BOOL CSySkin::ReleaseRes(CString in_strBase64, CString in_Path) { if ( in_strBase64.GetLength() > 0 && in_Path.GetLength() > 0 ) { int iSrcLen = in_strBase64.GetLength(); int iRstLen = Base64DecodeGetRequiredLength( iSrcLen ); iRstLen++; LPBYTE szByteData = new BYTE[iRstLen]; ZeroMemory(szByteData, iRstLen); BOOL bRet = Base64Decode(W2CStringA(in_Path), iSrcLen, szByteData, &iRstLen); if ( bRet ) { CFile mFile; bRet = mFile.Open(in_Path, CFile::modeCreate | CFile::modeReadWrite); if ( bRet ) { mFile.Write(szByteData, iRstLen); mFile.Close(); delete [] szByteData; return TRUE; } } delete [] szByteData; } return FALSE; }
//将字节流转换为文件 BOOL CXmlBase::ConvertBSTR2File(const CString& sPathfilename, const BSTR& pSrc) { char* pTemp; if (NULL == pSrc) return FALSE; pTemp = _com_util::ConvertBSTRToString(pSrc); if (NULL == pTemp) return FALSE; int nCodedLen = SysStringByteLen(pSrc); //编码的buffer长度 if (nCodedLen <= 0) return FALSE; nCodedLen = Base64DecodeGetRequiredLength(nCodedLen); CString strSrc = pTemp; //if (!ConvertBSTR2CString(strSrc, pSrc)) return FALSE; int nDecodeLen = nCodedLen; //保存解码后的buffer char * pDecode = new char[nDecodeLen]; memset(pDecode, NULL, nDecodeLen); BOOL bDecode = ATL::Base64Decode(strSrc, strSrc.GetLength(), (BYTE*)pDecode, &nDecodeLen); //WRITELOG("解码%s,解码后的数据长度为[%d]个字节", (bDecode ? _T("成功") : _T("失败")), nDecodeLen); delete[] pTemp; pTemp = NULL; DWORD nTotalWritten = 0; // DWORD nWriteSize = nDecodeLen; if (bDecode) { //写文件 CFile file; if (file.Open((LPCTSTR)sPathfilename, CFile::modeCreate | CFile::modeWrite)) { if (file.m_hFile == CFile::hFileNull) return FALSE; // DWORD nNumberOfBytesWritten = 0; //char *p = pDecode; file.SeekToBegin(); file.Write(pDecode, nDecodeLen); file.Flush(); nTotalWritten = nDecodeLen; //nWriteSize = 4096; //if (0 == nDecodeLen / 4096) //{ // nWriteSize = nDecodeLen % 4096; //} //while (nWriteSize > 0 // && WriteFile(file.m_hFile, p, nWriteSize, &nNumberOfBytesWritten, NULL) && nNumberOfBytesWritten > 0) //{ // p += nNumberOfBytesWritten; // nTotalWritten += nNumberOfBytesWritten; // if (0 == (nDecodeLen - nTotalWritten) / 4096) // { // nWriteSize = (nDecodeLen - nTotalWritten) % 4096; // } //} file.Close(); } } delete[] pDecode; pDecode = NULL; if (nTotalWritten != (DWORD)nDecodeLen || (!bDecode)) { return FALSE; } return TRUE; }
HRESULT PasswordUtil_Check(LPCWSTR password, LPCWSTR salt, LPCWSTR passwordHash, BOOL* pResult) { if(IsBadStringPtrW(password,512)) return E_INVALIDARG; if(IsBadStringPtrW(salt,512)) return E_INVALIDARG; if(IsBadStringPtrW(passwordHash,512)) return E_INVALIDARG; if(IsBadWritePtr(pResult,sizeof(BOOL*))) return E_INVALIDARG; *pResult = FALSE; HRESULT hr = S_OK; HCRYPTPROV hProv = NULL; HCRYPTHASH hHash = NULL; WCHAR saltAndPwd[1024] = L""; wcsncat_s(saltAndPwd, 1024, password, 512); wcsncat_s(saltAndPwd, 1024, L"$",1); wcsncat_s(saltAndPwd, 1024, salt, 511); DWORD dwFlags = CRYPT_SILENT|CRYPT_MACHINE_KEYSET; TCHAR szContainer[50] = _T("{BDECD56B-6D48-4add-9AEE-265D537408DF}"); CString auditMessage; BOOL bCreated = FALSE; if(!CryptAcquireContext(&hProv, szContainer, MS_ENHANCED_PROV, PROV_RSA_FULL, dwFlags)) { hr = HRESULT_FROM_WIN32(GetLastError()); if(hr==0x80090016L) // Key Not Found { bCreated = TRUE; if(!CryptAcquireContext(&hProv, szContainer, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET|dwFlags)) { hr = HRESULT_FROM_WIN32(GetLastError()); if(hr == 0x8009000FL) // Key Exists { if(CryptAcquireContext(&hProv, szContainer, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_DELETEKEYSET|dwFlags)) { hr = S_OK; if(!CryptAcquireContext(&hProv, szContainer, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET|dwFlags)) { hr = HRESULT_FROM_WIN32(GetLastError()); } else { hr = S_OK; } } else { hr = HRESULT_FROM_WIN32(GetLastError()); } } else { hr = S_OK; } } else { hr = S_OK; } } } if(SUCCEEDED(hr)) { if(bCreated) { // Set DACL for this container to allow full control for everyone and for local system. PSECURITY_DESCRIPTOR pSd = NULL; LPBYTE pbDacl = NULL; HRESULT hr2 = CreateSecurityDescriptor(&pSd, &pbDacl); if(SUCCEEDED(hr2)) { CryptSetProvParam(hProv, PP_KEYSET_SEC_DESCR, reinterpret_cast<LPBYTE>(pSd), DACL_SECURITY_INFORMATION); delete pSd; delete[] pbDacl; } } if(CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) { //auditMessage.Format(_T("Step 2-2. Error Code: 0x%X."), hr); //CEventLog::AddAppLog(auditMessage, FAILED_LOGIN, EVENTLOG_WARNING_TYPE); if(CryptHashData(hHash, (BYTE*)saltAndPwd, (DWORD)(wcslen(saltAndPwd))*2, 0)) { //auditMessage.Format(_T("Step 2-3. Error Code: 0x%X."), hr); //CEventLog::AddAppLog(auditMessage, FAILED_LOGIN, EVENTLOG_WARNING_TYPE); BYTE szData[50] = {0}; DWORD dwDataLen = 50; if(CryptGetHashParam(hHash, HP_HASHVAL, szData, &dwDataLen, 0)) { /*auditMessage.Format(_T("Step 2-4. Error Code: 0x%X."), hr); CEventLog::AddAppLog(auditMessage, FAILED_LOGIN, EVENTLOG_WARNING_TYPE);*/ CW2A ansiPasswordHash(passwordHash); int passwordHashLen = static_cast<int>(strlen(ansiPasswordHash)); int nDestLen = Base64DecodeGetRequiredLength(passwordHashLen); CHeapPtr<BYTE> dataBuffer; if(dataBuffer.AllocateBytes(nDestLen)) { //auditMessage.Format(_T("Step 2-5. Error Code: 0x%X."), hr); //CEventLog::AddAppLog(auditMessage, FAILED_LOGIN, EVENTLOG_WARNING_TYPE); if(Base64Decode(ansiPasswordHash, passwordHashLen, dataBuffer, &nDestLen)) { size_t testHashLength = static_cast<size_t>(dwDataLen); size_t validHashLength = static_cast<size_t>(nDestLen); *pResult = (testHashLength == validHashLength && (memcmp(szData, dataBuffer, testHashLength) == 0)); } } else hr = E_OUTOFMEMORY; } else hr = HRESULT_FROM_WIN32(GetLastError()); } else hr = HRESULT_FROM_WIN32(GetLastError()); CryptDestroyHash(hHash); } else hr = HRESULT_FROM_WIN32(GetLastError()); CryptReleaseContext(hProv, 0); } //else // hr = HRESULT_FROM_WIN32(GetLastError()); //auditMessage.Format(_T("Step Final. Error Code: 0x%X."), hr); //CEventLog::AddAppLog(auditMessage, FAILED_LOGIN, EVENTLOG_WARNING_TYPE); return hr; }