archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/ds/win32/ntcrypto/fips/driver/fipscryp.c

391 lines
10 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. //+-----------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (c) Microsoft Corporation 1999
  6. //
  7. // File: fipscryp.c
  8. //
  9. // Contents: Base level stuff for the FIPS mode crypto device driver
  10. //
  11. //
  12. // History: 04 JAN 00, Jeffspel Stolen from KSECDD
  13. // FEB 00, kschutz
  14. //
  15. //------------------------------------------------------------------------
  17. #include <ntddk.h>
  18. #include <fipsapi.h>
  19. #include <fipslog.h>
  20. #include <randlib.h>
  22. #pragma hdrstop
  24. NTSTATUS SelfMACCheck(IN LPWSTR pszImage);
  25. NTSTATUS AlgorithmCheck(void);
  28. /*
  29. typedef struct _DEVICE_EXTENSION {
  31. ULONG OpenCount;
  32. PVOID CodeHandle;
  33. PVOID DataHandle;
  35. } DEVICE_EXTENSION, *PDEVICE_EXTENSION;
  36. */
  38. VOID
  39. FipsLogError(
  40. IN PVOID Object,
  41. IN NTSTATUS ErrorCode,
  42. IN PUNICODE_STRING Insertion,
  43. IN ULONG DumpData
  44. )
  46. /*++
  48. Routine Description:
  50. This routine allocates an error log entry, copies the supplied data
  51. to it, and requests that it be written to the error log file.
  53. Arguments:
  55. DeviceObject - Supplies a pointer to the device object associated
  56. with the device that had the error, early in
  57. initialization, one may not yet exist.
  59. Insertion - An insertion string that can be used to log
  60. additional data. Note that the message file
  61. needs %2 for this insertion, since %1
  62. is the name of the driver
  64. ErrorCode - Supplies the IO status for this particular error.
  66. DumpData - One word to dump
  68. Return Value:
  70. None.
  72. --*/
  74. {
  75. PIO_ERROR_LOG_PACKET errorLogEntry;
  77. errorLogEntry = IoAllocateErrorLogEntry(
  78. Object,
  79. (UCHAR) (
  80. sizeof(IO_ERROR_LOG_PACKET) +
  81. (Insertion ? Insertion->Length + sizeof(WCHAR) : 0)
  82. )
  83. );
  85. ASSERT(errorLogEntry != NULL);
  87. if (errorLogEntry == NULL) {
  89. return;
  90. }
  92. errorLogEntry->ErrorCode = ErrorCode;
  93. errorLogEntry->SequenceNumber = 0;
  94. errorLogEntry->MajorFunctionCode = 0;
  95. errorLogEntry->RetryCount = 0;
  96. errorLogEntry->UniqueErrorValue = 0;
  97. errorLogEntry->FinalStatus = STATUS_SUCCESS;
  98. errorLogEntry->DumpDataSize = (DumpData ? sizeof(ULONG) : 0);
  99. errorLogEntry->DumpData[0] = DumpData;
  101. if (Insertion) {
  103. errorLogEntry->StringOffset =
  104. sizeof(IO_ERROR_LOG_PACKET);
  106. errorLogEntry->NumberOfStrings = 1;
  108. RtlCopyMemory(
  109. ((PCHAR)(errorLogEntry) + errorLogEntry->StringOffset),
  110. Insertion->Buffer,
  111. Insertion->Length
  112. );
  113. }
  115. IoWriteErrorLogEntry(errorLogEntry);
  116. }
  118. NTSTATUS
  119. FipsCreateClose(
  120. IN PDEVICE_OBJECT DeviceObject,
  121. IN PIRP Irp
  122. )
  123. {
  124. //PDEVICE_EXTENSION deviceExtension = DeviceObject->DeviceExtension;
  125. PIO_STACK_LOCATION irpStack = IoGetCurrentIrpStackLocation(Irp);
  127. /*
  128. if (irpStack->MajorFunction == IRP_MJ_CREATE) {
  130. if (deviceExtension->OpenCount++ == 0) {
  132. extern DWORD Spbox[8][64];
  134. deviceExtension->CodeHandle = MmLockPagableCodeSection(A_SHAInit);
  135. MmLockPagableSectionByHandle(deviceExtension->CodeHandle);
  137. deviceExtension->DataHandle = MmLockPagableDataSection(Spbox);
  138. MmLockPagableSectionByHandle(deviceExtension->DataHandle);
  140. }
  142. } else {
  144. if (--deviceExtension->OpenCount == 0) {
  146. MmUnlockPagableImageSection(deviceExtension->CodeHandle);
  147. MmUnlockPagableImageSection(deviceExtension->DataHandle);
  149. }
  150. }
  151. */
  153. Irp->IoStatus.Information = 0;
  154. Irp->IoStatus.Status = STATUS_SUCCESS;
  155. IoCompleteRequest(Irp, IO_NO_INCREMENT);
  157. return STATUS_SUCCESS;
  158. }
  160. NTSTATUS
  161. FipsDeviceControl(
  162. IN PDEVICE_OBJECT DeviceObject,
  163. IN PIRP Irp
  164. )
  165. {
  166. PIO_STACK_LOCATION ioStackLocation = IoGetCurrentIrpStackLocation(Irp);
  167. ULONG ioControlCode = ioStackLocation->Parameters.DeviceIoControl.IoControlCode;
  168. NTSTATUS status = STATUS_NOT_SUPPORTED;
  170. Irp->IoStatus.Information = 0;
  172. switch (ioControlCode) {
  174. FIPS_FUNCTION_TABLE FipsFuncs;
  175. FIPS_FUNCTION_TABLE_1 OldFipsFuncsV1;
  177. case IOCTL_FIPS_GET_FUNCTION_TABLE:
  179. if (ioStackLocation->Parameters.DeviceIoControl.OutputBufferLength >=
  180. sizeof(FipsFuncs)) {
  182. FipsFuncs.FipsDesKey = FipsDesKey;
  183. FipsFuncs.FipsDes = FipsDes;
  184. FipsFuncs.Fips3Des3Key = Fips3Des3Key;
  185. FipsFuncs.Fips3Des = Fips3Des;
  186. FipsFuncs.FipsSHAInit = FipsSHAInit;
  187. FipsFuncs.FipsSHAUpdate = FipsSHAUpdate;
  188. FipsFuncs.FipsSHAFinal = FipsSHAFinal;
  189. FipsFuncs.FipsCBC = FipsCBC;
  190. FipsFuncs.FIPSGenRandom = FIPSGenRandom;
  191. FipsFuncs.FipsBlockCBC = FipsBlockCBC;
  192. FipsFuncs.FipsHmacSHAInit = FipsHmacSHAInit;
  193. FipsFuncs.FipsHmacSHAUpdate = FipsHmacSHAUpdate;
  194. FipsFuncs.FipsHmacSHAFinal = FipsHmacSHAFinal;
  195. FipsFuncs.HmacMD5Init = HmacMD5Init;
  196. FipsFuncs.HmacMD5Update = HmacMD5Update;
  197. FipsFuncs.HmacMD5Final = HmacMD5Final;
  199. *((PFIPS_FUNCTION_TABLE) Irp->AssociatedIrp.SystemBuffer) =
  200. FipsFuncs;
  202. Irp->IoStatus.Information = sizeof(FipsFuncs);
  204. status = STATUS_SUCCESS;
  206. } else if (ioStackLocation->Parameters.DeviceIoControl.OutputBufferLength >=
  207. sizeof(OldFipsFuncsV1)) {
  209. OldFipsFuncsV1.FipsDesKey = FipsDesKey;
  210. OldFipsFuncsV1.FipsDes = FipsDes;
  211. OldFipsFuncsV1.Fips3Des3Key = Fips3Des3Key;
  212. OldFipsFuncsV1.Fips3Des = Fips3Des;
  213. OldFipsFuncsV1.FipsSHAInit = FipsSHAInit;
  214. OldFipsFuncsV1.FipsSHAUpdate = FipsSHAUpdate;
  215. OldFipsFuncsV1.FipsSHAFinal = FipsSHAFinal;
  216. OldFipsFuncsV1.FipsCBC = FipsCBC;
  217. OldFipsFuncsV1.FIPSGenRandom = FIPSGenRandom;
  218. OldFipsFuncsV1.FipsBlockCBC = FipsBlockCBC;
  220. *((PFIPS_FUNCTION_TABLE_1) Irp->AssociatedIrp.SystemBuffer) =
  221. OldFipsFuncsV1;
  223. Irp->IoStatus.Information = sizeof(OldFipsFuncsV1);
  225. status = STATUS_SUCCESS;
  227. } else {
  229. status = STATUS_BUFFER_TOO_SMALL;
  230. }
  232. break;
  233. }
  235. Irp->IoStatus.Status = status;
  237. IoCompleteRequest(
  238. Irp,
  239. IO_NO_INCREMENT
  240. );
  242. return status;
  243. }
  245. VOID
  246. FipsUnload(
  247. IN PDRIVER_OBJECT DriverObject
  248. )
  249. {
  250. PDEVICE_OBJECT deviceObject = DriverObject->DeviceObject;
  252. ShutdownRNG(NULL);
  254. // Delete the device from the system
  255. IoDeleteDevice(deviceObject);
  257. FipsDebug(
  258. DEBUG_TRACE,
  259. ("Fips driver unloaded\n")
  260. );
  261. }
  263. NTSTATUS
  264. DriverEntry(
  265. IN PDRIVER_OBJECT DriverObject,
  266. IN PUNICODE_STRING RegistryPath
  267. )
  269. /*++
  271. Routine Description:
  273. This is the initialization routine for the synchronous NULL device driver.
  274. This routine creates the device object for the NullS device and performs
  275. all other driver initialization.
  277. Arguments:
  279. DriverObject - Pointer to driver object created by the system.
  281. Return Value:
  283. The function value is the final status from the initialization operation.
  285. --*/
  287. {
  288. RTL_QUERY_REGISTRY_TABLE paramTable[2];
  289. UNICODE_STRING fileName, deviceName;
  290. PDEVICE_OBJECT deviceObject = NULL;
  291. NTSTATUS status;
  292. BOOL rngInitialized = FALSE;
  294. __try {
  296. //
  297. // Create the device object.
  298. //
  299. RtlInitUnicodeString(
  300. &deviceName,
  301. FIPS_DEVICE_NAME
  302. );
  304. status = IoCreateDevice(
  305. DriverObject,
  306. 0 /*sizeof(DEVICE_EXTENSION)*/,
  307. &deviceName,
  308. FILE_DEVICE_FIPS,
  309. 0,
  310. FALSE,
  311. &deviceObject
  312. );
  314. if (!NT_SUCCESS( status )) {
  316. __leave;
  317. }
  319. deviceObject->Flags |= DO_BUFFERED_IO;
  321. // initialize the device extension
  322. /*
  323. RtlZeroMemory(
  324. deviceObject->DeviceExtension,
  325. sizeof(PDEVICE_EXTENSION)
  326. );
  327. */
  329. // append the name of our driver to the system root path
  330. RtlInitUnicodeString(
  331. &fileName,
  332. L"\\SystemRoot\\System32\\Drivers\\fips.sys"
  333. );
  335. status = SelfMACCheck(fileName.Buffer);
  337. if (!NT_SUCCESS(status)) {
  339. FipsLogError(
  340. DriverObject,
  341. FIPS_MAC_INCORRECT,
  342. NULL,
  343. status
  344. );
  346. __leave;
  347. }
  349. InitializeRNG(NULL);
  350. rngInitialized = TRUE;
  352. status = AlgorithmCheck();
  354. if (!NT_SUCCESS(status)) {
  356. FipsLogError(
  357. DriverObject,
  358. FIPS_SELF_TEST_FAILURE,
  359. NULL,
  360. status
  361. );
  363. __leave;
  364. }
  366. //
  367. // Initialize the driver object with this device driver's entry points.
  368. //
  369. DriverObject->DriverUnload = FipsUnload;
  370. DriverObject->MajorFunction[IRP_MJ_CREATE] = FipsCreateClose;
  371. DriverObject->MajorFunction[IRP_MJ_CLOSE] = FipsCreateClose;
  372. DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = FipsDeviceControl ;
  373. }
  374. __finally {
  376. if (status != STATUS_SUCCESS) {
  378. if (rngInitialized) {
  380. ShutdownRNG(NULL);
  381. }
  383. if (deviceObject) {
  385. IoDeleteDevice(deviceObject);
  386. }
  388. }
  389. }
  391. return status;
  392. }