windows-nt/Source/XPSP1/NT/termsrv/remdsk/rds/t120/h/tprtsec.h
2020-09-26 16:20:57 +08:00

171 lines
4.5 KiB
C++

/*
* tprtsec.h
*
* Copyright (c) 1997 by Microsoft Corp.
*
* Author:
* Claus T. Giloi
*/
#ifndef _TPRTSEC
#define _TPRTSEC
#define SECURITY_WIN32
#include "sspi.h"
#include "spseal.h"
#include "schnlsp.h"
typedef BOOL (WINAPI *PFN_SSL_EMPTY_CACHE)(VOID);
#define SZ_SSLEMPTYCACHE "SslEmptyCache"
#ifdef UNICODE
#error "Compile time character width conflict"
// Above entry point strings need to be changed to unicode equivalents
// or abstracted.
#endif // UNICODE
/*
* This typedef defines the errors that can be returned from calls that are
* specific to TransportSecurity classes.
*/
typedef enum
{
TPRTSEC_NOERROR,
TPRTSEC_NODLL,
TPRTSEC_NOENTRYPT,
TPRTSEC_SSPIFAIL,
TPRTSEC_NOMEM,
TPRTSEC_INVALID_PARAMETER,
TPRTSEC_INCOMPLETE_CONTEXT,
TPRTSEC_INVALID_STATE
} TransportSecurityError;
/*
* This typedef defines the states that a security context object can be
* in.
*/
typedef enum
{
SECCTX_STATE_NEW,
SECCTX_STATE_INIT,
SECCTX_STATE_ACCEPT,
SECCTX_STATE_INIT_COMPLETE,
SECCTX_STATE_ACCEPT_COMPLETE,
SECCTX_STATE_ERROR
} SecurityContextState;
/*
* This is simply a forward reference for the class defined below. It is used
* in the definition of the owner callback structure defined in this section.
*/
class SecurityInterface;
typedef SecurityInterface * PSecurityInterface;
class SecurityContext;
typedef SecurityContext * PSecurityContext;
#ifdef DEBUG
extern void dumpbytes(PSTR szComment, PBYTE p, int cb);
#endif // DEBUG
extern BOOL InitCertList ( SecurityInterface * pSI, HWND hwnd);
extern BOOL SetUserPreferredCert ( SecurityInterface * pSI, DWORD dwCertID);
class SecurityInterface
{
friend class SecurityContext;
public:
SecurityInterface ();
~SecurityInterface ();
TransportSecurityError Initialize ();
TransportSecurityError InitializeCreds (PCCERT_CONTEXT);
TransportSecurityError GetLastError(VOID) { return LastError; };
BOOL GetUserCert(PBYTE pInfo, PDWORD pcbInfo);
private:
HINSTANCE hSecurityDll;
INIT_SECURITY_INTERFACE pfnInitSecurityInterface;
PSecurityFunctionTable pfnTable;
PFN_SSL_EMPTY_CACHE pfn_SslEmptyCache;
PBYTE m_pbEncodedCert;
DWORD m_cbEncodedCert;
BOOL bInboundCredentialValid;
BOOL bOutboundCredentialValid;
CredHandle hInboundCredential;
CredHandle hOutboundCredential;
TimeStamp tsExpiry;
TransportSecurityError LastError;
};
class SecurityContext
{
public:
SecurityContext (PSecurityInterface pSI, LPCSTR szHostName);
~SecurityContext ();
TransportSecurityError Initialize (PBYTE pData, DWORD cbData);
TransportSecurityError Accept (PBYTE pData, DWORD cbData);
TransportSecurityError Encrypt(LPBYTE pBufIn1, UINT cbBufIn1,
LPBYTE pBufIn2, UINT cbBufIn2,
LPBYTE *ppBufOut, UINT *pcbBufOut);
TransportSecurityError Decrypt( PBYTE pszBuf,
DWORD cbBuf);
PVOID GetTokenBuf(VOID) { return OutBuffers[0].pvBuffer; };
ULONG GetTokenSiz(VOID) { return OutBuffers[0].cbBuffer; };
BOOL ContinueNeeded(VOID) { return fContinueNeeded; };
BOOL StateComplete(VOID) { return
scstate == SECCTX_STATE_INIT_COMPLETE ||
scstate == SECCTX_STATE_ACCEPT_COMPLETE; };
BOOL WaitingForPacket(VOID) { return
scstate == SECCTX_STATE_NEW ||
scstate == SECCTX_STATE_ACCEPT ||
scstate == SECCTX_STATE_INIT; };
TransportSecurityError AdvanceState(PBYTE pBuf,DWORD cbBuf);
BOOL EncryptOutgoing(VOID)
{ return scstate == SECCTX_STATE_INIT_COMPLETE; };
BOOL DecryptIncoming(VOID)
{ return scstate == SECCTX_STATE_ACCEPT_COMPLETE; };
ULONG GetStreamHeaderSize(VOID) { return Sizes.cbHeader; };
ULONG GetStreamTrailerSize(VOID) { return Sizes.cbTrailer; };
TransportSecurityError GetLastError(VOID) { return LastError; };
BOOL GetUserCert(PBYTE pInfo, PDWORD pcbInfo);
BOOL Verify(VOID);
private:
TransportSecurityError InitContextAttributes(VOID);
PSecurityInterface pSecurityInterface;
SecurityContextState scstate;
CHAR szTargetName[128]; // Long enough for any dotted-decimal
// address, followed by 2 dwords in
// hex.
BOOL bContextHandleValid;
CtxtHandle hContext;
TimeStamp Expiration;
SecPkgContext_StreamSizes Sizes;
SecBufferDesc OutputBufferDescriptor;
SecBufferDesc InputBufferDescriptor;
SecBuffer OutBuffers[1];
SecBuffer InBuffers[2];
ULONG ContextRequirements;
ULONG ContextAttributes;
BOOL fContinueNeeded;
TransportSecurityError LastError;
};
// Codes used for GetSecurityInfo()
#define NOT_DIRECTLY_CONNECTED -1
#endif // _TPRTSEC