archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/mergedcomponents/advapi32/cryptapi.c

5131 lines
144 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /////////////////////////////////////////////////////////////////////////////
  2. // FILE : cryptapi.c //
  3. // DESCRIPTION : Crypto API interface //
  4. // AUTHOR : //
  5. // HISTORY : //
  6. // Dec 6 1994 larrys New //
  7. // Jan 16 1995 larrys Added key verify //
  8. // Jan 25 1995 larrys Added thread safe //
  9. // Jan 27 1995 larrys Added Unicode support //
  10. // Feb 21 1995 larrys Added Unicode support for CryptAcquireContext //
  11. // Feb 21 1995 larrys Fixed Unicode problem in CryptAcquireContext //
  12. // Mar 08 1995 larrys Removed CryptGetLastError //
  13. // Mar 20 1995 larrys Removed Certificate APIs //
  14. // Mar 22 1995 larrys #ifdef in WIN95 code //
  15. // Apr 06 1995 larrys Increased signature key to 1024 bits //
  16. // Apr 07 1995 larrys Removed CryptConfigure //
  17. // Jun 14 1995 larrys Removed pointer from RSA key struct //
  18. // Jun 29 1995 larrys Changed AcquireContext //
  19. // Jul 17 1995 larrys Worked on AcquireContext //
  20. // Aug 01 1995 larrys Removed CryptTranslate //
  21. // And CryptDeinstallProvider //
  22. // Changed CryptInstallProvider to //
  23. // CryptSetProvider //
  24. // Aug 03 1995 larrys Cleanup //
  25. // Aug 10 1995 larrys CryptAcquireContext returns error //
  26. // NTE_BAD_KEYSEY_PARAM now //
  27. // Aug 14 1995 larrys Removed key exchange stuff //
  28. // Aug 17 1995 larrys Changed registry entry to decimcal //
  29. // Aug 23 1995 larrys Changed CryptFinishHash to CryptGetHashValue //
  30. // Aug 28 1995 larrys Removed parameter from CryptVerifySignature //
  31. // Aug 31 1995 larrys Remove GenRandom //
  32. // Sep 14 1995 larrys Code review changes //
  33. // Sep 26 1995 larrys Added Microsoft's signing key //
  34. // Sep 27 1995 larrys Updated with more review changes //
  35. // Oct 06 1995 larrys Added more APIs Get/SetHash/ProvParam //
  36. // Oct 12 1995 larrys Remove CryptGetHashValue //
  37. // Oct 20 1995 larrys Changed test key //
  38. // Oct 24 1995 larrys Removed return of KeySet name //
  39. // Oct 30 1995 larrys Removed WIN95 //
  40. // Nov 9 1995 larrys Disable BUILD1057 //
  41. // Nov 10 1995 larrys Fix a problem in EnterHashCritSec //
  42. // May 30 1996 larrys Added hWnd support //
  43. // Oct 10 1996 jeffspel Reordered SetLastErrors and save error on //
  44. // AcquireContext failure //
  45. // Mar 21 1997 jeffspel Added second tier signatures, new APIs //
  46. // Apr 11 1997 jeffspel Replace critical sections with interlocked //
  47. // inc/dec //
  48. // Oct 02 1997 jeffspel Add caching of CSPs to CryptAcquireContext //
  49. // Oct 10 1997 jeffspel Add verification scheme for signature in file //
  50. // //
  51. // Copyright (C) 1993 Microsoft Corporation All Rights Reserved //
  52. /////////////////////////////////////////////////////////////////////////////
  55. #include "advapi.h"
  56. #include "stdlib.h"
  57. #include <wincrypt.h> // Include here, since not included by LEAN_AND_MEAN
  58. #include <cspdk.h>
  59. #include <ntstatus.h>
  60. #include <rsa.h>
  61. #include <md5.h>
  62. #include <rc4.h>
  63. #include <winperf.h>
  64. #include <wtypes.h>
  65. #include <mincrypt.h>
  67. #define IDR_PUBKEY1 102
  69. typedef struct _VTableStruc {
  70. // ******************** WARNING **********************************************
  71. // Do not place anything before these FARPROCs we init the table assuming
  72. // that the first Function to call is the first thing in the table.
  73. // ***************************************************************************
  74. FARPROC FuncAcquireContext;
  75. FARPROC FuncReleaseContext;
  76. FARPROC FuncGenKey;
  77. FARPROC FuncDeriveKey;
  78. FARPROC FuncDestroyKey;
  79. FARPROC FuncSetKeyParam;
  80. FARPROC FuncGetKeyParam;
  81. FARPROC FuncExportKey;
  82. FARPROC FuncImportKey;
  83. FARPROC FuncEncrypt;
  84. FARPROC FuncDecrypt;
  85. FARPROC FuncCreateHash;
  86. FARPROC FuncHashData;
  87. FARPROC FuncHashSessionKey;
  88. FARPROC FuncDestroyHash;
  89. FARPROC FuncSignHash;
  90. FARPROC FuncVerifySignature;
  91. FARPROC FuncGenRandom;
  92. FARPROC FuncGetUserKey;
  93. FARPROC FuncSetProvParam;
  94. FARPROC FuncGetProvParam;
  95. FARPROC FuncSetHashParam;
  96. FARPROC FuncGetHashParam;
  97. FARPROC FuncNULL;
  99. FARPROC OptionalFuncDuplicateKey;
  100. FARPROC OptionalFuncDuplicateHash;
  101. FARPROC OptionalFuncNULL;
  103. HANDLE DllHandle; // Handle to open DLL
  104. HCRYPTPROV hProv; // Handle to provider
  105. DWORD Version;
  106. DWORD Inuse;
  107. LONG RefCnt;
  108. } VTableStruc, *PVTableStruc;
  110. typedef struct _VKeyStruc {
  111. // ******************** WARNING **********************************************
  112. // Do not place anything before these FARPROCs we init the table assuming
  113. // that the first Function to call is the first thing in the table.
  114. // ***************************************************************************
  115. FARPROC FuncGenKey;
  116. FARPROC FuncDeriveKey;
  117. FARPROC FuncDestroyKey;
  118. FARPROC FuncSetKeyParam;
  119. FARPROC FuncGetKeyParam;
  120. FARPROC FuncExportKey;
  121. FARPROC FuncImportKey;
  122. FARPROC FuncEncrypt;
  123. FARPROC FuncDecrypt;
  125. FARPROC OptionalFuncDuplicateKey;
  127. HCRYPTPROV hProv; // Handle to provider
  128. HCRYPTKEY hKey; // Handle to key
  129. DWORD Version;
  130. DWORD Inuse;
  131. } VKeyStruc, *PVKeyStruc;
  133. typedef struct _VHashStruc {
  134. // ******************** WARNING **********************************************
  135. // Do not place anything before these FARPROCs we init the table assuming
  136. // that the first Function to call is the first thing in the table.
  137. // ***************************************************************************
  138. FARPROC FuncCreateHash;
  139. FARPROC FuncHashData;
  140. FARPROC FuncHashSessionKey;
  141. FARPROC FuncDestroyHash;
  142. FARPROC FuncSignHash;
  143. FARPROC FuncVerifySignature;
  144. FARPROC FuncSetHashParam;
  145. FARPROC FuncGetHashParam;
  147. FARPROC OptionalFuncDuplicateHash;
  149. HCRYPTPROV hProv; // Handle to provider
  150. HCRYPTHASH hHash; // Handle to hash
  151. DWORD Version;
  152. DWORD Inuse;
  153. } VHashStruc, *PVHashStruc;
  156. //
  157. // Crypto providers have to have the following entry points:
  158. //
  159. LPCSTR FunctionNames[] = {
  160. "CPAcquireContext",
  161. "CPReleaseContext",
  162. "CPGenKey",
  163. "CPDeriveKey",
  164. "CPDestroyKey",
  165. "CPSetKeyParam",
  166. "CPGetKeyParam",
  167. "CPExportKey",
  168. "CPImportKey",
  169. "CPEncrypt",
  170. "CPDecrypt",
  171. "CPCreateHash",
  172. "CPHashData",
  173. "CPHashSessionKey",
  174. "CPDestroyHash",
  175. "CPSignHash",
  176. "CPVerifySignature",
  177. "CPGenRandom",
  178. "CPGetUserKey",
  179. "CPSetProvParam",
  180. "CPGetProvParam",
  181. "CPSetHashParam",
  182. "CPGetHashParam",
  183. NULL
  184. };
  186. LPCSTR OptionalFunctionNames[] = {
  187. "CPDuplicateKey",
  188. "CPDuplicateHash",
  189. NULL
  190. };
  192. #define CapiExceptionFilter \
  193. (STATUS_ACCESS_VIOLATION == GetExceptionCode() ? \
  194. EXCEPTION_EXECUTE_HANDLER : \
  195. EXCEPTION_CONTINUE_SEARCH)
  197. HWND hWnd = NULL;
  198. BYTE *pbContextInfo = NULL;
  199. DWORD cbContextInfo;
  201. #define KEYSIZE512 0x48
  202. #define KEYSIZE1024 0x88
  204. // designatred resource for in file signatures
  205. #define OLD_CRYPT_SIG_RESOURCE_NUMBER "#666"
  208. typedef struct _SECONDTIER_SIG
  209. {
  210. DWORD dwMagic;
  211. DWORD cbSig;
  212. BSAFE_PUB_KEY Pub;
  213. } SECOND_TIER_SIG, *PSECOND_TIER_SIG;
  215. #ifdef TEST_BUILD_EXPONENT
  216. #pragma message("WARNING: building advapai32.dll with TESTKEY enabled!")
  217. static struct _TESTKEY {
  218. BSAFE_PUB_KEY PUB;
  219. unsigned char pubmodulus[KEYSIZE512];
  220. } TESTKEY = {
  221. {
  222. 0x66b8443b,
  223. 0x6f5fc900,
  224. 0xa12132fe,
  225. 0xff1b06cf,
  226. 0x2f4826eb,
  227. },
  228. {
  229. 0x3e, 0x69, 0x4f, 0x45, 0x31, 0x95, 0x60, 0x6c,
  230. 0x80, 0xa5, 0x41, 0x99, 0x3e, 0xfc, 0x92, 0x2c,
  231. 0x93, 0xf9, 0x86, 0x23, 0x3d, 0x48, 0x35, 0x81,
  232. 0x19, 0xb6, 0x7c, 0x04, 0x43, 0xe6, 0x3e, 0xd4,
  233. 0xd5, 0x43, 0xaf, 0x52, 0xdd, 0x51, 0x20, 0xac,
  234. 0xc3, 0xca, 0xee, 0x21, 0x9b, 0x4a, 0x2d, 0xf7,
  235. 0xd8, 0x5f, 0x32, 0xeb, 0x49, 0x72, 0xb9, 0x8d,
  236. 0x2e, 0x1a, 0x76, 0x7f, 0xde, 0xc6, 0x75, 0xab,
  237. 0xaf, 0x67, 0xe0, 0xf0, 0x8b, 0x30, 0x20, 0x92,
  238. }
  239. };
  240. #endif
  243. #ifdef MS_INTERNAL_KEY
  244. static struct _mskey {
  245. BSAFE_PUB_KEY PUB;
  246. unsigned char pubmodulus[KEYSIZE1024];
  247. } MSKEY = {
  248. {
  249. 0x2bad85ae,
  250. 0x883adacc,
  251. 0xb32ebd68,
  252. 0xa7ec8b06,
  253. 0x58dbeb81,
  254. },
  255. {
  256. 0x42, 0x34, 0xb7, 0xab, 0x45, 0x0f, 0x60, 0xcd,
  257. 0x8f, 0x77, 0xb5, 0xd1, 0x79, 0x18, 0x34, 0xbe,
  258. 0x66, 0xcb, 0x5c, 0x66, 0x4a, 0x9f, 0x03, 0x18,
  259. 0x13, 0x36, 0x8e, 0x88, 0x21, 0x78, 0xb1, 0x94,
  260. 0xa1, 0xd5, 0x8f, 0x8c, 0xa5, 0xd3, 0x9f, 0x86,
  261. 0x43, 0x89, 0x05, 0xa0, 0xe3, 0xee, 0xe2, 0xd0,
  262. 0xe5, 0x1d, 0x5f, 0xaf, 0xff, 0x85, 0x71, 0x7a,
  263. 0x0a, 0xdb, 0x2e, 0xd8, 0xc3, 0x5f, 0x2f, 0xb1,
  264. 0xf0, 0x53, 0x98, 0x3b, 0x44, 0xee, 0x7f, 0xc9,
  265. 0x54, 0x26, 0xdb, 0xdd, 0xfe, 0x1f, 0xd0, 0xda,
  266. 0x96, 0x89, 0xc8, 0x9e, 0x2b, 0x5d, 0x96, 0xd1,
  267. 0xf7, 0x52, 0x14, 0x04, 0xfb, 0xf8, 0xee, 0x4d,
  268. 0x92, 0xd1, 0xb6, 0x37, 0x6a, 0xe0, 0xaf, 0xde,
  269. 0xc7, 0x41, 0x06, 0x7a, 0xe5, 0x6e, 0xb1, 0x8c,
  270. 0x8f, 0x17, 0xf0, 0x63, 0x8d, 0xaf, 0x63, 0xfd,
  271. 0x22, 0xc5, 0xad, 0x1a, 0xb1, 0xe4, 0x7a, 0x6b,
  272. 0x1e, 0x0e, 0xea, 0x60, 0x56, 0xbd, 0x49, 0xd0,
  273. }
  274. };
  275. #endif
  278. static struct _key {
  279. BSAFE_PUB_KEY PUB;
  280. unsigned char pubmodulus[KEYSIZE1024];
  281. } KEY = {
  282. {
  283. 0x3fcbf1a9,
  284. 0x08f597db,
  285. 0xe4aecab4,
  286. 0x75360f90,
  287. 0x9d6c0f00,
  288. },
  289. {
  290. 0x85, 0xdd, 0x9b, 0xf4, 0x4d, 0x0b, 0xc4, 0x96,
  291. 0x3e, 0x79, 0x86, 0x30, 0x6d, 0x27, 0x31, 0xee,
  292. 0x4a, 0x85, 0xf5, 0xff, 0xbb, 0xa9, 0xbd, 0x81,
  293. 0x86, 0xf2, 0x4f, 0x87, 0x6c, 0x57, 0x55, 0x19,
  294. 0xe4, 0xf4, 0x49, 0xa3, 0x19, 0x27, 0x08, 0x82,
  295. 0x9e, 0xf9, 0x8a, 0x8e, 0x41, 0xd6, 0x91, 0x71,
  296. 0x47, 0x48, 0xee, 0xd6, 0x24, 0x2d, 0xdd, 0x22,
  297. 0x72, 0x08, 0xc6, 0xa7, 0x34, 0x6f, 0x93, 0xd2,
  298. 0xe7, 0x72, 0x57, 0x78, 0x7a, 0x96, 0xc1, 0xe1,
  299. 0x47, 0x38, 0x78, 0x43, 0x53, 0xea, 0xf3, 0x88,
  300. 0x82, 0x66, 0x41, 0x43, 0xd4, 0x62, 0x44, 0x01,
  301. 0x7d, 0xb2, 0x16, 0xb3, 0x50, 0x89, 0xdb, 0x0a,
  302. 0x93, 0x17, 0x02, 0x02, 0x46, 0x49, 0x79, 0x76,
  303. 0x59, 0xb6, 0xb1, 0x2b, 0xfc, 0xb0, 0x9a, 0x21,
  304. 0xe6, 0xfa, 0x2d, 0x56, 0x07, 0x36, 0xbc, 0x13,
  305. 0x7f, 0x1c, 0xde, 0x55, 0xfb, 0x0d, 0x67, 0x0f,
  306. 0xc2, 0x17, 0x45, 0x8a, 0x14, 0x2b, 0xba, 0x55,
  307. }
  308. };
  311. static struct _key2 {
  312. BSAFE_PUB_KEY PUB;
  313. unsigned char pubmodulus[KEYSIZE1024];
  314. } KEY2 = {
  315. {
  316. 0x685fc690,
  317. 0x97d49b6b,
  318. 0x1dccd9d2,
  319. 0xa5ec9b52,
  320. 0x64fd29d7,
  321. },
  322. {
  323. 0x03, 0x8c, 0xa3, 0x9e, 0xfb, 0x93, 0xb6, 0x72,
  324. 0x2a, 0xda, 0x6f, 0xa5, 0xec, 0x26, 0x39, 0x58,
  325. 0x41, 0xcd, 0x3f, 0x49, 0x10, 0x4c, 0xcc, 0x7e,
  326. 0x23, 0x94, 0xf9, 0x5d, 0x9b, 0x2b, 0xa3, 0x6b,
  327. 0xe8, 0xec, 0x52, 0xd9, 0x56, 0x64, 0x74, 0x7c,
  328. 0x44, 0x6f, 0x36, 0xb7, 0x14, 0x9d, 0x02, 0x3c,
  329. 0x0e, 0x32, 0xb6, 0x38, 0x20, 0x25, 0xbd, 0x8c,
  330. 0x9b, 0xd1, 0x46, 0xa7, 0xb3, 0x58, 0x4a, 0xb7,
  331. 0xdd, 0x0e, 0x38, 0xb6, 0x16, 0x44, 0xbf, 0xc1,
  332. 0xca, 0x4d, 0x6a, 0x9f, 0xcb, 0x6f, 0x3c, 0x5f,
  333. 0x03, 0xab, 0x7a, 0xb8, 0x16, 0x70, 0xcf, 0x98,
  334. 0xd0, 0xca, 0x8d, 0x25, 0x57, 0x3a, 0x22, 0x8b,
  335. 0x44, 0x96, 0x37, 0x51, 0x30, 0x00, 0x92, 0x1b,
  336. 0x03, 0xb9, 0xf9, 0x0d, 0xb3, 0x1a, 0xe2, 0xb4,
  337. 0xc5, 0x7b, 0xc9, 0x4b, 0xe2, 0x42, 0x25, 0xfe,
  338. 0x3d, 0x42, 0xfa, 0x45, 0xc6, 0x94, 0xc9, 0x8e,
  339. 0x87, 0x7e, 0xf6, 0x68, 0x90, 0x30, 0x65, 0x10,
  340. }
  341. };
  343. #define CACHESIZE 32
  344. static HANDLE gCSPCache[CACHESIZE];
  346. #define TABLEPROV 0x11111111
  347. #define TABLEKEY 0x22222222
  348. #define TABLEHASH 0x33333333
  350. CHAR szreg[] = "SOFTWARE\\Microsoft\\Cryptography\\Providers\\";
  351. CHAR szusertype[] = "SOFTWARE\\Microsoft\\Cryptography\\Providers\\Type ";
  352. CHAR szmachinetype[] = "SOFTWARE\\Microsoft\\Cryptography\\Defaults\\Provider Types\\Type ";
  353. CHAR szprovider[] = "SOFTWARE\\Microsoft\\Cryptography\\Defaults\\Provider\\";
  354. CHAR szenumproviders[] = "SOFTWARE\\Microsoft\\Cryptography\\Defaults\\Provider";
  355. CHAR szprovidertypes[] = "SOFTWARE\\Microsoft\\Cryptography\\Defaults\\Provider Types";
  357. BOOL EnterProviderCritSec(IN PVTableStruc pVTable);
  358. void LeaveProviderCritSec(IN PVTableStruc pVTable);
  359. BOOL EnterKeyCritSec(IN PVKeyStruc pVKey);
  360. void LeaveKeyCritSec(IN PVKeyStruc pVKey);
  361. BOOL EnterHashCritSec(IN PVHashStruc pVHash);
  362. void LeaveHashCritSec(IN PVHashStruc pVHash);
  364. BOOL CheckSignatureInFile(LPCWSTR pszImage);
  366. BOOL CProvVerifyImage(LPCSTR lpszImage,
  367. BYTE *pSigData);
  369. BOOL NewVerifyImage(LPCSTR lpszImage,
  370. BYTE *pSigData,
  371. DWORD cbData,
  372. BOOL fUnknownLen);
  374. BOOL BuildVKey(IN PVKeyStruc *ppVKey,
  375. IN PVTableStruc pVTable);
  377. BOOL BuildVHash(
  378. IN PVHashStruc *ppVKey,
  379. IN PVTableStruc pVTable
  380. );
  382. void CPReturnhWnd(HWND *phWnd);
  384. static void __ltoa(DWORD val, char *buf);
  386. BOOL CSPInCacheCheck(
  387. LPSTR pszValue,
  388. HANDLE *ph
  389. )
  390. {
  391. HANDLE h = 0;
  392. DWORD i;
  393. BOOL fRet = FALSE;
  395. // check if CSP has been loaded
  396. if (0 == (h = GetModuleHandle(pszValue)))
  397. goto Ret;
  399. // check if the CSP is in the cache designating it as signed
  400. for (i=0;i<CACHESIZE;i++)
  401. {
  402. if (h == gCSPCache[i])
  403. {
  404. *ph = h;
  405. fRet = TRUE;
  406. break;
  407. }
  408. }
  409. Ret:
  410. return fRet;
  411. }
  413. void AddHandleToCSPCache(
  414. HANDLE h
  415. )
  416. {
  417. DWORD i;
  419. // check if the CSP is in the cache designating it as signed
  420. for (i=0;i<CACHESIZE;i++)
  421. {
  422. if (0 == gCSPCache[i])
  423. {
  424. gCSPCache[i] = h;
  425. break;
  426. }
  427. }
  428. }
  430. /*
  431. - CryptAcquireContextW
  432. -
  433. * Purpose:
  434. * The CryptAcquireContext function is used to acquire a context
  435. * handle to a cryptograghic service provider (CSP).
  436. *
  437. *
  438. * Parameters:
  439. * OUT phProv - Handle to a CSP
  440. * IN pszIdentity - Pointer to the name of the context's
  441. * keyset.
  442. * IN pszProvider - Pointer to the name of the provider.
  443. * IN dwProvType - Requested CSP type
  444. * IN dwFlags - Flags values
  445. *
  446. * Returns:
  447. */
  448. WINADVAPI
  449. BOOL
  450. WINAPI CryptAcquireContextW(OUT HCRYPTPROV *phProv,
  451. IN LPCWSTR pszIdentity,
  452. IN LPCWSTR pszProvider,
  453. IN DWORD dwProvType,
  454. IN DWORD dwFlags)
  455. {
  456. ANSI_STRING AnsiString1;
  457. ANSI_STRING AnsiString2;
  458. UNICODE_STRING UnicodeString1;
  459. UNICODE_STRING UnicodeString2;
  460. NTSTATUS Status = STATUS_SUCCESS;
  461. BOOL rt;
  463. __try
  464. {
  465. memset(&AnsiString1, 0, sizeof(AnsiString1));
  466. memset(&AnsiString2, 0, sizeof(AnsiString2));
  467. memset(&UnicodeString1, 0, sizeof(UnicodeString1));
  468. memset(&UnicodeString2, 0, sizeof(UnicodeString2));
  470. if (NULL != pszIdentity)
  471. {
  472. RtlInitUnicodeString(&UnicodeString1, pszIdentity);
  474. Status = RtlUnicodeStringToAnsiString(&AnsiString1, &UnicodeString1,
  475. TRUE);
  476. }
  478. if (!NT_SUCCESS(Status))
  479. {
  480. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  481. return(CRYPT_FAILED);
  482. }
  484. if (NULL != pszProvider)
  485. {
  486. RtlInitUnicodeString(&UnicodeString2, pszProvider);
  488. Status = RtlUnicodeStringToAnsiString(&AnsiString2, &UnicodeString2,
  489. TRUE);
  490. }
  492. if (!NT_SUCCESS(Status))
  493. {
  494. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  495. return(CRYPT_FAILED);
  496. }
  498. rt = CryptAcquireContextA(phProv, AnsiString1.Buffer,
  499. AnsiString2.Buffer,
  500. dwProvType, dwFlags);
  502. RtlFreeAnsiString(&AnsiString1);
  503. RtlFreeAnsiString(&AnsiString2);
  505. return(rt);
  506. }
  507. __except (CapiExceptionFilter)
  508. {
  509. SetLastError(ERROR_INVALID_PARAMETER);
  510. goto Try_Error_Return;
  511. }
  513. Try_Error_Return:
  514. return(CRYPT_FAILED);
  516. }
  518. /*
  519. - CryptAcquireContextA
  520. -
  521. * Purpose:
  522. * The CryptAcquireContext function is used to acquire a context
  523. * handle to a cryptograghic service provider (CSP).
  524. *
  525. *
  526. * Parameters:
  527. * OUT phProv - Handle to a CSP
  528. * IN OUT pszIdentity - Pointer to the name of the context's
  529. * keyset.
  530. * IN OUT pszProvName - Pointer to the name of the provider.
  531. * IN dwReqProvider - Requested CSP type
  532. * IN dwFlags - Flags values
  533. *
  534. * Returns:
  535. */
  536. WINADVAPI
  537. BOOL
  538. WINAPI CryptAcquireContextA(OUT HCRYPTPROV *phProv,
  539. IN LPCSTR pszIdentity,
  540. IN LPCSTR pszProvName,
  541. IN DWORD dwReqProvider,
  542. IN DWORD dwFlags)
  543. {
  544. HANDLE handle = 0;
  545. DWORD bufsize;
  546. ULONG_PTR *pTable;
  547. PVTableStruc pVTable = NULL;
  548. LPSTR pszTmpProvName = NULL;
  549. DWORD i;
  550. HKEY hKey = 0;
  551. DWORD cbValue;
  552. DWORD cbTemp;
  553. CHAR *pszValue = NULL;
  554. CHAR *pszDest = NULL;
  555. BYTE *SignatureBuf = NULL;
  556. DWORD provtype;
  557. BOOL rt = CRYPT_FAILED;
  558. DWORD dwType;
  559. LONG err;
  560. DWORD dwErr;
  561. CHAR typebuf[9] = {0, 0, 0, 0, 0, 0, 0, 0, 0};
  562. HCRYPTPROV hTmpProv = 0;
  563. VTableProvStruc VTableProv;
  564. UNICODE_STRING String ;
  565. BOOL SigInFile ;
  568. __try
  569. {
  570. if (dwReqProvider == 0 || dwReqProvider > 999)
  571. {
  572. SetLastError((DWORD) NTE_BAD_PROV_TYPE);
  573. goto Ret;
  574. }
  576. if (pszProvName != NULL && pszProvName[0] != 0)
  577. {
  578. // Do nothing just check for invalid pointers
  579. ;
  580. }
  582. if (pszProvName != NULL && pszProvName[0] != 0)
  583. {
  584. cbValue = strlen(pszProvName);
  586. if ((pszValue = (CHAR *) LocalAlloc(LMEM_ZEROINIT,
  587. (UINT) cbValue +
  588. strlen(szprovider) + 1)) == NULL)
  589. {
  590. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  591. goto Ret;
  592. }
  594. if ((pszTmpProvName = (LPSTR)LocalAlloc(LMEM_ZEROINIT,
  595. (UINT) cbValue + 1)) == NULL)
  596. {
  597. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  598. goto Ret;
  599. }
  601. strcpy(pszTmpProvName, pszProvName);
  602. strcpy(pszValue, szprovider);
  603. strcat(pszValue, pszProvName);
  604. }
  605. else
  606. {
  607. //
  608. // We no longer look under HKCU for a default csp. We only look
  609. // under HKLM.
  610. //
  612. if ((pszValue = (CHAR *) LocalAlloc(LMEM_ZEROINIT,
  613. 5 + strlen(szmachinetype))) == NULL)
  614. {
  615. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  616. goto Ret;
  617. }
  619. __ltoa(dwReqProvider, typebuf);
  620. strcpy(pszValue, szmachinetype);
  621. strcat(pszValue, &typebuf[5]);
  623. if ((err = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
  624. (const char *) pszValue, 0L,
  625. KEY_READ, &hKey)) != ERROR_SUCCESS)
  626. {
  627. SetLastError((DWORD) NTE_PROV_TYPE_NOT_DEF);
  628. goto Ret;
  629. }
  631. if ((err = RegQueryValueEx(hKey, "Name", NULL, &dwType,
  632. NULL, &cbValue)) != ERROR_SUCCESS)
  633. {
  634. SetLastError((DWORD) NTE_PROV_TYPE_NOT_DEF);
  635. goto Ret;
  636. }
  638. LocalFree(pszValue);
  639. if ((pszValue = (CHAR *) LocalAlloc(LMEM_ZEROINIT,
  640. cbValue +
  641. strlen(szprovider) + 1)) == NULL)
  642. {
  643. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  644. goto Ret;
  645. }
  647. if ((pszTmpProvName = (LPSTR)LocalAlloc(LMEM_ZEROINIT,
  648. (UINT) cbValue + 1)) == NULL)
  649. {
  650. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  651. goto Ret;
  652. }
  654. strcpy(pszValue, szprovider);
  656. cbTemp = cbValue;
  658. if ((err = RegQueryValueEx(hKey, "Name", NULL, &dwType,
  659. (LPBYTE)pszTmpProvName,
  660. &cbTemp)) != ERROR_SUCCESS)
  661. {
  662. SetLastError((DWORD) NTE_PROV_TYPE_NOT_DEF);
  663. goto Ret;
  664. }
  666. strcat(pszValue, pszTmpProvName);
  668. RegCloseKey(hKey);
  669. hKey = 0;
  670. }
  672. if ((err = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
  673. (const char *) pszValue,
  674. 0L, KEY_READ, &hKey)) != ERROR_SUCCESS)
  675. {
  676. SetLastError((DWORD) NTE_KEYSET_NOT_DEF);
  677. goto Ret;
  678. }
  680. LocalFree(pszValue);
  681. pszValue = NULL;
  683. cbValue = sizeof(DWORD);
  684. if ((err = RegQueryValueEx(hKey, "Type", NULL, &dwType,
  685. (LPBYTE)&provtype,
  686. &cbValue)) != ERROR_SUCCESS)
  687. {
  688. SetLastError((DWORD) NTE_KEYSET_ENTRY_BAD);
  689. goto Ret;
  690. }
  692. // Check that requested provider type is same as registry entry
  693. if (provtype != dwReqProvider)
  694. {
  695. SetLastError((DWORD) NTE_PROV_TYPE_NO_MATCH);
  696. goto Ret;
  697. }
  699. // Determine size of path for provider
  700. if ((err = RegQueryValueEx(hKey, "Image Path", NULL,
  701. &dwType, NULL, &cbValue)) != ERROR_SUCCESS)
  702. {
  703. SetLastError((DWORD) NTE_KEYSET_ENTRY_BAD);
  704. goto Ret;
  705. }
  707. if ((pszValue = (CHAR *) LocalAlloc(LMEM_ZEROINIT,
  708. (UINT) cbValue)) == NULL)
  709. {
  710. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  711. goto Ret;
  712. }
  714. // Get value from registry
  715. if ((err = RegQueryValueEx(hKey, "Image Path", NULL, &dwType,
  716. (LPBYTE)pszValue, &cbValue)) != ERROR_SUCCESS)
  717. {
  718. SetLastError((DWORD) NTE_KEYSET_ENTRY_BAD);
  719. goto Ret;
  720. }
  722. pszDest = NULL;
  723. cbTemp = 0;
  725. if ((cbTemp = ExpandEnvironmentStrings(pszValue, (CHAR *) &pszDest, cbTemp)) == 0)
  726. {
  727. goto Ret;
  728. }
  730. if ((pszDest = (CHAR *) LocalAlloc(LMEM_ZEROINIT,
  731. (UINT) cbTemp)) == NULL)
  732. {
  733. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  734. goto Ret;
  735. }
  737. if ((cbTemp = ExpandEnvironmentStrings(pszValue, pszDest,
  738. cbTemp)) == 0)
  739. {
  740. goto Ret;
  741. }
  743. LocalFree(pszValue);
  744. pszValue = pszDest;
  745. pszDest = NULL;
  746. cbValue = cbTemp;
  748. if (!CSPInCacheCheck(pszValue, &handle))
  749. {
  750. if ( RtlCreateUnicodeStringFromAsciiz( &String, pszValue ) )
  751. {
  752. // check if the CSP is registered as having the signature in the file
  754. SigInFile = CheckSignatureInFile( String.Buffer );
  756. RtlFreeUnicodeString( &String );
  758. if (! SigInFile )
  759. {
  760. // Determine size of signature
  761. if ((err = RegQueryValueEx(hKey, "Signature", NULL,
  762. &dwType, NULL, &cbValue)) != ERROR_SUCCESS)
  763. {
  764. SetLastError((DWORD) NTE_BAD_SIGNATURE);
  765. goto Ret;
  766. }
  768. if ((SignatureBuf = (LPBYTE)LocalAlloc(LMEM_ZEROINIT,
  769. (UINT) cbValue)) == NULL)
  770. {
  771. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  772. goto Ret;
  773. }
  776. // Get Digital signature from registry
  777. if ((err = RegQueryValueEx(hKey, "Signature", NULL, &dwType,
  778. SignatureBuf,
  779. &cbValue)) != ERROR_SUCCESS)
  780. {
  781. SetLastError((DWORD) NTE_BAD_SIGNATURE);
  782. goto Ret;
  783. }
  786. if (RCRYPT_FAILED(NewVerifyImage(pszValue, SignatureBuf, cbValue, FALSE)))
  787. {
  788. SetLastError((DWORD) NTE_BAD_SIGNATURE);
  789. goto Ret;
  790. }
  791. }
  793. }
  795. if ((handle = LoadLibrary(pszValue)) == NULL)
  796. {
  797. SetLastError((DWORD) NTE_PROVIDER_DLL_FAIL);
  798. goto Ret;
  799. }
  801. AddHandleToCSPCache(handle);
  802. }
  804. // DLLs exist allocate VTable struct to hold address of entry points
  805. bufsize = sizeof(VTableStruc);
  807. if ((pVTable = (PVTableStruc) LocalAlloc(LMEM_ZEROINIT,
  808. (UINT) bufsize)) == NULL)
  809. {
  810. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  811. goto Ret;
  812. }
  814. pTable = (ULONG_PTR *) pVTable;
  816. // Build table of pointers to Crypto API for this DLL
  817. i = 0;
  818. while (FunctionNames[i] != NULL)
  819. {
  820. *pTable = (ULONG_PTR) GetProcAddress(handle, FunctionNames[i]);
  821. if (*pTable == 0)
  822. {
  823. SetLastError((DWORD) NTE_PROVIDER_DLL_FAIL);
  824. goto Ret;
  825. }
  826. pTable++;
  827. i++;
  828. }
  830. // Build the table of optional pointers to Crypto API for this DLL
  831. i = 0;
  832. pTable++;
  833. while (OptionalFunctionNames[i] != NULL)
  834. {
  835. *pTable = (ULONG_PTR) GetProcAddress(handle, OptionalFunctionNames[i]);
  836. pTable++;
  837. i++;
  838. }
  839. pVTable->DllHandle = handle;
  841. memset(&VTableProv, 0, sizeof(VTableProv));
  842. VTableProv.Version = 3;
  843. VTableProv.FuncVerifyImage = (CRYPT_VERIFY_IMAGE_A)CProvVerifyImage;
  844. VTableProv.FuncReturnhWnd = (CRYPT_RETURN_HWND)CPReturnhWnd;
  845. VTableProv.dwProvType = dwReqProvider;
  846. VTableProv.pszProvName = pszTmpProvName;
  847. VTableProv.pbContextInfo = pbContextInfo;
  848. VTableProv.cbContextInfo = cbContextInfo;
  850. *phProv = (HCRYPTPROV) NULL;
  852. rt = (BOOL)pVTable->FuncAcquireContext(&hTmpProv, pszIdentity, dwFlags,
  853. &VTableProv);
  855. if (RCRYPT_SUCCEEDED(rt) &&
  856. ((dwFlags & CRYPT_DELETEKEYSET) != CRYPT_DELETEKEYSET))
  857. {
  858. pVTable->hProv = hTmpProv;
  859. *phProv = (HCRYPTPROV)pVTable;
  861. pVTable->Version = TABLEPROV;
  862. pVTable->Inuse = 1;
  863. pVTable->RefCnt = 1;
  864. }
  865. }
  866. __except (CapiExceptionFilter)
  867. {
  868. SetLastError(ERROR_INVALID_PARAMETER);
  869. goto Ret;
  870. }
  871. Ret:
  872. dwErr = GetLastError();
  873. if (pszTmpProvName)
  874. LocalFree(pszTmpProvName);
  875. if (pszValue)
  876. LocalFree(pszValue);
  877. if (hKey)
  878. RegCloseKey(hKey);
  879. if (pszDest)
  880. LocalFree(pszDest);
  881. if (SignatureBuf)
  882. LocalFree(SignatureBuf);
  883. if ((CRYPT_SUCCEED != rt) || (dwFlags & CRYPT_DELETEKEYSET))
  884. {
  885. if (pVTable)
  886. LocalFree(pVTable);
  887. SetLastError(dwErr);
  888. }
  889. return rt;
  890. }
  892. /*
  893. - CryptContextAddRef
  894. -
  895. * Purpose:
  896. * Increments the reference counter on the provider handle.
  897. *
  898. * Parameters:
  899. * IN hProv - Handle to a CSP
  900. * IN pdwReserved - Reserved parameter
  901. * IN dwFlags - Flags values
  902. *
  903. * Returns:
  904. * BOOL
  905. * Use get extended error information use GetLastError
  906. */
  907. WINADVAPI
  908. BOOL
  909. WINAPI CryptContextAddRef(
  910. IN HCRYPTPROV hProv,
  911. IN DWORD *pdwReserved,
  912. IN DWORD dwFlags
  913. )
  914. {
  915. PVTableStruc pVTable;
  916. BOOL fRet = CRYPT_FAILED;
  918. __try
  919. {
  920. if ((NULL != pdwReserved) || (0 != dwFlags))
  921. {
  922. SetLastError(ERROR_INVALID_PARAMETER);
  923. goto Ret;
  924. }
  926. pVTable = (PVTableStruc) hProv;
  928. if (pVTable->Version != TABLEPROV)
  929. {
  930. SetLastError(ERROR_INVALID_PARAMETER);
  931. goto Ret;
  932. }
  934. if (InterlockedIncrement(&pVTable->RefCnt) <= 0)
  935. SetLastError(ERROR_INVALID_PARAMETER);
  936. else
  937. fRet = CRYPT_SUCCEED;
  938. }
  939. __except ( CapiExceptionFilter )
  940. {
  941. SetLastError(ERROR_INVALID_PARAMETER);
  942. goto Ret;
  943. }
  945. Ret:
  946. return fRet;
  947. }
  949. /*
  950. - CryptReleaseContext
  951. -
  952. * Purpose:
  953. * The CryptReleaseContext function is used to release a
  954. * context created by CryptAcquireContext.
  955. *
  956. * Parameters:
  957. * IN hProv - Handle to a CSP
  958. * IN dwFlags - Flags values
  959. *
  960. * Returns:
  961. * BOOL
  962. * Use get extended error information use GetLastError
  963. */
  964. WINADVAPI
  965. BOOL
  966. WINAPI CryptReleaseContext(IN HCRYPTPROV hProv,
  967. IN DWORD dwFlags)
  968. {
  969. PVTableStruc pVTable;
  970. BOOL rt;
  971. BOOL fRet = CRYPT_FAILED;
  972. DWORD dwErr = 0;
  974. __try
  975. {
  976. pVTable = (PVTableStruc) hProv;
  978. if (pVTable->Version != TABLEPROV)
  979. {
  980. SetLastError(ERROR_INVALID_PARAMETER);
  981. goto Ret;
  982. }
  984. if (pVTable->RefCnt <= 0)
  985. {
  986. SetLastError(ERROR_INVALID_PARAMETER);
  987. goto Ret;
  988. }
  990. if (0 == InterlockedDecrement(&pVTable->RefCnt))
  991. {
  992. if (0 < InterlockedDecrement((LPLONG)&pVTable->Inuse))
  993. {
  994. InterlockedIncrement((LPLONG)&pVTable->Inuse);
  995. SetLastError(ERROR_BUSY);
  996. goto Ret;
  997. }
  998. InterlockedIncrement((LPLONG)&pVTable->Inuse);
  1000. if (FALSE == (rt = (BOOL)pVTable->FuncReleaseContext(pVTable->hProv, dwFlags)))
  1001. {
  1002. dwErr = GetLastError();
  1003. }
  1004. pVTable->Version = 0;
  1005. LocalFree(pVTable);
  1006. if (!rt)
  1007. {
  1008. SetLastError(dwErr);
  1009. goto Ret;
  1010. }
  1011. }
  1012. }
  1013. __except ( CapiExceptionFilter )
  1014. {
  1015. SetLastError(ERROR_INVALID_PARAMETER);
  1016. goto Ret;
  1017. }
  1019. fRet = CRYPT_SUCCEED;
  1020. Ret:
  1021. return fRet;
  1022. }
  1024. /*
  1025. - CryptGenKey
  1026. -
  1027. * Purpose:
  1028. * Generate cryptographic keys
  1029. *
  1030. *
  1031. * Parameters:
  1032. * IN hProv - Handle to a CSP
  1033. * IN Algid - Algorithm identifier
  1034. * IN dwFlags - Flags values
  1035. * OUT phKey - Handle to a generated key
  1036. *
  1037. * Returns:
  1038. */
  1039. WINADVAPI
  1040. BOOL
  1041. WINAPI CryptGenKey(IN HCRYPTPROV hProv,
  1042. IN ALG_ID Algid,
  1043. IN DWORD dwFlags,
  1044. OUT HCRYPTKEY * phKey)
  1045. {
  1046. PVTableStruc pVTable = NULL;
  1047. PVKeyStruc pVKey = NULL;
  1048. BOOL fProvCritSec = FALSE;
  1049. DWORD dwErr;
  1050. BOOL fRet = CRYPT_FAILED;
  1052. __try
  1053. {
  1054. pVTable = (PVTableStruc) hProv;
  1056. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1057. {
  1058. goto Ret;
  1059. }
  1060. fProvCritSec = TRUE;
  1062. if (RCRYPT_FAILED(BuildVKey(&pVKey, pVTable)))
  1063. {
  1064. goto Ret;
  1065. }
  1067. if (RCRYPT_FAILED(pVTable->FuncGenKey(pVTable->hProv, Algid, dwFlags,
  1068. phKey)))
  1069. {
  1070. goto Ret;
  1071. }
  1073. pVKey->hKey = *phKey;
  1075. *phKey = (HCRYPTKEY) pVKey;
  1077. pVKey->Version = TABLEKEY;
  1079. pVKey->hProv = hProv;
  1081. pVKey->Inuse = 1;
  1083. }
  1084. __except ( CapiExceptionFilter )
  1085. {
  1086. SetLastError(ERROR_INVALID_PARAMETER);
  1087. goto Ret;
  1088. }
  1090. fRet = CRYPT_SUCCEED;
  1091. Ret:
  1092. dwErr = GetLastError();
  1093. if (fProvCritSec)
  1094. LeaveProviderCritSec(pVTable);
  1095. if (CRYPT_SUCCEED != fRet)
  1096. {
  1097. if (pVKey)
  1098. LocalFree(pVKey);
  1099. SetLastError(dwErr);
  1100. }
  1101. return fRet;
  1102. }
  1104. /*
  1105. - CryptDuplicateKey
  1106. -
  1107. * Purpose:
  1108. * Duplicate a cryptographic key
  1109. *
  1110. *
  1111. * Parameters:
  1112. * IN hKey - Handle to the key to be duplicated
  1113. * IN pdwReserved - Reserved for later use
  1114. * IN dwFlags - Flags values
  1115. * OUT phKey - Handle to the new duplicate key
  1116. *
  1117. * Returns:
  1118. */
  1119. WINADVAPI
  1120. BOOL
  1121. WINAPI CryptDuplicateKey(
  1122. IN HCRYPTKEY hKey,
  1123. IN DWORD *pdwReserved,
  1124. IN DWORD dwFlags,
  1125. OUT HCRYPTKEY * phKey
  1126. )
  1127. {
  1128. PVTableStruc pVTable = NULL;
  1129. PVKeyStruc pVKey;
  1130. PVKeyStruc pVNewKey = NULL;
  1131. HCRYPTKEY hNewKey;
  1132. BOOL fProvCritSecSet = FALSE;
  1133. DWORD dwErr = 0;
  1134. BOOL fRet = CRYPT_FAILED;
  1136. __try
  1137. {
  1138. if (IsBadWritePtr(phKey, sizeof(HCRYPTKEY)))
  1139. {
  1140. SetLastError(ERROR_INVALID_PARAMETER);
  1141. goto Ret;
  1142. }
  1143. pVKey = (PVKeyStruc) hKey;
  1145. if (pVKey->Version != TABLEKEY)
  1146. {
  1147. SetLastError(ERROR_INVALID_PARAMETER);
  1148. goto Ret;
  1149. }
  1151. if (NULL == pVKey->OptionalFuncDuplicateKey)
  1152. {
  1153. SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
  1154. goto Ret;
  1155. }
  1157. pVTable = (PVTableStruc) pVKey->hProv;
  1159. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1160. {
  1161. SetLastError(ERROR_INVALID_PARAMETER);
  1162. goto Ret;
  1163. }
  1164. fProvCritSecSet = TRUE;
  1166. if (RCRYPT_FAILED(BuildVKey(&pVNewKey, pVTable)))
  1167. {
  1168. goto Ret;
  1169. }
  1171. if (RCRYPT_FAILED(pVKey->OptionalFuncDuplicateKey(pVTable->hProv, pVKey->hKey,
  1172. pdwReserved, dwFlags, &hNewKey)))
  1173. {
  1174. goto Ret;
  1175. }
  1177. pVNewKey->hKey = hNewKey;
  1179. pVNewKey->Version = TABLEKEY;
  1181. pVNewKey->hProv = pVKey->hProv;
  1183. pVKey->Inuse = 1;
  1185. *phKey = (HCRYPTKEY) pVNewKey;
  1186. }
  1187. __except ( CapiExceptionFilter )
  1188. {
  1189. SetLastError(ERROR_INVALID_PARAMETER);
  1190. goto Ret;
  1191. }
  1193. fRet = CRYPT_SUCCEED;
  1194. Ret:
  1195. dwErr = GetLastError();
  1196. if (fProvCritSecSet)
  1197. LeaveProviderCritSec(pVTable);
  1198. if (fRet == CRYPT_FAILED)
  1199. {
  1200. if (NULL != pVNewKey)
  1201. LocalFree(pVNewKey);
  1202. SetLastError(dwErr);
  1203. }
  1205. return fRet;
  1206. }
  1208. /*
  1209. - CryptDeriveKey
  1210. -
  1211. * Purpose:
  1212. * Derive cryptographic keys from base data
  1213. *
  1214. *
  1215. * Parameters:
  1216. * IN hProv - Handle to a CSP
  1217. * IN Algid - Algorithm identifier
  1218. * IN hHash - Handle to hash of base data
  1219. * IN dwFlags - Flags values
  1220. * IN OUT phKey - Handle to a generated key
  1221. *
  1222. * Returns:
  1223. */
  1224. WINADVAPI
  1225. BOOL
  1226. WINAPI CryptDeriveKey(IN HCRYPTPROV hProv,
  1227. IN ALG_ID Algid,
  1228. IN HCRYPTHASH hHash,
  1229. IN DWORD dwFlags,
  1230. IN OUT HCRYPTKEY * phKey)
  1231. {
  1232. PVTableStruc pVTable = NULL;
  1233. PVKeyStruc pVKey = NULL;
  1234. PVHashStruc pVHash = NULL;
  1235. BOOL fProvCritSec = FALSE;
  1236. BOOL fKeyCritSec = FALSE;
  1237. BOOL fHashCritSec = FALSE;
  1238. BOOL fUpdate = FALSE;
  1239. DWORD dwErr = 0;
  1240. BOOL fRet = CRYPT_FAILED;
  1242. __try
  1243. {
  1244. pVTable = (PVTableStruc) hProv;
  1246. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1247. {
  1248. goto Ret;
  1249. }
  1250. fProvCritSec = TRUE;
  1252. pVHash = (PVHashStruc) hHash;
  1254. if (RCRYPT_FAILED(EnterHashCritSec(pVHash)))
  1255. {
  1256. goto Ret;
  1257. }
  1258. fHashCritSec = TRUE;
  1260. if (dwFlags & CRYPT_UPDATE_KEY)
  1261. {
  1262. fUpdate = TRUE;
  1263. pVKey = (PVKeyStruc) phKey;
  1265. if (RCRYPT_FAILED(EnterKeyCritSec(pVKey)))
  1266. {
  1267. SetLastError(ERROR_INVALID_PARAMETER);
  1268. goto Ret;
  1269. }
  1270. fKeyCritSec = TRUE;
  1271. }
  1272. else
  1273. {
  1274. if (RCRYPT_FAILED(BuildVKey(&pVKey, pVTable)))
  1275. {
  1276. goto Ret;
  1277. }
  1278. }
  1280. if (RCRYPT_FAILED(pVTable->FuncDeriveKey(pVTable->hProv, Algid,
  1281. pVHash->hHash, dwFlags, phKey)))
  1282. {
  1283. goto Ret;
  1284. }
  1286. if ((dwFlags & CRYPT_UPDATE_KEY) != CRYPT_UPDATE_KEY)
  1287. {
  1288. pVKey->hKey = *phKey;
  1290. *phKey = (HCRYPTKEY)pVKey;
  1292. pVKey->hProv = hProv;
  1294. pVKey->Version = TABLEKEY;
  1296. pVKey->Inuse = 1;
  1297. }
  1299. } __except ( CapiExceptionFilter )
  1300. {
  1301. SetLastError(ERROR_INVALID_PARAMETER);
  1302. goto Ret;
  1303. }
  1305. fRet = CRYPT_SUCCEED;
  1306. Ret:
  1307. if (CRYPT_SUCCEED != fRet)
  1308. dwErr = GetLastError();
  1309. if (fProvCritSec)
  1310. LeaveProviderCritSec(pVTable);
  1311. if (fHashCritSec)
  1312. LeaveHashCritSec(pVHash);
  1313. if (fKeyCritSec)
  1314. LeaveKeyCritSec(pVKey);
  1315. if (CRYPT_SUCCEED != fRet)
  1316. {
  1317. if (pVKey && (!fUpdate))
  1318. LocalFree(pVKey);
  1319. SetLastError(dwErr);
  1320. }
  1321. return fRet;
  1322. }
  1325. /*
  1326. - CryptDestroyKey
  1327. -
  1328. * Purpose:
  1329. * Destroys the cryptographic key that is being referenced
  1330. * with the hKey parameter
  1331. *
  1332. *
  1333. * Parameters:
  1334. * IN hKey - Handle to a key
  1335. *
  1336. * Returns:
  1337. */
  1338. WINADVAPI
  1339. BOOL
  1340. WINAPI CryptDestroyKey(IN HCRYPTKEY hKey)
  1341. {
  1342. PVTableStruc pVTable = NULL;
  1343. PVKeyStruc pVKey;
  1344. BOOL fProvCritSec = FALSE;
  1345. BOOL rt;
  1346. DWORD dwErr = 0;
  1347. BOOL fRet = CRYPT_FAILED;
  1349. __try
  1350. {
  1351. pVKey = (PVKeyStruc) hKey;
  1353. if (pVKey->Version != TABLEKEY)
  1354. {
  1355. SetLastError(ERROR_INVALID_PARAMETER);
  1356. goto Ret;
  1357. }
  1359. if (0 < InterlockedDecrement((LPLONG)&pVKey->Inuse))
  1360. {
  1361. InterlockedIncrement((LPLONG)&pVKey->Inuse);
  1362. SetLastError(ERROR_BUSY);
  1363. goto Ret;
  1364. }
  1365. InterlockedIncrement((LPLONG)&pVKey->Inuse);
  1367. pVTable = (PVTableStruc) pVKey->hProv;
  1369. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1370. {
  1371. goto Ret;
  1372. }
  1373. fProvCritSec = TRUE;
  1375. if (FALSE == (rt = (BOOL)pVKey->FuncDestroyKey(pVTable->hProv, pVKey->hKey)))
  1376. dwErr = GetLastError();
  1378. pVKey->Version = 0;
  1379. LocalFree(pVKey);
  1381. if (!rt)
  1382. {
  1383. SetLastError(dwErr);
  1384. goto Ret;
  1385. }
  1386. } __except ( CapiExceptionFilter )
  1387. {
  1388. SetLastError(ERROR_INVALID_PARAMETER);
  1389. goto Ret;
  1390. }
  1392. fRet = CRYPT_SUCCEED;
  1393. Ret:
  1394. if (CRYPT_SUCCEED != fRet)
  1395. dwErr = GetLastError();
  1396. if (fProvCritSec)
  1397. LeaveProviderCritSec(pVTable);
  1398. if (CRYPT_SUCCEED != fRet)
  1399. SetLastError(dwErr);
  1400. return fRet;
  1401. }
  1404. /*
  1405. - CryptSetKeyParam
  1406. -
  1407. * Purpose:
  1408. * Allows applications to customize various aspects of the
  1409. * operations of a key
  1410. *
  1411. * Parameters:
  1412. * IN hKey - Handle to a key
  1413. * IN dwParam - Parameter number
  1414. * IN pbData - Pointer to data
  1415. * IN dwFlags - Flags values
  1416. *
  1417. * Returns:
  1418. */
  1419. WINADVAPI
  1420. BOOL
  1421. WINAPI CryptSetKeyParam(IN HCRYPTKEY hKey,
  1422. IN DWORD dwParam,
  1423. IN CONST BYTE *pbData,
  1424. IN DWORD dwFlags)
  1425. {
  1426. PVTableStruc pVTable = NULL;
  1427. PVKeyStruc pVKey;
  1428. BOOL rt = CRYPT_FAILED;
  1429. BOOL fCritSec = FALSE;
  1431. __try
  1432. {
  1433. pVKey = (PVKeyStruc) hKey;
  1435. if (pVKey->Version != TABLEKEY)
  1436. {
  1437. SetLastError(ERROR_INVALID_PARAMETER);
  1438. goto Ret;
  1439. }
  1441. if (0 < InterlockedDecrement((LPLONG)&pVKey->Inuse))
  1442. {
  1443. InterlockedIncrement((LPLONG)&pVKey->Inuse);
  1444. SetLastError(ERROR_BUSY);
  1445. goto Ret;
  1446. }
  1447. InterlockedIncrement((LPLONG)&pVKey->Inuse);
  1449. pVTable = (PVTableStruc) pVKey->hProv;
  1451. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1452. {
  1453. goto Ret;
  1454. }
  1455. fCritSec = TRUE;
  1457. rt = (BOOL)pVKey->FuncSetKeyParam(pVTable->hProv, pVKey->hKey,
  1458. dwParam, pbData, dwFlags);
  1459. }
  1460. __except ( CapiExceptionFilter )
  1461. {
  1462. SetLastError(ERROR_INVALID_PARAMETER);
  1463. goto Ret;
  1464. }
  1465. Ret:
  1466. if (fCritSec)
  1467. LeaveProviderCritSec(pVTable);
  1468. return(rt);
  1470. }
  1473. /*
  1474. - CryptGetKeyParam
  1475. -
  1476. * Purpose:
  1477. * Allows applications to get various aspects of the
  1478. * operations of a key
  1479. *
  1480. * Parameters:
  1481. * IN hKey - Handle to a key
  1482. * IN dwParam - Parameter number
  1483. * IN pbData - Pointer to data
  1484. * IN pdwDataLen - Length of parameter data
  1485. * IN dwFlags - Flags values
  1486. *
  1487. * Returns:
  1488. */
  1489. WINADVAPI
  1490. BOOL
  1491. WINAPI CryptGetKeyParam(IN HCRYPTKEY hKey,
  1492. IN DWORD dwParam,
  1493. IN BYTE *pbData,
  1494. IN DWORD *pdwDataLen,
  1495. IN DWORD dwFlags)
  1496. {
  1497. PVTableStruc pVTable = NULL;
  1498. PVKeyStruc pVKey = NULL;
  1499. BOOL rt = CRYPT_FAILED;
  1500. BOOL fKeyCritSec = FALSE;
  1501. BOOL fTableCritSec = FALSE;
  1503. __try
  1504. {
  1505. pVKey = (PVKeyStruc) hKey;
  1507. if (RCRYPT_FAILED(EnterKeyCritSec(pVKey)))
  1508. {
  1509. goto Ret;
  1510. }
  1511. fKeyCritSec = TRUE;
  1513. pVTable = (PVTableStruc) pVKey->hProv;
  1515. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1516. {
  1517. goto Ret;
  1518. }
  1519. fTableCritSec = TRUE;
  1521. rt = (BOOL)pVKey->FuncGetKeyParam(pVTable->hProv, pVKey->hKey,
  1522. dwParam, pbData, pdwDataLen,
  1523. dwFlags);
  1525. }
  1526. __except ( CapiExceptionFilter )
  1527. {
  1528. SetLastError(ERROR_INVALID_PARAMETER);
  1529. goto Ret;
  1530. }
  1531. Ret:
  1532. if (fKeyCritSec)
  1533. LeaveKeyCritSec(pVKey);
  1534. if (fTableCritSec)
  1535. LeaveProviderCritSec(pVTable);
  1536. return(rt);
  1538. }
  1541. /*
  1542. - CryptGenRandom
  1543. -
  1544. * Purpose:
  1545. * Used to fill a buffer with random bytes
  1546. *
  1547. *
  1548. * Parameters:
  1549. * IN hProv - Handle to the user identifcation
  1550. * IN dwLen - Number of bytes of random data requested
  1551. * OUT pbBuffer - Pointer to the buffer where the random
  1552. * bytes are to be placed
  1553. *
  1554. * Returns:
  1555. */
  1556. WINADVAPI
  1557. BOOL
  1558. WINAPI CryptGenRandom(IN HCRYPTPROV hProv,
  1559. IN DWORD dwLen,
  1560. OUT BYTE *pbBuffer)
  1562. {
  1563. PVTableStruc pVTable = NULL;
  1564. BOOL fTableCritSec = FALSE;
  1565. BOOL rt = CRYPT_FAILED;
  1567. __try
  1568. {
  1569. pVTable = (PVTableStruc) hProv;
  1571. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1572. {
  1573. goto Ret;
  1574. }
  1575. fTableCritSec = TRUE;
  1577. rt = (BOOL)pVTable->FuncGenRandom(pVTable->hProv, dwLen, pbBuffer);
  1579. } __except ( CapiExceptionFilter )
  1580. {
  1581. SetLastError(ERROR_INVALID_PARAMETER);
  1582. goto Ret;
  1583. }
  1584. Ret:
  1585. if (fTableCritSec)
  1586. LeaveProviderCritSec(pVTable);
  1587. return(rt);
  1588. }
  1590. /*
  1591. - CryptGetUserKey
  1592. -
  1593. * Purpose:
  1594. * Gets a handle to a permanent user key
  1595. *
  1596. *
  1597. * Parameters:
  1598. * IN hProv - Handle to the user identifcation
  1599. * IN dwKeySpec - Specification of the key to retrieve
  1600. * OUT phUserKey - Pointer to key handle of retrieved key
  1601. *
  1602. * Returns:
  1603. */
  1604. WINADVAPI
  1605. BOOL
  1606. WINAPI CryptGetUserKey(IN HCRYPTPROV hProv,
  1607. IN DWORD dwKeySpec,
  1608. OUT HCRYPTKEY *phUserKey)
  1609. {
  1611. PVTableStruc pVTable = NULL;
  1612. PVKeyStruc pVKey = NULL;
  1613. BOOL fTableCritSec = FALSE;
  1614. BOOL fRet = CRYPT_FAILED;
  1616. __try
  1617. {
  1618. pVTable = (PVTableStruc) hProv;
  1620. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1621. {
  1622. goto Ret;
  1623. }
  1624. fTableCritSec = TRUE;
  1626. if (RCRYPT_FAILED(BuildVKey(&pVKey, pVTable)))
  1627. {
  1628. goto Ret;
  1629. }
  1631. if (RCRYPT_FAILED(pVTable->FuncGetUserKey(pVTable->hProv, dwKeySpec,
  1632. phUserKey)))
  1633. {
  1634. goto Ret;
  1635. }
  1637. pVKey->hKey = *phUserKey;
  1639. pVKey->hProv = hProv;
  1641. *phUserKey = (HCRYPTKEY)pVKey;
  1643. pVKey->Version = TABLEKEY;
  1645. pVKey->Inuse = 1;
  1647. } __except ( CapiExceptionFilter )
  1648. {
  1649. SetLastError(ERROR_INVALID_PARAMETER);
  1650. goto Ret;
  1651. }
  1653. fRet = CRYPT_SUCCEED;
  1654. Ret:
  1655. if (fTableCritSec)
  1656. LeaveProviderCritSec(pVTable);
  1657. if ((CRYPT_SUCCEED != fRet) && pVKey)
  1658. LocalFree(pVKey);
  1659. return fRet;
  1660. }
  1664. /*
  1665. - CryptExportKey
  1666. -
  1667. * Purpose:
  1668. * Export cryptographic keys out of a CSP in a secure manner
  1669. *
  1670. *
  1671. * Parameters:
  1672. * IN hKey - Handle to the key to export
  1673. * IN hPubKey - Handle to the exchange public key value of
  1674. * the destination user
  1675. * IN dwBlobType - Type of key blob to be exported
  1676. * IN dwFlags - Flags values
  1677. * OUT pbData - Key blob data
  1678. * OUT pdwDataLen - Length of key blob in bytes
  1679. *
  1680. * Returns:
  1681. */
  1682. WINADVAPI
  1683. BOOL
  1684. WINAPI CryptExportKey(IN HCRYPTKEY hKey,
  1685. IN HCRYPTKEY hPubKey,
  1686. IN DWORD dwBlobType,
  1687. IN DWORD dwFlags,
  1688. OUT BYTE *pbData,
  1689. OUT DWORD *pdwDataLen)
  1690. {
  1691. PVTableStruc pVTable = NULL;
  1692. PVKeyStruc pVKey = NULL;
  1693. PVKeyStruc pVPublicKey = NULL;
  1694. BOOL fKeyCritSec = FALSE;
  1695. BOOL fPubKeyCritSec = FALSE;
  1696. BOOL fTableCritSec = FALSE;
  1697. BOOL rt = CRYPT_FAILED;
  1699. __try
  1700. {
  1701. pVKey = (PVKeyStruc) hKey;
  1703. if (RCRYPT_FAILED(EnterKeyCritSec(pVKey)))
  1704. {
  1705. goto Ret;
  1706. }
  1707. fKeyCritSec = TRUE;
  1709. pVTable = (PVTableStruc) pVKey->hProv;
  1711. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1712. {
  1713. goto Ret;
  1714. }
  1715. fTableCritSec = TRUE;
  1717. pVPublicKey = (PVKeyStruc) hPubKey;
  1719. if (pVPublicKey != NULL)
  1720. {
  1721. if (RCRYPT_FAILED(EnterKeyCritSec(pVPublicKey)))
  1722. {
  1723. goto Ret;
  1724. }
  1725. fPubKeyCritSec = TRUE;
  1726. }
  1728. rt = (BOOL)pVKey->FuncExportKey(pVTable->hProv, pVKey->hKey,
  1729. (pVPublicKey == NULL ? 0 : pVPublicKey->hKey),
  1730. dwBlobType, dwFlags, pbData,
  1731. pdwDataLen);
  1733. } __except ( CapiExceptionFilter )
  1734. {
  1735. SetLastError(ERROR_INVALID_PARAMETER);
  1736. goto Ret;
  1737. }
  1738. Ret:
  1739. if (fKeyCritSec)
  1740. LeaveKeyCritSec(pVKey);
  1741. if (fTableCritSec)
  1742. LeaveProviderCritSec(pVTable);
  1743. if (pVPublicKey != NULL)
  1744. {
  1745. if (fPubKeyCritSec)
  1746. LeaveKeyCritSec(pVPublicKey);
  1747. }
  1748. return(rt);
  1750. }
  1753. /*
  1754. - CryptImportKey
  1755. -
  1756. * Purpose:
  1757. * Import cryptographic keys
  1758. *
  1759. *
  1760. * Parameters:
  1761. * IN hProv - Handle to the CSP user
  1762. * IN pbData - Key blob data
  1763. * IN dwDataLen - Length of the key blob data
  1764. * IN hPubKey - Handle to the exchange public key value of
  1765. * the destination user
  1766. * IN dwFlags - Flags values
  1767. * OUT phKey - Pointer to the handle to the key which was
  1768. * Imported
  1769. *
  1770. * Returns:
  1771. */
  1772. WINADVAPI
  1773. BOOL
  1774. WINAPI CryptImportKey(IN HCRYPTPROV hProv,
  1775. IN CONST BYTE *pbData,
  1776. IN DWORD dwDataLen,
  1777. IN HCRYPTKEY hPubKey,
  1778. IN DWORD dwFlags,
  1779. OUT HCRYPTKEY *phKey)
  1780. {
  1781. PVTableStruc pVTable = NULL;
  1782. PVKeyStruc pVKey = NULL;
  1783. PVKeyStruc pVPublicKey = NULL;
  1784. BOOL fKeyCritSec = FALSE;
  1785. BOOL fPubKeyCritSec = FALSE;
  1786. BOOL fTableCritSec = FALSE;
  1787. BOOL fBuiltKey = FALSE;
  1788. BOOL fRet = CRYPT_FAILED;
  1790. __try
  1791. {
  1792. pVTable = (PVTableStruc) hProv;
  1794. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1795. {
  1796. goto Ret;
  1797. }
  1798. fTableCritSec = TRUE;
  1800. pVPublicKey = (PVKeyStruc)hPubKey;
  1802. if (pVPublicKey != NULL)
  1803. {
  1804. if (RCRYPT_FAILED(EnterKeyCritSec(pVPublicKey)))
  1805. {
  1806. goto Ret;
  1807. }
  1808. fPubKeyCritSec = TRUE;
  1809. }
  1811. if (dwFlags & CRYPT_UPDATE_KEY)
  1812. {
  1813. pVKey = (PVKeyStruc) phKey;
  1815. if (RCRYPT_FAILED(EnterKeyCritSec(pVKey)))
  1816. {
  1817. goto Ret;
  1818. }
  1819. fKeyCritSec = TRUE;
  1820. }
  1821. else
  1822. {
  1823. if (RCRYPT_FAILED(BuildVKey(&pVKey, pVTable)))
  1824. {
  1825. goto Ret;
  1826. }
  1827. fBuiltKey = TRUE;
  1828. }
  1830. if (RCRYPT_FAILED(pVTable->FuncImportKey(pVTable->hProv, pbData,
  1831. dwDataLen,
  1832. (pVPublicKey == NULL ? 0 : pVPublicKey->hKey),
  1833. dwFlags, phKey)))
  1834. {
  1835. goto Ret;
  1836. }
  1838. if ((dwFlags & CRYPT_UPDATE_KEY) != CRYPT_UPDATE_KEY)
  1839. {
  1840. pVKey->hKey = *phKey;
  1842. *phKey = (HCRYPTKEY) pVKey;
  1844. pVKey->hProv = hProv;
  1846. pVKey->Version = TABLEKEY;
  1847. }
  1848. }
  1849. __except ( CapiExceptionFilter )
  1850. {
  1851. SetLastError(ERROR_INVALID_PARAMETER);
  1852. goto Ret;
  1853. }
  1855. fRet = CRYPT_SUCCEED;
  1856. Ret:
  1857. if (fTableCritSec)
  1858. LeaveProviderCritSec(pVTable);
  1859. if (pVPublicKey != NULL)
  1860. {
  1861. if (fPubKeyCritSec)
  1862. LeaveKeyCritSec(pVPublicKey);
  1863. }
  1864. if ((dwFlags & CRYPT_UPDATE_KEY) && fKeyCritSec)
  1865. {
  1866. LeaveKeyCritSec(pVKey);
  1867. }
  1868. else if ((CRYPT_SUCCEED != fRet) && fBuiltKey && pVKey)
  1869. {
  1870. LocalFree(pVKey);
  1871. }
  1873. return fRet;
  1874. }
  1877. /*
  1878. - CryptEncrypt
  1879. -
  1880. * Purpose:
  1881. * Encrypt data
  1882. *
  1883. *
  1884. * Parameters:
  1885. * IN hKey - Handle to the key
  1886. * IN hHash - Optional handle to a hash
  1887. * IN Final - Boolean indicating if this is the final
  1888. * block of plaintext
  1889. * IN dwFlags - Flags values
  1890. * IN OUT pbData - Data to be encrypted
  1891. * IN OUT pdwDataLen - Pointer to the length of the data to be
  1892. * encrypted
  1893. * IN dwBufLen - Size of Data buffer
  1894. *
  1895. * Returns:
  1896. */
  1897. WINADVAPI
  1898. BOOL
  1899. WINAPI CryptEncrypt(IN HCRYPTKEY hKey,
  1900. IN HCRYPTHASH hHash,
  1901. IN BOOL Final,
  1902. IN DWORD dwFlags,
  1903. IN OUT BYTE *pbData,
  1904. IN OUT DWORD *pdwDataLen,
  1905. IN DWORD dwBufLen)
  1906. {
  1907. PVTableStruc pVTable = NULL;
  1908. PVKeyStruc pVKey = NULL;
  1909. PVHashStruc pVHash = NULL;
  1910. BOOL fKeyCritSec = FALSE;
  1911. BOOL fTableCritSec = FALSE;
  1912. BOOL fHashCritSec = FALSE;
  1913. BOOL rt = CRYPT_FAILED;
  1915. __try
  1916. {
  1917. pVKey = (PVKeyStruc) hKey;
  1919. if (RCRYPT_FAILED(EnterKeyCritSec(pVKey)))
  1920. {
  1921. goto Ret;
  1922. }
  1923. fKeyCritSec = TRUE;
  1925. pVTable = (PVTableStruc) pVKey->hProv;
  1927. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  1928. {
  1929. goto Ret;
  1930. }
  1931. fTableCritSec = TRUE;
  1933. pVHash = (PVHashStruc) hHash;
  1935. if (pVHash != NULL)
  1936. {
  1937. if (RCRYPT_FAILED(EnterHashCritSec(pVHash)))
  1938. {
  1939. goto Ret;
  1940. }
  1941. fHashCritSec = TRUE;
  1942. }
  1944. rt = (BOOL)pVKey->FuncEncrypt(pVTable->hProv, pVKey->hKey,
  1945. (pVHash == NULL ? 0 : pVHash->hHash),
  1946. Final, dwFlags, pbData,
  1947. pdwDataLen, dwBufLen);
  1949. }
  1950. __except ( CapiExceptionFilter )
  1951. {
  1952. SetLastError(ERROR_INVALID_PARAMETER);
  1953. goto Ret;
  1954. }
  1955. Ret:
  1956. if (fTableCritSec)
  1957. LeaveProviderCritSec(pVTable);
  1958. if (fKeyCritSec)
  1959. LeaveKeyCritSec(pVKey);
  1960. if (pVHash != NULL)
  1961. {
  1962. if (fHashCritSec)
  1963. LeaveHashCritSec(pVHash);
  1964. }
  1965. return rt;
  1967. }
  1970. /*
  1971. - CryptDecrypt
  1972. -
  1973. * Purpose:
  1974. * Decrypt data
  1975. *
  1976. *
  1977. * Parameters:
  1978. * IN hKey - Handle to the key
  1979. * IN hHash - Optional handle to a hash
  1980. * IN Final - Boolean indicating if this is the final
  1981. * block of ciphertext
  1982. * IN dwFlags - Flags values
  1983. * IN OUT pbData - Data to be decrypted
  1984. * IN OUT pdwDataLen - Pointer to the length of the data to be
  1985. * decrypted
  1986. *
  1987. * Returns:
  1988. */
  1989. WINADVAPI
  1990. BOOL
  1991. WINAPI CryptDecrypt(IN HCRYPTKEY hKey,
  1992. IN HCRYPTHASH hHash,
  1993. IN BOOL Final,
  1994. IN DWORD dwFlags,
  1995. IN OUT BYTE *pbData,
  1996. IN OUT DWORD *pdwDataLen)
  1998. {
  1999. PVTableStruc pVTable = NULL;
  2000. PVKeyStruc pVKey = NULL;
  2001. PVHashStruc pVHash = NULL;
  2002. BOOL fKeyCritSec = FALSE;
  2003. BOOL fTableCritSec = FALSE;
  2004. BOOL fHashCritSec = FALSE;
  2005. BOOL rt = CRYPT_FAILED;
  2007. __try
  2008. {
  2009. pVKey = (PVKeyStruc) hKey;
  2011. if (RCRYPT_FAILED(EnterKeyCritSec(pVKey)))
  2012. {
  2013. goto Ret;
  2014. }
  2015. fKeyCritSec = TRUE;
  2017. pVTable = (PVTableStruc) pVKey->hProv;
  2019. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2020. {
  2021. goto Ret;
  2022. }
  2023. fTableCritSec = TRUE;
  2025. pVHash = (PVHashStruc) hHash;
  2027. if (pVHash != NULL)
  2028. {
  2029. if (RCRYPT_FAILED(EnterHashCritSec(pVHash)))
  2030. {
  2031. goto Ret;
  2032. }
  2033. fHashCritSec = TRUE;
  2034. }
  2036. rt = (BOOL)pVKey->FuncDecrypt(pVTable->hProv, pVKey->hKey,
  2037. (pVHash == NULL ? 0 : pVHash->hHash),
  2038. Final, dwFlags, pbData, pdwDataLen);
  2039. }
  2040. __except ( CapiExceptionFilter )
  2041. {
  2042. SetLastError(ERROR_INVALID_PARAMETER);
  2043. goto Ret;
  2044. }
  2045. Ret:
  2046. if (fTableCritSec)
  2047. LeaveProviderCritSec(pVTable);
  2048. if (fKeyCritSec)
  2049. LeaveKeyCritSec(pVKey);
  2050. if (pVHash != NULL)
  2051. {
  2052. if (fHashCritSec)
  2053. LeaveHashCritSec(pVHash);
  2054. }
  2055. return(rt);
  2056. }
  2059. /*
  2060. - CryptCreateHash
  2061. -
  2062. * Purpose:
  2063. * initate the hashing of a stream of data
  2064. *
  2065. *
  2066. * Parameters:
  2067. * IN hProv - Handle to the user identifcation
  2068. * IN Algid - Algorithm identifier of the hash algorithm
  2069. * to be used
  2070. * IN hKey - Optional key for MAC algorithms
  2071. * IN dwFlags - Flags values
  2072. * OUT pHash - Handle to hash object
  2073. *
  2074. * Returns:
  2075. */
  2076. WINADVAPI
  2077. BOOL
  2078. WINAPI CryptCreateHash(IN HCRYPTPROV hProv,
  2079. IN ALG_ID Algid,
  2080. IN HCRYPTKEY hKey,
  2081. IN DWORD dwFlags,
  2082. OUT HCRYPTHASH *phHash)
  2083. {
  2084. PVTableStruc pVTable = NULL;
  2085. DWORD bufsize;
  2086. PVKeyStruc pVKey = NULL;
  2087. PVHashStruc pVHash = NULL;
  2088. BOOL fTableCritSec = FALSE;
  2089. BOOL fKeyCritSec = FALSE;
  2090. BOOL fRet = CRYPT_FAILED;
  2092. __try
  2093. {
  2094. pVTable = (PVTableStruc) hProv;
  2096. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2097. {
  2098. SetLastError(ERROR_INVALID_PARAMETER);
  2099. goto Ret;
  2100. }
  2101. fTableCritSec = TRUE;
  2103. pVKey = (PVKeyStruc) hKey;
  2105. if (pVKey != NULL)
  2106. {
  2107. if (RCRYPT_FAILED(EnterKeyCritSec(pVKey)))
  2108. {
  2109. SetLastError(ERROR_INVALID_PARAMETER);
  2110. goto Ret;
  2111. }
  2112. fKeyCritSec = TRUE;
  2113. }
  2115. bufsize = sizeof(VHashStruc);
  2117. if (!BuildVHash(&pVHash, pVTable))
  2118. {
  2119. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  2120. goto Ret;
  2121. }
  2123. if (RCRYPT_FAILED(pVTable->FuncCreateHash(pVTable->hProv, Algid,
  2124. (pVKey == NULL ? 0 : pVKey->hKey),
  2125. dwFlags, phHash)))
  2126. {
  2127. goto Ret;
  2128. }
  2130. pVHash->hHash = *phHash;
  2132. *phHash = (HCRYPTHASH) pVHash;
  2134. pVHash->Version = TABLEHASH;
  2136. pVHash->Inuse = 1;
  2137. }
  2138. __except ( CapiExceptionFilter )
  2139. {
  2140. SetLastError(ERROR_INVALID_PARAMETER);
  2141. goto Ret;
  2142. }
  2144. fRet = CRYPT_SUCCEED;
  2145. Ret:
  2146. if (fTableCritSec)
  2147. LeaveProviderCritSec(pVTable);
  2148. if (pVKey != NULL)
  2149. {
  2150. if (fKeyCritSec)
  2151. LeaveKeyCritSec(pVKey);
  2152. }
  2153. if ((CRYPT_SUCCEED != fRet) && pVHash)
  2154. LocalFree(pVHash);
  2155. return fRet;
  2156. }
  2159. /*
  2160. - CryptDuplicateHash
  2161. -
  2162. * Purpose:
  2163. * Duplicate a cryptographic hash
  2164. *
  2165. *
  2166. * Parameters:
  2167. * IN hHash - Handle to the hash to be duplicated
  2168. * IN pdwReserved - Reserved for later use
  2169. * IN dwFlags - Flags values
  2170. * OUT phHash - Handle to the new duplicate hash
  2171. *
  2172. * Returns:
  2173. */
  2174. WINADVAPI
  2175. BOOL
  2176. WINAPI CryptDuplicateHash(
  2177. IN HCRYPTHASH hHash,
  2178. IN DWORD *pdwReserved,
  2179. IN DWORD dwFlags,
  2180. OUT HCRYPTHASH * phHash
  2181. )
  2182. {
  2183. PVTableStruc pVTable = NULL;
  2184. PVHashStruc pVHash;
  2185. PVHashStruc pVNewHash = NULL;
  2186. HCRYPTHASH hNewHash;
  2187. BOOL fProvCritSecSet = FALSE;
  2188. DWORD dwErr = 0;
  2189. BOOL fRet = CRYPT_FAILED;
  2191. __try
  2192. {
  2193. if (IsBadWritePtr(phHash, sizeof(HCRYPTHASH)))
  2194. {
  2195. SetLastError(ERROR_INVALID_PARAMETER);
  2196. goto Ret;
  2197. }
  2198. pVHash = (PVHashStruc) hHash;
  2200. if (pVHash->Version != TABLEHASH)
  2201. {
  2202. SetLastError(ERROR_INVALID_PARAMETER);
  2203. goto Ret;
  2204. }
  2206. if (NULL == pVHash->OptionalFuncDuplicateHash)
  2207. {
  2208. SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
  2209. goto Ret;
  2210. }
  2212. pVTable = (PVTableStruc) pVHash->hProv;
  2214. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2215. {
  2216. SetLastError(ERROR_INVALID_PARAMETER);
  2217. goto Ret;
  2218. }
  2220. fProvCritSecSet = TRUE;
  2223. if (RCRYPT_FAILED(BuildVHash(&pVNewHash, pVTable)))
  2224. {
  2225. goto Ret;
  2226. }
  2228. if (RCRYPT_FAILED(pVHash->OptionalFuncDuplicateHash(pVTable->hProv, pVHash->hHash,
  2229. pdwReserved, dwFlags, &hNewHash)))
  2230. {
  2231. goto Ret;
  2232. }
  2234. pVNewHash->hHash = hNewHash;
  2236. pVNewHash->Version = TABLEHASH;
  2238. pVNewHash->hProv = pVHash->hProv;
  2240. pVHash->Inuse = 1;
  2242. *phHash = (HCRYPTHASH) pVNewHash;
  2243. }
  2244. __except ( CapiExceptionFilter )
  2245. {
  2246. SetLastError(ERROR_INVALID_PARAMETER);
  2247. goto Ret;
  2248. }
  2250. fRet = CRYPT_SUCCEED;
  2251. Ret:
  2252. if (CRYPT_SUCCEED != fRet)
  2253. dwErr = GetLastError();
  2254. if ((fRet == CRYPT_FAILED) && (NULL != pVNewHash))
  2255. LocalFree(pVNewHash);
  2256. if (fProvCritSecSet)
  2257. LeaveProviderCritSec(pVTable);
  2258. if (CRYPT_SUCCEED != fRet)
  2259. SetLastError(dwErr);
  2261. return fRet;
  2262. }
  2264. /*
  2265. - CryptHashData
  2266. -
  2267. * Purpose:
  2268. * Compute the cryptograghic hash on a stream of data
  2269. *
  2270. *
  2271. * Parameters:
  2272. * IN hHash - Handle to hash object
  2273. * IN pbData - Pointer to data to be hashed
  2274. * IN dwDataLen - Length of the data to be hashed
  2275. * IN dwFlags - Flags values
  2276. *
  2277. *
  2278. * Returns:
  2279. */
  2280. WINADVAPI
  2281. BOOL
  2282. WINAPI CryptHashData(IN HCRYPTHASH hHash,
  2283. IN CONST BYTE *pbData,
  2284. IN DWORD dwDataLen,
  2285. IN DWORD dwFlags)
  2286. {
  2287. PVTableStruc pVTable = NULL;
  2288. PVHashStruc pVHash = NULL;
  2289. BOOL fProvCritSec = FALSE;
  2290. BOOL fHashCritSec = FALSE;
  2291. DWORD dwErr = 0;
  2292. BOOL fRet = CRYPT_FAILED;
  2294. __try
  2295. {
  2296. pVHash = (PVHashStruc) hHash;
  2298. if (RCRYPT_FAILED(EnterHashCritSec(pVHash)))
  2299. {
  2300. goto Ret;
  2301. }
  2302. fHashCritSec = TRUE;
  2304. pVTable = (PVTableStruc) pVHash->hProv;
  2306. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2307. {
  2308. goto Ret;
  2309. }
  2310. fProvCritSec = TRUE;
  2312. if (!pVHash->FuncHashData(pVTable->hProv,
  2313. pVHash->hHash,
  2314. pbData, dwDataLen, dwFlags))
  2315. goto Ret;
  2317. } __except ( CapiExceptionFilter )
  2318. {
  2319. SetLastError(ERROR_INVALID_PARAMETER);
  2320. goto Ret;
  2321. }
  2323. fRet = CRYPT_SUCCEED;
  2324. Ret:
  2325. if (CRYPT_SUCCEED != fRet)
  2326. dwErr = GetLastError();
  2327. if (fHashCritSec)
  2328. LeaveHashCritSec(pVHash);
  2329. if (fProvCritSec)
  2330. LeaveProviderCritSec(pVTable);
  2331. if (CRYPT_SUCCEED != fRet)
  2332. SetLastError(dwErr);
  2334. return fRet;
  2336. }
  2338. /*
  2339. - CryptHashSessionKey
  2340. -
  2341. * Purpose:
  2342. * Compute the cryptograghic hash on a key object
  2343. *
  2344. *
  2345. * Parameters:
  2346. * IN hHash - Handle to hash object
  2347. * IN hKey - Handle to a key object
  2348. * IN dwFlags - Flags values
  2349. *
  2350. * Returns:
  2351. * CRYPT_FAILED
  2352. * CRYPT_SUCCEED
  2353. */
  2354. WINADVAPI
  2355. BOOL
  2356. WINAPI CryptHashSessionKey(IN HCRYPTHASH hHash,
  2357. IN HCRYPTKEY hKey,
  2358. IN DWORD dwFlags)
  2359. {
  2360. PVTableStruc pVTable = NULL;
  2361. PVHashStruc pVHash = NULL;
  2362. PVKeyStruc pVKey = NULL;
  2363. BOOL fHashCritSec = FALSE;
  2364. BOOL fProvCritSec = FALSE;
  2365. BOOL fKeyCritSec = FALSE;
  2366. BOOL rt = CRYPT_FAILED;
  2368. __try
  2369. {
  2370. pVHash = (PVHashStruc) hHash;
  2372. if (RCRYPT_FAILED(EnterHashCritSec(pVHash)))
  2373. {
  2374. goto Ret;
  2375. }
  2376. fHashCritSec = TRUE;
  2378. pVTable = (PVTableStruc) pVHash->hProv;
  2380. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2381. {
  2382. goto Ret;
  2383. }
  2384. fProvCritSec = TRUE;
  2386. pVKey = (PVKeyStruc) hKey;
  2388. if (pVKey != NULL)
  2389. {
  2390. if (RCRYPT_FAILED(EnterKeyCritSec(pVKey)))
  2391. {
  2392. goto Ret;
  2393. }
  2394. fKeyCritSec = TRUE;
  2395. }
  2397. rt = (BOOL)pVHash->FuncHashSessionKey(pVTable->hProv,
  2398. pVHash->hHash,
  2399. pVKey->hKey,
  2400. dwFlags);
  2402. } __except ( CapiExceptionFilter )
  2403. {
  2404. SetLastError(ERROR_INVALID_PARAMETER);
  2405. goto Ret;
  2406. }
  2407. Ret:
  2408. if (fHashCritSec)
  2409. LeaveHashCritSec(pVHash);
  2410. if (fProvCritSec)
  2411. LeaveProviderCritSec(pVTable);
  2412. if (pVKey != NULL)
  2413. {
  2414. if (fKeyCritSec)
  2415. LeaveKeyCritSec(pVKey);
  2416. }
  2417. return rt;
  2418. }
  2421. /*
  2422. - CryptDestoryHash
  2423. -
  2424. * Purpose:
  2425. * Destory the hash object
  2426. *
  2427. *
  2428. * Parameters:
  2429. * IN hHash - Handle to hash object
  2430. *
  2431. * Returns:
  2432. */
  2433. WINADVAPI
  2434. BOOL
  2435. WINAPI CryptDestroyHash(IN HCRYPTHASH hHash)
  2436. {
  2437. PVTableStruc pVTable = NULL;
  2438. PVHashStruc pVHash;
  2439. BOOL fProvCritSec = FALSE;
  2440. BOOL rt = CRYPT_FAILED;
  2442. __try
  2443. {
  2444. pVHash = (PVHashStruc) hHash;
  2446. if (pVHash->Version != TABLEHASH)
  2447. {
  2448. SetLastError(ERROR_INVALID_PARAMETER);
  2449. goto Ret;
  2450. }
  2452. if (0 < InterlockedDecrement((LPLONG)&pVHash->Inuse))
  2453. {
  2454. InterlockedIncrement((LPLONG)&pVHash->Inuse);
  2455. SetLastError(ERROR_BUSY);
  2456. goto Ret;
  2457. }
  2458. InterlockedIncrement((LPLONG)&pVHash->Inuse);
  2460. pVTable = (PVTableStruc) pVHash->hProv;
  2462. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2463. {
  2464. goto Ret;
  2465. }
  2466. fProvCritSec = TRUE;
  2468. rt = (BOOL)pVHash->FuncDestroyHash(pVTable->hProv, pVHash->hHash);
  2470. pVHash->Version = 0;
  2471. LocalFree(pVHash);
  2472. }
  2473. __except ( CapiExceptionFilter )
  2474. {
  2475. SetLastError(ERROR_INVALID_PARAMETER);
  2476. goto Ret;
  2477. }
  2478. Ret:
  2479. if (fProvCritSec)
  2480. LeaveProviderCritSec(pVTable);
  2481. return rt;
  2482. }
  2484. WINADVAPI
  2485. BOOL
  2486. WINAPI LocalSignHashW(IN HCRYPTHASH hHash,
  2487. IN DWORD dwKeySpec,
  2488. IN LPCWSTR sDescription,
  2489. IN DWORD dwFlags,
  2490. OUT BYTE *pbSignature,
  2491. OUT DWORD *pdwSigLen)
  2492. {
  2493. PVTableStruc pVTable = NULL;
  2494. PVHashStruc pVHash = NULL;
  2495. BOOL fHashCritSec = FALSE;
  2496. BOOL fProvCritSec = FALSE;
  2497. BOOL rt = CRYPT_FAILED;
  2499. __try
  2500. {
  2501. pVHash = (PVHashStruc) hHash;
  2503. if (RCRYPT_FAILED(EnterHashCritSec(pVHash)))
  2504. {
  2505. goto Ret;
  2506. }
  2507. fHashCritSec = TRUE;
  2509. pVTable = (PVTableStruc) pVHash->hProv;
  2511. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2512. {
  2513. goto Ret;
  2514. }
  2515. fProvCritSec = TRUE;
  2517. rt = (BOOL)pVHash->FuncSignHash(pVTable->hProv, pVHash->hHash,
  2518. dwKeySpec,
  2519. sDescription, dwFlags,
  2520. pbSignature, pdwSigLen);
  2521. }
  2522. __except ( CapiExceptionFilter )
  2523. {
  2524. SetLastError(ERROR_INVALID_PARAMETER);
  2525. goto Ret;
  2526. }
  2527. Ret:
  2528. if (fHashCritSec)
  2529. LeaveHashCritSec(pVHash);
  2530. if (fProvCritSec)
  2531. LeaveProviderCritSec(pVTable);
  2532. return rt;
  2534. }
  2537. /*
  2538. - CryptSignHashW
  2539. -
  2540. * Purpose:
  2541. * Create a digital signature from a hash
  2542. *
  2543. *
  2544. * Parameters:
  2545. * IN hHash - Handle to hash object
  2546. * IN dwKeySpec - Key pair that is used to sign with
  2547. * algorithm to be used
  2548. * IN sDescription - Description of data to be signed
  2549. * IN dwFlags - Flags values
  2550. * OUT pbSignture - Pointer to signature data
  2551. * OUT pdwSigLen - Pointer to the len of the signature data
  2552. *
  2553. * Returns:
  2554. */
  2555. WINADVAPI
  2556. BOOL
  2557. WINAPI CryptSignHashW(IN HCRYPTHASH hHash,
  2558. IN DWORD dwKeySpec,
  2559. IN LPCWSTR sDescription,
  2560. IN DWORD dwFlags,
  2561. OUT BYTE *pbSignature,
  2562. OUT DWORD *pdwSigLen)
  2563. {
  2564. return LocalSignHashW(hHash, dwKeySpec, sDescription,
  2565. dwFlags, pbSignature, pdwSigLen);
  2566. }
  2568. /*
  2569. - CryptSignHashA
  2570. -
  2571. * Purpose:
  2572. * Create a digital signature from a hash
  2573. *
  2574. *
  2575. * Parameters:
  2576. * IN hHash - Handle to hash object
  2577. * IN dwKeySpec - Key pair that is used to sign with
  2578. * algorithm to be used
  2579. * IN sDescription - Description of data to be signed
  2580. * IN dwFlags - Flags values
  2581. * OUT pbSignture - Pointer to signature data
  2582. * OUT pdwSigLen - Pointer to the len of the signature data
  2583. *
  2584. * Returns:
  2585. */
  2586. WINADVAPI
  2587. BOOL
  2588. WINAPI CryptSignHashA(IN HCRYPTHASH hHash,
  2589. IN DWORD dwKeySpec,
  2590. IN LPCSTR sDescription,
  2591. IN DWORD dwFlags,
  2592. OUT BYTE *pbSignature,
  2593. OUT DWORD *pdwSigLen)
  2594. {
  2595. ANSI_STRING AnsiString;
  2596. UNICODE_STRING UnicodeString;
  2597. NTSTATUS Status;
  2598. BOOL rt = CRYPT_FAILED;
  2600. __try
  2601. {
  2602. memset(&AnsiString, 0, sizeof(AnsiString));
  2603. memset(&UnicodeString, 0, sizeof(UnicodeString));
  2605. if (NULL != sDescription)
  2606. {
  2607. RtlInitAnsiString(&AnsiString, sDescription);
  2609. Status = RtlAnsiStringToUnicodeString(&UnicodeString, &AnsiString, TRUE);
  2611. if ( !NT_SUCCESS(Status) )
  2612. {
  2613. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  2614. goto Ret;
  2615. }
  2616. }
  2618. rt = LocalSignHashW(hHash, dwKeySpec, UnicodeString.Buffer,
  2619. dwFlags, pbSignature, pdwSigLen);
  2621. RtlFreeUnicodeString(&UnicodeString);
  2622. } __except ( CapiExceptionFilter )
  2623. {
  2624. SetLastError(ERROR_INVALID_PARAMETER);
  2625. goto Ret;
  2626. }
  2627. Ret:
  2628. return rt;
  2629. }
  2632. WINADVAPI
  2633. BOOL
  2634. WINAPI LocalVerifySignatureW(IN HCRYPTHASH hHash,
  2635. IN CONST BYTE *pbSignature,
  2636. IN DWORD dwSigLen,
  2637. IN HCRYPTKEY hPubKey,
  2638. IN LPCWSTR sDescription,
  2639. IN DWORD dwFlags)
  2640. {
  2641. PVTableStruc pVTable = NULL;
  2642. PVHashStruc pVHash = NULL;
  2643. PVKeyStruc pVKey = NULL;
  2644. BOOL fHashCritSec = FALSE;
  2645. BOOL fProvCritSec = FALSE;
  2646. BOOL fKeyCritSec = FALSE;
  2647. BOOL rt = CRYPT_FAILED;
  2649. __try
  2650. {
  2651. pVHash = (PVHashStruc) hHash;
  2653. if (RCRYPT_FAILED(EnterHashCritSec(pVHash)))
  2654. {
  2655. goto Ret;
  2656. }
  2657. fHashCritSec = TRUE;
  2659. pVTable = (PVTableStruc) pVHash->hProv;
  2661. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2662. {
  2663. goto Ret;
  2664. }
  2665. fProvCritSec = TRUE;
  2667. pVKey = (PVKeyStruc) hPubKey;
  2669. if (RCRYPT_FAILED(EnterKeyCritSec(pVKey)))
  2670. {
  2671. goto Ret;
  2672. }
  2673. fKeyCritSec = TRUE;
  2675. rt = (BOOL)pVHash->FuncVerifySignature(pVTable->hProv,
  2676. pVHash->hHash, pbSignature,
  2677. dwSigLen,
  2678. (pVKey == NULL ? 0 : pVKey->hKey),
  2679. sDescription, dwFlags);
  2680. }
  2681. __except ( CapiExceptionFilter )
  2682. {
  2683. SetLastError(ERROR_INVALID_PARAMETER);
  2684. goto Ret;
  2685. }
  2686. Ret:
  2687. if (fHashCritSec)
  2688. LeaveHashCritSec(pVHash);
  2689. if (fProvCritSec)
  2690. LeaveProviderCritSec(pVTable);
  2691. if (fKeyCritSec)
  2692. LeaveKeyCritSec(pVKey);
  2693. return rt;
  2695. }
  2697. /*
  2698. - CryptVerifySignatureW
  2699. -
  2700. * Purpose:
  2701. * Used to verify a signature against a hash object
  2702. *
  2703. *
  2704. * Parameters:
  2705. * IN hHash - Handle to hash object
  2706. * IN pbSignture - Pointer to signature data
  2707. * IN dwSigLen - Length of the signature data
  2708. * IN hPubKey - Handle to the public key for verifying
  2709. * the signature
  2710. * IN sDescription - String describing the signed data
  2711. * IN dwFlags - Flags values
  2712. *
  2713. * Returns:
  2714. */
  2715. WINADVAPI
  2716. BOOL
  2717. WINAPI CryptVerifySignatureW(IN HCRYPTHASH hHash,
  2718. IN CONST BYTE *pbSignature,
  2719. IN DWORD dwSigLen,
  2720. IN HCRYPTKEY hPubKey,
  2721. IN LPCWSTR sDescription,
  2722. IN DWORD dwFlags)
  2723. {
  2724. return LocalVerifySignatureW(hHash, pbSignature, dwSigLen,
  2725. hPubKey, sDescription, dwFlags);
  2726. }
  2728. /*
  2729. - CryptVerifySignatureA
  2730. -
  2731. * Purpose:
  2732. * Used to verify a signature against a hash object
  2733. *
  2734. *
  2735. * Parameters:
  2736. * IN hHash - Handle to hash object
  2737. * IN pbSignture - Pointer to signature data
  2738. * IN dwSigLen - Length of the signature data
  2739. * IN hPubKey - Handle to the public key for verifying
  2740. * the signature
  2741. * IN sDescription - String describing the signed data
  2742. * IN dwFlags - Flags values
  2743. *
  2744. * Returns:
  2745. */
  2746. WINADVAPI
  2747. BOOL
  2748. WINAPI CryptVerifySignatureA(IN HCRYPTHASH hHash,
  2749. IN CONST BYTE *pbSignature,
  2750. IN DWORD dwSigLen,
  2751. IN HCRYPTKEY hPubKey,
  2752. IN LPCSTR sDescription,
  2753. IN DWORD dwFlags)
  2754. {
  2756. ANSI_STRING AnsiString;
  2757. UNICODE_STRING UnicodeString;
  2758. NTSTATUS Status;
  2759. BOOL rt = CRYPT_FAILED;
  2761. __try
  2762. {
  2763. memset(&AnsiString, 0, sizeof(AnsiString));
  2764. memset(&UnicodeString, 0, sizeof(UnicodeString));
  2766. if (NULL != sDescription)
  2767. {
  2768. RtlInitAnsiString(&AnsiString, sDescription);
  2770. Status = RtlAnsiStringToUnicodeString(&UnicodeString, &AnsiString, TRUE);
  2772. if ( !NT_SUCCESS(Status) )
  2773. {
  2774. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  2775. goto Ret;
  2776. }
  2777. }
  2779. rt = LocalVerifySignatureW(hHash, pbSignature, dwSigLen,
  2780. hPubKey, UnicodeString.Buffer, dwFlags);
  2782. RtlFreeUnicodeString(&UnicodeString);
  2783. }
  2784. __except ( CapiExceptionFilter )
  2785. {
  2786. SetLastError(ERROR_INVALID_PARAMETER);
  2787. goto Ret;
  2788. }
  2789. Ret:
  2790. return rt;
  2791. }
  2793. /*
  2794. - CryptSetProvParam
  2795. -
  2796. * Purpose:
  2797. * Allows applications to customize various aspects of the
  2798. * operations of a provider
  2799. *
  2800. * Parameters:
  2801. * IN hProv - Handle to a provider
  2802. * IN dwParam - Parameter number
  2803. * IN pbData - Pointer to data
  2804. * IN dwFlags - Flags values
  2805. *
  2806. * Returns:
  2807. */
  2808. WINADVAPI
  2809. BOOL
  2810. WINAPI CryptSetProvParam(IN HCRYPTPROV hProv,
  2811. IN DWORD dwParam,
  2812. IN CONST BYTE *pbData,
  2813. IN DWORD dwFlags)
  2814. {
  2815. PVTableStruc pVTable;
  2816. BYTE *pbTmp;
  2817. CRYPT_DATA_BLOB *pBlob;
  2818. BOOL rt = CRYPT_FAILED;
  2820. __try
  2821. {
  2822. if (dwParam == PP_CLIENT_HWND)
  2823. {
  2824. hWnd = *((HWND *) pbData);
  2825. rt = CRYPT_SUCCEED;
  2826. goto Ret;
  2827. }
  2828. else if (dwParam == PP_CONTEXT_INFO)
  2829. {
  2830. pBlob = (CRYPT_DATA_BLOB*)pbData;
  2832. // allocate space for the new context info
  2833. if (NULL == (pbTmp = (BYTE*)LocalAlloc(LMEM_ZEROINIT, pBlob->cbData)))
  2834. {
  2835. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  2836. goto Ret;
  2837. }
  2838. memcpy(pbTmp, pBlob->pbData, pBlob->cbData);
  2840. // free any previously allocated context info
  2841. if (NULL != pbContextInfo)
  2842. {
  2843. LocalFree(pbContextInfo);
  2844. }
  2845. cbContextInfo = pBlob->cbData;
  2846. pbContextInfo = pbTmp;
  2848. rt = CRYPT_SUCCEED;
  2849. goto Ret;
  2850. }
  2852. pVTable = (PVTableStruc) hProv;
  2854. if (pVTable->Version != TABLEPROV)
  2855. {
  2856. SetLastError(ERROR_INVALID_PARAMETER);
  2857. goto Ret;
  2858. }
  2860. if (0 < InterlockedDecrement((LPLONG)&pVTable->Inuse))
  2861. {
  2862. InterlockedIncrement((LPLONG)&pVTable->Inuse);
  2863. SetLastError(ERROR_BUSY);
  2864. goto Ret;
  2865. }
  2866. InterlockedIncrement((LPLONG)&pVTable->Inuse);
  2868. rt = (BOOL)pVTable->FuncSetProvParam(pVTable->hProv, dwParam, pbData,
  2869. dwFlags);
  2870. }
  2871. __except ( CapiExceptionFilter )
  2872. {
  2873. SetLastError(ERROR_INVALID_PARAMETER);
  2874. goto Ret;
  2875. }
  2876. Ret:
  2877. return(rt);
  2878. }
  2881. /*
  2882. - CryptGetProvParam
  2883. -
  2884. * Purpose:
  2885. * Allows applications to get various aspects of the
  2886. * operations of a provider
  2887. *
  2888. * Parameters:
  2889. * IN hProv - Handle to a proivder
  2890. * IN dwParam - Parameter number
  2891. * IN pbData - Pointer to data
  2892. * IN pdwDataLen - Length of parameter data
  2893. * IN dwFlags - Flags values
  2894. *
  2895. * Returns:
  2896. */
  2897. WINADVAPI
  2898. BOOL
  2899. WINAPI CryptGetProvParam(IN HCRYPTPROV hProv,
  2900. IN DWORD dwParam,
  2901. IN BYTE *pbData,
  2902. IN DWORD *pdwDataLen,
  2903. IN DWORD dwFlags)
  2904. {
  2905. PVTableStruc pVTable = NULL;
  2906. BOOL fProvCritSec = FALSE;
  2907. BOOL rt = CRYPT_FAILED;
  2909. __try
  2910. {
  2911. pVTable = (PVTableStruc) hProv;
  2913. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2914. {
  2915. goto Ret;
  2916. }
  2917. fProvCritSec = TRUE;
  2919. rt = (BOOL)pVTable->FuncGetProvParam(pVTable->hProv, dwParam, pbData,
  2920. pdwDataLen, dwFlags);
  2921. }
  2922. __except ( CapiExceptionFilter )
  2923. {
  2924. SetLastError(ERROR_INVALID_PARAMETER);
  2925. goto Ret;
  2926. }
  2927. Ret:
  2928. if (fProvCritSec)
  2929. LeaveProviderCritSec(pVTable);
  2930. return rt;
  2931. }
  2934. /*
  2935. - CryptSetHashParam
  2936. -
  2937. * Purpose:
  2938. * Allows applications to customize various aspects of the
  2939. * operations of a hash
  2940. *
  2941. * Parameters:
  2942. * IN hHash - Handle to a hash
  2943. * IN dwParam - Parameter number
  2944. * IN pbData - Pointer to data
  2945. * IN dwFlags - Flags values
  2946. *
  2947. * Returns:
  2948. */
  2949. WINADVAPI
  2950. BOOL
  2951. WINAPI CryptSetHashParam(IN HCRYPTHASH hHash,
  2952. IN DWORD dwParam,
  2953. IN CONST BYTE *pbData,
  2954. IN DWORD dwFlags)
  2955. {
  2956. PVTableStruc pVTable = NULL;
  2957. PVHashStruc pVHash;
  2958. BOOL fProvCritSec = FALSE;
  2959. BOOL rt = CRYPT_FAILED;
  2961. __try
  2962. {
  2963. pVHash = (PVHashStruc) hHash;
  2965. if (pVHash->Version != TABLEHASH)
  2966. {
  2967. SetLastError(ERROR_INVALID_PARAMETER);
  2968. goto Ret;
  2969. }
  2971. if (0 < InterlockedDecrement((LPLONG)&pVHash->Inuse))
  2972. {
  2973. InterlockedIncrement((LPLONG)&pVHash->Inuse);
  2974. SetLastError(ERROR_BUSY);
  2975. goto Ret;
  2976. }
  2977. InterlockedIncrement((LPLONG)&pVHash->Inuse);
  2979. pVTable = (PVTableStruc) pVHash->hProv;
  2981. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  2982. {
  2983. goto Ret;
  2984. }
  2985. fProvCritSec = TRUE;
  2987. rt = (BOOL)pVHash->FuncSetHashParam(pVTable->hProv, pVHash->hHash,
  2988. dwParam, pbData, dwFlags);
  2989. }
  2990. __except ( CapiExceptionFilter )
  2991. {
  2992. SetLastError(ERROR_INVALID_PARAMETER);
  2993. goto Ret;
  2994. }
  2995. Ret:
  2996. if (fProvCritSec)
  2997. LeaveProviderCritSec(pVTable);
  2998. return rt;
  2999. }
  3002. /*
  3003. - CryptGetHashParam
  3004. -
  3005. * Purpose:
  3006. * Allows applications to get various aspects of the
  3007. * operations of a hash
  3008. *
  3009. * Parameters:
  3010. * IN hHash - Handle to a hash
  3011. * IN dwParam - Parameter number
  3012. * IN pbData - Pointer to data
  3013. * IN pdwDataLen - Length of parameter data
  3014. * IN dwFlags - Flags values
  3015. *
  3016. * Returns:
  3017. */
  3018. WINADVAPI
  3019. BOOL
  3020. WINAPI CryptGetHashParam(IN HCRYPTKEY hHash,
  3021. IN DWORD dwParam,
  3022. IN BYTE *pbData,
  3023. IN DWORD *pdwDataLen,
  3024. IN DWORD dwFlags)
  3025. {
  3026. PVTableStruc pVTable = NULL;
  3027. PVHashStruc pVHash = NULL;
  3028. BOOL fHashCritSec = FALSE;
  3029. BOOL fProvCritSec = FALSE;
  3030. BOOL rt = CRYPT_FAILED;
  3032. __try
  3033. {
  3034. pVHash = (PVHashStruc) hHash;
  3036. if (RCRYPT_FAILED(EnterHashCritSec(pVHash)))
  3037. {
  3038. goto Ret;
  3039. }
  3040. fHashCritSec = TRUE;
  3042. pVTable = (PVTableStruc) pVHash->hProv;
  3044. if (RCRYPT_FAILED(EnterProviderCritSec(pVTable)))
  3045. {
  3046. goto Ret;
  3047. }
  3048. fProvCritSec = TRUE;
  3050. rt = (BOOL)pVHash->FuncGetHashParam(pVTable->hProv, pVHash->hHash,
  3051. dwParam, pbData, pdwDataLen,
  3052. dwFlags);
  3053. }
  3054. __except ( CapiExceptionFilter )
  3055. {
  3056. SetLastError(ERROR_INVALID_PARAMETER);
  3057. goto Ret;
  3058. }
  3059. Ret:
  3060. if (fHashCritSec)
  3061. LeaveHashCritSec(pVHash);
  3062. if (fProvCritSec)
  3063. LeaveProviderCritSec(pVTable);
  3064. return rt;
  3066. }
  3068. /*
  3069. - CryptSetProviderW
  3070. -
  3071. * Purpose:
  3072. * Set a cryptography provider
  3073. *
  3074. *
  3075. * Parameters:
  3076. *
  3077. * IN pszProvName - Name of the provider to install
  3078. * IN dwProvType - Type of the provider to install
  3079. *
  3080. * Returns:
  3081. * BOOL
  3082. * Use get extended error information use GetLastError
  3083. */
  3084. WINADVAPI
  3085. BOOL
  3086. WINAPI CryptSetProviderW(IN LPCWSTR pszProvName,
  3087. IN DWORD dwProvType)
  3089. {
  3090. ANSI_STRING AnsiString;
  3091. UNICODE_STRING UnicodeString;
  3092. NTSTATUS Status;
  3093. BOOL rt = FALSE;
  3095. __try
  3096. {
  3097. RtlInitUnicodeString(&UnicodeString, pszProvName);
  3099. Status = RtlUnicodeStringToAnsiString(&AnsiString, &UnicodeString, TRUE);
  3101. if (!NT_SUCCESS(Status))
  3102. {
  3103. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3104. goto Ret;
  3105. }
  3107. rt = CryptSetProviderA((LPCSTR) AnsiString.Buffer,
  3108. dwProvType);
  3110. RtlFreeAnsiString(&AnsiString);
  3111. }
  3112. __except ( CapiExceptionFilter )
  3113. {
  3114. SetLastError(ERROR_INVALID_PARAMETER);
  3115. goto Ret;
  3116. }
  3117. Ret:
  3118. return(rt);
  3119. }
  3121. /*
  3122. - CryptSetProviderA
  3123. -
  3124. * Purpose:
  3125. * Set a cryptography provider
  3126. *
  3127. *
  3128. * Parameters:
  3129. *
  3130. * IN pszProvName - Name of the provider to install
  3131. * IN dwProvType - Type of the provider to install
  3132. *
  3133. * Returns:
  3134. * BOOL
  3135. * Use get extended error information use GetLastError
  3136. */
  3137. WINADVAPI
  3138. BOOL
  3139. WINAPI CryptSetProviderA(IN LPCSTR pszProvName,
  3140. IN DWORD dwProvType)
  3141. {
  3142. BOOL fRet = CRYPT_FAILED;
  3143. LPSTR pszCurrent = NULL;
  3144. DWORD cbCurrent = 0;
  3146. __try
  3147. {
  3148. if (dwProvType == 0 || dwProvType > 999 || pszProvName == NULL)
  3149. {
  3150. SetLastError(ERROR_INVALID_PARAMETER);
  3151. goto Ret;
  3152. }
  3154. //
  3155. // We don't support setting the user default provider any more. See
  3156. // if the current default provider of the specified type matches the
  3157. // caller's. If it does, we'll let the call "succeed".
  3158. //
  3160. if (! CryptGetDefaultProvider(
  3161. dwProvType,
  3162. NULL,
  3163. CRYPT_MACHINE_DEFAULT,
  3164. NULL,
  3165. &cbCurrent))
  3166. {
  3167. goto Ret;
  3168. }
  3170. pszCurrent = (LPSTR) HeapAlloc(
  3171. GetProcessHeap(), HEAP_ZERO_MEMORY, cbCurrent);
  3173. if (NULL == pszCurrent)
  3174. {
  3175. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3176. goto Ret;
  3177. }
  3179. if (! CryptGetDefaultProvider(
  3180. dwProvType,
  3181. NULL,
  3182. CRYPT_MACHINE_DEFAULT,
  3183. pszCurrent,
  3184. &cbCurrent))
  3185. {
  3186. goto Ret;
  3187. }
  3189. if (0 != strcmp(pszProvName, pszCurrent))
  3190. {
  3191. SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
  3192. goto Ret;
  3193. }
  3194. }
  3195. __except ( CapiExceptionFilter )
  3196. {
  3197. SetLastError(ERROR_INVALID_PARAMETER);
  3198. goto Ret;
  3199. }
  3201. fRet = CRYPT_SUCCEED;
  3203. Ret:
  3205. if (pszCurrent)
  3206. HeapFree(GetProcessHeap(), 0, pszCurrent);
  3208. return fRet;
  3209. }
  3211. /*
  3212. - CryptSetProviderExW
  3213. -
  3214. * Purpose:
  3215. * Set the cryptographic provider as the default
  3216. * either for machine or for user.
  3217. *
  3218. *
  3219. * Parameters:
  3220. *
  3221. * IN pszProvName - Name of the provider to install
  3222. * IN dwProvType - Type of the provider to install
  3223. * IN pdwReserved - Reserved for future use
  3224. * IN dwFlags - Flags parameter (for machine or for user)
  3225. *
  3226. *
  3227. * Returns:
  3228. * BOOL
  3229. * Use get extended error information use GetLastError
  3230. */
  3231. WINADVAPI
  3232. BOOL
  3233. WINAPI CryptSetProviderExW(
  3234. IN LPCWSTR pszProvName,
  3235. IN DWORD dwProvType,
  3236. IN DWORD *pdwReserved,
  3237. IN DWORD dwFlags
  3238. )
  3239. {
  3240. ANSI_STRING AnsiString;
  3241. UNICODE_STRING UnicodeString;
  3242. NTSTATUS Status;
  3243. BOOL fRet = CRYPT_FAILED;
  3245. __try
  3246. {
  3247. RtlInitUnicodeString(&UnicodeString, pszProvName);
  3249. Status = RtlUnicodeStringToAnsiString(&AnsiString, &UnicodeString, TRUE);
  3251. if (!NT_SUCCESS(Status))
  3252. {
  3253. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3254. goto Ret;
  3255. }
  3257. fRet = CryptSetProviderExA((LPCSTR) AnsiString.Buffer,
  3258. dwProvType,
  3259. pdwReserved,
  3260. dwFlags);
  3262. RtlFreeAnsiString(&AnsiString);
  3263. }
  3264. __except ( CapiExceptionFilter )
  3265. {
  3266. SetLastError(ERROR_INVALID_PARAMETER);
  3267. goto Ret;
  3268. }
  3270. Ret:
  3271. return fRet;
  3272. }
  3274. /*
  3275. - CryptSetProviderExA
  3276. -
  3277. * Purpose:
  3278. * Set the cryptographic provider as the default
  3279. * either for machine or for user.
  3280. *
  3281. *
  3282. * Parameters:
  3283. *
  3284. * IN pszProvName - Name of the provider to install
  3285. * IN dwProvType - Type of the provider to install
  3286. * IN pdwReserved - Reserved for future use
  3287. * IN dwFlags - Flags parameter (for machine or for user)
  3288. *
  3289. * Returns:
  3290. * BOOL
  3291. * Use get extended error information use GetLastError
  3292. */
  3293. WINADVAPI
  3294. BOOL
  3295. WINAPI CryptSetProviderExA(
  3296. IN LPCSTR pszProvName,
  3297. IN DWORD dwProvType,
  3298. IN DWORD *pdwReserved,
  3299. IN DWORD dwFlags
  3300. )
  3301. {
  3302. HKEY hCurrUser = 0;
  3303. HKEY hRegKey = 0;
  3304. LONG err;
  3305. DWORD dwDisp;
  3306. DWORD cbValue;
  3307. CHAR *pszValue = NULL;
  3308. CHAR *pszFullName = NULL;
  3309. DWORD cbFullName;
  3310. CHAR typebuf[9] = {0, 0, 0, 0, 0, 0, 0, 0, 0};
  3311. DWORD dwKeyType;
  3312. DWORD dw;
  3313. DWORD cbProvType;
  3314. BOOL fRet = CRYPT_FAILED;
  3316. __try
  3317. {
  3318. if ((dwProvType == 0) || (dwProvType > 999) ||
  3319. (pszProvName == NULL) || (pdwReserved != NULL))
  3320. {
  3321. SetLastError(ERROR_INVALID_PARAMETER);
  3322. goto Ret;
  3323. }
  3325. if ((dwFlags & ~(CRYPT_MACHINE_DEFAULT | CRYPT_USER_DEFAULT | CRYPT_DELETE_DEFAULT)) ||
  3326. ((dwFlags & CRYPT_MACHINE_DEFAULT) && (dwFlags & CRYPT_USER_DEFAULT)))
  3327. {
  3328. SetLastError((DWORD)NTE_BAD_FLAGS);
  3329. goto Ret;
  3330. }
  3332. cbValue = strlen(pszProvName);
  3334. // check if the CSP has been installed
  3335. cbFullName = cbValue + sizeof(szenumproviders) + sizeof(CHAR);
  3337. if (NULL == (pszFullName = (CHAR *) LocalAlloc(LMEM_ZEROINIT, cbFullName)))
  3338. {
  3339. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3340. goto Ret;
  3341. }
  3343. strcpy(pszFullName, szenumproviders);
  3344. pszFullName[sizeof(szenumproviders) - 1] = '\\';
  3345. strcpy(pszFullName + sizeof(szenumproviders), pszProvName);
  3347. if ((err = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
  3348. (const char *) pszFullName,
  3349. 0L, KEY_READ, &hRegKey)) != ERROR_SUCCESS)
  3350. {
  3351. SetLastError(ERROR_INVALID_PARAMETER);
  3352. goto Ret;
  3353. }
  3355. cbProvType = sizeof(dw);
  3356. if (ERROR_SUCCESS != (err = RegQueryValueEx(hRegKey,
  3357. (const char *) "Type",
  3358. NULL, &dwKeyType, (BYTE*)&dw,
  3359. &cbProvType)))
  3360. {
  3361. SetLastError(err);
  3362. goto Ret;
  3363. }
  3364. if (dwProvType != dw)
  3365. {
  3366. SetLastError(ERROR_INVALID_PARAMETER);
  3367. goto Ret;
  3368. }
  3370. if (ERROR_SUCCESS != (err = RegCloseKey(hRegKey)))
  3371. {
  3372. SetLastError(err);
  3373. goto Ret;
  3374. }
  3375. hRegKey = NULL;
  3377. if (dwFlags & CRYPT_MACHINE_DEFAULT)
  3378. {
  3379. if ((pszValue = (CHAR *) LocalAlloc(LMEM_ZEROINIT,
  3380. strlen(szmachinetype) + 5 + 1)) == NULL)
  3381. {
  3382. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3383. goto Ret;
  3384. }
  3386. strcpy(pszValue, szmachinetype);
  3387. __ltoa(dwProvType, typebuf);
  3388. strcat(pszValue, &typebuf[5]);
  3390. if ((err = RegCreateKeyEx(HKEY_LOCAL_MACHINE,
  3391. (const char *) pszValue,
  3392. 0L, NULL, REG_OPTION_NON_VOLATILE,
  3393. KEY_READ | KEY_WRITE, NULL, &hRegKey, &dwDisp)) != ERROR_SUCCESS)
  3394. {
  3395. SetLastError(ERROR_INVALID_PARAMETER);
  3396. goto Ret;
  3397. }
  3399. // check the delete flag
  3400. if (dwFlags & CRYPT_DELETE_DEFAULT)
  3401. {
  3402. if (ERROR_SUCCESS != (err = RegDeleteValue(hRegKey, "Name")))
  3403. {
  3404. SetLastError(err);
  3405. goto Ret;
  3406. }
  3407. fRet = CRYPT_SUCCEED;
  3408. goto Ret;
  3409. }
  3410. }
  3411. else if (dwFlags & CRYPT_USER_DEFAULT)
  3412. {
  3413. if (dwFlags & CRYPT_DELETE_DEFAULT)
  3414. {
  3415. if ((pszValue = (CHAR *) LocalAlloc(LMEM_ZEROINIT,
  3416. strlen(szusertype) + 5 + 1)) == NULL)
  3417. {
  3418. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3419. goto Ret;
  3420. }
  3422. strcpy(pszValue, szusertype);
  3423. __ltoa(dwProvType, typebuf);
  3424. strcat(pszValue, &typebuf[5]);
  3426. if (!NT_SUCCESS(RtlOpenCurrentUser(KEY_READ | KEY_WRITE, &hCurrUser)))
  3427. {
  3428. SetLastError(ERROR_INVALID_PARAMETER);
  3429. goto Ret;
  3430. }
  3432. if (ERROR_SUCCESS != (err = RegDeleteKey(hCurrUser,
  3433. (const char *)pszValue)))
  3434. {
  3435. NtClose(hCurrUser);
  3436. SetLastError(err);
  3437. goto Ret;
  3438. }
  3440. fRet = CRYPT_SUCCEED;
  3441. NtClose(hCurrUser);
  3442. goto Ret;
  3443. }
  3444. else
  3445. {
  3446. // The User flag is set, but Delete is not. Handle this case
  3447. // in CryptSetProvider.
  3448. fRet = CryptSetProviderA(pszProvName, dwProvType);
  3449. goto Ret;
  3450. }
  3451. }
  3453. if (ERROR_SUCCESS != (err = RegSetValueEx(hRegKey, "Name", 0L, REG_SZ,
  3454. (const LPBYTE) pszProvName, cbValue)))
  3455. {
  3456. SetLastError(err);
  3457. goto Ret;
  3458. }
  3459. }
  3460. __except ( CapiExceptionFilter )
  3461. {
  3462. SetLastError(ERROR_INVALID_PARAMETER);
  3463. goto Ret;
  3464. }
  3466. fRet = CRYPT_SUCCEED;
  3467. Ret:
  3468. if (pszFullName)
  3469. LocalFree(pszFullName);
  3470. if (pszValue)
  3471. LocalFree(pszValue);
  3472. if (hRegKey)
  3473. RegCloseKey(hRegKey);
  3474. return fRet;
  3475. }
  3477. /*
  3478. - CryptGetDefaultProviderW
  3479. -
  3480. * Purpose:
  3481. * Get the default cryptographic provider of the specified
  3482. * type for either the machine or for the user.
  3483. *
  3484. * Parameters:
  3485. * IN dwProvType - Type of the provider to install
  3486. * IN pdwReserved - Reserved for future use
  3487. * IN dwFlags - Flags parameter (for machine or for user)
  3488. * OUT pszProvName - Name of the default provider
  3489. * IN OUT pcbProvName - Length in bytes of the provider name
  3490. *
  3491. *
  3492. * Returns:
  3493. * BOOL
  3494. * Use get extended error information use GetLastError
  3495. */
  3496. WINADVAPI
  3497. BOOL
  3498. WINAPI CryptGetDefaultProviderW(
  3499. IN DWORD dwProvType,
  3500. IN DWORD *pdwReserved,
  3501. IN DWORD dwFlags,
  3502. OUT LPWSTR pszProvName,
  3503. IN OUT DWORD *pcbProvName
  3504. )
  3505. {
  3506. ANSI_STRING AnsiString;
  3507. UNICODE_STRING UnicodeString;
  3508. LPSTR pszName = NULL;
  3509. DWORD cbName;
  3510. NTSTATUS Status;
  3511. BOOL fRet = CRYPT_FAILED;
  3513. memset(&UnicodeString, 0, sizeof(UnicodeString));
  3515. __try
  3516. {
  3517. memset(&AnsiString, 0, sizeof(AnsiString));
  3519. if (!CryptGetDefaultProviderA(dwProvType,
  3520. pdwReserved,
  3521. dwFlags,
  3522. NULL,
  3523. &cbName))
  3524. goto Ret;
  3526. if (NULL == (pszName = LocalAlloc(LMEM_ZEROINIT, cbName)))
  3527. {
  3528. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3529. goto Ret;
  3530. }
  3532. if (!CryptGetDefaultProviderA(dwProvType,
  3533. pdwReserved,
  3534. dwFlags,
  3535. pszName,
  3536. &cbName))
  3537. goto Ret;
  3539. RtlInitAnsiString(&AnsiString, pszName);
  3541. Status = RtlAnsiStringToUnicodeString(&UnicodeString, &AnsiString, TRUE);
  3542. if (!NT_SUCCESS(Status))
  3543. {
  3544. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3545. goto Ret;
  3546. }
  3548. if (NULL == pszProvName)
  3549. {
  3550. *pcbProvName = UnicodeString.Length + sizeof(WCHAR);
  3551. fRet = CRYPT_SUCCEED;
  3552. goto Ret;
  3553. }
  3555. if (*pcbProvName < UnicodeString.Length + sizeof(WCHAR))
  3556. {
  3557. *pcbProvName = UnicodeString.Length + sizeof(WCHAR);
  3558. SetLastError(ERROR_MORE_DATA);
  3559. goto Ret;
  3560. }
  3562. *pcbProvName = UnicodeString.Length + sizeof(WCHAR);
  3563. memset(pszProvName, 0, *pcbProvName);
  3564. memcpy(pszProvName, UnicodeString.Buffer, UnicodeString.Length);
  3565. }
  3566. __except ( CapiExceptionFilter )
  3567. {
  3568. SetLastError(ERROR_INVALID_PARAMETER);
  3569. goto Ret;
  3570. }
  3572. fRet = CRYPT_SUCCEED;
  3573. Ret:
  3574. if (UnicodeString.Buffer)
  3575. RtlFreeUnicodeString(&UnicodeString);
  3576. if (pszName)
  3577. LocalFree(pszName);
  3578. return fRet;
  3579. }
  3581. /*
  3582. - CryptGetDefaultProviderA
  3583. -
  3584. * Purpose:
  3585. * Get the default cryptographic provider of the specified
  3586. * type for either the machine or for the user.
  3587. *
  3588. *
  3589. * Parameters:
  3590. * IN dwProvType - Type of the provider to install
  3591. * IN pdwReserved - Reserved for future use
  3592. * IN dwFlags - Flags parameter (for machine or for user)
  3593. * OUT pszProvName - Name of the default provider
  3594. * IN OUT pcbProvName - Length in bytes of the provider name
  3595. * including the NULL terminator
  3596. *
  3597. * Returns:
  3598. * BOOL
  3599. * Use get extended error information use GetLastError
  3600. */
  3601. WINAPI CryptGetDefaultProviderA(
  3602. IN DWORD dwProvType,
  3603. IN DWORD *pdwReserved,
  3604. IN DWORD dwFlags,
  3605. OUT LPSTR pszProvName,
  3606. IN OUT DWORD *pcbProvName
  3607. )
  3608. {
  3609. HKEY hRegKey = 0;
  3610. LONG err;
  3611. CHAR *pszValue = NULL;
  3612. DWORD dwValType;
  3613. CHAR typebuf[9] = {0, 0, 0, 0, 0, 0, 0, 0, 0};
  3614. DWORD cbProvName = 0;
  3615. BOOL fRet = CRYPT_FAILED;
  3617. __try
  3618. {
  3619. if (dwProvType == 0 || dwProvType > 999 || pdwReserved != NULL)
  3620. {
  3621. SetLastError(ERROR_INVALID_PARAMETER);
  3622. goto Ret;
  3623. }
  3625. if ((dwFlags & ~(CRYPT_MACHINE_DEFAULT | CRYPT_USER_DEFAULT)) ||
  3626. ((dwFlags & CRYPT_MACHINE_DEFAULT) && (dwFlags & CRYPT_USER_DEFAULT)))
  3627. {
  3628. SetLastError((DWORD)NTE_BAD_FLAGS);
  3629. goto Ret;
  3630. }
  3632. //
  3633. // We no longer look for a User default, but instead treat the USER_
  3634. // and MACHINE_ flags as identical, and only look in HKLM.
  3635. //
  3637. if ((pszValue = (CHAR *) LocalAlloc(LMEM_ZEROINIT,
  3638. strlen(szmachinetype) + 5 + 1)) == NULL)
  3639. {
  3640. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3641. goto Ret;
  3642. }
  3644. strcpy(pszValue, szmachinetype);
  3645. __ltoa(dwProvType, typebuf);
  3646. strcat(pszValue, &typebuf[5]);
  3648. if ((err = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
  3649. (const char *) pszValue,
  3650. 0L, KEY_READ, &hRegKey)) != ERROR_SUCCESS)
  3651. {
  3652. SetLastError(ERROR_INVALID_PARAMETER);
  3653. goto Ret;
  3654. }
  3656. if ((err = RegQueryValueEx(hRegKey, "Name", 0L, &dwValType,
  3657. NULL,
  3658. &cbProvName)) != ERROR_SUCCESS)
  3659. {
  3660. SetLastError(ERROR_INVALID_PARAMETER);
  3661. goto Ret;
  3662. }
  3664. if (NULL == pszProvName)
  3665. {
  3666. *pcbProvName = cbProvName;
  3667. fRet = CRYPT_SUCCEED;
  3668. goto Ret;
  3669. }
  3671. if (cbProvName > *pcbProvName)
  3672. {
  3673. *pcbProvName = cbProvName;
  3674. SetLastError(ERROR_MORE_DATA);
  3675. goto Ret;
  3676. }
  3678. if ((err = RegQueryValueEx(hRegKey, "Name", 0L, &dwValType,
  3679. (BYTE*)pszProvName,
  3680. &cbProvName)) != ERROR_SUCCESS)
  3681. {
  3682. SetLastError(ERROR_INVALID_PARAMETER);
  3683. goto Ret;
  3684. }
  3685. *pcbProvName = cbProvName;
  3686. }
  3687. __except ( CapiExceptionFilter )
  3688. {
  3689. SetLastError(ERROR_INVALID_PARAMETER);
  3690. goto Ret;
  3691. }
  3693. fRet = CRYPT_SUCCEED;
  3695. Ret:
  3696. if (hRegKey)
  3697. RegCloseKey(hRegKey);
  3698. if (pszValue)
  3699. LocalFree(pszValue);
  3700. return fRet;
  3701. }
  3703. /*
  3704. - CryptEnumProviderTypesW
  3705. -
  3706. * Purpose:
  3707. * Enumerate the provider types.
  3708. *
  3709. * Parameters:
  3710. * IN dwIndex - Index to the provider types to enumerate
  3711. * IN pdwReserved - Reserved for future use
  3712. * IN dwFlags - Flags parameter
  3713. * OUT pdwProvType - Pointer to the provider type
  3714. * OUT pszTypeName - Name of the enumerated provider type
  3715. * IN OUT pcbTypeName - Length of the enumerated provider type
  3716. *
  3717. * Returns:
  3718. * BOOL
  3719. * Use get extended error information use GetLastError
  3720. */
  3721. WINADVAPI
  3722. BOOL
  3723. WINAPI CryptEnumProviderTypesW(
  3724. IN DWORD dwIndex,
  3725. IN DWORD *pdwReserved,
  3726. IN DWORD dwFlags,
  3727. OUT DWORD *pdwProvType,
  3728. OUT LPWSTR pszTypeName,
  3729. IN OUT DWORD *pcbTypeName
  3730. )
  3731. {
  3732. ANSI_STRING AnsiString;
  3733. UNICODE_STRING UnicodeString;
  3734. LPSTR pszTmpTypeName = NULL;
  3735. DWORD cbTmpTypeName = 0;
  3736. NTSTATUS Status;
  3737. BOOL fRet = CRYPT_FAILED;
  3739. memset(&UnicodeString, 0, sizeof(UnicodeString));
  3741. __try
  3742. {
  3743. memset(&AnsiString, 0, sizeof(AnsiString));
  3745. if (!CryptEnumProviderTypesA(dwIndex,
  3746. pdwReserved,
  3747. dwFlags,
  3748. pdwProvType,
  3749. NULL,
  3750. &cbTmpTypeName))
  3751. goto Ret;
  3753. if (NULL == (pszTmpTypeName = LocalAlloc(LMEM_ZEROINIT, cbTmpTypeName)))
  3754. {
  3755. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3756. goto Ret;
  3757. }
  3759. if (!CryptEnumProviderTypesA(dwIndex,
  3760. pdwReserved,
  3761. dwFlags,
  3762. pdwProvType,
  3763. pszTmpTypeName,
  3764. &cbTmpTypeName))
  3765. goto Ret;
  3767. if (0 != cbTmpTypeName)
  3768. {
  3769. RtlInitAnsiString(&AnsiString, pszTmpTypeName);
  3771. Status = RtlAnsiStringToUnicodeString(&UnicodeString, &AnsiString, TRUE);
  3772. if ( !NT_SUCCESS(Status))
  3773. {
  3774. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3775. goto Ret;
  3776. }
  3778. // check if caller is asking for length, in addition the name of the provider
  3779. // may not be available, in this case a name length of 0 is returned
  3780. if ((NULL == pszTypeName) || (0 == cbTmpTypeName))
  3781. {
  3782. *pcbTypeName = UnicodeString.Length + sizeof(WCHAR);
  3783. fRet = CRYPT_SUCCEED;
  3784. goto Ret;
  3785. }
  3787. if (*pcbTypeName < UnicodeString.Length + sizeof(WCHAR))
  3788. {
  3789. *pcbTypeName = UnicodeString.Length + sizeof(WCHAR);
  3790. SetLastError(ERROR_MORE_DATA);
  3791. goto Ret;
  3792. }
  3794. *pcbTypeName = UnicodeString.Length + sizeof(WCHAR);
  3795. memset(pszTypeName, 0, *pcbTypeName);
  3796. memcpy(pszTypeName, UnicodeString.Buffer, UnicodeString.Length);
  3797. }
  3798. }
  3799. __except ( CapiExceptionFilter )
  3800. {
  3801. SetLastError(ERROR_INVALID_PARAMETER);
  3802. goto Ret;
  3803. }
  3805. fRet = CRYPT_SUCCEED;
  3806. Ret:
  3807. if (UnicodeString.Buffer)
  3808. RtlFreeUnicodeString(&UnicodeString);
  3809. if (pszTmpTypeName)
  3810. LocalFree(pszTmpTypeName);
  3811. return fRet;
  3812. }
  3814. /*
  3815. - CryptEnumProviderTypesA
  3816. -
  3817. * Purpose:
  3818. * Enumerate the provider types.
  3819. *
  3820. * Parameters:
  3821. * IN dwIndex - Index to the provider types to enumerate
  3822. * IN pdwReserved - Reserved for future use
  3823. * IN dwFlags - Flags parameter
  3824. * OUT pdwProvType - Pointer to the provider type
  3825. * OUT pszTypeName - Name of the enumerated provider type
  3826. * IN OUT pcbTypeName - Length of the enumerated provider type
  3827. *
  3828. * Returns:
  3829. * BOOL
  3830. * Use get extended error information use GetLastError
  3831. */
  3832. WINADVAPI
  3833. BOOL
  3834. WINAPI CryptEnumProviderTypesA(
  3835. IN DWORD dwIndex,
  3836. IN DWORD *pdwReserved,
  3837. IN DWORD dwFlags,
  3838. OUT DWORD *pdwProvType,
  3839. OUT LPSTR pszTypeName,
  3840. IN OUT DWORD *pcbTypeName
  3841. )
  3842. {
  3843. HKEY hRegKey = 0;
  3844. HKEY hTypeKey = 0;
  3845. LONG err;
  3846. CHAR *pszRegKeyName = NULL;
  3847. DWORD cbClass;
  3848. FILETIME ft;
  3849. CHAR rgcType[] = {'T', 'y', 'p', 'e', ' '};
  3850. LPSTR pszValue;
  3851. long Type;
  3852. DWORD cSubKeys;
  3853. DWORD cbMaxKeyName;
  3854. DWORD cbMaxClass;
  3855. DWORD cValues;
  3856. DWORD cbMaxValName;
  3857. DWORD cbMaxValData;
  3858. DWORD cbTmpTypeName = 0;
  3859. DWORD dwValType;
  3860. BOOL fRet = CRYPT_FAILED;
  3862. __try
  3863. {
  3864. if (NULL != pdwReserved)
  3865. {
  3866. SetLastError(ERROR_INVALID_PARAMETER);
  3867. goto Ret;
  3868. }
  3870. if (0 != dwFlags)
  3871. {
  3872. SetLastError((DWORD)NTE_BAD_FLAGS);
  3873. goto Ret;
  3874. }
  3876. if (ERROR_SUCCESS != (err = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
  3877. (const char *) szprovidertypes,
  3878. 0L,
  3879. KEY_READ,
  3880. &hRegKey)))
  3881. {
  3882. SetLastError((DWORD)NTE_FAIL);
  3883. goto Ret;
  3884. }
  3886. if (ERROR_SUCCESS != (err = RegQueryInfoKey(hRegKey,
  3887. NULL,
  3888. NULL,
  3889. NULL,
  3890. &cSubKeys,
  3891. &cbMaxKeyName,
  3892. &cbMaxClass,
  3893. &cValues,
  3894. &cbMaxValName,
  3895. &cbMaxValData,
  3896. NULL,
  3897. &ft)))
  3898. {
  3899. SetLastError((DWORD)NTE_FAIL);
  3900. goto Ret;
  3901. }
  3902. cbMaxKeyName += sizeof(CHAR);
  3904. if (NULL == (pszRegKeyName = LocalAlloc(LMEM_ZEROINIT, cbMaxKeyName)))
  3905. {
  3906. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  3907. goto Ret;
  3908. }
  3910. if (ERROR_SUCCESS != (err = RegEnumKeyEx(hRegKey,
  3911. dwIndex, pszRegKeyName, &cbMaxKeyName, NULL,
  3912. NULL, &cbClass, &ft)))
  3913. {
  3914. if (ERROR_NO_MORE_ITEMS == err)
  3915. {
  3916. SetLastError((DWORD)err);
  3917. }
  3918. else
  3919. {
  3920. SetLastError((DWORD)NTE_FAIL);
  3921. }
  3922. goto Ret;
  3923. }
  3925. if (memcmp(pszRegKeyName, rgcType, sizeof(rgcType)))
  3926. {
  3927. SetLastError((DWORD)NTE_FAIL);
  3928. goto Ret;
  3929. }
  3930. pszValue = pszRegKeyName + sizeof(rgcType);
  3932. if (0 == (Type = atol(pszValue)))
  3933. {
  3934. SetLastError((DWORD)NTE_FAIL);
  3935. goto Ret;
  3936. }
  3937. *pdwProvType = (DWORD)Type;
  3939. // check for the type name
  3940. if (ERROR_SUCCESS != (err = RegOpenKeyEx(hRegKey,
  3941. (const char *)pszRegKeyName,
  3942. 0L,
  3943. KEY_READ,
  3944. &hTypeKey)))
  3945. {
  3946. SetLastError((DWORD)NTE_FAIL);
  3947. goto Ret;
  3948. }
  3950. if ((err = RegQueryValueEx(hTypeKey, "TypeName", 0L, &dwValType,
  3951. NULL, &cbTmpTypeName)) != ERROR_SUCCESS)
  3952. {
  3953. fRet = CRYPT_SUCCEED;
  3954. goto Ret;
  3955. }
  3957. if (NULL == pszTypeName)
  3958. {
  3959. *pcbTypeName = cbTmpTypeName;
  3960. fRet = CRYPT_SUCCEED;
  3961. goto Ret;
  3962. }
  3963. else if (*pcbTypeName < cbTmpTypeName)
  3964. {
  3965. *pcbTypeName = cbTmpTypeName;
  3966. SetLastError(ERROR_MORE_DATA);
  3967. goto Ret;
  3968. }
  3970. if ((err = RegQueryValueEx(hTypeKey, "TypeName", 0L, &dwValType,
  3971. (BYTE*)pszTypeName, &cbTmpTypeName)) != ERROR_SUCCESS)
  3972. {
  3973. SetLastError(ERROR_INVALID_PARAMETER);
  3974. goto Ret;
  3975. }
  3976. *pcbTypeName = cbTmpTypeName;
  3977. }
  3978. __except ( CapiExceptionFilter )
  3979. {
  3980. SetLastError(ERROR_INVALID_PARAMETER);
  3981. goto Ret;
  3982. }
  3984. fRet = CRYPT_SUCCEED;
  3985. Ret:
  3986. if (hRegKey)
  3987. RegCloseKey(hRegKey);
  3988. if (hTypeKey)
  3989. RegCloseKey(hTypeKey);
  3990. if (pszRegKeyName)
  3991. LocalFree(pszRegKeyName);
  3992. return fRet;
  3993. }
  3995. /*
  3996. - CryptEnumProvidersW
  3997. -
  3998. * Purpose:
  3999. * Enumerate the providers.
  4000. *
  4001. * Parameters:
  4002. * IN dwIndex - Index to the providers to enumerate
  4003. * IN pdwReserved - Reserved for future use
  4004. * IN dwFlags - Flags parameter
  4005. * OUT pdwProvType - The type of the provider
  4006. * OUT pszProvName - Name of the enumerated provider
  4007. * IN OUT pcbProvName - Length of the enumerated provider
  4008. *
  4009. * Returns:
  4010. * BOOL
  4011. * Use get extended error information use GetLastError
  4012. */
  4013. WINADVAPI
  4014. BOOL
  4015. WINAPI CryptEnumProvidersW(
  4016. IN DWORD dwIndex,
  4017. IN DWORD *pdwReserved,
  4018. IN DWORD dwFlags,
  4019. OUT DWORD *pdwProvType,
  4020. OUT LPWSTR pszProvName,
  4021. IN OUT DWORD *pcbProvName
  4022. )
  4023. {
  4024. ANSI_STRING AnsiString;
  4025. UNICODE_STRING UnicodeString;
  4026. LPSTR pszTmpProvName = NULL;
  4027. DWORD cbTmpProvName;
  4028. NTSTATUS Status;
  4029. BOOL fRet = CRYPT_FAILED;
  4031. memset(&UnicodeString, 0, sizeof(UnicodeString));
  4033. __try
  4034. {
  4035. memset(&AnsiString, 0, sizeof(AnsiString));
  4037. if (!CryptEnumProvidersA(dwIndex,
  4038. pdwReserved,
  4039. dwFlags,
  4040. pdwProvType,
  4041. NULL,
  4042. &cbTmpProvName))
  4043. goto Ret;
  4045. if (NULL == (pszTmpProvName = LocalAlloc(LMEM_ZEROINIT, cbTmpProvName)))
  4046. {
  4047. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  4048. goto Ret;
  4049. }
  4051. if (!CryptEnumProvidersA(dwIndex,
  4052. pdwReserved,
  4053. dwFlags,
  4054. pdwProvType,
  4055. pszTmpProvName,
  4056. &cbTmpProvName))
  4057. goto Ret;
  4059. RtlInitAnsiString(&AnsiString, pszTmpProvName);
  4061. Status = RtlAnsiStringToUnicodeString(&UnicodeString, &AnsiString, TRUE);
  4062. if ( !NT_SUCCESS(Status))
  4063. {
  4064. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  4065. goto Ret;
  4066. }
  4068. if (NULL == pszProvName)
  4069. {
  4070. *pcbProvName = UnicodeString.Length + sizeof(WCHAR);
  4071. fRet = CRYPT_SUCCEED;
  4072. goto Ret;
  4073. }
  4075. if (*pcbProvName < UnicodeString.Length + sizeof(WCHAR))
  4076. {
  4077. *pcbProvName = UnicodeString.Length + sizeof(WCHAR);
  4078. SetLastError(ERROR_MORE_DATA);
  4079. goto Ret;
  4080. }
  4082. *pcbProvName = UnicodeString.Length + sizeof(WCHAR);
  4083. memset(pszProvName, 0, *pcbProvName);
  4084. memcpy(pszProvName, UnicodeString.Buffer, UnicodeString.Length);
  4085. }
  4086. __except ( CapiExceptionFilter )
  4087. {
  4088. SetLastError(ERROR_INVALID_PARAMETER);
  4089. goto Ret;
  4090. }
  4092. fRet = CRYPT_SUCCEED;
  4093. Ret:
  4094. if (UnicodeString.Buffer)
  4095. RtlFreeUnicodeString(&UnicodeString);
  4096. if (pszTmpProvName)
  4097. LocalFree(pszTmpProvName);
  4098. return fRet;
  4099. }
  4101. /*
  4102. - CryptEnumProvidersA
  4103. -
  4104. * Purpose:
  4105. * Enumerate the providers.
  4106. *
  4107. * Parameters:
  4108. * IN dwIndex - Index to the providers to enumerate
  4109. * IN pdwReserved - Reserved for future use
  4110. * IN dwFlags - Flags parameter
  4111. * OUT pdwProvType - The type of the provider
  4112. * OUT pszProvName - Name of the enumerated provider
  4113. * IN OUT pcbProvName - Length of the enumerated provider
  4114. *
  4115. * Returns:
  4116. * BOOL
  4117. * Use get extended error information use GetLastError
  4118. */
  4119. WINADVAPI
  4120. BOOL
  4121. WINAPI CryptEnumProvidersA(
  4122. IN DWORD dwIndex,
  4123. IN DWORD *pdwReserved,
  4124. IN DWORD dwFlags,
  4125. OUT DWORD *pdwProvType,
  4126. OUT LPSTR pszProvName,
  4127. IN OUT DWORD *pcbProvName
  4128. )
  4129. {
  4130. HKEY hRegKey = 0;
  4131. HKEY hProvRegKey = 0;
  4132. LONG err;
  4133. DWORD cbClass;
  4134. FILETIME ft;
  4135. DWORD dwKeyType;
  4136. DWORD cbProvType;
  4137. DWORD dw;
  4138. DWORD cSubKeys;
  4139. DWORD cbMaxKeyName;
  4140. DWORD cbMaxClass;
  4141. DWORD cValues;
  4142. DWORD cbMaxValName;
  4143. DWORD cbMaxValData;
  4144. LPSTR pszTmpProvName = NULL;
  4145. DWORD cbTmpProvName;
  4146. BOOL fRet = CRYPT_FAILED;
  4148. __try
  4149. {
  4150. if (NULL != pdwReserved)
  4151. {
  4152. SetLastError(ERROR_INVALID_PARAMETER);
  4153. goto Ret;
  4154. }
  4156. if (0 != dwFlags)
  4157. {
  4158. SetLastError((DWORD)NTE_BAD_FLAGS);
  4159. goto Ret;
  4160. }
  4162. if (ERROR_SUCCESS != (err = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
  4163. (const char *) szenumproviders,
  4164. 0L, KEY_READ, &hRegKey)))
  4165. {
  4166. SetLastError((DWORD)NTE_FAIL);
  4167. goto Ret;
  4168. }
  4170. if (ERROR_SUCCESS != (err = RegQueryInfoKey(hRegKey,
  4171. NULL,
  4172. NULL,
  4173. NULL,
  4174. &cSubKeys,
  4175. &cbMaxKeyName,
  4176. &cbMaxClass,
  4177. &cValues,
  4178. &cbMaxValName,
  4179. &cbMaxValData,
  4180. NULL,
  4181. &ft)))
  4182. {
  4183. SetLastError((DWORD)NTE_FAIL);
  4184. goto Ret;
  4185. }
  4186. cbMaxKeyName += sizeof(CHAR);
  4188. if (NULL == (pszTmpProvName = LocalAlloc(LMEM_ZEROINIT, cbMaxKeyName)))
  4189. {
  4190. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  4191. goto Ret;
  4192. }
  4194. if (ERROR_SUCCESS != (err = RegEnumKeyEx(hRegKey, dwIndex, pszTmpProvName,
  4195. &cbMaxKeyName, NULL,
  4196. NULL, &cbClass, &ft)))
  4197. {
  4198. SetLastError((DWORD)err);
  4199. goto Ret;
  4200. }
  4202. if (ERROR_SUCCESS != (err = RegOpenKeyEx(hRegKey,
  4203. (const char *) pszTmpProvName,
  4204. 0L, KEY_READ, &hProvRegKey)))
  4205. {
  4206. SetLastError((DWORD)NTE_FAIL);
  4207. goto Ret;
  4208. }
  4210. cbProvType = sizeof(dw);
  4211. if (ERROR_SUCCESS != (err = RegQueryValueEx(hProvRegKey,
  4212. (const char *) "Type",
  4213. NULL, &dwKeyType, (BYTE*)&dw,
  4214. &cbProvType)))
  4215. {
  4216. SetLastError((DWORD)NTE_FAIL);
  4217. goto Ret;
  4218. }
  4219. *pdwProvType = dw;
  4221. cbTmpProvName = strlen(pszTmpProvName) + sizeof(CHAR);
  4223. if (NULL != pszProvName)
  4224. {
  4225. if (*pcbProvName < cbTmpProvName)
  4226. {
  4227. *pcbProvName = cbTmpProvName;
  4228. SetLastError(ERROR_MORE_DATA);
  4229. goto Ret;
  4230. }
  4231. strcpy(pszProvName, pszTmpProvName);
  4232. }
  4234. *pcbProvName = cbTmpProvName;
  4235. }
  4236. __except ( CapiExceptionFilter )
  4237. {
  4238. SetLastError(ERROR_INVALID_PARAMETER);
  4239. goto Ret;
  4240. }
  4242. fRet = CRYPT_SUCCEED;
  4243. Ret:
  4244. if (pszTmpProvName)
  4245. LocalFree(pszTmpProvName);
  4246. if (hRegKey)
  4247. RegCloseKey(hRegKey);
  4248. if (hProvRegKey)
  4249. RegCloseKey(hProvRegKey);
  4250. return fRet;
  4251. }
  4253. BOOL EnterProviderCritSec(IN PVTableStruc pVTable)
  4254. {
  4255. __try
  4256. {
  4257. if (pVTable->Version != TABLEPROV)
  4258. {
  4259. SetLastError(ERROR_INVALID_PARAMETER);
  4260. goto Try_Error_Return;
  4261. }
  4263. InterlockedIncrement((LPLONG)&pVTable->Inuse);
  4265. }
  4266. __except ( CapiExceptionFilter )
  4267. {
  4268. SetLastError(ERROR_INVALID_PARAMETER);
  4269. goto Try_Error_Return;
  4270. }
  4272. return(CRYPT_SUCCEED);
  4273. Try_Error_Return:
  4274. return(CRYPT_FAILED);
  4275. }
  4278. void LeaveProviderCritSec(IN PVTableStruc pVTable)
  4279. {
  4280. InterlockedDecrement((LPLONG)&pVTable->Inuse);
  4281. }
  4283. BOOL EnterKeyCritSec(IN PVKeyStruc pVKey)
  4284. {
  4286. __try
  4287. {
  4288. if (pVKey->Version != TABLEKEY)
  4289. {
  4290. SetLastError(ERROR_INVALID_PARAMETER);
  4291. goto Try_Error_Return;
  4292. }
  4294. InterlockedIncrement((LPLONG)&pVKey->Inuse);
  4295. }
  4296. __except ( CapiExceptionFilter )
  4297. {
  4298. SetLastError(ERROR_INVALID_PARAMETER);
  4299. goto Try_Error_Return;
  4300. }
  4302. return(CRYPT_SUCCEED);
  4303. Try_Error_Return:
  4304. return(CRYPT_FAILED);
  4306. }
  4309. void LeaveKeyCritSec(IN PVKeyStruc pVKey)
  4310. {
  4311. InterlockedDecrement((LPLONG)&pVKey->Inuse);
  4312. }
  4314. BOOL EnterHashCritSec(IN PVHashStruc pVHash)
  4315. {
  4317. __try
  4318. {
  4319. if (pVHash->Version != TABLEHASH)
  4320. {
  4321. SetLastError(ERROR_INVALID_PARAMETER);
  4322. goto Try_Error_Return;
  4323. }
  4325. InterlockedIncrement((LPLONG)&pVHash->Inuse);
  4326. }
  4327. __except ( CapiExceptionFilter )
  4328. {
  4329. SetLastError(ERROR_INVALID_PARAMETER);
  4330. goto Try_Error_Return;
  4331. }
  4333. return(CRYPT_SUCCEED);
  4335. Try_Error_Return:
  4336. return(CRYPT_FAILED);
  4338. }
  4341. void LeaveHashCritSec(IN PVHashStruc pVHash)
  4342. {
  4343. InterlockedDecrement((LPLONG)&pVHash->Inuse);
  4344. }
  4347. BOOL BuildVKey(IN PVKeyStruc *ppVKey,
  4348. IN PVTableStruc pVTable)
  4349. {
  4350. DWORD bufsize;
  4351. PVKeyStruc pVKey;
  4353. bufsize = sizeof(VKeyStruc);
  4355. if ((pVKey = (PVKeyStruc) LocalAlloc(LMEM_ZEROINIT,
  4356. (UINT) bufsize)) == NULL)
  4357. {
  4358. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  4359. return(CRYPT_FAILED);
  4360. }
  4362. pVKey->FuncGenKey = pVTable->FuncGenKey;
  4363. pVKey->FuncDeriveKey = pVTable->FuncDeriveKey;
  4364. pVKey->FuncDestroyKey = pVTable->FuncDestroyKey;
  4365. pVKey->FuncSetKeyParam = pVTable->FuncSetKeyParam;
  4366. pVKey->FuncGetKeyParam = pVTable->FuncGetKeyParam;
  4367. pVKey->FuncExportKey = pVTable->FuncExportKey;
  4368. pVKey->FuncImportKey = pVTable->FuncImportKey;
  4369. pVKey->FuncEncrypt = pVTable->FuncEncrypt;
  4370. pVKey->FuncDecrypt = pVTable->FuncDecrypt;
  4372. pVKey->OptionalFuncDuplicateKey = pVTable->OptionalFuncDuplicateKey;
  4374. pVKey->hProv = pVTable->hProv;
  4376. *ppVKey = pVKey;
  4378. return(CRYPT_SUCCEED);
  4379. }
  4381. BOOL BuildVHash(
  4382. IN PVHashStruc *ppVHash,
  4383. IN PVTableStruc pVTable
  4384. )
  4385. {
  4386. DWORD bufsize;
  4387. PVHashStruc pVHash;
  4390. bufsize = sizeof(VHashStruc);
  4392. if ((pVHash = (PVHashStruc) LocalAlloc(LMEM_ZEROINIT, (UINT) bufsize)) == NULL)
  4393. {
  4394. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  4395. return(CRYPT_FAILED);
  4396. }
  4398. pVHash->FuncCreateHash = pVTable->FuncCreateHash;
  4399. pVHash->FuncHashData = pVTable->FuncHashData;
  4400. pVHash->FuncHashSessionKey = pVTable->FuncHashSessionKey;
  4401. pVHash->FuncDestroyHash = pVTable->FuncDestroyHash;
  4402. pVHash->FuncSignHash = pVTable->FuncSignHash;
  4403. pVHash->FuncVerifySignature = pVTable->FuncVerifySignature;
  4404. pVHash->FuncGetHashParam = pVTable->FuncGetHashParam;
  4405. pVHash->FuncSetHashParam = pVTable->FuncSetHashParam;
  4407. pVHash->OptionalFuncDuplicateHash = pVTable->OptionalFuncDuplicateHash;
  4409. pVHash->hProv = (HCRYPTPROV)pVTable;
  4411. *ppVHash = pVHash;
  4413. return(CRYPT_SUCCEED);
  4414. }
  4416. #define RC4_KEYSIZE 5
  4418. void EncryptKey(BYTE *pdata, DWORD size, BYTE val)
  4419. {
  4420. RC4_KEYSTRUCT key;
  4421. BYTE RealKey[RC4_KEYSIZE] = {0xa2, 0x17, 0x9c, 0x98, 0xca};
  4422. DWORD index;
  4424. for (index = 0; index < RC4_KEYSIZE; index++)
  4425. {
  4426. RealKey[index] ^= val;
  4427. }
  4429. rc4_key(&key, RC4_KEYSIZE, RealKey);
  4431. rc4(&key, size, pdata);
  4433. }
  4435. void MD5HashData(
  4436. BYTE *pb,
  4437. DWORD cb,
  4438. BYTE *pbHash
  4439. )
  4440. {
  4441. MD5_CTX HashState;
  4443. MD5Init(&HashState);
  4445. __try
  4446. {
  4447. MD5Update(&HashState, pb, cb);
  4448. } __except ( CapiExceptionFilter )
  4449. {
  4450. SetLastError((DWORD) NTE_SIGNATURE_FILE_BAD);
  4451. return;
  4452. }
  4454. // Finish the hash
  4455. MD5Final(&HashState);
  4457. memcpy(pbHash, HashState.digest, 16);
  4458. }
  4460. BOOL CheckSignature(
  4461. BYTE *pbKey,
  4462. DWORD cbKey,
  4463. BYTE *pbSig,
  4464. DWORD cbSig,
  4465. BYTE *pbHash,
  4466. BOOL fUnknownLen)
  4467. {
  4468. BYTE rgbResult[KEYSIZE1024];
  4469. BYTE rgbSig[KEYSIZE1024];
  4470. BYTE rgbKey[sizeof(BSAFE_PUB_KEY) + KEYSIZE1024];
  4471. BYTE rgbKeyHash[16];
  4472. BYTE *pbSecondKey;
  4473. DWORD cbSecondKey;
  4474. BYTE *pbKeySig;
  4475. PSECOND_TIER_SIG pSecondTierSig;
  4476. LPBSAFE_PUB_KEY pTmp;
  4477. BOOL fRet = FALSE;
  4479. memset(rgbResult, 0, KEYSIZE1024);
  4480. memset(rgbSig, 0, KEYSIZE1024);
  4482. // just check the straight signature if version is 1
  4483. pTmp = (LPBSAFE_PUB_KEY)pbKey;
  4485. // check if sig length is the same as the key length
  4486. if (fUnknownLen || (cbSig == pTmp->keylen))
  4487. {
  4488. memcpy(rgbSig, pbSig, pTmp->keylen);
  4489. BSafeEncPublic(pTmp, rgbSig, rgbResult);
  4491. if (RtlEqualMemory(pbHash, rgbResult, 16) &&
  4492. rgbResult[cbKey-1] == 0 &&
  4493. rgbResult[cbKey-2] == 1 &&
  4494. rgbResult[16] == 0 &&
  4495. rgbResult[17] == 0xFF)
  4496. {
  4497. fRet = TRUE;
  4498. goto Ret;
  4499. }
  4500. }
  4502. // check the the second tier signature if the magic equals 2
  4503. pSecondTierSig = (PSECOND_TIER_SIG)pbSig;
  4504. if (0x00000002 != pSecondTierSig->dwMagic)
  4505. goto Ret;
  4507. if (0x31415352 != pSecondTierSig->Pub.magic)
  4508. goto Ret;
  4510. if (pSecondTierSig->Pub.keylen > KEYSIZE1024)
  4511. goto Ret;
  4513. // assign the pointers
  4514. cbSecondKey = sizeof(BSAFE_PUB_KEY) + pSecondTierSig->Pub.keylen;
  4515. pbSecondKey = pbSig + (sizeof(SECOND_TIER_SIG) - sizeof(BSAFE_PUB_KEY));
  4516. pbKeySig = pbSecondKey + cbSecondKey;
  4518. // hash the second tier key
  4519. MD5HashData(pbSecondKey, cbSecondKey, rgbKeyHash);
  4521. // Decrypt the signature data on the second tier key
  4522. memset(rgbResult, 0, sizeof(rgbResult));
  4523. memset(rgbSig, 0, sizeof(rgbSig));
  4525. if (pSecondTierSig->cbSig > sizeof(rgbSig))
  4526. goto Ret;
  4528. memcpy(rgbSig, pbKeySig, pSecondTierSig->cbSig);
  4529. BSafeEncPublic(pTmp, rgbSig, rgbResult);
  4531. if ((FALSE == RtlEqualMemory(rgbKeyHash, rgbResult, 16)) ||
  4532. rgbResult[cbKey-1] != 0 ||
  4533. rgbResult[cbKey-2] != 1 ||
  4534. rgbResult[16] != 0 ||
  4535. rgbResult[17] != 0)
  4536. {
  4537. goto Ret;
  4538. }
  4540. // Decrypt the signature data on the CSP
  4541. memset(rgbResult, 0, sizeof(rgbResult));
  4542. memset(rgbSig, 0, sizeof(rgbSig));
  4543. memset(rgbKey, 0, sizeof(rgbKey));
  4544. memcpy(rgbSig, pbKeySig + pSecondTierSig->cbSig, pSecondTierSig->cbSig);
  4545. memcpy(rgbKey, pbSecondKey, cbSecondKey);
  4546. pTmp = (LPBSAFE_PUB_KEY)rgbKey;
  4547. BSafeEncPublic(pTmp, rgbSig, rgbResult);
  4549. if (RtlEqualMemory(pbHash, rgbResult, 16) &&
  4550. rgbResult[pTmp->keylen-1] == 0 &&
  4551. rgbResult[pTmp->keylen-2] == 1 &&
  4552. rgbResult[16] == 0)
  4553. {
  4554. fRet = TRUE;
  4555. }
  4556. Ret:
  4557. return fRet;
  4558. }
  4560. // Given hInst, allocs and returns pointers to signature pulled from
  4561. // resource
  4562. BOOL GetCryptSigResourcePtr(
  4563. HMODULE hInst,
  4564. BYTE **ppbRsrcSig,
  4565. DWORD *pcbRsrcSig
  4566. )
  4567. {
  4568. HRSRC hRsrc;
  4569. BOOL fRet = FALSE;
  4571. // Nab resource handle for our signature
  4572. if (NULL == (hRsrc = FindResource(hInst, OLD_CRYPT_SIG_RESOURCE_NUMBER,
  4573. RT_RCDATA)))
  4574. goto Ret;
  4576. // get a pointer to the actual signature data
  4577. if (NULL == (*ppbRsrcSig = (PBYTE)LoadResource(hInst, hRsrc)))
  4578. goto Ret;
  4580. // determine the size of the resource
  4581. if (0 == (*pcbRsrcSig = SizeofResource(hInst, hRsrc)))
  4582. goto Ret;
  4584. fRet = TRUE;
  4585. Ret:
  4586. return fRet;
  4587. }
  4589. #define CSP_TO_BE_HASHED_CHUNK 4096
  4591. // Given hFile, reads the specified number of bytes (cbToBeHashed) from the file
  4592. // and hashes these bytes. The function does this in chunks.
  4593. BOOL HashBytesOfFile(
  4594. IN HANDLE hFile,
  4595. IN DWORD cbToBeHashed,
  4596. IN OUT MD5_CTX *pMD5Hash
  4597. )
  4598. {
  4599. BYTE rgbChunk[CSP_TO_BE_HASHED_CHUNK];
  4600. DWORD cbRemaining = cbToBeHashed;
  4601. DWORD cbToRead;
  4602. DWORD dwBytesRead;
  4603. BOOL fRet = FALSE;
  4605. //
  4606. // loop over the file for the specified number of bytes
  4607. // updating the hash as we go.
  4608. //
  4610. while (cbRemaining > 0)
  4611. {
  4612. if (cbRemaining < CSP_TO_BE_HASHED_CHUNK)
  4613. cbToRead = cbRemaining;
  4614. else
  4615. cbToRead = CSP_TO_BE_HASHED_CHUNK;
  4617. if(!ReadFile(hFile, rgbChunk, cbToRead, &dwBytesRead, NULL))
  4618. goto Ret;
  4619. if (dwBytesRead != cbToRead)
  4620. goto Ret;
  4622. MD5Update(pMD5Hash, rgbChunk, dwBytesRead);
  4623. cbRemaining -= cbToRead;
  4624. }
  4626. fRet = TRUE;
  4627. Ret:
  4628. return fRet;
  4629. }
  4631. BOOL HashTheFile(
  4632. LPCWSTR pszImage,
  4633. DWORD cbImage,
  4634. BYTE **ppbSig,
  4635. DWORD *pcbSig,
  4636. BYTE *pbHash
  4637. )
  4638. {
  4639. HMODULE hInst;
  4640. MEMORY_BASIC_INFORMATION MemInfo;
  4641. BYTE *pbRsrcSig;
  4642. DWORD cbRsrcSig;
  4643. BYTE *pbStart = NULL;
  4644. BYTE *pbZeroSig = NULL;
  4645. MD5_CTX MD5Hash;
  4646. BYTE *pbPostCRC; // pointer to just after CRC
  4647. DWORD cbCRCToSig; // number of bytes from CRC to sig
  4648. DWORD cbPostSig; // size - (already hashed + signature size)
  4649. BYTE *pbPostSig;
  4650. DWORD *pdwSigInFileVer;
  4651. DWORD *pdwCRCOffset;
  4652. DWORD dwCRCOffset;
  4653. DWORD dwZeroCRC = 0;
  4654. HANDLE File = INVALID_HANDLE_VALUE ;
  4655. HANDLE hMapping = NULL;
  4656. BOOL fRet = FALSE;
  4658. memset(&MD5Hash, 0, sizeof(MD5Hash));
  4659. memset(&MemInfo, 0, sizeof(MemInfo));
  4661. // Load the file
  4663. File = CreateFileW(
  4664. pszImage,
  4665. GENERIC_READ,
  4666. FILE_SHARE_READ,
  4667. NULL,
  4668. OPEN_EXISTING,
  4669. FILE_ATTRIBUTE_NORMAL,
  4670. NULL );
  4672. if ( File == INVALID_HANDLE_VALUE )
  4673. {
  4674. goto Ret ;
  4675. }
  4677. hMapping = CreateFileMapping( File,
  4678. NULL,
  4679. PAGE_READONLY,
  4680. 0,
  4681. 0,
  4682. NULL);
  4683. if(hMapping == NULL)
  4684. {
  4685. goto Ret;
  4686. }
  4688. pbStart = MapViewOfFile(hMapping,
  4689. FILE_MAP_READ,
  4690. 0,
  4691. 0,
  4692. 0);
  4693. if(pbStart == NULL)
  4694. {
  4695. goto Ret;
  4696. }
  4698. // Convert pointer to HMODULE, using the same scheme as
  4699. // LoadLibrary (windows\base\client\module.c).
  4700. hInst = (HMODULE)((ULONG_PTR)pbStart | 0x00000001);
  4702. // the resources signature
  4703. if (!GetCryptSigResourcePtr(hInst, &pbRsrcSig, &cbRsrcSig))
  4704. goto Ret;
  4706. if (cbRsrcSig < (sizeof(DWORD) * 2))
  4707. goto Ret;
  4709. // check the sig in file version and get the CRC offset
  4710. pdwSigInFileVer = (DWORD*)pbRsrcSig;
  4711. pdwCRCOffset = (DWORD*)(pbRsrcSig + sizeof(DWORD));
  4712. dwCRCOffset = *pdwCRCOffset;
  4713. if ((0x00000100 != *pdwSigInFileVer) || (dwCRCOffset > cbImage))
  4714. goto Ret;
  4716. // create a zero byte signature
  4717. if (NULL == (pbZeroSig = (BYTE*)LocalAlloc(LMEM_ZEROINIT, cbRsrcSig)))
  4718. goto Ret;
  4719. memcpy(pbZeroSig, pbRsrcSig, sizeof(DWORD) * 2);
  4721. pbPostCRC = pbStart + *pdwCRCOffset + sizeof(DWORD);
  4722. cbCRCToSig = (DWORD)(pbRsrcSig - pbPostCRC);
  4723. pbPostSig = pbRsrcSig + cbRsrcSig;
  4724. cbPostSig = (cbImage - (DWORD)(pbPostSig - pbStart));
  4726. // allocate the real signature and copy the resource sig into the real sig
  4727. *pcbSig = cbRsrcSig - (sizeof(DWORD) * 2);
  4728. if (NULL == (*ppbSig = (BYTE*)LocalAlloc(LMEM_ZEROINIT, *pcbSig)))
  4729. goto Ret;
  4731. memcpy(*ppbSig, pbRsrcSig + (sizeof(DWORD) * 2), *pcbSig);
  4733. // hash over the relevant data
  4734. MD5Init(&MD5Hash);
  4736. // hash up to the CRC
  4737. if (!HashBytesOfFile(File, dwCRCOffset, &MD5Hash))
  4738. goto Ret;
  4740. // pretend CRC is zeroed
  4741. MD5Update(&MD5Hash, (BYTE*)&dwZeroCRC, sizeof(DWORD));
  4742. if (!SetFilePointer(File, sizeof(DWORD), NULL, FILE_CURRENT))
  4743. {
  4744. goto Ret;
  4745. }
  4747. // hash from CRC to sig resource
  4748. if (!HashBytesOfFile(File, cbCRCToSig, &MD5Hash))
  4749. goto Ret;
  4751. // pretend image has zeroed sig
  4752. MD5Update(&MD5Hash, pbZeroSig, cbRsrcSig);
  4753. if (!SetFilePointer(File, cbRsrcSig, NULL, FILE_CURRENT))
  4754. {
  4755. goto Ret;
  4756. }
  4758. // hash after the sig resource
  4759. if (!HashBytesOfFile(File, cbPostSig, &MD5Hash))
  4760. goto Ret;
  4762. // Finish the hash
  4763. MD5Final(&MD5Hash);
  4765. memcpy(pbHash, MD5Hash.digest, MD5DIGESTLEN);
  4767. fRet = TRUE;
  4768. Ret:
  4769. if (pbZeroSig)
  4770. LocalFree(pbZeroSig);
  4771. if(pbStart)
  4772. UnmapViewOfFile(pbStart);
  4773. if(hMapping)
  4774. CloseHandle(hMapping);
  4775. if ( File != INVALID_HANDLE_VALUE )
  4776. {
  4777. CloseHandle( File );
  4778. }
  4780. return fRet;
  4781. }
  4784. /*
  4785. - CheckAllSignatures
  4786. -
  4787. * Purpose:
  4788. * Check signature against all keys
  4789. *
  4790. *
  4791. * Returns:
  4792. * BOOL
  4793. */
  4794. BOOL CheckAllSignatures(
  4795. BYTE *pbSig,
  4796. DWORD cbSig,
  4797. BYTE *pbHash,
  4798. BOOL fUnknownLen
  4799. )
  4800. {
  4801. BYTE rgbKey[sizeof(BSAFE_PUB_KEY) + KEYSIZE1024];
  4802. BYTE rgbKey2[sizeof(BSAFE_PUB_KEY) + KEYSIZE1024];
  4803. #ifdef MS_INTERNAL_KEY
  4804. BYTE rgbMSKey[sizeof(BSAFE_PUB_KEY) + KEYSIZE1024];
  4805. #endif
  4806. #ifdef TEST_BUILD_EXPONENT
  4807. BYTE rgbTestKey[sizeof(BSAFE_PUB_KEY) + KEYSIZE512];
  4808. #endif
  4809. BOOL fRet = FALSE;
  4811. // decrypt the keys once for each process
  4812. memcpy(rgbKey, (BYTE*)&KEY, sizeof(BSAFE_PUB_KEY) + KEYSIZE1024);
  4813. EncryptKey(rgbKey, sizeof(BSAFE_PUB_KEY) + KEYSIZE1024, 0);
  4815. #ifdef MS_INTERNAL_KEY
  4816. memcpy(rgbMSKey, (BYTE*)&MSKEY, sizeof(BSAFE_PUB_KEY) + KEYSIZE1024);
  4817. EncryptKey(rgbMSKey, sizeof(BSAFE_PUB_KEY) + KEYSIZE1024, 1);
  4818. #endif
  4819. memcpy(rgbKey2, (BYTE*)&KEY2, sizeof(BSAFE_PUB_KEY) + KEYSIZE1024);
  4820. EncryptKey(rgbKey2, sizeof(BSAFE_PUB_KEY) + KEYSIZE1024, 2);
  4822. #ifdef TEST_BUILD_EXPONENT
  4823. memcpy(rgbTestKey, (BYTE*)&TESTKEY, sizeof(BSAFE_PUB_KEY) + KEYSIZE512);
  4824. EncryptKey(rgbTestKey, sizeof(BSAFE_PUB_KEY) + KEYSIZE512, 3);
  4825. #endif // TEST_BUILD_EXPONENT
  4827. if (CRYPT_SUCCEED == (fRet = CheckSignature(rgbKey, 128, pbSig,
  4828. cbSig, pbHash, fUnknownLen)))
  4829. {
  4830. fRet = TRUE;
  4831. goto Ret;
  4832. }
  4834. #ifdef MS_INTERNAL_KEY
  4835. if (CRYPT_SUCCEED == (fRet = CheckSignature(rgbMSKey, 128, pbSig,
  4836. cbSig, pbHash, fUnknownLen)))
  4837. {
  4838. fRet = TRUE;
  4839. goto Ret;
  4840. }
  4841. #endif
  4843. if (CRYPT_SUCCEED == (fRet = CheckSignature(rgbKey2, 128, pbSig,
  4844. cbSig, pbHash, fUnknownLen)))
  4845. {
  4846. fRet = TRUE;
  4847. goto Ret;
  4848. }
  4850. #ifdef TEST_BUILD_EXPONENT
  4851. if (CRYPT_SUCCEED == (fRet = CheckSignature(rgbTestKey, 64, pbSig,
  4852. cbSig, pbHash, fUnknownLen)))
  4853. {
  4854. fRet = TRUE;
  4855. goto Ret;
  4856. }
  4857. #endif // TEST_BUILD_EXPONENT
  4859. Ret:
  4860. return fRet;
  4861. }
  4863. /*
  4864. - CheckSignatureInFile
  4865. -
  4866. * Purpose:
  4867. * Check signature which is in the resource in the file
  4868. *
  4869. *
  4870. * Parameters:
  4871. * IN pszImage - address of file
  4872. *
  4873. * Returns:
  4874. * BOOL
  4875. */
  4876. BOOL CheckSignatureInFile(
  4877. LPCWSTR pszImage)
  4878. {
  4879. DWORD cbImage;
  4880. BYTE *pbSig = NULL;
  4881. DWORD cbSig;
  4882. BYTE rgbHash[MD5DIGESTLEN];
  4883. BOOL fRet = FALSE;
  4884. WIN32_FILE_ATTRIBUTE_DATA FileData ;
  4885. WCHAR FullName[ MAX_PATH ];
  4886. PWSTR FilePart ;
  4887. SYSTEM_KERNEL_DEBUGGER_INFORMATION KdInfo;
  4888. BYTE rgbMincryptHash[MINCRYPT_MAX_HASH_LEN];
  4889. DWORD cbMincryptHash = MINCRYPT_MAX_HASH_LEN;
  4890. CRYPT_HASH_BLOB HashBlob;
  4891. DWORD dwErr = ERROR_SUCCESS;
  4893. NtQuerySystemInformation(
  4894. SystemKernelDebuggerInformation,
  4895. &KdInfo,
  4896. sizeof(KdInfo),
  4897. NULL);
  4899. // Allow any CSP to load if a Kd is attached
  4900. // and "responsive"
  4901. if ( TRUE == KdInfo.KernelDebuggerEnabled &&
  4902. FALSE == KdInfo.KernelDebuggerNotPresent)
  4903. return TRUE;
  4905. if ( !SearchPathW(NULL,
  4906. pszImage,
  4907. NULL,
  4908. MAX_PATH,
  4909. FullName,
  4910. &FilePart ) )
  4911. {
  4912. goto Ret ;
  4913. }
  4915. //
  4916. // Try new signature check. Use "mincrypt"
  4917. // functionality.
  4918. //
  4919. // Look for valid embedded "signcode" signature
  4920. // in the CSP.
  4921. //
  4922. if (ERROR_SUCCESS == MinCryptVerifySignedFile(
  4923. MINCRYPT_FILE_NAME,
  4924. (PVOID) FullName,
  4925. 0, NULL, NULL, NULL))
  4926. {
  4927. // Valid signature was found.
  4928. return TRUE;
  4929. }
  4931. //
  4932. // The new signcode-style signature checks failed,
  4933. // so revert to legacy resource-based signature check.
  4934. //
  4936. if ( !GetFileAttributesExW( FullName,
  4937. GetFileExInfoStandard,
  4938. &FileData ) )
  4939. {
  4940. goto Ret ;
  4941. }
  4943. if ( FileData.nFileSizeHigh )
  4944. {
  4945. goto Ret ;
  4946. }
  4948. cbImage = FileData.nFileSizeLow ;
  4950. if (!HashTheFile(FullName, cbImage, &pbSig, &cbSig, rgbHash))
  4951. goto Ret;
  4953. // check signature against all public keys
  4954. if (!CheckAllSignatures(pbSig, cbSig, rgbHash, FALSE))
  4955. goto Ret;
  4957. fRet = TRUE;
  4958. Ret:
  4959. if (pbSig)
  4960. LocalFree(pbSig);
  4962. return fRet;
  4963. }
  4965. /*
  4966. - NewVerifyImage
  4967. -
  4968. * Purpose:
  4969. * Check signature of file
  4970. *
  4971. *
  4972. * Parameters:
  4973. * IN lpszImage - address of file
  4974. * IN pSigData - address of signature data
  4975. * IN cbSig - length of signature data
  4976. * IN fUnknownLen - BOOL to tell if length is not passed in
  4977. *
  4978. * Returns:
  4979. * BOOL
  4980. */
  4981. BOOL NewVerifyImage(LPCSTR lpszImage,
  4982. BYTE *pSigData,
  4983. DWORD cbSig,
  4984. BOOL fUnknownLen)
  4985. {
  4986. HFILE hFileProv = HFILE_ERROR;
  4987. DWORD NumBytes;
  4988. DWORD lpdwFileSizeHigh;
  4989. MD5_CTX HashState;
  4990. OFSTRUCT ImageInfoBuf;
  4991. BOOL fRet = CRYPT_FAILED;
  4993. memset(&HashState, 0, sizeof(HashState));
  4995. if (HFILE_ERROR == (hFileProv = OpenFile(lpszImage, &ImageInfoBuf,
  4996. OF_READ)))
  4997. {
  4998. SetLastError((DWORD) NTE_PROV_DLL_NOT_FOUND);
  4999. goto Ret;
  5000. }
  5002. if (0xffffffff == (NumBytes = GetFileSize((HANDLE)IntToPtr(hFileProv),
  5003. &lpdwFileSizeHigh)))
  5004. {
  5005. SetLastError((DWORD) NTE_SIGNATURE_FILE_BAD);
  5006. goto Ret;
  5007. }
  5009. MD5Init(&HashState);
  5011. if (!HashBytesOfFile((HANDLE)IntToPtr(hFileProv), NumBytes, &HashState))
  5012. {
  5013. SetLastError((DWORD) NTE_SIGNATURE_FILE_BAD);
  5014. goto Ret;
  5015. }
  5016. MD5Final(&HashState);
  5018. // check the signature against all keys
  5019. if (!CheckAllSignatures(pSigData, cbSig, HashState.digest, fUnknownLen))
  5020. {
  5021. SetLastError((DWORD) NTE_BAD_SIGNATURE);
  5022. goto Ret;
  5023. }
  5024. fRet = TRUE;
  5025. Ret:
  5026. if (HFILE_ERROR != hFileProv)
  5027. _lclose(hFileProv);
  5029. return fRet;
  5030. }
  5032. /*
  5033. - CProvVerifyImage
  5034. -
  5035. * Purpose:
  5036. * Check signature of file
  5037. *
  5038. *
  5039. * Parameters:
  5040. * IN lpszImage - address of file
  5041. * IN lpSigData - address of signature data
  5042. *
  5043. * Returns:
  5044. * BOOL
  5045. */
  5046. BOOL CProvVerifyImage(LPCSTR lpszImage,
  5047. BYTE *pSigData)
  5048. {
  5049. UNICODE_STRING String ;
  5050. BOOL Result ;
  5052. if (NULL == pSigData)
  5053. {
  5054. if ( RtlCreateUnicodeStringFromAsciiz( &String, lpszImage ) )
  5055. {
  5056. Result = CheckSignatureInFile( String.Buffer );
  5058. RtlFreeUnicodeString( &String );
  5059. }
  5060. else
  5061. {
  5062. Result = FALSE ;
  5063. }
  5064. }
  5065. else
  5066. {
  5067. Result = NewVerifyImage(lpszImage, pSigData, 0, TRUE);
  5068. }
  5070. return Result;
  5071. }
  5073. /*
  5074. - CPReturnhWnd
  5075. -
  5076. * Purpose:
  5077. * Return a window handle back to a CSP
  5078. *
  5079. *
  5080. * Parameters:
  5081. * OUT phWnd - pointer to a hWnd to return
  5082. *
  5083. * Returns:
  5084. * void
  5085. */
  5086. void CPReturnhWnd(HWND *phWnd)
  5087. {
  5088. __try
  5089. {
  5091. *phWnd = hWnd;
  5093. } __except ( CapiExceptionFilter )
  5094. { ; }
  5096. return;
  5097. }
  5099. static void __ltoa(DWORD val, char *buf)
  5100. {
  5101. char *p; /* pointer to traverse string */
  5102. char *firstdig; /* pointer to first digit */
  5103. char temp; /* temp char */
  5104. unsigned digval; /* value of digit */
  5105. int i;
  5107. p = buf;
  5109. firstdig = p; /* save pointer to first digit */
  5111. for (i = 0; i < 8; i++) {
  5112. digval = (unsigned) (val % 10);
  5113. val /= 10; /* get next digit */
  5115. /* convert to ascii and store */
  5116. *p++ = (char) (digval + '0'); /* a digit */
  5117. }
  5119. /* We now have the digit of the number in the buffer, but in reverse
  5120. order. Thus we reverse them now. */
  5122. *p-- = '\0'; /* terminate string; p points to last digit */
  5124. do {
  5125. temp = *p;
  5126. *p = *firstdig;
  5127. *firstdig = temp; /* swap *p and *firstdig */
  5128. --p;
  5129. ++firstdig; /* advance to next two digits */
  5130. } while (firstdig < p); /* repeat until halfway */
  5131. }