Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2186 lines
72 KiB

  1. /*++
  2. Copyright (c) 1998-99 Microsoft Corporation
  3. Module Name:
  4. cliprot.c
  5. Abstract:
  6. Author:
  7. Frederick Chong (fredch) 6/1/1998
  8. Environment:
  9. Win32, WinCE, Win16
  10. Notes:
  11. --*/
  12. #include "windows.h"
  13. #ifndef OS_WINCE
  14. #include "stdio.h"
  15. #endif // OS_WINCE
  16. #include "stdlib.h"
  17. #ifdef OS_WINCE
  18. #include "wincelic.h"
  19. #endif //OS_WINCE
  20. #include "tchar.h"
  21. #include "lmcons.h"
  22. #include "seccom.h"
  23. #include "cryptkey.h"
  24. #include "hccontxt.h"
  25. #include "cliprot.h"
  26. #include "hcpack.h"
  27. #include "store.h"
  28. #include "licdbg.h"
  29. #include "platform.h"
  30. #include "licecert.h"
  31. #ifdef _WIN64
  32. #define OFFSET_OF(type, field) ((LONG)(LONG_PTR)&(((type *)0)->field))
  33. #else
  34. #define OFFSET_OF(type, field) ((LONG)(LONG *)&(((type *)0)->field))
  35. #endif
  36. #define MAX_ALLOWABLE_LICENSE_SIZE (256 * 1024)
  37. #define EXTENDED_ERROR_CAPABILITY 0x80
  38. VOID
  39. FreeProprietaryCertificate(
  40. PHydra_Server_Cert * ppCertificate );
  41. static BOOL GeneratePseudoLicense(DWORD FAR * pcbData , PBYTE *ppbData);
  42. static LICENSE_STATUS MapStoreError(LS_STATUS lsStatus)
  43. {
  44. if(lsStatus == LSSTAT_SUCCESS)
  45. return LICENSE_STATUS_OK;
  46. if( (lsStatus == LSSTAT_ERROR) || (lsStatus == LSSTAT_INVALID_HANDLE) )
  47. return LICENSE_STATUS_INVALID_INPUT;
  48. if(lsStatus == LSSTAT_INSUFFICIENT_BUFFER)
  49. return LICENSE_STATUS_INSUFFICIENT_BUFFER;
  50. if(lsStatus == LSSTAT_LICENSE_NOT_FOUND)
  51. return LICENSE_STATUS_NO_LICENSE_ERROR;
  52. if(lsStatus == LSSTAT_OUT_OF_MEMORY)
  53. return LICENSE_STATUS_OUT_OF_MEMORY;
  54. if(lsStatus == LSSTAT_LICENSE_EXISTS)
  55. return LICENSE_STATUS_DUPLICATE_LICENSE_ERROR;
  56. return LICENSE_STATUS_INVALID_INPUT;
  57. }
  58. LICENSE_STATUS
  59. CALL_TYPE
  60. LicenseClientHandleServerMessage(
  61. PLicense_Client_Context pContext,
  62. UINT32 *puiExtendedErrorInfo,
  63. BYTE FAR * pbInput,
  64. DWORD cbInput,
  65. BYTE FAR * pbOutput,
  66. DWORD FAR * pcbOutput
  67. )
  68. {
  69. LICENSE_STATUS lsReturn = LICENSE_STATUS_OK;
  70. BYTE FAR *pbTemp = NULL;
  71. DWORD dwTemp = 0;
  72. Preamble Header;
  73. BOOL fNew = FALSE;
  74. BOOL fSupportExtendedError = FALSE;
  75. if(NULL == pContext || NULL == pbInput || pcbOutput == NULL)
  76. {
  77. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  78. LS_LOG_RESULT(lsReturn);
  79. goto ErrorReturn;
  80. }
  81. pbTemp = pbInput;
  82. dwTemp = cbInput;
  83. Header = *( UNALIGNED Preamble*)pbTemp;
  84. //
  85. // check if we can support this preamble version
  86. //
  87. if( Header.bVersion > LICENSE_CURRENT_PREAMBLE_VERSION )
  88. {
  89. lsReturn = LICENSE_STATUS_NOT_SUPPORTED;
  90. goto CommonReturn;
  91. }
  92. //
  93. // Sets the preamble version to the version that the server is using
  94. //
  95. pContext->dwProtocolVersion |= Header.bVersion;
  96. if(pContext->dwProtocolVersion >= 2)
  97. {
  98. fSupportExtendedError = TRUE;
  99. }
  100. if( Header.wMsgSize != dwTemp)
  101. {
  102. License_Error_Message Error;
  103. memset(&Error, 0x00, sizeof(License_Error_Message));
  104. Error.dwErrorCode = GM_HS_ERR_INVALID_MESSAGE_LEN;
  105. Error.dwStateTransition = ST_RESEND_LAST_MESSAGE;
  106. Error.bbErrorInfo.wBlobType = BB_ERROR_BLOB;
  107. Error.bbErrorInfo.wBlobLen = 0;
  108. Error.bbErrorInfo.pBlob = NULL;
  109. DebugLog((DEB_TRACE, "Packing License Error Message from Client : %4d\n", *pcbOutput));
  110. PackLicenseErrorMessage(&Error, fSupportExtendedError, pbOutput, pcbOutput);
  111. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  112. goto CommonReturn;
  113. }
  114. pbTemp += sizeof(Preamble);
  115. dwTemp -= sizeof(Preamble);
  116. switch(Header.bMsgType)
  117. {
  118. case GM_ERROR_ALERT:
  119. {
  120. License_Error_Message Error;
  121. memset(&Error, 0x00, sizeof(License_Error_Message));
  122. DebugLog((DEB_TRACE, "Unpacking Hydra Server Error Message of size: %4d\n", dwTemp));
  123. if( LICENSE_STATUS_OK != (lsReturn = UnPackLicenseErrorMessage(pbTemp,
  124. dwTemp,
  125. &Error)) )
  126. {
  127. LS_LOG_RESULT(lsReturn);
  128. goto ErrorReturn;
  129. }
  130. DebugLog((DEB_TRACE, "LicenseClientHandleServerError : %4d\n", *pcbOutput));
  131. lsReturn = LicenseClientHandleServerError(pContext,
  132. &Error,
  133. puiExtendedErrorInfo,
  134. pbOutput,
  135. pcbOutput);
  136. if(Error.bbErrorInfo.pBlob)
  137. {
  138. free(Error.bbErrorInfo.pBlob);
  139. Error.bbErrorInfo.pBlob = NULL;
  140. }
  141. #if DBG
  142. if(pbOutput)
  143. OutputDebugString(_T("Client response data : \n"));
  144. LS_DUMPSTRING(*pcbOutput, pbOutput);
  145. #endif
  146. if( lsReturn == LICENSE_STATUS_OK ||
  147. lsReturn == LICENSE_STATUS_CONTINUE ||
  148. lsReturn == LICENSE_STATUS_CLIENT_ABORT ||
  149. lsReturn == LICENSE_STATUS_SERVER_ABORT )
  150. goto CommonReturn;
  151. else
  152. {
  153. LS_LOG_RESULT(lsReturn);
  154. goto ErrorReturn;
  155. }
  156. break;
  157. }
  158. case HS_LICENSE_REQUEST:
  159. {
  160. Hydra_Server_License_Request LicRequest;
  161. DWORD dw;
  162. memset(&LicRequest, 0x00, sizeof(Hydra_Server_License_Request));
  163. DebugLog((DEB_TRACE, "Unpacking Hydra Server's License Request : %4d\n", dwTemp));
  164. if( LICENSE_STATUS_OK != (lsReturn = UnpackHydraServerLicenseRequest(pbTemp,
  165. dwTemp,
  166. &LicRequest)) )
  167. {
  168. LS_LOG_RESULT(lsReturn);
  169. goto ErrorReturn;
  170. }
  171. DebugLog((DEB_TRACE, "Client handles Server's license Request : %4d\n", *pcbOutput));
  172. lsReturn = LicenseClientHandleServerRequest(pContext,
  173. &LicRequest,
  174. TRUE,
  175. pbOutput,
  176. pcbOutput,
  177. fSupportExtendedError);
  178. #if DBG
  179. if(pbOutput)
  180. OutputDebugString(_T("Client response data : \n"));
  181. LS_DUMPSTRING(*pcbOutput, pbOutput);
  182. #endif
  183. if(LicRequest.ProductInfo.pbCompanyName)
  184. {
  185. free(LicRequest.ProductInfo.pbCompanyName);
  186. LicRequest.ProductInfo.pbCompanyName = NULL;
  187. }
  188. if(LicRequest.ProductInfo.pbProductID)
  189. {
  190. free(LicRequest.ProductInfo.pbProductID);
  191. LicRequest.ProductInfo.pbProductID = NULL;
  192. }
  193. for(dw = 0; dw <LicRequest.ScopeList.dwScopeCount; dw++)
  194. {
  195. if(LicRequest.ScopeList.Scopes[dw].pBlob)
  196. {
  197. free(LicRequest.ScopeList.Scopes[dw].pBlob);
  198. LicRequest.ScopeList.Scopes[dw].pBlob = NULL;
  199. }
  200. }
  201. if(LicRequest.ScopeList.Scopes)
  202. {
  203. free(LicRequest.ScopeList.Scopes);
  204. LicRequest.ScopeList.Scopes = NULL;
  205. }
  206. if( LicRequest.KeyExchngList.pBlob )
  207. {
  208. free( LicRequest.KeyExchngList.pBlob );
  209. }
  210. if( LicRequest.ServerCert.pBlob )
  211. {
  212. free( LicRequest.ServerCert.pBlob );
  213. }
  214. if( lsReturn != LICENSE_STATUS_OK &&
  215. lsReturn != LICENSE_STATUS_CONTINUE &&
  216. lsReturn != LICENSE_STATUS_CLIENT_ABORT )
  217. {
  218. LS_LOG_RESULT(lsReturn);
  219. goto ErrorReturn;
  220. }
  221. break;
  222. }
  223. case HS_PLATFORM_CHALLENGE:
  224. {
  225. Hydra_Server_Platform_Challenge PlatformCh;
  226. memset(&PlatformCh, 0x00, sizeof(Hydra_Server_Platform_Challenge));
  227. DebugLog((DEB_TRACE, "Unpacking Hydra Server's platform Challenge Request : %4d\n", dwTemp));
  228. if( LICENSE_STATUS_OK != (lsReturn = UnPackHydraServerPlatformChallenge(pbTemp,
  229. dwTemp,
  230. &PlatformCh)) )
  231. {
  232. LS_LOG_RESULT(lsReturn);
  233. goto ErrorReturn;
  234. }
  235. DebugLog((DEB_TRACE, "Client Handles Server's platform Challenge Response : %0d\n", *pcbOutput));
  236. lsReturn = LicenseClientHandleServerPlatformChallenge(pContext,
  237. &PlatformCh,
  238. pbOutput,
  239. pcbOutput,
  240. fSupportExtendedError);
  241. #if DBG
  242. if(pbOutput)
  243. OutputDebugString(_T("Client response data : \n"));
  244. LS_DUMPSTRING(*pcbOutput, pbOutput);
  245. #endif
  246. if(PlatformCh.EncryptedPlatformChallenge.pBlob)
  247. {
  248. free(PlatformCh.EncryptedPlatformChallenge.pBlob);
  249. PlatformCh.EncryptedPlatformChallenge.pBlob = NULL;
  250. }
  251. if( lsReturn!=LICENSE_STATUS_CONTINUE )
  252. {
  253. LS_LOG_RESULT(lsReturn);
  254. goto ErrorReturn;
  255. }
  256. break;
  257. }
  258. case HS_NEW_LICENSE:
  259. fNew = TRUE;
  260. DebugLog((DEB_TRACE, "New License received from Server.\n"));
  261. case HS_UPGRADE_LICENSE:
  262. {
  263. Hydra_Server_New_License NewLicense;
  264. if (dwTemp > MAX_ALLOWABLE_LICENSE_SIZE)
  265. {
  266. //
  267. // SECURITY: Too much data to store in the registry
  268. // Reject the message
  269. //
  270. LS_LOG_RESULT(lsReturn = LICENSE_STATUS_INVALID_INPUT);
  271. goto ErrorReturn;
  272. }
  273. memset(&NewLicense, 0x00, sizeof(Hydra_Server_New_License));
  274. DebugLog((DEB_TRACE, "Unpacking Hydra Server's New License Message : %4d\n", dwTemp));
  275. if(LICENSE_STATUS_OK !=
  276. (lsReturn = UnPackHydraServerNewLicense(pbTemp,
  277. dwTemp,
  278. &NewLicense)) )
  279. {
  280. LS_LOG_RESULT(lsReturn);
  281. goto ErrorReturn;
  282. }
  283. DebugLog((DEB_TRACE, "License Client handles New License : %4d\n", *pcbOutput));
  284. lsReturn = LicenseClientHandleNewLicense(pContext,
  285. &NewLicense,
  286. fNew,
  287. pbOutput,
  288. pcbOutput);
  289. if(NewLicense.EncryptedNewLicenseInfo.pBlob)
  290. {
  291. free(NewLicense.EncryptedNewLicenseInfo.pBlob);
  292. NewLicense.EncryptedNewLicenseInfo.pBlob = NULL;
  293. }
  294. #if DBG
  295. if(pbOutput)
  296. OutputDebugString(_T("Client response data : \n"));
  297. LS_DUMPSTRING(*pcbOutput, pbOutput);
  298. #endif
  299. if( lsReturn != LICENSE_STATUS_OK )
  300. {
  301. LS_LOG_RESULT(lsReturn);
  302. goto ErrorReturn;
  303. }
  304. break;
  305. }
  306. default:
  307. //
  308. // Invalid message type
  309. //
  310. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  311. goto ErrorReturn;
  312. break;
  313. }
  314. LS_LOG_RESULT(lsReturn);
  315. CommonReturn:
  316. return lsReturn;
  317. LS_RETURN(lsReturn);
  318. ErrorReturn:
  319. *pcbOutput = 0;
  320. goto CommonReturn;
  321. }
  322. LICENSE_STATUS
  323. CALL_TYPE
  324. LicenseClientHandleServerError(
  325. PLicense_Client_Context pContext,
  326. PLicense_Error_Message pCanonical,
  327. UINT32 *puiExtendedErrorInfo,
  328. BYTE FAR * pbMessage,
  329. DWORD FAR * pcbMessage
  330. )
  331. {
  332. LICENSE_STATUS lsReturn = LICENSE_STATUS_OK;
  333. LS_BEGIN(TEXT("LicenseClientHandleServerError"));
  334. if(NULL == pContext || NULL == pCanonical || NULL == pcbMessage || NULL == puiExtendedErrorInfo)
  335. {
  336. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  337. LS_LOG_RESULT(lsReturn);
  338. return lsReturn;
  339. }
  340. // Switch on the StateTransition as this dictates the next state
  341. // client has to take!
  342. switch(pCanonical->dwStateTransition)
  343. {
  344. case ST_TOTAL_ABORT: //Server has asked for a total abort
  345. *pcbMessage = 0;
  346. if( pCanonical->dwErrorCode == GM_HS_ERR_INVALID_CLIENT ||
  347. pCanonical->dwErrorCode == GM_HS_ERR_INVALID_SCOPE ||
  348. pCanonical->dwErrorCode == GM_HS_ERR_INVALID_PRODUCTID ||
  349. pCanonical->dwErrorCode == GM_HS_ERR_INVALID_CLIENT )
  350. {
  351. lsReturn = LICENSE_STATUS_SERVER_ABORT;
  352. }
  353. else
  354. lsReturn = LICENSE_STATUS_CLIENT_ABORT;
  355. pContext->dwState = LICENSE_CLIENT_STATE_ABORT;
  356. pContext->cbLastMessage = 0;
  357. break;
  358. case ST_NO_TRANSITION:
  359. lsReturn = LICENSE_STATUS_OK;
  360. *pcbMessage = 0;
  361. break;
  362. case ST_RESEND_LAST_MESSAGE:
  363. // Server has asked to send the last send message again!
  364. // treat as error (fall through)
  365. case ST_RESET_PHASE_TO_START:
  366. // Server has asked to restart the negotiation
  367. // treat as error (fall through)
  368. default:
  369. // Server sent unknown dwStateTransition
  370. lsReturn = LICENSE_STATUS_CLIENT_ABORT;
  371. pContext->dwState = LICENSE_CLIENT_STATE_ABORT;
  372. pContext->cbLastMessage = 0;
  373. break;
  374. }
  375. if ((lsReturn != LICENSE_STATUS_OK) && (pCanonical->bbErrorInfo.wBlobLen > 0) && (pCanonical->bbErrorInfo.pBlob != NULL))
  376. {
  377. // ignore any errors
  378. UnPackExtendedErrorInfo(puiExtendedErrorInfo,&(pCanonical->bbErrorInfo));
  379. }
  380. LS_LOG_RESULT(lsReturn);
  381. return lsReturn;
  382. }
  383. LICENSE_STATUS
  384. CALL_TYPE
  385. LicenseClientHandleServerRequest(
  386. PLicense_Client_Context pContext,
  387. PHydra_Server_License_Request pCanonical,
  388. BOOL fNewLicense,
  389. BYTE FAR * pbMessage,
  390. DWORD FAR * pcbMessage,
  391. BOOL fExtendedError
  392. )
  393. {
  394. LICENSE_STATUS lsReturn = LICENSE_STATUS_OK;
  395. UCHAR Random[LICENSE_RANDOM];
  396. UCHAR PreMasterSecret[LICENSE_PRE_MASTER_SECRET];
  397. HANDLE hStore = NULL;
  398. LSINDEX lsIndex;
  399. DWORD dwCount = 0;
  400. BYTE FAR * pbData = NULL;
  401. DWORD cbData = 0;
  402. LS_BEGIN(TEXT("LicenseClientHandleServerRequest"));
  403. memset(&lsIndex, 0x00, sizeof(LSINDEX));
  404. if( (pContext == NULL) || (pCanonical == NULL) )
  405. {
  406. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  407. LS_LOG_RESULT(lsReturn);
  408. goto ErrorReturn;
  409. }
  410. if(pContext->dwState != LICENSE_CLIENT_STATE_WAIT_SERVER_HELLO)
  411. {
  412. lsReturn = LICENSE_STATUS_INVALID_CLIENT_STATE;
  413. goto ErrorReturn;
  414. }
  415. if( pContext->dwContextFlags & LICENSE_CONTEXT_NO_SERVER_AUTHENTICATION )
  416. {
  417. //
  418. // No server authentication required, make sure that we have the
  419. // public key or the certificate of the server so that we can use it to
  420. // encrypt the pre-master secret during the next phase of the licensing protocol.
  421. //
  422. if( ( NULL == pContext->pbServerPubKey ) && ( NULL == pContext->pServerCert ) )
  423. {
  424. lsReturn = LICENSE_STATUS_CONTEXT_INITIALIZATION_ERROR;
  425. LS_LOG_RESULT(lsReturn);
  426. goto ErrorReturn;
  427. }
  428. }
  429. else
  430. {
  431. //
  432. // Do Hydra server authentication by validating the server certificate
  433. //
  434. DWORD
  435. dwCertVersion;
  436. if( ( 0 >= pCanonical->ServerCert.wBlobLen ) ||
  437. ( NULL == pCanonical->ServerCert.pBlob ) )
  438. {
  439. //
  440. // make sure that we have received a certificate from the server
  441. //
  442. lsReturn = LICENSE_STATUS_NO_CERTIFICATE;
  443. LS_LOG_RESULT(lsReturn);
  444. goto ErrorReturn;
  445. }
  446. //
  447. // Determine the version of the certificate so that we can decode and
  448. // validate it correctly.
  449. //
  450. memcpy( ( char * )&dwCertVersion, pCanonical->ServerCert.pBlob, sizeof( DWORD ) );
  451. if( CERT_CHAIN_VERSION_2 > dwCertVersion )
  452. {
  453. Hydra_Server_Cert ServerCert;
  454. //
  455. // Validate a proprietory certificate
  456. //
  457. memset( &ServerCert, 0, sizeof( ServerCert ) );
  458. if( !UnpackServerCert(pCanonical->ServerCert.pBlob,
  459. (DWORD)pCanonical->ServerCert.wBlobLen,
  460. &ServerCert) )
  461. {
  462. lsReturn = LICENSE_STATUS_UNSPECIFIED_ERROR;
  463. LS_LOG_RESULT(lsReturn);
  464. goto ErrorReturn;
  465. }
  466. //Now verify the signature on the server certificate
  467. if(!ValidateServerCert(&ServerCert) )
  468. {
  469. lsReturn = LICENSE_STATUS_UNSPECIFIED_ERROR;
  470. LS_LOG_RESULT(lsReturn);
  471. goto ErrorReturn;
  472. }
  473. else
  474. {
  475. //
  476. // free any old certificate and remember the new one.
  477. //
  478. if( pContext->pServerCert )
  479. {
  480. FreeProprietaryCertificate( &pContext->pServerCert );
  481. }
  482. lsReturn = LicenseSetCertificate(
  483. ( HANDLE )pContext,
  484. &ServerCert );
  485. if( LICENSE_STATUS_OK != lsReturn )
  486. {
  487. LS_LOG_RESULT( lsReturn );
  488. goto ErrorReturn;
  489. }
  490. }
  491. }
  492. else
  493. {
  494. DWORD
  495. fDates = CERT_DATE_DONT_VALIDATE;
  496. //
  497. // X509 certificate
  498. //
  499. //
  500. // this first call finds out the memory required for the public key
  501. //
  502. lsReturn = VerifyCertChain( pCanonical->ServerCert.pBlob,
  503. ( DWORD )pCanonical->ServerCert.wBlobLen,
  504. NULL,
  505. &pContext->cbServerPubKey,
  506. &fDates );
  507. if( LICENSE_STATUS_INSUFFICIENT_BUFFER == lsReturn )
  508. {
  509. if( pContext->pbServerPubKey )
  510. {
  511. free( pContext->pbServerPubKey );
  512. }
  513. pContext->pbServerPubKey = malloc( pContext->cbServerPubKey );
  514. if( NULL == pContext->pbServerPubKey )
  515. {
  516. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  517. LS_LOG_RESULT(lsReturn);
  518. goto ErrorReturn;
  519. }
  520. lsReturn = VerifyCertChain( pCanonical->ServerCert.pBlob,
  521. ( DWORD )pCanonical->ServerCert.wBlobLen,
  522. pContext->pbServerPubKey,
  523. &pContext->cbServerPubKey,
  524. &fDates );
  525. }
  526. if( LICENSE_STATUS_OK != lsReturn )
  527. {
  528. LS_LOG_RESULT(lsReturn);
  529. goto ErrorReturn;
  530. }
  531. }
  532. }
  533. if(pContext->pCryptParam == NULL)
  534. {
  535. lsReturn = LICENSE_STATUS_INITIALIZATION_FAILED;
  536. LS_LOG_RESULT(lsReturn);
  537. goto ErrorReturn;
  538. }
  539. //Copy Server Random to pCryptSystem->rgbServerRandom
  540. memcpy(pContext->pCryptParam->rgbServerRandom, pCanonical->ServerRandom, LICENSE_RANDOM);
  541. LicenseDebugOutput("Server Random : \n");
  542. LS_DUMPSTRING(LICENSE_RANDOM, pContext->pCryptParam->rgbServerRandom);
  543. //Generate 32 byte Client Random
  544. if (!TSRNG_GenerateRandomBits(Random, LICENSE_RANDOM))
  545. {
  546. lsReturn = LICENSE_STATUS_CONTEXT_INITIALIZATION_ERROR;
  547. LS_LOG_RESULT(lsReturn);
  548. goto ErrorReturn;
  549. }
  550. //Copy ClientRandom to pContext->pCryptParam
  551. memcpy(pContext->pCryptParam->rgbClientRandom, Random, LICENSE_RANDOM);
  552. LicenseDebugOutput("Client Random : \n");
  553. LS_DUMPSTRING(LICENSE_RANDOM, pContext->pCryptParam->rgbClientRandom);
  554. //Generate 48 byte long PreMasterSecret
  555. if (!TSRNG_GenerateRandomBits(PreMasterSecret, LICENSE_PRE_MASTER_SECRET))
  556. {
  557. lsReturn = LICENSE_STATUS_CONTEXT_INITIALIZATION_ERROR;
  558. LS_LOG_RESULT(lsReturn);
  559. goto ErrorReturn;
  560. }
  561. LicenseDebugOutput("Pre Master Secret : \n");
  562. LS_DUMPSTRING(LICENSE_PRE_MASTER_SECRET, PreMasterSecret);
  563. //Copy Premastersecret to pCryptParam
  564. lsReturn = LicenseSetPreMasterSecret(pContext->pCryptParam, PreMasterSecret);
  565. //Search in the store to find an appropriate License
  566. //To do that, first open the system store.
  567. if( LICENSE_STATUS_OK != (lsReturn = MapStoreError(LSOpenLicenseStore(&hStore, NULL, TRUE))) )
  568. {
  569. LS_LOG_RESULT(lsReturn);
  570. goto ErrorReturn;
  571. }
  572. //Initialize lsIndex structure with the values sent by the Server
  573. lsIndex.dwVersion = pCanonical->ProductInfo.dwVersion;
  574. lsIndex.cbCompany = pCanonical->ProductInfo.cbCompanyName;
  575. if( NULL == (lsIndex.pbCompany = (LPSTR)malloc(lsIndex.cbCompany)) )
  576. {
  577. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  578. LS_LOG_RESULT(lsReturn);
  579. goto ErrorReturn;
  580. }
  581. memset(lsIndex.pbCompany, 0x00, lsIndex.cbCompany);
  582. memcpy(lsIndex.pbCompany, pCanonical->ProductInfo.pbCompanyName, lsIndex.cbCompany);
  583. lsIndex.cbProductID = pCanonical->ProductInfo.cbProductID;
  584. if( NULL == (lsIndex.pbProductID = (LPSTR)malloc(lsIndex.cbProductID)) )
  585. {
  586. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  587. LS_LOG_RESULT(lsReturn);
  588. goto ErrorReturn;
  589. }
  590. memset(lsIndex.pbProductID, 0x00, lsIndex.cbProductID);
  591. memcpy(lsIndex.pbProductID, pCanonical->ProductInfo.pbProductID, lsIndex.cbProductID );
  592. for(dwCount=0; dwCount<pCanonical->ScopeList.dwScopeCount; dwCount ++)
  593. {
  594. DWORD dwProtVer = PREAMBLE_VERSION_1_0;
  595. lsIndex.cbScope = pCanonical->ScopeList.Scopes[dwCount].wBlobLen;
  596. if( NULL == (lsIndex.pbScope = (LPSTR)malloc(lsIndex.cbScope)) )
  597. {
  598. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  599. LS_LOG_RESULT(lsReturn);
  600. continue;
  601. }
  602. //Initialize pszScope member of the lsIndex with the ith element in the scopelist
  603. memset(lsIndex.pbScope, 0x00, lsIndex.cbScope);
  604. memcpy(lsIndex.pbScope, pCanonical->ScopeList.Scopes[dwCount].pBlob, lsIndex.cbScope);
  605. if( LICENSE_STATUS_OK != (lsReturn = MapStoreError(LSFindLicenseInStore(hStore,
  606. &lsIndex,
  607. &cbData,
  608. NULL))) )
  609. {
  610. if(lsIndex.pbScope)
  611. {
  612. free(lsIndex.pbScope);
  613. lsIndex.pbScope = NULL;
  614. }
  615. continue;
  616. }
  617. //
  618. // NOTE: this line was previously
  619. // if(pContext->dwProtocolVersion != PREAMBLE_VERSION_2_0) for
  620. // Hydra 4.0 clients, which means that a pseudo license will be
  621. // generated for licensing protocol later than 2.0 as well!
  622. // To overcome this problem, Hydra 5.0 server will use the
  623. // PREAMBLE_VERSION_2_0 for Hydra 4.0 clients.
  624. //
  625. if( GET_PREAMBLE_VERSION( pContext->dwProtocolVersion ) < PREAMBLE_VERSION_2_0)
  626. {
  627. if( !GeneratePseudoLicense(&cbData, &pbData) )
  628. {
  629. lsReturn = LICENSE_STATUS_UNSPECIFIED_ERROR;
  630. if(lsIndex.pbScope)
  631. {
  632. free(lsIndex.pbScope);
  633. lsIndex.pbScope = NULL;
  634. }
  635. goto ErrorReturn;
  636. }
  637. lsReturn = LICENSE_STATUS_OK;
  638. if(lsIndex.pbScope)
  639. {
  640. free(lsIndex.pbScope);
  641. lsIndex.pbScope = NULL;
  642. }
  643. break;
  644. }
  645. if(cbData == 0)
  646. {
  647. if(lsIndex.pbScope)
  648. {
  649. free(lsIndex.pbScope);
  650. lsIndex.pbScope = NULL;
  651. }
  652. continue;
  653. }
  654. if( NULL == (pbData=(BYTE FAR *)malloc(cbData)) )
  655. {
  656. if(lsIndex.pbScope)
  657. {
  658. free(lsIndex.pbScope);
  659. lsIndex.pbScope = NULL;
  660. }
  661. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  662. continue;
  663. }
  664. if( LICENSE_STATUS_OK != (lsReturn = MapStoreError(LSFindLicenseInStore(hStore,
  665. &lsIndex,
  666. &cbData,
  667. pbData))) )
  668. {
  669. if(lsIndex.pbScope)
  670. {
  671. free(lsIndex.pbScope);
  672. lsIndex.pbScope = NULL;
  673. }
  674. continue;
  675. }
  676. LicenseDebugOutput("License Info Data : \n");
  677. LS_DUMPSTRING(cbData, pbData);
  678. lsReturn = LICENSE_STATUS_OK;
  679. if(lsIndex.pbScope)
  680. {
  681. free(lsIndex.pbScope);
  682. lsIndex.pbScope = NULL;
  683. }
  684. break;
  685. }
  686. //If a license is found in the store, then Continue with Hydra_Client_License_Info message
  687. if( LICENSE_STATUS_OK == lsReturn )
  688. {
  689. if( LICENSE_STATUS_CONTINUE != (lsReturn = ClientConstructLicenseInfo(pContext,
  690. pbData,
  691. cbData,
  692. pbMessage,
  693. pcbMessage,
  694. fExtendedError)) )
  695. {
  696. LS_LOG_RESULT(lsReturn);
  697. goto ErrorReturn;
  698. }
  699. goto CommonReturn;
  700. }
  701. //Else if no license if found, then depending on fNewLicense, either Request for a new license
  702. //or, abort connection
  703. else if(lsReturn == LICENSE_STATUS_NO_LICENSE_ERROR)
  704. {
  705. if(fNewLicense)
  706. {
  707. if( LICENSE_STATUS_CONTINUE != (lsReturn = ClientConstructNewLicenseRequest(pContext,
  708. pbMessage,
  709. pcbMessage,
  710. fExtendedError)) )
  711. {
  712. LS_LOG_RESULT(lsReturn);
  713. goto ErrorReturn;
  714. }
  715. goto CommonReturn;
  716. }
  717. else //Generate an error message and close connection
  718. {
  719. if( LICENSE_STATUS_CLIENT_ABORT != (lsReturn = ClientConstructErrorAlert(pContext,
  720. GM_HC_ERR_NO_LICENSE,
  721. ST_TOTAL_ABORT,
  722. NULL,
  723. 0,
  724. pbMessage,
  725. pcbMessage,
  726. fExtendedError
  727. )) )
  728. {
  729. LS_LOG_RESULT(lsReturn);
  730. goto ErrorReturn;
  731. }
  732. }
  733. }
  734. LS_LOG_RESULT(lsReturn);
  735. CommonReturn:
  736. //
  737. // close license store
  738. //
  739. if( hStore )
  740. {
  741. LSCloseLicenseStore(hStore);
  742. hStore = NULL;
  743. }
  744. if(pbData)
  745. {
  746. free(pbData);
  747. pbData = NULL;
  748. }
  749. if(lsIndex.pbCompany)
  750. {
  751. free(lsIndex.pbCompany);
  752. lsIndex.pbCompany = NULL;
  753. }
  754. if(lsIndex.pbProductID)
  755. {
  756. free(lsIndex.pbProductID);
  757. lsIndex.pbProductID = NULL;
  758. }
  759. if(lsIndex.pbScope)
  760. {
  761. free(lsIndex.pbScope);
  762. lsIndex.pbScope = NULL;
  763. }
  764. return lsReturn;
  765. //LS_RETURN(lsReturn);
  766. ErrorReturn:
  767. *pcbMessage = 0;
  768. if( pContext != NULL)
  769. {
  770. if(pContext->pServerCert)
  771. {
  772. free(pContext->pServerCert);
  773. pContext->pServerCert = NULL;
  774. }
  775. if( pContext->pbServerPubKey )
  776. {
  777. free( pContext->pbServerPubKey );
  778. pContext->pbServerPubKey = NULL;
  779. }
  780. }
  781. goto CommonReturn;
  782. }
  783. LICENSE_STATUS
  784. CALL_TYPE
  785. LicenseClientHandleServerPlatformChallenge(
  786. PLicense_Client_Context pContext,
  787. PHydra_Server_Platform_Challenge pCanonical,
  788. BYTE FAR * pbMessage,
  789. DWORD FAR * pcbMessage,
  790. BOOL fExtendedError
  791. )
  792. {
  793. LICENSE_STATUS lsReturn = LICENSE_STATUS_OK;
  794. Hydra_Client_Platform_Challenge_Response Response;
  795. BYTE MACData[LICENSE_MAC_DATA];
  796. HWID hwid;
  797. BYTE FAR * pbData = NULL;
  798. UCHAR * LocalBuf = NULL;
  799. DWORD cbData = 0;
  800. LS_BEGIN(TEXT("LicenseClientHandleServerPlatformChallenge"));
  801. if( (pContext == NULL) || (pCanonical == NULL) || (pcbMessage == NULL) )
  802. {
  803. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  804. LS_LOG_RESULT(lsReturn);
  805. goto ErrorReturn;
  806. }
  807. memset(&Response, 0x00, sizeof(Hydra_Client_Platform_Challenge_Response));
  808. if( (pContext->dwState != LICENSE_CLIENT_STATE_LICENSE_RESPONSE) &&
  809. (pContext->dwState != LICENSE_CLIENT_STATE_NEW_LICENSE_REQUEST) )
  810. {
  811. lsReturn = LICENSE_STATUS_INVALID_CLIENT_STATE;
  812. LS_LOG_RESULT(lsReturn);
  813. goto ErrorReturn;
  814. }
  815. //First decrypt the encrypted platform challenge
  816. if( LICENSE_STATUS_OK != (lsReturn = LicenseDecryptSessionData(pContext->pCryptParam,
  817. pCanonical->EncryptedPlatformChallenge.pBlob,
  818. (DWORD)pCanonical->EncryptedPlatformChallenge.wBlobLen)) )
  819. {
  820. LS_LOG_RESULT(lsReturn);
  821. goto ErrorReturn;
  822. }
  823. //Generate the MAC with the decrypted platform Challenge
  824. if( LICENSE_STATUS_OK != (lsReturn = LicenseGenerateMAC(pContext->pCryptParam,
  825. pCanonical->EncryptedPlatformChallenge.pBlob,
  826. (DWORD)pCanonical->EncryptedPlatformChallenge.wBlobLen,
  827. MACData
  828. )) )
  829. {
  830. LS_LOG_RESULT(lsReturn);
  831. goto ErrorReturn;
  832. }
  833. LicenseDebugOutput(" Client generated MAC data to verify Server's message Authenticity : \n");
  834. LS_DUMPSTRING(LICENSE_MAC_DATA, MACData);
  835. //Compare the generated MAC with the one sent by the server
  836. if( memcmp(MACData, pCanonical->MACData, LICENSE_MAC_DATA) )
  837. {
  838. lsReturn = LICENSE_STATUS_INVALID_MAC_DATA;
  839. LS_LOG_RESULT(lsReturn);
  840. goto ErrorReturn;
  841. }
  842. //Generate Platform Challenge Response
  843. if( LICENSE_STATUS_OK != (lsReturn = ClientGenerateChallengeResponse(pContext,
  844. &pCanonical->EncryptedPlatformChallenge,
  845. &Response.EncryptedChallengeResponse)) )
  846. {
  847. LS_LOG_RESULT(lsReturn);
  848. goto ErrorReturn;
  849. }
  850. //Generate HWID, Encrypt it using the Session key and put it in the Response
  851. memset(&hwid, 0x00, sizeof(HWID));
  852. if( LICENSE_STATUS_OK != (lsReturn = GenerateClientHWID(&hwid)) )
  853. {
  854. LS_LOG_RESULT(lsReturn);
  855. goto ErrorReturn;
  856. }
  857. //GenerateClientHWID(&hwid);
  858. LicenseDebugOutput("HWID in byte : \n");
  859. LS_DUMPSTRING(sizeof(HWID), (BYTE FAR *)&hwid);
  860. Response.EncryptedHWID.wBlobType = BB_DATA_BLOB;
  861. Response.EncryptedHWID.wBlobLen = sizeof(HWID);
  862. if( NULL == (Response.EncryptedHWID.pBlob = (BYTE FAR *)malloc(Response.EncryptedHWID.wBlobLen)) )
  863. {
  864. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  865. LS_LOG_RESULT(lsReturn);
  866. goto ErrorReturn;
  867. }
  868. memset(Response.EncryptedHWID.pBlob, 0x00, Response.EncryptedHWID.wBlobLen);
  869. memcpy(Response.EncryptedHWID.pBlob, &hwid, Response.EncryptedHWID.wBlobLen);
  870. if( NULL == (LocalBuf = (UCHAR *)malloc(Response.EncryptedChallengeResponse.wBlobLen +
  871. Response.EncryptedHWID.wBlobLen)) )
  872. {
  873. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  874. LS_LOG_RESULT(lsReturn);
  875. goto ErrorReturn;
  876. }
  877. cbData += Response.EncryptedChallengeResponse.wBlobLen;
  878. memcpy(LocalBuf, Response.EncryptedChallengeResponse.pBlob, Response.EncryptedChallengeResponse.wBlobLen);
  879. memcpy(LocalBuf + cbData, Response.EncryptedHWID.pBlob, Response.EncryptedHWID.wBlobLen);
  880. cbData += Response.EncryptedHWID.wBlobLen;
  881. //Generate MACData and put it in the Response
  882. if( LICENSE_STATUS_OK != (lsReturn = LicenseGenerateMAC(pContext->pCryptParam,
  883. LocalBuf,
  884. cbData,
  885. Response.MACData)) )
  886. {
  887. free(LocalBuf);
  888. LS_LOG_RESULT(lsReturn);
  889. goto ErrorReturn;
  890. }
  891. free(LocalBuf);
  892. //Now encrypt the platform challenge response using the negotiated session key
  893. if( LICENSE_STATUS_OK != (lsReturn = LicenseEncryptSessionData(pContext->pCryptParam,
  894. Response.EncryptedChallengeResponse.pBlob,
  895. Response.EncryptedChallengeResponse.wBlobLen
  896. )) )
  897. {
  898. LS_LOG_RESULT(lsReturn);
  899. goto ErrorReturn;
  900. }
  901. //Encrypt the HWID with generated session key
  902. if( LICENSE_STATUS_OK != (lsReturn = LicenseEncryptSessionData(pContext->pCryptParam,
  903. Response.EncryptedHWID.pBlob,
  904. (DWORD)Response.EncryptedHWID.wBlobLen)) )
  905. {
  906. LS_LOG_RESULT(lsReturn);
  907. goto ErrorReturn;
  908. }
  909. //Now we have our Platform challenge Response Ready. Pack the data in a byte stream
  910. if( LICENSE_STATUS_OK != (lsReturn = PackHydraClientPlatformChallengeResponse(&Response,
  911. fExtendedError,
  912. pbMessage,
  913. pcbMessage)) )
  914. {
  915. LS_LOG_RESULT(lsReturn);
  916. goto ErrorReturn;
  917. }
  918. // Set appropriate state and data in proper places
  919. //Set the MACData in the CryptSystem MAC buffer.
  920. memcpy(pContext->rgbMACData, Response.MACData, LICENSE_MAC_DATA);
  921. //Set the state of the context to LICENSE_CLIENT_STATE_PLATFORM_CHALLENGE_RESPONSE
  922. //provided data was written in the output. i.e pbMessage is not NULL
  923. if(pbMessage)
  924. pContext->dwState = LICENSE_CLIENT_STATE_PLATFORM_CHALLENGE_RESPONSE;
  925. //Copy the whole message to the context
  926. pContext->cbLastMessage = *pcbMessage;
  927. if(pbMessage)
  928. {
  929. if( pContext->pbLastMessage )
  930. {
  931. free( pContext->pbLastMessage );
  932. }
  933. if( NULL == (pContext->pbLastMessage = (BYTE FAR *)malloc(pContext->cbLastMessage)) )
  934. {
  935. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  936. LS_LOG_RESULT(lsReturn);
  937. goto ErrorReturn;
  938. }
  939. memset(pContext->pbLastMessage, 0x00, pContext->cbLastMessage);
  940. memcpy(pContext->pbLastMessage, pbMessage, pContext->cbLastMessage);
  941. }
  942. lsReturn = LICENSE_STATUS_CONTINUE;
  943. LS_LOG_RESULT(lsReturn);
  944. CommonReturn:
  945. //LICENSE_LOG_RESULT(lsReturn);
  946. if(Response.EncryptedChallengeResponse.pBlob)
  947. {
  948. free(Response.EncryptedChallengeResponse.pBlob);
  949. Response.EncryptedChallengeResponse.pBlob = NULL;
  950. }
  951. if(Response.EncryptedHWID.pBlob)
  952. {
  953. free(Response.EncryptedHWID.pBlob);
  954. Response.EncryptedHWID.pBlob = NULL;
  955. }
  956. return lsReturn;
  957. //LS_RETURN(lsReturn);
  958. ErrorReturn:
  959. *pcbMessage = 0;
  960. goto CommonReturn;
  961. }
  962. LICENSE_STATUS
  963. CALL_TYPE
  964. LicenseClientHandleNewLicense(
  965. PLicense_Client_Context pContext,
  966. PHydra_Server_New_License pCanonical,
  967. BOOL fNew,
  968. BYTE FAR * pbMessage,
  969. DWORD FAR * pcbMessage
  970. )
  971. {
  972. LICENSE_STATUS lsReturn = LICENSE_STATUS_OK;
  973. New_License_Info NewLicense;
  974. BYTE MACData[LICENSE_MAC_DATA];
  975. Binary_Blob bbData;
  976. LSINDEX lsIndex;
  977. HANDLE hStore = NULL;
  978. LS_BEGIN(TEXT("LicenseClientHandleNewLicense"));
  979. if(NULL == pContext || NULL == pCanonical )
  980. {
  981. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  982. LS_LOG_RESULT(lsReturn);
  983. goto ErrorReturn;
  984. }
  985. memset(&bbData, 0x00, sizeof(Binary_Blob));
  986. memset(&NewLicense, 0x00, sizeof(New_License_Info));
  987. memset(&lsIndex, 0x00, sizeof(LSINDEX));
  988. //First decrypt the encrypted license info
  989. if( LICENSE_STATUS_OK != (lsReturn = LicenseDecryptSessionData(pContext->pCryptParam,
  990. pCanonical->EncryptedNewLicenseInfo.pBlob,
  991. ( DWORD )( pCanonical->EncryptedNewLicenseInfo.wBlobLen ))) )
  992. {
  993. LS_LOG_RESULT(lsReturn);
  994. goto ErrorReturn;
  995. }
  996. //Generate the MAC data with the decrypted data
  997. if( LICENSE_STATUS_OK != (lsReturn = LicenseGenerateMAC(pContext->pCryptParam,
  998. pCanonical->EncryptedNewLicenseInfo.pBlob,
  999. (DWORD)pCanonical->EncryptedNewLicenseInfo.wBlobLen,
  1000. MACData)) )
  1001. {
  1002. LS_LOG_RESULT(lsReturn);
  1003. goto ErrorReturn;
  1004. }
  1005. //Compare this MAC with the one sent by the Server.
  1006. if(memcmp(MACData, pCanonical->MACData, LICENSE_MAC_DATA))
  1007. {
  1008. lsReturn = LICENSE_STATUS_INVALID_MAC_DATA;
  1009. LS_LOG_RESULT(lsReturn);
  1010. goto ErrorReturn;
  1011. }
  1012. if( LICENSE_STATUS_OK != (lsReturn = UnpackNewLicenseInfo(pCanonical->EncryptedNewLicenseInfo.pBlob,
  1013. (DWORD)pCanonical->EncryptedNewLicenseInfo.wBlobLen,
  1014. &NewLicense)) )
  1015. {
  1016. LS_LOG_RESULT(lsReturn);
  1017. goto ErrorReturn;
  1018. }
  1019. //Try to open the system license store
  1020. if( LICENSE_STATUS_OK != (lsReturn = MapStoreError(LSOpenLicenseStore(&hStore, NULL, FALSE))) )
  1021. {
  1022. LS_LOG_RESULT(lsReturn);
  1023. goto ErrorReturn;
  1024. }
  1025. //Initialize the LSINDEX structure. This structure will be used to add/replace a license in the store
  1026. //To do that, first initialize version info
  1027. lsIndex.dwVersion = NewLicense.dwVersion;
  1028. //Initialize Scope info
  1029. lsIndex.cbScope = NewLicense.cbScope;
  1030. if( NULL == (lsIndex.pbScope = (LPSTR)malloc(lsIndex.cbScope)) )
  1031. {
  1032. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1033. LS_LOG_RESULT(lsReturn);
  1034. goto ErrorReturn;
  1035. }
  1036. memset(lsIndex.pbScope, 0x00, lsIndex.cbScope);
  1037. memcpy(lsIndex.pbScope, NewLicense.pbScope, lsIndex.cbScope);
  1038. //Initialize CompanyName info
  1039. lsIndex.cbCompany = NewLicense.cbCompanyName;
  1040. if( NULL == (lsIndex.pbCompany = (LPSTR)malloc(lsIndex.cbCompany)) )
  1041. {
  1042. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1043. LS_LOG_RESULT(lsReturn);
  1044. goto ErrorReturn;
  1045. }
  1046. memset(lsIndex.pbCompany, 0x00, lsIndex.cbCompany);
  1047. memcpy(lsIndex.pbCompany, NewLicense.pbCompanyName, lsIndex.cbCompany);
  1048. //Initialize ProductID info
  1049. lsIndex.cbProductID = NewLicense.cbProductID;
  1050. if( NULL == (lsIndex.pbProductID = (LPSTR)malloc(lsIndex.cbProductID)) )
  1051. {
  1052. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1053. LS_LOG_RESULT(lsReturn);
  1054. goto ErrorReturn;
  1055. }
  1056. memset(lsIndex.pbProductID, 0x00, lsIndex.cbProductID);
  1057. memcpy(lsIndex.pbProductID, NewLicense.pbProductID, lsIndex.cbProductID);
  1058. LS_LOG_RESULT(lsReturn);
  1059. if( LICENSE_STATUS_OK != (lsReturn = LSAddLicenseToStore(hStore,
  1060. LS_REPLACE_LICENSE_OK,
  1061. &lsIndex,
  1062. NewLicense.pbLicenseInfo,
  1063. NewLicense.cbLicenseInfo
  1064. )) )
  1065. {
  1066. LS_LOG_RESULT(lsReturn);
  1067. goto ErrorReturn;
  1068. }
  1069. //Update state info and inform that the License Verification is over and the client can carry on
  1070. //with further connection!
  1071. pContext->dwState = LICENSE_CLIENT_STATE_DONE;
  1072. memset(pContext->rgbMACData, 0x00, LICENSE_MAC_DATA);
  1073. //Reset the last send message to 0;
  1074. if(pContext->pbLastMessage)
  1075. {
  1076. memset(pContext->pbLastMessage, 0x00, pContext->cbLastMessage);
  1077. free(pContext->pbLastMessage);
  1078. pContext->pbLastMessage = NULL;
  1079. }
  1080. pContext->cbLastMessage = 0;
  1081. lsReturn = LICENSE_STATUS_OK;
  1082. CommonReturn:
  1083. if( hStore )
  1084. {
  1085. LSCloseLicenseStore( hStore );
  1086. }
  1087. if(NewLicense.pbScope)
  1088. {
  1089. free(NewLicense.pbScope);
  1090. NewLicense.pbScope = NULL;
  1091. }
  1092. if(NewLicense.pbCompanyName)
  1093. {
  1094. free(NewLicense.pbCompanyName);
  1095. NewLicense.pbCompanyName = NULL;
  1096. }
  1097. if(NewLicense.pbProductID)
  1098. {
  1099. free(NewLicense.pbProductID);
  1100. NewLicense.pbProductID = NULL;
  1101. }
  1102. if(NewLicense.pbLicenseInfo)
  1103. {
  1104. free(NewLicense.pbLicenseInfo);
  1105. NewLicense.pbLicenseInfo = NULL;
  1106. }
  1107. if(lsIndex.pbScope)
  1108. {
  1109. free(lsIndex.pbScope);
  1110. lsIndex.pbScope = NULL;
  1111. }
  1112. if(lsIndex.pbCompany)
  1113. {
  1114. free(lsIndex.pbCompany);
  1115. lsIndex.pbCompany = NULL;
  1116. }
  1117. if(lsIndex.pbProductID)
  1118. {
  1119. free(lsIndex.pbProductID);
  1120. lsIndex.pbProductID = NULL;
  1121. }
  1122. if(bbData.pBlob)
  1123. {
  1124. free(bbData.pBlob);
  1125. bbData.pBlob = NULL;
  1126. }
  1127. return lsReturn;
  1128. ErrorReturn:
  1129. goto CommonReturn;
  1130. }
  1131. LICENSE_STATUS
  1132. CALL_TYPE
  1133. ClientConstructLicenseInfo(
  1134. PLicense_Client_Context pContext,
  1135. BYTE FAR * pbInput,
  1136. DWORD cbInput,
  1137. BYTE FAR * pbOutput,
  1138. DWORD FAR * pcbOutput,
  1139. BOOL fExtendedError
  1140. )
  1141. {
  1142. LICENSE_STATUS lsReturn = LICENSE_STATUS_OK;
  1143. Hydra_Client_License_Info Canonical;
  1144. HWID hwid;
  1145. Binary_Blob bbPreMasterSecret;
  1146. DWORD dwSize = 0;
  1147. DWORD dwState = 0;
  1148. PBYTE pbServerPubKey;
  1149. DWORD cbServerPubKey;
  1150. LS_BEGIN(TEXT("ClientContstructLicenseInfo"));
  1151. if(NULL == pContext || NULL == pcbOutput)
  1152. {
  1153. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  1154. LS_LOG_RESULT(lsReturn);
  1155. goto ErrorReturn;
  1156. }
  1157. //Construct the messages
  1158. bbPreMasterSecret.wBlobType = BB_RANDOM_BLOB;
  1159. bbPreMasterSecret.wBlobLen = LICENSE_PRE_MASTER_SECRET;
  1160. if( NULL == (bbPreMasterSecret.pBlob = (BYTE FAR *)malloc(LICENSE_PRE_MASTER_SECRET)) )
  1161. {
  1162. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1163. LS_LOG_RESULT(lsReturn);
  1164. goto ErrorReturn;
  1165. }
  1166. memcpy(bbPreMasterSecret.pBlob, pContext->pCryptParam->rgbPreMasterSecret, LICENSE_PRE_MASTER_SECRET);
  1167. memset(&Canonical, 0x00, sizeof(Hydra_Client_License_Info));
  1168. //RSA is hardcoded for the time being
  1169. Canonical.dwPrefKeyExchangeAlg = pContext->pCryptParam->dwKeyExchAlg;
  1170. #ifdef OS_WINCE
  1171. Canonical.dwPlatformID = CLIENT_OS_ID_OTHER | CLIENT_IMAGE_ID_MICROSOFT;
  1172. #else // WinNT or Win9x
  1173. {
  1174. DWORD dwVersion = GetVersion();
  1175. if (dwVersion & 0x80000000) {
  1176. // Win95
  1177. Canonical.dwPlatformID = CLIENT_OS_ID_OTHER | CLIENT_IMAGE_ID_MICROSOFT;
  1178. } else {
  1179. OSVERSIONINFOEX ovix;
  1180. BOOL b;
  1181. ovix.dwOSVersionInfoSize = sizeof(ovix);
  1182. b = GetVersionEx((LPOSVERSIONINFO) &ovix);
  1183. if(b && ((ovix.wSuiteMask & VER_SUITE_EMBEDDEDNT) || (ovix.wSuiteMask & VER_SUITE_PERSONAL)))
  1184. {
  1185. Canonical.dwPlatformID = CLIENT_OS_ID_WINNT_40 | CLIENT_IMAGE_ID_MICROSOFT;
  1186. }
  1187. else
  1188. {
  1189. // WinNT
  1190. Canonical.dwPlatformID = CLIENT_IMAGE_ID_MICROSOFT |
  1191. ((((DWORD)(LOBYTE(LOWORD(dwVersion)))) - 2) << 24);
  1192. Canonical.dwPlatformID |= (DWORD)(HIBYTE(LOWORD(dwVersion)));
  1193. }
  1194. }
  1195. }
  1196. #endif
  1197. //ClientRandom
  1198. memcpy(Canonical.ClientRandom, pContext->pCryptParam->rgbClientRandom, LICENSE_RANDOM);
  1199. if( pContext->pServerCert )
  1200. {
  1201. //
  1202. // This public key is used for pre-Hydra 5.0 servers that are using proprietory
  1203. // server certificates.
  1204. //
  1205. pbServerPubKey = pContext->pServerCert->PublicKeyData.pBlob;
  1206. cbServerPubKey = pContext->pServerCert->PublicKeyData.wBlobLen;
  1207. }
  1208. else
  1209. {
  1210. pbServerPubKey = pContext->pbServerPubKey;
  1211. cbServerPubKey = pContext->cbServerPubKey;
  1212. }
  1213. //We have to switch here depending on the key exchange algorithm to be used -Shubho
  1214. if( LICENSE_STATUS_OK != (lsReturn = LicenseEnvelopeData(pbServerPubKey,
  1215. cbServerPubKey,
  1216. bbPreMasterSecret.pBlob,
  1217. bbPreMasterSecret.wBlobLen,
  1218. NULL,
  1219. &dwSize)) )
  1220. {
  1221. LS_LOG_RESULT(lsReturn);
  1222. goto ErrorReturn;
  1223. }
  1224. if( NULL == (Canonical.EncryptedPreMasterSecret.pBlob = (BYTE FAR *)malloc(dwSize)) )
  1225. {
  1226. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1227. LS_LOG_RESULT(lsReturn);
  1228. goto ErrorReturn;
  1229. }
  1230. memset(Canonical.EncryptedPreMasterSecret.pBlob, 0x00, dwSize);
  1231. if( LICENSE_STATUS_OK != (lsReturn = LicenseEnvelopeData(pbServerPubKey,
  1232. cbServerPubKey,
  1233. bbPreMasterSecret.pBlob,
  1234. bbPreMasterSecret.wBlobLen,
  1235. Canonical.EncryptedPreMasterSecret.pBlob,
  1236. &dwSize)) )
  1237. {
  1238. LS_LOG_RESULT(lsReturn);
  1239. goto ErrorReturn;
  1240. }
  1241. Canonical.EncryptedPreMasterSecret.wBlobLen = (WORD)dwSize;
  1242. //Fill up LicenseInfo buffer
  1243. Canonical.LicenseInfo.wBlobType = BB_DATA_BLOB;
  1244. Canonical.LicenseInfo.wBlobLen = (WORD)cbInput;
  1245. if( NULL == (Canonical.LicenseInfo.pBlob = (BYTE FAR *)malloc(Canonical.LicenseInfo.wBlobLen)) )
  1246. {
  1247. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1248. LS_LOG_RESULT(lsReturn);
  1249. goto ErrorReturn;
  1250. }
  1251. memset(Canonical.LicenseInfo.pBlob, 0x00, Canonical.LicenseInfo.wBlobLen);
  1252. memcpy(Canonical.LicenseInfo.pBlob, pbInput, Canonical.LicenseInfo.wBlobLen);
  1253. //Generate HWID and put the data in a binary_blob to encrypt
  1254. memset(&hwid, 0x00, sizeof(HWID));
  1255. if( LICENSE_STATUS_OK != (lsReturn = GenerateClientHWID(&hwid)) )
  1256. {
  1257. LS_LOG_RESULT(lsReturn);
  1258. goto ErrorReturn;
  1259. }
  1260. Canonical.EncryptedHWID.wBlobType = BB_DATA_BLOB;
  1261. Canonical.EncryptedHWID.wBlobLen = sizeof(HWID);
  1262. if( NULL == (Canonical.EncryptedHWID.pBlob = (BYTE FAR *)malloc(Canonical.EncryptedHWID.wBlobLen)) )
  1263. {
  1264. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1265. LS_LOG_RESULT(lsReturn);
  1266. goto ErrorReturn;
  1267. }
  1268. memset(Canonical.EncryptedHWID.pBlob, 0x00, Canonical.EncryptedHWID.wBlobLen);
  1269. memcpy(Canonical.EncryptedHWID.pBlob, &hwid, Canonical.EncryptedHWID.wBlobLen);
  1270. dwState = pContext->pCryptParam->dwCryptState;
  1271. //Generate the session key and MACsalt
  1272. if( LICENSE_STATUS_OK != (lsReturn = LicenseBuildMasterSecret(pContext->pCryptParam)) )
  1273. {
  1274. LS_LOG_RESULT(lsReturn);
  1275. goto ErrorReturn;
  1276. }
  1277. if( LICENSE_STATUS_OK != (lsReturn = LicenseMakeSessionKeys(pContext->pCryptParam, 0)) )
  1278. {
  1279. LS_LOG_RESULT(lsReturn);
  1280. goto ErrorReturn;
  1281. }
  1282. //Encrypt the HWID with generated session key
  1283. if( LICENSE_STATUS_OK != (lsReturn = LicenseEncryptSessionData(pContext->pCryptParam,
  1284. Canonical.EncryptedHWID.pBlob,
  1285. (DWORD)Canonical.EncryptedHWID.wBlobLen)) )
  1286. {
  1287. LS_LOG_RESULT(lsReturn);
  1288. goto ErrorReturn;
  1289. }
  1290. //Generate the MAC with original HWID
  1291. LicenseGenerateMAC(pContext->pCryptParam, ( BYTE FAR * )&hwid, sizeof(hwid), Canonical.MACData);
  1292. //Now everything is ready, so pack the data
  1293. if( LICENSE_STATUS_OK != (lsReturn = PackHydraClientLicenseInfo(&Canonical, fExtendedError, pbOutput, pcbOutput)) )
  1294. {
  1295. LS_LOG_RESULT(lsReturn);
  1296. goto ErrorReturn;
  1297. }
  1298. //Set the MACData in the CryptSystem MAC buffer.
  1299. memcpy(pContext->rgbMACData, Canonical.MACData, LICENSE_MAC_DATA);
  1300. //Set the state of the context to LICENSE_CLIENT_STATE_LICENSE_RESPONSE
  1301. //if any output data is written. i.e. pbOutput is not null. Also revert back
  1302. //the crypparam state as this will also be called twice and we change the state
  1303. //only when we have written something in the output!!!!! - bad!!!!!
  1304. if(pbOutput)
  1305. {
  1306. pContext->dwState = LICENSE_CLIENT_STATE_LICENSE_RESPONSE;
  1307. }
  1308. else //Restore earlier CryptSystem States
  1309. {
  1310. pContext->pCryptParam->dwCryptState = dwState;
  1311. memcpy(pContext->pCryptParam->rgbPreMasterSecret, bbPreMasterSecret.pBlob, LICENSE_PRE_MASTER_SECRET);
  1312. memset(pContext->pCryptParam->rgbSessionKey, 0x00, LICENSE_SESSION_KEY);
  1313. memset(pContext->pCryptParam->rgbMACSaltKey, 0x00, LICENSE_MAC_WRITE_KEY);
  1314. }
  1315. //Copy the whole message to the context
  1316. pContext->cbLastMessage = *pcbOutput;
  1317. if(pbOutput)
  1318. {
  1319. if( pContext->pbLastMessage )
  1320. {
  1321. free( pContext->pbLastMessage );
  1322. }
  1323. if( NULL == (pContext->pbLastMessage = (BYTE FAR *)malloc(pContext->cbLastMessage)) )
  1324. {
  1325. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1326. goto ErrorReturn;
  1327. }
  1328. memset(pContext->pbLastMessage, 0x00, pContext->cbLastMessage);
  1329. memcpy(pContext->pbLastMessage, pbOutput, pContext->cbLastMessage);
  1330. }
  1331. lsReturn = LICENSE_STATUS_CONTINUE;
  1332. LS_LOG_RESULT(lsReturn);
  1333. CommonReturn:
  1334. if(Canonical.EncryptedPreMasterSecret.pBlob)
  1335. {
  1336. free(Canonical.EncryptedPreMasterSecret.pBlob);
  1337. Canonical.EncryptedPreMasterSecret.pBlob = NULL;
  1338. }
  1339. if(Canonical.LicenseInfo.pBlob)
  1340. {
  1341. free(Canonical.LicenseInfo.pBlob);
  1342. Canonical.LicenseInfo.pBlob = NULL;
  1343. }
  1344. if(Canonical.EncryptedHWID.pBlob)
  1345. {
  1346. free(Canonical.EncryptedHWID.pBlob);
  1347. Canonical.EncryptedHWID.pBlob = NULL;
  1348. }
  1349. if(bbPreMasterSecret.pBlob)
  1350. {
  1351. free(bbPreMasterSecret.pBlob);
  1352. bbPreMasterSecret.pBlob = NULL;
  1353. }
  1354. return lsReturn;
  1355. // LS_RETURN(lsReturn);
  1356. ErrorReturn:
  1357. *pcbOutput = 0;
  1358. goto CommonReturn;
  1359. }
  1360. LICENSE_STATUS
  1361. CALL_TYPE
  1362. ClientConstructNewLicenseRequest(
  1363. PLicense_Client_Context pContext,
  1364. BYTE FAR * pbOutput,
  1365. DWORD FAR * pcbOutput,
  1366. BOOL fExtendedError
  1367. )
  1368. {
  1369. LICENSE_STATUS lsReturn = LICENSE_STATUS_OK;
  1370. Hydra_Client_New_License_Request Request;
  1371. Binary_Blob bbPreMasterSecret;
  1372. DWORD dwSize = 0;
  1373. DWORD dwState = 0;
  1374. #ifdef OS_WINCE
  1375. #define LS_MAX(a,b) ((a) > (b) ? (a) : (b))
  1376. BYTE szUserName[LS_MAX((UNLEN + 1),HWID_STR_LEN)];
  1377. DWORD cbUserName = sizeof(szUserName);
  1378. BYTE szMachineName[LS_MAX(MAX_COMPUTERNAME_LENGTH + 1,HWID_STR_LEN)];
  1379. DWORD cbMachineName = sizeof(szMachineName);
  1380. #else
  1381. BYTE szUserName[(UNLEN + 1) * sizeof(TCHAR)];
  1382. DWORD cbUserName = UNLEN + 1;
  1383. BYTE szMachineName[(MAX_COMPUTERNAME_LENGTH + 1) * sizeof(TCHAR)];
  1384. DWORD cbMachineName = (MAX_COMPUTERNAME_LENGTH + 1) * sizeof(TCHAR);
  1385. #endif
  1386. PBYTE pbServerPubKey;
  1387. DWORD cbServerPubKey;
  1388. LS_BEGIN(TEXT("ClientConstructNewLicenseRequest"));
  1389. if(NULL == pContext)
  1390. {
  1391. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  1392. LS_LOG_RESULT(lsReturn);
  1393. goto ErrorReturn;
  1394. }
  1395. memset(szUserName,0,sizeof(szUserName));
  1396. memset(szMachineName,0,sizeof(szMachineName));
  1397. dwState = pContext->pCryptParam->dwCryptState;
  1398. bbPreMasterSecret.wBlobType = BB_RANDOM_BLOB;
  1399. bbPreMasterSecret.wBlobLen = LICENSE_PRE_MASTER_SECRET;
  1400. if( NULL == (bbPreMasterSecret.pBlob = (BYTE FAR *)malloc(LICENSE_PRE_MASTER_SECRET)) )
  1401. {
  1402. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1403. LS_LOG_RESULT(lsReturn);
  1404. goto ErrorReturn;
  1405. }
  1406. memcpy(bbPreMasterSecret.pBlob, pContext->pCryptParam->rgbPreMasterSecret, LICENSE_PRE_MASTER_SECRET);
  1407. //Initialize the message
  1408. memset(&Request, 0x00, sizeof(Hydra_Client_New_License_Request));
  1409. //RSA is hardcoded for the time being
  1410. Request.dwPrefKeyExchangeAlg = pContext->pCryptParam->dwKeyExchAlg;
  1411. //PlatformID
  1412. #ifdef OS_WINCE
  1413. Request.dwPlatformID = CLIENT_OS_ID_OTHER | CLIENT_IMAGE_ID_MICROSOFT;
  1414. #else // WinNT or Win9x
  1415. {
  1416. DWORD dwVersion = GetVersion();
  1417. if (dwVersion & 0x80000000) {
  1418. // Win95
  1419. Request.dwPlatformID = CLIENT_OS_ID_OTHER | CLIENT_IMAGE_ID_MICROSOFT;
  1420. } else {
  1421. OSVERSIONINFOEX ovix;
  1422. BOOL b;
  1423. ovix.dwOSVersionInfoSize = sizeof(ovix);
  1424. b = GetVersionEx((LPOSVERSIONINFO) &ovix);
  1425. if(b && ((ovix.wSuiteMask & VER_SUITE_EMBEDDEDNT) || (ovix.wSuiteMask & VER_SUITE_PERSONAL)))
  1426. {
  1427. Request.dwPlatformID = CLIENT_OS_ID_WINNT_40 | CLIENT_IMAGE_ID_MICROSOFT;
  1428. }
  1429. else
  1430. {
  1431. // WinNT
  1432. Request.dwPlatformID = CLIENT_IMAGE_ID_MICROSOFT |
  1433. ((((DWORD)(LOBYTE(LOWORD(dwVersion)))) - 2) << 24);
  1434. }
  1435. }
  1436. }
  1437. #endif
  1438. //Copy ClientRandom
  1439. memcpy(Request.ClientRandom, pContext->pCryptParam->rgbClientRandom, LICENSE_RANDOM);
  1440. //Encrypt the Premastersecret using Server's Public key
  1441. //We have to switch here depending on the key exchange algorithm to be used -Shubho
  1442. if( pContext->pServerCert )
  1443. {
  1444. //
  1445. // This public key is used for pre-Hydra 5.0 servers that are using proprietory
  1446. // server certificates.
  1447. //
  1448. pbServerPubKey = pContext->pServerCert->PublicKeyData.pBlob;
  1449. cbServerPubKey = pContext->pServerCert->PublicKeyData.wBlobLen;
  1450. }
  1451. else
  1452. {
  1453. pbServerPubKey = pContext->pbServerPubKey;
  1454. cbServerPubKey = pContext->cbServerPubKey;
  1455. }
  1456. if( LICENSE_STATUS_OK != (lsReturn = LicenseEnvelopeData(pbServerPubKey,
  1457. cbServerPubKey,
  1458. bbPreMasterSecret.pBlob,
  1459. bbPreMasterSecret.wBlobLen,
  1460. NULL,
  1461. &dwSize)) )
  1462. {
  1463. #if DBG
  1464. OutputDebugString(_T("LicenseEnvelopeData failed"));
  1465. LS_LOG_RESULT(lsReturn);
  1466. #endif
  1467. goto ErrorReturn;
  1468. }
  1469. if( NULL == (Request.EncryptedPreMasterSecret.pBlob = (BYTE FAR *)malloc(dwSize)) )
  1470. {
  1471. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1472. LS_LOG_RESULT(lsReturn);
  1473. goto ErrorReturn;
  1474. }
  1475. memset(Request.EncryptedPreMasterSecret.pBlob, 0x00, dwSize);
  1476. if( LICENSE_STATUS_OK != (lsReturn = LicenseEnvelopeData(pbServerPubKey,
  1477. cbServerPubKey,
  1478. bbPreMasterSecret.pBlob,
  1479. bbPreMasterSecret.wBlobLen,
  1480. Request.EncryptedPreMasterSecret.pBlob,
  1481. &dwSize)) )
  1482. {
  1483. #if DBG
  1484. OutputDebugString(_T("LicenseEnvelopeData failed"));
  1485. LS_LOG_RESULT(lsReturn);
  1486. #endif
  1487. goto ErrorReturn;
  1488. }
  1489. Request.EncryptedPreMasterSecret.wBlobLen = (WORD)dwSize;
  1490. //
  1491. // initialize the user name binary blob
  1492. //
  1493. #if !defined(OS_WINCE)
  1494. GetUserName( (LPTSTR)szUserName, &cbUserName );
  1495. #elif defined(OS_WINCE)
  1496. GetUserName( (LPSTR)szUserName, &cbUserName );
  1497. #endif //OS_WINCE
  1498. Request.ClientUserName.wBlobType = BB_CLIENT_USER_NAME_BLOB;
  1499. Request.ClientUserName.wBlobLen = ( WORD )cbUserName;
  1500. Request.ClientUserName.pBlob = szUserName;
  1501. //
  1502. // initialize the machine name binary blob
  1503. //
  1504. #if defined(OS_WINCE)
  1505. GetComputerName( (LPSTR)szMachineName, &cbMachineName );
  1506. #else
  1507. GetComputerName( (LPTSTR)szMachineName, &cbMachineName );
  1508. #endif
  1509. Request.ClientMachineName.wBlobType = BB_CLIENT_MACHINE_NAME_BLOB;
  1510. Request.ClientMachineName.wBlobLen = ( WORD )cbMachineName + 1;
  1511. Request.ClientMachineName.pBlob = szMachineName;
  1512. //New License Request is ready. Now pack the data,
  1513. if( LICENSE_STATUS_OK != (lsReturn = PackHydraClientNewLicenseRequest(&Request,
  1514. fExtendedError,
  1515. pbOutput,
  1516. pcbOutput)) )
  1517. {
  1518. LS_LOG_RESULT(lsReturn);
  1519. goto ErrorReturn;
  1520. }
  1521. //Anyway Generate the session key and MACsalt for future use
  1522. if( LICENSE_STATUS_OK != (lsReturn = LicenseBuildMasterSecret(pContext->pCryptParam)) )
  1523. {
  1524. LS_LOG_RESULT(lsReturn);
  1525. goto ErrorReturn;
  1526. }
  1527. if( LICENSE_STATUS_OK != (lsReturn = LicenseMakeSessionKeys(pContext->pCryptParam, 0)) )
  1528. {
  1529. LS_LOG_RESULT(lsReturn);
  1530. goto ErrorReturn;
  1531. }
  1532. //Set the MACData in the CryptSystem MAC buffer.
  1533. memset(pContext->rgbMACData, 0x00, LICENSE_MAC_DATA);
  1534. //Set the state of the context to LICENSE_CLIENT_STATE_NEW_LICENSE_REQUEST
  1535. //if something is written on the output. i.e. pbOutput is not NULL
  1536. if(pbOutput)
  1537. {
  1538. pContext->dwState = LICENSE_CLIENT_STATE_LICENSE_RESPONSE;
  1539. }
  1540. else //Restore earlier CryptSystem States
  1541. {
  1542. pContext->pCryptParam->dwCryptState = dwState;
  1543. memcpy(pContext->pCryptParam->rgbPreMasterSecret, bbPreMasterSecret.pBlob, LICENSE_PRE_MASTER_SECRET);
  1544. memset(pContext->pCryptParam->rgbSessionKey, 0x00, LICENSE_SESSION_KEY);
  1545. memset(pContext->pCryptParam->rgbMACSaltKey, 0x00, LICENSE_MAC_WRITE_KEY);
  1546. }
  1547. //Copy the whole message to the context
  1548. pContext->cbLastMessage = *pcbOutput;
  1549. if(pbOutput)
  1550. {
  1551. if( pContext->pbLastMessage )
  1552. {
  1553. free( pContext->pbLastMessage );
  1554. }
  1555. if( NULL == (pContext->pbLastMessage = (BYTE FAR *)malloc(pContext->cbLastMessage)) )
  1556. {
  1557. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1558. LS_LOG_RESULT(lsReturn);
  1559. goto ErrorReturn;
  1560. }
  1561. memset(pContext->pbLastMessage, 0x00, pContext->cbLastMessage);
  1562. memcpy(pContext->pbLastMessage, pbOutput, pContext->cbLastMessage);
  1563. }
  1564. lsReturn = LICENSE_STATUS_CONTINUE;
  1565. LS_LOG_RESULT(lsReturn);
  1566. CommonReturn:
  1567. if(bbPreMasterSecret.pBlob)
  1568. {
  1569. free(bbPreMasterSecret.pBlob);
  1570. bbPreMasterSecret.pBlob = NULL;
  1571. }
  1572. if( Request.EncryptedPreMasterSecret.pBlob )
  1573. {
  1574. free( Request.EncryptedPreMasterSecret.pBlob );
  1575. }
  1576. return lsReturn;
  1577. //LS_RETURN(lsReturn);
  1578. ErrorReturn:
  1579. *pcbOutput = 0;
  1580. goto CommonReturn;
  1581. }
  1582. LICENSE_STATUS
  1583. CALL_TYPE
  1584. ClientConstructErrorAlert(
  1585. PLicense_Client_Context pContext,
  1586. DWORD dwErrorCode,
  1587. DWORD dwStateTransition,
  1588. BYTE FAR * pbErrorInfo,
  1589. DWORD cbErrorInfo,
  1590. BYTE FAR * pbOutput,
  1591. DWORD FAR * pcbOutput,
  1592. BOOL fExtendedError
  1593. )
  1594. {
  1595. LICENSE_STATUS lsReturn = LICENSE_STATUS_OK;
  1596. License_Error_Message Error;
  1597. LS_BEGIN(TEXT("ClientConstructErrorAlert\n"));
  1598. if(NULL == pContext)
  1599. {
  1600. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  1601. LS_LOG_RESULT(lsReturn);
  1602. goto ErrorReturn;
  1603. }
  1604. memset(&Error, 0x00, sizeof(License_Error_Message));
  1605. Error.dwErrorCode = dwErrorCode;
  1606. Error.dwStateTransition = dwStateTransition;
  1607. Error.bbErrorInfo.wBlobType = BB_ERROR_BLOB;
  1608. Error.bbErrorInfo.wBlobLen = (WORD)cbErrorInfo;
  1609. if(Error.bbErrorInfo.wBlobLen>0)
  1610. {
  1611. if( NULL == (Error.bbErrorInfo.pBlob = (BYTE FAR *)malloc(Error.bbErrorInfo.wBlobLen)) )
  1612. {
  1613. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1614. LS_LOG_RESULT(lsReturn);
  1615. goto ErrorReturn;
  1616. }
  1617. memset(Error.bbErrorInfo.pBlob, 0x00, Error.bbErrorInfo.wBlobLen);
  1618. memcpy(Error.bbErrorInfo.pBlob, pbErrorInfo, Error.bbErrorInfo.wBlobLen);
  1619. }
  1620. else
  1621. Error.bbErrorInfo.pBlob = NULL;
  1622. if( LICENSE_STATUS_OK != (lsReturn = PackLicenseErrorMessage(&Error,
  1623. fExtendedError,
  1624. pbOutput,
  1625. pcbOutput)) )
  1626. {
  1627. LS_LOG_RESULT(lsReturn);
  1628. goto ErrorReturn;
  1629. }
  1630. //Set the MACData in the CryptSystem MAC buffer.
  1631. memset(pContext->rgbMACData, 0x00, LICENSE_MAC_DATA);
  1632. //Set the state of the context to LICENSE_CLIENT_STATE_ABORT;
  1633. switch(dwStateTransition)
  1634. {
  1635. case ST_TOTAL_ABORT:
  1636. pContext->dwState = LICENSE_CLIENT_STATE_ABORT;
  1637. lsReturn = LICENSE_STATUS_CLIENT_ABORT;
  1638. pContext->cbLastMessage = 0;
  1639. break;
  1640. case ST_NO_TRANSITION:
  1641. lsReturn = LICENSE_STATUS_CONTINUE;
  1642. pContext->cbLastMessage = *pcbOutput;
  1643. if(pbOutput)
  1644. {
  1645. if( pContext->pbLastMessage )
  1646. {
  1647. free( pContext->pbLastMessage );
  1648. }
  1649. if( NULL == (pContext->pbLastMessage = (BYTE FAR *)malloc(pContext->cbLastMessage)) )
  1650. {
  1651. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1652. LS_LOG_RESULT(lsReturn);
  1653. goto ErrorReturn;
  1654. }
  1655. memset(pContext->pbLastMessage, 0x00, pContext->cbLastMessage);
  1656. memcpy(pContext->pbLastMessage, pbOutput, pContext->cbLastMessage);
  1657. }
  1658. break;
  1659. case ST_RESET_PHASE_TO_START:
  1660. lsReturn = LICENSE_STATUS_CONTINUE;
  1661. if( (pContext->dwState == LICENSE_CLIENT_STATE_LICENSE_RESPONSE) ||
  1662. (pContext->dwState == LICENSE_CLIENT_STATE_NEW_LICENSE_REQUEST) )
  1663. {
  1664. pContext->dwState = LICENSE_CLIENT_STATE_WAIT_SERVER_HELLO;
  1665. }
  1666. else if(pContext->dwState == LICENSE_CLIENT_STATE_PLATFORM_CHALLENGE_RESPONSE)
  1667. {
  1668. pContext->dwState = LICENSE_CLIENT_STATE_NEW_LICENSE_REQUEST;
  1669. }
  1670. break;
  1671. case ST_RESEND_LAST_MESSAGE:
  1672. lsReturn = LICENSE_STATUS_CONTINUE;
  1673. break;
  1674. }
  1675. LS_LOG_RESULT(lsReturn);
  1676. CommonReturn:
  1677. if(Error.bbErrorInfo.pBlob)
  1678. {
  1679. free(Error.bbErrorInfo.pBlob);
  1680. Error.bbErrorInfo.pBlob = NULL;
  1681. }
  1682. return lsReturn;
  1683. //LS_RETURN(lsReturn);
  1684. ErrorReturn:
  1685. *pcbOutput = 0;
  1686. goto CommonReturn;
  1687. }
  1688. LICENSE_STATUS
  1689. CALL_TYPE
  1690. ClientGenerateChallengeResponse(
  1691. PLicense_Client_Context pContext,
  1692. PBinary_Blob pChallengeData,
  1693. PBinary_Blob pResponseData
  1694. )
  1695. {
  1696. LICENSE_STATUS lsReturn = LICENSE_STATUS_OK;
  1697. PPlatformChallengeResponseData pbChallengeResponse = NULL;
  1698. WORD cbChallengeResponse;
  1699. LS_BEGIN(TEXT("ClientGenerateChallengeResponse"));
  1700. //For the time being we will send back the same data. But we have to finalize on the challenge
  1701. //response generation algorithm as soon as possible - Shubho
  1702. if( (pContext == NULL) || (pChallengeData == NULL) || (pResponseData == NULL) )
  1703. {
  1704. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  1705. LS_LOG_RESULT(lsReturn);
  1706. goto ErrorReturn;
  1707. }
  1708. pResponseData->wBlobType = BB_DATA_BLOB;
  1709. //
  1710. // Determine how much memory we need to allocate, PlatformChallenge* is a variable length
  1711. // structure.
  1712. //
  1713. cbChallengeResponse = (WORD)OFFSET_OF(PlatformChallengeResponseData, pbChallenge) + pChallengeData->wBlobLen;
  1714. ASSERT(cbChallengeResponse <= PLATFORM_CHALLENGE_LENGTH);
  1715. if(cbChallengeResponse > PLATFORM_CHALLENGE_LENGTH)
  1716. {
  1717. lsReturn = LICENSE_STATUS_INVALID_INPUT;
  1718. LS_LOG_RESULT(lsReturn);
  1719. goto ErrorReturn;
  1720. }
  1721. pbChallengeResponse = (PPlatformChallengeResponseData)malloc(cbChallengeResponse);
  1722. if( NULL == pbChallengeResponse )
  1723. {
  1724. // can't allocate memory
  1725. lsReturn = LICENSE_STATUS_OUT_OF_MEMORY;
  1726. LS_LOG_RESULT(lsReturn);
  1727. goto ErrorReturn;
  1728. }
  1729. //
  1730. // Setup challenge response data,
  1731. //
  1732. pbChallengeResponse->wVersion = CURRENT_PLATFORMCHALLENGE_VERSION;
  1733. #ifdef OS_WINCE
  1734. pbChallengeResponse->wClientType = WINCE_PLATFORMCHALLENGE_TYPE;
  1735. pbChallengeResponse->wLicenseDetailLevel = LICENSE_DETAIL_DETAIL;
  1736. #else
  1737. //
  1738. // We only need one Win32 type since we already have dwPlatformID to differentiate Win98/NT
  1739. // Note, we set license detail level in #define just in case platform can't handle amount
  1740. // of data set back by license server
  1741. //
  1742. pbChallengeResponse->wClientType = WIN32_PLATFORMCHALLENGE_TYPE;
  1743. pbChallengeResponse->wLicenseDetailLevel = LICENSE_DETAIL_DETAIL;
  1744. #endif
  1745. if( (pChallengeData->pBlob != NULL) && (pChallengeData->wBlobLen >0) )
  1746. {
  1747. pbChallengeResponse->cbChallenge = pChallengeData->wBlobLen;
  1748. memcpy(
  1749. (PBYTE)pbChallengeResponse + OFFSET_OF(PlatformChallengeResponseData, pbChallenge),
  1750. pChallengeData->pBlob,
  1751. pChallengeData->wBlobLen
  1752. );
  1753. }
  1754. else
  1755. {
  1756. // server didn't send us any challenge data.
  1757. pbChallengeResponse->cbChallenge = 0;
  1758. }
  1759. pResponseData->wBlobLen = cbChallengeResponse;
  1760. pResponseData->pBlob = (BYTE FAR *)pbChallengeResponse;
  1761. lsReturn = LICENSE_STATUS_OK;
  1762. LS_LOG_RESULT(lsReturn);
  1763. CommonReturn:
  1764. //LS_RETURN(lsReturn);
  1765. return lsReturn;
  1766. ErrorReturn:
  1767. goto CommonReturn;
  1768. }
  1769. static BOOL GeneratePseudoLicense(
  1770. DWORD FAR * pcbNewLicense,
  1771. LPBYTE FAR *ppNewLicense)
  1772. {
  1773. TCHAR g_LicenseString[] = TEXT("Licensed To Kill");
  1774. #define REPEAT_LICENSE_STRING 15
  1775. #define LICENSE_STRING_LEN sizeof(TCHAR) * lstrlen(g_LicenseString)
  1776. #define LICENSE_SIZE ( LICENSE_STRING_LEN * REPEAT_LICENSE_STRING ) + 1 * sizeof(TCHAR)
  1777. UINT i;
  1778. BYTE FAR *pbLicenseData = NULL;
  1779. DWORD cbLicenseData = LICENSE_SIZE;
  1780. if( NULL == ( *ppNewLicense = malloc(cbLicenseData) ) )
  1781. {
  1782. return FALSE;
  1783. }
  1784. memset(*ppNewLicense, 0x00, cbLicenseData);
  1785. //
  1786. // fill the memory with this license string
  1787. //
  1788. pbLicenseData = *ppNewLicense;
  1789. for( i = 0; i < REPEAT_LICENSE_STRING; i++ )
  1790. {
  1791. memcpy( pbLicenseData, g_LicenseString, LICENSE_STRING_LEN );
  1792. pbLicenseData += LICENSE_STRING_LEN;
  1793. }
  1794. *pcbNewLicense = cbLicenseData;
  1795. return TRUE;
  1796. }
  1797. VOID
  1798. FreeProprietaryCertificate(
  1799. PHydra_Server_Cert * ppCertificate )
  1800. {
  1801. if( NULL == *ppCertificate )
  1802. {
  1803. return;
  1804. }
  1805. if( ( *ppCertificate )->PublicKeyData.pBlob )
  1806. {
  1807. free( ( *ppCertificate )->PublicKeyData.pBlob );
  1808. }
  1809. if( ( *ppCertificate )->SignatureBlob.pBlob )
  1810. {
  1811. free( ( *ppCertificate )->SignatureBlob.pBlob );
  1812. }
  1813. free( *ppCertificate );
  1814. *ppCertificate = NULL;
  1815. }