ReactOS 0.4.16-dev-1386-g6ed46ba
Classes | Macros | Typedefs | Functions | Variables
ksecdd.h File Reference
#include <ntifs.h>
#include <ndk/exfuncs.h>
#include <ndk/ketypes.h>
#include <pseh/pseh2.h>
#include <ntstrsafe.h>
#include <md4.h>
#include <md5.h>
#include <tomcrypt.h>
Include dependency graph for ksecdd.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _KSEC_CONNECTION_INFO
 
struct  _KSEC_ENTROPY_DATA
 

Macros

#define _NO_KSECDD_IMPORT_
 
#define STATUS_KSEC_INTERNAL_ERROR   ((NTSTATUS)0x80090304)
 
#define RTL_ENCRYPT_OPTION_SAME_PROCESS   0
 
#define RTL_ENCRYPT_OPTION_CROSS_PROCESS   1
 
#define RTL_ENCRYPT_OPTION_SAME_LOGON   2
 

Typedefs

typedef aes_key AES_KEY
 
typedef aes_keyPAES_KEY
 
typedef des3_key DES3_KEY
 
typedef des3_keyPDES3_KEY
 
typedef struct _KSEC_CONNECTION_INFO KSEC_CONNECTION_INFO
 
typedef ULONG KSEC_MACHINE_SPECIFIC_COUNTERS
 
typedef ULONGPKSEC_MACHINE_SPECIFIC_COUNTERS
 
typedef struct _KSEC_ENTROPY_DATA KSEC_ENTROPY_DATA
 
typedef struct _KSEC_ENTROPY_DATAPKSEC_ENTROPY_DATA
 

Functions

NTSTATUS NTAPI KsecDdDispatch (PDEVICE_OBJECT DeviceObject, PIRP Irp)
 
NTSTATUS NTAPI KsecGatherEntropyData (PKSEC_ENTROPY_DATA EntropyData)
 
NTSTATUS NTAPI KsecGenRandom (PVOID Buffer, SIZE_T Length)
 
VOID NTAPI KsecInitializeEncryptionSupport (VOID)
 
NTSTATUS NTAPI KsecEncryptMemory (_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
 
NTSTATUS NTAPI KsecDecryptMemory (_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
 

Variables

PEPROCESS KsecLsaProcess
 
HANDLE KsecLsaProcessHandle
 

Macro Definition Documentation

◆ _NO_KSECDD_IMPORT_

#define _NO_KSECDD_IMPORT_

Definition at line 9 of file ksecdd.h.

◆ RTL_ENCRYPT_OPTION_CROSS_PROCESS

#define RTL_ENCRYPT_OPTION_CROSS_PROCESS   1

Definition at line 26 of file ksecdd.h.

◆ RTL_ENCRYPT_OPTION_SAME_LOGON

#define RTL_ENCRYPT_OPTION_SAME_LOGON   2

Definition at line 27 of file ksecdd.h.

◆ RTL_ENCRYPT_OPTION_SAME_PROCESS

#define RTL_ENCRYPT_OPTION_SAME_PROCESS   0

Definition at line 25 of file ksecdd.h.

◆ STATUS_KSEC_INTERNAL_ERROR

#define STATUS_KSEC_INTERNAL_ERROR   ((NTSTATUS)0x80090304)

Definition at line 22 of file ksecdd.h.

Typedef Documentation

◆ AES_KEY

typedef aes_key AES_KEY

Definition at line 19 of file ksecdd.h.

◆ DES3_KEY

typedef des3_key DES3_KEY

Definition at line 20 of file ksecdd.h.

◆ KSEC_CONNECTION_INFO

typedef struct _KSEC_CONNECTION_INFO KSEC_CONNECTION_INFO

◆ KSEC_ENTROPY_DATA

typedef struct _KSEC_ENTROPY_DATA KSEC_ENTROPY_DATA

◆ KSEC_MACHINE_SPECIFIC_COUNTERS

typedef ULONG KSEC_MACHINE_SPECIFIC_COUNTERS

Definition at line 53 of file ksecdd.h.

◆ PAES_KEY

typedef aes_key * PAES_KEY

Definition at line 19 of file ksecdd.h.

◆ PDES3_KEY

typedef des3_key * PDES3_KEY

Definition at line 20 of file ksecdd.h.

◆ PKSEC_ENTROPY_DATA

typedef struct _KSEC_ENTROPY_DATA * PKSEC_ENTROPY_DATA

◆ PKSEC_MACHINE_SPECIFIC_COUNTERS

typedef ULONG * PKSEC_MACHINE_SPECIFIC_COUNTERS

Definition at line 53 of file ksecdd.h.

Function Documentation

◆ KsecDdDispatch()

NTSTATUS NTAPI KsecDdDispatch ( PDEVICE_OBJECT  DeviceObject,
PIRP  Irp 
)

Definition at line 184 of file dispatch.c.

187{
188 PIO_STACK_LOCATION IoStackLocation;
189 ULONG_PTR Information;
190 NTSTATUS Status;
191 PVOID Buffer;
192 SIZE_T InputLength, OutputLength;
193 FILE_INFORMATION_CLASS FileInfoClass;
194 FS_INFORMATION_CLASS FsInfoClass;
195 ULONG IoControlCode;
196
197 IoStackLocation = IoGetCurrentIrpStackLocation(Irp);
198
199 switch (IoStackLocation->MajorFunction)
200 {
201 case IRP_MJ_CREATE:
202 case IRP_MJ_CLOSE:
203
204 /* Just return success */
205 Status = STATUS_SUCCESS;
206 Information = 0;
207 break;
208
209 case IRP_MJ_READ:
210
211 /* There is nothing to read */
212 Status = STATUS_END_OF_FILE;
213 Information = 0;
214 break;
215
216 case IRP_MJ_WRITE:
217
218 /* Pretend to have written everything */
219 Status = STATUS_SUCCESS;
220 Information = IoStackLocation->Parameters.Write.Length;
221 break;
222
223 case IRP_MJ_QUERY_INFORMATION:
224
225 /* Extract the parameters */
226 Buffer = Irp->AssociatedIrp.SystemBuffer;
227 OutputLength = IoStackLocation->Parameters.QueryFile.Length;
228 FileInfoClass = IoStackLocation->Parameters.QueryFile.FileInformationClass;
229
230 /* Call the internal function */
231 Status = KsecQueryFileInformation(Buffer,
232 FileInfoClass,
233 &OutputLength);
234 Information = OutputLength;
235 break;
236
237 case IRP_MJ_QUERY_VOLUME_INFORMATION:
238
239 /* Extract the parameters */
240 Buffer = Irp->AssociatedIrp.SystemBuffer;
241 OutputLength = IoStackLocation->Parameters.QueryVolume.Length;
242 FsInfoClass = IoStackLocation->Parameters.QueryVolume.FsInformationClass;
243
244 /* Call the internal function */
245 Status = KsecQueryVolumeInformation(Buffer,
246 FsInfoClass,
247 &OutputLength);
248 Information = OutputLength;
249 break;
250
251 case IRP_MJ_DEVICE_CONTROL:
252
253 /* Extract the parameters */
254 InputLength = IoStackLocation->Parameters.DeviceIoControl.InputBufferLength;
255 OutputLength = IoStackLocation->Parameters.DeviceIoControl.OutputBufferLength;
256 IoControlCode = IoStackLocation->Parameters.DeviceIoControl.IoControlCode;
257
258 /* Check for METHOD_OUT_DIRECT method */
259 if ((METHOD_FROM_CTL_CODE(IoControlCode) == METHOD_OUT_DIRECT) &&
260 (OutputLength != 0))
261 {
262 /* Use the provided MDL */
263 OutputLength = Irp->MdlAddress->ByteCount;
264 Buffer = MmGetSystemAddressForMdlSafe(Irp->MdlAddress,
265 NormalPagePriority);
266 if (Buffer == NULL)
267 {
268 Status = STATUS_INSUFFICIENT_RESOURCES;
269 Information = 0;
270 break;
271 }
272 }
273 else
274 {
275 /* Otherwise this is METHOD_BUFFERED, use the SystemBuffer */
276 Buffer = Irp->AssociatedIrp.SystemBuffer;
277 }
278
279 /* Call the internal function */
280 Status = KsecDeviceControl(IoControlCode,
281 Buffer,
282 InputLength,
283 &OutputLength);
284 Information = OutputLength;
285 break;
286
287 default:
288 DPRINT1("Unhandled major function %lu!\n",
289 IoStackLocation->MajorFunction);
290 ASSERT(FALSE);
291 return STATUS_INVALID_DEVICE_REQUEST;
292 }
293
294 /* Return the information */
295 Irp->IoStatus.Status = Status;
296 Irp->IoStatus.Information = Information;
297
298 /* Complete the request */
299 IoCompleteRequest(Irp, IO_NO_INCREMENT);
300
301 return Status;
302}
IoGetCurrentIrpStackLocation
static PIO_STACK_LOCATION IoGetCurrentIrpStackLocation(PIRP Irp)
Definition: Bus_PDO_EvalMethod.c:150
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
DPRINT1
#define DPRINT1
Definition: precomp.h:8
Buffer
Definition: bufpool.h:45
Irp
_In_ PIRP Irp
Definition: csq.h:116
NULL
#define NULL
Definition: types.h:112
FALSE
#define FALSE
Definition: types.h:117
KsecDeviceControl
static NTSTATUS KsecDeviceControl(ULONG IoControlCode, PVOID Buffer, SIZE_T InputLength, PSIZE_T OutputLength)
Definition: dispatch.c:87
KsecQueryVolumeInformation
static NTSTATUS KsecQueryVolumeInformation(PVOID InfoBuffer, FS_INFORMATION_CLASS FsInformationClass, PSIZE_T BufferLength)
Definition: dispatch.c:56
KsecQueryFileInformation
static NTSTATUS KsecQueryFileInformation(PVOID InfoBuffer, FILE_INFORMATION_CLASS FileInformationClass, PSIZE_T BufferLength)
Definition: dispatch.c:22
FILE_INFORMATION_CLASS
enum _FILE_INFORMATION_CLASS FILE_INFORMATION_CLASS
Definition: directory.c:44
FS_INFORMATION_CLASS
enum _FSINFOCLASS FS_INFORMATION_CLASS
Status
Status
Definition: gdiplustypes.h:25
ASSERT
#define ASSERT(a)
Definition: mode.c:44
NormalPagePriority
@ NormalPagePriority
Definition: imports.h:54
METHOD_OUT_DIRECT
#define METHOD_OUT_DIRECT
Definition: nt_native.h:596
IoCompleteRequest
#define IoCompleteRequest
Definition: irp.c:1240
IRP_MJ_CLOSE
#define IRP_MJ_CLOSE
Definition: rdpdr.c:45
IRP_MJ_READ
#define IRP_MJ_READ
Definition: rdpdr.c:46
IRP_MJ_DEVICE_CONTROL
#define IRP_MJ_DEVICE_CONTROL
Definition: rdpdr.c:52
IRP_MJ_QUERY_VOLUME_INFORMATION
#define IRP_MJ_QUERY_VOLUME_INFORMATION
Definition: rdpdr.c:50
IRP_MJ_WRITE
#define IRP_MJ_WRITE
Definition: rdpdr.c:47
IRP_MJ_CREATE
#define IRP_MJ_CREATE
Definition: rdpdr.c:44
IRP_MJ_QUERY_INFORMATION
#define IRP_MJ_QUERY_INFORMATION
Definition: rdpdr.c:48
STATUS_END_OF_FILE
#define STATUS_END_OF_FILE
Definition: shellext.h:67
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_IO_STACK_LOCATION
Definition: Bus_PDO_EvalMethod.c:93
_IO_STACK_LOCATION::MajorFunction
UCHAR MajorFunction
Definition: iotypes.h:3111
_IO_STACK_LOCATION::Write
struct _IO_STACK_LOCATION::@4195::@4200 Write
_IO_STACK_LOCATION::QueryFile
struct _IO_STACK_LOCATION::@4195::@4204 QueryFile
_IO_STACK_LOCATION::QueryVolume
struct _IO_STACK_LOCATION::@4195::@4208 QueryVolume
_IO_STACK_LOCATION::DeviceIoControl
struct _IO_STACK_LOCATION::@1701::@1702 DeviceIoControl
_IO_STACK_LOCATION::Parameters
union _IO_STACK_LOCATION::@1701 Parameters
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INVALID_DEVICE_REQUEST
#define STATUS_INVALID_DEVICE_REQUEST
Definition: udferr_usr.h:138
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
IoControlCode
_In_ WDFREQUEST _In_ size_t _In_ size_t _In_ ULONG IoControlCode
Definition: wdfio.h:325
Information
_In_ WDFREQUEST _In_ NTSTATUS _In_ ULONG_PTR Information
Definition: wdfrequest.h:1049
IO_NO_INCREMENT
#define IO_NO_INCREMENT
Definition: iotypes.h:598
METHOD_FROM_CTL_CODE
#define METHOD_FROM_CTL_CODE(ctrlCode)
MmGetSystemAddressForMdlSafe
#define MmGetSystemAddressForMdlSafe(_Mdl, _Priority)

Referenced by DriverEntry().

◆ KsecDecryptMemory()

NTSTATUS NTAPI KsecDecryptMemory ( _Inout_ PVOID  Buffer,
_In_ ULONG  Length,
_In_ ULONG  OptionFlags 
)

Definition at line 328 of file crypt.c.

332{
333 /* Validate parameter */
334 if (OptionFlags > RTL_ENCRYPT_OPTION_SAME_LOGON)
335 {
336 return STATUS_INVALID_PARAMETER;
337 }
338
339 /* Check if the length is not 16 bytes aligned */
340 if (Length & 15)
341 {
342 /* Is it at least 8 bytes aligned? */
343 if (Length & 7)
344 {
345 /* No, we can't deal with it! */
346 return STATUS_INVALID_PARAMETER;
347 }
348
349 /* Use triple DES encryption */
350 KsecDecryptMemoryDes3(Buffer, Length, OptionFlags);
351 }
352 else
353 {
354 /* Use AES encryption */
355 KsecDecryptMemoryAes(Buffer, Length, OptionFlags);
356 }
357
358 return STATUS_SUCCESS;
359}
KsecDecryptMemoryAes
static VOID KsecDecryptMemoryAes(_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
Definition: crypt.c:267
KsecDecryptMemoryDes3
static VOID KsecDecryptMemoryDes3(_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
Definition: crypt.c:215
RTL_ENCRYPT_OPTION_SAME_LOGON
#define RTL_ENCRYPT_OPTION_SAME_LOGON
Definition: ksecdd.h:27
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135

Referenced by KsecDeviceControl().

◆ KsecEncryptMemory()

NTSTATUS NTAPI KsecEncryptMemory ( _Inout_ PVOID  Buffer,
_In_ ULONG  Length,
_In_ ULONG  OptionFlags 
)

Definition at line 293 of file crypt.c.

297{
298 /* Validate parameter */
299 if (OptionFlags > RTL_ENCRYPT_OPTION_SAME_LOGON)
300 {
301 return STATUS_INVALID_PARAMETER;
302 }
303
304 /* Check if the length is not 16 bytes aligned */
305 if (Length & 15)
306 {
307 /* Is it at least 8 bytes aligned? */
308 if (Length & 7)
309 {
310 /* No, we can't deal with it! */
311 return STATUS_INVALID_PARAMETER;
312 }
313
314 /* Use triple DES encryption */
315 KsecEncryptMemoryDes3(Buffer, Length, OptionFlags);
316 }
317 else
318 {
319 /* Use AES encryption */
320 KsecEncryptMemoryAes(Buffer, Length, OptionFlags);
321 }
322
323 return STATUS_SUCCESS;
324}
KsecEncryptMemoryDes3
static VOID KsecEncryptMemoryDes3(_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
Definition: crypt.c:189
KsecEncryptMemoryAes
static VOID KsecEncryptMemoryAes(_Inout_ PVOID Buffer, _In_ ULONG Length, _In_ ULONG OptionFlags)
Definition: crypt.c:241

Referenced by KsecDeviceControl().

◆ KsecGatherEntropyData()

NTSTATUS NTAPI KsecGatherEntropyData ( PKSEC_ENTROPY_DATA  EntropyData)
See also
http://blogs.msdn.com/b/michael_howard/archive/2005/01/14/353379.aspx (DEAD_LINK)

Definition at line 92 of file random.c.

94{
95 MD4_CTX Md4Context;
96 PTEB Teb;
97 PPEB Peb;
98 PWSTR String;
99 ULONG ReturnLength;
100 NTSTATUS Status;
101
102 /* Query some generic values */
103 EntropyData->CurrentProcessId = PsGetCurrentProcessId();
104 EntropyData->CurrentThreadId = PsGetCurrentThreadId();
105 KeQueryTickCount(&EntropyData->TickCount);
106 KeQuerySystemTime(&EntropyData->SystemTime);
107 EntropyData->PerformanceCounter = KeQueryPerformanceCounter(
108 &EntropyData->PerformanceFrequency);
109
110 /* Check if we have a TEB/PEB for the process environment */
111 Teb = PsGetCurrentThread()->Tcb.Teb;
112 if (Teb != NULL)
113 {
114 Peb = Teb->ProcessEnvironmentBlock;
115
116 /* Initialize the MD4 context */
117 MD4Init(&Md4Context);
118 _SEH2_TRY
119 {
120 /* Get the end of the environment */
121 String = Peb->ProcessParameters->Environment;
122 while (*String)
123 {
124 String += wcslen(String) + 1;
125 }
126
127 /* Update the MD4 context from the environment data */
128 MD4Update(&Md4Context,
129 (PUCHAR)Peb->ProcessParameters->Environment,
130 (ULONG)((PUCHAR)String - (PUCHAR)Peb->ProcessParameters->Environment));
131 }
132 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
133 {
134 /* Simply ignore the exception */
135 }
136 _SEH2_END;
137
138 /* Finalize and copy the MD4 hash */
139 MD4Final(&Md4Context);
140 RtlCopyMemory(&EntropyData->EnvironmentHash, Md4Context.digest, 16);
141 }
142
143 /* Read some machine specific hardware counters */
144 KsecReadMachineSpecificCounters(&EntropyData->MachineSpecificCounters);
145
146 /* Query processor performance information */
147 Status = ZwQuerySystemInformation(SystemProcessorPerformanceInformation,
148 &EntropyData->SystemProcessorPerformanceInformation,
149 sizeof(SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION),
150 &ReturnLength);
151 if (!NT_SUCCESS(Status))
152 {
153 return Status;
154 }
155
156 /* Query system performance information */
157 Status = ZwQuerySystemInformation(SystemPerformanceInformation,
158 &EntropyData->SystemPerformanceInformation,
159 sizeof(SYSTEM_PERFORMANCE_INFORMATION),
160 &ReturnLength);
161 if (!NT_SUCCESS(Status))
162 {
163 return Status;
164 }
165
166 /* Query exception information */
167 Status = ZwQuerySystemInformation(SystemExceptionInformation,
168 &EntropyData->SystemExceptionInformation,
169 sizeof(SYSTEM_EXCEPTION_INFORMATION),
170 &ReturnLength);
171 if (!NT_SUCCESS(Status))
172 {
173 return Status;
174 }
175
176 /* Query lookaside information */
177 Status = ZwQuerySystemInformation(SystemLookasideInformation,
178 &EntropyData->SystemLookasideInformation,
179 sizeof(SYSTEM_LOOKASIDE_INFORMATION),
180 &ReturnLength);
181 if (!NT_SUCCESS(Status))
182 {
183 return Status;
184 }
185
186 /* Query interrupt information */
187 Status = ZwQuerySystemInformation(SystemInterruptInformation,
188 &EntropyData->SystemInterruptInformation,
189 sizeof(SYSTEM_INTERRUPT_INFORMATION),
190 &ReturnLength);
191 if (!NT_SUCCESS(Status))
192 {
193 return Status;
194 }
195
196 /* Query process information */
197 Status = ZwQuerySystemInformation(SystemProcessInformation,
198 &EntropyData->SystemProcessInformation,
199 sizeof(SYSTEM_PROCESS_INFORMATION),
200 &ReturnLength);
201 if (!NT_SUCCESS(Status))
202 {
203 return Status;
204 }
205
206 return STATUS_SUCCESS;
207}
ReturnLength
_In_ PVOID _In_ ULONG _Out_ PVOID _In_ ULONG _Inout_ PULONG ReturnLength
Definition: KdSystemDebugControl.c:34
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
Peb
PPEB Peb
Definition: dllmain.c:27
KsecReadMachineSpecificCounters
VOID NTAPI KsecReadMachineSpecificCounters(_Out_ PKSEC_MACHINE_SPECIFIC_COUNTERS MachineSpecificCounters)
Definition: random.c:56
PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
KeQuerySystemTime
#define KeQuerySystemTime(t)
Definition: env_spec_w32.h:570
PsGetCurrentThreadId
PsGetCurrentThreadId
Definition: CrNtStubs.h:8
ZwQuerySystemInformation
NTSYSAPI NTSTATUS NTAPI ZwQuerySystemInformation(IN SYSTEM_INFORMATION_CLASS SystemInfoClass, OUT PVOID SystemInfoBuffer, IN ULONG SystemInfoBufferSize, OUT PULONG BytesReturned OPTIONAL)
SystemExceptionInformation
@ SystemExceptionInformation
Definition: ntddk_ex.h:44
SystemLookasideInformation
@ SystemLookasideInformation
Definition: ntddk_ex.h:60
SystemInterruptInformation
@ SystemInterruptInformation
Definition: ntddk_ex.h:34
SystemProcessInformation
@ SystemProcessInformation
Definition: ntddk_ex.h:16
SystemProcessorPerformanceInformation
@ SystemProcessorPerformanceInformation
Definition: ntddk_ex.h:19
KeQueryPerformanceCounter
LARGE_INTEGER NTAPI KeQueryPerformanceCounter(IN PLARGE_INTEGER PerformanceFreq)
Definition: timer.c:138
MD4Final
VOID WINAPI MD4Final(MD4_CTX *ctx)
Definition: md4.c:113
MD4Update
VOID WINAPI MD4Update(MD4_CTX *ctx, const unsigned char *buf, unsigned int len)
Definition: md4.c:59
MD4Init
VOID WINAPI MD4Init(MD4_CTX *ctx)
Definition: md4.c:45
wcslen
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:90
SystemPerformanceInformation
#define SystemPerformanceInformation
Definition: memtest.h:87
PsGetCurrentProcessId
HANDLE NTAPI PsGetCurrentProcessId(VOID)
Definition: process.c:1123
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:82
_SEH2_END
#define _SEH2_END
Definition: pseh2_64.h:171
_SEH2_TRY
#define _SEH2_TRY
Definition: pseh2_64.h:71
KeQueryTickCount
#define KeQueryTickCount(CurrentCount)
Definition: ke.h:43
MD4_CTX
Definition: util.c:82
MD4_CTX::digest
unsigned char digest[16]
Definition: util.c:86
_KSEC_ENTROPY_DATA::SystemProcessInformation
SYSTEM_PROCESS_INFORMATION SystemProcessInformation
Definition: ksecdd.h:71
_KSEC_ENTROPY_DATA::CurrentProcessId
HANDLE CurrentProcessId
Definition: ksecdd.h:58
_KSEC_ENTROPY_DATA::EnvironmentHash
UCHAR EnvironmentHash[16]
Definition: ksecdd.h:64
_KSEC_ENTROPY_DATA::MachineSpecificCounters
KSEC_MACHINE_SPECIFIC_COUNTERS MachineSpecificCounters
Definition: ksecdd.h:65
_KSEC_ENTROPY_DATA::SystemProcessorPerformanceInformation
SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION SystemProcessorPerformanceInformation
Definition: ksecdd.h:66
_KSEC_ENTROPY_DATA::TickCount
LARGE_INTEGER TickCount
Definition: ksecdd.h:60
_KSEC_ENTROPY_DATA::SystemExceptionInformation
SYSTEM_EXCEPTION_INFORMATION SystemExceptionInformation
Definition: ksecdd.h:68
_KSEC_ENTROPY_DATA::SystemPerformanceInformation
SYSTEM_PERFORMANCE_INFORMATION SystemPerformanceInformation
Definition: ksecdd.h:67
_KSEC_ENTROPY_DATA::PerformanceFrequency
LARGE_INTEGER PerformanceFrequency
Definition: ksecdd.h:63
_KSEC_ENTROPY_DATA::SystemInterruptInformation
SYSTEM_INTERRUPT_INFORMATION SystemInterruptInformation
Definition: ksecdd.h:70
_KSEC_ENTROPY_DATA::CurrentThreadId
HANDLE CurrentThreadId
Definition: ksecdd.h:59
_KSEC_ENTROPY_DATA::SystemTime
LARGE_INTEGER SystemTime
Definition: ksecdd.h:61
_KSEC_ENTROPY_DATA::PerformanceCounter
LARGE_INTEGER PerformanceCounter
Definition: ksecdd.h:62
_KSEC_ENTROPY_DATA::SystemLookasideInformation
SYSTEM_LOOKASIDE_INFORMATION SystemLookasideInformation
Definition: ksecdd.h:69
_PEB
Definition: btrfs_drv.h:1907
_PEB::ProcessParameters
PRTL_USER_PROCESS_PARAMETERS ProcessParameters
Definition: btrfs_drv.h:1913
_RTL_USER_PROCESS_PARAMETERS::Environment
PWSTR Environment
Definition: rtltypes.h:1563
_SYSTEM_EXCEPTION_INFORMATION
Definition: extypes.h:1244
_SYSTEM_INTERRUPT_INFORMATION
Definition: extypes.h:1163
_SYSTEM_LOOKASIDE_INFORMATION
Definition: extypes.h:1338
_SYSTEM_PERFORMANCE_INFORMATION
Definition: memtest.h:10
_SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION
Definition: extypes.h:969
_SYSTEM_PROCESS_INFORMATION
Definition: extypes.h:898
_TEB
Definition: compat.h:836
_TEB::ProcessEnvironmentBlock
PPEB ProcessEnvironmentBlock
Definition: ntddk_ex.h:337
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
PUCHAR
unsigned char * PUCHAR
Definition: typedefs.h:53
String
_Must_inspect_result_ _In_ WDFDEVICE _In_ WDFSTRING String
Definition: wdfdevice.h:2433

Referenced by KsecInitializeEncryptionSupport().

◆ KsecGenRandom()

NTSTATUS NTAPI KsecGenRandom ( PVOID  Buffer,
SIZE_T  Length 
)

Definition at line 26 of file random.c.

29{
30 LARGE_INTEGER TickCount;
31 ULONG i, RandomValue;
32 PULONG P;
33
34 /* Try to generate a more random seed */
35 KeQueryTickCount(&TickCount);
36 KsecRandomSeed ^= _rotl(TickCount.LowPart, (KsecRandomSeed % 23));
37
38 P = Buffer;
39 for (i = 0; i < Length / sizeof(ULONG); i++)
40 {
41 P[i] = RtlRandomEx(&KsecRandomSeed);
42 }
43
44 Length &= (sizeof(ULONG) - 1);
45 if (Length > 0)
46 {
47 RandomValue = RtlRandomEx(&KsecRandomSeed);
48 RtlCopyMemory(&P[i], &RandomValue, Length);
49 }
50
51 return STATUS_SUCCESS;
52}
RtlRandomEx
NTSYSAPI ULONG NTAPI RtlRandomEx(PULONG Seed)
P
#define P(row, col)
KsecRandomSeed
static ULONG KsecRandomSeed
Definition: random.c:19
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_rotl
_Check_return_ unsigned int __cdecl _rotl(_In_ unsigned int _Val, _In_ int _Shift)
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
_LARGE_INTEGER
Definition: typedefs.h:103
_LARGE_INTEGER::LowPart
ULONG LowPart
Definition: typedefs.h:106

Referenced by KsecDeviceControl().

◆ KsecInitializeEncryptionSupport()

VOID NTAPI KsecInitializeEncryptionSupport ( VOID  )

Definition at line 44 of file crypt.c.

46{
47 KSEC_ENTROPY_DATA EntropyData;
48 MD5_CTX Md5Context;
49 UCHAR KeyDataBuffer[32];
50
51 KsecGatherEntropyData(&EntropyData);
52 MD5Init(&Md5Context);
53 MD5Update(&Md5Context, (PVOID)&EntropyData, sizeof(EntropyData));
54 KsecLoadTimeStartMd5s[0] = Md5Context;
55 MD5Final(&Md5Context);
56 RtlCopyMemory(KeyDataBuffer, &Md5Context.digest, 16);
57
58 KsecGatherEntropyData(&EntropyData);
59 Md5Context = KsecLoadTimeStartMd5s[0];
60 MD5Update(&Md5Context, (PVOID)&EntropyData, sizeof(EntropyData));
61 KsecLoadTimeStartMd5s[1] = Md5Context;
62 MD5Final(&Md5Context);
63 RtlCopyMemory(&KeyDataBuffer[16], &Md5Context.digest, 16);
64
65 /* Create the global keys */
66 aes_setup(KeyDataBuffer, 32, 0, &KsecGlobalAesKey);
67 des3_setup(KeyDataBuffer, 24, 0, &KsecGlobalDes3Key);
68
69 /* Erase the temp data */
70 RtlSecureZeroMemory(KeyDataBuffer, sizeof(KeyDataBuffer));
71 RtlSecureZeroMemory(&Md5Context, sizeof(Md5Context));
72}
MD5Update
void WINAPI MD5Update(struct md5_ctx *, const unsigned char *, unsigned int)
MD5Init
void WINAPI MD5Init(struct md5_ctx *)
MD5Final
void WINAPI MD5Final(struct md5_ctx *)
aes_setup
int aes_setup(const unsigned char *key, int keylen, int rounds, aes_key *skey)
Definition: aes.c:937
des3_setup
int des3_setup(const unsigned char *key, int keylen, int num_rounds, des3_key *des3)
Definition: des.c:1432
KsecGlobalAesKey
AES_KEY KsecGlobalAesKey
Definition: crypt.c:15
KsecGlobalDes3Key
DES3_KEY KsecGlobalDes3Key
Definition: crypt.c:14
KsecLoadTimeStartMd5s
MD5_CTX KsecLoadTimeStartMd5s[2]
Definition: crypt.c:13
KsecGatherEntropyData
NTSTATUS NTAPI KsecGatherEntropyData(PKSEC_ENTROPY_DATA EntropyData)
Definition: random.c:92
MD5_CTX
Definition: hmac_md5.h:28
MD5_CTX::digest
unsigned char digest[16]
Definition: hmac_md5.h:32
_KSEC_ENTROPY_DATA
Definition: ksecdd.h:57
RtlSecureZeroMemory
FORCEINLINE PVOID RtlSecureZeroMemory(_Out_writes_bytes_all_(Size) PVOID Pointer, _In_ SIZE_T Size)
Definition: rtlfuncs.h:3142
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

Referenced by DriverEntry().

Variable Documentation

◆ KsecLsaProcess

PEPROCESS KsecLsaProcess
extern

◆ KsecLsaProcessHandle

HANDLE KsecLsaProcessHandle
extern