wine/dlls/crypt32/protectdata.c

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~ [ freetext search ] ~ [ file search ] ~

Wine Cross Reference
wine/dlls/crypt32/protectdata.c

Version: ~ [ wine-1.1.33 ] ~ [ wine-1.1.32 ] ~ [ wine-1.1.31 ] ~ [ wine-1.1.30 ] ~ [ wine-1.1.29 ] ~ [ wine-1.1.28 ] ~ [ wine-1.1.27 ] ~ [ wine-1.1.26 ] ~ [ wine-1.1.25 ] ~ [ wine-1.1.24 ] ~ [ wine-1.1.23 ] ~ [ wine-1.1.22 ] ~ [ wine-1.1.21 ] ~ [ wine-1.1.20 ] ~ [ wine-1.1.19 ] ~ [ wine-1.1.18 ] ~ [ wine-1.1.17 ] ~ [ wine-1.1.16 ] ~ [ wine-1.1.15 ] ~ [ wine-1.1.14 ] ~ [ wine-1.1.13 ] ~ [ wine-1.1.12 ] ~ [ wine-1.1.11 ] ~ [ wine-1.1.10 ] ~ [ wine-1.1.9 ] ~ [ wine-1.1.8 ] ~ [ wine-1.1.7 ] ~ [ wine-1.0.1 ] ~ [ wine-1.1.6 ] ~ [ wine-1.1.5 ] ~ [ wine-1.1.4 ] ~ [ wine-1.1.3 ] ~ [ wine-1.1.2 ] ~ [ wine-1.1.1 ] ~ [ wine-1.1.0 ] ~ [ wine-1.0 ] ~

1 /* 2 * Copyright 2005 Kees Cook <kees@outflux.net> 3 * 4 * This library is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU Lesser General Public 6 * License as published by the Free Software Foundation; either 7 * version 2.1 of the License, or (at your option) any later version. 8 * 9 * This library is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 * Lesser General Public License for more details. 13 * 14 * You should have received a copy of the GNU Lesser General Public 15 * License along with this library; if not, write to the Free Software 16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA 17 */ 18 19 20 /* 21 * The Win32 CryptProtectData and CryptUnprotectData functions are meant 22 * to provide a mechanism for encrypting data on a machine where other users 23 * of the system can't be trusted. It is used in many examples as a way 24 * to store username and password information to the registry, but store 25 * it not in the clear. 26 * 27 * The encryption is symmetric, but the method is unknown. However, since 28 * it is keyed to the machine and the user, it is unlikely that the values 29 * would be portable. Since programs must first call CryptProtectData to 30 * get a cipher text, the underlying system doesn't have to exactly 31 * match the real Windows version. However, attempts have been made to 32 * at least try to look like the Windows version, including guesses at the 33 * purpose of various portions of the "opaque data blob" that is used. 34 * 35 */ 36 37 #include <stdarg.h> 38 #include <stdio.h> 39 #include <string.h> 40 #include <stdlib.h> 41 42 #include "windef.h" 43 #include "winbase.h" 44 #include "wincrypt.h" 45 #include "wine/debug.h" 46 47 WINE_DEFAULT_DEBUG_CHANNEL(crypt); 48 49 #define CRYPT32_PROTECTDATA_PROV PROV_RSA_FULL 50 #define CRYPT32_PROTECTDATA_HASH_CALG CALG_SHA1 51 #define CRYPT32_PROTECTDATA_HASH_LEN 160 52 #define CRYPT32_PROTECTDATA_KEY_CALG CALG_3DES 53 #define CRYPT32_PROTECTDATA_KEY_LEN 168 54 #define CRYPT32_PROTECTDATA_SALT_LEN 16 55 56 static const BYTE crypt32_protectdata_secret[] = { 57 'I','\'','m',' ','h','u','n','t','i','n','g',' ', 58 'w','a','b','b','i','t','s',0 59 }; 60 61 /* 62 * The data format returned by the real Windows CryptProtectData seems 63 * to be something like this: 64 65 DWORD count0; - how many "info0_*[16]" blocks follow (was always 1) 66 BYTE info0_0[16]; - unknown information - persistent across invocations, 67 ... reboots, password changes, and users 68 DWORD count1; - how many "info1_*[16]" blocks follow (was always 1) 69 BYTE info1_0[16]; - unknown information - unique to each user, but 70 ... persistent across reboots and password changes 71 DWORD null0; - NULL "end of records"? 72 DWORD str_len; - byte length of WCHAR string including term 73 BYTE str[str_len]; - The "dataDescription" value as a NULL-terminated 74 little-endian WCHAR string 75 ALG_ID cipher_alg; - cipher algo - was CALG_3DES 76 DWORD cipher_key_len; - cipher key bit length - was 0xa8==168 77 DWORD data_len; - length of data (was 16 in samples) 78 BYTE data[data_len]; - unknown data (fingerprint?) 79 DWORD null1; - NULL ? 80 ALG_ID hash_alg; - hash algo - was CALG_SHA1 81 DWORD hash_len; - bit length of hash - was 0xa0==160 82 DWORD salt_len; - length of salt(?) data 83 BYTE salt[salt_len]; - salt(?) for symmetric encryption 84 DWORD cipher_len; - length of cipher(?) data - was close to plain len 85 BYTE cipher[cipher_len]; - cipher text? 86 DWORD crc_len; - length of fingerprint(?) data - was 20 byte==160b SHA1 87 BYTE crc[crc_len]; - fingerprint of record? 88 89 * The data structures used in Wine are modelled after this guess. 90 */ 91 92 struct protect_data_t 93 { 94 DWORD count0; 95 DATA_BLOB info0; /* using this to hold crypt_magic_str */ 96 DWORD count1; 97 DATA_BLOB info1; 98 DWORD null0; 99 WCHAR * szDataDescr; /* serialized differently than the DATA_BLOBs */ 100 ALG_ID cipher_alg; 101 DWORD cipher_key_len; 102 DATA_BLOB data0; 103 DWORD null1; 104 ALG_ID hash_alg; 105 DWORD hash_len; 106 DATA_BLOB salt; 107 DATA_BLOB cipher; 108 DATA_BLOB fingerprint; 109 }; 110 111 /* this is used to check if an incoming structure was built by Wine */ 112 static const char crypt_magic_str[] = "Wine Crypt32 ok"; 113 114 /* debugging tool to print strings of hex chars */ 115 static const char * 116 hex_str(const unsigned char *p, int n) 117 { 118 const char * ptr; 119 char report[80]; 120 int r=-1; 121 report[0]='\0'; 122 ptr = wine_dbg_sprintf("%s",""); 123 while (--n >= 0) 124 { 125 if (r++ % 20 == 19) 126 { 127 ptr = wine_dbg_sprintf("%s%s",ptr,report); 128 report[0]='\0'; 129 } 130 sprintf(report+strlen(report),"%s%02x", r ? "," : "", *p++); 131 } 132 return wine_dbg_sprintf("%s%s",ptr,report); 133 } 134 135 #define TRACE_DATA_BLOB(blob) do { \ 136 TRACE("%s cbData: %u\n", #blob ,(unsigned int)((blob)->cbData)); \ 137 TRACE("%s pbData @ %p:%s\n", #blob ,(blob)->pbData, \ 138 hex_str((blob)->pbData, (blob)->cbData)); \ 139 } while (0) 140 141 static 142 void serialize_dword(DWORD value,BYTE ** ptr) 143 { 144 /*TRACE("called\n");*/ 145 146 memcpy(*ptr,&value,sizeof(DWORD)); 147 *ptr+=sizeof(DWORD); 148 } 149 150 static 151 void serialize_string(const BYTE *str, BYTE **ptr, DWORD len, DWORD width, 152 BOOL prepend_len) 153 { 154 /*TRACE("called %ux%u\n",(unsigned int)len,(unsigned int)width);*/ 155 156 if (prepend_len) 157 { 158 serialize_dword(len,ptr); 159 } 160 memcpy(*ptr,str,len*width); 161 *ptr+=len*width; 162 } 163 164 static 165 BOOL unserialize_dword(const BYTE *ptr, DWORD *index, DWORD size, DWORD *value) 166 { 167 /*TRACE("called\n");*/ 168 169 if (!ptr || !index || !value) return FALSE; 170 171 if (*index+sizeof(DWORD)>size) 172 { 173 return FALSE; 174 } 175 176 memcpy(value,&(ptr[*index]),sizeof(DWORD)); 177 *index+=sizeof(DWORD); 178 179 return TRUE; 180 } 181 182 static 183 BOOL unserialize_string(const BYTE *ptr, DWORD *index, DWORD size, 184 DWORD len, DWORD width, BOOL inline_len, 185 BYTE ** data, DWORD * stored) 186 { 187 /*TRACE("called\n");*/ 188 189 if (!ptr || !data) return FALSE; 190 191 if (inline_len) { 192 if (!unserialize_dword(ptr,index,size,&len)) 193 return FALSE; 194 } 195 196 if (*index+len*width>size) 197 { 198 return FALSE; 199 } 200 201 if (!(*data = CryptMemAlloc( len*width))) 202 { 203 return FALSE; 204 } 205 206 memcpy(*data,&(ptr[*index]),len*width); 207 if (stored) 208 { 209 *stored = len; 210 } 211 *index+=len*width; 212 213 return TRUE; 214 } 215 216 static 217 BOOL serialize(const struct protect_data_t *pInfo, DATA_BLOB *pSerial) 218 { 219 BYTE * ptr; 220 DWORD dwStrLen; 221 DWORD dwStruct; 222 223 TRACE("called\n"); 224 225 if (!pInfo || !pInfo->szDataDescr || !pSerial || 226 !pInfo->info0.pbData || !pInfo->info1.pbData || 227 !pInfo->data0.pbData || !pInfo->salt.pbData || 228 !pInfo->cipher.pbData || !pInfo->fingerprint.pbData) 229 { 230 return FALSE; 231 } 232 233 if (pInfo->info0.cbData!=16) 234 { 235 ERR("protect_data_t info0 not 16 bytes long\n"); 236 } 237 238 if (pInfo->info1.cbData!=16) 239 { 240 ERR("protect_data_t info1 not 16 bytes long\n"); 241 } 242 243 dwStrLen=lstrlenW(pInfo->szDataDescr); 244 245 pSerial->cbData=0; 246 pSerial->cbData+=sizeof(DWORD)*8; /* 8 raw DWORDs */ 247 pSerial->cbData+=sizeof(DWORD)*4; /* 4 BLOBs with size */ 248 pSerial->cbData+=pInfo->info0.cbData; 249 pSerial->cbData+=pInfo->info1.cbData; 250 pSerial->cbData+=(dwStrLen+1)*sizeof(WCHAR) + 4; /* str, null, size */ 251 pSerial->cbData+=pInfo->data0.cbData; 252 pSerial->cbData+=pInfo->salt.cbData; 253 pSerial->cbData+=pInfo->cipher.cbData; 254 pSerial->cbData+=pInfo->fingerprint.cbData; 255 256 /* save the actual structure size */ 257 dwStruct = pSerial->cbData; 258 /* There may be a 256 byte minimum, but I can't prove it. */ 259 /*if (pSerial->cbData<256) pSerial->cbData=256;*/ 260 261 pSerial->pbData=LocalAlloc(LPTR,pSerial->cbData); 262 if (!pSerial->pbData) return FALSE; 263 264 ptr=pSerial->pbData; 265 266 /* count0 */ 267 serialize_dword(pInfo->count0,&ptr); 268 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 269 270 /* info0 */ 271 serialize_string(pInfo->info0.pbData,&ptr, 272 pInfo->info0.cbData,sizeof(BYTE),FALSE); 273 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 274 275 /* count1 */ 276 serialize_dword(pInfo->count1,&ptr); 277 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 278 279 /* info1 */ 280 serialize_string(pInfo->info1.pbData,&ptr, 281 pInfo->info1.cbData,sizeof(BYTE),FALSE); 282 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 283 284 /* null0 */ 285 serialize_dword(pInfo->null0,&ptr); 286 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 287 288 /* szDataDescr */ 289 serialize_string((BYTE*)pInfo->szDataDescr,&ptr, 290 (dwStrLen+1)*sizeof(WCHAR),sizeof(BYTE),TRUE); 291 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 292 293 /* cipher_alg */ 294 serialize_dword(pInfo->cipher_alg,&ptr); 295 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 296 /* cipher_key_len */ 297 serialize_dword(pInfo->cipher_key_len,&ptr); 298 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 299 300 /* data0 */ 301 serialize_string(pInfo->data0.pbData,&ptr, 302 pInfo->data0.cbData,sizeof(BYTE),TRUE); 303 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 304 305 /* null1 */ 306 serialize_dword(pInfo->null1,&ptr); 307 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 308 309 /* hash_alg */ 310 serialize_dword(pInfo->hash_alg,&ptr); 311 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 312 /* hash_len */ 313 serialize_dword(pInfo->hash_len,&ptr); 314 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 315 316 /* salt */ 317 serialize_string(pInfo->salt.pbData,&ptr, 318 pInfo->salt.cbData,sizeof(BYTE),TRUE); 319 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 320 321 /* cipher */ 322 serialize_string(pInfo->cipher.pbData,&ptr, 323 pInfo->cipher.cbData,sizeof(BYTE),TRUE); 324 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 325 326 /* fingerprint */ 327 serialize_string(pInfo->fingerprint.pbData,&ptr, 328 pInfo->fingerprint.cbData,sizeof(BYTE),TRUE); 329 /*TRACE("used %u\n",ptr-pSerial->pbData);*/ 330 331 if (ptr - pSerial->pbData != dwStruct) 332 { 333 ERR("struct size changed!? expected %u\n", dwStruct); 334 LocalFree(pSerial->pbData); 335 pSerial->pbData=NULL; 336 pSerial->cbData=0; 337 return FALSE; 338 } 339 340 return TRUE; 341 } 342 343 static 344 BOOL unserialize(const DATA_BLOB *pSerial, struct protect_data_t *pInfo) 345 { 346 BYTE * ptr; 347 DWORD index; 348 DWORD size; 349 BOOL status=TRUE; 350 351 TRACE("called\n"); 352 353 if (!pInfo || !pSerial || !pSerial->pbData) 354 return FALSE; 355 356 index=0; 357 ptr=pSerial->pbData; 358 size=pSerial->cbData; 359 360 /* count0 */ 361 if (!unserialize_dword(ptr,&index,size,&pInfo->count0)) 362 { 363 ERR("reading count0 failed!\n"); 364 return FALSE; 365 } 366 367 /* info0 */ 368 if (!unserialize_string(ptr,&index,size,16,sizeof(BYTE),FALSE, 369 &pInfo->info0.pbData, &pInfo->info0.cbData)) 370 { 371 ERR("reading info0 failed!\n"); 372 return FALSE; 373 } 374 375 /* count1 */ 376 if (!unserialize_dword(ptr,&index,size,&pInfo->count1)) 377 { 378 ERR("reading count1 failed!\n"); 379 return FALSE; 380 } 381 382 /* info1 */ 383 if (!unserialize_string(ptr,&index,size,16,sizeof(BYTE),FALSE, 384 &pInfo->info1.pbData, &pInfo->info1.cbData)) 385 { 386 ERR("reading info1 failed!\n"); 387 return FALSE; 388 } 389 390 /* null0 */ 391 if (!unserialize_dword(ptr,&index,size,&pInfo->null0)) 392 { 393 ERR("reading null0 failed!\n"); 394 return FALSE; 395 } 396 397 /* szDataDescr */ 398 if (!unserialize_string(ptr,&index,size,0,sizeof(BYTE),TRUE, 399 (BYTE**)&pInfo->szDataDescr, NULL)) 400 { 401 ERR("reading szDataDescr failed!\n"); 402 return FALSE; 403 } 404 405 /* cipher_alg */ 406 if (!unserialize_dword(ptr,&index,size,&pInfo->cipher_alg)) 407 { 408 ERR("reading cipher_alg failed!\n"); 409 return FALSE; 410 } 411 412 /* cipher_key_len */ 413 if (!unserialize_dword(ptr,&index,size,&pInfo->cipher_key_len)) 414 { 415 ERR("reading cipher_key_len failed!\n"); 416 return FALSE; 417 } 418 419 /* data0 */ 420 if (!unserialize_string(ptr,&index,size,0,sizeof(BYTE),TRUE, 421 &pInfo->data0.pbData, &pInfo->data0.cbData)) 422 { 423 ERR("reading data0 failed!\n"); 424 return FALSE; 425 } 426 427 /* null1 */ 428 if (!unserialize_dword(ptr,&index,size,&pInfo->null1)) 429 { 430 ERR("reading null1 failed!\n"); 431 return FALSE; 432 } 433 434 /* hash_alg */ 435 if (!unserialize_dword(ptr,&index,size,&pInfo->hash_alg)) 436 { 437 ERR("reading hash_alg failed!\n"); 438 return FALSE; 439 } 440 441 /* hash_len */ 442 if (!unserialize_dword(ptr,&index,size,&pInfo->hash_len)) 443 { 444 ERR("reading hash_len failed!\n"); 445 return FALSE; 446 } 447 448 /* salt */ 449 if (!unserialize_string(ptr,&index,size,0,sizeof(BYTE),TRUE, 450 &pInfo->salt.pbData, &pInfo->salt.cbData)) 451 { 452 ERR("reading salt failed!\n"); 453 return FALSE; 454 } 455 456 /* cipher */ 457 if (!unserialize_string(ptr,&index,size,0,sizeof(BYTE),TRUE, 458 &pInfo->cipher.pbData, &pInfo->cipher.cbData)) 459 { 460 ERR("reading cipher failed!\n"); 461 return FALSE; 462 } 463 464 /* fingerprint */ 465 if (!unserialize_string(ptr,&index,size,0,sizeof(BYTE),TRUE, 466 &pInfo->fingerprint.pbData, &pInfo->fingerprint.cbData)) 467 { 468 ERR("reading fingerprint failed!\n"); 469 return FALSE; 470 } 471 472 /* allow structure size to be too big (since some applications 473 * will pad this up to 256 bytes, it seems) */ 474 if (index>size) 475 { 476 /* this is an impossible-to-reach test, but if the padding 477 * issue is ever understood, this may become more useful */ 478 ERR("loaded corrupt structure! (used %u expected %u)\n", index, size); 479 status=FALSE; 480 } 481 482 return status; 483 } 484 485 /* perform sanity checks */ 486 static 487 BOOL valid_protect_data(const struct protect_data_t *pInfo) 488 { 489 BOOL status=TRUE; 490 491 TRACE("called\n"); 492 493 if (pInfo->count0 != 0x0001) 494 { 495 ERR("count0 != 0x0001 !\n"); 496 status=FALSE; 497 } 498 if (pInfo->count1 != 0x0001) 499 { 500 ERR("count0 != 0x0001 !\n"); 501 status=FALSE; 502 } 503 if (pInfo->null0 != 0x0000) 504 { 505 ERR("null0 != 0x0000 !\n"); 506 status=FALSE; 507 } 508 if (pInfo->null1 != 0x0000) 509 { 510 ERR("null1 != 0x0000 !\n"); 511 status=FALSE; 512 } 513 /* since we have no idea what info0 is used for, and it seems 514 * rather constant, we can test for a Wine-specific magic string 515 * there to be reasonably sure we're using data created by the Wine 516 * implementation of CryptProtectData. 517 */ 518 if (pInfo->info0.cbData!=strlen(crypt_magic_str)+1 || 519 strcmp( (LPCSTR)pInfo->info0.pbData,crypt_magic_str) != 0) 520 { 521 ERR("info0 magic value not matched !\n"); 522 status=FALSE; 523 } 524 525 if (!status) 526 { 527 ERR("unrecognized CryptProtectData block\n"); 528 } 529 530 return status; 531 } 532 533 static 534 void free_protect_data(struct protect_data_t * pInfo) 535 { 536 TRACE("called\n"); 537 538 if (!pInfo) return; 539 540 CryptMemFree(pInfo->info0.pbData); 541 CryptMemFree(pInfo->info1.pbData); 542 CryptMemFree(pInfo->szDataDescr); 543 CryptMemFree(pInfo->data0.pbData); 544 CryptMemFree(pInfo->salt.pbData); 545 CryptMemFree(pInfo->cipher.pbData); 546 CryptMemFree(pInfo->fingerprint.pbData); 547 } 548 549 /* copies a string into a data blob */ 550 static 551 BYTE *convert_str_to_blob(LPCSTR str, DATA_BLOB *blob) 552 { 553 if (!str || !blob) return NULL; 554 555 blob->cbData=strlen(str)+1; 556 if (!(blob->pbData=CryptMemAlloc(blob->cbData))) 557 { 558 blob->cbData=0; 559 } 560 else { 561 strcpy((LPSTR)blob->pbData, str); 562 } 563 564 return blob->pbData; 565 } 566 567 /* 568 * Populates everything except "cipher" and "fingerprint". 569 */ 570 static 571 BOOL fill_protect_data(struct protect_data_t * pInfo, LPCWSTR szDataDescr, 572 HCRYPTPROV hProv) 573 { 574 DWORD dwStrLen; 575 576 TRACE("called\n"); 577 578 if (!pInfo) return FALSE; 579 580 dwStrLen=lstrlenW(szDataDescr); 581 582 memset(pInfo,0,sizeof(*pInfo)); 583 584 pInfo->count0=0x0001; 585 586 convert_str_to_blob(crypt_magic_str, &pInfo->info0); 587 588 pInfo->count1=0x0001; 589 590 convert_str_to_blob(crypt_magic_str, &pInfo->info1); 591 592 pInfo->null0=0x0000; 593 594 if ((pInfo->szDataDescr=CryptMemAlloc((dwStrLen+1)*sizeof(WCHAR)))) 595 { 596 memcpy(pInfo->szDataDescr,szDataDescr,(dwStrLen+1)*sizeof(WCHAR)); 597 } 598 599 pInfo->cipher_alg=CRYPT32_PROTECTDATA_KEY_CALG; 600 pInfo->cipher_key_len=CRYPT32_PROTECTDATA_KEY_LEN; 601 602 convert_str_to_blob(crypt_magic_str, &pInfo->data0); 603 604 pInfo->null1=0x0000; 605 pInfo->hash_alg=CRYPT32_PROTECTDATA_HASH_CALG; 606 pInfo->hash_len=CRYPT32_PROTECTDATA_HASH_LEN; 607 608 /* allocate memory to hold a salt */ 609 if ((pInfo->salt.pbData=CryptMemAlloc(CRYPT32_PROTECTDATA_SALT_LEN))) 610 { 611 /* generate random salt */ 612 if (!CryptGenRandom(hProv, pInfo->salt.cbData, pInfo->salt.pbData)) 613 { 614 ERR("CryptGenRandom\n"); 615 free_protect_data(pInfo); 616 return FALSE; 617 } 618 pInfo->salt.cbData=CRYPT32_PROTECTDATA_SALT_LEN; 619 } 620 621 /* debug: show our salt */ 622 TRACE_DATA_BLOB(&pInfo->salt); 623 624 pInfo->cipher.cbData=0; 625 pInfo->cipher.pbData=NULL; 626 627 pInfo->fingerprint.cbData=0; 628 pInfo->fingerprint.pbData=NULL; 629 630 /* check all the allocations at once */ 631 if (!pInfo->info0.pbData || 632 !pInfo->info1.pbData || 633 !pInfo->szDataDescr || 634 !pInfo->data0.pbData || 635 !pInfo->salt.pbData 636 ) 637 { 638 ERR("could not allocate protect_data structures\n"); 639 free_protect_data(pInfo); 640 return FALSE; 641 } 642 643 return TRUE; 644 } 645 646 static 647 BOOL convert_hash_to_blob(HCRYPTHASH hHash, DATA_BLOB * blob) 648 { 649 DWORD dwSize; 650 651 TRACE("called\n"); 652 653 if (!blob) return FALSE; 654 655 dwSize=sizeof(DWORD); 656 if (!CryptGetHashParam(hHash, HP_HASHSIZE, (BYTE*)&blob->cbData, 657 &dwSize, 0)) 658 { 659 ERR("failed to get hash size\n"); 660 return FALSE; 661 } 662 663 if (!(blob->pbData=CryptMemAlloc(blob->cbData))) 664 { 665 ERR("failed to allocate blob memory\n"); 666 return FALSE; 667 } 668 669 dwSize=blob->cbData; 670 if (!CryptGetHashParam(hHash, HP_HASHVAL, blob->pbData, &dwSize, 0)) 671 { 672 ERR("failed to get hash value\n"); 673 CryptMemFree(blob->pbData); 674 blob->pbData=NULL; 675 blob->cbData=0; 676 return FALSE; 677 } 678 679 return TRUE; 680 } 681 682 /* test that a given hash matches an exported-to-blob hash value */ 683 static 684 BOOL hash_matches_blob(HCRYPTHASH hHash, const DATA_BLOB *two) 685 { 686 BOOL rc = FALSE; 687 DATA_BLOB one; 688 689 if (!two || !two->pbData) return FALSE; 690 691 if (!convert_hash_to_blob(hHash,&one)) { 692 return FALSE; 693 } 694 695 if ( one.cbData == two->cbData && 696 memcmp( one.pbData, two->pbData, one.cbData ) == 0 ) 697 { 698 rc = TRUE; 699 } 700 701 CryptMemFree(one.pbData); 702 return rc; 703 } 704 705 /* create an encryption key from a given salt and optional entropy */ 706 static 707 BOOL load_encryption_key(HCRYPTPROV hProv, DWORD key_len, const DATA_BLOB *salt, 708 const DATA_BLOB *pOptionalEntropy, HCRYPTKEY *phKey) 709 { 710 BOOL rc = TRUE; 711 HCRYPTHASH hSaltHash; 712 char * szUsername = NULL; 713 DWORD dwUsernameLen; 714 DWORD dwError; 715 716 /* create hash for salt */ 717 if (!salt || !phKey || 718 !CryptCreateHash(hProv,CRYPT32_PROTECTDATA_HASH_CALG,0,0,&hSaltHash)) 719 { 720 ERR("CryptCreateHash\n"); 721 return FALSE; 722 } 723 724 /* This should be the "logon credentials" instead of username */ 725 dwError=GetLastError(); 726 dwUsernameLen = 0; 727 if (!GetUserNameA(NULL,&dwUsernameLen) && 728 GetLastError()==ERROR_MORE_DATA && dwUsernameLen && 729 (szUsername = CryptMemAlloc(dwUsernameLen))) 730 { 731 szUsername[0]='\0'; 732 GetUserNameA( szUsername, &dwUsernameLen ); 733 } 734 SetLastError(dwError); 735 736 /* salt the hash with: 737 * - the user id 738 * - an "internal secret" 739 * - randomness (from the salt) 740 * - user-supplied entropy 741 */ 742 if ((szUsername && !CryptHashData(hSaltHash,(LPBYTE)szUsername,dwUsernameLen,0)) || 743 !CryptHashData(hSaltHash,crypt32_protectdata_secret, 744 sizeof(crypt32_protectdata_secret)-1,0) || 745 !CryptHashData(hSaltHash,salt->pbData,salt->cbData,0) || 746 (pOptionalEntropy && !CryptHashData(hSaltHash, 747 pOptionalEntropy->pbData, 748 pOptionalEntropy->cbData,0))) 749 { 750 ERR("CryptHashData\n"); 751 rc = FALSE; 752 } 753 754 /* produce a symmetric key */ 755 if (rc && !CryptDeriveKey(hProv,CRYPT32_PROTECTDATA_KEY_CALG, 756 hSaltHash,key_len << 16 | CRYPT_EXPORTABLE,phKey)) 757 { 758 ERR("CryptDeriveKey\n"); 759 rc = FALSE; 760 } 761 762 /* clean up */ 763 CryptDestroyHash(hSaltHash); 764 CryptMemFree(szUsername); 765 766 return rc; 767 } 768 769 /* debugging tool to print the structures of a ProtectData call */ 770 static void 771 report(const DATA_BLOB* pDataIn, const DATA_BLOB* pOptionalEntropy, 772 CRYPTPROTECT_PROMPTSTRUCT* pPromptStruct, DWORD dwFlags) 773 { 774 TRACE("pPromptStruct: %p\n", pPromptStruct); 775 if (pPromptStruct) 776 { 777 TRACE(" cbSize: 0x%x\n", pPromptStruct->cbSize); 778 TRACE(" dwPromptFlags: 0x%x\n", pPromptStruct->dwPromptFlags); 779 TRACE(" hwndApp: %p\n", pPromptStruct->hwndApp); 780 TRACE(" szPrompt: %p %s\n", 781 pPromptStruct->szPrompt, 782 pPromptStruct->szPrompt ? debugstr_w(pPromptStruct->szPrompt) 783 : ""); 784 } 785 TRACE("dwFlags: 0x%04x\n", dwFlags); 786 TRACE_DATA_BLOB(pDataIn); 787 if (pOptionalEntropy) 788 { 789 TRACE_DATA_BLOB(pOptionalEntropy); 790 TRACE(" %s\n",debugstr_an((LPCSTR)pOptionalEntropy->pbData,pOptionalEntropy->cbData)); 791 } 792 793 } 794 795 796 /*************************************************************************** 797 * CryptProtectData [CRYPT32.@] 798 * 799 * Generate Cipher data from given Plain and Entropy data. 800 * 801 * PARAMS 802 * pDataIn [I] Plain data to be enciphered 803 * szDataDescr [I] Optional Unicode string describing the Plain data 804 * pOptionalEntropy [I] Optional entropy data to adjust cipher, can be NULL 805 * pvReserved [I] Reserved, must be NULL 806 * pPromptStruct [I] Structure describing if/how to prompt during ciphering 807 * dwFlags [I] Flags describing options to the ciphering 808 * pDataOut [O] Resulting Cipher data, for calls to CryptUnprotectData 809 * 810 * RETURNS 811 * TRUE If a Cipher was generated. 812 * FALSE If something failed and no Cipher is available. 813 * 814 * FIXME 815 * The true Windows encryption and keying mechanisms are unknown. 816 * 817 * dwFlags and pPromptStruct are currently ignored. 818 * 819 * NOTES 820 * Memory allocated in pDataOut must be freed with LocalFree. 821 * 822 */ 823 BOOL WINAPI CryptProtectData(DATA_BLOB* pDataIn, 824 LPCWSTR szDataDescr, 825 DATA_BLOB* pOptionalEntropy, 826 PVOID pvReserved, 827 CRYPTPROTECT_PROMPTSTRUCT* pPromptStruct, 828 DWORD dwFlags, 829 DATA_BLOB* pDataOut) 830 { 831 static const WCHAR empty_str[1]; 832 BOOL rc = FALSE; 833 HCRYPTPROV hProv; 834 struct protect_data_t protect_data; 835 HCRYPTHASH hHash; 836 HCRYPTKEY hKey; 837 DWORD dwLength; 838 839 TRACE("called\n"); 840 841 SetLastError(ERROR_SUCCESS); 842 843 if (!pDataIn || !pDataOut) 844 { 845 SetLastError(ERROR_INVALID_PARAMETER); 846 goto finished; 847 } 848 849 /* debug: show our arguments */ 850 report(pDataIn,pOptionalEntropy,pPromptStruct,dwFlags); 851 TRACE("\tszDataDescr: %p %s\n", szDataDescr, 852 szDataDescr ? debugstr_w(szDataDescr) : ""); 853 854 /* Windows appears to create an empty szDataDescr instead of maintaining 855 * a NULL */ 856 if (!szDataDescr) 857 szDataDescr = empty_str; 858 859 /* get crypt context */ 860 if (!CryptAcquireContextW(&hProv,NULL,MS_ENHANCED_PROV_W,CRYPT32_PROTECTDATA_PROV,CRYPT_VERIFYCONTEXT)) 861 { 862 ERR("CryptAcquireContextW failed\n"); 863 goto finished; 864 } 865 866 /* populate our structure */ 867 if (!fill_protect_data(&protect_data,szDataDescr,hProv)) 868 { 869 ERR("fill_protect_data\n"); 870 goto free_context; 871 } 872 873 /* load key */ 874 if (!load_encryption_key(hProv,protect_data.cipher_key_len,&protect_data.salt,pOptionalEntropy,&hKey)) 875 { 876 goto free_protect_data; 877 } 878 879 /* create a hash for the encryption validation */ 880 if (!CryptCreateHash(hProv,CRYPT32_PROTECTDATA_HASH_CALG,0,0,&hHash)) 881 { 882 ERR("CryptCreateHash\n"); 883 goto free_key; 884 } 885 886 /* calculate storage required */ 887 dwLength=pDataIn->cbData; 888 if (CryptEncrypt(hKey, 0, TRUE, 0, pDataIn->pbData, &dwLength, 0) || 889 GetLastError()!=ERROR_MORE_DATA) 890 { 891 ERR("CryptEncrypt\n"); 892 goto free_hash; 893 } 894 TRACE("required encrypted storage: %u\n", dwLength); 895 896 /* copy plain text into cipher area for CryptEncrypt call */ 897 protect_data.cipher.cbData=dwLength; 898 if (!(protect_data.cipher.pbData=CryptMemAlloc( 899 protect_data.cipher.cbData))) 900 { 901 ERR("CryptMemAlloc\n"); 902 goto free_hash; 903 } 904 memcpy(protect_data.cipher.pbData,pDataIn->pbData,pDataIn->cbData); 905 906 /* encrypt! */ 907 dwLength=pDataIn->cbData; 908 if (!CryptEncrypt(hKey, hHash, TRUE, 0, protect_data.cipher.pbData, 909 &dwLength, protect_data.cipher.cbData)) 910 { 911 ERR("CryptEncrypt %u\n", GetLastError()); 912 goto free_hash; 913 } 914 protect_data.cipher.cbData=dwLength; 915 916 /* debug: show the cipher */ 917 TRACE_DATA_BLOB(&protect_data.cipher); 918 919 /* attach our fingerprint */ 920 if (!convert_hash_to_blob(hHash, &protect_data.fingerprint)) 921 { 922 ERR("convert_hash_to_blob\n"); 923 goto free_hash; 924 } 925 926 /* serialize into an opaque blob */ 927 if (!serialize(&protect_data, pDataOut)) 928 { 929 ERR("serialize\n"); 930 goto free_hash; 931 } 932 933 /* success! */ 934 rc=TRUE; 935 936 free_hash: 937 CryptDestroyHash(hHash); 938 free_key: 939 CryptDestroyKey(hKey); 940 free_protect_data: 941 free_protect_data(&protect_data); 942 free_context: 943 CryptReleaseContext(hProv,0); 944 finished: 945 /* If some error occurred, and no error code was set, force one. */ 946 if (!rc && GetLastError()==ERROR_SUCCESS) 947 { 948 SetLastError(ERROR_INVALID_DATA); 949 } 950 951 if (rc) 952 { 953 SetLastError(ERROR_SUCCESS); 954 955 TRACE_DATA_BLOB(pDataOut); 956 } 957 958 TRACE("returning %s\n", rc ? "ok" : "FAIL"); 959 960 return rc; 961 } 962 963 964 /*************************************************************************** 965 * CryptUnprotectData [CRYPT32.@] 966 * 967 * Generate Plain data and Description from given Cipher and Entropy data. 968 * 969 * PARAMS 970 * pDataIn [I] Cipher data to be decoded 971 * ppszDataDescr [O] Optional Unicode string describing the Plain data 972 * pOptionalEntropy [I] Optional entropy data to adjust cipher, can be NULL 973 * pvReserved [I] Reserved, must be NULL 974 * pPromptStruct [I] Structure describing if/how to prompt during decoding 975 * dwFlags [I] Flags describing options to the decoding 976 * pDataOut [O] Resulting Plain data, from calls to CryptProtectData 977 * 978 * RETURNS 979 * TRUE If a Plain was generated. 980 * FALSE If something failed and no Plain is available. 981 * 982 * FIXME 983 * The true Windows encryption and keying mechanisms are unknown. 984 * 985 * dwFlags and pPromptStruct are currently ignored. 986 * 987 * NOTES 988 * Memory allocated in pDataOut and non-NULL ppszDataDescr must be freed 989 * with LocalFree. 990 * 991 */ 992 BOOL WINAPI CryptUnprotectData(DATA_BLOB* pDataIn, 993 LPWSTR * ppszDataDescr, 994 DATA_BLOB* pOptionalEntropy, 995 PVOID pvReserved, 996 CRYPTPROTECT_PROMPTSTRUCT* pPromptStruct, 997 DWORD dwFlags, 998 DATA_BLOB* pDataOut) 999 { 1000 BOOL rc = FALSE; 1001 1002 HCRYPTPROV hProv; 1003 struct protect_data_t protect_data; 1004 HCRYPTHASH hHash; 1005 HCRYPTKEY hKey; 1006 DWORD dwLength; 1007 1008 const char * announce_bad_opaque_data = "CryptUnprotectData received a DATA_BLOB that seems to have NOT been generated by Wine. Please enable tracing ('export WINEDEBUG=crypt') to see details."; 1009 1010 TRACE("called\n"); 1011 1012 SetLastError(ERROR_SUCCESS); 1013 1014 if (!pDataIn || !pDataOut) 1015 { 1016 SetLastError(ERROR_INVALID_PARAMETER); 1017 goto finished; 1018 } 1019 if (!pDataIn->cbData) 1020 { 1021 SetLastError(ERROR_INVALID_DATA); 1022 goto finished; 1023 } 1024 1025 /* debug: show our arguments */ 1026 report(pDataIn,pOptionalEntropy,pPromptStruct,dwFlags); 1027 TRACE("\tppszDataDescr: %p\n", ppszDataDescr); 1028 1029 /* take apart the opaque blob */ 1030 if (!unserialize(pDataIn, &protect_data)) 1031 { 1032 SetLastError(ERROR_INVALID_DATA); 1033 FIXME("%s\n",announce_bad_opaque_data); 1034 goto finished; 1035 } 1036 1037 /* perform basic validation on the resulting structure */ 1038 if (!valid_protect_data(&protect_data)) 1039 { 1040 SetLastError(ERROR_INVALID_DATA); 1041 FIXME("%s\n",announce_bad_opaque_data); 1042 goto free_protect_data; 1043 } 1044 1045 /* get a crypt context */ 1046 if (!CryptAcquireContextW(&hProv,NULL,MS_ENHANCED_PROV_W,CRYPT32_PROTECTDATA_PROV,CRYPT_VERIFYCONTEXT)) 1047 { 1048 ERR("CryptAcquireContextW failed\n"); 1049 goto free_protect_data; 1050 } 1051 1052 /* load key */ 1053 if (!load_encryption_key(hProv,protect_data.cipher_key_len,&protect_data.salt,pOptionalEntropy,&hKey)) 1054 { 1055 goto free_context; 1056 } 1057 1058 /* create a hash for the decryption validation */ 1059 if (!CryptCreateHash(hProv,CRYPT32_PROTECTDATA_HASH_CALG,0,0,&hHash)) 1060 { 1061 ERR("CryptCreateHash\n"); 1062 goto free_key; 1063 } 1064 1065 /* prepare for plaintext */ 1066 pDataOut->cbData=protect_data.cipher.cbData; 1067 if (!(pDataOut->pbData=LocalAlloc( LPTR, pDataOut->cbData))) 1068 { 1069 ERR("CryptMemAlloc\n"); 1070 goto free_hash; 1071 } 1072 memcpy(pDataOut->pbData,protect_data.cipher.pbData,protect_data.cipher.cbData); 1073 1074 /* decrypt! */ 1075 if (!CryptDecrypt(hKey, hHash, TRUE, 0, pDataOut->pbData, 1076 &pDataOut->cbData) || 1077 /* check the hash fingerprint */ 1078 pDataOut->cbData > protect_data.cipher.cbData || 1079 !hash_matches_blob(hHash, &protect_data.fingerprint)) 1080 { 1081 SetLastError(ERROR_INVALID_DATA); 1082 1083 LocalFree( pDataOut->pbData ); 1084 pDataOut->pbData = NULL; 1085 pDataOut->cbData = 0; 1086 1087 goto free_hash; 1088 } 1089 1090 /* Copy out the description */ 1091 dwLength = (lstrlenW(protect_data.szDataDescr)+1) * sizeof(WCHAR); 1092 if (ppszDataDescr) 1093 { 1094 if (!(*ppszDataDescr = LocalAlloc(LPTR,dwLength))) 1095 { 1096 ERR("LocalAlloc (ppszDataDescr)\n"); 1097 goto free_hash; 1098 } 1099 else { 1100 memcpy(*ppszDataDescr,protect_data.szDataDescr,dwLength); 1101 } 1102 } 1103 1104 /* success! */ 1105 rc = TRUE; 1106 1107 free_hash: 1108 CryptDestroyHash(hHash); 1109 free_key: 1110 CryptDestroyKey(hKey); 1111 free_context: 1112 CryptReleaseContext(hProv,0); 1113 free_protect_data: 1114 free_protect_data(&protect_data); 1115 finished: 1116 /* If some error occurred, and no error code was set, force one. */ 1117 if (!rc && GetLastError()==ERROR_SUCCESS) 1118 { 1119 SetLastError(ERROR_INVALID_DATA); 1120 } 1121 1122 if (rc) { 1123 SetLastError(ERROR_SUCCESS); 1124 1125 if (ppszDataDescr) 1126 { 1127 TRACE("szDataDescr: %s\n",debugstr_w(*ppszDataDescr)); 1128 } 1129 TRACE_DATA_BLOB(pDataOut); 1130 } 1131 1132 TRACE("returning %s\n", rc ? "ok" : "FAIL"); 1133 1134 return rc; 1135 } 1136

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~ [ freetext search ] ~ [ file search ] ~

Wine Cross Reference wine/dlls/crypt32/protectdata.c

Wine Cross Reference
wine/dlls/crypt32/protectdata.c