mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2622 lines
60 KiB
2622 lines
60 KiB
//+--------------------------------------------------------------------------
|
|
//
|
|
// Microsoft Windows
|
|
// Copyright (C) Microsoft Corporation, 1996 - 1999
|
|
//
|
|
// File: reg.cpp
|
|
//
|
|
// Contents: Cert Server wrapper routines
|
|
//
|
|
//---------------------------------------------------------------------------
|
|
|
|
#include <pch.cpp>
|
|
|
|
#pragma hdrstop
|
|
|
|
#include <sddl.h>
|
|
#include <assert.h>
|
|
|
|
#include "certacl.h"
|
|
#include "polreg.h"
|
|
|
|
|
|
HRESULT
|
|
myFormCertRegPath(
|
|
IN WCHAR const *pwszName1,
|
|
IN WCHAR const *pwszName2,
|
|
IN WCHAR const *pwszName3,
|
|
IN BOOL fConfigLevel, // from CertSrv if FALSE
|
|
OUT WCHAR **ppwszPath)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszPath = NULL;
|
|
DWORD len1;
|
|
DWORD len2;
|
|
DWORD len3;
|
|
|
|
len1 = NULL != pwszName1 ? wcslen(pwszName1) + 1 : 0;
|
|
len2 = 0 != len1 && NULL != pwszName2 ? wcslen(pwszName2) + 1 : 0;
|
|
len3 = 0 != len2 && NULL != pwszName3 ? wcslen(pwszName3) + 1 : 0;
|
|
|
|
pwszPath = (WCHAR*)LocalAlloc(
|
|
LMEM_FIXED | LMEM_ZEROINIT,
|
|
((fConfigLevel?
|
|
WSZARRAYSIZE(wszREGKEYCONFIGPATH) :
|
|
WSZARRAYSIZE(wszREGKEYCERTSVCPATH)) +
|
|
len1 +
|
|
len2 +
|
|
len3 +
|
|
1) * sizeof(WCHAR));
|
|
if (NULL == pwszPath)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
wcscpy(pwszPath, fConfigLevel? wszREGKEYCONFIGPATH : wszREGKEYCERTSVCPATH);
|
|
|
|
if (NULL != pwszName1)
|
|
{
|
|
wcscat(pwszPath, L"\\");
|
|
wcscat(pwszPath, pwszName1);
|
|
if (NULL != pwszName2)
|
|
{
|
|
wcscat(pwszPath, L"\\");
|
|
wcscat(pwszPath, pwszName2);
|
|
if (NULL != pwszName3)
|
|
{
|
|
wcscat(pwszPath, L"\\");
|
|
wcscat(pwszPath, pwszName3);
|
|
}
|
|
}
|
|
}
|
|
|
|
*ppwszPath = pwszPath;
|
|
pwszPath = NULL;
|
|
|
|
hr = S_OK;
|
|
error:
|
|
if (NULL != pwszPath)
|
|
{
|
|
LocalFree(pwszPath);
|
|
}
|
|
CSASSERT(S_OK == hr || FAILED(hr));
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myDeleteCertRegValueEx(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
IN BOOL fAbsolutePath)
|
|
{
|
|
HRESULT hr;
|
|
HKEY hKey = NULL;
|
|
WCHAR *pwszTemp = NULL;
|
|
|
|
if (!fAbsolutePath)
|
|
{
|
|
hr = myFormCertRegPath(pwszName1, pwszName2, pwszName3, TRUE, &pwszTemp);
|
|
_JumpIfError(hr, error, "myFormCertRegPath");
|
|
}
|
|
else
|
|
{
|
|
CSASSERT(NULL == pwszName2 && NULL == pwszName3);
|
|
}
|
|
|
|
hr = RegOpenKeyEx(
|
|
HKEY_LOCAL_MACHINE,
|
|
fAbsolutePath ? pwszName1 : pwszTemp,
|
|
0,
|
|
KEY_ALL_ACCESS,
|
|
&hKey);
|
|
_JumpIfError(hr, error, "RegOpenKeyEx");
|
|
|
|
hr = RegDeleteValue(hKey, pwszValueName);
|
|
if ((HRESULT) ERROR_FILE_NOT_FOUND != hr)
|
|
{
|
|
_JumpIfError(hr, error, "RegDeleteValue");
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pwszTemp)
|
|
{
|
|
LocalFree(pwszTemp);
|
|
}
|
|
if (NULL != hKey)
|
|
{
|
|
RegCloseKey(hKey);
|
|
}
|
|
return(myHError(hr));
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myDeleteCertRegValue(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName)
|
|
{
|
|
return myDeleteCertRegValueEx(pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
FALSE);
|
|
}
|
|
|
|
HRESULT
|
|
myDeleteCertRegKeyEx(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
IN BOOL fConfigLevel)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszTemp = NULL;
|
|
|
|
hr = myFormCertRegPath(pwszName1, pwszName2, pwszName3, fConfigLevel, &pwszTemp);
|
|
_JumpIfError(hr, error, "myFormCertRegPath");
|
|
|
|
hr = RegDeleteKey(
|
|
HKEY_LOCAL_MACHINE,
|
|
pwszTemp);
|
|
_JumpIfError(hr, error, "RegDeleteKey");
|
|
|
|
hr = S_OK;
|
|
error:
|
|
if (NULL != pwszTemp)
|
|
{
|
|
LocalFree(pwszTemp);
|
|
}
|
|
return(myHError(hr));
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myDeleteCertRegKey(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3)
|
|
{
|
|
return myDeleteCertRegKeyEx(pwszName1, pwszName2, pwszName3, TRUE);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myCreateCertRegKeyEx(
|
|
IN BOOL fSetAcl,
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3)
|
|
{
|
|
HRESULT hr;
|
|
HKEY hKey = NULL;
|
|
DWORD dwDisposition;
|
|
WCHAR *pwszTemp = NULL;
|
|
PSECURITY_DESCRIPTOR pSD = NULL;
|
|
|
|
hr = myFormCertRegPath(pwszName1, pwszName2, pwszName3, TRUE, &pwszTemp);
|
|
_JumpIfError(hr, error, "myFormCertRegPath");
|
|
|
|
hr = RegCreateKeyEx(
|
|
HKEY_LOCAL_MACHINE,
|
|
pwszTemp,
|
|
0,
|
|
NULL,
|
|
REG_OPTION_NON_VOLATILE,
|
|
KEY_ALL_ACCESS,
|
|
NULL,
|
|
&hKey,
|
|
&dwDisposition);
|
|
_JumpIfError(hr, error, "RegCreateKeyEx");
|
|
|
|
if (fSetAcl)
|
|
{
|
|
// construct correct reg acl for the key if upgrade
|
|
hr = myGetSDFromTemplate(WSZ_DEFAULT_UPGRADE_SECURITY,
|
|
NULL,
|
|
&pSD);
|
|
if (S_OK == hr)
|
|
{
|
|
// set to correct acl
|
|
hr = RegSetKeySecurity(hKey,
|
|
DACL_SECURITY_INFORMATION,
|
|
pSD);
|
|
_PrintIfError(hr, "RegSetKeySecurity");
|
|
}
|
|
else
|
|
{
|
|
_PrintError(hr, "myGetSDFromTemplate");
|
|
}
|
|
}
|
|
|
|
hr = S_OK;
|
|
error:
|
|
if (NULL != pwszTemp)
|
|
{
|
|
LocalFree(pwszTemp);
|
|
}
|
|
if (NULL != hKey)
|
|
{
|
|
RegCloseKey(hKey);
|
|
}
|
|
if (NULL != pSD)
|
|
{
|
|
LocalFree(pSD);
|
|
}
|
|
return(myHError(hr));
|
|
}
|
|
|
|
HRESULT
|
|
myCreateCertRegKey(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3)
|
|
{
|
|
return myCreateCertRegKeyEx(FALSE, // not upgrade
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3);
|
|
}
|
|
|
|
HRESULT
|
|
mySetCertRegValueEx(
|
|
OPTIONAL IN WCHAR const *pwszMachine,
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
IN BOOL fConfigLevel,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
IN DWORD const dwValueType,
|
|
IN BYTE const *pbData,
|
|
IN DWORD const cbData,
|
|
IN BOOL fAbsolutePath)
|
|
{
|
|
HRESULT hr;
|
|
HKEY hKey = NULL;
|
|
WCHAR *pwszTemp = NULL;
|
|
BOOL fFree = TRUE;
|
|
DWORD dwDisposition;
|
|
HKEY hBaseKey = NULL;
|
|
DWORD cbD = cbData;
|
|
|
|
if (!fAbsolutePath)
|
|
{
|
|
hr = myFormCertRegPath(pwszName1, pwszName2, pwszName3, fConfigLevel, &pwszTemp);
|
|
_JumpIfError(hr, error, "myFormCertRegPath");
|
|
}
|
|
|
|
if (pwszMachine)
|
|
{
|
|
hr = RegConnectRegistry(
|
|
pwszMachine,
|
|
HKEY_LOCAL_MACHINE,
|
|
&hBaseKey);
|
|
_JumpIfError(hr, error, "RegConnectRegistry");
|
|
}
|
|
else
|
|
hBaseKey = HKEY_LOCAL_MACHINE;
|
|
|
|
hr = RegCreateKeyEx(
|
|
hBaseKey,
|
|
fAbsolutePath ? pwszName1 : pwszTemp,
|
|
0,
|
|
NULL,
|
|
REG_OPTION_NON_VOLATILE,
|
|
KEY_ALL_ACCESS,
|
|
NULL,
|
|
&hKey,
|
|
&dwDisposition);
|
|
_JumpIfError(hr, error, "RegCreateKeyEx");
|
|
|
|
if (NULL != pwszValueName)
|
|
{
|
|
if(NULL == pbData || 0 == cbData)
|
|
{
|
|
switch(dwValueType)
|
|
{
|
|
case REG_EXPAND_SZ:
|
|
case REG_SZ:
|
|
pbData = (BYTE*) L"";
|
|
cbD = sizeof (L"");
|
|
break;
|
|
case REG_MULTI_SZ:
|
|
pbData = (BYTE*) L"\0";
|
|
cbD = sizeof (L"\0");
|
|
break;
|
|
}
|
|
}
|
|
hr = RegSetValueEx(
|
|
hKey,
|
|
pwszValueName,
|
|
0,
|
|
dwValueType,
|
|
pbData,
|
|
cbD);
|
|
_JumpIfError(hr, error, "RegSetValueEx");
|
|
}
|
|
|
|
hr = S_OK;
|
|
error:
|
|
if ((NULL != hBaseKey) && (HKEY_LOCAL_MACHINE != hBaseKey))
|
|
{
|
|
RegCloseKey(hBaseKey);
|
|
}
|
|
if (NULL != pwszTemp)
|
|
{
|
|
LocalFree(pwszTemp);
|
|
}
|
|
if (NULL != hKey)
|
|
{
|
|
RegCloseKey(hKey);
|
|
}
|
|
return(myHError(hr));
|
|
}
|
|
|
|
HRESULT
|
|
mySetCertRegValue(
|
|
OPTIONAL IN WCHAR const *pwszMachine,
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
IN DWORD const dwValueType,
|
|
IN BYTE const *pbData,
|
|
IN DWORD const cbData,
|
|
IN BOOL fAbsolutePath)
|
|
{
|
|
return mySetCertRegValueEx(pwszMachine,
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
TRUE, //from Configuration
|
|
pwszValueName,
|
|
dwValueType,
|
|
pbData,
|
|
cbData,
|
|
fAbsolutePath);
|
|
}
|
|
|
|
HRESULT
|
|
myGetCertRegValueEx(
|
|
OPTIONAL IN WCHAR const *pwszMachine,
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
IN BOOL fConfigLevel,
|
|
IN WCHAR const *pwszValueName,
|
|
OUT BYTE **ppbData,
|
|
OPTIONAL OUT DWORD *pcbData,
|
|
OPTIONAL OUT DWORD *pValueType)
|
|
{
|
|
HRESULT hr;
|
|
HKEY hKey = NULL;
|
|
WCHAR *pwszTemp = NULL;
|
|
DWORD dwDisposition;
|
|
DWORD dwType;
|
|
DWORD dwLen;
|
|
BYTE *pbData = NULL;
|
|
DWORD cbZero = 0;
|
|
HKEY hBaseKey = NULL;
|
|
|
|
*ppbData = NULL;
|
|
if (NULL != pcbData)
|
|
{
|
|
*pcbData = 0;
|
|
}
|
|
if (NULL != pValueType)
|
|
{
|
|
*pValueType = REG_NONE;
|
|
}
|
|
|
|
hr = myFormCertRegPath(pwszName1, pwszName2, pwszName3, fConfigLevel, &pwszTemp);
|
|
_JumpIfError(hr, error, "myFormCertRegPath");
|
|
|
|
if (pwszMachine)
|
|
{
|
|
hr = RegConnectRegistry(
|
|
pwszMachine,
|
|
HKEY_LOCAL_MACHINE,
|
|
&hBaseKey);
|
|
_JumpIfError(hr, error, "RegConnectRegistry");
|
|
}
|
|
else
|
|
hBaseKey = HKEY_LOCAL_MACHINE;
|
|
|
|
hr = RegOpenKeyEx(
|
|
hBaseKey,
|
|
pwszTemp,
|
|
0,
|
|
KEY_READ,
|
|
&hKey);
|
|
_JumpIfError2(hr, error, "RegOpenKeyEx", ERROR_FILE_NOT_FOUND);
|
|
|
|
while (TRUE)
|
|
{
|
|
hr = RegQueryValueEx(
|
|
hKey,
|
|
pwszValueName,
|
|
0,
|
|
&dwType,
|
|
pbData,
|
|
&dwLen);
|
|
_JumpIfErrorStr2(
|
|
hr,
|
|
error,
|
|
"RegQueryValueEx",
|
|
pwszValueName,
|
|
ERROR_FILE_NOT_FOUND);
|
|
|
|
if (NULL != pbData)
|
|
{
|
|
ZeroMemory(&pbData[dwLen], cbZero);
|
|
break;
|
|
}
|
|
|
|
// Enforce WCHAR-aligned double null termination for malformed values.
|
|
// Some callers need to treat REG_SZ values as REG_MULTI_SZ.
|
|
|
|
if (REG_MULTI_SZ == dwType || REG_SZ == dwType)
|
|
{
|
|
cbZero = 2 * sizeof(WCHAR);
|
|
if (dwLen & (sizeof(WCHAR) - 1))
|
|
{
|
|
cbZero++;
|
|
}
|
|
}
|
|
pbData = (BYTE *) LocalAlloc(LMEM_FIXED, dwLen + cbZero);
|
|
if (NULL == pbData)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
}
|
|
if (NULL != pValueType)
|
|
{
|
|
*pValueType = dwType;
|
|
}
|
|
if (NULL != pcbData)
|
|
{
|
|
*pcbData = dwLen;
|
|
}
|
|
*ppbData = pbData;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if ((NULL != hBaseKey) && (hBaseKey != HKEY_LOCAL_MACHINE))
|
|
{
|
|
RegCloseKey(hBaseKey);
|
|
}
|
|
|
|
if (NULL != pwszTemp)
|
|
{
|
|
LocalFree(pwszTemp);
|
|
}
|
|
if (NULL != hKey)
|
|
{
|
|
RegCloseKey(hKey);
|
|
}
|
|
return(myHError(hr));
|
|
}
|
|
|
|
HRESULT
|
|
myGetCertRegValue(
|
|
OPTIONAL IN WCHAR const *pwszMachine,
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
IN WCHAR const *pwszValueName,
|
|
OUT BYTE **ppbData,
|
|
OPTIONAL OUT DWORD *pcbData,
|
|
OPTIONAL OUT DWORD *pValueType)
|
|
{
|
|
return myGetCertRegValueEx(pwszMachine,
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
TRUE, //from Configuration
|
|
pwszValueName,
|
|
ppbData,
|
|
pcbData,
|
|
pValueType);
|
|
}
|
|
|
|
HRESULT
|
|
mySetCertRegMultiStrValue(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
IN WCHAR const *pwszzValue)
|
|
{
|
|
DWORD cwc = 0;
|
|
DWORD cwcT;
|
|
WCHAR const *pwc;
|
|
|
|
if (NULL != pwszzValue)
|
|
{
|
|
for (pwc = pwszzValue; L'\0' != *pwc; cwc += cwcT, pwc += cwcT)
|
|
{
|
|
cwcT = wcslen(pwc) + 1;
|
|
}
|
|
cwc++;
|
|
}
|
|
|
|
return(mySetCertRegValue(
|
|
NULL,
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
REG_MULTI_SZ,
|
|
(BYTE const *) pwszzValue,
|
|
cwc * sizeof(WCHAR),
|
|
FALSE));
|
|
}
|
|
|
|
|
|
HRESULT
|
|
mySetCertRegStrValue(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
IN WCHAR const *pwszValue)
|
|
{
|
|
DWORD cwc = 0;
|
|
|
|
if (NULL != pwszValue)
|
|
{
|
|
cwc = wcslen(pwszValue) + 1;
|
|
}
|
|
return mySetCertRegValue(
|
|
NULL,
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
REG_SZ,
|
|
(BYTE const *) pwszValue,
|
|
cwc * sizeof(WCHAR),
|
|
FALSE);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
mySetAbsRegMultiStrValue(
|
|
IN WCHAR const *pwszName,
|
|
IN WCHAR const *pwszValueName,
|
|
IN WCHAR const *pwszzValue)
|
|
{
|
|
DWORD cwc = 0;
|
|
DWORD cwcT;
|
|
WCHAR const *pwc;
|
|
|
|
if (NULL != pwszzValue)
|
|
{
|
|
for (pwc = pwszzValue; L'\0' != *pwc; cwc += cwcT, pwc += cwcT)
|
|
{
|
|
cwcT = wcslen(pwc) + 1;
|
|
}
|
|
cwc++;
|
|
}
|
|
return(mySetCertRegValue(
|
|
NULL,
|
|
pwszName,
|
|
NULL,
|
|
NULL,
|
|
pwszValueName,
|
|
REG_MULTI_SZ,
|
|
(BYTE const *) pwszzValue,
|
|
cwc * sizeof(WCHAR),
|
|
TRUE));
|
|
}
|
|
|
|
|
|
HRESULT
|
|
mySetAbsRegStrValue(
|
|
IN WCHAR const *pwszName,
|
|
IN WCHAR const *pwszValueName,
|
|
IN WCHAR const *pwszValue)
|
|
{
|
|
DWORD cwc = 0;
|
|
|
|
if (NULL != pwszValue)
|
|
{
|
|
cwc = wcslen(pwszValue) + 1;
|
|
}
|
|
return mySetCertRegValue(
|
|
NULL,
|
|
pwszName,
|
|
NULL,
|
|
NULL,
|
|
pwszValueName,
|
|
REG_SZ,
|
|
(BYTE const *)pwszValue,
|
|
cwc*sizeof(WCHAR),
|
|
TRUE);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
mySetCertRegDWValue(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
IN DWORD const dwValue)
|
|
{
|
|
return mySetCertRegValue(
|
|
NULL,
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
REG_DWORD,
|
|
(BYTE const *)&dwValue,
|
|
sizeof(DWORD),
|
|
FALSE);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetCertRegMultiStrValue(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
OUT WCHAR **ppwszzValue)
|
|
{
|
|
HRESULT hr;
|
|
DWORD dwType;
|
|
|
|
hr = myGetCertRegValue(
|
|
NULL,
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
(BYTE **) ppwszzValue,
|
|
NULL,
|
|
&dwType);
|
|
_JumpIfErrorStr2(
|
|
hr,
|
|
error,
|
|
"myGetCertRegValue",
|
|
pwszValueName,
|
|
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
|
|
|
|
if (REG_MULTI_SZ != dwType && REG_SZ != dwType)
|
|
{
|
|
LocalFree(*ppwszzValue);
|
|
*ppwszzValue = NULL;
|
|
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "not REG_SZ or REG_MULTI_SZ");
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
CSASSERT(S_OK == hr || FAILED(hr));
|
|
return(hr);
|
|
}
|
|
|
|
HRESULT
|
|
myGetCertRegBinaryValue(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
IN WCHAR const *pwszValueName,
|
|
OUT BYTE **ppbValue)
|
|
{
|
|
HRESULT hr;
|
|
DWORD dwType;
|
|
|
|
hr = myGetCertRegValue(
|
|
NULL,
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
ppbValue,
|
|
NULL,
|
|
&dwType);
|
|
_JumpIfErrorStr2(
|
|
hr,
|
|
error,
|
|
"myGetCertRegValue",
|
|
pwszName1,
|
|
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
|
|
|
|
if (REG_BINARY != dwType)
|
|
{
|
|
LocalFree(*ppbValue);
|
|
*ppbValue = NULL;
|
|
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "not REG_BINARY");
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return hr;
|
|
}
|
|
|
|
HRESULT
|
|
myGetCertRegStrValue(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
IN WCHAR const *pwszValueName,
|
|
OUT WCHAR **ppwszValue)
|
|
{
|
|
HRESULT hr;
|
|
DWORD dwType;
|
|
|
|
hr = myGetCertRegValue(
|
|
NULL,
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
(BYTE **) ppwszValue,
|
|
NULL,
|
|
&dwType);
|
|
_JumpIfErrorStr2(
|
|
hr,
|
|
error,
|
|
"myGetCertRegValue",
|
|
pwszName1,
|
|
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
|
|
|
|
if (REG_SZ != dwType)
|
|
{
|
|
LocalFree(*ppwszValue);
|
|
*ppwszValue = NULL;
|
|
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "not REG_SZ");
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return hr;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetCertRegDWValue(
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
IN WCHAR const *pwszValueName,
|
|
OUT DWORD *pdwValue)
|
|
{
|
|
HRESULT hr;
|
|
DWORD *pdw = NULL;
|
|
DWORD dwType;
|
|
|
|
*pdwValue = 0;
|
|
hr = myGetCertRegValue(
|
|
NULL,
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
(BYTE **) &pdw,
|
|
NULL,
|
|
&dwType);
|
|
_JumpIfErrorStr2(
|
|
hr,
|
|
error,
|
|
"myGetCertRegValue",
|
|
pwszValueName,
|
|
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
|
|
if (REG_DWORD != dwType)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpErrorStr(hr, error, "not REG_DWORD", pwszValueName);
|
|
}
|
|
*pdwValue = *pdw;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pdw)
|
|
{
|
|
LocalFree(pdw);
|
|
}
|
|
CSASSERT(S_OK == hr || FAILED(hr));
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myCopyCertRegStrValue(
|
|
OPTIONAL IN WCHAR const *pwszSrcName1,
|
|
OPTIONAL IN WCHAR const *pwszSrcName2,
|
|
OPTIONAL IN WCHAR const *pwszSrcName3,
|
|
IN WCHAR const *pwszSrcValueName,
|
|
OPTIONAL IN WCHAR const *pwszDesName1,
|
|
OPTIONAL IN WCHAR const *pwszDesName2,
|
|
OPTIONAL IN WCHAR const *pwszDesName3,
|
|
OPTIONAL IN WCHAR const *pwszDesValueName,
|
|
IN BOOL fMultiStr)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszOrzzValue = NULL;
|
|
WCHAR const *pwszName = NULL != pwszDesValueName?
|
|
pwszDesValueName : pwszSrcValueName;
|
|
|
|
// get value from source
|
|
if (fMultiStr)
|
|
{
|
|
hr = myGetCertRegMultiStrValue(
|
|
pwszSrcName1,
|
|
pwszSrcName2,
|
|
pwszSrcName3,
|
|
pwszSrcValueName,
|
|
&pwszOrzzValue);
|
|
_JumpIfErrorStr(hr, error, "myGetCertRegMultiStrValue", pwszSrcValueName);
|
|
|
|
// set it to destination
|
|
hr = mySetCertRegMultiStrValue(
|
|
pwszDesName1,
|
|
pwszDesName2,
|
|
pwszDesName3,
|
|
pwszName,
|
|
pwszOrzzValue);
|
|
_JumpIfErrorStr(hr, error, "mySetCertRegMultiStrValue", pwszName);
|
|
}
|
|
else
|
|
{
|
|
hr = myGetCertRegStrValue(
|
|
pwszSrcName1,
|
|
pwszSrcName2,
|
|
pwszSrcName3,
|
|
pwszSrcValueName,
|
|
&pwszOrzzValue);
|
|
_JumpIfErrorStr(hr, error, "myGetCertRegStrValue", pwszSrcValueName);
|
|
|
|
// set it to destination
|
|
hr = mySetCertRegStrValue(
|
|
pwszDesName1,
|
|
pwszDesName2,
|
|
pwszDesName3,
|
|
pwszName,
|
|
pwszOrzzValue);
|
|
_JumpIfErrorStr(hr, error, "mySetCertRegStrValue", pwszName);
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pwszOrzzValue)
|
|
{
|
|
LocalFree(pwszOrzzValue);
|
|
}
|
|
CSASSERT(S_OK == hr || FAILED(hr));
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myMoveCertRegStrValue(
|
|
OPTIONAL IN WCHAR const *pwszSrcName1,
|
|
OPTIONAL IN WCHAR const *pwszSrcName2,
|
|
OPTIONAL IN WCHAR const *pwszSrcName3,
|
|
IN WCHAR const *pwszSrcValueName,
|
|
OPTIONAL IN WCHAR const *pwszDesName1,
|
|
OPTIONAL IN WCHAR const *pwszDesName2,
|
|
OPTIONAL IN WCHAR const *pwszDesName3,
|
|
OPTIONAL IN WCHAR const *pwszDesValueName,
|
|
IN BOOL fMultiStr)
|
|
{
|
|
HRESULT hr;
|
|
|
|
hr = myCopyCertRegStrValue(
|
|
pwszSrcName1,
|
|
pwszSrcName2,
|
|
pwszSrcName3,
|
|
pwszSrcValueName,
|
|
pwszDesName1,
|
|
pwszDesName2,
|
|
pwszDesName3,
|
|
pwszDesValueName,
|
|
fMultiStr);
|
|
_JumpIfErrorStr(hr, error, "myCopyCertRegStrValue", pwszSrcValueName);
|
|
|
|
hr = myDeleteCertRegValue(
|
|
pwszSrcName1,
|
|
pwszSrcName2,
|
|
pwszSrcName3,
|
|
pwszSrcValueName);
|
|
_PrintIfErrorStr(hr, "myDeleteCertRegValue", pwszSrcValueName);
|
|
hr = S_OK;
|
|
|
|
error:
|
|
CSASSERT(S_OK == hr || FAILED(hr));
|
|
return(hr);
|
|
}
|
|
|
|
HRESULT
|
|
myMoveOrCopyCertRegStrValue(
|
|
OPTIONAL IN WCHAR const *pwszSrcName1,
|
|
OPTIONAL IN WCHAR const *pwszSrcName2,
|
|
OPTIONAL IN WCHAR const *pwszSrcName3,
|
|
IN WCHAR const *pwszSrcValueName,
|
|
OPTIONAL IN WCHAR const *pwszDesName1,
|
|
OPTIONAL IN WCHAR const *pwszDesName2,
|
|
OPTIONAL IN WCHAR const *pwszDesName3,
|
|
OPTIONAL IN WCHAR const *pwszDesValueName,
|
|
IN BOOL fMultiStr,
|
|
IN BOOL fMove)
|
|
{
|
|
HRESULT hr;
|
|
|
|
if (fMove)
|
|
{
|
|
hr = myMoveCertRegStrValue(
|
|
pwszSrcName1,
|
|
pwszSrcName2,
|
|
pwszSrcName3,
|
|
pwszSrcValueName,
|
|
pwszDesName1,
|
|
pwszDesName2,
|
|
pwszDesName3,
|
|
pwszDesValueName,
|
|
fMultiStr);
|
|
}
|
|
else
|
|
{
|
|
hr = myCopyCertRegStrValue(
|
|
pwszSrcName1,
|
|
pwszSrcName2,
|
|
pwszSrcName3,
|
|
pwszSrcValueName,
|
|
pwszDesName1,
|
|
pwszDesName2,
|
|
pwszDesName3,
|
|
pwszDesValueName,
|
|
fMultiStr);
|
|
}
|
|
|
|
return hr;
|
|
}
|
|
|
|
// Description: it does the same thing as mySetCertRegStrValue but it takes
|
|
// upgrade flag, if upgrade and entry exists, do nothing
|
|
HRESULT
|
|
mySetCertRegStrValueEx(
|
|
IN BOOL fUpgrade,
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
IN WCHAR const *pwszValue)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszDummy = NULL;
|
|
|
|
if (fUpgrade)
|
|
{
|
|
// see if it exists
|
|
hr = myGetCertRegStrValue(
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
&pwszDummy);
|
|
if (S_OK == hr)
|
|
{
|
|
if (NULL != pwszDummy && L'\0' != pwszDummy[0])
|
|
{
|
|
goto error; // keep existing entry
|
|
}
|
|
}
|
|
else if (HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND) != hr)
|
|
{
|
|
_JumpErrorStr(hr, error, "myGetCertRegStrValue", pwszValueName);
|
|
}
|
|
}
|
|
// cases: 1) not upgrade
|
|
// 2) upgrade but no existing entry
|
|
// 3) upgrade, existing but empty reg string
|
|
hr = mySetCertRegStrValue(
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
pwszValue);
|
|
_JumpIfErrorStr(hr, error, "mySetCertRegStrValue", pwszValueName);
|
|
|
|
error:
|
|
if (NULL != pwszDummy)
|
|
{
|
|
LocalFree(pwszDummy);
|
|
}
|
|
CSASSERT(S_OK == hr || FAILED(hr));
|
|
return(hr);
|
|
}
|
|
|
|
|
|
// calculate multi string character length including double zero terminators
|
|
DWORD
|
|
myWCSZZLength(
|
|
IN WCHAR const *pwszz)
|
|
{
|
|
DWORD len = 0;
|
|
WCHAR const *pwsz = pwszz;
|
|
|
|
if (NULL != pwszz)
|
|
{
|
|
// point to the end of pwszz
|
|
for (; L'\0' != *pwsz; pwsz += wcslen(pwsz) + 1)
|
|
{
|
|
}
|
|
|
|
len = SAFE_SUBTRACT_POINTERS(pwsz, pwszz) + 1;
|
|
}
|
|
return len;
|
|
}
|
|
|
|
// merge two multi strings into one
|
|
// ignore redundant strings
|
|
HRESULT
|
|
myMergeMultiStrings(
|
|
IN WCHAR const *pwszzStr1,
|
|
IN WCHAR const *pwszzStr2,
|
|
OUT WCHAR **ppwszzStr)
|
|
{
|
|
HRESULT hr;
|
|
|
|
DWORD dwStr1 = myWCSZZLength(pwszzStr1);
|
|
DWORD dwStr2 = 0;
|
|
DWORD i = 0;
|
|
DWORD dwCount = 0;
|
|
|
|
WCHAR const *pwsz1;
|
|
WCHAR const *pwsz2;
|
|
WCHAR *pwsz;
|
|
BOOL *pfRedundant = NULL;
|
|
WCHAR *pwszzMerge = NULL;
|
|
|
|
// init
|
|
*ppwszzStr = NULL;
|
|
|
|
//calculate string count
|
|
for (pwsz2 = pwszzStr2; L'\0' != *pwsz2; pwsz2 += wcslen(pwsz2) + 1)
|
|
{
|
|
++dwCount;
|
|
}
|
|
if (0 == dwCount)
|
|
{
|
|
//no merge needed
|
|
goto only_str1;
|
|
}
|
|
pfRedundant = (BOOL*)LocalAlloc(LMEM_FIXED|LMEM_ZEROINIT,
|
|
dwCount * sizeof(BOOL));
|
|
if (NULL == pfRedundant)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
//calculate size
|
|
for (pwsz2 = pwszzStr2; L'\0' != *pwsz2; pwsz2 += wcslen(pwsz2) + 1)
|
|
{
|
|
++i;
|
|
for (pwsz1 = pwszzStr1; L'\0' != *pwsz1; pwsz1 += wcslen(pwsz1) + 1)
|
|
{
|
|
if (0 == lstrcmpi(pwsz2, pwsz1))
|
|
{
|
|
//pwsz2 exists in pwszzStr1, dont take it
|
|
// cache information
|
|
pfRedundant[i - 1] = TRUE;
|
|
break; //for pwsz1
|
|
}
|
|
}
|
|
//if get here, no-existing
|
|
dwStr2 += wcslen(pwsz2) + 1;
|
|
}
|
|
|
|
only_str1:
|
|
pwszzMerge = (WCHAR*)LocalAlloc(LMEM_FIXED,
|
|
(dwStr1 + dwStr2) * sizeof(WCHAR));
|
|
if (NULL == pwszzMerge)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
// copy existing
|
|
CopyMemory(pwszzMerge,
|
|
pwszzStr1,
|
|
(dwStr1 - 1) * sizeof(WCHAR));
|
|
|
|
if (0 < dwCount)
|
|
{
|
|
// merge begins
|
|
i = 0;
|
|
// point to end at 2nd z
|
|
pwsz = pwszzMerge + dwStr1 - 1;
|
|
for (pwsz2 = pwszzStr2; L'\0' != *pwsz2; pwsz2 += wcslen(pwsz2) + 1)
|
|
{
|
|
if (!pfRedundant[i])
|
|
{
|
|
wcscpy(pwsz, pwsz2);
|
|
pwsz += wcslen(pwsz) + 1;
|
|
}
|
|
++i;
|
|
}
|
|
// zz
|
|
*pwsz = L'\0';
|
|
}
|
|
|
|
*ppwszzStr = pwszzMerge;
|
|
pwszzMerge = NULL;
|
|
|
|
hr = S_OK;
|
|
error:
|
|
if (NULL != pfRedundant)
|
|
{
|
|
LocalFree(pfRedundant);
|
|
}
|
|
if (NULL != pwszzMerge)
|
|
{
|
|
LocalFree(pwszzMerge);
|
|
}
|
|
return hr;
|
|
}
|
|
|
|
// append one multi_sz to another
|
|
HRESULT
|
|
myAppendMultiStrings(
|
|
IN WCHAR const *pwszzStr1,
|
|
IN WCHAR const *pwszzStr2,
|
|
OUT WCHAR **ppwszzStr)
|
|
{
|
|
HRESULT hr;
|
|
|
|
DWORD dwStr1 = myWCSZZLength(pwszzStr1);
|
|
DWORD dwStr2 = myWCSZZLength(pwszzStr2);
|
|
|
|
// init
|
|
*ppwszzStr = NULL;
|
|
|
|
WCHAR *pwszzMerge = (WCHAR*)LocalAlloc(LMEM_FIXED,
|
|
(dwStr1 + dwStr2 - 1) * sizeof(WCHAR));
|
|
if (NULL == pwszzMerge)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
// copy existing
|
|
CopyMemory(pwszzMerge,
|
|
pwszzStr1,
|
|
(dwStr1 - 1) * sizeof(WCHAR));
|
|
// append second
|
|
CopyMemory(pwszzMerge + dwStr1 - 1,
|
|
pwszzStr2,
|
|
dwStr2 * sizeof(WCHAR));
|
|
*ppwszzStr = pwszzMerge;
|
|
|
|
hr = S_OK;
|
|
error:
|
|
return hr;
|
|
}
|
|
|
|
// Description: it does the same thing as mySetCertRegMultiStrValue but it takes
|
|
// upgrade|append flag, if upgrade and entry exists, do nothing
|
|
// if upgrade & append, merge existing entry with in-pwszz
|
|
HRESULT
|
|
mySetCertRegMultiStrValueEx(
|
|
IN DWORD dwFlags, //CSREG_UPGRADE|CSREG_APPEND|CSREG_REPLACE|CSREG_MERGE
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
IN WCHAR const *pwszzValue)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszzExisting = NULL;
|
|
WCHAR const *pwszzFinal = pwszzValue; //default
|
|
WCHAR *pwszzMerge = NULL;
|
|
|
|
if (0x0 == (CSREG_REPLACE & dwFlags) &&
|
|
(CSREG_UPGRADE & dwFlags) )
|
|
{
|
|
// to see if it exist
|
|
hr = myGetCertRegMultiStrValue(
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
&pwszzExisting);
|
|
if (S_OK == hr)
|
|
{
|
|
if (NULL != pwszzExisting)
|
|
{
|
|
if (0x0 == (CSREG_APPEND & dwFlags) &&
|
|
0x0 == (CSREG_MERGE & dwFlags) )
|
|
{
|
|
goto error; // keep existing entry
|
|
}
|
|
else if (0x0 != (CSREG_MERGE & dwFlags))
|
|
{
|
|
hr = myMergeMultiStrings(
|
|
pwszzExisting,
|
|
pwszzValue,
|
|
&pwszzMerge);
|
|
_JumpIfError(hr, error, "myMergeMultiStrings");
|
|
pwszzFinal = pwszzMerge;
|
|
}
|
|
else if (0x0 != (CSREG_APPEND & dwFlags))
|
|
{
|
|
hr = myAppendMultiStrings(
|
|
pwszzExisting,
|
|
pwszzValue,
|
|
&pwszzMerge);
|
|
_JumpIfError(hr, error, "myAppendMultiStrings");
|
|
pwszzFinal = pwszzMerge;
|
|
}
|
|
}
|
|
}
|
|
else if (HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND) != hr)
|
|
{
|
|
_JumpErrorStr(hr, error, "myGetCertRegMultiStrValue", pwszValueName);
|
|
}
|
|
}
|
|
hr = mySetCertRegMultiStrValue(
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
pwszzFinal);
|
|
_JumpIfErrorStr(hr, error, "mySetCertRegMultiStrValue", pwszValueName);
|
|
|
|
error:
|
|
if (NULL != pwszzExisting)
|
|
{
|
|
LocalFree(pwszzExisting);
|
|
}
|
|
if (NULL != pwszzMerge)
|
|
{
|
|
LocalFree(pwszzMerge);
|
|
}
|
|
CSASSERT(S_OK == hr || FAILED(hr));
|
|
return(hr);
|
|
}
|
|
|
|
|
|
// Description: it does the same thing as mySetCertRegDWValue but it takes
|
|
// upgrade flag, if upgrade and entry exists, do nothing
|
|
HRESULT
|
|
mySetCertRegDWValueEx(
|
|
IN BOOL fUpgrade,
|
|
OPTIONAL IN WCHAR const *pwszName1,
|
|
OPTIONAL IN WCHAR const *pwszName2,
|
|
OPTIONAL IN WCHAR const *pwszName3,
|
|
OPTIONAL IN WCHAR const *pwszValueName,
|
|
IN DWORD const dwValue)
|
|
{
|
|
HRESULT hr;
|
|
DWORD dwDummy;
|
|
|
|
if (fUpgrade)
|
|
{
|
|
// to see if it exist
|
|
hr = myGetCertRegDWValue(
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
&dwDummy);
|
|
if (S_OK == hr)
|
|
{
|
|
goto error; // keep existing entry
|
|
}
|
|
else if (HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND) != hr)
|
|
{
|
|
_JumpErrorStr(hr, error, "myGetCertRegDWValue", pwszValueName);
|
|
}
|
|
}
|
|
hr = mySetCertRegDWValue(
|
|
pwszName1,
|
|
pwszName2,
|
|
pwszName3,
|
|
pwszValueName,
|
|
dwValue);
|
|
_JumpIfErrorStr(hr, error, "mySetCertRegDWValue", pwszValueName);
|
|
|
|
error:
|
|
CSASSERT(S_OK == hr || FAILED(hr));
|
|
return(hr);
|
|
}
|
|
|
|
|
|
WCHAR const *
|
|
wszRegCertChoice(
|
|
IN DWORD dwRegHashChoice)
|
|
{
|
|
WCHAR const *pwsz;
|
|
|
|
switch (dwRegHashChoice)
|
|
{
|
|
case CSRH_CASIGCERT:
|
|
pwsz = wszREGCACERTHASH;
|
|
break;
|
|
|
|
case CSRH_CAXCHGCERT:
|
|
pwsz = wszREGCAXCHGCERTHASH;
|
|
break;
|
|
|
|
case CSRH_CAKRACERT:
|
|
pwsz = wszREGKRACERTHASH;
|
|
break;
|
|
|
|
default:
|
|
CSASSERT("dwRegHashChoice");
|
|
pwsz = L"";
|
|
break;
|
|
}
|
|
return(pwsz);
|
|
}
|
|
|
|
|
|
WCHAR const g_wszNoHash[] = L"-";
|
|
|
|
|
|
HRESULT myShrinkCARegHash(
|
|
IN WCHAR const *pwszSanitizedCAName,
|
|
IN DWORD dwRegHashChoice,
|
|
IN DWORD Index)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
DWORD i;
|
|
DWORD dwType;
|
|
DWORD count;
|
|
WCHAR *pwszzOld = NULL;
|
|
WCHAR *pwchr = NULL; // no free
|
|
|
|
hr = myGetCertRegValue(
|
|
NULL,
|
|
pwszSanitizedCAName,
|
|
NULL,
|
|
NULL,
|
|
wszRegCertChoice(dwRegHashChoice),
|
|
(BYTE **) &pwszzOld,
|
|
&i, // ignore &cb
|
|
&dwType);
|
|
_JumpIfErrorStr(hr, error, "myGetCertRegValue", wszRegCertChoice(dwRegHashChoice));
|
|
|
|
for (count = 0, pwchr = pwszzOld;
|
|
count < Index && L'\0' != *pwchr;
|
|
count++, pwchr += wcslen(pwchr) + 1)
|
|
NULL;
|
|
|
|
// valid only if shrinking the list
|
|
if(L'\0' == *pwchr)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "new hash count should be smaller than current count");
|
|
}
|
|
|
|
*pwchr = L'\0';
|
|
|
|
hr = mySetCertRegValue(
|
|
NULL,
|
|
pwszSanitizedCAName,
|
|
NULL,
|
|
NULL,
|
|
wszRegCertChoice(dwRegHashChoice),
|
|
REG_MULTI_SZ,
|
|
(BYTE const *) pwszzOld,
|
|
(SAFE_SUBTRACT_POINTERS(pwchr, pwszzOld) + 1) * sizeof(WCHAR),
|
|
FALSE);
|
|
_JumpIfError(hr, error, "mySetCertRegValue");
|
|
|
|
error:
|
|
if(pwszzOld)
|
|
LocalFree(pwszzOld);
|
|
return hr;
|
|
}
|
|
|
|
HRESULT
|
|
mySetCARegHash(
|
|
IN WCHAR const *pwszSanitizedCAName,
|
|
IN DWORD dwRegHashChoice,
|
|
IN DWORD Index,
|
|
IN CERT_CONTEXT const *pCert)
|
|
{
|
|
HRESULT hr;
|
|
BSTR strHash = NULL;
|
|
BYTE abHash[CBMAX_CRYPT_HASH_LEN];
|
|
DWORD cbHash;
|
|
WCHAR *pwszzOld = NULL;
|
|
WCHAR *pwszzNew = NULL;
|
|
DWORD cOld;
|
|
DWORD i;
|
|
DWORD cNew;
|
|
DWORD cwcNew;
|
|
WCHAR const **apwsz = NULL;
|
|
DWORD dwType;
|
|
WCHAR *pwc;
|
|
|
|
if (NULL == pwszSanitizedCAName)
|
|
{
|
|
hr = E_POINTER;
|
|
_JumpError(hr, error, "empty ca name");
|
|
}
|
|
|
|
cbHash = sizeof(abHash);
|
|
if (!CertGetCertificateContextProperty(
|
|
pCert,
|
|
CERT_HASH_PROP_ID,
|
|
abHash,
|
|
&cbHash))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CertGetCertificateContextProperty");
|
|
}
|
|
|
|
hr = MultiByteIntegerToBstr(TRUE, cbHash, abHash, &strHash);
|
|
_JumpIfError(hr, error, "MultiByteIntegerToBstr");
|
|
|
|
cOld = 0;
|
|
hr = myGetCertRegValue(
|
|
NULL,
|
|
pwszSanitizedCAName,
|
|
NULL,
|
|
NULL,
|
|
wszRegCertChoice(dwRegHashChoice),
|
|
(BYTE **) &pwszzOld,
|
|
&i, // ignore &cb
|
|
&dwType);
|
|
_PrintIfError2(hr, "myGetCertRegValue", HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
|
|
if (S_OK == hr && REG_MULTI_SZ == dwType)
|
|
{
|
|
for (pwc = pwszzOld; L'\0' != *pwc; pwc += wcslen(pwc) + 1)
|
|
{
|
|
cOld++;
|
|
}
|
|
}
|
|
|
|
cNew = max(Index + 1, cOld);
|
|
apwsz = (WCHAR const **) LocalAlloc(LMEM_FIXED, cNew * sizeof(*apwsz));
|
|
if (NULL == apwsz)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
i = 0;
|
|
if (0 != cOld)
|
|
{
|
|
for (pwc = pwszzOld; L'\0' != *pwc; pwc += wcslen(pwc) + 1)
|
|
{
|
|
DBGPRINT((DBG_SS_CERTLIBI, "Old CARegHash[%u] = \"%ws\"\n", i, pwc));
|
|
apwsz[i++] = pwc;
|
|
}
|
|
CSASSERT(i == cOld);
|
|
}
|
|
while (i < Index)
|
|
{
|
|
DBGPRINT((DBG_SS_CERTLIBI, "CARegHash[%u] Unused\n", i));
|
|
apwsz[i++] = g_wszNoHash;
|
|
}
|
|
if (Index < cOld)
|
|
{
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"Replacing CARegHash[%u] = \"%ws\"\n",
|
|
Index,
|
|
apwsz[Index]));
|
|
}
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"Adding CARegHash[%u] = \"%ws\"\n",
|
|
Index,
|
|
strHash));
|
|
apwsz[Index] = strHash;
|
|
|
|
cwcNew = 1; // wszz double termination
|
|
for (i = 0; i < cNew; i++)
|
|
{
|
|
cwcNew += wcslen(apwsz[i]) + 1;
|
|
}
|
|
|
|
pwszzNew = (WCHAR *) LocalAlloc(LMEM_FIXED, cwcNew * sizeof(WCHAR));
|
|
if (NULL == pwszzNew)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
pwc = pwszzNew;
|
|
for (i = 0; i < cNew; i++)
|
|
{
|
|
wcscpy(pwc, apwsz[i]);
|
|
DBGPRINT((DBG_SS_CERTLIBI, "New CARegHash[%u] = \"%ws\"\n", i, pwc));
|
|
pwc += wcslen(pwc) + 1;
|
|
}
|
|
*pwc = L'\0';
|
|
|
|
CSASSERT(&pwszzNew[cwcNew - 1] == pwc);
|
|
|
|
hr = mySetCertRegValue(
|
|
NULL,
|
|
pwszSanitizedCAName,
|
|
NULL,
|
|
NULL,
|
|
wszRegCertChoice(dwRegHashChoice),
|
|
REG_MULTI_SZ,
|
|
(BYTE const *) pwszzNew,
|
|
cwcNew * sizeof(WCHAR),
|
|
FALSE);
|
|
_JumpIfError(hr, error, "mySetCertRegValue");
|
|
|
|
error:
|
|
if (NULL != apwsz)
|
|
{
|
|
LocalFree(apwsz);
|
|
}
|
|
if (NULL != pwszzOld)
|
|
{
|
|
LocalFree(pwszzOld);
|
|
}
|
|
if (NULL != pwszzNew)
|
|
{
|
|
LocalFree(pwszzNew);
|
|
}
|
|
if (NULL != strHash)
|
|
{
|
|
SysFreeString(strHash);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetCARegHash(
|
|
IN WCHAR const *pwszSanitizedCAName,
|
|
IN DWORD dwRegHashChoice,
|
|
IN DWORD Index,
|
|
OUT BYTE **ppbHash,
|
|
OUT DWORD *pcbHash)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszz = NULL;
|
|
DWORD cb;
|
|
DWORD dwType;
|
|
WCHAR *pwc;
|
|
DWORD i;
|
|
|
|
*ppbHash = NULL;
|
|
hr = myGetCertRegValue(
|
|
NULL,
|
|
pwszSanitizedCAName,
|
|
NULL,
|
|
NULL,
|
|
wszRegCertChoice(dwRegHashChoice),
|
|
(BYTE **) &pwszz,
|
|
&cb,
|
|
&dwType);
|
|
_JumpIfError(hr, error, "myGetCertRegValue");
|
|
|
|
if (REG_MULTI_SZ != dwType)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
|
|
_JumpError(hr, error, "dwType");
|
|
}
|
|
pwc = pwszz;
|
|
for (i = 0; i < Index; i++)
|
|
{
|
|
if (L'\0' == *pwc)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND);
|
|
_JumpError(hr, error, "Index too large");
|
|
}
|
|
pwc += wcslen(pwc) + 1;
|
|
}
|
|
if (0 == lstrcmp(g_wszNoHash, pwc))
|
|
{
|
|
hr = S_FALSE;
|
|
_JumpError2(hr, error, "Unused hash", S_FALSE);
|
|
}
|
|
hr = WszToMultiByteInteger(TRUE, pwc, pcbHash, ppbHash);
|
|
_JumpIfError(hr, error, "WszToMultiByteInteger");
|
|
|
|
error:
|
|
if (NULL != pwszz)
|
|
{
|
|
LocalFree(pwszz);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetCARegHashCount(
|
|
IN WCHAR const *pwszSanitizedCAName,
|
|
IN DWORD dwRegHashChoice,
|
|
OUT DWORD *pCount)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszz = NULL;
|
|
DWORD cb;
|
|
DWORD dwType;
|
|
WCHAR *pwc;
|
|
DWORD Count = 0;
|
|
|
|
hr = myGetCertRegValue(
|
|
NULL,
|
|
pwszSanitizedCAName,
|
|
NULL,
|
|
NULL,
|
|
wszRegCertChoice(dwRegHashChoice),
|
|
(BYTE **) &pwszz,
|
|
&cb,
|
|
&dwType);
|
|
if (S_OK == hr)
|
|
{
|
|
if (REG_MULTI_SZ == dwType)
|
|
{
|
|
for (pwc = pwszz; L'\0' != *pwc; pwc += wcslen(pwc) + 1)
|
|
{
|
|
Count++;
|
|
}
|
|
}
|
|
}
|
|
else if (HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND) != hr)
|
|
{
|
|
_JumpError(hr, error, "myGetCertRegValue");
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
*pCount = Count;
|
|
if (NULL != pwszz)
|
|
{
|
|
LocalFree(pwszz);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myFindCACertByHash(
|
|
IN HCERTSTORE hStore,
|
|
IN BYTE const *pbHash,
|
|
IN DWORD cbHash,
|
|
OUT OPTIONAL DWORD *pdwNameId,
|
|
CERT_CONTEXT const **ppCACert)
|
|
{
|
|
HRESULT hr;
|
|
CRYPT_DATA_BLOB Hash;
|
|
|
|
CSASSERT(
|
|
NULL != hStore &&
|
|
NULL != pbHash &&
|
|
NULL != ppCACert);
|
|
|
|
*ppCACert = NULL;
|
|
Hash.pbData = const_cast<BYTE *>(pbHash);
|
|
Hash.cbData = cbHash;
|
|
|
|
*ppCACert = CertFindCertificateInStore(
|
|
hStore,
|
|
X509_ASN_ENCODING,
|
|
0,
|
|
CERT_FIND_HASH,
|
|
&Hash,
|
|
NULL);
|
|
if (NULL == *ppCACert)
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CertFindCertificateInStore");
|
|
}
|
|
|
|
if (NULL != pdwNameId)
|
|
{
|
|
*pdwNameId = MAXDWORD;
|
|
hr = myGetNameId(*ppCACert, pdwNameId);
|
|
_PrintIfError(hr, "myGetNameId");
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myFindCACertByHashIndex(
|
|
IN HCERTSTORE hStore,
|
|
IN WCHAR const *pwszSanitizedCAName,
|
|
IN DWORD dwRegHashChoice,
|
|
IN DWORD Index,
|
|
OPTIONAL OUT DWORD *pdwNameId,
|
|
CERT_CONTEXT const **ppCACert)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cbHash;
|
|
BYTE *pbHash = NULL;
|
|
|
|
CSASSERT(NULL != hStore && NULL != ppCACert);
|
|
|
|
if (NULL != pdwNameId)
|
|
{
|
|
*pdwNameId = MAXDWORD;
|
|
}
|
|
*ppCACert = NULL;
|
|
|
|
hr = myGetCARegHash(
|
|
pwszSanitizedCAName,
|
|
dwRegHashChoice,
|
|
Index,
|
|
&pbHash,
|
|
&cbHash);
|
|
_JumpIfError2(hr, error, "myGetCARegHash", S_FALSE);
|
|
|
|
hr = myFindCACertByHash(hStore, pbHash, cbHash, pdwNameId, ppCACert);
|
|
_JumpIfError(hr, error, "myFindCACertByHash");
|
|
|
|
error:
|
|
if (NULL != pbHash)
|
|
{
|
|
LocalFree(pbHash);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
GetSetupStatus(
|
|
OPTIONAL IN WCHAR const *pwszSanitizedCAName,
|
|
OUT DWORD *pdwStatus)
|
|
{
|
|
HRESULT hr;
|
|
|
|
hr = myGetCertRegDWValue(
|
|
pwszSanitizedCAName,
|
|
NULL,
|
|
NULL,
|
|
wszREGSETUPSTATUS,
|
|
pdwStatus);
|
|
_JumpIfErrorStr2(
|
|
hr,
|
|
error,
|
|
"myGetCertRegDWValue",
|
|
wszREGSETUPSTATUS,
|
|
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
|
|
|
|
DBGPRINT((DBG_SS_CERTLIBI, "GetSetupStatus(%ws) --> %x\n", pwszSanitizedCAName, *pdwStatus));
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
SetSetupStatus(
|
|
OPTIONAL IN WCHAR const *pwszSanitizedCAName,
|
|
IN const DWORD dwFlag,
|
|
IN const BOOL fSetBit)
|
|
{
|
|
HRESULT hr;
|
|
DWORD dwCurrentStatus;
|
|
DWORD dwStatus = dwFlag;
|
|
|
|
hr = myGetCertRegDWValue(
|
|
pwszSanitizedCAName,
|
|
NULL,
|
|
NULL,
|
|
wszREGSETUPSTATUS,
|
|
&dwCurrentStatus);
|
|
_PrintIfError2(
|
|
hr,
|
|
"myGetCertRegDWValue",
|
|
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
|
|
|
|
// check to if there is existing status
|
|
if (S_OK == hr || 0xFFFFFFFF == dwStatus)
|
|
{
|
|
// existing status, set according to dwFlag
|
|
|
|
if (fSetBit)
|
|
{
|
|
// set corresponding bit
|
|
dwStatus = dwCurrentStatus | dwStatus;
|
|
}
|
|
else
|
|
{
|
|
// unset corresponding
|
|
dwStatus = dwCurrentStatus & ~dwStatus;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
// entry doesn't exist, if fSetBit, keep dwStatus=dwFlag
|
|
if (!fSetBit)
|
|
{
|
|
// otherwise set all 0
|
|
dwStatus = 0x0;
|
|
}
|
|
}
|
|
hr = mySetCertRegDWValue(
|
|
pwszSanitizedCAName,
|
|
NULL,
|
|
NULL,
|
|
wszREGSETUPSTATUS,
|
|
dwStatus);
|
|
_JumpIfError(hr, error, "mySetCertRegDWValue");
|
|
|
|
DBGPRINT((DBG_SS_CERTLIBI, "SetSetupStatus(%ws, %x)\n", pwszSanitizedCAName, dwStatus));
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetActiveManageModule(
|
|
OPTIONAL IN WCHAR const *pwszMachine,
|
|
IN WCHAR const *pwszSanitizedCAName,
|
|
IN BOOL fPolicyModule,
|
|
IN DWORD Index,
|
|
OUT LPOLESTR *ppwszProgIdManageModule, // CoTaskMem*
|
|
OUT CLSID *pclsidManageModule)
|
|
{
|
|
DWORD dw;
|
|
PBYTE pb = NULL;
|
|
DWORD dwType, cb = 0;
|
|
|
|
LPWSTR pszTmp;
|
|
DWORD cbClassName;
|
|
LPOLESTR lpszProgID = NULL;
|
|
LPWSTR szClassName = NULL;
|
|
|
|
if (NULL != *ppwszProgIdManageModule)
|
|
{
|
|
CoTaskMemFree(*ppwszProgIdManageModule);
|
|
*ppwszProgIdManageModule = NULL;
|
|
}
|
|
|
|
dw = myGetActiveModule(
|
|
pwszMachine,
|
|
pwszSanitizedCAName,
|
|
fPolicyModule,
|
|
Index,
|
|
&lpszProgID,
|
|
NULL);
|
|
if (S_OK != dw)
|
|
goto error;
|
|
|
|
{
|
|
// terminate class name at first '.'
|
|
LPWSTR pAddTermination = wcschr(lpszProgID, L'.');
|
|
|
|
if (NULL != pAddTermination)
|
|
{
|
|
pAddTermination[0] = L'\0';
|
|
}
|
|
}
|
|
|
|
cbClassName = (wcslen(lpszProgID) + 1) * sizeof(WCHAR);
|
|
cbClassName += (fPolicyModule) ? sizeof(wszCERTMANAGEPOLICY_POSTFIX) : sizeof(wszCERTMANAGEEXIT_POSTFIX);
|
|
|
|
szClassName = (LPWSTR) CoTaskMemAlloc(cbClassName);
|
|
if (NULL == szClassName)
|
|
goto error;
|
|
|
|
wcscpy(szClassName, lpszProgID);
|
|
wcscat(szClassName, fPolicyModule? wszCERTMANAGEPOLICY_POSTFIX : wszCERTMANAGEEXIT_POSTFIX);
|
|
|
|
// Now we have class module name, cvt to clsid
|
|
dw = CLSIDFromProgID(szClassName, pclsidManageModule);
|
|
if (S_OK != dw)
|
|
goto error; // clsid not found?
|
|
|
|
error:
|
|
if (pb)
|
|
LocalFree(pb);
|
|
|
|
// intermediate ProgId
|
|
if (lpszProgID)
|
|
CoTaskMemFree(lpszProgID);
|
|
|
|
*ppwszProgIdManageModule = szClassName;
|
|
|
|
return dw;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetActiveModule(
|
|
OPTIONAL IN WCHAR const *pwszMachine,
|
|
IN WCHAR const *pwszSanitizedCAName,
|
|
IN BOOL fPolicyModule,
|
|
IN DWORD Index,
|
|
OPTIONAL OUT LPOLESTR *ppwszProgIdModule, // CoTaskMem*
|
|
OPTIONAL OUT CLSID *pclsidModule)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszzValue = NULL;
|
|
WCHAR *pwsz;
|
|
DWORD dwType;
|
|
DWORD cb = 0;
|
|
LPWSTR pwszModuleSubkey = NULL;
|
|
DWORD chModule;
|
|
|
|
chModule = wcslen(pwszSanitizedCAName) + 1 + 1; // (L'\\' + trailing L'\0');
|
|
chModule += fPolicyModule?
|
|
WSZARRAYSIZE(wszREGKEYPOLICYMODULES) :
|
|
WSZARRAYSIZE(wszREGKEYEXITMODULES);
|
|
|
|
pwszModuleSubkey = (LPWSTR) LocalAlloc(
|
|
LMEM_FIXED,
|
|
chModule * sizeof(WCHAR));
|
|
if (NULL == pwszModuleSubkey)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(pwszModuleSubkey, pwszSanitizedCAName);
|
|
wcscat(pwszModuleSubkey, L"\\");
|
|
wcscat(
|
|
pwszModuleSubkey,
|
|
fPolicyModule? wszREGKEYPOLICYMODULES : wszREGKEYEXITMODULES);
|
|
|
|
// grab entry under CA with the active module ProgID
|
|
hr = myGetCertRegValue(
|
|
pwszMachine,
|
|
pwszModuleSubkey,
|
|
NULL,
|
|
NULL,
|
|
wszREGACTIVE,
|
|
(BYTE **) &pwszzValue,
|
|
&cb,
|
|
&dwType);
|
|
_JumpIfError(hr, error, "myGetCertRegValue");
|
|
|
|
hr = HRESULT_FROM_WIN32(ERROR_MOD_NOT_FOUND);
|
|
|
|
// might or might not have an active entry
|
|
if (REG_SZ != dwType && REG_MULTI_SZ != dwType)
|
|
{
|
|
_JumpError(hr, error, "Bad active entry type");
|
|
}
|
|
if (0 == cb || NULL == pwszzValue)
|
|
{
|
|
_JumpError(hr, error, "No active entry");
|
|
}
|
|
if (0 != Index && (REG_SZ == dwType || fPolicyModule))
|
|
{
|
|
_JumpError(hr, error, "only one policy module or REG_SZ entry");
|
|
}
|
|
|
|
pwsz = pwszzValue;
|
|
|
|
if (REG_MULTI_SZ == dwType)
|
|
{
|
|
// look for Index'th entry
|
|
for ( ; 0 != Index; pwsz += wcslen(pwsz) + 1, Index--)
|
|
{
|
|
if (L'\0' == *pwsz)
|
|
{
|
|
_JumpError(hr, error, "No more active entries");
|
|
}
|
|
}
|
|
}
|
|
|
|
// Verify nth entry exists
|
|
if (L'\0' == *pwsz)
|
|
{
|
|
_JumpError(hr, error, "No active entries");
|
|
}
|
|
|
|
if (NULL != pclsidModule)
|
|
{
|
|
hr = CLSIDFromProgID(pwsz, pclsidModule);
|
|
_JumpIfError(hr, error, "CLSIDFromProgID");
|
|
}
|
|
|
|
if (NULL != ppwszProgIdModule)
|
|
{
|
|
*ppwszProgIdModule = (LPOLESTR) CoTaskMemAlloc(
|
|
(wcslen(pwsz) + 1) * sizeof(WCHAR));
|
|
if (NULL == *ppwszProgIdModule)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "CoTaskMemAlloc");
|
|
}
|
|
wcscpy(*ppwszProgIdModule, pwsz);
|
|
}
|
|
hr = S_OK; // not reset after ERROR_MOD_NOT_FOUND in all cases
|
|
|
|
error:
|
|
if (NULL != pwszModuleSubkey)
|
|
{
|
|
LocalFree(pwszModuleSubkey);
|
|
}
|
|
if (NULL != pwszzValue)
|
|
{
|
|
LocalFree(pwszzValue);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
BOOL
|
|
IsPrefix(
|
|
WCHAR const *pwszPrefix,
|
|
WCHAR const *pwszString,
|
|
DWORD cwcPrefix)
|
|
{
|
|
return(
|
|
0 == _wcsnicmp(pwszPrefix, pwszString, cwcPrefix) &&
|
|
(L'\\' == pwszString[cwcPrefix] ||
|
|
L'\0' == pwszString[cwcPrefix]));
|
|
}
|
|
|
|
|
|
//+------------------------------------------------------------------------
|
|
// Function: myRegOpenRelativeKey
|
|
//
|
|
// Synopsis: Compute CA-relative, Policy-relative or Exit-relative registry
|
|
// path, and retrieve the value, type, and parent registry key.
|
|
//
|
|
// IN params:
|
|
//
|
|
// pwszConfig is the config string of the CA:
|
|
// if NULL, the local machine's first active CA is used.
|
|
// if a server name (no \CAName is present), the specified machine's
|
|
// first active CA is used.
|
|
//
|
|
// pwszRegName can specify any of the following the targets:
|
|
// Passed String: ValueName Relative Key Opened:
|
|
// ------------- ------------------------------
|
|
// "ValueName" Configuration key
|
|
// "CA[\ValueName]" CAName key
|
|
// "policy[\ValueName]" CAName\PolicyModules\<ActivePolicy>
|
|
// "policy\ModuleProgId[\ValueName]" CAName\PolicyModules\ModuleProgId
|
|
// "exit[\ValueName]" CAName\ExitModules\<ActiveExit>
|
|
// "exit\ModuleProgId[\ValueName]" CAName\ExitModules\ModuleProgId
|
|
// "Template[\ValueName]" Template
|
|
//
|
|
//
|
|
// RORKF_FULLPATH specifies whether the path returned is relative from HKLM or
|
|
// HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration.
|
|
//
|
|
// RORKF_CREATESUBKEYS will allow subkeys to be created if necessary and the
|
|
// returned hkey opened for WRITE access
|
|
//
|
|
// On successful execution:
|
|
//
|
|
// *ppwszPath will contain a LocalAlloc'd registry path relative to
|
|
// HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration.
|
|
//
|
|
// *ppwszName will contain a LocalAlloc'd registry value name string relative to
|
|
// the returned parent key. If NULL, pwszRegName specifies a key, not a value.
|
|
//
|
|
// *phkey contains the opened reg key, if phkey non-NULL. Caller is responsible
|
|
// for freeing this key.
|
|
//-------------------------------------------------------------------------
|
|
|
|
HRESULT
|
|
myRegOpenRelativeKey(
|
|
OPTIONAL IN WCHAR const *pwszConfig,
|
|
IN WCHAR const *pwszRegName,
|
|
IN DWORD Flags, // RORKF_*
|
|
OUT WCHAR **ppwszPath,
|
|
OUT OPTIONAL WCHAR **ppwszName,
|
|
OUT OPTIONAL HKEY *phkey)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR awc[MAX_PATH];
|
|
WCHAR awc2[MAX_PATH];
|
|
HKEY hkeyRoot = HKEY_LOCAL_MACHINE;
|
|
HKEY hkeyConfig = NULL;
|
|
HKEY hkeyMod = NULL;
|
|
HKEY hkeyRequested = NULL;
|
|
WCHAR *pwszMachine = NULL;
|
|
WCHAR const *pwszModules = NULL;
|
|
WCHAR const *pwszName;
|
|
WCHAR const *pwsz;
|
|
DWORD dwType;
|
|
DWORD cb;
|
|
DWORD cwc;
|
|
DWORD i;
|
|
BOOL fTemplateCache;
|
|
DWORD dwDisposition;
|
|
|
|
// Parameter checking
|
|
|
|
if (NULL != phkey)
|
|
{
|
|
*phkey = NULL;
|
|
}
|
|
if (NULL != ppwszName)
|
|
{
|
|
*ppwszName = NULL;
|
|
}
|
|
if (NULL == ppwszPath)
|
|
{
|
|
hr = E_POINTER;
|
|
_JumpError(hr, error, "ppwszPath not optional");
|
|
}
|
|
*ppwszPath = NULL;
|
|
|
|
fTemplateCache = IsPrefix(L"Template", pwszRegName, 8);
|
|
if (fTemplateCache && (RORKF_USERKEY & Flags))
|
|
{
|
|
hkeyRoot = HKEY_CURRENT_USER;
|
|
}
|
|
|
|
// take care of remote machine access
|
|
|
|
if (NULL != pwszConfig)
|
|
{
|
|
BOOL fLocal;
|
|
|
|
hr = myIsConfigLocal(pwszConfig, &pwszMachine, &fLocal);
|
|
_JumpIfError(hr, error, "myIsConfigLocal");
|
|
|
|
if (!fLocal)
|
|
{
|
|
hr = RegConnectRegistry(pwszMachine, hkeyRoot, &hkeyRoot);
|
|
_JumpIfError(hr, error, "RegConnectRegistry");
|
|
}
|
|
}
|
|
|
|
if (!fTemplateCache)
|
|
{
|
|
hr = RegOpenKeyEx(
|
|
hkeyRoot,
|
|
wszREGKEYCONFIGPATH,
|
|
0,
|
|
(RORKF_CREATESUBKEYS & Flags)? KEY_ALL_ACCESS : KEY_READ,
|
|
&hkeyConfig);
|
|
_JumpIfError(hr, error, "RegOpenKey(config)");
|
|
}
|
|
|
|
// value or key\value passed in under pwszRegName?
|
|
|
|
pwsz = wcschr(pwszRegName, L'\\');
|
|
if (NULL == pwsz &&
|
|
!IsPrefix(L"CA", pwszRegName, 2) &&
|
|
!IsPrefix(L"Policy", pwszRegName, 6) &&
|
|
!IsPrefix(L"Exit", pwszRegName, 4) &&
|
|
!IsPrefix(L"Restore", pwszRegName, 7) &&
|
|
!fTemplateCache)
|
|
{
|
|
// Operate on registry value under the Configuration registry key
|
|
|
|
pwszName = pwszRegName;
|
|
|
|
// this is the final key we'll open
|
|
|
|
hkeyRequested = hkeyConfig;
|
|
hkeyConfig = NULL;
|
|
awc[0] = L'\0';
|
|
}
|
|
else if (fTemplateCache)
|
|
{
|
|
pwszName = &pwszRegName[8];
|
|
wcscpy(awc, wszCERTTYPECACHE);
|
|
}
|
|
else
|
|
{
|
|
//printf("RegName = '%ws'\n", pwszRegName);
|
|
// load config of the active CA
|
|
|
|
cb = sizeof(awc);
|
|
hr = RegQueryValueEx(
|
|
hkeyConfig,
|
|
wszREGACTIVE,
|
|
NULL,
|
|
&dwType,
|
|
(BYTE *) awc,
|
|
&cb);
|
|
_JumpIfErrorStr(hr, error, "RegQueryValueEx", wszREGACTIVE);
|
|
|
|
if (REG_SZ != dwType && REG_MULTI_SZ != dwType)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
|
|
_JumpIfErrorStr(hr, error, "RegQueryValueEx TYPE", wszREGACTIVE);
|
|
}
|
|
|
|
//printf("Active CA = '%ws'\n", awc);
|
|
|
|
// operate on key\value
|
|
|
|
// first, subdivide into policymodules\exitmodules subkey
|
|
|
|
if (IsPrefix(L"CA", pwszRegName, 2))
|
|
{
|
|
// Operate on registry value under the Active CA registry key
|
|
|
|
pwszName = &pwszRegName[2];
|
|
}
|
|
else if (IsPrefix(L"Policy", pwszRegName, 6))
|
|
{
|
|
// Operate on registry value under a Policy Module registry key
|
|
|
|
pwszModules = wszREGKEYPOLICYMODULES;
|
|
pwszName = &pwszRegName[6];
|
|
}
|
|
else if (IsPrefix(L"Exit", pwszRegName, 4))
|
|
{
|
|
// Operate on registry value under an Exit Module registry key
|
|
|
|
pwszModules = wszREGKEYEXITMODULES;
|
|
pwszName = &pwszRegName[4];
|
|
}
|
|
else if (IsPrefix(L"Restore", pwszRegName, 7))
|
|
{
|
|
// Operate on registry value under Restore registry key
|
|
|
|
pwszName = &pwszRegName[7];
|
|
wcscpy(awc, wszREGKEYRESTOREINPROGRESS);
|
|
}
|
|
else
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "pwszRegName: no subkey description");
|
|
}
|
|
|
|
// expand module ProgId if necessary: get active ProgId
|
|
|
|
if (NULL != pwszModules) // if a policy or exit module
|
|
{
|
|
wcscat(awc, L"\\");
|
|
wcscat(awc, pwszModules);
|
|
}
|
|
|
|
//printf("CA|restore|policy|exit key = '%ws'\n", awc);
|
|
|
|
if (NULL != ppwszName) // if a registry value expected
|
|
{
|
|
// Find active policy/exit module's ProgId
|
|
hr = RegOpenKeyEx(
|
|
hkeyConfig,
|
|
awc,
|
|
0,
|
|
KEY_READ,
|
|
&hkeyMod);
|
|
_JumpIfErrorStr(hr, error, "RegOpenKey", awc);
|
|
|
|
if (NULL != pwszModules) // if a policy or exit module
|
|
{
|
|
cb = sizeof(awc2);
|
|
hr = RegQueryValueEx(
|
|
hkeyMod,
|
|
wszREGACTIVE,
|
|
NULL,
|
|
&dwType,
|
|
(BYTE *) awc2,
|
|
&cb);
|
|
_JumpIfErrorStr(hr, error, "RegQueryValueEx", wszREGACTIVE);
|
|
|
|
if (REG_SZ != dwType && REG_MULTI_SZ != dwType)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
|
|
_JumpIfErrorStr(hr, error, "RegQueryValueEx Active Module", awc);
|
|
}
|
|
|
|
//printf("Active Module = '%ws'\n", awc2);
|
|
|
|
wcscat(awc, L"\\");
|
|
wcscat(awc, awc2);
|
|
}
|
|
}
|
|
else // else a registry key name is expected
|
|
{
|
|
// key\value: ProgId was passed in
|
|
// concatenate key name (including the \\ prefix) onto end of awc
|
|
|
|
if (NULL != pwsz)
|
|
{
|
|
CSASSERT(L'\\' == *pwsz);
|
|
wcscat(awc, pwsz);
|
|
}
|
|
}
|
|
} // end if (operate on key/value or value)
|
|
|
|
if (NULL == hkeyRequested)
|
|
{
|
|
//printf("Creating key = '%ws'\n", awc);
|
|
|
|
// open this key
|
|
hr = RegCreateKeyEx(
|
|
NULL != hkeyConfig? hkeyConfig : hkeyRoot,
|
|
awc,
|
|
0,
|
|
NULL,
|
|
0,
|
|
(RORKF_CREATESUBKEYS & Flags)? KEY_ALL_ACCESS : KEY_READ,
|
|
NULL,
|
|
&hkeyRequested,
|
|
&dwDisposition);
|
|
_JumpIfErrorStr(hr, error, "RegCreateKeyEx(parent)", awc);
|
|
|
|
} // end if (operate on key/value or value)
|
|
|
|
if (L'\\' == *pwszName)
|
|
{
|
|
pwszName++;
|
|
}
|
|
if (NULL != ppwszName && L'\0' != *pwszName)
|
|
{
|
|
// Look for case-ignore matching registry value name, & use the value's
|
|
// correct upper/lower case spelling if an existing registry value:
|
|
|
|
for (i = 0; ; i++)
|
|
{
|
|
cwc = ARRAYSIZE(awc2);
|
|
hr = RegEnumValue(hkeyRequested, i, awc2, &cwc, NULL, NULL, NULL, NULL);
|
|
if (S_OK != hr)
|
|
{
|
|
hr = S_OK;
|
|
break;
|
|
}
|
|
if (0 == lstrcmpi(awc2, pwszName))
|
|
{
|
|
pwszName = awc2;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
cb = (wcslen(awc) + 1) * sizeof(WCHAR);
|
|
if (!fTemplateCache && (RORKF_FULLPATH & Flags))
|
|
{
|
|
cb += WSZARRAYSIZE(wszREGKEYCONFIGPATH_BS) * sizeof(WCHAR);
|
|
}
|
|
|
|
*ppwszPath = (WCHAR *) LocalAlloc(LMEM_FIXED, cb);
|
|
if (NULL == *ppwszPath)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
(*ppwszPath)[0] = L'\0';
|
|
if (!fTemplateCache && (RORKF_FULLPATH & Flags))
|
|
{
|
|
wcscpy(*ppwszPath, wszREGKEYCONFIGPATH_BS);
|
|
}
|
|
wcscat(*ppwszPath, awc);
|
|
CSASSERT((wcslen(*ppwszPath) + 1) * sizeof(WCHAR) == cb);
|
|
if (L'\0' == awc[0] && L'\\' == (*ppwszPath)[cb / sizeof(WCHAR) - 2])
|
|
{
|
|
(*ppwszPath)[cb / sizeof(WCHAR) - 2] = L'\0';
|
|
}
|
|
|
|
if (NULL != ppwszName)
|
|
{
|
|
*ppwszName = (WCHAR *) LocalAlloc(
|
|
LMEM_FIXED,
|
|
(wcslen(pwszName) + 1) * sizeof(WCHAR));
|
|
if (NULL == *ppwszName)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(*ppwszName, pwszName);
|
|
}
|
|
if (NULL != phkey)
|
|
{
|
|
*phkey = hkeyRequested;
|
|
hkeyRequested = NULL;
|
|
}
|
|
|
|
//printf("key path = '%ws'\n", *ppwszPath);
|
|
//if (NULL != ppwszName) printf("value name = '%ws'\n", *ppwszName);
|
|
|
|
error:
|
|
if (HKEY_LOCAL_MACHINE != hkeyRoot && HKEY_CURRENT_USER != hkeyRoot)
|
|
{
|
|
RegCloseKey(hkeyRoot);
|
|
}
|
|
if (NULL != hkeyConfig)
|
|
{
|
|
RegCloseKey(hkeyConfig);
|
|
}
|
|
if (NULL != hkeyMod)
|
|
{
|
|
RegCloseKey(hkeyMod);
|
|
}
|
|
if (NULL != hkeyRequested)
|
|
{
|
|
RegCloseKey(hkeyRequested);
|
|
}
|
|
if (NULL != pwszMachine)
|
|
{
|
|
LocalFree(pwszMachine);
|
|
}
|
|
if (S_OK != hr)
|
|
{
|
|
if (NULL != ppwszPath && NULL != *ppwszPath)
|
|
{
|
|
LocalFree(*ppwszPath);
|
|
*ppwszPath = NULL;
|
|
}
|
|
if (NULL != ppwszName && NULL != *ppwszName)
|
|
{
|
|
LocalFree(*ppwszName);
|
|
*ppwszName = NULL;
|
|
}
|
|
}
|
|
return(myHError(hr));
|
|
}
|
|
|
|
|
|
#define wszTEMPLATE wszFCSAPARM_SERVERDNSNAME L"_" wszFCSAPARM_SANITIZEDCANAME
|
|
#define cwcTEMPLATE WSZARRAYSIZE(wszTEMPLATE)
|
|
|
|
HRESULT
|
|
mySetCARegFileNameTemplate(
|
|
IN WCHAR const *pwszRegValueName,
|
|
IN WCHAR const *pwszServerName,
|
|
IN WCHAR const *pwszSanitizedName,
|
|
IN WCHAR const *pwszFileName)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszMatch = NULL;
|
|
WCHAR *pwszMatchIn;
|
|
WCHAR const *pwszBase;
|
|
WCHAR const *pwszExt;
|
|
DWORD cwcPath;
|
|
DWORD cwcBase;
|
|
DWORD cwcMatch;
|
|
DWORD cwcT;
|
|
WCHAR *pwszT = NULL;
|
|
WCHAR *pwszT2;
|
|
|
|
pwszBase = wcsrchr(pwszFileName, L'\\');
|
|
if (NULL == pwszBase)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_PATH_NOT_FOUND);
|
|
_JumpErrorStr(hr, error, "bad path", pwszFileName);
|
|
}
|
|
pwszBase++;
|
|
cwcPath = SAFE_SUBTRACT_POINTERS(pwszBase, pwszFileName);
|
|
pwszExt = wcsrchr(pwszBase, L'.');
|
|
if (NULL == pwszExt)
|
|
{
|
|
pwszExt = &pwszBase[wcslen(pwszBase)];
|
|
}
|
|
cwcBase = SAFE_SUBTRACT_POINTERS(pwszExt, pwszBase);
|
|
|
|
do
|
|
{
|
|
cwcMatch = wcslen(pwszServerName) + 1 + wcslen(pwszSanitizedName);
|
|
if (cwcBase != cwcMatch)
|
|
{
|
|
break;
|
|
}
|
|
|
|
// Allocate space for both strings at once:
|
|
|
|
pwszMatch = (WCHAR *) LocalAlloc(
|
|
LMEM_FIXED,
|
|
2 * (cwcMatch + 1) * sizeof(WCHAR));
|
|
if (NULL == pwszMatch)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(pwszMatch, pwszServerName);
|
|
wcscat(pwszMatch, L"_");
|
|
wcscat(pwszMatch, pwszSanitizedName);
|
|
|
|
pwszMatchIn = &pwszMatch[cwcMatch + 1];
|
|
CopyMemory(pwszMatchIn, pwszBase, cwcMatch * sizeof(WCHAR));
|
|
pwszMatchIn[cwcMatch] = L'\0';
|
|
|
|
if (0 == lstrcmpi(pwszMatch, pwszMatchIn))
|
|
{
|
|
pwszBase = wszTEMPLATE;
|
|
cwcBase = cwcTEMPLATE;
|
|
}
|
|
} while (FALSE);
|
|
|
|
cwcT = cwcPath +
|
|
cwcBase +
|
|
WSZARRAYSIZE(wszFCSAPARM_CERTFILENAMESUFFIX) +
|
|
wcslen(pwszExt);
|
|
|
|
pwszT = (WCHAR *) LocalAlloc(
|
|
LMEM_FIXED,
|
|
(cwcT + 1) * sizeof(WCHAR));
|
|
if (NULL == pwszT)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
pwszT2 = pwszT;
|
|
|
|
CopyMemory(pwszT2, pwszFileName, cwcPath * sizeof(WCHAR));
|
|
pwszT2 += cwcPath;
|
|
|
|
CopyMemory(pwszT2, pwszBase, cwcBase * sizeof(WCHAR));
|
|
pwszT2 += cwcBase;
|
|
|
|
wcscpy(pwszT2, wszFCSAPARM_CERTFILENAMESUFFIX);
|
|
wcscat(pwszT2, pwszExt);
|
|
|
|
hr = mySetCertRegStrValue(
|
|
pwszSanitizedName,
|
|
NULL,
|
|
NULL,
|
|
pwszRegValueName,
|
|
pwszT);
|
|
_JumpIfErrorStr(hr, error, "mySetCertRegStrValue", pwszRegValueName);
|
|
|
|
error:
|
|
if (NULL != pwszMatch)
|
|
{
|
|
LocalFree(pwszMatch);
|
|
}
|
|
if (NULL != pwszT)
|
|
{
|
|
LocalFree(pwszT);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetCARegFileNameTemplate(
|
|
IN WCHAR const *pwszRegValueName,
|
|
IN WCHAR const *pwszServerName,
|
|
IN WCHAR const *pwszSanitizedName,
|
|
IN DWORD iCert,
|
|
IN DWORD iCRL,
|
|
OUT WCHAR **ppwszFileName)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszT = NULL;
|
|
|
|
*ppwszFileName = NULL;
|
|
|
|
hr = myGetCertRegStrValue(
|
|
pwszSanitizedName,
|
|
NULL,
|
|
NULL,
|
|
pwszRegValueName,
|
|
&pwszT);
|
|
_JumpIfErrorStr2(
|
|
hr,
|
|
error,
|
|
"myGetCertRegStrValue",
|
|
pwszRegValueName,
|
|
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
|
|
|
|
hr = myFormatCertsrvStringArray(
|
|
FALSE, // fURL
|
|
pwszServerName, // pwszServerName_p1_2
|
|
pwszSanitizedName, // pwszSanitizedName_p3_7
|
|
iCert, // iCert_p4
|
|
L"", // pwszDomainDN_p5
|
|
L"", // pwszConfigDN_p6
|
|
iCRL, // iCRL_p8
|
|
FALSE, // fDeltaCRL_p9
|
|
FALSE, // fDSAttrib_p10_11
|
|
1, // cStrings
|
|
(LPCWSTR *) &pwszT, // apwszStringsIn
|
|
ppwszFileName); // apwszStringsOut
|
|
_JumpIfError(hr, error, "myFormatCertsrvStringArray");
|
|
|
|
error:
|
|
if (NULL != pwszT)
|
|
{
|
|
LocalFree(pwszT);
|
|
}
|
|
return(hr);
|
|
}
|