search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dbghelp: Properly fail on PDB files generated by MSVC compiler version 14.31.
[wine.git] / dlls / bcrypt / bcrypt_main.c
blob2c0d2f8f965381c97d62158ca883fbc8ec4b82fc
1 /*
2 * Copyright 2009 Henri Verbeet for CodeWeavers
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 *
18 */
19
20 #include <stdarg.h>
21 #include <stdlib.h>
22
23 #include "ntstatus.h"
24 #define WIN32_NO_STATUS
25 #include "windef.h"
26 #include "winbase.h"
27 #include "ntsecapi.h"
28 #include "wincrypt.h"
29 #include "winternl.h"
30 #include "bcrypt.h"
31
32 #include "wine/debug.h"
33 #include "bcrypt_internal.h"
34
35 WINE_DEFAULT_DEBUG_CHANNEL(bcrypt);
36
37 static unixlib_handle_t bcrypt_handle;
38
39 #define UNIX_CALL( func, params ) __wine_unix_call( bcrypt_handle, unix_ ## func, params )
40
41
42 NTSTATUS WINAPI BCryptAddContextFunction( ULONG table, const WCHAR *ctx, ULONG iface, const WCHAR *func, ULONG pos )
43 {
44 FIXME( "%#lx, %s, %#lx, %s, %lu: stub\n", table, debugstr_w(ctx), iface, debugstr_w(func), pos );
45 return STATUS_SUCCESS;
46 }
47
48 NTSTATUS WINAPI BCryptAddContextFunctionProvider( ULONG table, const WCHAR *ctx, ULONG iface, const WCHAR *func,
49 const WCHAR *provider, ULONG pos )
50 {
51 FIXME( "%#lx, %s, %#lx, %s, %s, %lu: stub\n", table, debugstr_w(ctx), iface, debugstr_w(func),
52 debugstr_w(provider), pos );
53 return STATUS_SUCCESS;
54 }
55
56 NTSTATUS WINAPI BCryptRemoveContextFunction( ULONG table, const WCHAR *ctx, ULONG iface, const WCHAR *func )
57 {
58 FIXME( "%#lx, %s, %#lx, %s: stub\n", table, debugstr_w(ctx), iface, debugstr_w(func) );
59 return STATUS_NOT_IMPLEMENTED;
60 }
61
62 NTSTATUS WINAPI BCryptRemoveContextFunctionProvider( ULONG table, const WCHAR *ctx, ULONG iface, const WCHAR *func,
63 const WCHAR *provider )
64 {
65 FIXME( "%#lx, %s, %#lx, %s, %s: stub\n", table, debugstr_w(ctx), iface, debugstr_w(func), debugstr_w(provider) );
66 return STATUS_NOT_IMPLEMENTED;
67 }
68
69 NTSTATUS WINAPI BCryptEnumContextFunctions( ULONG table, const WCHAR *ctx, ULONG iface, ULONG *buflen,
70 CRYPT_CONTEXT_FUNCTIONS **buffer )
71 {
72 FIXME( "%#lx, %s, %#lx, %p, %p\n", table, debugstr_w(ctx), iface, buflen, buffer );
73 return STATUS_NOT_IMPLEMENTED;
74 }
75
76 void WINAPI BCryptFreeBuffer( void *buffer )
77 {
78 free( buffer );
79 }
80
81 NTSTATUS WINAPI BCryptRegisterProvider( const WCHAR *provider, ULONG flags, CRYPT_PROVIDER_REG *reg )
82 {
83 FIXME( "%s, %#lx, %p: stub\n", debugstr_w(provider), flags, reg );
84 return STATUS_SUCCESS;
85 }
86
87 NTSTATUS WINAPI BCryptUnregisterProvider( const WCHAR *provider )
88 {
89 FIXME( "%s: stub\n", debugstr_w(provider) );
90 return STATUS_NOT_IMPLEMENTED;
91 }
92
93 #define MAX_HASH_OUTPUT_BYTES 64
94 #define MAX_HASH_BLOCK_BITS 1024
95
96 /* ordered by class, keep in sync with enum alg_id */
97 static const struct
98 {
99 const WCHAR *name;
100 ULONG class;
101 ULONG object_length;
102 ULONG hash_length;
103 ULONG block_bits;
104 }
105 builtin_algorithms[] =
106 {
107 { BCRYPT_3DES_ALGORITHM, BCRYPT_CIPHER_INTERFACE, 522, 0, 0 },
108 { BCRYPT_AES_ALGORITHM, BCRYPT_CIPHER_INTERFACE, 654, 0, 0 },
109 { BCRYPT_SHA256_ALGORITHM, BCRYPT_HASH_INTERFACE, 286, 32, 512 },
110 { BCRYPT_SHA384_ALGORITHM, BCRYPT_HASH_INTERFACE, 382, 48, 1024 },
111 { BCRYPT_SHA512_ALGORITHM, BCRYPT_HASH_INTERFACE, 382, 64, 1024 },
112 { BCRYPT_SHA1_ALGORITHM, BCRYPT_HASH_INTERFACE, 278, 20, 512 },
113 { BCRYPT_MD5_ALGORITHM, BCRYPT_HASH_INTERFACE, 274, 16, 512 },
114 { BCRYPT_MD4_ALGORITHM, BCRYPT_HASH_INTERFACE, 270, 16, 512 },
115 { BCRYPT_MD2_ALGORITHM, BCRYPT_HASH_INTERFACE, 270, 16, 128 },
116 { BCRYPT_RSA_ALGORITHM, BCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE, 0, 0, 0 },
117 { BCRYPT_ECDH_P256_ALGORITHM, BCRYPT_SECRET_AGREEMENT_INTERFACE, 0, 0, 0 },
118 { BCRYPT_RSA_SIGN_ALGORITHM, BCRYPT_SIGNATURE_INTERFACE, 0, 0, 0 },
119 { BCRYPT_ECDSA_P256_ALGORITHM, BCRYPT_SIGNATURE_INTERFACE, 0, 0, 0 },
120 { BCRYPT_ECDSA_P384_ALGORITHM, BCRYPT_SIGNATURE_INTERFACE, 0, 0, 0 },
121 { BCRYPT_DSA_ALGORITHM, BCRYPT_SIGNATURE_INTERFACE, 0, 0, 0 },
122 { BCRYPT_RNG_ALGORITHM, BCRYPT_RNG_INTERFACE, 0, 0, 0 },
123 };
124
125 static BOOL match_operation_type( ULONG type, ULONG class )
126 {
127 if (!type) return TRUE;
128 switch (class)
129 {
130 case BCRYPT_CIPHER_INTERFACE: return type & BCRYPT_CIPHER_OPERATION;
131 case BCRYPT_HASH_INTERFACE: return type & BCRYPT_HASH_OPERATION;
132 case BCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE: return type & BCRYPT_ASYMMETRIC_ENCRYPTION_OPERATION;
133 case BCRYPT_SECRET_AGREEMENT_INTERFACE: return type & BCRYPT_SECRET_AGREEMENT_OPERATION;
134 case BCRYPT_SIGNATURE_INTERFACE: return type & BCRYPT_SIGNATURE_OPERATION;
135 case BCRYPT_RNG_INTERFACE: return type & BCRYPT_RNG_OPERATION;
136 default: break;
137 }
138 return FALSE;
139 }
140
141 NTSTATUS WINAPI BCryptEnumAlgorithms( ULONG type, ULONG *ret_count, BCRYPT_ALGORITHM_IDENTIFIER **ret_list, ULONG flags )
142 {
143 static const ULONG supported = BCRYPT_CIPHER_OPERATION |\
144 BCRYPT_HASH_OPERATION |\
145 BCRYPT_ASYMMETRIC_ENCRYPTION_OPERATION |\
146 BCRYPT_SECRET_AGREEMENT_OPERATION |\
147 BCRYPT_SIGNATURE_OPERATION |\
148 BCRYPT_RNG_OPERATION;
149 BCRYPT_ALGORITHM_IDENTIFIER *list;
150 ULONG i, j, count = 0;
151
152 TRACE( "%#lx, %p, %p, %#lx\n", type, ret_count, ret_list, flags );
153
154 if (!ret_count || !ret_list || (type & ~supported)) return STATUS_INVALID_PARAMETER;
155
156 for (i = 0; i < ARRAY_SIZE( builtin_algorithms ); i++)
157 {
158 if (match_operation_type( type, builtin_algorithms[i].class )) count++;
159 }
160
161 if (!(list = malloc( count * sizeof(*list) ))) return STATUS_NO_MEMORY;
162
163 for (i = 0, j = 0; i < ARRAY_SIZE( builtin_algorithms ); i++)
164 {
165 if (!match_operation_type( type, builtin_algorithms[i].class )) continue;
166 list[j].pszName = (WCHAR *)builtin_algorithms[i].name;
167 list[j].dwClass = builtin_algorithms[i].class;
168 list[j].dwFlags = 0;
169 j++;
170 }
171
172 *ret_count = count;
173 *ret_list = list;
174 return STATUS_SUCCESS;
175 }
176
177 NTSTATUS WINAPI BCryptGenRandom(BCRYPT_ALG_HANDLE handle, UCHAR *buffer, ULONG count, ULONG flags)
178 {
179 const DWORD supported_flags = BCRYPT_USE_SYSTEM_PREFERRED_RNG;
180 struct algorithm *algorithm = handle;
181
182 TRACE("%p, %p, %lu, %#lx - semi-stub\n", handle, buffer, count, flags);
183
184 if (!algorithm)
185 {
186 /* It's valid to call without an algorithm if BCRYPT_USE_SYSTEM_PREFERRED_RNG
187 * is set. In this case the preferred system RNG is used.
188 */
189 if (!(flags & BCRYPT_USE_SYSTEM_PREFERRED_RNG))
190 return STATUS_INVALID_HANDLE;
191 }
192 else if (algorithm->hdr.magic != MAGIC_ALG || algorithm->id != ALG_ID_RNG)
193 return STATUS_INVALID_HANDLE;
194
195 if (!buffer)
196 return STATUS_INVALID_PARAMETER;
197
198 if (flags & ~supported_flags)
199 FIXME("unsupported flags %#lx\n", flags & ~supported_flags);
200
201 if (algorithm)
202 FIXME("ignoring selected algorithm\n");
203
204 /* When zero bytes are requested the function returns success too. */
205 if (!count)
206 return STATUS_SUCCESS;
207
208 if (algorithm || (flags & BCRYPT_USE_SYSTEM_PREFERRED_RNG))
209 {
210 if (RtlGenRandom(buffer, count))
211 return STATUS_SUCCESS;
212 }
213
214 FIXME("called with unsupported parameters, returning error\n");
215 return STATUS_NOT_IMPLEMENTED;
216 }
217
218 NTSTATUS WINAPI BCryptOpenAlgorithmProvider( BCRYPT_ALG_HANDLE *handle, const WCHAR *id, const WCHAR *implementation,
219 DWORD flags )
220 {
221 const DWORD supported_flags = BCRYPT_ALG_HANDLE_HMAC_FLAG | BCRYPT_HASH_REUSABLE_FLAG;
222 struct algorithm *alg;
223 enum alg_id alg_id;
224 ULONG i;
225
226 TRACE( "%p, %s, %s, %#lx\n", handle, wine_dbgstr_w(id), wine_dbgstr_w(implementation), flags );
227
228 if (!handle || !id) return STATUS_INVALID_PARAMETER;
229 if (flags & ~supported_flags)
230 {
231 FIXME( "unsupported flags %#lx\n", flags & ~supported_flags );
232 return STATUS_NOT_IMPLEMENTED;
233 }
234
235 for (i = 0; i < ARRAY_SIZE( builtin_algorithms ); i++)
236 {
237 if (!wcscmp( id, builtin_algorithms[i].name))
238 {
239 alg_id = i;
240 break;
241 }
242 }
243 if (i == ARRAY_SIZE( builtin_algorithms ))
244 {
245 FIXME( "algorithm %s not supported\n", debugstr_w(id) );
246 return STATUS_NOT_IMPLEMENTED;
247 }
248
249 if (implementation && wcscmp( implementation, MS_PRIMITIVE_PROVIDER ))
250 {
251 FIXME( "implementation %s not supported\n", debugstr_w(implementation) );
252 return STATUS_NOT_IMPLEMENTED;
253 }
254
255 if (!(alg = malloc( sizeof(*alg) ))) return STATUS_NO_MEMORY;
256 alg->hdr.magic = MAGIC_ALG;
257 alg->id = alg_id;
258 alg->mode = MODE_ID_CBC;
259 alg->flags = flags;
260
261 *handle = alg;
262 return STATUS_SUCCESS;
263 }
264
265 NTSTATUS WINAPI BCryptCloseAlgorithmProvider( BCRYPT_ALG_HANDLE handle, DWORD flags )
266 {
267 struct algorithm *alg = handle;
268
269 TRACE( "%p, %#lx\n", handle, flags );
270
271 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
272 alg->hdr.magic = 0;
273 free( alg );
274 return STATUS_SUCCESS;
275 }
276
277 NTSTATUS WINAPI BCryptGetFipsAlgorithmMode(BOOLEAN *enabled)
278 {
279 FIXME("%p - semi-stub\n", enabled);
280
281 if (!enabled)
282 return STATUS_INVALID_PARAMETER;
283
284 *enabled = FALSE;
285 return STATUS_SUCCESS;
286 }
287
288 struct hash_impl
289 {
290 union
291 {
292 MD2_CTX md2;
293 MD4_CTX md4;
294 MD5_CTX md5;
295 SHA_CTX sha1;
296 SHA256_CTX sha256;
297 SHA512_CTX sha512;
298 } u;
299 };
300
301 static NTSTATUS hash_init( struct hash_impl *hash, enum alg_id alg_id )
302 {
303 switch (alg_id)
304 {
305 case ALG_ID_MD2:
306 md2_init( &hash->u.md2 );
307 break;
308
309 case ALG_ID_MD4:
310 MD4Init( &hash->u.md4 );
311 break;
312
313 case ALG_ID_MD5:
314 MD5Init( &hash->u.md5 );
315 break;
316
317 case ALG_ID_SHA1:
318 A_SHAInit( &hash->u.sha1 );
319 break;
320
321 case ALG_ID_SHA256:
322 sha256_init( &hash->u.sha256 );
323 break;
324
325 case ALG_ID_SHA384:
326 sha384_init( &hash->u.sha512 );
327 break;
328
329 case ALG_ID_SHA512:
330 sha512_init( &hash->u.sha512 );
331 break;
332
333 default:
334 ERR( "unhandled id %u\n", alg_id );
335 return STATUS_NOT_IMPLEMENTED;
336 }
337 return STATUS_SUCCESS;
338 }
339
340 static NTSTATUS hash_update( struct hash_impl *hash, enum alg_id alg_id,
341 UCHAR *input, ULONG size )
342 {
343 switch (alg_id)
344 {
345 case ALG_ID_MD2:
346 md2_update( &hash->u.md2, input, size );
347 break;
348
349 case ALG_ID_MD4:
350 MD4Update( &hash->u.md4, input, size );
351 break;
352
353 case ALG_ID_MD5:
354 MD5Update( &hash->u.md5, input, size );
355 break;
356
357 case ALG_ID_SHA1:
358 A_SHAUpdate( &hash->u.sha1, input, size );
359 break;
360
361 case ALG_ID_SHA256:
362 sha256_update( &hash->u.sha256, input, size );
363 break;
364
365 case ALG_ID_SHA384:
366 sha384_update( &hash->u.sha512, input, size );
367 break;
368
369 case ALG_ID_SHA512:
370 sha512_update( &hash->u.sha512, input, size );
371 break;
372
373 default:
374 ERR( "unhandled id %u\n", alg_id );
375 return STATUS_NOT_IMPLEMENTED;
376 }
377 return STATUS_SUCCESS;
378 }
379
380 static NTSTATUS hash_finish( struct hash_impl *hash, enum alg_id alg_id,
381 UCHAR *output, ULONG size )
382 {
383 switch (alg_id)
384 {
385 case ALG_ID_MD2:
386 md2_finalize( &hash->u.md2, output );
387 break;
388
389 case ALG_ID_MD4:
390 MD4Final( &hash->u.md4 );
391 memcpy( output, hash->u.md4.digest, 16 );
392 break;
393
394 case ALG_ID_MD5:
395 MD5Final( &hash->u.md5 );
396 memcpy( output, hash->u.md5.digest, 16 );
397 break;
398
399 case ALG_ID_SHA1:
400 A_SHAFinal( &hash->u.sha1, (ULONG *)output );
401 break;
402
403 case ALG_ID_SHA256:
404 sha256_finalize( &hash->u.sha256, output );
405 break;
406
407 case ALG_ID_SHA384:
408 sha384_finalize( &hash->u.sha512, output );
409 break;
410
411 case ALG_ID_SHA512:
412 sha512_finalize( &hash->u.sha512, output );
413 break;
414
415 default:
416 ERR( "unhandled id %u\n", alg_id );
417 return STATUS_NOT_IMPLEMENTED;
418 }
419 return STATUS_SUCCESS;
420 }
421
422 #define HASH_FLAG_HMAC 0x01
423 #define HASH_FLAG_REUSABLE 0x02
424 struct hash
425 {
426 struct object hdr;
427 enum alg_id alg_id;
428 ULONG flags;
429 UCHAR *secret;
430 ULONG secret_len;
431 struct hash_impl outer;
432 struct hash_impl inner;
433 };
434
435 #define BLOCK_LENGTH_3DES 8
436 #define BLOCK_LENGTH_AES 16
437
438 static NTSTATUS generic_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
439 {
440 if (!wcscmp( prop, BCRYPT_OBJECT_LENGTH ))
441 {
442 if (!builtin_algorithms[id].object_length)
443 return STATUS_NOT_SUPPORTED;
444 *ret_size = sizeof(ULONG);
445 if (size < sizeof(ULONG))
446 return STATUS_BUFFER_TOO_SMALL;
447 if (buf)
448 *(ULONG *)buf = builtin_algorithms[id].object_length;
449 return STATUS_SUCCESS;
450 }
451
452 if (!wcscmp( prop, BCRYPT_HASH_LENGTH ))
453 {
454 if (!builtin_algorithms[id].hash_length)
455 return STATUS_NOT_SUPPORTED;
456 *ret_size = sizeof(ULONG);
457 if (size < sizeof(ULONG))
458 return STATUS_BUFFER_TOO_SMALL;
459 if(buf)
460 *(ULONG*)buf = builtin_algorithms[id].hash_length;
461 return STATUS_SUCCESS;
462 }
463
464 if (!wcscmp( prop, BCRYPT_ALGORITHM_NAME ))
465 {
466 *ret_size = (lstrlenW(builtin_algorithms[id].name) + 1) * sizeof(WCHAR);
467 if (size < *ret_size)
468 return STATUS_BUFFER_TOO_SMALL;
469 if(buf)
470 memcpy(buf, builtin_algorithms[id].name, *ret_size);
471 return STATUS_SUCCESS;
472 }
473
474 return STATUS_NOT_IMPLEMENTED;
475 }
476
477 static NTSTATUS get_3des_property( enum mode_id mode, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
478 {
479 if (!wcscmp( prop, BCRYPT_BLOCK_LENGTH ))
480 {
481 *ret_size = sizeof(ULONG);
482 if (size < sizeof(ULONG)) return STATUS_BUFFER_TOO_SMALL;
483 if (buf) *(ULONG *)buf = BLOCK_LENGTH_3DES;
484 return STATUS_SUCCESS;
485 }
486 if (!wcscmp( prop, BCRYPT_CHAINING_MODE ))
487 {
488 const WCHAR *str;
489 switch (mode)
490 {
491 case MODE_ID_CBC: str = BCRYPT_CHAIN_MODE_CBC; break;
492 default: return STATUS_NOT_IMPLEMENTED;
493 }
494
495 *ret_size = 64;
496 if (size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
497 memcpy( buf, str, (lstrlenW(str) + 1) * sizeof(WCHAR) );
498 return STATUS_SUCCESS;
499 }
500 if (!wcscmp( prop, BCRYPT_KEY_LENGTHS ))
501 {
502 BCRYPT_KEY_LENGTHS_STRUCT *key_lengths = (void *)buf;
503 *ret_size = sizeof(*key_lengths);
504 if (key_lengths && size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
505 if (key_lengths)
506 {
507 key_lengths->dwMinLength = 192;
508 key_lengths->dwMaxLength = 192;
509 key_lengths->dwIncrement = 0;
510 }
511 return STATUS_SUCCESS;
512 }
513 FIXME( "unsupported property %s\n", debugstr_w(prop) );
514 return STATUS_NOT_IMPLEMENTED;
515 }
516
517 static NTSTATUS get_aes_property( enum mode_id mode, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
518 {
519 if (!wcscmp( prop, BCRYPT_BLOCK_LENGTH ))
520 {
521 *ret_size = sizeof(ULONG);
522 if (size < sizeof(ULONG)) return STATUS_BUFFER_TOO_SMALL;
523 if (buf) *(ULONG *)buf = BLOCK_LENGTH_AES;
524 return STATUS_SUCCESS;
525 }
526 if (!wcscmp( prop, BCRYPT_CHAINING_MODE ))
527 {
528 const WCHAR *str;
529 switch (mode)
530 {
531 case MODE_ID_ECB: str = BCRYPT_CHAIN_MODE_ECB; break;
532 case MODE_ID_CBC: str = BCRYPT_CHAIN_MODE_CBC; break;
533 case MODE_ID_GCM: str = BCRYPT_CHAIN_MODE_GCM; break;
534 default: return STATUS_NOT_IMPLEMENTED;
535 }
536
537 *ret_size = 64;
538 if (size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
539 memcpy( buf, str, (lstrlenW(str) + 1) * sizeof(WCHAR) );
540 return STATUS_SUCCESS;
541 }
542 if (!wcscmp( prop, BCRYPT_KEY_LENGTHS ))
543 {
544 BCRYPT_KEY_LENGTHS_STRUCT *key_lengths = (void *)buf;
545 *ret_size = sizeof(*key_lengths);
546 if (key_lengths && size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
547 if (key_lengths)
548 {
549 key_lengths->dwMinLength = 128;
550 key_lengths->dwMaxLength = 256;
551 key_lengths->dwIncrement = 64;
552 }
553 return STATUS_SUCCESS;
554 }
555 if (!wcscmp( prop, BCRYPT_AUTH_TAG_LENGTH ))
556 {
557 BCRYPT_AUTH_TAG_LENGTHS_STRUCT *tag_length = (void *)buf;
558 if (mode != MODE_ID_GCM) return STATUS_NOT_SUPPORTED;
559 *ret_size = sizeof(*tag_length);
560 if (tag_length && size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
561 if (tag_length)
562 {
563 tag_length->dwMinLength = 12;
564 tag_length->dwMaxLength = 16;
565 tag_length->dwIncrement = 1;
566 }
567 return STATUS_SUCCESS;
568 }
569
570 FIXME( "unsupported property %s\n", debugstr_w(prop) );
571 return STATUS_NOT_IMPLEMENTED;
572 }
573
574 static NTSTATUS get_rsa_property( enum mode_id mode, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
575 {
576 if (!wcscmp( prop, BCRYPT_PADDING_SCHEMES ))
577 {
578 *ret_size = sizeof(ULONG);
579 if (size < sizeof(ULONG)) return STATUS_BUFFER_TOO_SMALL;
580 if (buf) *(ULONG *)buf = BCRYPT_SUPPORTED_PAD_PKCS1_SIG;
581 return STATUS_SUCCESS;
582 }
583
584 FIXME( "unsupported property %s\n", debugstr_w(prop) );
585 return STATUS_NOT_IMPLEMENTED;
586 }
587
588 static NTSTATUS get_dsa_property( enum mode_id mode, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
589 {
590 if (!wcscmp( prop, BCRYPT_PADDING_SCHEMES )) return STATUS_NOT_SUPPORTED;
591 FIXME( "unsupported property %s\n", debugstr_w(prop) );
592 return STATUS_NOT_IMPLEMENTED;
593 }
594
595 static NTSTATUS get_alg_property( const struct algorithm *alg, const WCHAR *prop,
596 UCHAR *buf, ULONG size, ULONG *ret_size )
597 {
598 NTSTATUS status;
599
600 status = generic_alg_property( alg->id, prop, buf, size, ret_size );
601 if (status != STATUS_NOT_IMPLEMENTED)
602 return status;
603
604 switch (alg->id)
605 {
606 case ALG_ID_3DES:
607 return get_3des_property( alg->mode, prop, buf, size, ret_size );
608
609 case ALG_ID_AES:
610 return get_aes_property( alg->mode, prop, buf, size, ret_size );
611
612 case ALG_ID_RSA:
613 return get_rsa_property( alg->mode, prop, buf, size, ret_size );
614
615 case ALG_ID_DSA:
616 return get_dsa_property( alg->mode, prop, buf, size, ret_size );
617
618 default:
619 break;
620 }
621
622 FIXME( "unsupported property %s algorithm %u\n", debugstr_w(prop), alg->id );
623 return STATUS_NOT_IMPLEMENTED;
624 }
625
626 static NTSTATUS set_alg_property( struct algorithm *alg, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
627 {
628 switch (alg->id)
629 {
630 case ALG_ID_3DES:
631 if (!wcscmp( prop, BCRYPT_CHAINING_MODE ))
632 {
633 if (!wcscmp( (WCHAR *)value, BCRYPT_CHAIN_MODE_CBC ))
634 {
635 alg->mode = MODE_ID_CBC;
636 return STATUS_SUCCESS;
637 }
638 else
639 {
640 FIXME( "unsupported mode %s\n", debugstr_w((WCHAR *)value) );
641 return STATUS_NOT_SUPPORTED;
642 }
643 }
644 FIXME( "unsupported 3des algorithm property %s\n", debugstr_w(prop) );
645 return STATUS_NOT_IMPLEMENTED;
646
647 case ALG_ID_AES:
648 if (!wcscmp( prop, BCRYPT_CHAINING_MODE ))
649 {
650 if (!wcscmp( (WCHAR *)value, BCRYPT_CHAIN_MODE_ECB ))
651 {
652 alg->mode = MODE_ID_ECB;
653 return STATUS_SUCCESS;
654 }
655 else if (!wcscmp( (WCHAR *)value, BCRYPT_CHAIN_MODE_CBC ))
656 {
657 alg->mode = MODE_ID_CBC;
658 return STATUS_SUCCESS;
659 }
660 else if (!wcscmp( (WCHAR *)value, BCRYPT_CHAIN_MODE_GCM ))
661 {
662 alg->mode = MODE_ID_GCM;
663 return STATUS_SUCCESS;
664 }
665 else
666 {
667 FIXME( "unsupported mode %s\n", debugstr_w((WCHAR *)value) );
668 return STATUS_NOT_IMPLEMENTED;
669 }
670 }
671 FIXME( "unsupported aes algorithm property %s\n", debugstr_w(prop) );
672 return STATUS_NOT_IMPLEMENTED;
673
674 default:
675 FIXME( "unsupported algorithm %u\n", alg->id );
676 return STATUS_NOT_IMPLEMENTED;
677 }
678 }
679
680 static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
681 {
682 if (!wcscmp( prop, BCRYPT_CHAINING_MODE ))
683 {
684 if (!wcscmp( (WCHAR *)value, BCRYPT_CHAIN_MODE_ECB ))
685 {
686 key->u.s.mode = MODE_ID_ECB;
687 return STATUS_SUCCESS;
688 }
689 else if (!wcscmp( (WCHAR *)value, BCRYPT_CHAIN_MODE_CBC ))
690 {
691 key->u.s.mode = MODE_ID_CBC;
692 return STATUS_SUCCESS;
693 }
694 else if (!wcscmp( (WCHAR *)value, BCRYPT_CHAIN_MODE_GCM ))
695 {
696 key->u.s.mode = MODE_ID_GCM;
697 return STATUS_SUCCESS;
698 }
699 else
700 {
701 FIXME( "unsupported mode %s\n", debugstr_w((WCHAR *)value) );
702 return STATUS_NOT_IMPLEMENTED;
703 }
704 }
705 else if (!wcscmp( prop, BCRYPT_KEY_LENGTH ))
706 {
707 if (size < sizeof(DWORD)) return STATUS_INVALID_PARAMETER;
708 key->u.a.bitlen = *(DWORD*)value;
709 return STATUS_SUCCESS;
710 }
711
712 FIXME( "unsupported key property %s\n", debugstr_w(prop) );
713 return STATUS_NOT_IMPLEMENTED;
714 }
715
716 static NTSTATUS get_hash_property( const struct hash *hash, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
717 {
718 NTSTATUS status;
719
720 status = generic_alg_property( hash->alg_id, prop, buf, size, ret_size );
721 if (status == STATUS_NOT_IMPLEMENTED)
722 FIXME( "unsupported property %s\n", debugstr_w(prop) );
723 return status;
724 }
725
726 static NTSTATUS get_key_property( const struct key *key, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
727 {
728 switch (key->alg_id)
729 {
730 case ALG_ID_3DES:
731 return get_3des_property( key->u.s.mode, prop, buf, size, ret_size );
732
733 case ALG_ID_AES:
734 if (!wcscmp( prop, BCRYPT_AUTH_TAG_LENGTH )) return STATUS_NOT_SUPPORTED;
735 return get_aes_property( key->u.s.mode, prop, buf, size, ret_size );
736
737 default:
738 FIXME( "unsupported algorithm %u\n", key->alg_id );
739 return STATUS_NOT_IMPLEMENTED;
740 }
741 }
742
743 NTSTATUS WINAPI BCryptGetProperty( BCRYPT_HANDLE handle, const WCHAR *prop, UCHAR *buffer, ULONG count, ULONG *res,
744 ULONG flags )
745 {
746 struct object *object = handle;
747
748 TRACE( "%p, %s, %p, %lu, %p, %#lx\n", handle, wine_dbgstr_w(prop), buffer, count, res, flags );
749
750 if (!object) return STATUS_INVALID_HANDLE;
751 if (!prop || !res) return STATUS_INVALID_PARAMETER;
752
753 switch (object->magic)
754 {
755 case MAGIC_ALG:
756 {
757 const struct algorithm *alg = (const struct algorithm *)object;
758 return get_alg_property( alg, prop, buffer, count, res );
759 }
760 case MAGIC_KEY:
761 {
762 const struct key *key = (const struct key *)object;
763 return get_key_property( key, prop, buffer, count, res );
764 }
765 case MAGIC_HASH:
766 {
767 const struct hash *hash = (const struct hash *)object;
768 return get_hash_property( hash, prop, buffer, count, res );
769 }
770 default:
771 WARN( "unknown magic %#lx\n", object->magic );
772 return STATUS_INVALID_HANDLE;
773 }
774 }
775
776 static NTSTATUS hash_prepare( struct hash *hash )
777 {
778 UCHAR buffer[MAX_HASH_BLOCK_BITS / 8] = {0};
779 int block_bytes, i;
780 NTSTATUS status;
781
782 /* initialize hash */
783 if ((status = hash_init( &hash->inner, hash->alg_id ))) return status;
784 if (!(hash->flags & HASH_FLAG_HMAC)) return STATUS_SUCCESS;
785
786 /* initialize hmac */
787 if ((status = hash_init( &hash->outer, hash->alg_id ))) return status;
788 block_bytes = builtin_algorithms[hash->alg_id].block_bits / 8;
789 if (hash->secret_len > block_bytes)
790 {
791 struct hash_impl temp;
792 if ((status = hash_init( &temp, hash->alg_id ))) return status;
793 if ((status = hash_update( &temp, hash->alg_id, hash->secret, hash->secret_len ))) return status;
794 if ((status = hash_finish( &temp, hash->alg_id, buffer,
795 builtin_algorithms[hash->alg_id].hash_length ))) return status;
796 }
797 else memcpy( buffer, hash->secret, hash->secret_len );
798
799 for (i = 0; i < block_bytes; i++) buffer[i] ^= 0x5c;
800 if ((status = hash_update( &hash->outer, hash->alg_id, buffer, block_bytes ))) return status;
801 for (i = 0; i < block_bytes; i++) buffer[i] ^= (0x5c ^ 0x36);
802 return hash_update( &hash->inner, hash->alg_id, buffer, block_bytes );
803 }
804
805 static NTSTATUS hash_create( const struct algorithm *alg, UCHAR *secret, ULONG secret_len, ULONG flags,
806 struct hash **ret_hash )
807 {
808 struct hash *hash;
809 NTSTATUS status;
810
811 if (!(hash = calloc( 1, sizeof(*hash) ))) return STATUS_NO_MEMORY;
812 hash->hdr.magic = MAGIC_HASH;
813 hash->alg_id = alg->id;
814 if (alg->flags & BCRYPT_ALG_HANDLE_HMAC_FLAG) hash->flags = HASH_FLAG_HMAC;
815 if ((alg->flags & BCRYPT_HASH_REUSABLE_FLAG) || (flags & BCRYPT_HASH_REUSABLE_FLAG))
816 hash->flags |= HASH_FLAG_REUSABLE;
817
818 if (secret_len && !(hash->secret = malloc( secret_len )))
819 {
820 free( hash );
821 return STATUS_NO_MEMORY;
822 }
823 memcpy( hash->secret, secret, secret_len );
824 hash->secret_len = secret_len;
825
826 if ((status = hash_prepare( hash )))
827 {
828 free( hash->secret );
829 free( hash );
830 return status;
831 }
832
833 *ret_hash = hash;
834 return STATUS_SUCCESS;
835 }
836
837 NTSTATUS WINAPI BCryptCreateHash( BCRYPT_ALG_HANDLE algorithm, BCRYPT_HASH_HANDLE *handle, UCHAR *object,
838 ULONG object_len, UCHAR *secret, ULONG secret_len, ULONG flags )
839 {
840 struct algorithm *alg = algorithm;
841 struct hash *hash;
842 NTSTATUS status;
843
844 TRACE( "%p, %p, %p, %lu, %p, %lu, %#lx\n", algorithm, handle, object, object_len, secret, secret_len, flags );
845 if (flags & ~BCRYPT_HASH_REUSABLE_FLAG)
846 {
847 FIXME( "unimplemented flags %#lx\n", flags );
848 return STATUS_NOT_IMPLEMENTED;
849 }
850
851 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
852 if (object) FIXME( "ignoring object buffer\n" );
853
854 if ((status = hash_create( alg, secret, secret_len, flags, &hash ))) return status;
855 *handle = hash;
856 return STATUS_SUCCESS;
857 }
858
859 NTSTATUS WINAPI BCryptDuplicateHash( BCRYPT_HASH_HANDLE handle, BCRYPT_HASH_HANDLE *handle_copy,
860 UCHAR *object, ULONG objectlen, ULONG flags )
861 {
862 struct hash *hash_orig = handle;
863 struct hash *hash_copy;
864
865 TRACE( "%p, %p, %p, %lu, %#lx\n", handle, handle_copy, object, objectlen, flags );
866
867 if (!hash_orig || hash_orig->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
868 if (!handle_copy) return STATUS_INVALID_PARAMETER;
869 if (object) FIXME( "ignoring object buffer\n" );
870
871 if (!(hash_copy = malloc( sizeof(*hash_copy) ))) return STATUS_NO_MEMORY;
872
873 memcpy( hash_copy, hash_orig, sizeof(*hash_orig) );
874 if (hash_orig->secret && !(hash_copy->secret = malloc( hash_orig->secret_len )))
875 {
876 free( hash_copy );
877 return STATUS_NO_MEMORY;
878 }
879 memcpy( hash_copy->secret, hash_orig->secret, hash_orig->secret_len );
880
881 *handle_copy = hash_copy;
882 return STATUS_SUCCESS;
883 }
884
885 static void hash_destroy( struct hash *hash )
886 {
887 if (!hash) return;
888 hash->hdr.magic = 0;
889 free( hash->secret );
890 free( hash );
891 }
892
893 NTSTATUS WINAPI BCryptDestroyHash( BCRYPT_HASH_HANDLE handle )
894 {
895 struct hash *hash = handle;
896
897 TRACE( "%p\n", handle );
898
899 if (!hash || hash->hdr.magic != MAGIC_HASH) return STATUS_INVALID_PARAMETER;
900 hash_destroy( hash );
901 return STATUS_SUCCESS;
902 }
903
904 NTSTATUS WINAPI BCryptHashData( BCRYPT_HASH_HANDLE handle, UCHAR *input, ULONG size, ULONG flags )
905 {
906 struct hash *hash = handle;
907
908 TRACE( "%p, %p, %lu, %#lx\n", handle, input, size, flags );
909
910 if (!hash || hash->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
911 if (!input) return STATUS_SUCCESS;
912
913 return hash_update( &hash->inner, hash->alg_id, input, size );
914 }
915
916 static NTSTATUS hash_finalize( struct hash *hash, UCHAR *output, ULONG size )
917 {
918 UCHAR buffer[MAX_HASH_OUTPUT_BYTES];
919 int hash_length;
920 NTSTATUS status;
921
922 if (!(hash->flags & HASH_FLAG_HMAC))
923 {
924 if ((status = hash_finish( &hash->inner, hash->alg_id, output, size ))) return status;
925 if (hash->flags & HASH_FLAG_REUSABLE) return hash_prepare( hash );
926 return STATUS_SUCCESS;
927 }
928
929 hash_length = builtin_algorithms[hash->alg_id].hash_length;
930 if ((status = hash_finish( &hash->inner, hash->alg_id, buffer, hash_length ))) return status;
931 if ((status = hash_update( &hash->outer, hash->alg_id, buffer, hash_length ))) return status;
932 if ((status = hash_finish( &hash->outer, hash->alg_id, output, size ))) return status;
933
934 if (hash->flags & HASH_FLAG_REUSABLE) return hash_prepare( hash );
935 return STATUS_SUCCESS;
936 }
937
938 NTSTATUS WINAPI BCryptFinishHash( BCRYPT_HASH_HANDLE handle, UCHAR *output, ULONG size, ULONG flags )
939 {
940 struct hash *hash = handle;
941
942 TRACE( "%p, %p, %lu, %#lx\n", handle, output, size, flags );
943
944 if (!hash || hash->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
945 if (!output) return STATUS_INVALID_PARAMETER;
946
947 return hash_finalize( hash, output, size );
948 }
949
950 NTSTATUS WINAPI BCryptHash( BCRYPT_ALG_HANDLE algorithm, UCHAR *secret, ULONG secret_len,
951 UCHAR *input, ULONG input_len, UCHAR *output, ULONG output_len )
952 {
953 struct algorithm *alg = algorithm;
954 struct hash *hash;
955 NTSTATUS status;
956
957 TRACE( "%p, %p, %lu, %p, %lu, %p, %lu\n", algorithm, secret, secret_len, input, input_len, output, output_len );
958
959 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
960
961 if ((status = hash_create( alg, secret, secret_len, 0, &hash ))) return status;
962 if ((status = hash_update( &hash->inner, hash->alg_id, input, input_len )))
963 {
964 hash_destroy( hash );
965 return status;
966 }
967 status = hash_finalize( hash, output, output_len );
968 hash_destroy( hash );
969 return status;
970 }
971
972 static NTSTATUS key_asymmetric_create( enum alg_id alg_id, ULONG bitlen, struct key **ret_key )
973 {
974 struct key *key;
975
976 if (!bcrypt_handle)
977 {
978 ERR( "no encryption support\n" );
979 return STATUS_NOT_IMPLEMENTED;
980 }
981
982 if (!(key = calloc( 1, sizeof(*key) ))) return STATUS_NO_MEMORY;
983 key->hdr.magic = MAGIC_KEY;
984 key->alg_id = alg_id;
985 key->u.a.bitlen = bitlen;
986
987 *ret_key = key;
988 return STATUS_SUCCESS;
989 }
990
991 static BOOL key_is_symmetric( struct key *key )
992 {
993 return builtin_algorithms[key->alg_id].class == BCRYPT_CIPHER_INTERFACE;
994 }
995
996 static BOOL is_zero_vector( const UCHAR *vector, ULONG len )
997 {
998 ULONG i;
999 if (!vector) return FALSE;
1000 for (i = 0; i < len; i++) if (vector[i]) return FALSE;
1001 return TRUE;
1002 }
1003
1004 static BOOL is_equal_vector( const UCHAR *vector, ULONG len, const UCHAR *vector2, ULONG len2 )
1005 {
1006 if (!vector && !vector2) return TRUE;
1007 if (len != len2) return FALSE;
1008 return !memcmp( vector, vector2, len );
1009 }
1010
1011 static NTSTATUS key_symmetric_set_vector( struct key *key, UCHAR *vector, ULONG vector_len )
1012 {
1013 BOOL needs_reset = (!is_zero_vector( vector, vector_len ) ||
1014 !is_equal_vector( key->u.s.vector, key->u.s.vector_len, vector, vector_len ));
1015
1016 free( key->u.s.vector );
1017 key->u.s.vector = NULL;
1018 key->u.s.vector_len = 0;
1019 if (vector)
1020 {
1021 if (!(key->u.s.vector = malloc( vector_len ))) return STATUS_NO_MEMORY;
1022 memcpy( key->u.s.vector, vector, vector_len );
1023 key->u.s.vector_len = vector_len;
1024 }
1025 if (needs_reset) UNIX_CALL( key_symmetric_vector_reset, key );
1026 return STATUS_SUCCESS;
1027 }
1028
1029 static NTSTATUS key_import( BCRYPT_ALG_HANDLE algorithm, const WCHAR *type, BCRYPT_KEY_HANDLE *key, UCHAR *object,
1030 ULONG object_len, UCHAR *input, ULONG input_len )
1031 {
1032 ULONG len;
1033
1034 if (!wcscmp( type, BCRYPT_KEY_DATA_BLOB ))
1035 {
1036 BCRYPT_KEY_DATA_BLOB_HEADER *header = (BCRYPT_KEY_DATA_BLOB_HEADER *)input;
1037
1038 if (input_len < sizeof(BCRYPT_KEY_DATA_BLOB_HEADER)) return STATUS_BUFFER_TOO_SMALL;
1039 if (header->dwMagic != BCRYPT_KEY_DATA_BLOB_MAGIC) return STATUS_INVALID_PARAMETER;
1040 if (header->dwVersion != BCRYPT_KEY_DATA_BLOB_VERSION1)
1041 {
1042 FIXME( "unknown key data blob version %lu\n", header->dwVersion );
1043 return STATUS_INVALID_PARAMETER;
1044 }
1045 len = header->cbKeyData;
1046 if (len + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) > input_len) return STATUS_INVALID_PARAMETER;
1047
1048 return BCryptGenerateSymmetricKey( algorithm, key, object, object_len, (UCHAR *)&header[1], len, 0 );
1049 }
1050 else if (!wcscmp( type, BCRYPT_OPAQUE_KEY_BLOB ))
1051 {
1052 if (input_len < sizeof(len)) return STATUS_BUFFER_TOO_SMALL;
1053 len = *(ULONG *)input;
1054 if (len + sizeof(len) > input_len) return STATUS_INVALID_PARAMETER;
1055
1056 return BCryptGenerateSymmetricKey( algorithm, key, object, object_len, input + sizeof(len), len, 0 );
1057 }
1058
1059 FIXME( "unsupported key type %s\n", debugstr_w(type) );
1060 return STATUS_NOT_IMPLEMENTED;
1061 }
1062
1063 static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, ULONG output_len, ULONG *size )
1064 {
1065 struct key_asymmetric_export_params params;
1066
1067 if (!wcscmp( type, BCRYPT_KEY_DATA_BLOB ))
1068 {
1069 BCRYPT_KEY_DATA_BLOB_HEADER *header = (BCRYPT_KEY_DATA_BLOB_HEADER *)output;
1070 ULONG req_size = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + key->u.s.secret_len;
1071
1072 *size = req_size;
1073 if (output_len < req_size) return STATUS_BUFFER_TOO_SMALL;
1074 if (output)
1075 {
1076 header->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
1077 header->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
1078 header->cbKeyData = key->u.s.secret_len;
1079 memcpy( &header[1], key->u.s.secret, key->u.s.secret_len );
1080 }
1081 return STATUS_SUCCESS;
1082 }
1083 else if (!wcscmp( type, BCRYPT_OPAQUE_KEY_BLOB ))
1084 {
1085 ULONG len, req_size = sizeof(len) + key->u.s.secret_len;
1086
1087 *size = req_size;
1088 if (output_len < req_size) return STATUS_BUFFER_TOO_SMALL;
1089 if (output)
1090 {
1091 *(ULONG *)output = key->u.s.secret_len;
1092 memcpy( output + sizeof(len), key->u.s.secret, key->u.s.secret_len );
1093 }
1094 return STATUS_SUCCESS;
1095 }
1096 else if (!wcscmp( type, BCRYPT_DSA_PRIVATE_BLOB ) || !wcscmp( type, LEGACY_DSA_V2_PRIVATE_BLOB ) ||
1097 !wcscmp( type, BCRYPT_ECCPRIVATE_BLOB ))
1098 {
1099 params.key = key;
1100 params.flags = 0;
1101 params.buf = output;
1102 params.len = output_len;
1103 params.ret_len = size;
1104 return UNIX_CALL( key_asymmetric_export, &params );
1105 }
1106 else if (!wcscmp( type, BCRYPT_RSAPRIVATE_BLOB ) || !wcscmp( type, BCRYPT_RSAFULLPRIVATE_BLOB ))
1107 {
1108 params.key = key;
1109 params.flags = (wcscmp( type, BCRYPT_RSAPRIVATE_BLOB )) ? KEY_EXPORT_FLAG_RSA_FULL : 0;
1110 params.buf = output;
1111 params.len = output_len;
1112 params.ret_len = size;
1113 return UNIX_CALL( key_asymmetric_export, &params );
1114 }
1115 else if (!wcscmp( type, BCRYPT_DSA_PUBLIC_BLOB ) || !wcscmp( type, LEGACY_DSA_V2_PUBLIC_BLOB ) ||
1116 !wcscmp( type, BCRYPT_ECCPUBLIC_BLOB ) || !wcscmp( type, BCRYPT_RSAPUBLIC_BLOB ))
1117 {
1118 params.key = key;
1119 params.flags = KEY_EXPORT_FLAG_PUBLIC;
1120 params.buf = output;
1121 params.len = output_len;
1122 params.ret_len = size;
1123 return UNIX_CALL( key_asymmetric_export, &params );
1124 }
1125
1126 FIXME( "unsupported key type %s\n", debugstr_w(type) );
1127 return STATUS_NOT_IMPLEMENTED;
1128 }
1129
1130 static NTSTATUS key_symmetric_encrypt( struct key *key, UCHAR *input, ULONG input_len, void *padding, UCHAR *iv,
1131 ULONG iv_len, UCHAR *output, ULONG output_len, ULONG *ret_len, ULONG flags )
1132 {
1133 struct key_symmetric_set_auth_data_params auth_params;
1134 struct key_symmetric_encrypt_params encrypt_params;
1135 struct key_symmetric_get_tag_params tag_params;
1136 ULONG bytes_left = input_len;
1137 UCHAR *buf;
1138 NTSTATUS status;
1139
1140 if (key->u.s.mode == MODE_ID_GCM)
1141 {
1142 BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO *auth_info = padding;
1143
1144 if (!auth_info) return STATUS_INVALID_PARAMETER;
1145 if (!auth_info->pbNonce) return STATUS_INVALID_PARAMETER;
1146 if (!auth_info->pbTag) return STATUS_INVALID_PARAMETER;
1147 if (auth_info->cbTag < 12 || auth_info->cbTag > 16) return STATUS_INVALID_PARAMETER;
1148 if (auth_info->dwFlags & BCRYPT_AUTH_MODE_CHAIN_CALLS_FLAG)
1149 FIXME( "call chaining not implemented\n" );
1150
1151 if ((status = key_symmetric_set_vector( key, auth_info->pbNonce, auth_info->cbNonce )))
1152 return status;
1153
1154 *ret_len = input_len;
1155 if (flags & BCRYPT_BLOCK_PADDING) return STATUS_INVALID_PARAMETER;
1156 if (input && !output) return STATUS_SUCCESS;
1157 if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
1158
1159 auth_params.key = key;
1160 auth_params.auth_data = auth_info->pbAuthData;
1161 auth_params.len = auth_info->cbAuthData;
1162 if ((status = UNIX_CALL( key_symmetric_set_auth_data, &auth_params ))) return status;
1163
1164 encrypt_params.key = key;
1165 encrypt_params.input = input;
1166 encrypt_params.input_len = input_len;
1167 encrypt_params.output = output;
1168 encrypt_params.output_len = output_len;
1169 if ((status = UNIX_CALL( key_symmetric_encrypt, &encrypt_params ))) return status;
1170
1171 tag_params.key = key;
1172 tag_params.tag = auth_info->pbTag;
1173 tag_params.len = auth_info->cbTag;
1174 return UNIX_CALL( key_symmetric_get_tag, &tag_params );
1175 }
1176
1177 *ret_len = input_len;
1178
1179 if (flags & BCRYPT_BLOCK_PADDING)
1180 *ret_len = (input_len + key->u.s.block_size) & ~(key->u.s.block_size - 1);
1181 else if (input_len & (key->u.s.block_size - 1))
1182 return STATUS_INVALID_BUFFER_SIZE;
1183
1184 if (!output) return STATUS_SUCCESS;
1185 if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
1186 if (key->u.s.mode == MODE_ID_ECB && iv) return STATUS_INVALID_PARAMETER;
1187 if ((status = key_symmetric_set_vector( key, iv, iv_len ))) return status;
1188
1189 encrypt_params.key = key;
1190 encrypt_params.input = input;
1191 encrypt_params.input_len = key->u.s.block_size;
1192 encrypt_params.output = output;
1193 encrypt_params.output_len = key->u.s.block_size;
1194 while (bytes_left >= key->u.s.block_size)
1195 {
1196 if ((status = UNIX_CALL( key_symmetric_encrypt, &encrypt_params )))
1197 return status;
1198 if (key->u.s.mode == MODE_ID_ECB && (status = key_symmetric_set_vector( key, NULL, 0 )))
1199 return status;
1200 bytes_left -= key->u.s.block_size;
1201 encrypt_params.input += key->u.s.block_size;
1202 encrypt_params.output += key->u.s.block_size;
1203 }
1204
1205 if (flags & BCRYPT_BLOCK_PADDING)
1206 {
1207 if (!(buf = malloc( key->u.s.block_size ))) return STATUS_NO_MEMORY;
1208 memcpy( buf, encrypt_params.input, bytes_left );
1209 memset( buf + bytes_left, key->u.s.block_size - bytes_left, key->u.s.block_size - bytes_left );
1210 encrypt_params.input = buf;
1211 status = UNIX_CALL( key_symmetric_encrypt, &encrypt_params );
1212 free( buf );
1213 }
1214
1215 return status;
1216 }
1217
1218 static NTSTATUS key_symmetric_decrypt( struct key *key, UCHAR *input, ULONG input_len, void *padding, UCHAR *iv,
1219 ULONG iv_len, UCHAR *output, ULONG output_len, ULONG *ret_len, ULONG flags )
1220 {
1221 struct key_symmetric_set_auth_data_params auth_params;
1222 struct key_symmetric_decrypt_params decrypt_params;
1223 struct key_symmetric_get_tag_params tag_params;
1224 ULONG bytes_left = input_len;
1225 NTSTATUS status;
1226
1227 if (key->u.s.mode == MODE_ID_GCM)
1228 {
1229 BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO *auth_info = padding;
1230 UCHAR tag[16];
1231
1232 if (!auth_info) return STATUS_INVALID_PARAMETER;
1233 if (!auth_info->pbNonce) return STATUS_INVALID_PARAMETER;
1234 if (!auth_info->pbTag) return STATUS_INVALID_PARAMETER;
1235 if (auth_info->cbTag < 12 || auth_info->cbTag > 16) return STATUS_INVALID_PARAMETER;
1236
1237 if ((status = key_symmetric_set_vector( key, auth_info->pbNonce, auth_info->cbNonce )))
1238 return status;
1239
1240 *ret_len = input_len;
1241 if (flags & BCRYPT_BLOCK_PADDING) return STATUS_INVALID_PARAMETER;
1242 if (!output) return STATUS_SUCCESS;
1243 if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
1244
1245 auth_params.key = key;
1246 auth_params.auth_data = auth_info->pbAuthData;
1247 auth_params.len = auth_info->cbAuthData;
1248 if ((status = UNIX_CALL( key_symmetric_set_auth_data, &auth_params ))) return status;
1249
1250 decrypt_params.key = key;
1251 decrypt_params.input = input;
1252 decrypt_params.input_len = input_len;
1253 decrypt_params.output = output;
1254 decrypt_params.output_len = output_len;
1255 if ((status = UNIX_CALL( key_symmetric_decrypt, &decrypt_params ))) return status;
1256
1257 tag_params.key = key;
1258 tag_params.tag = tag;
1259 tag_params.len = sizeof(tag);
1260 if ((status = UNIX_CALL( key_symmetric_get_tag, &tag_params ))) return status;
1261 if (memcmp( tag, auth_info->pbTag, auth_info->cbTag )) return STATUS_AUTH_TAG_MISMATCH;
1262
1263 return STATUS_SUCCESS;
1264 }
1265
1266 *ret_len = input_len;
1267
1268 if (input_len & (key->u.s.block_size - 1)) return STATUS_INVALID_BUFFER_SIZE;
1269 if (!output) return STATUS_SUCCESS;
1270 if (flags & BCRYPT_BLOCK_PADDING)
1271 {
1272 if (output_len + key->u.s.block_size < *ret_len) return STATUS_BUFFER_TOO_SMALL;
1273 if (input_len < key->u.s.block_size) return STATUS_BUFFER_TOO_SMALL;
1274 bytes_left -= key->u.s.block_size;
1275 }
1276 else if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
1277
1278 if (key->u.s.mode == MODE_ID_ECB && iv) return STATUS_INVALID_PARAMETER;
1279 if ((status = key_symmetric_set_vector( key, iv, iv_len ))) return status;
1280
1281 decrypt_params.key = key;
1282 decrypt_params.input = input;
1283 decrypt_params.input_len = key->u.s.block_size;
1284 decrypt_params.output = output;
1285 decrypt_params.output_len = key->u.s.block_size;
1286 while (bytes_left >= key->u.s.block_size)
1287 {
1288 if ((status = UNIX_CALL( key_symmetric_decrypt, &decrypt_params ))) return status;
1289 if (key->u.s.mode == MODE_ID_ECB && (status = key_symmetric_set_vector( key, NULL, 0 )))
1290 return status;
1291 bytes_left -= key->u.s.block_size;
1292 decrypt_params.input += key->u.s.block_size;
1293 decrypt_params.output += key->u.s.block_size;
1294 }
1295
1296 if (flags & BCRYPT_BLOCK_PADDING)
1297 {
1298 UCHAR *buf, *dst = decrypt_params.output;
1299 if (!(buf = malloc( key->u.s.block_size ))) return STATUS_NO_MEMORY;
1300 decrypt_params.output = buf;
1301 status = UNIX_CALL( key_symmetric_decrypt, &decrypt_params );
1302 if (!status && buf[ key->u.s.block_size - 1 ] <= key->u.s.block_size)
1303 {
1304 *ret_len -= buf[ key->u.s.block_size - 1 ];
1305 if (output_len < *ret_len) status = STATUS_BUFFER_TOO_SMALL;
1306 else memcpy( dst, buf, key->u.s.block_size - buf[ key->u.s.block_size - 1 ] );
1307 }
1308 else status = STATUS_UNSUCCESSFUL; /* FIXME: invalid padding */
1309 free( buf );
1310 }
1311
1312 return status;
1313 }
1314
1315 static void key_destroy( struct key *key )
1316 {
1317 if (key_is_symmetric( key ))
1318 {
1319 UNIX_CALL( key_symmetric_destroy, key );
1320 free( key->u.s.vector );
1321 free( key->u.s.secret );
1322 DeleteCriticalSection( &key->u.s.cs );
1323 }
1324 else
1325 UNIX_CALL( key_asymmetric_destroy, key );
1326
1327 key->hdr.magic = 0;
1328 free( key );
1329 }
1330
1331 static NTSTATUS key_import_pair( struct algorithm *alg, const WCHAR *type, BCRYPT_KEY_HANDLE *ret_key, UCHAR *input,
1332 ULONG input_len )
1333 {
1334 struct key_asymmetric_import_params params;
1335 struct key *key;
1336 NTSTATUS status;
1337 ULONG size;
1338
1339 if (!wcscmp( type, BCRYPT_ECCPUBLIC_BLOB ))
1340 {
1341 BCRYPT_ECCKEY_BLOB *ecc_blob = (BCRYPT_ECCKEY_BLOB *)input;
1342 DWORD key_size, magic;
1343
1344 if (input_len < sizeof(*ecc_blob)) return STATUS_INVALID_PARAMETER;
1345
1346 switch (alg->id)
1347 {
1348 case ALG_ID_ECDH_P256:
1349 key_size = 32;
1350 magic = BCRYPT_ECDH_PUBLIC_P256_MAGIC;
1351 break;
1352
1353 case ALG_ID_ECDSA_P256:
1354 key_size = 32;
1355 magic = BCRYPT_ECDSA_PUBLIC_P256_MAGIC;
1356 break;
1357
1358 case ALG_ID_ECDSA_P384:
1359 key_size = 48;
1360 magic = BCRYPT_ECDSA_PUBLIC_P384_MAGIC;
1361 break;
1362
1363 default:
1364 FIXME( "algorithm %u does not yet support importing blob of type %s\n", alg->id, debugstr_w(type) );
1365 return STATUS_NOT_SUPPORTED;
1366 }
1367
1368 if (ecc_blob->dwMagic != magic) return STATUS_INVALID_PARAMETER;
1369 if (ecc_blob->cbKey != key_size || input_len < sizeof(*ecc_blob) + ecc_blob->cbKey * 2)
1370 return STATUS_INVALID_PARAMETER;
1371
1372 if ((status = key_asymmetric_create( alg->id, key_size * 8, &key ))) return status;
1373 params.key = key;
1374 params.flags = KEY_IMPORT_FLAG_PUBLIC;
1375 params.buf = input;
1376 params.len = input_len;
1377 if ((status = UNIX_CALL( key_asymmetric_import, &params )))
1378 {
1379 key_destroy( key );
1380 return status;
1381 }
1382
1383 *ret_key = key;
1384 return STATUS_SUCCESS;
1385 }
1386 else if (!wcscmp( type, BCRYPT_ECCPRIVATE_BLOB ))
1387 {
1388 BCRYPT_ECCKEY_BLOB *ecc_blob = (BCRYPT_ECCKEY_BLOB *)input;
1389 DWORD key_size, magic;
1390
1391 if (input_len < sizeof(*ecc_blob)) return STATUS_INVALID_PARAMETER;
1392
1393 switch (alg->id)
1394 {
1395 case ALG_ID_ECDH_P256:
1396 key_size = 32;
1397 magic = BCRYPT_ECDH_PRIVATE_P256_MAGIC;
1398 break;
1399 case ALG_ID_ECDSA_P256:
1400 key_size = 32;
1401 magic = BCRYPT_ECDSA_PRIVATE_P256_MAGIC;
1402 break;
1403
1404 default:
1405 FIXME( "algorithm %u does not yet support importing blob of type %s\n", alg->id, debugstr_w(type) );
1406 return STATUS_NOT_SUPPORTED;
1407 }
1408
1409 if (ecc_blob->dwMagic != magic) return STATUS_INVALID_PARAMETER;
1410 if (ecc_blob->cbKey != key_size || input_len < sizeof(*ecc_blob) + ecc_blob->cbKey * 3)
1411 return STATUS_INVALID_PARAMETER;
1412
1413 if ((status = key_asymmetric_create( alg->id, key_size * 8, &key ))) return status;
1414 params.key = key;
1415 params.flags = 0;
1416 params.buf = input;
1417 params.len = input_len;
1418 if ((status = UNIX_CALL( key_asymmetric_import, &params )))
1419 {
1420 key_destroy( key );
1421 return status;
1422 }
1423
1424 *ret_key = key;
1425 return STATUS_SUCCESS;
1426 }
1427 else if (!wcscmp( type, BCRYPT_RSAPUBLIC_BLOB ))
1428 {
1429 BCRYPT_RSAKEY_BLOB *rsa_blob = (BCRYPT_RSAKEY_BLOB *)input;
1430
1431 if (input_len < sizeof(*rsa_blob)) return STATUS_INVALID_PARAMETER;
1432 if ((alg->id != ALG_ID_RSA && alg->id != ALG_ID_RSA_SIGN) || rsa_blob->Magic != BCRYPT_RSAPUBLIC_MAGIC)
1433 return STATUS_NOT_SUPPORTED;
1434
1435 size = sizeof(*rsa_blob) + rsa_blob->cbPublicExp + rsa_blob->cbModulus;
1436 if (size != input_len) return NTE_BAD_DATA;
1437
1438 if ((status = key_asymmetric_create( alg->id, rsa_blob->BitLength, &key ))) return status;
1439 params.key = key;
1440 params.flags = KEY_IMPORT_FLAG_PUBLIC;
1441 params.buf = input;
1442 params.len = input_len;
1443 if ((status = UNIX_CALL( key_asymmetric_import, &params )))
1444 {
1445 key_destroy( key );
1446 return status;
1447 }
1448
1449 *ret_key = key;
1450 return STATUS_SUCCESS;
1451 }
1452 else if (!wcscmp( type, BCRYPT_RSAPRIVATE_BLOB ) || !wcscmp( type, BCRYPT_RSAFULLPRIVATE_BLOB ))
1453 {
1454 BCRYPT_RSAKEY_BLOB *rsa_blob = (BCRYPT_RSAKEY_BLOB *)input;
1455
1456 if (input_len < sizeof(*rsa_blob)) return STATUS_INVALID_PARAMETER;
1457 if (alg->id != ALG_ID_RSA || (rsa_blob->Magic != BCRYPT_RSAPRIVATE_MAGIC &&
1458 rsa_blob->Magic != BCRYPT_RSAFULLPRIVATE_MAGIC)) return STATUS_NOT_SUPPORTED;
1459
1460 if ((status = key_asymmetric_create( alg->id, rsa_blob->BitLength, &key ))) return status;
1461 params.key = key;
1462 params.flags = 0;
1463 params.buf = input;
1464 params.len = input_len;
1465 if ((status = UNIX_CALL( key_asymmetric_import, &params )))
1466 {
1467 key_destroy( key );
1468 return status;
1469 }
1470
1471 *ret_key = key;
1472 return STATUS_SUCCESS;
1473 }
1474 else if (!wcscmp( type, BCRYPT_DSA_PUBLIC_BLOB ))
1475 {
1476 BCRYPT_DSA_KEY_BLOB *dsa_blob = (BCRYPT_DSA_KEY_BLOB *)input;
1477
1478 if (input_len < sizeof(*dsa_blob)) return STATUS_INVALID_PARAMETER;
1479 if ((alg->id != ALG_ID_DSA) || dsa_blob->dwMagic != BCRYPT_DSA_PUBLIC_MAGIC)
1480 return STATUS_NOT_SUPPORTED;
1481
1482 if ((status = key_asymmetric_create( alg->id, dsa_blob->cbKey * 8, &key ))) return status;
1483 params.key = key;
1484 params.flags = KEY_IMPORT_FLAG_PUBLIC;
1485 params.buf = input;
1486 params.len = input_len;
1487 if ((status = UNIX_CALL( key_asymmetric_import, &params )))
1488 {
1489 key_destroy( key );
1490 return status;
1491 }
1492
1493 *ret_key = key;
1494 return STATUS_SUCCESS;
1495 }
1496 else if (!wcscmp( type, LEGACY_DSA_V2_PRIVATE_BLOB ))
1497 {
1498 BLOBHEADER *hdr = (BLOBHEADER *)input;
1499 DSSPUBKEY *pubkey;
1500
1501 if (input_len < sizeof(*hdr)) return STATUS_INVALID_PARAMETER;
1502
1503 if (hdr->bType != PRIVATEKEYBLOB && hdr->bVersion != 2 && hdr->aiKeyAlg != CALG_DSS_SIGN)
1504 {
1505 FIXME( "blob type %u version %u alg id %u not supported\n", hdr->bType, hdr->bVersion, hdr->aiKeyAlg );
1506 return STATUS_NOT_SUPPORTED;
1507 }
1508 if (alg->id != ALG_ID_DSA)
1509 {
1510 FIXME( "algorithm %u does not support importing blob of type %s\n", alg->id, debugstr_w(type) );
1511 return STATUS_NOT_SUPPORTED;
1512 }
1513
1514 if (input_len < sizeof(*hdr) + sizeof(*pubkey)) return STATUS_INVALID_PARAMETER;
1515 pubkey = (DSSPUBKEY *)(hdr + 1);
1516 if (pubkey->magic != MAGIC_DSS2) return STATUS_NOT_SUPPORTED;
1517
1518 if (input_len < sizeof(*hdr) + sizeof(*pubkey) + (pubkey->bitlen / 8) * 2 + 40 + sizeof(DSSSEED))
1519 return STATUS_INVALID_PARAMETER;
1520
1521 if ((status = key_asymmetric_create( alg->id, pubkey->bitlen, &key ))) return status;
1522 key->u.a.flags |= KEY_FLAG_LEGACY_DSA_V2;
1523 params.key = key;
1524 params.flags = 0;
1525 params.buf = input;
1526 params.len = input_len;
1527 if ((status = UNIX_CALL( key_asymmetric_import, &params )))
1528 {
1529 key_destroy( key );
1530 return status;
1531 }
1532
1533 *ret_key = key;
1534 return STATUS_SUCCESS;
1535 }
1536 else if (!wcscmp( type, LEGACY_DSA_V2_PUBLIC_BLOB )) /* not supported on native */
1537 {
1538 BLOBHEADER *hdr = (BLOBHEADER *)input;
1539 DSSPUBKEY *pubkey;
1540
1541 if (alg->id != ALG_ID_DSA) return STATUS_NOT_SUPPORTED;
1542 if (input_len < sizeof(*hdr)) return STATUS_INVALID_PARAMETER;
1543
1544 if (hdr->bType != PUBLICKEYBLOB && hdr->bVersion != 2 && hdr->aiKeyAlg != CALG_DSS_SIGN)
1545 {
1546 FIXME( "blob type %u version %u alg id %u not supported\n", hdr->bType, hdr->bVersion, hdr->aiKeyAlg );
1547 return STATUS_NOT_SUPPORTED;
1548 }
1549
1550 if (input_len < sizeof(*hdr) + sizeof(*pubkey)) return STATUS_INVALID_PARAMETER;
1551 pubkey = (DSSPUBKEY *)(hdr + 1);
1552 if (pubkey->magic != MAGIC_DSS1) return STATUS_NOT_SUPPORTED;
1553
1554 size = sizeof(*hdr) + sizeof(*pubkey) + (pubkey->bitlen / 8) * 3 + 20 + sizeof(DSSSEED);
1555 if (input_len < size) return STATUS_INVALID_PARAMETER;
1556
1557 if ((status = key_asymmetric_create( alg->id, pubkey->bitlen, &key ))) return status;
1558 key->u.a.flags |= KEY_FLAG_LEGACY_DSA_V2;
1559 params.key = key;
1560 params.flags = KEY_IMPORT_FLAG_PUBLIC;
1561 params.buf = input;
1562 params.len = input_len;
1563 if ((status = UNIX_CALL( key_asymmetric_import, &params )))
1564 {
1565 key_destroy( key );
1566 return status;
1567 }
1568
1569 *ret_key = key;
1570 return STATUS_SUCCESS;
1571 }
1572
1573 FIXME( "unsupported key type %s\n", debugstr_w(type) );
1574 return STATUS_NOT_SUPPORTED;
1575 }
1576
1577 static ULONG get_block_size( struct algorithm *alg )
1578 {
1579 ULONG ret = 0, size = sizeof(ret);
1580 get_alg_property( alg, BCRYPT_BLOCK_LENGTH, (UCHAR *)&ret, sizeof(ret), &size );
1581 return ret;
1582 }
1583
1584 NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_KEY_HANDLE *handle,
1585 UCHAR *object, ULONG object_len, UCHAR *secret, ULONG secret_len,
1586 ULONG flags )
1587 {
1588 BCRYPT_KEY_LENGTHS_STRUCT key_lengths;
1589 struct algorithm *alg = algorithm;
1590 ULONG block_size, size;
1591 struct key *key;
1592
1593 TRACE( "%p, %p, %p, %lu, %p, %lu, %#lx\n", algorithm, handle, object, object_len, secret, secret_len, flags );
1594
1595 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
1596 if (object) FIXME( "ignoring object buffer\n" );
1597
1598 if (!bcrypt_handle)
1599 {
1600 ERR( "no encryption support\n" );
1601 return STATUS_NOT_IMPLEMENTED;
1602 }
1603
1604 if (!(block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
1605
1606 if (!get_alg_property( alg, BCRYPT_KEY_LENGTHS, (UCHAR*)&key_lengths, sizeof(key_lengths), &size ))
1607 {
1608 if (secret_len > (size = key_lengths.dwMaxLength / 8))
1609 {
1610 WARN( "secret_len %lu exceeds key max length %lu, setting to maximum\n", secret_len, size );
1611 secret_len = size;
1612 }
1613 else if (secret_len < (size = key_lengths.dwMinLength / 8))
1614 {
1615 WARN( "secret_len %lu is less than minimum key length %lu\n", secret_len, size );
1616 return STATUS_INVALID_PARAMETER;
1617 }
1618 else if (key_lengths.dwIncrement && (secret_len * 8 - key_lengths.dwMinLength) % key_lengths.dwIncrement)
1619 {
1620 WARN( "secret_len %lu is not a valid key length\n", secret_len );
1621 return STATUS_INVALID_PARAMETER;
1622 }
1623 }
1624
1625 if (!(key = calloc( 1, sizeof(*key) ))) return STATUS_NO_MEMORY;
1626 InitializeCriticalSection( &key->u.s.cs );
1627 key->hdr.magic = MAGIC_KEY;
1628 key->alg_id = alg->id;
1629 key->u.s.mode = alg->mode;
1630 key->u.s.block_size = block_size;
1631
1632 if (!(key->u.s.secret = malloc( secret_len )))
1633 {
1634 free( key );
1635 return STATUS_NO_MEMORY;
1636 }
1637 memcpy( key->u.s.secret, secret, secret_len );
1638 key->u.s.secret_len = secret_len;
1639
1640 *handle = key;
1641 return STATUS_SUCCESS;
1642 }
1643
1644 NTSTATUS WINAPI BCryptGenerateKeyPair( BCRYPT_ALG_HANDLE algorithm, BCRYPT_KEY_HANDLE *handle, ULONG key_len,
1645 ULONG flags )
1646 {
1647 struct algorithm *alg = algorithm;
1648 struct key *key;
1649 NTSTATUS status;
1650
1651 TRACE( "%p, %p, %lu, %#lx\n", algorithm, handle, key_len, flags );
1652
1653 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
1654 if (!handle) return STATUS_INVALID_PARAMETER;
1655
1656 if ((status = key_asymmetric_create( alg->id, key_len, &key ))) return status;
1657 *handle = key;
1658 return STATUS_SUCCESS;
1659 }
1660
1661 NTSTATUS WINAPI BCryptFinalizeKeyPair( BCRYPT_KEY_HANDLE handle, ULONG flags )
1662 {
1663 struct key *key = handle;
1664
1665 TRACE( "%p, %#lx\n", key, flags );
1666 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1667
1668 return UNIX_CALL( key_asymmetric_generate, key );
1669 }
1670
1671 NTSTATUS WINAPI BCryptImportKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_KEY_HANDLE decrypt_key, const WCHAR *type,
1672 BCRYPT_KEY_HANDLE *key, UCHAR *object, ULONG object_len, UCHAR *input,
1673 ULONG input_len, ULONG flags )
1674 {
1675 struct algorithm *alg = algorithm;
1676
1677 TRACE( "%p, %p, %s, %p, %p, %lu, %p, %lu, %#lx\n", algorithm, decrypt_key, debugstr_w(type), key, object,
1678 object_len, input, input_len, flags );
1679
1680 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
1681 if (!key || !type || !input) return STATUS_INVALID_PARAMETER;
1682
1683 if (decrypt_key)
1684 {
1685 FIXME( "decryption of key not yet supported\n" );
1686 return STATUS_NOT_IMPLEMENTED;
1687 }
1688
1689 return key_import( algorithm, type, key, object, object_len, input, input_len );
1690 }
1691
1692 NTSTATUS WINAPI BCryptExportKey( BCRYPT_KEY_HANDLE export_key, BCRYPT_KEY_HANDLE encrypt_key, const WCHAR *type,
1693 UCHAR *output, ULONG output_len, ULONG *size, ULONG flags )
1694 {
1695 struct key *key = export_key;
1696
1697 TRACE( "%p, %p, %s, %p, %lu, %p, %#lx\n", key, encrypt_key, debugstr_w(type), output, output_len, size, flags );
1698
1699 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1700 if (!type || !size) return STATUS_INVALID_PARAMETER;
1701
1702 if (encrypt_key)
1703 {
1704 FIXME( "encryption of key not yet supported\n" );
1705 return STATUS_NOT_IMPLEMENTED;
1706 }
1707
1708 return key_export( key, type, output, output_len, size );
1709 }
1710
1711 static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
1712 {
1713 UCHAR *buffer;
1714 NTSTATUS status;
1715
1716 memset( key_copy, 0, sizeof(*key_copy) );
1717 key_copy->hdr = key_orig->hdr;
1718 key_copy->alg_id = key_orig->alg_id;
1719
1720 if (key_is_symmetric( key_orig ))
1721 {
1722 if (!(buffer = malloc( key_orig->u.s.secret_len ))) return STATUS_NO_MEMORY;
1723 memcpy( buffer, key_orig->u.s.secret, key_orig->u.s.secret_len );
1724
1725 key_copy->u.s.mode = key_orig->u.s.mode;
1726 key_copy->u.s.block_size = key_orig->u.s.block_size;
1727 key_copy->u.s.secret = buffer;
1728 key_copy->u.s.secret_len = key_orig->u.s.secret_len;
1729 InitializeCriticalSection( &key_copy->u.s.cs );
1730 }
1731 else
1732 {
1733 struct key_asymmetric_duplicate_params params;
1734
1735 key_copy->u.a.bitlen = key_orig->u.a.bitlen;
1736 key_copy->u.a.flags = key_orig->u.a.flags;
1737 key_copy->u.a.dss_seed = key_orig->u.a.dss_seed;
1738
1739 params.key_orig = key_orig;
1740 params.key_copy = key_copy;
1741 if ((status = UNIX_CALL( key_asymmetric_duplicate, &params ))) return status;
1742 }
1743
1744 return STATUS_SUCCESS;
1745 }
1746
1747 NTSTATUS WINAPI BCryptDuplicateKey( BCRYPT_KEY_HANDLE handle, BCRYPT_KEY_HANDLE *handle_copy,
1748 UCHAR *object, ULONG object_len, ULONG flags )
1749 {
1750 struct key *key_orig = handle;
1751 struct key *key_copy;
1752 NTSTATUS status;
1753
1754 TRACE( "%p, %p, %p, %lu, %#lx\n", handle, handle_copy, object, object_len, flags );
1755 if (object) FIXME( "ignoring object buffer\n" );
1756
1757 if (!key_orig || key_orig->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1758 if (!handle_copy) return STATUS_INVALID_PARAMETER;
1759 if (!(key_copy = malloc( sizeof(*key_copy) ))) return STATUS_NO_MEMORY;
1760
1761 if ((status = key_duplicate( key_orig, key_copy )))
1762 {
1763 key_destroy( key_copy );
1764 return status;
1765 }
1766
1767 *handle_copy = key_copy;
1768 return STATUS_SUCCESS;
1769 }
1770
1771 NTSTATUS WINAPI BCryptImportKeyPair( BCRYPT_ALG_HANDLE algorithm, BCRYPT_KEY_HANDLE decrypt_key, const WCHAR *type,
1772 BCRYPT_KEY_HANDLE *ret_key, UCHAR *input, ULONG input_len, ULONG flags )
1773 {
1774 struct algorithm *alg = algorithm;
1775
1776 TRACE( "%p, %p, %s, %p, %p, %lu, %#lx\n", algorithm, decrypt_key, debugstr_w(type), ret_key, input,
1777 input_len, flags );
1778
1779 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
1780 if (!ret_key || !type || !input) return STATUS_INVALID_PARAMETER;
1781 if (decrypt_key)
1782 {
1783 FIXME( "decryption of key not yet supported\n" );
1784 return STATUS_NOT_IMPLEMENTED;
1785 }
1786
1787 if (!wcscmp( type, BCRYPT_PUBLIC_KEY_BLOB ))
1788 {
1789 BCRYPT_KEY_BLOB *key_blob = (BCRYPT_KEY_BLOB *)input;
1790
1791 if (input_len < sizeof(*key_blob)) return STATUS_INVALID_PARAMETER;
1792
1793 switch (key_blob->Magic)
1794 {
1795 case BCRYPT_ECDH_PUBLIC_P256_MAGIC:
1796 case BCRYPT_ECDSA_PUBLIC_P256_MAGIC:
1797 case BCRYPT_ECDSA_PUBLIC_P384_MAGIC:
1798 type = BCRYPT_ECCPUBLIC_BLOB;
1799 break;
1800
1801 case BCRYPT_RSAPUBLIC_MAGIC:
1802 type = BCRYPT_RSAPUBLIC_BLOB;
1803 break;
1804
1805 case BCRYPT_DSA_PUBLIC_MAGIC:
1806 type = BCRYPT_DSA_PUBLIC_BLOB;
1807 break;
1808
1809 default:
1810 FIXME( "unsupported key magic %#lx\n", key_blob->Magic );
1811 return STATUS_NOT_SUPPORTED;
1812 }
1813 }
1814
1815 return key_import_pair( alg, type, ret_key, input, input_len );
1816 }
1817
1818 NTSTATUS WINAPI BCryptSignHash( BCRYPT_KEY_HANDLE handle, void *padding, UCHAR *input, ULONG input_len,
1819 UCHAR *output, ULONG output_len, ULONG *ret_len, ULONG flags )
1820 {
1821 struct key_asymmetric_sign_params params;
1822 struct key *key = handle;
1823
1824 TRACE( "%p, %p, %p, %lu, %p, %lu, %p, %#lx\n", handle, padding, input, input_len, output, output_len,
1825 ret_len, flags );
1826
1827 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1828 if (key_is_symmetric( key ))
1829 {
1830 FIXME( "signing with symmetric keys not yet supported\n" );
1831 return STATUS_NOT_IMPLEMENTED;
1832 }
1833
1834 params.key = key;
1835 params.padding = padding;
1836 params.input = input;
1837 params.input_len = input_len;
1838 params.output = output;
1839 params.output_len = output_len;
1840 params.ret_len = ret_len;
1841 params.flags = flags;
1842 return UNIX_CALL( key_asymmetric_sign, &params );
1843 }
1844
1845 NTSTATUS WINAPI BCryptVerifySignature( BCRYPT_KEY_HANDLE handle, void *padding, UCHAR *hash, ULONG hash_len,
1846 UCHAR *signature, ULONG signature_len, ULONG flags )
1847 {
1848 struct key_asymmetric_verify_params params;
1849 struct key *key = handle;
1850
1851 TRACE( "%p, %p, %p, %lu, %p, %lu, %#lx\n", handle, padding, hash, hash_len, signature, signature_len, flags );
1852
1853 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1854 if (!hash || !hash_len || !signature || !signature_len) return STATUS_INVALID_PARAMETER;
1855 if (key_is_symmetric( key )) return STATUS_NOT_SUPPORTED;
1856
1857 params.key = key;
1858 params.padding = padding;
1859 params.hash = hash;
1860 params.hash_len = hash_len;
1861 params.signature = signature;
1862 params.signature_len = signature_len;
1863 params.flags = flags;
1864 return UNIX_CALL( key_asymmetric_verify, &params );
1865 }
1866
1867 NTSTATUS WINAPI BCryptDestroyKey( BCRYPT_KEY_HANDLE handle )
1868 {
1869 struct key *key = handle;
1870
1871 TRACE( "%p\n", handle );
1872
1873 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1874
1875 key_destroy( key );
1876 return STATUS_SUCCESS;
1877 }
1878
1879 NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG input_len, void *padding, UCHAR *iv,
1880 ULONG iv_len, UCHAR *output, ULONG output_len, ULONG *ret_len, ULONG flags )
1881 {
1882 struct key *key = handle;
1883 NTSTATUS ret;
1884
1885 TRACE( "%p, %p, %lu, %p, %p, %lu, %p, %lu, %p, %#lx\n", handle, input, input_len, padding, iv, iv_len, output,
1886 output_len, ret_len, flags );
1887
1888 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1889 if (!key_is_symmetric( key ))
1890 {
1891 FIXME( "encryption with asymmetric keys not yet supported\n" );
1892 return STATUS_NOT_IMPLEMENTED;
1893 }
1894 if (flags & ~BCRYPT_BLOCK_PADDING)
1895 {
1896 FIXME( "flags %#lx not implemented\n", flags );
1897 return STATUS_NOT_IMPLEMENTED;
1898 }
1899
1900 EnterCriticalSection( &key->u.s.cs );
1901 ret = key_symmetric_encrypt( key, input, input_len, padding, iv, iv_len, output, output_len, ret_len, flags );
1902 LeaveCriticalSection( &key->u.s.cs );
1903 return ret;
1904 }
1905
1906 NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG input_len, void *padding, UCHAR *iv,
1907 ULONG iv_len, UCHAR *output, ULONG output_len, ULONG *ret_len, ULONG flags )
1908 {
1909 struct key_asymmetric_decrypt_params params;
1910 struct key *key = handle;
1911
1912 TRACE( "%p, %p, %lu, %p, %p, %lu, %p, %lu, %p, %#lx\n", handle, input, input_len, padding, iv, iv_len, output,
1913 output_len, ret_len, flags );
1914
1915 if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
1916 if (flags & ~BCRYPT_BLOCK_PADDING)
1917 {
1918 FIXME( "flags %#lx not supported\n", flags );
1919 return STATUS_NOT_IMPLEMENTED;
1920 }
1921
1922 if (key_is_symmetric( key ))
1923 {
1924 NTSTATUS ret;
1925 EnterCriticalSection( &key->u.s.cs );
1926 ret = key_symmetric_decrypt( key, input, input_len, padding, iv, iv_len, output, output_len, ret_len, flags );
1927 LeaveCriticalSection( &key->u.s.cs );
1928 return ret;
1929 }
1930
1931 params.key = key;
1932 params.input = input;
1933 params.input_len = input_len;
1934 params.output = output;
1935 params.output_len = output_len;
1936 params.ret_len = ret_len;
1937 return UNIX_CALL( key_asymmetric_decrypt, &params );
1938 }
1939
1940 NTSTATUS WINAPI BCryptSetProperty( BCRYPT_HANDLE handle, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
1941 {
1942 struct object *object = handle;
1943
1944 TRACE( "%p, %s, %p, %lu, %#lx\n", handle, debugstr_w(prop), value, size, flags );
1945
1946 if (!object) return STATUS_INVALID_HANDLE;
1947
1948 switch (object->magic)
1949 {
1950 case MAGIC_ALG:
1951 {
1952 struct algorithm *alg = (struct algorithm *)object;
1953 return set_alg_property( alg, prop, value, size, flags );
1954 }
1955 case MAGIC_KEY:
1956 {
1957 struct key *key = (struct key *)object;
1958 return set_key_property( key, prop, value, size, flags );
1959 }
1960 default:
1961 WARN( "unknown magic %#lx\n", object->magic );
1962 return STATUS_INVALID_HANDLE;
1963 }
1964 }
1965
1966 #define HMAC_PAD_LEN 64
1967 NTSTATUS WINAPI BCryptDeriveKeyCapi( BCRYPT_HASH_HANDLE handle, BCRYPT_ALG_HANDLE halg, UCHAR *key, ULONG keylen, ULONG flags )
1968 {
1969 struct hash *hash = handle;
1970 UCHAR buf[MAX_HASH_OUTPUT_BYTES * 2];
1971 NTSTATUS status;
1972 ULONG len;
1973
1974 TRACE( "%p, %p, %p, %lu, %#lx\n", handle, halg, key, keylen, flags );
1975
1976 if (!key || !keylen) return STATUS_INVALID_PARAMETER;
1977 if (!hash || hash->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
1978 if (keylen > builtin_algorithms[hash->alg_id].hash_length * 2) return STATUS_INVALID_PARAMETER;
1979
1980 if (halg)
1981 {
1982 FIXME( "algorithm handle not supported\n" );
1983 return STATUS_NOT_IMPLEMENTED;
1984 }
1985
1986 len = builtin_algorithms[hash->alg_id].hash_length;
1987 if ((status = hash_finalize( hash, buf, len ))) return status;
1988
1989 if (len < keylen)
1990 {
1991 UCHAR pad1[HMAC_PAD_LEN], pad2[HMAC_PAD_LEN];
1992 ULONG i;
1993
1994 for (i = 0; i < sizeof(pad1); i++)
1995 {
1996 pad1[i] = 0x36 ^ (i < len ? buf[i] : 0);
1997 pad2[i] = 0x5c ^ (i < len ? buf[i] : 0);
1998 }
1999
2000 if ((status = hash_prepare( hash )) ||
2001 (status = hash_update( &hash->inner, hash->alg_id, pad1, sizeof(pad1) )) ||
2002 (status = hash_finalize( hash, buf, len ))) return status;
2003
2004 if ((status = hash_prepare( hash )) ||
2005 (status = hash_update( &hash->inner, hash->alg_id, pad2, sizeof(pad2) )) ||
2006 (status = hash_finalize( hash, buf + len, len ))) return status;
2007 }
2008
2009 memcpy( key, buf, keylen );
2010 return STATUS_SUCCESS;
2011 }
2012
2013 static NTSTATUS pbkdf2( struct hash *hash, UCHAR *pwd, ULONG pwd_len, UCHAR *salt, ULONG salt_len,
2014 ULONGLONG iterations, ULONG i, UCHAR *dst, ULONG hash_len )
2015 {
2016 NTSTATUS status = STATUS_INVALID_PARAMETER;
2017 UCHAR bytes[4], *buf;
2018 ULONG j, k;
2019
2020 if (!(buf = malloc( hash_len ))) return STATUS_NO_MEMORY;
2021
2022 for (j = 0; j < iterations; j++)
2023 {
2024 if (j == 0)
2025 {
2026 /* use salt || INT(i) */
2027 if ((status = hash_update( &hash->inner, hash->alg_id, salt, salt_len )))
2028 {
2029 free( buf );
2030 return status;
2031 }
2032 bytes[0] = (i >> 24) & 0xff;
2033 bytes[1] = (i >> 16) & 0xff;
2034 bytes[2] = (i >> 8) & 0xff;
2035 bytes[3] = i & 0xff;
2036 status = hash_update( &hash->inner, hash->alg_id, bytes, 4 );
2037 }
2038 else status = hash_update( &hash->inner, hash->alg_id, buf, hash_len ); /* use U_j */
2039
2040 if (status)
2041 {
2042 free( buf );
2043 return status;
2044 }
2045
2046 if ((status = hash_finalize( hash, buf, hash_len )))
2047 {
2048 free( buf );
2049 return status;
2050 }
2051
2052 if (j == 0) memcpy( dst, buf, hash_len );
2053 else for (k = 0; k < hash_len; k++) dst[k] ^= buf[k];
2054 }
2055
2056 free( buf );
2057 return status;
2058 }
2059
2060 NTSTATUS WINAPI BCryptDeriveKeyPBKDF2( BCRYPT_ALG_HANDLE handle, UCHAR *pwd, ULONG pwd_len, UCHAR *salt, ULONG salt_len,
2061 ULONGLONG iterations, UCHAR *dk, ULONG dk_len, ULONG flags )
2062 {
2063 struct algorithm *alg = handle;
2064 ULONG hash_len, block_count, bytes_left, i;
2065 struct hash *hash;
2066 UCHAR *partial;
2067 NTSTATUS status;
2068
2069 TRACE( "%p, %p, %lu, %p, %lu, %s, %p, %lu, %#lx\n", handle, pwd, pwd_len, salt, salt_len,
2070 wine_dbgstr_longlong(iterations), dk, dk_len, flags );
2071
2072 if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
2073
2074 hash_len = builtin_algorithms[alg->id].hash_length;
2075 if (dk_len <= 0 || dk_len > ((((ULONGLONG)1) << 32) - 1) * hash_len) return STATUS_INVALID_PARAMETER;
2076
2077 block_count = 1 + ((dk_len - 1) / hash_len); /* ceil(dk_len / hash_len) */
2078 bytes_left = dk_len - (block_count - 1) * hash_len;
2079
2080 if ((status = hash_create( alg, pwd, pwd_len, BCRYPT_HASH_REUSABLE_FLAG, &hash ))) return status;
2081
2082 /* full blocks */
2083 for (i = 1; i < block_count; i++)
2084 {
2085 if ((status = pbkdf2( hash, pwd, pwd_len, salt, salt_len, iterations, i, dk + ((i - 1) * hash_len), hash_len )))
2086 {
2087 hash_destroy( hash );
2088 return status;
2089 }
2090 }
2091
2092 /* final partial block */
2093 if (!(partial = malloc( hash_len )))
2094 {
2095 hash_destroy( hash );
2096 return STATUS_NO_MEMORY;
2097 }
2098
2099 if ((status = pbkdf2( hash, pwd, pwd_len, salt, salt_len, iterations, block_count, partial, hash_len )))
2100 {
2101 hash_destroy( hash );
2102 free( partial );
2103 return status;
2104 }
2105 memcpy( dk + ((block_count - 1) * hash_len), partial, bytes_left );
2106
2107 hash_destroy( hash );
2108 free( partial );
2109 return STATUS_SUCCESS;
2110 }
2111
2112 NTSTATUS WINAPI BCryptSecretAgreement( BCRYPT_KEY_HANDLE privatekey, BCRYPT_KEY_HANDLE publickey,
2113 BCRYPT_SECRET_HANDLE *handle, ULONG flags )
2114 {
2115 struct key *privkey = privatekey;
2116 struct key *pubkey = publickey;
2117 struct secret *secret;
2118
2119 FIXME( "%p, %p, %p, %#lx\n", privatekey, publickey, handle, flags );
2120
2121 if (!privkey || privkey->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
2122 if (!pubkey || pubkey->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
2123 if (!handle) return STATUS_INVALID_PARAMETER;
2124
2125 if (!(secret = calloc( 1, sizeof(*secret) ))) return STATUS_NO_MEMORY;
2126 secret->hdr.magic = MAGIC_SECRET;
2127
2128 *handle = secret;
2129 return STATUS_SUCCESS;
2130 }
2131
2132 NTSTATUS WINAPI BCryptDestroySecret(BCRYPT_SECRET_HANDLE handle)
2133 {
2134 struct secret *secret = handle;
2135
2136 FIXME( "%p\n", handle );
2137
2138 if (!secret || secret->hdr.magic != MAGIC_SECRET) return STATUS_INVALID_HANDLE;
2139 secret->hdr.magic = 0;
2140 free( secret );
2141 return STATUS_SUCCESS;
2142 }
2143
2144 NTSTATUS WINAPI BCryptDeriveKey( BCRYPT_SECRET_HANDLE handle, const WCHAR *kdf, BCryptBufferDesc *parameter,
2145 UCHAR *derived, ULONG derived_size, ULONG *result, ULONG flags )
2146 {
2147 struct secret *secret = handle;
2148
2149 FIXME( "%p, %s, %p, %p, %lu, %p, %#lx\n", secret, debugstr_w(kdf), parameter, derived, derived_size, result, flags );
2150
2151 if (!secret || secret->hdr.magic != MAGIC_SECRET) return STATUS_INVALID_HANDLE;
2152 if (!kdf) return STATUS_INVALID_PARAMETER;
2153
2154 return STATUS_INTERNAL_ERROR;
2155 }
2156
2157 BOOL WINAPI DllMain( HINSTANCE hinst, DWORD reason, LPVOID reserved )
2158 {
2159 switch (reason)
2160 {
2161 case DLL_PROCESS_ATTACH:
2162 DisableThreadLibraryCalls( hinst );
2163 if (!NtQueryVirtualMemory( GetCurrentProcess(), hinst, MemoryWineUnixFuncs,
2164 &bcrypt_handle, sizeof(bcrypt_handle), NULL ))
2165 {
2166 if (UNIX_CALL( process_attach, NULL)) bcrypt_handle = 0;
2167 }
2168 break;
2169 case DLL_PROCESS_DETACH:
2170 if (reserved) break;
2171 if (bcrypt_handle) UNIX_CALL( process_detach, NULL );
2172 break;
2173 }
2174 return TRUE;
2175 }
Windows API implementation