handlecontainer.cpp

PKCS#11的微软CSP实现源码

/****************************************************************************
* library : pkcs_csp.dll
* Purpose : It is a cryptographic service provider which is an independent 
* software module that actually performs cryptography algorithms for 
* authentication, encoding, and encryption.
* This DLL can be interfaced on any PKCS#11 module.  
*
* Copyright (C) 2003 Ilex Syst鑝es Informatiques
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* Contact :
* Ilex 
* 51 boulevard Voltaire
* 92600 Asni鑢es-sur-Seine
* pkizy@ilex.fr
*
* Author: Delouvrier Antoine
*
*******************************************************************************/

/*
%----------------------------------------------------------------------------
% PROJECT : CSP_PKCS
%
% MODULE : HandleContainer
%
% VERSION : 1.00
%
% FILE : HandleContainer.cpp
%
% this Class allows to manage a container. When an application obtains a context
% on a container it is this class which deals with thereafter all the entrance
% points of the DLL for this specific container. The entrance points are redirected to 
% PKCS#11 functions or to Microsoft Provider functions.
%----------------------------------------------------------------------------
% Version 1.00
% 
% CPX-31/03/2003-Creation
%----------------------------------------------------------------------------
% You can find wincrypt.h in the CSPDK which is downloadable at the adress :
% http://www.microsoft.com/downloads/details.aspx?FamilyId=0F436C75-2304-42BB-B81A-BA0C2C47BAC2&displaylang=en

*/ 


/*
% Libraries ANSI or system
%------------------------------
*/

#include <windows.h>
#include <stdio.h>
#include "assert.h"


/*
% HEADER Files include
%-----------------------
*/
#include "handlecontainer.h"
#include "csp_pkcs_const.h"
#include "resource.h"



#define CONTAINER_NAME TEXT("PKCS_CSP")

extern "C" extern HINSTANCE g_hModule;

typedef struct SessionKeyHeader
{
	BLOBHEADER blobHeader;
	ALG_ID algid;
} SessionKeyHeader, *pSessionKeyHeader;


//Initialization of static member variable
TableOfHandle HandleContainer::handles_Container;

/*
%--------------------------------------------------------------------------
% HandleContainer()
%
% R鬺e : HandleContainer() is the constructor of the class handlecontainer
%
%---------------------------------------------------------------------------
*/
HandleContainer::HandleContainer() 
{
}

/*
%--------------------------------------------------------------------------
% ~HandleContainer()
%
% destructor 
%---------------------------------------------------------------------------
*/

HandleContainer::~HandleContainer()
{
	TRACE(__LINE__,"~HandleContainer() ",NULL);
	handles_Container.RemoveEntry(this);

}

/*
%--------------------------------------------------------------------------
% Initialize
%
% R鬺e : Initialize est utilis閑 pour initialiser l'objet handlecontainer
%
% Parameters of entry  :
%						IN pszContainer	Name of the container
%						IN dwFlags		Value of a flag of the type(CRYPT_VERIFYCONTEXT\CRYPT_NEWKEYSET),according to this value one can or not to make certain operations on the container
%						IN pVTable		Pointer on a VTableProvStruc structure containing a list of functions callback provided by the operating software for the use of the CSP.
%  
% return :	TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/

BOOL HandleContainer::CreateHandleContainer(const CHAR IN * const pszContainer,const DWORD IN dwFlags, PVTableProvStruc IN pVTable)
{
	TRACE(__LINE__,"HandleContainer::CreateHandleContainer BEGIN : %d %d %d",pszContainer,dwFlags,pVTable);

	
	if(!AcquireMicrosoftContext()){
		TRACE(__LINE__,"HandleContainer::CreateHandleContainer ERROR : %d %d %d",pszContainer,dwFlags,pVTable);
		return FALSE;
	}


	if((dwFlags & CRYPT_MACHINE_KEYSET) == CRYPT_MACHINE_KEYSET)
	{
		TRACE(__LINE__,"HandleContainer::CreateHandleContainer ERROR : %d %d %d",pszContainer,dwFlags,pVTable);
		SetLastError(NTE_BAD_FLAGS);
		return FALSE;
	}
	if((dwFlags & CRYPT_VERIFYCONTEXT) == CRYPT_VERIFYCONTEXT){
		if(!handles_Container.AddEntry(this))
		{
			TRACE(__LINE__,"HandleContainer::CreateHandleContainer ERROR : %d %d %d",pszContainer,dwFlags,pVTable);
			SetLastError(NTE_NO_MEMORY);
			return FALSE;
		}
		TRACE(__LINE__,"HandleContainer::CreateHandleContainer TRUE : %d %d %d",pszContainer,dwFlags,pVTable);
		return TRUE;
	}
	if((dwFlags & CRYPT_NEWKEYSET) == CRYPT_NEWKEYSET)
	{
		TRACE(__LINE__,"HandleContainer::CreateHandleContainer ERROR : %d %d %d",pszContainer,dwFlags,pVTable);
		SetLastError(NTE_EXISTS);
		return FALSE;
	
	}
	else if((dwFlags&CRYPT_DELETEKEYSET) == CRYPT_DELETEKEYSET)
	{
		TRACE(__LINE__,"HandleContainer::CreateHandleContainer ERROR : %d %d %d",pszContainer,dwFlags,pVTable);
		SetLastError(NTE_BAD_KEYSET);
		return FALSE;
		
	}
	else 
	{
		currentPContainer = Pkcs::GetContainer(pszContainer);
		if(!currentPContainer)
		{
			/* If the table of the containers do not exist or if it must change to release that of front*/
			Pkcs::FreeContainer();
			/* recreate a table*/
			Pkcs::CreateContainerTable();
			currentPContainer = Pkcs::GetContainer(pszContainer);
			int ret;
			while(!currentPContainer){
				ret=MessageBox(NULL,"Please insert the card corresponding to the selected certificate.","Insert your card",MB_OKCANCEL|MB_ICONQUESTION|MB_SYSTEMMODAL);
				if(ret==IDCANCEL){
					TRACE(__LINE__,"HandleContainer::CreateHandleContainer ERROR : %d %d %d",pszContainer,dwFlags,pVTable);
					SetLastError(NTE_BAD_KEYSET);
					return FALSE;
				}
				/* If the table of the containers do not exist or if it must change to release that of front*/
				Pkcs::FreeContainer();
				/* recreate a table*/
				Pkcs::CreateContainerTable();
				currentPContainer = Pkcs::GetContainer(pszContainer);
			}
			
			
		}
	}

	if(!handles_Container.AddEntry(this))
	{
		TRACE(__LINE__,"HandleContainer::CreateHandleContainer ERROR : %d %d %d",pszContainer,dwFlags,pVTable);
		SetLastError(NTE_NO_MEMORY);
		return FALSE;
	}


	TRACE(__LINE__,"HandleContainer::CreateHandleContainer TRUE : %d %d %d",pszContainer,dwFlags,pVTable);
	return TRUE;
}



/*
%--------------------------------------------------------------------------
% AcquireMicrosoftContext
%
% AcquireMicrosoftContext is used to acquire a context to a microsoft provider 
%		 
%
% return :	TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
BOOL HandleContainer::AcquireMicrosoftContext()
{
	CHAR szProviderName[MAX_PATH] = {0};

	/* Try first with enhanced provider , if it fails , try with base provider */
	strcpy(szProviderName,MS_ENHANCED_PROV);

	if(CryptAcquireContext(&microsoft_Provider, CONTAINER_NAME, szProviderName, PROV_RSA_FULL, CRYPT_NEWKEYSET))
	{
		return TRUE;
	}
	/* if the container already exists, try to open it */
	if(NTE_EXISTS == GetLastError())
	{
		if(CryptAcquireContext(&microsoft_Provider, CONTAINER_NAME, szProviderName, PROV_RSA_FULL,0))
		{
			return TRUE;
		}
	}
	/* the Enhanded provider is not found , try the base provider    */
	strcpy(szProviderName, MS_DEF_PROV);
	if(CryptAcquireContext(&microsoft_Provider, CONTAINER_NAME, szProviderName, PROV_RSA_FULL, CRYPT_NEWKEYSET))
	{
		return TRUE;
	}
	/* if the container already exists, try to open it */
	if(NTE_EXISTS == GetLastError())
	{
		if(CryptAcquireContext(&microsoft_Provider, CONTAINER_NAME, szProviderName, PROV_RSA_FULL, 0))
		{
			return TRUE;
		}
	}

	microsoft_Provider = NULL;
	return FALSE;
}




/*
%--------------------------------------------------------------------------
% VerifyHandleContainer
%
% VerifyHandleContainer allows to check the existence of a context
%
% Parameters of entry  :
%						IN handleContainer	handle to verify
%  
% return :	TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
bool HandleContainer::VerifyHandleContainer(HandleContainer* handleContainer)
{
	TRACE(__LINE__,"HandleContainer::VerifyHandleContainer : %d ",handleContainer);
	return handles_Container.VerifyEntry(handleContainer);
	
}

/*
%--------------------------------------------------------------------------
% CreateHash
%
% CreateHash is used to return a handle on the creation of a hash object: 
% managed by Provider Microsoft
%
% Parameters of entry  :
%						IN Algid	- Algorithm used for the hashing
%						IN hKey		- If the type of hash algorithm is a keyed hash, such as the HMAC or MAC algorithm, the key for the hash is passed in this parameter. For nonkeyed algorithms, this parameter must be set to zero 
%						IN dwFlags	- not used
%						OUT phHash	- address to which one copies the handle hashed object
%  
% return :	TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
BOOL HandleContainer::CreateHash(ALG_ID Algid, HCRYPTKEY hCryptKey, DWORD dwFlags, HCRYPTHASH* phHash)
{
	TRACE(__LINE__,"HandleContainer::CreateHash ",NULL);
	return CryptCreateHash(microsoft_Provider,Algid, hCryptKey, dwFlags, phHash);
}


/*
%--------------------------------------------------------------------------
% DestroyHash
%
% DestroyHash is used to destroy a hash object:  managed by Provider Microsoft
%
% Parameters of entry  :
%						IN hHash	- Handle on a hash object to be destroyed
%  
% return :	TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/

BOOL HandleContainer::DestroyHash(HCRYPTHASH hHash)
{
	TRACE(__LINE__,"HandleContainer::DestroyHash ",NULL);
	return CryptDestroyHash(hHash);
}


/*
%--------------------------------------------------------------------------
% GetHashParam
%
% GetHashParam seeks data about the operations of a hash object.  The actual
% value of the hashing can be obtained by using this function: 
% managed by Provider Microsoft
%
% Parameters of entry  :
%						IN hHash		- Handle on a hashed object
%						IN ulParametre  - value of the parameter
%						IN pulDataLen   - Length of the parameter pucData 
%						IN ulFlags		- Values of the flag 
%
% Parameters of exit :
%						OUT	pucData		- Address to which the function copies the data corresponding to the ulParametre
%  
% return :	TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
BOOL HandleContainer::GetHashParam(HCRYPTHASH hHash, DWORD dwParam, BYTE* pbData, DWORD*pdwDataLen, DWORD dwFlags)
{
	TRACE(__LINE__,"HandleContainer::GetHashParam ",NULL);
	return CryptGetHashParam(hHash, dwParam, pbData, pdwDataLen, dwFlags);
}


/*
%--------------------------------------------------------------------------
% HashData
%
% HashData is used to carry out a hashing starting from a handle on a hash object:
% managed by Provider Microsoft
%
% Parameters of entry  :
%						IN hHash	- Handle on a hashed object
%						IN pbData	- address containing the data to be hashed
%						IN cbDataLen - length in bytes of the data to be hashed
%						IN dwFlags	- not used
%  
% return :	TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
BOOL HandleContainer::HashData(HCRYPTHASH hHash, CONST BYTE* pbData, DWORD dwDatalen, DWORD dwFlags)
{
	TRACE(__LINE__,"HandleContainer::HashData ",NULL);
	return CryptHashData(hHash, pbData, dwDatalen, dwFlags);
}





/*
%--------------------------------------------------------------------------
% SetHashParam
%
% SetHashParam adapts the operations to the customer requirements of the hashed data: 
% managed by Provider Microsoft
%
% Parameters of entry  :
%						IN hHash		- Handle on a hash object
%						IN ulParametre  - value of the parameter
%						IN pucData		- Pointer on data corresponding to the last ulParametre   
%						IN ulFlags		- Values of the flag 
%
% return :	TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
BOOL HandleContainer::SetHashParam(HCRYPTHASH hHash, DWORD dwParam, BYTE*pbData, DWORD dwFlags)
{
	TRACE(__LINE__,"HandleContainer::SetHashParam ",NULL);
	return CryptSetHashParam(hHash,dwParam,pbData,dwFlags);
}


BOOL HandleContainer::GetProvParam(DWORD dwParam, BYTE* pbData, DWORD* pdwDataLen, DWORD dwFlags)
{

	switch(dwParam)
	{
	case PP_ENUMALGS:
		TRACE(__LINE__,"HandleContainer::CryptGetProvParam  PP_ENUMALGS",NULL);
		return CryptGetProvParam(microsoft_Provider, PP_ENUMALGS, pbData, pdwDataLen, dwFlags);
	case PP_ENUMALGS_EX:
		TRACE(__LINE__,"HandleContainer::CryptGetProvParam  PP_ENUMALGS_EX",NULL);
		return CryptGetProvParam(microsoft_Provider, PP_ENUMALGS_EX, pbData, pdwDataLen, dwFlags);
	case PP_PROVTYPE :
		TRACE(__LINE__,"HandleContainer::CryptGetProvParam  PP_PROVTYPE",NULL);
		return FALSE;
	default:
		SetLastError(NTE_BAD_TYPE);
		return FALSE;
	}
	return FALSE;
}


/*
%--------------------------------------------------------------------------
% Encrypt
%
% Encrypt is used to cipher  data:  managed by Provider Microsoft
%