HRESULT ceDateToFileTime( IN DATE const *pDate, OUT FILETIME *pft) { SYSTEMTIME st; HRESULT hr = S_OK; if (*pDate == 0.0) { GetSystemTime(&st); } else { if (!VariantTimeToSystemTime(*pDate, &st)) { hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA); _JumpError(hr, error, "VariantTimeToSystemTime"); } } if (!SystemTimeToFileTime(&st, pft)) { hr = ceHLastError(); _JumpError(hr, error, "SystemTimeToFileTime"); } error: return(hr); }
HRESULT CRequestInstance::SetTemplateName( IN ICertServerPolicy *pServer, IN OPTIONAL WCHAR const *pwszTemplateName, IN OPTIONAL WCHAR const *pwszTemplateObjId) { HRESULT hr; BSTR strProp = NULL; BSTR strTemplateName = NULL; if (NULL != pwszTemplateName) { m_strTemplateName = SysAllocString(pwszTemplateName); if (IsNullBStr(m_strTemplateName)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Policy:SysAllocString"); } strTemplateName = m_strTemplateName; } if (NULL != pwszTemplateObjId) { m_strTemplateObjId = SysAllocString(pwszTemplateObjId); if (IsNullBStr(m_strTemplateObjId)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Policy:SysAllocString"); } strTemplateName = m_strTemplateObjId; } if (!IsNullBStr(strTemplateName)) { VARIANT var; strProp = SysAllocString(wszPROPCERTIFICATETEMPLATE); if (IsNullBStr(strProp)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Policy:SysAllocString"); } var.vt = VT_BSTR; var.bstrVal = strTemplateName; hr = pServer->SetCertificateProperty(strProp, PROPTYPE_STRING, &var); _JumpIfError(hr, error, "Policy:SetCertificateProperty"); } hr = S_OK; error: SysFreeString(strProp); return(hr); }
HRESULT ceGetMachineDnsName( OUT WCHAR **ppwszDnsName) { HRESULT hr; WCHAR *pwszDnsName = NULL; DWORD cwc; COMPUTER_NAME_FORMAT NameType = ComputerNameDnsFullyQualified; *ppwszDnsName = NULL; while (TRUE) { cwc = 0; if (!GetComputerNameEx(NameType, NULL, &cwc)) { hr = ceHLastError(); if (HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND) == hr && ComputerNameDnsFullyQualified == NameType) { _PrintError(hr, "GetComputerNameEx(DnsFullyQualified) -- switching to NetBIOS"); NameType = ComputerNameNetBIOS; continue; } if (HRESULT_FROM_WIN32(ERROR_MORE_DATA) != hr) { _JumpError(hr, error, "GetComputerNameEx"); } break; } } pwszDnsName = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwszDnsName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } if (!GetComputerNameEx(NameType, pwszDnsName, &cwc)) { hr = ceHLastError(); _JumpError(hr, error, "GetComputerNameEx"); } *ppwszDnsName = pwszDnsName; pwszDnsName = NULL; hr = S_OK; error: if (NULL != pwszDnsName) { LocalFree(pwszDnsName); } return(hr); }
HRESULT _IsConfigLocal( IN WCHAR const *pwszConfig, IN WCHAR const *pwszDnsName, IN WCHAR const *pwszOldName, OPTIONAL OUT WCHAR **ppwszMachine, OUT BOOL *pfLocal) { HRESULT hr; WCHAR *pwszMachine = NULL; WCHAR const *pwsz; DWORD cwc; *pfLocal = FALSE; if (NULL != ppwszMachine) { *ppwszMachine = NULL; } while (L'\\' == *pwszConfig) { pwszConfig++; } pwsz = wcschr(pwszConfig, L'\\'); if (NULL != pwsz) { cwc = SAFE_SUBTRACT_POINTERS(pwsz, pwszConfig); } else { cwc = wcslen(pwszConfig); } pwszMachine = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR)); if (NULL == pwszMachine) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } CopyMemory(pwszMachine, pwszConfig, cwc * sizeof(WCHAR)); pwszMachine[cwc] = L'\0'; if (0 == celstrcmpiL(pwszMachine, pwszDnsName) || 0 == celstrcmpiL(pwszMachine, pwszOldName)) { *pfLocal = TRUE; } if (NULL != ppwszMachine) { *ppwszMachine = pwszMachine; pwszMachine = NULL; } hr = S_OK; error: if (NULL != pwszMachine) { LocalFree(pwszMachine); } return(hr); }
HRESULT CCertExitSample::_NotifyNewCert( /* [in] */ LONG Context) { HRESULT hr; VARIANT varCert; ICertServerExit *pServer = NULL; VariantInit(&varCert); // only call write fxns if server policy allows if (m_dwExitPublishFlags & EXITPUB_FILE) { hr = CoCreateInstance( CLSID_CCertServerExit, NULL, // pUnkOuter CLSCTX_INPROC_SERVER, IID_ICertServerExit, (VOID **) &pServer); _JumpIfError(hr, error, "Exit:CoCreateInstance"); hr = pServer->SetContext(Context); _JumpIfError(hr, error, "Exit:SetContext"); hr = exitGetProperty( pServer, FALSE, // fRequest, wszPROPRAWCERTIFICATE, PROPTYPE_BINARY, &varCert); _JumpIfErrorStr( hr, error, "Exit:exitGetProperty", wszPROPRAWCERTIFICATE); if (VT_BSTR != varCert.vt) { hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA); _JumpError(hr, error, "Exit:BAD cert var type"); } hr = _WriteCertToFile( pServer, (BYTE const *) varCert.bstrVal, SysStringByteLen(varCert.bstrVal)); _JumpIfError(hr, error, "_WriteCertToFile"); } hr = S_OK; error: VariantClear(&varCert); if (NULL != pServer) { pServer->Release(); } return(hr); }
HRESULT exitGetRequestAttribute( IN ICertServerExit *pServer, IN WCHAR const *pwszAttributeName, OUT BSTR *pstrOut) { HRESULT hr; BSTR strName = NULL; *pstrOut = NULL; strName = SysAllocString(pwszAttributeName); if (NULL == strName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Exit:SysAllocString"); } hr = pServer->GetRequestAttribute(strName, pstrOut); _JumpIfErrorStr2( hr, error, "Exit:GetRequestAttribute", pwszAttributeName, CERTSRV_E_PROPERTY_EMPTY); error: if (NULL != strName) { SysFreeString(strName); } return(hr); }
HRESULT ceFileTimeToDate( IN FILETIME const *pft, OUT DATE *pDate) { SYSTEMTIME st; HRESULT hr = S_OK; if (!FileTimeToSystemTime(pft, &st)) { hr = ceHLastError(); _JumpError(hr, error, "FileTimeToSystemTime"); } if (!SystemTimeToVariantTime(&st, pDate)) { hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA); _JumpError(hr, error, "SystemTimeToVariantTime"); } error: return(hr); }
HRESULT ceGetComputerNames( OUT WCHAR **ppwszDnsName, OUT WCHAR **ppwszOldName) { HRESULT hr; DWORD cwc; WCHAR *pwszOldName = NULL; *ppwszOldName = NULL; *ppwszDnsName = NULL; cwc = MAX_COMPUTERNAME_LENGTH + 1; pwszOldName = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwszOldName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } if (!GetComputerName(pwszOldName, &cwc)) { hr = ceHLastError(); _JumpError(hr, error, "GetComputerName"); } hr = ceGetMachineDnsName(ppwszDnsName); _JumpIfError(hr, error, "ceGetMachineDnsName"); *ppwszOldName = pwszOldName; pwszOldName = NULL; error: if (NULL != pwszOldName) { LocalFree(pwszOldName); } return(hr); }
HRESULT GetServerCallbackInterface( OUT ICertServerExit** ppServer, IN LONG Context) { HRESULT hr; if (NULL == ppServer) { hr = E_POINTER; _JumpError(hr, error, "Exit:NULL pointer"); } hr = CoCreateInstance( CLSID_CCertServerExit, NULL, // pUnkOuter CLSCTX_INPROC_SERVER, IID_ICertServerExit, (VOID **) ppServer); _JumpIfError(hr, error, "Exit:CoCreateInstance"); if (*ppServer == NULL) { hr = E_UNEXPECTED; _JumpError(hr, error, "Exit:NULL *ppServer"); } // only set context if nonzero if (0 != Context) { hr = (*ppServer)->SetContext(Context); _JumpIfError(hr, error, "Exit: SetContext"); } error: return(hr); }
HRESULT exitGetProperty( IN ICertServerExit *pServer, IN BOOL fRequest, IN WCHAR const *pwszPropertyName, IN DWORD PropType, OUT VARIANT *pvarOut) { HRESULT hr; BSTR strName = NULL; VariantInit(pvarOut); strName = SysAllocString(pwszPropertyName); if (NULL == strName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Exit:SysAllocString"); } if (fRequest) { hr = pServer->GetRequestProperty(strName, PropType, pvarOut); _JumpIfErrorStr2( hr, error, "Exit:GetRequestProperty", pwszPropertyName, CERTSRV_E_PROPERTY_EMPTY); } else { hr = pServer->GetCertificateProperty(strName, PropType, pvarOut); _JumpIfErrorStr2( hr, error, "Exit:GetCertificateProperty", pwszPropertyName, CERTSRV_E_PROPERTY_EMPTY); } error: if (NULL != strName) { SysFreeString(strName); } return(hr); }
WCHAR const * ceGetOIDName( IN WCHAR const *pwszObjId) { char *pszObjId = NULL; WCHAR const *pwszName = L""; if (!ceConvertWszToSz(&pszObjId, pwszObjId, -1)) { _JumpError(E_OUTOFMEMORY, error, "ceConvertWszToSz"); } pwszName = ceGetOIDNameA(pszObjId); error: if (NULL != pszObjId) { LocalFree(pszObjId); } return(pwszName); }
STDMETHODIMP CCertExitSample::GetDescription( /* [retval][out] */ BSTR *pstrDescription) { HRESULT hr = S_OK; WCHAR sz[MAX_PATH]; assert(wcslen(wsz_SAMPLE_DESCRIPTION) < ARRAYSIZE(sz)); wcscpy(sz, wsz_SAMPLE_DESCRIPTION); *pstrDescription = SysAllocString(sz); if (NULL == *pstrDescription) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Exit:SysAllocString"); } error: return(hr); }
HRESULT ceDupString( IN WCHAR const *pwszIn, IN WCHAR **ppwszOut) { DWORD cb; HRESULT hr; cb = (DWORD)((wcslen(pwszIn) + 1) * sizeof(WCHAR)); *ppwszOut = (WCHAR *) LocalAlloc(LMEM_FIXED, cb); if (NULL == *ppwszOut) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } CopyMemory(*ppwszOut, pwszIn, cb); hr = S_OK; error: return(hr); }
HRESULT ceBuildPathAndExt( IN WCHAR const *pwszDir, IN WCHAR const *pwszFile, OPTIONAL IN WCHAR const *pwszExt, OUT WCHAR **ppwszPath) { HRESULT hr; WCHAR *pwsz; DWORD cwc; *ppwszPath = NULL; cwc = wcslen(pwszDir) + 1 + wcslen(pwszFile) + 1; if (NULL != pwszExt) { cwc += wcslen(pwszExt); } pwsz = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwsz) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } wcscpy(pwsz, pwszDir); if (L'\\' != pwsz[wcslen(pwsz) - 1]) { wcscat(pwsz, L"\\"); } wcscat(pwsz, pwszFile); if (NULL != pwszExt) { wcscat(pwsz, pwszExt); } *ppwszPath = pwsz; hr = S_OK; error: return(hr); }
HRESULT ceVerifyObjId( IN WCHAR const *pwszObjId) { HRESULT hr; CHAR *pszObjId = NULL; if (!ceConvertWszToSz(&pszObjId, pwszObjId, -1)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "ceConvertWszToSz"); } hr = ceVerifyObjIdA(pszObjId); _JumpIfErrorStr(hr, error, "ceVerifyObjIdA", pwszObjId); error: if (NULL != pszObjId) { LocalFree(pszObjId); } return(hr); }
HRESULT ceDispatchSetErrorInfo( IN HRESULT hrError, IN WCHAR const *pwszDescription, OPTIONAL IN WCHAR const *pwszProgId, OPTIONAL IN IID const *piid) { HRESULT hr; WCHAR const *pwszError = NULL; WCHAR *pwszText = NULL; if (NULL == pwszDescription) { hr = E_POINTER; _JumpError(hr, error, "NULL pointer"); } assert(FAILED(hrError)); pwszError = ceGetErrorMessageText(hrError, TRUE); if (NULL == pwszError) { _PrintError(E_OUTOFMEMORY, "myGetErrorMessageText"); } else { pwszText = (WCHAR *) LocalAlloc( LMEM_FIXED, (wcslen(pwszDescription) + 1 + wcslen(pwszError) + 1) * sizeof(WCHAR)); if (NULL == pwszText) { _PrintError(E_OUTOFMEMORY, "LocalAlloc"); } else { wcscpy(pwszText, pwszDescription); wcscat(pwszText, L" "); wcscat(pwszText, pwszError); } } hr = ceDispatchSetErrorInfoSub( hrError, NULL, // pwszIDispatchMethod NULL != pwszText? pwszText : const_cast<WCHAR *>(pwszDescription), pwszProgId, piid, NULL, // pwszHelpFile 0); // dwHelpFileContext _PrintIfError(hr, "ceDispatchSetErrorInfoSub"); error: if (NULL != pwszText) { LocalFree(pwszText); } if (NULL != pwszError) { LocalFree(const_cast<WCHAR *>(pwszError)); } return(hrError); // return input error! }
HRESULT ceVerifyObjIdA( IN CHAR const *pszObjId) { HRESULT hr; BYTE *pbEncoded = NULL; DWORD cbEncoded; CRYPT_ATTRIBUTE ainfo; CRYPT_ATTRIBUTE *painfo = NULL; DWORD cbainfo; char const *psz; int i; ainfo.pszObjId = const_cast<char *>(pszObjId); ainfo.cValue = 0; ainfo.rgValue = NULL; if (!ceEncodeObject( X509_ASN_ENCODING, PKCS_ATTRIBUTE, &ainfo, 0, FALSE, &pbEncoded, &cbEncoded)) { hr = ceHLastError(); _JumpError(hr, error, "ceEncodeObject"); } if (!ceDecodeObject( X509_ASN_ENCODING, PKCS_ATTRIBUTE, pbEncoded, cbEncoded, FALSE, (VOID **) &painfo, &cbainfo)) { hr = ceHLastError(); _JumpError(hr, error, "ceDecodeObject"); } hr = E_INVALIDARG; if (0 != strcmp(ainfo.pszObjId, painfo->pszObjId)) { _JumpError(hr, error, "bad ObjId: decode mismatch"); } for (psz = painfo->pszObjId; '\0' != *psz; psz++) { // must be a digit or a dot separator if (!isdigit(*psz)) { if ('.' != *psz) { _JumpError(hr, error, "bad ObjId: bad char"); } // can't have dot at start, double dots or dot at end if (psz == painfo->pszObjId || '.' == psz[1] || '\0' == psz[1]) { _JumpError(hr, error, "bad ObjId: dot location"); } } } psz = strchr(painfo->pszObjId, '.'); if (NULL == psz) { _JumpError(hr, error, "bad ObjId: must have at least one dot"); } i = atoi(painfo->pszObjId); switch (i) { case 0: case 1: i = atoi(++psz); if (0 > i || 39 < i) { _JumpError(hr, error, "bad ObjId: 0. or 1. must be followed by 0..39"); } break; case 2: break; default: _JumpError(hr, error, "bad ObjId: must start with 0, 1 or 2"); } hr = S_OK; error: if (NULL != pbEncoded) { LocalFree(pbEncoded); } if (NULL != painfo) { LocalFree(painfo); } return(hr); }
STDMETHODIMP CCertExitSample::Initialize( /* [in] */ BSTR const strConfig, /* [retval][out] */ LONG __RPC_FAR *pEventMask) { HRESULT hr = S_OK; DWORD cbbuf; DWORD dwType; ENUM_CATYPES CAType; ICertServerExit* pServer = NULL; VARIANT varValue; WCHAR sz[MAX_PATH]; VariantInit(&varValue); assert(wcslen(wsz_SAMPLE_DESCRIPTION) < ARRAYSIZE(sz)); wcsncpy(sz, wsz_SAMPLE_DESCRIPTION, ARRAYSIZE(sz)); sz[ARRAYSIZE(sz) - 1] = L'\0'; m_strDescription = SysAllocString(sz); if (NULL == m_strDescription) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Exit:SysAllocString"); } m_strCAName = SysAllocString(strConfig); if (NULL == m_strCAName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Exit:SysAllocString"); } *pEventMask = ceEXITEVENTS; DBGPRINT((fDebug, "Exit:Initialize(%ws) ==> %x\n", m_strCAName, *pEventMask)); // get server callbacks hr = GetServerCallbackInterface(&pServer, 0); _JumpIfError(hr, error, "Exit:GetServerCallbackInterface"); // get storage location hr = exitGetProperty( pServer, FALSE, // fRequest wszPROPMODULEREGLOC, PROPTYPE_STRING, &varValue); _JumpIfErrorStr(hr, error, "Exit:exitGetProperty", wszPROPMODULEREGLOC); m_pwszRegStorageLoc = (LPWSTR)LocalAlloc(LMEM_FIXED, (wcslen(varValue.bstrVal)+1) *sizeof(WCHAR)); if (NULL == m_pwszRegStorageLoc) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Exit:LocalAlloc"); } wcscpy(m_pwszRegStorageLoc, varValue.bstrVal); VariantClear(&varValue); // get CA type hr = exitGetProperty( pServer, FALSE, // fRequest wszPROPCATYPE, PROPTYPE_LONG, &varValue); _JumpIfErrorStr(hr, error, "Exit:exitGetProperty", wszPROPCATYPE); CAType = (ENUM_CATYPES) varValue.lVal; VariantClear(&varValue); hr = RegOpenKeyEx( HKEY_LOCAL_MACHINE, m_pwszRegStorageLoc, 0, // dwReserved KEY_ENUMERATE_SUB_KEYS | KEY_EXECUTE | KEY_QUERY_VALUE, &m_hExitKey); if (S_OK != hr) { if ((HRESULT) ERROR_FILE_NOT_FOUND == hr) { hr = S_OK; goto error; } _JumpError(hr, error, "Exit:RegOpenKeyEx"); } hr = exitGetProperty( pServer, FALSE, // fRequest wszPROPCERTCOUNT, PROPTYPE_LONG, &varValue); _JumpIfErrorStr(hr, error, "Exit:exitGetProperty", wszPROPCERTCOUNT); m_cCACert = varValue.lVal; cbbuf = sizeof(m_dwExitPublishFlags); hr = RegQueryValueEx( m_hExitKey, wszREGCERTPUBLISHFLAGS, NULL, // lpdwReserved &dwType, (BYTE *) &m_dwExitPublishFlags, &cbbuf); if (S_OK != hr) { m_dwExitPublishFlags = 0; } hr = S_OK; error: VariantClear(&varValue); if (NULL != pServer) { pServer->Release(); } return(ceHError(hr)); }
HRESULT CCertExitSample::_ExpandEnvironmentVariables( IN WCHAR const *pwszIn, OUT WCHAR *pwszOut, IN DWORD cwcOut) { HRESULT hr = HRESULT_FROM_WIN32(ERROR_BUFFER_OVERFLOW); WCHAR awcVar[MAX_PATH]; WCHAR const *pwszSrc; WCHAR *pwszDst; WCHAR *pwszDstEnd; WCHAR *pwszVar; DWORD cwc; pwszSrc = pwszIn; pwszDst = pwszOut; pwszDstEnd = &pwszOut[cwcOut]; while (L'\0' != (*pwszDst = *pwszSrc++)) { if ('%' == *pwszDst) { *pwszDst = L'\0'; pwszVar = awcVar; while (L'\0' != *pwszSrc) { if ('%' == *pwszSrc) { pwszSrc++; break; } *pwszVar++ = *pwszSrc++; if (pwszVar >= &awcVar[sizeof(awcVar)/sizeof(awcVar[0]) - 1]) { _JumpError(hr, error, "Exit:overflow 1"); } } *pwszVar = L'\0'; cwc = GetEnvironmentVariable(awcVar, pwszDst, SAFE_SUBTRACT_POINTERS(pwszDstEnd, pwszDst)); if (0 == cwc) { hr = ceHLastError(); _JumpError(hr, error, "Exit:GetEnvironmentVariable"); } if ((DWORD) (pwszDstEnd - pwszDst) <= cwc) { _JumpError(hr, error, "Exit:overflow 2"); } pwszDst += cwc; } else { pwszDst++; } if (pwszDst >= pwszDstEnd) { _JumpError(hr, error, "Exit:overflow 3"); } } hr = S_OK; error: return(hr); }
STDMETHODIMP CCertEncodeAltName::SetNameEntry( /* [in] */ LONG NameIndex, // NameIndex | EAN_* /* [in] */ LONG NameChoice, /* [in] */ BSTR const strName) { HRESULT hr; CERT_ALT_NAME_ENTRY *pName; DATA_BLOB *pBlob = NULL; CCertEncodeAltName::enumNameType enumT; if (NULL == strName) { hr = E_POINTER; ceERRORPRINTLINE("NULL parm", hr); goto error; } if (!m_fConstructing) { hr = E_INVALIDARG; ceERRORPRINTLINE("bad parameter", hr); goto error; } hr = _MapName(TRUE, NameIndex, &pName); if (S_OK != hr) { ceERRORPRINTLINE("_MapName", hr); goto error; } enumT = enumUnknown; if (CERT_ALT_NAME_OTHER_NAME == pName->dwAltNameChoice && 0 == (EAN_NAMEOBJECTID & NameIndex)) { enumT = enumOther; } if (_NameType(pName->dwAltNameChoice) != enumT) { hr = E_INVALIDARG; ceERRORPRINTLINE("bad parameter", hr); goto error; } if (CERT_ALT_NAME_OTHER_NAME != pName->dwAltNameChoice || 0 == (EAN_NAMEOBJECTID & NameIndex)) { hr = ceVerifyAltNameString(NameChoice, strName); if (S_OK != hr) { ceERRORPRINTLINE("ceVerifyAltNameString", hr); goto error; } } switch (_NameType(NameChoice)) { case enumUnicode: pName->pwszURL = ceDuplicateString(strName); if (NULL == pName->pwszURL) { hr = E_OUTOFMEMORY; ceERRORPRINTLINE("ceDuplicateString", hr); goto error; } break; case enumAnsi: if (CERT_ALT_NAME_REGISTERED_ID == NameChoice) { hr = ceVerifyObjId(strName); if (S_OK != hr) { ceERRORPRINTLINE("ceVerifyObjId", hr); goto error; } } if (!ceConvertWszToSz(&pName->pszRegisteredID, strName, -1)) { hr = E_OUTOFMEMORY; ceERRORPRINTLINE("ceConvertWszToSz", hr); goto error; } break; case enumBlob: pBlob = &pName->DirectoryName; break; case enumOther: if (NULL == pName->pOtherName) { pName->pOtherName = (CERT_OTHER_NAME *) LocalAlloc( LMEM_FIXED | LMEM_ZEROINIT, sizeof(*pName->pOtherName)); if (NULL == pName->pOtherName) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } } else if (CERT_ALT_NAME_OTHER_NAME != pName->dwAltNameChoice) { hr = E_INVALIDARG; _JumpError(hr, error, "NameChoice conflict"); } if (EAN_NAMEOBJECTID & NameIndex) { if (NULL != pName->pOtherName->pszObjId) { hr = E_INVALIDARG; _JumpError(hr, error, "pszObjId already set"); } hr = ceVerifyObjId(strName); if (S_OK != hr) { ceERRORPRINTLINE("ceVerifyObjId", hr); goto error; } if (!ceConvertWszToSz(&pName->pOtherName->pszObjId, strName, -1)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "ceConvertWszToSz"); } } else { pBlob = &pName->pOtherName->Value; } break; default: hr = E_INVALIDARG; ceERRORPRINTLINE("bad NameChoice parameter", hr); goto error; break; } if (NULL != pBlob) { if (NULL != pBlob->pbData) { hr = E_INVALIDARG; _JumpError(hr, error, "pbData already set"); } pBlob->cbData = SysStringByteLen(strName); pBlob->pbData = (BYTE *) LocalAlloc(LMEM_FIXED, pBlob->cbData); if (NULL == pBlob->pbData) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } CopyMemory(pBlob->pbData, strName, pBlob->cbData); } pName->dwAltNameChoice = NameChoice; error: return(_SetErrorInfo(hr, L"CCertEncodeAltName::SetNameEntry")); }
HRESULT ceInternetCanonicalizeUrl( IN WCHAR const *pwszIn, OUT WCHAR **ppwszOut) { HRESULT hr; WCHAR *pwsz = NULL; assert(NULL != pwszIn); // Calculate required buffer size by passing a very small buffer // The call will fail, and tell us how big the buffer should be. WCHAR wszPlaceHolder[1]; DWORD cwc = ARRAYSIZE(wszPlaceHolder); BOOL bResult; bResult = InternetCanonicalizeUrl( pwszIn, // lpszUrl wszPlaceHolder, // lpszBuffer &cwc, // lpdwBufferLength 0); // dwFlags assert(!bResult); // This will always fail hr = ceHLastError(); if (HRESULT_FROM_WIN32(ERROR_INSUFFICIENT_BUFFER) != hr) { // unexpected error _JumpError(hr, error, "InternetCanonicalizeUrl"); } // NOTE: InternetCanonicalizeUrl counts characters, not bytes as doc'd // cwc includes trailing L'0' pwsz = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR)); if (NULL == pwsz) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } // canonicalize if (!InternetCanonicalizeUrl( pwszIn, // lpszUrl pwsz, // lpszBuffer &cwc, // lpdwBufferLength 0)) // dwFlags { hr = ceHLastError(); _JumpError(hr, error, "InternetCanonicalizeUrl"); } *ppwszOut = pwsz; pwsz = NULL; hr = S_OK; error: if (NULL != pwsz) { LocalFree(pwsz); } return(hr); }
HRESULT ceFormatCertsrvStringArray( IN BOOL fURL, IN LPCWSTR pwszServerName_p1_2, IN LPCWSTR pwszSanitizedName_p3_7, IN DWORD iCert_p4, IN LPCWSTR pwszDomainDN_p5, IN LPCWSTR pwszConfigDN_p6, IN DWORD iCRL_p8, IN BOOL fDeltaCRL_p9, IN BOOL fDSAttrib_p10_11, IN DWORD cStrings, IN LPCWSTR *apwszStringsIn, OUT LPWSTR *apwszStringsOut) { HRESULT hr = S_OK; LPCWSTR apwszInsertionArray[100]; // 100 'cause this is the max number of insertion numbers allowed by FormatMessage LPWSTR pwszCurrent = NULL; BSTR strShortMachineName = NULL; DWORD i; WCHAR *pwszSanitizedDSName = NULL; WCHAR wszCertSuffix[cwcFILENAMESUFFIXMAX]; WCHAR wszCRLSuffix[cwcFILENAMESUFFIXMAX]; WCHAR wszDeltaCRLSuffix[cwcFILENAMESUFFIXMAX]; WCHAR const *pwszT; ZeroMemory(apwszStringsOut, cStrings * sizeof(apwszStringsOut[0])); ZeroMemory(apwszInsertionArray, sizeof(apwszInsertionArray)); // Format the template into a real name // Initialize the insertion string array. // Machine DNS name (%1) assert(L'1' == wszFCSAPARM_SERVERDNSNAME[1]); apwszInsertionArray[1 - 1] = pwszServerName_p1_2; // Short Machine Name (%2) assert(L'2' == wszFCSAPARM_SERVERSHORTNAME[1]); strShortMachineName = SysAllocString(pwszServerName_p1_2); if (strShortMachineName == NULL) { hr = E_OUTOFMEMORY; _JumpIfError(hr, error, "SysAllocString"); } pwszCurrent = wcschr(strShortMachineName, L'.'); if(pwszCurrent) { *pwszCurrent = 0; } apwszInsertionArray[2 - 1] = strShortMachineName; // sanitized name (%3) assert(L'3' == wszFCSAPARM_SANITIZEDCANAME[1]); apwszInsertionArray[3 - 1] = pwszSanitizedName_p3_7; // Cert filename suffix (%4) assert(L'4' == wszFCSAPARM_CERTFILENAMESUFFIX[1]); wszCertSuffix[0] = L'\0'; if (0 != iCert_p4) { wsprintf(wszCertSuffix, L"(%u)", iCert_p4); } apwszInsertionArray[4 - 1] = wszCertSuffix; assert(L'5' == wszFCSAPARM_DOMAINDN[1]); apwszInsertionArray[5 - 1] = pwszDomainDN_p5; assert(L'6' == wszFCSAPARM_CONFIGDN[1]); apwszInsertionArray[6 - 1] = pwszConfigDN_p6; // Don't pass pwszSanitizedName_p3_7 to SysAllocStringLen with the extended // length to avoid faulting past end of pwszSanitizedName_p3_7. assert(L'7' == wszFCSAPARM_SANITIZEDCANAMEHASH[1]); hr = ceSanitizedNameToDSName(pwszSanitizedName_p3_7, &pwszSanitizedDSName); _JumpIfError(hr, error, "ceSanitizedNameToDSName"); apwszInsertionArray[7 - 1] = pwszSanitizedDSName; // CRL filename suffix (%8) assert(L'8' == wszFCSAPARM_CRLFILENAMESUFFIX[1]); wszCRLSuffix[0] = L'\0'; if (0 != iCRL_p8) { wsprintf(wszCRLSuffix, L"(%u)", iCRL_p8); } apwszInsertionArray[8 - 1] = wszCRLSuffix; assert(L'9' == wszFCSAPARM_CRLDELTAFILENAMESUFFIX[1]); wszDeltaCRLSuffix[0] = L'\0'; if (fDeltaCRL_p9) { wcscpy(wszDeltaCRLSuffix, L"+"); } apwszInsertionArray[9 - 1] = wszDeltaCRLSuffix; assert(L'1' == wszFCSAPARM_DSCRLATTRIBUTE[1]); assert(L'0' == wszFCSAPARM_DSCRLATTRIBUTE[2]); pwszT = L""; if (fDSAttrib_p10_11) { pwszT = fDeltaCRL_p9? wszDSSEARCHDELTACRLATTRIBUTE : wszDSSEARCHBASECRLATTRIBUTE; } apwszInsertionArray[10 - 1] = pwszT; assert(L'1' == wszFCSAPARM_DSCACERTATTRIBUTE[1]); assert(L'1' == wszFCSAPARM_DSCACERTATTRIBUTE[2]); pwszT = L""; if (fDSAttrib_p10_11) { pwszT = wszDSSEARCHCACERTATTRIBUTE; } apwszInsertionArray[11 - 1] = pwszT; for (i = 0; i < cStrings; i++) { if (0 == FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_STRING | FORMAT_MESSAGE_ARGUMENT_ARRAY, (VOID *) apwszStringsIn[i], 0, // dwMessageID 0, // dwLanguageID (LPWSTR) &apwszStringsOut[i], (DWORD)wcslen(apwszStringsIn[i]), (va_list *) apwszInsertionArray)) { hr = ceHLastError(); _JumpError(hr, error, "FormatMessage"); } if (fURL) { WCHAR *pwsz; hr = ceInternetCanonicalizeUrl(apwszStringsOut[i], &pwsz); _JumpIfError(hr, error, "ceInternetCanonicalizeUrl"); LocalFree(apwszStringsOut[i]); apwszStringsOut[i] = pwsz; } } error: if (S_OK != hr) { for (i = 0; i < cStrings; i++) { if (NULL != apwszStringsOut[i]) { LocalFree(apwszStringsOut[i]); apwszStringsOut[i] = NULL; } } } if(strShortMachineName) { SysFreeString(strShortMachineName); } if (NULL != pwszSanitizedDSName) { LocalFree(pwszSanitizedDSName); } return (hr); }
HRESULT CRequestInstance::Initialize( IN CCertPolicySample *pPolicy, IN ICertServerPolicy *pServer, OUT BOOL *pfEnableEnrolleeExtensions) { HRESULT hr; HRESULT hrTemplate = S_OK; CERT_TEMPLATE_EXT *pTemplate = NULL; CERT_NAME_VALUE *pName = NULL; BSTR strTemplateObjId = NULL; // from V2 template extension BSTR strTemplateName = NULL; // from V1 template extension BSTR strTemplateRA = NULL; // from request attributes WCHAR const *pwszTemplateName; WCHAR const *pwszTemplateObjId; WCHAR const *pwszV1TemplateClass; VARIANT varValue; DWORD cbType; DWORD i; BOOL fConflict; BOOL f; BOOL fTemplateMissing; BOOL fRAObjId = FALSE; VariantInit(&varValue); *pfEnableEnrolleeExtensions = TRUE ; m_pPolicy = pPolicy; m_fCA = FALSE; // Retrieve the template ObjId from the V2 cert template info extension m_dwTemplateMajorVersion = 0; m_dwTemplateMinorVersion = 0; hr = polGetCertificateExtension( pServer, TEXT(szOID_CERTIFICATE_TEMPLATE), PROPTYPE_BINARY, &varValue); _PrintIfErrorStr2( hr, "Policy:polGetCertificateExtension", TEXT(szOID_CERTIFICATE_TEMPLATE), CERTSRV_E_PROPERTY_EMPTY); if (S_OK == hr) { // There was a cert type indicator. // varValue points to an encoded string if (VT_BSTR != varValue.vt) { hr = E_INVALIDARG; _JumpError(hr, error, "Policy:varValue.vt"); } if (!ceDecodeObject( X509_ASN_ENCODING, X509_CERTIFICATE_TEMPLATE, (BYTE *) varValue.bstrVal, SysStringByteLen(varValue.bstrVal), FALSE, (VOID **) &pTemplate, &cbType)) { hr = ceHLastError(); _JumpError(hr, error, "Policy:ceDecodeObject"); } if (!ceConvertSzToBstr(&strTemplateObjId, pTemplate->pszObjId, -1)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Policy:ceConvertSzToBstr"); } m_dwTemplateMajorVersion = pTemplate->dwMajorVersion; m_dwTemplateMinorVersion = pTemplate->dwMinorVersion; DBGPRINT(( fDebug, pTemplate->fMinorVersion? "Extension Template Info: %ws V%u.%u\n" : "Extension Template Info: %ws V%u%\n", strTemplateObjId, m_dwTemplateMajorVersion, m_dwTemplateMinorVersion)); } VariantClear(&varValue); // Retrieve template Name from the V1 cert template name extension hr = polGetCertificateExtension( pServer, TEXT(szOID_ENROLL_CERTTYPE_EXTENSION), PROPTYPE_BINARY, &varValue); _PrintIfErrorStr2( hr, "Policy:polGetCertificateExtension", TEXT(szOID_ENROLL_CERTTYPE_EXTENSION), CERTSRV_E_PROPERTY_EMPTY); if (S_OK == hr) { // There was a cert type indicator. // varValue points to an encoded string if (VT_BSTR != varValue.vt) { hr = E_INVALIDARG; _JumpError(hr, error, "Policy:varValue.vt"); } if (!ceDecodeObject( X509_ASN_ENCODING, X509_UNICODE_ANY_STRING, (BYTE *) varValue.bstrVal, SysStringByteLen(varValue.bstrVal), FALSE, (VOID **) &pName, &cbType)) { hr = ceHLastError(); _JumpError(hr, error, "Policy:ceDecodeObject"); } strTemplateName = SysAllocString((WCHAR *) pName->Value.pbData); if (IsNullBStr(strTemplateName)) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "Policy:SysAllocString"); } DBGPRINT((fDebug, "Extension Template: %ws\n", strTemplateName)); } fConflict = FALSE; fTemplateMissing = FALSE; // Retrieve the template from the request attributes hr = polGetRequestAttribute(pServer, wszPROPCERTTEMPLATE, &strTemplateRA); if (S_OK != hr) { _PrintErrorStr2( hr, "Policy:polGetRequestAttribute", wszPROPCERTTEMPLATE, CERTSRV_E_PROPERTY_EMPTY); hr = S_OK; } else { DBGPRINT((fDebug, "Attribute Template: %ws\n", strTemplateRA)); if (!IsNullBStr(strTemplateObjId) && !_TemplateNamesMatch(strTemplateObjId, strTemplateRA, &f)) { fConflict = TRUE; if (f) { fTemplateMissing = TRUE; } } if (!IsNullBStr(strTemplateName) && !_TemplateNamesMatch(strTemplateName, strTemplateRA, &f)) { fConflict = TRUE; if (f) { fTemplateMissing = TRUE; } } hr = ceVerifyObjId(strTemplateRA); fRAObjId = S_OK == hr; } if (!IsNullBStr(strTemplateObjId) && !IsNullBStr(strTemplateName) && !_TemplateNamesMatch(strTemplateObjId, strTemplateName, &f)) { fConflict = TRUE; if (f) { fTemplateMissing = TRUE; } } pwszTemplateName = strTemplateName; pwszTemplateObjId = strTemplateObjId; if (fRAObjId) { if (NULL == pwszTemplateObjId) { pwszTemplateObjId = strTemplateRA; } } else { if (NULL == pwszTemplateName) { pwszTemplateName = strTemplateRA; } } if (fConflict) { hrTemplate = CERTSRV_E_TEMPLATE_CONFLICT; if (!IsNullBStr(strTemplateObjId)) { _PrintErrorStr( hrTemplate, "Policy:Extension Template ObjId", strTemplateObjId); } if (!IsNullBStr(strTemplateName)) { _PrintErrorStr( hrTemplate, "Policy:Extension Template Name", strTemplateName); } if (!IsNullBStr(strTemplateRA)) { _PrintErrorStr( hrTemplate, "Policy:Attribute Template", strTemplateRA); } } { if (NULL != pwszTemplateName) { for (i = 0; i < ARRAYSIZE(s_apwszCATypes); i++) { if (0 == celstrcmpiL(s_apwszCATypes[i], pwszTemplateName)) { m_fCA = TRUE; break; } } } } hr = SetTemplateName(pServer, pwszTemplateName, pwszTemplateObjId); _JumpIfError(hr, error, "Policy:SetTemplateName"); pwszV1TemplateClass = pwszTemplateName; hr = pPolicy->AddV1TemplateNameExtension(pServer, pwszV1TemplateClass); _JumpIfError(hr, error, "AddTemplateNameExtension"); error: if (S_OK != hrTemplate) { hr = hrTemplate; // override secondary errors } VariantClear(&varValue); if (NULL != pName) { LocalFree(pName); } if (NULL != pTemplate) { LocalFree(pTemplate); } SysFreeString(strTemplateObjId); SysFreeString(strTemplateName); SysFreeString(strTemplateRA); return(hr); }
int ceWtoI( IN WCHAR const *string, OUT BOOL *pfValid) { HRESULT hr; WCHAR szBuf[16]; WCHAR *szTmp = szBuf; int cTmp = ARRAYSIZE(szBuf); int i = 0; WCHAR const *pwsz; BOOL fSawDigit = FALSE; if (pfValid == NULL) { hr = E_POINTER; _JumpError(hr, error, "NULLPARAM"); } *pfValid = FALSE; assert(NULL != pfValid); cTmp = FoldString( MAP_FOLDDIGITS, string, -1, szTmp, cTmp); if (cTmp == 0) { hr = ceHLastError(); if (HRESULT_FROM_WIN32(ERROR_INSUFFICIENT_BUFFER) == hr) { hr = S_OK; cTmp = FoldString( MAP_FOLDDIGITS, string, -1, NULL, 0); szTmp = (WCHAR*)LocalAlloc(LMEM_FIXED, cTmp*sizeof(WCHAR)); if (NULL == szTmp) { hr = E_OUTOFMEMORY; _JumpError(hr, error, "LocalAlloc"); } cTmp = FoldString( MAP_FOLDDIGITS, string, -1, szTmp, cTmp); if (cTmp == 0) hr = ceHLastError(); } _JumpIfError(hr, error, "FoldString"); } pwsz = szTmp; while (iswspace(*pwsz)) { pwsz++; } while (iswdigit(*pwsz)) { fSawDigit = TRUE; pwsz++; } while (iswspace(*pwsz)) { pwsz++; } if (L'\0' == *pwsz) { *pfValid = fSawDigit; } i = _wtoi(szTmp); error: if (szTmp && (szTmp != szBuf)) LocalFree(szTmp); return i; }