1 | /*
|
---|
2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
|
---|
3 | *
|
---|
4 | * Copyright 2010 Oracle and/or its affiliates. All rights reserved.
|
---|
5 | *
|
---|
6 | * Oracle and Java are registered trademarks of Oracle and/or its affiliates.
|
---|
7 | * Other names may be trademarks of their respective owners.
|
---|
8 | *
|
---|
9 | * The contents of this file are subject to the terms of either the GNU
|
---|
10 | * General Public License Version 2 only ("GPL") or the Common
|
---|
11 | * Development and Distribution License("CDDL") (collectively, the
|
---|
12 | * "License"). You may not use this file except in compliance with the
|
---|
13 | * License. You can obtain a copy of the License at
|
---|
14 | * http://www.netbeans.org/cddl-gplv2.html
|
---|
15 | * or nbbuild/licenses/CDDL-GPL-2-CP. See the License for the
|
---|
16 | * specific language governing permissions and limitations under the
|
---|
17 | * License. When distributing the software, include this License Header
|
---|
18 | * Notice in each file and include the License file at
|
---|
19 | * nbbuild/licenses/CDDL-GPL-2-CP. Oracle designates this
|
---|
20 | * particular file as subject to the "Classpath" exception as provided
|
---|
21 | * by Oracle in the GPL Version 2 section of the License file that
|
---|
22 | * accompanied this code. If applicable, add the following below the
|
---|
23 | * License Header, with the fields enclosed by brackets [] replaced by
|
---|
24 | * your own identifying information:
|
---|
25 | * "Portions Copyrighted [year] [name of copyright owner]"
|
---|
26 | *
|
---|
27 | * If you wish your version of this file to be governed by only the CDDL
|
---|
28 | * or only the GPL Version 2, indicate your decision by adding
|
---|
29 | * "[Contributor] elects to include this software in this distribution
|
---|
30 | * under the [CDDL or GPL Version 2] license." If you do not indicate a
|
---|
31 | * single choice of license, a recipient has the option to distribute
|
---|
32 | * your version of this file under either the CDDL, the GPL Version 2 or
|
---|
33 | * to extend the choice of license to its licensees as provided above.
|
---|
34 | * However, if you add GPL Version 2 code and therefore, elected the GPL
|
---|
35 | * Version 2 license, then the option applies only if the new code is
|
---|
36 | * made subject to such option by the copyright holder.
|
---|
37 | *
|
---|
38 | * Contributor(s):
|
---|
39 | *
|
---|
40 | * Portions Copyrighted 2009 Sun Microsystems, Inc.
|
---|
41 | */
|
---|
42 |
|
---|
43 | package org.netbeans.modules.keyring.win32;
|
---|
44 |
|
---|
45 | import com.sun.jna.Memory; // NOSONAR
|
---|
46 | import com.sun.jna.Native;
|
---|
47 | import com.sun.jna.Pointer;
|
---|
48 | import com.sun.jna.Structure;
|
---|
49 | import com.sun.jna.WString;
|
---|
50 | import com.sun.jna.win32.StdCallLibrary;
|
---|
51 |
|
---|
52 | import java.util.Arrays;
|
---|
53 | import java.util.List;
|
---|
54 | import java.util.concurrent.Callable;
|
---|
55 | import java.util.logging.Level;
|
---|
56 | import java.util.logging.Logger;
|
---|
57 |
|
---|
58 | import org.netbeans.modules.keyring.utils.Utils;
|
---|
59 | import org.netbeans.modules.keyring.spi.EncryptionProvider;
|
---|
60 |
|
---|
61 | /**
|
---|
62 | * Data protection utility for Microsoft Windows.
|
---|
63 | * XXX org.tmatesoft.svn.core.internal.util.jna.SVNWinCrypt is a possibly more robust implementation
|
---|
64 | * (though it seems to set CRYPTPROTECT_UI_FORBIDDEN which we do not necessarily want).
|
---|
65 | */
|
---|
66 | public class Win32Protect implements EncryptionProvider {
|
---|
67 |
|
---|
68 | private static final Logger LOG = Logger.getLogger(Win32Protect.class.getName());
|
---|
69 |
|
---|
70 | public @Override boolean enabled() {
|
---|
71 | // asssume, we have windows os
|
---|
72 | try {
|
---|
73 | if (CryptLib.INSTANCE == null) {
|
---|
74 | LOG.fine("loadLibrary -> null");
|
---|
75 | return false;
|
---|
76 | }
|
---|
77 | return true;
|
---|
78 | } catch (Throwable t) {
|
---|
79 | LOG.log(Level.FINE, null, t);
|
---|
80 | return false;
|
---|
81 | }
|
---|
82 | }
|
---|
83 |
|
---|
84 | public @Override String id() {
|
---|
85 | return "win32"; // NOI18N
|
---|
86 | }
|
---|
87 |
|
---|
88 | public @Override byte[] encrypt(char[] cleartext) throws Exception {
|
---|
89 | byte[] cleartextB = Utils.chars2Bytes(cleartext);
|
---|
90 | CryptIntegerBlob input = new CryptIntegerBlob();
|
---|
91 | input.store(cleartextB);
|
---|
92 | Arrays.fill(cleartextB, (byte) 0);
|
---|
93 | CryptIntegerBlob output = new CryptIntegerBlob();
|
---|
94 | if (!CryptLib.INSTANCE.CryptProtectData(input, null, null, null, null, 0, output)) {
|
---|
95 | throw new Exception("CryptProtectData failed: " + Native.getLastError());
|
---|
96 | }
|
---|
97 | input.zero();
|
---|
98 | return output.load();
|
---|
99 | }
|
---|
100 |
|
---|
101 | public @Override char[] decrypt(byte[] ciphertext) throws Exception {
|
---|
102 | CryptIntegerBlob input = new CryptIntegerBlob();
|
---|
103 | input.store(ciphertext);
|
---|
104 | CryptIntegerBlob output = new CryptIntegerBlob();
|
---|
105 | if (!CryptLib.INSTANCE.CryptUnprotectData(input, null, null, null, null, 0, output)) {
|
---|
106 | throw new Exception("CryptUnprotectData failed: " + Native.getLastError());
|
---|
107 | }
|
---|
108 | byte[] result = output.load();
|
---|
109 | // XXX gives CCE because not a Memory: output.zero();
|
---|
110 | char[] cleartext = Utils.bytes2Chars(result);
|
---|
111 | Arrays.fill(result, (byte) 0);
|
---|
112 | return cleartext;
|
---|
113 | }
|
---|
114 |
|
---|
115 | public @Override boolean decryptionFailed() {
|
---|
116 | return false; // not much to do about it
|
---|
117 | }
|
---|
118 |
|
---|
119 | public @Override void encryptionChangingCallback(Callable<Void> callback) {}
|
---|
120 |
|
---|
121 | public @Override void encryptionChanged() {
|
---|
122 | assert false;
|
---|
123 | }
|
---|
124 |
|
---|
125 | public @Override void freshKeyring(boolean fresh) {}
|
---|
126 |
|
---|
127 | public interface CryptLib extends StdCallLibrary {
|
---|
128 | CryptLib INSTANCE = Native.load("Crypt32", CryptLib.class); // NOI18N
|
---|
129 | /** @see <a href="http://msdn.microsoft.com/en-us/library/aa380261(VS.85,printer).aspx">Reference</a> */
|
---|
130 | boolean CryptProtectData(
|
---|
131 | CryptIntegerBlob pDataIn,
|
---|
132 | WString szDataDescr,
|
---|
133 | CryptIntegerBlob pOptionalEntropy,
|
---|
134 | Pointer pvReserved,
|
---|
135 | Pointer pPromptStruct,
|
---|
136 | int dwFlags,
|
---|
137 | CryptIntegerBlob pDataOut
|
---|
138 | )/* throws LastErrorException*/;
|
---|
139 | /** @see <a href="http://msdn.microsoft.com/en-us/library/aa380882(VS.85,printer).aspx">Reference</a> */
|
---|
140 | boolean CryptUnprotectData(
|
---|
141 | CryptIntegerBlob pDataIn,
|
---|
142 | WString[] ppszDataDescr,
|
---|
143 | CryptIntegerBlob pOptionalEntropy,
|
---|
144 | Pointer pvReserved,
|
---|
145 | Pointer pPromptStruct,
|
---|
146 | int dwFlags,
|
---|
147 | CryptIntegerBlob pDataOut
|
---|
148 | )/* throws LastErrorException*/;
|
---|
149 | }
|
---|
150 |
|
---|
151 | public static class CryptIntegerBlob extends Structure {
|
---|
152 | public int cbData;
|
---|
153 | public /*byte[]*/Pointer pbData;
|
---|
154 | byte[] load() {
|
---|
155 | return pbData.getByteArray(0, cbData);
|
---|
156 | // XXX how to free pbData? [Kernel32]LocalFree?
|
---|
157 | }
|
---|
158 | void store(byte[] data) {
|
---|
159 | cbData = data.length;
|
---|
160 | pbData = new Memory(data.length);
|
---|
161 | pbData.write(0, data, 0, cbData);
|
---|
162 | }
|
---|
163 | void zero() {
|
---|
164 | ((Memory) pbData).clear();
|
---|
165 | }
|
---|
166 |
|
---|
167 | @Override
|
---|
168 | protected List<String> getFieldOrder() {
|
---|
169 | return Arrays.asList(
|
---|
170 | "cbData",
|
---|
171 | "pbData"
|
---|
172 | );
|
---|
173 | }
|
---|
174 | }
|
---|
175 |
|
---|
176 | }
|
---|