FreeRDP
Loading...
Searching...
No Matches
credssp.c
1
20#include <winpr/config.h>
21
22#include <winpr/crt.h>
23#include <winpr/sspi.h>
24
25#include "credssp.h"
26
27#include "../sspi.h"
28#include "../../log.h"
29
30#define TAG WINPR_TAG("sspi.CredSSP")
31
32static const char* CREDSSP_PACKAGE_NAME = "CredSSP";
33
34static SECURITY_STATUS SEC_ENTRY credssp_InitializeSecurityContextW(
35 WINPR_ATTR_UNUSED PCredHandle phCredential, WINPR_ATTR_UNUSED PCtxtHandle phContext,
36 WINPR_ATTR_UNUSED SEC_WCHAR* pszTargetName, WINPR_ATTR_UNUSED ULONG fContextReq,
37 WINPR_ATTR_UNUSED ULONG Reserved1, WINPR_ATTR_UNUSED ULONG TargetDataRep,
38 WINPR_ATTR_UNUSED PSecBufferDesc pInput, WINPR_ATTR_UNUSED ULONG Reserved2,
39 WINPR_ATTR_UNUSED PCtxtHandle phNewContext, WINPR_ATTR_UNUSED PSecBufferDesc pOutput,
40 WINPR_ATTR_UNUSED PULONG pfContextAttr, WINPR_ATTR_UNUSED PTimeStamp ptsExpiry)
41{
42 WLog_ERR(TAG, "TODO: Implement");
43 return SEC_E_UNSUPPORTED_FUNCTION;
44}
45
46static SECURITY_STATUS SEC_ENTRY credssp_InitializeSecurityContextA(
47 PCredHandle phCredential, PCtxtHandle phContext, WINPR_ATTR_UNUSED SEC_CHAR* pszTargetName,
48 WINPR_ATTR_UNUSED ULONG fContextReq, WINPR_ATTR_UNUSED ULONG Reserved1,
49 WINPR_ATTR_UNUSED ULONG TargetDataRep, WINPR_ATTR_UNUSED PSecBufferDesc pInput,
50 WINPR_ATTR_UNUSED ULONG Reserved2, PCtxtHandle phNewContext,
51 WINPR_ATTR_UNUSED PSecBufferDesc pOutput, WINPR_ATTR_UNUSED PULONG pfContextAttr,
52 WINPR_ATTR_UNUSED PTimeStamp ptsExpiry)
53{
54 CREDSSP_CONTEXT* context = NULL;
55 SSPI_CREDENTIALS* credentials = NULL;
56
57 /* behave like windows SSPIs that don't want empty context */
58 if (phContext && !phContext->dwLower && !phContext->dwUpper)
59 return SEC_E_INVALID_HANDLE;
60
61 context = (CREDSSP_CONTEXT*)sspi_SecureHandleGetLowerPointer(phContext);
62
63 if (!context)
64 {
65 union
66 {
67 const void* cpv;
68 void* pv;
69 } cnv;
70 context = credssp_ContextNew();
71
72 if (!context)
73 return SEC_E_INSUFFICIENT_MEMORY;
74
75 credentials = (SSPI_CREDENTIALS*)sspi_SecureHandleGetLowerPointer(phCredential);
76
77 if (!credentials)
78 {
79 credssp_ContextFree(context);
80 return SEC_E_INVALID_HANDLE;
81 }
82
83 sspi_SecureHandleSetLowerPointer(phNewContext, context);
84
85 cnv.cpv = CREDSSP_PACKAGE_NAME;
86 sspi_SecureHandleSetUpperPointer(phNewContext, cnv.pv);
87 }
88
89 return SEC_E_OK;
90}
91
92CREDSSP_CONTEXT* credssp_ContextNew(void)
93{
94 CREDSSP_CONTEXT* context = NULL;
95 context = (CREDSSP_CONTEXT*)calloc(1, sizeof(CREDSSP_CONTEXT));
96
97 if (!context)
98 return NULL;
99
100 return context;
101}
102
103void credssp_ContextFree(CREDSSP_CONTEXT* context)
104{
105 free(context);
106}
107
108static SECURITY_STATUS SEC_ENTRY credssp_QueryContextAttributes(PCtxtHandle phContext,
109 WINPR_ATTR_UNUSED ULONG ulAttribute,
110 void* pBuffer)
111{
112 if (!phContext)
113 return SEC_E_INVALID_HANDLE;
114
115 if (!pBuffer)
116 return SEC_E_INSUFFICIENT_MEMORY;
117
118 WLog_ERR(TAG, "TODO: Implement");
119 return SEC_E_UNSUPPORTED_FUNCTION;
120}
121
122static SECURITY_STATUS SEC_ENTRY credssp_AcquireCredentialsHandleW(
123 WINPR_ATTR_UNUSED SEC_WCHAR* pszPrincipal, WINPR_ATTR_UNUSED SEC_WCHAR* pszPackage,
124 WINPR_ATTR_UNUSED ULONG fCredentialUse, WINPR_ATTR_UNUSED void* pvLogonID,
125 WINPR_ATTR_UNUSED void* pAuthData, WINPR_ATTR_UNUSED SEC_GET_KEY_FN pGetKeyFn,
126 WINPR_ATTR_UNUSED void* pvGetKeyArgument, WINPR_ATTR_UNUSED PCredHandle phCredential,
127 WINPR_ATTR_UNUSED PTimeStamp ptsExpiry)
128{
129 WLog_ERR(TAG, "TODO: Implement");
130 return SEC_E_UNSUPPORTED_FUNCTION;
131}
132
133static SECURITY_STATUS SEC_ENTRY credssp_AcquireCredentialsHandleA(
134 WINPR_ATTR_UNUSED SEC_CHAR* pszPrincipal, WINPR_ATTR_UNUSED SEC_CHAR* pszPackage,
135 WINPR_ATTR_UNUSED ULONG fCredentialUse, WINPR_ATTR_UNUSED void* pvLogonID,
136 WINPR_ATTR_UNUSED void* pAuthData, WINPR_ATTR_UNUSED SEC_GET_KEY_FN pGetKeyFn,
137 WINPR_ATTR_UNUSED void* pvGetKeyArgument, WINPR_ATTR_UNUSED PCredHandle phCredential,
138 WINPR_ATTR_UNUSED PTimeStamp ptsExpiry)
139{
140 SSPI_CREDENTIALS* credentials = NULL;
141 SEC_WINNT_AUTH_IDENTITY* identity = NULL;
142
143 if (fCredentialUse == SECPKG_CRED_OUTBOUND)
144 {
145 union
146 {
147 const void* cpv;
148 void* pv;
149 } cnv;
150 credentials = sspi_CredentialsNew();
151
152 if (!credentials)
153 return SEC_E_INSUFFICIENT_MEMORY;
154
155 identity = (SEC_WINNT_AUTH_IDENTITY*)pAuthData;
156 CopyMemory(&(credentials->identity), identity, sizeof(SEC_WINNT_AUTH_IDENTITY));
157 sspi_SecureHandleSetLowerPointer(phCredential, (void*)credentials);
158
159 cnv.cpv = CREDSSP_PACKAGE_NAME;
160 sspi_SecureHandleSetUpperPointer(phCredential, cnv.pv);
161 return SEC_E_OK;
162 }
163
164 WLog_ERR(TAG, "TODO: Implement");
165 return SEC_E_UNSUPPORTED_FUNCTION;
166}
167
168static SECURITY_STATUS SEC_ENTRY credssp_QueryCredentialsAttributesW(
169 WINPR_ATTR_UNUSED PCredHandle phCredential, WINPR_ATTR_UNUSED ULONG ulAttribute,
170 WINPR_ATTR_UNUSED void* pBuffer)
171{
172 WLog_ERR(TAG, "TODO: Implement");
173 return SEC_E_UNSUPPORTED_FUNCTION;
174}
175
176static SECURITY_STATUS SEC_ENTRY credssp_QueryCredentialsAttributesA(
177 WINPR_ATTR_UNUSED PCredHandle phCredential, WINPR_ATTR_UNUSED ULONG ulAttribute,
178 WINPR_ATTR_UNUSED void* pBuffer)
179{
180 if (ulAttribute == SECPKG_CRED_ATTR_NAMES)
181 {
182 SSPI_CREDENTIALS* credentials =
183 (SSPI_CREDENTIALS*)sspi_SecureHandleGetLowerPointer(phCredential);
184
185 if (!credentials)
186 return SEC_E_INVALID_HANDLE;
187
188 return SEC_E_OK;
189 }
190
191 WLog_ERR(TAG, "TODO: Implement");
192 return SEC_E_UNSUPPORTED_FUNCTION;
193}
194
195static SECURITY_STATUS SEC_ENTRY credssp_FreeCredentialsHandle(PCredHandle phCredential)
196{
197 SSPI_CREDENTIALS* credentials = NULL;
198
199 if (!phCredential)
200 return SEC_E_INVALID_HANDLE;
201
202 credentials = (SSPI_CREDENTIALS*)sspi_SecureHandleGetLowerPointer(phCredential);
203
204 if (!credentials)
205 return SEC_E_INVALID_HANDLE;
206
207 sspi_CredentialsFree(credentials);
208 return SEC_E_OK;
209}
210
211static SECURITY_STATUS SEC_ENTRY credssp_EncryptMessage(WINPR_ATTR_UNUSED PCtxtHandle phContext,
212 WINPR_ATTR_UNUSED ULONG fQOP,
213 WINPR_ATTR_UNUSED PSecBufferDesc pMessage,
214 WINPR_ATTR_UNUSED ULONG MessageSeqNo)
215{
216 WLog_ERR(TAG, "TODO: Implement");
217 return SEC_E_UNSUPPORTED_FUNCTION;
218}
219
220static SECURITY_STATUS SEC_ENTRY credssp_DecryptMessage(WINPR_ATTR_UNUSED PCtxtHandle phContext,
221 WINPR_ATTR_UNUSED PSecBufferDesc pMessage,
222 WINPR_ATTR_UNUSED ULONG MessageSeqNo,
223 WINPR_ATTR_UNUSED ULONG* pfQOP)
224{
225 WLog_ERR(TAG, "TODO: Implement");
226 return SEC_E_UNSUPPORTED_FUNCTION;
227}
228
229static SECURITY_STATUS SEC_ENTRY credssp_MakeSignature(WINPR_ATTR_UNUSED PCtxtHandle phContext,
230 WINPR_ATTR_UNUSED ULONG fQOP,
231 WINPR_ATTR_UNUSED PSecBufferDesc pMessage,
232 WINPR_ATTR_UNUSED ULONG MessageSeqNo)
233{
234 WLog_ERR(TAG, "TODO: Implement");
235 return SEC_E_UNSUPPORTED_FUNCTION;
236}
237
238static SECURITY_STATUS SEC_ENTRY credssp_VerifySignature(WINPR_ATTR_UNUSED PCtxtHandle phContext,
239 WINPR_ATTR_UNUSED PSecBufferDesc pMessage,
240 WINPR_ATTR_UNUSED ULONG MessageSeqNo,
241 WINPR_ATTR_UNUSED ULONG* pfQOP)
242{
243 WLog_ERR(TAG, "TODO: Implement");
244 return SEC_E_UNSUPPORTED_FUNCTION;
245}
246
247const SecurityFunctionTableA CREDSSP_SecurityFunctionTableA = {
248 3, /* dwVersion */
249 NULL, /* EnumerateSecurityPackages */
250 credssp_QueryCredentialsAttributesA, /* QueryCredentialsAttributes */
251 credssp_AcquireCredentialsHandleA, /* AcquireCredentialsHandle */
252 credssp_FreeCredentialsHandle, /* FreeCredentialsHandle */
253 NULL, /* Reserved2 */
254 credssp_InitializeSecurityContextA, /* InitializeSecurityContext */
255 NULL, /* AcceptSecurityContext */
256 NULL, /* CompleteAuthToken */
257 NULL, /* DeleteSecurityContext */
258 NULL, /* ApplyControlToken */
259 credssp_QueryContextAttributes, /* QueryContextAttributes */
260 NULL, /* ImpersonateSecurityContext */
261 NULL, /* RevertSecurityContext */
262 credssp_MakeSignature, /* MakeSignature */
263 credssp_VerifySignature, /* VerifySignature */
264 NULL, /* FreeContextBuffer */
265 NULL, /* QuerySecurityPackageInfo */
266 NULL, /* Reserved3 */
267 NULL, /* Reserved4 */
268 NULL, /* ExportSecurityContext */
269 NULL, /* ImportSecurityContext */
270 NULL, /* AddCredentials */
271 NULL, /* Reserved8 */
272 NULL, /* QuerySecurityContextToken */
273 credssp_EncryptMessage, /* EncryptMessage */
274 credssp_DecryptMessage, /* DecryptMessage */
275 NULL, /* SetContextAttributes */
276 NULL, /* SetCredentialsAttributes */
277};
278
279const SecurityFunctionTableW CREDSSP_SecurityFunctionTableW = {
280 3, /* dwVersion */
281 NULL, /* EnumerateSecurityPackages */
282 credssp_QueryCredentialsAttributesW, /* QueryCredentialsAttributes */
283 credssp_AcquireCredentialsHandleW, /* AcquireCredentialsHandle */
284 credssp_FreeCredentialsHandle, /* FreeCredentialsHandle */
285 NULL, /* Reserved2 */
286 credssp_InitializeSecurityContextW, /* InitializeSecurityContext */
287 NULL, /* AcceptSecurityContext */
288 NULL, /* CompleteAuthToken */
289 NULL, /* DeleteSecurityContext */
290 NULL, /* ApplyControlToken */
291 credssp_QueryContextAttributes, /* QueryContextAttributes */
292 NULL, /* ImpersonateSecurityContext */
293 NULL, /* RevertSecurityContext */
294 credssp_MakeSignature, /* MakeSignature */
295 credssp_VerifySignature, /* VerifySignature */
296 NULL, /* FreeContextBuffer */
297 NULL, /* QuerySecurityPackageInfo */
298 NULL, /* Reserved3 */
299 NULL, /* Reserved4 */
300 NULL, /* ExportSecurityContext */
301 NULL, /* ImportSecurityContext */
302 NULL, /* AddCredentials */
303 NULL, /* Reserved8 */
304 NULL, /* QuerySecurityContextToken */
305 credssp_EncryptMessage, /* EncryptMessage */
306 credssp_DecryptMessage, /* DecryptMessage */
307 NULL, /* SetContextAttributes */
308 NULL, /* SetCredentialsAttributes */
309};
310
311const SecPkgInfoA CREDSSP_SecPkgInfoA = {
312 0x000110733, /* fCapabilities */
313 1, /* wVersion */
314 0xFFFF, /* wRPCID */
315 0x000090A8, /* cbMaxToken */
316 "CREDSSP", /* Name */
317 "Microsoft CredSSP Security Provider" /* Comment */
318};
319
320static WCHAR CREDSSP_SecPkgInfoW_NameBuffer[128] = { 0 };
321static WCHAR CREDSSP_SecPkgInfoW_CommentBuffer[128] = { 0 };
322
323const SecPkgInfoW CREDSSP_SecPkgInfoW = {
324 0x000110733, /* fCapabilities */
325 1, /* wVersion */
326 0xFFFF, /* wRPCID */
327 0x000090A8, /* cbMaxToken */
328 CREDSSP_SecPkgInfoW_NameBuffer, /* Name */
329 CREDSSP_SecPkgInfoW_CommentBuffer /* Comment */
330};
331
332BOOL CREDSSP_init(void)
333{
334 InitializeConstWCharFromUtf8(CREDSSP_SecPkgInfoA.Name, CREDSSP_SecPkgInfoW_NameBuffer,
335 ARRAYSIZE(CREDSSP_SecPkgInfoW_NameBuffer));
336 InitializeConstWCharFromUtf8(CREDSSP_SecPkgInfoA.Comment, CREDSSP_SecPkgInfoW_CommentBuffer,
337 ARRAYSIZE(CREDSSP_SecPkgInfoW_CommentBuffer));
338 return TRUE;
339}
CREDSSP_CONTEXT
Definition credssp.h:28
SECURITY_INTEGER
Definition include/winpr/sspi.h:51
SSPI_CREDENTIALS
Definition libwinpr/sspi/sspi.h:32