archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/base/cluster/mgmt/cluscfg/inc/encryptedbstrsrc.cpp

624 lines
17 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) 2000-2002 Microsoft Corporation
  4. //
  5. // Module Name:
  6. // EncryptedBSTRSrc.cpp
  7. //
  8. // Description:
  9. // Class to encrypt and decrypt BSTRs.
  10. //
  11. // Maintained By:
  12. // John Franco (jfranco) 15-APR-2002
  13. //
  14. //////////////////////////////////////////////////////////////////////////////
  16. #include "EncryptedBSTR.h"
  18. //////////////////////////////////////////////////////////////////////////////
  19. // Type Definitions
  20. //////////////////////////////////////////////////////////////////////////////
  22. typedef BOOL (*PFNCRYPTPROTECTMEMORY)( LPVOID, DWORD, DWORD );
  23. typedef BOOL (*PFNCRYPTUNPROTECTMEMORY)( LPVOID, DWORD, DWORD );
  25. //////////////////////////////////////////////////////////////////////////////
  26. //++
  27. //
  28. // class CCryptRoutines
  29. //
  30. // Description:
  31. // CryptProtectMemory and CryptUnprotectMemory are not available on early
  32. // releases of XP Client, which the admin pack must support. Therefore,
  33. // we cannot link to those routines implicitly. CCryptRoutines wraps the
  34. // work of loading crypt32.dll dynamically and looking for the exported
  35. // functions.
  36. //
  37. //--
  38. //////////////////////////////////////////////////////////////////////////////
  39. class CCryptRoutines
  40. {
  41. private:
  42. PFNCRYPTPROTECTMEMORY m_pfnCryptProtectMemory;
  43. PFNCRYPTUNPROTECTMEMORY m_pfnCryptUnprotectMemory;
  44. HMODULE m_hmodCrypt32;
  45. LONG m_nRefCount;
  46. CRITICAL_SECTION m_cs;
  47. BOOL m_fCritSecInitialized;
  48. DWORD m_scLoadStatus;
  50. static BOOL S_FBogusCryptRoutine( LPVOID, DWORD, DWORD );
  52. public:
  53. CCryptRoutines( void )
  54. : m_pfnCryptProtectMemory( NULL )
  55. , m_pfnCryptUnprotectMemory( NULL )
  56. , m_hmodCrypt32( NULL )
  57. , m_nRefCount( 0 )
  58. , m_fCritSecInitialized( FALSE )
  59. , m_scLoadStatus( ERROR_SUCCESS )
  60. {
  61. m_fCritSecInitialized = InitializeCriticalSectionAndSpinCount( &m_cs, RECOMMENDED_SPIN_COUNT );
  62. if ( m_fCritSecInitialized == FALSE )
  63. {
  64. TW32( GetLastError() );
  65. } // if
  67. } //*** CCryptRoutines::CCryptRoutines
  69. ~CCryptRoutines( void )
  70. {
  71. if ( m_hmodCrypt32 != NULL )
  72. {
  73. FreeLibrary( m_hmodCrypt32 );
  74. }
  76. if ( m_fCritSecInitialized )
  77. {
  78. DeleteCriticalSection( &m_cs );
  79. }
  81. } //*** CCryptRoutines::~CCryptRoutines
  83. void AddReferenceToRoutines( void );
  84. void ReleaseReferenceToRoutines( void );
  86. BOOL
  87. CryptProtectMemory(
  88. IN OUT LPVOID pDataIn, // in out data to encrypt
  89. IN DWORD cbDataIn, // multiple of CRYPTPROTECTMEMORY_BLOCK_SIZE
  90. IN DWORD dwFlags // CRYPTPROTECTMEMORY_* flags from wincrypt.h
  91. );
  93. BOOL
  94. CryptUnprotectMemory(
  95. IN OUT LPVOID pDataIn, // in out data to decrypt
  96. IN DWORD cbDataIn, // multiple of CRYPTPROTECTMEMORY_BLOCK_SIZE
  97. IN DWORD dwFlags // CRYPTPROTECTMEMORY_* flags from wincrypt.h
  98. );
  100. }; //*** class CCryptRoutines
  102. //////////////////////////////////////////////////////////////////////////////
  103. // Global Variables
  104. //////////////////////////////////////////////////////////////////////////////
  106. static CCryptRoutines g_crCryptRoutines;
  109. //****************************************************************************
  110. //
  111. // CCryptRoutines
  112. //
  113. //****************************************************************************
  116. //////////////////////////////////////////////////////////////////////////////
  117. //++
  118. //
  119. // CCryptRoutines::AddReferenceToRoutines
  120. //
  121. // Description:
  122. // Add a reference to the routines and load the addresses of the APIs
  123. // if not already done so.
  124. //
  125. // Arguments:
  126. // None.
  127. //
  128. // Return Values:
  129. // None.
  130. //
  131. //--
  132. //////////////////////////////////////////////////////////////////////////////
  133. void
  134. CCryptRoutines::AddReferenceToRoutines( void )
  135. {
  136. TraceFunc( "" );
  138. if ( m_fCritSecInitialized )
  139. {
  140. EnterCriticalSection( &m_cs );
  142. m_nRefCount += 1;
  144. if ( m_nRefCount == 1 )
  145. {
  146. Assert( m_hmodCrypt32 == NULL );
  148. //
  149. // Load the DLL containing the APIs.
  150. //
  152. m_hmodCrypt32 = LoadLibraryW( L"crypt32.dll" );
  153. if ( m_hmodCrypt32 == NULL )
  154. {
  155. m_scLoadStatus = TW32( GetLastError() );
  156. goto Cleanup;
  157. } // if: error loading the DLL
  159. //
  160. // Get the address of the APIs.
  161. //
  163. m_pfnCryptProtectMemory = reinterpret_cast< PFNCRYPTPROTECTMEMORY >( GetProcAddress( m_hmodCrypt32, "CryptProtectMemory" ) );
  164. if ( m_pfnCryptProtectMemory == NULL )
  165. {
  166. m_scLoadStatus = TW32( GetLastError() );
  167. goto Cleanup;
  168. } // if
  170. m_pfnCryptUnprotectMemory = reinterpret_cast< PFNCRYPTUNPROTECTMEMORY >( GetProcAddress( m_hmodCrypt32, "CryptUnprotectMemory" ) );
  171. if ( m_pfnCryptProtectMemory == NULL )
  172. {
  173. m_scLoadStatus = TW32( GetLastError() );
  174. m_pfnCryptProtectMemory = NULL;
  175. goto Cleanup;
  176. } // if
  177. } // if: first reference
  178. } // if critical section is initialized.
  180. Cleanup:
  182. if ( m_pfnCryptProtectMemory == NULL )
  183. {
  184. m_pfnCryptProtectMemory = S_FBogusCryptRoutine;
  185. } // if
  187. if ( m_pfnCryptUnprotectMemory == NULL )
  188. {
  189. m_pfnCryptUnprotectMemory = S_FBogusCryptRoutine;
  190. } // if
  192. if ( m_fCritSecInitialized )
  193. {
  194. LeaveCriticalSection( &m_cs );
  195. } // if
  197. TraceFuncExit();
  199. } //*** CCryptRoutines::AddReferenceToRoutines
  201. //////////////////////////////////////////////////////////////////////////////
  202. //++
  203. //
  204. // CCryptRoutines::ReleaseReferenceToRoutines
  205. //
  206. // Description:
  207. // Release a reference to the routines and free the library if this was
  208. // the last reference.
  209. //
  210. // Arguments:
  211. // None.
  212. //
  213. // Return Values:
  214. // None.
  215. //
  216. //--
  217. //////////////////////////////////////////////////////////////////////////////
  218. void
  219. CCryptRoutines::ReleaseReferenceToRoutines( void )
  220. {
  221. TraceFunc( "" );
  223. if ( m_fCritSecInitialized )
  224. {
  225. EnterCriticalSection( &m_cs );
  227. m_nRefCount -= 1;
  229. if ( m_nRefCount == 0 )
  230. {
  231. Assert( m_hmodCrypt32 != NULL );
  232. if ( m_hmodCrypt32 != NULL )
  233. {
  234. FreeLibrary( m_hmodCrypt32 );
  235. m_hmodCrypt32 = NULL;
  236. m_pfnCryptProtectMemory = NULL;
  237. m_pfnCryptUnprotectMemory = NULL;
  238. } // if
  239. } // if: last reference was released
  241. LeaveCriticalSection( &m_cs );
  242. } // if
  244. TraceFuncExit();
  246. } //*** CCryptRoutines::ReleaseReferenceToRoutines
  248. //////////////////////////////////////////////////////////////////////////////
  249. //++
  250. //
  251. // CCryptRoutines::CryptProtectMemory
  252. //
  253. // Description:
  254. // Encrypt memory. Required since XP doesn't have CryptProtectMemory.
  255. //
  256. // Arguments:
  257. // pDataIn
  258. // cbDataIn
  259. // dwFlags
  260. //
  261. // Return Values:
  262. // TRUE - Operation was successful.
  263. // FALSE - Operation failed. Call GetLastError().
  264. //
  265. //--
  266. //////////////////////////////////////////////////////////////////////////////
  267. BOOL
  268. CCryptRoutines::CryptProtectMemory(
  269. IN OUT LPVOID pDataIn, // in out data to encrypt
  270. IN DWORD cbDataIn, // multiple of CRYPTPROTECTMEMORY_BLOCK_SIZE
  271. IN DWORD dwFlags // CRYPTPROTECTMEMORY_* flags from wincrypt.h
  272. )
  273. {
  274. TraceFunc( "" );
  276. BOOL fSuccess = TRUE;
  277. DWORD sc = ERROR_SUCCESS;
  279. fSuccess = (*m_pfnCryptProtectMemory)( pDataIn, cbDataIn, dwFlags );
  280. if ( fSuccess == FALSE )
  281. {
  282. sc = TW32( GetLastError() );
  283. }
  285. #ifdef DEBUG
  286. // Only needed for debug builds because TW32 might overwrite the last error.
  287. SetLastError( sc );
  288. #endif
  289. RETURN( fSuccess );
  291. } //*** CCryptRoutines::CryptProtectMemory
  293. //////////////////////////////////////////////////////////////////////////////
  294. //++
  295. //
  296. // CCryptRoutines::CryptUnprotectMemory
  297. //
  298. // Description:
  299. // Decrypt memory. Required since XP doesn't have CryptUnprotectMemory.
  300. //
  301. // Arguments:
  302. // pDataIn
  303. // cbDataIn
  304. // dwFlags
  305. //
  306. // Return Values:
  307. // TRUE - Operation was successful.
  308. // FALSE - Operation failed. Call GetLastError().
  309. //
  310. //--
  311. //////////////////////////////////////////////////////////////////////////////
  312. BOOL
  313. CCryptRoutines::CryptUnprotectMemory(
  314. IN OUT LPVOID pDataIn, // in out data to decrypt
  315. IN DWORD cbDataIn, // multiple of CRYPTPROTECTMEMORY_BLOCK_SIZE
  316. IN DWORD dwFlags // CRYPTPROTECTMEMORY_* flags from wincrypt.h
  317. )
  318. {
  319. TraceFunc( "" );
  321. BOOL fSuccess = TRUE;
  322. DWORD sc = ERROR_SUCCESS;
  324. fSuccess = (*m_pfnCryptUnprotectMemory)( pDataIn, cbDataIn, dwFlags );
  325. if ( fSuccess == FALSE )
  326. {
  327. sc = TW32( GetLastError() );
  328. }
  330. #ifdef DEBUG
  331. // Only needed for debug builds because TW32 might overwrite the last error.
  332. SetLastError( sc );
  333. #endif
  334. RETURN( fSuccess );
  336. } //*** CCryptRoutines::CryptUnprotectMemory
  339. //////////////////////////////////////////////////////////////////////////////
  340. //++
  341. //
  342. // CCryptRoutines::S_FBogusCryptRoutine
  343. //
  344. // Description:
  345. // Stand-in function for when the routines are not available.
  346. //
  347. // Arguments:
  348. // LPVOID
  349. // DWORD
  350. // DWORD
  351. //
  352. // Return Values:
  353. // TRUE - Pretend always to succeed.
  354. //
  355. //--
  356. //////////////////////////////////////////////////////////////////////////////
  357. BOOL
  358. CCryptRoutines::S_FBogusCryptRoutine( LPVOID, DWORD, DWORD )
  359. {
  360. return TRUE;
  362. } //*** CCryptRoutines::S_FBogusCryptRoutine
  365. //****************************************************************************
  366. //
  367. // CEncryptedBSTR
  368. //
  369. //****************************************************************************
  372. //////////////////////////////////////////////////////////////////////////////
  373. //++
  374. //
  375. // CEncryptedBSTR::CEncryptedBSTR
  376. //
  377. // Description:
  378. // Default constructor.
  379. //
  380. //--
  381. //////////////////////////////////////////////////////////////////////////////
  382. CEncryptedBSTR::CEncryptedBSTR( void )
  383. {
  384. TraceFunc( "" );
  386. m_dbBSTR.cbData = 0;
  387. m_dbBSTR.pbData = NULL;
  389. g_crCryptRoutines.AddReferenceToRoutines();
  391. TraceFuncExit();
  393. } //*** CEncryptedBSTR::CEncryptedBSTR
  395. //////////////////////////////////////////////////////////////////////////////
  396. //++
  397. //
  398. // CEncryptedBSTR::~CEncryptedBSTR
  399. //
  400. // Description:
  401. // Destructor.
  402. //
  403. //--
  404. //////////////////////////////////////////////////////////////////////////////
  405. CEncryptedBSTR::~CEncryptedBSTR( void )
  406. {
  407. TraceFunc( "" );
  409. Erase();
  411. g_crCryptRoutines.ReleaseReferenceToRoutines();
  413. TraceFuncExit();
  415. } //*** CEncryptedBSTR::~CEncryptedBSTR
  417. //////////////////////////////////////////////////////////////////////////////
  418. //++
  419. //
  420. // CEncryptedBSTR::HrSetWSTR
  421. //
  422. // Description:
  423. // Set new data into this object to be stored as encrypted data.
  424. //
  425. // Arguments:
  426. // pcwszIn - String to store.
  427. // cchIn - Number of characters in the string, not including NUL.
  428. //
  429. // Return Values:
  430. // S_OK - Operation completed successfully.
  431. // Other HRESULTs.
  432. //
  433. //--
  434. //////////////////////////////////////////////////////////////////////////////
  435. HRESULT
  436. CEncryptedBSTR::HrSetWSTR(
  437. PCWSTR pcwszIn
  438. , size_t cchIn
  439. )
  440. {
  441. TraceFunc( "" );
  443. HRESULT hr = S_OK;
  444. DATA_BLOB dbEncrypted = { 0, NULL };
  446. if ( cchIn > 0 )
  447. {
  448. BOOL fSuccess = FALSE;
  449. DWORD cbStringAndNull = (DWORD) ( ( cchIn + 1 ) * sizeof( *pcwszIn ) );
  450. DWORD cBlocks = ( cbStringAndNull / CRYPTPROTECTMEMORY_BLOCK_SIZE ) + 1;
  451. DWORD cbMemoryRequired = cBlocks * CRYPTPROTECTMEMORY_BLOCK_SIZE;
  453. dbEncrypted.pbData = new BYTE[ cbMemoryRequired ];
  454. if ( dbEncrypted.pbData == NULL )
  455. {
  456. hr = THR( E_OUTOFMEMORY );
  457. goto Cleanup;
  458. }
  459. dbEncrypted.cbData = cbMemoryRequired;
  461. CopyMemory( dbEncrypted.pbData, pcwszIn, cbStringAndNull );
  462. fSuccess = g_crCryptRoutines.CryptProtectMemory( dbEncrypted.pbData, dbEncrypted.cbData, CRYPTPROTECTMEMORY_SAME_PROCESS );
  463. if ( fSuccess == FALSE )
  464. {
  465. DWORD scLastError = TW32( GetLastError() );
  466. hr = HRESULT_FROM_WIN32( scLastError );
  467. goto Cleanup;
  468. } // if: error from CryptProtectMemory
  470. Erase();
  471. m_dbBSTR = dbEncrypted;
  472. dbEncrypted.pbData = NULL;
  473. dbEncrypted.cbData = 0;
  474. } // if: input data is not empty
  475. else
  476. {
  477. Erase();
  478. } // else: input data is empty
  480. Cleanup:
  482. if ( dbEncrypted.pbData != NULL )
  483. {
  484. delete [] dbEncrypted.pbData;
  485. }
  487. HRETURN( hr );
  489. } //*** CEncryptedBSTR::HrSetWSTR
  491. //////////////////////////////////////////////////////////////////////////////
  492. //++
  493. //
  494. // CEncryptedBSTR::HrGetBSTR
  495. //
  496. // Description:
  497. // Retrieve an unencrypted copy of the data.
  498. //
  499. // Arguments:
  500. // pbstrOut - BSTR to return data in.
  501. //
  502. // Return Values:
  503. // S_OK - Operation completed successfully.
  504. // E_OUTOFMEMORY - Error allocating memory.
  505. // Other HRESULTs.
  506. //
  507. //--
  508. //////////////////////////////////////////////////////////////////////////////
  509. HRESULT
  510. CEncryptedBSTR::HrGetBSTR( BSTR * pbstrOut ) const
  511. {
  512. TraceFunc( "" );
  514. HRESULT hr = S_OK;
  515. BYTE * pbDecrypted = NULL;
  517. if ( pbstrOut == NULL )
  518. {
  519. hr = THR( E_POINTER );
  520. goto Cleanup;
  521. }
  522. *pbstrOut = NULL;
  524. if ( m_dbBSTR.cbData > 0 )
  525. {
  526. BOOL fSuccess = FALSE;
  528. pbDecrypted = new BYTE[ m_dbBSTR.cbData ];
  529. if ( pbDecrypted == NULL )
  530. {
  531. hr = THR( E_OUTOFMEMORY );
  532. goto Cleanup;
  533. }
  535. CopyMemory( pbDecrypted, m_dbBSTR.pbData, m_dbBSTR.cbData );
  536. fSuccess = g_crCryptRoutines.CryptUnprotectMemory( pbDecrypted, m_dbBSTR.cbData, CRYPTPROTECTMEMORY_SAME_PROCESS );
  537. if ( fSuccess == FALSE )
  538. {
  539. DWORD scLastError = TW32( GetLastError() );
  540. hr = HRESULT_FROM_WIN32( scLastError );
  541. goto Cleanup;
  542. } // if: error from CryptUnprotectMemory
  544. *pbstrOut = TraceSysAllocString( reinterpret_cast< const OLECHAR* >( pbDecrypted ) );
  545. if ( *pbstrOut == NULL )
  546. {
  547. hr = E_OUTOFMEMORY;
  548. goto Cleanup;
  549. }
  550. } // if: data is not empty
  551. else // nothing to decrypt
  552. {
  553. hr = S_FALSE;
  554. } // else: data is empty
  556. Cleanup:
  558. if ( pbDecrypted != NULL )
  559. {
  560. ::SecureZeroMemory( pbDecrypted, m_dbBSTR.cbData );
  561. delete [] pbDecrypted;
  562. }
  564. HRETURN( hr );
  566. } //*** CEncryptedBSTR::HrGetBSTR
  568. //////////////////////////////////////////////////////////////////////////////
  569. //++
  570. //
  571. // CEncryptedBSTR::HrAssign
  572. //
  573. // Description:
  574. // Make a copy of another encrypted BSTR object to replace the
  575. // content we are currently holding.
  576. //
  577. // Arguments:
  578. // rSourceIn - Object to copy.
  579. //
  580. // Return Values:
  581. // S_OK - Operation completed successfully.
  582. // E_OUTOFMEMORY - Error allocating memory.
  583. //
  584. //--
  585. //////////////////////////////////////////////////////////////////////////////
  586. HRESULT
  587. CEncryptedBSTR::HrAssign( const CEncryptedBSTR & rSourceIn )
  588. {
  589. TraceFunc( "" );
  591. HRESULT hr = S_OK;
  592. BYTE * pbCopy = NULL;
  594. if ( rSourceIn.m_dbBSTR.cbData > 0 )
  595. {
  596. pbCopy = new BYTE[ rSourceIn.m_dbBSTR.cbData ];
  597. if ( pbCopy == NULL )
  598. {
  599. hr = THR( E_OUTOFMEMORY );
  600. goto Cleanup;
  601. }
  602. CopyMemory( pbCopy, rSourceIn.m_dbBSTR.pbData, rSourceIn.m_dbBSTR.cbData );
  604. Erase();
  605. m_dbBSTR.cbData = rSourceIn.m_dbBSTR.cbData;
  606. m_dbBSTR.pbData = pbCopy;
  607. pbCopy = NULL;
  608. } // if: input data is not empty
  609. else
  610. {
  611. Erase();
  612. } // else: input data is empty
  614. Cleanup:
  616. if ( pbCopy != NULL )
  617. {
  618. ::SecureZeroMemory( pbCopy, rSourceIn.m_dbBSTR.cbData );
  619. delete [] pbCopy;
  620. }
  622. HRETURN( hr );
  624. } //*** CEncryptedBSTR::HrAssign