windows-nt/Source/XPSP1/NT/termsrv/remdsk/rds/t120/h/tprtsec.h

/*
 *	tprtsec.h
 *
 *	Copyright (c) 1997 by Microsoft Corp.
 *
 *	Author:
 *		Claus T. Giloi
 */

#ifndef	_TPRTSEC
#define	_TPRTSEC


#define SECURITY_WIN32
#include "sspi.h"
#include "spseal.h"
#include "schnlsp.h"

typedef BOOL (WINAPI *PFN_SSL_EMPTY_CACHE)(VOID);
#define SZ_SSLEMPTYCACHE "SslEmptyCache"

#ifdef UNICODE
#error "Compile time character width conflict"
// Above entry point strings need to be changed to unicode equivalents
// or abstracted.
#endif // UNICODE

/*
 *	This typedef defines the errors that can be returned from calls that are
 *	specific to TransportSecurity classes.
 */
typedef	enum
{
	TPRTSEC_NOERROR,
	TPRTSEC_NODLL,
	TPRTSEC_NOENTRYPT,
	TPRTSEC_SSPIFAIL,
	TPRTSEC_NOMEM,
	TPRTSEC_INVALID_PARAMETER,
	TPRTSEC_INCOMPLETE_CONTEXT,
	TPRTSEC_INVALID_STATE
} TransportSecurityError;

/*
 * This typedef defines the states that a security context object can be
 * in.
 */
typedef enum
{
	SECCTX_STATE_NEW,
	SECCTX_STATE_INIT,
	SECCTX_STATE_ACCEPT,
	SECCTX_STATE_INIT_COMPLETE,
	SECCTX_STATE_ACCEPT_COMPLETE,
	SECCTX_STATE_ERROR
} SecurityContextState;

/*
 *	This is simply a forward reference for the class defined below.  It is used
 *	in the definition of the owner callback structure defined in this section.
 */
class SecurityInterface;
typedef	SecurityInterface *		PSecurityInterface;
class SecurityContext;
typedef	SecurityContext *		PSecurityContext;

#ifdef DEBUG
extern void dumpbytes(PSTR szComment, PBYTE p, int cb);
#endif // DEBUG
extern BOOL InitCertList ( SecurityInterface * pSI, HWND hwnd);
extern BOOL SetUserPreferredCert ( SecurityInterface * pSI, DWORD dwCertID);

class SecurityInterface
{

	friend class SecurityContext;

	public:
								SecurityInterface ();
								~SecurityInterface ();

		TransportSecurityError Initialize ();
		TransportSecurityError InitializeCreds (PCCERT_CONTEXT);
		TransportSecurityError GetLastError(VOID) { return LastError; };

		BOOL GetUserCert(PBYTE pInfo, PDWORD pcbInfo);
	
	private:

		HINSTANCE				hSecurityDll;
		INIT_SECURITY_INTERFACE pfnInitSecurityInterface;
		PSecurityFunctionTable pfnTable;
		PFN_SSL_EMPTY_CACHE pfn_SslEmptyCache;
		

		PBYTE		m_pbEncodedCert;
		DWORD		m_cbEncodedCert;

		BOOL		bInboundCredentialValid;
		BOOL		bOutboundCredentialValid;
		CredHandle hInboundCredential;
		CredHandle hOutboundCredential;
		TimeStamp tsExpiry;
		TransportSecurityError LastError;
};


class SecurityContext
{
	public:

		SecurityContext (PSecurityInterface pSI, LPCSTR szHostName);
		~SecurityContext ();

		TransportSecurityError Initialize (PBYTE pData, DWORD cbData);
		TransportSecurityError Accept (PBYTE pData, DWORD cbData);
		TransportSecurityError Encrypt(LPBYTE pBufIn1, UINT cbBufIn1,
									LPBYTE pBufIn2, UINT cbBufIn2,
									LPBYTE *ppBufOut, UINT *pcbBufOut);
		TransportSecurityError Decrypt( PBYTE pszBuf,
								  DWORD cbBuf);
		PVOID GetTokenBuf(VOID) { return OutBuffers[0].pvBuffer; };
		ULONG GetTokenSiz(VOID) { return OutBuffers[0].cbBuffer; };
		BOOL ContinueNeeded(VOID) { return fContinueNeeded; };
		BOOL StateComplete(VOID) { return
									scstate == SECCTX_STATE_INIT_COMPLETE ||
									scstate == SECCTX_STATE_ACCEPT_COMPLETE; };
		BOOL WaitingForPacket(VOID) { return
									scstate == SECCTX_STATE_NEW ||
									scstate == SECCTX_STATE_ACCEPT ||
									scstate == SECCTX_STATE_INIT; };
		TransportSecurityError AdvanceState(PBYTE pBuf,DWORD cbBuf);
		BOOL EncryptOutgoing(VOID)
			{ return scstate == SECCTX_STATE_INIT_COMPLETE; };
		BOOL DecryptIncoming(VOID)
			{ return scstate == SECCTX_STATE_ACCEPT_COMPLETE; };
		ULONG GetStreamHeaderSize(VOID) { return Sizes.cbHeader; };
		ULONG GetStreamTrailerSize(VOID) { return Sizes.cbTrailer; };
		TransportSecurityError GetLastError(VOID) { return LastError; };
		BOOL GetUserCert(PBYTE pInfo, PDWORD pcbInfo);
		BOOL Verify(VOID);

	private:

		TransportSecurityError InitContextAttributes(VOID);

		PSecurityInterface pSecurityInterface;
		SecurityContextState		scstate;
		CHAR			szTargetName[128]; // Long enough for any dotted-decimal
										  // address, followed by 2 dwords in
										  // hex.
		BOOL			bContextHandleValid;
		CtxtHandle		hContext;
		TimeStamp		Expiration;
		SecPkgContext_StreamSizes Sizes;
		SecBufferDesc	OutputBufferDescriptor;
		SecBufferDesc	InputBufferDescriptor;
		SecBuffer		OutBuffers[1];
		SecBuffer		InBuffers[2];
		ULONG			ContextRequirements;
		ULONG			ContextAttributes;
		BOOL			fContinueNeeded;
		TransportSecurityError LastError;

};

// Codes used for GetSecurityInfo()
#define NOT_DIRECTLY_CONNECTED		-1
		
#endif // _TPRTSEC
Add source files 2020-09-26 03:20:57 -05:00			`/*`
			`* tprtsec.h`
			`*`
			`* Copyright (c) 1997 by Microsoft Corp.`
			`*`
			`* Author:`
			`* Claus T. Giloi`
			`*/`

			`#ifndef _TPRTSEC`
			`#define _TPRTSEC`


			`#define SECURITY_WIN32`
			`#include "sspi.h"`
			`#include "spseal.h"`
			`#include "schnlsp.h"`

			`typedef BOOL (WINAPI *PFN_SSL_EMPTY_CACHE)(VOID);`
			`#define SZ_SSLEMPTYCACHE "SslEmptyCache"`

			`#ifdef UNICODE`
			`#error "Compile time character width conflict"`
			`// Above entry point strings need to be changed to unicode equivalents`
			`// or abstracted.`
			`#endif // UNICODE`

			`/*`
			`* This typedef defines the errors that can be returned from calls that are`
			`* specific to TransportSecurity classes.`
			`*/`
			`typedef enum`
			`{`
			`TPRTSEC_NOERROR,`
			`TPRTSEC_NODLL,`
			`TPRTSEC_NOENTRYPT,`
			`TPRTSEC_SSPIFAIL,`
			`TPRTSEC_NOMEM,`
			`TPRTSEC_INVALID_PARAMETER,`
			`TPRTSEC_INCOMPLETE_CONTEXT,`
			`TPRTSEC_INVALID_STATE`
			`} TransportSecurityError;`

			`/*`
			`* This typedef defines the states that a security context object can be`
			`* in.`
			`*/`
			`typedef enum`
			`{`
			`SECCTX_STATE_NEW,`
			`SECCTX_STATE_INIT,`
			`SECCTX_STATE_ACCEPT,`
			`SECCTX_STATE_INIT_COMPLETE,`
			`SECCTX_STATE_ACCEPT_COMPLETE,`
			`SECCTX_STATE_ERROR`
			`} SecurityContextState;`

			`/*`
			`* This is simply a forward reference for the class defined below. It is used`
			`* in the definition of the owner callback structure defined in this section.`
			`*/`
			`class SecurityInterface;`
			`typedef SecurityInterface * PSecurityInterface;`
			`class SecurityContext;`
			`typedef SecurityContext * PSecurityContext;`

			`#ifdef DEBUG`
			`extern void dumpbytes(PSTR szComment, PBYTE p, int cb);`
			`#endif // DEBUG`
			`extern BOOL InitCertList ( SecurityInterface * pSI, HWND hwnd);`
			`extern BOOL SetUserPreferredCert ( SecurityInterface * pSI, DWORD dwCertID);`

			`class SecurityInterface`
			`{`

			`friend class SecurityContext;`

			`public:`
			`SecurityInterface ();`
			`~SecurityInterface ();`

			`TransportSecurityError Initialize ();`
			`TransportSecurityError InitializeCreds (PCCERT_CONTEXT);`
			`TransportSecurityError GetLastError(VOID) { return LastError; };`

			`BOOL GetUserCert(PBYTE pInfo, PDWORD pcbInfo);`

			`private:`

			`HINSTANCE hSecurityDll;`
			`INIT_SECURITY_INTERFACE pfnInitSecurityInterface;`
			`PSecurityFunctionTable pfnTable;`
			`PFN_SSL_EMPTY_CACHE pfn_SslEmptyCache;`


			`PBYTE m_pbEncodedCert;`
			`DWORD m_cbEncodedCert;`

			`BOOL bInboundCredentialValid;`
			`BOOL bOutboundCredentialValid;`
			`CredHandle hInboundCredential;`
			`CredHandle hOutboundCredential;`
			`TimeStamp tsExpiry;`
			`TransportSecurityError LastError;`
			`};`


			`class SecurityContext`
			`{`
			`public:`

			`SecurityContext (PSecurityInterface pSI, LPCSTR szHostName);`
			`~SecurityContext ();`

			`TransportSecurityError Initialize (PBYTE pData, DWORD cbData);`
			`TransportSecurityError Accept (PBYTE pData, DWORD cbData);`
			`TransportSecurityError Encrypt(LPBYTE pBufIn1, UINT cbBufIn1,`
			`LPBYTE pBufIn2, UINT cbBufIn2,`
			`LPBYTE ppBufOut, UINT pcbBufOut);`
			`TransportSecurityError Decrypt( PBYTE pszBuf,`
			`DWORD cbBuf);`
			`PVOID GetTokenBuf(VOID) { return OutBuffers[0].pvBuffer; };`
			`ULONG GetTokenSiz(VOID) { return OutBuffers[0].cbBuffer; };`
			`BOOL ContinueNeeded(VOID) { return fContinueNeeded; };`
			`BOOL StateComplete(VOID) { return`
			`scstate == SECCTX_STATE_INIT_COMPLETE \|\|`
			`scstate == SECCTX_STATE_ACCEPT_COMPLETE; };`
			`BOOL WaitingForPacket(VOID) { return`
			`scstate == SECCTX_STATE_NEW \|\|`
			`scstate == SECCTX_STATE_ACCEPT \|\|`
			`scstate == SECCTX_STATE_INIT; };`
			`TransportSecurityError AdvanceState(PBYTE pBuf,DWORD cbBuf);`
			`BOOL EncryptOutgoing(VOID)`
			`{ return scstate == SECCTX_STATE_INIT_COMPLETE; };`
			`BOOL DecryptIncoming(VOID)`
			`{ return scstate == SECCTX_STATE_ACCEPT_COMPLETE; };`
			`ULONG GetStreamHeaderSize(VOID) { return Sizes.cbHeader; };`
			`ULONG GetStreamTrailerSize(VOID) { return Sizes.cbTrailer; };`
			`TransportSecurityError GetLastError(VOID) { return LastError; };`
			`BOOL GetUserCert(PBYTE pInfo, PDWORD pcbInfo);`
			`BOOL Verify(VOID);`

			`private:`

			`TransportSecurityError InitContextAttributes(VOID);`

			`PSecurityInterface pSecurityInterface;`
			`SecurityContextState scstate;`
			`CHAR szTargetName[128]; // Long enough for any dotted-decimal`
			`// address, followed by 2 dwords in`
			`// hex.`
			`BOOL bContextHandleValid;`
			`CtxtHandle hContext;`
			`TimeStamp Expiration;`
			`SecPkgContext_StreamSizes Sizes;`
			`SecBufferDesc OutputBufferDescriptor;`
			`SecBufferDesc InputBufferDescriptor;`
			`SecBuffer OutBuffers[1];`
			`SecBuffer InBuffers[2];`
			`ULONG ContextRequirements;`
			`ULONG ContextAttributes;`
			`BOOL fContinueNeeded;`
			`TransportSecurityError LastError;`

			`};`

			`// Codes used for GetSecurityInfo()`
			`#define NOT_DIRECTLY_CONNECTED -1`

			`#endif // _TPRTSEC`