Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

282 lines
5.8 KiB

/*++
Copyright (c) 1994-1997 Microsoft Corporation
Module Name:
tssec.h
Abstract:
contains data definitions required for tshare data encryption.
Author:
Madan Appiah (madana) 30-Dec-1997
Environment:
User Mode - Win32
Revision History:
--*/
#ifndef _TSSEC_H_
#define _TSSEC_H_
#ifdef __cplusplus
extern "C" {
#endif // __cplusplus
#ifdef OS_WIN16
#define RSA32API
typedef unsigned long ULONG;
typedef ULONG FAR* LPULONG;
#define UNALIGNED
#endif // OS_WIN16
#include <rc4.h>
#define RANDOM_KEY_LENGTH 32 // size of a client/server random key
#define MAX_SESSION_KEY_SIZE 16 // max size of a session key
#define PRE_MASTER_SECRET_LEN 48 // size of a pre-master key
#define SEC_MAX_USERNAME 256 // size of username
#define MAX_SIGNKEY_SIZE 20 // maximum size of a signing key
#define MAX_FIPS_SESSION_KEY_SIZE 24 // maximum size of a session key
#define MAX_SIGN_SIZE 8 // maximum size of signed data
#define DES3_KEYLEN 21 // size of 3des key
#define FIPS_BLOCK_LEN 8 // block size for FIPS
#define CLIENT_RANDOM_MAX_SIZE 512
#define UPDATE_SESSION_KEY_COUNT (1024 * 4)
// update session key after this many encryptions.
#define DATA_SIGNATURE_SIZE 8
// size of the data signature that sent accross.
/****************************************************************************/
/* Encryption levels - bit field. */
/****************************************************************************/
#define SM_40BIT_ENCRYPTION_FLAG 0x01
#define SM_128BIT_ENCRYPTION_FLAG 0x02
#define SM_56BIT_ENCRYPTION_FLAG 0x08
#define SM_FIPS_ENCRYPTION_FLAG 0x10
typedef struct _RANDOM_KEYS_PAIR {
BYTE clientRandom[RANDOM_KEY_LENGTH];
BYTE serverRandom[RANDOM_KEY_LENGTH];
} RANDOM_KEYS_PAIR, FAR *LPRANDOM_KEYS_PAIR;
typedef enum _CryptMethod {
Encrypt,
Decrypt
} CryptMethod;
//
// Autoreconnection specific security structures
// These are defined here because they are not necessarily RDP
// specific. Although the PDU's wrapping these packets will
// be protocol specific.
//
// Server to client ARC packet
#define ARC_SC_SECURITY_TOKEN_LEN 16
typedef struct _ARC_SC_PRIVATE_PACKET {
ULONG cbLen;
ULONG Version;
ULONG LogonId;
BYTE ArcRandomBits[ARC_SC_SECURITY_TOKEN_LEN];
} ARC_SC_PRIVATE_PACKET, *PARC_SC_PRIVATE_PACKET;
#define ARC_CS_SECURITY_TOKEN_LEN 16
typedef struct _ARC_CS_PRIVATE_PACKET {
ULONG cbLen;
ULONG Version;
ULONG LogonId;
BYTE SecurityVerifier[ARC_CS_SECURITY_TOKEN_LEN];
} ARC_CS_PRIVATE_PACKET, *PARC_CS_PRIVATE_PACKET;
BOOL
MakeSessionKeys(
LPRANDOM_KEYS_PAIR pKeyPair,
LPBYTE pbEncryptKey,
struct RC4_KEYSTRUCT FAR *prc4EncryptKey,
LPBYTE pbDecryptKey,
struct RC4_KEYSTRUCT FAR *prc4DecryptKey,
LPBYTE pbMACSaltKey,
DWORD dwKeyStrength,
LPDWORD pdwKeyLength,
DWORD dwEncryptionLevel
);
BOOL
UpdateSessionKey(
LPBYTE pbStartKey,
LPBYTE pbCurrentKey,
DWORD dwKeyStrength,
DWORD dwKeyLength,
struct RC4_KEYSTRUCT FAR *prc4Key,
DWORD dwEncryptionLevel
);
BOOL
EncryptData(
DWORD dwEncryptionLevel,
LPBYTE pSessionKey,
struct RC4_KEYSTRUCT FAR *prc4EncryptKey,
DWORD dwKeyLength,
LPBYTE pbData,
DWORD dwDataLen,
LPBYTE pbMACSaltKey,
LPBYTE pbSignature,
BOOL fCheckSumEncryptedData,
DWORD dwEncryptionCount
);
BOOL
DecryptData(
DWORD dwEncryptionLevel,
LPBYTE pSessionKey,
struct RC4_KEYSTRUCT FAR *prc4DecryptKey,
DWORD dwKeyLength,
LPBYTE pbData,
DWORD dwDataLen,
LPBYTE pbMACSaltKey,
LPBYTE pbSignature,
BOOL fCheckSumCipherText,
DWORD dwDecryptionCount
);
//
// RNG init/term functions for DLL_PROCESS_ATTACH, DLL_PROCESS_DETACH
//
VOID
TSRNG_Initialize(
);
VOID
TSRNG_Shutdown(
);
//
// RNG bit gathering function i.e all the work happens here
//
// Params:
// pbRandomKey - where to place the random bits
// dwRandomKeyLen - size in bytes of pbRandomKey
//
// Returns
// Success flag
//
BOOL
TSRNG_GenerateRandomBits(
LPBYTE pbRandomKey,
DWORD dwRandomKeyLen
);
#ifndef NO_INCLUDE_LICENSING
BOOL
GetServerCert(
LPBYTE FAR *ppServerCertBlob,
LPDWORD pdwServerCertLen
);
BOOL
UnpackServerCert(
LPBYTE pbCert,
DWORD dwCertLen,
PHydra_Server_Cert pServerCert
);
BOOL
ValidateServerCert(
PHydra_Server_Cert pServerCert
);
#endif // NO_INCLUDE_LICENSING
BOOL
EncryptClientRandom(
LPBYTE pbSrvPublicKey,
DWORD dwSrvPublicKey,
LPBYTE pbRandomKey,
DWORD dwRandomKeyLen,
LPBYTE pbEncRandomKey,
LPDWORD pdwEncRandomKey
);
BOOL
DecryptClientRandom(
LPBYTE pbEncRandomKey,
DWORD dwEncRandomKeyLen,
LPBYTE pbRandomKey,
LPDWORD pdwRandomKeyLen
);
BOOL EncryptDecryptLocalData(
LPBYTE pbData,
DWORD dwDataLen
);
BOOL EncryptDecryptLocalData50(
LPBYTE pbData,
DWORD dwDataLen,
LPBYTE pbSalt,
DWORD dwSaltLen
);
BOOL
TSCAPI_GenerateRandomBits(
LPBYTE pbRandomBits,
DWORD cbLen
);
//
// remove (or comment) the following definition to disable the MSRC4.
//
// #define USE_MSRC4
#ifdef USE_MSRC4
VOID
msrc4_key(
struct RC4_KEYSTRUCT FAR *pKS,
DWORD dwLen,
LPBYTE pbKey);
VOID
msrc4(
struct RC4_KEYSTRUCT FAR *pKS,
DWORD dwLen,
LPBYTE pbuf);
#else // USE_MSRC4
#define msrc4_key rc4_key
#define msrc4 rc4
#endif // USE_MSRC4
BOOL
FindIsFrenchSystem(
VOID
);
#ifdef __cplusplus
}
#endif // __cplusplus
#endif // _TSSEC_H_