Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

393 lines
9.4 KiB

/*
Copyright (c) 1989 Microsoft Corporation
Module Name:
crypt.h
Abstract:
This module contains the public data structures and API definitions
needed to utilize the encryption library
Author:
David Chalmers (Davidc) 21-October-1991
Revision History:
--*/
#ifndef _NTCRYPT_
#define _NTCRYPT_
#define IN
#define OUT
/////////////////////////////////////////////////////////////////////////
// //
// Core encryption types //
// //
/////////////////////////////////////////////////////////////////////////
#define CLEAR_BLOCK_LENGTH 8
typedef struct _CLEAR_BLOCK {
char data[CLEAR_BLOCK_LENGTH];
} CLEAR_BLOCK;
typedef CLEAR_BLOCK * PCLEAR_BLOCK;
#define CYPHER_BLOCK_LENGTH 8
typedef struct _CYPHER_BLOCK {
char data[CYPHER_BLOCK_LENGTH];
} CYPHER_BLOCK;
typedef CYPHER_BLOCK * PCYPHER_BLOCK;
#define BLOCK_KEY_LENGTH 7
typedef struct _BLOCK_KEY {
char data[BLOCK_KEY_LENGTH];
} BLOCK_KEY;
typedef BLOCK_KEY * PBLOCK_KEY;
/////////////////////////////////////////////////////////////////////////
// //
// Arbitrary length data encryption types //
// //
/////////////////////////////////////////////////////////////////////////
typedef struct _CRYPT_BUFFER {
unsigned long Length; // Number of valid bytes in buffer
unsigned long MaximumLength; // Number of bytes pointed to by Buffer
void * Buffer;
} CRYPT_BUFFER;
typedef CRYPT_BUFFER * PCRYPT_BUFFER;
typedef CRYPT_BUFFER CLEAR_DATA;
typedef CLEAR_DATA * PCLEAR_DATA;
typedef CRYPT_BUFFER DATA_KEY;
typedef DATA_KEY * PDATA_KEY;
typedef CRYPT_BUFFER CYPHER_DATA;
typedef CYPHER_DATA * PCYPHER_DATA;
/////////////////////////////////////////////////////////////////////////
// //
// Lan Manager data types //
// //
/////////////////////////////////////////////////////////////////////////
//
// Define a LanManager compatible password
//
// A LanManager password is a null-terminated ansi string consisting of a
// maximum of 14 characters (not including terminator)
//
typedef char * PLM_PASSWORD;
//
// Define the result of the 'One Way Function' (OWF) on a LM password
//
#define LM_OWF_PASSWORD_LENGTH (CYPHER_BLOCK_LENGTH * 2)
typedef struct _LM_OWF_PASSWORD {
CYPHER_BLOCK data[2];
} LM_OWF_PASSWORD;
typedef LM_OWF_PASSWORD * PLM_OWF_PASSWORD;
//
// NT password types.
//
typedef struct _UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} UNICODE_STRING;
typedef UNICODE_STRING *PUNICODE_STRING;
typedef UNICODE_STRING NT_PASSWORD;
typedef NT_PASSWORD * PNT_PASSWORD;
#define NT_OWF_PASSWORD_LENGTH LM_OWF_PASSWORD_LENGTH
typedef LM_OWF_PASSWORD NT_OWF_PASSWORD;
typedef NT_OWF_PASSWORD * PNT_OWF_PASSWORD;
//
// Define the challenge sent by the Lanman server during logon
//
#define LM_CHALLENGE_LENGTH CLEAR_BLOCK_LENGTH
typedef CLEAR_BLOCK LM_CHALLENGE;
typedef LM_CHALLENGE * PLM_CHALLENGE;
typedef LM_CHALLENGE NT_CHALLENGE;
typedef NT_CHALLENGE * PNT_CHALLENGE;
#define USER_SESSION_KEY_LENGTH (CYPHER_BLOCK_LENGTH * 2)
typedef struct _USER_SESSION_KEY {
CYPHER_BLOCK data[2];
} USER_SESSION_KEY;
typedef USER_SESSION_KEY * PUSER_SESSION_KEY;
//
// Define the response sent by redirector in response to challenge from server
//
#define LM_RESPONSE_LENGTH (CYPHER_BLOCK_LENGTH * 3)
typedef struct _LM_RESPONSE {
CYPHER_BLOCK data[3];
} LM_RESPONSE;
typedef LM_RESPONSE * PLM_RESPONSE;
#define NT_RESPONSE_LENGTH LM_RESPONSE_LENGTH
typedef LM_RESPONSE NT_RESPONSE;
typedef NT_RESPONSE * PNT_RESPONSE;
//
// Define the result of the reversible encryption of an OWF'ed password.
//
#define ENCRYPTED_LM_OWF_PASSWORD_LENGTH (CYPHER_BLOCK_LENGTH * 2)
typedef struct _ENCRYPTED_LM_OWF_PASSWORD {
CYPHER_BLOCK data[2];
} ENCRYPTED_LM_OWF_PASSWORD;
typedef ENCRYPTED_LM_OWF_PASSWORD * PENCRYPTED_LM_OWF_PASSWORD;
//
// Define the session key maintained by the redirector and server
//
#define LM_SESSION_KEY_LENGTH LM_CHALLENGE_LENGTH
typedef LM_CHALLENGE LM_SESSION_KEY;
typedef LM_SESSION_KEY * PLM_SESSION_KEY;
#define NT_SESSION_KEY_LENGTH (2 * CLEAR_BLOCK_LENGTH)
//
// Define the index type used to encrypt OWF Passwords
//
typedef long CRYPT_INDEX;
typedef CRYPT_INDEX * PCRYPT_INDEX;
////////////////////////////////////////////////////////////////////////////
// //
// Encryption library API macros //
// //
// To conceal the purpose of these functions to someone dumping out the //
// encryption dll they have been purposefully given unhelpful names. //
// Each has an associated macro that should be used by system components //
// to access these routines in a readable way. //
// //
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
// //
// Encryption library API function prototypes //
// //
////////////////////////////////////////////////////////////////////////////
//
// Core block encryption functions
//
BOOL
EncryptBlock(
IN PCLEAR_BLOCK ClearBlock,
IN PBLOCK_KEY BlockKey,
OUT PCYPHER_BLOCK CypherBlock
);
BOOL
DecryptBlock(
IN PCYPHER_BLOCK CypherBlock,
IN PBLOCK_KEY BlockKey,
OUT PCLEAR_BLOCK ClearBlock
);
BOOL
EncryptStdBlock(
IN PBLOCK_KEY BlockKey,
OUT PCYPHER_BLOCK CypherBlock
);
//
// Arbitrary length data encryption functions
//
BOOL
EncryptData(
IN PCLEAR_DATA ClearData,
IN PDATA_KEY DataKey,
OUT PCYPHER_DATA CypherData
);
BOOL
DecryptData(
IN PCYPHER_DATA CypherData,
IN PDATA_KEY DataKey,
OUT PCLEAR_DATA ClearData
);
//
// Password hashing functions (One Way Function)
//
BOOL
CalculateLmOwfPassword(
IN PLM_PASSWORD LmPassword,
OUT PLM_OWF_PASSWORD LmOwfPassword
);
BOOL
CalculateNtOwfPassword(
IN PNT_PASSWORD NtPassword,
OUT PNT_OWF_PASSWORD NtOwfPassword
);
//
// OWF password comparison functions
//
BOOL
EqualLmOwfPassword(
IN PLM_OWF_PASSWORD LmOwfPassword1,
IN PLM_OWF_PASSWORD LmOwfPassword2
);
//
// Functions for calculating response to server challenge
//
BOOL
CalculateLmResponse(
IN PLM_CHALLENGE LmChallenge,
IN PLM_OWF_PASSWORD LmOwfPassword,
OUT PLM_RESPONSE LmResponse
);
BOOL
CalculateNtResponse(
IN PNT_CHALLENGE NtChallenge,
IN PNT_OWF_PASSWORD NtOwfPassword,
OUT PNT_RESPONSE NtResponse
);
BOOL
CalculateUserSessionKeyLm(
IN PLM_RESPONSE LmResponse,
IN PLM_OWF_PASSWORD LmOwfPassword,
OUT PUSER_SESSION_KEY UserSessionKey
);
BOOL
CalculateUserSessionKeyNt(
IN PNT_RESPONSE NtResponse,
IN PNT_OWF_PASSWORD NtOwfPassword,
OUT PUSER_SESSION_KEY UserSessionKey
);
//
// OwfPassword encryption functions
//
//
// Encrypt OwfPassword using OwfPassword as the key
//
BOOL
EncryptLmOwfPwdWithLmOwfPwd(
IN PLM_OWF_PASSWORD DataLmOwfPassword,
IN PLM_OWF_PASSWORD KeyLmOwfPassword,
OUT PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword
);
BOOL
DecryptLmOwfPwdWithLmOwfPwd(
IN PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword,
IN PLM_OWF_PASSWORD KeyLmOwfPassword,
OUT PLM_OWF_PASSWORD DataLmOwfPassword
);
//
// Encrypt OwfPassword using SessionKey as the key
//
BOOL
EncryptLmOwfPwdWithLmSesKey(
IN PLM_OWF_PASSWORD LmOwfPassword,
IN PLM_SESSION_KEY LmSessionKey,
OUT PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword
);
BOOL
DecryptLmOwfPwdWithLmSesKey(
IN PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword,
IN PLM_SESSION_KEY LmSessionKey,
OUT PLM_OWF_PASSWORD LmOwfPassword
);
//
// Encrypt OwfPassword using an index as the key
//
BOOL
EncryptLmOwfPwdWithIndex(
IN PLM_OWF_PASSWORD LmOwfPassword,
IN PCRYPT_INDEX Index,
OUT PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword
);
BOOL
DecryptLmOwfPwdWithIndex(
IN PENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword,
IN PCRYPT_INDEX Index,
OUT PLM_OWF_PASSWORD LmOwfPassword
);
#endif // _NTCRYPT_