archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/inetsrv/iis/svcs/irtl/iiscrypt/lib/key.c

1592 lines
35 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  4. Copyright (c) 1997 Microsoft Corporation
  6. Module Name:
  8. key.c
  10. Abstract:
  12. Key manpulators for the IIS cryptographic package.
  14. The following routines are exported by this module:
  16. IISCryptoGetKeyDeriveKey
  17. IISCryptoGetKeyExchangeKey
  18. IISCryptoGetSignatureKey
  19. IISCryptoGenerateSessionKey
  20. IISCryptoCloseKey
  21. IISCryptoExportSessionKeyBlob
  22. IISCryptoExportSessionKeyBlob2
  23. IISCryptoImportSessionKeyBlob
  24. IISCryptoImportSessionKeyBlob2
  25. IISCryptoExportPublicKeyBlob
  26. IISCryptoImportPublicKeyBlob
  28. Author:
  30. Keith Moore (keithmo) 02-Dec-1996
  32. Revision History:
  34. --*/
  37. #include "precomp.h"
  38. #pragma hdrstop
  41. //
  42. // Private constants.
  43. //
  46. //
  47. // Private types.
  48. //
  51. //
  52. // Private globals.
  53. //
  56. //
  57. // Private prototypes.
  58. //
  60. HRESULT
  61. IcpGetKeyHelper(
  62. OUT HCRYPTKEY * phKey,
  63. IN HCRYPTPROV hProv,
  64. IN DWORD dwKeySpec
  65. );
  67. //
  68. // Public functions.
  69. //
  70. HRESULT
  71. WINAPI
  72. IISCryptoGetKeyDeriveKey2(
  73. OUT HCRYPTKEY * phKey,
  74. IN HCRYPTPROV hProv,
  75. IN HCRYPTHASH hHash
  76. )
  77. /*++
  79. Routine Description:
  81. This routine attempts to derive a key from a password in the given
  82. provider.
  84. Arguments:
  86. phKey - Receives the key handle if successful.
  88. hProv - A handle to a crypto service provider.
  90. hHash - A hash object from which the key will be derived
  92. Return Value:
  94. HRESULT - Completion status, 0 if successful, !0 otherwise.
  96. --*/
  98. {
  99. HRESULT hr;
  101. //
  102. // Sanity check.
  103. //
  105. DBG_ASSERT( IcpGlobals.Initialized );
  106. DBG_ASSERT( phKey != NULL );
  107. DBG_ASSERT( hProv != CRYPT_NULL );
  108. DBG_ASSERT( hHash != CRYPT_NULL );
  110. //
  111. // Short-circuit if cryptography is disabled.
  112. //
  114. if( !IcpGlobals.EnableCryptography ) {
  115. if( hProv == DUMMY_HPROV )
  116. {
  117. return NO_ERROR;
  118. }
  119. else
  120. {
  121. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  122. }
  123. }
  125. //
  126. // Create a key based on the hash of the password.
  127. //
  128. IcpAcquireGlobalLock();
  130. if( !CryptDeriveKey(
  131. hProv,
  132. CALG_RC4,
  133. hHash,
  134. CRYPT_EXPORTABLE,
  135. phKey ) )
  136. {
  137. hr = IcpGetLastError();
  138. IcpReleaseGlobalLock();
  139. DBG_ASSERT( FAILED( hr ) );
  140. return hr;
  141. }
  143. IcpReleaseGlobalLock();
  145. return NO_ERROR;
  146. }
  148. HRESULT
  149. WINAPI
  150. IISCryptoGetKeyExchangeKey(
  151. OUT HCRYPTKEY * phKey,
  152. IN HCRYPTPROV hProv
  153. )
  155. /*++
  157. Routine Description:
  159. This routine attempts to open the key exchange key in the given
  160. provider. If the key does not yet exist, this routine will attempt
  161. to create it.
  163. Arguments:
  165. phKey - Receives the key handle if successful.
  167. hProv - A handle to a crypto service provider.
  169. Return Value:
  171. HRESULT - Completion status, 0 if successful, !0 otherwise.
  173. --*/
  175. {
  177. HRESULT result;
  179. //
  180. // Sanity check.
  181. //
  183. DBG_ASSERT( IcpGlobals.Initialized );
  184. DBG_ASSERT( phKey != NULL );
  185. DBG_ASSERT( hProv != CRYPT_NULL );
  187. //
  188. // Let IcpGetKeyHelper() do the dirty work.
  189. //
  191. result = IcpGetKeyHelper(
  192. phKey,
  193. hProv,
  194. AT_KEYEXCHANGE
  195. );
  197. return result;
  199. } // IISCryptoGetKeyExchangeKey
  202. HRESULT
  203. WINAPI
  204. IISCryptoGetSignatureKey(
  205. OUT HCRYPTKEY * phKey,
  206. IN HCRYPTPROV hProv
  207. )
  209. /*++
  211. Routine Description:
  213. This routine attempts to open the signature key in the given provider.
  214. If the key does not yet exist, this routine will attempt to create it.
  216. Arguments:
  218. phKey - Receives the key handle if successful.
  220. hProv - A handle to a crypto service provider.
  222. Return Value:
  224. HRESULT - Completion status, 0 if successful, !0 otherwise.
  226. --*/
  228. {
  230. HRESULT result;
  232. //
  233. // Sanity check.
  234. //
  236. DBG_ASSERT( IcpGlobals.Initialized );
  237. DBG_ASSERT( phKey != NULL );
  238. DBG_ASSERT( hProv != CRYPT_NULL );
  240. //
  241. // Let IcpGetKeyHelper() do the dirty work.
  242. //
  244. result = IcpGetKeyHelper(
  245. phKey,
  246. hProv,
  247. AT_SIGNATURE
  248. );
  250. return result;
  252. } // IISCryptoGetSignatureKey
  255. HRESULT
  256. WINAPI
  257. IISCryptoGenerateSessionKey(
  258. OUT HCRYPTKEY * phKey,
  259. IN HCRYPTPROV hProv
  260. )
  262. /*++
  264. Routine Description:
  266. This routine generates a random session key.
  268. Arguments:
  270. phKey - Receives the key handle if successful.
  272. hProv - A handle to a crypto service provider.
  274. Return Value:
  276. HRESULT - Completion status, 0 if successful, !0 otherwise.
  278. --*/
  280. {
  281. HRESULT result = NO_ERROR;
  282. BOOL status;
  284. //
  285. // Sanity check.
  286. //
  288. DBG_ASSERT( IcpGlobals.Initialized );
  289. DBG_ASSERT( phKey != NULL );
  290. DBG_ASSERT( hProv != CRYPT_NULL );
  292. //
  293. // Short-circuit if cryptography is disabled.
  294. //
  296. if( !IcpGlobals.EnableCryptography ) {
  297. if( hProv == DUMMY_HPROV ) {
  298. *phKey = DUMMY_HSESSIONKEY;
  299. return NO_ERROR;
  300. } else {
  301. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  302. }
  303. }
  305. //
  306. // Generate the key.
  307. //
  309. status = CryptGenKey(
  310. hProv,
  311. CALG_RC4,
  312. CRYPT_EXPORTABLE,
  313. phKey
  314. );
  316. if( !status ) {
  317. result = IcpGetLastError();
  318. }
  320. if( SUCCEEDED(result) )
  321. {
  322. UpdateKeysOpened();
  323. }
  324. else
  325. {
  326. DBGPRINTF(( DBG_CONTEXT,"IISCryptoGenerateSessionKey.CryptGenKey (advapi32.dll) failed err=0x%x.\n",result));
  327. *phKey = CRYPT_NULL;
  329. }
  331. return result;
  333. } // IISCryptoGenerateSessionKey
  336. HRESULT
  337. WINAPI
  338. IISCryptoCloseKey(
  339. IN HCRYPTKEY hKey
  340. )
  342. /*++
  344. Routine Description:
  346. This routine closes the specified key.
  348. Arguments:
  350. hKey - A key handle.
  352. Return Value:
  354. HRESULT - Completion status, 0 if successful, !0 otherwise.
  356. --*/
  358. {
  360. BOOL status;
  362. //
  363. // Sanity check.
  364. //
  366. DBG_ASSERT( IcpGlobals.Initialized );
  367. DBG_ASSERT( hKey != CRYPT_NULL );
  369. //
  370. // Short-circuit if cryptography is disabled.
  371. //
  373. if( !IcpGlobals.EnableCryptography ) {
  374. if( hKey == DUMMY_HSESSIONKEY ||
  375. hKey == DUMMY_HSIGNATUREKEY ||
  376. hKey == DUMMY_HKEYEXCHANGEKEY ) {
  377. return NO_ERROR;
  378. } else {
  379. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  380. }
  381. }
  383. //
  384. // Close the key.
  385. //
  387. status = CryptDestroyKey(
  388. hKey
  389. );
  391. if( status ) {
  392. UpdateKeysClosed();
  393. return NO_ERROR;
  394. }
  396. return IcpGetLastError();
  398. } // IISCryptoCloseKey
  401. HRESULT
  402. WINAPI
  403. IISCryptoExportSessionKeyBlob(
  404. OUT PIIS_CRYPTO_BLOB * ppSessionKeyBlob,
  405. IN HCRYPTPROV hProv,
  406. IN HCRYPTKEY hSessionKey,
  407. IN HCRYPTKEY hKeyExchangeKey
  408. )
  410. /*++
  412. Routine Description:
  414. This routine exports a session key into a secure session key blob.
  415. The blob contains the session key (encrypted with the specified
  416. private key exchange key) and a digital signature (also encrypted).
  418. Arguments:
  420. ppSessionKeyBlob - Will receive a pointer to the newly created
  421. session key blob if successful.
  423. hProv - A handle to a crypto service provider.
  425. hSessionKey - The key to export.
  427. hKeyExchangeKey - The key to use when encrypting the session key.
  429. Return Value:
  431. HRESULT - Completion status, 0 if successful, !0 otherwise.
  433. --*/
  435. {
  437. HRESULT result = NO_ERROR;
  438. BOOL status;
  439. HCRYPTHASH hash;
  440. DWORD keyLength;
  441. DWORD hashLength;
  442. PIC_BLOB blob;
  444. //
  445. // Sanity check.
  446. //
  448. DBG_ASSERT( IcpGlobals.Initialized );
  449. DBG_ASSERT( ppSessionKeyBlob != NULL );
  450. DBG_ASSERT( hProv != CRYPT_NULL );
  451. DBG_ASSERT( hSessionKey != CRYPT_NULL );
  452. DBG_ASSERT( hKeyExchangeKey != CRYPT_NULL );
  454. //
  455. // Short-circuit if cryptography is disabled.
  456. //
  458. if( !IcpGlobals.EnableCryptography ) {
  459. if( hProv == DUMMY_HPROV &&
  460. hSessionKey == DUMMY_HSESSIONKEY &&
  461. hKeyExchangeKey == DUMMY_HKEYEXCHANGEKEY ) {
  463. return IISCryptoCreateCleartextBlob(
  464. ppSessionKeyBlob,
  465. (PVOID)"",
  466. 1
  467. );
  469. } else {
  470. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  471. }
  472. }
  474. //
  475. // Setup our locals so we know how to cleanup on exit.
  476. //
  478. blob = NULL;
  479. hash = CRYPT_NULL;
  481. //
  482. // Determine the required size of the key data.
  483. //
  485. status = CryptExportKey(
  486. hSessionKey,
  487. hKeyExchangeKey,
  488. SIMPLEBLOB,
  489. 0,
  490. NULL,
  491. &keyLength
  492. );
  494. if( !status ) {
  495. result = IcpGetLastError();
  496. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlob.CryptExportKey (advapi32.dll) failed err=0x%x.\n",result));
  497. goto fatal;
  498. }
  500. //
  501. // Determine the hash data length.
  502. //
  504. result = IcpGetHashLength(
  505. &hashLength,
  506. hProv
  507. );
  509. if( FAILED(result) ) {
  510. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlob.IcpGetHashLength failed err=0x%x.\n",result));
  511. goto fatal;
  512. }
  514. //
  515. // Create a new blob.
  516. //
  518. blob = IcpCreateBlob(
  519. KEY_BLOB_SIGNATURE,
  520. keyLength,
  521. hashLength
  522. );
  524. if( blob == NULL ) {
  525. result = HRESULT_FROM_WIN32( ERROR_NOT_ENOUGH_MEMORY );
  526. goto fatal;
  527. }
  529. //
  530. // Export the key.
  531. //
  533. status = CryptExportKey(
  534. hSessionKey,
  535. hKeyExchangeKey,
  536. SIMPLEBLOB,
  537. 0,
  538. BLOB_TO_DATA(blob),
  539. &keyLength
  540. );
  542. if( !status ) {
  543. result = IcpGetLastError();
  544. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlob.CryptExportKey failed err=0x%x.\n",result));
  545. goto fatal;
  546. }
  548. DBG_ASSERT( keyLength == blob->DataLength );
  550. //
  551. // Create a hash object.
  552. //
  554. result = IISCryptoCreateHash(
  555. &hash,
  556. hProv
  557. );
  559. if( FAILED(result) ) {
  560. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlob.IISCryptoCreateHash failed err=0x%x.\n",result));
  561. goto fatal;
  562. }
  564. //
  565. // Hash the key and generate the signature.
  566. //
  568. status = CryptHashData(
  569. hash,
  570. BLOB_TO_DATA(blob),
  571. keyLength,
  572. 0
  573. );
  575. if( !status ) {
  576. result = IcpGetLastError();
  577. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlob.CryptHashData failed err=0x%x.\n",result));
  578. goto fatal;
  579. }
  581. status = CryptSignHash(
  582. hash,
  583. AT_SIGNATURE,
  584. NULL,
  585. 0,
  586. BLOB_TO_SIGNATURE(blob),
  587. &hashLength
  588. );
  590. if( !status ) {
  591. result = IcpGetLastError();
  592. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlob.CryptSignHash failed err=0x%x.\n",result));
  593. goto fatal;
  594. }
  596. DBG_ASSERT( hashLength == blob->SignatureLength );
  598. //
  599. // Success!
  600. //
  602. DBG_ASSERT( IISCryptoIsValidBlob( (PIIS_CRYPTO_BLOB)blob ) );
  603. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  604. *ppSessionKeyBlob = (PIIS_CRYPTO_BLOB)blob;
  606. UpdateBlobsCreated();
  607. return NO_ERROR;
  609. fatal:
  611. if( hash != CRYPT_NULL ) {
  612. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  613. }
  615. if( blob != NULL ) {
  616. IcpFreeMemory( blob );
  617. }
  619. DBG_ASSERT( FAILED(result) );
  620. return result;
  622. } // IISCryptoExportSessionKeyBlob
  625. HRESULT
  626. WINAPI
  627. IISCryptoImportSessionKeyBlob(
  628. OUT HCRYPTKEY * phSessionKey,
  629. IN PIIS_CRYPTO_BLOB pSessionKeyBlob,
  630. IN HCRYPTPROV hProv,
  631. IN HCRYPTKEY hSignatureKey
  632. )
  634. /*++
  636. Routine Description:
  638. This routine takes the specified session key blob and creates the
  639. corresponding session key, iff the encrypted session key can be
  640. decrypted and the digital signature can be validated.
  642. Arguments:
  644. phSessionKey - Receives a pointer to the newly created session key
  645. if successful.
  647. pSessionKeyBlob - Pointer to a key blob created with
  648. IISCryptoExportSessionKeyBlob().
  650. hProv - A handle to a crypto service provider.
  652. hSignatureKey - Handle to the encryption key to use when validating
  653. the digital signature.
  655. Return Value:
  657. HRESULT - Completion status, 0 if successful, !0 otherwise.
  659. --*/
  661. {
  663. HRESULT result = NO_ERROR;
  664. BOOL status;
  665. HCRYPTHASH hash;
  666. PIC_BLOB blob;
  668. //
  669. // Sanity check.
  670. //
  672. DBG_ASSERT( IcpGlobals.Initialized );
  673. DBG_ASSERT( phSessionKey != NULL );
  674. DBG_ASSERT( pSessionKeyBlob != NULL );
  675. DBG_ASSERT( IISCryptoIsValidBlob( pSessionKeyBlob ) );
  676. DBG_ASSERT( hProv != CRYPT_NULL );
  677. DBG_ASSERT( hSignatureKey != CRYPT_NULL );
  679. //
  680. // Short-circuit if cryptography is disabled.
  681. //
  683. if( !IcpGlobals.EnableCryptography ) {
  684. if( hProv == DUMMY_HPROV &&
  685. hSignatureKey == DUMMY_HSIGNATUREKEY &&
  686. pSessionKeyBlob->BlobSignature == CLEARTEXT_BLOB_SIGNATURE
  687. ) {
  689. *phSessionKey = DUMMY_HSESSIONKEY;
  690. return NO_ERROR;
  692. } else {
  693. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  694. }
  695. }
  697. DBG_ASSERT( pSessionKeyBlob->BlobSignature == KEY_BLOB_SIGNATURE );
  699. //
  700. // Setup our locals so we know how to cleanup on exit.
  701. //
  703. hash = CRYPT_NULL;
  704. blob = (PIC_BLOB)pSessionKeyBlob;
  706. //
  707. // Validate the signature.
  708. //
  710. result = IISCryptoCreateHash(
  711. &hash,
  712. hProv
  713. );
  715. if( FAILED(result) ) {
  716. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportSessionKeyBlob.IISCryptoCreateHash failed err=0x%x.\n",result));
  717. goto fatal;
  718. }
  720. status = CryptHashData(
  721. hash,
  722. BLOB_TO_DATA(blob),
  723. blob->DataLength,
  724. 0
  725. );
  727. if( !status ) {
  728. result = IcpGetLastError();
  729. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportSessionKeyBlob.CryptHashData failed err=0x%x.\n",result));
  730. goto fatal;
  731. }
  733. status = CryptVerifySignature(
  734. hash,
  735. BLOB_TO_SIGNATURE(blob),
  736. blob->SignatureLength,
  737. hSignatureKey,
  738. NULL,
  739. 0
  740. );
  742. if( !status ) {
  743. result = IcpGetLastError();
  744. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportSessionKeyBlob.CryptVerifySignature failed err=0x%x.\n",result));
  745. goto fatal;
  746. }
  748. //
  749. // OK, the signature looks good. Import the key into our CSP.
  750. //
  752. status = CryptImportKey(
  753. hProv,
  754. BLOB_TO_DATA(blob),
  755. blob->DataLength,
  756. CRYPT_NULL,
  757. 0,
  758. phSessionKey
  759. );
  761. if( !status ) {
  762. result = IcpGetLastError();
  763. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportSessionKeyBlob.CryptImportKey failed err=0x%x.\n",result));
  764. }
  766. if( FAILED(result) ) {
  767. goto fatal;
  768. }
  770. //
  771. // Success!
  772. //
  774. DBG_ASSERT( *phSessionKey != CRYPT_NULL );
  775. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  777. UpdateKeysOpened();
  778. return NO_ERROR;
  780. fatal:
  782. if( hash != CRYPT_NULL ) {
  783. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  784. }
  786. DBG_ASSERT( FAILED(result) );
  787. return result;
  789. } // IISCryptoImportSessionKeyBlob
  791. HRESULT
  792. WINAPI
  793. IISCryptoExportSessionKeyBlob2(
  794. OUT PIIS_CRYPTO_BLOB * ppSessionKeyBlob,
  795. IN HCRYPTPROV hProv,
  796. IN HCRYPTKEY hSessionKey,
  797. IN LPSTR pszPasswd
  798. )
  800. /*++
  802. Routine Description:
  804. This routine exports a session key into a secure session key blob.
  805. The blob contains the session key (encrypted with the specified
  806. private key exchange key) and a digital signature (also encrypted).
  808. Arguments:
  810. ppSessionKeyBlob - Will receive a pointer to the newly created
  811. session key blob if successful.
  813. hProv - A handle to a crypto service provider.
  815. hSessionKey - The key to export.
  817. pszPasswd - The password to use to encrypt the session key.
  819. Return Value:
  821. HRESULT - Completion status, 0 if successful, !0 otherwise.
  823. --*/
  825. {
  827. HRESULT result = NO_ERROR;
  828. BOOL status;
  829. BYTE salt[ RANDOM_SALT_LENGTH ];
  830. HCRYPTHASH hash;
  831. DWORD keyLength;
  832. PIC_BLOB2 blob;
  833. HCRYPTKEY hKeyDerivedKey = CRYPT_NULL;
  835. //
  836. // Sanity check.
  837. //
  839. DBG_ASSERT( IcpGlobals.Initialized );
  840. DBG_ASSERT( ppSessionKeyBlob != NULL );
  841. DBG_ASSERT( hProv != CRYPT_NULL );
  842. DBG_ASSERT( hSessionKey != CRYPT_NULL );
  844. //
  845. // Short-circuit if cryptography is disabled.
  846. //
  848. if( !IcpGlobals.EnableCryptography ) {
  849. if( hProv == DUMMY_HPROV &&
  850. hSessionKey == DUMMY_HSESSIONKEY ) {
  852. return IISCryptoCreateCleartextBlob(
  853. ppSessionKeyBlob,
  854. (PVOID)"",
  855. 1
  856. );
  858. } else {
  859. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  860. }
  861. }
  863. //
  864. // Setup our locals so we know how to cleanup on exit.
  865. //
  867. blob = NULL;
  868. hash = CRYPT_NULL;
  870. //
  871. // Generate a random salt of at least 80 bits
  872. //
  874. if( !CryptGenRandom( hProv, RANDOM_SALT_LENGTH, salt ) )
  875. {
  876. result = IcpGetLastError();
  877. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlobWithPasswd.CryptGenRandom (advapi32.dll) failed err=0x%x.\n",result));
  878. goto fatal;
  879. }
  881. //
  882. // Create a hash object.
  883. //
  885. result = IISCryptoCreateHash( &hash, hProv );
  886. if( FAILED(result) )
  887. {
  888. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlobWithPasswd.IISCryptoCreateHash failed err=0x%x.\n",result));
  889. goto fatal;
  890. }
  892. //
  893. // Hash the random salt
  895. if( !CryptHashData( hash, salt, RANDOM_SALT_LENGTH, 0 ) )
  896. {
  897. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlobWithPasswd.CryptHashData failed err=0x%x.\n",result));
  898. goto fatal;
  899. }
  901. //
  902. // Hash the password string
  903. //
  905. if( !CryptHashData( hash, ( BYTE * )pszPasswd, ( DWORD )strlen( pszPasswd ), 0 ) )
  906. {
  907. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlobWithPasswd.CryptHashData failed err=0x%x.\n",result));
  908. goto fatal;
  909. }
  911. //
  912. // Derive a key from the supplied passwd
  913. //
  914. result = IISCryptoGetKeyDeriveKey2( &hKeyDerivedKey,
  915. hProv,
  916. hash
  917. );
  918. if( FAILED( result ) )
  919. {
  920. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlobWithPasswd.IISCryptoGetKeyDeriveKey2 failed err=0x%x.\n",result));
  921. goto fatal;
  922. }
  924. //
  925. // Determine the required size of the key data.
  926. //
  928. status = CryptExportKey(
  929. hSessionKey,
  930. hKeyDerivedKey,
  931. SYMMETRICWRAPKEYBLOB,
  932. 0,
  933. NULL,
  934. &keyLength
  935. );
  936. if( !status ) {
  937. result = IcpGetLastError();
  938. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlobWithPasswd.CryptExportKey (advapi32.dll) failed err=0x%x.\n",result));
  939. goto fatal;
  940. }
  942. //
  943. // Create a new blob.
  944. //
  946. blob = IcpCreateBlob2(
  947. SALT_BLOB_SIGNATURE,
  948. keyLength,
  949. RANDOM_SALT_LENGTH
  950. );
  952. if( blob == NULL ) {
  953. result = HRESULT_FROM_WIN32( ERROR_NOT_ENOUGH_MEMORY );
  954. goto fatal;
  955. }
  957. //
  958. // Export the key.
  959. //
  961. status = CryptExportKey(
  962. hSessionKey,
  963. hKeyDerivedKey,
  964. SYMMETRICWRAPKEYBLOB,
  965. 0,
  966. BLOB_TO_DATA2(blob),
  967. &keyLength
  968. );
  970. if( !status ) {
  971. result = IcpGetLastError();
  972. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlob.CryptExportKey failed err=0x%x.\n",result));
  973. goto fatal;
  974. }
  976. status = CryptDestroyKey( hKeyDerivedKey );
  977. if( !status )
  978. {
  979. result = IcpGetLastError();
  980. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportSessionKeyBlobWithPasswd.CryptDestroyKey (advapi32.dll) failed err=0x%x.\n",result));
  981. goto fatal;
  982. }
  984. DBG_ASSERT( keyLength == blob->DataLength );
  986. memcpy( BLOB_TO_SALT2( blob ), salt, RANDOM_SALT_LENGTH );
  988. //
  989. // Success!
  990. //
  992. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  993. *ppSessionKeyBlob = (PIIS_CRYPTO_BLOB)blob;
  995. UpdateBlobsCreated();
  998. return NO_ERROR;
  1000. fatal:
  1002. if( hash != CRYPT_NULL ) {
  1003. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  1004. }
  1006. if( blob != NULL ) {
  1007. IcpFreeMemory( blob );
  1008. }
  1010. DBG_ASSERT( FAILED(result) );
  1011. return result;
  1013. } // IISCryptoExportSessionKeyBlob2
  1016. HRESULT
  1017. WINAPI
  1018. IISCryptoImportSessionKeyBlob2(
  1019. OUT HCRYPTKEY * phSessionKey,
  1020. IN PIIS_CRYPTO_BLOB pSessionKeyBlob,
  1021. IN HCRYPTPROV hProv,
  1022. IN LPSTR pszPasswd
  1023. )
  1025. /*++
  1027. Routine Description:
  1029. This routine takes the specified session key blob and creates the
  1030. corresponding session key, iff the encrypted session key can be
  1031. decrypted and the digital signature can be validated.
  1033. Arguments:
  1035. phSessionKey - Receives a pointer to the newly created session key
  1036. if successful.
  1038. pSessionKeyBlob - Pointer to a key blob created with
  1039. IISCryptoExportSessionKeyBlob().
  1041. hProv - A handle to a crypto service provider.
  1043. pszPasswd - The password to use to encrypt the session key.
  1045. Return Value:
  1047. HRESULT - Completion status, 0 if successful, !0 otherwise.
  1049. --*/
  1051. {
  1053. HRESULT result = NO_ERROR;
  1054. BOOL status;
  1055. BYTE salt[ RANDOM_SALT_LENGTH ];
  1056. HCRYPTKEY hKeyDerivedKey;
  1057. HCRYPTHASH hash;
  1058. PIC_BLOB2 blob;
  1060. //
  1061. // Sanity check.
  1062. //
  1064. DBG_ASSERT( IcpGlobals.Initialized );
  1065. DBG_ASSERT( phSessionKey != NULL );
  1066. DBG_ASSERT( pSessionKeyBlob != NULL );
  1067. DBG_ASSERT( hProv != CRYPT_NULL );
  1068. DBG_ASSERT( pszPasswd != NULL );
  1070. //
  1071. // Short-circuit if cryptography is disabled.
  1072. //
  1074. if( !IcpGlobals.EnableCryptography ) {
  1075. if( hProv == DUMMY_HPROV &&
  1076. pSessionKeyBlob->BlobSignature == CLEARTEXT_BLOB_SIGNATURE
  1077. ) {
  1079. *phSessionKey = DUMMY_HSESSIONKEY;
  1080. return NO_ERROR;
  1082. } else {
  1083. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  1084. }
  1085. }
  1087. DBG_ASSERT( pSessionKeyBlob->BlobSignature == SALT_BLOB_SIGNATURE );
  1089. //
  1090. // Setup our locals so we know how to cleanup on exit.
  1091. //
  1093. hash = CRYPT_NULL;
  1094. blob = (PIC_BLOB2)pSessionKeyBlob;
  1096. //
  1097. // Get the random salt
  1098. //
  1100. memcpy( salt, BLOB_TO_SALT2( blob ), RANDOM_SALT_LENGTH );
  1102. //
  1103. // Create a hash object.
  1104. //
  1106. result = IISCryptoCreateHash( &hash, hProv );
  1107. if( FAILED(result) )
  1108. {
  1109. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportSessionKeyBlobWithPasswd.IISCryptoCreateHash failed err=0x%x.\n",result));
  1110. goto fatal;
  1111. }
  1113. //
  1114. // Hash the random salt
  1116. if( !CryptHashData( hash, salt, RANDOM_SALT_LENGTH, 0 ) )
  1117. {
  1118. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportSessionKeyBlobWithPasswd.CryptHashData failed err=0x%x.\n",result));
  1119. goto fatal;
  1120. }
  1122. //
  1123. // Hash the password string
  1124. //
  1126. if( !CryptHashData( hash, ( BYTE * )pszPasswd, ( DWORD )strlen( pszPasswd ), 0 ) )
  1127. {
  1128. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportSessionKeyBlobWithPasswd.CryptHashData failed err=0x%x.\n",result));
  1129. goto fatal;
  1130. }
  1132. //
  1133. // Derive a key from the supplied passwd
  1134. //
  1135. result = IISCryptoGetKeyDeriveKey2( &hKeyDerivedKey,
  1136. hProv,
  1137. hash
  1138. );
  1139. if( FAILED( result ) )
  1140. {
  1141. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportSessionKeyBlobWithPasswd.IISCryptoGetKeyDeriveKey2 failed err=0x%x.\n",result));
  1142. goto fatal;
  1143. }
  1145. //
  1146. // OK, import the key into our CSP.
  1147. //
  1149. status = CryptImportKey(
  1150. hProv,
  1151. BLOB_TO_DATA2(blob),
  1152. blob->DataLength,
  1153. hKeyDerivedKey,
  1154. 0,
  1155. phSessionKey
  1156. );
  1158. if( !status ) {
  1159. //result = IcpGetLastError();
  1160. result = HRESULT_FROM_WIN32( ERROR_WRONG_PASSWORD );
  1161. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportSessionKeyBlob.CryptImportKey failed err=0x%x.\n",result));
  1162. }
  1164. if( FAILED(result) ) {
  1165. goto fatal;
  1166. }
  1168. //
  1169. // Success!
  1170. //
  1172. DBG_ASSERT( *phSessionKey != CRYPT_NULL );
  1173. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  1175. UpdateKeysOpened();
  1176. return NO_ERROR;
  1178. fatal:
  1180. if( hash != CRYPT_NULL ) {
  1181. DBG_REQUIRE( SUCCEEDED( IISCryptoDestroyHash( hash ) ) );
  1182. }
  1184. DBG_ASSERT( FAILED(result) );
  1185. return result;
  1187. } // IISCryptoImportSessionKeyBlob2
  1190. HRESULT
  1191. WINAPI
  1192. IISCryptoExportPublicKeyBlob(
  1193. OUT PIIS_CRYPTO_BLOB * ppPublicKeyBlob,
  1194. IN HCRYPTPROV hProv,
  1195. IN HCRYPTKEY hPublicKey
  1196. )
  1198. /*++
  1200. Routine Description:
  1202. This routine exports a key into a public key blob. Note that since
  1203. public keys are, well, public, then the data in the blob is neither
  1204. encrypted nor signed.
  1206. Arguments:
  1208. ppPublicKeyBlob - Will receive a pointer to the newly created public
  1209. key blob if successful.
  1211. hProv - A handle to a crypto service provider.
  1213. hPublicKey - The public key to export. This should identify either a
  1214. key exchange key or a signature key.
  1216. Return Value:
  1218. HRESULT - Completion status, 0 if successful, !0 otherwise.
  1220. --*/
  1222. {
  1224. HRESULT result = NO_ERROR;
  1225. BOOL status;
  1226. DWORD keyLength;
  1227. PIC_BLOB blob;
  1229. //
  1230. // Sanity check.
  1231. //
  1233. DBG_ASSERT( IcpGlobals.Initialized );
  1234. DBG_ASSERT( ppPublicKeyBlob != NULL );
  1235. DBG_ASSERT( hProv != CRYPT_NULL );
  1236. DBG_ASSERT( hPublicKey != CRYPT_NULL );
  1238. //
  1239. // Short-circuit if cryptography is disabled.
  1240. //
  1242. if( !IcpGlobals.EnableCryptography ) {
  1243. if( hProv == DUMMY_HPROV &&
  1244. ( hPublicKey == DUMMY_HKEYEXCHANGEKEY ||
  1245. hPublicKey == DUMMY_HSIGNATUREKEY ) ) {
  1247. return IISCryptoCreateCleartextBlob(
  1248. ppPublicKeyBlob,
  1249. (PVOID)&hPublicKey,
  1250. sizeof(hPublicKey)
  1251. );
  1253. } else {
  1254. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  1255. }
  1256. }
  1258. //
  1259. // Setup our locals so we know how to cleanup on exit.
  1260. //
  1262. blob = NULL;
  1264. //
  1265. // Determine the required size of the key data.
  1266. //
  1268. status = CryptExportKey(
  1269. hPublicKey,
  1270. CRYPT_NULL,
  1271. PUBLICKEYBLOB,
  1272. 0,
  1273. NULL,
  1274. &keyLength
  1275. );
  1277. if( !status ) {
  1278. result = IcpGetLastError();
  1279. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportPublicKeyBlob.CryptExportKey failed err=0x%x.\n",result));
  1280. goto fatal;
  1281. }
  1283. //
  1284. // Create a new blob.
  1285. //
  1287. blob = IcpCreateBlob(
  1288. PUBLIC_KEY_BLOB_SIGNATURE,
  1289. keyLength,
  1290. 0
  1291. );
  1293. if( blob == NULL ) {
  1294. result = ERROR_NOT_ENOUGH_MEMORY;
  1295. goto fatal;
  1296. }
  1298. //
  1299. // Export the key.
  1300. //
  1302. status = CryptExportKey(
  1303. hPublicKey,
  1304. CRYPT_NULL,
  1305. PUBLICKEYBLOB,
  1306. 0,
  1307. BLOB_TO_DATA(blob),
  1308. &keyLength
  1309. );
  1311. if( !status ) {
  1312. result = IcpGetLastError();
  1313. DBGPRINTF(( DBG_CONTEXT,"IISCryptoExportPublicKeyBlob.CryptExportKey failed err=0x%x.\n",result));
  1314. goto fatal;
  1315. }
  1317. DBG_ASSERT( keyLength == blob->DataLength );
  1319. //
  1320. // Success!
  1321. //
  1323. DBG_ASSERT( IISCryptoIsValidBlob( (PIIS_CRYPTO_BLOB)blob ) );
  1324. *ppPublicKeyBlob = (PIIS_CRYPTO_BLOB)blob;
  1326. UpdateBlobsCreated();
  1327. return NO_ERROR;
  1329. fatal:
  1331. if( blob != NULL ) {
  1332. IcpFreeMemory( blob );
  1333. }
  1335. DBG_ASSERT( FAILED(result) );
  1336. return result;
  1338. } // IISCryptoExportPublicKeyBlob
  1341. HRESULT
  1342. WINAPI
  1343. IISCryptoImportPublicKeyBlob(
  1344. OUT HCRYPTKEY * phPublicKey,
  1345. IN PIIS_CRYPTO_BLOB pPublicKeyBlob,
  1346. IN HCRYPTPROV hProv
  1347. )
  1349. /*++
  1351. Routine Description:
  1353. This routine takes the specified public key blob and creates the
  1354. corresponding key.
  1356. Arguments:
  1358. phPublicKey - Receives a pointer to the newly created public key if
  1359. successful.
  1361. pPublicKeyBlob - Pointer to a public key blob created with
  1362. IISCryptoExportPublicKeyBlob().
  1364. hProv - A handle to a crypto service provider.
  1366. Return Value:
  1368. HRESULT - Completion status, 0 if successful, !0 otherwise.
  1370. --*/
  1372. {
  1374. HRESULT result = NO_ERROR;
  1375. BOOL status;
  1376. PIC_BLOB blob;
  1378. //
  1379. // Sanity check.
  1380. //
  1382. DBG_ASSERT( IcpGlobals.Initialized );
  1383. DBG_ASSERT( phPublicKey != NULL );
  1384. DBG_ASSERT( pPublicKeyBlob != NULL );
  1385. DBG_ASSERT( IISCryptoIsValidBlob( pPublicKeyBlob ) );
  1386. DBG_ASSERT( hProv != CRYPT_NULL );
  1388. //
  1389. // Short-circuit if cryptography is disabled.
  1390. //
  1392. if( !IcpGlobals.EnableCryptography ) {
  1393. if( hProv == DUMMY_HPROV &&
  1394. pPublicKeyBlob->BlobSignature == CLEARTEXT_BLOB_SIGNATURE
  1395. ) {
  1397. *phPublicKey = *(HCRYPTKEY *)( pPublicKeyBlob + 1 );
  1398. return NO_ERROR;
  1400. } else {
  1401. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  1402. }
  1403. }
  1405. DBG_ASSERT( pPublicKeyBlob->BlobSignature == PUBLIC_KEY_BLOB_SIGNATURE );
  1407. //
  1408. // Import the key into our CSP.
  1409. //
  1411. blob = (PIC_BLOB)pPublicKeyBlob;
  1413. status = CryptImportKey(
  1414. hProv,
  1415. BLOB_TO_DATA(blob),
  1416. blob->DataLength,
  1417. CRYPT_NULL,
  1418. 0,
  1419. phPublicKey
  1420. );
  1422. if( !status ) {
  1423. result = IcpGetLastError();
  1424. DBGPRINTF(( DBG_CONTEXT,"IISCryptoImportPublicKeyBlob.CryptImportKey failed err=0x%x.\n",result));
  1425. }
  1427. if( SUCCEEDED(result) ) {
  1428. DBG_ASSERT( *phPublicKey != CRYPT_NULL );
  1429. UpdateKeysOpened();
  1430. }
  1432. return result;
  1434. } // IISCryptoImportPublicKeyBlob
  1437. //
  1438. // Private functions.
  1439. //
  1442. HRESULT
  1443. IcpGetKeyHelper(
  1444. OUT HCRYPTKEY * phKey,
  1445. IN HCRYPTPROV hProv,
  1446. IN DWORD dwKeySpec
  1447. )
  1449. /*++
  1451. Routine Description:
  1453. This is a helper routine for IISCryptoGetKeyExchangeKey() and
  1454. IISCryptoGetSignatureKey(). It tries to get/generate the specific
  1455. key type within the given provider.
  1457. Arguments:
  1459. phKey - Receives the key handle if successful.
  1461. hProv - A handle to a crypto service provider.
  1463. dwKeySpec - The specification of the key to open/create.
  1465. Return Value:
  1467. HRESULT - Completion status, 0 if successful, !0 otherwise.
  1469. --*/
  1471. {
  1473. HRESULT result = NO_ERROR;
  1474. BOOL status;
  1476. //
  1477. // Sanity check.
  1478. //
  1480. DBG_ASSERT( IcpGlobals.Initialized );
  1481. DBG_ASSERT( phKey != NULL );
  1482. DBG_ASSERT( hProv != CRYPT_NULL );
  1484. //
  1485. // Short-circuit if cryptography is disabled.
  1486. //
  1488. if( !IcpGlobals.EnableCryptography ) {
  1489. if( hProv == DUMMY_HPROV ) {
  1491. if( dwKeySpec == AT_KEYEXCHANGE ) {
  1492. *phKey = DUMMY_HKEYEXCHANGEKEY;
  1493. } else {
  1494. ASSERT( dwKeySpec == AT_SIGNATURE );
  1495. *phKey = DUMMY_HSIGNATUREKEY;
  1496. }
  1498. return NO_ERROR;
  1500. } else {
  1501. return RETURNCODETOHRESULT( ERROR_INVALID_PARAMETER );
  1502. }
  1503. }
  1505. //
  1506. // Try to retrieve the key.
  1507. //
  1509. status = CryptGetUserKey(
  1510. hProv,
  1511. dwKeySpec,
  1512. phKey
  1513. );
  1515. if( status ) {
  1516. DBG_ASSERT( *phKey != CRYPT_NULL );
  1517. UpdateKeysOpened();
  1518. return NO_ERROR;
  1519. }
  1521. //
  1522. // Could not get the key. If the failure was anything other than
  1523. // NTE_NO_KEY, then we're toast.
  1524. //
  1526. result = IcpGetLastError();
  1528. if( result != NTE_NO_KEY ) {
  1529. DBGPRINTF(( DBG_CONTEXT,"IcpGetKeyHelper.CryptGetUserKey (advapi32.dll) failed err=0x%x.toast.\n",result));
  1530. return result;
  1531. }
  1533. //
  1534. // OK, CryptGetUserKey() failed with NTE_NO_KEY, meaning
  1535. // that the key does not yet exist, so generate it now.
  1536. //
  1537. // Note that we must be careful to handle the inevitable race
  1538. // conditions that can occur when multiple threads execute this
  1539. // code and each thinks they need to generate the key. We handle
  1540. // this by acquiring the global lock, then reattempting to get
  1541. // the key. If we still cannot get the key, only then do we attempt
  1542. // to generate one.
  1543. //
  1545. result = NO_ERROR; // until proven otherwise...
  1547. IcpAcquireGlobalLock();
  1549. status = CryptGetUserKey(
  1550. hProv,
  1551. dwKeySpec,
  1552. phKey
  1553. );
  1555. if( !status )
  1556. {
  1557. //
  1558. // We still cannot get the key, so try to generate one.
  1559. //
  1560. DBGPRINTF(( DBG_CONTEXT,"IcpGetKeyHelper.CryptGetUserKey:failed, lets try to generate another key.\n"));
  1561. status = CryptGenKey(
  1562. hProv,
  1563. dwKeySpec,
  1564. 0,
  1565. phKey
  1566. );
  1568. if( !status ) {
  1569. result = IcpGetLastError();
  1570. DBGPRINTF(( DBG_CONTEXT,"IcpGetKeyHelper.CryptGenKey (advapi32.dll) failed err=0x%x.\n",result));
  1571. }
  1572. else
  1573. {
  1574. DBGPRINTF(( DBG_CONTEXT,"IcpGetKeyHelper.CryptGenKey:key generated.\n"));
  1575. }
  1577. }
  1579. if( SUCCEEDED(result) )
  1580. {
  1581. UpdateKeysOpened();
  1582. }
  1583. else
  1584. {
  1585. *phKey = CRYPT_NULL;
  1586. }
  1588. IcpReleaseGlobalLock();
  1589. return result;
  1591. } // IcpGetKeyHelper