Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

348 lines
7.9 KiB

/*++
Copyright (c) 1994-2002 Microsoft Corporation
Module Name :
strpass.cpp
Abstract:
Message Functions
Author:
Aaron Lee (aaronl)
Project:
Internet Services Manager
Revision History:
--*/
#include "stdafx.h"
#include "common.h"
#include "strpass.h"
#include "cryptpass.h"
#include <strsafe.h>
#ifdef _DEBUG
#undef THIS_FILE
static char BASED_CODE THIS_FILE[] = __FILE__;
#endif
#define new DEBUG_NEW
void CStrPassword::ClearPasswordBuffers(void)
{
if (NULL != m_pszDataEncrypted)
{
if (m_cbDataEncrypted > 0)
{
SecureZeroMemory(m_pszDataEncrypted,m_cbDataEncrypted);
}
LocalFree(m_pszDataEncrypted);m_pszDataEncrypted=NULL;
m_pszDataEncrypted = NULL;
}
m_cbDataEncrypted = 0;
}
// constructor
CStrPassword::CStrPassword()
{
m_pszDataEncrypted = NULL;
m_cbDataEncrypted = 0;
}
CStrPassword::~CStrPassword()
{
ClearPasswordBuffers();
}
// constructor
CStrPassword::CStrPassword(LPTSTR lpch)
{
m_pszDataEncrypted = NULL;
m_cbDataEncrypted = 0;
// Copy the string
if (NULL != lpch)
{
if (FAILED(EncryptMemoryPassword(lpch,&m_pszDataEncrypted,&m_cbDataEncrypted)))
{
ASSERT(FALSE);
}
}
}
// constructor
CStrPassword::CStrPassword(LPCTSTR lpch)
{
CStrPassword((LPTSTR) lpch);
}
// constructor
CStrPassword::CStrPassword(CStrPassword& csPassword)
{
m_pszDataEncrypted = NULL;
m_cbDataEncrypted = 0;
LPTSTR lpTempPassword = csPassword.GetClearTextPassword();
if (FAILED(EncryptMemoryPassword((LPTSTR) lpTempPassword,&m_pszDataEncrypted,&m_cbDataEncrypted)))
{
ASSERT(FALSE);
}
csPassword.DestroyClearTextPassword(lpTempPassword);
}
BOOL CStrPassword::IsEmpty() const
{
if (m_pszDataEncrypted && (m_cbDataEncrypted > 0))
{
return FALSE;
}
return TRUE;
}
void CStrPassword::Empty()
{
ClearPasswordBuffers();
}
int CStrPassword::GetLength() const
{
int iRet = 0;
LPTSTR lpszTempPassword = NULL;
if (m_pszDataEncrypted && (m_cbDataEncrypted > 0))
{
if (SUCCEEDED(DecryptMemoryPassword((LPTSTR) m_pszDataEncrypted,&lpszTempPassword,m_cbDataEncrypted)))
{
iRet = _tcslen(lpszTempPassword);
}
}
if (lpszTempPassword)
{
SecureZeroMemory(lpszTempPassword,(_tcslen(lpszTempPassword)+1) * sizeof(TCHAR));
LocalFree(lpszTempPassword);lpszTempPassword=NULL;
}
return iRet;
};
int CStrPassword::GetByteLength() const
{
int iRet = 0;
LPTSTR lpszTempPassword = NULL;
if (m_pszDataEncrypted && (m_cbDataEncrypted > 0))
{
if (SUCCEEDED(DecryptMemoryPassword((LPTSTR) m_pszDataEncrypted,&lpszTempPassword,m_cbDataEncrypted)))
{
iRet = (_tcslen(lpszTempPassword) + 1) * sizeof(TCHAR);
}
}
if (lpszTempPassword)
{
SecureZeroMemory(lpszTempPassword,(_tcslen(lpszTempPassword)+1) * sizeof(TCHAR));
LocalFree(lpszTempPassword);lpszTempPassword=NULL;
}
return iRet;
};
int CStrPassword::Compare(LPCTSTR lpsz) const
{
// identical = 0
// not equal = 1
int iRet = 1;
LPTSTR lpszTempPassword = NULL;
if (lpsz == NULL)
{
return this->IsEmpty() ? 0 : 1;
}
if (lpsz[0] == NULL)
{
return this->IsEmpty() ? 0 : 1;
}
// Decrypt what we have
if (!m_pszDataEncrypted || (m_cbDataEncrypted < 1))
{
// means we have nothing in here
// but they want to compare it to something
return iRet;
}
if (FAILED(DecryptMemoryPassword((LPTSTR) m_pszDataEncrypted,&lpszTempPassword,m_cbDataEncrypted)))
{
goto CStrPassword_Compare_Exit;
}
else
{
iRet = _tcscmp(lpszTempPassword,lpsz);
}
CStrPassword_Compare_Exit:
if (lpszTempPassword)
{
LocalFree(lpszTempPassword);lpszTempPassword=NULL;
}
return iRet;
}
const CStrPassword& CStrPassword::operator=(LPCTSTR lpsz)
{
ClearPasswordBuffers();
if (lpsz != NULL)
{
// make sure it's pointing to some value
if (*lpsz != NULL)
{
// Copy the string
if (FAILED(EncryptMemoryPassword((LPTSTR) lpsz,&m_pszDataEncrypted,&m_cbDataEncrypted)))
{
ASSERT(FALSE);
}
}
}
return *this;
}
const CStrPassword& CStrPassword::operator= (CStrPassword& StrPass)
{
// handle the a = a case.
if (this == &StrPass)
{
return *this;
}
ClearPasswordBuffers();
if (!StrPass.IsEmpty())
{
LPTSTR p = StrPass.GetClearTextPassword();
ASSERT(NULL != p);
if (FAILED(EncryptMemoryPassword((LPTSTR) p,&m_pszDataEncrypted,&m_cbDataEncrypted)))
{
ASSERT(FALSE);
}
StrPass.DestroyClearTextPassword(p);
}
return *this;
}
void CStrPassword::CopyTo(CString& stringSrc)
{
LPTSTR lpTempPassword = GetClearTextPassword();
stringSrc = lpTempPassword;
DestroyClearTextPassword(lpTempPassword);
return;
}
void CStrPassword::CopyTo(CStrPassword& stringSrc)
{
LPTSTR lpTempPassword = GetClearTextPassword();
stringSrc = (LPCTSTR) lpTempPassword;
DestroyClearTextPassword(lpTempPassword);
return;
}
int CStrPassword::Compare(CString& csString) const
{
int iRet = 1;
if (!csString.IsEmpty())
{
return Compare((LPCTSTR) csString);
}
return iRet;
}
int CStrPassword::Compare(CStrPassword& cstrPassword) const
{
int iRet = 1;
if (!cstrPassword.IsEmpty())
{
LPTSTR lpTempPassword = cstrPassword.GetClearTextPassword();
iRet = Compare((LPCTSTR) lpTempPassword);
cstrPassword.DestroyClearTextPassword(lpTempPassword);
return iRet;
}
return iRet;
}
// user needs to LocalFree return.
// or call DestroyClearTextPassword.
LPTSTR CStrPassword::GetClearTextPassword()
{
LPTSTR lpszTempPassword = NULL;
if (m_pszDataEncrypted && (m_cbDataEncrypted > 0))
{
if (FAILED(DecryptMemoryPassword((LPTSTR) m_pszDataEncrypted,&lpszTempPassword,m_cbDataEncrypted)))
{
if (lpszTempPassword)
{
LocalFree(lpszTempPassword);lpszTempPassword=NULL;
}
}
else
{
return lpszTempPassword;
}
}
return NULL;
}
void CStrPassword::DestroyClearTextPassword(LPTSTR lpClearTextPassword) const
{
if (lpClearTextPassword)
{
SecureZeroMemory(lpClearTextPassword,(_tcslen(lpClearTextPassword)+1) * sizeof(TCHAR));
LocalFree(lpClearTextPassword);lpClearTextPassword=NULL;
}
return;
}
// assign to a CString
CStrPassword::operator CString()
{
LPTSTR lpTempPassword = GetClearTextPassword();
CString csTempCString(lpTempPassword);
DestroyClearTextPassword(lpTempPassword);
return csTempCString;
}
bool CStrPassword::operator==(CStrPassword& csCompareToMe)
{
LPTSTR lpTempPassword1 = NULL;
LPTSTR lpTempPassword2 = NULL;
bool result = FALSE;
// handle the a == a case
if (this == &csCompareToMe)
{
return TRUE;
}
if (GetLength() != csCompareToMe.GetLength())
{
// can't be the same if lengths differ...
return FALSE;
}
// check the case when both are empty (fix for 593488)
if (GetLength() == 0 && csCompareToMe.GetLength() == 0)
{
return TRUE;
}
// Two strings are the same if their decoded contents are the same.
lpTempPassword1 = GetClearTextPassword();
lpTempPassword2 = csCompareToMe.GetClearTextPassword();
result = (_tcscmp(lpTempPassword1, lpTempPassword2) == 0);
if (lpTempPassword1)
{DestroyClearTextPassword(lpTempPassword1);}
if (lpTempPassword2)
{csCompareToMe.DestroyClearTextPassword(lpTempPassword2);}
return result;
}