archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/inetsrv/iis/inc/icrypt.hxx

728 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1997 Microsoft Corporation
  5. Module Name:
  7. icrypt.hxx
  9. Abstract:
  11. C++ wrappers around the IISCrypto APIs.
  13. This module contains the declarations for one base class and three
  14. derived classes:
  16. IIS_CRYPTO_BASE
  17. |
  18. +--- IIS_CRYPTO_STORAGE
  19. |
  20. +--- IIS_CRYPTO_EXCHANGE_BASE
  21. |
  22. +--- IIS_CRYPTO_EXCHANGE_CLIENT
  23. |
  24. +--- IIS_CRYPTO_EXCHANGE_SERVER
  26. IIS_CRYPTO_BASE is a general base class, containing the crypto
  27. provider handle, as well as the key exchange and signature handles.
  28. This class also provides a couple of member functions used by the
  29. derived classes.
  31. IIS_CRYPTO_STORAGE is used by applications that need to store or
  32. transfer data in a secure manner. This class provides services
  33. for data encryption and descryption.
  35. IIS_CRYPTO_EXCHANGE_BASE is a general base class for the key
  36. exchange classes.
  38. IIS_CRYPTO_EXCHANGE_CLIENT is used by the client (i.e. sending)
  39. side of the multi-phase key exchange protocol.
  41. IIS_CRYPTO_EXCHANGE_SERVER is used by the server (i.e. receiving)
  42. side of the multi-phase key exchange protocol.
  44. The multi-phase key exchange protocol consists of the following
  45. steps:
  47. Phase 1 (client.1):
  49. 1. Export public key exchange and signature blobs.
  50. 2. Send blobs to server.
  52. Phase 2 (server.1):
  54. 1. Import client's public key exchange and signature blobs.
  55. 2. Export public key exchange and signature blobs.
  56. 3. Send blobs to client.
  57. 4. Generate random session key (call it Ka).
  58. 5. Encrypt session key with client's key exchange key.
  59. 6. Send encrypted session key to client.
  61. Phase 3 (client.2):
  63. 1. Import server's public key exchange and signature blobs.
  64. 2. Import encrypted session key.
  65. 3. Generate random session key (call it Kb).
  66. 4. Encrypt session key with server's key exchange key.
  67. 5. Send encrypted session key to server.
  68. 6. Generate hash containing Ka, Kb, and string "Phase 3".
  69. 7. Send hash to the server.
  71. Phase 4 (server.2):
  73. 1. Import encrypted session key.
  74. 2. Validate client's hash.
  75. 3. Generate hash containing Kb and string "Phase 4".
  76. 4. Send hash to the client.
  78. Phase 5 (client.3):
  80. 1. Validate server's hash.
  82. The end result is that each side has two session keys: one for
  83. sending encrypted data, one for receiving encrypted data. Each of
  84. these keys is represented by a IIS_CRYPTO_STORAGE class.
  86. A few notes about the Win32 crypto APIs, IE4, and impersonating
  87. threads...
  89. IE4 has changed the relationship between crypto key containers and
  90. security context. In the pre-IE4 days, whenever an application
  91. acquired a crypto context, the crypto APIs opened the necessary
  92. registry keys and kept them open until the context was released.
  93. With IE4 installed (actually this is an issue with the Protected
  94. Storage service that's installed with IE4) the crypto container
  95. registry keys are NOT opened when the context is aquired, they are
  96. are opened on demand when they're first needed. This causes much
  97. grief for us, as we may acquire the crypto context in one security
  98. context then try to import/whatever in another security context.
  100. The hack (er, solution) implemented in these classes is to try the
  101. import/whatever operation in the current security context. If that
  102. operation fails and the current thread has an impersonation token,
  103. then we "revert to self" and retry the operation.
  105. This solution has the blessing of the NT crypto team (specifically,
  106. Jeff Spelman).
  108. Author:
  110. Keith Moore (keithmo) 02-Dec-1996
  112. Revision History:
  114. --*/
  117. #ifndef _ICRYPT_HXX_
  118. #define _ICRYPT_HXX_
  121. //
  122. // Get the IIS Crypto stuff.
  123. //
  125. #include <iiscrypt.h>
  128. //
  129. // The base crypto class. This class contains the provider handle
  130. // and the public (key exchange & signature) handles. This is intended
  131. // as a base class for IIS_CRYPTO_STORAGE and IIS_CRYPTO_EXCHANGE_BASE.
  132. //
  135. class IIS_CRYPTO_BASE {
  137. public:
  139. //
  140. // Constructor/destructor.
  141. //
  143. IIS_CRYPTO_BASE();
  144. ~IIS_CRYPTO_BASE();
  146. //
  147. // Static method to open a crypto container by name. This method
  148. // performs all of the games necessary to open a container, even
  149. // if we're running in an impersonated security context.
  150. //
  152. static
  153. HRESULT
  154. GetCryptoContainerByName(
  155. OUT HCRYPTPROV * phProv,
  156. IN LPTSTR pszContainerName,
  157. IN DWORD dwAdditionalFlags,
  158. IN BOOL fApplyAcl
  159. );
  161. //
  162. // Initialize the crypto context.
  163. //
  165. HRESULT
  166. Initialize(
  167. IN HCRYPTPROV hProv = CRYPT_NULL,
  168. IN HCRYPTKEY hKeyExchangeKey = CRYPT_NULL,
  169. IN HCRYPTKEY hSignatureKey = CRYPT_NULL,
  170. IN BOOL fUseMachineKeyset = FALSE
  171. );
  173. HRESULT
  174. Initialize2(
  175. IN HCRYPTPROV hProv = CRYPT_NULL
  176. );
  178. //
  179. // Query the key exchange key as a public key blob.
  180. //
  182. HRESULT
  183. GetKeyExchangeKeyBlob(
  184. OUT PIIS_CRYPTO_BLOB * ppKeyExchangeKeyBlob
  185. );
  187. //
  188. // Query the signature key as a public key blob.
  189. //
  191. HRESULT
  192. GetSignatureKeyBlob(
  193. OUT PIIS_CRYPTO_BLOB * ppSignatureKeyBlob
  194. );
  196. //
  197. // Accessors.
  198. //
  200. HCRYPTPROV
  201. QueryProviderHandle()
  202. {
  203. return m_hProv;
  204. }
  206. protected:
  208. //
  209. // A handle to a crypto service provider.
  210. //
  212. HCRYPTPROV m_hProv;
  213. BOOL m_fCloseProv;
  215. //
  216. // A handle to our key exchange key.
  217. //
  219. HCRYPTKEY m_hKeyExchangeKey;
  221. //
  222. // A handle to our signature key.
  223. //
  225. HCRYPTKEY m_hSignatureKey;
  227. #if DBG
  229. //
  230. // Validate object state.
  231. //
  233. BOOL
  234. ValidateState();
  236. BOOL
  237. ValidateState2();
  239. #endif
  241. //
  242. // Wrappers around the corresponding IISCryptoXxx() routines that
  243. // Do The Right Thing when the current thread has an impersonation
  244. // token.
  245. //
  247. static
  248. HRESULT
  249. SafeImportSessionKeyBlob(
  250. OUT HCRYPTKEY * phSessionKey,
  251. IN PIIS_CRYPTO_BLOB pSessionKeyBlob,
  252. IN HCRYPTPROV hProv,
  253. IN HCRYPTKEY hSignatureKey
  254. );
  256. static
  257. HRESULT
  258. SafeImportSessionKeyBlob2(
  259. OUT HCRYPTKEY * phSessionKey,
  260. IN PIIS_CRYPTO_BLOB pSessionKeyBlob,
  261. IN HCRYPTPROV hProv,
  262. IN LPSTR pszPasswd
  263. );
  265. static
  266. HRESULT
  267. SafeExportSessionKeyBlob(
  268. OUT PIIS_CRYPTO_BLOB * ppSessionKeyBlob,
  269. IN HCRYPTPROV hProv,
  270. IN HCRYPTKEY hSessionKey,
  271. IN HCRYPTKEY hKeyExchangeKey
  272. );
  274. static
  275. HRESULT
  276. SafeExportSessionKeyBlob2(
  277. OUT PIIS_CRYPTO_BLOB * ppSessionKeyBlob,
  278. IN HCRYPTPROV hProv,
  279. IN HCRYPTKEY hSessionKey,
  280. IN LPSTR pszPasswd
  281. );
  283. static
  284. HRESULT
  285. SafeEncryptDataBlob(
  286. OUT PIIS_CRYPTO_BLOB * ppDataBlob,
  287. IN PVOID pBuffer,
  288. IN DWORD dwBufferLength,
  289. IN DWORD dwRegType,
  290. IN HCRYPTPROV hProv,
  291. IN HCRYPTKEY hSessionKey
  292. );
  294. static
  295. HRESULT
  296. SafeEncryptDataBlob2(
  297. OUT PIIS_CRYPTO_BLOB * ppDataBlob,
  298. IN PVOID pBuffer,
  299. IN DWORD dwBufferLength,
  300. IN DWORD dwRegType,
  301. IN HCRYPTPROV hProv,
  302. IN HCRYPTKEY hSessionKey
  303. );
  305. //
  306. // Thread token manipulators.
  307. //
  309. static
  310. HRESULT
  311. GetThreadImpersonationToken(
  312. OUT HANDLE * Token
  313. );
  315. static
  316. HRESULT
  317. SetThreadImpersonationToken(
  318. IN HANDLE Token
  319. );
  321. static
  322. BOOL
  323. AmIRunningInTheLocalSystemContext(
  324. VOID
  325. );
  327. }; // IIS_CRYPTO_BASE
  330. class IIS_CRYPTO_STORAGE : public IIS_CRYPTO_BASE {
  332. public:
  334. //
  335. // Constructor/destructor.
  336. //
  338. IIS_CRYPTO_STORAGE();
  339. ~IIS_CRYPTO_STORAGE();
  341. //
  342. // Initialize the crypto context, generating a new (random) session
  343. // key.
  344. //
  346. HRESULT
  347. Initialize(
  348. IN BOOL fUseMachineKeyset = FALSE,
  349. IN HCRYPTPROV hProv = CRYPT_NULL
  350. );
  352. //
  353. // Initialize the crypto context, importing the session key from the
  354. // given session key blob.
  355. //
  357. HRESULT
  358. Initialize(
  359. IN PIIS_CRYPTO_BLOB pSessionKeyBlob,
  360. IN BOOL fUseMachineKeyset = FALSE,
  361. IN HCRYPTPROV hProv = CRYPT_NULL
  362. );
  364. //
  365. // Initialize the crypto context, using pre-created provider,
  366. // session, key exchange, and signature keys.
  367. //
  369. HRESULT
  370. Initialize(
  371. IN HCRYPTPROV hProv,
  372. IN HCRYPTKEY hSessionKey,
  373. IN HCRYPTKEY hKeyExchangeKey,
  374. IN HCRYPTKEY hSignatureKey,
  375. IN BOOL fUseMachineKeyset = FALSE
  376. );
  378. //
  379. // Query the session key as a session key blob.
  380. //
  382. HRESULT
  383. GetSessionKeyBlob(
  384. OUT PIIS_CRYPTO_BLOB * ppSessionKeyBlob
  385. );
  387. //
  388. // Encrypt data into a data blob.
  389. //
  391. virtual
  392. HRESULT
  393. EncryptData(
  394. OUT PIIS_CRYPTO_BLOB * ppDataBlob,
  395. IN PVOID pBuffer,
  396. IN DWORD dwBufferLength,
  397. IN DWORD dwRegType
  398. );
  400. //
  401. // Decrypt data from a data blob.
  402. //
  404. virtual
  405. HRESULT
  406. DecryptData(
  407. OUT PVOID * ppBuffer,
  408. OUT LPDWORD pdwBufferLength,
  409. OUT LPDWORD pdwRegType,
  410. IN PIIS_CRYPTO_BLOB pDataBlob
  411. );
  413. protected:
  415. //
  416. // A handle to the session key.
  417. //
  419. HCRYPTKEY m_hSessionKey;
  421. #if DBG
  423. //
  424. // Validate object state.
  425. //
  426. virtual
  427. BOOL
  428. ValidateState();
  430. #endif
  432. }; // IIS_CRYPTO_STORAGE
  434. class IIS_CRYPTO_STORAGE2 : public IIS_CRYPTO_STORAGE {
  436. public:
  438. //
  439. // Constructor/destructor.
  440. //
  442. IIS_CRYPTO_STORAGE2(){}
  443. ~IIS_CRYPTO_STORAGE2(){}
  445. //
  446. // Initialize the crypto context, generating a new (random) session
  447. // key.
  448. //
  450. HRESULT
  451. Initialize(
  452. IN HCRYPTPROV hProv = CRYPT_NULL
  453. );
  455. //
  456. // Initialize the crypto context, importing the session key from the
  457. // given session key blob.
  458. //
  460. HRESULT
  461. Initialize(
  462. IN PIIS_CRYPTO_BLOB pSessionKeyBlob,
  463. IN LPSTR pszPasswd,
  464. IN HCRYPTPROV hProv = CRYPT_NULL
  465. );
  467. HRESULT
  468. GetSessionKeyBlob(
  469. IN LPSTR pszPasswd,
  470. OUT PIIS_CRYPTO_BLOB * ppSessionKeyBlob
  471. );
  473. //
  474. // Encrypt data into a data blob.
  475. //
  477. HRESULT
  478. EncryptData(
  479. OUT PIIS_CRYPTO_BLOB * ppDataBlob,
  480. IN PVOID pBuffer,
  481. IN DWORD dwBufferLength,
  482. IN DWORD dwRegType
  483. );
  485. //
  486. // Decrypt data from a data blob.
  487. //
  489. HRESULT
  490. DecryptData(
  491. OUT PVOID * ppBuffer,
  492. OUT LPDWORD pdwBufferLength,
  493. OUT LPDWORD pdwRegType,
  494. IN PIIS_CRYPTO_BLOB pDataBlob
  495. );
  497. #if DBG
  499. //
  500. // Validate object state.
  501. //
  502. BOOL
  503. ValidateState();
  505. #endif
  507. }; // IIS_CRYPTO_STORAGE
  510. class IIS_CRYPTO_EXCHANGE_BASE : public IIS_CRYPTO_BASE {
  512. public:
  514. //
  515. // Constructor/destructor.
  516. //
  518. IIS_CRYPTO_EXCHANGE_BASE();
  519. ~IIS_CRYPTO_EXCHANGE_BASE();
  521. //
  522. // Accessors for the keys we create. Note that once the calling
  523. // application assumes ownership for one of these keys, it is the
  524. // application's responsibility to close it.
  525. //
  527. HCRYPTKEY
  528. AssumeClientSessionKey()
  529. {
  530. HCRYPTKEY hTmp;
  532. hTmp = m_hClientSessionKey;
  533. m_hClientSessionKey = CRYPT_NULL;
  534. return hTmp;
  535. }
  537. HCRYPTKEY
  538. AssumeServerSessionKey()
  539. {
  540. HCRYPTKEY hTmp;
  542. hTmp = m_hServerSessionKey;
  543. m_hServerSessionKey = CRYPT_NULL;
  544. return hTmp;
  545. }
  547. protected:
  549. //
  550. // Create the phase 3 and 4 hash values.
  551. //
  553. HRESULT
  554. CreatePhase3Hash(
  555. OUT PIIS_CRYPTO_BLOB * ppHashBlob
  556. );
  558. HRESULT
  559. CreatePhase4Hash(
  560. OUT PIIS_CRYPTO_BLOB * ppHashBlob
  561. );
  563. //
  564. // Various keys we create/import.
  565. //
  567. HCRYPTKEY m_hServerSessionKey;
  568. HCRYPTKEY m_hClientSessionKey;
  570. private:
  572. //
  573. // Helper function for creating hash values.
  574. //
  576. HRESULT
  577. CreateHashWorker(
  578. OUT PIIS_CRYPTO_BLOB * ppHashBlob,
  579. IN BOOL fPhase3
  580. );
  582. }; // IIS_CRYPTO_EXCHANGE_BASE
  585. class IIS_CRYPTO_EXCHANGE_CLIENT : public IIS_CRYPTO_EXCHANGE_BASE {
  587. public:
  589. //
  590. // Constructor/destructor.
  591. //
  593. IIS_CRYPTO_EXCHANGE_CLIENT();
  594. ~IIS_CRYPTO_EXCHANGE_CLIENT();
  596. //
  597. // The guts of the client-side multi-phase key exchange protocol.
  598. //
  600. HRESULT
  601. ClientPhase1(
  602. OUT PIIS_CRYPTO_BLOB * ppClientKeyExhangeKeyBlob,
  603. OUT PIIS_CRYPTO_BLOB * ppClientSignatureKeyBlob
  604. );
  606. HRESULT
  607. ClientPhase2(
  608. IN PIIS_CRYPTO_BLOB pServerKeyExchangeKeyBlob,
  609. IN PIIS_CRYPTO_BLOB pServerSignatureKeyBlob,
  610. IN PIIS_CRYPTO_BLOB pServerSessionKeyBlob,
  611. OUT PIIS_CRYPTO_BLOB * ppClientSessionKeyBlob,
  612. OUT PIIS_CRYPTO_BLOB * ppClientHashBlob
  613. );
  615. HRESULT
  616. ClientPhase3(
  617. IN PIIS_CRYPTO_BLOB pServerHashBlob
  618. );
  620. //
  621. // Accessors for the server keys we import. Note that once the calling
  622. // application assumes ownership for one of these keys, it is the
  623. // application's responsibility to close it.
  624. //
  626. HCRYPTKEY
  627. AssumeServerKeyExchangeKey()
  628. {
  629. HCRYPTKEY hTmp;
  631. hTmp = m_hServerKeyExchangeKey;
  632. m_hServerKeyExchangeKey = CRYPT_NULL;
  633. return hTmp;
  634. }
  636. HCRYPTKEY
  637. AssumeServerSignatureKey()
  638. {
  639. HCRYPTKEY hTmp;
  641. hTmp = m_hServerSignatureKey;
  642. m_hServerSignatureKey = CRYPT_NULL;
  643. return hTmp;
  644. }
  646. protected:
  648. //
  649. // Server-side keys we'll import.
  650. //
  652. HCRYPTKEY m_hServerKeyExchangeKey;
  653. HCRYPTKEY m_hServerSignatureKey;
  655. }; // IIS_CRYPTO_EXCHANGE_CLIENT
  658. class IIS_CRYPTO_EXCHANGE_SERVER : public IIS_CRYPTO_EXCHANGE_BASE {
  660. public:
  662. //
  663. // Constructor/destructor.
  664. //
  666. IIS_CRYPTO_EXCHANGE_SERVER();
  667. ~IIS_CRYPTO_EXCHANGE_SERVER();
  669. //
  670. // The guts of the server-side multi-phase key exchange protocol.
  671. //
  673. HRESULT
  674. ServerPhase1(
  675. IN PIIS_CRYPTO_BLOB pClientKeyExchangeKeyBlob,
  676. IN PIIS_CRYPTO_BLOB pClientSignatureKeyBlob,
  677. OUT PIIS_CRYPTO_BLOB * ppServerKeyExchangeKeyBlob,
  678. OUT PIIS_CRYPTO_BLOB * ppServerSignatureKeyBlob,
  679. OUT PIIS_CRYPTO_BLOB * ppServerSessionKeyBlob
  680. );
  682. HRESULT
  683. ServerPhase2(
  684. IN PIIS_CRYPTO_BLOB pClientSessionKeyBlob,
  685. IN PIIS_CRYPTO_BLOB pClientHashBlob,
  686. OUT PIIS_CRYPTO_BLOB * ppServerHashBlob
  687. );
  689. //
  690. // Accessors for the client keys we import. Note that once the calling
  691. // application assumes ownership for one of these keys, it is the
  692. // application's responsibility to close it.
  693. //
  695. HCRYPTKEY
  696. AssumeClientKeyExchangeKey()
  697. {
  698. HCRYPTKEY hTmp;
  700. hTmp = m_hClientKeyExchangeKey;
  701. m_hClientKeyExchangeKey = CRYPT_NULL;
  702. return hTmp;
  703. }
  705. HCRYPTKEY
  706. AssumeClientSignatureKey()
  707. {
  708. HCRYPTKEY hTmp;
  710. hTmp = m_hClientSignatureKey;
  711. m_hClientSignatureKey = CRYPT_NULL;
  712. return hTmp;
  713. }
  715. protected:
  717. //
  718. // Client-side keys we'll import.
  719. //
  721. HCRYPTKEY m_hClientKeyExchangeKey;
  722. HCRYPTKEY m_hClientSignatureKey;
  724. }; // IIS_CRYPTO_EXCHANGE_SERVER
  727. #endif // _ICRYPT_HXX_