archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/protocols/schannel/lsa/stubs.c

619 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1995.
  5. //
  6. // File: stubs.c
  7. //
  8. // Contents:
  9. //
  10. // Classes:
  11. //
  12. // Functions:
  13. //
  14. // History: 8-01-95 RichardW Created
  15. //
  16. //----------------------------------------------------------------------------
  19. #include "sslp.h"
  20. #include <cert509.h>
  21. #include <rsa.h>
  24. CHAR CertTag[ 13 ] = { 0x04, 0x0b, 'c', 'e', 'r', 't', 'i', 'f', 'i', 'c', 'a', 't', 'e' };
  26. // Nonstandard extension, function/data pointer conversion in expression
  27. #pragma warning (disable: 4152)
  29. SecurityFunctionTableW SPFunctionTable = {
  30. SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION,
  31. EnumerateSecurityPackagesW,
  32. NULL,
  33. AcquireCredentialsHandleW,
  34. FreeCredentialsHandle,
  35. NULL,
  36. InitializeSecurityContextW,
  37. AcceptSecurityContext,
  38. CompleteAuthToken,
  39. DeleteSecurityContext,
  40. ApplyControlToken,
  41. QueryContextAttributesW,
  42. ImpersonateSecurityContext,
  43. RevertSecurityContext,
  44. MakeSignature,
  45. VerifySignature,
  46. FreeContextBuffer,
  47. QuerySecurityPackageInfoW,
  48. SealMessage,
  49. UnsealMessage,
  50. NULL, /* GrantProxyW */
  51. NULL, /* RevokeProxyW */
  52. NULL, /* InvokeProxyW */
  53. NULL, /* RenewProxyW */
  54. QuerySecurityContextToken,
  55. SealMessage,
  56. UnsealMessage,
  57. SetContextAttributesW
  58. };
  60. SecurityFunctionTableA SPFunctionTableA = {
  61. SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION,
  62. EnumerateSecurityPackagesA,
  63. NULL,
  64. AcquireCredentialsHandleA,
  65. FreeCredentialsHandle,
  66. NULL,
  67. InitializeSecurityContextA,
  68. AcceptSecurityContext,
  69. CompleteAuthToken,
  70. DeleteSecurityContext,
  71. ApplyControlToken,
  72. QueryContextAttributesA,
  73. ImpersonateSecurityContext,
  74. RevertSecurityContext,
  75. MakeSignature,
  76. VerifySignature,
  77. FreeContextBuffer,
  78. QuerySecurityPackageInfoA,
  79. SealMessage,
  80. UnsealMessage,
  81. NULL, /* GrantProxyA */
  82. NULL, /* RevokeProxyA */
  83. NULL, /* InvokeProxyA */
  84. NULL, /* RenewProxyA */
  85. QuerySecurityContextToken,
  86. SealMessage,
  87. UnsealMessage,
  88. SetContextAttributesA
  89. };
  92. PSecurityFunctionTableW SEC_ENTRY
  93. InitSecurityInterfaceW(
  94. VOID )
  95. {
  96. return(&SPFunctionTable);
  97. }
  99. PSecurityFunctionTableA SEC_ENTRY
  100. InitSecurityInterfaceA(
  101. VOID )
  102. {
  103. return(&SPFunctionTableA);
  104. }
  108. SECURITY_STATUS SEC_ENTRY
  109. FreeContextBuffer(
  110. void SEC_FAR * pvContextBuffer
  111. )
  112. {
  113. SPExternalFree( pvContextBuffer );
  114. return(SEC_E_OK);
  115. }
  119. SECURITY_STATUS SEC_ENTRY
  120. SecurityPackageControl(
  121. SEC_WCHAR SEC_FAR * pszPackageName,
  122. unsigned long dwFunctionCode,
  123. unsigned long cbInputBuffer,
  124. unsigned char SEC_FAR * pbInputBuffer,
  125. unsigned long SEC_FAR * pcbOutputBuffer,
  126. unsigned char SEC_FAR * pbOutputBuffer)
  127. {
  128. UNREFERENCED_PARAMETER(pszPackageName);
  129. UNREFERENCED_PARAMETER(dwFunctionCode);
  130. UNREFERENCED_PARAMETER(cbInputBuffer);
  131. UNREFERENCED_PARAMETER(pbInputBuffer);
  132. UNREFERENCED_PARAMETER(pcbOutputBuffer);
  133. UNREFERENCED_PARAMETER(pbOutputBuffer);
  135. return(SEC_E_UNSUPPORTED_FUNCTION);
  136. }
  138. SECURITY_STATUS PctTranslateError(SP_STATUS spRet)
  139. {
  140. if(HRESULT_FACILITY(spRet) == FACILITY_SECURITY)
  141. {
  142. return (spRet);
  143. }
  145. switch(spRet) {
  146. case PCT_ERR_OK: return SEC_E_OK;
  147. case PCT_ERR_BAD_CERTIFICATE: return SEC_E_INVALID_TOKEN;
  148. case PCT_ERR_CLIENT_AUTH_FAILED: return SEC_E_INVALID_TOKEN;
  149. case PCT_ERR_ILLEGAL_MESSAGE: return SEC_E_INVALID_TOKEN;
  150. case PCT_ERR_INTEGRITY_CHECK_FAILED: return SEC_E_MESSAGE_ALTERED;
  151. case PCT_ERR_SERVER_AUTH_FAILED: return SEC_E_INVALID_TOKEN;
  152. case PCT_ERR_SPECS_MISMATCH: return SEC_E_ALGORITHM_MISMATCH;
  153. case PCT_ERR_SSL_STYLE_MSG: return SEC_E_INVALID_TOKEN;
  154. case SEC_I_INCOMPLETE_CREDENTIALS: return SEC_I_INCOMPLETE_CREDENTIALS;
  155. case PCT_ERR_RENEGOTIATE: return SEC_I_RENEGOTIATE;
  156. case PCT_ERR_UNKNOWN_CREDENTIAL: return SEC_E_UNKNOWN_CREDENTIALS;
  158. case CERT_E_UNTRUSTEDROOT: return SEC_E_UNTRUSTED_ROOT;
  159. case CERT_E_EXPIRED: return SEC_E_CERT_EXPIRED;
  160. case CERT_E_VALIDITYPERIODNESTING: return SEC_E_CERT_EXPIRED;
  161. case CERT_E_REVOKED: return CRYPT_E_REVOKED;
  162. case CERT_E_CN_NO_MATCH: return SEC_E_WRONG_PRINCIPAL;
  164. case PCT_INT_BAD_CERT: return SEC_E_INVALID_TOKEN;
  165. case PCT_INT_CLI_AUTH: return SEC_E_INVALID_TOKEN;
  166. case PCT_INT_ILLEGAL_MSG: return SEC_E_INVALID_TOKEN;
  167. case PCT_INT_SPECS_MISMATCH: return SEC_E_ALGORITHM_MISMATCH;
  168. case PCT_INT_INCOMPLETE_MSG: return SEC_E_INCOMPLETE_MESSAGE;
  169. case PCT_INT_MSG_ALTERED: return SEC_E_MESSAGE_ALTERED;
  170. case PCT_INT_INTERNAL_ERROR: return SEC_E_INTERNAL_ERROR;
  171. case PCT_INT_DATA_OVERFLOW: return SEC_E_INTERNAL_ERROR;
  172. case SEC_E_INCOMPLETE_CREDENTIALS: return SEC_E_INCOMPLETE_CREDENTIALS;
  173. case PCT_INT_RENEGOTIATE: return SEC_I_RENEGOTIATE;
  174. case PCT_INT_UNKNOWN_CREDENTIAL: return SEC_E_UNKNOWN_CREDENTIALS;
  176. case PCT_INT_BUFF_TOO_SMALL: return SEC_E_BUFFER_TOO_SMALL;
  177. case SEC_E_BUFFER_TOO_SMALL: return SEC_E_BUFFER_TOO_SMALL;
  179. default: return SEC_E_INTERNAL_ERROR;
  180. }
  181. }
  183. //+---------------------------------------------------------------------------
  184. //
  185. // Function: SslGenerateRandomBits
  186. //
  187. // Synopsis: Hook for setup to get a good random stream
  188. //
  189. // Arguments: [pRandomData] --
  190. // [cRandomData] --
  191. //
  192. //
  193. // Notes:
  194. //
  195. //----------------------------------------------------------------------------
  196. VOID
  197. WINAPI
  198. SslGenerateRandomBits(
  199. PUCHAR pRandomData,
  200. LONG cRandomData
  201. )
  202. {
  203. if(!SchannelInit(TRUE))
  204. {
  205. return;
  206. }
  207. (void)GenerateRandomBits(pRandomData, (ULONG)cRandomData);
  208. }
  211. //+---------------------------------------------------------------------------
  212. //
  213. // Function: SslGenerateKeyPair
  214. //
  215. // Synopsis: Generates a public/private key pair, protected by password
  216. //
  217. // Arguments: [pCerts] --
  218. // [pszDN] --
  219. // [pszPassword] --
  220. // [Bits] --
  221. //
  222. // Notes:
  223. //
  224. //----------------------------------------------------------------------------
  225. BOOL
  226. WINAPI
  227. SslGenerateKeyPair(
  228. PSSL_CREDENTIAL_CERTIFICATE pCerts,
  229. PSTR pszDN,
  230. PSTR pszPassword,
  231. DWORD Bits )
  232. {
  233. if(!SchannelInit(TRUE))
  234. {
  235. return FALSE;
  236. }
  238. return GenerateKeyPair(pCerts, pszDN, pszPassword, Bits);
  239. }
  242. //+---------------------------------------------------------------------------
  243. //
  244. // Function: SslGetMaximumKeySize
  245. //
  246. // Synopsis: Returns maximum public key size
  247. //
  248. // Arguments: [Reserved] --
  249. //
  250. // Notes:
  251. //
  252. //----------------------------------------------------------------------------
  253. DWORD
  254. WINAPI
  255. SslGetMaximumKeySize(
  256. DWORD Reserved )
  257. {
  258. UNREFERENCED_PARAMETER(Reserved);
  260. return( 2048 );
  261. }
  264. //+---------------------------------------------------------------------------
  265. //
  266. // Function: SslFreeCertificate
  267. //
  268. // Synopsis: Frees a certificate created from SslCrackCertificate
  269. //
  270. // Arguments: [pCertificate] --
  271. //
  272. // Notes:
  273. //
  274. //----------------------------------------------------------------------------
  275. VOID
  276. WINAPI
  277. SslFreeCertificate(
  278. PX509Certificate pCertificate)
  279. {
  280. if ( pCertificate )
  281. {
  283. SPExternalFree(pCertificate->pPublicKey);
  284. SPExternalFree(pCertificate);
  285. }
  286. }
  291. //+---------------------------------------------------------------------------
  292. //
  293. // Function: SslCrackCertificate
  294. //
  295. // Synopsis: Cracks a X509 certificate into remotely easy format
  296. //
  297. // Arguments: [pbCertificate] --
  298. // [cbCertificate] --
  299. // [dwFlags] --
  300. // [ppCertificate] --
  301. //
  302. // Notes:
  303. //
  304. //----------------------------------------------------------------------------
  305. BOOL
  306. WINAPI
  307. SslCrackCertificate(
  308. PUCHAR pbCertificate,
  309. DWORD cbCertificate,
  310. DWORD dwFlags,
  311. PX509Certificate * ppCertificate)
  312. {
  315. PX509Certificate pResult = NULL;
  316. PCCERT_CONTEXT pContext = NULL;
  317. DWORD cbIssuer;
  318. DWORD cbSubject;
  320. if(!SchannelInit(TRUE))
  321. {
  322. return FALSE;
  323. }
  325. if (dwFlags & CF_CERT_FROM_FILE)
  326. {
  327. if (cbCertificate < CERT_HEADER_LEN + 1 )
  328. {
  329. goto error;
  330. }
  332. //
  333. // Sleazy quick check. Some CAs wrap certs in a cert wrapper.
  334. // Some don't. Some do both, but we won't mention any names.
  335. // Quick check for the wrapper tag. If so, scoot in by enough
  336. // to bypass it (17 bytes. Sheesh).
  337. //
  339. if ( memcmp( pbCertificate + 4, CertTag, sizeof( CertTag ) ) == 0 )
  340. {
  341. pbCertificate += CERT_HEADER_LEN;
  342. cbCertificate -= CERT_HEADER_LEN;
  343. }
  344. }
  348. pContext = CertCreateCertificateContext(X509_ASN_ENCODING, pbCertificate, cbCertificate);
  349. if(pContext == NULL)
  350. {
  351. SP_LOG_RESULT(GetLastError());
  352. goto error;
  353. }
  355. if(0 >= (cbSubject = CertNameToStrA(pContext->dwCertEncodingType,
  356. &pContext->pCertInfo->Subject,
  357. CERT_X500_NAME_STR | CERT_NAME_STR_NO_PLUS_FLAG,
  358. NULL, 0)))
  359. {
  360. SP_LOG_RESULT(GetLastError());
  361. goto error;
  362. }
  364. if(0 >= (cbIssuer = CertNameToStrA(pContext->dwCertEncodingType,
  365. &pContext->pCertInfo->Issuer,
  366. CERT_X500_NAME_STR | CERT_NAME_STR_NO_PLUS_FLAG,
  367. NULL, 0)))
  368. {
  369. SP_LOG_RESULT(GetLastError());
  370. goto error;
  371. }
  374. pResult = SPExternalAlloc(sizeof(X509Certificate) + cbIssuer + cbSubject + 2);
  375. if(pResult == NULL)
  376. {
  377. goto error;
  378. }
  379. pResult->pPublicKey = NULL;
  380. pResult->pszIssuer = (LPSTR)(pResult + 1);
  381. pResult->pszSubject = pResult->pszIssuer + cbIssuer;
  383. pResult->Version = pContext->pCertInfo->dwVersion;
  384. memcpy(pResult->SerialNumber,
  385. pContext->pCertInfo->SerialNumber.pbData,
  386. min(sizeof(pResult->SerialNumber), pContext->pCertInfo->SerialNumber.cbData));
  387. pResult->ValidFrom = pContext->pCertInfo->NotBefore;
  388. pResult->ValidUntil = pContext->pCertInfo->NotAfter;
  390. if(0 >= CertNameToStrA(pContext->dwCertEncodingType,
  391. &pContext->pCertInfo->Issuer,
  392. CERT_X500_NAME_STR | CERT_NAME_STR_NO_PLUS_FLAG,
  393. pResult->pszIssuer, cbIssuer))
  394. {
  395. SP_LOG_RESULT(GetLastError());
  396. goto error;
  397. }
  399. if(0 >= CertNameToStrA(pContext->dwCertEncodingType,
  400. &pContext->pCertInfo->Subject,
  401. CERT_X500_NAME_STR | CERT_NAME_STR_NO_PLUS_FLAG,
  402. pResult->pszSubject, cbSubject))
  403. {
  404. SP_LOG_RESULT(GetLastError());
  405. goto error;
  406. }
  408. {
  409. BSAFE_PUB_KEY *pk;
  410. PUBLICKEY * pPubKey = NULL;
  411. SP_STATUS pctRet;
  413. pResult->pPublicKey = SPExternalAlloc(sizeof(PctPublicKey) + sizeof(BSAFE_PUB_KEY));
  414. if(pResult->pPublicKey == NULL)
  415. {
  416. goto error;
  417. }
  418. pResult->pPublicKey->Type = 0;
  419. pResult->pPublicKey->cbKey = sizeof(BSAFE_PUB_KEY);
  421. pk = (BSAFE_PUB_KEY *)pResult->pPublicKey->pKey;
  422. pk->magic = RSA1;
  424. pctRet = SPPublicKeyFromCert(pContext, &pPubKey, NULL);
  426. if(pctRet == PCT_ERR_OK)
  427. {
  428. if(pPubKey->pPublic->aiKeyAlg == CALG_RSA_KEYX)
  429. {
  430. RSAPUBKEY *pRsaKey = (RSAPUBKEY *)(pPubKey->pPublic + 1);
  431. pk->keylen = pRsaKey->bitlen/8;
  432. pk->bitlen = pRsaKey->bitlen;
  433. pk->datalen = pk->bitlen/8 - 1;
  434. pk->pubexp = pRsaKey->pubexp;
  435. }
  436. else
  437. {
  438. DHPUBKEY *pDHKey = (DHPUBKEY *)(pPubKey->pPublic + 1);
  439. pk->keylen = pDHKey->bitlen/8;
  440. pk->bitlen = pDHKey->bitlen/8;
  441. pk->datalen = pk->bitlen/8 - 1;
  442. pk->pubexp = 0;
  444. }
  445. SPExternalFree(pPubKey);
  446. }
  447. else
  448. {
  449. goto error;
  450. }
  452. }
  453. CertFreeCertificateContext(pContext);
  455. *ppCertificate = pResult;
  456. return TRUE;
  458. error:
  459. if(pContext)
  460. {
  461. CertFreeCertificateContext(pContext);
  462. }
  463. if(pResult)
  464. {
  465. if(pResult->pPublicKey)
  466. {
  467. SPExternalFree(pResult->pPublicKey);
  468. }
  469. SPExternalFree(pResult);
  470. }
  471. return FALSE;
  472. }
  474. //+---------------------------------------------------------------------------
  475. //
  476. // Function: SslLoadCertificate
  477. //
  478. // Synopsis: Not supported.
  479. //
  480. // Notes:
  481. //
  482. //----------------------------------------------------------------------------
  483. BOOL
  484. WINAPI
  485. SslLoadCertificate(
  486. PUCHAR pbCertificate,
  487. DWORD cbCertificate,
  488. BOOL AddToWellKnownKeys)
  489. {
  490. UNREFERENCED_PARAMETER(pbCertificate);
  491. UNREFERENCED_PARAMETER(cbCertificate);
  492. UNREFERENCED_PARAMETER(AddToWellKnownKeys);
  494. return FALSE;
  495. }
  498. BOOL
  499. SslGetClientProcess(ULONG *pProcessID)
  500. {
  501. SECPKG_CALL_INFO CallInfo;
  503. if(LsaTable == NULL)
  504. {
  505. *pProcessID = GetCurrentProcessId();
  506. return TRUE;
  507. }
  509. if(LsaTable->GetCallInfo(&CallInfo))
  510. {
  511. *pProcessID = CallInfo.ProcessId;
  512. return TRUE;
  513. }
  514. else
  515. {
  516. *pProcessID = (ULONG)-1;
  517. return FALSE;
  518. }
  519. }
  521. BOOL
  522. SslGetClientThread(ULONG *pThreadID)
  523. {
  524. SECPKG_CALL_INFO CallInfo;
  526. if(LsaTable == NULL)
  527. {
  528. *pThreadID = GetCurrentThreadId();
  529. return TRUE;
  530. }
  532. if(LsaTable->GetCallInfo(&CallInfo))
  533. {
  534. *pThreadID = CallInfo.ThreadId;
  535. return TRUE;
  536. }
  537. else
  538. {
  539. *pThreadID = (ULONG)-1;
  540. return FALSE;
  541. }
  542. }
  544. BOOL
  545. SslImpersonateClient(void)
  546. {
  547. SECPKG_CALL_INFO CallInfo;
  548. SECURITY_STATUS Status;
  550. // Don't impersonate if we're in the client process.
  551. if(LsaTable == NULL)
  552. {
  553. return FALSE;
  554. }
  556. // Don't impersonate if the client is running in the lsass process.
  557. if(LsaTable->GetCallInfo(&CallInfo))
  558. {
  559. if(CallInfo.ProcessId == GetCurrentProcessId())
  560. {
  561. // DebugLog((DEB_WARN, "Running locally, so don't impersonate.\n"));
  562. return FALSE;
  563. }
  564. }
  566. Status = LsaTable->ImpersonateClient();
  567. if(!NT_SUCCESS(Status))
  568. {
  569. SP_LOG_RESULT(Status);
  570. return FALSE;
  571. }
  573. return TRUE;
  574. }
  576. NTSTATUS
  577. SslGetClientLogonId(LUID *pLogonId)
  578. {
  579. SECPKG_CLIENT_INFO ClientInfo;
  580. SECURITY_STATUS Status;
  582. memset(pLogonId, 0, sizeof(LUID));
  584. Status = LsaTable->GetClientInfo(&ClientInfo);
  585. if(NT_SUCCESS(Status))
  586. {
  587. *pLogonId = ClientInfo.LogonId;
  588. }
  590. return Status;
  591. }
  593. PVOID SPExternalAlloc(DWORD cbLength)
  594. {
  595. if(LsaTable)
  596. {
  597. // Lsass process
  598. return LsaTable->AllocateLsaHeap(cbLength);
  599. }
  600. else
  601. {
  602. // Application process
  603. return LocalAlloc(LPTR, cbLength);
  604. }
  605. }
  607. VOID SPExternalFree(PVOID pMemory)
  608. {
  609. if(LsaTable)
  610. {
  611. // Lsass process
  612. LsaTable->FreeLsaHeap(pMemory);
  613. }
  614. else
  615. {
  616. // Application process
  617. LocalFree(pMemory);
  618. }
  619. }