system/wine
system/wine
1
0
Fork 0
mirror of git://source.winehq.org/git/wine.git synced 2024-10-01 23:00:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

bcrypt: Pass GNUTLS_VERIFY_ALLOW_BROKEN to gnutls_pubkey_verify_hash2().

Browse source
This commit is contained in:
Paul Gofman 2023-06-29 19:19:02 -06:00 committed by Alexandre Julliard
parent 650fe1fd78
commit 9af055170e
2 changed files with 19 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
dlls/bcrypt/gnutls.c
View file

@ -1714,6 +1714,11 @@ static NTSTATUS pubkey_set_rsa_pss_params( gnutls_pubkey_t key, gnutls_digest_al
static NTSTATUS key_asymmetric_verify( void *args )
{
#ifdef GNUTLS_VERIFY_ALLOW_BROKEN
static const unsigned int verify_flags = GNUTLS_VERIFY_ALLOW_BROKEN;
#else
static const unsigned int verify_flags = 0;
#endif
const struct key_asymmetric_verify_params *params = args;
struct key *key = params->key;
unsigned flags = params->flags;
@ -1806,8 +1811,8 @@ static NTSTATUS key_asymmetric_verify( void *args )
gnutls_hash.data = params->hash;
gnutls_hash.size = params->hash_len;
ret = pgnutls_pubkey_verify_hash2( key_data(key)->a.pubkey, sign_alg, 0, &gnutls_hash, &gnutls_signature );
ret = pgnutls_pubkey_verify_hash2( key_data(key)->a.pubkey, sign_alg, verify_flags, &gnutls_hash, &gnutls_signature );
if (gnutls_signature.data != params->signature) free( gnutls_signature.data );
return (ret < 0) ? STATUS_INVALID_SIGNATURE : STATUS_SUCCESS;
}

13
dlls/bcrypt/tests/bcrypt.c
View file

@ -2583,12 +2583,25 @@ static void test_RSA(void)
ret = BCryptSetProperty(key, BCRYPT_KEY_LENGTH, (UCHAR *)&keylen, sizeof(keylen), 0);
ok(ret == STATUS_SUCCESS, "got %#lx\n", ret);
pad.pszAlgId = BCRYPT_MD5_ALGORITHM;
memset(sig, 0, sizeof(sig));
len = 0;
ret = BCryptSignHash(key, &pad, hash, 16, sig, sizeof(sig), &len, BCRYPT_PAD_PKCS1);
ok(!ret, "got %#lx\n", ret);
ok(len == 256, "got %lu\n", len);
pad.pszAlgId = BCRYPT_MD5_ALGORITHM;
ret = BCryptVerifySignature(key, &pad, hash, 16, sig, len, BCRYPT_PAD_PKCS1);
ok(!ret, "BCryptVerifySignature failed: %#lx\n", ret);
pad.pszAlgId = BCRYPT_SHA1_ALGORITHM;
memset(sig, 0, sizeof(sig));
len = 0;
ret = BCryptSignHash(key, &pad, hash, sizeof(hash), sig, sizeof(sig), &len, BCRYPT_PAD_PKCS1);
ok(!ret, "got %#lx\n", ret);
ok(len == 256, "got %lu\n", len);
pad.pszAlgId = BCRYPT_SHA1_ALGORITHM;
ret = BCryptVerifySignature(key, &pad, hash, sizeof(hash), sig, len, BCRYPT_PAD_PKCS1);
ok(!ret, "BCryptVerifySignature failed: %#lx\n", ret);
pad_pss.pszAlgId = BCRYPT_SHA384_ALGORITHM;
pad_pss.cbSalt = 48;