system/wine
system/wine
1
0
Fork 0
mirror of git://source.winehq.org/git/wine.git synced 2024-09-06 21:29:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

ncrypt: Make use of bcrypt for low level cryptography.

Browse source 
Signed-off-by: Santino Mazza <mazzasantino1206@gmail.com>
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Santino Mazza 2022-03-08 11:10:55 +01:00 committed by Alexandre Julliard
parent bae287a1aa
commit e679b7413e
3 changed files with 37 additions and 91 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
dlls/ncrypt/Makefile.in
View file

@ -1,5 +1,6 @@
IMPORTLIB = ncrypt IMPORTLIB = ncrypt
MODULE = ncrypt.dll MODULE = ncrypt.dll
IMPORTS = bcrypt
EXTRADLLFLAGS = -Wb,--prefer-native EXTRADLLFLAGS = -Wb,--prefer-native

99
dlls/ncrypt/main.c
View file

@ -88,21 +88,9 @@ SECURITY_STATUS WINAPI NCryptFreeBuffer(PVOID buf)
static SECURITY_STATUS free_key_object(struct key *key) static SECURITY_STATUS free_key_object(struct key *key)
{ {
switch (key->alg) NTSTATUS ret = BCryptDestroyKey(key->bcrypt_key);
{ if (BCryptCloseAlgorithmProvider(key->bcrypt_alg, 0)) return NTE_INVALID_HANDLE;
case RSA: return ret ? NTE_INVALID_HANDLE : ERROR_SUCCESS;
{
free(key->rsa.modulus);
free(key->rsa.public_exp);
free(key->rsa.prime1);
free(key->rsa.prime2);
break;
}
default:
WARN("invalid key %p\n", key);
return NTE_INVALID_HANDLE;
}
return ERROR_SUCCESS;
} }
SECURITY_STATUS WINAPI NCryptFreeObject(NCRYPT_HANDLE handle) SECURITY_STATUS WINAPI NCryptFreeObject(NCRYPT_HANDLE handle)
@ -246,8 +234,9 @@ SECURITY_STATUS WINAPI NCryptImportKey(NCRYPT_PROV_HANDLE provider, NCRYPT_KEY_H
BYTE *data, DWORD datasize, DWORD flags) BYTE *data, DWORD datasize, DWORD flags)
{ {
BCRYPT_KEY_BLOB *header = (BCRYPT_KEY_BLOB *)data; BCRYPT_KEY_BLOB *header = (BCRYPT_KEY_BLOB *)data;
struct object *object;
TRACE("(%#Ix, %#Ix, %s, %p, %p, %p, %lu, %#lx): stub\n", provider, decrypt_key, wine_dbgstr_w(type), TRACE("(%#Ix, %#Ix, %s, %p, %p, %p, %lu, %#lx)\n", provider, decrypt_key, wine_dbgstr_w(type),
params, handle, data, datasize, flags); params, handle, data, datasize, flags);
if (decrypt_key) if (decrypt_key)
@ -270,70 +259,48 @@ SECURITY_STATUS WINAPI NCryptImportKey(NCRYPT_PROV_HANDLE provider, NCRYPT_KEY_H
return NTE_BAD_FLAGS; return NTE_BAD_FLAGS;
} }
switch (header->Magic) if (!(object = allocate_object(KEY)))
{ {
ERR("Error allocating memory\n");
return NTE_NO_MEMORY;
}
switch(header->Magic)
{
case BCRYPT_RSAFULLPRIVATE_MAGIC:
case BCRYPT_RSAPRIVATE_MAGIC:
case BCRYPT_RSAPUBLIC_MAGIC: case BCRYPT_RSAPUBLIC_MAGIC:
{ {
DWORD expected_size; NTSTATUS ret;
struct object *object; BCRYPT_RSAKEY_BLOB *rsablob = (BCRYPT_RSAKEY_BLOB *)data;
struct key *key; ret = BCryptOpenAlgorithmProvider(&object->key.bcrypt_alg, BCRYPT_RSA_ALGORITHM, NULL, 0);
BYTE *public_exp, *modulus; if (ret != ERROR_SUCCESS)
BCRYPT_RSAKEY_BLOB *rsaheader = (BCRYPT_RSAKEY_BLOB *)data;
if (datasize < sizeof(*rsaheader))
{ {
ERR("Invalid buffer size.\n"); ERR("Error opening algorithm provider\n");
free(object);
return NTE_INTERNAL_ERROR;
}
ret = BCryptImportKeyPair(object->key.bcrypt_alg, NULL, type, &object->key.bcrypt_key, data, datasize, 0);
if (ret != ERROR_SUCCESS)
{
WARN("Error importing key pair with bcrypt %#lx\n", ret);
BCryptCloseAlgorithmProvider(object->key.bcrypt_alg, 0);
free(object);
return NTE_BAD_DATA; return NTE_BAD_DATA;
} }
expected_size = sizeof(*rsaheader) + rsaheader->cbPublicExp + rsaheader->cbModulus;
if (datasize != expected_size)
{
ERR("Invalid buffer size.\n");
return NTE_BAD_DATA;
}
if (!(object = allocate_object(KEY)))
{
ERR("Error allocating memory.\n");
return NTE_NO_MEMORY;
}
key = &object->key;
key->alg = RSA;
key->rsa.bit_length = rsaheader->BitLength;
key->rsa.public_exp_size = rsaheader->cbPublicExp;
key->rsa.modulus_size = rsaheader->cbModulus;
if (!(key->rsa.public_exp = malloc(rsaheader->cbPublicExp)))
{
ERR("Error allocating memory.\n");
free(object);
return NTE_NO_MEMORY;
}
if (!(key->rsa.modulus = malloc(rsaheader->cbModulus)))
{
ERR("Error allocating memory.\n");
free(key->rsa.public_exp);
free(object);
return NTE_NO_MEMORY;
}
public_exp = &data[sizeof(*rsaheader)]; /* The public exp is after the header. */
modulus = &public_exp[rsaheader->cbPublicExp]; /* The modulus is after the public exponent. */
memcpy(key->rsa.public_exp, public_exp, rsaheader->cbPublicExp);
memcpy(key->rsa.modulus, modulus, rsaheader->cbModulus);
set_object_property(object, NCRYPT_ALGORITHM_GROUP_PROPERTY, (BYTE *)L"RSA", sizeof(L"RSA"));
set_object_property(object, NCRYPT_LENGTH_PROPERTY, (BYTE *)&key->rsa.bit_length, sizeof(key->rsa.bit_length));
set_object_property(object, NCRYPT_PROVIDER_HANDLE_PROPERTY, (BYTE *)&provider, sizeof(provider)); set_object_property(object, NCRYPT_PROVIDER_HANDLE_PROPERTY, (BYTE *)&provider, sizeof(provider));
*handle = (NCRYPT_KEY_HANDLE)object; set_object_property(object, NCRYPT_ALGORITHM_GROUP_PROPERTY, (BYTE *)BCRYPT_RSA_ALGORITHM, sizeof(BCRYPT_RSA_ALGORITHM));
set_object_property(object, NCRYPT_LENGTH_PROPERTY, (BYTE *)&rsablob->BitLength, sizeof(rsablob->BitLength));
break; break;
} }
default: default:
FIXME("Unhandled key magic %#lx.\n", header->Magic); FIXME("Unhandled key magic %#lx\n", header->Magic);
free(object);
return NTE_INVALID_PARAMETER; return NTE_INVALID_PARAMETER;
} }
*handle = (NCRYPT_KEY_HANDLE)object;
return ERROR_SUCCESS; return ERROR_SUCCESS;
} }

28
dlls/ncrypt/ncrypt_internal.h
View file

@ -16,34 +16,12 @@
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*/ */
enum key_algorithm #include <bcrypt.h>
{
DH,
DSA,
ECC,
RSA,
};
struct rsa_key
{
DWORD bit_length;
DWORD public_exp_size;
BYTE *public_exp;
DWORD modulus_size;
BYTE *modulus;
DWORD prime1_size;
BYTE *prime1;
DWORD prime2_size;
BYTE *prime2;
};
struct key struct key
{ {
enum key_algorithm alg; BCRYPT_ALG_HANDLE bcrypt_alg;
union BCRYPT_KEY_HANDLE bcrypt_key;
{
struct rsa_key rsa;
};
}; };
struct storage_provider struct storage_provider