BOOL CRequestInstance::_TemplateNamesMatch( IN WCHAR const *pwszTemplateName1, IN WCHAR const *pwszTemplateName2, OUT BOOL *pfTemplateMissing) { HRESULT hr1; HRESULT hr2; BOOL fMatch = TRUE; *pfTemplateMissing = FALSE; if (0 == celstrcmpiL(pwszTemplateName1, pwszTemplateName2)) { goto done; // identical names } { hr1 = ceVerifyObjId(pwszTemplateName1); hr2 = ceVerifyObjId(pwszTemplateName2); if ((S_OK == hr1) ^ (S_OK == hr2)) { goto done; } } fMatch = FALSE; done: return(fMatch); }
STDMETHODIMP CCertEncodeAltName::SetNameEntry( /* [in] */ LONG NameIndex, // NameIndex | EAN_* /* [in] */ LONG NameChoice, /* [in] */ BSTR const strName) { HRESULT hr; CERT_ALT_NAME_ENTRY *pName; DATA_BLOB *pBlob = NULL; CCertEncodeAltName::enumNameType enumT; if (NULL == strName) { hr = E_POINTER; ceERRORPRINTLINE("NULL parm", hr); goto error; } if (!m_fConstructing) { hr = E_INVALIDARG; ceERRORPRINTLINE("bad parameter", hr); goto error; } hr = _MapName(TRUE, NameIndex, &pName); if (S_OK != hr) { ceERRORPRINTLINE("_MapName", hr); goto error; } enumT = enumUnknown; if (CERT_ALT_NAME_OTHER_NAME == pName->dwAltNameChoice && 0 == (EAN_NAMEOBJECTID & NameIndex)) { enumT = enumOther; } if (_NameType(pName->dwAltNameChoice) != enumT) { hr = E_INVALIDARG; ceERRORPRINTLINE("bad parameter", hr); goto error; } if (CERT_ALT_NAME_OTHER_NAME != pName->dwAltNameChoice || 0 == (EAN_NAMEOBJECTID & NameIndex)) { hr = ceVerifyAltNameString(NameChoice, strName); if (S_OK != hr) { ceERRORPRINTLINE("ceVerifyAltNameString", hr); goto error; } } switch (_NameType(NameChoice)) { case enumUnicode: pName->pwszURL = ceDuplicateString(strName); if (NULL == pName->pwszURL) { hr = E_OUTOFMEMORY; ceERRORPRINTLINE("ceDuplicateString", hr); goto error; } break; case enumAnsi: if (CERT_ALT_NAME_REGISTERED_ID == NameChoice) { hr = ceVerifyObjId(strName); if (S_OK != hr) { ceERRORPRINTLINE("ceVerifyObjId", hr); goto error; } } if (!ceConvertWszToSz(&pName->pszRegisteredID, strName, -1)) { hr = E_OUTOFMEMORY; ceERRORPRINTLINE("ceConvertWszToSz", hr); goto error; } break; case enumBlob: pBlob = &pName->DirectoryName; break; case enumOther: if (NULL == pName->pOtherName) { pName->pOtherName = (CERT_OTHER_NAME *) LocalAlloc( LMEM_FIXED | LMEM_ZEROINIT, sizeof(*pName->pOtherName)); if (NULL == pName->pOtherName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } } else if (CERT_ALT_NAME_OTHER_NAME != pName->dwAltNameChoice) { hr = E_INVALIDARG; _JumpError(hr, error, "NameChoice conflict"); } if (EAN_NAMEOBJECTID & NameIndex) { if (NULL != pName->pOtherName->pszObjId) { hr = E_INVALIDARG; _JumpError(hr, error, "pszObjId already set"); } hr = ceVerifyObjId(strName); if (S_OK != hr) { ceERRORPRINTLINE("ceVerifyObjId", hr); goto error; } if (!ceConvertWszToSz(&pName->pOtherName->pszObjId, strName, -1)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "ceConvertWszToSz"); } } else { pBlob = &pName->pOtherName->Value; } break; default: hr = E_INVALIDARG; ceERRORPRINTLINE("bad NameChoice parameter", hr); goto error; break; } if (NULL != pBlob) { if (NULL != pBlob->pbData) { hr = E_INVALIDARG; _JumpError(hr, error, "pbData already set"); } pBlob->cbData = SysStringByteLen(strName); pBlob->pbData = (BYTE *) LocalAlloc(LMEM_FIXED, pBlob->cbData); if (NULL == pBlob->pbData) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } CopyMemory(pBlob->pbData, strName, pBlob->cbData); } pName->dwAltNameChoice = NameChoice; error: return(_SetErrorInfo(hr, L"CCertEncodeAltName::SetNameEntry")); }
HRESULT CRequestInstance::Initialize( IN CCertPolicySample *pPolicy, IN ICertServerPolicy *pServer, OUT BOOL *pfEnableEnrolleeExtensions) { HRESULT hr; HRESULT hrTemplate = S_OK; CERT_TEMPLATE_EXT *pTemplate = NULL; CERT_NAME_VALUE *pName = NULL; BSTR strTemplateObjId = NULL; // from V2 template extension BSTR strTemplateName = NULL; // from V1 template extension BSTR strTemplateRA = NULL; // from request attributes WCHAR const *pwszTemplateName; WCHAR const *pwszTemplateObjId; WCHAR const *pwszV1TemplateClass; VARIANT varValue; DWORD cbType; DWORD i; BOOL fConflict; BOOL f; BOOL fTemplateMissing; BOOL fRAObjId = FALSE; VariantInit(&varValue); *pfEnableEnrolleeExtensions = TRUE ; m_pPolicy = pPolicy; m_fCA = FALSE; // Retrieve the template ObjId from the V2 cert template info extension m_dwTemplateMajorVersion = 0; m_dwTemplateMinorVersion = 0; hr = polGetCertificateExtension( pServer, TEXT(szOID_CERTIFICATE_TEMPLATE), PROPTYPE_BINARY, &varValue); _PrintIfErrorStr2( hr, "Policy:polGetCertificateExtension", TEXT(szOID_CERTIFICATE_TEMPLATE), CERTSRV_E_PROPERTY_EMPTY); if (S_OK == hr) { // There was a cert type indicator. // varValue points to an encoded string if (VT_BSTR != varValue.vt) { hr = E_INVALIDARG; _JumpError(hr, error, "Policy:varValue.vt"); } if (!ceDecodeObject( X509_ASN_ENCODING, X509_CERTIFICATE_TEMPLATE, (BYTE *) varValue.bstrVal, SysStringByteLen(varValue.bstrVal), FALSE, (VOID **) &pTemplate, &cbType)) { hr = ceHLastError(); _JumpError(hr, error, "Policy:ceDecodeObject"); } if (!ceConvertSzToBstr(&strTemplateObjId, pTemplate->pszObjId, -1)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Policy:ceConvertSzToBstr"); } m_dwTemplateMajorVersion = pTemplate->dwMajorVersion; m_dwTemplateMinorVersion = pTemplate->dwMinorVersion; DBGPRINT(( fDebug, pTemplate->fMinorVersion? "Extension Template Info: %ws V%u.%u\n" : "Extension Template Info: %ws V%u%\n", strTemplateObjId, m_dwTemplateMajorVersion, m_dwTemplateMinorVersion)); } VariantClear(&varValue); // Retrieve template Name from the V1 cert template name extension hr = polGetCertificateExtension( pServer, TEXT(szOID_ENROLL_CERTTYPE_EXTENSION), PROPTYPE_BINARY, &varValue); _PrintIfErrorStr2( hr, "Policy:polGetCertificateExtension", TEXT(szOID_ENROLL_CERTTYPE_EXTENSION), CERTSRV_E_PROPERTY_EMPTY); if (S_OK == hr) { // There was a cert type indicator. // varValue points to an encoded string if (VT_BSTR != varValue.vt) { hr = E_INVALIDARG; _JumpError(hr, error, "Policy:varValue.vt"); } if (!ceDecodeObject( X509_ASN_ENCODING, X509_UNICODE_ANY_STRING, (BYTE *) varValue.bstrVal, SysStringByteLen(varValue.bstrVal), FALSE, (VOID **) &pName, &cbType)) { hr = ceHLastError(); _JumpError(hr, error, "Policy:ceDecodeObject"); } strTemplateName = SysAllocString((WCHAR *) pName->Value.pbData); if (IsNullBStr(strTemplateName)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Policy:SysAllocString"); } DBGPRINT((fDebug, "Extension Template: %ws\n", strTemplateName)); } fConflict = FALSE; fTemplateMissing = FALSE; // Retrieve the template from the request attributes hr = polGetRequestAttribute(pServer, wszPROPCERTTEMPLATE, &strTemplateRA); if (S_OK != hr) { _PrintErrorStr2( hr, "Policy:polGetRequestAttribute", wszPROPCERTTEMPLATE, CERTSRV_E_PROPERTY_EMPTY); hr = S_OK; } else { DBGPRINT((fDebug, "Attribute Template: %ws\n", strTemplateRA)); if (!IsNullBStr(strTemplateObjId) && !_TemplateNamesMatch(strTemplateObjId, strTemplateRA, &f)) { fConflict = TRUE; if (f) { fTemplateMissing = TRUE; } } if (!IsNullBStr(strTemplateName) && !_TemplateNamesMatch(strTemplateName, strTemplateRA, &f)) { fConflict = TRUE; if (f) { fTemplateMissing = TRUE; } } hr = ceVerifyObjId(strTemplateRA); fRAObjId = S_OK == hr; } if (!IsNullBStr(strTemplateObjId) && !IsNullBStr(strTemplateName) && !_TemplateNamesMatch(strTemplateObjId, strTemplateName, &f)) { fConflict = TRUE; if (f) { fTemplateMissing = TRUE; } } pwszTemplateName = strTemplateName; pwszTemplateObjId = strTemplateObjId; if (fRAObjId) { if (NULL == pwszTemplateObjId) { pwszTemplateObjId = strTemplateRA; } } else { if (NULL == pwszTemplateName) { pwszTemplateName = strTemplateRA; } } if (fConflict) { hrTemplate = CERTSRV_E_TEMPLATE_CONFLICT; if (!IsNullBStr(strTemplateObjId)) { _PrintErrorStr( hrTemplate, "Policy:Extension Template ObjId", strTemplateObjId); } if (!IsNullBStr(strTemplateName)) { _PrintErrorStr( hrTemplate, "Policy:Extension Template Name", strTemplateName); } if (!IsNullBStr(strTemplateRA)) { _PrintErrorStr( hrTemplate, "Policy:Attribute Template", strTemplateRA); } } { if (NULL != pwszTemplateName) { for (i = 0; i < ARRAYSIZE(s_apwszCATypes); i++) { if (0 == celstrcmpiL(s_apwszCATypes[i], pwszTemplateName)) { m_fCA = TRUE; break; } } } } hr = SetTemplateName(pServer, pwszTemplateName, pwszTemplateObjId); _JumpIfError(hr, error, "Policy:SetTemplateName"); pwszV1TemplateClass = pwszTemplateName; hr = pPolicy->AddV1TemplateNameExtension(pServer, pwszV1TemplateClass); _JumpIfError(hr, error, "AddTemplateNameExtension"); error: if (S_OK != hrTemplate) { hr = hrTemplate; // override secondary errors } VariantClear(&varValue); if (NULL != pName) { LocalFree(pName); } if (NULL != pTemplate) { LocalFree(pTemplate); } SysFreeString(strTemplateObjId); SysFreeString(strTemplateName); SysFreeString(strTemplateRA); return(hr); }