Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

220 lines
5.2 KiB

//+-------------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright (C) Microsoft Corporation, 1997 - 1999
//
// File: certwrap.h
//
//--------------------------------------------------------------------------
#ifndef _CERTWRAP_H_
#define _CERTWRAP_H_
#include <iads.h>
#include <adshlp.h>
// fwd
class CertSvrMachine;
class CertSvrCA
{
protected:
HCERTSTORE m_hCACertStore; // our cert store
BOOL m_fCertStoreOpenAttempted;
HRESULT m_hrCACertStoreOpen;
HCERTSTORE m_hRootCertStore; // root store on machine
BOOL m_fRootStoreOpenAttempted;
HRESULT m_hrRootCertStoreOpen;
HCERTSTORE m_hKRACertStore; // KRA store on machine
BOOL m_fKRAStoreOpenAttempted;
HRESULT m_hrKRACertStoreOpen;
BOOL m_fIsUsingDS;
BOOL m_fIsUsingDSKnown;
ENUM_CATYPES m_enumCAType;
BOOL m_fCATypeKnown;
BOOL m_fAdvancedServer;
BOOL m_fAdvancedServerKnown;
DWORD m_dwRoles;
BOOL m_fRolesKnown;
public:
CertSvrMachine* m_pParentMachine;
CString m_strServer;
CString m_strCommonName;
CString m_strSanitizedName;
CString m_strConfig;
CString m_strComment;
CString m_strCAObjectDN;
BSTR m_bstrConfig; // oft used as BSTR
public:
CertSvrCA(CertSvrMachine* pParent);
~CertSvrCA();
public:
DWORD GetMyRoles();
BOOL AccessAllowed(DWORD dwAccess);
HRESULT GetConfigEntry(
LPWSTR szConfigSubKey,
LPWSTR szConfigEntry,
VARIANT *pvarOut);
HRESULT SetConfigEntry(
LPWSTR szConfigSubKey,
LPWSTR szConfigEntry,
VARIANT *pvarIn);
DWORD DeleteConfigEntry(
LPWSTR szConfigSubKey,
LPWSTR szConfigEntry);
ENUM_CATYPES GetCAType();
BOOL FIsUsingDS();
BOOL FIsIncompleteInstallation();
BOOL FIsRequestOutstanding();
BOOL FIsAdvancedServer();
BOOL FDoesSecurityNeedUpgrade();
BOOL FDoesServerAllowForeignCerts();
DWORD GetCACertStore(HCERTSTORE* phCertStore); // class frees
DWORD GetRootCertStore(HCERTSTORE* phCertStore); // class frees
DWORD GetKRACertStore(HCERTSTORE* phCertStore); // class frees
DWORD GetCurrentCRL(PCCRL_CONTEXT* ppCRLCtxt, BOOL fBaseCRL); // use CertFreeCRLContext()
DWORD GetCRLByKeyIndex(PCCRL_CONTEXT* ppCRLCtxt, BOOL fBaseCRL, int iKeyIndex); // use CertFreeCRLContext()
DWORD GetCACertByKeyIndex(PCCERT_CONTEXT*ppCertCtxt, int iKeyIndex); // use CertFreeCertificateContext()
HRESULT FixEnrollmentObject();
protected:
HRESULT IsCAAllowedFullControl(
PSECURITY_DESCRIPTOR pSDRead,
PSID pSid,
bool& fAllowed);
HRESULT AllowCAFullControl(
PSECURITY_DESCRIPTOR pSDRead,
PSID pSid,
PSECURITY_DESCRIPTOR& pSDWrite);
HRESULT GetCAFlagsFromDS(
PDWORD pdwFlags);
};
class CertSvrMachine
{
friend CComponentDataImpl;
public:
// IPersistStream interface members
STDMETHOD(Load)(IStream *pStm);
STDMETHOD(Save)(IStream *pStm, BOOL fClearDirty);
STDMETHOD(GetSizeMax)(int *pcbSize);
#if DBG
bool m_bInitializedCD;
bool m_bLoadedCD;
bool m_bDestroyedCD;
#endif
public:
CString m_strMachineNamePersist; // Machine name to persist into .msc file
CString m_strMachineName; // Effective machine name
DWORD m_dwServiceStatus; //
HKEY m_hCachedConfigBaseKey; // base registry key
BOOL m_bAttemptedBaseKeyOpen;
BOOL m_fIsWhistlerMachine;
BOOL m_fIsWhistlerMachineKnown;
protected:
CArray<CertSvrCA*, CertSvrCA*> m_CAList;
public:
CertSvrMachine();
~CertSvrMachine();
ULONG AddRef() { return(InterlockedIncrement(&m_cRef)); }
ULONG Release()
{
ULONG cRef = InterlockedDecrement(&m_cRef);
if (0 == cRef)
{
delete this;
}
return cRef;
}
private:
DWORD RetrieveCertSvrCAs(DWORD dwFlags);
LONG m_cRef;
BOOL m_fLocalIsKnown, m_fIsLocal;
void Init();
public:
HRESULT GetAdmin(ICertAdmin** ppAdmin);
HRESULT GetAdmin2(ICertAdmin2** ppAdmin, bool fIgnoreServiceDown = false);
// Fills local cache with CAs for current machine
DWORD PrepareData(HWND hwndParent);
// enum CAs on current machine
LPCWSTR GetCaCommonNameAtPos(DWORD iPos);
CertSvrCA* GetCaAtPos(DWORD iPos);
HRESULT GetRootConfigEntry(
LPWSTR szConfigEntry,
VARIANT *pvarOut);
DWORD GetCaCount()
{ return m_CAList.GetSize(); }
BOOL FIsWhistlerMachine();
// control CA on current machine
DWORD CertSvrStartStopService(HWND hwndParent, BOOL fStartSvc);
DWORD RefreshServiceStatus();
DWORD GetCertSvrServiceStatus()
{ return m_dwServiceStatus; };
BOOL IsCertSvrServiceRunning()
{ return (m_dwServiceStatus == SERVICE_RUNNING); };
BOOL IsLocalMachine()
{
if (!m_fLocalIsKnown)
{
m_fLocalIsKnown = TRUE;
m_fIsLocal = FIsCurrentMachine(m_strMachineName);
}
return m_fIsLocal;
};
};
#endif // _CERTWRAP_H_