archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/csps/cryptoflex/slbcsp/seskeyctx.cpp

285 lines
9.2 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. // SesKeyCtx.cpp -- definition of CSessionKeyContext
  3. // (c) Copyright Schlumberger Technology Corp., unpublished work, created
  4. // 1999. This computer program includes Confidential, Proprietary
  5. // Information and is a Trade Secret of Schlumberger Technology Corp. All
  6. // use, disclosure, and/or reproduction is prohibited unless authorized
  7. // in writing. All Rights Reserved.
  9. #include "stdafx.h" // because handles.h uses the ASSERT macro
  11. #include <scuOsExc.h>
  12. #include <scuArrayP.h>
  14. #include "SesKeyCtx.h"
  15. #include "slbKeyStruct.h"
  16. #include "AlignedBlob.h"
  18. using namespace std;
  19. using namespace scu;
  21. /////////////////////////// LOCAL/HELPER /////////////////////////////////
  23. /////////////////////////// PUBLIC /////////////////////////////////
  25. // Types
  26. // C'tors/D'tors
  28. CSessionKeyContext::CSessionKeyContext(HCRYPTPROV hProv)
  29. : CKeyContext(hProv, KT_SESSIONKEY),
  30. m_dwImportFlags(0)
  31. {}
  33. CSessionKeyContext::~CSessionKeyContext()
  34. {}
  36. // Operators
  37. // Operations
  39. auto_ptr<CKeyContext>
  40. CSessionKeyContext::Clone(DWORD const *pdwReserved,
  41. DWORD dwFlags) const
  42. {
  43. return auto_ptr<CKeyContext>(new CSessionKeyContext(*this,
  44. pdwReserved,
  45. dwFlags));
  46. }
  48. void
  49. CSessionKeyContext::Derive(ALG_ID algid,
  50. HCRYPTHASH hAuxBaseData,
  51. DWORD dwFlags)
  52. {
  53. if (!CryptDeriveKey(AuxProvider(), algid, hAuxBaseData, dwFlags,
  54. &m_hKey))
  55. throw scu::OsException(GetLastError());
  56. }
  58. void
  59. CSessionKeyContext::Generate(ALG_ID algid,
  60. DWORD dwFlags)
  61. {
  62. // TO DO: BUG ?? : Do not allow Session with NO SALT (it's always
  63. // better with than without)
  65. if (!CryptGenKey(AuxProvider(), algid, dwFlags, &m_hKey))
  66. throw scu::OsException(GetLastError());
  67. }
  69. void
  70. CSessionKeyContext::ImportToAuxCSP()
  71. {
  72. if (!m_hKey)
  73. {
  74. if (!m_apabKey.data())
  75. throw OsException(NTE_NO_KEY);
  77. HCRYPTKEY hPkiKey;
  79. if (!CryptImportKey(AuxProvider(),
  80. PrivateKeyForNoRSA,
  81. SIZE_OF_PRIVATEKEYFORNORSA_BLOB,
  82. 0, 0, &hPkiKey))
  83. throw scu::OsException(GetLastError());
  85. // import the key blob into the Aux CSP
  86. if (!CryptImportKey(AuxProvider(), m_apabKey.data(),
  87. m_apabKey.length(), NULL, m_dwImportFlags,
  88. &m_hKey))
  89. throw scu::OsException(GetLastError());
  91. // have to destroy key before generating another
  92. if (!CryptDestroyKey(hPkiKey))
  93. throw scu::OsException(GetLastError());
  95. hPkiKey = NULL;
  96. if (!CryptGenKey(AuxProvider(), AT_KEYEXCHANGE, 0, &hPkiKey))
  97. throw scu::OsException(GetLastError());
  99. if (!CryptDestroyKey(hPkiKey))
  100. throw scu::OsException(GetLastError());
  101. }
  102. }
  104. // CSessionKeyContext::LoadKey
  105. // This function is called by CCryptContext::UseSessionKey
  106. // which is called by the CPImportKey function
  107. // Load the key blob into the Auxiliary CSP,
  108. // and Save the key blob in m_bfSessionKey
  109. // If hImpKey is NULL the key has been decrypted
  110. // otherwise it is still encrypted with the corresponding session key
  111. // If session key is still encrypted then decrypt with help of Aux CSP
  112. void
  113. CSessionKeyContext::LoadKey(IN const BYTE *pbKeyBlob,
  114. IN DWORD cbKeyBlobLen,
  115. IN HCRYPTKEY hAuxImpKey,
  116. IN DWORD dwImportFlags)
  117. {
  118. m_dwImportFlags = dwImportFlags;
  120. if (hAuxImpKey)
  121. {
  122. DWORD dwDataLen = cbKeyBlobLen - (sizeof BLOBHEADER + sizeof ALG_ID);
  123. SecureArray<BYTE> apbData( dwDataLen * sizeof BYTE );
  124. memcpy(apbData.data(), pbKeyBlob + (sizeof BLOBHEADER +
  125. sizeof ALG_ID), dwDataLen);
  127. // Decrypt the key blob with this session key with the Aux CSP
  128. if (!CryptDecrypt(hAuxImpKey, 0, TRUE, 0, apbData.data(), &dwDataLen))
  129. throw scu::OsException(GetLastError());
  131. // Construct an empty key blob
  132. SecureArray<BYTE> blbKey(0);//(pbKeyBlob, sizeof BLOBHEADER);
  134. // Set the Alg Id for the blob as encrypted with Key Exchange key
  135. ALG_ID algid = CALG_RSA_KEYX;
  136. blbKey.append(reinterpret_cast<BYTE *>(&algid),
  137. sizeof ALG_ID);
  138. blbKey.append(apbData.data(), dwDataLen);
  140. // Save it
  141. m_apabKey = blbKey;
  142. }
  143. else
  144. {
  145. // Save key blob
  146. m_apabKey =
  147. SecureArray<BYTE>(pbKeyBlob, cbKeyBlobLen);
  148. }
  149. }
  152. // Access
  154. SecureArray<BYTE>
  155. CSessionKeyContext::AsAlignedBlob(HCRYPTKEY hcryptkey,
  156. DWORD dwBlobType) const
  157. {
  158. DWORD dwRequiredLength;
  159. if (!CryptExportKey(m_hKey, hcryptkey, dwBlobType,
  160. 0, 0, &dwRequiredLength))
  161. throw scu::OsException(GetLastError());
  163. SecureArray<BYTE> apbKeyBlob(dwRequiredLength);
  164. if (!CryptExportKey(m_hKey, hcryptkey, dwBlobType,
  165. 0, apbKeyBlob.data(), &dwRequiredLength))
  166. throw scu::OsException(GetLastError());
  168. return apbKeyBlob;
  170. // The following commented code is for DEBUGGING purposes only,
  171. // when one needs to be able to see the unencrypted session key
  172. // material.
  174. // Now also Export it with the identity key, so we can see the
  175. // session key material in the clear
  176. /*
  177. #include "slbKeyStruct.h"
  178. DWORD dwErr;
  179. BYTE *pbBlob = NULL;
  180. DWORD cbBlob;
  181. HCRYPTKEY hPkiKey;
  182. int i;
  183. if (!CryptImportKey(g_AuxProvider, PrivateKeyForNoRSA,
  184. SIZE_OF_PRIVATEKEYFORNORSA_BLOB,
  185. 0, 0, &hPkiKey))
  186. {
  187. dwErr = GetLastError();
  188. TRACE("ERROR - CryptImportKey : %X\n", dwErr);
  189. goto Ret;
  191. }
  193. if (!CryptExportKey(m_hKey, hPkiKey, SIMPLEBLOB, 0, NULL, &cbBlob))
  194. {
  195. dwErr = GetLastError();
  196. TRACE("ERROR - CryptExportKey : %X\n", dwErr);
  197. goto Ret;
  198. }
  200. if (NULL == (pbBlob = (BYTE *)LocalAlloc(LMEM_ZEROINIT, cbBlob)))
  201. {
  202. TRACE("ERROR - LocalAlloc Failed\n");
  203. goto Ret;
  204. }
  206. if (!CryptExportKey(m_hKey, hPkiKey, SIMPLEBLOB, 0, pbBlob, &cbBlob))
  207. {
  208. dwErr = GetLastError();
  209. TRACE("ERROR - CryptExportKey : %X\n", dwErr);
  210. goto Ret;
  211. }
  213. TRACE("The Simple Blob\n\n");
  215. for(i=0;i<(int)cbBlob;i++)
  216. {
  217. TRACE("0x%02X, ", pbBlob[i]);
  218. if (0 == ((i + 1) % 8))
  219. TRACE("\n");
  220. }
  222. Ret:
  224. TRACE ("Bye\n");
  225. */
  227. }
  229. // CSessionKeyContext::BlobSize
  230. // CSessionKeyContext::BlobLength() const
  231. // {
  232. // DWORD dwLength;
  234. // if (!CryptExportKey(m_hKey, hAuxExpKey, SIMPLEBLOB,
  235. // dwFlags, 0, &dwLength))
  236. // throw scu::OsException(GetLastError());
  238. // return dwLength;
  239. // }
  241. CSessionKeyContext::StrengthType
  242. CSessionKeyContext::MaxStrength() const
  243. {
  244. // TO DO: Implement in terms of Auxillary provider...or don't define?
  245. return 56;
  246. }
  248. CSessionKeyContext::StrengthType
  249. CSessionKeyContext::MinStrength() const
  250. {
  251. // TO DO: Implement in terms of Auxillary provider...or don't define?
  252. return 56;
  253. }
  255. // Predicates
  256. // Static Variables
  258. /////////////////////////// PROTECTED /////////////////////////////////
  260. // C'tors/D'tors
  262. // Duplicate key context and its current state
  263. CSessionKeyContext::CSessionKeyContext(CSessionKeyContext const &rhs,
  264. DWORD const *pdwReserved,
  265. DWORD dwFlags)
  266. : CKeyContext(rhs, pdwReserved, dwFlags),
  267. m_dwImportFlags(rhs.m_dwImportFlags)
  268. {}
  271. // Operators
  272. // Operations
  273. // Access
  274. // Predicates
  275. // Static Variables
  278. /////////////////////////// PRIVATE /////////////////////////////////
  280. // C'tors/D'tors
  281. // Operators
  282. // Operations
  283. // Access
  284. // Predicates
  285. // Static Variables