archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/admin/burnslib/inc/encryptedstring.hpp

235 lines
5.4 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. // Copyright (c) 2002 Microsoft Corporation
  2. //
  3. // Encrypted string class
  4. //
  5. // 18 March 2002
  9. #ifndef ENCRYPTEDSTRING_HPP_INCLUDED
  10. #define ENCRYPTEDSTRING_HPP_INCLUDED
  14. // A class that has a similar public interface as class Burnslib::String, but
  15. // is represented as an encrypted blob, produced by CryptProtectMemory.
  16. //
  17. // This class can be used to represent sensitive data like password strings
  18. // in-memory, instead of holding them as cleartext, which is a security hole
  19. // if the memory pages are swapped to disk, the machine is hibernated, etc.
  20. //
  21. // You should convert any cleartext data into an instance of this class, then
  22. // scribble out your cleartext source copy with SecureZeroMemory.
  24. class EncryptedString
  25. {
  26. public:
  28. // no string may be longer than this many characters, not including the
  29. // terminating null, or it will be truncated.
  31. static const size_t MAX_CHARACTER_COUNT = 1024 * 2 - 1;
  35. // constructs an empty string.
  37. explicit
  38. EncryptedString();
  42. // constructs a copy of an existing, already encoded string
  44. EncryptedString(const EncryptedString& rhs);
  48. // scribbles out the text, and deletes it.
  50. ~EncryptedString()
  51. {
  52. // when the object dies, it had better not have any outstanding
  53. // cleartext copies.
  55. ASSERT(cleartextCopyCount == 0);
  57. Reset();
  58. }
  62. // disposes of the encrypted text, and sets the string to be empty.
  64. void
  65. Clear()
  66. {
  67. // when the object dies, it had better not have any outstanding
  68. // cleartext copies.
  70. ASSERT(cleartextCopyCount == 0);
  72. Reset();
  73. }
  76. // Scribbles out and de-allocates a clear text copy of the string. The
  77. // caller is required to balance each call to GetClearTextCopy with a call
  78. // to DestroyClearTextCopy lest he leak memory and leave cleartext hanging
  79. // around.
  80. //
  81. // cleartext - the same pointer returned by a previous call to
  82. // GetClearTextCopy on the same instance.
  84. void
  85. DestroyClearTextCopy(WCHAR* cleartext) const;
  89. // thrown by GetClearTextCopy if decryption fails.
  91. class DecryptionFailureException
  92. {
  93. public:
  95. DecryptionFailureException()
  96. {
  97. }
  98. };
  102. // Extracts the decoded cleartext representation of the text, including
  103. // null terminator. The caller must invoke DestroyClearTextCopy on the
  104. // result, even if the result is null.
  105. //
  106. // Throws a DecryptionFailureException on failure.
  107. //
  108. // Example:
  109. // WCHAR* cleartext = encoded.GetDecodedCopy();
  110. // if (cleartext)
  111. // {
  112. // // ... use the cleartext
  113. // }
  114. // encoded.DestroyClearTextCopy();
  116. WCHAR*
  117. GetClearTextCopy() const;
  121. // Returns true if the string is zero-length, false if not.
  123. bool
  124. IsEmpty() const
  125. {
  126. return (GetLength() == 0);
  127. }
  131. // Sets the contents of self to the encoded representation of the
  132. // cleartext, replacing the previous value of self. The encoded
  133. // representation will be the same length, in characters, as the
  134. // cleartext.
  135. //
  136. // clearText - in, un-encoded text to be encoded. May be empty string,
  137. // but not a null pointer.
  139. void
  140. Encrypt(const WCHAR* cleartext);
  144. // Returns the length, in unicode characters, of the cleartext, not
  145. // including the null terminator.
  147. size_t
  148. GetLength() const;
  152. // Replaces the contents of self with a copy of the contents of rhs.
  153. // Returns *this.
  155. const EncryptedString&
  156. operator= (const EncryptedString& rhs);
  160. // Compares the cleartext representations of self and rhs, and returns
  161. // true if they are lexicographically the same: the lengths are the same
  162. // and all the characters are the same.
  164. bool
  165. operator== (const EncryptedString& rhs) const;
  169. bool
  170. operator!= (const EncryptedString& rhs) const
  171. {
  172. return !(operator==(rhs));
  173. }
  177. private:
  180. void
  181. Clone(const EncryptedString& rhs);
  183. void
  184. Init(const WCHAR* clearText);
  186. WCHAR*
  187. InternalDecrypt() const;
  189. void
  190. InternalDestroy(WCHAR* cleartext) const;
  192. void
  193. Reset();
  197. // We deliberately do not implement conversion to or from WCHAR* or
  198. // String. This is to force the user of the class to be very deliberate
  199. // about decoding the string. class String is a copy-on-write shared
  200. // reference implementation, and we don't want to make it easy to create
  201. // "hidden" copies of cleartext, or move from one representation to
  202. // another, or accidentally get a string filled with encrypted text.
  204. // deliberately commented out
  205. // explicit
  206. // EncryptedString(const String& cleartext);
  208. // deliberately commented out
  209. // operator WCHAR* ();
  210. // operator String ();
  214. size_t clearTextLength;
  216. // In the course of en[de]crypting, and assigning to the instance, we
  217. // may reallocate the memory pointed to here, but logically the string
  218. // is still "const"
  220. mutable WCHAR* cypherText;
  222. // a logically const instance may have cleartext copies made
  224. mutable int cleartextCopyCount;
  226. // indicates that the encryption worked.
  228. bool isEncrypted;
  229. };
  233. #endif // ENCRYPTEDSTRING_HPP_INCLUDED