Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Functions using EAP_ERROR descriptor return bool now for code simplicity

Browse Source
This commit is contained in:
Simon Rozman
2016-06-15 22:59:52 +02:00
parent 03358170f4
commit ec0b283540
27 changed files with 686 additions and 515 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/EAPBase/src/Config.cpp
View File

@@ -46,11 +46,6 @@ eap::config::config(_Inout_ config &&other) :
}
eap::config::~config()
{
}
eap::config& eap::config::operator=(_In_ const config &other)
{
UNREFERENCED_PARAMETER(other);

73
lib/EAPBase/src/Credentials.cpp
View File

@@ -83,7 +83,7 @@ bool eap::credentials::empty() const
}
DWORD eap::credentials::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
@@ -91,24 +91,24 @@ DWORD eap::credentials::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConf
// <UserName>
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"UserName"), bstrNamespace, bstr(m_identity))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <UserName> element."), NULL);
return dwResult;
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
assert(pConfigRoot);
DWORD dwResult;
if ((dwResult = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:UserName"), m_identity)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error reading <UserName> element."), NULL);
return dwResult;
return false;
}
return ERROR_SUCCESS;
return true;
}
@@ -170,13 +170,13 @@ bool eap::credentials_pass::empty() const
}
DWORD eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
if ((dwResult = credentials::save(pDoc, pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials::save(pDoc, pConfigRoot, ppEapError))
return false;
// <Password>
bstr pass(m_password);
@@ -184,51 +184,50 @@ DWORD eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *
SecureZeroMemory((BSTR)pass, sizeof(OLECHAR)*pass.length());
if (dwResult != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <Password> element."), NULL);
return dwResult;
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
assert(pConfigRoot);
DWORD dwResult;
if ((dwResult = credentials::load(pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials::load(pConfigRoot, ppEapError))
return false;
bstr pass;
if ((dwResult = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:Password"), &pass)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error reading <Password> element."), NULL);
return dwResult;
return false;
}
m_password = pass;
SecureZeroMemory((BSTR)pass, sizeof(OLECHAR)*pass.length());
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const
{
assert(pszTargetName);
assert(ppEapError);
DWORD dwResult;
string password_enc;
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return false;
}
// Encrypt password.
vector<unsigned char> password;
if ((dwResult = m_module.encrypt_md5(cp, m_password, password, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!m_module.encrypt_md5(cp, m_password, password, ppEapError))
return false;
// Convert encrypted password to Base64, since CredProtectA() fail for binary strings.
string password_base64;
@@ -238,8 +237,8 @@ DWORD eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR *
// Encrypt the password using user's key.
CRED_PROTECTION_TYPE cpt;
if (!CredProtectA(TRUE, password_base64.c_str(), (DWORD)password_base64.length(), password_enc, &cpt)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredProtect failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredProtect failed."), NULL);
return false;
}
tstring target(target_name(pszTargetName));
@@ -262,24 +261,23 @@ DWORD eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR *
(LPTSTR)m_identity.c_str() // UserName
};
if (!CredWrite(&cred, 0)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredWrite failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredWrite failed."), NULL);
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError)
{
assert(pszTargetName);
DWORD dwResult;
// Read credentials.
unique_ptr<CREDENTIAL, CredFree_delete<CREDENTIAL> > cred;
if (!CredRead(target_name(pszTargetName).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredRead failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredRead failed."), NULL);
return false;
}
m_identity = cred->UserName;
@@ -287,8 +285,8 @@ DWORD eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERRO
// Decrypt the password using user's key.
string password_base64;
if (!CredUnprotectA(TRUE, (LPCSTR)(cred->CredentialBlob), cred->CredentialBlobSize, password_base64)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredUnprotect failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredUnprotect failed."), NULL);
return false;
}
// Convert Base64 to binary encrypted password, since CredProtectA() fail for binary strings.
@@ -300,13 +298,10 @@ DWORD eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERRO
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return false;
}
// Decrypt password.
if ((dwResult = m_module.decrypt_md5(cp, password.data(), password.size(), m_password, ppEapError)) != ERROR_SUCCESS)
return dwResult;
return ERROR_SUCCESS;
return m_module.decrypt_md5(cp, password.data(), password.size(), m_password, ppEapError);
}

41
lib/EAPBase/src/Module.cpp
View File

@@ -123,10 +123,9 @@ void eap::module::free_error_memory(_In_ EAP_ERROR *err)
}
DWORD eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash) const
bool eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash) const
{
assert(ppEapError);
DWORD dwResult;
// Import the public key.
HRSRC res = FindResource(m_instance, MAKEINTRESOURCE(IDR_EAP_KEY_PUBLIC), RT_RCDATA);
@@ -137,13 +136,13 @@ DWORD eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const voi
unique_ptr<CERT_PUBLIC_KEY_INFO, LocalFree_delete<CERT_PUBLIC_KEY_INFO> > keyinfo_data;
DWORD keyinfo_size = 0;
if (!CryptDecodeObjectEx(X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, (const BYTE*)::LockResource(res_handle), ::SizeofResource(m_instance, res), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."), NULL);
return false;
}
if (!key.import_public(hProv, X509_ASN_ENCODING, keyinfo_data.get())) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Public key import failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Public key import failed."), NULL);
return false;
}
// Pre-allocate memory to allow space, as encryption will grow the data.
@@ -155,39 +154,37 @@ DWORD eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const voi
// Encrypt the data using our public key.
if (!CryptEncrypt(key, hHash, TRUE, 0, buf)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Encrypting data failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Encrypting data failed."), NULL);
return false;
}
// Copy encrypted data.
enc.assign(buf.begin(), buf.end());
return ERROR_SUCCESS;
return true;
}
DWORD eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const
bool eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const
{
DWORD dwResult;
// Create hash.
crypt_hash hash;
if (!hash.create(hProv, CALG_MD5)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Creating MD5 hash failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Creating MD5 hash failed."), NULL);
return false;
}
// Encrypt data.
if ((dwResult = encrypt(hProv, data, size, enc, ppEapError, hash)) != ERROR_SUCCESS)
return dwResult;
if (!encrypt(hProv, data, size, enc, ppEapError, hash))
return false;
// Calculate MD5 hash and append it.
// Calculate MD5 hash.
vector<unsigned char> hash_bin;
if (!CryptGetHashParam(hash, HP_HASHVAL, hash_bin, 0)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Calculating MD5 hash failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Calculating MD5 hash failed."), NULL);
return false;
}
enc.insert(enc.end(), hash_bin.begin(), hash_bin.end());
return ERROR_SUCCESS;
// Append hash.
enc.insert(enc.end(), hash_bin.begin(), hash_bin.end());
return true;
}

85
lib/EAPBase/src/Session.cpp
View File

@@ -28,17 +28,41 @@ using namespace winstd;
// eap::session
//////////////////////////////////////////////////////////////////////
eap::session::session()
eap::session::session(_In_ module &mod) :
m_module(mod)
{
}
eap::session::~session()
eap::session::session(_In_ const session &other) :
m_module(other.m_module)
{
}
DWORD eap::session::begin(
eap::session::session(_Inout_ session &&other) :
m_module(other.m_module)
{
}
eap::session& eap::session::operator=(_In_ const session &other)
{
UNREFERENCED_PARAMETER(other);
assert(&m_module == &other.m_module); // Copy session within same module only!
return *this;
}
eap::session& eap::session::operator=(_Inout_ session &&other)
{
UNREFERENCED_PARAMETER(other);
assert(&m_module == &other.m_module); // Move session within same module only!
return *this;
}
bool eap::session::begin(
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
@@ -59,19 +83,19 @@ DWORD eap::session::begin(
UNREFERENCED_PARAMETER(dwMaxSendPacketSize);
UNREFERENCED_PARAMETER(ppEapError);
return ERROR_SUCCESS;
return true;
}
DWORD eap::session::end(_Out_ EAP_ERROR **ppEapError)
bool eap::session::end(_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(ppEapError);
return ERROR_SUCCESS;
return true;
}
DWORD eap::session::process_request_packet(
bool eap::session::process_request_packet(
_In_ DWORD dwReceivedPacketSize,
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_Out_ EapPeerMethodOutput *pEapOutput,
@@ -80,49 +104,53 @@ DWORD eap::session::process_request_packet(
UNREFERENCED_PARAMETER(dwReceivedPacketSize);
UNREFERENCED_PARAMETER(pReceivedPacket);
UNREFERENCED_PARAMETER(pEapOutput);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::get_response_packet(
bool eap::session::get_response_packet(
_Inout_ DWORD *pdwSendPacketSize,
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwSendPacketSize);
UNREFERENCED_PARAMETER(pSendPacket);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError)
bool eap::session::get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(reason);
UNREFERENCED_PARAMETER(ppResult);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::get_ui_context(
bool eap::session::get_ui_context(
_Out_ DWORD *pdwUIContextDataSize,
_Out_ BYTE **ppUIContextData,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwUIContextDataSize);
UNREFERENCED_PARAMETER(ppUIContextData);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::set_ui_context(
bool eap::session::set_ui_context(
_In_ DWORD dwUIContextDataSize,
_In_count_(dwUIContextDataSize) const BYTE *pUIContextData,
_In_ const EapPeerMethodOutput *pEapOutput,
@@ -131,26 +159,29 @@ DWORD eap::session::set_ui_context(
UNREFERENCED_PARAMETER(dwUIContextDataSize);
UNREFERENCED_PARAMETER(pUIContextData);
UNREFERENCED_PARAMETER(pEapOutput);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError)
bool eap::session::get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError)
bool eap::session::set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
UNREFERENCED_PARAMETER(pEapOutput);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}