Merge branch 'master' into NDES

Author: Crypt32

ADCS.CertMod.Managed/ADCS.CertMod.Managed.csproj

@@ -44,11 +44,6 @@
     <SourceRoot Include="$(MSBuildThisFileDirectory)/" />
   </ItemGroup>
   <ItemGroup>
-    <Reference Include="CERTCLILib, Version=1.0.0.0, Culture=neutral, PublicKeyToken=d5db31a0b7668d81, processorArchitecture=MSIL">
-      <SpecificVersion>False</SpecificVersion>
-      <EmbedInteropTypes>False</EmbedInteropTypes>
-      <HintPath>..\lib\CERTCLILib.dll</HintPath>
-    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Core" />
     <Reference Include="System.Security" />
@@ -75,6 +70,9 @@
     <Compile Include="NDES\SCEPChallengeStoreEntry.cs" />
     <Compile Include="NDES\SCEPDisposition.cs" />
     <Compile Include="NDES\SCEPFailInfo.cs" />
+    <Compile Include="Interop\CertServerComFactory.cs" />
+    <Compile Include="Interop\ICertServerExit.cs" />
+    <Compile Include="Interop\ICertServerPolicy.cs" />
     <Compile Include="ObjectPool.cs" />
     <Compile Include="Policy\CertServerPolicyManaged.cs" />
     <Compile Include="PrivateKeyFlags.cs" />
@@ -115,5 +113,6 @@
   <ItemGroup>
     <None Include="strongname.snk" />
   </ItemGroup>
+  <ItemGroup />
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
 </Project>

ADCS.CertMod.Managed/CertServerExitPolicyManaged.cs

@@ -1,14 +1,14 @@
 using System;
-using CERTCLILib;
+using ADCS.CertMod.Managed.Interop;
 
 namespace ADCS.CertMod.Managed;
 
 abstract class CertServerExitPolicyManaged : ICertServerModule {
     readonly Action<Int32> _setContext;
-    readonly Func<String, Int32, IntPtr, Object> _getRequestProperty;
+    readonly Func<String, Int32, IntPtr, Int32> _getRequestProperty;
     readonly Func<String, String> _getRequestAttribute;
-    readonly Func<String, Int32, IntPtr, Object> _getCertificateProperty;
-    readonly Func<String, Int32, IntPtr, Object> _getCertificateExtension;
+    readonly Func<String, Int32, IntPtr, Int32> _getCertificateProperty;
+    readonly Func<String, Int32, IntPtr, Int32> _getCertificateExtension;
     readonly Func<Int32> _getCertificateExtensionFlags;
     readonly Action<Int32> _enumerateExtensionsSetup;
     readonly Func<String> _enumerateExtensions;
@@ -55,14 +55,14 @@ protected CertServerExitPolicyManaged(ICertServerPolicy comClass) {
     public void SetContext(Int32 Context) {
         _setContext.Invoke(Context);
     }
-    public void GetRequestProperty(String strPropertyName, Int32 PropertyType, IntPtr pvarPropertyValue) {
-        _getRequestProperty.Invoke(strPropertyName, PropertyType, pvarPropertyValue);
+    public Int32 GetRequestProperty(String strPropertyName, Int32 PropertyType, IntPtr pvarPropertyValue) {
+        return _getRequestProperty.Invoke(strPropertyName, PropertyType, pvarPropertyValue);
     }
     public String GetRequestAttribute(String strAttributeName) {
         return _getRequestAttribute.Invoke(strAttributeName);
     }
-    public void GetCertificateProperty(String strPropertyName, Int32 PropertyType, IntPtr pvarPropertyValue) {
-        _getCertificateProperty.Invoke(strPropertyName, PropertyType, pvarPropertyValue);
+    public Int32 GetCertificateProperty(String strPropertyName, Int32 PropertyType, IntPtr pvarPropertyValue) {
+        return _getCertificateProperty.Invoke(strPropertyName, PropertyType, pvarPropertyValue);
     }
     public void GetCertificateExtension(String strExtensionName, Int32 Type, IntPtr pvarValue) {
         _getCertificateExtension.Invoke(strExtensionName, Type, pvarValue);

ADCS.CertMod.Managed/Exit/CertServerExitManaged.cs

@@ -1,7 +1,5 @@
-using CERTCLILib;
+using ADCS.CertMod.Managed.Interop;
 
 namespace ADCS.CertMod.Managed.Exit;
 
-class CertServerExitManaged : CertServerExitPolicyManaged {
-    public CertServerExitManaged() : base(new CCertServerExitClass()) { }
-}
+class CertServerExitManaged() : CertServerExitPolicyManaged(CertServerComFactory.CreateCertServerExit());

ADCS.CertMod.Managed/Extensions/CertServerModuleExtensions.cs

@@ -5,59 +5,59 @@ namespace ADCS.CertMod.Managed.Extensions;
 
 static class CertServerModuleExtensions {
     #region private helpers
-
-    public static T GetInSubjectProperty<T>(this ICertServerModule certExit, IntPtr pvarPropertyValue, RequestSubjectName subjectName) {
-        certExit.getScalarProperty(pvarPropertyValue, "Subject." + subjectName, out T retValue);
+    
+    public static T GetInSubjectProperty<T>(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, RequestSubjectName subjectName) {
+        certServerModule.getScalarProperty(pvarPropertyValue, "Subject." + subjectName, out T retValue);
 
         return retValue;
     }
-    public static T GetOutSubjectProperty<T>(this ICertServerModule certExit, IntPtr pvarPropertyValue, RequestSubjectName subjectName) {
-        certExit.getScalarProperty(pvarPropertyValue, subjectName.ToString(), out T retValue);
+    public static T GetOutSubjectProperty<T>(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, RequestSubjectName subjectName) {
+        certServerModule.getScalarProperty(pvarPropertyValue, subjectName.ToString(), out T retValue);
 
         return retValue;
     }
 
-    public static Byte[] GetInSubjectNameBin(this ICertServerModule certExit, IntPtr pvarPropertyValue, RequestSubjectName propertyName) {
-        return certExit.getBinaryProperty(pvarPropertyValue, "Subject." + propertyName);
+    public static Byte[] GetInSubjectNameBin(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, RequestSubjectName propertyName) {
+        return certServerModule.getBinaryProperty(pvarPropertyValue, "Subject." + propertyName);
     }
-    public static Byte[] GetOutSubjectNameBin(this ICertServerModule certExit, IntPtr pvarPropertyValue, RequestSubjectName propertyName) {
-        return certExit.getBinaryProperty(pvarPropertyValue, propertyName.ToString());
+    public static Byte[] GetOutSubjectNameBin(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, RequestSubjectName propertyName) {
+        return certServerModule.getBinaryProperty(pvarPropertyValue, propertyName.ToString());
     }
 
-    public static T GetRequestProperty<T>(this ICertServerModule certExit, IntPtr pvarPropertyValue, RequestPropertyName propertyName) {
-        certExit.getScalarProperty(pvarPropertyValue, propertyName.ToString(), out T retValue);
+    public static T GetRequestProperty<T>(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, RequestPropertyName propertyName) {
+        certServerModule.getScalarProperty(pvarPropertyValue, propertyName.ToString(), out T retValue);
 
         return retValue;
     }
-    public static Byte[] GetRequestPropertyBin(this ICertServerModule certExit, IntPtr pvarPropertyValue, RequestPropertyName propertyName) {
-        return certExit.getBinaryProperty(pvarPropertyValue, propertyName.ToString());
+    public static Byte[] GetRequestPropertyBin(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, RequestPropertyName propertyName) {
+        return certServerModule.getBinaryProperty(pvarPropertyValue, propertyName.ToString());
     }
 
-    public static T GetCertProperty<T>(this ICertServerModule certExit, IntPtr pvarPropertyValue, CertificatePropertyName propertyName) {
-        certExit.getScalarProperty(pvarPropertyValue, propertyName.ToString(), out T retValue, true);
+    public static T GetCertProperty<T>(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, CertificatePropertyName propertyName) {
+        certServerModule.getScalarProperty(pvarPropertyValue, propertyName.ToString(), out T retValue, true);
 
         return retValue;
     }
-    public static Byte[] GetCertPropertyBin(this ICertServerModule certExit, IntPtr pvarPropertyValue, CertificatePropertyName propertyName) {
-        return certExit.getBinaryProperty(pvarPropertyValue, propertyName.ToString(), true);
+    public static Byte[] GetCertPropertyBin(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, CertificatePropertyName propertyName) {
+        return certServerModule.getBinaryProperty(pvarPropertyValue, propertyName.ToString(), true);
     }
 
-    public static Int32? GetLongProperty(this ICertServerModule certExit, IntPtr pvarPropertyValue, String propertyName, Boolean cert = false) {
-        if (certExit.getScalarProperty(pvarPropertyValue, propertyName, out Int32 retValue, cert)) {
+    public static Int32? GetLongProperty(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, String propertyName, Boolean cert = false) {
+        if (certServerModule.getScalarProperty(pvarPropertyValue, propertyName, out Int32 retValue, cert)) {
             return retValue;
         }
 
         return null;
     }
-    public static DateTime? GetDateTimeProperty(this ICertServerModule certExit, IntPtr pvarPropertyValue, String propertyName, Boolean cert = false) {
-        if (certExit.getScalarProperty(pvarPropertyValue, propertyName, out DateTime retValue, cert)) {
+    public static DateTime? GetDateTimeProperty(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, String propertyName, Boolean cert = false) {
+        if (certServerModule.getScalarProperty(pvarPropertyValue, propertyName, out DateTime retValue, cert)) {
             return retValue;
         }
 
         return null;
     }
 
-    static Boolean getScalarProperty<T>(this ICertServerModule certExit, IntPtr pvarPropertyValue, String propertyName, out T retValue, Boolean cert = false) {
+    static Boolean getScalarProperty<T>(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, String propertyName, out T retValue, Boolean cert = false) {
         retValue = default;
         Type leftType = typeof(T);
         Int32 propType;
@@ -72,36 +72,31 @@ static Boolean getScalarProperty<T>(this ICertServerModule certExit, IntPtr pvar
             return false;
         }
 
-        try {
-            if (cert) {
-                certExit.GetCertificateProperty(propertyName, propType, pvarPropertyValue);
-            } else {
-                certExit.GetRequestProperty(propertyName, propType, pvarPropertyValue);
-            }
-                
-            retValue = (T)Marshal.GetObjectForNativeVariant(pvarPropertyValue);
-            OleAut32.VariantClear(pvarPropertyValue);
-
-            return true;
-        } catch {
+        Int32 hresult = cert
+            ? certServerModule.GetCertificateProperty(propertyName, propType, pvarPropertyValue)
+            : certServerModule.GetRequestProperty(propertyName, propType, pvarPropertyValue);
+        if (hresult != 0) {
             return false;
         }
+
+        retValue = (T)Marshal.GetObjectForNativeVariant(pvarPropertyValue);
+        OleAut32.VariantClear(pvarPropertyValue);
+
+        return true;
     }
-    static Byte[] getBinaryProperty(this ICertServerModule certExit, IntPtr pvarPropertyValue, String propertyName, Boolean cert = false) {
-        try {
-            if (cert) {
-                certExit.GetCertificateProperty(propertyName, CertSrvH.PROPTYPE_BINARY, pvarPropertyValue);
-            } else {
-                certExit.GetRequestProperty(propertyName, CertSrvH.PROPTYPE_BINARY, pvarPropertyValue);
-            }
-                
-            Byte[] retValue = pvarPropertyValue.GetBstrBinary(null);
-            OleAut32.VariantClear(pvarPropertyValue);
+    static Byte[] getBinaryProperty(this ICertServerModule certServerModule, IntPtr pvarPropertyValue, String propertyName, Boolean cert = false) {
+        Int32 hresult = cert
+            ? certServerModule.GetCertificateProperty(propertyName, CertSrvH.PROPTYPE_BINARY, pvarPropertyValue)
+            : certServerModule.GetRequestProperty(propertyName, CertSrvH.PROPTYPE_BINARY, pvarPropertyValue);
 
-            return retValue;
-        } catch {
+        if (hresult != 0) {
             return default;
         }
+
+        Byte[] retValue = pvarPropertyValue.GetBstrBinary(null);
+        OleAut32.VariantClear(pvarPropertyValue);
+
+        return retValue;
     }
 
     #endregion

ADCS.CertMod.Managed/ICertServerModule.cs

@@ -4,9 +4,9 @@ namespace ADCS.CertMod.Managed;
 
 interface ICertServerModule {
     void SetContext(Int32 Context);
-    void GetRequestProperty(String strPropertyName, Int32 PropertyType, IntPtr pvarPropertyValue);
+    Int32 GetRequestProperty(String strPropertyName, Int32 PropertyType, IntPtr pvarPropertyValue);
     String GetRequestAttribute(String strAttributeName);
-    void GetCertificateProperty(String strPropertyName, Int32 PropertyType, IntPtr pvarPropertyValue);
+    Int32 GetCertificateProperty(String strPropertyName, Int32 PropertyType, IntPtr pvarPropertyValue);
     void GetCertificateExtension(String strExtensionName, Int32 Type, IntPtr pvarValue);
     RequestExtensionFlags GetCertificateExtensionFlags();
     void EnumerateExtensionsSetup(Int32 Flags);

ADCS.CertMod.Managed/Interop/CertServerComFactory.cs

@@ -0,0 +1,36 @@
+using System.Runtime.InteropServices;
+// ReSharper disable SuspiciousTypeConversion.Global
+
+namespace ADCS.CertMod.Managed.Interop;
+
+/// <summary>
+/// Represents CertServer* COM class factory.
+/// </summary>
+static class CertServerComFactory {
+    /// <summary>
+    /// Creates an instance of <strong>ICertServerExit</strong> COM interface.
+    /// </summary>
+    /// <returns>ICertServerExit.</returns>
+    public static ICertServerExit CreateCertServerExit() {
+        return (ICertServerExit)new CCertServerExitClass();
+    }
+    /// <summary>
+    /// Creates an instance of <strong>ICertServerPolicy</strong> COM interface.
+    /// </summary>
+    /// <returns>ICertServerPolicy.</returns>
+    public static ICertServerPolicy CreateCertServerPolicy() {
+        return (ICertServerPolicy)new CCertServerPolicyClass();
+    }
+
+    [Guid("4c4a5e40-732c-11d0-8816-00a0c903b83c")]
+    [TypeLibType(TypeLibTypeFlags.FCanCreate)]
+    [ClassInterface(ClassInterfaceType.None)]
+    [ComImport]
+    class CCertServerExitClass;
+
+    [Guid("aa000926-ffbe-11cf-8800-00a0c903b83c")]
+    [TypeLibType(TypeLibTypeFlags.FCanCreate)]
+    [ClassInterface(ClassInterfaceType.None)]
+    [ComImport]
+    class CCertServerPolicyClass;
+}

ADCS.CertMod.Managed/Interop/ICertServerExit.cs

@@ -0,0 +1,76 @@
+using System;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+namespace ADCS.CertMod.Managed.Interop;
+
+[Guid("4ba9eb90-732c-11d0-8816-00a0c903b83c")] // from certif.h
+[TypeLibType(TypeLibTypeFlags.FDual | TypeLibTypeFlags.FDispatchable)]
+[ComImport]
+interface ICertServerExit {
+    [DispId(1610743808)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    void SetContext(
+        [In] Int32 Context);
+
+    [DispId(1610743809)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    [PreserveSig] // force HRESULT instead of exception
+    Int32 GetRequestProperty(
+        [MarshalAs(UnmanagedType.BStr), In] String strPropertyName,
+        [In] Int32 PropertyType,
+        [Out] IntPtr pvarPropertyValue);
+
+    [DispId(1610743810)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    [return: MarshalAs(UnmanagedType.BStr)]
+    String GetRequestAttribute(
+        [MarshalAs(UnmanagedType.BStr), In] String strAttributeName);
+
+    [DispId(1610743811)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    [PreserveSig] // force HRESULT instead of exception
+    Int32 GetCertificateProperty(
+        [MarshalAs(UnmanagedType.BStr), In] String strPropertyName,
+        [In] Int32 PropertyType,
+        [Out] IntPtr pvarPropertyValue);
+
+    [DispId(1610743812)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    Int32 GetCertificateExtension(
+        [MarshalAs(UnmanagedType.BStr), In] String strExtensionName,
+        [In] Int32 Type,
+        [Out] IntPtr pvarValue);
+
+    [DispId(1610743813)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    Int32 GetCertificateExtensionFlags();
+
+    [DispId(1610743814)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    void EnumerateExtensionsSetup(
+        [In] Int32 Flags);
+
+    [DispId(1610743815)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    [return: MarshalAs(UnmanagedType.BStr)]
+    String EnumerateExtensions();
+
+    [DispId(1610743816)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    void EnumerateExtensionsClose();
+
+    [DispId(1610743817)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    void EnumerateAttributesSetup(
+        [In] Int32 Flags);
+
+    [DispId(1610743818)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    [return: MarshalAs(UnmanagedType.BStr)]
+    String EnumerateAttributes();
+
+    [DispId(1610743819)]
+    [MethodImpl(MethodImplOptions.InternalCall, MethodCodeType = MethodCodeType.Runtime)]
+    void EnumerateAttributesClose();
+}