Amebis/WinStd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Support for Windows Security Provider API extended

Browse Source
This commit is contained in:
Simon Rozman 2016-08-23 13:53:09 +02:00
parent 2118f92e9a
commit f94b72379e
4 changed files with 336 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
build/WinStd.vcxproj
View File

@ -77,6 +77,7 @@
<ClCompile Include="..\src\Crypt.cpp" />
<ClCompile Include="..\src\EAP.cpp" />
<ClCompile Include="..\src\ETW.cpp" />
<ClCompile Include="..\src\Sec.cpp" />
<ClCompile Include="..\src\StdAfx.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>

3
build/WinStd.vcxproj.filters
View File

@ -32,6 +32,9 @@
<ClCompile Include="..\src\Win.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\Sec.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\src\StdAfx.h">

255
include/WinStd/Sec.h
View File

@ -26,6 +26,25 @@
template<class _Elem, class _Traits, class _Ax> BOOLEAN GetUserNameExA(_In_ EXTENDED_NAME_FORMAT NameFormat, _Out_ std::basic_string<_Elem, _Traits, _Ax> &sName);
template<class _Elem, class _Traits, class _Ax> BOOLEAN GetUserNameExW(_In_ EXTENDED_NAME_FORMAT NameFormat, _Out_ std::basic_string<_Elem, _Traits, _Ax> &sName);
namespace winstd
{
class WINSTD_API sec_credentials;
class WINSTD_API sec_context;
class WINSTD_API sec_buffer_desc;
///
/// \defgroup WinStdExceptions Exceptions
/// Additional exceptions
///
/// @{
///
/// COM runtime error
///
typedef num_runtime_error<SECURITY_STATUS> sec_runtime_error;
/// @}
}
#pragma once
@ -104,3 +123,239 @@ BOOLEAN GetUserNameExW(_In_ EXTENDED_NAME_FORMAT NameFormat, _Out_ std::basic_st
}
/// @}
namespace winstd
{
/// \addtogroup WinStdSecurityAPI
/// @{
class WINSTD_API sec_credentials : public handle<PCredHandle>
{
public:
///
/// Initializes a new class instance with the object handle set to NULL.
///
inline sec_credentials() : handle<PCredHandle>()
{
m_expires.QuadPart = -1;
}
///
/// Move constructor
///
/// \param[inout] h A rvalue reference of another object
///
inline sec_credentials(_Inout_ sec_credentials &&h) :
m_expires(std::move(h.m_expires)),
handle<PCredHandle>(std::move(h))
{
}
///
/// Frees the security credentials.
///
/// \sa [FreeCredentialsHandle function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375417.aspx)
///
virtual ~sec_credentials();
///
/// Move assignment
///
/// \param[inout] h A rvalue reference of another object
///
sec_credentials& operator=(_Inout_ sec_credentials &&h)
{
if (this != std::addressof(h)) {
*(handle<handle_type>*)this = std::move(h);
m_expires = std::move(h.m_expires);
}
return *this;
}
///
/// Acquires the security credentials.
///
/// \return
/// - \c SEC_E_OK when succeeds;
/// - Error code when fails.
///
/// \sa [AcquireCredentialsHandle (General) function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa374712.aspx)
///
inline SECURITY_STATUS acquire(
_In_opt_ LPTSTR pszPrincipal,
_In_ LPTSTR pszPackage,
_In_ unsigned long fCredentialUse,
_In_opt_ void *pvLogonId,
_In_opt_ void *pAuthData,
_In_opt_ SEC_GET_KEY_FN pGetKeyFn = NULL,
_In_opt_ void *pvGetKeyArgument = NULL)
{
handle_type h = new CredHandle;
TimeStamp exp;
SECURITY_STATUS res = AcquireCredentialsHandle(pszPrincipal, pszPackage, fCredentialUse, pvLogonId, pAuthData, pGetKeyFn, pvGetKeyArgument, h, &exp);
if (SUCCEEDED(res)) {
attach(h);
m_expires = exp;
} else
delete h;
return res;
}
protected:
///
/// Frees the security credentials.
///
/// \sa [FreeCredentialsHandle function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375417.aspx)
///
virtual void free_internal();
private:
// This class is noncopyable.
sec_credentials(_In_ const sec_credentials &h);
sec_credentials& operator=(_In_ const sec_credentials &h);
public:
TimeStamp m_expires; ///< Credentials expiration time
};
class WINSTD_API sec_context : public handle<PCtxtHandle>
{
public:
///
/// Initializes a new class instance with the object handle set to NULL.
///
inline sec_context() :
m_attrib(0),
handle<PCtxtHandle>()
{
m_expires.QuadPart = -1;
}
///
/// Move constructor
///
/// \param[inout] h A rvalue reference of another object
///
inline sec_context(_Inout_ sec_context &&h) :
m_attrib (std::move(h.m_attrib )),
m_expires(std::move(h.m_expires)),
handle<PCtxtHandle>(std::move(h))
{
}
///
/// Frees the security context.
///
/// \sa [DeleteSecurityContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375354.aspx)
///
virtual ~sec_context();
///
/// Move assignment
///
/// \param[inout] h A rvalue reference of another object
///
sec_context& operator=(_Inout_ sec_context &&h)
{
if (this != std::addressof(h)) {
*(handle<handle_type>*)this = std::move(h);
m_attrib = std::move(h.m_attrib);
m_expires = std::move(h.m_expires);
}
return *this;
}
///
/// Initializes security context.
///
/// \return
/// - \c SEC_E_OK when succeeds;
/// - Error code when fails.
///
/// \sa [InitializeSecurityContext (General) function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375506.aspx)
///
inline SECURITY_STATUS initialize(
_In_opt_ PCredHandle phCredential,
_In_opt_ LPCTSTR pszTargetName,
_In_ ULONG fContextReq,
_In_ ULONG TargetDataRep,
_In_opt_ PSecBufferDesc pInput,
_Inout_opt_ PSecBufferDesc pOutput)
{
handle_type h = new CtxtHandle;
ULONG attr;
TimeStamp exp;
SECURITY_STATUS res = InitializeSecurityContext(phCredential, NULL, (LPTSTR)pszTargetName, fContextReq, 0, TargetDataRep, pInput, 0, h, pOutput, &attr, &exp);
if (SUCCEEDED(res)) {
attach(h);
m_attrib = attr;
m_expires = exp;
} else
delete h;
return res;
}
///
/// Continue security context.
///
/// \return
/// - \c SEC_E_OK when succeeds;
/// - Error code when fails.
///
/// \sa [InitializeSecurityContext (General) function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375506.aspx)
///
inline SECURITY_STATUS process(
_In_opt_ PCredHandle phCredential,
_In_opt_ LPCTSTR pszTargetName,
_In_ ULONG fContextReq,
_In_ ULONG TargetDataRep,
_In_opt_ PSecBufferDesc pInput,
_Inout_opt_ PSecBufferDesc pOutput)
{
return InitializeSecurityContext(phCredential, m_h, (LPTSTR)pszTargetName, fContextReq, 0, TargetDataRep, pInput, 0, NULL, pOutput, &m_attrib, &m_expires);
}
protected:
///
/// Frees the security context.
///
/// \sa [DeleteSecurityContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375354.aspx)
///
virtual void free_internal();
private:
// This class is noncopyable.
sec_context(_In_ const sec_context &h);
sec_context& operator=(_In_ const sec_context &h);
public:
ULONG m_attrib; ///< Context attributes
TimeStamp m_expires; ///< Context expiration time
};
class WINSTD_API sec_buffer_desc : public SecBufferDesc
{
public:
///
/// Initializes security buffer descriptor.
///
inline sec_buffer_desc(_Inout_count_(count) PSecBuffer buf, ULONG count, _In_ ULONG version = SECBUFFER_VERSION)
{
ulVersion = version;
cBuffers = count;
pBuffers = buf;
}
///
/// Frees the security buffer descriptor.
///
/// \sa [FreeContextBuffer function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375416.aspx)
///
virtual ~sec_buffer_desc();
};
/// @}
}

77
src/Sec.cpp Normal file
View File

@ -0,0 +1,77 @@
/*
Copyright 1991-2016 Amebis
Copyright 2016 GÉANT
This file is part of WinStd.
Setup is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
Setup is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with Setup. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"
#if defined(SECURITY_WIN32) || defined(SECURITY_KERNEL) || defined(SECURITY_MAC)
//////////////////////////////////////////////////////////////////////
// winstd::sec_credentials
//////////////////////////////////////////////////////////////////////
winstd::sec_credentials::~sec_credentials()
{
if (m_h) {
FreeCredentialsHandle(m_h);
delete m_h;
}
}
void winstd::sec_credentials::free_internal()
{
FreeCredentialsHandle(m_h);
delete m_h;
}
//////////////////////////////////////////////////////////////////////
// winstd::sec_context
//////////////////////////////////////////////////////////////////////
winstd::sec_context::~sec_context()
{
if (m_h) {
DeleteSecurityContext(m_h);
delete m_h;
}
}
void winstd::sec_context::free_internal()
{
DeleteSecurityContext(m_h);
delete m_h;
}
//////////////////////////////////////////////////////////////////////
// winstd::sec_buffer_desc
//////////////////////////////////////////////////////////////////////
winstd::sec_buffer_desc::~sec_buffer_desc()
{
for (ULONG i = 0; i < cBuffers; i++) {
if (pBuffers[i].pvBuffer)
FreeContextBuffer(pBuffers[i].pvBuffer);
}
}
#endif