archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/inetsrv/iis/staxinc/simssl.h

255 lines
5.2 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1995 Microsoft Corporation
  5. Module Name:
  7. simssl.h
  9. Abstract:
  11. This module contains class declarations/definitions for
  13. CEncryptCtx (some code stolen from internet server)
  15. Revision History:
  17. --*/
  19. #ifndef _SIMSSL_H_
  20. #define _SIMSSL_H_
  24. class CEncryptCtx
  25. {
  27. private:
  29. //
  30. // is this the client side
  31. //
  33. BOOL m_IsClient;
  35. //
  36. // indicates whether we are starting a new session
  37. //
  39. BOOL m_IsNewSSLSession;
  41. //
  42. // should this session be encypted
  43. //
  45. BOOL m_IsEncrypted;
  47. //
  48. // Handle to user's security context for encryption
  49. //
  51. CtxtHandle m_hSealCtxt;
  53. //
  54. // Pointers to cached credential blocks
  55. //
  57. //
  58. // Array of credential handles - Note this comes form the credential cache
  59. // and should not be deleted. m_phCredInUse is the pointer to the
  60. // credential handle that is in use
  61. //
  63. PVOID m_phCreds;
  65. CredHandle* m_phCredInUse;
  66. DWORD m_iCredInUse;
  68. //
  69. // ecryption header and trailer lengths
  70. //
  72. DWORD m_cbSealHeaderSize;
  73. DWORD m_cbSealTrailerSize;
  75. //
  76. // indicates whether we have context handles opened
  77. //
  79. BOOL m_haveSSLCtxtHandle;
  81. //
  82. // Have we been authenticated, if so did we use the
  83. // anonymous token
  84. //
  86. BOOL m_IsAuthenticated;
  88. //
  89. // Have we been authenticated, if so did we use the
  90. // anonymous token
  91. //
  93. static BOOL m_IsSecureCapable;
  95. //
  96. // static variables used by all class instances
  97. //
  99. static char szServiceName[16];
  100. static char szLsaPrefix[16];
  102. //
  103. // hSecurity - NULL when security.dll/secur32.dll is not loaded
  104. //
  105. static HINSTANCE m_hSecurity;
  107. //
  108. // hLsa - NULL for Win95, set for NT
  109. //
  110. static HINSTANCE m_hLsa;
  112. //
  113. // internal routine to implement public Converse
  114. //
  116. DWORD EncryptConverse(
  117. IN PVOID InBuffer,
  118. IN DWORD InBufferSize,
  119. OUT LPBYTE OutBuffer,
  120. OUT PDWORD OutBufferSize,
  121. OUT PBOOL MoreBlobsExpected,
  122. IN CredHandle* pCredHandle
  123. );
  126. public:
  128. CEncryptCtx( BOOL IsClient = FALSE );
  129. ~CEncryptCtx();
  131. //
  132. // routines used to initialize and terminate use of this class
  133. //
  135. static BOOL WINAPI Initialize( LPSTR pszServiceName,
  136. LPSTR pszLsaPrefix );
  138. static VOID WINAPI Terminate( VOID );
  140. //
  141. // routine to set the magic bits required by the IIS Admin tool
  142. //
  144. static void WINAPI GetAdminInfoEncryptCaps( PDWORD pdwEncCaps );
  146. //
  147. // returns whether sspi packages and credentials have been installed
  148. //
  150. static BOOL IsSecureCapable( void ) { return m_IsSecureCapable; }
  152. //
  153. // returns whether session is encrypted or not
  154. //
  156. BOOL IsEncrypted( void ) { return m_IsEncrypted; }
  158. //
  159. // returns whether session has successfully authenticated
  160. //
  162. BOOL IsAuthenticated( void ) { return m_IsAuthenticated; }
  164. //
  165. // Encryption routines
  166. //
  168. BOOL WINAPI SealMessage(
  169. IN LPBYTE Message,
  170. IN DWORD cbMessage,
  171. OUT LPBYTE pbuffOut,
  172. OUT DWORD *pcbBuffOut
  173. );
  175. BOOL WINAPI UnsealMessage(
  176. IN LPBYTE Message,
  177. IN DWORD cbMessage,
  178. OUT LPBYTE *DecryptedMessage,
  179. OUT PDWORD DecryptedMessageSize,
  180. OUT PDWORD ExpectedMessageSize,
  181. OUT LPBYTE *NextSealMessage = NULL
  182. );
  184. //
  185. // SSL specific routines. This is used for processing SSL negotiation
  186. // packets.
  187. //
  189. DWORD WINAPI Converse(
  190. IN PVOID InBuffer,
  191. IN DWORD InBufferSize,
  192. OUT LPBYTE OutBuffer,
  193. OUT PDWORD OutBufferSize,
  194. OUT PBOOL MoreBlobsExpected,
  195. IN LPSTR LocalIpAddr = "127.0.0.1"
  196. );
  198. //
  199. // resets the user name
  200. //
  202. void WINAPI Reset( void );
  204. //
  205. // returns the size of the encryption header for this session
  206. //
  207. DWORD GetSealHeaderSize( void )
  208. { return m_haveSSLCtxtHandle ? m_cbSealHeaderSize : 0 ; }
  210. //
  211. // returns the size of the encryption trailer for this session
  212. //
  213. DWORD GetSealTrailerSize( void )
  214. { return m_haveSSLCtxtHandle ? m_cbSealTrailerSize : 0 ; }
  216. //
  217. // decrypts read buffer, concatenating all decrypted data at the
  218. // head of the buffer.
  219. //
  220. DWORD WINAPI DecryptInputBuffer(
  221. IN LPBYTE pBuffer,
  222. IN DWORD cbInBuffer,
  223. OUT DWORD* pcbOutBuffer,
  224. OUT DWORD* pcbParsable,
  225. OUT DWORD* pcbExpected
  226. );
  228. //
  229. // verifies the intended host name matches the name contained in the cert
  230. // This function, checks a given hostname against the current certificate
  231. // stored in an active SSPI Context Handle. If the certificate containts
  232. // a common name, and it matches the passed in hostname, this function
  233. // will return TRUE.
  234. //
  235. BOOL CheckCertificateCommonName(
  236. IN LPSTR pszHostName
  237. );
  240. //
  241. // verifies the ccertificate has not expired
  242. // returns TRUE if the cert is valid
  243. //
  244. BOOL CheckCertificateExpired(
  245. void
  246. );
  248. }; // CSslCtx
  250. //
  251. // blkcred.cpp
  252. //
  254. #endif // _SECURITY_H_