archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/win32/ntcrypto/rsaaes/protstor.cpp

737 lines
19 KiB
Raw Normal View History

Add source files
4 years ago
  1. /////////////////////////////////////////////////////////////////////////////
  2. // FILE : protstor.c //
  3. // DESCRIPTION : Code for storing keys in the protected store: //
  4. // AUTHOR : //
  5. // HISTORY : //
  6. // Dec 4 1996 jeffspel Created //
  7. // Apr 21 1997 jeffspel Changes for NT 5 tree //
  8. // Jul 28 1997 jeffspel Added ability to delete a persisted key //
  9. // May 5 2000 dbarlow Modify error return handling //
  10. // //
  11. // Copyright (C) 1996 - 2000, Microsoft Corporation //
  12. // All Rights Reserved //
  13. /////////////////////////////////////////////////////////////////////////////
  15. #include "precomp.h"
  16. #include "wincrypt.h"
  17. #include "pstore.h"
  18. #include "protstor.h"
  19. #include "ntagum.h"
  21. #define CRYPTO_KEY_TYPE_STRING L"Cryptographic Keys"
  22. static GUID l_DefTypeGuid
  23. = { 0x4d1fa410, 0x6fd9, 0x11d0,
  24. { 0x8C, 0x58, 0x00, 0xC0, 0x4F, 0xD9, 0x12, 0x6B } };
  26. #define CRYPTO_SIG_SUBTYPE_STRING L"RSA Signature Keys"
  27. static GUID l_DefSigGuid
  28. = { 0x4d1fa411, 0x6fd9, 0x11D0,
  29. { 0x8C, 0x58, 0x00, 0xC0, 0x4F, 0xD9, 0x12, 0x6B } };
  31. #define CRYPTO_EXCH_SUBTYPE_STRING L"RSA Exchange Keys"
  32. static GUID l_DefExchGuid
  33. = { 0x4d1fa412, 0x6fd9, 0x11D0,
  34. { 0x8C, 0x58, 0x00, 0xC0, 0x4F, 0xD9, 0x12, 0x6B } };
  36. static GUID l_SysProv = MS_BASE_PSTPROVIDER_ID;
  39. void
  40. FreePSInfo(
  41. PSTORE_INFO *pPStore)
  42. {
  43. IPStore *pIPS;
  45. if (NULL != pPStore)
  46. {
  47. pIPS = (IPStore*)pPStore->pProv;
  48. if (NULL != pIPS)
  49. pIPS->Release();
  50. if (NULL != pPStore->hInst)
  51. FreeLibrary(pPStore->hInst);
  52. if (NULL != pPStore->szPrompt)
  53. _nt_free(pPStore->szPrompt, pPStore->cbPrompt);
  54. _nt_free(pPStore, sizeof(PSTORE_INFO));
  55. }
  56. }
  59. BOOL
  60. CheckPStoreAvailability(
  61. PSTORE_INFO *pPStore)
  62. {
  63. BOOL fRet = FALSE;
  65. if (S_OK != PStoreCreateInstance((IPStore**)(&pPStore->pProv),
  66. &l_SysProv, NULL, 0))
  67. goto ErrorExit;
  69. memcpy(&pPStore->SigType, &l_DefTypeGuid, sizeof(GUID));
  70. memcpy(&pPStore->SigSubtype, &l_DefSigGuid, sizeof(GUID));
  71. memcpy(&pPStore->ExchType, &l_DefTypeGuid, sizeof(GUID));
  72. memcpy(&pPStore->ExchSubtype, &l_DefExchGuid, sizeof(GUID));
  73. fRet = TRUE;
  75. ErrorExit:
  76. return fRet;
  77. }
  80. DWORD
  81. CreateNewPSKeyset(
  82. PSTORE_INFO *pPStore,
  83. DWORD dwFlags)
  84. {
  85. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  86. PST_ACCESSRULE rgRules[2];
  87. PST_ACCESSRULESET Rules;
  88. PST_TYPEINFO Info;
  89. PST_PROMPTINFO PromptInfo = {NULL, NULL};
  90. HRESULT hr;
  91. IPStore *pIPS = (IPStore*)pPStore->pProv;
  92. DWORD dwRegLoc = PST_KEY_CURRENT_USER;
  94. if (dwFlags & CRYPT_MACHINE_KEYSET)
  95. dwRegLoc = PST_KEY_LOCAL_MACHINE;
  97. // if type is not available the create it
  98. memset(&Info, 0, sizeof(Info));
  99. Info.cbSize = sizeof(PST_TYPEINFO);
  100. Info.szDisplayName = CRYPTO_KEY_TYPE_STRING;
  101. hr = pIPS->CreateType(dwRegLoc, &pPStore->SigType, &Info, 0);
  102. if ((S_OK != hr) && (PST_E_TYPE_EXISTS != hr))
  103. {
  104. dwReturn = (DWORD)hr;
  105. goto ErrorExit;
  106. }
  108. // make same rules for read, write access
  109. rgRules[0].cbSize = sizeof(PST_ACCESSRULE);
  110. rgRules[0].AccessModeFlags = PST_READ;
  111. rgRules[0].cClauses = 0;
  112. rgRules[0].rgClauses = NULL;
  113. rgRules[1].cbSize = sizeof(PST_ACCESSRULE);
  114. rgRules[1].AccessModeFlags = PST_WRITE;
  115. rgRules[1].cClauses = 0;
  116. rgRules[1].rgClauses = NULL;
  118. Rules.cbSize = sizeof(PST_ACCESSRULESET);
  119. Rules.cRules = 2;
  120. Rules.rgRules = rgRules;
  122. // create the signature subtype
  123. Info.szDisplayName = CRYPTO_SIG_SUBTYPE_STRING;
  124. PromptInfo.szPrompt = L"";
  125. hr = pIPS->CreateSubtype(dwRegLoc, &pPStore->SigType,
  126. &pPStore->SigSubtype, &Info, &Rules, 0);
  127. if ((S_OK != hr) && (PST_E_TYPE_EXISTS != hr))
  128. {
  129. dwReturn = (DWORD)hr;
  130. goto ErrorExit;
  131. }
  133. // create the exchange subtype
  134. Info.szDisplayName = CRYPTO_EXCH_SUBTYPE_STRING;
  135. hr = pIPS->CreateSubtype(dwRegLoc, &pPStore->SigType,
  136. &pPStore->ExchSubtype, &Info, &Rules, 0);
  137. if ((S_OK != hr) && (PST_E_TYPE_EXISTS != hr))
  138. {
  139. dwReturn = (DWORD)hr;
  140. goto ErrorExit;
  141. }
  143. dwReturn = ERROR_SUCCESS;
  145. ErrorExit:
  146. return dwReturn;
  147. }
  150. DWORD
  151. GetKeysetTypeAndSubType(
  152. PNTAGUserList pUser)
  153. {
  154. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  155. BYTE *pb1 = NULL;
  156. DWORD cb1;
  157. BYTE *pb2 = NULL;
  158. DWORD cb2;
  159. DWORD dwSts;
  161. memcpy(&pUser->pPStore->SigType, &l_DefTypeGuid, sizeof(GUID));
  162. memcpy(&pUser->pPStore->SigSubtype, &l_DefSigGuid, sizeof(GUID));
  163. memcpy(&pUser->pPStore->ExchType, &l_DefTypeGuid, sizeof(GUID));
  164. memcpy(&pUser->pPStore->ExchSubtype, &l_DefExchGuid, sizeof(GUID));
  166. // look in registry and see if the type and subtype Guids are there
  167. dwSts = ReadRegValue(pUser->hKeys, "SigTypeSubtype", &pb1, &cb1, TRUE);
  168. if (ERROR_SUCCESS != dwSts)
  169. {
  170. dwReturn = dwSts;
  171. goto ErrorExit;
  172. }
  174. dwSts = ReadRegValue(pUser->hKeys, "ExchTypeSubtype", &pb2, &cb2, TRUE);
  175. if (ERROR_SUCCESS != dwSts)
  176. {
  177. dwReturn = dwSts;
  178. goto ErrorExit;
  179. }
  181. if (pb1)
  182. {
  183. memcpy(&pUser->pPStore->SigType, pb1, sizeof(GUID));
  184. memcpy(&pUser->pPStore->SigSubtype, pb1 + sizeof(GUID), sizeof(GUID));
  185. }
  187. if (pb2)
  188. {
  189. memcpy(&pUser->pPStore->ExchType, pb2, sizeof(GUID));
  190. memcpy(&pUser->pPStore->ExchSubtype, pb2 + sizeof(GUID), sizeof(GUID));
  191. }
  193. dwReturn = ERROR_SUCCESS;
  195. ErrorExit:
  196. if (pb1)
  197. _nt_free(pb1, cb1);
  198. if (pb2)
  199. _nt_free(pb2, cb2);
  200. return dwReturn;
  201. }
  204. DWORD
  205. SetUIPrompt(
  206. PNTAGUserList pUser,
  207. LPWSTR szPrompt)
  208. {
  209. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  210. DWORD cb = 0;
  211. LPWSTR sz = NULL;
  213. // check if sig or exch keys are loaded and if so error
  214. if (NULL == pUser->pPStore)
  215. {
  216. dwReturn = (DWORD)NTE_BAD_KEYSET;
  217. goto ErrorExit;
  218. }
  220. if (NULL != szPrompt)
  221. {
  222. cb = (lstrlenW(szPrompt) + 1) * sizeof(WCHAR);
  224. sz = (LPWSTR)_nt_malloc(cb);
  225. if (NULL == sz)
  226. {
  227. dwReturn = ERROR_NOT_ENOUGH_MEMORY;
  228. goto ErrorExit;
  229. }
  231. lstrcpyW(sz, szPrompt);
  232. }
  234. if (pUser->pPStore->szPrompt)
  235. _nt_free(pUser->pPStore->szPrompt, pUser->pPStore->cbPrompt);
  237. pUser->pPStore->cbPrompt = cb;
  238. pUser->pPStore->szPrompt = sz;
  240. dwReturn = ERROR_SUCCESS;
  242. ErrorExit:
  243. return dwReturn;
  244. }
  247. /*static*/ DWORD
  248. PickleKey(
  249. BOOL fExportable,
  250. size_t cbPriv,
  251. PBYTE pbPriv,
  252. PBYTE *ppbData,
  253. PDWORD pcbData)
  254. {
  255. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  257. if (NULL != pbPriv)
  258. {
  259. // alloc the appropriate amount of space
  260. *pcbData = cbPriv + sizeof(DWORD) + sizeof(BOOL);
  261. *ppbData = (PBYTE)_nt_malloc(*pcbData);
  262. if (NULL == *ppbData)
  263. {
  264. dwReturn = ERROR_NOT_ENOUGH_MEMORY;
  265. goto ErrorExit;
  266. }
  268. // copy exportable info into buffer
  269. memcpy(*ppbData, &fExportable, sizeof(BOOL));
  271. // copy length of keying material into buffer
  272. memcpy(*ppbData + sizeof(BOOL), &cbPriv, sizeof(DWORD));
  274. // copy keying material into buffer
  275. memcpy(*ppbData + sizeof(DWORD) + sizeof(BOOL), pbPriv, cbPriv);
  276. }
  278. dwReturn = ERROR_SUCCESS;
  280. ErrorExit:
  281. return dwReturn;
  282. }
  285. /*static*/ DWORD
  286. UnpickleKey(
  287. PBYTE pbData,
  288. BOOL *pfExportable,
  289. DWORD *pcbPriv,
  290. PBYTE *ppbPriv)
  291. {
  292. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  294. if (NULL != pbData)
  295. {
  296. // pull out the exportable info
  297. memcpy(pfExportable, pbData, sizeof(BOOL));
  299. // pull out the length of the key material
  300. memcpy(pcbPriv, pbData + sizeof(BOOL), sizeof(DWORD));
  302. // free the current key material memory
  303. if (NULL != *ppbPriv)
  304. _nt_free(*ppbPriv, *pcbPriv);
  306. // alloc new memory for the key material
  307. *ppbPriv = (PBYTE)_nt_malloc(*pcbPriv);
  308. if (NULL == *ppbPriv)
  309. {
  310. dwReturn = ERROR_NOT_ENOUGH_MEMORY;
  311. goto ErrorExit;
  312. }
  314. // copy key material
  315. memcpy(*ppbPriv, pbData + sizeof(DWORD) + sizeof(BOOL), *pcbPriv);
  316. }
  318. dwReturn = ERROR_SUCCESS;
  320. ErrorExit:
  321. return dwReturn;
  322. }
  325. /*static*/ DWORD
  326. RestoreKeyFromProtectedStorage(
  327. PNTAGUserList pUser,
  328. LPWSTR szKeyName,
  329. BYTE **ppbKey,
  330. DWORD *pcbKey,
  331. LPWSTR szPrompt,
  332. BOOL fSigKey,
  333. BOOL fMachineKeySet,
  334. BOOL *pfUIOnKey)
  335. {
  336. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  337. HRESULT hr;
  338. DWORD cb;
  339. BYTE *pb = NULL;
  340. GUID *pType;
  341. GUID *pSubtype;
  342. BOOL *pf;
  343. PST_PROMPTINFO PromptInfo;
  344. IPStore *pIPS = (IPStore*)(pUser->pPStore->pProv);
  345. DWORD dwRegLoc = PST_KEY_CURRENT_USER;
  346. DWORD dwSts;
  348. *pfUIOnKey = FALSE;
  350. if (fMachineKeySet)
  351. dwRegLoc = PST_KEY_LOCAL_MACHINE;
  353. memset(&PromptInfo, 0, sizeof(PromptInfo));
  354. PromptInfo.cbSize = sizeof(PST_PROMPTINFO);
  355. if (fSigKey)
  356. {
  357. if (0 == pUser->ContInfo.ContLens.cbSigPub)
  358. {
  359. dwReturn = ERROR_SUCCESS;
  360. goto ErrorExit;
  361. }
  363. pType = &pUser->pPStore->SigType;
  364. pSubtype = &pUser->pPStore->SigSubtype;
  365. pf = &pUser->ContInfo.fSigExportable;
  366. }
  367. else
  368. {
  369. if (0 == pUser->ContInfo.ContLens.cbExchPub)
  370. {
  371. dwReturn = ERROR_SUCCESS;
  372. goto ErrorExit;
  373. }
  375. pType = &pUser->pPStore->ExchType;
  376. pSubtype = &pUser->pPStore->ExchSubtype;
  377. pf = &pUser->ContInfo.fExchExportable;
  378. }
  380. // read the item from secure storage
  381. PromptInfo.hwndApp = NULL;
  382. if (NULL == pUser->pPStore->szPrompt)
  383. PromptInfo.szPrompt = szPrompt;
  384. else
  385. PromptInfo.szPrompt = pUser->pPStore->szPrompt;
  387. hr = pIPS->ReadItem(dwRegLoc, pType, pSubtype, szKeyName, &cb,
  388. &pb, &PromptInfo,
  389. PST_PROMPT_QUERY | PST_NO_UI_MIGRATION);
  390. if (S_OK != hr)
  391. {
  392. // this function returns PST_E_ITEM_EXISTS if there is UI on the item
  393. if (PST_E_ITEM_EXISTS == hr)
  394. *pfUIOnKey = TRUE;
  395. else
  396. {
  397. dwReturn = (DWORD)hr;
  398. goto ErrorExit;
  399. }
  400. }
  402. dwSts = UnpickleKey(pb, pf, pcbKey, ppbKey);
  403. if (ERROR_SUCCESS != dwSts)
  404. {
  405. dwReturn = dwSts;
  406. goto ErrorExit;
  407. }
  409. dwReturn = ERROR_SUCCESS;
  411. ErrorExit:
  412. if (pb)
  413. CoTaskMemFree(pb);
  414. return dwReturn;
  415. }
  418. /*static*/ DWORD
  419. MakeUnicodeKeysetName(
  420. BYTE *pszName,
  421. LPWSTR *ppszWName)
  422. {
  423. // ?BUGBUG? -- We don't really do this, do we?
  424. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  425. long i;
  426. DWORD cb;
  428. cb = (DWORD)lstrlenA((LPSTR)pszName);
  429. *ppszWName = (LPWSTR)_nt_malloc((cb + 1) * sizeof(WCHAR));
  430. if (NULL == *ppszWName)
  431. {
  432. dwReturn = ERROR_NOT_ENOUGH_MEMORY;
  433. goto ErrorExit;
  434. }
  436. for (i=0;i<(long)cb;i++)
  437. (*ppszWName)[i] = (WCHAR)(pszName[i]);
  439. dwReturn = ERROR_SUCCESS;
  441. ErrorExit:
  442. return dwReturn;
  443. }
  446. DWORD
  447. RestoreKeysetFromProtectedStorage(
  448. PNTAGUserList pUser,
  449. LPWSTR szPrompt,
  450. BYTE **ppbKey,
  451. DWORD *pcbKey,
  452. BOOL fSigKey,
  453. BOOL fMachineKeySet,
  454. BOOL *pfUIOnKey)
  455. {
  456. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  457. LPWSTR pszWName = NULL;
  458. DWORD dwSts;
  460. // convert the keyset name to unicode
  461. dwSts = MakeUnicodeKeysetName((BYTE*)pUser->ContInfo.pszUserName,
  462. &pszWName);
  463. if (ERROR_SUCCESS != dwSts)
  464. {
  465. dwReturn = dwSts;
  466. goto ErrorExit;
  467. }
  469. // restore the signature key
  470. dwSts = RestoreKeyFromProtectedStorage(pUser, pszWName, ppbKey, pcbKey,
  471. szPrompt, fSigKey, fMachineKeySet,
  472. pfUIOnKey);
  473. if (ERROR_SUCCESS != dwSts)
  474. {
  475. dwReturn = dwSts;
  476. goto ErrorExit;
  477. }
  479. dwReturn = ERROR_SUCCESS;
  481. ErrorExit:
  482. if (pszWName)
  483. _nt_free(pszWName, (wcslen(pszWName) + 1) * sizeof(WCHAR));
  484. return dwReturn;
  485. }
  488. void
  489. RemoveKeysetFromMemory(
  490. PNTAGUserList pUser)
  491. {
  492. pUser->ContInfo.fSigExportable = FALSE;
  493. if (pUser->pSigPrivKey)
  494. {
  495. _nt_free(pUser->pSigPrivKey, pUser->SigPrivLen);
  496. pUser->SigPrivLen = 0;
  497. pUser->pSigPrivKey = NULL;
  498. }
  500. pUser->ContInfo.fExchExportable = FALSE;
  501. if (pUser->pExchPrivKey)
  502. {
  503. _nt_free(pUser->pExchPrivKey, pUser->ExchPrivLen);
  504. pUser->ExchPrivLen = 0;
  505. pUser->pExchPrivKey = NULL;
  506. }
  507. }
  510. DWORD
  511. SaveKeyToProtectedStorage(
  512. PNTAGUserList pUser,
  513. DWORD dwFlags,
  514. LPWSTR szPrompt,
  515. BOOL fSigKey,
  516. BOOL fMachineKeySet)
  517. {
  518. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  519. HRESULT hr;
  520. PBYTE pb = NULL;
  521. DWORD cb;
  522. GUID *pType;
  523. GUID *pSubtype;
  524. BOOL f;
  525. BYTE *pbKey = NULL;
  526. size_t cbKey;
  527. LPWSTR pszWName = NULL;
  528. LPSTR szKeyName;
  529. PST_PROMPTINFO PromptInfo;
  530. IPStore *pIPS = (IPStore*)(pUser->pPStore->pProv);
  531. DWORD dwRegLoc = PST_KEY_CURRENT_USER;
  532. DWORD dwConfirm = PST_CF_NONE;
  533. DWORD dwSts;
  535. if (fMachineKeySet)
  536. dwRegLoc = PST_KEY_LOCAL_MACHINE;
  538. memset(&PromptInfo, 0, sizeof(PromptInfo));
  539. PromptInfo.cbSize = sizeof(PST_PROMPTINFO);
  540. if (fSigKey)
  541. {
  542. pType = &pUser->pPStore->SigType;
  543. pSubtype = &pUser->pPStore->SigSubtype;
  544. f = pUser->ContInfo.fSigExportable;
  545. cbKey = pUser->SigPrivLen;
  546. pbKey = pUser->pSigPrivKey;
  547. szKeyName = "SPbK";
  548. if (dwFlags & CRYPT_USER_PROTECTED)
  549. dwConfirm = PST_CF_DEFAULT;
  550. }
  551. else
  552. {
  553. pType = &pUser->pPStore->ExchType;
  554. pSubtype = &pUser->pPStore->ExchSubtype;
  555. f = pUser->ContInfo.fExchExportable;
  556. cbKey = pUser->ExchPrivLen;
  557. pbKey = pUser->pExchPrivKey;
  558. szKeyName = "EPbK";
  559. if (dwFlags & CRYPT_USER_PROTECTED)
  560. dwConfirm = PST_CF_DEFAULT;
  561. }
  563. // format the signature key and exportable info
  564. dwSts = PickleKey(f, cbKey, pbKey, &pb, &cb);
  565. if (ERROR_SUCCESS != dwSts)
  566. {
  567. dwReturn = dwSts;
  568. goto ErrorExit;
  569. }
  571. if (pb)
  572. {
  573. // make a unicode version of the keyset name
  574. dwSts = MakeUnicodeKeysetName((BYTE*)pUser->ContInfo.pszUserName,
  575. &pszWName);
  576. if (ERROR_SUCCESS != dwSts)
  577. {
  578. dwReturn = dwSts;
  579. goto ErrorExit;
  580. }
  582. PromptInfo.hwndApp = NULL;
  583. if (NULL == pUser->pPStore->szPrompt)
  584. PromptInfo.szPrompt = szPrompt;
  585. else
  586. PromptInfo.szPrompt = pUser->pPStore->szPrompt;
  588. hr = pIPS->WriteItem(dwRegLoc, pType, pSubtype, pszWName,
  589. cb, pb, &PromptInfo, dwConfirm, 0);
  590. if (S_OK != hr)
  591. {
  592. dwReturn = (DWORD)hr;
  593. goto ErrorExit;
  594. }
  595. }
  597. dwReturn = ERROR_SUCCESS;
  599. ErrorExit:
  600. if (pb)
  601. _nt_free(pb, cb);
  602. if (pszWName)
  603. _nt_free(pszWName, (wcslen(pszWName) + 1) * sizeof(WCHAR));
  604. return dwReturn;
  605. }
  608. DWORD
  609. DeleteKeyFromProtectedStorage(
  610. NTAGUserList *pUser,
  611. PCSP_STRINGS pStrings,
  612. DWORD dwKeySpec,
  613. BOOL fMachineKeySet,
  614. BOOL fMigration)
  615. {
  616. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  617. LPWSTR szWUserName = NULL;
  618. PST_PROMPTINFO PromptInfo;
  619. IPStore *pIPS;
  620. DWORD dwRegLoc = PST_KEY_CURRENT_USER;
  621. DWORD dwSts;
  623. memset(&PromptInfo, 0, sizeof(PromptInfo));
  624. PromptInfo.cbSize = sizeof(PST_PROMPTINFO);
  625. PromptInfo.hwndApp = NULL;
  627. if (fMachineKeySet)
  628. dwRegLoc = PST_KEY_LOCAL_MACHINE;
  630. // make a unicode name
  631. dwSts = MakeUnicodeKeysetName((BYTE*)pUser->ContInfo.pszUserName,
  632. &szWUserName);
  633. if (ERROR_SUCCESS != dwSts)
  634. {
  635. dwReturn = dwSts;
  636. goto ErrorExit;
  637. }
  639. pIPS = (IPStore*)(pUser->pPStore->pProv);
  641. if (AT_SIGNATURE == dwKeySpec)
  642. {
  643. if (fMigration)
  644. PromptInfo.szPrompt = pStrings->pwszDeleteMigrSig;
  645. else
  646. PromptInfo.szPrompt = pStrings->pwszDeleteSig;
  647. pIPS->DeleteItem(dwRegLoc,
  648. &pUser->pPStore->SigType,
  649. &pUser->pPStore->SigSubtype,
  650. szWUserName,
  651. &PromptInfo,
  652. PST_NO_UI_MIGRATION);
  653. }
  654. else
  655. {
  656. if (fMigration)
  657. PromptInfo.szPrompt = pStrings->pwszDeleteMigrExch;
  658. else
  659. PromptInfo.szPrompt = pStrings->pwszDeleteExch;
  660. pIPS->DeleteItem(dwRegLoc,
  661. &pUser->pPStore->ExchType,
  662. &pUser->pPStore->ExchSubtype,
  663. szWUserName,
  664. &PromptInfo,
  665. PST_NO_UI_MIGRATION);
  666. }
  668. dwReturn = ERROR_SUCCESS;
  670. ErrorExit:
  671. if (szWUserName)
  672. _nt_free(szWUserName, (wcslen(szWUserName) + 1) * sizeof(WCHAR));
  673. return dwReturn;
  674. }
  677. DWORD
  678. DeleteFromProtectedStorage(
  679. CONST char *pszUserID,
  680. PCSP_STRINGS pStrings,
  681. HKEY hRegKey,
  682. BOOL fMachineKeySet)
  683. {
  684. DWORD dwReturn = ERROR_INTERNAL_ERROR;
  685. NTAGUserList User;
  686. DWORD dwSts;
  688. // set up the User List structure
  689. memset(&User, 0, sizeof(User));
  690. User.ContInfo.pszUserName = (LPSTR)pszUserID;
  691. User.hKeys = hRegKey;
  693. User.pPStore = (PSTORE_INFO*)_nt_malloc(sizeof(PSTORE_INFO));
  694. if (NULL == User.pPStore)
  695. {
  696. dwReturn = ERROR_NOT_ENOUGH_MEMORY;
  697. goto ErrorExit;
  698. }
  700. if (!CheckPStoreAvailability(User.pPStore))
  701. {
  702. dwReturn = (DWORD)NTE_FAIL;
  703. goto ErrorExit;
  704. }
  706. // get type and subtypes
  707. dwSts = GetKeysetTypeAndSubType(&User);
  708. if (ERROR_SUCCESS != dwSts)
  709. {
  710. dwReturn = dwSts;
  711. goto ErrorExit;
  712. }
  714. // delete each key
  715. dwSts = DeleteKeyFromProtectedStorage(&User, pStrings, AT_SIGNATURE,
  716. fMachineKeySet, FALSE);
  717. if (ERROR_SUCCESS != dwSts)
  718. {
  719. dwReturn = dwSts;
  720. goto ErrorExit;
  721. }
  722. dwSts = DeleteKeyFromProtectedStorage(&User, pStrings, AT_KEYEXCHANGE,
  723. fMachineKeySet, FALSE);
  724. if (ERROR_SUCCESS != dwSts)
  725. {
  726. dwReturn = dwSts;
  727. goto ErrorExit;
  728. }
  730. dwReturn = ERROR_SUCCESS;
  732. ErrorExit:
  733. if (User.pPStore)
  734. FreePSInfo(User.pPStore);
  735. return dwReturn;
  736. }