VirtualBox

source: vbox/trunk/src/VBox/Runtime/r3/win/RTCrStoreCreateSnapshotById-win.cpp

Last change on this file was 98103, checked in by vboxsync, 16 months ago

Copyright year updates by scm.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 8.7 KB
Line 
1/* $Id: RTCrStoreCreateSnapshotById-win.cpp 98103 2023-01-17 14:15:46Z vboxsync $ */
2/** @file
3 * IPRT - RTCrStoreCreateSnapshotById, Windows.
4 */
5
6/*
7 * Copyright (C) 2006-2023 Oracle and/or its affiliates.
8 *
9 * This file is part of VirtualBox base platform packages, as
10 * available from https://www.virtualbox.org.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation, in version 3 of the
15 * License.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, see <https://www.gnu.org/licenses>.
24 *
25 * The contents of this file may alternatively be used under the terms
26 * of the Common Development and Distribution License Version 1.0
27 * (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
28 * in the VirtualBox distribution, in which case the provisions of the
29 * CDDL are applicable instead of those of the GPL.
30 *
31 * You may elect to license modified versions of this file under the
32 * terms and conditions of either the GPL or the CDDL or both.
33 *
34 * SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
35 */
36
37
38/*********************************************************************************************************************************
39* Header Files *
40*********************************************************************************************************************************/
41#include <iprt/crypto/store.h>
42#include "internal/iprt.h"
43
44#include <iprt/assert.h>
45#include <iprt/errcore.h>
46#include <iprt/once.h>
47#include <iprt/ldr.h>
48
49#include <iprt/win/windows.h>
50
51
52/*********************************************************************************************************************************
53* Structures and Typedefs *
54*********************************************************************************************************************************/
55typedef HCERTSTORE (WINAPI *PFNCERTOPENSTORE)(PCSTR pszStoreProvider, DWORD dwEncodingType, HCRYPTPROV_LEGACY hCryptProv,
56 DWORD dwFlags, const void *pvParam);
57typedef BOOL (WINAPI *PFNCERTCLOSESTORE)(HCERTSTORE hCertStore, DWORD dwFlags);
58typedef PCCERT_CONTEXT (WINAPI *PFNCERTENUMCERTIFICATESINSTORE)(HCERTSTORE hCertStore, PCCERT_CONTEXT pPrevCertContext);
59
60
61
62static int rtCrStoreAddCertsFromNative(RTCRSTORE hStore, DWORD fStore, PCRTUTF16 pwszStoreName,
63 PFNCERTOPENSTORE pfnOpenStore, PFNCERTCLOSESTORE pfnCloseStore,
64 PFNCERTENUMCERTIFICATESINSTORE pfnEnumCerts, int rc, PRTERRINFO pErrInfo)
65{
66 DWORD fOpenStore = CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG;
67 HCERTSTORE hNativeStore = pfnOpenStore(CERT_STORE_PROV_SYSTEM_W, PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
68 NULL /* hCryptProv = default */, fStore | fOpenStore, pwszStoreName);
69 if (hNativeStore)
70 {
71 PCCERT_CONTEXT pCurCtx = NULL;
72 while ((pCurCtx = pfnEnumCerts(hNativeStore, pCurCtx)) != NULL)
73 {
74 if (pCurCtx->dwCertEncodingType & X509_ASN_ENCODING)
75 {
76 RTERRINFOSTATIC StaticErrInfo;
77 RTASN1CURSORPRIMARY PrimaryCursor;
78 RTAsn1CursorInitPrimary(&PrimaryCursor, pCurCtx->pbCertEncoded, pCurCtx->cbCertEncoded,
79 RTErrInfoInitStatic(&StaticErrInfo),
80 &g_RTAsn1DefaultAllocator, RTASN1CURSOR_FLAGS_DER, "CurCtx");
81 RTCRX509CERTIFICATE MyCert;
82 int rc2 = RTCrX509Certificate_DecodeAsn1(&PrimaryCursor.Cursor, 0, &MyCert, "Cert");
83 if (RT_SUCCESS(rc2))
84 {
85 rc2 = RTCrStoreCertAddEncoded(hStore, RTCRCERTCTX_F_ENC_X509_DER | RTCRCERTCTX_F_ADD_IF_NOT_FOUND,
86 pCurCtx->pbCertEncoded, pCurCtx->cbCertEncoded,
87 RTErrInfoInitStatic(&StaticErrInfo));
88 RTCrX509Certificate_Delete(&MyCert);
89 }
90 if (RT_FAILURE(rc2))
91 {
92 if (RTErrInfoIsSet(&StaticErrInfo.Core))
93 RTErrInfoAddF(pErrInfo, -rc2, " %s", StaticErrInfo.Core.pszMsg);
94 else
95 RTErrInfoAddF(pErrInfo, -rc2, " %Rrc adding cert", rc2);
96 rc = -rc2;
97 }
98 }
99 }
100 pfnCloseStore(hNativeStore, CERT_CLOSE_STORE_CHECK_FLAG);
101 }
102 else
103 {
104 DWORD uLastErr = GetLastError();
105 if (uLastErr != ERROR_FILE_NOT_FOUND)
106 rc = RTErrInfoAddF(pErrInfo, -RTErrConvertFromWin32(uLastErr),
107 " CertOpenStore(%#x,'%ls') failed: %u", fStore, pwszStoreName);
108 }
109 return rc;
110}
111
112
113
114RTDECL(int) RTCrStoreCreateSnapshotById(PRTCRSTORE phStore, RTCRSTOREID enmStoreId, PRTERRINFO pErrInfo)
115{
116 AssertReturn(enmStoreId > RTCRSTOREID_INVALID && enmStoreId < RTCRSTOREID_END, VERR_INVALID_PARAMETER);
117
118 /*
119 * Create an empty in-memory store.
120 */
121 RTCRSTORE hStore;
122 int rc = RTCrStoreCreateInMem(&hStore, 128);
123 if (RT_SUCCESS(rc))
124 {
125 *phStore = hStore;
126
127 /*
128 * Resolve the APIs we need to do this job.
129 */
130 RTLDRMOD hLdrMod;
131 int rc2 = RTLdrLoadSystem("crypt32.dll", false /*NoUnload*/, &hLdrMod);
132 if (RT_SUCCESS(rc2))
133 {
134 PFNCERTOPENSTORE pfnOpenStore = NULL;
135 rc2 = RTLdrGetSymbol(hLdrMod, "CertOpenStore", (void **)&pfnOpenStore);
136
137 PFNCERTCLOSESTORE pfnCloseStore = NULL;
138 if (RT_SUCCESS(rc2))
139 rc2 = RTLdrGetSymbol(hLdrMod, "CertCloseStore", (void **)&pfnCloseStore);
140
141 PFNCERTENUMCERTIFICATESINSTORE pfnEnumCerts = NULL;
142 if (RT_SUCCESS(rc2))
143 rc2 = RTLdrGetSymbol(hLdrMod, "CertEnumCertificatesInStore", (void **)&pfnEnumCerts);
144 if (RT_SUCCESS(rc2))
145 {
146 /*
147 * Do the work.
148 */
149 DWORD fStore = CERT_SYSTEM_STORE_CURRENT_USER;
150 switch (enmStoreId)
151 {
152 case RTCRSTOREID_SYSTEM_TRUSTED_CAS_AND_CERTIFICATES:
153 case RTCRSTOREID_SYSTEM_INTERMEDIATE_CAS:
154 fStore = CERT_SYSTEM_STORE_LOCAL_MACHINE;
155 RT_FALL_THRU();
156 case RTCRSTOREID_USER_TRUSTED_CAS_AND_CERTIFICATES:
157 case RTCRSTOREID_USER_INTERMEDIATE_CAS:
158 {
159 /** @todo CA and MY in s_apwszRootStores are _very_ questionable!!! However,
160 * curl may need them to work correct and it doesn't seem to have any
161 * intermediate ca file. :/ */
162 static PCRTUTF16 const s_apwszRootStores[] = { L"AuthRoot", L"CA", L"MY", L"Root" };
163 static PCRTUTF16 const s_apwszIntermediateStores[] = { L"CA", L"MY" };
164 PCRTUTF16 const *papwszStores = s_apwszRootStores;
165 uint32_t cStores = RT_ELEMENTS(s_apwszRootStores);
166 if (enmStoreId == RTCRSTOREID_USER_INTERMEDIATE_CAS || enmStoreId == RTCRSTOREID_SYSTEM_INTERMEDIATE_CAS)
167 {
168 papwszStores = s_apwszIntermediateStores;
169 cStores = RT_ELEMENTS(s_apwszIntermediateStores);
170 }
171
172 for (uint32_t i = 0; i < cStores; i++)
173 rc = rtCrStoreAddCertsFromNative(hStore, fStore, papwszStores[i], pfnOpenStore, pfnCloseStore,
174 pfnEnumCerts, rc, pErrInfo);
175 break;
176 }
177
178 default:
179 AssertFailed(); /* implement me */
180 }
181 }
182 else
183 rc = RTErrInfoSetF(pErrInfo, -rc2, "Error resolving crypt32.dll APIs");
184 RTLdrClose(hLdrMod);
185 }
186 else
187 rc = RTErrInfoSetF(pErrInfo, -rc2, "Error loading crypt32.dll");
188 }
189 else
190 RTErrInfoSet(pErrInfo, rc, "RTCrStoreCreateInMem failed");
191 return rc;
192}
193RT_EXPORT_SYMBOL(RTCrStoreCreateSnapshotById);
194
Note: See TracBrowser for help on using the repository browser.

© 2023 Oracle
ContactPrivacy policyTerms of Use