archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/base/fs/efs/encrypt.c

489 lines
11 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1996 Microsoft Corporation
  5. Module Name:
  7. encrypt.c
  9. Abstract:
  11. This module will support data encryption and decryption
  13. Author:
  15. Robert Gu (robertg) 08-Dec-1996
  16. Environment:
  18. Kernel Mode Only
  20. Revision History:
  22. --*/
  25. #include "efsrtl.h"
  27. #ifdef ALLOC_PRAGMA
  28. #pragma alloc_text(PAGE, EFSDesEnc)
  29. #pragma alloc_text(PAGE, EFSDesDec)
  30. #pragma alloc_text(PAGE, EFSDesXEnc)
  31. #pragma alloc_text(PAGE, EFSDesXDec)
  32. #pragma alloc_text(PAGE, EFSDes3Enc)
  33. #pragma alloc_text(PAGE, EFSDes3Dec)
  34. #pragma alloc_text(PAGE, EFSAesEnc)
  35. #pragma alloc_text(PAGE, EFSAesDec)
  36. #endif
  39. VOID
  40. EFSDesEnc(
  41. IN PUCHAR InBuffer,
  42. OUT PUCHAR OutBuffer,
  43. IN PUCHAR IV,
  44. IN PKEY_BLOB KeyBlob,
  45. IN LONG Length
  46. )
  47. /*++
  49. Routine Description:
  51. This routine implements DES CBC encryption. The DES is implemented by LIB
  52. function des().
  54. Arguments:
  56. InBuffer - Pointer to the data buffer (encryption in place)
  57. IV - Initial chaining vector (DES_BLOCKLEN bytes)
  58. KeyBlob - Set during the create or FSCTL
  59. Length - Length of the data in the buffer ( Length % DES_BLOCKLEN = 0)
  61. Note:
  63. Input buffer can only be touched once. This the requirement by the Ntfs & CC.
  65. --*/
  66. {
  67. ULONGLONG chainBlock;
  68. ULONGLONG tmpData;
  69. PUCHAR KeyTable;
  71. PAGED_CODE();
  73. ASSERT (Length % DES_BLOCKLEN == 0);
  75. chainBlock = *(ULONGLONG *)IV;
  76. KeyTable = &(KeyBlob->Key[0]);
  77. while (Length > 0){
  79. //
  80. // Block chaining
  81. //
  82. tmpData = *(ULONGLONG *)InBuffer;
  83. tmpData ^= chainBlock;
  85. //
  86. // Call DES LIB to encrypt the DES_BLOCKLEN bytes
  87. // We are using DECRYPT/ENCRYPT for real ENCRYPT/DECRYPT. This is for the backward
  88. // compatiblity. The old definitions were reversed.
  89. //
  91. des( OutBuffer, (PUCHAR) &tmpData, KeyTable, DECRYPT );
  92. chainBlock = *(ULONGLONG *)OutBuffer;
  93. Length -= DES_BLOCKLEN;
  94. InBuffer += DES_BLOCKLEN;
  95. OutBuffer += DES_BLOCKLEN;
  96. }
  97. }
  99. VOID
  100. EFSDesDec(
  101. IN OUT PUCHAR Buffer,
  102. IN PUCHAR IV,
  103. IN PKEY_BLOB KeyBlob,
  104. IN LONG Length
  105. )
  106. /*++
  108. Routine Description:
  110. This routine implements DES CBC decryption. The DES is implemented by LIB
  111. function des().
  113. Arguments:
  115. Buffer - Pointer to the data buffer (decryption in place)
  116. IV - Initial chaining vector (DES_BLOCKLEN bytes)
  117. KeyBlob - Set during the create or FSCTL
  118. Length - Length of the data in the buffer ( Length % DES_BLOCKLEN = 0)
  120. --*/
  121. {
  122. ULONGLONG chainBlock;
  123. PUCHAR pBuffer;
  124. PUCHAR KeyTable;
  126. PAGED_CODE();
  128. ASSERT (Length % DES_BLOCKLEN == 0);
  130. pBuffer = Buffer + Length - DES_BLOCKLEN;
  131. KeyTable = &(KeyBlob->Key[0]);
  133. while (pBuffer > Buffer){
  135. //
  136. // Call DES LIB to decrypt the DES_BLOCKLEN bytes
  137. // We are using DECRYPT/ENCRYPT for real ENCRYPT/DECRYPT. This is for the backward
  138. // compatiblity. The old definitions were reversed.
  139. //
  141. des( pBuffer, pBuffer, KeyTable, ENCRYPT );
  143. //
  144. // Undo the block chaining
  145. //
  147. chainBlock = *(ULONGLONG *)( pBuffer - DES_BLOCKLEN );
  148. *(ULONGLONG *)pBuffer ^= chainBlock;
  150. pBuffer -= DES_BLOCKLEN;
  151. }
  153. //
  154. // Now decrypt the first block
  155. //
  156. des( pBuffer, pBuffer, KeyTable, ENCRYPT );
  158. chainBlock = *(ULONGLONG *)IV;
  159. *(ULONGLONG *)pBuffer ^= chainBlock;
  160. }
  162. VOID
  163. EFSDesXEnc(
  164. IN PUCHAR InBuffer,
  165. OUT PUCHAR OutBuffer,
  166. IN PUCHAR IV,
  167. IN PKEY_BLOB KeyBlob,
  168. IN LONG Length
  169. )
  170. /*++
  172. Routine Description:
  174. This routine implements DESX CBC encryption. The DESX is implemented by
  175. LIBRARY function desx().
  177. Arguments:
  179. InBuffer - Pointer to the data buffer (encryption in place)
  180. IV - Initial chaining vector (DESX_BLOCKLEN bytes)
  181. KeyBlob - Set during the create or FSCTL
  182. Length - Length of the data in the buffer ( Length % DESX_BLOCKLEN = 0)
  184. Note:
  186. Input buffer can only be touched once. This the requirement by the Ntfs & CC.
  188. --*/
  189. {
  190. ULONGLONG chainBlock;
  191. ULONGLONG tmpData;
  192. PUCHAR KeyTable;
  194. PAGED_CODE();
  196. ASSERT (Length % DESX_BLOCKLEN == 0);
  198. chainBlock = *(ULONGLONG *)IV;
  199. KeyTable = &(KeyBlob->Key[0]);
  200. while (Length > 0){
  202. //
  203. // Block chaining
  204. //
  205. tmpData = *(ULONGLONG *)InBuffer;
  206. tmpData ^= chainBlock;
  208. //
  209. // Call LIB to encrypt the DESX_BLOCKLEN bytes
  210. // We are using DECRYPT/ENCRYPT for real ENCRYPT/DECRYPT. This is for the backward
  211. // compatiblity. The old definitions were reversed.
  212. //
  214. desx( OutBuffer, (PUCHAR) &tmpData, KeyTable, DECRYPT );
  215. chainBlock = *(ULONGLONG *)OutBuffer;
  216. Length -= DESX_BLOCKLEN;
  217. InBuffer += DESX_BLOCKLEN;
  218. OutBuffer += DESX_BLOCKLEN;
  219. }
  220. }
  222. VOID
  223. EFSDesXDec(
  224. IN OUT PUCHAR Buffer,
  225. IN PUCHAR IV,
  226. IN PKEY_BLOB KeyBlob,
  227. IN LONG Length
  228. )
  229. /*++
  231. Routine Description:
  233. This routine implements DESX CBC decryption. The DESX is implemented by
  234. LIBRARY function desx().
  236. Arguments:
  238. Buffer - Pointer to the data buffer (decryption in place)
  239. IV - Initial chaining vector (DESX_BLOCKLEN bytes)
  240. KeyBlob - Set during the create or FSCTL
  241. Length - Length of the data in the buffer ( Length % DESX_BLOCKLEN = 0)
  243. --*/
  244. {
  245. ULONGLONG chainBlock;
  246. PUCHAR pBuffer;
  247. PUCHAR KeyTable;
  249. PAGED_CODE();
  251. ASSERT (Length % DESX_BLOCKLEN == 0);
  253. pBuffer = Buffer + Length - DESX_BLOCKLEN;
  254. KeyTable = &(KeyBlob->Key[0]);
  256. while (pBuffer > Buffer){
  258. //
  259. // Call LIB to decrypt the DESX_BLOCKLEN bytes
  260. // We are using DECRYPT/ENCRYPT for real ENCRYPT/DECRYPT. This is for the backward
  261. // compatiblity. The old definitions were reversed.
  262. //
  264. desx( pBuffer, pBuffer, KeyTable, ENCRYPT );
  266. //
  267. // Undo the block chaining
  268. //
  270. chainBlock = *(ULONGLONG *)( pBuffer - DESX_BLOCKLEN );
  271. *(ULONGLONG *)pBuffer ^= chainBlock;
  273. pBuffer -= DESX_BLOCKLEN;
  274. }
  276. //
  277. // Now decrypt the first block
  278. //
  279. desx( pBuffer, pBuffer, KeyTable, ENCRYPT );
  281. chainBlock = *(ULONGLONG *)IV;
  282. *(ULONGLONG *)pBuffer ^= chainBlock;
  283. }
  285. VOID
  286. EFSDes3Enc(
  287. IN PUCHAR InBuffer,
  288. OUT PUCHAR OutBuffer,
  289. IN PUCHAR IV,
  290. IN PKEY_BLOB KeyBlob,
  291. IN LONG Length
  292. )
  293. /*++
  295. Routine Description:
  297. This routine implements DES3 CBC encryption. The DES3 is implemented by
  298. LIBRARY function tripledes().
  300. Arguments:
  302. InBuffer - Pointer to the data buffer (encryption in place)
  303. IV - Initial chaining vector (DES_BLOCKLEN bytes)
  304. KeyBlob - Set during the create or FSCTL
  305. Length - Length of the data in the buffer ( Length % DES_BLOCKLEN = 0)
  307. Note:
  309. Input buffer can only be touched once. This the requirement by the Ntfs & CC.
  311. --*/
  312. {
  313. ULONGLONG chainBlock = *(ULONGLONG *)IV;
  314. ULONGLONG tmpData;
  315. PUCHAR KeyTable;
  317. ASSERT (Length % DES_BLOCKLEN == 0);
  319. EfsData.FipsFunctionTable.FipsBlockCBC(
  320. FIPS_CBC_3DES,
  321. OutBuffer,
  322. InBuffer,
  323. Length,
  324. &(KeyBlob->Key[0]),
  325. ENCRYPT,
  326. (PUCHAR) &chainBlock
  327. );
  328. }
  330. VOID
  331. EFSDes3Dec(
  332. IN OUT PUCHAR Buffer,
  333. IN PUCHAR IV,
  334. IN PKEY_BLOB KeyBlob,
  335. IN LONG Length
  336. )
  337. /*++
  339. Routine Description:
  341. This routine implements DES3 CBC decryption. The DES3 is implemented by
  342. LIBRARY function tripledes().
  344. Arguments:
  346. Buffer - Pointer to the data buffer (decryption in place)
  347. IV - Initial chaining vector (DES_BLOCKLEN bytes)
  348. KeyBlob - Set during the create or FSCTL
  349. Length - Length of the data in the buffer ( Length % DES_BLOCKLEN = 0)
  351. --*/
  352. {
  353. ULONGLONG ChainIV = *(ULONGLONG *)IV;
  355. ASSERT (Length % DESX_BLOCKLEN == 0);
  358. EfsData.FipsFunctionTable.FipsBlockCBC(
  359. FIPS_CBC_3DES,
  360. Buffer,
  361. Buffer,
  362. Length,
  363. &(KeyBlob->Key[0]),
  364. DECRYPT,
  365. (PUCHAR) &ChainIV
  366. );
  368. }
  371. VOID
  372. EFSAesEnc(
  373. IN PUCHAR InBuffer,
  374. OUT PUCHAR OutBuffer,
  375. IN PUCHAR IV,
  376. IN PKEY_BLOB KeyBlob,
  377. IN LONG Length
  378. )
  379. /*++
  381. Routine Description:
  383. This routine implements AES CBC encryption. The AES is implemented by
  384. LIBRARY function aes().
  386. Arguments:
  388. InBuffer - Pointer to the data buffer (encryption in place)
  389. IV - Initial chaining vector (AES_BLOCKLEN bytes)
  390. KeyBlob - Set during the create or FSCTL
  391. Length - Length of the data in the buffer ( Length % AES_BLOCKLEN = 0)
  393. Note:
  395. Input buffer can only be touched once. This the requirement by the Ntfs & CC.
  397. --*/
  398. {
  399. ULONGLONG chainBlock[2];
  400. ULONGLONG tmpData[2];
  401. PUCHAR KeyTable;
  403. PAGED_CODE();
  405. ASSERT (Length % AES_BLOCKLEN == 0);
  407. chainBlock[0] = *(ULONGLONG *)IV;
  408. chainBlock[1] = *(ULONGLONG *)(IV+sizeof(ULONGLONG));
  409. KeyTable = &(KeyBlob->Key[0]);
  411. while (Length > 0){
  413. //
  414. // Block chaining
  415. //
  416. tmpData[0] = *(ULONGLONG *)InBuffer;
  417. tmpData[1] = *(ULONGLONG *)(InBuffer+sizeof(ULONGLONG));
  418. tmpData[0] ^= chainBlock[0];
  419. tmpData[1] ^= chainBlock[1];
  421. aes256( OutBuffer, (PUCHAR) &tmpData[0], KeyTable, ENCRYPT );
  423. chainBlock[0] = *(ULONGLONG *)OutBuffer;
  424. chainBlock[1] = *(ULONGLONG *)(OutBuffer+sizeof(ULONGLONG));
  425. Length -= AES_BLOCKLEN;
  426. InBuffer += AES_BLOCKLEN;
  427. OutBuffer += AES_BLOCKLEN;
  428. }
  429. }
  431. VOID
  432. EFSAesDec(
  433. IN OUT PUCHAR Buffer,
  434. IN PUCHAR IV,
  435. IN PKEY_BLOB KeyBlob,
  436. IN LONG Length
  437. )
  438. /*++
  440. Routine Description:
  442. This routine implements DESX CBC decryption. The DESX is implemented by
  443. LIBRARY function desx().
  445. Arguments:
  447. Buffer - Pointer to the data buffer (decryption in place)
  448. IV - Initial chaining vector (AES_BLOCKLEN bytes)
  449. KeyBlob - Set during the create or FSCTL
  450. Length - Length of the data in the buffer ( Length % AES_BLOCKLEN = 0)
  452. --*/
  453. {
  454. ULONGLONG chainBlock[2];
  455. PUCHAR pBuffer;
  456. PUCHAR KeyTable;
  458. PAGED_CODE();
  460. ASSERT (Length % AES_BLOCKLEN == 0);
  462. pBuffer = Buffer + Length - AES_BLOCKLEN;
  463. KeyTable = &(KeyBlob->Key[0]);
  465. while (pBuffer > Buffer){
  467. aes256( pBuffer, pBuffer, KeyTable, DECRYPT );
  470. //
  471. // Undo the block chaining
  472. //
  474. chainBlock[0] = *(ULONGLONG *)( pBuffer - AES_BLOCKLEN );
  475. chainBlock[1] = *(ULONGLONG *)(pBuffer - sizeof(ULONGLONG));
  476. *(ULONGLONG *)pBuffer ^= chainBlock[0];
  477. *(ULONGLONG *)(pBuffer+sizeof(ULONGLONG)) ^= chainBlock[1];
  478. pBuffer -= AES_BLOCKLEN;
  479. }
  481. //
  482. // Now decrypt the first block
  483. //
  484. aes256( pBuffer, pBuffer, KeyTable, DECRYPT );
  486. *(ULONGLONG *)pBuffer ^= *(ULONGLONG *)IV;
  487. *(ULONGLONG *)(pBuffer+sizeof(ULONGLONG)) ^= *(ULONGLONG *)(IV+sizeof(ULONGLONG));
  488. }