archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/csps/cryptoflex/slbcsp/seskeyctx.cpp

288 lines
9.1 KiB
Raw Normal View History

Add source files
4 years ago
  1. // SesKeyCtx.cpp -- definition of CSessionKeyContext
  3. // (c) Copyright Schlumberger Technology Corp., unpublished work, created
  4. // 1999. This computer program includes Confidential, Proprietary
  5. // Information and is a Trade Secret of Schlumberger Technology Corp. All
  6. // use, disclosure, and/or reproduction is prohibited unless authorized
  7. // in writing. All Rights Reserved.
  9. #include "stdafx.h" // because handles.h uses the ASSERT macro
  11. #include <malloc.h> // for _alloca
  13. #include <scuOsExc.h>
  15. #include "SesKeyCtx.h"
  16. #include "slbKeyStruct.h"
  17. #include "AlignedBlob.h"
  19. using namespace std;
  20. using namespace scu;
  22. /////////////////////////// LOCAL/HELPER /////////////////////////////////
  24. /////////////////////////// PUBLIC /////////////////////////////////
  26. // Types
  27. // C'tors/D'tors
  29. CSessionKeyContext::CSessionKeyContext(HCRYPTPROV hProv)
  30. : CKeyContext(hProv, KT_SESSIONKEY),
  31. m_dwImportFlags(0)
  32. {}
  34. CSessionKeyContext::~CSessionKeyContext()
  35. {}
  37. // Operators
  38. // Operations
  40. auto_ptr<CKeyContext>
  41. CSessionKeyContext::Clone(DWORD const *pdwReserved,
  42. DWORD dwFlags) const
  43. {
  44. return auto_ptr<CKeyContext>(new CSessionKeyContext(*this,
  45. pdwReserved,
  46. dwFlags));
  47. }
  49. void
  50. CSessionKeyContext::Derive(ALG_ID algid,
  51. HCRYPTHASH hAuxBaseData,
  52. DWORD dwFlags)
  53. {
  54. if (!CryptDeriveKey(AuxProvider(), algid, hAuxBaseData, dwFlags,
  55. &m_hKey))
  56. throw scu::OsException(GetLastError());
  57. }
  59. void
  60. CSessionKeyContext::Generate(ALG_ID algid,
  61. DWORD dwFlags)
  62. {
  63. // TO DO: BUG ?? : Do not allow Session with NO SALT (it's always
  64. // better with than without)
  66. if (!CryptGenKey(AuxProvider(), algid, dwFlags, &m_hKey))
  67. throw scu::OsException(GetLastError());
  68. }
  70. void
  71. CSessionKeyContext::ImportToAuxCSP()
  72. {
  73. if (!m_hKey)
  74. {
  75. if (!m_apabKey.get())
  76. throw OsException(NTE_NO_KEY);
  78. HCRYPTKEY hPkiKey;
  80. if (!CryptImportKey(AuxProvider(),
  81. PrivateKeyForNoRSA,
  82. SIZE_OF_PRIVATEKEYFORNORSA_BLOB,
  83. 0, 0, &hPkiKey))
  84. throw scu::OsException(GetLastError());
  86. // import the key blob into the Aux CSP
  87. if (!CryptImportKey(AuxProvider(), m_apabKey->Data(),
  88. m_apabKey->Length(), NULL, m_dwImportFlags,
  89. &m_hKey))
  90. throw scu::OsException(GetLastError());
  92. // have to destroy key before generating another
  93. if (!CryptDestroyKey(hPkiKey))
  94. throw scu::OsException(GetLastError());
  96. hPkiKey = NULL;
  97. if (!CryptGenKey(AuxProvider(), AT_KEYEXCHANGE, 0, &hPkiKey))
  98. throw scu::OsException(GetLastError());
  100. if (!CryptDestroyKey(hPkiKey))
  101. throw scu::OsException(GetLastError());
  102. }
  103. }
  105. // CSessionKeyContext::LoadKey
  106. // This function is called by CCryptContext::UseSessionKey
  107. // which is called by the CPImportKey function
  108. // Load the key blob into the Auxiliary CSP,
  109. // and Save the key blob in m_bfSessionKey
  110. // If hImpKey is NULL the key has been decrypted
  111. // otherwise it is still encrypted with the corresponding session key
  112. // If session key is still encrypted then decrypt with help of Aux CSP
  113. void
  114. CSessionKeyContext::LoadKey(IN const BYTE *pbKeyBlob,
  115. IN DWORD cbKeyBlobLen,
  116. IN HCRYPTKEY hAuxImpKey,
  117. IN DWORD dwImportFlags)
  118. {
  119. m_dwImportFlags = dwImportFlags;
  121. if (hAuxImpKey)
  122. {
  123. DWORD dwDataLen = cbKeyBlobLen - (sizeof BLOBHEADER + sizeof ALG_ID);
  124. BYTE *pbData =
  125. reinterpret_cast<BYTE *>(_alloca(dwDataLen * sizeof *pbData));
  126. memcpy(pbData, pbKeyBlob + (sizeof BLOBHEADER +
  127. sizeof ALG_ID), dwDataLen);
  129. // Decrypt the key blob with this session key with the Aux CSP
  130. if (!CryptDecrypt(hAuxImpKey, 0, TRUE, 0, pbData, &dwDataLen))
  131. throw scu::OsException(GetLastError());
  133. // Construct the key blob
  134. Blob blbKey(pbKeyBlob, sizeof BLOBHEADER);
  136. // Set the Alg Id for the blob as encrypted with Key Exchange key
  137. ALG_ID algid = CALG_RSA_KEYX;
  138. blbKey.append(reinterpret_cast<Blob::value_type *>(&algid),
  139. sizeof ALG_ID);
  140. blbKey.append(pbData, dwDataLen);
  142. // Save it
  143. m_apabKey = auto_ptr<AlignedBlob>(new AlignedBlob(blbKey));
  144. }
  145. else
  146. {
  147. // Save key blob
  148. m_apabKey =
  149. auto_ptr<AlignedBlob>(new AlignedBlob(pbKeyBlob, cbKeyBlobLen));
  150. }
  151. }
  154. // Access
  156. AlignedBlob
  157. CSessionKeyContext::AsAlignedBlob(HCRYPTKEY hcryptkey,
  158. DWORD dwBlobType) const
  159. {
  160. DWORD dwRequiredLength;
  161. if (!CryptExportKey(m_hKey, hcryptkey, dwBlobType,
  162. 0, 0, &dwRequiredLength))
  163. throw scu::OsException(GetLastError());
  165. BYTE *pbKeyBlob =
  166. reinterpret_cast<BYTE *>(_alloca(dwRequiredLength));
  167. if (!CryptExportKey(m_hKey, hcryptkey, dwBlobType,
  168. 0, pbKeyBlob, &dwRequiredLength))
  169. throw scu::OsException(GetLastError());
  171. return AlignedBlob(pbKeyBlob, dwRequiredLength);
  173. // The following commented code is for DEBUGGING purposes only,
  174. // when one needs to be able to see the unencrypted session key
  175. // material.
  177. // Now also Export it with the identity key, so we can see the
  178. // session key material in the clear
  179. /*
  180. #include "slbKeyStruct.h"
  181. DWORD dwErr;
  182. BYTE *pbBlob = NULL;
  183. DWORD cbBlob;
  184. HCRYPTKEY hPkiKey;
  185. int i;
  186. if (!CryptImportKey(g_AuxProvider, PrivateKeyForNoRSA,
  187. SIZE_OF_PRIVATEKEYFORNORSA_BLOB,
  188. 0, 0, &hPkiKey))
  189. {
  190. dwErr = GetLastError();
  191. TRACE("ERROR - CryptImportKey : %X\n", dwErr);
  192. goto Ret;
  194. }
  196. if (!CryptExportKey(m_hKey, hPkiKey, SIMPLEBLOB, 0, NULL, &cbBlob))
  197. {
  198. dwErr = GetLastError();
  199. TRACE("ERROR - CryptExportKey : %X\n", dwErr);
  200. goto Ret;
  201. }
  203. if (NULL == (pbBlob = (BYTE *)LocalAlloc(LMEM_ZEROINIT, cbBlob)))
  204. {
  205. TRACE("ERROR - LocalAlloc Failed\n");
  206. goto Ret;
  207. }
  209. if (!CryptExportKey(m_hKey, hPkiKey, SIMPLEBLOB, 0, pbBlob, &cbBlob))
  210. {
  211. dwErr = GetLastError();
  212. TRACE("ERROR - CryptExportKey : %X\n", dwErr);
  213. goto Ret;
  214. }
  216. TRACE("The Simple Blob\n\n");
  218. for(i=0;i<(int)cbBlob;i++)
  219. {
  220. TRACE("0x%02X, ", pbBlob[i]);
  221. if (0 == ((i + 1) % 8))
  222. TRACE("\n");
  223. }
  225. Ret:
  227. TRACE ("Bye\n");
  228. */
  230. }
  232. // CSessionKeyContext::BlobSize
  233. // CSessionKeyContext::BlobLength() const
  234. // {
  235. // DWORD dwLength;
  237. // if (!CryptExportKey(m_hKey, hAuxExpKey, SIMPLEBLOB,
  238. // dwFlags, 0, &dwLength))
  239. // throw scu::OsException(GetLastError());
  241. // return dwLength;
  242. // }
  244. CSessionKeyContext::StrengthType
  245. CSessionKeyContext::MaxStrength() const
  246. {
  247. // TO DO: Implement in terms of Auxillary provider...or don't define?
  248. return 56;
  249. }
  251. CSessionKeyContext::StrengthType
  252. CSessionKeyContext::MinStrength() const
  253. {
  254. // TO DO: Implement in terms of Auxillary provider...or don't define?
  255. return 56;
  256. }
  258. // Predicates
  259. // Static Variables
  261. /////////////////////////// PROTECTED /////////////////////////////////
  263. // C'tors/D'tors
  265. // Duplicate key context and its current state
  266. CSessionKeyContext::CSessionKeyContext(CSessionKeyContext const &rhs,
  267. DWORD const *pdwReserved,
  268. DWORD dwFlags)
  269. : CKeyContext(rhs, pdwReserved, dwFlags),
  270. m_dwImportFlags(rhs.m_dwImportFlags)
  271. {}
  274. // Operators
  275. // Operations
  276. // Access
  277. // Predicates
  278. // Static Variables
  281. /////////////////////////// PRIVATE /////////////////////////////////
  283. // C'tors/D'tors
  284. // Operators
  285. // Operations
  286. // Access
  287. // Predicates
  288. // Static Variables