From a2cab07a30ea3a0b65ba363d23326e81a671d9b8 Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Wed, 2 Mar 2022 11:59:26 +0100 Subject: [PATCH] WinStd: Update Signed-off-by: Simon Rozman --- EAPMethods/Main_UI.cpp | 2 +- EAPMethods/Register.cpp | 12 ++++++++---- EAPMethods/Register_UI.cpp | 12 ++++++++---- EventMonitor/ETWLog.cpp | 4 ++-- EventMonitor/Frame.cpp | 11 +++-------- MsiUseFeature/Main.cpp | 7 ++++--- WLANManager/Main.cpp | 13 +++++++------ lib/EAPBase/include/EAP.h | 2 +- lib/EAPBase/include/Module.h | 12 ++++++------ lib/EAPBase/src/Credentials.cpp | 6 +++--- lib/EAPBase/src/Module.cpp | 9 ++++----- lib/EAPBase_UI/include/EAP_UI.h | 14 +++++++------- lib/EAPBase_UI/src/EAP_UI.cpp | 24 ++++++++++++------------ lib/EAPBase_UI/src/Module.cpp | 4 ++-- lib/EapHost_UI/src/EapHost_UI.cpp | 4 ++-- lib/Events/src/Register.cpp | 30 ++++++++++++++++++++---------- lib/GTC_UI/src/GTC_UI.cpp | 4 ++-- lib/MSCHAPv2/src/MSCHAPv2.cpp | 12 ++++++------ lib/MSCHAPv2/src/Method.cpp | 2 +- lib/TLS/include/Module.h | 4 ++-- lib/TLS/src/Config.cpp | 4 ++-- lib/TLS/src/Credentials.cpp | 6 +++--- lib/TLS/src/Method.cpp | 11 ++++++----- lib/TLS/src/Module.cpp | 2 +- lib/TLS_UI/src/TLS_UI.cpp | 22 +++++++++++----------- lib/WinStd | 2 +- 26 files changed, 125 insertions(+), 110 deletions(-) diff --git a/EAPMethods/Main_UI.cpp b/EAPMethods/Main_UI.cpp index cf8a1d7..8d1853d 100644 --- a/EAPMethods/Main_UI.cpp +++ b/EAPMethods/Main_UI.cpp @@ -171,7 +171,7 @@ DWORD WINAPI EapPeerConfigBlob2Xml( // Create configuration XML document. com_obj pConfigDoc; - if (FAILED(hr = pConfigDoc.create(CLSID_DOMDocument60, NULL, CLSCTX_INPROC_SERVER))) + if (FAILED(hr = CoCreateInstance(CLSID_DOMDocument60, NULL, CLSCTX_INPROC_SERVER, pConfigDoc))) return dwResult = g_peer.log_error(ppEapError, HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error creating XML document.")); pConfigDoc->put_async(VARIANT_FALSE); diff --git a/EAPMethods/Register.cpp b/EAPMethods/Register.cpp index a71f6b7..1d3549f 100644 --- a/EAPMethods/Register.cpp +++ b/EAPMethods/Register.cpp @@ -44,12 +44,15 @@ STDAPI DllRegisterServer() try { tstring sz, sz2; reg_key key_methods, key_author, key_method; - if (!key_methods.open(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_CREATE_SUB_KEY)) throw win_runtime_error(); + LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_CREATE_SUB_KEY, key_methods); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); sprintf(sz, _T("%u"), EAPMETHOD_AUTHOR_ID); - if (!key_author.create(key_methods, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); + s = RegCreateKeyEx(key_methods, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_author, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); set_value(key_author, NULL, _T(PRODUCT_NAME_STR)); sprintf(sz, _T("%u"), EAPMETHOD_TYPE); - if (!key_method.create(key_author, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); + s = RegCreateKeyEx(key_author, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_method, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); if (!GetModuleFileName(g_peer.m_instance, sz)) throw win_runtime_error("GetModuleFileName failed."); sprintf(sz2, _T("@%s,-1"), sz.c_str()); set_value(key_method, _T("PeerDllPath") , sz); @@ -77,7 +80,8 @@ STDAPI DllUnregisterServer() try { tstring sz; reg_key key_methods; - if (!key_methods.open(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_READ)) throw win_runtime_error(); + LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_READ, key_methods); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); sprintf(sz, _T("%u\\%u"), EAPMETHOD_AUTHOR_ID, EAPMETHOD_TYPE); if (!key_methods.delete_subkey(sz.c_str())) throw win_runtime_error(); } catch(...) {} diff --git a/EAPMethods/Register_UI.cpp b/EAPMethods/Register_UI.cpp index 939023b..221d744 100644 --- a/EAPMethods/Register_UI.cpp +++ b/EAPMethods/Register_UI.cpp @@ -44,12 +44,15 @@ STDAPI DllRegisterServer() try { tstring sz; reg_key key_methods, key_author, key_method; - if (!key_methods.open(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_CREATE_SUB_KEY)) throw win_runtime_error(); + LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_CREATE_SUB_KEY, key_methods); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); sprintf(sz, _T("%u"), EAPMETHOD_AUTHOR_ID); - if (!key_author.create(key_methods, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); + s = RegCreateKeyEx(key_methods, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_author, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); set_value(key_author, NULL, _T(PRODUCT_NAME_STR)); sprintf(sz, _T("%u"), EAPMETHOD_TYPE); - if (!key_method.create(key_author, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); + s = RegCreateKeyEx(key_author, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_method, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); if (!GetModuleFileName(g_peer.m_instance, sz)) throw win_runtime_error("GetModuleFileName failed."); set_value(key_method, _T("PeerConfigUIPath") , sz); set_value(key_method, _T("PeerIdentityPath") , sz); @@ -78,7 +81,8 @@ STDAPI DllUnregisterServer() try { tstring sz; reg_key key_methods; - if (!key_methods.open(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_READ)) throw win_runtime_error(); + LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_READ, key_methods); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); sprintf(sz, _T("%u\\%u"), EAPMETHOD_AUTHOR_ID, EAPMETHOD_TYPE); key_methods.delete_subkey(sz.c_str()); } catch(...) {} diff --git a/EventMonitor/ETWLog.cpp b/EventMonitor/ETWLog.cpp index 7815e8e..179dd07 100644 --- a/EventMonitor/ETWLog.cpp +++ b/EventMonitor/ETWLog.cpp @@ -64,8 +64,8 @@ wxEventTraceProcessorThread::wxEventTraceProcessorThread(wxEvtHandler *parent, c for (size_t i = 0, i_end = sessions.GetCount(); i < i_end; i++) { // Open trace. tlf.LoggerName = const_cast((LPCTSTR)(sessions[i])); - event_trace trace; - if (!trace.create(&tlf)) { + event_trace trace(OpenTrace(&tlf)); + if (!trace) { wxLogError(_("Error opening event trace (error %u)."), GetLastError()); continue; } diff --git a/EventMonitor/Frame.cpp b/EventMonitor/Frame.cpp index fe93cd8..3ff506e 100644 --- a/EventMonitor/Frame.cpp +++ b/EventMonitor/Frame.cpp @@ -33,14 +33,9 @@ wxEventMonitorFrame::wxEventMonitorFrame(wxWindow* parent, wxWindowID id, const wxString prod_status_bar; prod_status_bar.Printf(_("Toggles display of %s records"), wxT(PRODUCT_NAME_STR)); - winstd::library lib_comres; - lib_comres.load(_T("comres.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE); - - winstd::library lib_ieframe; - lib_ieframe.load(_T("ieframe.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE); - - winstd::library lib_shell32; - lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE); + winstd::library lib_comres(LoadLibraryEx(_T("comres.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + winstd::library lib_ieframe(LoadLibraryEx(_T("ieframe.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); wxSize size_menu(GetSystemMetrics(SM_CXSMICON), GetSystemMetrics(SM_CYSMICON)); wxSize size_tool(size_menu); diff --git a/MsiUseFeature/Main.cpp b/MsiUseFeature/Main.cpp index 856148e..37cccde 100644 --- a/MsiUseFeature/Main.cpp +++ b/MsiUseFeature/Main.cpp @@ -40,13 +40,14 @@ static int MsiUseFeature() if (nArgs > 2) { reg_key key; - if (!key.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR), 0, KEY_READ)) { - OutputDebugStr(_T("Product registry key cannot be opened (error %u).\n"), GetLastError()); + LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR), 0, KEY_READ, key); + if (s != ERROR_SUCCESS) { + OutputDebugStr(_T("Product registry key cannot be opened (error %u).\n"), s); return 3; } wstring lang; - LSTATUS s = RegQueryStringValue(key, _T("Language"), lang); + s = RegQueryStringValue(key, _T("Language"), lang); if (s != ERROR_SUCCESS) { OutputDebugStr(_T("Error reading registry value (error %u).\n"), s); return 3; diff --git a/WLANManager/Main.cpp b/WLANManager/Main.cpp index 1d909cd..ecc0cc2 100644 --- a/WLANManager/Main.cpp +++ b/WLANManager/Main.cpp @@ -53,8 +53,9 @@ static int WLANManager() // Open WLAN handle. DWORD dwNegotiatedVersion; wlan_handle wlan; - if (!wlan.open(WLAN_API_MAKE_VERSION(2, 0), &dwNegotiatedVersion)) { - DisplayError(_T("%s function failed (error %u)."), _T("WlanOpenHandle"), GetLastError()); + DWORD dwResult = WlanOpenHandle(WLAN_API_MAKE_VERSION(2, 0), NULL, &dwNegotiatedVersion, wlan); + if (dwResult != ERROR_SUCCESS) { + DisplayError(_T("%s function failed (error %u)."), _T("WlanOpenHandle"), dwResult); return 2; } else if (dwNegotiatedVersion < WLAN_API_MAKE_VERSION(2, 0)) { DisplayError(_T("WlanOpenHandle negotiated unsupported version (expected: %u, negotiated: %u)."), WLAN_API_MAKE_VERSION(2, 0), dwNegotiatedVersion); @@ -65,7 +66,7 @@ static int WLANManager() { // Get a list of WLAN interfaces. WLAN_INTERFACE_INFO_LIST *pInterfaceList; - DWORD dwResult = WlanEnumInterfaces(wlan, NULL, &pInterfaceList); + dwResult = WlanEnumInterfaces(wlan, NULL, &pInterfaceList); if (dwResult != ERROR_SUCCESS) { DisplayError(_T("%s function failed (error %u)."), _T("WlanEnumInterfaces"), dwResult); return 4; @@ -84,7 +85,7 @@ static int WLANManager() if (!interface_name.empty()) { // Read the interface name from registry. reg_key key; - if (key.open(HKEY_LOCAL_MACHINE, tstring_printf(_T("SYSTEM\\CurrentControlSet\\Control\\Network\\%s\\%s\\Connection"), devclass_net.c_str(), tstring_guid(interfaces->InterfaceInfo[i].InterfaceGuid).c_str()).c_str(), 0, KEY_READ)) { + if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, tstring_printf(_T("SYSTEM\\CurrentControlSet\\Control\\Network\\%s\\%s\\Connection"), devclass_net.c_str(), tstring_guid(interfaces->InterfaceInfo[i].InterfaceGuid).c_str()).c_str(), 0, KEY_READ, key) == ERROR_SUCCESS) { wstring name; if (RegQueryStringValue(key, _T("Name"), name) == ERROR_SUCCESS && _wcsicmp(interface_name.c_str(), name.c_str()) != 0) { // Not the interface we are interested in. @@ -97,7 +98,7 @@ static int WLANManager() { // Get a list of profiles. WLAN_PROFILE_INFO_LIST *pProfileList; - DWORD dwResult = WlanGetProfileList(wlan, &(interfaces->InterfaceInfo[i].InterfaceGuid), NULL, &pProfileList); + dwResult = WlanGetProfileList(wlan, &(interfaces->InterfaceInfo[i].InterfaceGuid), NULL, &pProfileList); if (dwResult != ERROR_SUCCESS) { DisplayError(_T("%s function failed (error %u)."), _T("WlanGetProfileList"), dwResult); return 4; @@ -117,7 +118,7 @@ static int WLANManager() // Launch WLAN profile config dialog. WLAN_REASON_CODE wlrc = L2_REASON_CODE_SUCCESS; #pragma warning(suppress: 6387) // TODO: MSDN nor SAL annotation don't indicate NULL HWND are OK with WlanUIEditProfile(). - DWORD dwResult = WlanUIEditProfile(WLAN_UI_API_VERSION, pwcArglist[2], &(interfaces->InterfaceInfo[i].InterfaceGuid), NULL, WLSecurityPage, NULL, &wlrc); + dwResult = WlanUIEditProfile(WLAN_UI_API_VERSION, pwcArglist[2], &(interfaces->InterfaceInfo[i].InterfaceGuid), NULL, WLSecurityPage, NULL, &wlrc); if (dwResult != ERROR_SUCCESS) { // WlanUIEditProfile() displays own error dialog on failure. //DisplayError(_T("%s function failed (error %u)."), _T("WlanUIEditProfile"), dwResult); diff --git a/lib/EAPBase/include/EAP.h b/lib/EAPBase/include/EAP.h index 079734e..bc926d8 100644 --- a/lib/EAPBase/include/EAP.h +++ b/lib/EAPBase/include/EAP.h @@ -1264,7 +1264,7 @@ inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ winstd::cert_contex if (dwCertEncodedSize) { auto ptr_end = cursor.ptr + dwCertEncodedSize; assert(ptr_end <= cursor.ptr_end); - val.create(dwCertEncodingType, (BYTE*)cursor.ptr, dwCertEncodedSize); + val = CertCreateCertificateContext(dwCertEncodingType, (BYTE*)cursor.ptr, dwCertEncodedSize); cursor.ptr = ptr_end; } else val.free(); diff --git a/lib/EAPBase/include/Module.h b/lib/EAPBase/include/Module.h index 46682f9..d0731c1 100644 --- a/lib/EAPBase/include/Module.h +++ b/lib/EAPBase/include/Module.h @@ -407,7 +407,7 @@ namespace eap DWORD keyinfo_size = 0; if (!CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, s_rsa_key, sizeof(s_rsa_key), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size)) throw winstd::win_runtime_error(__FUNCTION__ " CryptDecodeObjectEx failed."); - if (!key_rsa.import(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0)) + if (!CryptImportKey(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0, key_rsa)) throw winstd::win_runtime_error(__FUNCTION__ " Key import failed."); // Import the 256-bit AES session key. @@ -482,7 +482,7 @@ namespace eap { // Create hash. winstd::crypt_hash hash; - if (!hash.create(hProv, CALG_MD5)) + if (!CryptCreateHash(hProv, CALG_MD5, NULL, 0, hash)) throw winstd::win_runtime_error(__FUNCTION__ " Creating MD5 hash failed."); DWORD dwHashSize; CryptGetHashParam(hash, HP_HASHSIZE, dwHashSize, 0); @@ -563,7 +563,7 @@ namespace eap #if EAP_ENCRYPT_BLOBS // Prepare cryptographics provider. winstd::crypt_prov cp; - if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) + if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) throw winstd::win_runtime_error(__FUNCTION__ " CryptAcquireContext failed."); // Decrypt data. @@ -592,7 +592,7 @@ namespace eap #if EAP_ENCRYPT_BLOBS // Prepare cryptographics provider. winstd::crypt_prov cp; - if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) + if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) throw winstd::win_runtime_error(__FUNCTION__ " CryptAcquireContext failed."); // Decrypt data. @@ -627,7 +627,7 @@ namespace eap #if EAP_ENCRYPT_BLOBS // Prepare cryptographics provider. winstd::crypt_prov cp; - if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) + if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) throw winstd::win_runtime_error(__FUNCTION__ " CryptAcquireContext failed."); // Encrypt BLOB. @@ -675,7 +675,7 @@ namespace eap // Prepare cryptographics provider. winstd::crypt_prov cp; - if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) + if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) throw winstd::win_runtime_error(__FUNCTION__ " CryptAcquireContext failed."); // Encrypt BLOB. diff --git a/lib/EAPBase/src/Credentials.cpp b/lib/EAPBase/src/Credentials.cpp index 3e018a7..d705be3 100644 --- a/lib/EAPBase/src/Credentials.cpp +++ b/lib/EAPBase/src/Credentials.cpp @@ -403,7 +403,7 @@ void eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p // Prepare cryptographics provider. crypt_prov cp; - if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) + if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) throw win_runtime_error(__FUNCTION__ " CryptAcquireContext failed."); // @@ -459,7 +459,7 @@ void eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot) // Prepare cryptographics provider. crypt_prov cp; - if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) + if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) throw win_runtime_error(__FUNCTION__ " CryptAcquireContext failed."); m_password = m_module.decrypt_str, sanitizing_allocator >(cp, password_enc.data(), password_enc.size()); @@ -473,7 +473,7 @@ void eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot) // Prepare cryptographics provider. crypt_prov cp; - if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) + if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) throw win_runtime_error(__FUNCTION__ " CryptAcquireContext failed."); #pragma warning(suppress: 4996) // Support for backward compatibility. diff --git a/lib/EAPBase/src/Module.cpp b/lib/EAPBase/src/Module.cpp index a9e5bdd..0ab940f 100644 --- a/lib/EAPBase/src/Module.cpp +++ b/lib/EAPBase/src/Module.cpp @@ -16,12 +16,11 @@ using namespace winstd; eap::module::module(_In_ eap_type_t eap_method) : m_eap_method(eap_method), - m_instance(NULL) + m_instance(NULL), + m_heap(HeapCreate(0, 0, 0)) { m_ep.create(&EAPMETHOD_TRACE_EVENT_PROVIDER); m_ep.write(&EAPMETHOD_TRACE_EVT_MODULE_LOAD, event_data((unsigned int)m_eap_method), blank_event_data); - - m_heap.create(0, 0, 0); } @@ -186,7 +185,7 @@ std::vector eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytec DWORD keyinfo_size = 0; if (!CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, s_rsa_key, sizeof(s_rsa_key), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size)) throw winstd::win_runtime_error(__FUNCTION__ " CryptDecodeObjectEx failed."); - if (!key_rsa.import(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0)) + if (!CryptImportKey(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0, key_rsa)) throw winstd::win_runtime_error(__FUNCTION__ " Key import failed."); // Export AES session key encrypted with public RSA key. @@ -215,7 +214,7 @@ std::vector eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_b { // Create hash. crypt_hash hash; - if (!hash.create(hProv, CALG_MD5)) + if (!CryptCreateHash(hProv, CALG_MD5, NULL, 0, hash)) throw win_runtime_error(__FUNCTION__ " Creating MD5 hash failed."); // Encrypt data. diff --git a/lib/EAPBase_UI/include/EAP_UI.h b/lib/EAPBase_UI/include/EAP_UI.h index 696a739..2cb0993 100644 --- a/lib/EAPBase_UI/include/EAP_UI.h +++ b/lib/EAPBase_UI/include/EAP_UI.h @@ -744,8 +744,8 @@ public: m_sb_credentials->GetStaticBox()->SetLabel(method.empty() ? wxString::Format(_("%s User Credentials"), cfg.get_method_str()) : method); // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(/*16770*/269))); } @@ -1032,8 +1032,8 @@ public: wxEAPCredentialsPanel<_Tcred, _Tbase>(prov, cfg, cred, parent, is_config) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(/*16770*/269))); bool layout = false; @@ -1110,9 +1110,9 @@ public: wxIdentityCredentialsPanel<_Tcred, _Tbase>(prov, cfg, cred, parent, is_config) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("imageres.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) - m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(82))); + winstd::library lib_imageres(LoadLibraryEx(_T("imageres.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_imageres) + m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_imageres, MAKEINTRESOURCE(82))); if (!m_prov.m_lbl_alt_password.empty()) { m_password_label->SetLabel(m_prov.m_lbl_alt_password); diff --git a/lib/EAPBase_UI/src/EAP_UI.cpp b/lib/EAPBase_UI/src/EAP_UI.cpp index 8aa32ca..6627736 100644 --- a/lib/EAPBase_UI/src/EAP_UI.cpp +++ b/lib/EAPBase_UI/src/EAP_UI.cpp @@ -182,8 +182,8 @@ void wxEAPNotePanel::CreateContactFields(const eap::config_provider &prov) wxEAPProviderLockedPanel::wxEAPProviderLockedPanel(const eap::config_provider &prov, wxWindow* parent) : wxEAPNotePanel(parent) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_note_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(48))); m_note_label->SetLabel(wxString::Format(_("%s has pre-set parts of this configuration. Those parts are locked to prevent accidental modification."), @@ -203,8 +203,8 @@ wxEAPProviderLockedPanel::wxEAPProviderLockedPanel(const eap::config_provider &p wxEAPCredentialWarningPanel::wxEAPCredentialWarningPanel(const eap::config_provider &prov, eap::config_method::status_t status, wxWindow* parent) : wxEAPNotePanel(parent) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_note_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(161))); m_note_label->SetLabel(( @@ -285,8 +285,8 @@ wxEAPProviderContactInfoPanel::wxEAPProviderContactInfoPanel(eap::config_provide wxEAPProviderContactInfoPanelBase(parent) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_provider_contact_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(259))); } @@ -328,8 +328,8 @@ wxEAPProviderIDPanel::wxEAPProviderIDPanel(eap::config_provider &prov, wxWindow* wxEAPProviderIDPanelBase(parent) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_provider_id_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(29))); } @@ -367,8 +367,8 @@ wxEAPProviderLockPanel::wxEAPProviderLockPanel(eap::config_provider &prov, wxWin wxEAPProviderLockPanelBase(parent) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_provider_lock_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(1003))); } @@ -465,8 +465,8 @@ wxEAPIdentityConfigPanel::wxEAPIdentityConfigPanel(const eap::config_provider &p wxEAPIdentityConfigPanelBase(parent) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_identity_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(265))); } diff --git a/lib/EAPBase_UI/src/Module.cpp b/lib/EAPBase_UI/src/Module.cpp index d94dcc5..fb357fa 100644 --- a/lib/EAPBase_UI/src/Module.cpp +++ b/lib/EAPBase_UI/src/Module.cpp @@ -171,8 +171,8 @@ void eap::monitor_ui::release_slaves(_In_bytecount_(size) const void *data, _In_ GetWindowThreadProcessId(*slave, &pid_slave); // Get slave's process handle. - process proc_slave; - if (!proc_slave.open(PROCESS_VM_OPERATION | PROCESS_VM_WRITE, 0, pid_slave)) + process proc_slave(OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE, 0, pid_slave)); + if (!proc_slave) continue; // Allocate memory in slave's virtual memory space and save data to it. diff --git a/lib/EapHost_UI/src/EapHost_UI.cpp b/lib/EapHost_UI/src/EapHost_UI.cpp index a167629..549385e 100644 --- a/lib/EapHost_UI/src/EapHost_UI.cpp +++ b/lib/EapHost_UI/src/EapHost_UI.cpp @@ -31,8 +31,8 @@ wxEapHostMethodConfigPanel::wxEapHostMethodConfigPanel(const eap::config_provide UNREFERENCED_PARAMETER(prov); // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_method_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(175))); winstd::eap_method_info_array methods; diff --git a/lib/Events/src/Register.cpp b/lib/Events/src/Register.cpp index 1d5ec2a..147a987 100644 --- a/lib/Events/src/Register.cpp +++ b/lib/Events/src/Register.cpp @@ -65,9 +65,11 @@ STDAPI DllRegisterServer() // Register event channels. reg_key key_channels, key_channels_operational, key_channels_analytic; - if (!key_channels.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Channels"), 0, KEY_CREATE_SUB_KEY)) throw win_runtime_error(); + LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Channels"), 0, KEY_CREATE_SUB_KEY, key_channels); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); sprintf(sz, _T("%s/Operational"), event_provider_name.c_str()); - if (!key_channels_operational.create(key_channels, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); + s = RegCreateKeyEx(key_channels, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channels_operational, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); set_value(key_channels_operational, _T("OwningPublisher") , event_provider_guid); set_value(key_channels_operational, _T("Enabled") , (DWORD)0); set_value(key_channels_operational, _T("Isolation") , (DWORD)0); @@ -78,7 +80,8 @@ STDAPI DllRegisterServer() set_value(key_channels_operational, _T("AutoBackupLogFiles"), (DWORD)0); set_value(key_channels_operational, _T("Type") , (DWORD)1); sprintf(sz, _T("%s/Analytic"), event_provider_name.c_str()); - if (!key_channels_analytic.create(key_channels, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); + s = RegCreateKeyEx(key_channels, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channels_analytic, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); set_value(key_channels_analytic, _T("OwningPublisher"), event_provider_guid); set_value(key_channels_analytic, _T("Enabled") , (DWORD)0); set_value(key_channels_analytic, _T("Isolation") , (DWORD)0); @@ -90,8 +93,10 @@ STDAPI DllRegisterServer() // Register event publishers. reg_key key_publishers, key_event_source; - if (!key_publishers.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Publishers"), 0, KEY_CREATE_SUB_KEY)) throw win_runtime_error(); - if (!key_event_source.create(key_publishers, event_provider_guid.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); + s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Publishers"), 0, KEY_CREATE_SUB_KEY, key_publishers); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); + s = RegCreateKeyEx(key_publishers, event_provider_guid.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_event_source, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); set_value(key_event_source, NULL , event_provider_name); if (!GetModuleFileName(g_hInstance, sz)) throw win_runtime_error("GetModuleFileName failed."); set_value(key_event_source, _T("MessageFileName") , sz); @@ -100,13 +105,16 @@ STDAPI DllRegisterServer() // Bind channels and publishers. reg_key key_channel_refs, key_channel_refs_operational, key_channel_refs_analytic; - if (!key_channel_refs.create(key_event_source, _T("ChannelReferences"), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); - if (!key_channel_refs_operational.create(key_channel_refs, _T("0"), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); + s = RegCreateKeyEx(key_event_source, _T("ChannelReferences"), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channel_refs, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); + s = RegCreateKeyEx(key_channel_refs, _T("0"), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channel_refs_operational, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); sprintf(sz, _T("%s/Operational"), event_provider_name.c_str()); set_value(key_channel_refs_operational, NULL , sz); set_value(key_channel_refs_operational, _T("Id") , (DWORD)16); set_value(key_channel_refs_operational, _T("Flags"), (DWORD)0); - if (!key_channel_refs_analytic.create(key_channel_refs, _T("1"), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error(); + s = RegCreateKeyEx(key_channel_refs, _T("1"), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channel_refs_analytic, NULL); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); sprintf(sz, _T("%s/Analytic"), event_provider_name.c_str()); set_value(key_channel_refs_analytic, NULL , sz); set_value(key_channel_refs_analytic, _T("Id") , (DWORD)17); @@ -134,14 +142,16 @@ STDAPI DllUnregisterServer() // Unregister event publishers. try { reg_key key_publishers; - if (!key_publishers.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Publishers"), 0, KEY_READ)) throw win_runtime_error(); + LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Publishers"), 0, KEY_READ, key_publishers); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); key_publishers.delete_subkey(tstring_guid(EAPMETHOD_TRACE_EVENT_PROVIDER).c_str()); } catch(...) {} // Unregister event channels. try { reg_key key_channels; - if (!key_channels.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Channels"), 0, KEY_READ)) throw win_runtime_error(); + LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Channels"), 0, KEY_READ, key_channels); + if (s != ERROR_SUCCESS) throw win_runtime_error(s); key_channels.delete_subkey(_T(VENDOR_NAME_STR) _T("-") _T(PRODUCT_NAME_STR) _T("-EAPMethod/Operational")); key_channels.delete_subkey(_T(VENDOR_NAME_STR) _T("-") _T(PRODUCT_NAME_STR) _T("-EAPMethod/Analytic")); } catch(...) {} diff --git a/lib/GTC_UI/src/GTC_UI.cpp b/lib/GTC_UI/src/GTC_UI.cpp index ebbf69d..76a803a 100644 --- a/lib/GTC_UI/src/GTC_UI.cpp +++ b/lib/GTC_UI/src/GTC_UI.cpp @@ -115,8 +115,8 @@ wxGTCResponsePanel::wxGTCResponsePanel(winstd::sanitizing_wstring &response, con m_response_value(response) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_shell32) m_response_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(24))); // Set challenge label. diff --git a/lib/MSCHAPv2/src/MSCHAPv2.cpp b/lib/MSCHAPv2/src/MSCHAPv2.cpp index 3126250..1c7db49 100644 --- a/lib/MSCHAPv2/src/MSCHAPv2.cpp +++ b/lib/MSCHAPv2/src/MSCHAPv2.cpp @@ -56,7 +56,7 @@ crypt_key eap::create_des_key(_In_ HCRYPTPROV cp, _In_count_(size) const unsigne // Import key. crypt_key k; - if (!k.import(cp, key_blob.data(), (DWORD)key_blob.size(), NULL, 0)) + if (!CryptImportKey(cp, key_blob.data(), (DWORD)key_blob.size(), NULL, 0, k)) throw winstd::win_runtime_error(__FUNCTION__ " Error importing key 1/3."); return k; } @@ -90,7 +90,7 @@ eap::challenge_hash::challenge_hash( _In_z_ const char *username) { crypt_hash hash; - if (!hash.create(cp, CALG_SHA)) + if (!CryptCreateHash(cp, CALG_SHA, NULL, 0, hash)) throw win_runtime_error(__FUNCTION__ " Creating SHA hash failed."); if (!CryptHashData(hash, (const BYTE*)&challenge_client , (DWORD)sizeof(challenge_client), 0) || !CryptHashData(hash, challenge_server.data(), (DWORD)challenge_server.size() , 0) || @@ -135,7 +135,7 @@ eap::nt_password_hash::nt_password_hash( _In_z_ const wchar_t *password) { crypt_hash hash; - if (!hash.create(cp, CALG_MD4)) + if (!CryptCreateHash(cp, CALG_MD4, NULL, 0, hash)) throw win_runtime_error(__FUNCTION__ " Creating MD4 hash failed."); if (!CryptHashData(hash, (const BYTE*)password, (DWORD)(wcslen(password) * sizeof(wchar_t)), 0)) throw win_runtime_error(__FUNCTION__ " Error hashing data."); @@ -150,7 +150,7 @@ eap::nt_password_hash::nt_password_hash( _In_ const nt_password_hash &pwd_hash) { crypt_hash hash; - if (!hash.create(cp, CALG_MD4)) + if (!CryptCreateHash(cp, CALG_MD4, NULL, 0, hash)) throw win_runtime_error(__FUNCTION__ " Creating MD4 hash failed."); if (!CryptHashData(hash, (const BYTE*)&pwd_hash, (DWORD)sizeof(pwd_hash), 0)) throw win_runtime_error(__FUNCTION__ " Error hashing data."); @@ -271,7 +271,7 @@ eap::authenticator_response::authenticator_response( nt_password_hash hash_hash_pwd(cp, nt_password_hash(cp, password)); crypt_hash hash; - if (!hash.create(cp, CALG_SHA)) + if (!CryptCreateHash(cp, CALG_SHA, NULL, 0, hash)) throw win_runtime_error(__FUNCTION__ " Creating SHA hash failed."); if (!CryptHashData(hash, (const BYTE*)&hash_hash_pwd, (DWORD)sizeof(hash_hash_pwd), 0) || !CryptHashData(hash, (const BYTE*)&nt_resp , (DWORD)sizeof(nt_resp ), 0) || @@ -291,7 +291,7 @@ eap::authenticator_response::authenticator_response( }; challenge_hash challenge(cp, challenge_server, challenge_client, username); - if (!hash.create(cp, CALG_SHA)) + if (!CryptCreateHash(cp, CALG_SHA, NULL, 0, hash)) throw win_runtime_error(__FUNCTION__ " Creating SHA hash failed."); if (!CryptHashData(hash, hash_val , size_hash_val , 0) || !CryptHashData(hash, (const BYTE*)&challenge, (DWORD)sizeof(challenge), 0) || diff --git a/lib/MSCHAPv2/src/Method.cpp b/lib/MSCHAPv2/src/Method.cpp index 2984372..c5269c6 100644 --- a/lib/MSCHAPv2/src/Method.cpp +++ b/lib/MSCHAPv2/src/Method.cpp @@ -38,7 +38,7 @@ void eap::method_mschapv2_base::begin_session( m_cfg.m_last_msg.clear(); // Create cryptographics provider for support needs (client challenge ...). - if (!m_cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) + if (!CryptAcquireContext(m_cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) throw win_runtime_error(__FUNCTION__ " Error creating cryptographics provider."); } diff --git a/lib/TLS/include/Module.h b/lib/TLS/include/Module.h index 513c66f..d94840c 100644 --- a/lib/TLS/include/Module.h +++ b/lib/TLS/include/Module.h @@ -96,8 +96,8 @@ namespace eap public: module &m_module; ///< Module - winstd::win_handle m_thread; ///< Thread - winstd::win_handle m_abort; ///< Thread abort event + winstd::thread m_thread; ///< Thread + winstd::event m_abort; ///< Thread abort event winstd::cert_context m_cert; ///< Server certificate }; diff --git a/lib/TLS/src/Config.cpp b/lib/TLS/src/Config.cpp index 0d4297d..d443043 100644 --- a/lib/TLS/src/Config.cpp +++ b/lib/TLS/src/Config.cpp @@ -242,8 +242,8 @@ eap::credentials* eap::config_method_tls::make_credentials() const bool eap::config_method_tls::add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ LPCBYTE pbCertEncoded, _In_ DWORD cbCertEncoded) { - cert_context cert; - if (!cert.create(dwCertEncodingType, pbCertEncoded, cbCertEncoded)) { + cert_context cert(CertCreateCertificateContext(dwCertEncodingType, pbCertEncoded, cbCertEncoded)); + if (!cert) { // Invalid or unsupported certificate. return false; } diff --git a/lib/TLS/src/Credentials.cpp b/lib/TLS/src/Credentials.cpp index 4c66143..577a088 100644 --- a/lib/TLS/src/Credentials.cpp +++ b/lib/TLS/src/Credentials.cpp @@ -205,9 +205,9 @@ std::wstring eap::credentials_tls::get_identity() const return m_identity; } else if (!m_cert_hash.empty()) { // Find certificate in the store. - winstd::cert_store store; - vector hash; - if (store.create(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"))) { + winstd::cert_store store(CertOpenStore(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"))); + if (!!store) { + vector hash; for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(store, cert)) != NULL;) { if (CertGetCertificateContextProperty(cert, CERT_HASH_PROP_ID, hash) && hash == m_cert_hash) diff --git a/lib/TLS/src/Method.cpp b/lib/TLS/src/Method.cpp index 8f6e79c..9db99d8 100644 --- a/lib/TLS/src/Method.cpp +++ b/lib/TLS/src/Method.cpp @@ -195,7 +195,8 @@ void eap::method_tls::begin_session( #endif } - if (!m_store.create(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"))) + m_store = CertOpenStore(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My")); + if (!m_store) throw win_runtime_error(__FUNCTION__ " CertOpenStore failed."); // Prepare client credentials for Schannel. @@ -372,7 +373,7 @@ EapPeerMethodResponseAction eap::method_tls::process_request_packet( // Verify cached CRL (entire chain). reg_key key; - if (key.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR) _T("\\TLSCRL"), 0, KEY_READ)) { + if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR) _T("\\TLSCRL"), 0, KEY_READ, key) == ERROR_SUCCESS) { wstring hash_unicode; vector hash, subj; for (cert_context c(m_sc_cert); c;) { @@ -731,8 +732,8 @@ void eap::method_tls::verify_server_trust() const throw sec_runtime_error(SEC_E_CERT_UNKNOWN, __FUNCTION__ " Server is using a self-signed certificate. Cannot trust it."); // Create temporary certificate store of our trusted root CAs. - cert_store store; - if (!store.create(CERT_STORE_PROV_MEMORY, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, 0, NULL)) + cert_store store(CertOpenStore(CERT_STORE_PROV_MEMORY, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, 0, NULL)); + if (!store) throw win_runtime_error(__FUNCTION__ " Error creating temporary certificate store."); for (auto c = m_cfg.m_trusted_root_ca.cbegin(), c_end = m_cfg.m_trusted_root_ca.cend(); c != c_end; ++c) CertAddCertificateContextToStore(store, *c, CERT_STORE_ADD_REPLACE_EXISTING, NULL); @@ -770,7 +771,7 @@ void eap::method_tls::verify_server_trust() const #endif }; cert_chain_context context; - if (!context.create(NULL, m_sc_cert, NULL, store, &chain_params, 0)) + if (!CertGetCertificateChain(NULL, m_sc_cert, NULL, store, &chain_params, 0, NULL, context)) throw win_runtime_error(__FUNCTION__ " Error creating certificate chain context."); // Check chain validation error flags. Ignore CERT_TRUST_IS_UNTRUSTED_ROOT flag since we check root CA explicitly. diff --git a/lib/TLS/src/Module.cpp b/lib/TLS/src/Module.cpp index 0658430..362d8ab 100644 --- a/lib/TLS/src/Module.cpp +++ b/lib/TLS/src/Module.cpp @@ -202,7 +202,7 @@ DWORD WINAPI eap::peer_tls_base::crl_checker::verify(_In_ crl_checker *obj) // One of the certificates in the chain was revoked as compromised. Black-list it. obj->m_module.log_event(&EAPMETHOD_TLS_SERVER_CERT_REVOKED, event_data((unsigned int)obj->m_module.m_eap_method), event_data(subj), event_data(status_rev.dwReason), blank_event_data); reg_key key; - if (key.create(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR) _T("\\TLSCRL"), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) { + if (RegCreateKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR) _T("\\TLSCRL"), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key, NULL) == ERROR_SUCCESS) { vector hash; if (CertGetCertificateContextProperty(cert, CERT_HASH_PROP_ID, hash)) { wstring hash_unicode; diff --git a/lib/TLS_UI/src/TLS_UI.cpp b/lib/TLS_UI/src/TLS_UI.cpp index 8e8bcde..35fc2b7 100644 --- a/lib/TLS_UI/src/TLS_UI.cpp +++ b/lib/TLS_UI/src/TLS_UI.cpp @@ -118,13 +118,13 @@ wxTLSCredentialsPanel::wxTLSCredentialsPanel(const eap::config_provider &prov, c wxEAPCredentialsPanel(prov, cfg, cred, parent, is_config) { // Load and set icon. - winstd::library lib_shell32; - if (lib_shell32.load(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) - m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(6170))); + winstd::library lib_certmgr(LoadLibraryEx(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_certmgr) + m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_certmgr, MAKEINTRESOURCE(6170))); // Populate certificate list. - winstd::cert_store store; - if (store.create(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"))) { + winstd::cert_store store(CertOpenStore(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"))); + if (!!store) { for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(store, cert)) != NULL;) { DWORD dwKeySpec = 0, dwSize = sizeof(dwKeySpec); if (!CertGetCertificateContextProperty(cert, CERT_KEY_SPEC_PROP_ID, &dwKeySpec, &dwSize) || !dwKeySpec) { @@ -202,8 +202,8 @@ wxTLSServerTrustPanel::wxTLSServerTrustPanel(const eap::config_provider &prov, e wxTLSServerTrustPanelBase(parent) { // Load and set icon. - winstd::library lib_certmgr; - if (lib_certmgr.load(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + winstd::library lib_certmgr(LoadLibraryEx(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); + if (!!lib_certmgr) m_server_trust_icon->SetIcon(wxLoadIconFromResource(lib_certmgr, MAKEINTRESOURCE(379))); // Do not use cfg.m_server_names directly, so we can decide not to store the value in case of provider-locked configuration. @@ -294,8 +294,8 @@ void wxTLSServerTrustPanel::OnRootCAAddStore(wxCommandEvent& event) { wxTLSServerTrustPanelBase::OnRootCAAddStore(event); - winstd::cert_store store; - if (store.create(NULL, _T("ROOT"))) { + winstd::cert_store store(CertOpenSystemStore(NULL, _T("ROOT"))); + if (!!store) { winstd::cert_context cert; #pragma warning(suppress: 6387) // The pvReserved parameter is annotated as _In_ cert.attach(CryptUIDlgSelectCertificateFromStore(store, this->GetHWND(), NULL, NULL, 0, 0, NULL)); @@ -323,8 +323,8 @@ void wxTLSServerTrustPanel::OnRootCAAddFile(wxCommandEvent& event) open_dialog.GetPaths(paths); for (size_t i = 0, i_end = paths.GetCount(); i < i_end; i++) { // Load certificate(s) from file. - winstd::cert_store cs; - if (cs.create(CERT_STORE_PROV_FILENAME, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, static_cast(paths[i]))) { + winstd::cert_store cs(CertOpenStore(CERT_STORE_PROV_FILENAME, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, static_cast(paths[i]))); + if (!!cs) { for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(cs, cert)) != NULL;) AddRootCA(cert); } else diff --git a/lib/WinStd b/lib/WinStd index 328646b..ad76305 160000 --- a/lib/WinStd +++ b/lib/WinStd @@ -1 +1 @@ -Subproject commit 328646b2d9d7100afe9d2d0a25e2c656241bb25b +Subproject commit ad76305ce9448249ab665bfca644a32600457e54