static BOOL OpenProvider(HCRYPTPROV *phProv, char *psProvider, DWORD dwFlags) { BOOL fRes; DWORD dwType = DigiCrypt_FindContext_GetCSPType(psProvider); fRes = CryptAcquireContext(phProv,NULL,psProvider, dwType, dwFlags); return(fRes); }
static char *DigiCrypt_GetFirstAllowedCSPName(void) { char *psRes = NULL; HKEY hKey = NULL; LONG lRet=0; DWORD dwIndex = 0; BOOL fRes; char sProvName[dSTRING_ITEM_LEN+1]; char sKeyNameBuf[dSTRING_ITEM_LEN+1]; HCRYPTPROV hProvide = 0; DWORD dwBufLen; FILETIME oTime; //char buff[200]; BYTE pbData[dNAME_ITEM_LEN+1]; DWORD cbData=dNAME_ITEM_LEN+1; DWORD dwProvType; strncpy(sKeyNameBuf, psData_CSP_Path, sizeof(sKeyNameBuf)); lRet = RegOpenKeyEx(HKEY_LOCAL_MACHINE,sKeyNameBuf,0, KEY_READ, &hKey); while (lRet == ERROR_SUCCESS) { dwBufLen = dSTRING_ITEM_LEN; lRet = RegEnumKeyEx(hKey,dwIndex,sProvName,&dwBufLen,NULL,NULL,0,&oTime); if (lRet == ERROR_SUCCESS) { if (lstrcmp(sProvName,psData_Ignore_CSP_Name) != 0) { dwProvType = DigiCrypt_FindContext_GetCSPType(sProvName); LOG("CSP %s",sProvName); if (lstrcmp(sProvName,psData_Extra_CSP_Name) != 0) fRes = OpenProvider(&hProvide, sProvName, CRYPT_SILENT); else { fRes = OpenProvider(&hProvide, sProvName, CRYPT_VERIFYCONTEXT); //fRes = CryptAcquireContext(&hProvide,"SetCARDKeyContainer",sProvName,dwProvType, CRYPT_SILENT); fRes = CryptAcquireContext(&hProvide,NULL,sProvName,dwProvType, CRYPT_VERIFYCONTEXT); if(fRes) { //the extra csp might give wrong answer. We should ask from provider, why. //The following is the work-around -- try to lookup key container from the card. //if the result is negative this is a not the csp what is needed. fRes=CryptGetProvParam(hProvide, PP_ENUMCONTAINERS, pbData, &cbData,CRYPT_FIRST); } } if (fRes == TRUE) { // && dwProvType == 2) //set global values LOG("CSP %s accepted",sProvName); strncpy(oG_sCSPName, sProvName, sizeof(oG_sCSPName)); CryptReleaseContext(hProvide, 0); psRes = oG_sCSPName; break; } } } //hProvide = 0; CryptReleaseContext(hProvide, 0); dwIndex++; } if (hKey != NULL) RegCloseKey(hKey); return(psRes); }
static char *DigiCrypt_GetDefaultKeyContainerName(char *psCSPName) { char *psRes = NULL; HCRYPTPROV hProvider; BOOL fRes; DWORD dwFlags = CRYPT_VERIFYCONTEXT; BYTE pbData[dNAME_ITEM_LEN+1]; DWORD cbData = dNAME_ITEM_LEN; DWORD dwError; DWORD dwProvType; ZeroMemory(pbData,cbData); ZeroMemory(oG_sKeyContainerName,1000); dwProvType = DigiCrypt_FindContext_GetCSPType(psCSPName); //LOG("GetDefaultKeyContainerName CSP=%s",psCSPName); if (lstrcmp(psCSPName,psData_Extra_CSP_Name) != 0) fRes = CryptAcquireContext(&hProvider,NULL,psCSPName,dwProvType, CRYPT_SILENT); else fRes = CryptAcquireContext(&hProvider,NULL,psCSPName,dwProvType, CRYPT_VERIFYCONTEXT); if (fRes == FALSE && dwFlags == CRYPT_SILENT) { //by description must be CRYPT_VERIFYCONTEXT fRes = CryptAcquireContext(&hProvider,NULL,psCSPName,dwProvType, CRYPT_VERIFYCONTEXT); } if (fRes == TRUE) { cbData = dNAME_ITEM_LEN; fRes = CryptGetProvParam(hProvider, PP_CONTAINER, pbData, &cbData, 0); /*if (fRes == FALSE) dwError = GetLastError();*/ } //Some cards should not have default key container //let try to find key containers on the card. if (fRes == FALSE) { fRes=CryptGetProvParam(hProvider, PP_ENUMCONTAINERS, pbData, &cbData,CRYPT_FIRST); if (fRes == FALSE) dwError = GetLastError(); } if (fRes == TRUE) { //oG_hProvider = hProvider; strncpy(oG_sKeyContainerName, (char *) pbData, sizeof(oG_sKeyContainerName)); //psRes = oG_sKeyContainerName; DigiCrypt_ChangeContainerName(oG_sKeyContainerName); } else { } if (psRes != NULL) LOG("GetDefaultKeyContainerName CSP=%s",psCSPName); else LOG("GetDefaultKeyContainerName Not found"); if (hProvider != 0) CryptReleaseContext(hProvider, 0); return(oG_sKeyContainerName); }
static char *DigiCrypt_GetFirstAllowedCSPNameNew(void) { char *psRes = NULL; HKEY hKey = NULL; LONG lRet=0; DWORD dwIndex = 0; BOOL fRes; char sProvName[dSTRING_ITEM_LEN+1]; char sKeyNameBuf[dSTRING_ITEM_LEN+1]; HCRYPTPROV hProvide = 0; DWORD dwBufLen; FILETIME oTime; //char buff[200]; BYTE pbData[dNAME_ITEM_LEN+1]; DWORD cbData=dNAME_ITEM_LEN+1; // DWORD dwProvType; lstrcpy(sKeyNameBuf,psData_CSP_Path); lRet = RegOpenKeyEx(HKEY_LOCAL_MACHINE,sKeyNameBuf,0, KEY_READ, &hKey); while (lRet == ERROR_SUCCESS) { dwBufLen = dSTRING_ITEM_LEN; lRet = RegEnumKeyEx(hKey,dwIndex,sProvName,&dwBufLen,NULL,NULL,0,&oTime); if (lRet == ERROR_SUCCESS) { if (lstrcmp(sProvName,psData_Ignore_CSP_Name) != 0) { cbData=dNAME_ITEM_LEN+1; dwProvType = DigiCrypt_FindContext_GetCSPType(sProvName); LOG("CSP %s",sProvName); //printf("%s :",sProvName); if ((lstrcmp(sProvName,psData_Extra_CSP_Name) != 0) && (lstrcmp(sProvName,"Belgium Identity Card CSP")!=0)) { //fRes = OpenProvider(&hProvide, sProvName, CRYPT_SILENT); fRes = CryptAcquireContext(&hProvide,NULL,sProvName,dwProvType, CRYPT_SILENT); fRes=CryptGetProvParam(hProvide, PP_ENUMCONTAINERS, pbData, &cbData,CRYPT_FIRST); // printf("X\n"); } else { //fRes = OpenProvider(&hProvide, sProvName, CRYPT_VERIFYCONTEXT); //fRes = CryptAcquireContext(&hProvide,"SetCARDKeyContainer",sProvName,dwProvType, CRYPT_SILENT); fRes = CryptAcquireContext(&hProvide,NULL,sProvName,dwProvType, CRYPT_VERIFYCONTEXT); if (fRes == TRUE) { //the extra csp might give wrong answer. We should ask from provider, why. //The following is the work-around -- try to lookup key container from the card. //if the result is negative this is a not the csp what is needed. fRes=CryptGetProvParam(hProvide, PP_ENUMCONTAINERS, pbData, &cbData,CRYPT_FIRST); if (fRes == TRUE) fRes=CryptAcquireContext(&hProvide,(char*)pbData,sProvName,dwProvType, CRYPT_SILENT); } } //printf("fRes: %x\n",GetLastError()); if (fRes == TRUE) // && dwProvType == 2) { // printf("OK %d %s\n",cbData, pbData); //set global values LOG("CSP %s accepted",sProvName); //is it hardware token? cbData=dNAME_ITEM_LEN+1; if (CryptGetProvParam(hProvide, PP_IMPTYPE, pbData, &cbData, 0)) { //printf("implementat: %d\n",pbData[0]); if((pbData[0] & 1)) // hardware token { lstrcpy(oG_sCSPName,sProvName); //CryptReleaseContext(hProvide, 0); psRes = oG_sCSPName; break; } } } } } //hProvide = 0; CryptReleaseContext(hProvide, 0); dwIndex++; } if (hKey != NULL) RegCloseKey(hKey); return(psRes); }
PCCERT_CONTEXT DigiCrypt_ReadCertFromCard(void) { HCRYPTPROV hCryptProv; BYTE *pbData = NULL; HCRYPTKEY hKey; DWORD cbData = 0; DWORD dwKeyType=0; DWORD dwErrCode=0; DWORD cspType=0; DWORD cspFlag=CRYPT_SILENT; char *psCspName = NULL; char *psKeyContainer; BOOL fRes = FALSE; PCCERT_CONTEXT pCertContext = NULL; CRYPT_KEY_PROV_INFO KeyProvInfo; LPWSTR wszContainerName=NULL; LPWSTR wszProvName=NULL; DWORD cchContainerName; DWORD cchCSPName; HCRYPTPROV hProv; DigiCrypt_ReleaseFirstAllowedCSP(); psCspName=DigiCrypt_GetFirstAllowedCSPNameNew(); //very dummy thing.. i check from csp creators why i should do so... if(!lstrcmp(psCspName,"EstEID Card CSP")) fRes = CryptAcquireContext(&hProv,"XXX",psCspName,2, CRYPT_SILENT); // end dummy// if (psCspName == NULL || strstr(psCspName,psData_Est_CSP_Name) == NULL) return(pCertContext); cspType=DigiCrypt_FindContext_GetCSPType(psCspName); psKeyContainer=DigiCrypt_GetDefaultKeyContainerName(psCspName); fRes = CryptAcquireContext(&hCryptProv,psKeyContainer,psCspName,cspType, CRYPT_SILENT); if (fRes == FALSE) return(pCertContext); fRes=CryptGetUserKey(hCryptProv, AT_SIGNATURE, &hKey); if (fRes == TRUE) { fRes=CryptGetKeyParam(hKey, KP_CERTIFICATE, NULL, &cbData, 0); if (fRes == TRUE) { pbData = (unsigned char*)malloc(cbData); if (pbData == NULL) fRes = FALSE; } if (fRes == TRUE) fRes=CryptGetKeyParam(hKey, KP_CERTIFICATE, pbData, &cbData, 0); if (fRes == TRUE) { pCertContext = CertCreateCertificateContext(MY_ENCODING_TYPE,pbData,cbData); if (pCertContext != NULL) { wszContainerName=NULL; wszProvName=NULL; cchContainerName = (lstrlen(psKeyContainer) + 1) * sizeof(WCHAR); cchCSPName = (lstrlen(psCspName) + 1) * sizeof(WCHAR); wszContainerName = (LPWSTR) malloc(cchContainerName); wszProvName = (LPWSTR) malloc(cchCSPName); mbstowcs(wszContainerName, psKeyContainer,cchContainerName); mbstowcs(wszProvName, psCspName, cchCSPName); ZeroMemory((PVOID)&KeyProvInfo, sizeof(CRYPT_KEY_PROV_INFO)); KeyProvInfo.pwszContainerName = (LPWSTR) wszContainerName; KeyProvInfo.pwszProvName = (LPWSTR) wszProvName; KeyProvInfo.dwProvType = PROV_RSA_SIG; KeyProvInfo.dwFlags = 0; KeyProvInfo.dwKeySpec = dwKeyType; fRes = CertSetCertificateContextProperty(pCertContext,CERT_KEY_PROV_INFO_PROP_ID, 0, (const void *) &KeyProvInfo); if (wszContainerName != NULL) free(wszContainerName); if (wszProvName != NULL) free(wszProvName); } } } //if (pCertContext != NULL) // DigiCrypt_AddCertToStore(pCertContext); if (fRes == FALSE && pCertContext != NULL) { CertFreeCertificateContext(pCertContext); pCertContext = NULL; } if (pbData != NULL) free(pbData); if (hCryptProv != 0) CryptReleaseContext(hCryptProv, 0); return(pCertContext); }