archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/pchealth/core/include/crypt.h

603 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // File: crypt.h
  4. //
  5. // Contents: Functions that had to be mostly borrowed from NT src tree
  6. //
  7. // History: SudK Created 6/25/95
  8. //
  9. //----------------------------------------------------------------------------
  10. #ifndef _NTCRYPT_
  11. #define _NTCRYPT_
  13. #ifndef MIDL_PASS // Don't confuse MIDL
  15. #ifndef RPC_NO_WINDOWS_H // Don't let rpc.h include windows.h
  16. #define RPC_NO_WINDOWS_H
  17. #endif // RPC_NO_WINDOWS_H
  19. #ifndef WIN16_BUILD
  20. #include <rpc.h>
  21. #else
  22. #define NTAPI FAR PASCAL
  23. #define IN
  24. #define OUT
  25. #define BOOLEAN BOOL
  26. #define OPTIONAL
  27. #define NTSYSAPI
  28. #endif
  30. #endif // MIDL_PASS
  33. /////////////////////////////////////////////////////////////////////////
  34. // //
  35. // Core encryption types //
  36. // //
  37. /////////////////////////////////////////////////////////////////////////
  40. #define CLEAR_BLOCK_LENGTH 8
  42. typedef struct _CLEAR_BLOCK {
  43. CHAR data[CLEAR_BLOCK_LENGTH];
  44. } CLEAR_BLOCK;
  45. typedef CLEAR_BLOCK * PCLEAR_BLOCK;
  48. #define CYPHER_BLOCK_LENGTH 8
  50. typedef struct _CYPHER_BLOCK {
  51. CHAR data[CYPHER_BLOCK_LENGTH];
  52. } CYPHER_BLOCK;
  53. typedef CYPHER_BLOCK * PCYPHER_BLOCK;
  56. #define BLOCK_KEY_LENGTH 7
  58. typedef struct _BLOCK_KEY {
  59. CHAR data[BLOCK_KEY_LENGTH];
  60. } BLOCK_KEY;
  61. typedef BLOCK_KEY * PBLOCK_KEY;
  66. /////////////////////////////////////////////////////////////////////////
  67. // //
  68. // Arbitrary length data encryption types //
  69. // //
  70. /////////////////////////////////////////////////////////////////////////
  72. typedef struct _CRYPT_BUFFER {
  73. ULONG Length; // Number of valid bytes in buffer
  74. ULONG MaximumLength; // Number of bytes pointed to by Buffer
  75. PVOID Buffer;
  76. } CRYPT_BUFFER;
  77. typedef CRYPT_BUFFER * PCRYPT_BUFFER;
  79. typedef CRYPT_BUFFER CLEAR_DATA;
  80. typedef CLEAR_DATA * PCLEAR_DATA;
  82. typedef CRYPT_BUFFER DATA_KEY;
  83. typedef DATA_KEY * PDATA_KEY;
  85. typedef CRYPT_BUFFER CYPHER_DATA;
  86. typedef CYPHER_DATA * PCYPHER_DATA;
  90. /////////////////////////////////////////////////////////////////////////
  91. // //
  92. // Lan Manager data types //
  93. // //
  94. /////////////////////////////////////////////////////////////////////////
  97. //
  98. // Define a LanManager compatible password
  99. //
  100. // A LanManager password is a null-terminated ansi string consisting of a
  101. // maximum of 14 characters (not including terminator)
  102. //
  104. typedef CHAR * PLM_PASSWORD;
  108. //
  109. // Define the result of the 'One Way Function' (OWF) on a LM password
  110. //
  112. #define LM_OWF_PASSWORD_LENGTH (CYPHER_BLOCK_LENGTH * 2)
  114. typedef struct _LM_OWF_PASSWORD {
  115. CYPHER_BLOCK data[2];
  116. } LM_OWF_PASSWORD;
  117. typedef LM_OWF_PASSWORD * PLM_OWF_PASSWORD;
  121. //
  122. // Define the challenge sent by the Lanman server during logon
  123. //
  125. #define LM_CHALLENGE_LENGTH CLEAR_BLOCK_LENGTH
  127. typedef CLEAR_BLOCK LM_CHALLENGE;
  128. typedef LM_CHALLENGE * PLM_CHALLENGE;
  132. //
  133. // Define the response sent by redirector in response to challenge from server
  134. //
  136. #define LM_RESPONSE_LENGTH (CYPHER_BLOCK_LENGTH * 3)
  138. typedef struct _LM_RESPONSE {
  139. CYPHER_BLOCK data[3];
  140. } LM_RESPONSE;
  141. typedef LM_RESPONSE * PLM_RESPONSE;
  145. //
  146. // Define the result of the reversible encryption of an OWF'ed password.
  147. //
  149. #define ENCRYPTED_LM_OWF_PASSWORD_LENGTH (CYPHER_BLOCK_LENGTH * 2)
  151. typedef struct _ENCRYPTED_LM_OWF_PASSWORD {
  152. CYPHER_BLOCK data[2];
  153. } ENCRYPTED_LM_OWF_PASSWORD;
  154. typedef ENCRYPTED_LM_OWF_PASSWORD * PENCRYPTED_LM_OWF_PASSWORD;
  158. //
  159. // Define the session key maintained by the redirector and server
  160. //
  162. #define LM_SESSION_KEY_LENGTH LM_CHALLENGE_LENGTH
  164. typedef LM_CHALLENGE LM_SESSION_KEY;
  165. typedef LM_SESSION_KEY * PLM_SESSION_KEY;
  169. //
  170. // Define the index type used to encrypt OWF Passwords
  171. //
  173. typedef LONG CRYPT_INDEX;
  174. typedef CRYPT_INDEX * PCRYPT_INDEX;
  178. /////////////////////////////////////////////////////////////////////////
  179. // //
  180. // 'NT' encryption types that are used to duplicate existing LM //
  181. // functionality with improved algorithms. //
  182. // //
  183. /////////////////////////////////////////////////////////////////////////
  186. typedef UNICODE_STRING NT_PASSWORD;
  187. typedef NT_PASSWORD * PNT_PASSWORD;
  190. #define NT_OWF_PASSWORD_LENGTH LM_OWF_PASSWORD_LENGTH
  192. typedef LM_OWF_PASSWORD NT_OWF_PASSWORD;
  193. typedef NT_OWF_PASSWORD * PNT_OWF_PASSWORD;
  196. #define NT_CHALLENGE_LENGTH LM_CHALLENGE_LENGTH
  198. typedef LM_CHALLENGE NT_CHALLENGE;
  199. typedef NT_CHALLENGE * PNT_CHALLENGE;
  202. #define NT_RESPONSE_LENGTH LM_RESPONSE_LENGTH
  204. typedef LM_RESPONSE NT_RESPONSE;
  205. typedef NT_RESPONSE * PNT_RESPONSE;
  208. #define ENCRYPTED_NT_OWF_PASSWORD_LENGTH ENCRYPTED_LM_OWF_PASSWORD_LENGTH
  210. typedef ENCRYPTED_LM_OWF_PASSWORD ENCRYPTED_NT_OWF_PASSWORD;
  211. typedef ENCRYPTED_NT_OWF_PASSWORD * PENCRYPTED_NT_OWF_PASSWORD;
  214. #define NT_SESSION_KEY_LENGTH LM_SESSION_KEY_LENGTH
  216. typedef LM_SESSION_KEY NT_SESSION_KEY;
  217. typedef NT_SESSION_KEY * PNT_SESSION_KEY;
  221. /////////////////////////////////////////////////////////////////////////
  222. // //
  223. // 'NT' encryption types for new functionality not present in LM //
  224. // //
  225. /////////////////////////////////////////////////////////////////////////
  228. //
  229. // The user session key is similar to the LM and NT session key except it
  230. // is different for each user on the system. This allows it to be used
  231. // for secure user communication with a server.
  232. //
  233. #define USER_SESSION_KEY_LENGTH (CYPHER_BLOCK_LENGTH * 2)
  235. typedef struct _USER_SESSION_KEY {
  236. CYPHER_BLOCK data[2];
  237. } USER_SESSION_KEY;
  238. typedef USER_SESSION_KEY * PUSER_SESSION_KEY;
  242. ////////////////////////////////////////////////////////////////////////////
  243. // //
  244. // Encryption library API macros //
  245. // //
  246. // To conceal the purpose of these functions to someone dumping out the //
  247. // encryption dll they have been purposefully given unhelpful names. //
  248. // Each has an associated macro that should be used by system components //
  249. // to access these routines in a readable way. //
  250. // //
  251. ////////////////////////////////////////////////////////////////////////////
  253. #define RtlEncryptBlock SystemFunction001
  254. #define RtlDecryptBlock SystemFunction002
  255. #define RtlEncryptStdBlock SystemFunction003
  256. #define RtlEncryptData SystemFunction004
  257. #define RtlDecryptData SystemFunction005
  258. #define RtlCalculateLmOwfPassword SystemFunction006
  259. #define RtlCalculateNtOwfPassword SystemFunction007
  260. #define RtlCalculateLmResponse SystemFunction008
  261. #define RtlCalculateNtResponse SystemFunction009
  262. #define RtlCalculateUserSessionKeyLm SystemFunction010
  263. #define RtlCalculateUserSessionKeyNt SystemFunction011
  264. #define RtlEncryptLmOwfPwdWithLmOwfPwd SystemFunction012
  265. #define RtlDecryptLmOwfPwdWithLmOwfPwd SystemFunction013
  266. #define RtlEncryptNtOwfPwdWithNtOwfPwd SystemFunction014
  267. #define RtlDecryptNtOwfPwdWithNtOwfPwd SystemFunction015
  268. #define RtlEncryptLmOwfPwdWithLmSesKey SystemFunction016
  269. #define RtlDecryptLmOwfPwdWithLmSesKey SystemFunction017
  270. #define RtlEncryptNtOwfPwdWithNtSesKey SystemFunction018
  271. #define RtlDecryptNtOwfPwdWithNtSesKey SystemFunction019
  272. #define RtlEncryptLmOwfPwdWithUserKey SystemFunction020
  273. #define RtlDecryptLmOwfPwdWithUserKey SystemFunction021
  274. #define RtlEncryptNtOwfPwdWithUserKey SystemFunction022
  275. #define RtlDecryptNtOwfPwdWithUserKey SystemFunction023
  276. #define RtlEncryptLmOwfPwdWithIndex SystemFunction024
  277. #define RtlDecryptLmOwfPwdWithIndex SystemFunction025
  278. #define RtlEncryptNtOwfPwdWithIndex SystemFunction026
  279. #define RtlDecryptNtOwfPwdWithIndex SystemFunction027
  280. #define RtlGetUserSessionKeyClient SystemFunction028
  281. #define RtlGetUserSessionKeyServer SystemFunction029
  282. #define RtlEqualLmOwfPassword SystemFunction030
  283. #define RtlEqualNtOwfPassword SystemFunction031
  284. #define RtlEncryptData2 SystemFunction032
  285. #define RtlDecryptData2 SystemFunction033
  288. ////////////////////////////////////////////////////////////////////////////
  289. // //
  290. // Encryption library API function prototypes //
  291. // //
  292. ////////////////////////////////////////////////////////////////////////////
  295. //
  296. // Core block encryption functions
  297. //
  299. NTSTATUS
  300. NTAPI
  301. RtlEncryptBlock(
  302. IN PCLEAR_BLOCK ClearBlock,
  303. IN PBLOCK_KEY BlockKey,
  304. OUT PCYPHER_BLOCK CypherBlock
  305. );
  307. NTSTATUS
  308. NTAPI
  309. RtlDecryptBlock(
  310. IN PCYPHER_BLOCK CypherBlock,
  311. IN PBLOCK_KEY BlockKey,
  312. OUT PCLEAR_BLOCK ClearBlock
  313. );
  315. NTSTATUS
  316. RtlEncryptStdBlock(
  317. IN PBLOCK_KEY BlockKey,
  318. OUT PCYPHER_BLOCK CypherBlock
  319. );
  321. //
  322. // Arbitrary length data encryption functions
  323. //
  325. NTSTATUS
  326. NTAPI
  327. RtlEncryptData(
  328. IN PCLEAR_DATA ClearData,
  329. IN PDATA_KEY DataKey,
  330. OUT PCYPHER_DATA CypherData
  331. );
  333. NTSTATUS
  334. NTAPI
  335. RtlDecryptData(
  336. IN PCYPHER_DATA CypherData,
  337. IN PDATA_KEY DataKey,
  338. OUT PCLEAR_DATA ClearData
  339. );
  341. //
  342. // Faster arbitrary length data encryption functions (using RC4)
  343. //
  345. NTSTATUS
  346. RtlEncryptData2(
  347. IN OUT PCRYPT_BUFFER pData,
  348. IN PDATA_KEY pKey
  349. );
  351. NTSTATUS
  352. RtlDecryptData2(
  353. IN OUT PCRYPT_BUFFER pData,
  354. IN PDATA_KEY pKey
  355. );
  357. //
  358. // Password hashing functions (One Way Function)
  359. //
  361. NTSTATUS
  362. NTAPI
  363. RtlCalculateLmOwfPassword(
  364. IN PLM_PASSWORD LmPassword,
  365. OUT PLM_OWF_PASSWORD LmOwfPassword
  366. );
  368. NTSTATUS
  369. NTAPI
  370. RtlCalculateNtOwfPassword(
  371. IN PNT_PASSWORD NtPassword,
  372. OUT PNT_OWF_PASSWORD NtOwfPassword
  373. );
  377. //
  378. // OWF password comparison functions
  379. //
  381. BOOLEAN
  382. RtlEqualLmOwfPassword(
  383. IN PLM_OWF_PASSWORD LmOwfPassword1,
  384. IN PLM_OWF_PASSWORD LmOwfPassword2
  385. );
  387. BOOLEAN
  388. RtlEqualNtOwfPassword(
  389. IN PNT_OWF_PASSWORD NtOwfPassword1,
  390. IN PNT_OWF_PASSWORD NtOwfPassword2
  391. );
  395. //
  396. // Functions for calculating response to server challenge
  397. //
  399. NTSTATUS
  400. NTAPI
  401. RtlCalculateLmResponse(
  402. IN PLM_CHALLENGE LmChallenge,
  403. IN PLM_OWF_PASSWORD LmOwfPassword,
  404. OUT PLM_RESPONSE LmResponse
  405. );
  408. NTSTATUS
  409. NTAPI
  410. RtlCalculateNtResponse(
  411. IN PNT_CHALLENGE NtChallenge,
  412. IN PNT_OWF_PASSWORD NtOwfPassword,
  413. OUT PNT_RESPONSE NtResponse
  414. );
  419. //
  420. // Functions for calculating User Session Key.
  421. //
  423. //
  424. // Calculate a User Session Key from LM data
  425. //
  426. NTSTATUS
  427. RtlCalculateUserSessionKeyLm(
  428. IN PLM_RESPONSE LmResponse,
  429. IN PLM_OWF_PASSWORD LmOwfPassword,
  430. OUT PUSER_SESSION_KEY UserSessionKey
  431. );
  433. //
  434. // Calculate a User Session Key from NT data
  435. //
  436. NTSTATUS
  437. NTAPI
  438. RtlCalculateUserSessionKeyNt(
  439. IN PNT_RESPONSE NtResponse,
  440. IN PNT_OWF_PASSWORD NtOwfPassword,
  441. OUT PUSER_SESSION_KEY UserSessionKey
  442. );
  448. //
  449. // OwfPassword encryption functions
  450. //
  453. //
  454. // Encrypt OwfPassword using OwfPassword as the key
  455. //
  456. NTSTATUS
  457. RtlEncryptLmOwfPwdWithLmOwfPwd(
  458. IN PLM_OWF_PASSWORD DataLmOwfPassword,
  459. IN PLM_OWF_PASSWORD KeyLmOwfPassword,
  460. OUT PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword
  461. );
  463. NTSTATUS
  464. RtlDecryptLmOwfPwdWithLmOwfPwd(
  465. IN PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword,
  466. IN PLM_OWF_PASSWORD KeyLmOwfPassword,
  467. OUT PLM_OWF_PASSWORD DataLmOwfPassword
  468. );
  471. NTSTATUS
  472. RtlEncryptNtOwfPwdWithNtOwfPwd(
  473. IN PNT_OWF_PASSWORD DataNtOwfPassword,
  474. IN PNT_OWF_PASSWORD KeyNtOwfPassword,
  475. OUT PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword
  476. );
  478. NTSTATUS
  479. RtlDecryptNtOwfPwdWithNtOwfPwd(
  480. IN PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword,
  481. IN PNT_OWF_PASSWORD KeyNtOwfPassword,
  482. OUT PNT_OWF_PASSWORD DataNtOwfPassword
  483. );
  486. //
  487. // Encrypt OwfPassword using SessionKey as the key
  488. //
  489. NTSTATUS
  490. RtlEncryptLmOwfPwdWithLmSesKey(
  491. IN PLM_OWF_PASSWORD LmOwfPassword,
  492. IN PLM_SESSION_KEY LmSessionKey,
  493. OUT PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword
  494. );
  496. NTSTATUS
  497. RtlDecryptLmOwfPwdWithLmSesKey(
  498. IN PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword,
  499. IN PLM_SESSION_KEY LmSessionKey,
  500. OUT PLM_OWF_PASSWORD LmOwfPassword
  501. );
  504. NTSTATUS
  505. RtlEncryptNtOwfPwdWithNtSesKey(
  506. IN PNT_OWF_PASSWORD NtOwfPassword,
  507. IN PNT_SESSION_KEY NtSessionKey,
  508. OUT PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword
  509. );
  511. NTSTATUS
  512. RtlDecryptNtOwfPwdWithNtSesKey(
  513. IN PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword,
  514. IN PNT_SESSION_KEY NtSessionKey,
  515. OUT PNT_OWF_PASSWORD NtOwfPassword
  516. );
  519. //
  520. // Encrypt OwfPassword using UserSessionKey as the key
  521. //
  522. NTSTATUS
  523. RtlEncryptLmOwfPwdWithUserKey(
  524. IN PLM_OWF_PASSWORD LmOwfPassword,
  525. IN PUSER_SESSION_KEY UserSessionKey,
  526. OUT PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword
  527. );
  529. NTSTATUS
  530. RtlDecryptLmOwfPwdWithUserKey(
  531. IN PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword,
  532. IN PUSER_SESSION_KEY UserSessionKey,
  533. OUT PLM_OWF_PASSWORD LmOwfPassword
  534. );
  536. NTSTATUS
  537. RtlEncryptNtOwfPwdWithUserKey(
  538. IN PNT_OWF_PASSWORD NtOwfPassword,
  539. IN PUSER_SESSION_KEY UserSessionKey,
  540. OUT PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword
  541. );
  543. NTSTATUS
  544. RtlDecryptNtOwfPwdWithUserKey(
  545. IN PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword,
  546. IN PUSER_SESSION_KEY UserSessionKey,
  547. OUT PNT_OWF_PASSWORD NtOwfPassword
  548. );
  551. //
  552. // Encrypt OwfPassword using an index as the key
  553. //
  554. NTSTATUS
  555. RtlEncryptLmOwfPwdWithIndex(
  556. IN PLM_OWF_PASSWORD LmOwfPassword,
  557. IN PCRYPT_INDEX Index,
  558. OUT PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword
  559. );
  561. NTSTATUS
  562. RtlDecryptLmOwfPwdWithIndex(
  563. IN PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword,
  564. IN PCRYPT_INDEX Index,
  565. OUT PLM_OWF_PASSWORD LmOwfPassword
  566. );
  569. NTSTATUS
  570. RtlEncryptNtOwfPwdWithIndex(
  571. IN PNT_OWF_PASSWORD NtOwfPassword,
  572. IN PCRYPT_INDEX Index,
  573. OUT PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword
  574. );
  576. NTSTATUS
  577. RtlDecryptNtOwfPwdWithIndex(
  578. IN PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword,
  579. IN PCRYPT_INDEX Index,
  580. OUT PNT_OWF_PASSWORD NtOwfPassword
  581. );
  584. //
  585. // Get the user session key for an RPC connection
  586. //
  588. #ifndef MIDL_PASS // Don't confuse MIDL
  589. NTSTATUS
  590. RtlGetUserSessionKeyClient(
  591. IN PVOID RpcContextHandle OPTIONAL,
  592. OUT PUSER_SESSION_KEY UserSessionKey
  593. );
  595. NTSTATUS
  596. RtlGetUserSessionKeyServer(
  597. IN PVOID RpcContextHandle OPTIONAL,
  598. OUT PUSER_SESSION_KEY UserSessionKey
  599. );
  600. #endif // MIDL_PASS
  602. #endif // _NTCRYPT_