archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/protocols/schannel/utillib/enc.c

659 lines
19 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*-----------------------------------------------------------------------------
  2. * Copyright (C) Microsoft Corporation, 1995 - 1996.
  3. * All rights reserved.
  4. *
  5. * This file is part of the Microsoft Private Communication Technology
  6. * reference implementation, version 1.0
  7. *
  8. * The Private Communication Technology reference implementation, version 1.0
  9. * ("PCTRef"), is being provided by Microsoft to encourage the development and
  10. * enhancement of an open standard for secure general-purpose business and
  11. * personal communications on open networks. Microsoft is distributing PCTRef
  12. * at no charge irrespective of whether you use PCTRef for non-commercial or
  13. * commercial use.
  14. *
  15. * Microsoft expressly disclaims any warranty for PCTRef and all derivatives of
  16. * it. PCTRef and any related documentation is provided "as is" without
  17. * warranty of any kind, either express or implied, including, without
  18. * limitation, the implied warranties or merchantability, fitness for a
  19. * particular purpose, or noninfringement. Microsoft shall have no obligation
  20. * to provide maintenance, support, upgrades or new releases to you or to anyone
  21. * receiving from you PCTRef or your modifications. The entire risk arising out
  22. * of use or performance of PCTRef remains with you.
  23. *
  24. * Please see the file LICENSE.txt,
  25. * or http://pct.microsoft.com/pct/pctlicen.txt
  26. * for more information on licensing.
  27. *
  28. * Please see http://pct.microsoft.com/pct/pct.htm for The Private
  29. * Communication Technology Specification version 1.0 ("PCT Specification")
  30. *
  31. * 1/23/96
  32. *----------------------------------------------------------------------------*/
  34. #include <spbase.h>
  36. #include <ber.h>
  39. typedef struct __EncAlgs {
  40. DWORD Id;
  41. UCHAR Sequence[16];
  42. DWORD SequenceLen;
  43. } _EncAlgs;
  46. #define iso_member 0x2a, /* iso(1) memberbody(2) */
  47. #define us 0x86, 0x48, /* us(840) */
  48. #define rsadsi 0x86, 0xf7, 0x0d, /* rsadsi(113549) */
  49. #define pkcs 0x01, /* pkcs(1) */
  51. #define pkcs_1 iso_member us rsadsi pkcs
  52. #define pkcs_len 7
  53. #define rsa_dsi iso_member us rsadsi
  54. #define rsa_dsi_len 6
  56. #define joint_iso_ccitt_ds 0x55,
  57. #define attributetype 0x04,
  59. #define attributeType joint_iso_ccitt_ds attributetype
  60. #define attrtype_len 2
  63. _EncAlgs EncKnownAlgs[] =
  64. {
  65. {ALGTYPE_SIG_RSA_MD5, {pkcs_1 1, 4}, pkcs_len + 2},
  66. {ALGTYPE_KEYEXCH_RSA_MD5, {pkcs_1 1, 1}, pkcs_len + 2},
  67. {ALGTYPE_CIPHER_RC4_MD5, {rsa_dsi 3, 4}, rsa_dsi_len + 2},
  68. {ALGTYPE_KEYEXCH_DH, {pkcs_1 3, 1}, pkcs_len + 2},
  69. };
  73. typedef struct _NameTypes {
  74. PSTR Prefix;
  75. DWORD PrefixLen;
  76. UCHAR Sequence[8];
  77. DWORD SequenceLen;
  78. } NameTypes;
  80. #define CNTYPE_INDEX 0
  82. NameTypes EncKnownNameTypes[] =
  83. {
  84. {"CN=", 3, {attributeType 3}, attrtype_len + 1},
  85. {"C=", 2, {attributeType 6}, attrtype_len + 1},
  86. {"L=", 2, {attributeType 7}, attrtype_len + 1},
  87. {"S=", 2, {attributeType 8}, attrtype_len + 1},
  88. {"O=", 2, {attributeType 10}, attrtype_len + 1},
  89. {"OU=", 3, {attributeType 11}, attrtype_len + 1}
  90. };
  93. /************************************************************/
  94. /* EncodeLength ASN1 encodes a length field. The parameter */
  95. /* dwLen is the length to be encoded, it is a DWORD and */
  96. /* therefore may be no larger than 2^32. The pbEncoded */
  97. /* parameter is the encoded result, and memory must be */
  98. /* allocated for it by the caller. The Writeflag parameter */
  99. /* indicates if the result is to be written to the pbEncoded*/
  100. /* parameter. The function cannot fail and returns the */
  101. /* number of total bytes in the encoded length. */
  102. /* encoded length. */
  103. /************************************************************/
  105. // Notes: Encodes 0x0000 to 0x007f as <lobyte>
  106. // Encodes 0x0080 to 0x00ff as <81>, <lobyte>
  107. // Encodes 0x0100 to 0xffff as <82>, <hibyte>, <lobyte>
  109. long
  110. EncodeLength(
  111. BYTE * pbEncoded,
  112. DWORD dwLen,
  113. BOOL Writeflag)
  114. {
  115. // length is between 2^8 and 2^16 - 1
  117. if (dwLen > 0xFF)
  118. {
  119. if (Writeflag)
  120. {
  121. pbEncoded[0] = 0x82;
  122. pbEncoded[1] = (BYTE) (dwLen >> 8);
  123. pbEncoded[2] = (BYTE) dwLen;
  124. }
  125. return (3);
  126. }
  128. // length is between 2^7 and 2^8 - 1
  130. if (dwLen > 0x7F)
  131. {
  132. if (Writeflag)
  133. {
  134. pbEncoded[0] = 0x81;
  135. pbEncoded[1] = (BYTE) dwLen;
  136. }
  137. return (2);
  138. }
  140. // length is between 0 and 2^7 - 1
  142. if (Writeflag)
  143. {
  144. pbEncoded[0] = (BYTE) dwLen;
  145. }
  146. return (1);
  147. }
  150. /****************************************************************/
  151. /* EncodeInteger ASN1 encodes an integer. The pbInt parameter */
  152. /* is the integer as an array of bytes, and dwLen is the number */
  153. /* of bytes in the array. The least significant byte of the */
  154. /* integer is the zeroth byte of the array. The encoded result */
  155. /* is passed back in the pbEncoded parameter. The Writeflag */
  156. /* indicates if the result is to be written to the pbEncoded */
  157. /* parameter. The function cannot fail and returns the number */
  158. /* of total bytes in the encoded integer. */
  159. /* This implementation will only deal with positive integers. */
  160. /****************************************************************/
  162. long
  163. EncodeInteger(
  164. BYTE *pbEncoded,
  165. BYTE *pbInt,
  166. DWORD dwLen,
  167. BOOL Writeflag)
  168. {
  169. DWORD i;
  170. long j; // Must be signed!
  171. BYTE *pb = pbEncoded;
  173. if (Writeflag)
  174. {
  175. *pb = INTEGER_TAG;
  176. }
  177. pb++;
  179. /* find the most significant non-zero byte */
  181. for (i = dwLen - 1; pbInt[i] == 0; i--)
  182. {
  183. if (i == 0) /* if the integer value is 0 */
  184. {
  185. if (Writeflag)
  186. {
  187. pb[0] = 0x01;
  188. pb[1] = 0x00;
  189. }
  190. return(3);
  191. }
  192. }
  194. /* if the most significant bit of the most sig byte is set */
  195. /* then need to add a 0 byte to the beginning. */
  197. if (pbInt[i] > 0x7F)
  198. {
  199. /* encode the length */
  200. pb += EncodeLength(pb, i + 2, Writeflag);
  202. if (Writeflag)
  203. {
  204. /* set the first byte of the integer to 0 and increment pointer */
  205. *pb = 0;
  206. }
  207. pb++;
  208. }
  209. else
  210. {
  211. /* encode the length */
  212. pb += EncodeLength(pb, i + 1, Writeflag);
  213. }
  215. /* copy the integer bytes into the encoded buffer */
  216. if (Writeflag)
  217. {
  218. /* copy the integer bytes into the encoded buffer */
  219. for (j = i; j >= 0; j--)
  220. {
  221. *pb++ = pbInt[j];
  222. }
  223. }
  224. else
  225. {
  226. pb += i;
  227. }
  228. return (long)(pb - pbEncoded);
  229. }
  232. /****************************************************************/
  233. /* EncodeString ASN1 encodes a character string. The pbStr */
  234. /* parameter is the string as an array of characters, and dwLen */
  235. /* is the number of characters in the array. The encoded result*/
  236. /* is passed back in the pbEncoded parameter. The Writeflag */
  237. /* indicates if the result is to be written to the pbEncoded */
  238. /* parameter. The function cannot fail and returns the number */
  239. /* of total bytes in the encoded string. */
  240. /****************************************************************/
  242. long
  243. EncodeString(
  244. BYTE * pbEncoded,
  245. BYTE * pbStr,
  246. DWORD dwLen,
  247. BOOL Writeflag)
  248. {
  249. long lengthlen;
  251. if (Writeflag)
  252. {
  253. *pbEncoded++ = CHAR_STRING_TAG;
  254. }
  255. lengthlen = EncodeLength(pbEncoded, dwLen, Writeflag);
  257. if (Writeflag)
  258. {
  259. CopyMemory(pbEncoded + lengthlen, pbStr, dwLen);
  260. }
  261. return(1 + lengthlen + dwLen);
  262. }
  265. /****************************************************************/
  266. /* EncodeOctetString ASN1 encodes a string of hex valued */
  267. /* characters. The pbStr parameter is an array of characters, */
  268. /* and dwLen is the number of characters in the array. The */
  269. /* encoded result is passed back in the pbEncoded parameter. The*/
  270. /* Writeflag parameter indicates if the result is to be written */
  271. /* to the pbEncoded parameter. The function cannot fail and */
  272. /* returns the number of total bytes in the encoded octet string*/
  273. /****************************************************************/
  275. long
  276. EncodeOctetString(
  277. BYTE * pbEncoded,
  278. BYTE * pbStr,
  279. DWORD dwLen,
  280. BOOL Writeflag)
  281. {
  282. long lengthlen;
  284. if (Writeflag)
  285. {
  286. *pbEncoded++ = OCTET_STRING_TAG;
  287. }
  288. lengthlen = EncodeLength(pbEncoded, dwLen, Writeflag);
  290. if (Writeflag)
  291. {
  292. CopyMemory(pbEncoded + lengthlen, pbStr, dwLen);
  293. }
  294. return(1 + lengthlen + dwLen);
  295. }
  298. /****************************************************************/
  299. /* EncodeBitString ASN1 encodes a string of bit characters. The */
  300. /* pbStr parameter is an array of characters (bits), and dwLen */
  301. /* is the number of characters in the array. The encoded result*/
  302. /* is passed back in the pbEncoded parameter. The Writeflag */
  303. /* indicates if the result is to be written to the pbEncoded */
  304. /* parameter. The function cannot fail and returns the number */
  305. /* of total bytes in the encoded string. This function uses */
  306. /* the DER. */
  307. /****************************************************************/
  308. long
  309. EncodeBitString(
  310. BYTE * pbEncoded,
  311. BYTE * pbStr,
  312. DWORD dwLen,
  313. BOOL Writeflag)
  314. {
  315. long lengthlen;
  317. if (Writeflag)
  318. {
  319. *pbEncoded++ = BIT_STRING_TAG;
  320. }
  322. lengthlen = EncodeLength(pbEncoded, dwLen + 1, Writeflag);
  324. if (Writeflag)
  325. {
  326. pbEncoded += lengthlen;
  328. // the next byte tells how many unused bits there are in the last byte,
  329. // but this will always be zero in this implementation (DER)
  331. *pbEncoded++ = 0;
  332. CopyMemory(pbEncoded, pbStr, dwLen);
  333. }
  334. return(1 + lengthlen + 1 + (long) dwLen);
  335. }
  338. /****************************************************************/
  339. /* EncodeHeader ASN1 encodes a header for a sequence type. The */
  340. /* dwLen is the length of the encoded information in the */
  341. /* sequence. The Writeflag indicates if the result is to be */
  342. /* written to the pbEncoded parameter. The function cannot */
  343. /* fail and returns the number of total bytes in the encoded */
  344. /* header. */
  345. /****************************************************************/
  347. // Notes: Encodes header as <SEQUENCE_TAG>, <length>
  349. long
  350. EncodeHeader(
  351. BYTE * pbEncoded,
  352. DWORD dwLen,
  353. BOOL Writeflag)
  354. {
  355. if (Writeflag)
  356. {
  357. *pbEncoded++ = SEQUENCE_TAG;
  358. }
  359. return(1 + EncodeLength(pbEncoded, dwLen, Writeflag));
  360. }
  363. /****************************************************************/
  364. /* EncodeSetOfHeader ASN1 encodes a header for a set of type. */
  365. /* The dwLen is the length of the encoded information in the */
  366. /* set of. The Writeflag indicates if the result is to be */
  367. /* written to the pbEncoded parameter. The function cannot */
  368. /* fail and returns the number of total bytes in the encoded */
  369. /* header. */
  370. /****************************************************************/
  372. // Notes: Encodes header as <SET_OF_TAG>, <length>
  374. long
  375. EncodeSetOfHeader(
  376. BYTE * pbEncoded,
  377. DWORD dwLen,
  378. BOOL Writeflag)
  379. {
  380. if (Writeflag)
  381. {
  382. *pbEncoded++ = SET_OF_TAG;
  383. }
  384. return(1 + EncodeLength(pbEncoded, dwLen, Writeflag));
  385. }
  388. // Notes: Encodes header as <ATTRIBUTE_TAG>, <length>
  390. long
  391. EncodeAttributeHeader(
  392. BYTE * pbEncoded,
  393. DWORD dwLen,
  394. BOOL Writeflag)
  395. {
  396. if (Writeflag)
  397. {
  398. *pbEncoded++ = ATTRIBUTE_TAG;
  399. }
  400. return(1 + EncodeLength(pbEncoded, dwLen, Writeflag));
  401. }
  404. // Notes: Encodes header as <BER_SET>, <length>
  406. long
  407. EncodeSetHeader(
  408. BYTE * pbEncoded,
  409. DWORD dwLen,
  410. BOOL WriteFlag)
  411. {
  412. if (WriteFlag)
  413. {
  414. *pbEncoded++ = BER_SET;
  415. }
  416. return(1 + EncodeLength(pbEncoded, dwLen, WriteFlag));
  417. }
  421. /****************************************************************/
  422. /* EncodeName ASN1 encodes a Name type. The pbName parameter is */
  423. /* the name and dwLen is the length of the name in bytes. */
  424. /* The Writeflag indicates if the result is to be written to */
  425. /* the pbEncoded parameter. The function cannot fail and */
  426. /* returns the number of total bytes in the encoded name. */
  427. /****************************************************************/
  429. long
  430. EncodeName(
  431. BYTE * pbEncoded,
  432. BYTE * pbName,
  433. DWORD dwLen,
  434. BOOL Writeflag)
  435. {
  436. BYTE Type[MAXOBJIDLEN];
  437. long TypeLen;
  438. BYTE Value[MAXNAMEVALUELEN+MINHEADERLEN];
  439. long ValueLen;
  440. BYTE Attribute[MAXNAMELEN];
  441. long AttributeLen;
  442. BYTE SetHdr[MINHEADERLEN];
  443. long HdrLen;
  444. long NameLen;
  446. /* encode the name value */
  447. ValueLen = EncodeString(Value, pbName, dwLen, Writeflag);
  448. SP_ASSERT(ValueLen > 0 && ValueLen <= sizeof(Value));
  450. /* encode the attribute type, this is an object identifier and here it */
  451. /* is a fake encoding */
  452. Type[0] = 0x06;
  453. Type[1] = 0x01;
  454. Type[2] = 0x00;
  456. TypeLen = 3;
  458. /* enocde the header for the attribute */
  459. AttributeLen = EncodeHeader(
  460. Attribute,
  461. (DWORD) (ValueLen + TypeLen),
  462. Writeflag);
  463. SP_ASSERT(AttributeLen > 0);
  464. SP_ASSERT(AttributeLen + TypeLen + ValueLen <= sizeof(Attribute));
  466. /* copy the attribute type and value into the attribute */
  467. CopyMemory(Attribute + AttributeLen, Type, (size_t) TypeLen);
  468. AttributeLen += TypeLen;
  469. CopyMemory(Attribute + AttributeLen, Value, (size_t) ValueLen);
  470. AttributeLen += ValueLen;
  472. /* encode set of header */
  473. HdrLen = EncodeSetOfHeader(SetHdr, (DWORD) AttributeLen, Writeflag);
  474. SP_ASSERT(HdrLen > 0 && HdrLen <= sizeof(SetHdr));
  476. /* encode Name header */
  477. NameLen = EncodeHeader(
  478. pbEncoded,
  479. (DWORD) (HdrLen + AttributeLen),
  480. Writeflag);
  481. SP_ASSERT(NameLen > 0);
  483. CopyMemory(pbEncoded + NameLen, SetHdr, (size_t) HdrLen);
  484. NameLen += HdrLen;
  485. CopyMemory(pbEncoded + NameLen, Attribute, (size_t) AttributeLen);
  487. return(NameLen + AttributeLen);
  488. }
  490. long
  491. EncodeRDN(
  492. BYTE * pbEncoded,
  493. PSTR pszRDN,
  494. BOOL WriteFlag)
  495. {
  496. LONG Result;
  497. DWORD RelLength;
  498. long Length;
  499. NameTypes *pNameType;
  500. char ach[4];
  502. SP_ASSERT(pszRDN != NULL);
  503. if (pszRDN[0] == '\0' ||
  504. pszRDN[1] == '\0' ||
  505. pszRDN[2] == '\0' ||
  506. (pszRDN[1] != '=' && pszRDN[2] != '='))
  507. {
  508. return(-1);
  509. }
  510. ach[0] = pszRDN[0];
  511. ach[1] = pszRDN[1];
  512. if (ach[1] == '=')
  513. {
  514. ach[2] = '\0';
  515. }
  516. else
  517. {
  518. ach[2] = pszRDN[2];
  519. ach[3] = '\0';
  520. }
  522. for (pNameType = EncKnownNameTypes; ; pNameType++)
  523. {
  524. if (pNameType ==
  525. &EncKnownNameTypes[sizeof(EncKnownNameTypes) /
  526. sizeof(EncKnownNameTypes[0])])
  527. {
  528. return(-1);
  529. }
  530. SP_ASSERT(lstrlen(pNameType->Prefix) < sizeof(ach));
  531. if (lstrcmpi(ach, pNameType->Prefix) == 0)
  532. {
  533. break;
  534. }
  535. }
  537. RelLength = lstrlen(&pszRDN[pNameType->PrefixLen]);
  539. // Prefix data takes up 9 bytes
  541. Length = EncodeSetHeader(pbEncoded, RelLength + 9, WriteFlag);
  542. pbEncoded += Length;
  544. Result = EncodeHeader(pbEncoded, RelLength + 7, WriteFlag);
  545. pbEncoded += Result;
  546. Length += Result + 2 + pNameType->SequenceLen;
  548. if (WriteFlag)
  549. {
  550. *pbEncoded++ = OBJECT_ID_TAG;
  551. *pbEncoded++ = (BYTE) pNameType->SequenceLen;
  553. CopyMemory(pbEncoded, pNameType->Sequence, pNameType->SequenceLen);
  554. pbEncoded += pNameType->SequenceLen;
  556. *pbEncoded++ =
  557. pNameType == &EncKnownNameTypes[CNTYPE_INDEX]?
  558. TELETEX_STRING_TAG : PRINTABLE_STRING_TAG;
  560. }
  561. Length++;
  563. Result = EncodeLength(pbEncoded, RelLength, WriteFlag);
  564. Length += Result;
  566. if (WriteFlag)
  567. {
  568. CopyMemory(
  569. pbEncoded + Result,
  570. &pszRDN[pNameType->PrefixLen],
  571. RelLength);
  572. }
  573. return(Length + RelLength);
  574. }
  576. long
  577. EncodeDN(
  578. BYTE * pbEncoded,
  579. PSTR pszDN,
  580. BOOL WriteFlag)
  581. {
  582. PSTR pszRDN;
  583. long Result = 0;
  584. long Length;
  585. long SaveResult;
  587. SP_ASSERT(pszDN != NULL);
  589. SaveResult = 0; // force one full iteration
  590. Length = 2 * lstrlen(pszDN); // your guess is as good as mine
  591. while (TRUE)
  592. {
  593. PSTR pszNext;
  594. BYTE *pb;
  596. pb = pbEncoded;
  598. Result = EncodeHeader(pb, Length, WriteFlag);
  599. if (SaveResult == Result)
  600. {
  601. break;
  602. }
  603. pb += Result;
  604. SaveResult = Result;
  606. Length = 0;
  607. pszRDN = pszDN;
  608. while (*pszRDN != '\0')
  609. {
  610. for (pszNext = pszRDN; ; pszNext++)
  611. {
  612. if (*pszNext == ',')
  613. {
  614. *pszNext = '\0';
  615. break;
  616. }
  617. if (*pszNext == '\0')
  618. {
  619. pszNext = NULL;
  620. break;
  621. }
  622. }
  624. Result = EncodeRDN(pb, pszRDN, WriteFlag);
  626. // Restore the comma before checking for error
  628. if (NULL != pszNext)
  629. {
  630. *pszNext = ',';
  631. }
  632. if (Result < 0)
  633. {
  634. DebugLog((DEB_TRACE, "EncodeDN: Error: %s\n", pszRDN));
  635. Length = 0;
  636. goto error; // return(-1)
  637. }
  639. pb += Result;
  640. Length += Result;
  642. if (NULL == pszNext)
  643. {
  644. break;
  645. }
  647. pszRDN = pszNext + 1;
  648. while (*pszRDN == ' ')
  649. {
  650. pszRDN++;
  651. }
  652. DebugLog((DEB_TRACE, "EncodeDN: Length = %d\n", Length));
  653. }
  654. }
  655. SP_ASSERT(0 != SaveResult);
  656. error:
  657. return(Result + Length);
  658. }