//Return random bytes bool secureRand(char **output, const int size) { //Allocate bytes *output = (char *) malloc(sizeof(char) * size); #ifdef _WIN32 HCRYPTPROV hCryptProv = 0; //Prepare CSPRNG if (!CryptAcquireContextW (&hCryptProv, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { fprintf(stderr, "Error: secureRand: CryptAcquireContextW failed"); return 0; } //Generate bytes if (!CryptGenRandom(hCryptProv, size, (unsigned char *) *output)) { fprintf(stderr, "Error: secureRand: CryptGenRandom failed"); return 0; } #else //FIXME: read from /dev/urandom for (int i = 0; i < size; i++) { (*output)[i] = rand() % 256 - 128; } #endif return 1; }
String WebCore::signedPublicKeyAndChallengeString(unsigned index, const String& challenge, const KURL& url) { String keyString; HCRYPTPROV hContext = 0; HCRYPTKEY hKey = 0; PCERT_PUBLIC_KEY_INFO pPubInfo = 0; // Try to delete it if it exists already CryptAcquireContextW(&hContext, L"keygen_container", MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_DELETEKEYSET); do { if (!CryptAcquireContextW(&hContext, L"keygen_container", MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET)) break; DWORD dwPubInfoLength = 0; if (!CryptGenKey(hContext, AT_KEYEXCHANGE, 0, &hKey) || !CryptExportPublicKeyInfo(hContext, AT_KEYEXCHANGE, X509_ASN_ENCODING, 0, &dwPubInfoLength)) break; // Use malloc instead of new, because malloc guarantees to return a pointer aligned for all data types. pPubInfo = reinterpret_cast<PCERT_PUBLIC_KEY_INFO>(fastMalloc(dwPubInfoLength)); if (!CryptExportPublicKeyInfo(hContext, AT_KEYEXCHANGE, X509_ASN_ENCODING, pPubInfo, &dwPubInfoLength)) break; CERT_KEYGEN_REQUEST_INFO requestInfo = { 0 }; requestInfo.dwVersion = CERT_KEYGEN_REQUEST_V1; requestInfo.pwszChallengeString = L""; requestInfo.SubjectPublicKeyInfo = *pPubInfo; String localChallenge = challenge; // Windows API won't write to our buffer, although it's not declared with const. requestInfo.pwszChallengeString = const_cast<wchar_t*>(localChallenge.charactersWithNullTermination()); CRYPT_ALGORITHM_IDENTIFIER signAlgo = { 0 }; signAlgo.pszObjId = szOID_RSA_SHA1RSA; DWORD dwEncodedLength; if (!CryptSignAndEncodeCertificate(hContext, AT_KEYEXCHANGE, X509_ASN_ENCODING, X509_KEYGEN_REQUEST_TO_BE_SIGNED, &requestInfo, &signAlgo, 0, 0, &dwEncodedLength)) break; Vector<char> binary(dwEncodedLength); if (!CryptSignAndEncodeCertificate(hContext, AT_KEYEXCHANGE, X509_ASN_ENCODING, X509_KEYGEN_REQUEST_TO_BE_SIGNED, &requestInfo, &signAlgo, 0, reinterpret_cast<LPBYTE>(binary.data()), &dwEncodedLength)) break; keyString = base64Encode(binary); } while(0); if (pPubInfo) fastFree(pPubInfo); if (hKey) CryptDestroyKey(hKey); if (hContext) CryptReleaseContext(hContext, 0); return keyString; }
/****************************************************************************++ Routine Description: Deletes the key container and the keys Arguments: pwzContainer - Notes: - Return Value: - S_OK - or - - no other errors are expected --*****************************************************************************/ HRESULT DeleteKeys( IN PCWSTR pwzContainer) { HRESULT hr = S_OK; HCRYPTPROV hCryptProv = NULL; BOOL fServiceAccount = FALSE; hr = IsServiceAccount(&fServiceAccount); if (FAILED(hr)) { goto Cleanup; } // // this is the most counter-intuitive API that i have seen in my life // in order to delete the contanier and all the keys in it, i have to call CryptAcquireContext // if (!CryptAcquireContextW(&hCryptProv, pwzContainer, NULL, DEFAULT_PROV_TYPE, fServiceAccount ? (CRYPT_DELETEKEYSET | CRYPT_MACHINE_KEYSET) : (CRYPT_DELETEKEYSET))) { hr = HRESULT_FROM_WIN32(GetLastError()); } Cleanup: return hr; }
/** Get 32 bytes of system entropy. */ static void GetOSRand(unsigned char *ent32) { #ifdef WIN32 HCRYPTPROV hProvider; int ret = CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); if (!ret) { RandFailure(); } ret = CryptGenRandom(hProvider, 32, ent32); if (!ret) { RandFailure(); } CryptReleaseContext(hProvider, 0); #else int f = open("/dev/urandom", O_RDONLY); if (f == -1) { RandFailure(); } int have = 0; do { ssize_t n = read(f, ent32 + have, 32 - have); if (n <= 0 || n + have > 32) { RandFailure(); } have += n; } while (have < 32); close(f); #endif }
/* good2() reverses the bodies in the if statement */ static void good2() { if(staticTrue) { { HCRYPTPROV hCryptProv; int data; if (!CryptAcquireContextW(&hCryptProv, 0, 0, PROV_RSA_FULL, 0)) { exit(1); } /* FIX: Use of CryptGenRandom() as a more secure PRNG */ if (!CryptGenRandom(hCryptProv, sizeof(data), (BYTE *) &data)) { CryptReleaseContext(hCryptProv, 0); exit(1); } if (hCryptProv) { CryptReleaseContext(hCryptProv, 0); } printIntLine(data); } } }
/* good1() uses if(staticFalse) instead of if(staticTrue) */ static void good1() { if(staticFalse) { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ printLine("Benign, fixed string"); } else { { HCRYPTPROV hCryptProv; int data; if (!CryptAcquireContextW(&hCryptProv, 0, 0, PROV_RSA_FULL, 0)) { exit(1); } /* FIX: Use of CryptGenRandom() as a more secure PRNG */ if (!CryptGenRandom(hCryptProv, sizeof(data), (BYTE *) &data)) { CryptReleaseContext(hCryptProv, 0); exit(1); } if (hCryptProv) { CryptReleaseContext(hCryptProv, 0); } printIntLine(data); } } }
/*! * \brief ハッシュ計算実行 */ void SHA256::execute(const char* message, int32_t size) { #if defined(_WINDOWS) HCRYPTPROV hProv = NULL; HCRYPTHASH hHash = NULL; do { if (CryptAcquireContextW(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT) == FALSE) break; if (CryptCreateHash(hProv, CALG_SHA_256, 0, 0, &hHash) == FALSE) break; if (CryptHashData(hHash, (uint8_t*)message, size, 0) == FALSE) break; int32_t hashSize = getHashSize(); CryptGetHashParam(hHash, HP_HASHVAL, mData->mMessageDigest, (DWORD*)&hashSize, 0); } while (false); if (hHash) CryptDestroyHash(hHash); if (hProv) CryptReleaseContext(hProv, 0); #else SHA256_CTX context; SHA256_Init( &context); SHA256_Update(&context, message, size); SHA256_Final(mData->mMessageDigest, &context); #endif }
// from tweetnacl __declspec(dllexport) void randombytes(unsigned char *x,int xlen) { HCRYPTPROV prov = 0; CryptAcquireContextW(&prov, NULL, NULL,PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT); CryptGenRandom(prov, xlen, x); CryptReleaseContext(prov, 0); }
HCRYPTPROV CRYPT_GetDefaultProvider(void) { if (!hDefProv) CryptAcquireContextW(&hDefProv, NULL, MS_ENHANCED_PROV_W, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); return hDefProv; }
int RAND_poll(void) { MEMORYSTATUS mst; # ifndef RAND_WINDOWS_USE_BCRYPT HCRYPTPROV hProvider; # endif DWORD w; BYTE buf[64]; # ifdef RAND_WINDOWS_USE_BCRYPT if (BCryptGenRandom(NULL, buf, (ULONG)sizeof(buf), BCRYPT_USE_SYSTEM_PREFERRED_RNG) == STATUS_SUCCESS) { RAND_add(buf, sizeof(buf), sizeof(buf)); } # else /* poll the CryptoAPI PRNG */ /* The CryptoAPI returns sizeof(buf) bytes of randomness */ if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { if (CryptGenRandom(hProvider, (DWORD)sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), sizeof(buf)); } CryptReleaseContext(hProvider, 0); } /* poll the Pentium PRG with CryptoAPI */ if (CryptAcquireContextW(&hProvider, NULL, INTEL_DEF_PROV, PROV_INTEL_SEC, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { if (CryptGenRandom(hProvider, (DWORD)sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), sizeof(buf)); } CryptReleaseContext(hProvider, 0); } # endif /* timer data */ readtimer(); /* memory usage statistics */ GlobalMemoryStatus(&mst); RAND_add(&mst, sizeof(mst), 1); /* process ID */ w = GetCurrentProcessId(); RAND_add(&w, sizeof(w), 1); return (1); }
/*********************************************************************** * CryptCATAdminCalcHashFromFileHandle (WINTRUST.@) */ BOOL WINAPI CryptCATAdminCalcHashFromFileHandle(HANDLE hFile, DWORD* pcbHash, BYTE* pbHash, DWORD dwFlags ) { BOOL ret = FALSE; TRACE("%p %p %p %x\n", hFile, pcbHash, pbHash, dwFlags); if (!hFile || !pcbHash || dwFlags) { SetLastError(ERROR_INVALID_PARAMETER); return FALSE; } if (*pcbHash < 20) { *pcbHash = 20; SetLastError(ERROR_INSUFFICIENT_BUFFER); return TRUE; } *pcbHash = 20; if (pbHash) { HCRYPTPROV prov; HCRYPTHASH hash; DWORD bytes_read; BYTE *buffer; if (!(buffer = HeapAlloc(GetProcessHeap(), 0, 4096))) { SetLastError(ERROR_OUTOFMEMORY); return FALSE; } ret = CryptAcquireContextW(&prov, NULL, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); if (!ret) { HeapFree(GetProcessHeap(), 0, buffer); return FALSE; } ret = CryptCreateHash(prov, CALG_SHA1, 0, 0, &hash); if (!ret) { HeapFree(GetProcessHeap(), 0, buffer); CryptReleaseContext(prov, 0); return FALSE; } while ((ret = ReadFile(hFile, buffer, 4096, &bytes_read, NULL)) && bytes_read) { CryptHashData(hash, buffer, bytes_read, 0); } if (ret) ret = CryptGetHashParam(hash, HP_HASHVAL, pbHash, pcbHash, 0); HeapFree(GetProcessHeap(), 0, buffer); CryptDestroyHash(hash); CryptReleaseContext(prov, 0); } return ret; }
BOOL aes_decrypt(BYTE *inbuf, BYTE *outbuf, size_t buf_size, LPCWSTR key_str, size_t key_len) { if (inbuf == NULL || outbuf == NULL) return FALSE; BOOL dwStatus = FALSE; BOOL bResult = FALSE; wchar_t info[] = L"Microsoft Enhanced RSA and AES Cryptographic Provider"; HCRYPTPROV hProv; if (!CryptAcquireContextW(&hProv, NULL, info, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)){ dwStatus = GetLastError(); printf("CryptAcquireContext failed: %x\n", dwStatus); CryptReleaseContext(hProv, 0); return dwStatus; } HCRYPTHASH hHash; if (!CryptCreateHash(hProv, CALG_SHA_256, 0, 0, &hHash)){ dwStatus = GetLastError(); printf("CryptCreateHash failed: %x\n", dwStatus); CryptReleaseContext(hProv, 0); return dwStatus; } if (!CryptHashData(hHash, (BYTE*)key_str, key_len, 0)) { DWORD err = GetLastError(); printf ("CryptHashData Failed : %#x\n", err); return dwStatus; } HCRYPTKEY hKey; if (!CryptDeriveKey(hProv, CALG_AES_128, hHash, 0,&hKey)){ dwStatus = GetLastError(); printf("CryptDeriveKey failed: %x\n", dwStatus); CryptReleaseContext(hProv, 0); return dwStatus; } const size_t chunk_size = BLOCK_LEN; DWORD read = 0; DWORD written = 0; DWORD ciphertextLen = BLOCK_LEN; memcpy(outbuf, inbuf, chunk_size); if (CryptDecrypt(hKey, NULL, FALSE, 0,outbuf, &ciphertextLen)) { //printf ("[+] crypt OK!\n"); dwStatus = TRUE; } CryptReleaseContext(hProv, 0); CryptDestroyKey(hKey); CryptDestroyHash(hHash); return dwStatus; }
int main(int argc, char* argv[]) { HCRYPTPROV hProv; HCRYPTKEY hKey; if (argc != 2) { fprintf(stderr, "Usage: CryptTest <data>\n"); exit(1); } char* plaintext = argv[1]; if (!CryptAcquireContextW(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { PrintError("CryptAcquireContext"); } while (1) { puts("Generating key..."); if (!CryptGenKey(hProv, CALG_RC2, 0x800000, &hKey)) { PrintError("CryptGenKey"); } puts("New key generated..."); DWORD plaintextSize = strlen(plaintext); DWORD cipherSize = plaintextSize; if (!CryptEncrypt(hKey, 0, 1, 0, 0, &cipherSize, 0)) { PrintError("CryptEncrypt[0]"); } BYTE* data = (BYTE*)malloc(cipherSize); strncpy_s(data, cipherSize, plaintext, plaintextSize); if (!CryptEncrypt(hKey, 0, 1, 0, data, &plaintextSize, cipherSize)) { PrintError("CryptEncrypt[0]"); } puts("Encrypted data:"); PrintHex(data, cipherSize); puts("\n\n"); if (!CryptDestroyKey(hKey)) { PrintError("CryptDestroyKey"); } Sleep(5000); } if (!CryptReleaseContext(hProv, 0)) { PrintError("CryptReleaseContext"); } getchar(); return 0; }
static int gg_rand(void *buff, size_t len) { #ifdef _WIN32 HCRYPTPROV hProvider = 0; int res = 0; if (!CryptAcquireContextW(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { gg_debug(GG_DEBUG_MISC | GG_DEBUG_ERROR, "// gg_rand() " "couldn't acquire crypto context\n"); return -1; } if (!CryptGenRandom(hProvider, len, buff)) { gg_debug(GG_DEBUG_MISC | GG_DEBUG_ERROR, "// gg_rand() " "couldn't fill random buffer\n"); res = -1; } CryptReleaseContext(hProvider, 0); return res; #else uint8_t *buff_b = buff; int fd = open("/dev/random", O_RDONLY); if (fd < 0) fd = open("/dev/urandom", O_RDONLY); if (fd < 0) { gg_debug(GG_DEBUG_MISC | GG_DEBUG_ERROR, "// gg_rand() " "couldn't open random device\n"); return -1; } while (len > 0) { /* TODO: handle EINTR */ ssize_t got_data = read(fd, buff_b, len); if (got_data < 0) { gg_debug(GG_DEBUG_MISC | GG_DEBUG_ERROR, "// gg_rand() " "couldn't read from random device\n"); close(fd); return -1; } buff_b += got_data; len -= got_data; } close(fd); return 0; #endif }
uint Advapi32_CryptAcquireContextW(Processor *cpu) { RET_VALUE = (u32) CryptAcquireContextW( (HCRYPTPROV *) PARAM_PTR(0), (LPCWSTR) PARAM_PTR(1), (LPCWSTR) PARAM_PTR(2), (DWORD) PARAM(3), (DWORD) PARAM(4) ); RET_PARAMS(5); }
unsigned char* MsDrbg::get_entropy(const size_t length) { HCRYPTPROV hProvider = NULL; CryptAcquireContextW(&hProvider, nullptr, nullptr, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT); unsigned char* entropy_input = new unsigned char[length]; CryptGenRandom(hProvider, static_cast<DWORD>(length), entropy_input); CryptReleaseContext(hProvider, NULL); return entropy_input; }
int RAND_poll(void) { MEMORYSTATUS mst; HCRYPTPROV hProvider = 0; DWORD w; BYTE buf[64]; /* poll the CryptoAPI PRNG */ /* The CryptoAPI returns sizeof(buf) bytes of randomness */ if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { if (CryptGenRandom(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), sizeof(buf)); } CryptReleaseContext(hProvider, 0); } /* poll the Pentium PRG with CryptoAPI */ if (CryptAcquireContextW(&hProvider, NULL, INTEL_DEF_PROV, PROV_INTEL_SEC, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { if (CryptGenRandom(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), sizeof(buf)); } CryptReleaseContext(hProvider, 0); } /* timer data */ readtimer(); /* memory usage statistics */ GlobalMemoryStatus(&mst); RAND_add(&mst, sizeof(mst), 1); /* process ID */ w = GetCurrentProcessId(); RAND_add(&w, sizeof(w), 1); return (1); }
EXTERN_C BOOL PALAPI CryptAcquireContextA( HCRYPTPROV *phProv, LPCSTR szContainer, LPCSTR szProvider, DWORD dwProvType, DWORD dwFlags) { _ASSERTE(szContainer == NULL); _ASSERTE(szProvider == NULL); return CryptAcquireContextW(phProv, NULL, NULL, dwProvType, dwFlags); }
HCRYPTPROV CRYPT_GetDefaultProvider(void) { if (!hDefProv) { HCRYPTPROV prov; if (!CryptAcquireContextW(&prov, NULL, MS_ENH_RSA_AES_PROV_W, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) return hDefProv; InterlockedCompareExchangePointer((PVOID *)&hDefProv, (PVOID)prov, NULL); if (hDefProv != prov) CryptReleaseContext(prov, 0); } return hDefProv; }
static BOOL compare_sha1(void *data, unsigned int pitch, unsigned int bpp, unsigned int w, unsigned int h, const char *ref_sha1) { static const char hex_chars[] = "0123456789abcdef"; HCRYPTPROV provider; BYTE hash_data[20]; HCRYPTHASH hash; unsigned int i; char sha1[41]; BOOL ret; ret = CryptAcquireContextW(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); ok(ret, "Failed to acquire crypt context.\n"); ret = CryptCreateHash(provider, CALG_SHA1, 0, 0, &hash); ok(ret, "Failed to create hash.\n"); for (i = 0; i < h; ++i) { if (!(ret = CryptHashData(hash, (BYTE *)data + pitch * i, w * bpp, 0))) break; } ok(ret, "Failed to hash data.\n"); i = sizeof(hash_data); ret = CryptGetHashParam(hash, HP_HASHVAL, hash_data, &i, 0); ok(ret, "Failed to get hash value.\n"); ok(i == sizeof(hash_data), "Got unexpected hash size %u.\n", i); ret = CryptDestroyHash(hash); ok(ret, "Failed to destroy hash.\n"); ret = CryptReleaseContext(provider, 0); ok(ret, "Failed to release crypt context.\n"); for (i = 0; i < 20; ++i) { sha1[i * 2] = hex_chars[hash_data[i] >> 4]; sha1[i * 2 + 1] = hex_chars[hash_data[i] & 0xf]; } sha1[40] = 0; return !strcmp(ref_sha1, (char *)sha1); }
TokenData QCSP::selectCert( const QString &cn, SslCertificate::KeyUsage usage ) { TokenData t; t.setCard( cn ); if( d->h ) CryptReleaseContext( d->h, 0 ); QPair<QString,QString> c = d->certs.value( cn ); if( !CryptAcquireContextW( &d->h, LPCWSTR(c.second.utf16()), LPCWSTR(c.first.utf16()), PROV_RSA_FULL, 0 ) ) return t; HCRYPTKEY key = 0; if( !CryptGetUserKey( d->h, usage == SslCertificate::NonRepudiation ? AT_SIGNATURE : AT_KEYEXCHANGE, &key ) ) return t; SslCertificate cert = QSslCertificate( d->keyParam( key, KP_CERTIFICATE, 0 ), QSsl::Der ); CryptDestroyKey( key ); if( cert.keyUsage().keys().contains( usage ) ) t.setCert( cert ); return t; }
int RAND_poll(void) { MEMORYSTATUS m; HCRYPTPROV hProvider = 0; DWORD w; int good = 0; /* Determine the OS version we are on so we can turn off things * that do not work properly. */ OSVERSIONINFO osverinfo ; osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; GetVersionEx( &osverinfo ) ; #if defined(OPENSSL_SYS_WINCE) # if defined(_WIN32_WCE) && _WIN32_WCE>=300 /* Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available * in commonly available implementations prior 300... */ { BYTE buf[64]; /* poll the CryptoAPI PRNG */ /* The CryptoAPI returns sizeof(buf) bytes of randomness */ if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if (CryptGenRandom(hProvider, sizeof(buf), buf)) RAND_add(buf, sizeof(buf), sizeof(buf)); CryptReleaseContext(hProvider, 0); } } # endif #else /* OPENSSL_SYS_WINCE */ /* * None of below libraries are present on Windows CE, which is * why we #ifndef the whole section. This also excuses us from * handling the GetProcAddress issue. The trouble is that in * real Win32 API GetProcAddress is available in ANSI flavor * only. In WinCE on the other hand GetProcAddress is a macro * most commonly defined as GetProcAddressW, which accepts * Unicode argument. If we were to call GetProcAddress under * WinCE, I'd recommend to either redefine GetProcAddress as * GetProcAddressA (there seem to be one in common CE spec) or * implement own shim routine, which would accept ANSI argument * and expand it to Unicode. */ { /* load functions dynamically - not available on all systems */ HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL")); HMODULE user = NULL; HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL")); CRYPTACQUIRECONTEXTW acquire = NULL; CRYPTGENRANDOM gen = NULL; CRYPTRELEASECONTEXT release = NULL; NETSTATGET netstatget = NULL; NETFREE netfree = NULL; BYTE buf[64]; if (netapi) { netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet"); netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree"); } if (netstatget && netfree) { LPBYTE outbuf; /* NetStatisticsGet() is a Unicode only function * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0 * contains 17 fields. We treat each field as a source of * one byte of entropy. */ if (netstatget(NULL, L"LanmanWorkstation", 0, 0, &outbuf) == 0) { RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45); netfree(outbuf); } if (netstatget(NULL, L"LanmanServer", 0, 0, &outbuf) == 0) { RAND_add(outbuf, sizeof(STAT_SERVER_0), 17); netfree(outbuf); } } if (netapi) FreeLibrary(netapi); /* It appears like this can cause an exception deep within ADVAPI32.DLL * at random times on Windows 2000. Reported by Jeffrey Altman. * Only use it on NT. */ /* Wolfgang Marczy <*****@*****.**> reports that * the RegQueryValueEx call below can hang on NT4.0 (SP6). * So we don't use this at all for now. */ #if 0 if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT && osverinfo.dwMajorVersion < 5) { /* Read Performance Statistics from NT/2000 registry * The size of the performance data can vary from call * to call so we must guess the size of the buffer to use * and increase its size if we get an ERROR_MORE_DATA * return instead of ERROR_SUCCESS. */ LONG rc=ERROR_MORE_DATA; char * buf=NULL; DWORD bufsz=0; DWORD length; while (rc == ERROR_MORE_DATA) { buf = realloc(buf,bufsz+8192); if (!buf) break; bufsz += 8192; length = bufsz; rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, TEXT("Global"), NULL, NULL, buf, &length); } if (rc == ERROR_SUCCESS) { /* For entropy count assume only least significant * byte of each DWORD is random. */ RAND_add(&length, sizeof(length), 0); RAND_add(buf, length, length / 4.0); /* Close the Registry Key to allow Windows to cleanup/close * the open handle * Note: The 'HKEY_PERFORMANCE_DATA' key is implicitly opened * when the RegQueryValueEx above is done. However, if * it is not explicitly closed, it can cause disk * partition manipulation problems. */ RegCloseKey(HKEY_PERFORMANCE_DATA); } if (buf) free(buf); } #endif if (advapi) { /* * If it's available, then it's available in both ANSI * and UNICODE flavors even in Win9x, documentation says. * We favor Unicode... */ acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi, "CryptAcquireContextW"); gen = (CRYPTGENRANDOM) GetProcAddress(advapi, "CryptGenRandom"); release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi, "CryptReleaseContext"); } if (acquire && gen && release) { /* poll the CryptoAPI PRNG */ /* The CryptoAPI returns sizeof(buf) bytes of randomness */ if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if (gen(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), 0); good = 1; #if 0 printf("randomness from PROV_RSA_FULL\n"); #endif } release(hProvider, 0); } /* poll the Pentium PRG with CryptoAPI */ if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0)) { if (gen(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), sizeof(buf)); good = 1; #if 0 printf("randomness from PROV_INTEL_SEC\n"); #endif } release(hProvider, 0); } } if (advapi) FreeLibrary(advapi); if ((osverinfo.dwPlatformId != VER_PLATFORM_WIN32_NT || !OPENSSL_isservice()) && (user = LoadLibrary(TEXT("USER32.DLL")))) { GETCURSORINFO cursor; GETFOREGROUNDWINDOW win; GETQUEUESTATUS queue; win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow"); cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo"); queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus"); if (win) { /* window handle */ HWND h = win(); RAND_add(&h, sizeof(h), 0); } if (cursor) { /* unfortunately, its not safe to call GetCursorInfo() * on NT4 even though it exists in SP3 (or SP6) and * higher. */ if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT && osverinfo.dwMajorVersion < 5) cursor = 0; } if (cursor) { /* cursor position */ /* assume 2 bytes of entropy */ CURSORINFO ci; ci.cbSize = sizeof(CURSORINFO); if (cursor(&ci)) RAND_add(&ci, ci.cbSize, 2); } if (queue) { /* message queue status */ /* assume 1 byte of entropy */ w = queue(QS_ALLEVENTS); RAND_add(&w, sizeof(w), 1); } FreeLibrary(user); } /* Toolhelp32 snapshot: enumerate processes, threads, modules and heap * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm * (Win 9x and 2000 only, not available on NT) * * This seeding method was proposed in Peter Gutmann, Software * Generation of Practically Strong Random Numbers, * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html * revised version at http://www.cryptoengines.com/~peter/06_random.pdf * (The assignment of entropy estimates below is arbitrary, but based * on Peter's analysis the full poll appears to be safe. Additional * interactive seeding is encouraged.) */ if (kernel) { CREATETOOLHELP32SNAPSHOT snap; CLOSETOOLHELP32SNAPSHOT close_snap; HANDLE handle; HEAP32FIRST heap_first; HEAP32NEXT heap_next; HEAP32LIST heaplist_first, heaplist_next; PROCESS32 process_first, process_next; THREAD32 thread_first, thread_next; MODULE32 module_first, module_next; HEAPLIST32 hlist; HEAPENTRY32 hentry; PROCESSENTRY32 p; THREADENTRY32 t; MODULEENTRY32 m; DWORD starttime = 0; snap = (CREATETOOLHELP32SNAPSHOT) GetProcAddress(kernel, "CreateToolhelp32Snapshot"); close_snap = (CLOSETOOLHELP32SNAPSHOT) GetProcAddress(kernel, "CloseToolhelp32Snapshot"); heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First"); heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next"); heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst"); heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext"); process_first = (PROCESS32) GetProcAddress(kernel, "Process32First"); process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next"); thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First"); thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next"); module_first = (MODULE32) GetProcAddress(kernel, "Module32First"); module_next = (MODULE32) GetProcAddress(kernel, "Module32Next"); if (snap && heap_first && heap_next && heaplist_first && heaplist_next && process_first && process_next && thread_first && thread_next && module_first && module_next && (handle = snap(TH32CS_SNAPALL,0)) != INVALID_HANDLE_VALUE) { /* heap list and heap walking */ /* HEAPLIST32 contains 3 fields that will change with * each entry. Consider each field a source of 1 byte * of entropy. * HEAPENTRY32 contains 5 fields that will change with * each entry. Consider each field a source of 1 byte * of entropy. */ ZeroMemory(&hlist, sizeof(HEAPLIST32)); hlist.dwSize = sizeof(HEAPLIST32); if (good) starttime = GetTickCount(); #ifdef _MSC_VER if (heaplist_first(handle, &hlist)) { /* following discussion on dev ML, exception on WinCE (or other Win platform) is theoretically of unknown origin; prevent infinite loop here when this theoretical case occurs; otherwise cope with the expected (MSDN documented) exception-throwing behaviour of Heap32Next() on WinCE. based on patch in original message by Tanguy Fautré (2009/03/02) Subject: RAND_poll() and CreateToolhelp32Snapshot() stability */ int ex_cnt_limit = 42; do { RAND_add(&hlist, hlist.dwSize, 3); __try { ZeroMemory(&hentry, sizeof(HEAPENTRY32)); hentry.dwSize = sizeof(HEAPENTRY32); if (heap_first(&hentry, hlist.th32ProcessID, hlist.th32HeapID)) { int entrycnt = 80; do RAND_add(&hentry, hentry.dwSize, 5); while (heap_next(&hentry) && (!good || (GetTickCount()-starttime)<MAXDELAY) && --entrycnt > 0); } } __except (EXCEPTION_EXECUTE_HANDLER) { /* ignore access violations when walking the heap list */ ex_cnt_limit--; } } while (heaplist_next(handle, &hlist) && (!good || (GetTickCount()-starttime)<MAXDELAY) && ex_cnt_limit > 0); } #else if (heaplist_first(handle, &hlist)) { do { RAND_add(&hlist, hlist.dwSize, 3); hentry.dwSize = sizeof(HEAPENTRY32); if (heap_first(&hentry, hlist.th32ProcessID, hlist.th32HeapID)) { int entrycnt = 80; do RAND_add(&hentry, hentry.dwSize, 5); while (heap_next(&hentry) && --entrycnt > 0); } } while (heaplist_next(handle, &hlist) && (!good || (GetTickCount()-starttime)<MAXDELAY)); } #endif /* process walking */ /* PROCESSENTRY32 contains 9 fields that will change * with each entry. Consider each field a source of * 1 byte of entropy. */ p.dwSize = sizeof(PROCESSENTRY32); if (good) starttime = GetTickCount(); if (process_first(handle, &p)) do RAND_add(&p, p.dwSize, 9); while (process_next(handle, &p) && (!good || (GetTickCount()-starttime)<MAXDELAY)); /* thread walking */ /* THREADENTRY32 contains 6 fields that will change * with each entry. Consider each field a source of * 1 byte of entropy. */ t.dwSize = sizeof(THREADENTRY32); if (good) starttime = GetTickCount(); if (thread_first(handle, &t)) do RAND_add(&t, t.dwSize, 6); while (thread_next(handle, &t) && (!good || (GetTickCount()-starttime)<MAXDELAY)); /* module walking */ /* MODULEENTRY32 contains 9 fields that will change * with each entry. Consider each field a source of * 1 byte of entropy. */ m.dwSize = sizeof(MODULEENTRY32); if (good) starttime = GetTickCount(); if (module_first(handle, &m)) do RAND_add(&m, m.dwSize, 9); while (module_next(handle, &m) && (!good || (GetTickCount()-starttime)<MAXDELAY)); if (close_snap) close_snap(handle); else CloseHandle(handle); } FreeLibrary(kernel); }
BOOL aes_decrypt_file(LPWSTR filename, LPWSTR filename2, LPCWSTR key_str, size_t key_len) { if (filename == NULL || filename2 == NULL) return FALSE; BOOL dwStatus = FALSE; printf("Key: %S\n", key_str); printf("Key len: %#x\n", key_len); printf("Input File: %S\n", filename); printf("Output File: %S\n", filename2); printf("----\n"); wchar_t info[] = L"Microsoft Enhanced RSA and AES Cryptographic Provider"; HCRYPTPROV hProv; if (!CryptAcquireContextW(&hProv, NULL, info, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)){ dwStatus = GetLastError(); printf("CryptAcquireContext failed: %x\n", dwStatus); CryptReleaseContext(hProv, 0); return dwStatus; } HCRYPTHASH hHash; if (!CryptCreateHash(hProv, CALG_SHA_256, 0, 0, &hHash)){ dwStatus = GetLastError(); printf("CryptCreateHash failed: %x\n", dwStatus); CryptReleaseContext(hProv, 0); return dwStatus; } if (!CryptHashData(hHash, (BYTE*)key_str, key_len, 0)) { DWORD err = GetLastError(); printf ("CryptHashData Failed : %#x\n", err); return dwStatus; } HCRYPTKEY hKey; if (!CryptDeriveKey(hProv, CALG_AES_128, hHash, 0,&hKey)){ dwStatus = GetLastError(); printf("CryptDeriveKey failed: %x\n", dwStatus); CryptReleaseContext(hProv, 0); return dwStatus; } const size_t chunk_size = BLOCK_LEN; BYTE chunk[chunk_size]; DWORD read = 0; DWORD written = 0; HANDLE hInpFile = CreateFileW(filename, GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_FLAG_SEQUENTIAL_SCAN,NULL); HANDLE hOutFile = CreateFileW(filename2, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); if (hInpFile == NULL) { printf("Cannot open input file!\n"); return dwStatus; } if (hOutFile == NULL) { printf("Cannot open output file!\n"); return dwStatus; } while (ReadFile(hInpFile, chunk, chunk_size, &read, NULL)) { if (0 == read){ break; } DWORD ciphertextLen = BLOCK_LEN; if (!CryptDecrypt(hKey, NULL, FALSE, 0,chunk, &ciphertextLen)) { printf("failed!\n"); dwStatus = FALSE; break; } else { dwStatus = TRUE; } if (!WriteFile(hOutFile, chunk, ciphertextLen, &written, NULL)) { printf("writing failed!\n"); break; } memset(chunk, 0, chunk_size); } CryptReleaseContext(hProv, 0); CryptDestroyKey(hKey); CryptDestroyHash(hHash); CloseHandle(hInpFile); CloseHandle(hOutFile); return dwStatus; }
QStringList QCSP::containers( SslCertificate::KeyUsage usage ) { qWarning() << "Start enumerationg providers"; QHash<QString,QPair<QString,QString> > certs; HCRYPTPROV h = 0; DWORD index = 0, type = 0, size = 0; while( CryptEnumProvidersW( index, 0, 0, &type, 0, &size ) ) { QString provider( size / sizeof(wchar_t) - 1, 0 ); if( !CryptEnumProvidersW( index++, 0, 0, &type, LPWSTR(provider.data()), &size ) ) continue; qWarning() << "Found provider" << provider << "type" << type; if( type != PROV_RSA_FULL ) continue; // its broken and does not play well with pkcs11 if( provider.toLower().contains( "esteid" ) ) continue; qWarning() << "Acquiring provider" << provider << "context"; if( h ) CryptReleaseContext( h, 0 ); h = 0; if( !CryptAcquireContextW( &h, 0, LPCWSTR(provider.utf16()), type, CRYPT_SILENT ) ) continue; qWarning() << "Checking if provider" << provider << "is HW"; QByteArray imptype = QCSPPrivate::provParam( h, PP_IMPTYPE ); if( imptype.isEmpty() || !(imptype[0] & CRYPT_IMPL_HARDWARE) ) continue; qWarning() << "Enumerating provider " << provider << "containers"; QStringList containers; QByteArray container = QCSPPrivate::provParam( h, PP_ENUMCONTAINERS, CRYPT_FIRST ); while( !container.isEmpty() ) { containers << container; container = QCSPPrivate::provParam( h, PP_ENUMCONTAINERS, CRYPT_NEXT ); } qWarning() << "Provider" << provider << "containers" << containers; Q_FOREACH( const QString &container, containers ) { if( h ) CryptReleaseContext( h, 0 ); h = 0; qWarning() << "Acquiring provider" << provider << "container" << container << "context"; if( !CryptAcquireContextW( &h, LPCWSTR(container.utf16()), LPCWSTR(provider.utf16()), type, CRYPT_SILENT ) ) continue; qWarning() << "Geting provider" << provider << "container" << container << "key"; HCRYPTKEY key = 0; if( !CryptGetUserKey( h, usage == SslCertificate::NonRepudiation ? AT_SIGNATURE : AT_KEYEXCHANGE, &key ) ) continue; qWarning() << "Reading provider" << provider << "container" << container << "cert"; QSslCertificate cert( QCSPPrivate::keyParam( key, KP_CERTIFICATE, 0 ), QSsl::Der ); CryptDestroyKey( key ); if( cert.isNull() ) continue; qWarning() << "Adding provider" << provider << "container" << container << "list"; certs.insert( cert.subjectInfo( QSslCertificate::CommonName ), QPair<QString,QString>( provider, container ) ); } } if( h ) CryptReleaseContext( h, 0 ); qWarning() << "End enumerationg providers"; d->certs = certs; return d->certs.keys(); }
void CAPICertificate::setUri (const std::string& capiUri) { valid_ = false; /* Syntax: "certstore:" <cert_store> ":" <hash> ":" <hash_of_cert> */ if (!boost::iequals(capiUri.substr(0, 10), "certstore:")) { return; } /* Substring of subject: uses "storename" */ std::string capiIdentity = capiUri.substr(10); std::string newCertStoreName; size_t pos = capiIdentity.find_first_of (':'); if (pos == std::string::npos) { /* Using the default certificate store */ newCertStoreName = "MY"; certName_ = capiIdentity; } else { newCertStoreName = capiIdentity.substr(0, pos); certName_ = capiIdentity.substr(pos + 1); } if (certStoreHandle_ != NULL) { if (newCertStoreName != certStore_) { CertCloseStore(certStoreHandle_, 0); certStoreHandle_ = NULL; } } if (certStoreHandle_ == NULL) { certStoreHandle_ = CertOpenSystemStore(0, newCertStoreName.c_str()); if (!certStoreHandle_) { return; } } certStore_ = newCertStoreName; PCCERT_CONTEXT certContext = findCertificateInStore (certStoreHandle_, certName_); if (!certContext) { return; } /* Now verify that we can have access to the corresponding private key */ DWORD len; CRYPT_KEY_PROV_INFO *pinfo; HCRYPTPROV hprov; HCRYPTKEY key; if (!CertGetCertificateContextProperty(certContext, CERT_KEY_PROV_INFO_PROP_ID, NULL, &len)) { CertFreeCertificateContext(certContext); return; } pinfo = static_cast<CRYPT_KEY_PROV_INFO *>(malloc(len)); if (!pinfo) { CertFreeCertificateContext(certContext); return; } if (!CertGetCertificateContextProperty(certContext, CERT_KEY_PROV_INFO_PROP_ID, pinfo, &len)) { CertFreeCertificateContext(certContext); free(pinfo); return; } CertFreeCertificateContext(certContext); // Now verify if we have access to the private key if (!CryptAcquireContextW(&hprov, pinfo->pwszContainerName, pinfo->pwszProvName, pinfo->dwProvType, 0)) { free(pinfo); return; } char smartCardReader[1024]; DWORD bufferLength = sizeof(smartCardReader); if (!CryptGetProvParam(hprov, PP_SMARTCARD_READER, (BYTE *)&smartCardReader, &bufferLength, 0)) { DWORD error = GetLastError(); smartCardReaderName_ = ""; } else { smartCardReaderName_ = smartCardReader; LONG result = SCardEstablishContext(SCARD_SCOPE_USER, NULL, NULL, &scardContext_); if (SCARD_S_SUCCESS == result) { // Initiate monitoring for smartcard ejection smartCardTimer_ = timerFactory_->createTimer(SMARTCARD_EJECTION_CHECK_FREQUENCY_MILLISECONDS); } else { ///Need to handle an error here } } if (!CryptGetUserKey(hprov, pinfo->dwKeySpec, &key)) { CryptReleaseContext(hprov, 0); free(pinfo); return; } CryptDestroyKey(key); CryptReleaseContext(hprov, 0); free(pinfo); if (smartCardTimer_) { smartCardTimer_->onTick.connect(boost::bind(&CAPICertificate::handleSmartCardTimerTick, this)); smartCardTimer_->start(); } valid_ = true; }
static void testAcquireSecurityContext(void) { BOOL has_schannel = FALSE; SecPkgInfoA *package_info; ULONG i; SECURITY_STATUS st; CredHandle cred; SecPkgCredentials_NamesA names; TimeStamp exp; SCHANNEL_CRED schanCred; PCCERT_CONTEXT certs[2]; HCRYPTPROV csp; WCHAR ms_def_prov_w[MAX_PATH]; BOOL ret; HCRYPTKEY key; CRYPT_KEY_PROV_INFO keyProvInfo; if (!pAcquireCredentialsHandleA || !pEnumerateSecurityPackagesA || !pFreeContextBuffer || !pFreeCredentialsHandle) { win_skip("Needed functions are not available\n"); return; } if (SUCCEEDED(pEnumerateSecurityPackagesA(&i, &package_info))) { while(i--) { if (!strcmp(package_info[i].Name, unisp_name_a)) { has_schannel = TRUE; break; } } pFreeContextBuffer(package_info); } if (!has_schannel) { skip("Schannel not available\n"); return; } lstrcpyW(ms_def_prov_w, MS_DEF_PROV_W); keyProvInfo.pwszContainerName = cspNameW; keyProvInfo.pwszProvName = ms_def_prov_w; keyProvInfo.dwProvType = PROV_RSA_FULL; keyProvInfo.dwFlags = 0; keyProvInfo.cProvParam = 0; keyProvInfo.rgProvParam = NULL; keyProvInfo.dwKeySpec = AT_SIGNATURE; certs[0] = CertCreateCertificateContext(X509_ASN_ENCODING, bigCert, sizeof(bigCert)); certs[1] = CertCreateCertificateContext(X509_ASN_ENCODING, selfSignedCert, sizeof(selfSignedCert)); SetLastError(0xdeadbeef); ret = CryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_DELETEKEYSET); if (!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED) { /* WinMe would crash on some tests */ win_skip("CryptAcquireContextW is not implemented\n"); return; } st = pAcquireCredentialsHandleA(NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_SECPKG_NOT_FOUND, "Expected SEC_E_SECPKG_NOT_FOUND, got %08x\n", st); if (0) { /* Crashes on Win2K */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, 0, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); /* Crashes on WinNT */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_BOTH, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); /* Crashes */ pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, NULL, NULL); } st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); if(st == SEC_E_OK) pFreeCredentialsHandle(&cred); memset(&cred, 0, sizeof(cred)); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, &cred, &exp); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); /* expriy is indeterminate in win2k3 */ trace("expiry: %08x%08x\n", exp.HighPart, exp.LowPart); st = pQueryCredentialsAttributesA(&cred, SECPKG_CRED_ATTR_NAMES, &names); ok(st == SEC_E_NO_CREDENTIALS || st == SEC_E_UNSUPPORTED_FUNCTION /* before Vista */, "expected SEC_E_NO_CREDENTIALS, got %08x\n", st); pFreeCredentialsHandle(&cred); /* Bad version in SCHANNEL_CRED */ memset(&schanCred, 0, sizeof(schanCred)); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */ || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */ || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); /* No cert in SCHANNEL_CRED succeeds for outbound.. */ schanCred.dwVersion = SCHANNEL_CRED_VERSION; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); /* but fails for inbound. */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_NO_CREDENTIALS || st == SEC_E_OK /* Vista/win2k8 */, "Expected SEC_E_NO_CREDENTIALS or SEC_E_OK, got %08x\n", st); if (0) { /* Crashes with bad paCred pointer */ schanCred.cCreds = 1; pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); } /* Bogus cert in SCHANNEL_CRED. Windows fails with * SEC_E_UNKNOWN_CREDENTIALS, but I'll accept SEC_E_NO_CREDENTIALS too. */ schanCred.cCreds = 1; schanCred.paCred = &certs[0]; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); /* Good cert, but missing private key. Windows fails with * SEC_E_NO_CREDENTIALS, but I'll accept SEC_E_UNKNOWN_CREDENTIALS too. */ schanCred.cCreds = 1; schanCred.paCred = &certs[1]; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INTERNAL_ERROR, /* win2k */ "Expected SEC_E_UNKNOWN_CREDENTIALS, SEC_E_NO_CREDENTIALS " "or SEC_E_INTERNAL_ERROR, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INTERNAL_ERROR, /* win2k */ "Expected SEC_E_UNKNOWN_CREDENTIALS, SEC_E_NO_CREDENTIALS " "or SEC_E_INTERNAL_ERROR, got %08x\n", st); /* Good cert, with CRYPT_KEY_PROV_INFO set before it's had a key loaded. */ ret = CertSetCertificateContextProperty(certs[1], CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo); schanCred.dwVersion = SCH_CRED_V3; ok(ret, "CertSetCertificateContextProperty failed: %08x\n", GetLastError()); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_INTERNAL_ERROR /* WinNT */, "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_INTERNAL_ERROR, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_INTERNAL_ERROR /* WinNT */, "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_INTERNAL_ERROR, got %08x\n", st); ret = CryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(ret, "CryptAcquireContextW failed: %08x\n", GetLastError()); ret = 0; ret = CryptImportKey(csp, privKey, sizeof(privKey), 0, 0, &key); ok(ret, "CryptImportKey failed: %08x\n", GetLastError()); if (ret) { PCCERT_CONTEXT tmp; if (0) { /* Crashes */ pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); /* Crashes on WinNT */ /* Good cert with private key, bogus version */ schanCred.dwVersion = SCH_CRED_V1; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */, "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */, "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); schanCred.dwVersion = SCH_CRED_V2; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */, "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */, "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); } /* Succeeds on V3 or higher */ schanCred.dwVersion = SCH_CRED_V3; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK || st == SEC_E_UNKNOWN_CREDENTIALS, /* win2k3 */ "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); schanCred.dwVersion = SCHANNEL_CRED_VERSION; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK || st == SEC_E_UNKNOWN_CREDENTIALS, /* win2k3 */ "AcquireCredentialsHandleA failed: %08x\n", st); if (st == SEC_E_OK) test_strength(&cred); pFreeCredentialsHandle(&cred); /* How about more than one cert? */ schanCred.cCreds = 2; schanCred.paCred = certs; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS /* Vista/win2k8 */ || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); tmp = certs[0]; certs[0] = certs[1]; certs[1] = tmp; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); /* FIXME: what about two valid certs? */ CryptDestroyKey(key); } CryptReleaseContext(csp, 0); CryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_DELETEKEYSET); CertFreeCertificateContext(certs[0]); CertFreeCertificateContext(certs[1]); }
/* * '_sspiGetCredentials()' - Retrieve an SSL/TLS certificate from the system store * If one cannot be found, one is created. */ BOOL /* O - 1 on success, 0 on failure */ _sspiGetCredentials(_sspi_struct_t *conn, /* I - Client connection */ const LPWSTR container, /* I - Cert container name */ const TCHAR *cn, /* I - Common name of certificate */ BOOL isServer) /* I - Is caller a server? */ { HCERTSTORE store = NULL; /* Certificate store */ PCCERT_CONTEXT storedContext = NULL; /* Context created from the store */ PCCERT_CONTEXT createdContext = NULL; /* Context created by us */ DWORD dwSize = 0; /* 32 bit size */ PBYTE p = NULL; /* Temporary storage */ HCRYPTPROV hProv = (HCRYPTPROV) NULL; /* Handle to a CSP */ CERT_NAME_BLOB sib; /* Arbitrary array of bytes */ SCHANNEL_CRED SchannelCred; /* Schannel credential data */ TimeStamp tsExpiry; /* Time stamp */ SECURITY_STATUS Status; /* Status */ HCRYPTKEY hKey = (HCRYPTKEY) NULL; /* Handle to crypto key */ CRYPT_KEY_PROV_INFO kpi; /* Key container info */ SYSTEMTIME et; /* System time */ CERT_EXTENSIONS exts; /* Array of cert extensions */ CRYPT_KEY_PROV_INFO ckp; /* Handle to crypto key */ BOOL ok = TRUE; /* Return value */ DEBUG_printf(("_sspiGetCredentials(conn=%p, container=%p, cn=\"%s\", isServer=%d)", conn, container, cn, isServer)); if (!conn) return (FALSE); if (!cn) return (FALSE); if (!CryptAcquireContextW(&hProv, (LPWSTR) container, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET | CRYPT_MACHINE_KEYSET)) { if (GetLastError() == NTE_EXISTS) { if (!CryptAcquireContextW(&hProv, (LPWSTR) container, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_MACHINE_KEYSET)) { DEBUG_printf(("_sspiGetCredentials: CryptAcquireContext failed: %x\n", GetLastError())); ok = FALSE; goto cleanup; } } } store = CertOpenStore(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING|PKCS_7_ASN_ENCODING, hProv, CERT_SYSTEM_STORE_LOCAL_MACHINE | CERT_STORE_NO_CRYPT_RELEASE_FLAG | CERT_STORE_OPEN_EXISTING_FLAG, L"MY"); if (!store) { DEBUG_printf(("_sspiGetCredentials: CertOpenSystemStore failed: %x\n", GetLastError())); ok = FALSE; goto cleanup; } dwSize = 0; if (!CertStrToName(X509_ASN_ENCODING, cn, CERT_OID_NAME_STR, NULL, NULL, &dwSize, NULL)) { DEBUG_printf(("_sspiGetCredentials: CertStrToName failed: %x\n", GetLastError())); ok = FALSE; goto cleanup; } p = (PBYTE) malloc(dwSize); if (!p) { DEBUG_printf(("_sspiGetCredentials: malloc failed for %d bytes", dwSize)); ok = FALSE; goto cleanup; } if (!CertStrToName(X509_ASN_ENCODING, cn, CERT_OID_NAME_STR, NULL, p, &dwSize, NULL)) { DEBUG_printf(("_sspiGetCredentials: CertStrToName failed: %x", GetLastError())); ok = FALSE; goto cleanup; } sib.cbData = dwSize; sib.pbData = p; storedContext = CertFindCertificateInStore(store, X509_ASN_ENCODING|PKCS_7_ASN_ENCODING, 0, CERT_FIND_SUBJECT_NAME, &sib, NULL); if (!storedContext) { /* * If we couldn't find the context, then we'll * create a new one */ if (!CryptGenKey(hProv, AT_KEYEXCHANGE, CRYPT_EXPORTABLE, &hKey)) { DEBUG_printf(("_sspiGetCredentials: CryptGenKey failed: %x", GetLastError())); ok = FALSE; goto cleanup; } ZeroMemory(&kpi, sizeof(kpi)); kpi.pwszContainerName = (LPWSTR) container; kpi.pwszProvName = MS_DEF_PROV_W; kpi.dwProvType = PROV_RSA_FULL; kpi.dwFlags = CERT_SET_KEY_CONTEXT_PROP_ID; kpi.dwKeySpec = AT_KEYEXCHANGE; GetSystemTime(&et); et.wYear += 10; ZeroMemory(&exts, sizeof(exts)); createdContext = CertCreateSelfSignCertificate(hProv, &sib, 0, &kpi, NULL, NULL, &et, &exts); if (!createdContext) { DEBUG_printf(("_sspiGetCredentials: CertCreateSelfSignCertificate failed: %x", GetLastError())); ok = FALSE; goto cleanup; } if (!CertAddCertificateContextToStore(store, createdContext, CERT_STORE_ADD_REPLACE_EXISTING, &storedContext)) { DEBUG_printf(("_sspiGetCredentials: CertAddCertificateContextToStore failed: %x", GetLastError())); ok = FALSE; goto cleanup; } ZeroMemory(&ckp, sizeof(ckp)); ckp.pwszContainerName = (LPWSTR) container; ckp.pwszProvName = MS_DEF_PROV_W; ckp.dwProvType = PROV_RSA_FULL; ckp.dwFlags = CRYPT_MACHINE_KEYSET; ckp.dwKeySpec = AT_KEYEXCHANGE; if (!CertSetCertificateContextProperty(storedContext, CERT_KEY_PROV_INFO_PROP_ID, 0, &ckp)) { DEBUG_printf(("_sspiGetCredentials: CertSetCertificateContextProperty failed: %x", GetLastError())); ok = FALSE; goto cleanup; } } ZeroMemory(&SchannelCred, sizeof(SchannelCred)); SchannelCred.dwVersion = SCHANNEL_CRED_VERSION; SchannelCred.cCreds = 1; SchannelCred.paCred = &storedContext; /* * SSPI doesn't seem to like it if grbitEnabledProtocols * is set for a client */ if (isServer) SchannelCred.grbitEnabledProtocols = SP_PROT_SSL3TLS1; /* * Create an SSPI credential. */ Status = AcquireCredentialsHandle(NULL, UNISP_NAME, isServer ? SECPKG_CRED_INBOUND:SECPKG_CRED_OUTBOUND, NULL, &SchannelCred, NULL, NULL, &conn->creds, &tsExpiry); if (Status != SEC_E_OK) { DEBUG_printf(("_sspiGetCredentials: AcquireCredentialsHandle failed: %x", Status)); ok = FALSE; goto cleanup; } cleanup: /* * Cleanup */ if (hKey) CryptDestroyKey(hKey); if (createdContext) CertFreeCertificateContext(createdContext); if (storedContext) CertFreeCertificateContext(storedContext); if (p) free(p); if (store) CertCloseStore(store, 0); if (hProv) CryptReleaseContext(hProv, 0); return (ok); }
/*********************************************************************** * CryptCATAdminEnumCatalogFromHash (WINTRUST.@) */ HCATINFO WINAPI CryptCATAdminEnumCatalogFromHash(HCATADMIN hCatAdmin, BYTE* pbHash, DWORD cbHash, DWORD dwFlags, HCATINFO* phPrevCatInfo ) { static const WCHAR slashW[] = {'\\',0}; static const WCHAR globW[] = {'\\','*','.','c','a','t',0}; struct catadmin *ca = hCatAdmin; WIN32_FIND_DATAW data; HCATINFO prev = NULL; HCRYPTPROV prov; DWORD size; BOOL ret; TRACE("%p %p %d %x %p\n", hCatAdmin, pbHash, cbHash, dwFlags, phPrevCatInfo); if (!ca || ca->magic != CATADMIN_MAGIC || !pbHash || cbHash != 20 || dwFlags) { SetLastError(ERROR_INVALID_PARAMETER); return NULL; } if (phPrevCatInfo) prev = *phPrevCatInfo; ret = CryptAcquireContextW(&prov, NULL, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); if (!ret) return NULL; if (!prev) { WCHAR *path; size = strlenW(ca->path) * sizeof(WCHAR) + sizeof(globW); if (!(path = HeapAlloc(GetProcessHeap(), 0, size))) { CryptReleaseContext(prov, 0); SetLastError(ERROR_OUTOFMEMORY); return NULL; } strcpyW(path, ca->path); strcatW(path, globW); FindClose(ca->find); ca->find = FindFirstFileW(path, &data); HeapFree(GetProcessHeap(), 0, path); if (ca->find == INVALID_HANDLE_VALUE) { CryptReleaseContext(prov, 0); return NULL; } } else if (!FindNextFileW(ca->find, &data)) { CryptCATAdminReleaseCatalogContext(hCatAdmin, prev, 0); CryptReleaseContext(prov, 0); return NULL; } while (1) { WCHAR *filename; CRYPTCATMEMBER *member = NULL; struct catinfo *ci; HANDLE hcat; size = (strlenW(ca->path) + strlenW(data.cFileName) + 2) * sizeof(WCHAR); if (!(filename = HeapAlloc(GetProcessHeap(), 0, size))) { SetLastError(ERROR_OUTOFMEMORY); return NULL; } strcpyW(filename, ca->path); strcatW(filename, slashW); strcatW(filename, data.cFileName); hcat = CryptCATOpen(filename, CRYPTCAT_OPEN_EXISTING, prov, 0, 0); if (hcat == INVALID_HANDLE_VALUE) { WARN("couldn't open %s (%u)\n", debugstr_w(filename), GetLastError()); continue; } while ((member = CryptCATEnumerateMember(hcat, member))) { if (member->pIndirectData->Digest.cbData != cbHash) { WARN("amount of hash bytes differs: %u/%u\n", member->pIndirectData->Digest.cbData, cbHash); continue; } if (!memcmp(member->pIndirectData->Digest.pbData, pbHash, cbHash)) { TRACE("file %s matches\n", debugstr_w(data.cFileName)); CryptCATClose(hcat); CryptReleaseContext(prov, 0); if (!phPrevCatInfo) { FindClose(ca->find); ca->find = INVALID_HANDLE_VALUE; } ci = create_catinfo(filename); HeapFree(GetProcessHeap(), 0, filename); return ci; } } CryptCATClose(hcat); HeapFree(GetProcessHeap(), 0, filename); if (!FindNextFileW(ca->find, &data)) { FindClose(ca->find); ca->find = INVALID_HANDLE_VALUE; CryptReleaseContext(prov, 0); return NULL; } } return NULL; }
#include "stdafx.h" #include "newsha256.h" #include <wincrypt.h> #include <Windows.h> HRESULT SHA256HashData(__in_bcount(cbHashDataLength) BYTE *pbHashData, __in DWORD cbHashDataLength, __out SHA256_HASHVAL *pHashValue) { HCRYPTPROV hcryptprov; BOOL fReturn = TRUE; fReturn = CryptAcquireContextW(&hcryptprov, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT); HRESULT hr = E_FAIL; if (hcryptprov != NULL && fReturn == TRUE) { HCRYPTHASH hash = NULL; if (CryptCreateHash(hcryptprov, CALG_SHA_256, 0, 0, &hash)) { if (CryptHashData(hash, pbHashData, cbHashDataLength, 0)) { DWORD dwHashValSize = sizeof(pHashValue->data); if (CryptGetHashParam(hash, HP_HASHVAL, pHashValue->data, &dwHashValSize, 0)) { hr = S_OK; } else { hr = HRESULT_FROM_WIN32(GetLastError()); } } else { hr = HRESULT_FROM_WIN32(GetLastError());
void CWE328_Reversible_One_Way_Hash__w32_MD2_15_bad() { switch(6) { case 6: { HCRYPTPROV hCryptProv; HCRYPTHASH hHash; FILE *pFile = NULL; char password[PASSWORD_INPUT_SIZE]; UCHAR savedHash[MD2_SUM_SIZE], calcHash[MD2_SUM_SIZE]; DWORD hashSize; char *replace; size_t i; pFile = fopen("password.txt", "r"); if (pFile == NULL) { exit(1); } for (i = 0; i < MD2_SUM_SIZE; i++) { ULONG val; if (fscanf(pFile, "%02x", &val) != 1) { fclose(pFile); exit(1); } if (val > 0xff) /* EXPECTED INCIDENTAL: Reliance on data memory layout, we assume char is at least 8 bits */ { fclose(pFile); exit(1); } savedHash[i] = (UCHAR)val; } if (pFile) { fclose(pFile); } if (fgets(password, PASSWORD_INPUT_SIZE, stdin) == NULL) { exit(1); } replace = strchr(password, '\r'); if (replace) { *replace = '\0'; } replace = strchr(password, '\n'); if (replace) { *replace = '\0'; } if (!CryptAcquireContextW(&hCryptProv, 0, 0, PROV_RSA_FULL, 0)) { exit(1); } /* FLAW: Use a reversible hash (MD2) */ if (!CryptCreateHash(hCryptProv, CALG_MD2, 0, 0, &hHash)) { CryptReleaseContext(hCryptProv, 0); exit(1); } /* EXPECTED INCIDENTAL: We did not salt the password, that may raise flags, * the password hash was not securely transmitted (via one form or another), * that may raise flags */ if (!CryptHashData(hHash, (BYTE*)password, strlen(password), 0)) { CryptDestroyHash(hHash); CryptReleaseContext(hCryptProv, 0); exit(1); } hashSize = MD2_SUM_SIZE; if (!CryptGetHashParam(hHash, HP_HASHVAL, (BYTE*)calcHash, &hashSize, 0)) { CryptDestroyHash(hHash); CryptReleaseContext(hCryptProv, 0); exit(1); } if (memcmp(savedHash, calcHash, MD2_SUM_SIZE * sizeof(UCHAR)) == 0) { printLine("Access granted"); } else { printLine("Access denied"); } if (hHash) { CryptDestroyHash(hHash); } if (hCryptProv) { CryptReleaseContext(hCryptProv, 0); } } break; default: /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ printLine("Benign, fixed string"); break; } }