archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/inetsrv/iis/svcs/irtl/iiscrypt/lib/globals.c

551 lines
9.6 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1997 Microsoft Corporation
  5. Module Name:
  7. globals.c
  9. Abstract:
  11. Global definitions and initialization routines for the IIS
  12. cryptographic package.
  14. The following routines are exported by this module:
  16. IISCryptoInitialize
  17. IISCryptoTerminate
  18. IcpGetLastError
  20. Author:
  22. Keith Moore (keithmo) 02-Dec-1996
  24. Revision History:
  26. --*/
  29. #include "precomp.h"
  30. #pragma hdrstop
  33. //
  34. // Public globals.
  35. //
  37. IC_GLOBALS IcpGlobals;
  39. #if IC_ENABLE_COUNTERS
  40. IC_COUNTERS IcpCounters;
  41. #endif // IC_ENABLE_COUNTERS
  44. //
  45. // Private constants.
  46. //
  49. //
  50. // Private types.
  51. //
  54. //
  55. // Private globals.
  56. //
  59. // these flags are used for programatic override of encryption presnece/absence
  60. // and are used for the case when on French machine without encryption locale becomes
  61. // changed and encryption becomes available
  63. // in NT5 RC3 French encryption was enabled, so French now has encryption!
  64. BOOL fCryptoSettingsDoOverrride = FALSE;
  65. BOOL fCryptoSettingsOverrideFlag = FALSE;
  69. //
  70. // Private prototypes.
  71. //
  74. //
  75. // Public functions.
  76. //
  78. HRESULT
  79. WINAPI
  80. IISCryptoInitialize(
  81. VOID
  82. )
  84. /*++
  86. Routine Description:
  88. This routine initializes the IIS crypto package.
  90. N.B. This routine may only be called via a single thread of
  91. execution; it is not necessarily multi-thread safe.
  93. Arguments:
  95. None.
  97. Return Value:
  99. HRESULT - Completion status, 0 if successful, !0 otherwise.
  101. --*/
  103. {
  105. BOOL isNt = FALSE;
  106. OSVERSIONINFO osInfo;
  108. if( !IcpGlobals.Initialized ) {
  110. //
  111. // Initialize our critical section.
  112. //
  114. INITIALIZE_CRITICAL_SECTION(
  115. &IcpGlobals.GlobalLock
  116. );
  118. #if IC_ENABLE_COUNTERS
  119. //
  120. // Initialize our object counters.
  121. //
  123. RtlZeroMemory(
  124. &IcpCounters,
  125. sizeof(IcpCounters)
  126. );
  127. #endif // IC_ENABLE_COUNTERS
  129. //
  130. // The hash length will get initialized the first time
  131. // it's needed.
  132. //
  134. IcpGlobals.HashLength = 0;
  136. //
  137. // Determine if cryptography should be enabled.
  138. //
  140. osInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
  142. if ( GetVersionEx( &osInfo ) ) {
  143. isNt = (osInfo.dwPlatformId == VER_PLATFORM_WIN32_NT);
  144. }
  146. if( isNt &&
  147. (IcpIsEncryptionPermitted())) {
  148. IcpGlobals.EnableCryptography = TRUE;
  149. } else {
  150. IcpGlobals.EnableCryptography = FALSE;
  151. }
  153. #ifdef _WIN64
  154. // 64 bit hack... 64 bit crypto should be working now, so no need to do this anymore.
  155. // IcpGlobals.EnableCryptography = FALSE;
  156. #endif
  159. #if DBG
  160. {
  162. //
  163. // On checked builds, you can override the default
  164. // EnableCryptography flag via a registry parameter.
  165. //
  167. HKEY key;
  168. LONG err;
  169. LONG flag;
  170. DWORD type;
  171. DWORD length;
  173. err = RegOpenKeyEx(
  174. HKEY_LOCAL_MACHINE,
  175. TEXT("Software\\Microsoft\\K2"),
  176. 0,
  177. KEY_ALL_ACCESS,
  178. &key
  179. );
  181. if( err == NO_ERROR ) {
  183. length = sizeof(flag);
  185. err = RegQueryValueEx(
  186. key,
  187. TEXT("EnableCryptography"),
  188. NULL,
  189. &type,
  190. (LPBYTE)&flag,
  191. &length
  192. );
  194. if( err == NO_ERROR && type == REG_DWORD ) {
  195. IcpGlobals.EnableCryptography = ( flag != 0 );
  196. }
  198. RegCloseKey( key );
  200. }
  202. }
  203. #endif // DBG
  205. //
  206. // Remember that we're successfully initialized.
  207. //
  209. IcpGlobals.Initialized = TRUE;
  211. }
  214. // that's a special case for handling for override of encryption presense
  215. // will be called only on French machines with english locale
  216. if (fCryptoSettingsDoOverrride)
  217. {
  218. IcpGlobals.EnableCryptography = fCryptoSettingsOverrideFlag;
  219. }
  222. //
  223. // Success!
  224. //
  226. return NO_ERROR;
  228. } // IISCryptoInitialize
  231. HRESULT
  232. WINAPI
  233. IISCryptoTerminate(
  234. VOID
  235. )
  237. /*++
  239. Routine Description:
  241. This routine terminates the IIS crypto package.
  243. N.B. This routine may only be called via a single thread of
  244. execution; it is not necessarily multi-thread safe.
  246. Arguments:
  248. None.
  250. Return Value:
  252. HRESULT - Completion status, 0 if successful, !0 otherwise.
  254. --*/
  256. {
  258. if( IcpGlobals.Initialized ) {
  260. //
  261. // Nuke our critical section.
  262. //
  264. DeleteCriticalSection( &IcpGlobals.GlobalLock );
  266. //
  267. // Remember that we're successfully terminated.
  268. //
  270. IcpGlobals.Initialized = FALSE;
  272. }
  274. //
  275. // Success!
  276. //
  278. return NO_ERROR;
  280. } // IISCryptoTerminate
  283. VOID
  284. WINAPI
  285. IISCryptoInitializeOverride(BOOL flag)
  286. /*++
  288. Routine Description:
  290. This routine overides global flag about presence of encryption
  291. functions. It should be used only in one case, when French machine
  292. without encryption, has locale changed to US and then gets encryption
  293. capability what breaks a lot of code where attemt to decrypt is made on
  294. non encrypted data
  296. Arguments:
  298. BOOL flag indicating how to override encryption presence. Only False suppose
  299. to be used.
  302. Return Value:
  304. None
  306. --*/
  308. {
  309. IcpGlobals.EnableCryptography = flag;
  310. fCryptoSettingsDoOverrride = TRUE;
  311. fCryptoSettingsOverrideFlag = flag;
  313. } //IISCryptoInitializeOverride
  317. BOOL
  318. IcpIsEncryptionPermitted(
  319. VOID
  320. )
  321. /*++
  323. Routine Description:
  325. This routine checks whether encryption is getting the system default
  326. LCID and checking whether the country code is CTRY_FRANCE.
  328. This code was received from Jeff Spelman, and is the same
  329. code the crypto API's use do determine if encryption is
  330. allowed.
  332. Arguments:
  334. none
  337. Return Value:
  339. TRUE - encryption is permitted
  340. FALSE - encryption is not permitted
  343. --*/
  345. {
  346. // in NT5 RC3 French encryption was enabled, so French now has encryption!
  347. // since French was the only special case for encryption, just return TRUE all the time.
  349. /*
  350. LCID DefaultLcid;
  351. CHAR CountryCode[10];
  352. ULONG CountryValue;
  353. DefaultLcid = GetSystemDefaultLCID();
  354. //
  355. // Check if the default language is Standard French
  356. //
  357. if (LANGIDFROMLCID(DefaultLcid) == 0x40c) {
  358. return(FALSE);
  359. }
  361. //
  362. // Check if the users's country is set to FRANCE
  363. //
  364. if (GetLocaleInfoA(DefaultLcid,LOCALE_ICOUNTRY,CountryCode,10) == 0) {
  365. return(FALSE);
  366. }
  367. CountryValue = (ULONG) atol(CountryCode);
  368. if (CountryValue == CTRY_FRANCE) {
  369. return(FALSE);
  370. }
  371. //
  372. // and it still we think that encryption is permited thetre it comes a special hack for that
  373. // setup case where english or whatever install is installed with France locality from the begining and setup
  374. // thread still thinks that it is not in France.
  375. // Setup in iis.dll sets SetThreadLocale to the correct one
  376. //
  377. DefaultLcid = GetThreadLocale();
  378. //
  379. // Check if the default language is Standard French
  380. //
  381. if (LANGIDFROMLCID(DefaultLcid) == 0x40c) {
  382. return(FALSE);
  383. }
  384. */
  386. return(TRUE);
  387. }
  390. VOID
  391. WINAPI
  392. IcpAcquireGlobalLock(
  393. VOID
  394. )
  396. /*++
  398. Routine Description:
  400. This routine acquires the global IIS crypto lock.
  402. N.B. This routine is "semi-private"; it is only used by IISCRYPT.LIB
  403. and ICRYPT.LIB, not by "normal" code.
  405. Arguments:
  407. None.
  409. Return Value:
  411. None.
  413. --*/
  415. {
  417. EnterCriticalSection( &IcpGlobals.GlobalLock );
  419. } // IcpAcquireGlobalLock
  422. VOID
  423. WINAPI
  424. IcpReleaseGlobalLock(
  425. VOID
  426. )
  428. /*++
  430. Routine Description:
  432. This routine releases the global IIS crypto lock.
  434. N.B. This routine is "semi-private"; it is only used by IISCRYPT.LIB
  435. and ICRYPT.LIB, not by "normal" code.
  437. Arguments:
  439. None.
  441. Return Value:
  443. None.
  445. --*/
  447. {
  449. LeaveCriticalSection( &IcpGlobals.GlobalLock );
  451. } // IcpReleaseGlobalLock
  454. HRESULT
  455. IcpGetLastError(
  456. VOID
  457. )
  459. /*++
  461. Routine Description:
  463. Returns the last error, mapped to an HRESULT.
  465. Arguments:
  467. None.
  469. Return Value:
  471. HRESULT - Last error.
  473. --*/
  475. {
  477. DWORD lastErr;
  479. lastErr = GetLastError();
  480. return RETURNCODETOHRESULT(lastErr);
  482. } // IcpGetLastError
  485. //
  486. // Private functions.
  487. //
  489. #if IC_ENABLE_COUNTERS
  491. PVOID
  492. WINAPI
  493. IcpAllocMemory(
  494. IN DWORD Size
  495. )
  496. {
  498. PVOID buffer;
  500. buffer = IISCryptoAllocMemory( Size );
  502. if( buffer != NULL ) {
  503. UpdateAllocs();
  504. }
  506. return buffer;
  508. } // IcpAllocMemory
  510. VOID
  511. WINAPI
  512. IcpFreeMemory(
  513. IN PVOID Buffer
  514. )
  515. {
  517. UpdateFrees();
  518. IISCryptoFreeMemory( Buffer );
  520. } // IcpFreeMemory
  522. #endif // IC_ENABLE_COUNTERS
  527. BOOL
  528. WINAPI
  529. IISCryptoIsClearTextSignature (
  530. IIS_CRYPTO_BLOB UNALIGNED *pBlob
  531. )
  533. /*++
  535. Routine Description:
  537. Returns TRUE if blob is clear text
  539. Arguments:
  541. Ptr to blob
  543. Return Value:
  545. BOOL
  547. --*/
  549. {
  550. return (pBlob->BlobSignature == CLEARTEXT_BLOB_SIGNATURE);
  551. }