archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/ds/security/protocols/digest/nonce.cxx

600 lines
17 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  2. //+-----------------------------------------------------------------------
  3. //
  4. // Microsoft Windows
  5. //
  6. // Copyright (c) Microsoft Corporation 2000
  7. //
  8. // File: nonce.cxx
  9. //
  10. // Contents: Context APIs for the Digest security package
  11. // Main entry points into this dll:
  12. // NonceCreate
  13. // NonceValidate
  14. // NonceInitialize
  15. //
  16. // History: ChandanS 26-Jul-1996 Stolen from kerberos\client2\ctxtapi.cxx
  17. // KDamour 16Mar00 Stolen from NTLM ctxtapi.cxx
  18. //
  19. //------------------------------------------------------------------------
  20. #include <global.h>
  21. #include <time.h>
  23. // Hold the Hex representation plus the NULL
  24. char g_cNoncePrivateKey[(2*NONCE_PRIVATE_KEY_BYTESIZE) + 1];
  27. //
  28. // Globals
  29. //
  31. HCRYPTPROV g_hCryptProv = 0; // Handle for CryptoAPI
  32. WORD g_SupportedCrypto = 0; // Supported Crypt Functions bitmask (i.e. SUPPORT_DES)
  34. //+--------------------------------------------------------------------
  35. //
  36. // Function: NonceInitialize
  37. //
  38. // Synopsis: This function is to be called
  39. //
  40. // Arguments: None
  41. //
  42. // Returns:
  43. //
  44. // Notes:
  45. // CryptReleaseContext( g_hCryptProv, 0 ) to release the cypt context
  46. //
  47. //---------------------------------------------------------------------
  49. NTSTATUS NTAPI
  50. NonceInitialize(
  51. VOID
  52. )
  53. {
  54. NTSTATUS Status = STATUS_SUCCESS;
  55. BYTE abTemp[NONCE_PRIVATE_KEY_BYTESIZE];
  57. DebugLog((DEB_TRACE_FUNC, "NonceInitialize: Entering\n"));
  59. if (g_hCryptProv)
  60. { // Catch cases where LSA and Usermode running in same addr space
  61. DebugLog((DEB_TRACE, "NonceInitialize: Already Inited Leaving\n"));
  62. return STATUS_SUCCESS;
  63. }
  65. //
  66. // Get a handle to the CSP we'll use for all our hash functions etc
  67. //
  68. if ( !CryptAcquireContext( &g_hCryptProv,
  69. NULL,
  70. NULL,
  71. PROV_RSA_FULL,
  72. CRYPT_VERIFYCONTEXT ) )
  73. {
  74. DebugLog((DEB_ERROR, "NonceInitialize:CryptCreateHash() failed : 0x%lx\n", GetLastError()));
  75. Status = STATUS_INTERNAL_ERROR;
  76. return(Status);
  77. }
  80. //
  81. // Generate and copy over the random bytes
  82. //
  83. if ( !CryptGenRandom( g_hCryptProv,
  84. NONCE_PRIVATE_KEY_BYTESIZE,
  85. abTemp ) )
  86. {
  87. DebugLog((DEB_ERROR, "NonceInitialize:NonceInitialize CryptGenRandom() failed : 0x%lx\n", GetLastError()));
  88. Status = STATUS_INTERNAL_ERROR;
  89. return (Status);
  90. }
  92. BinToHex((LPBYTE) abTemp, NONCE_PRIVATE_KEY_BYTESIZE, (LPSTR) g_cNoncePrivateKey);
  94. SetSupportedCrypto();
  97. DebugLog((DEB_TRACE_FUNC, "NonceInitialize:Leaving NonceInitialize\n"));
  99. return (Status);
  100. }
  103. //+--------------------------------------------------------------------
  104. //
  105. // Function: SetSupportedCrypto
  106. //
  107. // Synopsis: Set the bitmask for the supported crypto CSP installed
  108. //
  109. // Arguments: none
  110. //
  111. // Returns: STATUS_DATA_ERROR - error in reading CSP capabilities
  112. // STATUS_SUCCESS - operation completed normally
  113. //
  114. //
  115. //---------------------------------------------------------------------
  117. NTSTATUS NTAPI
  118. SetSupportedCrypto(VOID)
  119. {
  120. NTSTATUS Status = STATUS_SUCCESS;
  122. g_SupportedCrypto = SUPPORT_3DES | SUPPORT_DES | SUPPORT_RC4_40 | SUPPORT_RC4 | SUPPORT_RC4_56;
  124. // FIXFIX use CryptGetProvParam to set to actual installed CSP
  126. return(Status);
  127. }
  130. //+--------------------------------------------------------------------
  131. //
  132. // Function: NonceCreate
  133. //
  134. // Synopsis: This function is to be called once during User Mode initialization
  135. //
  136. // Arguments: pczNonce - pointer to a STRING to fillin
  137. // with a new nonce
  138. //
  139. // Returns: STATUS_DATA_ERROR - input NONCE not enough space
  140. // STATUS_SUCCESS - operation completed normally
  141. //
  142. // Notes: Function will return error if Nonce UNICODE_STRING is not empty
  143. // NONCE FORMAT
  144. // rand-data = rand[16]
  145. // nonce_binary = time-stamp rand-data H(time-stamp ":" rand-data ":" nonce_private_key)
  146. // nonce = hex(nonce_binary)
  147. //
  148. //---------------------------------------------------------------------
  150. NTSTATUS NTAPI
  151. NonceCreate(
  152. IN OUT PSTRING pstrNonce
  153. )
  154. {
  155. NTSTATUS Status = STATUS_SUCCESS;
  156. BYTE abRandomData[RANDDATA_BYTESIZE];
  157. char acRandomHex[(2*RANDDATA_BYTESIZE) + 1];
  159. FILETIME tcurrent = {0};
  161. GetSystemTimeAsFileTime(&tcurrent);
  163. DebugLog((DEB_TRACE_FUNC, "NonceCreate: Entering\n"));
  165. // Check to make sure that there is enough space on ouput string
  166. // Need room for the Nonce and the NULL terminator
  167. if (!pstrNonce->Buffer)
  168. {
  169. Status = StringAllocate(pstrNonce, NONCE_SIZE);
  170. if (!NT_SUCCESS (Status))
  171. {
  172. Status = SEC_E_INSUFFICIENT_MEMORY;
  173. DebugLog((DEB_ERROR, "NonceCreate: StringAllocate error 0x%x\n", Status));
  174. goto CleanUp;
  175. }
  177. }
  178. if (pstrNonce->MaximumLength < (NONCE_SIZE + 1))
  179. {
  180. DebugLog((DEB_ERROR, "NonceCreate: Input STRING too small\n"));
  181. Status = STATUS_BUFFER_TOO_SMALL;
  182. goto CleanUp;
  183. }
  186. // Copy over the current time
  187. BinToHex((LPBYTE)&tcurrent, sizeof(tcurrent), (LPSTR) pstrNonce->Buffer);
  190. //
  191. // Generate and copy over the random bytes
  192. //
  193. if ( !CryptGenRandom( g_hCryptProv,
  194. RANDDATA_BYTESIZE,
  195. abRandomData ) )
  196. {
  197. DebugLog((DEB_TRACE, "NonceCreate: CryptGenRandom() failed : 0x%x\n", GetLastError()));
  198. Status = STATUS_INTERNAL_ERROR;
  199. return (Status);
  200. }
  202. //
  203. // Convert to ASCII, doubling the length, and add to nonce
  204. //
  205. BinToHex( abRandomData, RANDDATA_BYTESIZE, acRandomHex);
  206. memcpy(pstrNonce->Buffer + NONCE_RANDDATA_LOC, acRandomHex, (2 * RANDDATA_BYTESIZE));
  208. //
  209. // Now calculate the Hash. It will be NULL terminated but STRING length does not include NULL
  210. //
  212. Status = NonceHash((LPBYTE) pstrNonce->Buffer, (2 * sizeof(time_t)),
  213. (LPBYTE) acRandomHex, (2 * RANDDATA_BYTESIZE),
  214. (LPBYTE) g_cNoncePrivateKey, (2 * NONCE_PRIVATE_KEY_BYTESIZE),
  215. (LPBYTE) (pstrNonce->Buffer + NONCE_HASH_LOC));
  216. if (!NT_SUCCESS (Status))
  217. {
  218. DebugLog((DEB_ERROR, "NonceCreate: failed %d\n", Status));
  219. goto CleanUp;
  220. }
  222. pstrNonce->Length = NONCE_SIZE;
  224. CleanUp:
  226. if (!NT_SUCCESS(Status))
  227. {
  228. pstrNonce->Length = 0;
  229. }
  231. DebugLog((DEB_TRACE_FUNC, "NonceCreate: Leaving\n"));
  233. return (Status);
  234. }
  236. //+--------------------------------------------------------------------
  237. //
  238. // Function: NonceIsValid
  239. //
  240. // Synopsis: Called with a pointer to a Nonce and returns NTSTATUS This is the
  241. // main function that checks for a valid nonce.
  242. //
  243. // Arguments: None
  244. //
  245. // Returns: NTSTATUS STATUS_SUCCESS if NONCE generated locally and is valid
  246. //
  247. // Notes:
  248. //
  249. //---------------------------------------------------------------------
  251. NTSTATUS
  252. NonceIsValid(
  253. PSTRING pstrNonce
  254. )
  255. {
  256. NTSTATUS Status = STATUS_SUCCESS;
  258. DebugLog((DEB_TRACE_FUNC, "NonceIsValid: Entering\n"));
  260. // Check the size first
  261. if (pstrNonce->Length != NONCE_SIZE)
  262. {
  263. DebugLog((DEB_ERROR, "NonceIsValid: Incorrect size for the Nonce\n"));
  264. return STATUS_UNSUCCESSFUL;
  265. }
  267. if (!pstrNonce->Buffer)
  268. {
  269. DebugLog((DEB_ERROR, "NonceIsValid: NULL pointer for the Nonce\n"));
  270. return STATUS_UNSUCCESSFUL;
  271. }
  273. if (NonceIsTampered(pstrNonce))
  274. {
  275. DebugLog((DEB_ERROR, "NonceIsValid: Nonce hash does not match\n"));
  276. return STATUS_UNSUCCESSFUL;
  277. }
  279. DebugLog((DEB_TRACE_FUNC, "NonceIsValid: Leaving\n"));
  281. return (Status);
  282. }
  284. /*++
  286. Routine Description:
  288. Creates MD5 hash of input buffer
  290. Arguments:
  292. pbData - data to hash
  293. cbData - size of data pointed to by pbData
  294. pbHash - buffer that receives hash; is assumed to be big enough to contain MD5 hash
  296. Return Value:
  298. TRUE if successful, FALSE if not
  300. --*/
  301. BOOL HashData( BYTE *pbData,
  302. DWORD cbData,
  303. BYTE *pbHash )
  304. {
  305. HCRYPTHASH hHash = NULL;
  307. DebugLog((DEB_TRACE_FUNC, "HashData: Entering\n"));
  309. if ( !CryptCreateHash( g_hCryptProv,
  310. CALG_MD5,
  311. 0,
  312. 0,
  313. &hHash ) )
  314. {
  315. DebugLog((DEB_ERROR, "HashData: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  316. return FALSE;
  317. }
  319. if ( !CryptHashData( hHash,
  320. pbData,
  321. cbData,
  322. 0 ) )
  323. {
  324. DebugLog((DEB_ERROR, "HashData: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  326. CryptDestroyHash( hHash );
  327. return FALSE;
  328. }
  330. DWORD cbHash = MD5_HASH_BYTESIZE;
  331. if ( !CryptGetHashParam( hHash,
  332. HP_HASHVAL,
  333. pbHash,
  334. &cbHash,
  335. 0 ) )
  336. {
  337. DebugLog((DEB_ERROR, "HashData: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  339. CryptDestroyHash( hHash );
  340. return FALSE;
  341. }
  343. CryptDestroyHash( hHash );
  345. DebugLog((DEB_TRACE_FUNC, "HashData: Leaving\n"));
  346. return TRUE;
  347. }
  350. /*++
  352. Routine Description:
  354. Creates MD5 hash of the Nonce values
  356. Arguments:
  358. pbTime - pointer to char buffer encoded Time()
  359. cbTime - number of bytes in encoded Time() buffer to process
  360. pbRandom - pointer to char buffer encoded random sequence
  361. cbRandom - number of bytes in encoded random buffer to process
  362. pbTKey - pointer to char buffer encoded private key
  363. cbKey - number of bytes in encoded private key buffer to process
  364. pbHash - pointer to char buffer encoded Nonce Hash
  365. cbHash - number of bytes in encoded Time() buffer to process
  367. Return Value:
  369. STATUS_SUCCESS - normal completion
  371. --*/
  372. NTSTATUS NTAPI
  373. NonceHash( IN LPBYTE pbTime,
  374. IN DWORD cbTime,
  375. IN LPBYTE pbRandom,
  376. IN DWORD cbRandom,
  377. IN LPBYTE pbKey,
  378. IN DWORD cbKey,
  379. OUT LPBYTE pbHash)
  380. {
  381. NTSTATUS Status = STATUS_SUCCESS;
  382. HCRYPTHASH hHash = NULL;
  383. DWORD cbHash = MD5_HASH_BYTESIZE; // Number of bytes for MD5 hash
  384. unsigned char abHashBin[MD5_HASH_BYTESIZE];
  385. char *pbSeparator = COLONSTR;
  387. DebugLog((DEB_TRACE_FUNC, "NonceHash: Entering\n"));
  389. if ( !CryptCreateHash( g_hCryptProv,
  390. CALG_MD5,
  391. 0,
  392. 0,
  393. &hHash ) )
  394. {
  395. DebugLog((DEB_ERROR, "NonceHash: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  396. Status = STATUS_INTERNAL_ERROR;
  397. goto CleanUp;
  398. }
  400. if ( !CryptHashData( hHash,
  401. pbTime,
  402. cbTime,
  403. 0 ) )
  404. {
  405. DebugLog((DEB_ERROR, "NonceHash: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  406. Status = STATUS_INTERNAL_ERROR;
  407. goto CleanUp;
  408. }
  410. if ( !CryptHashData( hHash,
  411. (const unsigned char *)pbSeparator,
  412. COLONSTR_LEN,
  413. 0 ) )
  414. {
  415. DebugLog((DEB_ERROR, "NonceHash: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  416. Status = STATUS_INTERNAL_ERROR;
  417. goto CleanUp;
  418. }
  420. if ( !CryptHashData( hHash,
  421. pbRandom,
  422. cbRandom,
  423. 0 ) )
  424. {
  425. DebugLog((DEB_ERROR, "NonceHash: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  426. Status = STATUS_INTERNAL_ERROR;
  427. goto CleanUp;
  428. }
  430. if ( !CryptHashData( hHash,
  431. (const unsigned char *)pbSeparator,
  432. COLONSTR_LEN,
  433. 0 ) )
  434. {
  435. DebugLog((DEB_ERROR, "NonceHash: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  436. Status = STATUS_INTERNAL_ERROR;
  437. goto CleanUp;
  438. }
  440. if ( !CryptHashData( hHash,
  441. pbKey,
  442. cbKey,
  443. 0 ) )
  444. {
  445. DebugLog((DEB_ERROR, "NonceHash: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  446. Status = STATUS_INTERNAL_ERROR;
  447. goto CleanUp;
  448. }
  450. if ( !CryptGetHashParam( hHash,
  451. HP_HASHVAL,
  452. abHashBin,
  453. &cbHash,
  454. 0 ) )
  455. {
  456. DebugLog((DEB_ERROR, "NonceHash: CryptCreateHash failed : 0x%lx\n", GetLastError()));
  457. Status = STATUS_INTERNAL_ERROR;
  458. goto CleanUp;
  459. }
  461. // Now convert the Hash to hex
  462. BinToHex(abHashBin, MD5_HASH_BYTESIZE, (char *)pbHash);
  464. CleanUp:
  465. if (hHash)
  466. {
  467. CryptDestroyHash( hHash );
  468. hHash = NULL;
  469. }
  471. DebugLog((DEB_TRACE_FUNC, "NonceHash: Leaving\n"));
  472. return(Status);
  473. }
  476. //+--------------------------------------------------------------------
  477. //
  478. // Function: NonceIsTampered
  479. //
  480. // Synopsis: Check the hash matches for the Nonce
  481. //
  482. // Arguments: None
  483. //
  484. // Returns: TRUE/FALSE if Nonce hash fails check
  485. //
  486. // Notes: Called from NonceIsValid
  487. //
  488. //---------------------------------------------------------------------
  489. BOOL NonceIsTampered(PSTRING pstrNonce)
  490. {
  491. BOOL bStatus = FALSE;
  492. NTSTATUS Status = STATUS_SUCCESS;
  493. unsigned char abHashHex[(2*MD5_HASH_BYTESIZE) + 1];
  495. DebugLog((DEB_TRACE_FUNC, "NonceIsTampered:Entering \n"));
  497. Status = NonceHash((LPBYTE) (pstrNonce->Buffer + NONCE_TIME_LOC), (2 * sizeof(time_t)),
  498. (LPBYTE) (pstrNonce->Buffer + NONCE_RANDDATA_LOC), (2 * RANDDATA_BYTESIZE),
  499. (LPBYTE) g_cNoncePrivateKey, (2 * NONCE_PRIVATE_KEY_BYTESIZE),
  500. (LPBYTE) abHashHex);
  501. if (!NT_SUCCESS (Status))
  502. {
  503. DebugLog((DEB_ERROR, "NonceIsTampered: NonceHash has failed %d\n", Status));
  504. bStatus = TRUE;
  505. goto CleanUp;
  506. }
  508. if (memcmp(abHashHex, (pstrNonce->Buffer + NONCE_HASH_LOC), (2 * MD5_HASH_BYTESIZE)))
  509. {
  510. DebugLog((DEB_ERROR, "NonceIsTampered: memcmp failed\n"));
  511. bStatus = TRUE;
  512. goto CleanUp;
  513. }
  515. CleanUp:
  516. DebugLog((DEB_TRACE_FUNC, "NonceIsTampered: Leaving\n"));
  517. return bStatus;
  518. }
  523. //+--------------------------------------------------------------------
  524. //
  525. // Function: OpaqueCreate
  526. //
  527. // Synopsis: Creates an Opaque string composed of OPAQUE_SIZE of random data
  528. //
  529. // Arguments: pstrOpque - pointer to a STRING to fillin
  530. // with a new opaque
  531. //
  532. // Returns: STATUS_DATA_ERROR - input NONCE not enough space
  533. // STATUS_SUCCESS - operation completed normally
  534. //
  535. // Notes: Function will return error if Nonce STRING is not empty
  536. // OPAQUE FORMAT
  537. // opaque_binary = rand[OPAQUE_SIZE]
  538. // nonce = Hex(opaque_binary)
  539. //
  540. //---------------------------------------------------------------------
  542. NTSTATUS NTAPI
  543. OpaqueCreate(
  544. IN OUT PSTRING pstrOpaque
  545. )
  546. {
  547. NTSTATUS Status = STATUS_SUCCESS;
  548. BYTE abRandomData[OPAQUE_RANDATA_SIZE];
  549. DebugLog((DEB_TRACE_FUNC, "OpaqueCreate: Entering\n"));
  551. // Check to make sure that there is enough space on ouput string
  552. // Need room for the Nonce and the NULL terminator
  553. if (!pstrOpaque->Buffer)
  554. {
  555. Status = StringAllocate(pstrOpaque, OPAQUE_SIZE);
  556. if (!NT_SUCCESS (Status))
  557. {
  558. Status = SEC_E_INSUFFICIENT_MEMORY;
  559. DebugLog((DEB_ERROR, "OpaqueCreate: StringAllocate error 0x%x\n", Status));
  560. goto CleanUp;
  561. }
  562. }
  563. else if (pstrOpaque->MaximumLength < ((2 * OPAQUE_RANDATA_SIZE) + 1))
  564. {
  565. DebugLog((DEB_ERROR, "OpaqueCreate: Input STRING too small\n"));
  566. Status = STATUS_BUFFER_TOO_SMALL;
  567. goto CleanUp;
  568. }
  570. //
  571. // Generate and copy over the random bytes
  572. //
  573. if ( !CryptGenRandom( g_hCryptProv,
  574. OPAQUE_RANDATA_SIZE,
  575. abRandomData ) )
  576. {
  577. DebugLog((DEB_TRACE, "OpaqueCreate: CryptGenRandom() failed : 0x%lx\n", GetLastError()));
  578. Status = STATUS_INTERNAL_ERROR;
  579. return (Status);
  580. }
  582. //
  583. // Convert to ASCII, doubling the length, and add to nonce
  584. //
  585. BinToHex( abRandomData, OPAQUE_RANDATA_SIZE, pstrOpaque->Buffer);
  587. pstrOpaque->Length = (2 * OPAQUE_RANDATA_SIZE);
  589. CleanUp:
  591. if (!NT_SUCCESS(Status))
  592. {
  593. pstrOpaque->Length = 0;
  594. }
  596. DebugLog((DEB_TRACE_FUNC, "OpaqueCreate: Leaving\n"));
  598. return (Status);
  599. }