archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/csps/wfsccsp/pintool/support.cpp

580 lines
15 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include <windows.h>
  2. #include <winscard.h>
  3. #include <string.h>
  4. #include <stdlib.h>
  5. #include <stdio.h>
  6. #include <guiddef.h>
  7. #include "basecsp.h"
  8. #include "pincache.h"
  9. #include "helpers.h"
  11. extern HINSTANCE ghInstance;
  12. PCARD_DATA pCardData = NULL;
  13. SCARDCONTEXT hSCardContext = 0;
  15. // global array to hold the provider name
  16. WCHAR gszProvider[MAX_PATH];
  18. #ifdef DBG
  19. #define ERROUT(x) ShowError(x)
  20. #else
  21. #define ERROUT(x)
  22. #endif
  24. void ShowError(DWORD dwErr)
  25. {
  26. WCHAR sz[200];
  27. swprintf(sz,L"Returned status %x\n",dwErr);
  28. OutputDebugString(sz);
  29. }
  31. void DoConvertWideStringToLowerCase(WCHAR *pwsz)
  32. {
  33. WCHAR c;
  34. if (NULL == pwsz) return;
  35. while (NULL != (c = *pwsz))
  36. {
  37. *pwsz++= towlower(c);
  38. }
  39. }
  41. // Accept an input buffer containing text, and convert it to binary
  42. // The binary buffer is allocated new and must be freed by the caller
  43. //
  44. // The incoming data consists of hex digits and spaces. Hex digits are
  45. // assembled into bytes as pairs, with the first digit becoming the
  46. // most significant nybble. Spaces in input are discarded with no effect
  47. // so that "12 34 5" becomes 0x12 0x34 0x5, as soes "1 2 3 4 5."
  49. DWORD DoConvertBufferToBinary(BYTE *pIn, DWORD dwcbIn,
  50. BYTE **pOut, DWORD *dwcbOut)
  51. {
  52. WCHAR szTemp[10];
  53. WCHAR *pInput = (WCHAR *) pIn;
  54. BYTE *pAlloc = NULL;
  55. BYTE *pOutput = NULL;
  56. DWORD dwOut = 0;
  57. DWORD dwRet = -1;
  58. BOOL fInabyte = FALSE;
  59. BOOL fErr = FALSE;
  60. BYTE b;
  61. BYTE b2;
  62. WCHAR c;
  64. // Bag it if no data or output ptrs obviously invalid
  65. if ((NULL == pIn) || (dwcbIn == 0)) goto Ret;
  66. if ((NULL == pOut) || (NULL == dwcbOut)) goto Ret;
  68. // count input characters
  69. int iLen = wcslen(pInput);
  71. if (iLen == 0) goto Ret;
  73. // guaranteed to contain the output
  74. pAlloc = (BYTE *)CspAllocH((iLen / 2) + 2);
  75. pOutput = pAlloc;
  77. for (int i = 0;i<iLen;i++)
  78. {
  80. c = pInput[i];
  81. if (c == 0) break;
  83. // skip over whitespace in the input
  84. c = towupper(c);
  85. if (c <= L' ')
  86. {
  87. fInabyte = FALSE;
  88. continue;
  89. }
  91. if (!fInabyte)
  92. {
  93. b = 0;
  94. }
  95. b2 = 0;
  97. // error on not legal hex character
  98. if ( ((c < L'0') || (c > L'F')) ||
  99. ((c > L'9') && (c < L'A')) )
  100. {
  101. dwRet = -1;
  102. *pOut = 0;
  103. *dwcbOut = 0;
  104. if (pAlloc) CspFreeH(pAlloc);
  105. goto Ret;
  106. }
  107. else if (c <= L'9')
  108. b2 = c - L'0';
  109. else
  110. b2 = c - L'A' + 10;
  112. if (fInabyte)
  113. {
  114. b = (b << 4) + b2;
  115. fInabyte = FALSE;
  116. dwOut += 1;
  117. *pOutput++ = b;
  118. }
  119. else
  120. {
  121. b = b2;
  122. fInabyte = TRUE;
  123. }
  124. }
  126. // Permit writing an unpaired terminating hex character to the tail of the binary as a 0x byte.
  127. if (fInabyte)
  128. {
  129. fInabyte = FALSE;
  130. dwOut += 1;
  131. *pOutput++ = b;
  132. }
  134. dwRet = 0;
  135. *pOut = pAlloc;
  136. *dwcbOut = dwOut;
  138. Ret:
  139. ERROUT(dwRet);
  140. return dwRet;
  141. }
  143. DWORD DoConvertBinaryToBuffer(BYTE *pIn, DWORD dwcbIn,
  144. BYTE **pOut, DWORD *dwcbOut)
  145. {
  146. WCHAR *pAlloc = NULL;
  147. WCHAR *pOutput = NULL;
  148. DWORD dwOut = 0;
  149. DWORD dwRet = -1;
  150. BOOL fErr = FALSE;
  151. BYTE b;
  153. // Bag it if no data or output ptrs obviously invalid
  154. if ((NULL == pIn) || (dwcbIn == 0)) goto Ret;
  155. if ((NULL == pOut) || (NULL == dwcbOut)) goto Ret;
  157. pAlloc = (WCHAR *)CspAllocH(((dwcbIn * 3) + 1) * sizeof(WCHAR));
  158. if (NULL == pAlloc) goto Ret;
  159. pOutput = pAlloc;
  161. for (DWORD i = 0 ; i<dwcbIn ; i++)
  162. {
  163. b = pIn[i];
  164. b &= 0xf0;
  165. b = b>> 4;
  166. b += L'0';
  167. if (b > L'9') b += 7;
  168. *pOutput++ = b;
  170. b = pIn[i];
  171. b &= 0x0f;
  172. b += L'0';
  173. if (b > L'9') b += 7;
  174. *pOutput++ = b;
  175. dwOut += 2;
  177. // a space every 4 characters
  178. if ((i > 0) && (((i+1) % 2) == 0)) *pOutput++ = L' ';
  179. }
  180. *pOutput = 0;
  182. dwRet = 0;
  183. *pOut = (BYTE *) pAlloc;
  184. *dwcbOut = (pOutput - pAlloc -1) * sizeof(WCHAR);
  186. Ret:
  187. ERROUT(dwRet);
  188. return dwRet;
  189. }
  191. //
  192. // Find any card present in an attached reader using "minimal" scarddlg UI
  193. //
  194. DWORD GetCardHandleViaUI(
  195. IN SCARDCONTEXT hSCardContext,
  196. OUT SCARDHANDLE *phSCardHandle,
  197. IN DWORD cchMatchedCard,
  198. OUT LPWSTR wszMatchedCard,
  199. IN DWORD cchMatchedReader,
  200. OUT LPWSTR wszMatchedReader)
  201. {
  202. OPENCARDNAME_EXW ocnx;
  203. DWORD dwSts = ERROR_SUCCESS;
  205. memset(&ocnx, 0, sizeof(ocnx));
  207. ocnx.dwStructSize = sizeof(ocnx);
  208. ocnx.hSCardContext = hSCardContext;
  209. ocnx.lpstrCard = wszMatchedCard;
  210. ocnx.nMaxCard = cchMatchedCard;
  211. ocnx.lpstrRdr = wszMatchedReader;
  212. ocnx.nMaxRdr = cchMatchedReader;
  213. ocnx.dwShareMode = SCARD_SHARE_SHARED;
  214. ocnx.dwPreferredProtocols = SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1;
  215. ocnx.dwFlags = SC_DLG_MINIMAL_UI;
  217. dwSts = SCardUIDlgSelectCardW(&ocnx);
  219. *phSCardHandle = ocnx.hCardHandle;
  221. return dwSts;
  222. }
  224. // Acquire a context for the target smart card
  226. DWORD DoAcquireCardContext(void)
  227. {
  228. DWORD dwSts = ERROR_SUCCESS;
  229. PFN_CARD_ACQUIRE_CONTEXT pfnCardAcquireContext = NULL;
  230. SCARDHANDLE hSCardHandle = 0;
  231. LPWSTR mszReaders = NULL;
  232. DWORD cchReaders = SCARD_AUTOALLOCATE;
  233. LPWSTR mszCards = NULL;
  234. DWORD cchCards = SCARD_AUTOALLOCATE;
  235. DWORD dwActiveProtocol = 0;
  236. DWORD dwState = 0;
  237. BYTE rgbAtr [32];
  238. DWORD cbAtr = sizeof(rgbAtr);
  239. LPWSTR pszProvider = NULL;
  240. DWORD cchProvider = SCARD_AUTOALLOCATE;
  241. HMODULE hMod = 0;
  242. WCHAR wszMatchedCard[MAX_PATH];
  243. WCHAR wszMatchedReader[MAX_PATH];
  244. HMODULE hThis = (HMODULE) ghInstance; // this executable
  246. memset(rgbAtr, 0, sizeof(rgbAtr));
  248. //
  249. // Initialization
  250. //
  252. dwSts = SCardEstablishContext(
  253. SCARD_SCOPE_USER, NULL, NULL, &hSCardContext);
  255. if (FAILED(dwSts))
  256. goto Ret;
  258. dwSts = GetCardHandleViaUI(
  259. hSCardContext,
  260. &hSCardHandle,
  261. MAX_PATH,
  262. wszMatchedCard,
  263. MAX_PATH,
  264. wszMatchedReader);
  266. if (FAILED(dwSts))
  267. goto Ret;
  269. mszReaders = NULL;
  270. cchReaders = SCARD_AUTOALLOCATE;
  272. dwSts = SCardStatusW(
  273. hSCardHandle,
  274. (LPWSTR) (&mszReaders),
  275. &cchReaders,
  276. &dwState,
  277. &dwActiveProtocol,
  278. rgbAtr,
  279. &cbAtr);
  281. if (FAILED(dwSts))
  282. goto Ret;
  284. dwSts = SCardListCardsW(
  285. hSCardContext,
  286. rgbAtr,
  287. NULL,
  288. 0,
  289. (LPWSTR) (&mszCards),
  290. &cchCards);
  292. if (FAILED(dwSts))
  293. goto Ret;
  295. dwSts = SCardGetCardTypeProviderNameW(
  296. hSCardContext,
  297. mszCards,
  298. SCARD_PROVIDER_CARD_MODULE,
  299. (LPWSTR) (&pszProvider),
  300. &cchProvider);
  302. if (FAILED(dwSts))
  303. goto Ret;
  305. // Load the card module for the selected card
  306. // acquire context and trade initializations
  308. hMod = LoadLibraryW(pszProvider);
  310. if (INVALID_HANDLE_VALUE == hMod)
  311. {
  312. dwSts = GetLastError();
  313. goto Ret;
  314. }
  316. // This fails for an unsupported card type (no card module)
  318. pfnCardAcquireContext =
  319. (PFN_CARD_ACQUIRE_CONTEXT) GetProcAddress(
  320. hMod,
  321. "CardAcquireContext");
  323. if (NULL == pfnCardAcquireContext)
  324. {
  325. dwSts = GetLastError();
  326. goto Ret;
  327. }
  329. pCardData = (PCARD_DATA) CspAllocH(sizeof(CARD_DATA));
  331. if (NULL == pCardData)
  332. {
  333. dwSts = ERROR_NOT_ENOUGH_MEMORY;
  334. goto Ret;
  335. }
  337. memset(pCardData,0,sizeof(CARD_DATA));
  338. pCardData->pbAtr = rgbAtr;
  339. pCardData->cbAtr = cbAtr;
  340. pCardData->pwszCardName = mszCards;
  341. pCardData->dwVersion = CARD_DATA_CURRENT_VERSION;
  342. pCardData->pfnCspAlloc = CspAllocH;
  343. pCardData->pfnCspReAlloc = CspReAllocH;
  344. pCardData->pfnCspFree = CspFreeH;
  345. pCardData->pfnCspCacheAddFile = CspCacheAddFile;
  346. pCardData->pfnCspCacheDeleteFile = CspCacheDeleteFile;
  347. pCardData->pfnCspCacheLookupFile = CspCacheLookupFile;
  348. pCardData->hScard = hSCardHandle;
  349. hSCardHandle = 0;
  351. // First, connect to the card
  352. dwSts = pfnCardAcquireContext(pCardData, 0);
  354. Ret:
  355. if (FAILED(dwSts))
  356. {
  357. CspFreeH(pCardData);
  358. }
  359. ERROUT(dwSts);
  360. return dwSts;
  361. }
  364. void DoLeaveCardContext(void)
  365. {
  366. if (pCardData)
  367. {
  368. if (pCardData->hScard)
  369. SCardDisconnect(pCardData->hScard,SCARD_RESET_CARD);
  370. CspFreeH(pCardData);
  371. }
  372. if (hSCardContext)
  373. SCardReleaseContext(hSCardContext);
  374. }
  376. // Get the CardID, returned in a new allocation as an SZ string. It must be freed by the
  377. // user. Is returned NULL on error.
  379. DWORD DoGetCardId(
  380. WCHAR **pSz)
  381. {
  382. DWORD dwSts = ERROR_SUCCESS;
  383. WCHAR *pString = NULL;
  384. GUID *pGuid;
  385. DWORD ccGuid = 0;
  387. dwSts = pCardData->pfnCardReadFile(pCardData,
  388. wszCARD_IDENTIFIER_FILE_FULL_PATH,
  389. 0,
  390. (PBYTE *) &pGuid,
  391. &ccGuid);
  393. if (ERROR_SUCCESS != dwSts)
  394. goto Ret;
  396. pString = (WCHAR *) CspAllocH(40 * sizeof(WCHAR));
  398. if (pString == NULL)
  399. {
  400. *pSz = NULL;
  401. dwSts = -1;
  402. goto Ret;
  403. }
  405. DWORD ccSz = 40;
  407. _snwprintf(pString, ccSz,L"{%08lX-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X}",
  408. // first copy...
  409. pGuid->Data1, pGuid->Data2, pGuid->Data3,
  410. pGuid->Data4[0], pGuid->Data4[1], pGuid->Data4[2], pGuid->Data4[3],
  411. pGuid->Data4[4], pGuid->Data4[5], pGuid->Data4[6], pGuid->Data4[7]);
  413. *pSz = pString;
  414. Ret:
  415. return dwSts;
  417. }
  420. // Get a challenge buffer from the card. Render it as upper case BASE 64, and return it as a
  421. // string to the caller
  422. /*
  423. DWORD WINAPI CardChangePin(
  424. IN CARD_DATA *pCardData,
  425. IN LPWSTR pwszUserId,
  426. IN BYTE *pbCurrentAuthenticator,
  427. IN DWORD dwcbCurrentAuthenticator,
  428. IN BYTE *pbNewAuthenticator,
  429. IN DWORD dwcbNewAuthenticator,
  430. IN DWORD dwcRetryCount,
  431. IN DWORD dwFlags,
  432. OUT OPTIONAL DWORD *pdwcAttemptsRemaining
  433. );
  435. */
  437. DWORD DoInvalidatePinCache(
  438. void)
  439. {
  440. DWORD dwSts = ERROR_SUCCESS;
  441. DATA_BLOB dbCacheFile;
  442. CARD_CACHE_FILE_FORMAT *pCache = NULL;
  444. memset(&dbCacheFile, 0, sizeof(dbCacheFile));
  446. dwSts = pCardData->pfnCardReadFile(
  447. pCardData,
  448. wszCACHE_FILE_FULL_PATH,
  449. 0,
  450. &dbCacheFile.pbData,
  451. &dbCacheFile.cbData);
  453. if (ERROR_SUCCESS != dwSts)
  454. goto Ret;
  456. if (sizeof(CARD_CACHE_FILE_FORMAT) != dbCacheFile.cbData)
  457. {
  458. dwSts = ERROR_BAD_LENGTH;
  459. goto Ret;
  460. }
  462. // We have the cache file contents at dbCacheFile.pbData
  463. // Update the PinsFreshness value, and write it back
  465. pCache = (CARD_CACHE_FILE_FORMAT *) dbCacheFile.pbData;
  466. BYTE bPinFreshness = pCache->bPinsFreshness;
  467. pCache->bPinsFreshness = bPinFreshness + 1;
  469. dwSts = pCardData->pfnCardWriteFile(
  470. pCardData,
  471. wszCACHE_FILE_FULL_PATH,
  472. 0,
  473. dbCacheFile.pbData,
  474. dbCacheFile.cbData);
  476. if (ERROR_SUCCESS != dwSts)
  477. goto Ret;
  479. Ret:
  481. if (dbCacheFile.pbData)
  482. CspFreeH(dbCacheFile.pbData);
  483. return dwSts;
  484. }
  487. DWORD DoChangePin(WCHAR *pOldPin, WCHAR *pNewPin)
  488. {
  489. char AnsiOldPin[64];
  490. char AnsiNewPin[64];
  492. WCHAR szName[] = wszCARD_USER_USER;
  493. //DoConvertWideStringToLowerCase(szName);
  495. // change WCHAR PINs to ANSI
  496. WideCharToMultiByte(GetConsoleOutputCP(),
  497. 0,
  498. (WCHAR *) pOldPin,
  499. -1,
  500. AnsiOldPin,
  501. 64,
  502. NULL,
  503. NULL);
  505. WideCharToMultiByte(GetConsoleOutputCP(),
  506. 0,
  507. (WCHAR *) pNewPin,
  508. -1,
  509. AnsiNewPin,
  510. 64,
  511. NULL,
  512. NULL);
  514. DWORD dwcbOldPin = strlen(AnsiOldPin);
  515. DWORD dwcbNewPin = strlen( AnsiNewPin);
  517. if (dwcbOldPin == 0) return -1;
  519. DWORD dwSts = pCardData->pfnCardChangeAuthenticator(pCardData, szName,
  520. (BYTE *)AnsiOldPin, dwcbOldPin,
  521. (BYTE *)AnsiNewPin, dwcbNewPin,
  522. 0,
  523. NULL);
  524. ERROUT(dwSts);
  525. if (0 == dwSts) DoInvalidatePinCache();
  526. return dwSts;
  527. }
  529. // Get a challenge buffer from the card. Render it as upper case BASE 64, and return it as a
  530. // string to the caller
  531. DWORD DoGetChallenge(BYTE **pChallenge, DWORD *dwcbChallenge)
  532. {
  533. DWORD dwSts = pCardData->pfnCardGetChallenge(pCardData, pChallenge,dwcbChallenge);
  534. if (FAILED(dwSts))
  535. {
  536. dwcbChallenge = 0;
  537. return dwSts;
  538. }
  539. ERROUT(dwSts);
  540. return dwSts;
  541. }
  543. // Perform the PIN unblock, calling down to the card module, and assuming challenge-response
  544. // administrative authentication.
  545. //
  546. // The admin auth data is coming in as a case-unknown string from the user. Convert to binary,
  547. // and pass the converted blob to pfnCardUnblockPin
  549. DWORD DoCardUnblock(BYTE *pAuthData, DWORD dwcbAuthData,
  550. BYTE *pPinData, DWORD dwcbPinData)
  551. {
  553. WCHAR szName[] = wszCARD_USER_USER;
  554. //DoConvertWideStringToLowerCase(szName);
  556. // Convert the incoming buffer
  558. DWORD dwRet = pCardData->pfnCardUnblockPin(
  559. pCardData,
  560. szName,
  561. pAuthData,
  562. dwcbAuthData,
  563. pPinData,
  564. dwcbPinData,
  565. 0,
  566. CARD_UNBLOCK_PIN_CHALLENGE_RESPONSE);
  568. // this call should be unnecessary, as the unblock should deauth the admin
  569. // I can't reset the card from the card module interface, so I'll ask the user to remove
  570. // his card from the reader if deauth fails. In the real thing, I'll reset the card.
  572. pCardData->pfnCardDeauthenticate(
  573. pCardData,
  574. wszCARD_USER_USER,0);
  576. // Deallocate the buffer for the converted response
  577. ERROUT(dwRet);
  578. if (0 == dwRet) DoInvalidatePinCache();
  579. return dwRet;
  580. }