search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
wined3d: Pass a wined3d_device_context to wined3d_cs_emit_set_light_enable().
[wine.git] / dlls / dssenh / main.c
blob6cfa04393fd1011f9c4b65ad6d2bf740742c3f7f
1 /*
2 * Copyright 2008 Maarten Lankhorst
3 * Copyright 2020 Hans Leidekker for CodeWeavers
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 */
19
20 #include <stdarg.h>
21
22 #include "ntstatus.h"
23 #define WIN32_NO_STATUS
24 #include "windef.h"
25 #include "winbase.h"
26 #include "wincrypt.h"
27 #include "winreg.h"
28 #include "bcrypt.h"
29 #include "objbase.h"
30 #include "rpcproxy.h"
31 #include "ntsecapi.h"
32
33 #include "wine/debug.h"
34 #include "wine/heap.h"
35
36 WINE_DEFAULT_DEBUG_CHANNEL(dssenh);
37
38 #define MAGIC_KEY (('K' << 24) | ('E' << 16) | ('Y' << 8) | '0')
39 struct key
40 {
41 DWORD magic;
42 DWORD algid;
43 DWORD flags;
44 BCRYPT_ALG_HANDLE alg_handle;
45 BCRYPT_KEY_HANDLE handle;
46 };
47
48 #define MAGIC_CONTAINER (('C' << 24) | ('O' << 16) | ('N' << 8) | 'T')
49 struct container
50 {
51 DWORD magic;
52 DWORD flags;
53 struct key *exch_key;
54 struct key *sign_key;
55 char name[MAX_PATH];
56 };
57
58 #define MAGIC_HASH (('H' << 24) | ('A' << 16) | ('S' << 8) | 'H')
59 struct hash
60 {
61 DWORD magic;
62 BCRYPT_HASH_HANDLE handle;
63 DWORD len;
64 UCHAR value[64];
65 BOOL finished;
66 };
67
68 static const char dss_path_fmt[] = "Software\\Wine\\Crypto\\DSS\\%s";
69
70 static BOOL create_container_regkey( struct container *container, REGSAM sam, HKEY *hkey )
71 {
72 char path[sizeof(dss_path_fmt) + MAX_PATH];
73 HKEY rootkey;
74
75 sprintf( path, dss_path_fmt, container->name );
76
77 if (container->flags & CRYPT_MACHINE_KEYSET)
78 rootkey = HKEY_LOCAL_MACHINE;
79 else
80 rootkey = HKEY_CURRENT_USER;
81
82 /* @@ Wine registry key: HKLM\Software\Wine\Crypto\DSS */
83 /* @@ Wine registry key: HKCU\Software\Wine\Crypto\DSS */
84 return !RegCreateKeyExA( rootkey, path, 0, NULL, REG_OPTION_NON_VOLATILE, sam, NULL, hkey, NULL );
85 }
86
87 static struct container *create_key_container( const char *name, DWORD flags )
88 {
89 struct container *ret;
90
91 if (!(ret = heap_alloc_zero( sizeof(*ret) ))) return NULL;
92 ret->magic = MAGIC_CONTAINER;
93 ret->flags = flags;
94 if (name) strcpy( ret->name, name );
95
96 if (!(flags & CRYPT_VERIFYCONTEXT))
97 {
98 HKEY hkey;
99 if (create_container_regkey( ret, KEY_WRITE, &hkey )) RegCloseKey( hkey );
100 }
101 return ret;
102 }
103
104 static BOOL open_container_regkey( const char *name, DWORD flags, REGSAM access, HKEY *hkey )
105 {
106 char path[sizeof(dss_path_fmt) + MAX_PATH];
107 HKEY rootkey;
108
109 sprintf( path, dss_path_fmt, name );
110
111 if (flags & CRYPT_MACHINE_KEYSET)
112 rootkey = HKEY_LOCAL_MACHINE;
113 else
114 rootkey = HKEY_CURRENT_USER;
115
116 /* @@ Wine registry key: HKLM\Software\Wine\Crypto\DSS */
117 /* @@ Wine registry key: HKCU\Software\Wine\Crypto\DSS */
118 return !RegOpenKeyExA( rootkey, path, 0, access, hkey );
119 }
120
121 static const WCHAR *map_keyspec_to_keypair_name( DWORD keyspec )
122 {
123 const WCHAR *name;
124
125 switch (keyspec)
126 {
127 case AT_KEYEXCHANGE:
128 name = L"KeyExchangeKeyPair";
129 break;
130 case AT_SIGNATURE:
131 name = L"SignatureKeyPair";
132 break;
133 default:
134 ERR( "invalid key spec %u\n", keyspec );
135 return NULL;
136 }
137 return name;
138 }
139
140 static struct key *create_key( ALG_ID algid, DWORD flags )
141 {
142 struct key *ret;
143 const WCHAR *alg;
144
145 switch (algid)
146 {
147 case AT_SIGNATURE:
148 case CALG_DSS_SIGN:
149 alg = BCRYPT_DSA_ALGORITHM;
150 break;
151
152 default:
153 FIXME( "unhandled algorithm %08x\n", algid );
154 return NULL;
155 }
156
157 if (!(ret = heap_alloc_zero( sizeof(*ret) ))) return NULL;
158
159 ret->magic = MAGIC_KEY;
160 ret->algid = algid;
161 ret->flags = flags;
162 if (BCryptOpenAlgorithmProvider( &ret->alg_handle, alg, MS_PRIMITIVE_PROVIDER, 0 ))
163 {
164 heap_free( ret );
165 return NULL;
166 }
167 return ret;
168 }
169
170 static void destroy_key( struct key *key )
171 {
172 if (!key) return;
173 BCryptDestroyKey( key->handle );
174 BCryptCloseAlgorithmProvider( key->alg_handle, 0 );
175 key->magic = 0;
176 heap_free( key );
177 }
178
179 static struct key *import_key( DWORD keyspec, BYTE *data, DWORD len )
180 {
181 struct key *ret;
182
183 if (!(ret = create_key( keyspec, 0 ))) return NULL;
184
185 if (BCryptImportKeyPair( ret->alg_handle, NULL, LEGACY_DSA_V2_PRIVATE_BLOB, &ret->handle, data, len, 0 ))
186 {
187 WARN( "failed to import key\n" );
188 destroy_key( ret );
189 return NULL;
190 }
191 return ret;
192 }
193
194 static struct key *read_key( HKEY hkey, DWORD keyspec, DWORD flags )
195 {
196 const WCHAR *value;
197 DWORD type, len;
198 BYTE *data;
199 DATA_BLOB blob_in, blob_out;
200 struct key *ret = NULL;
201
202 if (!(value = map_keyspec_to_keypair_name( keyspec ))) return NULL;
203 if (RegQueryValueExW( hkey, value, 0, &type, NULL, &len )) return NULL;
204 if (!(data = heap_alloc( len ))) return NULL;
205
206 if (!RegQueryValueExW( hkey, value, 0, &type, data, &len ))
207 {
208 blob_in.pbData = data;
209 blob_in.cbData = len;
210 if (CryptUnprotectData( &blob_in, NULL, NULL, NULL, NULL, flags, &blob_out ))
211 {
212 ret = import_key( keyspec, blob_out.pbData, blob_out.cbData );
213 LocalFree( blob_out.pbData );
214 }
215 }
216
217 heap_free( data );
218 return ret;
219 }
220
221 static void destroy_container( struct container *container )
222 {
223 if (!container) return;
224 destroy_key( container->exch_key );
225 destroy_key( container->sign_key );
226 container->magic = 0;
227 heap_free( container );
228 }
229
230 static struct container *read_key_container( const char *name, DWORD flags )
231 {
232 DWORD protect_flags = (flags & CRYPT_MACHINE_KEYSET) ? CRYPTPROTECT_LOCAL_MACHINE : 0;
233 struct container *ret;
234 HKEY hkey;
235
236 if (!open_container_regkey( name, flags, KEY_READ, &hkey )) return NULL;
237
238 if ((ret = create_key_container( name, flags )))
239 {
240 ret->exch_key = read_key( hkey, AT_KEYEXCHANGE, protect_flags );
241 ret->sign_key = read_key( hkey, AT_SIGNATURE, protect_flags );
242 }
243
244 RegCloseKey( hkey );
245 return ret;
246 }
247
248 static void delete_key_container( const char *name, DWORD flags )
249 {
250 char path[sizeof(dss_path_fmt) + MAX_PATH];
251 HKEY rootkey;
252
253 sprintf( path, dss_path_fmt, name );
254
255 if (flags & CRYPT_MACHINE_KEYSET)
256 rootkey = HKEY_LOCAL_MACHINE;
257 else
258 rootkey = HKEY_CURRENT_USER;
259
260 /* @@ Wine registry key: HKLM\Software\Wine\Crypto\DSS */
261 /* @@ Wine registry key: HKCU\Software\Wine\Crypto\DSS */
262 RegDeleteKeyExA( rootkey, path, 0, 0 );
263 }
264
265 BOOL WINAPI CPAcquireContext( HCRYPTPROV *ret_prov, LPSTR container, DWORD flags, PVTableProvStruc vtable )
266 {
267 struct container *ret;
268 char name[MAX_PATH];
269
270 TRACE( "%p, %s, %08x, %p\n", ret_prov, debugstr_a(container), flags, vtable );
271
272 if (container && *container)
273 {
274 if (lstrlenA( container ) >= sizeof(name)) return FALSE;
275 lstrcpyA( name, container );
276 }
277 else
278 {
279 DWORD len = sizeof(name);
280 if (!GetUserNameA( name, &len )) return FALSE;
281 }
282
283 switch (flags)
284 {
285 case 0:
286 case 0 | CRYPT_MACHINE_KEYSET:
287 ret = read_key_container( name, flags );
288 break;
289
290 case CRYPT_NEWKEYSET:
291 case CRYPT_NEWKEYSET | CRYPT_MACHINE_KEYSET:
292 if ((ret = read_key_container( name, flags )))
293 {
294 heap_free( ret );
295 SetLastError( NTE_EXISTS );
296 return FALSE;
297 }
298 ret = create_key_container( name, flags );
299 break;
300
301 case CRYPT_VERIFYCONTEXT:
302 case CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET:
303 ret = create_key_container( "", flags );
304 break;
305
306 case CRYPT_DELETEKEYSET:
307 case CRYPT_DELETEKEYSET | CRYPT_MACHINE_KEYSET:
308 delete_key_container( name, flags );
309 *ret_prov = 0;
310 return TRUE;
311
312 default:
313 FIXME( "unsupported flags %08x\n", flags );
314 return FALSE;
315 }
316
317 if (!ret) return FALSE;
318 *ret_prov = (HCRYPTPROV)ret;
319 return TRUE;
320 }
321
322 BOOL WINAPI CPReleaseContext( HCRYPTPROV hprov, DWORD flags )
323 {
324 struct container *container = (struct container *)hprov;
325
326 TRACE( "%p, %08x\n", (void *)hprov, flags );
327
328 if (container->magic != MAGIC_CONTAINER) return FALSE;
329 destroy_container( container );
330 return TRUE;
331 }
332
333 BOOL WINAPI CPGetProvParam( HCRYPTPROV hprov, DWORD param, BYTE *data, DWORD *len, DWORD flags )
334 {
335 return FALSE;
336 }
337
338 static BOOL store_key_pair( struct key *key, HKEY hkey, DWORD keyspec, DWORD flags )
339 {
340 const WCHAR *value;
341 DATA_BLOB blob_in, blob_out;
342 DWORD len;
343 BYTE *data;
344 BOOL ret = TRUE;
345
346 if (!key) return TRUE;
347 if (!(value = map_keyspec_to_keypair_name( keyspec ))) return FALSE;
348
349 if (BCryptExportKey( key->handle, NULL, LEGACY_DSA_V2_PRIVATE_BLOB, NULL, 0, &len, 0 )) return FALSE;
350 if (!(data = heap_alloc( len ))) return FALSE;
351
352 if (!BCryptExportKey( key->handle, NULL, LEGACY_DSA_V2_PRIVATE_BLOB, data, len, &len, 0 ))
353 {
354 blob_in.pbData = data;
355 blob_in.cbData = len;
356 if ((ret = CryptProtectData( &blob_in, NULL, NULL, NULL, NULL, flags, &blob_out )))
357 {
358 ret = !RegSetValueExW( hkey, value, 0, REG_BINARY, blob_out.pbData, blob_out.cbData );
359 LocalFree( blob_out.pbData );
360 }
361 }
362
363 heap_free( data );
364 return ret;
365 }
366
367 static BOOL store_key_container_keys( struct container *container )
368 {
369 HKEY hkey;
370 DWORD flags;
371 BOOL ret;
372
373 if (container->flags & CRYPT_MACHINE_KEYSET)
374 flags = CRYPTPROTECT_LOCAL_MACHINE;
375 else
376 flags = 0;
377
378 if (!create_container_regkey( container, KEY_WRITE, &hkey )) return FALSE;
379
380 ret = store_key_pair( container->exch_key, hkey, AT_KEYEXCHANGE, flags );
381 if (ret) store_key_pair( container->sign_key, hkey, AT_SIGNATURE, flags );
382 RegCloseKey( hkey );
383 return ret;
384 }
385
386 static struct key *duplicate_key( const struct key *key )
387 {
388 struct key *ret;
389
390 if (!(ret = create_key( key->algid, key->flags ))) return NULL;
391
392 if (BCryptDuplicateKey( key->handle, &ret->handle, NULL, 0, 0 ))
393 {
394 heap_free( ret );
395 return NULL;
396 }
397 return ret;
398 }
399
400 static BOOL generate_key( struct container *container, ALG_ID algid, DWORD bitlen, DWORD flags, HCRYPTKEY *ret_key )
401 {
402 struct key *key, *sign_key;
403 NTSTATUS status;
404
405 if (!(key = create_key( algid, flags ))) return FALSE;
406
407 if ((status = BCryptGenerateKeyPair( key->alg_handle, &key->handle, bitlen, 0 )))
408 {
409 ERR( "failed to generate key %08x\n", status );
410 destroy_key( key );
411 return FALSE;
412 }
413 if ((status = BCryptFinalizeKeyPair( key->handle, 0 )))
414 {
415 ERR( "failed to finalize key %08x\n", status );
416 destroy_key( key );
417 return FALSE;
418 }
419
420 switch (algid)
421 {
422 case AT_SIGNATURE:
423 case CALG_DSS_SIGN:
424 if (!(sign_key = duplicate_key( key )))
425 {
426 destroy_key( key );
427 return FALSE;
428 }
429 destroy_key( container->sign_key );
430 container->sign_key = sign_key;
431 break;
432
433 default:
434 FIXME( "unhandled algorithm %08x\n", algid );
435 return FALSE;
436 }
437
438 if (!store_key_container_keys( container )) return FALSE;
439
440 *ret_key = (HCRYPTKEY)key;
441 return TRUE;
442 }
443
444 BOOL WINAPI CPGenKey( HCRYPTPROV hprov, ALG_ID algid, DWORD flags, HCRYPTKEY *ret_key )
445 {
446 static const unsigned int supported_key_lengths[] = { 512, 768, 1024 };
447 struct container *container = (struct container *)hprov;
448 ULONG i, bitlen = HIWORD(flags) ? HIWORD(flags) : 1024;
449
450 TRACE( "%p, %08x, %08x, %p\n", (void *)hprov, algid, flags, ret_key );
451
452 if (container->magic != MAGIC_CONTAINER) return FALSE;
453
454 if (bitlen % 2)
455 {
456 SetLastError( STATUS_INVALID_PARAMETER );
457 return FALSE;
458 }
459 for (i = 0; i < ARRAY_SIZE(supported_key_lengths); i++)
460 {
461 if (bitlen == supported_key_lengths[i]) break;
462 }
463 if (i >= ARRAY_SIZE(supported_key_lengths))
464 {
465 SetLastError( NTE_BAD_FLAGS );
466 return FALSE;
467 }
468
469 return generate_key( container, algid, bitlen, LOWORD(flags), ret_key );
470 }
471
472 BOOL WINAPI CPDestroyKey( HCRYPTPROV hprov, HCRYPTKEY hkey )
473 {
474 struct key *key = (struct key *)hkey;
475
476 TRACE( "%p, %p\n", (void *)hprov, (void *)hkey );
477
478 if (key->magic != MAGIC_KEY)
479 {
480 SetLastError( NTE_BAD_KEY );
481 return FALSE;
482 }
483
484 destroy_key( key );
485 return TRUE;
486 }
487
488 #define MAGIC_DSS1 ('D' | ('S' << 8) | ('S' << 16) | ('1' << 24))
489 #define MAGIC_DSS2 ('D' | ('S' << 8) | ('S' << 16) | ('2' << 24))
490 #define MAGIC_DSS3 ('D' | ('S' << 8) | ('S' << 16) | ('3' << 24))
491
492 static BOOL import_key_dss2( struct container *container, ALG_ID algid, const BYTE *data, DWORD len, DWORD flags,
493 HCRYPTKEY *ret_key )
494 {
495 const BLOBHEADER *hdr = (const BLOBHEADER *)data;
496 const DSSPUBKEY *pubkey = (const DSSPUBKEY *)(hdr + 1);
497 const WCHAR *type;
498 struct key *key, *exch_key, *sign_key;
499 NTSTATUS status;
500
501 if (len < sizeof(*hdr) + sizeof(*pubkey)) return FALSE;
502
503 switch (pubkey->magic)
504 {
505 case MAGIC_DSS1:
506 type = LEGACY_DSA_V2_PUBLIC_BLOB;
507 break;
508
509 case MAGIC_DSS2:
510 type = LEGACY_DSA_V2_PRIVATE_BLOB;
511 break;
512
513 default:
514 FIXME( "unsupported key magic %08x\n", pubkey->magic );
515 return FALSE;
516 }
517
518 if (!(key = create_key( CALG_DSS_SIGN, flags ))) return FALSE;
519
520 if ((status = BCryptImportKeyPair( key->alg_handle, NULL, type, &key->handle, (UCHAR *)data, len, 0 )))
521 {
522 TRACE( "failed to import key %08x\n", status );
523 destroy_key( key );
524 return FALSE;
525 }
526
527 if (!wcscmp(type, LEGACY_DSA_V2_PRIVATE_BLOB))
528 {
529 switch (algid)
530 {
531 case AT_KEYEXCHANGE:
532 case CALG_DH_SF:
533 if (!(exch_key = duplicate_key( key )))
534 {
535 destroy_key( key );
536 return FALSE;
537 }
538 destroy_key( container->exch_key );
539 container->exch_key = exch_key;
540 break;
541
542 case AT_SIGNATURE:
543 case CALG_DSS_SIGN:
544 if (!(sign_key = duplicate_key( key )))
545 {
546 destroy_key( key );
547 return FALSE;
548 }
549 destroy_key( container->sign_key );
550 container->sign_key = sign_key;
551 break;
552
553 default:
554 FIXME( "unhandled key algorithm %u\n", algid );
555 destroy_key( key );
556 return FALSE;
557 }
558
559 if (!store_key_container_keys( container )) return FALSE;
560 }
561
562 *ret_key = (HCRYPTKEY)key;
563 return TRUE;
564 }
565
566 static BOOL import_key_dss3( struct container *container, ALG_ID algid, const BYTE *data, DWORD len, DWORD flags,
567 HCRYPTKEY *ret_key )
568 {
569 const BLOBHEADER *hdr = (const BLOBHEADER *)data;
570 const DSSPUBKEY_VER3 *pubkey = (const DSSPUBKEY_VER3 *)(hdr + 1);
571 BCRYPT_DSA_KEY_BLOB *blob;
572 struct key *key;
573 BYTE *src, *dst;
574 ULONG i, size, size_q;
575 NTSTATUS status;
576
577 if (len < sizeof(*hdr) + sizeof(*pubkey)) return FALSE;
578
579 switch (pubkey->magic)
580 {
581 case MAGIC_DSS3:
582 break;
583
584 default:
585 FIXME( "unsupported key magic %08x\n", pubkey->magic );
586 return FALSE;
587 }
588
589 if ((size_q = pubkey->bitlenQ / 8) > sizeof(blob->q))
590 {
591 FIXME( "q too large\n" );
592 return FALSE;
593 }
594
595 if (!(key = create_key( CALG_DSS_SIGN, flags ))) return FALSE;
596
597 size = sizeof(*blob) + (pubkey->bitlenP / 8) * 3;
598 if (!(blob = heap_alloc_zero( size )))
599 {
600 destroy_key( key );
601 return FALSE;
602 }
603 blob->dwMagic = BCRYPT_DSA_PUBLIC_MAGIC;
604 blob->cbKey = pubkey->bitlenP / 8;
605 memcpy( blob->Count, &pubkey->DSSSeed.counter, sizeof(blob->Count) );
606 memcpy( blob->Seed, pubkey->DSSSeed.seed, sizeof(blob->Seed) );
607
608 /* q */
609 src = (BYTE *)(pubkey + 1) + blob->cbKey;
610 for (i = 0; i < size_q; i++) blob->q[i] = src[size_q - i - 1];
611
612 /* p */
613 src -= blob->cbKey;
614 dst = (BYTE *)(blob + 1);
615 for (i = 0; i < blob->cbKey; i++) dst[i] = src[blob->cbKey - i - 1];
616
617 /* g */
618 src += blob->cbKey + size_q;
619 dst += blob->cbKey;
620 for (i = 0; i < blob->cbKey; i++) dst[i] = src[blob->cbKey - i - 1];
621
622 /* y */
623 src += blob->cbKey + pubkey->bitlenJ / 8;
624 dst += blob->cbKey;
625 for (i = 0; i < blob->cbKey; i++) dst[i] = src[blob->cbKey - i - 1];
626
627 if ((status = BCryptImportKeyPair( key->alg_handle, NULL, BCRYPT_DSA_PUBLIC_BLOB, &key->handle, (UCHAR *)blob,
628 size, 0 )))
629 {
630 WARN( "failed to import key %08x\n", status );
631 destroy_key( key );
632 heap_free( blob );
633 return FALSE;
634 }
635
636 heap_free( blob );
637 *ret_key = (HCRYPTKEY)key;
638 return TRUE;
639 }
640
641 BOOL WINAPI CPImportKey( HCRYPTPROV hprov, const BYTE *data, DWORD len, HCRYPTKEY hpubkey, DWORD flags,
642 HCRYPTKEY *ret_key )
643 {
644 struct container *container = (struct container *)hprov;
645 const BLOBHEADER *hdr;
646 BOOL ret;
647
648 TRACE( "%p, %p, %u, %p, %08x, %p\n", (void *)hprov, data, len, (void *)hpubkey, flags, ret_key );
649
650 if (container->magic != MAGIC_CONTAINER) return FALSE;
651 if (len < sizeof(*hdr)) return FALSE;
652
653 hdr = (const BLOBHEADER *)data;
654 if ((hdr->bType != PRIVATEKEYBLOB && hdr->bType != PUBLICKEYBLOB) || hdr->aiKeyAlg != CALG_DSS_SIGN)
655 {
656 FIXME( "bType %u aiKeyAlg %08x not supported\n", hdr->bType, hdr->aiKeyAlg );
657 return FALSE;
658 }
659
660 switch (hdr->bVersion)
661 {
662 case 2:
663 ret = import_key_dss2( container, hdr->aiKeyAlg, data, len, flags, ret_key );
664 break;
665
666 case 3:
667 ret = import_key_dss3( container, hdr->aiKeyAlg, data, len, flags, ret_key );
668 break;
669
670 default:
671 FIXME( "version %u not supported\n", hdr->bVersion );
672 return FALSE;
673 }
674
675 return ret;
676 }
677
678 BOOL WINAPI CPExportKey( HCRYPTPROV hprov, HCRYPTKEY hkey, HCRYPTKEY hexpkey, DWORD blobtype, DWORD flags,
679 BYTE *data, DWORD *len )
680 {
681 struct key *key = (struct key *)hkey;
682 const WCHAR *type;
683
684 TRACE( "%p, %p, %p, %08x, %08x, %p, %p\n", (void *)hprov, (void *)hkey, (void *)hexpkey, blobtype, flags,
685 data, len );
686
687 if (key->magic != MAGIC_KEY) return FALSE;
688 if (hexpkey)
689 {
690 FIXME( "export key not supported\n" );
691 return FALSE;
692 }
693 if (flags)
694 {
695 FIXME( "flags %08x not supported\n", flags );
696 return FALSE;
697 }
698
699 switch (blobtype)
700 {
701 case PUBLICKEYBLOB:
702 type = LEGACY_DSA_V2_PUBLIC_BLOB;
703 break;
704
705 case PRIVATEKEYBLOB:
706 type = LEGACY_DSA_V2_PRIVATE_BLOB;
707 break;
708
709 default:
710 FIXME( "blob type %u not supported\n", blobtype );
711 return FALSE;
712 }
713
714 return !BCryptExportKey( key->handle, NULL, type, data, *len, len, 0 );
715 }
716
717 BOOL WINAPI CPDuplicateKey( HCRYPTPROV hprov, HCRYPTKEY hkey, DWORD *reserved, DWORD flags, HCRYPTKEY *ret_key )
718 {
719 struct key *key = (struct key *)hkey, *ret;
720
721 TRACE( "%p, %p, %p, %08x, %p\n", (void *)hprov, (void *)hkey, reserved, flags, ret_key );
722
723 if (key->magic != MAGIC_KEY) return FALSE;
724
725 if (!(ret = duplicate_key( key ))) return FALSE;
726 *ret_key = (HCRYPTKEY)ret;
727 return TRUE;
728 }
729
730 BOOL WINAPI CPGetUserKey( HCRYPTPROV hprov, DWORD keyspec, HCRYPTKEY *ret_key )
731 {
732 struct container *container = (struct container *)hprov;
733 BOOL ret = FALSE;
734
735 TRACE( "%p, %08x, %p\n", (void *)hprov, keyspec, ret_key );
736
737 if (container->magic != MAGIC_CONTAINER) return FALSE;
738
739 switch (keyspec)
740 {
741 case AT_KEYEXCHANGE:
742 if (!container->exch_key) SetLastError( NTE_NO_KEY );
743 else if ((*ret_key = (HCRYPTKEY)duplicate_key( container->exch_key ))) ret = TRUE;
744 break;
745
746 case AT_SIGNATURE:
747 if (!container->sign_key) SetLastError( NTE_NO_KEY );
748 else if ((*ret_key = (HCRYPTKEY)duplicate_key( container->sign_key ))) ret = TRUE;
749 break;
750
751 default:
752 SetLastError( NTE_NO_KEY );
753 return FALSE;
754 }
755
756 return ret;
757 }
758
759 BOOL WINAPI CPGenRandom( HCRYPTPROV hprov, DWORD len, BYTE *buffer )
760 {
761 struct container *container = (struct container *)hprov;
762
763 TRACE( "%p, %u, %p\n", (void *)hprov, len, buffer );
764
765 if (container->magic != MAGIC_CONTAINER) return FALSE;
766
767 return RtlGenRandom( buffer, len );
768 }
769
770 static struct hash *create_hash( ALG_ID algid )
771 {
772 struct hash *ret;
773 BCRYPT_ALG_HANDLE alg_handle;
774 const WCHAR *alg;
775 DWORD len;
776
777 switch (algid)
778 {
779 case CALG_MD5:
780 alg = BCRYPT_MD5_ALGORITHM;
781 len = 16;
782 break;
783
784 case CALG_SHA1:
785 alg = BCRYPT_SHA1_ALGORITHM;
786 len = 20;
787 break;
788
789 default:
790 FIXME( "unhandled algorithm %u\n", algid );
791 return NULL;
792 }
793
794 if (!(ret = heap_alloc_zero( sizeof(*ret) ))) return NULL;
795
796 ret->magic = MAGIC_HASH;
797 ret->len = len;
798 if (BCryptOpenAlgorithmProvider( &alg_handle, alg, MS_PRIMITIVE_PROVIDER, 0 ))
799 {
800 heap_free( ret );
801 return NULL;
802 }
803 if (BCryptCreateHash( alg_handle, &ret->handle, NULL, 0, NULL, 0, 0 ))
804 {
805 BCryptCloseAlgorithmProvider( alg_handle, 0 );
806 heap_free( ret );
807 return NULL;
808 }
809
810 BCryptCloseAlgorithmProvider( alg_handle, 0 );
811 return ret;
812 }
813
814 BOOL WINAPI CPCreateHash( HCRYPTPROV hprov, ALG_ID algid, HCRYPTKEY hkey, DWORD flags, HCRYPTHASH *ret_hash )
815 {
816 struct hash *hash;
817
818 TRACE( "%p, %08x, %p, %08x, %p\n", (void *)hprov, algid, (void *)hkey, flags, ret_hash );
819
820 switch (algid)
821 {
822 case CALG_MD5:
823 case CALG_SHA1:
824 break;
825
826 default:
827 FIXME( "algorithm %u not supported\n", algid );
828 SetLastError( NTE_BAD_ALGID );
829 return FALSE;
830 }
831
832 if (!(hash = create_hash( algid ))) return FALSE;
833
834 *ret_hash = (HCRYPTHASH)hash;
835 return TRUE;
836 }
837
838 static void destroy_hash( struct hash *hash )
839 {
840 if (!hash) return;
841 BCryptDestroyHash( hash->handle );
842 hash->magic = 0;
843 heap_free( hash );
844 }
845
846 BOOL WINAPI CPDestroyHash( HCRYPTPROV hprov, HCRYPTHASH hhash )
847 {
848 struct hash *hash = (struct hash *)hhash;
849
850 TRACE( "%p, %p\n", (void *)hprov, (void *)hhash);
851
852 if (hash->magic != MAGIC_HASH)
853 {
854 SetLastError( NTE_BAD_HASH );
855 return FALSE;
856 }
857
858 destroy_hash( hash );
859 return TRUE;
860 }
861
862 static struct hash *duplicate_hash( const struct hash *hash )
863 {
864 struct hash *ret;
865
866 if (!(ret = heap_alloc( sizeof(*ret) ))) return NULL;
867
868 ret->magic = hash->magic;
869 ret->len = hash->len;
870 if (BCryptDuplicateHash( hash->handle, &ret->handle, NULL, 0, 0 ))
871 {
872 heap_free( ret );
873 return NULL;
874 }
875 memcpy( ret->value, hash->value, sizeof(hash->value) );
876 ret->finished = hash->finished;
877 return ret;
878 }
879
880 BOOL WINAPI CPDuplicateHash( HCRYPTPROV hprov, HCRYPTHASH hhash, DWORD *reserved, DWORD flags, HCRYPTHASH *ret_hash )
881 {
882 struct hash *hash = (struct hash *)hhash, *ret;
883
884 TRACE( "%p, %p, %p, %08x, %p\n", (void *)hprov, (void *)hhash, reserved, flags, ret_hash );
885
886 if (hash->magic != MAGIC_HASH) return FALSE;
887
888 if (!(ret = duplicate_hash( hash ))) return FALSE;
889 *ret_hash = (HCRYPTHASH)ret;
890 return TRUE;
891 }
892
893 BOOL WINAPI CPHashData( HCRYPTPROV hprov, HCRYPTHASH hhash, const BYTE *data, DWORD len, DWORD flags )
894 {
895 struct hash *hash = (struct hash *)hhash;
896
897 TRACE("%p, %p, %p, %u, %08x\n", (void *)hprov, (void *)hhash, data, len, flags );
898
899 if (hash->magic != MAGIC_HASH) return FALSE;
900
901 if (hash->finished)
902 {
903 SetLastError( NTE_BAD_HASH_STATE );
904 return FALSE;
905 }
906 return !BCryptHashData( hash->handle, (UCHAR *)data, len, 0 );
907 }
908
909 BOOL WINAPI CPGetHashParam( HCRYPTPROV hprov, HCRYPTHASH hhash, DWORD param, BYTE *data, DWORD *len, DWORD flags )
910 {
911 struct hash *hash = (struct hash *)hhash;
912
913 TRACE( "%p, %p, %08x, %p, %p, %08x\n", (void *)hprov, (void *)hhash, param, data, len, flags );
914
915 if (hash->magic != MAGIC_HASH) return FALSE;
916
917 switch (param)
918 {
919 case HP_HASHSIZE:
920 if (sizeof(hash->len) > *len)
921 {
922 *len = sizeof(hash->len);
923 SetLastError( ERROR_MORE_DATA );
924 return FALSE;
925 }
926 *(DWORD *)data = hash->len;
927 *len = sizeof(hash->len);
928 return TRUE;
929
930 case HP_HASHVAL:
931 if (!hash->finished)
932 {
933 if (BCryptFinishHash( hash->handle, hash->value, hash->len, 0 )) return FALSE;
934 hash->finished = TRUE;
935 }
936 if (hash->len > *len)
937 {
938 *len = hash->len;
939 SetLastError( ERROR_MORE_DATA );
940 return FALSE;
941 }
942 memcpy( data, hash->value, hash->len );
943 *len = hash->len;
944 return TRUE;
945
946 default:
947 SetLastError( NTE_BAD_TYPE );
948 return FALSE;
949 }
950 }
951
952 BOOL WINAPI CPSetHashParam( HCRYPTPROV hprov, HCRYPTHASH hhash, DWORD param, const BYTE *data, DWORD flags )
953 {
954 struct hash *hash = (struct hash *)hhash;
955
956 TRACE( "%p, %p, %08x, %p, %08x\n", (void *)hprov, (void *)hhash, param, data, flags );
957
958 if (hash->magic != MAGIC_HASH) return FALSE;
959
960 switch (param)
961 {
962 case HP_HASHVAL:
963 memcpy( hash->value, data, hash->len );
964 return TRUE;
965
966 default:
967 FIXME( "param %u not supported\n", param );
968 SetLastError( NTE_BAD_TYPE );
969 return FALSE;
970 }
971 }
972
973 BOOL WINAPI CPDeriveKey( HCRYPTPROV hprov, ALG_ID algid, HCRYPTHASH hhash, DWORD flags, HCRYPTKEY *ret_key )
974 {
975 return FALSE;
976 }
977
978 static DWORD get_signature_length( DWORD algid )
979 {
980 switch (algid)
981 {
982 case AT_SIGNATURE:
983 case CALG_DSS_SIGN: return 40;
984 default:
985 FIXME( "unhandled algorithm %u\n", algid );
986 return 0;
987 }
988 }
989
990 #define MAX_HASH_LEN 20
991 BOOL WINAPI CPSignHash( HCRYPTPROV hprov, HCRYPTHASH hhash, DWORD keyspec, const WCHAR *desc, DWORD flags, BYTE *sig,
992 DWORD *siglen )
993 {
994 struct container *container = (struct container *)hprov;
995 struct hash *hash = (struct hash *)hhash;
996 ULONG len;
997
998 TRACE( "%p, %p, %u, %s, %08x, %p, %p\n", (void *)hprov, (void *)hhash, keyspec, debugstr_w(desc), flags, sig,
999 siglen );
1000
1001 if (container->magic != MAGIC_CONTAINER || !container->sign_key) return FALSE;
1002 if (hash->magic != MAGIC_HASH) return FALSE;
1003
1004 if (!(len = get_signature_length( container->sign_key->algid ))) return FALSE;
1005 if (*siglen < len)
1006 {
1007 *siglen = len;
1008 return TRUE;
1009 }
1010
1011 return !BCryptSignHash( container->sign_key->handle, NULL, hash->value, hash->len, sig, *siglen, siglen, 0 );
1012 }
1013
1014 BOOL WINAPI CPVerifySignature( HCRYPTPROV hprov, HCRYPTHASH hhash, const BYTE *sig, DWORD siglen, HCRYPTKEY hpubkey,
1015 const WCHAR *desc, DWORD flags )
1016 {
1017 struct hash *hash = (struct hash *)hhash;
1018 struct key *key = (struct key *)hpubkey;
1019
1020 TRACE( "%p, %p, %p, %u %p, %s, %08x\n", (void *)hprov, (void *)hhash, sig, siglen, (void *)hpubkey,
1021 debugstr_w(desc), flags );
1022
1023 if (hash->magic != MAGIC_HASH || key->magic != MAGIC_KEY) return FALSE;
1024 if (flags)
1025 {
1026 FIXME( "flags %08x not supported\n", flags );
1027 return FALSE;
1028 }
1029
1030 return !BCryptVerifySignature( key->handle, NULL, hash->value, hash->len, (UCHAR *)sig, siglen, 0 );
1031 }
Windows API implementation