windows-nt/Source/XPSP1/NT/ds/security/services/ca/certcli/configp.cpp

2731 lines
63 KiB
C++
Raw Permalink Normal View History

2020-09-26 03:20:57 -05:00
//+--------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1996 - 1999
//
// File: config.cpp
//
// Contents: Cert Server client implementation
//
// History: 24-Aug-96 vich created
//
//---------------------------------------------------------------------------
#include "pch.cpp"
#pragma hdrstop
#include "csdisp.h"
#include "certca.h"
#include "configp.h"
#include <assert.h>
#include <lmaccess.h>
#include <lmapibuf.h>
#include <lmwksta.h>
#include <limits.h>
#define __dwFILE__ __dwFILE_CERTCLI_CONFIGP_CPP__
WCHAR g_wszConfigFile[] = L"\\certsrv.txt";
WCHAR const g_wszRegDirectory[] = wszREGDIRECTORY;
#define cwcCONFIGLINEMAX (12 * 1024)
extern "C"
{
HWND GetDeskTopWindow(VOID);
}
HRESULT
certRequestGetConfigInfo(
IN WCHAR *pwszSharedFolder,
IN OUT LONG *pIndex,
IN OUT LONG *pCount,
OUT CERT_AUTHORITY_INFO **ppCertAuthorityInfo);
VOID
_CleanupCAInfo(
IN OUT CERT_AUTHORITY_INFO *pCA)
{
if (NULL != pCA->pwszSanitizedName)
{
LocalFree(pCA->pwszSanitizedName);
}
if (NULL != pCA->pwszSanitizedShortName)
{
LocalFree(pCA->pwszSanitizedShortName);
}
if (NULL != pCA->pwszSanitizedOrgUnit)
{
LocalFree(pCA->pwszSanitizedOrgUnit);
}
if (NULL != pCA->pwszSanitizedOrganization)
{
LocalFree(pCA->pwszSanitizedOrganization);
}
if (NULL != pCA->pwszSanitizedLocality)
{
LocalFree(pCA->pwszSanitizedLocality);
}
if (NULL != pCA->pwszSanitizedState)
{
LocalFree(pCA->pwszSanitizedState);
}
if (NULL != pCA->pwszSanitizedCountry)
{
LocalFree(pCA->pwszSanitizedCountry);
}
if (NULL != pCA->pwszSanitizedConfig)
{
LocalFree(pCA->pwszSanitizedConfig);
}
if (NULL != pCA->pwszSanitizedExchangeCertificate)
{
LocalFree(pCA->pwszSanitizedExchangeCertificate);
}
if (NULL != pCA->pwszSanitizedSignatureCertificate)
{
LocalFree(pCA->pwszSanitizedSignatureCertificate);
}
if (NULL != pCA->pwszSanitizedDescription)
{
LocalFree(pCA->pwszSanitizedDescription);
}
ZeroMemory(pCA, sizeof(*pCA));
}
//+--------------------------------------------------------------------------
// CCertConfigPrivate::~CCertConfigPrivate -- destructor
//
// free memory associated with this instance
//+--------------------------------------------------------------------------
CCertConfigPrivate::~CCertConfigPrivate()
{
LONG i;
if (NULL != m_pCertAuthorityInfo)
{
if (0 != m_Count)
{
for (i = 0; i < m_Count; ++i)
{
_CleanupCAInfo(&m_pCertAuthorityInfo[i]);
}
}
LocalFree(m_pCertAuthorityInfo);
}
if (NULL != m_pwszSharedFolder)
{
LocalFree(m_pwszSharedFolder);
}
}
HRESULT
fillEmptyField(
WCHAR **ppwszField)
{
HRESULT hr;
*ppwszField = (WCHAR *) LocalAlloc(LMEM_FIXED, sizeof(WCHAR));
if (NULL == *ppwszField)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
*ppwszField[0] = L'\0';
hr = S_OK;
error:
return(hr);
}
VOID
dsFreeCAConfig(
LONG cCA,
CERT_AUTHORITY_INFO *pCA)
{
LONG i;
if (NULL != pCA && 0 < cCA)
{
for (i = 0; i < cCA; ++i)
{
if (NULL != pCA[i].pwszSanitizedName)
{
LocalFree(pCA[i].pwszSanitizedName);
}
if (NULL != pCA[i].pwszSanitizedShortName)
{
LocalFree(pCA[i].pwszSanitizedShortName);
}
if (NULL != pCA[i].pwszSanitizedConfig)
{
LocalFree(pCA[i].pwszSanitizedConfig);
}
if (NULL != pCA[i].pwszSanitizedOrganization)
{
LocalFree(pCA[i].pwszSanitizedOrganization);
}
if (NULL != pCA[i].pwszSanitizedOrgUnit)
{
LocalFree(pCA[i].pwszSanitizedOrgUnit);
}
if (NULL != pCA[i].pwszSanitizedLocality)
{
LocalFree(pCA[i].pwszSanitizedLocality);
}
if (NULL != pCA[i].pwszSanitizedState)
{
LocalFree(pCA[i].pwszSanitizedState);
}
if (NULL != pCA[i].pwszSanitizedCountry)
{
LocalFree(pCA[i].pwszSanitizedCountry);
}
}
LocalFree(pCA);
}
}
HRESULT
ConfigGetCertNameDNInfo(
IN CERT_NAME_INFO const *pCertNameInfo,
IN CHAR const *pszObjId,
IN OUT WCHAR **ppwszDNInfo)
{
HRESULT hr;
WCHAR const *pwszProperty = NULL;
if (NULL != *ppwszDNInfo && L'\0' != **ppwszDNInfo)
{
hr = S_OK;
goto error;
}
hr = myGetCertNameProperty(pCertNameInfo, pszObjId, &pwszProperty);
if (CERTSRV_E_PROPERTY_EMPTY == hr)
{
hr = S_OK;
goto error;
}
_JumpIfError(hr, error, "myGetCertNameProperty");
if (NULL != pwszProperty)
{
WCHAR *pwsz;
hr = myDupString(pwszProperty, &pwsz);
_JumpIfError(hr, error, "myDupString");
if (NULL != *ppwszDNInfo)
{
LocalFree(*ppwszDNInfo);
}
*ppwszDNInfo = pwsz;
}
hr = S_OK;
error:
return(hr);
}
HRESULT
ConfigLoadDNInfo(
IN BYTE const *pbEncoded,
IN DWORD cbEncoded,
IN OUT CERT_AUTHORITY_INFO *pCA)
{
HRESULT hr;
CERT_NAME_INFO *pCertNameInfo = NULL;
DWORD cbCertNameInfo;
// decode to name info
if (!myDecodeName(
X509_ASN_ENCODING,
X509_UNICODE_NAME,
pbEncoded,
cbEncoded,
CERTLIB_USE_LOCALALLOC,
&pCertNameInfo,
&cbCertNameInfo))
{
hr = myHLastError();
_JumpError(hr, error, "myDecodeName");
}
hr = ConfigGetCertNameDNInfo(
pCertNameInfo,
szOID_ORGANIZATION_NAME,
&pCA->pwszSanitizedOrganization);
_JumpIfError(hr, error, "ConfigGetCertNameDNInfo");
hr = ConfigGetCertNameDNInfo(
pCertNameInfo,
szOID_ORGANIZATIONAL_UNIT_NAME,
&pCA->pwszSanitizedOrgUnit);
_JumpIfError(hr, error, "ConfigGetCertNameDNInfo");
hr = ConfigGetCertNameDNInfo(
pCertNameInfo,
szOID_LOCALITY_NAME,
&pCA->pwszSanitizedLocality);
_JumpIfError(hr, error, "ConfigGetCertNameDNInfo");
hr = ConfigGetCertNameDNInfo(
pCertNameInfo,
szOID_STATE_OR_PROVINCE_NAME,
&pCA->pwszSanitizedState);
_JumpIfError(hr, error, "ConfigGetCertNameDNInfo");
hr = ConfigGetCertNameDNInfo(
pCertNameInfo,
szOID_COUNTRY_NAME,
&pCA->pwszSanitizedCountry);
_JumpIfError(hr, error, "ConfigGetCertNameDNInfo");
error:
if (NULL != pCertNameInfo)
{
LocalFree(pCertNameInfo);
}
return(hr);
}
HRESULT
dsGetCAConfig(
OUT CERT_AUTHORITY_INFO **ppCAConfig,
OUT LONG *pcCAConfig)
{
HRESULT hr;
HCAINFO hCACurrent = NULL;
HCAINFO hCANext = NULL;
WCHAR **ppwszCommonName = NULL;
WCHAR **ppwszSanitizedShortName = NULL;
WCHAR **ppwszDescription = NULL;
WCHAR **ppwszMachine = NULL;
WCHAR **ppwszDN = NULL;
LONG cCA;
LONG iDst;
LONG iSrc;
CERT_AUTHORITY_INFO *pCA = NULL;
BYTE *pbEncoded = NULL;
DWORD cbEncoded;
*ppCAConfig = NULL;
*pcCAConfig = 0;
cCA = 0;
hr = CAEnumFirstCA(
NULL,
CA_FIND_INCLUDE_UNTRUSTED | CA_FIND_INCLUDE_NON_TEMPLATE_CA,
&hCACurrent);
if (HRESULT_FROM_WIN32(ERROR_NETWORK_UNREACHABLE) != hr)
{
_PrintIfErrorStr4(
hr,
"CAEnumFirstCA",
L"Ignored!",
HRESULT_FROM_WIN32(ERROR_SERVER_DISABLED),
HRESULT_FROM_WIN32(ERROR_NO_SUCH_DOMAIN),
HRESULT_FROM_WIN32(ERROR_WRONG_PASSWORD));
}
cCA = CACountCAs(hCACurrent); // 0 on error
if (0 < cCA)
{
pCA = (CERT_AUTHORITY_INFO *) LocalAlloc(
LMEM_FIXED | LMEM_ZEROINIT,
cCA * sizeof(CERT_AUTHORITY_INFO));
if (NULL == pCA)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
for (iDst = 0, iSrc = 0; iSrc < cCA; iSrc++)
{
CSASSERT(NULL == ppwszCommonName);
CSASSERT(NULL == ppwszSanitizedShortName);
CSASSERT(NULL == ppwszDescription);
CSASSERT(NULL == ppwszMachine);
CSASSERT(NULL == ppwszDN);
CSASSERT(NULL == pCA[iDst].pwszSanitizedName);
CSASSERT(NULL == pCA[iDst].pwszSanitizedShortName);
CSASSERT(NULL == pCA[iDst].pwszSanitizedConfig);
hr = CAGetCAProperty(
hCACurrent,
CA_PROP_DISPLAY_NAME,
&ppwszCommonName);
_JumpIfError(hr, error, "CAGetCAProperty(CA_PROP_DISPLAY_NAME)");
hr = CAGetCAProperty(hCACurrent, CA_PROP_NAME, &ppwszSanitizedShortName);
_JumpIfError(hr, error, "CAGetCAProperty(CA_PROP_NAME)");
hr = CAGetCAProperty(hCACurrent, CA_PROP_DESCRIPTION, &ppwszDescription);
_JumpIfError(hr, error, "CAGetCAProperty(CA_PROP_DESCRIPTION)");
hr = CAGetCAProperty(hCACurrent, CA_PROP_DNSNAME, &ppwszMachine);
_JumpIfError(hr, error, "CAGetCAProperty(CA_PROP_DNSNAME)");
hr = CAGetCAProperty(hCACurrent, CA_PROP_CERT_DN, &ppwszDN);
_JumpIfError(hr, error, "CAGetCAProperty(CA_PROP_CERT_DN)");
if (NULL == ppwszCommonName ||
NULL == ppwszSanitizedShortName ||
NULL == ppwszMachine ||
NULL == ppwszDN)
{
_PrintError(E_INVALIDARG, "missing CA property");
goto skipca; // skip and don't take the CA
}
hr = mySanitizeName(*ppwszCommonName, &pCA[iDst].pwszSanitizedName);
_JumpIfError(hr, error, "mySanitizeName");
// already sanitized:
hr = myDupString(*ppwszSanitizedShortName, &pCA[iDst].pwszSanitizedShortName);
_JumpIfError(hr, error, "myDupString");
if (NULL != ppwszDescription)
{
hr = myDupString(*ppwszDescription, &pCA[iDst].pwszSanitizedDescription);
_JumpIfError(hr, error, "myDupString");
}
pCA[iDst].pwszSanitizedConfig = (WCHAR *) LocalAlloc(
LMEM_FIXED,
(wcslen(*ppwszMachine) + wcslen(pCA[iDst].pwszSanitizedName) + 2) *
sizeof(WCHAR));
if (NULL == pCA[iDst].pwszSanitizedConfig)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc(pwszSanitizedConfig)");
}
wcscpy(pCA[iDst].pwszSanitizedConfig, *ppwszMachine);
wcscat(pCA[iDst].pwszSanitizedConfig, L"\\");
wcscat(pCA[iDst].pwszSanitizedConfig, pCA[iDst].pwszSanitizedName);
pbEncoded = NULL;
while (TRUE)
{
// convert dn string to name blob
if (!CertStrToName(
X509_ASN_ENCODING,
*ppwszDN,
CERT_X500_NAME_STR,
NULL,
pbEncoded,
&cbEncoded,
NULL))
{
hr = myHLastError();
_JumpIfError(hr, error, "CertStrToName");
}
if (NULL != pbEncoded)
{
// get name
break;
}
pbEncoded = (BYTE*)LocalAlloc(LMEM_FIXED | LMEM_ZEROINIT,
cbEncoded);
if (NULL == pbEncoded)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
}
hr = ConfigLoadDNInfo(pbEncoded, cbEncoded, &pCA[iDst]);
_JumpIfError(hr, error, "ConfigLoadDNInfo");
// fill empty for the rest
CSASSERT(NULL == pCA[iDst].pwszSanitizedExchangeCertificate);
CSASSERT(NULL == pCA[iDst].pwszSanitizedSignatureCertificate);
pCA[iDst].Flags = CAIF_DSENTRY;
++iDst;
// free dn blobs
if (NULL != pbEncoded)
{
LocalFree(pbEncoded);
pbEncoded = NULL;
}
skipca:
// free ds out properties
if (NULL != ppwszCommonName)
{
CAFreeCAProperty(hCACurrent, ppwszCommonName);
ppwszCommonName = NULL;
}
if (NULL != ppwszSanitizedShortName)
{
CAFreeCAProperty(hCACurrent, ppwszSanitizedShortName);
ppwszSanitizedShortName = NULL;
}
if (NULL != ppwszDescription)
{
CAFreeCAProperty(hCACurrent, ppwszDescription);
ppwszDescription = NULL;
}
if (NULL != ppwszMachine)
{
CAFreeCAProperty(hCACurrent, ppwszMachine);
ppwszMachine = NULL;
}
if (NULL != ppwszDN)
{
CAFreeCAProperty(hCACurrent, ppwszDN);
ppwszDN = NULL;
}
hr = CAEnumNextCA(hCACurrent, &hCANext);
CACloseCA(hCACurrent);
hCACurrent = hCANext;
if (S_OK != hr || NULL == hCACurrent)
{
break;
}
}
*pcCAConfig = iDst;
*ppCAConfig = pCA;
pCA = NULL;
}
hr = S_OK;
error:
if (NULL != hCACurrent)
{
CACloseCA(hCACurrent);
}
if (NULL != pbEncoded)
{
LocalFree(pbEncoded);
}
if (NULL != ppwszCommonName)
{
CAFreeCAProperty(hCACurrent, ppwszCommonName);
}
if (NULL != ppwszSanitizedShortName)
{
CAFreeCAProperty(hCACurrent, ppwszSanitizedShortName);
}
if (NULL != ppwszMachine)
{
CAFreeCAProperty(hCACurrent, ppwszMachine);
}
if (NULL != ppwszDN)
{
CAFreeCAProperty(hCACurrent, ppwszDN);
}
if (NULL != pCA)
{
dsFreeCAConfig(cCA, pCA);
}
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
BOOL
FindSharedCAInDSList(
IN CERT_AUTHORITY_INFO *pDSCA,
IN LONG countDSCA,
IN CERT_AUTHORITY_INFO const *pCAFromShared,
OUT CERT_AUTHORITY_INFO **ppDSCA)
{
BOOL found = FALSE;
LONG i;
*ppDSCA = NULL;
for (i = 0; i < countDSCA; ++i)
{
if (0 == lstrcmpi(pDSCA[i].pwszSanitizedConfig, pCAFromShared->pwszSanitizedConfig) &&
0 == lstrcmpi(pDSCA[i].pwszSanitizedName, pCAFromShared->pwszSanitizedName))
{
*ppDSCA = &pDSCA[i];
found = TRUE;
break;
}
}
return(found);
}
HRESULT
updateField(
IN WCHAR const *pwszSource,
OUT WCHAR **ppwszDest)
{
HRESULT hr;
if (NULL != pwszSource &&
(NULL == *ppwszDest || L'\0' == **ppwszDest))
{
if (NULL != *ppwszDest)
{
LocalFree(*ppwszDest);
}
hr = myDupString(pwszSource, ppwszDest);
_JumpIfError(hr, error, "myDupString");
}
hr = S_OK;
error:
return(hr);
}
HRESULT
mergeConfigFields(
IN CERT_AUTHORITY_INFO const *pCAIn,
IN OUT CERT_AUTHORITY_INFO *pCA)
{
HRESULT hr;
if (NULL == pCAIn || NULL == pCA)
{
hr = E_POINTER;
_JumpError(hr, error, "Internal Error");
}
hr = updateField(pCAIn->pwszSanitizedName, &pCA->pwszSanitizedName);
_JumpIfError(hr, error, "updateField(pwszSanitizedName)");
hr = updateField(pCAIn->pwszSanitizedOrgUnit, &pCA->pwszSanitizedOrgUnit);
_JumpIfError(hr, error, "updateField(pwszSanitizedOrgUnit)");
hr = updateField(pCAIn->pwszSanitizedOrganization, &pCA->pwszSanitizedOrganization);
_JumpIfError(hr, error, "updateField(pwszSanitizedOrganization)");
hr = updateField(pCAIn->pwszSanitizedLocality, &pCA->pwszSanitizedLocality);
_JumpIfError(hr, error, "updateField(pwszSanitizedLocality)");
hr = updateField(pCAIn->pwszSanitizedState, &pCA->pwszSanitizedState);
_JumpIfError(hr, error, "updateField(pwszSanitizedState)");
hr = updateField(pCAIn->pwszSanitizedCountry, &pCA->pwszSanitizedCountry);
_JumpIfError(hr, error, "updateField(pwszSanitizedCountry)");
hr = updateField(pCAIn->pwszSanitizedConfig, &pCA->pwszSanitizedConfig);
_JumpIfError(hr, error, "updateField(pwszSanitizedConfig)");
hr = updateField(pCAIn->pwszSanitizedExchangeCertificate, &pCA->pwszSanitizedExchangeCertificate);
_JumpIfError(hr, error, "updateField(pwszSanitizedExchangeCertificate)");
hr = updateField(pCAIn->pwszSanitizedSignatureCertificate, &pCA->pwszSanitizedSignatureCertificate);
_JumpIfError(hr, error, "updateField(pwszSanitizedSignatureCertificate)");
hr = updateField(pCAIn->pwszSanitizedDescription, &pCA->pwszSanitizedDescription);
_JumpIfError(hr, error, "updateField(pwszSanitizedDescription)");
hr = mySanitizedNameToDSName(pCAIn->pwszSanitizedName, &pCA->pwszSanitizedShortName);
_JumpIfError(hr, error, "mySanitizedNameToDSName");
pCA->Flags |= pCAIn->Flags;
error:
return(hr);
}
HRESULT
CCertConfigPrivate::_ResizeCAInfo(
IN LONG Count)
{
HRESULT hr = E_OUTOFMEMORY;
if (NULL == m_pCertAuthorityInfo)
{
m_pCertAuthorityInfo = (CERT_AUTHORITY_INFO *) LocalAlloc(
LMEM_FIXED | LMEM_ZEROINIT,
Count * sizeof(CERT_AUTHORITY_INFO));
if (NULL == m_pCertAuthorityInfo)
{
_JumpError(hr, error, "LocalAlloc");
}
}
else
{
CERT_AUTHORITY_INFO *pCAI;
pCAI = (CERT_AUTHORITY_INFO *) LocalReAlloc(
m_pCertAuthorityInfo,
Count * sizeof(CERT_AUTHORITY_INFO),
LMEM_MOVEABLE);
if (NULL == pCAI)
{
_JumpError(hr, error, "LocalReAlloc");
}
m_pCertAuthorityInfo = pCAI;
// LocalReAlloc won't zero memory when old size was already > m_Count
if (Count > m_Count)
{
ZeroMemory(
&m_pCertAuthorityInfo[m_Count],
(Count - m_Count) * sizeof(m_pCertAuthorityInfo[0]));
}
}
hr = S_OK;
error:
return(hr);
}
HRESULT
CCertConfigPrivate::_AddRegistryConfigEntry(
IN WCHAR const *pwszDnsName,
IN WCHAR const *pwszOldName,
IN WCHAR const *pwszSanitizedCAName,
IN BOOL fParentCA,
OPTIONAL IN CERT_CONTEXT const *pccCAChild,
OPTIONAL OUT CERT_CONTEXT const **ppccCAOut) // non-NULL means local CA
{
HRESULT hr;
HCERTSTORE hMyStore = NULL;
LONG i;
BOOL fFoundCA = FALSE;
WCHAR *pwszDescription = NULL;
WCHAR *pwszSanitizedShortName = NULL;
CERT_CONTEXT const *pccCA = NULL;
CERT_AUTHORITY_INFO *pCA = NULL;
WCHAR *pwsz;
WCHAR *pwszRegPath = NULL;
HKEY hKey = NULL;
if (NULL != ppccCAOut)
{
CSASSERT(NULL == pccCAChild);
*ppccCAOut = NULL;
}
for (i = 0; i < m_Count; ++i)
{
BOOL fMachineNameMatch;
hr = myIsConfigLocal2(
m_pCertAuthorityInfo[i].pwszSanitizedConfig,
pwszDnsName,
pwszOldName,
&fMachineNameMatch);
_JumpIfError(hr, error, "myIsConfigLocal2");
if (fMachineNameMatch)
{
if (!fParentCA) // Local CA
{
m_pCertAuthorityInfo[i].Flags |= CAIF_LOCAL;
}
if (0 == lstrcmpi(
pwszSanitizedCAName,
m_pCertAuthorityInfo[i].pwszSanitizedName))
{
fFoundCA = TRUE;
pCA = &m_pCertAuthorityInfo[i];
pCA->Flags |= CAIF_REGISTRY;
if (fParentCA)
{
pCA->Flags |= CAIF_REGISTRYPARENT;
}
break;
}
}
}
if (!fFoundCA)
{
hr = _ResizeCAInfo(m_Count + 1);
_JumpIfError(hr, error, "_ResizeCAInfo");
pCA = &m_pCertAuthorityInfo[m_Count];
hr = myFormConfigString(
pwszDnsName,
pwszSanitizedCAName,
&pCA->pwszSanitizedConfig);
_JumpIfError(hr, error, "myFormConfigString");
hr = myDupString(pwszSanitizedCAName, &pCA->pwszSanitizedName);
_JumpIfError(hr, error, "myDupString");
hr = mySanitizedNameToDSName(
pwszSanitizedCAName,
&pCA->pwszSanitizedShortName);
_JumpIfError(hr, error, "mySanitizedNameToDSName");
pCA->Flags = CAIF_REGISTRY;
if (fParentCA)
{
pCA->Flags |= CAIF_REGISTRYPARENT;
}
else
{
pCA->Flags |= CAIF_LOCAL;
}
}
CSASSERT(NULL != pCA); // either found or added
if (NULL == pCA->pwszSanitizedDescription ||
L'\0' == *pCA->pwszSanitizedDescription)
{
if (!fParentCA) // Local CA
{
hr = myGetCertRegStrValue(
pCA->pwszSanitizedName,
NULL,
NULL,
wszREGCADESCRIPTION,
&pwszDescription);
_PrintIfErrorStr2(
hr,
"myGetCertRegStrValue",
wszREGCADESCRIPTION,
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
}
else
{
hr = myRegOpenRelativeKey(
pwszDnsName,
L"ca",
0,
&pwszRegPath,
NULL,
&hKey);
_PrintIfErrorStr(hr, "myGetCertRegStrValue", wszREGCADESCRIPTION);
if (S_OK == hr)
{
DWORD cb;
DWORD cwc;
DWORD dwType;
hr = RegQueryValueEx(
hKey,
wszREGCADESCRIPTION,
NULL,
&dwType,
NULL,
&cb);
if (S_OK == hr && REG_SZ == dwType && sizeof(WCHAR) < cb)
{
cwc = cb / sizeof(WCHAR);
pwszDescription = (WCHAR *) LocalAlloc(
LMEM_FIXED,
(cwc + 1) * sizeof(WCHAR));
if (NULL == pwszDescription)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
hr = RegQueryValueEx(
hKey,
wszREGCADESCRIPTION,
NULL,
&dwType,
(BYTE *) pwszDescription,
&cb);
_JumpIfError(hr, error, "RegQueryValueEx");
pwszDescription[cwc] = L'\0';
}
}
}
if (NULL != pwszDescription)
{
hr = mySanitizeName(pwszDescription, &pwsz);
_JumpIfError(hr, error, "mySanitizeName");
if (NULL != pCA->pwszSanitizedDescription)
{
LocalFree(pCA->pwszSanitizedDescription);
}
pCA->pwszSanitizedDescription = pwsz;
}
}
if (fParentCA)
{
pccCA = pccCAChild;
}
else
{
DWORD ccert;
CSASSERT(NULL == pccCAChild);
hr = myGetCARegHashCount(
pCA->pwszSanitizedName,
CSRH_CASIGCERT,
&ccert);
_PrintIfError(hr, "myGetCARegHashCount");
if (S_OK == hr && 0 != ccert)
{
DWORD NameId;
// open MY store
hMyStore = CertOpenStore(
CERT_STORE_PROV_SYSTEM_W,
X509_ASN_ENCODING,
NULL, // hProv
CERT_SYSTEM_STORE_LOCAL_MACHINE |
CERT_STORE_READONLY_FLAG,
wszMY_CERTSTORE);
if (NULL == hMyStore)
{
hr = myHLastError();
_JumpError(hr, error, "CertOpenStore");
}
hr = myFindCACertByHashIndex(
hMyStore,
pCA->pwszSanitizedName,
CSRH_CASIGCERT,
ccert - 1,
&NameId,
&pccCA);
}
}
if (NULL != pccCA)
{
CERT_NAME_BLOB *pName = !fParentCA?
&pccCA->pCertInfo->Subject :
&pccCA->pCertInfo->Issuer;
hr = ConfigLoadDNInfo(pName->pbData, pName->cbData, pCA);
_PrintIfError(hr, "ConfigLoadDNInfo");
}
if (NULL == pCA->pwszSanitizedSignatureCertificate ||
L'\0' == *pCA->pwszSanitizedSignatureCertificate)
{
DWORD cwc;
// pwszDnsName + "_" + pwszSanitizedCAName + ".crt"
cwc = wcslen(pwszDnsName) + 1 + wcslen(pwszSanitizedCAName) + 4;
pwsz = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR));
if (NULL == pwsz)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
wcscpy(pwsz, pwszDnsName);
wcscat(pwsz, L"_");
wcscat(pwsz, pwszSanitizedCAName);
wcscat(pwsz, L".crt");
CSASSERT(wcslen(pwsz) == cwc);
if (NULL != pCA->pwszSanitizedSignatureCertificate)
{
LocalFree(pCA->pwszSanitizedSignatureCertificate);
}
pCA->pwszSanitizedSignatureCertificate = pwsz;
}
if (!fFoundCA)
{
m_Count++;
}
if (NULL != pccCA && NULL != ppccCAOut)
{
*ppccCAOut = CertDuplicateCertificateContext(pccCA);
}
DBGPRINT((
DBG_SS_CERTLIBI,
"%ws %ws CA entry: %ws\n",
fFoundCA? L"Merged" : L"Added",
fParentCA? L"Parent" : L"Local",
pCA->pwszSanitizedConfig));
pCA = NULL;
hr = S_OK;
error:
if (NULL != hKey)
{
RegCloseKey(hKey);
}
if (NULL != pwszRegPath)
{
LocalFree(pwszRegPath);
}
if (!fFoundCA && NULL != pCA)
{
_CleanupCAInfo(pCA);
}
if (NULL != pwszDescription)
{
LocalFree(pwszDescription);
}
if (NULL != pwszSanitizedShortName)
{
LocalFree(pwszSanitizedShortName);
}
if (NULL != pccCA && pccCAChild != pccCA)
{
CertFreeCertificateContext(pccCA);
}
if (NULL != hMyStore)
{
CertCloseStore(hMyStore, CERT_CLOSE_STORE_CHECK_FLAG);
}
return(hr);
}
//+--------------------------------------------------------------------------
// CCertConfigPrivate::_LoadTable -- load config data into class instance
//
// Returns S_OK on success.
//+--------------------------------------------------------------------------
HRESULT
CCertConfigPrivate::_LoadTable(VOID)
{
HRESULT hr;
LONG Index;
LONG CountShared = 0;
LONG i;
LONG actualSharedCount;
CERT_AUTHORITY_INFO *pCAFromShared = NULL;
BOOL fDSCA = TRUE;
WCHAR *pwszSanitizedCAName = NULL;
WCHAR *pwszDnsName = NULL;
WCHAR *pwszOldName = NULL;
CERT_CONTEXT const *pccCA = NULL;
WCHAR *pwszParentMachine = NULL;
WCHAR *pwszParentMachineOld = NULL;
WCHAR *pwszParentCAName = NULL;
WCHAR *pwszParentSanitizedCAName = NULL;
m_Index = -1;
m_Count = 0;
if (m_fUseDS)
{
hr = dsGetCAConfig(&m_pCertAuthorityInfo, &m_Count);
_JumpIfError(hr, error, "dsGetCAConfig");
}
DBGPRINT((
DBG_SS_CERTLIBI,
"%x DS entries @%x\n",
m_Count,
m_pCertAuthorityInfo));
if (NULL == m_pCertAuthorityInfo && 0 == m_Count)
{
fDSCA = FALSE;
}
Index = 0;
CountShared = INT_MAX;
hr = certRequestGetConfigInfo(
m_pwszSharedFolder,
&Index,
&CountShared,
&pCAFromShared);
// Don't fail if file not found or unc path is bad
CSASSERT(S_OK == hr || FAILED(hr));
_PrintIfError4(
hr,
"certRequestGetConfigInfo",
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND),
HRESULT_FROM_WIN32(ERROR_NETWORK_UNREACHABLE),
HRESULT_FROM_WIN32(ERROR_INVALID_NETNAME));
DBGPRINT((
DBG_SS_CERTLIBI,
"%x Shared Folder entries @%x\n",
CountShared,
pCAFromShared));
actualSharedCount = 0;
if (0 < CountShared)
{
hr = _ResizeCAInfo(m_Count + CountShared);
_JumpIfError(hr, error, "_ResizeCAInfo");
DBGPRINT((
DBG_SS_CERTLIBI,
"%x %ws @%x\n",
m_Count + CountShared,
fDSCA? L"Total entries" : L"new Shared Folder entries",
m_pCertAuthorityInfo));
for (i = 0; i < CountShared; ++i)
{
CERT_AUTHORITY_INFO *pCAInDS = NULL;
CERT_AUTHORITY_INFO *pCAUpdate;
if (fDSCA)
{
FindSharedCAInDSList(
m_pCertAuthorityInfo,
m_Count,
&pCAFromShared[i],
&pCAInDS);
}
if (NULL != pCAInDS)
{
pCAUpdate = pCAInDS;
}
else
{
pCAUpdate = &m_pCertAuthorityInfo[m_Count + actualSharedCount];
ZeroMemory(pCAUpdate, sizeof(*pCAUpdate));
}
hr = mergeConfigFields(&pCAFromShared[i], pCAUpdate);
_JumpIfError(hr, error, "mergeConfigFields");
DBGPRINT((
DBG_SS_CERTLIBI,
"%hs CA entry: %ws\n",
NULL != pCAInDS? "Merged" : "Added",
pCAUpdate->pwszSanitizedConfig));
if (NULL == pCAInDS)
{
++actualSharedCount;
}
}
}
m_Count += actualSharedCount;
// Add local CA to the table. Merge entry if it already exists.
// Also flags all local CAs.
hr = myGetCertRegStrValue(
NULL,
NULL,
NULL,
wszREGACTIVE,
&pwszSanitizedCAName);
_PrintIfErrorStr(hr, "myGetCertRegStrValue", wszREGACTIVE);
if (S_OK == hr)
{
hr = myGetComputerNames(&pwszDnsName, &pwszOldName);
_JumpIfError(hr, error, "myGetComputerNames");
hr = _AddRegistryConfigEntry(
pwszDnsName,
pwszOldName,
pwszSanitizedCAName,
FALSE, // fParentCA
NULL,
&pccCA);
_JumpIfError(hr, error, "_AddRegistryConfigEntry");
// Add parent CA to the table. Merge entry if it already exists.
hr = myGetCertRegStrValue(
pwszSanitizedCAName,
NULL,
NULL,
wszREGPARENTCANAME,
&pwszParentCAName);
_PrintIfErrorStr2(
hr,
"myGetCertRegStrValue",
wszREGPARENTCANAME,
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
if (S_OK == hr)
{
hr = myGetCertRegStrValue(
pwszSanitizedCAName,
NULL,
NULL,
wszREGPARENTCAMACHINE,
&pwszParentMachine);
_PrintIfErrorStr(hr, "myGetCertRegStrValue", wszREGPARENTCAMACHINE);
}
if (NULL != pwszParentMachine && NULL != pwszParentCAName)
{
WCHAR *pwsz;
hr = mySanitizeName(pwszParentCAName, &pwszParentSanitizedCAName);
_JumpIfError(hr, error, "mySanitizeName");
hr = myDupString(pwszParentMachine, &pwszParentMachineOld);
_JumpIfError(hr, error, "myDupString");
pwsz = wcschr(pwszParentMachineOld, L'.');
if (NULL != pwsz)
{
*pwsz = L'\0';
}
hr = _AddRegistryConfigEntry(
pwszParentMachine,
pwszParentMachineOld,
pwszParentSanitizedCAName,
TRUE, // fParentCA
pccCA,
NULL);
_JumpIfError(hr, error, "_AddRegistryConfigEntry");
}
}
hr = S_OK;
error:
if (NULL != pwszDnsName)
{
LocalFree(pwszDnsName);
}
if (NULL != pwszOldName)
{
LocalFree(pwszOldName);
}
if (NULL != pwszSanitizedCAName)
{
LocalFree(pwszSanitizedCAName);
}
if (NULL != pwszParentCAName)
{
LocalFree(pwszParentCAName);
}
if (NULL != pwszParentMachine)
{
LocalFree(pwszParentMachine);
}
if (NULL != pwszParentMachineOld)
{
LocalFree(pwszParentMachineOld);
}
if (NULL != pwszParentSanitizedCAName)
{
LocalFree(pwszParentSanitizedCAName);
}
if (NULL != pCAFromShared)
{
LocalFree(pCAFromShared);
}
if (NULL != pccCA)
{
CertFreeCertificateContext(pccCA);
}
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
//+--------------------------------------------------------------------------
// CCertConfigPrivate::Reset -- load config data, reset to indexed entry,
// return count
//
// Load the configuration data if not already loaded. To reload the data after
// the data have changed, CCertConfigPrivate must be released and reloaded.
//
// Resets the current config entry to the Certification Authority configuration
// listed in the configuration file, indexed by the Index parameter. 0 indexes
// the first configuration.
//
// Upon successful completion, *pCount will be set to the number of Certificate
// Authority configurations listed in the configuration file.
//
// Returns S_FALSE if no entries are available at or after the passed Index.
// Returns S_OK on success.
//+--------------------------------------------------------------------------
HRESULT
CCertConfigPrivate::Reset(
/* [in] */ LONG Index,
/* [retval][out] */ LONG __RPC_FAR *pCount)
{
HRESULT hr = S_OK;
if (NULL == pCount)
{
hr = E_POINTER;
_JumpError(hr, error, "pCount");
}
if (NULL == m_pCertAuthorityInfo)
{
hr = _LoadTable();
_JumpIfError(hr, error, "_LoadTable");
}
*pCount = m_Count;
if (0 > Index || Index > m_Count)
{
Index = m_Count + 1;
hr = S_FALSE;
}
m_Index = Index - 1;
error:
CSASSERT(S_OK == hr || S_FALSE == hr || FAILED(hr));
return(hr);
}
//+--------------------------------------------------------------------------
// CCertConfigPrivate::Next -- skip to next config entry
//
// Changes the current config entry to the next Certification Authority
// configuration listed in the configuration file.
//
// Upon successful completion, *pIndex will be set to the index of Certificate
// Authority configurations listed in the configuration file.
//
// Returns S_FALSE if no more entries are available. *pIndex is set to -1.
// Returns S_OK on success. *pIndex is set to index the current configuration.
//+--------------------------------------------------------------------------
HRESULT
CCertConfigPrivate::Next(
/* [retval][out] */ LONG __RPC_FAR *pIndex)
{
HRESULT hr = S_OK;
if (NULL == pIndex)
{
hr = E_POINTER;
_JumpError(hr, error, "pIndex");
}
*pIndex = -1;
if (NULL == m_pCertAuthorityInfo)
{
hr = _LoadTable();
_JumpIfError(hr, error, "_LoadTable");
}
if (m_Index < m_Count)
{
m_Index++;
}
if (m_Index < m_Count)
{
*pIndex = m_Index;
}
else
{
hr = S_FALSE;
}
error:
CSASSERT(S_OK == hr || S_FALSE == hr || FAILED(hr));
return(hr);
}
//+--------------------------------------------------------------------------
// CCertConfigPrivate::GetField -- return a field from the current config entry.
//
// pstrOut points to a BSTR string filled in by this routine. If *pstrOut is
// non-NULL and this method is successful, the old string is freed. If any
// value other than S_OK is returned, the string pointer will not be modified.
//
// Upon successful completion, *pstrOut will point to a string that contains
// the requested field from the current config entry.
//
// When the caller no longer needs the string, it must be freed by calling
// SysFreeString().
//
// Returns S_OK on success.
//+--------------------------------------------------------------------------
HRESULT
CCertConfigPrivate::GetField(
/* [in] */ BSTR const strFieldName,
/* [retval][out] */ BSTR __RPC_FAR *pstrOut)
{
HRESULT hr = S_OK;
CERT_AUTHORITY_INFO *pcai;
BSTR bstr;
DWORD cwc;
WCHAR *pwsz = NULL;
WCHAR *pwszRevert = NULL;
WCHAR *pwszT = NULL;
BOOL fDesanitize = TRUE;
WCHAR awc[12];
if (NULL == pstrOut || NULL == strFieldName)
{
hr = E_POINTER;
_JumpError(hr, error, "pstrOut|strFieldName");
}
if (NULL != *pstrOut)
{
SysFreeString(*pstrOut);
*pstrOut = NULL;
}
if (NULL == m_pCertAuthorityInfo)
{
hr = _LoadTable();
_JumpIfError(hr, error, "_LoadTable");
}
if (-1 == m_Index)
{
m_Index++; // implicit Next() for compatibility with Version 1
}
if (0 > m_Index || m_Index >= m_Count)
{
hr = E_INVALIDARG;
_JumpError(hr, error, "m_Index");
}
pcai = &m_pCertAuthorityInfo[m_Index];
bstr = strFieldName;
if (0 == lstrcmpi(bstr, wszCONFIG_COMMONNAME))
{
pwsz = pcai->pwszSanitizedName;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_SANITIZEDNAME))
{
pwsz = pcai->pwszSanitizedName;
fDesanitize = FALSE;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_SHORTNAME))
{
pwsz = pcai->pwszSanitizedShortName;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_SANITIZEDSHORTNAME))
{
pwsz = pcai->pwszSanitizedShortName;
fDesanitize = FALSE;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_ORGUNIT))
{
pwsz = pcai->pwszSanitizedOrgUnit;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_ORGANIZATION))
{
pwsz = pcai->pwszSanitizedOrganization;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_LOCALITY))
{
pwsz = pcai->pwszSanitizedLocality;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_STATE))
{
pwsz = pcai->pwszSanitizedState;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_COUNTRY))
{
pwsz = pcai->pwszSanitizedCountry;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_CONFIG))
{
pwsz = pcai->pwszSanitizedConfig;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_EXCHANGECERTIFICATE))
{
pwsz = pcai->pwszSanitizedExchangeCertificate;
fDesanitize = FALSE;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_SIGNATURECERTIFICATE))
{
pwsz = pcai->pwszSanitizedSignatureCertificate;
fDesanitize = FALSE;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_DESCRIPTION) ||
0 == lstrcmpi(bstr, wszCONFIG_COMMENT)) // obsolete
{
pwsz = pcai->pwszSanitizedDescription;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_SERVER))
{
pwsz = wcschr(pcai->pwszSanitizedConfig, L'\\');
if (NULL == pwsz)
{
cwc = wcslen(pcai->pwszSanitizedConfig);
}
else
{
cwc = SAFE_SUBTRACT_POINTERS(pwsz, pcai->pwszSanitizedConfig);
}
pwszT = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR));
if (NULL == pwszT)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
CopyMemory(pwszT, pcai->pwszSanitizedConfig, cwc * sizeof(WCHAR));
pwszT[cwc] = L'\0';
pwsz = pwszT;
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_AUTHORITY))
{
pwsz = wcschr(pcai->pwszSanitizedConfig, L'\\');
if (NULL == pwsz)
{
pwsz = L"";
}
else
{
pwsz++;
}
}
else
if (0 == lstrcmpi(bstr, wszCONFIG_FLAGS))
{
wsprintf(awc, L"%u", pcai->Flags);
CSASSERT(ARRAYSIZE(awc) > wcslen(awc));
pwsz = awc;
}
if (NULL == pwsz)
{
hr = CERTSRV_E_PROPERTY_EMPTY;
_JumpError2(hr, error, "ConvertWszToBstr", CERTSRV_E_PROPERTY_EMPTY);
}
if (fDesanitize)
{
hr = myRevertSanitizeName(pwsz, &pwszRevert);
_JumpIfError(hr, error, "myRevertSanitizeName");
pwsz = pwszRevert;
}
if (!ConvertWszToBstr(pstrOut, pwsz, -1))
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "ConvertWszToBstr");
}
error:
if (NULL != pwszT)
{
LocalFree(pwszT);
}
if (NULL != pwszRevert)
{
LocalFree(pwszRevert);
}
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
HRESULT
CCertConfigPrivate::GetConfigFromPicker(
OPTIONAL IN HWND hwndParent,
OPTIONAL IN WCHAR const *pwszPrompt,
OPTIONAL IN WCHAR const *pwszTitle,
OPTIONAL IN WCHAR const *pwszSharedFolder,
IN BOOL fUseDS,
IN BOOL fCountOnly,
OUT DWORD *pdwCount,
OUT CRYPTUI_CA_CONTEXT const **ppCAContext)
{
HRESULT hr = S_OK;
CRYPTUI_CA_CONTEXT *prgCAC = NULL;
const CRYPTUI_CA_CONTEXT **pprgCAC = NULL;
CRYPTUI_SELECT_CA_STRUCT UISelectCA;
CRYPTUI_CA_CONTEXT const *pCAContext = NULL;
LONG i;
LONG realCount = 0;
LONG cCA = 0;
BSTR bsFieldName = NULL;
BSTR bsFieldValue = NULL;
WCHAR *pwszPtr;
WCHAR **ppwszCAName = NULL;
WCHAR **ppwszCAMachineName = NULL;
if ((NULL == ppCAContext) || (NULL == pdwCount))
{
hr = E_POINTER;
_JumpError (hr, error, "NULL parm");
}
*ppCAContext = NULL;
*pdwCount = 0;
m_fUseDS = fUseDS;
if (NULL != pwszSharedFolder)
{
hr = SetSharedFolder(const_cast<WCHAR *>(pwszSharedFolder));
_JumpIfError(hr, error, "configPrivate.SetSharedFolder");
}
hr = Reset(0, &cCA);
if (S_OK != hr && S_FALSE != hr)
{
_JumpError(hr, error, "configPrivate.Reset");
}
hr = S_OK; // in case of S_FALSE;
if (0 < cCA)
{
prgCAC = (CRYPTUI_CA_CONTEXT *) LocalAlloc(LMEM_FIXED|LMEM_ZEROINIT,
cCA * sizeof(CRYPTUI_CA_CONTEXT));
if (NULL == prgCAC)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
pprgCAC = (const CRYPTUI_CA_CONTEXT **) LocalAlloc(LMEM_FIXED|LMEM_ZEROINIT,
cCA * sizeof(const CRYPTUI_CA_CONTEXT *));
if (NULL == pprgCAC)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
ppwszCAName = (WCHAR **) LocalAlloc(LMEM_FIXED|LMEM_ZEROINIT, cCA * sizeof(WCHAR *));
if (NULL == ppwszCAName)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
ppwszCAMachineName = (WCHAR **) LocalAlloc(LMEM_FIXED|LMEM_ZEROINIT, cCA * sizeof(WCHAR *));
if (NULL == ppwszCAMachineName)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
if (!ConvertWszToBstr(&bsFieldName, wszCONFIG_CONFIG, -1))
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "ConvertWszToBstr");
}
realCount = 0;
while (realCount < cCA)
{
hr = GetField(bsFieldName, &bsFieldValue);
_JumpIfError(hr, error, "configPrivate.GetField");
pwszPtr = wcsstr(bsFieldValue, L"\\");
if (NULL == pwszPtr)
{
continue;
}
// change \ to null terminator
pwszPtr[0] = L'\0';
// point to CA name
pwszPtr = &pwszPtr[1];
ppwszCAName[realCount] = (WCHAR *) LocalAlloc(
LMEM_FIXED,
(wcslen(pwszPtr) + 1) * sizeof(WCHAR));
if (NULL == ppwszCAName[realCount])
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
ppwszCAMachineName[realCount] = (WCHAR *) LocalAlloc(
LMEM_FIXED,
(wcslen(bsFieldValue) + 1) * sizeof(WCHAR));
if (NULL == ppwszCAMachineName[realCount])
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
prgCAC[realCount].dwSize = sizeof(CRYPTUI_CA_CONTEXT);
wcscpy(ppwszCAName[realCount], pwszPtr);
wcscpy(ppwszCAMachineName[realCount], bsFieldValue);
prgCAC[realCount].pwszCAName = ppwszCAName[realCount];
prgCAC[realCount].pwszCAMachineName = ppwszCAMachineName[realCount];
++realCount;
hr = Next(&i);
if (S_OK != hr)
{
if (S_FALSE == hr)
{
hr = S_OK; // no more entry is not an error
}
break;
}
if (NULL != bsFieldValue)
{
SysFreeString(bsFieldValue);
bsFieldValue = NULL;
}
}
for (i = 0; i < realCount; ++i)
{
pprgCAC[i] = &prgCAC[i];
}
}
*pdwCount = realCount;
if (fCountOnly || 1 > realCount)
{
// done
goto error; // normal return
}
ZeroMemory(&UISelectCA, sizeof(CRYPTUI_SELECT_CA_STRUCT));
UISelectCA.cCAContext = realCount;
UISelectCA.rgCAContext = pprgCAC;
UISelectCA.dwSize = sizeof(UISelectCA);
UISelectCA.wszDisplayString = pwszPrompt;
UISelectCA.wszTitle = pwszTitle;
UISelectCA.hwndParent = hwndParent;
// cryptui called via delay load, wrap with try/except
__try
{
// invoke dialog
pCAContext = (CRYPTUI_CA_CONTEXT const *) CryptUIDlgSelectCA(&UISelectCA); // DelayLoad Wrapped
if (NULL == pCAContext) // user cancel?
{
hr = myHLastError();
if (S_OK == hr)
{
hr = HRESULT_FROM_WIN32(ERROR_CANCELLED);
}
_JumpError(hr, error, "CryptUIDlgSelectCA");
}
*ppCAContext = pCAContext;
hr = S_OK;
}
__except(hr = myHEXCEPTIONCODE(), EXCEPTION_EXECUTE_HANDLER)
{
}
error:
// change to default
m_fUseDS = TRUE;
if (NULL != ppwszCAName)
{
for (i = 0; i < realCount; ++i)
{
if (NULL != ppwszCAName[i])
{
LocalFree(ppwszCAName[i]);
}
}
LocalFree(ppwszCAName);
}
if (NULL != ppwszCAMachineName)
{
for (i = 0; i < realCount; ++i)
{
if (NULL != ppwszCAMachineName[i])
{
LocalFree(ppwszCAMachineName[i]);
}
}
LocalFree(ppwszCAMachineName);
}
if (NULL != pprgCAC)
{
LocalFree(pprgCAC);
}
if (NULL != prgCAC)
{
LocalFree(prgCAC);
}
if (NULL != bsFieldName)
{
SysFreeString(bsFieldName);
}
if (NULL != bsFieldValue)
{
SysFreeString(bsFieldValue);
}
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
//+--------------------------------------------------------------------------
// CCertConfigPrivate::GetConfig -- select a cert issuer, return config data.
//
// pstrOut points to a BSTR string filled in by this routine. If *pstrOut is
// non-NULL and this method is successful, the old string is freed. If any
// value other than S_OK is returned, the string pointer will not be modified.
//
// Flags must be set to 0.
//
// Upon successful completion, *pstrOut will point to a string that contains
// the server name and Certification Authority name.
//
// When the caller no longer needs the string, it must be freed by calling
// SysFreeString().
//
// Returns S_OK on success.
//+--------------------------------------------------------------------------
HRESULT
CCertConfigPrivate::GetConfig(
/* [in] */ LONG Flags,
/* [retval][out] */ BSTR __RPC_FAR *pstrOut)
{
HRESULT hr = S_OK;
WCHAR *pwszSanitizedConfig = NULL;
WCHAR *pwszConfigRevert = NULL;
WCHAR *pwszSanitize = NULL;
HMODULE hMod = NULL;
CRYPTUI_CA_CONTEXT const *pCAContext = NULL;
DWORD dwCACount;
LONG lIndex;
LONG cCA;
LONG i;
if (NULL == pstrOut)
{
hr = E_POINTER;
_JumpError(hr, error, "pstrOut");
}
if (NULL != *pstrOut)
{
SysFreeString(*pstrOut);
*pstrOut = NULL;
}
if (NULL == m_pCertAuthorityInfo)
{
hr = _LoadTable();
_JumpIfError(hr, error, "_LoadTable");
}
if (0 > m_Count)
{
hr = E_INVALIDARG;
_JumpError(hr, error, "m_Count");
}
switch (Flags)
{
case CC_UIPICKCONFIG:
hMod = LoadLibrary(L"cryptui.dll");
if (NULL != hMod)
{
hr = GetConfigFromPicker(
GetDesktopWindow(), // hDlg
NULL, // pwszPrompt
NULL, // pwszTitle
m_pwszSharedFolder,
TRUE, // fUseDS
FALSE, // fCountOnly
&dwCACount,
&pCAContext);
_JumpIfError(hr, error, "GetConfigFromPicker");
if (NULL == pCAContext)
{
hr = HRESULT_FROM_WIN32(ERROR_NO_MORE_ITEMS);
_JumpError(hr, error, "No CA Config");
}
// ca name in UI has been reverted so sanitize it
hr = mySanitizeName(pCAContext->pwszCAName, &pwszSanitize);
_JumpIfError(hr, error, "mySanitizeName");
pwszSanitizedConfig = (WCHAR *) LocalAlloc(
LMEM_FIXED,
(wcslen(pwszSanitize) +
wcslen(pCAContext->pwszCAMachineName) + 2) *
sizeof(WCHAR));
if (NULL == pwszSanitizedConfig)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
wcscpy(pwszSanitizedConfig, pCAContext->pwszCAMachineName);
wcscat(pwszSanitizedConfig, L"\\");
wcscat(pwszSanitizedConfig, pwszSanitize);
for (lIndex = 0; lIndex < m_Count; ++lIndex)
{
if (0 == lstrcmpi(pwszSanitizedConfig, m_pCertAuthorityInfo[lIndex].pwszSanitizedConfig))
{
// update index
Reset(lIndex + 1, &cCA);
break;
}
}
break;
}
// FALLTHROUGH
case CC_LOCALCONFIG:
case CC_LOCALACTIVECONFIG:
case CC_DEFAULTCONFIG:
if (NULL == m_pCertAuthorityInfo)
{
hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND);
_JumpError(hr, error, "no CAs");
}
if (CC_LOCALCONFIG != Flags && CC_LOCALACTIVECONFIG != Flags)
{
// Make a recursive call to first look for a local pingable CA.
// If that fails, pick any pingable CA.
hr = GetConfig(CC_LOCALACTIVECONFIG, pstrOut);
if (S_OK == hr)
{
break;
}
_PrintError(hr, "GetConfig(CC_LOCALACTIVECONFIG)");
}
for (i = 0; i < m_Count; i++)
{
CSASSERT(NULL != m_pCertAuthorityInfo[i].pwszSanitizedConfig);
pwszSanitizedConfig = m_pCertAuthorityInfo[i].pwszSanitizedConfig;
if (CC_LOCALCONFIG == Flags || CC_LOCALACTIVECONFIG == Flags)
{
DWORD InfoFlags;
InfoFlags = m_pCertAuthorityInfo[i].Flags;
if (0 == (CAIF_LOCAL & InfoFlags))
{
continue;
}
if (0 == (CAIF_REGISTRY & InfoFlags))
{
LONG j;
for (j = i + 1; j < m_Count; j++)
{
InfoFlags = m_pCertAuthorityInfo[j].Flags;
if ((CAIF_LOCAL & InfoFlags) &&
(CAIF_REGISTRY & InfoFlags))
{
break;
}
}
if (j < m_Count)
{
i = j;
}
}
}
if (CC_LOCALCONFIG == Flags)
{
hr = S_OK;
}
else
{
hr = myRevertSanitizeName(pwszSanitizedConfig, &pwszConfigRevert);
_JumpIfError(hr, error, "myRevertSanitizeName");
hr = myPingCertSrv(
pwszConfigRevert,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL);
}
if (S_OK == hr)
{
// update index
Reset(i + 1, &cCA);
break; // take it
}
if (NULL != pwszConfigRevert)
{
LocalFree(pwszConfigRevert);
pwszConfigRevert = NULL;
}
}
if (S_OK != hr || i >= m_Count)
{
hr = HRESULT_FROM_WIN32(ERROR_NO_MORE_ITEMS);
_JumpError(hr, error, "No matching CA");
}
break;
case CC_FIRSTCONFIG:
if (NULL == m_pCertAuthorityInfo)
{
hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND);
_JumpError(hr, error, "no CAs");
}
pwszSanitizedConfig = m_pCertAuthorityInfo[0].pwszSanitizedConfig;
// update index
Reset(1, &cCA);
break;
default:
hr = E_INVALIDARG;
_JumpError(hr, error, "Flags");
}
if(!*pstrOut)
{
if (NULL == pwszConfigRevert)
{
// always revert
hr = myRevertSanitizeName(pwszSanitizedConfig, &pwszConfigRevert);
_JumpIfError(hr, error, "myRevertSanitizeName");
}
if (!ConvertWszToBstr(pstrOut, pwszConfigRevert, -1))
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "ConvertWszToBstr");
}
}
hr = S_OK;
error:
if (NULL != hMod)
{
FreeLibrary(hMod);
if (NULL != pwszSanitizedConfig)
{
LocalFree(pwszSanitizedConfig);
}
}
if (NULL != pwszConfigRevert)
{
LocalFree(pwszConfigRevert);
}
if (NULL != pwszSanitize)
{
LocalFree(pwszSanitize);
}
if (NULL != pCAContext)
{
CryptUIDlgFreeCAContext(pCAContext);
}
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
//+--------------------------------------------------------------------------
// CCertConfigPrivate::SetSharedFolder -- set the shared folder
//
// strSharedFolder is the new shared folder dorectory path.
//
// Returns S_OK on success.
//+--------------------------------------------------------------------------
HRESULT
CCertConfigPrivate::SetSharedFolder(
/* [in] */ const BSTR strSharedFolder)
{
HRESULT hr;
WCHAR *pwsz;
pwsz = NULL;
if (NULL != strSharedFolder)
{
hr = myDupString(strSharedFolder, &pwsz);
_JumpIfError(hr, error, "myDupString");
}
if (NULL != m_pwszSharedFolder)
{
LocalFree(m_pwszSharedFolder);
}
m_pwszSharedFolder = pwsz;
hr = S_OK;
error:
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
HRESULT WINAPI
certLoadFile(
WCHAR const *pwszfn,
BYTE **ppbData,
DWORD *pcbData)
{
HANDLE hFile;
DWORD cbLow, cbHigh, cbRead;
HRESULT hr;
hFile = CreateFile(
pwszfn,
GENERIC_READ,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
0);
if (INVALID_HANDLE_VALUE == hFile)
{
hr = myHLastError();
_JumpErrorStr(hr, error, "CreateFile", pwszfn);
}
cbLow = GetFileSize(hFile, &cbHigh);
if (0xffffffff == cbLow)
{
hr = myHLastError();
_JumpError(hr, error, "GetFileSize");
}
*ppbData = (BYTE *) LocalAlloc(LMEM_FIXED, cbLow + 1);
if (NULL == *ppbData)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
if (!ReadFile(hFile, *ppbData, cbLow, &cbRead, NULL))
{
hr = myHLastError();
LocalFree(*ppbData);
*ppbData = NULL;
_JumpError(hr, error, "ReadFile");
}
(*ppbData)[cbLow] = '\0';
*pcbData = cbLow;
hr = S_OK;
error:
if (INVALID_HANDLE_VALUE != hFile)
{
CloseHandle(hFile);
}
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
// certTrimToken -- trim white space from the beginning and end of a line.
// Bump caller's string pointer, reduce the caller's input buffer count,
// and L'\0' terminate the result -- IN PLACE!
VOID
certTrimToken(
WCHAR **ppwsz)
{
WCHAR *pwsz;
WCHAR *pwszEnd;
static WCHAR wszTrim[] = L" \t\r\n";
pwsz = *ppwsz;
while (L'\0' != *pwsz)
{
if (NULL == wcschr(wszTrim, *pwsz))
{
break;
}
pwsz++;
}
pwszEnd = wcschr(pwsz, L'\0');
assert(NULL != pwszEnd);
while (pwsz < pwszEnd)
{
if (NULL == wcschr(wszTrim, *--pwszEnd))
{
break;
}
*pwszEnd = L'\0';
}
*ppwsz = pwsz;
}
BOOL
certExtractToken(
WCHAR **ppwszIn,
WCHAR const **ppwszOut)
{
WCHAR *pwsz;
WCHAR *pwszNext;
WCHAR *pwsz2;
BOOL fQuoted = FALSE;
pwsz = *ppwszIn;
while (L' ' == *pwsz || L'\t' == *pwsz)
{
pwsz++;
}
pwszNext = pwsz;
if (L'"' == *pwsz)
{
fQuoted = TRUE;
pwsz++;
pwszNext++;
while (TRUE)
{
// Find a mid-string escaped quote or the terminating quote.
pwszNext = wcschr(pwszNext, L'"');
if (NULL == pwszNext)
{
break; // missing terminating quote!
}
// If a terminating quote, terminate the string with L'\0',
// and point past the quoted string. Break to search for a comma.
if (L'"' != pwszNext[1])
{
*pwszNext++ = L'\0';
break;
}
// Found a mid-string escaped quote. Move the first part of the
// string forward one character position, overwriting the first
// quote character. Bump the string pointer to the new location,
// point pwszNext past the remaining quote character, and loop.
MoveMemory(
&pwsz[1],
pwsz,
SAFE_SUBTRACT_POINTERS(pwszNext, pwsz) * sizeof(*pwsz));
pwsz++;
pwszNext += 2;
}
}
if (NULL != pwszNext)
{
pwszNext = wcschr(pwszNext, L',');
}
if (NULL != pwszNext)
{
*pwszNext++ = L'\0';
}
else
{
pwszNext = wcschr(pwsz, L'\0');
assert(NULL != pwszNext);
}
certTrimToken(&pwsz);
*ppwszOut = pwsz;
*ppwszIn = pwszNext;
return(fQuoted || L'\0' != *pwsz);
}
// certExtractLine -- convert one line to Unicode and return it in a L'\0'
// terminated output buffer. Bump caller's input buffer pointer and reduce
// the caller's input buffer count.
HRESULT
certExtractLine(
IN char const **ppchLine,
IN OUT LONG *pcchLine,
OUT WCHAR *pwc,
IN OUT LONG *pcwc)
{
char const *pch;
char const *pchEnd;
LONG cch;
HRESULT hr = S_OK;
int cwc;
pch = *ppchLine;
cch = *pcchLine;
pchEnd = &pch[cch];
while (pch < pchEnd)
{
if ('\n' == *pch++)
{
pchEnd = pch;
cch = SAFE_SUBTRACT_POINTERS(pchEnd, *ppchLine);
break;
}
}
do
{
cwc = MultiByteToWideChar(GetACP(), 0, *ppchLine, cch, pwc, *pcwc - 1);
if (0 == cwc)
{
hr = myHLastError();
break;
}
pwc[cwc] = L'\0';
*pcwc = cwc;
*pcchLine -= cch;
*ppchLine = pchEnd;
} while (FALSE);
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
// Format of each line is:
// <name>, <OrgUnit>, <Organization>, <Locality>, <State>, <Country>, <Server Name>, <Exchange Cert>, <Self signed cert>, <Comment>
HRESULT
certParseLine(
char const **ppchLine,
LONG *pcchLine,
CERT_AUTHORITY_INFO *pcai,
WCHAR *pwsz,
LONG *pcwc)
{
HRESULT hr;
LONG cwc;
do
{
if (0 == *pcchLine)
{
hr = S_OK;
*pcwc = 0;
goto error;
}
cwc = *pcwc;
hr = certExtractLine(ppchLine, pcchLine, pwsz, &cwc);
if (S_OK != hr)
{
goto error;
}
*pcwc = cwc + 1;
certTrimToken(&pwsz);
} while (L'\0' == *pwsz || L'#' == *pwsz);
if (!certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedName) ||
!certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedOrgUnit) ||
!certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedOrganization) ||
!certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedLocality) ||
!certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedState) ||
!certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedCountry) ||
!certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedConfig) ||
!certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedExchangeCertificate) ||
!certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedSignatureCertificate))
{
hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
goto error;
}
certExtractToken(&pwsz, (WCHAR const **) &pcai->pwszSanitizedDescription);
pcai->Flags = CAIF_SHAREDFOLDERENTRY;
error:
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
LONG
certSkipLine(
IN char const **ppchData,
IN LONG *pcchData)
{
LONG cb = 0;
HRESULT hr;
do
{
CERT_AUTHORITY_INFO cai;
WCHAR awcLine[cwcCONFIGLINEMAX];
LONG cwc;
char const *pchData;
LONG cchData;
pchData = *ppchData;
cchData = *pcchData;
cwc = sizeof(awcLine)/sizeof(awcLine[0]);
hr = certParseLine(&pchData, &cchData, &cai, awcLine, &cwc);
if (S_OK != hr || 0 == cwc)
{
break;
}
cb = sizeof(cai) + cwc * sizeof(WCHAR);
*ppchData = pchData;
*pcchData = cchData;
} while (FALSE);
//printf("certSkipLine: %u bytes\n", cb);
CSASSERT(S_OK == hr || FAILED(hr));
return(cb);
}
VOID
certAppendBSFileName(
IN OUT WCHAR *pwszPath,
IN WCHAR *pwszBSFN) // backslash + filename.ext
{
DWORD cwc;
cwc = wcslen(pwszPath);
if (0 < cwc--)
{
if (L'\\' == pwszPath[cwc])
{
pwszPath[cwc] = L'\0';
}
}
wcscat(pwszPath, pwszBSFN);
}
HRESULT
certGetConfigFileName(
OUT WCHAR **ppwszFileConfig)
{
HRESULT hr;
DWORD dwLen;
DWORD dwType;
HKEY hKeyConfig = NULL;
WCHAR *pwszFileName = NULL;
*ppwszFileConfig = NULL;
do
{
hr = RegOpenKeyEx(
HKEY_LOCAL_MACHINE,
wszREGKEYCONFIGPATH,
0,
KEY_READ,
&hKeyConfig);
if (S_OK != hr)
{
_PrintErrorStr2(
hr,
"RegOpenKeyEx",
wszREGKEYCONFIGPATH,
ERROR_FILE_NOT_FOUND);
break;
}
// Get the size of the value first
hr = RegQueryValueEx(
hKeyConfig,
g_wszRegDirectory,
0,
&dwType,
NULL,
&dwLen);
if (S_OK != hr)
{
_PrintErrorStr2(
hr,
"RegQueryValueEx",
g_wszRegDirectory,
ERROR_FILE_NOT_FOUND);
break;
}
if (0 == dwLen)
{
hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
_PrintErrorStr2(hr, "RegQueryValueEx", g_wszRegDirectory, hr);
break;
}
// Allocate enough memory for the directory path plus the file name.
pwszFileName = (WCHAR *) LocalAlloc(LMEM_FIXED,
dwLen + (wcslen(g_wszConfigFile) + 1) * sizeof(WCHAR));
if (NULL == pwszFileName)
{
hr = E_OUTOFMEMORY;
_PrintError2(hr, "LocalAlloc", hr);
break;
}
hr = RegQueryValueEx(
hKeyConfig,
g_wszRegDirectory,
0,
&dwType,
(BYTE *) pwszFileName,
&dwLen);
if (S_OK != hr)
{
_PrintErrorStr(hr, "RegQueryValueEx", g_wszRegDirectory);
break;
}
if (L'\0' == *pwszFileName)
{
hr = S_OK;
break;
}
// Place config file name on end of path to open
certAppendBSFileName(pwszFileName, g_wszConfigFile);
*ppwszFileConfig = pwszFileName;
pwszFileName = NULL;
} while (FALSE);
if (NULL != pwszFileName)
{
LocalFree(pwszFileName);
}
if (NULL != hKeyConfig)
{
RegCloseKey(hKeyConfig);
}
return(myHError(hr));
}
HRESULT
certLoadConfigFile(
IN WCHAR const *pwszSharedFolder,
OUT BYTE **ppchData,
OUT DWORD *pcchData)
{
HRESULT hr;
WCHAR *pwszfn = NULL;
*ppchData = NULL;
*pcchData = 0;
if (NULL == pwszSharedFolder)
{
hr = certGetConfigFileName(&pwszfn);
_JumpIfError2(
hr,
error,
"certGetConfigFileName",
HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND));
}
else
{
pwszfn = (WCHAR *) LocalAlloc(
LMEM_FIXED,
(wcslen(pwszSharedFolder) + wcslen(g_wszConfigFile) + 1) *
sizeof(WCHAR));
if (NULL == pwszfn)
{
hr = E_OUTOFMEMORY;
_JumpError(hr, error, "LocalAlloc");
}
wcscpy(pwszfn, pwszSharedFolder);
certAppendBSFileName(pwszfn, g_wszConfigFile);
}
if (NULL != pwszfn)
{
hr = certLoadFile(pwszfn, ppchData, pcchData);
_JumpIfError3(
hr,
error,
"certLoadFile",
HRESULT_FROM_WIN32(ERROR_NETWORK_UNREACHABLE),
HRESULT_FROM_WIN32(ERROR_INVALID_NETNAME));
}
hr = S_OK;
error:
if (NULL != pwszfn)
{
LocalFree(pwszfn);
}
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
//+--------------------------------------------------------------------------
// certRequestGetConfig -- return config data for all requested authorities.
//
// *pIndex should be set to 0 prior to the first call. It will be modified by
// certRequestGetConfig to index the next entry after those returned.
//
// *pCount is a pointer to the number of authorities for which information is
// requested. Upon successful completion, *pCount will contain the number of
// authorities for which information is returned. If the returned value is
// less than requested (or 0) no more entries are available.
//
// ppCertAuthorityInfo is a pointer to an uninitialized pointer on input.
// Upon successful completion, a pointer to an array of CERT_AUTHORITY_INFO
// structures is returned. When the caller no longer needs the array, it must
// be freed by calling CertFreeMemory.
//
// Returns S_OK on success.
//+--------------------------------------------------------------------------
HRESULT
certRequestGetConfigInfo(
IN WCHAR *pwszSharedFolder,
IN OUT LONG *pIndex,
IN OUT LONG *pCount,
OUT CERT_AUTHORITY_INFO **ppCertAuthorityInfo)
{
HRESULT hr = S_OK;
LONG cSkip = *pIndex;
LONG cLine = *pCount;
DWORD cchData;
char const *pchData = NULL;
LONG cLineReturned = 0;
CERT_AUTHORITY_INFO *pcaiBase = NULL;
*ppCertAuthorityInfo = NULL;
do
{
char const *pch;
LONG cch;
char const *pchSave;
LONG cchSave;
LONG cbTotal;
CERT_AUTHORITY_INFO *pcai;
WCHAR *pwc;
LONG cwc;
LONG cwcRemain;
LONG i;
hr = certLoadConfigFile(pwszSharedFolder, (BYTE **) &pchData, &cchData);
if (S_OK != hr || (NULL == pchData && 0 == cchData))
{
break;
}
pch = pchData;
cch = cchData;
// Skip cSkip entries:
//printf("Skipping lines:\n");
for (i = 0; i < cSkip; i++)
{
if (0 == certSkipLine(&pch, &cch))
{
break; // ran out of config data
}
}
if (i < cSkip)
{
break; // no data to return
}
pchSave = pch;
cchSave = cch;
// Compute total size of cLine entries:
//printf("Sizing lines:\n");
cbTotal = 0;
for (i = 0; i < cLine; i++)
{
LONG cb;
cb = certSkipLine(&pch, &cch);
if (0 == cb)
{
cLine = i; // reduce return line count
break; // ran out of config data
}
cbTotal += cb;
}
if (0 == cLine)
{
break; // no data to return
}
pcaiBase = (CERT_AUTHORITY_INFO *) LocalAlloc(LMEM_FIXED, cbTotal);
if (NULL == pcaiBase)
{
hr = E_OUTOFMEMORY;
break;
}
//printf("Returning lines:\n");
pch = pchSave;
cch = cchSave;
pcai = pcaiBase;
pwc = (WCHAR *) &pcai[cLine];
cwcRemain = (cbTotal - sizeof(*pcai) * cLine)/sizeof(*pwc);
for (i = 0; i < cLine; i++)
{
cwc = cwcRemain;
hr = certParseLine(&pch, &cch, pcai, pwc, &cwc);
if (S_OK != hr)
{
break;
}
pcai++;
pwc += cwc;
cwcRemain -= cwc;
}
if (S_OK != hr)
{
break;
}
cLineReturned = cLine;
*ppCertAuthorityInfo = pcaiBase;
pcaiBase = NULL;
hr = S_OK;
} while (FALSE);
*pIndex += cLineReturned;
*pCount = cLineReturned;
if (NULL != pcaiBase)
{
LocalFree(pcaiBase);
}
if (NULL != pchData)
{
LocalFree(const_cast<char *>(pchData));
}
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}
HRESULT
myGetConfigFromPicker(
OPTIONAL IN HWND hwndParent,
OPTIONAL IN WCHAR const *pwszPrompt,
OPTIONAL IN WCHAR const *pwszTitle,
OPTIONAL IN WCHAR const *pwszSharedFolder,
IN BOOL fUseDS,
IN BOOL fCountOnly,
OUT DWORD *pdwCACount,
OUT CRYPTUI_CA_CONTEXT const **ppCAContext)
{
HRESULT hr;
CCertConfigPrivate configPrivate;
hr = configPrivate.GetConfigFromPicker(
hwndParent,
pwszPrompt,
pwszTitle,
pwszSharedFolder,
fUseDS,
fCountOnly,
pdwCACount,
ppCAContext);
_JumpIfError(hr, error, "configPrivate.GetConfigFromPicker");
error:
CSASSERT(S_OK == hr || FAILED(hr));
return(hr);
}