Leaked source code of windows server 2003
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
/* context.h */
#ifndef DSSCSP_CONTEXT_H
#define DSSCSP_CONTEXT_H
#include <nt.h>
#include <ntrtl.h>
#include <nturtl.h>
#include <crypt.h>
#include <windows.h>
#include <crtdbg.h>
#include <csp.h>
#include <randlib.h>
#include <des.h>
#include <sha.h>
#ifdef CSP_USE_MD5
#include "md5.h"
#endif
#ifdef CSP_USE_SHA1
#include "sha.h"
#endif
// definition for disabling encryption in France
#define CRYPT_DISABLE_CRYPT 0x1
/*********************************//* Definitions *//*********************************/
#define KEY_MAGIC 0xBADF
/* State definitions */#define KEY_INIT 0x0001
#define MAX_BLOCKLEN 8
// types of key storage
#define PROTECTED_STORAGE_KEYS 1
#define PROTECTION_API_KEYS 2
#define HASH_MAGIC 0xBADE
/* State Flags */#define HASH_INIT 0x0001
#define HASH_DATA 0x0002
#define HASH_FINISH 0x0004
#define MAX_HASH_LEN 20
#define CRYPT_BLKLEN 8
#define HMAC_DEFAULT_STRING_LEN 64
#define HMAC_STARTED 1
#define HMAC_FINISHED 2
/*********************************//* Structure Definitions *//*********************************/
typedef struct _Key_t_ { int magic; // Magic number
void *pContext; int state; // State of object
ALG_ID algId; // Algorithm Id
DWORD flags; // General flags associated with key
void *algParams; // Parameters for algorithm
uchar IV[MAX_BLOCKLEN]; uchar Temp_IV[MAX_BLOCKLEN]; uchar *pbKey; DWORD cbKey; uchar *pbSalt; DWORD cbSalt; BYTE *pbData; DWORD cbData; DWORD cbEffectiveKeyLen; int mode; int pad; int mode_bits; BOOL InProgress; // if key is being used
BOOL fUIOnKey; // flag to indicate if UI was to be set on the key
} Key_t;
// Packed version of Key_t. This is used when building opaque
// blobs, and is necessary to properly support WOW64 operation.
typedef struct _Packed_Key_t_ { // BLOBHEADER
int magic; // Magic number
int state; // State of object
ALG_ID algId; // Algorithm Id
DWORD flags; // General flags associated with key
uchar IV[MAX_BLOCKLEN]; uchar Temp_IV[MAX_BLOCKLEN]; DWORD cbKey; DWORD cbData; DWORD cbEffectiveKeyLen; int mode; int pad; int mode_bits; BOOL InProgress; // if key is being used
BOOL fUIOnKey; // flag to indicate if UI was to be set on the key
// cbKey data bytes
// cbData data bytes
} Packed_Key_t;
typedef struct { int magic; // Magic number
void *pContext; // associated context
int state; // State of hash object
ALG_ID algId; // Algorithm Id
DWORD size; // Size of hash
void *pMAC; // pointer to mac state
BYTE hashval[MAX_HASH_LEN]; BYTE *pbData; DWORD cbData; Key_t *pKey; BOOL fInternalKey; ALG_ID HMACAlgid; DWORD HMACState; BYTE *pbHMACInner; DWORD cbHMACInner; BYTE *pbHMACOuter; DWORD cbHMACOuter; union {#if _WIN64
//
// fake member to cause 8byte alignment.
//
ULONGLONG Padding;#endif
#ifdef CSP_USE_MD5
MD5_CTX md5;#endif // CSP_USE_MD5
#ifdef CSP_USE_SHA1
A_SHA_CTX sha;#endif // CSP_USE_SHA1
} algData;} Hash_t;
/*********************************//* Definitions *//*********************************/
#define CONTEXT_MAGIC 0xDEADBEEF
#define CONTEXT_RANDOM_LENGTH 20
typedef struct _PStore_Info{ HINSTANCE hInst; void *pProv; GUID SigType; GUID SigSubtype; GUID ExchType; GUID ExchSubtype; LPWSTR szPrompt; DWORD cbPrompt;} PSTORE_INFO;
/*********************************//* Structure Definitions *//*********************************/
typedef struct { DWORD magic; // Magic number
DWORD dwProvType; // Type of provider being called as
LPSTR szProvName; // Name of provider being called as
BOOL fMachineKeyset; // TRUE if keyset is for machine
DWORD rights; // Privileges
BOOL fIsLocalSystem; // check if running as local system
KEY_CONTAINER_INFO ContInfo; Key_t *pSigKey; // pointer to the DSS sig key
Key_t *pKExKey; // pointer to the DH key exchange key
HKEY hKeys; // Handle to registry
DWORD dwEnumalgs; // index for enumerating algorithms
DWORD dwEnumalgsEx; // index for enumerating algorithms
DWORD dwiSubKey; // index for enumerating containers
DWORD dwMaxSubKey; // max number of containers
void *contextData; // Context specific data
CRITICAL_SECTION CritSec; // critical section for decrypting keys
HWND hWnd; // handle to window for UI
PSTORE_INFO *pPStore; // pointer to PStore information
LPWSTR pwszPrompt; // UI prompt to be used
DWORD dwOldKeyFlags; // flags to tell how keys should be migrated
DWORD dwKeysetType; // type of storage used
HANDLE hRNGDriver; // handle to hardware RNG driver
EXPO_OFFLOAD_STRUCT *pOffloadInfo; // info for offloading modular expo
DWORD dwPolicyId; // Index into policy keylengh arrays.
BYTE rgbSigEncryptedX [RTL_ENCRYPT_MEMORY_SIZE + (SHA_DWORDS * sizeof(DWORD))]; BYTE rgbKExEncryptedX [RTL_ENCRYPT_MEMORY_SIZE + (DSA_P_MAXDWORDS * sizeof(DWORD))];} Context_t;
/*********************************//* Policy Definitions *//*********************************/
extern PROV_ENUMALGS_EX *g_AlgTables[];// NOTE -- These definitions must match the order of entries in g_AlgTables.
#define POLICY_DSS_BASE 0 // Policy for MS_DEF_DSS_PROV
#define POLICY_DSSDH_BASE 1 // Policy for MS_DEF_DSS_DH_PROV
#define POLICY_DSSDH_ENHANCED 2 // Policy for MS_ENH_DSS_DH_PROV
#define POLICY_DSSDH_SCHANNEL 3 // Policy for MS_DEF_DH_SCHANNEL_PROV
/*********************************//* Function Definitions *//*********************************/
extern voidfreeContext( Context_t *pContext);
extern Context_t *checkContext( HCRYPTPROV hProv);
extern Context_t *allocContext( void);
// Initialize a context
extern DWORDinitContext( IN OUT Context_t *pContext, IN DWORD dwFlags, IN DWORD dwProvType, IN LPCSTR szProvName, IN DWORD dwPolicyId);
extern HCRYPTPROVAddContext( Context_t *pContext);
extern HCRYPTHASHaddContextHash( Context_t *pContext, Hash_t *pHash);
extern Hash_t *checkContextHash( Context_t *pContext, HCRYPTHASH hHash);
// Add key to context
extern HCRYPTKEYaddContextKey( Context_t *pContext, Key_t *pKey);
// Check if key exists in context
extern Key_t *checkContextKey( IN Context_t *pContext, IN HCRYPTKEY hKey);
// random number generation prototype
extern DWORDFIPS186GenRandom( IN HANDLE hRNGDriver, IN BYTE **ppbContextSeed, IN DWORD *pcbContextSeed, IN OUT BYTE *pb, IN DWORD cb);
// Scrub sensitive data from memory
extern voidmemnuke( volatile BYTE *pData, DWORD dwLen);
#include "dh_key.h"
extern void ScrubPrivateKeyInMemory( IN DHKey_t *pDH, IN BOOL fSigKey);
extern DWORD EncryptPrivateKeyInMemory( IN Context_t *pContext, IN DHKey_t *pDH, IN ALG_ID AlgId);
extern DWORD DecryptPrivateKeyInMemory( IN Context_t *pContext, IN DHKey_t *pDH, IN ALG_ID AlgId);
#endif
|
