archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/inetsrv/iis/svcs/irtl/iiscrypt/lib/hash.c

641 lines
11 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1997 Microsoft Corporation
  5. Module Name:
  7. hash.c
  9. Abstract:
  11. Hash manipulators for the IIS cryptographic package.
  13. The following routines are exported by this module:
  15. IISCryptoCreateHash
  16. IISCryptoDestroyHash
  17. IISCryptoHashData
  18. IISCryptoHashSessionKey
  19. IISCryptoExportHashBlob
  20. IcpGetHashLength
  22. Author:
  24. Keith Moore (keithmo) 02-Dec-1996
  26. Revision History:
  28. --*/
  31. #include "precomp.h"
  32. #pragma hdrstop
  35. //
  36. // Private constants.
  37. //
  40. //
  41. // Private types.
  42. //
  45. //
  46. // Private globals.
  47. //
  50. //
  51. // Private prototypes.
  52. //
  55. //
  56. // Public functions.
  57. //
  60. HRESULT
  61. WINAPI
  62. IISCryptoCreateHash(
  63. OUT HCRYPTHASH * phHash,
  64. IN HCRYPTPROV hProv
  65. )
  67. /*++
  69. Routine Description:
  71. This routine creates a new hash object.
  73. Arguments:
  75. phHash - Receives the hash handle if successful.
  77. hProv - A handle to a crypto service provider.
  79. Return Value:
  81. HRESULT - Completion status, 0 if successful, !0 otherwise.
  83. --*/
  85. {
  87. //
  88. // Sanity check.
  89. //
  91. DBG_ASSERT( IcpGlobals.Initialized );
  92. DBG_ASSERT( phHash != NULL );
  93. DBG_ASSERT( hProv != CRYPT_NULL );
  95. //
  96. // Short-circuit if cryptography is disabled.
  97. //
  99. if( !IcpGlobals.EnableCryptography ) {
  100. if( hProv == DUMMY_HPROV ) {
  101. *phHash = DUMMY_HHASH;
  102. return NO_ERROR;
  103. } else {
  104. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  105. }
  106. }
  108. //
  109. // Create the hash object.
  110. //
  112. if( CryptCreateHash(
  113. hProv,
  114. IC_HASH_ALG,
  115. CRYPT_NULL,
  116. 0,
  117. phHash
  118. ) ) {
  120. UpdateHashCreated();
  121. return NO_ERROR;
  123. }
  125. return IcpGetLastError();
  127. } // IISCryptoCreateHash
  130. HRESULT
  131. WINAPI
  132. IISCryptoDestroyHash(
  133. IN HCRYPTHASH hHash
  134. )
  136. /*++
  138. Routine Description:
  140. This routine destroys the specified hash object.
  142. Arguments:
  144. hHash - The hash object to destroy.
  146. Return Value:
  148. HRESULT - Completion status, 0 if successful, !0 otherwise.
  150. --*/
  152. {
  154. //
  155. // Sanity check.
  156. //
  158. DBG_ASSERT( IcpGlobals.Initialized );
  159. DBG_ASSERT( hHash != CRYPT_NULL );
  161. //
  162. // Short-circuit if cryptography is disabled.
  163. //
  165. if( !IcpGlobals.EnableCryptography ) {
  166. if( hHash == DUMMY_HHASH ) {
  167. return NO_ERROR;
  168. } else {
  169. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  170. }
  171. }
  173. //
  174. // Destroy it.
  175. //
  177. if( CryptDestroyHash(
  178. hHash
  179. ) ) {
  181. UpdateHashDestroyed();
  182. return NO_ERROR;
  184. }
  186. return IcpGetLastError();
  188. } // IISCryptoDestroyHash
  191. HRESULT
  192. WINAPI
  193. IISCryptoHashData(
  194. IN HCRYPTHASH hHash,
  195. IN PVOID pBuffer,
  196. IN DWORD dwBufferLength
  197. )
  199. /*++
  201. Routine Description:
  203. This routine adds the specified data to the hash.
  205. Arguments:
  207. hHash - A hash object handle.
  209. pBuffer - Pointer to the buffer to add to the hash.
  211. dwBufferLength - The buffer length.
  213. Return Value:
  215. HRESULT - Completion status, 0 if successful, !0 otherwise.
  217. --*/
  219. {
  221. //
  222. // Sanity check.
  223. //
  225. DBG_ASSERT( IcpGlobals.Initialized );
  226. DBG_ASSERT( hHash != CRYPT_NULL );
  227. DBG_ASSERT( pBuffer != NULL );
  228. DBG_ASSERT( dwBufferLength > 0 );
  230. //
  231. // Short-circuit if cryptography is disabled.
  232. //
  234. if( !IcpGlobals.EnableCryptography ) {
  235. if( hHash == DUMMY_HHASH ) {
  236. return NO_ERROR;
  237. } else {
  238. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  239. }
  240. }
  242. //
  243. // Hash it.
  244. //
  246. if( CryptHashData(
  247. hHash,
  248. (BYTE *)pBuffer,
  249. dwBufferLength,
  250. 0
  251. ) ) {
  253. return NO_ERROR;
  255. }
  257. return IcpGetLastError();
  259. } // IISCryptoHashData
  262. HRESULT
  263. WINAPI
  264. IISCryptoHashSessionKey(
  265. IN HCRYPTHASH hHash,
  266. IN HCRYPTKEY hSessionKey
  267. )
  269. /*++
  271. Routine Description:
  273. This routine adds the given key object to the hash.
  275. Arguments:
  277. hHash - A hash object handle.
  279. hSessionKey - The session key to add to the hash.
  281. Return Value:
  283. HRESULT - Completion status, 0 if successful, !0 otherwise.
  285. --*/
  287. {
  289. //
  290. // Sanity check.
  291. //
  293. DBG_ASSERT( IcpGlobals.Initialized );
  294. DBG_ASSERT( hHash != CRYPT_NULL );
  295. DBG_ASSERT( hSessionKey != CRYPT_NULL );
  297. //
  298. // Short-circuit if cryptography is disabled.
  299. //
  301. if( !IcpGlobals.EnableCryptography ) {
  302. if( hHash == DUMMY_HHASH &&
  303. hSessionKey == DUMMY_HSESSIONKEY ) {
  304. return NO_ERROR;
  305. } else {
  306. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  307. }
  308. }
  310. //
  311. // Hash it.
  312. //
  314. if( CryptHashSessionKey(
  315. hHash,
  316. hSessionKey,
  317. 0
  318. ) ) {
  320. return NO_ERROR;
  322. }
  324. return IcpGetLastError();
  326. } // IISCryptoHashSessionKey
  329. HRESULT
  330. WINAPI
  331. IISCryptoExportHashBlob(
  332. OUT PIIS_CRYPTO_BLOB * ppHashBlob,
  333. IN HCRYPTHASH hHash
  334. )
  336. /*++
  338. Routine Description:
  340. This routine exports a hash object into a hash blob. Note that unlike
  341. the other blobs created by this package, hash blobs are not encrypted,
  342. nor do they have corresponding digital signatures.
  344. Arguments:
  346. ppHashBlob - Will receive a pointer to the newly created hash blob
  347. if successful.
  349. hHash - The hash object to export.
  351. Return Value:
  353. HRESULT - Completion status, 0 if successful, !0 otherwise.
  355. --*/
  357. {
  359. HRESULT result;
  360. DWORD hashLength;
  361. DWORD hashLengthLength;
  362. PIC_BLOB blob;
  364. //
  365. // Sanity check.
  366. //
  368. DBG_ASSERT( IcpGlobals.Initialized );
  369. DBG_ASSERT( ppHashBlob != NULL );
  370. DBG_ASSERT( hHash != CRYPT_NULL );
  372. //
  373. // Short-circuit if cryptography is disabled.
  374. //
  376. if( !IcpGlobals.EnableCryptography ) {
  377. if( hHash == DUMMY_HHASH ) {
  378. return IISCryptoCreateCleartextBlob(
  379. ppHashBlob,
  380. (PVOID)"",
  381. 1
  382. );
  383. } else {
  384. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  385. }
  386. }
  388. //
  389. // Setup our locals so we know how to cleanup on exit.
  390. //
  392. blob = NULL;
  394. //
  395. // Determine the length of the hash.
  396. //
  398. hashLengthLength = sizeof(hashLength);
  400. if( !CryptGetHashParam(
  401. hHash,
  402. HP_HASHSIZE,
  403. (BYTE *)&hashLength,
  404. &hashLengthLength,
  405. 0
  406. ) ) {
  408. result = IcpGetLastError();
  409. goto fatal;
  411. }
  413. //
  414. // Create a new blob.
  415. //
  417. blob = IcpCreateBlob(
  418. HASH_BLOB_SIGNATURE,
  419. hashLength,
  420. 0
  421. );
  423. if( blob == NULL ) {
  424. result = HRESULT_FROM_WIN32( ERROR_NOT_ENOUGH_MEMORY );
  425. goto fatal;
  426. }
  428. //
  429. // Get the hash data.
  430. //
  432. if( !CryptGetHashParam(
  433. hHash,
  434. HP_HASHVAL,
  435. BLOB_TO_DATA(blob),
  436. &hashLength,
  437. 0
  438. ) ) {
  440. result = IcpGetLastError();
  441. goto fatal;
  443. }
  445. DBG_ASSERT( hashLength == blob->DataLength );
  447. //
  448. // Success!
  449. //
  451. DBG_ASSERT( IISCryptoIsValidBlob( (PIIS_CRYPTO_BLOB)blob ) );
  452. *ppHashBlob = (PIIS_CRYPTO_BLOB)blob;
  454. UpdateBlobsCreated();
  455. return NO_ERROR;
  457. fatal:
  459. if( blob != NULL ) {
  460. IcpFreeMemory( blob );
  461. }
  463. DBG_ASSERT( FAILED(result) );
  464. return result;
  466. } // IISCryptoExportHashBlob
  468. IIS_CRYPTO_API
  469. HRESULT
  470. WINAPI
  471. IISCryptoCacheHashLength(
  472. IN HCRYPTPROV hProv
  473. )
  475. /*++
  477. Routine Description:
  479. This routine calls IcpGetHashLength to cache the hash size.
  481. Arguments:
  483. hProv - A handle to a crypto service provider.
  485. Return Value:
  487. HRESULT
  489. --*/
  491. {
  492. DWORD dwDummy = 0;
  494. return IcpGetHashLength( &dwDummy, hProv );
  495. }
  499. HRESULT
  500. IcpGetHashLength(
  501. OUT LPDWORD pdwHashLength,
  502. IN HCRYPTPROV hProv
  503. )
  505. /*++
  507. Routine Description:
  509. This routine determines the digital signature length used by the
  510. given provider. Since we always use the default provider, and
  511. we always use the same hash algorithm, we can retrieve this once,
  512. store it globally, then use that value.
  514. Arguments:
  516. pdwHashLength - Receives the hash length if successful.
  518. hProv - A handle to a crypto service provider.
  520. Return Value:
  522. HRESULT - Completion status, 0 if successful, !0 otherwise.
  524. --*/
  526. {
  528. HRESULT result;
  529. HCRYPTHASH hash;
  531. //
  532. // Sanity check.
  533. //
  535. DBG_ASSERT( IcpGlobals.Initialized );
  536. DBG_ASSERT( IcpGlobals.EnableCryptography );
  537. DBG_ASSERT( pdwHashLength != NULL );
  538. DBG_ASSERT( hProv != CRYPT_NULL );
  540. //
  541. // If the hash length has already been calculated, just use it.
  542. //
  544. if( IcpGlobals.HashLength > 0 ) {
  545. *pdwHashLength = IcpGlobals.HashLength;
  546. return NO_ERROR;
  547. }
  549. //
  550. // Grab the global lock, then check again, just in case another
  551. // thread has already done it.
  552. //
  554. IcpAcquireGlobalLock();
  556. if( IcpGlobals.HashLength > 0 ) {
  557. *pdwHashLength = IcpGlobals.HashLength;
  558. IcpReleaseGlobalLock();
  559. return NO_ERROR;
  560. }
  562. //
  563. // Setup our locals so we know how to cleanup on exit.
  564. //
  566. hash = CRYPT_NULL;
  568. //
  569. // Create a hash object.
  570. //
  572. result = IISCryptoCreateHash(
  573. &hash,
  574. hProv
  575. );
  577. if( FAILED(result) ) {
  578. goto fatal;
  579. }
  581. //
  582. // Hash some random data.
  583. //
  585. if( !CryptHashData(
  586. hash,
  587. (BYTE *)"IIS",
  588. 4,
  589. 0
  590. ) ) {
  592. result = IcpGetLastError();
  593. goto fatal;
  595. }
  597. //
  598. // Attempt to sign the hash to get its length.
  599. //
  601. if( !CryptSignHash(
  602. hash,
  603. AT_SIGNATURE,
  604. NULL,
  605. 0,
  606. NULL,
  607. &IcpGlobals.HashLength
  608. ) ) {
  610. result = IcpGetLastError();
  611. goto fatal;
  613. }
  615. //
  616. // Success!
  617. //
  619. *pdwHashLength = IcpGlobals.HashLength;
  620. IcpReleaseGlobalLock();
  622. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  623. return NO_ERROR;
  625. fatal:
  627. if( hash != CRYPT_NULL ) {
  628. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  629. }
  631. IcpReleaseGlobalLock();
  633. DBG_ASSERT( FAILED(result) );
  634. return result;
  636. } // IcpGetHashLength
  638. //
  639. // Private functions.
  640. //