search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bcrypt: Implement BCryptGetProperty for BCRYPT_AUTH_TAG_LENGTH.
[wine.git] / dlls / bcrypt / bcrypt_main.c
blobfa80318f28f40472baed0908cca8c5a8a9f8d2b4
1 /*
2 * Copyright 2009 Henri Verbeet for CodeWeavers
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 *
18 */
19
20 #include "config.h"
21 #include "wine/port.h"
22
23 #include <stdarg.h>
24 #ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H
25 #include <AvailabilityMacros.h>
26 #include <CommonCrypto/CommonCryptor.h>
27 #elif defined(HAVE_GNUTLS_CIPHER_INIT)
28 #include <gnutls/gnutls.h>
29 #include <gnutls/crypto.h>
30 #endif
31
32 #include "ntstatus.h"
33 #define WIN32_NO_STATUS
34 #include "windef.h"
35 #include "winbase.h"
36 #include "ntsecapi.h"
37 #include "bcrypt.h"
38
39 #include "bcrypt_internal.h"
40
41 #include "wine/debug.h"
42 #include "wine/heap.h"
43 #include "wine/library.h"
44 #include "wine/unicode.h"
45
46 WINE_DEFAULT_DEBUG_CHANNEL(bcrypt);
47
48 static HINSTANCE instance;
49
50 #if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
51 WINE_DECLARE_DEBUG_CHANNEL(winediag);
52
53 static void *libgnutls_handle;
54 #define MAKE_FUNCPTR(f) static typeof(f) * p##f
55 MAKE_FUNCPTR(gnutls_cipher_decrypt2);
56 MAKE_FUNCPTR(gnutls_cipher_deinit);
57 MAKE_FUNCPTR(gnutls_cipher_encrypt2);
58 MAKE_FUNCPTR(gnutls_cipher_init);
59 MAKE_FUNCPTR(gnutls_global_deinit);
60 MAKE_FUNCPTR(gnutls_global_init);
61 MAKE_FUNCPTR(gnutls_global_set_log_function);
62 MAKE_FUNCPTR(gnutls_global_set_log_level);
63 MAKE_FUNCPTR(gnutls_perror);
64 #undef MAKE_FUNCPTR
65
66 static void gnutls_log( int level, const char *msg )
67 {
68 TRACE( "<%d> %s", level, msg );
69 }
70
71 static BOOL gnutls_initialize(void)
72 {
73 int ret;
74
75 if (!(libgnutls_handle = wine_dlopen( SONAME_LIBGNUTLS, RTLD_NOW, NULL, 0 )))
76 {
77 ERR_(winediag)( "failed to load libgnutls, no support for encryption\n" );
78 return FALSE;
79 }
80
81 #define LOAD_FUNCPTR(f) \
82 if (!(p##f = wine_dlsym( libgnutls_handle, #f, NULL, 0 ))) \
83 { \
84 ERR( "failed to load %s\n", #f ); \
85 goto fail; \
86 }
87
88 LOAD_FUNCPTR(gnutls_cipher_decrypt2)
89 LOAD_FUNCPTR(gnutls_cipher_deinit)
90 LOAD_FUNCPTR(gnutls_cipher_encrypt2)
91 LOAD_FUNCPTR(gnutls_cipher_init)
92 LOAD_FUNCPTR(gnutls_global_deinit)
93 LOAD_FUNCPTR(gnutls_global_init)
94 LOAD_FUNCPTR(gnutls_global_set_log_function)
95 LOAD_FUNCPTR(gnutls_global_set_log_level)
96 LOAD_FUNCPTR(gnutls_perror)
97 #undef LOAD_FUNCPTR
98
99 if ((ret = pgnutls_global_init()) != GNUTLS_E_SUCCESS)
100 {
101 pgnutls_perror( ret );
102 goto fail;
103 }
104
105 if (TRACE_ON( bcrypt ))
106 {
107 pgnutls_global_set_log_level( 4 );
108 pgnutls_global_set_log_function( gnutls_log );
109 }
110
111 return TRUE;
112
113 fail:
114 wine_dlclose( libgnutls_handle, NULL, 0 );
115 libgnutls_handle = NULL;
116 return FALSE;
117 }
118
119 static void gnutls_uninitialize(void)
120 {
121 pgnutls_global_deinit();
122 wine_dlclose( libgnutls_handle, NULL, 0 );
123 libgnutls_handle = NULL;
124 }
125 #endif /* HAVE_GNUTLS_CIPHER_INIT && !HAVE_COMMONCRYPTO_COMMONCRYPTOR_H */
126
127 NTSTATUS WINAPI BCryptAddContextFunction(ULONG table, LPCWSTR context, ULONG iface, LPCWSTR function, ULONG pos)
128 {
129 FIXME("%08x, %s, %08x, %s, %u: stub\n", table, debugstr_w(context), iface, debugstr_w(function), pos);
130 return STATUS_SUCCESS;
131 }
132
133 NTSTATUS WINAPI BCryptAddContextFunctionProvider(ULONG table, LPCWSTR context, ULONG iface, LPCWSTR function, LPCWSTR provider, ULONG pos)
134 {
135 FIXME("%08x, %s, %08x, %s, %s, %u: stub\n", table, debugstr_w(context), iface, debugstr_w(function), debugstr_w(provider), pos);
136 return STATUS_SUCCESS;
137 }
138
139 NTSTATUS WINAPI BCryptRemoveContextFunction(ULONG table, LPCWSTR context, ULONG iface, LPCWSTR function)
140 {
141 FIXME("%08x, %s, %08x, %s: stub\n", table, debugstr_w(context), iface, debugstr_w(function));
142 return STATUS_NOT_IMPLEMENTED;
143 }
144
145 NTSTATUS WINAPI BCryptRemoveContextFunctionProvider(ULONG table, LPCWSTR context, ULONG iface, LPCWSTR function, LPCWSTR provider)
146 {
147 FIXME("%08x, %s, %08x, %s, %s: stub\n", table, debugstr_w(context), iface, debugstr_w(function), debugstr_w(provider));
148 return STATUS_NOT_IMPLEMENTED;
149 }
150
151 NTSTATUS WINAPI BCryptRegisterProvider(LPCWSTR provider, ULONG flags, PCRYPT_PROVIDER_REG reg)
152 {
153 FIXME("%s, %08x, %p: stub\n", debugstr_w(provider), flags, reg);
154 return STATUS_SUCCESS;
155 }
156
157 NTSTATUS WINAPI BCryptUnregisterProvider(LPCWSTR provider)
158 {
159 FIXME("%s: stub\n", debugstr_w(provider));
160 return STATUS_NOT_IMPLEMENTED;
161 }
162
163 NTSTATUS WINAPI BCryptEnumAlgorithms(ULONG dwAlgOperations, ULONG *pAlgCount,
164 BCRYPT_ALGORITHM_IDENTIFIER **ppAlgList, ULONG dwFlags)
165 {
166 FIXME("%08x, %p, %p, %08x - stub\n", dwAlgOperations, pAlgCount, ppAlgList, dwFlags);
167
168 *ppAlgList=NULL;
169 *pAlgCount=0;
170
171 return STATUS_NOT_IMPLEMENTED;
172 }
173
174 #define MAGIC_ALG (('A' << 24) | ('L' << 16) | ('G' << 8) | '0')
175 #define MAGIC_HASH (('H' << 24) | ('A' << 16) | ('S' << 8) | 'H')
176 #define MAGIC_KEY (('K' << 24) | ('E' << 16) | ('Y' << 8) | '0')
177 struct object
178 {
179 ULONG magic;
180 };
181
182 enum alg_id
183 {
184 ALG_ID_AES,
185 ALG_ID_MD2,
186 ALG_ID_MD4,
187 ALG_ID_MD5,
188 ALG_ID_RNG,
189 ALG_ID_SHA1,
190 ALG_ID_SHA256,
191 ALG_ID_SHA384,
192 ALG_ID_SHA512
193 };
194
195 enum mode_id
196 {
197 MODE_ID_CBC,
198 MODE_ID_GCM
199 };
200
201 #define MAX_HASH_OUTPUT_BYTES 64
202 #define MAX_HASH_BLOCK_BITS 1024
203
204 static const struct {
205 ULONG object_length;
206 ULONG hash_length;
207 ULONG block_bits;
208 const WCHAR *alg_name;
209 } alg_props[] = {
210 /* ALG_ID_AES */ { 654, 0, 0, BCRYPT_AES_ALGORITHM },
211 /* ALG_ID_MD2 */ { 270, 16, 128, BCRYPT_MD2_ALGORITHM },
212 /* ALG_ID_MD4 */ { 270, 16, 512, BCRYPT_MD4_ALGORITHM },
213 /* ALG_ID_MD5 */ { 274, 16, 512, BCRYPT_MD5_ALGORITHM },
214 /* ALG_ID_RNG */ { 0, 0, 0, BCRYPT_RNG_ALGORITHM },
215 /* ALG_ID_SHA1 */ { 278, 20, 512, BCRYPT_SHA1_ALGORITHM },
216 /* ALG_ID_SHA256 */ { 286, 32, 512, BCRYPT_SHA256_ALGORITHM },
217 /* ALG_ID_SHA384 */ { 382, 48, 1024, BCRYPT_SHA384_ALGORITHM },
218 /* ALG_ID_SHA512 */ { 382, 64, 1024, BCRYPT_SHA512_ALGORITHM }
219 };
220
221 struct algorithm
222 {
223 struct object hdr;
224 enum alg_id id;
225 enum mode_id mode;
226 BOOL hmac;
227 };
228
229 NTSTATUS WINAPI BCryptGenRandom(BCRYPT_ALG_HANDLE handle, UCHAR *buffer, ULONG count, ULONG flags)
230 {
231 const DWORD supported_flags = BCRYPT_USE_SYSTEM_PREFERRED_RNG;
232 struct algorithm *algorithm = handle;
233
234 TRACE("%p, %p, %u, %08x - semi-stub\n", handle, buffer, count, flags);
235
236 if (!algorithm)
237 {
238 /* It's valid to call without an algorithm if BCRYPT_USE_SYSTEM_PREFERRED_RNG
239 * is set. In this case the preferred system RNG is used.
240 */
241 if (!(flags & BCRYPT_USE_SYSTEM_PREFERRED_RNG))
242 return STATUS_INVALID_HANDLE;
243 }
244 else if (algorithm->hdr.magic != MAGIC_ALG || algorithm->id != ALG_ID_RNG)
245 return STATUS_INVALID_HANDLE;
246
247 if (!buffer)
248 return STATUS_INVALID_PARAMETER;
249
250 if (flags & ~supported_flags)
251 FIXME("unsupported flags %08x\n", flags & ~supported_flags);
252
253 if (algorithm)
254 FIXME("ignoring selected algorithm\n");
255
256 /* When zero bytes are requested the function returns success too. */
257 if (!count)
258 return STATUS_SUCCESS;
259
260 if (algorithm || (flags & BCRYPT_USE_SYSTEM_PREFERRED_RNG))
261 {
262 if (RtlGenRandom(buffer, count))
263 return STATUS_SUCCESS;
264 }
265
266 FIXME("called with unsupported parameters, returning error\n");
267 return STATUS_NOT_IMPLEMENTED;
268 }
269
270 NTSTATUS WINAPI BCryptOpenAlgorithmProvider( BCRYPT_ALG_HANDLE *handle, LPCWSTR id, LPCWSTR implementation, DWORD flags )
271 {
272 const DWORD supported_flags = BCRYPT_ALG_HANDLE_HMAC_FLAG;
273 struct algorithm *alg;
274 enum alg_id alg_id;
275
276 TRACE( "%p, %s, %s, %08x\n", handle, wine_dbgstr_w(id), wine_dbgstr_w(implementation), flags );
277
278 if (!handle || !id) return STATUS_INVALID_PARAMETER;
279 if (flags & ~supported_flags)
280 {
281 FIXME( "unsupported flags %08x\n", flags & ~supported_flags);
282 return STATUS_NOT_IMPLEMENTED;
283 }
284
285 if (!strcmpW( id, BCRYPT_AES_ALGORITHM )) alg_id = ALG_ID_AES;
286 else if (!strcmpW( id, BCRYPT_MD2_ALGORITHM )) alg_id = ALG_ID_MD2;
287 else if (!strcmpW( id, BCRYPT_MD4_ALGORITHM )) alg_id = ALG_ID_MD4;
288 else if (!strcmpW( id, BCRYPT_MD5_ALGORITHM )) alg_id = ALG_ID_MD5;
289 else if (!strcmpW( id, BCRYPT_RNG_ALGORITHM )) alg_id = ALG_ID_RNG;
290 else if (!strcmpW( id, BCRYPT_SHA1_ALGORITHM )) alg_id = ALG_ID_SHA1;
291 else if (!strcmpW( id, BCRYPT_SHA256_ALGORITHM )) alg_id = ALG_ID_SHA256;
292 else if (!strcmpW( id, BCRYPT_SHA384_ALGORITHM )) alg_id = ALG_ID_SHA384;
293 else if (!strcmpW( id, BCRYPT_SHA512_ALGORITHM )) alg_id = ALG_ID_SHA512;
294 else
295 {
296 FIXME( "algorithm %s not supported\n", debugstr_w(id) );
297 return STATUS_NOT_IMPLEMENTED;
298 }
299 if (implementation && strcmpW( implementation, MS_PRIMITIVE_PROVIDER ))
300 {
301 FIXME( "implementation %s not supported\n", debugstr_w(implementation) );
302 return STATUS_NOT_IMPLEMENTED;
303 }
304
305 if (!(alg = heap_alloc( sizeof(*alg) ))) return STATUS_NO_MEMORY;
306 alg->hdr.magic = MAGIC_ALG;
307 alg->id = alg_id;
308 alg->mode = MODE_ID_CBC;
309 alg->hmac = flags & BCRYPT_ALG_HANDLE_HMAC_FLAG;
310
311 *handle = alg;
312 return STATUS_SUCCESS;
313 }
314
315 NTSTATUS WINAPI BCryptCloseAlgorithmProvider( BCRYPT_ALG_HANDLE handle, DWORD flags )
316 {
317 struct algorithm *alg = handle;
318
319 TRACE( "%p, %08x\n", handle, flags );
320
321 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
322 heap_free( alg );
323 return STATUS_SUCCESS;
324 }
325
326 NTSTATUS WINAPI BCryptGetFipsAlgorithmMode(BOOLEAN *enabled)
327 {
328 FIXME("%p - semi-stub\n", enabled);
329
330 if (!enabled)
331 return STATUS_INVALID_PARAMETER;
332
333 *enabled = FALSE;
334 return STATUS_SUCCESS;
335 }
336
337 struct hash_impl
338 {
339 union
340 {
341 MD2_CTX md2;
342 MD4_CTX md4;
343 MD5_CTX md5;
344 SHA_CTX sha1;
345 SHA256_CTX sha256;
346 SHA512_CTX sha512;
347 } u;
348 };
349
350 static NTSTATUS hash_init( struct hash_impl *hash, enum alg_id alg_id )
351 {
352 switch (alg_id)
353 {
354 case ALG_ID_MD2:
355 md2_init( &hash->u.md2 );
356 break;
357
358 case ALG_ID_MD4:
359 MD4Init( &hash->u.md4 );
360 break;
361
362 case ALG_ID_MD5:
363 MD5Init( &hash->u.md5 );
364 break;
365
366 case ALG_ID_SHA1:
367 A_SHAInit( &hash->u.sha1 );
368 break;
369
370 case ALG_ID_SHA256:
371 sha256_init( &hash->u.sha256 );
372 break;
373
374 case ALG_ID_SHA384:
375 sha384_init( &hash->u.sha512 );
376 break;
377
378 case ALG_ID_SHA512:
379 sha512_init( &hash->u.sha512 );
380 break;
381
382 default:
383 ERR( "unhandled id %u\n", alg_id );
384 return STATUS_NOT_IMPLEMENTED;
385 }
386 return STATUS_SUCCESS;
387 }
388
389 static NTSTATUS hash_update( struct hash_impl *hash, enum alg_id alg_id,
390 UCHAR *input, ULONG size )
391 {
392 switch (alg_id)
393 {
394 case ALG_ID_MD2:
395 md2_update( &hash->u.md2, input, size );
396 break;
397
398 case ALG_ID_MD4:
399 MD4Update( &hash->u.md4, input, size );
400 break;
401
402 case ALG_ID_MD5:
403 MD5Update( &hash->u.md5, input, size );
404 break;
405
406 case ALG_ID_SHA1:
407 A_SHAUpdate( &hash->u.sha1, input, size );
408 break;
409
410 case ALG_ID_SHA256:
411 sha256_update( &hash->u.sha256, input, size );
412 break;
413
414 case ALG_ID_SHA384:
415 sha384_update( &hash->u.sha512, input, size );
416 break;
417
418 case ALG_ID_SHA512:
419 sha512_update( &hash->u.sha512, input, size );
420 break;
421
422 default:
423 ERR( "unhandled id %u\n", alg_id );
424 return STATUS_NOT_IMPLEMENTED;
425 }
426 return STATUS_SUCCESS;
427 }
428
429 static NTSTATUS hash_finish( struct hash_impl *hash, enum alg_id alg_id,
430 UCHAR *output, ULONG size )
431 {
432 switch (alg_id)
433 {
434 case ALG_ID_MD2:
435 md2_finalize( &hash->u.md2, output );
436 break;
437
438 case ALG_ID_MD4:
439 MD4Final( &hash->u.md4 );
440 memcpy( output, hash->u.md4.digest, 16 );
441 break;
442
443 case ALG_ID_MD5:
444 MD5Final( &hash->u.md5 );
445 memcpy( output, hash->u.md5.digest, 16 );
446 break;
447
448 case ALG_ID_SHA1:
449 A_SHAFinal( &hash->u.sha1, (ULONG *)output );
450 break;
451
452 case ALG_ID_SHA256:
453 sha256_finalize( &hash->u.sha256, output );
454 break;
455
456 case ALG_ID_SHA384:
457 sha384_finalize( &hash->u.sha512, output );
458 break;
459
460 case ALG_ID_SHA512:
461 sha512_finalize( &hash->u.sha512, output );
462 break;
463
464 default:
465 ERR( "unhandled id %u\n", alg_id );
466 return STATUS_NOT_IMPLEMENTED;
467 }
468 return STATUS_SUCCESS;
469 }
470
471 struct hash
472 {
473 struct object hdr;
474 enum alg_id alg_id;
475 BOOL hmac;
476 struct hash_impl outer;
477 struct hash_impl inner;
478 };
479
480 #define BLOCK_LENGTH_AES 16
481
482 static NTSTATUS generic_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
483 {
484 if (!strcmpW( prop, BCRYPT_OBJECT_LENGTH ))
485 {
486 if (!alg_props[id].object_length)
487 return STATUS_NOT_SUPPORTED;
488 *ret_size = sizeof(ULONG);
489 if (size < sizeof(ULONG))
490 return STATUS_BUFFER_TOO_SMALL;
491 if (buf)
492 *(ULONG *)buf = alg_props[id].object_length;
493 return STATUS_SUCCESS;
494 }
495
496 if (!strcmpW( prop, BCRYPT_HASH_LENGTH ))
497 {
498 if (!alg_props[id].hash_length)
499 return STATUS_NOT_SUPPORTED;
500 *ret_size = sizeof(ULONG);
501 if (size < sizeof(ULONG))
502 return STATUS_BUFFER_TOO_SMALL;
503 if(buf)
504 *(ULONG*)buf = alg_props[id].hash_length;
505 return STATUS_SUCCESS;
506 }
507
508 if (!strcmpW( prop, BCRYPT_ALGORITHM_NAME ))
509 {
510 *ret_size = (strlenW(alg_props[id].alg_name)+1)*sizeof(WCHAR);
511 if (size < *ret_size)
512 return STATUS_BUFFER_TOO_SMALL;
513 if(buf)
514 memcpy(buf, alg_props[id].alg_name, *ret_size);
515 return STATUS_SUCCESS;
516 }
517
518 return STATUS_NOT_IMPLEMENTED;
519 }
520
521 static NTSTATUS get_alg_property( const struct algorithm *alg, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
522 {
523 NTSTATUS status;
524
525 status = generic_alg_property( alg->id, prop, buf, size, ret_size );
526 if (status != STATUS_NOT_IMPLEMENTED)
527 return status;
528
529 switch (alg->id)
530 {
531 case ALG_ID_AES:
532 if (!strcmpW( prop, BCRYPT_BLOCK_LENGTH ))
533 {
534 *ret_size = sizeof(ULONG);
535 if (size < sizeof(ULONG))
536 return STATUS_BUFFER_TOO_SMALL;
537 if (buf)
538 *(ULONG *)buf = BLOCK_LENGTH_AES;
539 return STATUS_SUCCESS;
540 }
541 if (!strcmpW( prop, BCRYPT_CHAINING_MODE ))
542 {
543 const WCHAR *mode;
544 switch (alg->mode)
545 {
546 case MODE_ID_GCM: mode = BCRYPT_CHAIN_MODE_GCM; break;
547 case MODE_ID_CBC: mode = BCRYPT_CHAIN_MODE_CBC; break;
548 default: return STATUS_NOT_IMPLEMENTED;
549 }
550
551 *ret_size = 64;
552 if (size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
553 memcpy( buf, mode, (strlenW(mode) + 1) * sizeof(WCHAR) );
554 return STATUS_SUCCESS;
555 }
556 if (!strcmpW( prop, BCRYPT_KEY_LENGTHS ))
557 {
558 BCRYPT_KEY_LENGTHS_STRUCT *key_lengths = (void *)buf;
559 *ret_size = sizeof(*key_lengths);
560 if (key_lengths && size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
561 if (key_lengths)
562 {
563 key_lengths->dwMinLength = 128;
564 key_lengths->dwMaxLength = 256;
565 key_lengths->dwIncrement = 64;
566 }
567 return STATUS_SUCCESS;
568 }
569 if (!strcmpW( prop, BCRYPT_AUTH_TAG_LENGTH ))
570 {
571 BCRYPT_AUTH_TAG_LENGTHS_STRUCT *tag_length = (void *)buf;
572 if (alg->mode != MODE_ID_GCM) return STATUS_NOT_SUPPORTED;
573 *ret_size = sizeof(*tag_length);
574 if (tag_length && size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
575 if (tag_length)
576 {
577 tag_length->dwMinLength = 12;
578 tag_length->dwMaxLength = 16;
579 tag_length->dwIncrement = 1;
580 }
581 return STATUS_SUCCESS;
582 }
583 break;
584
585 default:
586 break;
587 }
588
589 FIXME( "unsupported property %s\n", debugstr_w(prop) );
590 return STATUS_NOT_IMPLEMENTED;
591 }
592
593 static NTSTATUS set_alg_property( struct algorithm *alg, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
594 {
595 switch (alg->id)
596 {
597 case ALG_ID_AES:
598 if (!strcmpW( prop, BCRYPT_CHAINING_MODE ))
599 {
600 if (!strncmpW( (WCHAR *)value, BCRYPT_CHAIN_MODE_CBC, size ))
601 {
602 alg->mode = MODE_ID_CBC;
603 return STATUS_SUCCESS;
604 }
605 else if (!strncmpW( (WCHAR *)value, BCRYPT_CHAIN_MODE_GCM, size ))
606 {
607 alg->mode = MODE_ID_GCM;
608 return STATUS_SUCCESS;
609 }
610 else
611 {
612 FIXME( "unsupported mode %s\n", debugstr_wn( (WCHAR *)value, size ) );
613 return STATUS_NOT_IMPLEMENTED;
614 }
615 }
616 FIXME( "unsupported aes algorithm property %s\n", debugstr_w(prop) );
617 return STATUS_NOT_IMPLEMENTED;
618
619 default:
620 FIXME( "unsupported algorithm %u\n", alg->id );
621 return STATUS_NOT_IMPLEMENTED;
622 }
623 }
624
625 static NTSTATUS get_hash_property( const struct hash *hash, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
626 {
627 NTSTATUS status;
628
629 status = generic_alg_property( hash->alg_id, prop, buf, size, ret_size );
630 if (status == STATUS_NOT_IMPLEMENTED)
631 FIXME( "unsupported property %s\n", debugstr_w(prop) );
632 return status;
633 }
634
635 NTSTATUS WINAPI BCryptGetProperty( BCRYPT_HANDLE handle, LPCWSTR prop, UCHAR *buffer, ULONG count, ULONG *res, ULONG flags )
636 {
637 struct object *object = handle;
638
639 TRACE( "%p, %s, %p, %u, %p, %08x\n", handle, wine_dbgstr_w(prop), buffer, count, res, flags );
640
641 if (!object) return STATUS_INVALID_HANDLE;
642 if (!prop || !res) return STATUS_INVALID_PARAMETER;
643
644 switch (object->magic)
645 {
646 case MAGIC_ALG:
647 {
648 const struct algorithm *alg = (const struct algorithm *)object;
649 return get_alg_property( alg, prop, buffer, count, res );
650 }
651 case MAGIC_HASH:
652 {
653 const struct hash *hash = (const struct hash *)object;
654 return get_hash_property( hash, prop, buffer, count, res );
655 }
656 default:
657 WARN( "unknown magic %08x\n", object->magic );
658 return STATUS_INVALID_HANDLE;
659 }
660 }
661
662 NTSTATUS WINAPI BCryptSetProperty( BCRYPT_HANDLE handle, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
663 {
664 struct object *object = handle;
665
666 TRACE( "%p, %s, %p, %u, %08x\n", handle, debugstr_w(prop), value, size, flags );
667
668 if (!object) return STATUS_INVALID_HANDLE;
669
670 switch (object->magic)
671 {
672 case MAGIC_ALG:
673 {
674 struct algorithm *alg = (struct algorithm *)object;
675 return set_alg_property( alg, prop, value, size, flags );
676 }
677 case MAGIC_KEY:
678 {
679 FIXME( "keys not implemented yet\n" );
680 return STATUS_NOT_IMPLEMENTED;
681 }
682 default:
683 WARN( "unknown magic %08x\n", object->magic );
684 return STATUS_INVALID_HANDLE;
685 }
686 }
687
688 NTSTATUS WINAPI BCryptCreateHash( BCRYPT_ALG_HANDLE algorithm, BCRYPT_HASH_HANDLE *handle, UCHAR *object, ULONG objectlen,
689 UCHAR *secret, ULONG secretlen, ULONG flags )
690 {
691 struct algorithm *alg = algorithm;
692 UCHAR buffer[MAX_HASH_BLOCK_BITS / 8] = {0};
693 struct hash *hash;
694 int block_bytes;
695 NTSTATUS status;
696 int i;
697
698 TRACE( "%p, %p, %p, %u, %p, %u, %08x - stub\n", algorithm, handle, object, objectlen,
699 secret, secretlen, flags );
700 if (flags)
701 {
702 FIXME( "unimplemented flags %08x\n", flags );
703 return STATUS_NOT_IMPLEMENTED;
704 }
705
706 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
707 if (object) FIXME( "ignoring object buffer\n" );
708
709 if (!(hash = heap_alloc( sizeof(*hash) ))) return STATUS_NO_MEMORY;
710 hash->hdr.magic = MAGIC_HASH;
711 hash->alg_id = alg->id;
712 hash->hmac = alg->hmac;
713
714 /* initialize hash */
715 if ((status = hash_init( &hash->inner, hash->alg_id ))) goto end;
716 if (!hash->hmac) goto end;
717
718 /* initialize hmac */
719 if ((status = hash_init( &hash->outer, hash->alg_id ))) goto end;
720 block_bytes = alg_props[hash->alg_id].block_bits / 8;
721 if (secretlen > block_bytes)
722 {
723 struct hash_impl temp;
724 if ((status = hash_init( &temp, hash->alg_id ))) goto end;
725 if ((status = hash_update( &temp, hash->alg_id, secret, secretlen ))) goto end;
726 if ((status = hash_finish( &temp, hash->alg_id, buffer,
727 alg_props[hash->alg_id].hash_length ))) goto end;
728 }
729 else
730 {
731 memcpy( buffer, secret, secretlen );
732 }
733 for (i = 0; i < block_bytes; i++) buffer[i] ^= 0x5c;
734 if ((status = hash_update( &hash->outer, hash->alg_id, buffer, block_bytes ))) goto end;
735 for (i = 0; i < block_bytes; i++) buffer[i] ^= (0x5c ^ 0x36);
736 status = hash_update( &hash->inner, hash->alg_id, buffer, block_bytes );
737
738 end:
739 if (status != STATUS_SUCCESS)
740 {
741 heap_free( hash );
742 return status;
743 }
744
745 *handle = hash;
746 return STATUS_SUCCESS;
747 }
748
749 NTSTATUS WINAPI BCryptDuplicateHash( BCRYPT_HASH_HANDLE handle, BCRYPT_HASH_HANDLE *handle_copy,
750 UCHAR *object, ULONG objectlen, ULONG flags )
751 {
752 struct hash *hash_orig = handle;
753 struct hash *hash_copy;
754
755 TRACE( "%p, %p, %p, %u, %u\n", handle, handle_copy, object, objectlen, flags );
756
757 if (!hash_orig || hash_orig->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
758 if (!handle_copy) return STATUS_INVALID_PARAMETER;
759 if (object) FIXME( "ignoring object buffer\n" );
760
761 if (!(hash_copy = heap_alloc( sizeof(*hash_copy) )))
762 return STATUS_NO_MEMORY;
763
764 memcpy( hash_copy, hash_orig, sizeof(*hash_orig) );
765
766 *handle_copy = hash_copy;
767 return STATUS_SUCCESS;
768 }
769
770 NTSTATUS WINAPI BCryptDestroyHash( BCRYPT_HASH_HANDLE handle )
771 {
772 struct hash *hash = handle;
773
774 TRACE( "%p\n", handle );
775
776 if (!hash || hash->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
777 heap_free( hash );
778 return STATUS_SUCCESS;
779 }
780
781 NTSTATUS WINAPI BCryptHashData( BCRYPT_HASH_HANDLE handle, UCHAR *input, ULONG size, ULONG flags )
782 {
783 struct hash *hash = handle;
784
785 TRACE( "%p, %p, %u, %08x\n", handle, input, size, flags );
786
787 if (!hash || hash->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
788 if (!input) return STATUS_SUCCESS;
789
790 return hash_update( &hash->inner, hash->alg_id, input, size );
791 }
792
793 NTSTATUS WINAPI BCryptFinishHash( BCRYPT_HASH_HANDLE handle, UCHAR *output, ULONG size, ULONG flags )
794 {
795 UCHAR buffer[MAX_HASH_OUTPUT_BYTES];
796 struct hash *hash = handle;
797 NTSTATUS status;
798 int hash_length;
799
800 TRACE( "%p, %p, %u, %08x\n", handle, output, size, flags );
801
802 if (!hash || hash->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
803 if (!output) return STATUS_INVALID_PARAMETER;
804
805 if (!hash->hmac)
806 return hash_finish( &hash->inner, hash->alg_id, output, size );
807
808 hash_length = alg_props[hash->alg_id].hash_length;
809 if ((status = hash_finish( &hash->inner, hash->alg_id, buffer, hash_length ))) return status;
810 if ((status = hash_update( &hash->outer, hash->alg_id, buffer, hash_length ))) return status;
811 return hash_finish( &hash->outer, hash->alg_id, output, size );
812 }
813
814 NTSTATUS WINAPI BCryptHash( BCRYPT_ALG_HANDLE algorithm, UCHAR *secret, ULONG secretlen,
815 UCHAR *input, ULONG inputlen, UCHAR *output, ULONG outputlen )
816 {
817 NTSTATUS status;
818 BCRYPT_HASH_HANDLE handle;
819
820 TRACE( "%p, %p, %u, %p, %u, %p, %u\n", algorithm, secret, secretlen,
821 input, inputlen, output, outputlen );
822
823 status = BCryptCreateHash( algorithm, &handle, NULL, 0, secret, secretlen, 0);
824 if (status != STATUS_SUCCESS)
825 {
826 return status;
827 }
828
829 status = BCryptHashData( handle, input, inputlen, 0 );
830 if (status != STATUS_SUCCESS)
831 {
832 BCryptDestroyHash( handle );
833 return status;
834 }
835
836 status = BCryptFinishHash( handle, output, outputlen, 0 );
837 if (status != STATUS_SUCCESS)
838 {
839 BCryptDestroyHash( handle );
840 return status;
841 }
842
843 return BCryptDestroyHash( handle );
844 }
845
846 #if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
847 struct key
848 {
849 struct object hdr;
850 enum alg_id alg_id;
851 ULONG block_size;
852 gnutls_cipher_hd_t handle;
853 UCHAR *secret;
854 ULONG secret_len;
855 };
856 #elif defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
857 struct key
858 {
859 struct object hdr;
860 enum alg_id alg_id;
861 ULONG block_size;
862 CCCryptorRef ref_encrypt;
863 CCCryptorRef ref_decrypt;
864 UCHAR *secret;
865 ULONG secret_len;
866 };
867 #else
868 struct key
869 {
870 struct object hdr;
871 ULONG block_size;
872 };
873 #endif
874
875 #if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
876 static ULONG get_block_size( struct algorithm *alg )
877 {
878 ULONG ret = 0, size = sizeof(ret);
879 get_alg_property( alg, BCRYPT_BLOCK_LENGTH, (UCHAR *)&ret, sizeof(ret), &size );
880 return ret;
881 }
882 static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, ULONG output_len, ULONG *size )
883 {
884 if (!strcmpW( type, BCRYPT_KEY_DATA_BLOB ))
885 {
886 BCRYPT_KEY_DATA_BLOB_HEADER *header = (BCRYPT_KEY_DATA_BLOB_HEADER *)output;
887 ULONG req_size = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + key->secret_len;
888
889 *size = req_size;
890 if (output_len < req_size) return STATUS_BUFFER_TOO_SMALL;
891
892 header->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
893 header->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
894 header->cbKeyData = key->secret_len;
895 memcpy( &header[1], key->secret, key->secret_len );
896 return STATUS_SUCCESS;
897 }
898
899 FIXME( "unsupported key type %s\n", debugstr_w(type) );
900 return STATUS_NOT_IMPLEMENTED;
901 }
902 #endif
903
904 #if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
905 static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
906 {
907 UCHAR *buffer;
908
909 if (!libgnutls_handle) return STATUS_INTERNAL_ERROR;
910
911 switch (alg->id)
912 {
913 case ALG_ID_AES:
914 break;
915
916 default:
917 FIXME( "algorithm %u not supported\n", alg->id );
918 return STATUS_NOT_SUPPORTED;
919 }
920
921 if (!(key->block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
922 if (!(buffer = heap_alloc( secret_len ))) return STATUS_NO_MEMORY;
923 memcpy( buffer, secret, secret_len );
924
925 key->alg_id = alg->id;
926 key->handle = 0; /* initialized on first use */
927 key->secret = buffer;
928 key->secret_len = secret_len;
929
930 return STATUS_SUCCESS;
931 }
932
933 static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
934 {
935 switch (key->alg_id)
936 {
937 case ALG_ID_AES:
938 FIXME( "handle block size and chaining mode\n" );
939 return GNUTLS_CIPHER_AES_128_CBC;
940
941 default:
942 FIXME( "algorithm %u not supported\n", key->alg_id );
943 return GNUTLS_CIPHER_UNKNOWN;
944 }
945 }
946
947 static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
948 {
949 gnutls_cipher_algorithm_t cipher;
950 gnutls_datum_t secret, vector;
951 int ret;
952
953 if (key->handle)
954 {
955 pgnutls_cipher_deinit( key->handle );
956 key->handle = NULL;
957 }
958
959 if ((cipher = get_gnutls_cipher( key )) == GNUTLS_CIPHER_UNKNOWN)
960 return STATUS_NOT_SUPPORTED;
961
962 secret.data = key->secret;
963 secret.size = key->secret_len;
964 if (iv)
965 {
966 vector.data = iv;
967 vector.size = iv_len;
968 }
969
970 if ((ret = pgnutls_cipher_init( &key->handle, cipher, &secret, iv ? &vector : NULL )))
971 {
972 pgnutls_perror( ret );
973 return STATUS_INTERNAL_ERROR;
974 }
975
976 return STATUS_SUCCESS;
977 }
978
979 static NTSTATUS key_encrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
980 ULONG output_len )
981 {
982 int ret;
983
984 if ((ret = pgnutls_cipher_encrypt2( key->handle, input, input_len, output, output_len )))
985 {
986 pgnutls_perror( ret );
987 return STATUS_INTERNAL_ERROR;
988 }
989
990 return STATUS_SUCCESS;
991 }
992
993 static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
994 ULONG output_len )
995 {
996 int ret;
997
998 if ((ret = pgnutls_cipher_decrypt2( key->handle, input, input_len, output, output_len )))
999 {
1000 pgnutls_perror( ret );
1001 return STATUS_INTERNAL_ERROR;
1002 }
1003
1004 return STATUS_SUCCESS;
1005 }
1006
1007 static NTSTATUS key_destroy( struct key *key )
1008 {
1009 if (key->handle) pgnutls_cipher_deinit( key->handle );
1010 heap_free( key->secret );
1011 heap_free( key );
1012 return STATUS_SUCCESS;
1013 }
1014 #elif defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
1015 static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
1016 {
1017 UCHAR *buffer;
1018
1019 switch (alg->id)
1020 {
1021 case ALG_ID_AES:
1022 break;
1023
1024 default:
1025 FIXME( "algorithm %u not supported\n", alg->id );
1026 return STATUS_NOT_SUPPORTED;
1027 }
1028
1029 if (!(key->block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
1030 if (!(buffer = heap_alloc( secret_len ))) return STATUS_NO_MEMORY;
1031 memcpy( buffer, secret, secret_len );
1032
1033 key->alg_id = alg->id;
1034 key->ref_encrypt = NULL; /* initialized on first use */
1035 key->ref_decrypt = NULL;
1036 key->secret = buffer;
1037 key->secret_len = secret_len;
1038
1039 return STATUS_SUCCESS;
1040 }
1041
1042 static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
1043 {
1044 CCCryptorStatus status;
1045
1046 if (key->ref_encrypt)
1047 {
1048 CCCryptorRelease( key->ref_encrypt );
1049 key->ref_encrypt = NULL;
1050 }
1051 if (key->ref_decrypt)
1052 {
1053 CCCryptorRelease( key->ref_decrypt );
1054 key->ref_decrypt = NULL;
1055 }
1056
1057 if ((status = CCCryptorCreateWithMode( kCCEncrypt, kCCModeCBC, kCCAlgorithmAES128, ccNoPadding, iv,
1058 key->secret, key->secret_len, NULL, 0, 0, 0, &key->ref_encrypt )) != kCCSuccess)
1059 {
1060 WARN( "CCCryptorCreateWithMode failed %d\n", status );
1061 return STATUS_INTERNAL_ERROR;
1062 }
1063 if ((status = CCCryptorCreateWithMode( kCCDecrypt, kCCModeCBC, kCCAlgorithmAES128, ccNoPadding, iv,
1064 key->secret, key->secret_len, NULL, 0, 0, 0, &key->ref_decrypt )) != kCCSuccess)
1065 {
1066 WARN( "CCCryptorCreateWithMode failed %d\n", status );
1067 CCCryptorRelease( key->ref_encrypt );
1068 key->ref_encrypt = NULL;
1069 return STATUS_INTERNAL_ERROR;
1070 }
1071
1072 return STATUS_SUCCESS;
1073 }
1074
1075 static NTSTATUS key_encrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
1076 ULONG output_len )
1077 {
1078 CCCryptorStatus status;
1079
1080 if ((status = CCCryptorUpdate( key->ref_encrypt, input, input_len, output, output_len, NULL )) != kCCSuccess)
1081 {
1082 WARN( "CCCryptorUpdate failed %d\n", status );
1083 return STATUS_INTERNAL_ERROR;
1084 }
1085
1086 return STATUS_SUCCESS;
1087 }
1088
1089 static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
1090 ULONG output_len )
1091 {
1092 CCCryptorStatus status;
1093
1094 if ((status = CCCryptorUpdate( key->ref_decrypt, input, input_len, output, output_len, NULL )) != kCCSuccess)
1095 {
1096 WARN( "CCCryptorUpdate failed %d\n", status );
1097 return STATUS_INTERNAL_ERROR;
1098 }
1099
1100 return STATUS_SUCCESS;
1101 }
1102
1103 static NTSTATUS key_destroy( struct key *key )
1104 {
1105 if (key->ref_encrypt) CCCryptorRelease( key->ref_encrypt );
1106 if (key->ref_decrypt) CCCryptorRelease( key->ref_decrypt );
1107 heap_free( key->secret );
1108 heap_free( key );
1109 return STATUS_SUCCESS;
1110 }
1111 #else
1112 static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
1113 {
1114 ERR( "support for keys not available at build time\n" );
1115 return STATUS_NOT_IMPLEMENTED;
1116 }
1117
1118 static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
1119 {
1120 ERR( "support for keys not available at build time\n" );
1121 return STATUS_NOT_IMPLEMENTED;
1122 }
1123
1124 static NTSTATUS key_encrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
1125 ULONG output_len )
1126 {
1127 ERR( "support for keys not available at build time\n" );
1128 return STATUS_NOT_IMPLEMENTED;
1129 }
1130
1131 static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
1132 ULONG output_len )
1133 {
1134 ERR( "support for keys not available at build time\n" );
1135 return STATUS_NOT_IMPLEMENTED;
1136 }
1137
1138 static NTSTATUS key_destroy( struct key *key )
1139 {
1140 ERR( "support for keys not available at build time\n" );
1141 return STATUS_NOT_IMPLEMENTED;
1142 }
1143
1144 static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, ULONG output_len, ULONG *size )
1145 {
1146 ERR( "support for keys not available at build time\n" );
1147 return STATUS_NOT_IMPLEMENTED;
1148 }
1149 #endif
1150
1151 NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_KEY_HANDLE *handle,
1152 UCHAR *object, ULONG object_len, UCHAR *secret, ULONG secret_len,
1153 ULONG flags )
1154 {
1155 struct algorithm *alg = algorithm;
1156 struct key *key;
1157 NTSTATUS status;
1158
1159 TRACE( "%p, %p, %p, %u, %p, %u, %08x\n", algorithm, handle, object, object_len, secret, secret_len, flags );
1160
1161 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
1162 if (object) FIXME( "ignoring object buffer\n" );
1163
1164 if (!(key = heap_alloc( sizeof(*key) ))) return STATUS_NO_MEMORY;
1165 key->hdr.magic = MAGIC_KEY;
1166
1167 if ((status = key_init( key, alg, secret, secret_len )))
1168 {
1169 heap_free( key );
1170 return status;
1171 }
1172
1173 *handle = key;
1174 return STATUS_SUCCESS;
1175 }
1176
1177 NTSTATUS WINAPI BCryptImportKey(BCRYPT_ALG_HANDLE algorithm, BCRYPT_KEY_HANDLE decrypt_key, LPCWSTR type,
1178 BCRYPT_KEY_HANDLE *key, PUCHAR object, ULONG object_len, PUCHAR input,
1179 ULONG input_len, ULONG flags)
1180 {
1181 struct algorithm *alg = algorithm;
1182
1183 TRACE("%p, %p, %s, %p, %p, %u, %p, %u, %u\n", algorithm, decrypt_key, debugstr_w(type), key, object,
1184 object_len, input, input_len, flags);
1185
1186 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
1187 if (!key || !type || !input) return STATUS_INVALID_PARAMETER;
1188
1189 if (decrypt_key)
1190 {
1191 FIXME("Decrypting of key not yet supported\n");
1192 return STATUS_NO_MEMORY;
1193 }
1194
1195 if (!strcmpW(type, BCRYPT_KEY_DATA_BLOB))
1196 {
1197 BCRYPT_KEY_DATA_BLOB_HEADER *key_header = (BCRYPT_KEY_DATA_BLOB_HEADER*)input;
1198
1199 if (input_len < sizeof(BCRYPT_KEY_DATA_BLOB_HEADER))
1200 return STATUS_BUFFER_TOO_SMALL;
1201
1202 if (key_header->dwMagic != BCRYPT_KEY_DATA_BLOB_MAGIC)
1203 return STATUS_INVALID_PARAMETER;
1204
1205 if (key_header->dwVersion != BCRYPT_KEY_DATA_BLOB_VERSION1)
1206 {
1207 FIXME("Unknown key data blob version: %d\n", key_header->dwVersion);
1208 return STATUS_INVALID_PARAMETER;
1209 }
1210
1211 if (key_header->cbKeyData + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) > input_len)
1212 return STATUS_INVALID_PARAMETER;
1213
1214 return BCryptGenerateSymmetricKey(algorithm, key, object, object_len, (UCHAR*)&key_header[1], key_header->cbKeyData, 0);
1215 }
1216
1217 FIXME("Unsupported key type: %s\n", debugstr_w(type));
1218 return STATUS_INVALID_PARAMETER;
1219 }
1220
1221 NTSTATUS WINAPI BCryptExportKey(BCRYPT_KEY_HANDLE export_key, BCRYPT_KEY_HANDLE encrypt_key, LPCWSTR type,
1222 PUCHAR output, ULONG output_len, ULONG *size, ULONG flags)
1223 {
1224 struct key *key = export_key;
1225
1226 TRACE("%p, %p, %s, %p, %u, %p, %u\n", key, encrypt_key, debugstr_w(type), output, output_len, size, flags);
1227
1228 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1229 if (!output || !output_len || !size) return STATUS_INVALID_PARAMETER;
1230
1231 if (encrypt_key)
1232 {
1233 FIXME("Encryption of key not yet supported\n");
1234 return STATUS_NO_MEMORY;
1235 }
1236
1237 return key_export( key, type, output, output_len, size );
1238 }
1239
1240 NTSTATUS WINAPI BCryptDestroyKey( BCRYPT_KEY_HANDLE handle )
1241 {
1242 struct key *key = handle;
1243
1244 TRACE( "%p\n", handle );
1245
1246 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1247 return key_destroy( key );
1248 }
1249
1250 NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG input_len,
1251 void *padding, UCHAR *iv, ULONG iv_len, UCHAR *output,
1252 ULONG output_len, ULONG *ret_len, ULONG flags )
1253 {
1254 struct key *key = handle;
1255 ULONG bytes_left = input_len;
1256 UCHAR *buf, *src, *dst;
1257 NTSTATUS status;
1258
1259 TRACE( "%p, %p, %u, %p, %p, %u, %p, %u, %p, %08x\n", handle, input, input_len,
1260 padding, iv, iv_len, output, output_len, ret_len, flags );
1261
1262 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1263 if (padding)
1264 {
1265 FIXME( "padding info not implemented\n" );
1266 return STATUS_NOT_IMPLEMENTED;
1267 }
1268 if (flags & ~BCRYPT_BLOCK_PADDING)
1269 {
1270 FIXME( "flags %08x not implemented\n", flags );
1271 return STATUS_NOT_IMPLEMENTED;
1272 }
1273
1274 if ((status = key_set_params( key, iv, iv_len ))) return status;
1275
1276 *ret_len = input_len;
1277
1278 if (flags & BCRYPT_BLOCK_PADDING)
1279 *ret_len = (input_len + key->block_size) & ~(key->block_size - 1);
1280 else if (input_len & (key->block_size - 1))
1281 return STATUS_INVALID_BUFFER_SIZE;
1282
1283 if (!output) return STATUS_SUCCESS;
1284 if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
1285
1286 src = input;
1287 dst = output;
1288 while (bytes_left >= key->block_size)
1289 {
1290 if ((status = key_encrypt( key, src, key->block_size, dst, key->block_size ))) return status;
1291 bytes_left -= key->block_size;
1292 src += key->block_size;
1293 dst += key->block_size;
1294 }
1295
1296 if (flags & BCRYPT_BLOCK_PADDING)
1297 {
1298 if (!(buf = heap_alloc( key->block_size ))) return STATUS_NO_MEMORY;
1299 memcpy( buf, src, bytes_left );
1300 memset( buf + bytes_left, key->block_size - bytes_left, key->block_size - bytes_left );
1301 status = key_encrypt( key, buf, key->block_size, dst, key->block_size );
1302 heap_free( buf );
1303 }
1304
1305 return status;
1306 }
1307
1308 NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG input_len,
1309 void *padding, UCHAR *iv, ULONG iv_len, UCHAR *output,
1310 ULONG output_len, ULONG *ret_len, ULONG flags )
1311 {
1312 struct key *key = handle;
1313 ULONG bytes_left = input_len;
1314 UCHAR *buf, *src, *dst;
1315 NTSTATUS status;
1316
1317 TRACE( "%p, %p, %u, %p, %p, %u, %p, %u, %p, %08x\n", handle, input, input_len,
1318 padding, iv, iv_len, output, output_len, ret_len, flags );
1319
1320 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1321 if (padding)
1322 {
1323 FIXME( "padding info not implemented\n" );
1324 return STATUS_NOT_IMPLEMENTED;
1325 }
1326 if (flags & ~BCRYPT_BLOCK_PADDING)
1327 {
1328 FIXME( "flags %08x not supported\n", flags );
1329 return STATUS_NOT_IMPLEMENTED;
1330 }
1331
1332 if ((status = key_set_params( key, iv, iv_len ))) return status;
1333
1334 *ret_len = input_len;
1335
1336 if (input_len & (key->block_size - 1)) return STATUS_INVALID_BUFFER_SIZE;
1337 if (!output) return STATUS_SUCCESS;
1338 if (flags & BCRYPT_BLOCK_PADDING)
1339 {
1340 if (output_len + key->block_size < *ret_len) return STATUS_BUFFER_TOO_SMALL;
1341 if (input_len < key->block_size) return STATUS_BUFFER_TOO_SMALL;
1342 bytes_left -= key->block_size;
1343 }
1344 else if (output_len < *ret_len)
1345 return STATUS_BUFFER_TOO_SMALL;
1346
1347 src = input;
1348 dst = output;
1349 while (bytes_left >= key->block_size)
1350 {
1351 if ((status = key_decrypt( key, src, key->block_size, dst, key->block_size ))) return status;
1352 bytes_left -= key->block_size;
1353 src += key->block_size;
1354 dst += key->block_size;
1355 }
1356
1357 if (flags & BCRYPT_BLOCK_PADDING)
1358 {
1359 if (!(buf = heap_alloc( key->block_size ))) return STATUS_NO_MEMORY;
1360 status = key_decrypt( key, src, key->block_size, buf, key->block_size );
1361 if (!status && buf[ key->block_size - 1 ] <= key->block_size)
1362 {
1363 *ret_len -= buf[ key->block_size - 1 ];
1364 if (output_len < *ret_len) status = STATUS_BUFFER_TOO_SMALL;
1365 else memcpy( dst, buf, key->block_size - buf[ key->block_size - 1 ] );
1366 }
1367 else
1368 status = STATUS_UNSUCCESSFUL; /* FIXME: invalid padding */
1369 heap_free( buf );
1370 }
1371
1372 return status;
1373 }
1374
1375 BOOL WINAPI DllMain( HINSTANCE hinst, DWORD reason, LPVOID reserved )
1376 {
1377 switch (reason)
1378 {
1379 case DLL_PROCESS_ATTACH:
1380 instance = hinst;
1381 DisableThreadLibraryCalls( hinst );
1382 #if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
1383 gnutls_initialize();
1384 #endif
1385 break;
1386
1387 case DLL_PROCESS_DETACH:
1388 if (reserved) break;
1389 #if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
1390 gnutls_uninitialize();
1391 #endif
1392 break;
1393 }
1394 return TRUE;
1395 }
Windows API implementation