archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/base/lsa/crypt/dll/block.c

425 lines
8.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. block.c
  9. Abstract:
  11. Block encryption functions implementation :
  13. RtlEncryptBlock
  14. RtlDecryptBlock
  15. RtlEncrypStdBlock
  18. Author:
  20. David Chalmers (Davidc) 10-21-91
  22. Revision History:
  24. Scott Field (sfield) 03-Nov-97
  25. Removed critical section around crypto calls.
  27. --*/
  29. #include <nt.h>
  30. #include <ntrtl.h>
  31. #include <crypt.h>
  32. #include <engine.h>
  34. #include <nturtl.h>
  36. #include <windows.h>
  38. #include <ntddksec.h>
  40. #ifndef KMODE
  42. HANDLE g_hKsecDD = NULL;
  44. VOID EncryptMemoryShutdown( VOID );
  46. #endif
  48. BOOLEAN
  49. Sys003Initialize(
  50. IN PVOID hmod,
  51. IN ULONG Reason,
  52. IN PCONTEXT Context
  53. )
  54. {
  55. #ifndef KMODE
  56. if( Reason == DLL_PROCESS_DETACH )
  57. {
  58. EncryptMemoryShutdown();
  59. }
  60. #endif
  62. return TRUE;
  64. DBG_UNREFERENCED_PARAMETER(hmod);
  65. DBG_UNREFERENCED_PARAMETER(Context);
  66. }
  70. NTSTATUS
  71. RtlEncryptBlock(
  72. IN PCLEAR_BLOCK ClearBlock,
  73. IN PBLOCK_KEY BlockKey,
  74. OUT PCYPHER_BLOCK CypherBlock
  75. )
  77. /*++
  79. Routine Description:
  81. Takes a block of data and encrypts it with a key producing
  82. an encrypted block of data.
  84. Arguments:
  86. ClearBlock - The block of data that is to be encrypted.
  88. BlockKey - The key to use to encrypt data
  90. CypherBlock - Encrypted data is returned here
  92. Return Values:
  94. STATUS_SUCCESS - The data was encrypted successfully. The encrypted
  95. data block is in CypherBlock
  97. STATUS_UNSUCCESSFUL - Something failed. The CypherBlock is undefined.
  98. --*/
  100. {
  101. unsigned Result;
  103. Result = DES_ECB_LM(ENCR_KEY,
  104. (const char *)BlockKey,
  105. (unsigned char *)ClearBlock,
  106. (unsigned char *)CypherBlock
  107. );
  109. if (Result == CRYPT_OK) {
  110. return(STATUS_SUCCESS);
  111. } else {
  112. #if DBG
  113. DbgPrint("EncryptBlock failed\n\r");
  114. #endif
  115. return(STATUS_UNSUCCESSFUL);
  116. }
  117. }
  122. NTSTATUS
  123. RtlDecryptBlock(
  124. IN PCYPHER_BLOCK CypherBlock,
  125. IN PBLOCK_KEY BlockKey,
  126. OUT PCLEAR_BLOCK ClearBlock
  127. )
  128. /*++
  130. Routine Description:
  132. Takes a block of encrypted data and decrypts it with a key producing
  133. the clear block of data.
  135. Arguments:
  137. CypherBlock - The block of data to be decrypted
  139. BlockKey - The key to use to decrypt data
  141. ClearBlock - The decrpted block of data is returned here
  144. Return Values:
  146. STATUS_SUCCESS - The data was decrypted successfully. The decrypted
  147. data block is in ClearBlock
  149. STATUS_UNSUCCESSFUL - Something failed. The ClearBlock is undefined.
  150. --*/
  152. {
  153. unsigned Result;
  155. Result = DES_ECB_LM(DECR_KEY,
  156. (const char *)BlockKey,
  157. (unsigned char *)CypherBlock,
  158. (unsigned char *)ClearBlock
  159. );
  161. if (Result == CRYPT_OK) {
  162. return(STATUS_SUCCESS);
  163. } else {
  164. #if DBG
  165. DbgPrint("DecryptBlock failed\n\r");
  166. #endif
  167. return(STATUS_UNSUCCESSFUL);
  168. }
  169. }
  173. NTSTATUS
  174. RtlEncryptStdBlock(
  175. IN PBLOCK_KEY BlockKey,
  176. OUT PCYPHER_BLOCK CypherBlock
  177. )
  179. /*++
  181. Routine Description:
  183. Takes a block key encrypts the standard text block with it.
  184. The resulting encrypted block is returned.
  185. This is a One-Way-Function - the key cannot be recovered from the
  186. encrypted data block.
  188. Arguments:
  190. BlockKey - The key to use to encrypt the standard text block.
  192. CypherBlock - The encrypted data is returned here
  194. Return Values:
  196. STATUS_SUCCESS - The encryption was successful.
  197. The result is in CypherBlock
  199. STATUS_UNSUCCESSFUL - Something failed. The CypherBlock is undefined.
  200. --*/
  202. {
  203. unsigned Result;
  204. char StdEncrPwd[] = "KGS!@#$%";
  206. Result = DES_ECB_LM(ENCR_KEY,
  207. (const char *)BlockKey,
  208. (unsigned char *)StdEncrPwd,
  209. (unsigned char *)CypherBlock
  210. );
  212. if (Result == CRYPT_OK) {
  213. return(STATUS_SUCCESS);
  214. } else {
  215. #if DBG
  216. DbgPrint("EncryptStd failed\n\r");
  217. #endif
  218. return(STATUS_UNSUCCESSFUL);
  219. }
  220. }
  222. #ifndef KMODE
  224. BOOLEAN
  225. EncryptMemoryInitialize(
  226. VOID
  227. )
  228. {
  229. UNICODE_STRING DriverName;
  230. OBJECT_ATTRIBUTES ObjA;
  231. IO_STATUS_BLOCK IOSB;
  232. HANDLE hFile;
  233. NTSTATUS Status;
  235. RtlInitUnicodeString( &DriverName, DD_KSEC_DEVICE_NAME_U );
  236. InitializeObjectAttributes(
  237. &ObjA,
  238. &DriverName,
  239. 0,
  240. NULL,
  241. NULL
  242. );
  244. //
  245. // needs to be non-alertable, else, the DeviceIoControl may return
  246. // STATUS_USER_APC.
  247. //
  249. Status = NtOpenFile(
  250. &hFile,
  251. SYNCHRONIZE | FILE_READ_DATA,
  252. &ObjA,
  253. &IOSB,
  254. FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
  255. FILE_SYNCHRONOUS_IO_NONALERT
  256. );
  258. if(!NT_SUCCESS(Status))
  259. {
  260. return FALSE;
  261. }
  263. if(InterlockedCompareExchangePointer(
  264. &g_hKsecDD,
  265. hFile,
  266. NULL
  267. ) != NULL)
  268. {
  269. NtClose( hFile );
  270. }
  272. return TRUE;
  273. }
  275. VOID
  276. EncryptMemoryShutdown(
  277. VOID
  278. )
  279. {
  280. if( g_hKsecDD != NULL )
  281. {
  282. NtClose( g_hKsecDD );
  283. g_hKsecDD = NULL;
  284. }
  286. }
  288. NTSTATUS
  289. RtlEncryptMemory(
  290. IN PVOID Memory,
  291. IN ULONG MemorySize,
  292. IN ULONG OptionFlags
  293. )
  294. {
  295. IO_STATUS_BLOCK IoStatus;
  296. ULONG IoControlCode;
  297. NTSTATUS Status;
  299. if( g_hKsecDD == NULL )
  300. {
  301. if(!EncryptMemoryInitialize())
  302. {
  303. return STATUS_UNSUCCESSFUL;
  304. }
  305. }
  307. switch( OptionFlags )
  308. {
  309. case 0:
  310. {
  311. IoControlCode = IOCTL_KSEC_ENCRYPT_MEMORY;
  312. break;
  313. }
  315. case RTL_ENCRYPT_OPTION_CROSS_PROCESS:
  316. {
  317. IoControlCode = IOCTL_KSEC_ENCRYPT_MEMORY_CROSS_PROC;
  318. break;
  319. }
  321. case RTL_ENCRYPT_OPTION_SAME_LOGON:
  322. {
  323. IoControlCode = IOCTL_KSEC_ENCRYPT_MEMORY_SAME_LOGON;
  324. break;
  325. }
  327. default:
  328. {
  329. return STATUS_INVALID_PARAMETER;
  330. }
  331. }
  333. Status = NtDeviceIoControlFile(
  334. g_hKsecDD,
  335. NULL,
  336. NULL,
  337. NULL,
  338. &IoStatus,
  339. IoControlCode,
  340. Memory,
  341. MemorySize, // output buffer size
  342. Memory,
  343. MemorySize
  344. );
  345. #if DBG
  346. if((Status != 0) && (Status != STATUS_INVALID_PARAMETER))
  347. {
  348. KdPrint(("EncryptMemory IOCTL failed= 0x%lx\n\r", Status));
  349. }
  350. #endif
  352. return Status;
  353. }
  355. NTSTATUS
  356. RtlDecryptMemory(
  357. IN PVOID Memory,
  358. IN ULONG MemorySize,
  359. IN ULONG OptionFlags
  360. )
  361. {
  362. IO_STATUS_BLOCK IoStatus;
  363. ULONG IoControlCode;
  364. NTSTATUS Status;
  366. if( g_hKsecDD == NULL )
  367. {
  368. if(!EncryptMemoryInitialize())
  369. {
  370. return STATUS_UNSUCCESSFUL;
  371. }
  372. }
  374. switch( OptionFlags )
  375. {
  376. case 0:
  377. {
  378. IoControlCode = IOCTL_KSEC_DECRYPT_MEMORY;
  379. break;
  380. }
  382. case RTL_ENCRYPT_OPTION_CROSS_PROCESS:
  383. {
  384. IoControlCode = IOCTL_KSEC_DECRYPT_MEMORY_CROSS_PROC;
  385. break;
  386. }
  388. case RTL_ENCRYPT_OPTION_SAME_LOGON:
  389. {
  390. IoControlCode = IOCTL_KSEC_DECRYPT_MEMORY_SAME_LOGON;
  391. break;
  392. }
  394. default:
  395. {
  396. return STATUS_INVALID_PARAMETER;
  397. }
  398. }
  400. Status = NtDeviceIoControlFile(
  401. g_hKsecDD,
  402. NULL,
  403. NULL,
  404. NULL,
  405. &IoStatus,
  406. IoControlCode,
  407. Memory,
  408. MemorySize, // output buffer size
  409. Memory,
  410. MemorySize
  411. );
  413. #if DBG
  414. if((Status != 0) && (Status != STATUS_INVALID_PARAMETER))
  415. {
  416. KdPrint(("DecryptMemory IOCTL failed= 0x%lx\n\r", Status));
  417. }
  418. #endif
  421. return Status;
  423. }
  425. #endif