ReactOS 0.4.15-dev-8135-g1bc6c90
ksecdd.h File Reference
#include <ntifs.h>
#include <ndk/exfuncs.h>
#include <ndk/ketypes.h>
#include <pseh/pseh2.h>
#include <ntstrsafe.h>
#include <md4.h>
#include <md5.h>
#include <tomcrypt.h>
Include dependency graph for ksecdd.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _KSEC_CONNECTION_INFO
 
struct  _KSEC_ENTROPY_DATA
 

Macros

#define _NO_KSECDD_IMPORT_
 
#define STATUS_KSEC_INTERNAL_ERROR   ((NTSTATUS)0x80090304)
 
#define RTL_ENCRYPT_OPTION_SAME_PROCESS   0
 
#define RTL_ENCRYPT_OPTION_CROSS_PROCESS   1
 
#define RTL_ENCRYPT_OPTION_SAME_LOGON   2
 

Typedefs

typedef aes_key AES_KEY
 
typedef aes_keyPAES_KEY
 
typedef des3_key DES3_KEY
 
typedef des3_keyPDES3_KEY
 
typedef struct _KSEC_CONNECTION_INFO KSEC_CONNECTION_INFO
 
typedef ULONG KSEC_MACHINE_SPECIFIC_COUNTERS
 
typedef ULONGPKSEC_MACHINE_SPECIFIC_COUNTERS
 
typedef struct _KSEC_ENTROPY_DATA KSEC_ENTROPY_DATA
 
typedef struct _KSEC_ENTROPY_DATAPKSEC_ENTROPY_DATA
 

Functions

NTSTATUS NTAPI KsecDdDispatch (PDEVICE_OBJECT DeviceObject, PIRP Irp)
 
NTSTATUS NTAPI KsecGatherEntropyData (PKSEC_ENTROPY_DATA EntropyData)
 
NTSTATUS NTAPI KsecGenRandom (PVOID Buffer, SIZE_T Length)
 
VOID NTAPI KsecInitializeEncryptionSupport (VOID)
 
NTSTATUS NTAPI KsecEncryptMemory (_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
 
NTSTATUS NTAPI KsecDecryptMemory (_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
 

Variables

PEPROCESS KsecLsaProcess
 
HANDLE KsecLsaProcessHandle
 

Macro Definition Documentation

◆ _NO_KSECDD_IMPORT_

#define _NO_KSECDD_IMPORT_

Definition at line 9 of file ksecdd.h.

◆ RTL_ENCRYPT_OPTION_CROSS_PROCESS

#define RTL_ENCRYPT_OPTION_CROSS_PROCESS   1

Definition at line 26 of file ksecdd.h.

◆ RTL_ENCRYPT_OPTION_SAME_LOGON

#define RTL_ENCRYPT_OPTION_SAME_LOGON   2

Definition at line 27 of file ksecdd.h.

◆ RTL_ENCRYPT_OPTION_SAME_PROCESS

#define RTL_ENCRYPT_OPTION_SAME_PROCESS   0

Definition at line 25 of file ksecdd.h.

◆ STATUS_KSEC_INTERNAL_ERROR

#define STATUS_KSEC_INTERNAL_ERROR   ((NTSTATUS)0x80090304)

Definition at line 22 of file ksecdd.h.

Typedef Documentation

◆ AES_KEY

typedef aes_key AES_KEY

Definition at line 19 of file ksecdd.h.

◆ DES3_KEY

typedef des3_key DES3_KEY

Definition at line 20 of file ksecdd.h.

◆ KSEC_CONNECTION_INFO

◆ KSEC_ENTROPY_DATA

◆ KSEC_MACHINE_SPECIFIC_COUNTERS

Definition at line 53 of file ksecdd.h.

◆ PAES_KEY

typedef aes_key * PAES_KEY

Definition at line 19 of file ksecdd.h.

◆ PDES3_KEY

typedef des3_key * PDES3_KEY

Definition at line 20 of file ksecdd.h.

◆ PKSEC_ENTROPY_DATA

◆ PKSEC_MACHINE_SPECIFIC_COUNTERS

Definition at line 53 of file ksecdd.h.

Function Documentation

◆ KsecDdDispatch()

NTSTATUS NTAPI KsecDdDispatch ( PDEVICE_OBJECT  DeviceObject,
PIRP  Irp 
)

Definition at line 184 of file dispatch.c.

187{
188 PIO_STACK_LOCATION IoStackLocation;
192 SIZE_T InputLength, OutputLength;
193 FILE_INFORMATION_CLASS FileInfoClass;
194 FS_INFORMATION_CLASS FsInfoClass;
196
197 IoStackLocation = IoGetCurrentIrpStackLocation(Irp);
198
199 switch (IoStackLocation->MajorFunction)
200 {
201 case IRP_MJ_CREATE:
202 case IRP_MJ_CLOSE:
203
204 /* Just return success */
206 Information = 0;
207 break;
208
209 case IRP_MJ_READ:
210
211 /* There is nothing to read */
213 Information = 0;
214 break;
215
216 case IRP_MJ_WRITE:
217
218 /* Pretend to have written everything */
220 Information = IoStackLocation->Parameters.Write.Length;
221 break;
222
224
225 /* Extract the parameters */
226 Buffer = Irp->AssociatedIrp.SystemBuffer;
227 OutputLength = IoStackLocation->Parameters.QueryFile.Length;
228 FileInfoClass = IoStackLocation->Parameters.QueryFile.FileInformationClass;
229
230 /* Call the internal function */
232 FileInfoClass,
233 &OutputLength);
234 Information = OutputLength;
235 break;
236
238
239 /* Extract the parameters */
240 Buffer = Irp->AssociatedIrp.SystemBuffer;
241 OutputLength = IoStackLocation->Parameters.QueryVolume.Length;
242 FsInfoClass = IoStackLocation->Parameters.QueryVolume.FsInformationClass;
243
244 /* Call the internal function */
246 FsInfoClass,
247 &OutputLength);
248 Information = OutputLength;
249 break;
250
252
253 /* Extract the parameters */
254 InputLength = IoStackLocation->Parameters.DeviceIoControl.InputBufferLength;
255 OutputLength = IoStackLocation->Parameters.DeviceIoControl.OutputBufferLength;
256 IoControlCode = IoStackLocation->Parameters.DeviceIoControl.IoControlCode;
257
258 /* Check for METHOD_OUT_DIRECT method */
260 (OutputLength != 0))
261 {
262 /* Use the provided MDL */
263 OutputLength = Irp->MdlAddress->ByteCount;
266 if (Buffer == NULL)
267 {
269 Information = 0;
270 break;
271 }
272 }
273 else
274 {
275 /* Otherwise this is METHOD_BUFFERED, use the SystemBuffer */
276 Buffer = Irp->AssociatedIrp.SystemBuffer;
277 }
278
279 /* Call the internal function */
281 Buffer,
282 InputLength,
283 &OutputLength);
284 Information = OutputLength;
285 break;
286
287 default:
288 DPRINT1("Unhandled major function %lu!\n",
289 IoStackLocation->MajorFunction);
290 ASSERT(FALSE);
292 }
293
294 /* Return the information */
295 Irp->IoStatus.Status = Status;
296 Irp->IoStatus.Information = Information;
297
298 /* Complete the request */
300
301 return Status;
302}
static PIO_STACK_LOCATION IoGetCurrentIrpStackLocation(PIRP Irp)
LONG NTSTATUS
Definition: precomp.h:26
#define DPRINT1
Definition: precomp.h:8
Definition: bufpool.h:45
_In_ PIRP Irp
Definition: csq.h:116
#define NULL
Definition: types.h:112
#define FALSE
Definition: types.h:117
static NTSTATUS KsecDeviceControl(ULONG IoControlCode, PVOID Buffer, SIZE_T InputLength, PSIZE_T OutputLength)
Definition: dispatch.c:87
static NTSTATUS KsecQueryVolumeInformation(PVOID InfoBuffer, FS_INFORMATION_CLASS FsInformationClass, PSIZE_T BufferLength)
Definition: dispatch.c:56
static NTSTATUS KsecQueryFileInformation(PVOID InfoBuffer, FILE_INFORMATION_CLASS FileInformationClass, PSIZE_T BufferLength)
Definition: dispatch.c:22
enum _FILE_INFORMATION_CLASS FILE_INFORMATION_CLASS
Definition: directory.c:44
enum _FSINFOCLASS FS_INFORMATION_CLASS
Status
Definition: gdiplustypes.h:25
#define ASSERT(a)
Definition: mode.c:44
@ NormalPagePriority
Definition: imports.h:56
#define METHOD_OUT_DIRECT
Definition: nt_native.h:596
#define IoCompleteRequest
Definition: irp.c:1240
#define IRP_MJ_CLOSE
Definition: rdpdr.c:45
#define IRP_MJ_READ
Definition: rdpdr.c:46
#define IRP_MJ_DEVICE_CONTROL
Definition: rdpdr.c:52
#define IRP_MJ_QUERY_VOLUME_INFORMATION
Definition: rdpdr.c:50
#define IRP_MJ_WRITE
Definition: rdpdr.c:47
#define IRP_MJ_CREATE
Definition: rdpdr.c:44
#define IRP_MJ_QUERY_INFORMATION
Definition: rdpdr.c:48
#define STATUS_END_OF_FILE
Definition: shellext.h:67
#define STATUS_SUCCESS
Definition: shellext.h:65
struct _IO_STACK_LOCATION::@3983::@3996 QueryVolume
struct _IO_STACK_LOCATION::@3983::@3992 QueryFile
struct _IO_STACK_LOCATION::@3983::@3988 Write
struct _IO_STACK_LOCATION::@1568::@1569 DeviceIoControl
union _IO_STACK_LOCATION::@1568 Parameters
ULONG_PTR SIZE_T
Definition: typedefs.h:80
uint32_t ULONG_PTR
Definition: typedefs.h:65
uint32_t ULONG
Definition: typedefs.h:59
#define STATUS_INVALID_DEVICE_REQUEST
Definition: udferr_usr.h:138
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ WDFREQUEST _In_ size_t _In_ size_t _In_ ULONG IoControlCode
Definition: wdfio.h:325
_In_ WDFREQUEST _In_ NTSTATUS _In_ ULONG_PTR Information
Definition: wdfrequest.h:1049
#define IO_NO_INCREMENT
Definition: iotypes.h:598
#define METHOD_FROM_CTL_CODE(ctrlCode)
#define MmGetSystemAddressForMdlSafe(_Mdl, _Priority)

Referenced by DriverEntry().

◆ KsecDecryptMemory()

NTSTATUS NTAPI KsecDecryptMemory ( _Inout_ PVOID  Buffer,
_In_ ULONG  Length,
_In_ ULONG  OptionFlags 
)

Definition at line 328 of file crypt.c.

332{
333 /* Validate parameter */
334 if (OptionFlags > RTL_ENCRYPT_OPTION_SAME_LOGON)
335 {
337 }
338
339 /* Check if the length is not 16 bytes aligned */
340 if (Length & 15)
341 {
342 /* Is it at least 8 bytes aligned? */
343 if (Length & 7)
344 {
345 /* No, we can't deal with it! */
347 }
348
349 /* Use triple DES encryption */
350 KsecDecryptMemoryDes3(Buffer, Length, OptionFlags);
351 }
352 else
353 {
354 /* Use AES encryption */
355 KsecDecryptMemoryAes(Buffer, Length, OptionFlags);
356 }
357
358 return STATUS_SUCCESS;
359}
static VOID KsecDecryptMemoryAes(_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
Definition: crypt.c:267
static VOID KsecDecryptMemoryDes3(_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
Definition: crypt.c:215
#define RTL_ENCRYPT_OPTION_SAME_LOGON
Definition: ksecdd.h:27
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135

Referenced by KsecDeviceControl().

◆ KsecEncryptMemory()

NTSTATUS NTAPI KsecEncryptMemory ( _Inout_ PVOID  Buffer,
_In_ ULONG  Length,
_In_ ULONG  OptionFlags 
)

Definition at line 293 of file crypt.c.

297{
298 /* Validate parameter */
299 if (OptionFlags > RTL_ENCRYPT_OPTION_SAME_LOGON)
300 {
302 }
303
304 /* Check if the length is not 16 bytes aligned */
305 if (Length & 15)
306 {
307 /* Is it at least 8 bytes aligned? */
308 if (Length & 7)
309 {
310 /* No, we can't deal with it! */
312 }
313
314 /* Use triple DES encryption */
315 KsecEncryptMemoryDes3(Buffer, Length, OptionFlags);
316 }
317 else
318 {
319 /* Use AES encryption */
320 KsecEncryptMemoryAes(Buffer, Length, OptionFlags);
321 }
322
323 return STATUS_SUCCESS;
324}
static VOID KsecEncryptMemoryDes3(_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
Definition: crypt.c:189
static VOID KsecEncryptMemoryAes(_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
Definition: crypt.c:241

Referenced by KsecDeviceControl().

◆ KsecGatherEntropyData()

NTSTATUS NTAPI KsecGatherEntropyData ( PKSEC_ENTROPY_DATA  EntropyData)
See also
http://blogs.msdn.com/b/michael_howard/archive/2005/01/14/353379.aspx

Definition at line 92 of file random.c.

94{
95 MD4_CTX Md4Context;
96 PTEB Teb;
97 PPEB Peb;
101
102 /* Query some generic values */
104 EntropyData->CurrentThreadId = PsGetCurrentThreadId();
105 KeQueryTickCount(&EntropyData->TickCount);
106 KeQuerySystemTime(&EntropyData->SystemTime);
108 &EntropyData->PerformanceFrequency);
109
110 /* Check if we have a TEB/PEB for the process environment */
111 Teb = PsGetCurrentThread()->Tcb.Teb;
112 if (Teb != NULL)
113 {
115
116 /* Initialize the MD4 context */
117 MD4Init(&Md4Context);
119 {
120 /* Get the end of the environment */
122 while (*String)
123 {
124 String += wcslen(String) + 1;
125 }
126
127 /* Update the MD4 context from the environment data */
128 MD4Update(&Md4Context,
131 }
133 {
134 /* Simply ignore the exception */
135 }
136 _SEH2_END;
137
138 /* Finalize and copy the MD4 hash */
139 MD4Final(&Md4Context);
140 RtlCopyMemory(&EntropyData->EnvironmentHash, Md4Context.digest, 16);
141 }
142
143 /* Read some machine specific hardware counters */
145
146 /* Query processor performance information */
150 &ReturnLength);
151 if (!NT_SUCCESS(Status))
152 {
153 return Status;
154 }
155
156 /* Query system performance information */
158 &EntropyData->SystemPerformanceInformation,
160 &ReturnLength);
161 if (!NT_SUCCESS(Status))
162 {
163 return Status;
164 }
165
166 /* Query exception information */
168 &EntropyData->SystemExceptionInformation,
170 &ReturnLength);
171 if (!NT_SUCCESS(Status))
172 {
173 return Status;
174 }
175
176 /* Query lookaside information */
178 &EntropyData->SystemLookasideInformation,
180 &ReturnLength);
181 if (!NT_SUCCESS(Status))
182 {
183 return Status;
184 }
185
186 /* Query interrupt information */
188 &EntropyData->SystemInterruptInformation,
190 &ReturnLength);
191 if (!NT_SUCCESS(Status))
192 {
193 return Status;
194 }
195
196 /* Query process information */
198 &EntropyData->SystemProcessInformation,
200 &ReturnLength);
201 if (!NT_SUCCESS(Status))
202 {
203 return Status;
204 }
205
206 return STATUS_SUCCESS;
207}
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PPEB Peb
Definition: dllmain.c:27
VOID NTAPI KsecReadMachineSpecificCounters(_Out_ PKSEC_MACHINE_SPECIFIC_COUNTERS MachineSpecificCounters)
Definition: random.c:56
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:43
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
#define KeQuerySystemTime(t)
Definition: env_spec_w32.h:570
#define _SEH2_END
Definition: filesup.c:22
#define _SEH2_TRY
Definition: filesup.c:19
PsGetCurrentThreadId
Definition: CrNtStubs.h:8
NTSYSAPI NTSTATUS NTAPI ZwQuerySystemInformation(IN SYSTEM_INFORMATION_CLASS SystemInfoClass, OUT PVOID SystemInfoBuffer, IN ULONG SystemInfoBufferSize, OUT PULONG BytesReturned OPTIONAL)
@ SystemExceptionInformation
Definition: ntddk_ex.h:44
@ SystemLookasideInformation
Definition: ntddk_ex.h:60
@ SystemInterruptInformation
Definition: ntddk_ex.h:34
@ SystemProcessInformation
Definition: ntddk_ex.h:16
@ SystemProcessorPerformanceInformation
Definition: ntddk_ex.h:19
LARGE_INTEGER NTAPI KeQueryPerformanceCounter(IN PLARGE_INTEGER PerformanceFreq)
Definition: timer.c:138
VOID WINAPI MD4Final(MD4_CTX *ctx)
Definition: md4.c:113
VOID WINAPI MD4Update(MD4_CTX *ctx, const unsigned char *buf, unsigned int len)
Definition: md4.c:59
VOID WINAPI MD4Init(MD4_CTX *ctx)
Definition: md4.c:45
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
#define SystemPerformanceInformation
Definition: memtest.h:87
HANDLE NTAPI PsGetCurrentProcessId(VOID)
Definition: process.c:1123
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:66
#define KeQueryTickCount(CurrentCount)
Definition: ke.h:43
Definition: util.c:82
unsigned char digest[16]
Definition: util.c:86
SYSTEM_PROCESS_INFORMATION SystemProcessInformation
Definition: ksecdd.h:71
HANDLE CurrentProcessId
Definition: ksecdd.h:58
UCHAR EnvironmentHash[16]
Definition: ksecdd.h:64
KSEC_MACHINE_SPECIFIC_COUNTERS MachineSpecificCounters
Definition: ksecdd.h:65
SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION SystemProcessorPerformanceInformation
Definition: ksecdd.h:66
LARGE_INTEGER TickCount
Definition: ksecdd.h:60
SYSTEM_EXCEPTION_INFORMATION SystemExceptionInformation
Definition: ksecdd.h:68
SYSTEM_PERFORMANCE_INFORMATION SystemPerformanceInformation
Definition: ksecdd.h:67
LARGE_INTEGER PerformanceFrequency
Definition: ksecdd.h:63
SYSTEM_INTERRUPT_INFORMATION SystemInterruptInformation
Definition: ksecdd.h:70
HANDLE CurrentThreadId
Definition: ksecdd.h:59
LARGE_INTEGER SystemTime
Definition: ksecdd.h:61
LARGE_INTEGER PerformanceCounter
Definition: ksecdd.h:62
SYSTEM_LOOKASIDE_INFORMATION SystemLookasideInformation
Definition: ksecdd.h:69
PRTL_USER_PROCESS_PARAMETERS ProcessParameters
Definition: btrfs_drv.h:1913
Definition: compat.h:836
PPEB ProcessEnvironmentBlock
Definition: ntddk_ex.h:337
uint16_t * PWSTR
Definition: typedefs.h:56
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
unsigned char * PUCHAR
Definition: typedefs.h:53
_Must_inspect_result_ _In_ WDFDEVICE _In_ WDFSTRING String
Definition: wdfdevice.h:2433

Referenced by KsecInitializeEncryptionSupport().

◆ KsecGenRandom()

NTSTATUS NTAPI KsecGenRandom ( PVOID  Buffer,
SIZE_T  Length 
)

Definition at line 26 of file random.c.

29{
30 LARGE_INTEGER TickCount;
31 ULONG i, RandomValue;
32 PULONG P;
33
34 /* Try to generate a more random seed */
35 KeQueryTickCount(&TickCount);
36 KsecRandomSeed ^= _rotl(TickCount.LowPart, (KsecRandomSeed % 23));
37
38 P = Buffer;
39 for (i = 0; i < Length / sizeof(ULONG); i++)
40 {
42 }
43
44 Length &= (sizeof(ULONG) - 1);
45 if (Length > 0)
46 {
47 RandomValue = RtlRandomEx(&KsecRandomSeed);
48 RtlCopyMemory(&P[i], &RandomValue, Length);
49 }
50
51 return STATUS_SUCCESS;
52}
NTSYSAPI ULONG NTAPI RtlRandomEx(PULONG Seed)
#define P(row, col)
static ULONG KsecRandomSeed
Definition: random.c:19
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_Check_return_ unsigned int __cdecl _rotl(_In_ unsigned int _Value, _In_ int _Shift)
uint32_t * PULONG
Definition: typedefs.h:59
ULONG LowPart
Definition: typedefs.h:106

Referenced by KsecDeviceControl().

◆ KsecInitializeEncryptionSupport()

VOID NTAPI KsecInitializeEncryptionSupport ( VOID  )

Definition at line 44 of file crypt.c.

46{
47 KSEC_ENTROPY_DATA EntropyData;
48 MD5_CTX Md5Context;
49 UCHAR KeyDataBuffer[32];
50
51 KsecGatherEntropyData(&EntropyData);
52 MD5Init(&Md5Context);
53 MD5Update(&Md5Context, (PVOID)&EntropyData, sizeof(EntropyData));
54 KsecLoadTimeStartMd5s[0] = Md5Context;
55 MD5Final(&Md5Context);
56 RtlCopyMemory(KeyDataBuffer, &Md5Context.digest, 16);
57
58 KsecGatherEntropyData(&EntropyData);
59 Md5Context = KsecLoadTimeStartMd5s[0];
60 MD5Update(&Md5Context, (PVOID)&EntropyData, sizeof(EntropyData));
61 KsecLoadTimeStartMd5s[1] = Md5Context;
62 MD5Final(&Md5Context);
63 RtlCopyMemory(&KeyDataBuffer[16], &Md5Context.digest, 16);
64
65 /* Create the global keys */
66 aes_setup(KeyDataBuffer, 32, 0, &KsecGlobalAesKey);
67 des3_setup(KeyDataBuffer, 24, 0, &KsecGlobalDes3Key);
68
69 /* Erase the temp data */
70 RtlSecureZeroMemory(KeyDataBuffer, sizeof(KeyDataBuffer));
71 RtlSecureZeroMemory(&Md5Context, sizeof(Md5Context));
72}
VOID WINAPI MD5Final(MD5_CTX *)
Definition: md5.c:113
VOID WINAPI MD5Init(MD5_CTX *)
Definition: md5.c:45
VOID WINAPI MD5Update(MD5_CTX *, const unsigned char *, unsigned int)
Definition: md5.c:59
int aes_setup(const unsigned char *key, int keylen, int rounds, aes_key *skey)
Definition: aes.c:937
int des3_setup(const unsigned char *key, int keylen, int num_rounds, des3_key *des3)
Definition: des.c:1432
AES_KEY KsecGlobalAesKey
Definition: crypt.c:15
DES3_KEY KsecGlobalDes3Key
Definition: crypt.c:14
MD5_CTX KsecLoadTimeStartMd5s[2]
Definition: crypt.c:13
NTSTATUS NTAPI KsecGatherEntropyData(PKSEC_ENTROPY_DATA EntropyData)
Definition: random.c:92
Definition: msi.c:4013
unsigned char digest[16]
Definition: msi.c:4017
FORCEINLINE PVOID RtlSecureZeroMemory(_Out_writes_bytes_all_(Size) PVOID Pointer, _In_ SIZE_T Size)
Definition: rtlfuncs.h:3125
unsigned char UCHAR
Definition: xmlstorage.h:181

Referenced by DriverEntry().

Variable Documentation

◆ KsecLsaProcess

PEPROCESS KsecLsaProcess
extern

◆ KsecLsaProcessHandle

HANDLE KsecLsaProcessHandle
extern