|
|
/*++
Copyright (C) Microsoft Corporation, 1999 - 1999
Module Name:
pwdui.c
Abstract:
This module contains routines for displaying Data Protection API related UI, originating from client process address space.
For the future, there is support planned for causing UI to originate from the secure desktop, via Secure Authentication Sequence (SAS).
Author:
Scott Field (sfield) 12-May-99
--*/
#define UNICODE
#define _UNICODE
#include <nt.h>
#include <ntrtl.h>
#include <nturtl.h>
#include <windows.h>
#include <wincrypt.h>
#include <sha.h>
#include <unicode5.h>
#include "resource.h"
#include "pwdui.h"
typedef struct { DATA_BLOB *pDataIn; // input DATA_BLOB* to CryptProtect or CryptUnprotect
CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct; // PromptStruct describing UI operations to perform
LPWSTR szDataDescription; // Application supplied data descr
PBYTE rgbPasswordHash; // resultant passwordhash for strong security
BOOL fCachedPassword; // did we find password in cache?
BOOL fProtect; // protect or unprotect?
BOOL fValidPassword; // does rgbPasswordHash contain a valid value?
} DIALOGARGS, *PDIALOGARGS, *LPDIALOGARGS;
typedef struct { LIST_ENTRY Next; LUID LogonId; FILETIME ftLastAccess; BYTE rgbDataInHash[A_SHA_DIGEST_LEN]; BYTE rgbPasswordHash[A_SHA_DIGEST_LEN];} PASSWORD_CACHE_ENTRY, *PPASSWORD_CACHE_ENTRY, *LPPASSWORD_CACHE_ENTRY;
DWORDProtectUIConfirm( IN DIALOGARGS *pDialogArgs );
DWORDUnprotectUIConfirm( IN DIALOGARGS *pDialogArgs );
BOOLChooseSecurityLevel( IN HWND hWndParent, IN DIALOGARGS *pDialogArgs );
VOIDAdvancedSecurityDetails( IN HWND hWndParent, IN DIALOGARGS *pDialogArgs );
//
// dialog box handling routines.
//
INT_PTRCALLBACKDialogConfirmProtect( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
);
INT_PTRCALLBACKDialogConfirmAccess( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
);
INT_PTRCALLBACKDialogChooseSecurityLevel( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
);
INT_PTRCALLBACKDialogChooseSecurityLevelMedium( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
);
INT_PTRCALLBACKDialogChooseSecurityLevelHigh( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
);
INT_PTRCALLBACKDialogAdvancedSecurityDetails( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
);
//
// helper routines.
//
#ifndef SSAlloc
#define SSAlloc(x) LocalAlloc(LMEM_FIXED, x)
#endif
#ifndef SSFree
#define SSFree(x) LocalFree(x)
#endif
VOIDComputePasswordHash( IN PVOID pvPassword, IN DWORD cbPassword, IN OUT BYTE rgbPasswordHash[A_SHA_DIGEST_LEN] );
BOOLGetEffectiveLogonId( IN OUT LUID *pLogonId );
BOOLInitializeDetailGlobals( VOID );
//
// password cache related routines.
//
BOOLInitializeProtectPasswordCache( VOID );
VOIDDeleteProtectPasswordCache( VOID );
BOOLAddProtectPasswordCache( IN DATA_BLOB* pDataIn, IN BYTE rgbPassword[A_SHA_DIGEST_LEN] );
BOOLSearchProtectPasswordCache( IN DATA_BLOB* pDataIn, IN OUT BYTE rgbPassword[A_SHA_DIGEST_LEN], IN BOOL fDeleteFoundEntry );
VOIDPurgeProtectPasswordCache( VOID );
BOOLIsCachePWAllowed( VOID );
//
// global variables.
//
HINSTANCE g_hInstProtectUI;CRITICAL_SECTION g_csProtectPasswordCache;LIST_ENTRY g_ProtectPasswordCache;
#define ALLOW_CACHE_UNKNOWN 0
#define ALLOW_CACHE_NO 1
#define ALLOW_CACHE_YES 2
DWORD g_dwAllowCachePW = 0;WCHAR g_szGooPassword[] = L"(*&#$(^(#%^))(*&(^(*{}_SAF^^%";
BOOL g_fDetailGlobalsInitialized = FALSE;LPWSTR g_szDetailApplicationName = NULL;LPWSTR g_szDetailApplicationPath = NULL;
BOOLWINAPIProtectUI_DllMain( HINSTANCE hinstDLL, // handle to DLL module
DWORD fdwReason, // reason for calling function
LPVOID lpvReserved // reserved
){ BOOL fRet = TRUE;
if( fdwReason == DLL_PROCESS_ATTACH ) { g_hInstProtectUI = hinstDLL; fRet = InitializeProtectPasswordCache(); } else if ( fdwReason == DLL_PROCESS_DETACH ) { DeleteProtectPasswordCache(); }
return fRet;}
DWORDWINAPII_CryptUIProtect( IN PVOID pvReserved1, IN PVOID pvReserved2, IN DWORD dwReserved3, IN PVOID *pvReserved4, IN BOOL fReserved5, IN PVOID pvReserved6 ){ DIALOGARGS DialogArgs; DWORD dwLastError = ERROR_SUCCESS;
DATA_BLOB* pDataIn = (DATA_BLOB*)pvReserved1; CRYPTPROTECT_PROMPTSTRUCT* pPromptStruct = (CRYPTPROTECT_PROMPTSTRUCT*)pvReserved2; DWORD dwFlags = (DWORD)dwReserved3; LPCWSTR szDescription = (LPCWSTR)*pvReserved4; BOOL fProtectOperation = (BOOL)fReserved5; PBYTE rgbPasswordHash = (PBYTE)pvReserved6; BOOL fEmptyDescription;
//
// for protect:
// szDescription, if NULL or empty, get from user
// if PROMPT_STRONG is set, grey out medium security.
//
// for unprotect:
// szDescription, get from datablob.
// pPromptStruct->dwPromptFlags from datablob.
// if PROMPT_STRONG is set, enable password field and
//
if( pPromptStruct == NULL ) return ERROR_INVALID_PARAMETER;
if( pPromptStruct->cbSize != sizeof( CRYPTPROTECT_PROMPTSTRUCT) ) return ERROR_INVALID_PARAMETER;
if( fProtectOperation ) {
//
// if unprotect was specified, protect is implicitly specified.
// vice-versa is true, too.
//
if ( ((pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_ON_PROTECT) == 0) && ((pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_ON_UNPROTECT) == 0) ) { //
// nothing to do, bail out.
//
return ERROR_SUCCESS; }
pPromptStruct->dwPromptFlags |= CRYPTPROTECT_PROMPT_ON_PROTECT; pPromptStruct->dwPromptFlags |= CRYPTPROTECT_PROMPT_ON_UNPROTECT;
}
if ( dwFlags & CRYPTPROTECT_UI_FORBIDDEN ) { return ERROR_PASSWORD_RESTRICTION; }
//
// build dialog box arguments block.
//
DialogArgs.pDataIn = pDataIn;
DialogArgs.pPromptStruct = pPromptStruct;
if( szDescription != NULL && szDescription[0] != L'\0' ) { DialogArgs.szDataDescription = (LPWSTR)szDescription; fEmptyDescription = FALSE; } else { DialogArgs.szDataDescription = NULL; fEmptyDescription = TRUE; }
DialogArgs.rgbPasswordHash = rgbPasswordHash; DialogArgs.fCachedPassword = FALSE; DialogArgs.fProtect = fProtectOperation; DialogArgs.fValidPassword = FALSE;
if( fProtectOperation ) {
//
// now, throw the UI for the protect operation.
//
dwLastError = ProtectUIConfirm( &DialogArgs );
if( dwLastError == ERROR_SUCCESS && fEmptyDescription && DialogArgs.szDataDescription ) {
//
// output modified data description to caller.
//
*pvReserved4 = DialogArgs.szDataDescription; } } else {
//
// now, throw the UI for the unprotect operation.
//
dwLastError = UnprotectUIConfirm( &DialogArgs ); }
if( fEmptyDescription && dwLastError != ERROR_SUCCESS && DialogArgs.szDataDescription ) {
SSFree( DialogArgs.szDataDescription ); }
return dwLastError;}
DWORDWINAPII_CryptUIProtectFailure( IN PVOID pvReserved1, IN DWORD dwReserved2, IN PVOID *pvReserved3){ CRYPTPROTECT_PROMPTSTRUCT* pPromptStruct = (CRYPTPROTECT_PROMPTSTRUCT*)pvReserved1; DWORD dwFlags = (DWORD)dwReserved2; LPCWSTR szDescription = (LPCWSTR)*pvReserved3; WCHAR szTitle[512]; WCHAR szText[512];
if((pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_ON_UNPROTECT) == 0) { return ERROR_SUCCESS; }
if(dwFlags & CRYPTPROTECT_UI_FORBIDDEN) { return ERROR_PASSWORD_RESTRICTION; }
LoadStringU(g_hInstProtectUI, IDS_PROTECT_DECRYPTION_ERROR, szTitle, sizeof(szTitle)/sizeof(WCHAR)); LoadStringU(g_hInstProtectUI, IDS_PROTECT_CANNOT_DECRYPT, szText, sizeof(szText)/sizeof(WCHAR)); MessageBoxU(pPromptStruct->hwndApp, szText, szTitle, MB_OK | MB_ICONWARNING);
return ERROR_SUCCESS;}
DWORDProtectUIConfirm( IN DIALOGARGS *pDialogArgs ){ INT_PTR iRet;
iRet = DialogBoxParamU( g_hInstProtectUI, MAKEINTRESOURCE(IDD_PROTECT_CONFIRM_PROTECT), pDialogArgs->pPromptStruct->hwndApp, DialogConfirmProtect, (LPARAM)pDialogArgs );
return (DWORD)iRet;
}
DWORDUnprotectUIConfirm( IN DIALOGARGS *pDialogArgs ){ INT_PTR iRet;
iRet = DialogBoxParamU( g_hInstProtectUI, MAKEINTRESOURCE(IDD_PROTECT_CONFIRM_SECURITY), pDialogArgs->pPromptStruct->hwndApp, DialogConfirmAccess, (LPARAM)pDialogArgs );
return (DWORD)iRet;}
INT_PTRCALLBACKDialogConfirmProtect( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
){ DIALOGARGS *pDialogArgs; CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct;
switch (message) { case WM_INITDIALOG: {
SetLastError( 0 ); // as per win32 documentation
if(SetWindowLongPtr(hDlg, GWLP_USERDATA, (LONG_PTR)lParam) == 0) { if(GetLastError() != ERROR_SUCCESS) { EndDialog(hDlg, GetLastError()); return FALSE; } }
// lParam is DIALOGARGS *
pDialogArgs = (DIALOGARGS*)lParam; pPromptStruct = pDialogArgs->pPromptStruct;
//
// set the dialog title
//
if (pPromptStruct->szPrompt) SetWindowTextU(hDlg, pPromptStruct->szPrompt);
//
// display dynamic stuff.
//
SendMessage( hDlg, WM_COMMAND, IDC_PROTECT_UPDATE_DYNAMIC, 0 );
return FALSE; // don't default the Focus..
} // WM_INITDIALOG
case WM_COMMAND: { switch(LOWORD(wParam)) { case IDOK: { EndDialog(hDlg, ERROR_SUCCESS); return TRUE; }
case IDCANCEL: { EndDialog(hDlg, ERROR_CANCELLED); return TRUE; }
case IDC_PROTECT_ADVANCED: {
pDialogArgs = (DIALOGARGS*)GetWindowLongPtr( hDlg, GWLP_USERDATA ); if(pDialogArgs == NULL) break; // TODO: bail out
//
// show details dialog.
//
AdvancedSecurityDetails( hDlg, pDialogArgs );
return FALSE; }
case IDC_PROTECT_UPDATE_DYNAMIC: { WCHAR szResource[ 256 ] = L""; int cchResource = sizeof(szResource) / sizeof(WCHAR); UINT ResourceId;
pDialogArgs = (DIALOGARGS*)GetWindowLongPtr( hDlg, GWLP_USERDATA ); if(pDialogArgs == NULL) break; // TODO: bail out
pPromptStruct = pDialogArgs->pPromptStruct;
//
// description.
//
if (pDialogArgs->szDataDescription) SetWindowTextU(GetDlgItem(hDlg, IDC_PROTECT_LABEL_EDIT1), pDialogArgs->szDataDescription);
// Disable the OK button if we're defaulting to strong protection,
// unless a password has already been set.
if((pPromptStruct->dwPromptFlags & (CRYPTPROTECT_PROMPT_STRONG | CRYPTPROTECT_PROMPT_REQUIRE_STRONG)) && (pDialogArgs->fValidPassword == FALSE)) { EnableWindow( GetDlgItem(hDlg, IDOK), FALSE ); SendMessage(hDlg, DM_SETDEFID, IDC_PROTECT_CHANGE_SECURITY, 0); SetFocus(GetDlgItem(hDlg, IDC_PROTECT_CHANGE_SECURITY)); } else { EnableWindow( GetDlgItem(hDlg, IDOK), TRUE ); SendMessage(hDlg, DM_SETDEFID, IDOK,0); SetFocus(GetDlgItem(hDlg, IDOK)); }
//
// security level.
//
if( pPromptStruct->dwPromptFlags & (CRYPTPROTECT_PROMPT_STRONG | CRYPTPROTECT_PROMPT_REQUIRE_STRONG)) { ResourceId = IDS_PROTECT_SECURITY_LEVEL_SET_HIGH; } else { ResourceId = IDS_PROTECT_SECURITY_LEVEL_SET_MEDIUM; }
cchResource = LoadStringU(g_hInstProtectUI, ResourceId, szResource, cchResource ); SetWindowTextU( GetDlgItem(hDlg,IDC_PROTECT_SECURITY_LEVEL), szResource );
return FALSE; }
case IDC_PROTECT_CHANGE_SECURITY: { pDialogArgs = (DIALOGARGS*)GetWindowLongPtr( hDlg, GWLP_USERDATA ); if(pDialogArgs == NULL) break; // TODO: bail out
//
// spawn child dialog to handle prompting for security level.
//
if(!ChooseSecurityLevel( hDlg, pDialogArgs )) { EndDialog(hDlg, ERROR_CANCELLED); return TRUE; }
//
// display dynamic stuff that may have changed.
//
SendMessage( hDlg, WM_COMMAND, IDC_PROTECT_UPDATE_DYNAMIC, 0 ); break; }
default: { return FALSE; } }
} // WM_COMMAND
default: { return FALSE; } } // message
}
INT_PTRCALLBACKDialogConfirmAccess( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
){ DIALOGARGS *pDialogArgs; CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct;
switch (message) { case WM_INITDIALOG: {
SetLastError( 0 ); // as per win32 documentation
if(SetWindowLongPtr(hDlg, GWLP_USERDATA, (LONG_PTR)lParam) == 0) { if(GetLastError() != ERROR_SUCCESS) { EndDialog(hDlg, GetLastError()); return FALSE; } }
// lParam is DIALOGARGS *
pDialogArgs = (DIALOGARGS*)lParam; pPromptStruct = pDialogArgs->pPromptStruct;
//
// set the dialog title
//
if (pPromptStruct->szPrompt) SetWindowTextU(hDlg, pPromptStruct->szPrompt);
//
// description.
//
if (pDialogArgs->szDataDescription) SetWindowTextU(GetDlgItem(hDlg, IDC_PROTECT_LABEL_EDIT1), pDialogArgs->szDataDescription);
if( pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_STRONG ) {
//
// If policy doesn't allow, disable caching of password.
//
// Otherwise, search password cache to see if user cached password
// for this item.
//
if( g_dwAllowCachePW == ALLOW_CACHE_UNKNOWN ) { if(!IsCachePWAllowed()) { g_dwAllowCachePW = ALLOW_CACHE_NO; } else { g_dwAllowCachePW = ALLOW_CACHE_YES; } }
if((g_dwAllowCachePW == ALLOW_CACHE_NO) || (pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_REQUIRE_STRONG)) { ShowWindow( GetDlgItem(hDlg, IDC_PROTECT_CACHEPW), SW_HIDE ); EnableWindow( GetDlgItem(hDlg, IDC_PROTECT_CACHEPW), FALSE );
} else if(SearchProtectPasswordCache( pDialogArgs->pDataIn, pDialogArgs->rgbPasswordHash, FALSE )) { //
// enable checkbox for cached password, fill edit control
// with password.
//
SetWindowTextU(GetDlgItem(hDlg,IDC_PROTECT_PASSWORD1), g_szGooPassword );
SendMessage(GetDlgItem(hDlg, IDC_PROTECT_CACHEPW), BM_SETCHECK, BST_CHECKED, 0); pDialogArgs->fCachedPassword = TRUE; pDialogArgs->fValidPassword = TRUE;
} } else {
//
// disable irrelevant fields in dialog.
//
ShowWindow( GetDlgItem(hDlg, IDC_PROTECT_CACHEPW), SW_HIDE ); EnableWindow( GetDlgItem(hDlg, IDC_PROTECT_CACHEPW), FALSE );
ShowWindow( GetDlgItem(hDlg, IDC_PROTECT_PASSWORD1), SW_HIDE ); EnableWindow( GetDlgItem(hDlg, IDC_PROTECT_PASSWORD1), FALSE ); }
return TRUE; } // WM_INITDIALOG
case WM_COMMAND: { switch(LOWORD(wParam)) { case IDOK: { pDialogArgs = (DIALOGARGS*)GetWindowLongPtr( hDlg, GWLP_USERDATA ); if(pDialogArgs == NULL) break; // TODO: bail out
pPromptStruct = pDialogArgs->pPromptStruct;
if( pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_STRONG ) { WCHAR szPassword[ 256 ]; int cchPassword = sizeof(szPassword) / sizeof(WCHAR);
BOOL fCachePassword;
//
// check if remember password is checked.
// if so, check if password is untypable goo.
//
if( g_dwAllowCachePW != ALLOW_CACHE_NO && (BST_CHECKED == SendMessage(GetDlgItem(hDlg, IDC_PROTECT_CACHEPW), BM_GETCHECK, 0, 0)) ) { fCachePassword = TRUE; } else { fCachePassword = FALSE; }
cchPassword = GetWindowTextU( GetDlgItem(hDlg,IDC_PROTECT_PASSWORD1), szPassword, cchPassword );
if( !fCachePassword && pDialogArgs->fCachedPassword ) {
//
// user un-checked cachePW button, and item was cached.
// remove it from cache.
//
SearchProtectPasswordCache( pDialogArgs->pDataIn, pDialogArgs->rgbPasswordHash, TRUE ); }
if( pDialogArgs->fCachedPassword && (cchPassword*sizeof(WCHAR) == sizeof(g_szGooPassword)-sizeof(WCHAR)) && (memcmp(szPassword, g_szGooPassword, cchPassword*sizeof(WCHAR)) == 0) ) { //
// nothing to do, rgbPasswordHash was updated by
// cache search...
//
} else {
ComputePasswordHash( szPassword, (DWORD)(cchPassword * sizeof(WCHAR)), pDialogArgs->rgbPasswordHash ); pDialogArgs->fValidPassword = TRUE;
//
// if user chose to cache password, add it.
//
if( fCachePassword ) { AddProtectPasswordCache( pDialogArgs->pDataIn, pDialogArgs->rgbPasswordHash ); } }
SecureZeroMemory(szPassword, sizeof(szPassword)); }
EndDialog(hDlg, ERROR_SUCCESS); return TRUE; }
case IDCANCEL: { EndDialog(hDlg, ERROR_CANCELLED); return TRUE; }
case IDC_PROTECT_ADVANCED: {
pDialogArgs = (DIALOGARGS*)GetWindowLongPtr( hDlg, GWLP_USERDATA ); if(pDialogArgs == NULL) break; // TODO: bail out
//
// show details dialog.
//
AdvancedSecurityDetails( hDlg, pDialogArgs );
return FALSE; }
default: { return FALSE; } }
} // WM_COMMAND
default: { return FALSE; } } // message
}
//
// security level chooser routines.
//
BOOLChooseSecurityLevel( IN HWND hWndParent, IN DIALOGARGS *pDialogArgs ){ CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct; DWORD dwOriginalPromptFlags; BOOL fEmptyDescription; INT_PTR iRet;
pPromptStruct = pDialogArgs->pPromptStruct; dwOriginalPromptFlags = pPromptStruct->dwPromptFlags; fEmptyDescription = (pDialogArgs->szDataDescription == NULL);
Step1:
if(pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_REQUIRE_STRONG) { //
// Force strong protection.
//
pPromptStruct->dwPromptFlags |= CRYPTPROTECT_PROMPT_STRONG; } else { //
// The "require strong" flag is not set, so allow the user to select
// between medium and strong protection.
//
iRet = DialogBoxParamU( g_hInstProtectUI, MAKEINTRESOURCE(IDD_PROTECT_CHOOSE_SECURITY), hWndParent, DialogChooseSecurityLevel, (LPARAM)pDialogArgs ); // if user decides not to choose, bail
if( iRet == IDCANCEL ) return TRUE; if( iRet != IDOK ) return FALSE; }
if( pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_STRONG ) {
//
// display dialog 'page' confirming high security.
//
iRet = DialogBoxParamU( g_hInstProtectUI, MAKEINTRESOURCE(IDD_PROTECT_CHOOSE_SECURITY_H), hWndParent, DialogChooseSecurityLevelHigh, (LPARAM)pDialogArgs );
} else {
//
// display dialog 'page' confirming medium security.
//
iRet = DialogBoxParamU( g_hInstProtectUI, MAKEINTRESOURCE(IDD_PROTECT_CHOOSE_SECURITY_M), hWndParent, DialogChooseSecurityLevelMedium, (LPARAM)pDialogArgs ); }
if( iRet == IDC_PROTECT_BACK ) {
//
// put original prompt flags back so we don't end up with undefined
// pwd at high-security level.
// free allocated description if that happened, too.
//
pPromptStruct->dwPromptFlags = dwOriginalPromptFlags; if( fEmptyDescription && pDialogArgs->szDataDescription ) { SSFree( pDialogArgs->szDataDescription ); pDialogArgs->szDataDescription = NULL; }
goto Step1; }
if( iRet != IDOK ) return FALSE;
return TRUE;}
INT_PTRCALLBACKDialogChooseSecurityLevel( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
){
switch (message) { CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct; DIALOGARGS *pDialogArgs;
case WM_INITDIALOG: { SetLastError( 0 ); // as per win32 documentation
if(SetWindowLongPtr(hDlg, GWLP_USERDATA, (LONG_PTR)lParam) == 0) { if(GetLastError() != ERROR_SUCCESS) { EndDialog(hDlg, IDCANCEL); return FALSE; } }
// lParam is DIALOGARGS*
pDialogArgs = (DIALOGARGS*)lParam; pPromptStruct = pDialogArgs->pPromptStruct;
// set the dialog title
if (pPromptStruct->szPrompt) SetWindowTextU(hDlg, pPromptStruct->szPrompt);
if( pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_STRONG ) { SendDlgItemMessage(hDlg, IDC_PROTECT_RADIO_HIGH, BM_SETCHECK, BST_CHECKED, 0); SendMessage(hDlg, WM_COMMAND, (WORD)IDC_PROTECT_RADIO_HIGH, 0); } else { SendDlgItemMessage(hDlg, IDC_PROTECT_RADIO_MEDIUM, BM_SETCHECK, BST_CHECKED, 0); SendMessage(hDlg, WM_COMMAND, (WORD)IDC_PROTECT_RADIO_MEDIUM, 0); }
return TRUE; } // WM_INITDIALOG
case WM_COMMAND: {
switch (LOWORD(wParam)) { case IDC_PROTECT_NEXT: case IDOK: { pDialogArgs = (DIALOGARGS*)GetWindowLongPtr( hDlg, GWLP_USERDATA ); if(pDialogArgs == NULL) break; // TODO: bail out
pPromptStruct = pDialogArgs->pPromptStruct;
if (BST_CHECKED == SendDlgItemMessageW( hDlg, IDC_PROTECT_RADIO_HIGH, BM_GETCHECK, 0, 0 )) { pPromptStruct->dwPromptFlags |= CRYPTPROTECT_PROMPT_STRONG; } else { pPromptStruct->dwPromptFlags &= ~(CRYPTPROTECT_PROMPT_STRONG); }
break; }
default: { break; } }
if ( (LOWORD(wParam) == IDOK) || (LOWORD(wParam) == IDCANCEL) || (LOWORD(wParam) == IDC_PROTECT_NEXT) ) { EndDialog(hDlg, LOWORD(wParam)); return TRUE; } } // WM_COMMAND
default: { return FALSE; } } // message
}
INT_PTRCALLBACKDialogChooseSecurityLevelMedium( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
){
switch (message) { case WM_INITDIALOG: { DIALOGARGS *pDialogArgs; CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct;
// lParam is DIALOGARGS*
pDialogArgs = (DIALOGARGS*)lParam; pPromptStruct = pDialogArgs->pPromptStruct;
// set the dialog title
if (pPromptStruct->szPrompt) SetWindowTextU(hDlg, pPromptStruct->szPrompt);
return TRUE; } // WM_INITDIALOG
case WM_COMMAND: { if ( (LOWORD(wParam) == IDOK) || (LOWORD(wParam) == IDCANCEL) || (LOWORD(wParam) == IDC_PROTECT_BACK) ) { EndDialog(hDlg, LOWORD(wParam)); return TRUE; } } // WM_COMMAND
default: { return FALSE; } } // message
}
INT_PTRCALLBACKDialogChooseSecurityLevelHigh( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
){
switch (message) { DIALOGARGS *pDialogArgs; CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct;
case WM_INITDIALOG: {
SetLastError( 0 ); // as per win32 documentation
if(SetWindowLongPtr(hDlg, GWLP_USERDATA, (LONG_PTR)lParam) == 0) { if(GetLastError() != ERROR_SUCCESS) { EndDialog(hDlg, IDCANCEL); return FALSE; } }
// lParam is DIALOGARGS*
pDialogArgs = (DIALOGARGS*)lParam; pPromptStruct = pDialogArgs->pPromptStruct;
// set the dialog title
if (pPromptStruct->szPrompt) SetWindowTextU(hDlg, pPromptStruct->szPrompt);
// Disable <Back and Finished buttons
if(pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_REQUIRE_STRONG) { EnableWindow( GetDlgItem(hDlg, IDC_PROTECT_BACK), FALSE ); EnableWindow(GetDlgItem(hDlg, IDOK), FALSE); }
//
// description.
//
if( pDialogArgs->szDataDescription ) {
HWND hwndProtectEdit1 = GetDlgItem( hDlg, IDC_PROTECT_PASSWORD1 );
SetWindowTextU(GetDlgItem(hDlg, IDC_PROTECT_PW_NEWNAME), pDialogArgs->szDataDescription);
//
// set focus to Password entry box.
//
EnableWindow(hwndProtectEdit1, TRUE); SetFocus(hwndProtectEdit1);
//
// default dialog template disabled input.
//
} else {
HWND hwndProtectPWNew = GetDlgItem( hDlg, IDC_PROTECT_PW_NEWNAME );
//
// enable edit box entry.
//
EnableWindow(hwndProtectPWNew, TRUE);
//
// set focus to description box
//
SetFocus(hwndProtectPWNew); }
return FALSE; } // WM_INITDIALOG
case WM_COMMAND: { switch(LOWORD(wParam)) { case IDOK: { WCHAR szPassword[ 256 ]; int cchPassword; BYTE rgbPasswordHashConfirm[A_SHA_DIGEST_LEN]; BOOL fPasswordsMatch = TRUE; // assume passwords match.
pDialogArgs = (DIALOGARGS*)GetWindowLongPtr( hDlg, GWLP_USERDATA ); if(pDialogArgs == NULL) break; // TODO: bail out
pPromptStruct = pDialogArgs->pPromptStruct;
//
// nothing more to do if not STRONG
//
if( (pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_STRONG) == 0 ) { EndDialog( hDlg, IDOK ); }
cchPassword = sizeof(szPassword) / sizeof(WCHAR); cchPassword = GetWindowTextU( GetDlgItem(hDlg,IDC_PROTECT_PASSWORD1), szPassword, cchPassword );
ComputePasswordHash( szPassword, cchPassword * sizeof(WCHAR), pDialogArgs->rgbPasswordHash );
SecureZeroMemory( szPassword, cchPassword*sizeof(WCHAR) );
cchPassword = sizeof(szPassword) / sizeof(WCHAR); cchPassword = GetWindowTextU( GetDlgItem(hDlg,IDC_PROTECT_EDIT2), szPassword, cchPassword );
ComputePasswordHash( szPassword, cchPassword * sizeof(WCHAR), rgbPasswordHashConfirm );
SecureZeroMemory( szPassword, cchPassword*sizeof(WCHAR) );
//
// check if both passwords entered by user match.
//
if( memcmp(rgbPasswordHashConfirm, pDialogArgs->rgbPasswordHash, sizeof(rgbPasswordHashConfirm)) != 0 ) { fPasswordsMatch = FALSE; }
SecureZeroMemory( rgbPasswordHashConfirm, sizeof(rgbPasswordHashConfirm) );
if( !fPasswordsMatch ) { WCHAR szText[256]; WCHAR szCaption[256];
//
// passwords must match: tell user.
//
LoadStringU(g_hInstProtectUI, IDS_PROTECT_PASSWORD_NOMATCH, szText, sizeof(szText) / sizeof(WCHAR) );
LoadStringU(g_hInstProtectUI, IDS_PROTECT_PASSWORD_ERROR_DLGTITLE, szCaption, sizeof(szCaption) / sizeof(WCHAR) );
MessageBoxW(hDlg, szText, szCaption, MB_OK | MB_ICONEXCLAMATION );
return FALSE; }
//
// if no description provided, make sure user entered one,
// and grab it..
//
if( pDialogArgs->szDataDescription == NULL ) { cchPassword = sizeof(szPassword) / sizeof(WCHAR); cchPassword = GetWindowTextU( GetDlgItem(hDlg,IDC_PROTECT_PW_NEWNAME), szPassword, cchPassword );
if( cchPassword == 0 ) {
WCHAR szText[256]; WCHAR szCaption[256];
//
// password must be named: tell user.
//
LoadStringU(g_hInstProtectUI, IDS_PROTECT_PASSWORD_MUSTNAME, szText, sizeof(szText) / sizeof(WCHAR) );
LoadStringU(g_hInstProtectUI, IDS_PROTECT_PASSWORD_ERROR_DLGTITLE, szCaption, sizeof(szCaption) / sizeof(WCHAR) );
MessageBoxW(hDlg, szText, szCaption, MB_OK | MB_ICONEXCLAMATION );
return FALSE; }
pDialogArgs->szDataDescription = (LPWSTR)SSAlloc( (cchPassword+1) * sizeof(WCHAR) ); if( pDialogArgs->szDataDescription == NULL ) return FALSE;
CopyMemory( pDialogArgs->szDataDescription, szPassword, cchPassword*sizeof(WCHAR) ); (pDialogArgs->szDataDescription)[cchPassword] = L'\0'; }
pDialogArgs->fValidPassword = TRUE;
EndDialog(hDlg, IDOK); return TRUE; }
case IDC_PROTECT_PASSWORD1: { pDialogArgs = (DIALOGARGS*)GetWindowLongPtr( hDlg, GWLP_USERDATA ); if(pDialogArgs == NULL) break; // TODO: bail out
pPromptStruct = pDialogArgs->pPromptStruct;
if(pPromptStruct->dwPromptFlags & CRYPTPROTECT_PROMPT_REQUIRE_STRONG) { WCHAR szPassword[ 256 ]; int cchPassword;
//
// Disable the Finish button until a password has been entered.
//
cchPassword = sizeof(szPassword) / sizeof(WCHAR); cchPassword = GetWindowTextU( GetDlgItem(hDlg,IDC_PROTECT_PASSWORD1), szPassword, cchPassword ); if(cchPassword) { RtlSecureZeroMemory(szPassword, cchPassword * sizeof(WCHAR)); EnableWindow(GetDlgItem(hDlg, IDOK), TRUE); } else { EnableWindow(GetDlgItem(hDlg, IDOK), FALSE); } } break; }
case IDC_PROTECT_BACK: case IDCANCEL: { EndDialog(hDlg, LOWORD(wParam)); return TRUE; }
default: { break; } }
} // WM_COMMAND
default: { return FALSE; } } // message
}
VOIDAdvancedSecurityDetails( IN HWND hWndParent, IN DIALOGARGS *pDialogArgs ){ DialogBoxParamU( g_hInstProtectUI, MAKEINTRESOURCE(IDD_PROTECT_SECURITY_DETAILS), hWndParent, DialogAdvancedSecurityDetails, (LPARAM)pDialogArgs );}
INT_PTRCALLBACKDialogAdvancedSecurityDetails( HWND hDlg, // handle to dialog box
UINT message, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
){ switch (message) {
DIALOGARGS *pDialogArgs; CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct;
case WM_INITDIALOG: { WCHAR szResource[ 256 ] = L""; UINT ResourceId;
SetLastError( 0 ); // as per win32 documentation
if(SetWindowLongPtr(hDlg, GWLP_USERDATA, (LONG_PTR)lParam) == 0) { if(GetLastError() != ERROR_SUCCESS) { EndDialog(hDlg, IDCANCEL); return FALSE; } }
// lParam is DIALOGARGS*
pDialogArgs = (DIALOGARGS*)lParam; pPromptStruct = pDialogArgs->pPromptStruct;
// set the dialog title
if (pPromptStruct->szPrompt) SetWindowTextU(hDlg, pPromptStruct->szPrompt);
InitializeDetailGlobals();
if(g_szDetailApplicationPath) { SetWindowTextU(GetDlgItem(hDlg, IDC_PROTECT_APP_PATH), g_szDetailApplicationPath); }
if( pDialogArgs->fProtect ) { ResourceId = IDS_PROTECT_OPERATION_PROTECT; } else { ResourceId = IDS_PROTECT_OPERATION_UNPROTECT; }
LoadStringU(g_hInstProtectUI, ResourceId, szResource, sizeof(szResource) / sizeof(WCHAR) );
SetWindowTextU(GetDlgItem(hDlg, IDC_PROTECT_OPERATION_TYPE), szResource);
if( pDialogArgs->szDataDescription ) { SetWindowTextU(GetDlgItem(hDlg, IDC_PROTECT_APP_DESCRIPTION), pDialogArgs->szDataDescription); } return FALSE; } // WM_INITDIALOG
case WM_COMMAND: { switch(LOWORD(wParam)) { case IDOK: case IDCANCEL: { EndDialog(hDlg, LOWORD(wParam)); return TRUE; }
default: { break; } }
} // WM_COMMAND
default: { return FALSE; }
} // switch
return FALSE;}
VOIDComputePasswordHash( IN PVOID pvPassword, IN DWORD cbPassword, IN OUT BYTE rgbPasswordHash[A_SHA_DIGEST_LEN] )/*++
Compute SHA-1 hash of supplied pvPassword of size cbPassword, returning resultant hash in rgbPasswordHash buffer.
--*/{ A_SHA_CTX shaCtx;
if( pvPassword == NULL ) return;
A_SHAInit( &shaCtx ); A_SHAUpdate( &shaCtx, (unsigned char*)pvPassword, (unsigned int)cbPassword ); A_SHAFinal( &shaCtx, rgbPasswordHash );
SecureZeroMemory( &shaCtx, sizeof(shaCtx) );
return;}
BOOLGetEffectiveLogonId( IN OUT LUID *pLogonId ){ HANDLE hToken; TOKEN_STATISTICS TokenInformation; DWORD cbTokenInformation; BOOL fSuccess;
if(!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &hToken)) { if(GetLastError() != ERROR_NO_TOKEN) return FALSE;
if(!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) return FALSE; }
fSuccess = GetTokenInformation( hToken, TokenStatistics, &TokenInformation, sizeof(TokenInformation), &cbTokenInformation );
CloseHandle( hToken );
if( fSuccess ) { CopyMemory( pLogonId, &TokenInformation.AuthenticationId, sizeof(*pLogonId) ); }
return fSuccess;}
BOOLInitializeDetailGlobals( VOID ){ WCHAR szStackBuffer[ 256 ]; DWORD cchStackBuffer;
LPWSTR szDetailApplicationName = NULL; LPWSTR szDetailApplicationPath = NULL;
if( g_fDetailGlobalsInitialized ) return TRUE;
cchStackBuffer = sizeof(szStackBuffer) / sizeof(WCHAR); cchStackBuffer = GetModuleFileNameU( NULL, szStackBuffer, cchStackBuffer );
if( cchStackBuffer ) {
cchStackBuffer++; // include terminal NULL.
szDetailApplicationPath = (LPWSTR)SSAlloc( cchStackBuffer * sizeof(WCHAR) );
if( szDetailApplicationPath ) { CopyMemory( szDetailApplicationPath, szStackBuffer, cchStackBuffer*sizeof(WCHAR) ); } }
EnterCriticalSection( &g_csProtectPasswordCache );
if( !g_fDetailGlobalsInitialized ) {
g_szDetailApplicationName = szDetailApplicationName; g_szDetailApplicationPath = szDetailApplicationPath; g_fDetailGlobalsInitialized = TRUE;
szDetailApplicationName = NULL; szDetailApplicationPath = NULL; }
LeaveCriticalSection( &g_csProtectPasswordCache );
if( szDetailApplicationName ) SSFree( szDetailApplicationName );
if( szDetailApplicationPath ) SSFree( szDetailApplicationPath );
return TRUE;}
BOOLInitializeProtectPasswordCache( VOID ){ __try { InitializeCriticalSection( &g_csProtectPasswordCache ); } __except(EXCEPTION_EXECUTE_HANDLER) { SecureZeroMemory(&g_csProtectPasswordCache, sizeof(g_csProtectPasswordCache)); SetLastError(GetExceptionCode()); return FALSE; }
InitializeListHead( &g_ProtectPasswordCache );
g_fDetailGlobalsInitialized = FALSE; g_szDetailApplicationName = NULL; g_szDetailApplicationPath = NULL;
return TRUE;}
VOIDDeleteProtectPasswordCache( VOID ){
if( g_szDetailApplicationName ) { SSFree(g_szDetailApplicationName); g_szDetailApplicationName = NULL; }
if( g_szDetailApplicationPath ) { SSFree(g_szDetailApplicationPath); g_szDetailApplicationPath = NULL; }
g_fDetailGlobalsInitialized = FALSE;
EnterCriticalSection( &g_csProtectPasswordCache );
while ( !IsListEmpty( &g_ProtectPasswordCache ) ) {
PPASSWORD_CACHE_ENTRY pCacheEntry;
pCacheEntry = CONTAINING_RECORD( g_ProtectPasswordCache.Flink, PASSWORD_CACHE_ENTRY, Next );
RemoveEntryList( &pCacheEntry->Next );
SecureZeroMemory( pCacheEntry, sizeof(*pCacheEntry) ); SSFree( pCacheEntry ); }
LeaveCriticalSection( &g_csProtectPasswordCache );
DeleteCriticalSection( &g_csProtectPasswordCache );}
BOOLAddProtectPasswordCache( IN DATA_BLOB* pDataIn, IN BYTE rgbPassword[A_SHA_DIGEST_LEN] ){ PPASSWORD_CACHE_ENTRY pCacheEntry = NULL; A_SHA_CTX shaCtx;
pCacheEntry = (PPASSWORD_CACHE_ENTRY)SSAlloc( sizeof(PASSWORD_CACHE_ENTRY) ); if( pCacheEntry == NULL ) return FALSE;
GetEffectiveLogonId( &pCacheEntry->LogonId ); GetSystemTimeAsFileTime( &pCacheEntry->ftLastAccess );
A_SHAInit( &shaCtx ); A_SHAUpdate( &shaCtx, (unsigned char*)pDataIn->pbData, pDataIn->cbData ); A_SHAFinal( &shaCtx, pCacheEntry->rgbDataInHash ); SecureZeroMemory( &shaCtx, sizeof(shaCtx) );
CopyMemory( pCacheEntry->rgbPasswordHash, rgbPassword, A_SHA_DIGEST_LEN );
EnterCriticalSection( &g_csProtectPasswordCache );
InsertHeadList( &g_ProtectPasswordCache, &pCacheEntry->Next );
LeaveCriticalSection( &g_csProtectPasswordCache );
return TRUE;}
BOOLSearchProtectPasswordCache( IN DATA_BLOB* pDataIn, IN OUT BYTE rgbPassword[A_SHA_DIGEST_LEN], IN BOOL fDeleteFoundEntry ){
A_SHA_CTX shaCtx; BYTE rgbDataInHashCandidate[A_SHA_DIGEST_LEN]; LUID LogonIdCandidate;
PLIST_ENTRY ListEntry; PLIST_ENTRY ListHead;
BOOL fFoundMatch = FALSE;
if(!GetEffectiveLogonId( &LogonIdCandidate )) return FALSE;
A_SHAInit( &shaCtx ); A_SHAUpdate( &shaCtx, (unsigned char*)pDataIn->pbData, pDataIn->cbData ); A_SHAFinal( &shaCtx, rgbDataInHashCandidate );
EnterCriticalSection( &g_csProtectPasswordCache );
ListHead = &g_ProtectPasswordCache;
for( ListEntry = ListHead->Flink; ListEntry != ListHead; ListEntry = ListEntry->Flink ) {
PPASSWORD_CACHE_ENTRY pCacheEntry; signed int comparator;
pCacheEntry = CONTAINING_RECORD( ListEntry, PASSWORD_CACHE_ENTRY, Next );
//
// search by hash, then LogonId
// note that most usage scenarios, all cache entries will correspond
// to same LogonId.
//
comparator = memcmp( rgbDataInHashCandidate, pCacheEntry->rgbDataInHash, sizeof(rgbDataInHashCandidate) );
if( comparator != 0 ) continue;
comparator = memcmp(&LogonIdCandidate, &pCacheEntry->LogonId, sizeof(LUID));
if( comparator != 0 ) continue;
//
// match found.
//
fFoundMatch = TRUE;
if( fDeleteFoundEntry ) { RemoveEntryList( &pCacheEntry->Next ); SecureZeroMemory( pCacheEntry, sizeof(*pCacheEntry) ); SSFree( pCacheEntry ); } else {
CopyMemory( rgbPassword, pCacheEntry->rgbPasswordHash, A_SHA_DIGEST_LEN );
//
// update last access time.
//
GetSystemTimeAsFileTime( &pCacheEntry->ftLastAccess ); }
break; }
LeaveCriticalSection( &g_csProtectPasswordCache );
PurgeProtectPasswordCache();
return fFoundMatch;}
VOIDPurgeProtectPasswordCache( VOID )/*++
This routine purges entries in the password cache that are greater than 1 hour in age, via the ftLastAccess time.
--*/{// static FILETIME ftLastPurge = {0xffffffff,0xffffffff};
static FILETIME ftLastPurge; FILETIME ftStaleEntry;
PLIST_ENTRY ListEntry; PLIST_ENTRY ListHead;
unsigned __int64 ui64;
//
// get current time, and subtract an hour off it.
//
GetSystemTimeAsFileTime( &ftStaleEntry );
ui64 = ftStaleEntry.dwHighDateTime; ui64 <<= 32; ui64 |= ftStaleEntry.dwLowDateTime;
// ui64 -= (600000000*60);
ui64 -= 0x861c46800;
ftStaleEntry.dwLowDateTime = (DWORD)(ui64 & 0xffffffff); ftStaleEntry.dwHighDateTime = (DWORD)(ui64 >> 32);
//
// only purge list once per hour.
//
if( CompareFileTime( &ftStaleEntry, &ftLastPurge ) < 0 ) { return; }
//
// update last purge time.
//
GetSystemTimeAsFileTime( &ftLastPurge );
EnterCriticalSection( &g_csProtectPasswordCache );
ListHead = &g_ProtectPasswordCache;
for( ListEntry = ListHead->Flink; ListEntry != ListHead; ListEntry = ListEntry->Flink ) {
PPASSWORD_CACHE_ENTRY pCacheEntry; signed int comparator;
pCacheEntry = CONTAINING_RECORD( ListEntry, PASSWORD_CACHE_ENTRY, Next );
if( CompareFileTime( &ftStaleEntry, &pCacheEntry->ftLastAccess ) > 0 ) { ListEntry = ListEntry->Blink;
RemoveEntryList( &pCacheEntry->Next ); SecureZeroMemory( pCacheEntry, sizeof(*pCacheEntry) ); SSFree( pCacheEntry ); } }
LeaveCriticalSection( &g_csProtectPasswordCache );
return;}
BOOLIsCachePWAllowed( VOID ){ HKEY hKeyProtect; DWORD dwType; DWORD dwValue; DWORD cbValue; LONG lRet;
lRet = RegOpenKeyExU( HKEY_LOCAL_MACHINE, L"SOFTWARE\\Policies\\Microsoft\\Cryptography\\Protect", 0, KEY_QUERY_VALUE, &hKeyProtect );
if( lRet != ERROR_SUCCESS ) return TRUE;
cbValue = sizeof(dwValue);
lRet = RegQueryValueExU( hKeyProtect, L"AllowCachePW", NULL, &dwType, (PBYTE)&dwValue, &cbValue );
RegCloseKey( hKeyProtect );
if( lRet == ERROR_SUCCESS && dwType == REG_DWORD && dwValue == 0 ) { return FALSE; }
return TRUE;}
|
