archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/admin/admt/mspwdmig/admtcrypt.h

280 lines
6.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #pragma once
  3. #include <TChar.h>
  4. #include <Windows.h>
  5. #include <WinCrypt.h>
  6. #include <ComDef.h>
  9. #define ENCRYPTION_KEY_SIZE 16 // in bytes
  10. #define SESSION_KEY_SIZE 16 // in bytes
  12. #define GET_BYTE_ARRAY_DATA(v) ((char*)((v).parray->pvData))
  13. #define GET_BYTE_ARRAY_SIZE(v) ((unsigned long)((v).parray->rgsabound[0].cElements))
  16. //---------------------------------------------------------------------------
  17. // Crypt Provider Class
  18. //---------------------------------------------------------------------------
  20. class CCryptProvider
  21. {
  22. public:
  24. CCryptProvider();
  25. CCryptProvider(const CCryptProvider& r);
  26. ~CCryptProvider();
  28. CCryptProvider& operator =(const CCryptProvider& r);
  30. HCRYPTHASH CreateHash(ALG_ID aid);
  31. HCRYPTKEY DeriveKey(ALG_ID aid, HCRYPTHASH hHash, DWORD dwFlags = 0);
  33. _variant_t GenerateRandom(DWORD cbData) const;
  34. void GenerateRandom(BYTE* pbData, DWORD cbData) const;
  36. protected:
  38. HCRYPTPROV m_hProvider;
  39. };
  42. //---------------------------------------------------------------------------
  43. // Crypt Key Class
  44. //---------------------------------------------------------------------------
  46. class CCryptKey
  47. {
  48. public:
  50. CCryptKey(HCRYPTKEY hKey = NULL);
  51. ~CCryptKey();
  53. operator HCRYPTKEY()
  54. {
  55. return m_hKey;
  56. }
  58. void Attach(HCRYPTKEY hKey)
  59. {
  60. m_hKey = hKey;
  61. }
  63. HCRYPTKEY Detach()
  64. {
  65. HCRYPTKEY hKey = m_hKey;
  66. m_hKey = NULL;
  67. return hKey;
  68. }
  70. _variant_t Encrypt(HCRYPTHASH hHash, bool bFinal, const _variant_t& vntData);
  71. _variant_t Decrypt(HCRYPTHASH hHash, bool bFinal, const _variant_t& vntData);
  73. protected:
  75. CCryptKey(const CCryptKey& key) {}
  76. CCryptKey& operator =(const CCryptKey& key) { return *this; }
  78. protected:
  80. HCRYPTKEY m_hKey;
  81. };
  84. //---------------------------------------------------------------------------
  85. // Crypt Hash Class
  86. //---------------------------------------------------------------------------
  88. class CCryptHash
  89. {
  90. public:
  92. CCryptHash(HCRYPTHASH hHash = NULL);
  93. ~CCryptHash();
  95. operator HCRYPTHASH()
  96. {
  97. return m_hHash;
  98. }
  100. void Attach(HCRYPTHASH hHash)
  101. {
  102. m_hHash = hHash;
  103. }
  105. HCRYPTKEY Detach()
  106. {
  107. HCRYPTKEY hHash = m_hHash;
  108. m_hHash = NULL;
  109. return hHash;
  110. }
  112. _variant_t GetValue() const;
  113. void SetValue(const _variant_t& vntValue);
  115. void Hash(LPCTSTR pszData);
  116. void Hash(const _variant_t& vntData);
  117. void Hash(BYTE* pbData, DWORD cbData);
  119. bool operator ==(const CCryptHash& hash);
  121. bool operator !=(const CCryptHash& hash)
  122. {
  123. return !this->operator ==(hash);
  124. }
  126. protected:
  128. CCryptHash(const CCryptKey& hash) {}
  129. CCryptHash& operator =(const CCryptHash& hash) { return *this; }
  131. protected:
  133. HCRYPTHASH m_hHash;
  134. };
  137. //---------------------------------------------------------------------------
  138. // Domain Crypt Class
  139. //---------------------------------------------------------------------------
  141. class CDomainCrypt : public CCryptProvider
  142. {
  143. protected:
  145. CDomainCrypt();
  146. ~CDomainCrypt();
  148. HCRYPTKEY GetEncryptionKey(LPCTSTR pszKeyId);
  150. void StoreBytes(LPCTSTR pszId, const _variant_t& vntBytes);
  151. void StoreBytes(LPCTSTR pszId, BYTE* pBytes, DWORD cBytes);
  152. _variant_t RetrieveBytes(LPCTSTR pszId);
  154. protected:
  156. static _TCHAR m_szIdPrefix[];
  157. };
  160. //---------------------------------------------------------------------------
  161. // Target Crypt Class
  162. //
  163. // CreateEncryptionKey
  164. // - creates encryption key
  165. // - stores encryption key using key identifier
  166. // - returns encryption key encrypted with given password
  167. //---------------------------------------------------------------------------
  169. class CTargetCrypt : public CDomainCrypt
  170. {
  171. public:
  173. CTargetCrypt();
  174. ~CTargetCrypt();
  176. _variant_t CreateEncryptionKey(LPCTSTR pszKeyId, LPCTSTR pszPassword = NULL);
  178. _variant_t CreateSession(LPCTSTR pszKeyId);
  180. _variant_t Encrypt(_bstr_t strData);
  182. protected:
  184. void StoreBytes(LPCTSTR pszId, const _variant_t& vntBytes)
  185. {
  186. LPTSTR psz = (LPTSTR) _alloca((_tcslen(m_szIdPrefix) + 1 + _tcslen(pszId) + 1) * sizeof(_TCHAR));
  188. _tcscpy(psz, m_szIdPrefix);
  189. _tcscat(psz, _T("_"));
  190. _tcscat(psz, pszId);
  192. CDomainCrypt::StoreBytes(psz, vntBytes);
  193. }
  195. _variant_t RetrieveBytes(LPCTSTR pszId)
  196. {
  197. LPTSTR psz = (LPTSTR) _alloca((_tcslen(m_szIdPrefix) + 1 + _tcslen(pszId) + 1) * sizeof(_TCHAR));
  199. _tcscpy(psz, m_szIdPrefix);
  200. _tcscat(psz, _T("_"));
  201. _tcscat(psz, pszId);
  203. return CDomainCrypt::RetrieveBytes(psz);
  204. }
  206. protected:
  208. CCryptKey m_keySession;
  209. };
  212. //---------------------------------------------------------------------------
  213. // Source Crypt Class
  214. //---------------------------------------------------------------------------
  216. class CSourceCrypt : public CDomainCrypt
  217. {
  218. public:
  220. CSourceCrypt();
  221. ~CSourceCrypt();
  223. void ImportEncryptionKey(const _variant_t& vntEncryptedKey, LPCTSTR pszPassword = NULL);
  225. void ImportSessionKey(const _variant_t& vntEncryptedKey);
  227. _bstr_t Decrypt(const _variant_t& vntData);
  229. protected:
  231. CCryptKey m_keySession;
  232. };
  235. //---------------------------------------------------------------------------
  236. // Use Cases
  237. //---------------------------------------------------------------------------
  238. //
  239. // Target Domain Controller
  240. // ------------------------
  241. // Generate Encryption Key
  242. // - given source domain name and optional password
  243. // - generate 128 bit encryption key
  244. // - store encryption key using source domain name
  245. // - if given optional password encrypt key with password
  246. // - return encrypted key
  247. //
  248. // Generate Session Key
  249. // - given source domain name
  250. // - generate 128 bit session key
  251. // - generate hash of session key
  252. // - retrieve encryption key using source domain name
  253. // - encrypt session key and hash with encryption key
  254. // - return encrypted session key/hash
  255. //
  256. // Encrypt Data
  257. // - given data
  258. // - encrypt data using session key
  259. // - return encrypted data
  260. //
  261. // Password Export Server (PES)
  262. // ----------------------------
  263. // Store Encryption Key
  264. // - given encrypted encryption key and password
  265. // - decrypt key using password
  266. // - store key
  267. //
  268. // Decrypt Session Key
  269. // - given an encrypted session key / hash
  270. // - decrypt using encryption key
  271. // - generate hash of decrypted session key
  272. // - compare against decrypted hash
  273. // - store session key
  274. // - return success or failure
  275. //
  276. // Decrypt Data
  277. // - given encrypted data
  278. // - decrypt data using session key
  279. // - return un-encrypted data
  280. //---------------------------------------------------------------------------