archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/net/layer2svc/eapol/service/elkey.c

389 lines
10 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1999, Microsoft Corporation
  5. Module Name:
  7. elkey.c
  9. Abstract:
  11. This module deals with the key management for EAPOL
  14. Revision History:
  16. Dec 26 2001, Created
  18. --*/
  20. #include "pcheapol.h"
  21. #pragma hdrstop
  24. DWORD
  25. ElQueryMasterKeys (
  26. IN EAPOL_PCB *pPCB,
  27. IN OUT SESSION_KEYS *pSessionKeys
  28. )
  29. {
  30. SESSION_KEYS WZCSessionKeys = {0};
  31. SESSION_KEYS EAPOLSessionKeys = {0};
  32. BOOLEAN fGotWZCKeys = FALSE, fGotEAPOLKeys = FALSE;
  33. DWORD dwRetCode = NO_ERROR;
  35. do
  36. {
  37. if ((dwRetCode = ElQueryWZCMasterKeys (
  38. pPCB,
  39. &WZCSessionKeys
  40. )) != NO_ERROR)
  41. {
  42. TRACE1 (ANY, "ElQueryMasterKeys: ElQueryWZCMasterKeys failed with error %ld",
  43. dwRetCode);
  44. dwRetCode = NO_ERROR;
  45. }
  46. else
  47. {
  48. fGotWZCKeys = TRUE;
  49. }
  50. if (WZCSessionKeys.dwKeyLength == 0)
  51. {
  52. fGotWZCKeys = FALSE;
  53. }
  54. if ((dwRetCode = ElQueryEAPOLMasterKeys (
  55. pPCB,
  56. &EAPOLSessionKeys
  57. )) != NO_ERROR)
  58. {
  59. TRACE1 (ANY, "ElQueryMasterKeys: ElQueryEAPOLMasterKeys failed with error %ld",
  60. dwRetCode);
  61. dwRetCode = NO_ERROR;
  62. }
  63. else
  64. {
  65. fGotEAPOLKeys = TRUE;
  66. }
  67. if (EAPOLSessionKeys.dwKeyLength == 0)
  68. {
  69. fGotEAPOLKeys = FALSE;
  70. }
  72. if (fGotEAPOLKeys)
  73. {
  74. TRACE0 (ANY, "ElQueryMasterKeys: Using EAPOL Keys as Master Keys for Re-keying");
  75. memcpy ((PBYTE)pSessionKeys, (PBYTE)&EAPOLSessionKeys,
  76. sizeof(SESSION_KEYS));
  77. pPCB->fLastUsedEAPOLKeys = TRUE;
  78. }
  79. else
  80. {
  81. if (fGotWZCKeys)
  82. {
  83. TRACE0 (ANY, "ElQueryMasterKeys: Using WZC Keys as Master Keys for Re-keying");
  84. memcpy ((PBYTE)pSessionKeys, (PBYTE)&WZCSessionKeys,
  85. sizeof(SESSION_KEYS));
  86. pPCB->fLastUsedEAPOLKeys = FALSE;
  87. }
  88. else
  89. {
  90. DbLogPCBEvent (DBLOG_CATEG_ERR, pPCB, EAPOL_NOT_CONFIGURED_KEYS);
  91. TRACE0 (ANY, "ElQueryMasterKeys: Did not get any keys. Error !!");
  92. dwRetCode = ERROR_INVALID_DATA;
  93. }
  94. }
  95. }
  96. while (FALSE);
  98. return dwRetCode;
  99. }
  102. DWORD
  103. ElSetMasterKeys (
  104. IN EAPOL_PCB *pPCB,
  105. IN SESSION_KEYS *pSessionKeys
  106. )
  107. {
  108. DWORD dwRetCode = NO_ERROR;
  110. do
  111. {
  112. if (pPCB->fLastUsedEAPOLKeys)
  113. {
  114. TRACE0 (ANY, "ElSetMasterKeys: Updating EAPOL Keys after Re-keying");
  115. if ((dwRetCode = ElSetEAPOLMasterKeys (
  116. pPCB,
  117. pSessionKeys
  118. )) != NO_ERROR)
  119. {
  120. TRACE1 (ANY, "ElSetMasterKeys: ElSetMasterKeys failed with error %ld",
  121. dwRetCode);
  122. dwRetCode = NO_ERROR;
  123. }
  124. }
  125. else
  126. {
  127. TRACE0 (ANY, "ElSetMasterKeys: Updating WZC Keys after Re-keying");
  128. if ((dwRetCode = ElSetWZCMasterKeys (
  129. pPCB,
  130. pSessionKeys
  131. )) != NO_ERROR)
  132. {
  133. TRACE1 (ANY, "ElSetMasterKeys: ElSetWZCMasterKeys failed with error %ld",
  134. dwRetCode);
  135. dwRetCode = NO_ERROR;
  136. }
  137. }
  139. // Reset the flag for next run
  140. pPCB->fLastUsedEAPOLKeys = FALSE;
  141. }
  142. while (FALSE);
  144. return dwRetCode;
  145. }
  148. DWORD
  149. ElQueryEAPOLMasterKeys (
  150. IN EAPOL_PCB *pPCB,
  151. IN OUT SESSION_KEYS *pSessionKeys
  152. )
  153. {
  154. SESSION_KEYS EAPOLSessionKeys = {0};
  155. PBYTE pbMasterSecretSend = NULL, pbMasterSecretRecv = NULL;
  156. DWORD dwMasterSecretSendLength = 0, dwMasterSecretRecvLength = 0;
  157. DWORD dwRetCode = NO_ERROR;
  159. do
  160. {
  161. // Access the Master Send and Recv key stored locally
  162. if ((dwRetCode = ElSecureDecodePw (
  163. &(pPCB->MasterSecretSend),
  164. &(pbMasterSecretSend),
  165. &dwMasterSecretSendLength
  166. )) != NO_ERROR)
  167. {
  168. TRACE1 (ANY, "ElQueryEAPOLMasterKeys: ElSecureDecodePw failed for MasterSecretSend with error %ld",
  169. dwRetCode);
  170. break;
  171. }
  172. if ((dwRetCode = ElSecureDecodePw (
  173. &(pPCB->MasterSecretRecv),
  174. &(pbMasterSecretRecv),
  175. &dwMasterSecretRecvLength
  176. )) != NO_ERROR)
  177. {
  178. TRACE1 (ANY, "ElKeyReceivePerSTA: ElSecureDecodePw failed for MasterSecretRecv with error %ld",
  179. dwRetCode);
  180. break;
  181. }
  183. if (dwMasterSecretSendLength != dwMasterSecretRecvLength)
  184. {
  185. dwRetCode = ERROR_INVALID_PARAMETER;
  186. TRACE2 (ANY, "ElQueryEAPOLMasterKeys: Send Secret Length (%ld) != Recv Secret Lenght (%ld): Invalid values",
  187. dwMasterSecretSendLength, dwMasterSecretRecvLength);
  188. break;
  189. }
  191. memcpy (pSessionKeys->bSendKey, pbMasterSecretSend,
  192. dwMasterSecretSendLength);
  193. memcpy (pSessionKeys->bReceiveKey, pbMasterSecretRecv,
  194. dwMasterSecretRecvLength);
  195. pSessionKeys->dwKeyLength = dwMasterSecretSendLength;
  196. }
  197. while (FALSE);
  199. if (pbMasterSecretSend != NULL)
  200. {
  201. FREE (pbMasterSecretSend);
  202. }
  203. if (pbMasterSecretRecv != NULL)
  204. {
  205. FREE (pbMasterSecretRecv);
  206. }
  207. return dwRetCode;
  208. }
  211. DWORD
  212. ElSetEAPOLMasterKeys (
  213. IN EAPOL_PCB *pPCB,
  214. IN SESSION_KEYS *pSessionKeys
  215. )
  216. {
  217. DWORD dwRetCode = NO_ERROR;
  219. do
  220. {
  221. if (pPCB->MasterSecretSend.cbData != 0)
  222. {
  223. FREE (pPCB->MasterSecretSend.pbData);
  224. pPCB->MasterSecretSend.cbData = 0;
  225. pPCB->MasterSecretSend.pbData = NULL;
  226. }
  228. if ((dwRetCode = ElSecureEncodePw (
  229. pSessionKeys->bSendKey,
  230. pSessionKeys->dwKeyLength,
  231. &(pPCB->MasterSecretSend)
  232. )) != NO_ERROR)
  233. {
  234. TRACE1 (ANY, "ElSetEAPOLMasterKeys: ElSecureEncodePw for MasterSecretSend failed with error %ld",
  235. dwRetCode);
  236. break;
  237. }
  239. if (pPCB->MasterSecretRecv.cbData != 0)
  240. {
  241. FREE (pPCB->MasterSecretRecv.pbData);
  242. pPCB->MasterSecretRecv.cbData = 0;
  243. pPCB->MasterSecretRecv.pbData = NULL;
  244. }
  246. if ((dwRetCode = ElSecureEncodePw (
  247. pSessionKeys->bReceiveKey,
  248. pSessionKeys->dwKeyLength,
  249. &(pPCB->MasterSecretRecv)
  250. )) != NO_ERROR)
  251. {
  252. TRACE1 (ANY, "ElSetEAPOLMasterKeys: ElSecureEncodePw for MasterSecretRecv failed with error %ld",
  253. dwRetCode);
  254. break;
  255. }
  256. }
  257. while (FALSE);
  259. return dwRetCode;
  260. }
  263. DWORD
  264. ElQueryWZCMasterKeys (
  265. IN EAPOL_PCB *pPCB,
  266. IN OUT SESSION_KEYS *pSessionKeys
  267. )
  268. {
  269. RAW_DATA rdUserData = {0};
  270. DWORD dwRetCode = NO_ERROR;
  272. do
  273. {
  274. rdUserData.dwDataLen = sizeof (SESSION_KEYS);
  275. rdUserData.pData = (PBYTE)pSessionKeys;
  276. if ((dwRetCode = RpcCmdInterface (
  277. pPCB->dwZeroConfigId,
  278. WZCCMD_SKEY_QUERY,
  279. pPCB->pwszDeviceGUID,
  280. &rdUserData
  281. )) != NO_ERROR)
  282. {
  283. TRACE1 (ANY, "ElQueryWZCMasterKeys: RpcCmdInterface failed with error %ld",
  284. dwRetCode);
  285. }
  286. }
  287. while (FALSE);
  289. return dwRetCode;
  290. }
  293. DWORD
  294. ElSetWZCMasterKeys (
  295. IN EAPOL_PCB *pPCB,
  296. IN SESSION_KEYS *pSessionKeys
  297. )
  298. {
  299. RAW_DATA rdUserData = {0};
  300. DWORD dwRetCode = NO_ERROR;
  302. do
  303. {
  304. rdUserData.dwDataLen = sizeof (SESSION_KEYS);
  305. rdUserData.pData = (PBYTE)pSessionKeys;
  306. if ((dwRetCode = RpcCmdInterface (
  307. pPCB->dwZeroConfigId,
  308. WZCCMD_SKEY_SET,
  309. pPCB->pwszDeviceGUID,
  310. &rdUserData
  311. )) != NO_ERROR)
  312. {
  313. TRACE1 (ANY, "ElSetWZCMasterKeys: RpcCmdInterface failed with error %ld",
  314. dwRetCode);
  315. }
  316. }
  317. while (FALSE);
  319. return dwRetCode;
  320. }
  323. DWORD
  324. ElReloadMasterSecrets (
  325. IN EAPOL_PCB *pPCB
  326. )
  327. {
  328. PBYTE pbSendKey = NULL;
  329. PBYTE pbRecvKey = NULL;
  330. DWORD dwRetCode = NO_ERROR;
  332. do
  333. {
  334. if (pPCB->MPPESendKey.cbData != 0)
  335. {
  336. if ((pbSendKey = MALLOC(pPCB->MPPESendKey.cbData)) == NULL)
  337. {
  338. dwRetCode = ERROR_NOT_ENOUGH_MEMORY;
  339. break;
  340. }
  341. memcpy (pbSendKey, pPCB->MPPESendKey.pbData,
  342. pPCB->MPPESendKey.cbData);
  343. }
  344. if (pPCB->MPPERecvKey.cbData != 0)
  345. {
  346. if ((pbRecvKey = MALLOC(pPCB->MPPERecvKey.cbData)) == NULL)
  347. {
  348. dwRetCode = ERROR_NOT_ENOUGH_MEMORY;
  349. break;
  350. }
  351. memcpy (pbRecvKey, pPCB->MPPERecvKey.pbData,
  352. pPCB->MPPERecvKey.cbData);
  353. }
  355. if (pPCB->MasterSecretSend.cbData != 0)
  356. {
  357. FREE (pPCB->MasterSecretSend.pbData);
  358. pPCB->MasterSecretSend.cbData = 0;
  359. pPCB->MasterSecretSend.pbData = NULL;
  360. }
  361. pPCB->MasterSecretSend.pbData = pbSendKey;
  362. pPCB->MasterSecretSend.cbData = pPCB->MPPESendKey.cbData;
  364. if (pPCB->MasterSecretRecv.cbData != 0)
  365. {
  366. FREE (pPCB->MasterSecretRecv.pbData);
  367. pPCB->MasterSecretRecv.cbData = 0;
  368. pPCB->MasterSecretRecv.pbData = NULL;
  369. }
  370. pPCB->MasterSecretRecv.pbData = pbRecvKey;
  371. pPCB->MasterSecretRecv.cbData = pPCB->MPPERecvKey.cbData;
  373. }
  374. while (FALSE);
  376. if (dwRetCode != NO_ERROR)
  377. {
  378. if (pbSendKey != NULL)
  379. {
  380. FREE (pbSendKey);
  381. }
  382. if (pbRecvKey != NULL)
  383. {
  384. FREE (pbRecvKey);
  385. }
  386. }
  388. return dwRetCode;
  389. }