mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
277 lines
5.9 KiB
277 lines
5.9 KiB
//
|
|
// Certificat.h
|
|
//
|
|
#ifndef _CERTIFICAT_H
|
|
#define _CERTIFICAT_H
|
|
|
|
#include <xenroll.h>
|
|
|
|
#define CERTWIZ_INSTANCE_NAME_PROP_ID (CERT_FIRST_USER_PROP_ID + 0x1000)
|
|
#define CERTWIZ_REQUEST_FLAG_PROP_ID (CERT_FIRST_USER_PROP_ID + 0x1001)
|
|
#define CERTWIZ_REQUEST_TEXT_PROP_ID (CERT_FIRST_USER_PROP_ID + 0x1002)
|
|
|
|
#define CERT_HASH_LENGTH 40
|
|
typedef struct _CERT_DESCRIPTION
|
|
{
|
|
CString m_CommonName;
|
|
CString m_FriendlyName;
|
|
CString m_Country;
|
|
CString m_State;
|
|
CString m_Locality;
|
|
CString m_Organization;
|
|
CString m_OrganizationUnit;
|
|
CString m_CAName;
|
|
CString m_ExpirationDate;
|
|
CString m_Usage;
|
|
BYTE m_hash[CERT_HASH_LENGTH];
|
|
DWORD m_hash_length;
|
|
} CERT_DESCRIPTION;
|
|
|
|
class CCertDescList : public CList<CERT_DESCRIPTION *, CERT_DESCRIPTION *&>
|
|
{
|
|
public:
|
|
CCertDescList() {}
|
|
~CCertDescList();
|
|
};
|
|
|
|
class CCryptBlob
|
|
{
|
|
public:
|
|
CCryptBlob()
|
|
{
|
|
m_blob.cbData = 0;
|
|
m_blob.pbData = NULL;
|
|
}
|
|
virtual ~CCryptBlob()
|
|
{
|
|
}
|
|
DWORD GetSize() {return m_blob.cbData;}
|
|
BYTE * GetData() {return m_blob.pbData;}
|
|
void Set(DWORD cb, BYTE * pb)
|
|
{
|
|
Destroy();
|
|
m_blob.cbData = cb;
|
|
m_blob.pbData = pb;
|
|
}
|
|
BOOL Resize(DWORD cb);
|
|
operator CRYPT_DATA_BLOB *()
|
|
{
|
|
return &m_blob;
|
|
}
|
|
|
|
protected:
|
|
void Destroy()
|
|
{
|
|
if (m_blob.pbData != NULL)
|
|
Free(m_blob.pbData);
|
|
}
|
|
virtual BYTE * Realloc(BYTE * pb, DWORD cb) = 0;
|
|
virtual void Free(BYTE * pb) = 0;
|
|
CRYPT_DATA_BLOB m_blob;
|
|
};
|
|
|
|
class CCryptBlobIMalloc : public CCryptBlob
|
|
{
|
|
public:
|
|
virtual ~CCryptBlobIMalloc()
|
|
{
|
|
CCryptBlob::Destroy();
|
|
}
|
|
|
|
protected:
|
|
virtual BYTE * Realloc(BYTE * pb, DWORD cb)
|
|
{
|
|
return (BYTE *)CoTaskMemRealloc(pb, cb);
|
|
}
|
|
virtual void Free(BYTE * pb)
|
|
{
|
|
CoTaskMemFree(pb);
|
|
}
|
|
};
|
|
|
|
class CCryptBlobLocal : public CCryptBlob
|
|
{
|
|
public:
|
|
virtual ~CCryptBlobLocal()
|
|
{
|
|
CCryptBlob::Destroy();
|
|
}
|
|
|
|
protected:
|
|
virtual BYTE * Realloc(BYTE * pb, DWORD cb)
|
|
{
|
|
return (BYTE *)realloc(pb, cb);
|
|
}
|
|
virtual void Free(BYTE * pb)
|
|
{
|
|
free(pb);
|
|
}
|
|
};
|
|
|
|
extern const TCHAR szState[];
|
|
extern const TCHAR szStateMRU[];
|
|
extern const TCHAR szLocality[];
|
|
extern const TCHAR szLocalityMRU[];
|
|
extern const TCHAR szOrganization[];
|
|
extern const TCHAR szOrganizationMRU[];
|
|
extern const TCHAR szOrganizationUnit[];
|
|
extern const TCHAR szOrganizationUnitMRU[];
|
|
|
|
class CCertificate : public CObject
|
|
{
|
|
DECLARE_DYNCREATE(CCertificate)
|
|
public:
|
|
CCertificate();
|
|
~CCertificate();
|
|
|
|
enum
|
|
{
|
|
CA_OFFLINE = 0,
|
|
CA_ONLINE = 1
|
|
};
|
|
enum
|
|
{
|
|
REQUEST_UNDEFINED,
|
|
REQUEST_NEW_CERT, // if we generating fresh new certificate
|
|
REQUEST_RENEW_CERT, // if we generating cert for renewal
|
|
REQUEST_REPLACE_CERT, // replace currect cert by someone from MY store
|
|
REQUEST_INSTALL_CERT, // get existing certificate for empty web server
|
|
REQUEST_PROCESS_PENDING, // accept and install response from CA
|
|
REQUEST_IMPORT_KEYRING,
|
|
STATUS_CODE_LAST
|
|
};
|
|
enum
|
|
{
|
|
USE_ERROR_STRING_PARAM = -2,
|
|
USE_ERROR_STRING_ID = -1,
|
|
USE_ERROR_STRING_DEFAULT = USE_DEFAULT_CAPTION
|
|
};
|
|
BOOL Init();
|
|
BOOL SaveSettings();
|
|
BOOL SetSecuritySettings();
|
|
BOOL WriteRequest();
|
|
BOOL PrepareRequest();
|
|
BOOL PrepareRequestString(CString& request_text, CCryptBlob& request_blob);
|
|
BOOL WriteRequestString(CString& request);
|
|
BOOL SubmitRequest();
|
|
BOOL SubmitRenewalRequest();
|
|
BOOL WriteRenewalRequest();
|
|
void DumpHeader(CString& str);
|
|
void DumpOnlineHeader(CString& str);
|
|
BOOL GetSelectedCertDescription(CERT_DESCRIPTION& cd);
|
|
BOOL GetKeyCertDescription(CERT_DESCRIPTION& cd)
|
|
{
|
|
return GetCertDescription(GetKeyRingCert(), cd);
|
|
}
|
|
BOOL GetInstalledCertDescription(CERT_DESCRIPTION& cd)
|
|
{
|
|
return GetCertDescription(GetInstalledCert(), cd);
|
|
}
|
|
BOOL GetResponseCertDescription(CERT_DESCRIPTION& cd);
|
|
BOOL HasPendingRequest()
|
|
{
|
|
return (NULL != GetPendingRequest());
|
|
}
|
|
BOOL HasInstalledCert();
|
|
BOOL InstallResponseCert();
|
|
HRESULT UninstallCert();
|
|
BOOL InstallSelectedCert();
|
|
BOOL InstallKeyRingCert();
|
|
BOOL ReplaceInstalled();
|
|
BOOL CancelRequest();
|
|
PCCERT_CONTEXT GetPendingRequest();
|
|
PCCERT_CONTEXT GetResponseCert();
|
|
PCCERT_CONTEXT GetInstalledCert();
|
|
PCCERT_CONTEXT GetKeyRingCert();
|
|
void DeleteKeyRingCert()
|
|
{
|
|
if (m_pKeyRingCert != NULL)
|
|
{
|
|
CertFreeCertificateContext(m_pKeyRingCert);
|
|
m_pKeyRingCert = NULL;
|
|
}
|
|
}
|
|
IEnroll * GetEnrollObject();
|
|
int GetStatusCode()
|
|
{
|
|
return m_status_code;
|
|
}
|
|
void SetStatusCode(int code)
|
|
{
|
|
ASSERT(code >= 0 && code < STATUS_CODE_LAST);
|
|
m_status_code = code;
|
|
}
|
|
BOOL FindInstanceNameForResponse(CString& str);
|
|
BOOL IsResponseInstalled(CString& str);
|
|
BOOL GetCertDescList(CCertDescList& list);
|
|
BOOL LoadRenewalData();
|
|
int MyStoreCertCount();
|
|
|
|
void SetBodyTextID(int nID)
|
|
{
|
|
m_idErrorText = nID;
|
|
m_strErrorText.Empty();
|
|
}
|
|
void SetBodyTextString(const CString& str)
|
|
{
|
|
m_strErrorText = str;
|
|
m_idErrorText = USE_ERROR_STRING_PARAM;
|
|
}
|
|
void GetCertificateTemplate(CString& str)
|
|
{
|
|
str = _T("CertificateTemplate:");
|
|
str += m_CertificateTemplate;
|
|
}
|
|
|
|
protected:
|
|
void CreateDN(CString& str);
|
|
BOOL WriteHeader();
|
|
BOOL WriteRequestBody();
|
|
BOOL GetCertDescription(PCCERT_CONTEXT pCert,
|
|
CERT_DESCRIPTION& desc);
|
|
|
|
public:
|
|
int m_CAType;
|
|
CString m_ConfigCA;
|
|
CString m_CertificateTemplate;
|
|
|
|
CString m_FriendlyName;
|
|
int m_KeyLength;
|
|
CString m_CommonName;
|
|
CString m_OrganizationUnit;
|
|
CString m_Organization;
|
|
CString m_Locality;
|
|
CString m_State;
|
|
CString m_Country;
|
|
|
|
CStringList m_OnlineCAList;
|
|
CString m_MachineName;
|
|
CString m_WebSiteInstanceName;
|
|
CString m_ReqFileName;
|
|
CString m_RespFileName;
|
|
CString m_KeyFileName;
|
|
CString m_KeyPassword;
|
|
BOOL m_DefaultCSP;
|
|
DWORD m_DefaultProviderType;
|
|
DWORD m_CustomProviderType;
|
|
CString m_CspName;
|
|
CRYPT_HASH_BLOB * m_pSelectedCertHash;
|
|
|
|
UINT m_idErrorText;
|
|
CString m_strErrorText;
|
|
CString m_strRenewalRequest;
|
|
HRESULT m_hResult;
|
|
|
|
BOOL m_CreateDirectory;
|
|
BOOL m_SGCcertificat;
|
|
|
|
protected:
|
|
PCCERT_CONTEXT m_pPendingRequest;
|
|
PCCERT_CONTEXT m_RespCertContext;
|
|
PCCERT_CONTEXT m_pInstalledCert;
|
|
PCCERT_CONTEXT m_pKeyRingCert;
|
|
IEnroll * m_pEnroll;
|
|
int m_status_code; // what we are doing in this session
|
|
};
|
|
|
|
#endif // _CERTIFICAT_H
|