string\n");
  169. return 1;
  170. }
  172. if (argv[i][0] == '@')
  173. {
  174. DWORD BytesRead;
  175. HANDLE hMatchFile;
  177. hMatchFile = CreateFileA( argv[i]+1,
  178. GENERIC_READ,
  179. FILE_SHARE_READ,
  180. 0, // no security
  181. OPEN_EXISTING, // must already exist
  182. FILE_ATTRIBUTE_NORMAL,
  183. NULL // no template file
  184. );
  186. if (hMatchFile == ULongToHandle(0xffffffff))
  187. {
  188. printf("can't open file %s\n", argv[i]+1);
  189. return 1;
  190. }
  192. DWORD Size = GetFileSize( hMatchFile, 0);
  193. if (Size == 0xffffffff)
  194. {
  195. printf("GetFileSize failed with 0x%x\n", GetLastError());
  196. return 1;
  197. }
  199. if (Size % 2)
  200. {
  201. printf("the match-string file must be in Unicode.\n");
  202. return 1;
  203. }
  205. MatchString = new char[ Size/sizeof(char) + sizeof(char) ];
  206. if (!MatchString)
  207. {
  208. printf("can't allocate memory\n");
  209. return 1;
  210. }
  212. if (!ReadFile( hMatchFile,
  213. MatchString,
  214. Size,
  215. &BytesRead,
  216. 0 // not overlapped
  217. )
  218. || BytesRead != Size)
  219. {
  220. printf("can't read file data: 0x%x\n", GetLastError());
  221. return 1;
  222. }
  224. MatchString[ Size/sizeof(char) ] = 0;
  226. if (MatchString[0] == 0xfeff)
  227. {
  228. ++MatchString;
  229. }
  230. else if (MatchString[0] == 0xfffe)
  231. {
  232. char * pc;
  234. for (pc = MatchString; *pc; ++pc)
  235. {
  236. ByteSwapShort(*pc);
  237. }
  239. ++MatchString;
  240. }
  241. }
  242. else
  243. {
  244. MatchString = argv[i];
  245. }
  247. printf("string to match is '%s'\n", MatchString);
  248. }
  249. else if (0 == strcmp(argv[i], "-?") ||
  250. 0 == strcmp(argv[i], "-help"))
  251. {
  252. printf("usage:\n"
  253. " dumpcert \n"
  254. " [-subject subject-substring]\n"
  255. " [-issuer issuer-substring]\n"
  256. " [-store store-name]\n"
  257. " [-output ('fullsic' | 'msstd')\n"
  258. " [-location ('HKLM' | 'USER:')\n"
  259. " [-match @filename]\n"
  260. );
  261. return 1;
  262. }
  263. else
  264. {
  265. printf("unknown option '%s'\n", argv[i]);
  266. return 1;
  267. }
  268. }
  270. Store = CertOpenStore( CERT_STORE_PROV_SYSTEM_A,
  271. 0,
  272. 0,
  273. StoreFlags,
  274. StoreName
  275. );
  277. if (!Store)
  278. {
  279. RecordErrorAndExit("opening the store", GetLastError());
  280. }
  282. for(;;)
  283. {
  284. Context = CertFindCertificateInStore( Store,
  285. X509_ASN_ENCODING,
  286. 0,
  287. Criterion,
  288. SearchData,
  289. Context
  290. );
  291. if (!Context)
  292. {
  293. break;
  294. }
  296. DumpCertInfo( Context->pCertInfo );
  297. if (fOutput)
  298. {
  299. unsigned char * OutputBuffer = 0;
  300. DWORD Status = RpcCertGeneratePrincipalNameA( Context, OutputFlags, &OutputBuffer );
  301. if (Status)
  302. {
  303. printf("GeneratePrincName returned %d = 0x%x\n", Status, Status);
  304. }
  305. else
  306. {
  307. printf(" generated name = '%s'\n", OutputBuffer);
  308. }
  309. }
  311. if (fMatch)
  312. {
  313. printf("matching is not implemented because RpcCertMatchPrincipalName is not exported\n");
  314. #if 0
  315. DWORD Status = RpcCertMatchPrincipalName( Context, MatchString );
  316. if (Status)
  317. {
  318. printf("MatchPrincipalName returned %d = 0x%x\n", Status, Status);
  319. }
  320. else
  321. {
  322. printf("The names matched.\n");
  323. }
  324. #endif
  325. }
  326. }
  328. if (GetLastError() != CRYPT_E_NOT_FOUND)
  329. {
  330. RecordErrorAndExit("getting certificates", GetLastError());
  331. }
  333. return 0;
  334. }
  336. void DumpCertInfo( PCERT_INFO Info )
  337. {
  338. SYSTEMTIME NotBeforeTime;
  339. SYSTEMTIME NotAfterTime;
  340. char SubjectName[1000];
  341. char IssuerName[1000];
  343. if (!FileTimeToSystemTime( &Info->NotBefore, &NotBeforeTime ))
  344. {
  345. RecordErrorAndExit("translating not-before time", GetLastError());
  346. }
  348. if (!FileTimeToSystemTime( &Info->NotAfter, &NotAfterTime ))
  349. {
  350. RecordErrorAndExit("translating not-after time", GetLastError());
  351. }
  353. if (!CertNameToStrA( X509_ASN_ENCODING,
  354. &Info->Subject,
  355. CERT_X500_NAME_STR | CERT_NAME_STR_SEMICOLON_FLAG,
  356. SubjectName,
  357. sizeof(SubjectName)
  358. ))
  359. {
  360. RecordErrorAndExit("unpacking subject name", GetLastError());
  361. }
  363. if (!CertNameToStrA( X509_ASN_ENCODING,
  364. &Info->Issuer,
  365. CERT_X500_NAME_STR | CERT_NAME_STR_SEMICOLON_FLAG,
  366. IssuerName,
  367. sizeof(IssuerName)
  368. ))
  369. {
  370. RecordErrorAndExit("unpacking issuer name", GetLastError());
  371. }
  373. printf("----------------------------------------------------\n\n");
  375. printf(" subject: %s\n", SubjectName);
  376. printf(" issuer: %s\n", IssuerName);
  377. printf(" version %d\n", Info->dwVersion );
  378. printf(" valid from %02d:%02d:%02d on %d-%02d-%d\n",
  379. NotBeforeTime.wHour,
  380. NotBeforeTime.wMinute,
  381. NotBeforeTime.wSecond,
  382. NotBeforeTime.wMonth,
  383. NotBeforeTime.wDay,
  384. NotBeforeTime.wYear
  385. );
  387. printf(" to %02d:%02d:%02d on %d-%02d-%d\n",
  388. NotAfterTime.wHour,
  389. NotAfterTime.wMinute,
  390. NotAfterTime.wSecond,
  391. NotAfterTime.wMonth,
  392. NotAfterTime.wDay,
  393. NotAfterTime.wYear
  394. );
  395. }
  398. void RecordErrorAndExit( char * Action, unsigned long Error )
  399. {
  400. char * lpMsgBuf = "";
  402. FormatMessageA( FORMAT_MESSAGE_ALLOCATE_BUFFER |
  403. FORMAT_MESSAGE_FROM_SYSTEM |
  404. FORMAT_MESSAGE_IGNORE_INSERTS,
  405. NULL,
  406. Error,
  407. MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
  408. (LPSTR) &lpMsgBuf,
  409. 0,
  410. NULL
  411. );
  413. printf("error while %s: %x (%d) \"%s\"", Action, Error, Error, lpMsgBuf);
  414. }