archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/protocols/kerberos/common2/crypt.c

390 lines
8.2 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+-----------------------------------------------------------------------
  2. //
  3. // File: crypt.c
  4. //
  5. // Contents: cryptography routines for building EncryptedData structs
  6. //
  7. //
  8. // History: 17-Dec-91, RichardW Created
  9. // 25-Feb-92, RichardW Revised for CryptoSystems
  10. //
  11. //------------------------------------------------------------------------
  13. #ifndef WIN32_CHICAGO
  14. #include <nt.h>
  15. #include <ntrtl.h>
  16. #include <nturtl.h>
  17. #include <kerbcomm.h>
  18. #include <kerberr.h>
  19. #include <kerbcon.h>
  20. #else // WIN32_CHICAGO
  21. #include <kerb.hxx>
  22. #include <kerbp.h>
  23. #endif // WIN32_CHICAGO
  26. #define CONFOUNDER_SIZE 8
  27. #define CHECKSUM_SIZE sizeof(CheckSum)
  31. //+-------------------------------------------------------------------------
  32. //
  33. // Function: KerbEncryptData
  34. //
  35. // Synopsis: shim for KerbEncryptDataEx
  36. //
  37. // Effects:
  38. //
  39. // Arguments:
  40. //
  41. // Requires:
  42. //
  43. // Returns:
  44. //
  45. // Notes:
  46. //
  47. //
  48. //--------------------------------------------------------------------------
  51. KERBERR NTAPI
  52. KerbEncryptData(
  53. OUT PKERB_ENCRYPTED_DATA EncryptedData,
  54. IN ULONG DataSize,
  55. IN PUCHAR Data,
  56. IN ULONG Algorithm,
  57. IN PKERB_ENCRYPTION_KEY Key
  58. )
  59. {
  60. return(KerbEncryptDataEx(
  61. EncryptedData,
  62. DataSize,
  63. Data,
  64. Algorithm,
  65. 0, // no usage flags
  66. Key
  67. ) );
  68. }
  69. //+---------------------------------------------------------------------------
  70. //
  71. // Function: KerbEncryptDataEx
  72. //
  73. // Synopsis: Turns cleartext into cipher text
  74. //
  75. // Effects: In place encryption of data
  76. //
  77. // Arguments: Data - Contains data to be encrypted
  78. // DataSize - Contains length of data in bytes
  79. // Algorithm - Algorithm to be used for encryption/checksum
  80. // UsageFlags - Flags indicating usage (client/serve, encryption/authentication)
  81. // Key - Key to use for encryption
  82. //
  83. //
  84. //
  85. // Notes:
  86. //
  87. //----------------------------------------------------------------------------
  89. KERBERR NTAPI
  90. KerbEncryptDataEx(
  91. OUT PKERB_ENCRYPTED_DATA EncryptedData,
  92. IN ULONG DataSize,
  93. IN PUCHAR Data,
  94. IN ULONG Algorithm,
  95. IN ULONG UsageFlags,
  96. IN PKERB_ENCRYPTION_KEY Key
  97. )
  98. {
  99. PCRYPTO_SYSTEM pcsCrypt = NULL;
  100. PCRYPT_STATE_BUFFER psbCryptBuffer = NULL;
  101. NTSTATUS Status = STATUS_SUCCESS;
  103. Status = CDLocateCSystem(Algorithm, &pcsCrypt);
  104. if (!NT_SUCCESS(Status))
  105. {
  106. return(KDC_ERR_ETYPE_NOTSUPP);
  107. }
  109. //
  110. // Initialize header
  111. //
  113. EncryptedData->encryption_type = Algorithm;
  116. Status = pcsCrypt->Initialize(
  117. (PUCHAR) Key->keyvalue.value,
  118. Key->keyvalue.length,
  119. UsageFlags,
  120. &psbCryptBuffer
  121. );
  123. if (!NT_SUCCESS(Status))
  124. {
  125. return(KRB_ERR_GENERIC);
  126. }
  128. Status = pcsCrypt->Encrypt(
  129. psbCryptBuffer,
  130. Data,
  131. DataSize,
  132. EncryptedData->cipher_text.value,
  133. &EncryptedData->cipher_text.length
  134. );
  136. (void) pcsCrypt->Discard(&psbCryptBuffer);
  138. if (!NT_SUCCESS(Status))
  139. {
  140. return(KRB_ERR_GENERIC);
  141. }
  142. else
  143. {
  144. return(KDC_ERR_NONE);
  145. }
  146. }
  150. //+-------------------------------------------------------------------------
  151. //
  152. // Function: KerbDecryptData
  153. //
  154. // Synopsis: Shim for KerbDecryptDataEx with no usage flags
  155. //
  156. // Effects:
  157. //
  158. // Arguments:
  159. //
  160. // Requires:
  161. //
  162. // Returns:
  163. //
  164. // Notes:
  165. //
  166. //
  167. //--------------------------------------------------------------------------
  170. KERBERR NTAPI
  171. KerbDecryptData(
  172. IN PKERB_ENCRYPTED_DATA EncryptedData,
  173. IN PKERB_ENCRYPTION_KEY pkKey,
  174. OUT PULONG DataSize,
  175. OUT PUCHAR Data
  176. )
  177. {
  178. return(KerbDecryptDataEx(
  179. EncryptedData,
  180. pkKey,
  181. 0, // no usage flags
  182. DataSize,
  183. Data
  184. ) );
  185. }
  187. //+---------------------------------------------------------------------------
  188. //
  189. // Function: KerbDecryptDataEx
  190. //
  191. // Synopsis: Decrypts an EncryptedData structure
  192. //
  193. // Effects:
  194. //
  195. // Arguments: [pedData] -- EncryptedData
  196. // [pkKey] -- Key to use
  197. //
  198. // History: 4-16-93 RichardW Created Comment
  199. //
  200. //----------------------------------------------------------------------------
  202. KERBERR NTAPI
  203. KerbDecryptDataEx(
  204. IN PKERB_ENCRYPTED_DATA EncryptedData,
  205. IN PKERB_ENCRYPTION_KEY pkKey,
  206. IN ULONG UsageFlags,
  207. OUT PULONG DataSize,
  208. OUT PUCHAR Data
  209. )
  210. {
  211. PCRYPTO_SYSTEM pcsCrypt = NULL;
  212. PCRYPT_STATE_BUFFER psbCryptBuffer = NULL;
  213. NTSTATUS Status = STATUS_SUCCESS;
  215. Status = CDLocateCSystem(
  216. EncryptedData->encryption_type,
  217. &pcsCrypt
  218. );
  219. if (!NT_SUCCESS(Status))
  220. {
  221. return(KDC_ERR_ETYPE_NOTSUPP);
  222. }
  224. if (EncryptedData->cipher_text.length & (pcsCrypt->BlockSize - 1))
  225. {
  226. return(KRB_ERR_GENERIC);
  227. }
  230. Status = pcsCrypt->Initialize(
  231. (PUCHAR) pkKey->keyvalue.value,
  232. pkKey->keyvalue.length,
  233. UsageFlags,
  234. &psbCryptBuffer
  235. );
  236. if (!NT_SUCCESS(Status))
  237. {
  238. return(KRB_ERR_GENERIC);
  239. }
  241. Status = pcsCrypt->Decrypt(
  242. psbCryptBuffer,
  243. EncryptedData->cipher_text.value,
  244. EncryptedData->cipher_text.length,
  245. Data,
  246. DataSize
  247. );
  249. (VOID) pcsCrypt->Discard(&psbCryptBuffer);
  251. if (!NT_SUCCESS(Status))
  252. {
  253. return(KRB_AP_ERR_MODIFIED);
  254. }
  255. else
  256. {
  257. return(KDC_ERR_NONE);
  258. }
  259. }
  262. //+-------------------------------------------------------------------------
  263. //
  264. // Function: KerbGetEncryptionOverhead
  265. //
  266. // Synopsis: Gets the extra space required for encryption to store the ckecksum
  267. //
  268. // Effects:
  269. //
  270. // Arguments: Algorithm - the algorithm to use
  271. // Overhead - receives the overhead in bytes
  272. //
  273. // Requires:
  274. //
  275. // Returns: STATUS_SUCCESS or KRB_E_ETYPE_NOSUPP
  276. //
  277. // Notes:
  278. //
  279. //
  280. //--------------------------------------------------------------------------
  282. KERBERR
  283. KerbGetEncryptionOverhead(
  284. IN ULONG Algorithm,
  285. OUT PULONG Overhead,
  286. OUT OPTIONAL PULONG BlockSize
  287. )
  288. {
  289. PCRYPTO_SYSTEM pcsCrypt;
  290. NTSTATUS Status = STATUS_SUCCESS;
  292. Status = CDLocateCSystem(Algorithm, &pcsCrypt);
  293. if (!NT_SUCCESS(Status))
  294. {
  295. return(KDC_ERR_ETYPE_NOTSUPP);
  296. }
  297. *Overhead = pcsCrypt->HeaderSize;
  298. if (ARGUMENT_PRESENT(BlockSize))
  299. {
  300. *BlockSize = pcsCrypt->BlockSize;
  301. }
  302. return(KDC_ERR_NONE);
  304. }
  307. //+-------------------------------------------------------------------------
  308. //
  309. // Function: KerbAllocateEncryptionBuffer
  310. //
  311. // Synopsis: Allocates the space required for encryption with a given
  312. // key
  313. //
  314. // Effects:
  315. //
  316. // Arguments:
  317. //
  318. // Requires:
  319. //
  320. // Returns:
  321. //
  322. // Notes:
  323. //
  324. //
  325. //--------------------------------------------------------------------------
  328. KERBERR
  329. KerbAllocateEncryptionBuffer(
  330. IN ULONG EncryptionType,
  331. IN ULONG BufferSize,
  332. OUT PUINT EncryptionBufferSize,
  333. OUT PBYTE * EncryptionBuffer
  334. )
  335. {
  336. KERBERR KerbErr = KDC_ERR_NONE;
  337. ULONG EncryptionOverhead = 0;
  338. ULONG BlockSize = 0;
  340. KerbErr = KerbGetEncryptionOverhead(
  341. EncryptionType,
  342. &EncryptionOverhead,
  343. &BlockSize
  344. );
  345. if (!KERB_SUCCESS(KerbErr))
  346. {
  347. goto Cleanup;
  348. }
  351. *EncryptionBufferSize = (UINT) ROUND_UP_COUNT(EncryptionOverhead + BufferSize, BlockSize);
  353. *EncryptionBuffer = (PBYTE) MIDL_user_allocate(*EncryptionBufferSize);
  354. if (*EncryptionBuffer == NULL)
  355. {
  356. KerbErr = KRB_ERR_GENERIC;
  357. }
  359. Cleanup:
  360. return(KerbErr);
  362. }
  364. KERBERR
  365. KerbAllocateEncryptionBufferWrapper(
  366. IN ULONG EncryptionType,
  367. IN ULONG BufferSize,
  368. OUT unsigned long * EncryptionBufferSize,
  369. OUT PBYTE * EncryptionBuffer
  370. )
  371. {
  372. KERBERR KerbErr = KDC_ERR_NONE;
  373. unsigned int tempInt = 0;
  375. KerbErr = KerbAllocateEncryptionBuffer(
  376. EncryptionType,
  377. BufferSize,
  378. &tempInt,
  379. EncryptionBuffer
  380. );
  382. if (!KERB_SUCCESS(KerbErr))
  383. {
  384. goto Cleanup;
  385. }
  386. *EncryptionBufferSize = tempInt;
  388. Cleanup:
  389. return (KerbErr);
  390. }