search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
d2d1: Create feature level 10.0 device context state objects.
[wine.git] / dlls / bcrypt / gnutls.c
blobc880c9c1d46c655c1a09d49b8bb59081fb6b4a7a
1 /*
2 * Copyright 2009 Henri Verbeet for CodeWeavers
3 * Copyright 2018 Hans Leidekker for CodeWeavers
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 *
19 */
20
21 #if 0
22 #pragma makedep unix
23 #endif
24
25 #include "config.h"
26
27 #ifdef HAVE_GNUTLS_CIPHER_INIT
28
29 #include <stdarg.h>
30 #include <stdlib.h>
31 #include <assert.h>
32 #include <sys/types.h>
33 #include <dlfcn.h>
34 #include <gnutls/gnutls.h>
35 #include <gnutls/crypto.h>
36 #include <gnutls/abstract.h>
37
38 #include "ntstatus.h"
39 #define WIN32_NO_STATUS
40 #include "windef.h"
41 #include "winbase.h"
42 #include "winternl.h"
43 #include "ntsecapi.h"
44 #include "wincrypt.h"
45 #include "bcrypt.h"
46
47 #include "bcrypt_internal.h"
48
49 #include "wine/debug.h"
50
51 WINE_DEFAULT_DEBUG_CHANNEL(bcrypt);
52 WINE_DECLARE_DEBUG_CHANNEL(winediag);
53
54 #if GNUTLS_VERSION_MAJOR < 3
55 #define GNUTLS_CIPHER_AES_192_CBC 92
56 #define GNUTLS_CIPHER_AES_128_GCM 93
57 #define GNUTLS_CIPHER_AES_256_GCM 94
58 #define GNUTLS_PK_ECC 4
59
60 #define GNUTLS_CURVE_TO_BITS(curve) (unsigned int)(((unsigned int)1<<31)|((unsigned int)(curve)))
61
62 typedef enum
63 {
64 GNUTLS_ECC_CURVE_INVALID,
65 GNUTLS_ECC_CURVE_SECP224R1,
66 GNUTLS_ECC_CURVE_SECP256R1,
67 GNUTLS_ECC_CURVE_SECP384R1,
68 GNUTLS_ECC_CURVE_SECP521R1,
69 } gnutls_ecc_curve_t;
70 #endif
71
72 union key_data
73 {
74 gnutls_cipher_hd_t cipher;
75 gnutls_privkey_t privkey;
76 };
77 C_ASSERT( sizeof(union key_data) <= sizeof(((struct key *)0)->private) );
78
79 static union key_data *key_data( struct key *key )
80 {
81 return (union key_data *)key->private;
82 }
83
84 /* Not present in gnutls version < 3.0 */
85 static int (*pgnutls_cipher_tag)(gnutls_cipher_hd_t, void *, size_t);
86 static int (*pgnutls_cipher_add_auth)(gnutls_cipher_hd_t, const void *, size_t);
87 static gnutls_sign_algorithm_t (*pgnutls_pk_to_sign)(gnutls_pk_algorithm_t, gnutls_digest_algorithm_t);
88 static int (*pgnutls_pubkey_import_ecc_raw)(gnutls_pubkey_t, gnutls_ecc_curve_t,
89 const gnutls_datum_t *, const gnutls_datum_t *);
90 static int (*pgnutls_privkey_import_ecc_raw)(gnutls_privkey_t, gnutls_ecc_curve_t, const gnutls_datum_t *,
91 const gnutls_datum_t *, const gnutls_datum_t *);
92 static int (*pgnutls_pubkey_verify_hash2)(gnutls_pubkey_t, gnutls_sign_algorithm_t, unsigned int,
93 const gnutls_datum_t *, const gnutls_datum_t *);
94
95 /* Not present in gnutls version < 2.11.0 */
96 static int (*pgnutls_pubkey_import_rsa_raw)(gnutls_pubkey_t, const gnutls_datum_t *, const gnutls_datum_t *);
97
98 /* Not present in gnutls version < 2.12.0 */
99 static int (*pgnutls_pubkey_import_dsa_raw)(gnutls_pubkey_t, const gnutls_datum_t *, const gnutls_datum_t *,
100 const gnutls_datum_t *, const gnutls_datum_t *);
101
102 /* Not present in gnutls version < 3.3.0 */
103 static int (*pgnutls_privkey_export_ecc_raw)(gnutls_privkey_t, gnutls_ecc_curve_t *,
104 gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *);
105 static int (*pgnutls_privkey_export_rsa_raw)(gnutls_privkey_t, gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *,
106 gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *,
107 gnutls_datum_t *);
108 static int (*pgnutls_privkey_export_dsa_raw)(gnutls_privkey_t, gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *,
109 gnutls_datum_t *, gnutls_datum_t *);
110 static int (*pgnutls_privkey_generate)(gnutls_privkey_t, gnutls_pk_algorithm_t, unsigned int, unsigned int);
111 static int (*pgnutls_privkey_import_rsa_raw)(gnutls_privkey_t, const gnutls_datum_t *, const gnutls_datum_t *,
112 const gnutls_datum_t *, const gnutls_datum_t *, const gnutls_datum_t *,
113 const gnutls_datum_t *, const gnutls_datum_t *, const gnutls_datum_t *);
114 static int (*pgnutls_privkey_decrypt_data)(gnutls_privkey_t, unsigned int flags, const gnutls_datum_t *, gnutls_datum_t *);
115
116 /* Not present in gnutls version < 3.6.0 */
117 static int (*pgnutls_decode_rs_value)(const gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *);
118
119 static void *libgnutls_handle;
120 #define MAKE_FUNCPTR(f) static typeof(f) * p##f
121 MAKE_FUNCPTR(gnutls_cipher_decrypt2);
122 MAKE_FUNCPTR(gnutls_cipher_deinit);
123 MAKE_FUNCPTR(gnutls_cipher_encrypt2);
124 MAKE_FUNCPTR(gnutls_cipher_init);
125 MAKE_FUNCPTR(gnutls_global_deinit);
126 MAKE_FUNCPTR(gnutls_global_init);
127 MAKE_FUNCPTR(gnutls_global_set_log_function);
128 MAKE_FUNCPTR(gnutls_global_set_log_level);
129 MAKE_FUNCPTR(gnutls_perror);
130 MAKE_FUNCPTR(gnutls_privkey_decrypt_data);
131 MAKE_FUNCPTR(gnutls_privkey_deinit);
132 MAKE_FUNCPTR(gnutls_privkey_import_dsa_raw);
133 MAKE_FUNCPTR(gnutls_privkey_init);
134 MAKE_FUNCPTR(gnutls_privkey_sign_hash);
135 MAKE_FUNCPTR(gnutls_pubkey_deinit);
136 MAKE_FUNCPTR(gnutls_pubkey_init);
137 #undef MAKE_FUNCPTR
138
139 static int compat_gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag, size_t tag_size)
140 {
141 return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
142 }
143
144 static int compat_gnutls_cipher_add_auth(gnutls_cipher_hd_t handle, const void *ptext, size_t ptext_size)
145 {
146 return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
147 }
148
149 static int compat_gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_curve_t curve,
150 const gnutls_datum_t *x, const gnutls_datum_t *y)
151 {
152 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
153 }
154
155 static int compat_gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, gnutls_datum_t *m, gnutls_datum_t *e,
156 gnutls_datum_t *d, gnutls_datum_t *p, gnutls_datum_t *q,
157 gnutls_datum_t *u, gnutls_datum_t *e1, gnutls_datum_t *e2)
158 {
159 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
160 }
161
162 static int compat_gnutls_privkey_export_ecc_raw(gnutls_privkey_t key, gnutls_ecc_curve_t *curve,
163 gnutls_datum_t *x, gnutls_datum_t *y, gnutls_datum_t *k)
164 {
165 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
166 }
167
168 static int compat_gnutls_privkey_import_ecc_raw(gnutls_privkey_t key, gnutls_ecc_curve_t curve,
169 const gnutls_datum_t *x, const gnutls_datum_t *y,
170 const gnutls_datum_t *k)
171 {
172 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
173 }
174
175 static int compat_gnutls_privkey_export_dsa_raw(gnutls_privkey_t key, gnutls_datum_t *p, gnutls_datum_t *q,
176 gnutls_datum_t *g, gnutls_datum_t *y, gnutls_datum_t *x)
177 {
178 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
179 }
180
181 static gnutls_sign_algorithm_t compat_gnutls_pk_to_sign(gnutls_pk_algorithm_t pk, gnutls_digest_algorithm_t hash)
182 {
183 return GNUTLS_SIGN_UNKNOWN;
184 }
185
186 static int compat_gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, gnutls_sign_algorithm_t algo,
187 unsigned int flags, const gnutls_datum_t *hash,
188 const gnutls_datum_t *signature)
189 {
190 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
191 }
192
193 static int compat_gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key, const gnutls_datum_t *m, const gnutls_datum_t *e)
194 {
195 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
196 }
197
198 static int compat_gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key, const gnutls_datum_t *p, const gnutls_datum_t *q,
199 const gnutls_datum_t *g, const gnutls_datum_t *y)
200 {
201 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
202 }
203
204 static int compat_gnutls_privkey_generate(gnutls_privkey_t key, gnutls_pk_algorithm_t algo, unsigned int bits,
205 unsigned int flags)
206 {
207 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
208 }
209
210 static int compat_gnutls_decode_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t * r, gnutls_datum_t * s)
211 {
212 return GNUTLS_E_INTERNAL_ERROR;
213 }
214
215 static int compat_gnutls_privkey_import_rsa_raw(gnutls_privkey_t key, const gnutls_datum_t *m, const gnutls_datum_t *e,
216 const gnutls_datum_t *d, const gnutls_datum_t *p, const gnutls_datum_t *q,
217 const gnutls_datum_t *u, const gnutls_datum_t *e1, const gnutls_datum_t *e2)
218 {
219 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
220 }
221
222 static int compat_gnutls_privkey_decrypt_data(gnutls_privkey_t key, unsigned int flags, const gnutls_datum_t *cipher_text,
223 gnutls_datum_t *plain_text)
224 {
225 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
226 }
227
228 static void gnutls_log( int level, const char *msg )
229 {
230 TRACE( "<%d> %s", level, msg );
231 }
232
233 static NTSTATUS gnutls_process_attach( void *args )
234 {
235 const char *env_str;
236 int ret;
237
238 if ((env_str = getenv("GNUTLS_SYSTEM_PRIORITY_FILE")))
239 {
240 WARN("GNUTLS_SYSTEM_PRIORITY_FILE is %s.\n", debugstr_a(env_str));
241 }
242 else
243 {
244 WARN("Setting GNUTLS_SYSTEM_PRIORITY_FILE to \"/dev/null\".\n");
245 setenv("GNUTLS_SYSTEM_PRIORITY_FILE", "/dev/null", 0);
246 }
247
248 if (!(libgnutls_handle = dlopen( SONAME_LIBGNUTLS, RTLD_NOW )))
249 {
250 ERR_(winediag)( "failed to load libgnutls, no support for encryption\n" );
251 return STATUS_DLL_NOT_FOUND;
252 }
253
254 #define LOAD_FUNCPTR(f) \
255 if (!(p##f = dlsym( libgnutls_handle, #f ))) \
256 { \
257 ERR( "failed to load %s\n", #f ); \
258 goto fail; \
259 }
260
261 LOAD_FUNCPTR(gnutls_cipher_decrypt2)
262 LOAD_FUNCPTR(gnutls_cipher_deinit)
263 LOAD_FUNCPTR(gnutls_cipher_encrypt2)
264 LOAD_FUNCPTR(gnutls_cipher_init)
265 LOAD_FUNCPTR(gnutls_global_deinit)
266 LOAD_FUNCPTR(gnutls_global_init)
267 LOAD_FUNCPTR(gnutls_global_set_log_function)
268 LOAD_FUNCPTR(gnutls_global_set_log_level)
269 LOAD_FUNCPTR(gnutls_perror)
270 LOAD_FUNCPTR(gnutls_privkey_deinit);
271 LOAD_FUNCPTR(gnutls_privkey_import_dsa_raw);
272 LOAD_FUNCPTR(gnutls_privkey_init);
273 LOAD_FUNCPTR(gnutls_privkey_sign_hash);
274 LOAD_FUNCPTR(gnutls_pubkey_deinit);
275 LOAD_FUNCPTR(gnutls_pubkey_init);
276 #undef LOAD_FUNCPTR
277
278 #define LOAD_FUNCPTR_OPT(f) \
279 if (!(p##f = dlsym( libgnutls_handle, #f ))) \
280 { \
281 WARN( "failed to load %s\n", #f ); \
282 p##f = compat_##f; \
283 }
284
285 LOAD_FUNCPTR_OPT(gnutls_cipher_tag)
286 LOAD_FUNCPTR_OPT(gnutls_cipher_add_auth)
287 LOAD_FUNCPTR_OPT(gnutls_pubkey_import_ecc_raw)
288 LOAD_FUNCPTR_OPT(gnutls_privkey_export_rsa_raw)
289 LOAD_FUNCPTR_OPT(gnutls_privkey_export_ecc_raw)
290 LOAD_FUNCPTR_OPT(gnutls_privkey_import_ecc_raw)
291 LOAD_FUNCPTR_OPT(gnutls_privkey_export_dsa_raw)
292 LOAD_FUNCPTR_OPT(gnutls_pk_to_sign)
293 LOAD_FUNCPTR_OPT(gnutls_pubkey_verify_hash2)
294 LOAD_FUNCPTR_OPT(gnutls_pubkey_import_rsa_raw)
295 LOAD_FUNCPTR_OPT(gnutls_pubkey_import_dsa_raw)
296 LOAD_FUNCPTR_OPT(gnutls_privkey_generate)
297 LOAD_FUNCPTR_OPT(gnutls_decode_rs_value)
298 LOAD_FUNCPTR_OPT(gnutls_privkey_import_rsa_raw)
299 LOAD_FUNCPTR_OPT(gnutls_privkey_decrypt_data)
300 #undef LOAD_FUNCPTR_OPT
301
302 if ((ret = pgnutls_global_init()) != GNUTLS_E_SUCCESS)
303 {
304 pgnutls_perror( ret );
305 goto fail;
306 }
307
308 if (TRACE_ON( bcrypt ))
309 {
310 pgnutls_global_set_log_level( 4 );
311 pgnutls_global_set_log_function( gnutls_log );
312 }
313
314 return STATUS_SUCCESS;
315
316 fail:
317 dlclose( libgnutls_handle );
318 libgnutls_handle = NULL;
319 return STATUS_DLL_NOT_FOUND;
320 }
321
322 static NTSTATUS gnutls_process_detach( void *args )
323 {
324 if (libgnutls_handle)
325 {
326 pgnutls_global_deinit();
327 dlclose( libgnutls_handle );
328 libgnutls_handle = NULL;
329 }
330 return STATUS_SUCCESS;
331 }
332
333 struct buffer
334 {
335 BYTE *buffer;
336 DWORD length;
337 DWORD pos;
338 BOOL error;
339 };
340
341 static void buffer_init( struct buffer *buffer )
342 {
343 buffer->buffer = NULL;
344 buffer->length = 0;
345 buffer->pos = 0;
346 buffer->error = FALSE;
347 }
348
349 static void buffer_free( struct buffer *buffer )
350 {
351 free( buffer->buffer );
352 }
353
354 static void buffer_append( struct buffer *buffer, BYTE *data, DWORD len )
355 {
356 if (!len) return;
357
358 if (buffer->pos + len > buffer->length)
359 {
360 DWORD new_length = max( max( buffer->pos + len, buffer->length * 2 ), 64 );
361 BYTE *new_buffer;
362
363 if (!(new_buffer = realloc( buffer->buffer, new_length )))
364 {
365 ERR( "out of memory\n" );
366 buffer->error = TRUE;
367 return;
368 }
369
370 buffer->buffer = new_buffer;
371 buffer->length = new_length;
372 }
373
374 memcpy( &buffer->buffer[buffer->pos], data, len );
375 buffer->pos += len;
376 }
377
378 static void buffer_append_byte( struct buffer *buffer, BYTE value )
379 {
380 buffer_append( buffer, &value, sizeof(value) );
381 }
382
383 static void buffer_append_asn1_length( struct buffer *buffer, DWORD length )
384 {
385 DWORD num_bytes;
386
387 if (length < 128)
388 {
389 buffer_append_byte( buffer, length );
390 return;
391 }
392
393 if (length <= 0xff) num_bytes = 1;
394 else if (length <= 0xffff) num_bytes = 2;
395 else if (length <= 0xffffff) num_bytes = 3;
396 else num_bytes = 4;
397
398 buffer_append_byte( buffer, 0x80 | num_bytes );
399 while (num_bytes--) buffer_append_byte( buffer, length >> (num_bytes * 8) );
400 }
401
402 static void buffer_append_asn1_integer( struct buffer *buffer, BYTE *data, DWORD len )
403 {
404 DWORD leading_zero = (*data & 0x80) != 0;
405
406 buffer_append_byte( buffer, 0x02 ); /* tag */
407 buffer_append_asn1_length( buffer, len + leading_zero );
408 if (leading_zero) buffer_append_byte( buffer, 0 );
409 buffer_append( buffer, data, len );
410 }
411
412 static void buffer_append_asn1_sequence( struct buffer *buffer, struct buffer *content )
413 {
414 if (content->error)
415 {
416 buffer->error = TRUE;
417 return;
418 }
419
420 buffer_append_byte( buffer, 0x30 ); /* tag */
421 buffer_append_asn1_length( buffer, content->pos );
422 buffer_append( buffer, content->buffer, content->pos );
423 }
424
425 static void buffer_append_asn1_r_s( struct buffer *buffer, BYTE *r, DWORD r_len, BYTE *s, DWORD s_len )
426 {
427 struct buffer value;
428
429 buffer_init( &value );
430 buffer_append_asn1_integer( &value, r, r_len );
431 buffer_append_asn1_integer( &value, s, s_len );
432 buffer_append_asn1_sequence( buffer, &value );
433 buffer_free( &value );
434 }
435
436 static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
437 {
438 switch (key->alg_id)
439 {
440 case ALG_ID_3DES:
441 WARN( "handle block size\n" );
442 switch (key->u.s.mode)
443 {
444 case MODE_ID_CBC:
445 return GNUTLS_CIPHER_3DES_CBC;
446 default:
447 break;
448 }
449 FIXME( "3DES mode %u with key length %u not supported\n", key->u.s.mode, key->u.s.secret_len );
450 return GNUTLS_CIPHER_UNKNOWN;
451
452 case ALG_ID_AES:
453 WARN( "handle block size\n" );
454 switch (key->u.s.mode)
455 {
456 case MODE_ID_GCM:
457 if (key->u.s.secret_len == 16) return GNUTLS_CIPHER_AES_128_GCM;
458 if (key->u.s.secret_len == 32) return GNUTLS_CIPHER_AES_256_GCM;
459 break;
460 case MODE_ID_ECB: /* can be emulated with CBC + empty IV */
461 case MODE_ID_CBC:
462 if (key->u.s.secret_len == 16) return GNUTLS_CIPHER_AES_128_CBC;
463 if (key->u.s.secret_len == 24) return GNUTLS_CIPHER_AES_192_CBC;
464 if (key->u.s.secret_len == 32) return GNUTLS_CIPHER_AES_256_CBC;
465 break;
466 default:
467 break;
468 }
469 FIXME( "AES mode %u with key length %u not supported\n", key->u.s.mode, key->u.s.secret_len );
470 return GNUTLS_CIPHER_UNKNOWN;
471
472 default:
473 FIXME( "algorithm %u not supported\n", key->alg_id );
474 return GNUTLS_CIPHER_UNKNOWN;
475 }
476 }
477
478 static NTSTATUS key_symmetric_vector_reset( void *args )
479 {
480 struct key *key = args;
481
482 if (!key_data(key)->cipher) return STATUS_SUCCESS;
483 TRACE( "invalidating cipher handle\n" );
484 pgnutls_cipher_deinit( key_data(key)->cipher );
485 key_data(key)->cipher = NULL;
486 return STATUS_SUCCESS;
487 }
488
489 static NTSTATUS init_cipher_handle( struct key *key )
490 {
491 gnutls_cipher_algorithm_t cipher;
492 gnutls_datum_t secret, vector;
493 int ret;
494
495 if (key_data(key)->cipher) return STATUS_SUCCESS;
496 if ((cipher = get_gnutls_cipher( key )) == GNUTLS_CIPHER_UNKNOWN) return STATUS_NOT_SUPPORTED;
497
498 secret.data = key->u.s.secret;
499 secret.size = key->u.s.secret_len;
500
501 vector.data = key->u.s.vector;
502 vector.size = key->u.s.vector_len;
503
504 if ((ret = pgnutls_cipher_init( &key_data(key)->cipher, cipher, &secret, key->u.s.vector ? &vector : NULL )))
505 {
506 pgnutls_perror( ret );
507 return STATUS_INTERNAL_ERROR;
508 }
509
510 return STATUS_SUCCESS;
511 }
512
513 static NTSTATUS key_symmetric_set_auth_data( void *args )
514 {
515 const struct key_symmetric_set_auth_data_params *params = args;
516 NTSTATUS status;
517 int ret;
518
519 if (!params->auth_data) return STATUS_SUCCESS;
520 if ((status = init_cipher_handle( params->key ))) return status;
521
522 if ((ret = pgnutls_cipher_add_auth( key_data(params->key)->cipher, params->auth_data, params->len )))
523 {
524 pgnutls_perror( ret );
525 return STATUS_INTERNAL_ERROR;
526 }
527 return STATUS_SUCCESS;
528 }
529
530 static NTSTATUS key_symmetric_encrypt( void *args )
531 {
532 const struct key_symmetric_encrypt_params *params = args;
533 NTSTATUS status;
534 int ret;
535
536 if ((status = init_cipher_handle( params->key ))) return status;
537
538 if ((ret = pgnutls_cipher_encrypt2( key_data(params->key)->cipher, params->input, params->input_len,
539 params->output, params->output_len )))
540 {
541 pgnutls_perror( ret );
542 return STATUS_INTERNAL_ERROR;
543 }
544 return STATUS_SUCCESS;
545 }
546
547 static NTSTATUS key_symmetric_decrypt( void *args )
548 {
549 const struct key_symmetric_decrypt_params *params = args;
550 NTSTATUS status;
551 int ret;
552
553 if ((status = init_cipher_handle( params->key ))) return status;
554
555 if ((ret = pgnutls_cipher_decrypt2( key_data(params->key)->cipher, params->input, params->input_len,
556 params->output, params->output_len )))
557 {
558 pgnutls_perror( ret );
559 return STATUS_INTERNAL_ERROR;
560 }
561 return STATUS_SUCCESS;
562 }
563
564 static NTSTATUS key_symmetric_get_tag( void *args )
565 {
566 const struct key_symmetric_get_tag_params *params = args;
567 NTSTATUS status;
568 int ret;
569
570 if ((status = init_cipher_handle( params->key ))) return status;
571
572 if ((ret = pgnutls_cipher_tag( key_data(params->key)->cipher, params->tag, params->len )))
573 {
574 pgnutls_perror( ret );
575 return STATUS_INTERNAL_ERROR;
576 }
577 return STATUS_SUCCESS;
578 }
579
580 static NTSTATUS key_symmetric_destroy( void *args )
581 {
582 struct key *key = args;
583
584 if (key_data(key)->cipher) pgnutls_cipher_deinit( key_data(key)->cipher );
585 return STATUS_SUCCESS;
586 }
587
588 static ULONG export_gnutls_datum( UCHAR *buffer, ULONG buflen, gnutls_datum_t *d, BOOL zero_pad )
589 {
590 ULONG size = d->size;
591 UCHAR *src = d->data;
592 ULONG offset = 0;
593
594 assert( size <= buflen + 1 );
595 if (size == buflen + 1)
596 {
597 assert( !src[0] );
598 src++;
599 size--;
600 }
601 if (zero_pad)
602 {
603 offset = buflen - size;
604 if (buffer) memset( buffer, 0, offset );
605 size = buflen;
606 }
607
608 if (buffer) memcpy( buffer + offset, src, size );
609 return size;
610 }
611
612 #define EXPORT_SIZE(d,f,p) export_gnutls_datum( NULL, bitlen / f, &d, p )
613 static NTSTATUS export_gnutls_pubkey_rsa( gnutls_privkey_t gnutls_key, ULONG bitlen, void *pubkey, ULONG *pubkey_len )
614 {
615 BCRYPT_RSAKEY_BLOB *rsa_blob = pubkey;
616 gnutls_datum_t m, e;
617 UCHAR *dst;
618 int ret;
619
620 if ((ret = pgnutls_privkey_export_rsa_raw( gnutls_key, &m, &e, NULL, NULL, NULL, NULL, NULL, NULL )))
621 {
622 pgnutls_perror( ret );
623 return STATUS_INTERNAL_ERROR;
624 }
625
626 if (*pubkey_len < sizeof(*rsa_blob) + EXPORT_SIZE(e,8,0) + EXPORT_SIZE(m,8,1))
627 {
628 FIXME( "wrong pubkey len %u\n", *pubkey_len );
629 pgnutls_perror( ret );
630 free( e.data ); free( m.data );
631 return STATUS_BUFFER_TOO_SMALL;
632 }
633
634 dst = (UCHAR *)(rsa_blob + 1);
635 rsa_blob->cbPublicExp = export_gnutls_datum( dst, bitlen / 8, &e, 0 );
636
637 dst += rsa_blob->cbPublicExp;
638 rsa_blob->cbModulus = export_gnutls_datum( dst, bitlen / 8, &m, 1 );
639
640 rsa_blob->Magic = BCRYPT_RSAPUBLIC_MAGIC;
641 rsa_blob->BitLength = bitlen;
642 rsa_blob->cbPrime1 = 0;
643 rsa_blob->cbPrime2 = 0;
644
645 *pubkey_len = sizeof(*rsa_blob) + rsa_blob->cbPublicExp + rsa_blob->cbModulus;
646
647 free( e.data ); free( m.data );
648 return STATUS_SUCCESS;
649 }
650
651 static NTSTATUS export_gnutls_pubkey_ecc( gnutls_privkey_t gnutls_key, enum alg_id alg_id, void *pubkey,
652 ULONG *pubkey_len )
653 {
654 BCRYPT_ECCKEY_BLOB *ecc_blob = pubkey;
655 gnutls_ecc_curve_t curve;
656 gnutls_datum_t x, y;
657 DWORD magic, size;
658 UCHAR *dst;
659 int ret;
660
661 switch (alg_id)
662 {
663 case ALG_ID_ECDH_P256:
664 magic = BCRYPT_ECDH_PUBLIC_P256_MAGIC;
665 size = 32;
666 break;
667 case ALG_ID_ECDSA_P256:
668 magic = BCRYPT_ECDSA_PUBLIC_P256_MAGIC;
669 size = 32;
670 break;
671 default:
672 FIXME( "algorithm %u not supported\n", alg_id );
673 return STATUS_NOT_IMPLEMENTED;
674 }
675
676 if ((ret = pgnutls_privkey_export_ecc_raw( gnutls_key, &curve, &x, &y, NULL )))
677 {
678 pgnutls_perror( ret );
679 return STATUS_INTERNAL_ERROR;
680 }
681
682 if (curve != GNUTLS_ECC_CURVE_SECP256R1)
683 {
684 FIXME( "curve %u not supported\n", curve );
685 free( x.data ); free( y.data );
686 return STATUS_NOT_IMPLEMENTED;
687 }
688
689 if (*pubkey_len < sizeof(*ecc_blob) + size * 2)
690 {
691 FIXME( "wrong pubkey len %u / %u\n", *pubkey_len, (ULONG)sizeof(*ecc_blob) + size * 2 );
692 pgnutls_perror( ret );
693 free( x.data ); free( y.data );
694 return STATUS_BUFFER_TOO_SMALL;
695 }
696
697 ecc_blob->dwMagic = magic;
698 ecc_blob->cbKey = size;
699
700 dst = (UCHAR *)(ecc_blob + 1);
701 export_gnutls_datum( dst, size, &x, 1 );
702
703 dst += size;
704 export_gnutls_datum( dst, size, &y, 1 );
705
706 *pubkey_len = sizeof(*ecc_blob) + ecc_blob->cbKey * 2;
707
708 free( x.data ); free( y.data );
709 return STATUS_SUCCESS;
710 }
711
712 static NTSTATUS export_gnutls_pubkey_dsa( gnutls_privkey_t gnutls_key, ULONG bitlen, void *pubkey, ULONG *pubkey_len )
713 {
714 BCRYPT_DSA_KEY_BLOB *dsa_blob = pubkey;
715 gnutls_datum_t p, q, g, y;
716 UCHAR *dst;
717 int ret;
718
719 if ((ret = pgnutls_privkey_export_dsa_raw( gnutls_key, &p, &q, &g, &y, NULL )))
720 {
721 pgnutls_perror( ret );
722 return STATUS_INTERNAL_ERROR;
723 }
724
725 if (bitlen > 1024)
726 {
727 FIXME( "bitlen > 1024 not supported\n" );
728 return STATUS_NOT_IMPLEMENTED;
729 }
730
731 if (*pubkey_len < sizeof(*dsa_blob) + bitlen / 8 * 3)
732 {
733 FIXME( "wrong pubkey len %u / %u\n", *pubkey_len, (ULONG)sizeof(*dsa_blob) + bitlen / 8 * 3 );
734 pgnutls_perror( ret );
735 free( p.data ); free( q.data ); free( g.data ); free( y.data );
736 return STATUS_NO_MEMORY;
737 }
738
739 dst = (UCHAR *)(dsa_blob + 1);
740 export_gnutls_datum( dst, bitlen / 8, &p, 1 );
741
742 dst += bitlen / 8;
743 export_gnutls_datum( dst, bitlen / 8, &g, 1 );
744
745 dst += bitlen / 8;
746 export_gnutls_datum( dst, bitlen / 8, &y, 1 );
747
748 dst = dsa_blob->q;
749 export_gnutls_datum( dst, sizeof(dsa_blob->q), &q, 1 );
750
751 dsa_blob->dwMagic = BCRYPT_DSA_PUBLIC_MAGIC;
752 dsa_blob->cbKey = bitlen / 8;
753 memset( dsa_blob->Count, 0, sizeof(dsa_blob->Count) ); /* FIXME */
754 memset( dsa_blob->Seed, 0, sizeof(dsa_blob->Seed) ); /* FIXME */
755
756 *pubkey_len = sizeof(*dsa_blob) + dsa_blob->cbKey * 3;
757
758 free( p.data ); free( q.data ); free( g.data ); free( y.data );
759 return STATUS_SUCCESS;
760 }
761
762 static void reverse_bytes( UCHAR *buf, ULONG len )
763 {
764 unsigned int i;
765 UCHAR tmp;
766
767 for (i = 0; i < len / 2; ++i)
768 {
769 tmp = buf[i];
770 buf[i] = buf[len - i - 1];
771 buf[len - i - 1] = tmp;
772 }
773 }
774
775 #define Q_SIZE 20
776 static NTSTATUS export_gnutls_pubkey_dsa_capi( gnutls_privkey_t gnutls_key, const DSSSEED *seed, ULONG bitlen,
777 void *pubkey, ULONG *pubkey_len )
778 {
779 BLOBHEADER *hdr = pubkey;
780 DSSPUBKEY *dsskey;
781 gnutls_datum_t p, q, g, y;
782 UCHAR *dst;
783 int ret, size = sizeof(*hdr) + sizeof(*dsskey) + sizeof(*seed);
784
785 if (bitlen > 1024)
786 {
787 FIXME( "bitlen > 1024 not supported\n" );
788 return STATUS_NOT_IMPLEMENTED;
789 }
790
791 if ((ret = pgnutls_privkey_export_dsa_raw( gnutls_key, &p, &q, &g, &y, NULL )))
792 {
793 pgnutls_perror( ret );
794 return STATUS_INTERNAL_ERROR;
795 }
796
797 if (*pubkey_len < size + bitlen / 8 * 3 + Q_SIZE)
798 {
799 FIXME( "wrong pubkey len %u / %u\n", *pubkey_len, size + bitlen / 8 * 3 + Q_SIZE );
800 pgnutls_perror( ret );
801 free( p.data ); free( q.data ); free( g.data ); free( y.data );
802 return STATUS_NO_MEMORY;
803 }
804
805 hdr->bType = PUBLICKEYBLOB;
806 hdr->bVersion = 2;
807 hdr->reserved = 0;
808 hdr->aiKeyAlg = CALG_DSS_SIGN;
809
810 dsskey = (DSSPUBKEY *)(hdr + 1);
811 dsskey->magic = MAGIC_DSS1;
812 dsskey->bitlen = bitlen;
813
814 dst = (UCHAR *)(dsskey + 1);
815 export_gnutls_datum( dst, bitlen / 8, &p, 1 );
816 reverse_bytes( dst, bitlen / 8 );
817 dst += bitlen / 8;
818
819 export_gnutls_datum( dst, Q_SIZE, &q, 1 );
820 reverse_bytes( dst, Q_SIZE );
821 dst += Q_SIZE;
822
823 export_gnutls_datum( dst, bitlen / 8, &g, 1 );
824 reverse_bytes( dst, bitlen / 8 );
825 dst += bitlen / 8;
826
827 export_gnutls_datum( dst, bitlen / 8, &y, 1 );
828 reverse_bytes( dst, bitlen / 8 );
829 dst += bitlen / 8;
830
831 memcpy( dst, seed, sizeof(*seed) );
832
833 *pubkey_len = size + bitlen / 8 * 3 + Q_SIZE;
834
835 free( p.data ); free( q.data ); free( g.data ); free( y.data );
836 return STATUS_SUCCESS;
837 }
838
839 static NTSTATUS key_asymmetric_generate( void *args )
840 {
841 struct key *key = args;
842 gnutls_pk_algorithm_t pk_alg;
843 gnutls_privkey_t handle;
844 unsigned int bitlen;
845 NTSTATUS status;
846 int ret;
847
848 if (!libgnutls_handle) return STATUS_INTERNAL_ERROR;
849
850 switch (key->alg_id)
851 {
852 case ALG_ID_RSA:
853 case ALG_ID_RSA_SIGN:
854 pk_alg = GNUTLS_PK_RSA;
855 bitlen = key->u.a.bitlen;
856 break;
857
858 case ALG_ID_DSA:
859 pk_alg = GNUTLS_PK_DSA;
860 bitlen = key->u.a.bitlen;
861 break;
862
863 case ALG_ID_ECDH_P256:
864 case ALG_ID_ECDSA_P256:
865 pk_alg = GNUTLS_PK_ECC; /* compatible with ECDSA and ECDH */
866 bitlen = GNUTLS_CURVE_TO_BITS( GNUTLS_ECC_CURVE_SECP256R1 );
867 break;
868
869 default:
870 FIXME( "algorithm %u not supported\n", key->alg_id );
871 return STATUS_NOT_SUPPORTED;
872 }
873
874 if ((ret = pgnutls_privkey_init( &handle )))
875 {
876 pgnutls_perror( ret );
877 return STATUS_INTERNAL_ERROR;
878 }
879
880 if ((ret = pgnutls_privkey_generate( handle, pk_alg, bitlen, 0 )))
881 {
882 pgnutls_perror( ret );
883 pgnutls_privkey_deinit( handle );
884 return STATUS_INTERNAL_ERROR;
885 }
886
887 switch (pk_alg)
888 {
889 case GNUTLS_PK_RSA:
890 status = export_gnutls_pubkey_rsa( handle, key->u.a.bitlen, key->u.a.pubkey, &key->u.a.pubkey_len );
891 break;
892
893 case GNUTLS_PK_ECC:
894 status = export_gnutls_pubkey_ecc( handle, key->alg_id, key->u.a.pubkey, &key->u.a.pubkey_len );
895 break;
896
897 case GNUTLS_PK_DSA:
898 status = export_gnutls_pubkey_dsa( handle, key->u.a.bitlen, key->u.a.pubkey, &key->u.a.pubkey_len );
899 break;
900
901 default:
902 ERR( "unhandled algorithm %u\n", pk_alg );
903 return STATUS_INTERNAL_ERROR;
904 }
905
906 if (status)
907 {
908 pgnutls_privkey_deinit( handle );
909 return status;
910 }
911
912 key_data(key)->privkey = handle;
913 return STATUS_SUCCESS;
914 }
915
916 static NTSTATUS key_export_ecc( void *args )
917 {
918 const struct key_export_params *params = args;
919 struct key *key = params->key;
920 BCRYPT_ECCKEY_BLOB *ecc_blob;
921 gnutls_ecc_curve_t curve;
922 gnutls_datum_t x, y, d;
923 DWORD magic, size;
924 UCHAR *dst;
925 int ret;
926
927 switch (key->alg_id)
928 {
929 case ALG_ID_ECDH_P256:
930 magic = BCRYPT_ECDH_PRIVATE_P256_MAGIC;
931 size = 32;
932 break;
933 case ALG_ID_ECDSA_P256:
934 magic = BCRYPT_ECDSA_PRIVATE_P256_MAGIC;
935 size = 32;
936 break;
937
938 default:
939 FIXME( "algorithm %u does not yet support exporting ecc blob\n", key->alg_id );
940 return STATUS_NOT_IMPLEMENTED;
941 }
942
943 if ((ret = pgnutls_privkey_export_ecc_raw( key_data(key)->privkey, &curve, &x, &y, &d )))
944 {
945 pgnutls_perror( ret );
946 return STATUS_INTERNAL_ERROR;
947 }
948
949 if (curve != GNUTLS_ECC_CURVE_SECP256R1)
950 {
951 FIXME( "curve %u not supported\n", curve );
952 free( x.data ); free( y.data ); free( d.data );
953 return STATUS_NOT_IMPLEMENTED;
954 }
955
956 *params->ret_len = sizeof(*ecc_blob) + size * 3;
957 if (params->len >= *params->ret_len && params->buf)
958 {
959 ecc_blob = (BCRYPT_ECCKEY_BLOB *)params->buf;
960 ecc_blob->dwMagic = magic;
961 ecc_blob->cbKey = size;
962
963 dst = (UCHAR *)(ecc_blob + 1);
964 export_gnutls_datum( dst, size, &x, 1 );
965 dst += size;
966
967 export_gnutls_datum( dst, size, &y, 1 );
968 dst += size;
969
970 export_gnutls_datum( dst, size, &d, 1 );
971 }
972
973 free( x.data ); free( y.data ); free( d.data );
974 return STATUS_SUCCESS;
975 }
976
977 static NTSTATUS key_import_ecc( void *args )
978 {
979 const struct key_import_params *params = args;
980 struct key *key = params->key;
981 BCRYPT_ECCKEY_BLOB *ecc_blob;
982 gnutls_ecc_curve_t curve;
983 gnutls_privkey_t handle;
984 gnutls_datum_t x, y, k;
985 NTSTATUS status;
986 int ret;
987
988 switch (key->alg_id)
989 {
990 case ALG_ID_ECDH_P256:
991 case ALG_ID_ECDSA_P256:
992 curve = GNUTLS_ECC_CURVE_SECP256R1;
993 break;
994
995 default:
996 FIXME( "algorithm %u not yet supported\n", key->alg_id );
997 return STATUS_NOT_IMPLEMENTED;
998 }
999
1000 if ((ret = pgnutls_privkey_init( &handle )))
1001 {
1002 pgnutls_perror( ret );
1003 return STATUS_INTERNAL_ERROR;
1004 }
1005
1006 ecc_blob = (BCRYPT_ECCKEY_BLOB *)params->buf;
1007 x.data = (unsigned char *)(ecc_blob + 1);
1008 x.size = ecc_blob->cbKey;
1009 y.data = x.data + ecc_blob->cbKey;
1010 y.size = ecc_blob->cbKey;
1011 k.data = y.data + ecc_blob->cbKey;
1012 k.size = ecc_blob->cbKey;
1013
1014 if ((ret = pgnutls_privkey_import_ecc_raw( handle, curve, &x, &y, &k )))
1015 {
1016 pgnutls_perror( ret );
1017 pgnutls_privkey_deinit( handle );
1018 return STATUS_INTERNAL_ERROR;
1019 }
1020
1021 if ((status = export_gnutls_pubkey_ecc( handle, key->alg_id, key->u.a.pubkey, &key->u.a.pubkey_len )))
1022 {
1023 pgnutls_privkey_deinit( handle );
1024 return status;
1025 }
1026
1027 key_data(key)->privkey = handle;
1028 return STATUS_SUCCESS;
1029 }
1030
1031 static NTSTATUS key_export_rsa( void *args )
1032 {
1033 const struct key_export_params *params = args;
1034 struct key *key = params->key;
1035 BCRYPT_RSAKEY_BLOB *rsa_blob;
1036 gnutls_datum_t m, e, d, p, q, u, e1, e2;
1037 ULONG bitlen = key->u.a.bitlen;
1038 UCHAR *dst;
1039 int ret;
1040
1041 if ((ret = pgnutls_privkey_export_rsa_raw( key_data(key)->privkey, &m, &e, &d, &p, &q, &u, &e1, &e2 )))
1042 {
1043 pgnutls_perror( ret );
1044 return STATUS_INTERNAL_ERROR;
1045 }
1046
1047 *params->ret_len = sizeof(*rsa_blob) + EXPORT_SIZE(e,8,0) + EXPORT_SIZE(m,8,1) + EXPORT_SIZE(p,16,1) + EXPORT_SIZE(q,16,1);
1048 if (params->full) *params->ret_len += EXPORT_SIZE(e1,16,1) + EXPORT_SIZE(e2,16,1) + EXPORT_SIZE(u,16,1) + EXPORT_SIZE(d,8,1);
1049
1050 if (params->len >= *params->ret_len && params->buf)
1051 {
1052 rsa_blob = (BCRYPT_RSAKEY_BLOB *)params->buf;
1053 rsa_blob->Magic = params->full ? BCRYPT_RSAFULLPRIVATE_MAGIC : BCRYPT_RSAPRIVATE_MAGIC;
1054 rsa_blob->BitLength = bitlen;
1055
1056 dst = (UCHAR *)(rsa_blob + 1);
1057 rsa_blob->cbPublicExp = export_gnutls_datum( dst, bitlen / 8, &e, 0 );
1058
1059 dst += rsa_blob->cbPublicExp;
1060 rsa_blob->cbModulus = export_gnutls_datum( dst, bitlen / 8, &m, 1 );
1061
1062 dst += rsa_blob->cbModulus;
1063 rsa_blob->cbPrime1 = export_gnutls_datum( dst, bitlen / 16, &p, 1 );
1064
1065 dst += rsa_blob->cbPrime1;
1066 rsa_blob->cbPrime2 = export_gnutls_datum( dst, bitlen / 16, &q, 1 );
1067
1068 if (params->full)
1069 {
1070 dst += rsa_blob->cbPrime2;
1071 export_gnutls_datum( dst, bitlen / 16, &e1, 1 );
1072
1073 dst += rsa_blob->cbPrime1;
1074 export_gnutls_datum( dst, bitlen / 16, &e2, 1 );
1075
1076 dst += rsa_blob->cbPrime2;
1077 export_gnutls_datum( dst, bitlen / 16, &u, 1 );
1078
1079 dst += rsa_blob->cbPrime1;
1080 export_gnutls_datum( dst, bitlen / 8, &d, 1 );
1081 }
1082 }
1083
1084 free( m.data ); free( e.data ); free( d.data ); free( p.data ); free( q.data ); free( u.data );
1085 free( e1.data ); free( e2.data );
1086 return STATUS_SUCCESS;
1087 }
1088
1089 static NTSTATUS key_import_rsa( void *args )
1090 {
1091 const struct key_import_params *params = args;
1092 BCRYPT_RSAKEY_BLOB *rsa_blob = (BCRYPT_RSAKEY_BLOB *)params->buf;
1093 gnutls_datum_t m, e, p, q;
1094 gnutls_privkey_t handle;
1095 int ret;
1096
1097 if ((ret = pgnutls_privkey_init( &handle )))
1098 {
1099 pgnutls_perror( ret );
1100 return STATUS_INTERNAL_ERROR;
1101 }
1102
1103 e.data = (unsigned char *)(rsa_blob + 1);
1104 e.size = rsa_blob->cbPublicExp;
1105 m.data = e.data + e.size;
1106 m.size = rsa_blob->cbModulus;
1107 p.data = m.data + m.size;
1108 p.size = rsa_blob->cbPrime1;
1109 q.data = p.data + p.size;
1110 q.size = rsa_blob->cbPrime2;
1111
1112 if ((ret = pgnutls_privkey_import_rsa_raw( handle, &m, &e, NULL, &p, &q, NULL, NULL, NULL )))
1113 {
1114 pgnutls_perror( ret );
1115 pgnutls_privkey_deinit( handle );
1116 return STATUS_INTERNAL_ERROR;
1117 }
1118
1119 key_data(params->key)->privkey = handle;
1120 return STATUS_SUCCESS;
1121 }
1122
1123 static NTSTATUS key_export_dsa_capi( void *args )
1124 {
1125 const struct key_export_params *params = args;
1126 struct key *key = params->key;
1127 BLOBHEADER *hdr;
1128 DSSPUBKEY *pubkey;
1129 gnutls_datum_t p, q, g, y, x;
1130 UCHAR *dst;
1131 int ret, size;
1132
1133 if ((ret = pgnutls_privkey_export_dsa_raw( key_data(key)->privkey, &p, &q, &g, &y, &x )))
1134 {
1135 pgnutls_perror( ret );
1136 return STATUS_INTERNAL_ERROR;
1137 }
1138
1139 if (q.size > 21 || x.size > 21)
1140 {
1141 ERR( "can't export key in this format\n" );
1142 free( p.data ); free( q.data ); free( g.data ); free( y.data ); free( x.data );
1143 return STATUS_NOT_SUPPORTED;
1144 }
1145
1146 size = key->u.a.bitlen / 8;
1147 *params->ret_len = sizeof(*hdr) + sizeof(*pubkey) + size * 2 + 40 + sizeof(key->u.a.dss_seed);
1148 if (params->len >= *params->ret_len && params->buf)
1149 {
1150 hdr = (BLOBHEADER *)params->buf;
1151 hdr->bType = PRIVATEKEYBLOB;
1152 hdr->bVersion = 2;
1153 hdr->reserved = 0;
1154 hdr->aiKeyAlg = CALG_DSS_SIGN;
1155
1156 pubkey = (DSSPUBKEY *)(hdr + 1);
1157 pubkey->magic = MAGIC_DSS2;
1158 pubkey->bitlen = key->u.a.bitlen;
1159
1160 dst = (UCHAR *)(pubkey + 1);
1161 export_gnutls_datum( dst, size, &p, 1 );
1162 reverse_bytes( dst, size );
1163 dst += size;
1164
1165 export_gnutls_datum( dst, 20, &q, 1 );
1166 reverse_bytes( dst, 20 );
1167 dst += 20;
1168
1169 export_gnutls_datum( dst, size, &g, 1 );
1170 reverse_bytes( dst, size );
1171 dst += size;
1172
1173 export_gnutls_datum( dst, 20, &x, 1 );
1174 reverse_bytes( dst, 20 );
1175 dst += 20;
1176
1177 memcpy( dst, &key->u.a.dss_seed, sizeof(key->u.a.dss_seed) );
1178 }
1179
1180 free( p.data ); free( q.data ); free( g.data ); free( y.data ); free( x.data );
1181 return STATUS_SUCCESS;
1182 }
1183
1184 static NTSTATUS key_import_dsa_capi( void *args )
1185 {
1186 const struct key_import_params *params = args;
1187 struct key *key = params->key;
1188 BLOBHEADER *hdr = (BLOBHEADER *)params->buf;
1189 DSSPUBKEY *pubkey;
1190 gnutls_privkey_t handle;
1191 gnutls_datum_t p, q, g, y, x;
1192 unsigned char dummy[128];
1193 unsigned char *data, p_data[128], q_data[20], g_data[128], x_data[20];
1194 int i, ret, size;
1195 NTSTATUS status;
1196
1197 if ((ret = pgnutls_privkey_init( &handle )))
1198 {
1199 pgnutls_perror( ret );
1200 return STATUS_INTERNAL_ERROR;
1201 }
1202
1203 pubkey = (DSSPUBKEY *)(hdr + 1);
1204 if ((size = pubkey->bitlen / 8) > sizeof(p_data))
1205 {
1206 FIXME( "size %u not supported\n", size );
1207 pgnutls_privkey_deinit( handle );
1208 return STATUS_NOT_SUPPORTED;
1209 }
1210 data = (unsigned char *)(pubkey + 1);
1211
1212 p.data = p_data;
1213 p.size = size;
1214 for (i = 0; i < p.size; i++) p.data[i] = data[p.size - i - 1];
1215 data += p.size;
1216
1217 q.data = q_data;
1218 q.size = sizeof(q_data);
1219 for (i = 0; i < q.size; i++) q.data[i] = data[q.size - i - 1];
1220 data += q.size;
1221
1222 g.data = g_data;
1223 g.size = size;
1224 for (i = 0; i < g.size; i++) g.data[i] = data[g.size - i - 1];
1225 data += g.size;
1226
1227 x.data = x_data;
1228 x.size = sizeof(x_data);
1229 for (i = 0; i < x.size; i++) x.data[i] = data[x.size - i - 1];
1230 data += x.size;
1231
1232 WARN( "using dummy public key\n" );
1233 memset( dummy, 1, sizeof(dummy) );
1234 y.data = dummy;
1235 y.size = min( p.size, sizeof(dummy) );
1236
1237 if ((ret = pgnutls_privkey_import_dsa_raw( handle, &p, &q, &g, &y, &x )))
1238 {
1239 pgnutls_perror( ret );
1240 pgnutls_privkey_deinit( handle );
1241 return STATUS_INTERNAL_ERROR;
1242 }
1243
1244 if ((status = export_gnutls_pubkey_dsa_capi( handle, &key->u.a.dss_seed, key->u.a.bitlen,
1245 key->u.a.pubkey, &key->u.a.pubkey_len )))
1246 {
1247 pgnutls_privkey_deinit( handle );
1248 return status;
1249 }
1250
1251 memcpy( &key->u.a.dss_seed, data, sizeof(key->u.a.dss_seed) );
1252
1253 key->u.a.flags |= KEY_FLAG_LEGACY_DSA_V2;
1254 key_data(key)->privkey = handle;
1255
1256 return STATUS_SUCCESS;
1257 }
1258
1259 static NTSTATUS import_gnutls_pubkey_ecc( struct key *key, gnutls_pubkey_t *gnutls_key )
1260 {
1261 BCRYPT_ECCKEY_BLOB *ecc_blob;
1262 gnutls_ecc_curve_t curve;
1263 gnutls_datum_t x, y;
1264 int ret;
1265
1266 switch (key->alg_id)
1267 {
1268 case ALG_ID_ECDSA_P256: curve = GNUTLS_ECC_CURVE_SECP256R1; break;
1269 case ALG_ID_ECDSA_P384: curve = GNUTLS_ECC_CURVE_SECP384R1; break;
1270
1271 default:
1272 FIXME( "algorithm %u not yet supported\n", key->alg_id );
1273 return STATUS_NOT_IMPLEMENTED;
1274 }
1275
1276 if ((ret = pgnutls_pubkey_init( gnutls_key )))
1277 {
1278 pgnutls_perror( ret );
1279 return STATUS_INTERNAL_ERROR;
1280 }
1281
1282 ecc_blob = (BCRYPT_ECCKEY_BLOB *)key->u.a.pubkey;
1283 x.data = key->u.a.pubkey + sizeof(*ecc_blob);
1284 x.size = ecc_blob->cbKey;
1285 y.data = key->u.a.pubkey + sizeof(*ecc_blob) + ecc_blob->cbKey;
1286 y.size = ecc_blob->cbKey;
1287
1288 if ((ret = pgnutls_pubkey_import_ecc_raw( *gnutls_key, curve, &x, &y )))
1289 {
1290 pgnutls_perror( ret );
1291 pgnutls_pubkey_deinit( *gnutls_key );
1292 return STATUS_INTERNAL_ERROR;
1293 }
1294
1295 return STATUS_SUCCESS;
1296 }
1297
1298 static NTSTATUS import_gnutls_pubkey_rsa( struct key *key, gnutls_pubkey_t *gnutls_key )
1299 {
1300 BCRYPT_RSAKEY_BLOB *rsa_blob;
1301 gnutls_datum_t m, e;
1302 int ret;
1303
1304 if ((ret = pgnutls_pubkey_init( gnutls_key )))
1305 {
1306 pgnutls_perror( ret );
1307 return STATUS_INTERNAL_ERROR;
1308 }
1309
1310 rsa_blob = (BCRYPT_RSAKEY_BLOB *)key->u.a.pubkey;
1311 e.data = key->u.a.pubkey + sizeof(*rsa_blob);
1312 e.size = rsa_blob->cbPublicExp;
1313 m.data = key->u.a.pubkey + sizeof(*rsa_blob) + rsa_blob->cbPublicExp;
1314 m.size = rsa_blob->cbModulus;
1315
1316 if ((ret = pgnutls_pubkey_import_rsa_raw( *gnutls_key, &m, &e )))
1317 {
1318 pgnutls_perror( ret );
1319 pgnutls_pubkey_deinit( *gnutls_key );
1320 return STATUS_INTERNAL_ERROR;
1321 }
1322
1323 return STATUS_SUCCESS;
1324 }
1325
1326 static NTSTATUS import_gnutls_pubkey_dsa( struct key *key, gnutls_pubkey_t *gnutls_key )
1327 {
1328 BCRYPT_DSA_KEY_BLOB *dsa_blob;
1329 gnutls_datum_t p, q, g, y;
1330 int ret;
1331
1332 if ((ret = pgnutls_pubkey_init( gnutls_key )))
1333 {
1334 pgnutls_perror( ret );
1335 return STATUS_INTERNAL_ERROR;
1336 }
1337
1338 dsa_blob = (BCRYPT_DSA_KEY_BLOB *)key->u.a.pubkey;
1339 p.data = key->u.a.pubkey + sizeof(*dsa_blob);
1340 p.size = dsa_blob->cbKey;
1341 q.data = dsa_blob->q;
1342 q.size = sizeof(dsa_blob->q);
1343 g.data = key->u.a.pubkey + sizeof(*dsa_blob) + dsa_blob->cbKey;
1344 g.size = dsa_blob->cbKey;
1345 y.data = key->u.a.pubkey + sizeof(*dsa_blob) + dsa_blob->cbKey * 2;
1346 y.size = dsa_blob->cbKey;
1347
1348 if ((ret = pgnutls_pubkey_import_dsa_raw( *gnutls_key, &p, &q, &g, &y )))
1349 {
1350 pgnutls_perror( ret );
1351 pgnutls_pubkey_deinit( *gnutls_key );
1352 return STATUS_INTERNAL_ERROR;
1353 }
1354
1355 return STATUS_SUCCESS;
1356 }
1357
1358 static NTSTATUS import_gnutls_pubkey_dsa_capi( struct key *key, gnutls_pubkey_t *gnutls_key )
1359 {
1360 BLOBHEADER *hdr;
1361 DSSPUBKEY *pubkey;
1362 gnutls_datum_t p, q, g, y;
1363 unsigned char *data, p_data[128], q_data[20], g_data[128], y_data[128];
1364 int i, ret, size;
1365
1366 if ((ret = pgnutls_pubkey_init( gnutls_key )))
1367 {
1368 pgnutls_perror( ret );
1369 return STATUS_INTERNAL_ERROR;
1370 }
1371
1372 hdr = (BLOBHEADER *)key->u.a.pubkey;
1373 pubkey = (DSSPUBKEY *)(hdr + 1);
1374 size = pubkey->bitlen / 8;
1375 data = (unsigned char *)(pubkey + 1);
1376
1377 p.data = p_data;
1378 p.size = size;
1379 for (i = 0; i < p.size; i++) p.data[i] = data[p.size - i - 1];
1380 data += p.size;
1381
1382 q.data = q_data;
1383 q.size = sizeof(q_data);
1384 for (i = 0; i < q.size; i++) q.data[i] = data[q.size - i - 1];
1385 data += q.size;
1386
1387 g.data = g_data;
1388 g.size = size;
1389 for (i = 0; i < g.size; i++) g.data[i] = data[g.size - i - 1];
1390 data += g.size;
1391
1392 y.data = y_data;
1393 y.size = sizeof(y_data);
1394 for (i = 0; i < y.size; i++) y.data[i] = data[y.size - i - 1];
1395
1396 if ((ret = pgnutls_pubkey_import_dsa_raw( *gnutls_key, &p, &q, &g, &y )))
1397 {
1398 pgnutls_perror( ret );
1399 pgnutls_pubkey_deinit( *gnutls_key );
1400 return STATUS_INTERNAL_ERROR;
1401 }
1402
1403 return STATUS_SUCCESS;
1404 }
1405
1406 static NTSTATUS import_gnutls_pubkey( struct key *key, gnutls_pubkey_t *gnutls_key )
1407 {
1408 switch (key->alg_id)
1409 {
1410 case ALG_ID_ECDSA_P256:
1411 case ALG_ID_ECDSA_P384:
1412 return import_gnutls_pubkey_ecc( key, gnutls_key );
1413
1414 case ALG_ID_RSA:
1415 case ALG_ID_RSA_SIGN:
1416 return import_gnutls_pubkey_rsa( key, gnutls_key );
1417
1418 case ALG_ID_DSA:
1419 if (key->u.a.flags & KEY_FLAG_LEGACY_DSA_V2)
1420 return import_gnutls_pubkey_dsa_capi( key, gnutls_key );
1421 else
1422 return import_gnutls_pubkey_dsa( key, gnutls_key );
1423
1424 default:
1425 FIXME("algorithm %u not yet supported\n", key->alg_id );
1426 return STATUS_NOT_IMPLEMENTED;
1427 }
1428 }
1429
1430 static NTSTATUS prepare_gnutls_signature_dsa( struct key *key, UCHAR *signature, ULONG signature_len,
1431 gnutls_datum_t *gnutls_signature )
1432 {
1433 struct buffer buffer;
1434 DWORD r_len = signature_len / 2;
1435 DWORD s_len = r_len;
1436 BYTE *r = signature;
1437 BYTE *s = signature + r_len;
1438
1439 buffer_init( &buffer );
1440 buffer_append_asn1_r_s( &buffer, r, r_len, s, s_len );
1441 if (buffer.error)
1442 {
1443 buffer_free( &buffer );
1444 return STATUS_NO_MEMORY;
1445 }
1446
1447 gnutls_signature->data = buffer.buffer;
1448 gnutls_signature->size = buffer.pos;
1449 return STATUS_SUCCESS;
1450 }
1451
1452 static NTSTATUS prepare_gnutls_signature_rsa( struct key *key, UCHAR *signature, ULONG signature_len,
1453 gnutls_datum_t *gnutls_signature )
1454 {
1455 gnutls_signature->data = signature;
1456 gnutls_signature->size = signature_len;
1457 return STATUS_SUCCESS;
1458 }
1459
1460 static NTSTATUS prepare_gnutls_signature( struct key *key, UCHAR *signature, ULONG signature_len,
1461 gnutls_datum_t *gnutls_signature )
1462 {
1463 switch (key->alg_id)
1464 {
1465 case ALG_ID_ECDSA_P256:
1466 case ALG_ID_ECDSA_P384:
1467 case ALG_ID_DSA:
1468 return prepare_gnutls_signature_dsa( key, signature, signature_len, gnutls_signature );
1469
1470 case ALG_ID_RSA:
1471 case ALG_ID_RSA_SIGN:
1472 return prepare_gnutls_signature_rsa( key, signature, signature_len, gnutls_signature );
1473
1474 default:
1475 FIXME( "algorithm %u not yet supported\n", key->alg_id );
1476 return STATUS_NOT_IMPLEMENTED;
1477 }
1478 }
1479
1480 static gnutls_digest_algorithm_t get_digest_from_id( const WCHAR *alg_id )
1481 {
1482 if (!wcscmp( alg_id, BCRYPT_SHA1_ALGORITHM )) return GNUTLS_DIG_SHA1;
1483 if (!wcscmp( alg_id, BCRYPT_SHA256_ALGORITHM )) return GNUTLS_DIG_SHA256;
1484 if (!wcscmp( alg_id, BCRYPT_SHA384_ALGORITHM )) return GNUTLS_DIG_SHA384;
1485 if (!wcscmp( alg_id, BCRYPT_SHA512_ALGORITHM )) return GNUTLS_DIG_SHA512;
1486 if (!wcscmp( alg_id, BCRYPT_MD2_ALGORITHM )) return GNUTLS_DIG_MD2;
1487 if (!wcscmp( alg_id, BCRYPT_MD5_ALGORITHM )) return GNUTLS_DIG_MD5;
1488 return -1;
1489 }
1490
1491 static NTSTATUS key_asymmetric_verify( void *args )
1492 {
1493 const struct key_asymmetric_verify_params *params = args;
1494 struct key *key = params->key;
1495 ULONG flags = params->flags;
1496 gnutls_digest_algorithm_t hash_alg;
1497 gnutls_sign_algorithm_t sign_alg;
1498 gnutls_datum_t gnutls_hash, gnutls_signature;
1499 gnutls_pk_algorithm_t pk_alg;
1500 gnutls_pubkey_t gnutls_key;
1501 NTSTATUS status;
1502 int ret;
1503
1504 switch (key->alg_id)
1505 {
1506 case ALG_ID_ECDSA_P256:
1507 case ALG_ID_ECDSA_P384:
1508 {
1509 if (flags) FIXME( "flags %08x not supported\n", flags );
1510
1511 /* only the hash size must match, not the actual hash function */
1512 switch (params->hash_len)
1513 {
1514 case 20: hash_alg = GNUTLS_DIG_SHA1; break;
1515 case 32: hash_alg = GNUTLS_DIG_SHA256; break;
1516 case 48: hash_alg = GNUTLS_DIG_SHA384; break;
1517
1518 default:
1519 FIXME( "hash size %u not yet supported\n", params->hash_len );
1520 return STATUS_INVALID_SIGNATURE;
1521 }
1522 pk_alg = GNUTLS_PK_ECC;
1523 break;
1524 }
1525 case ALG_ID_RSA:
1526 case ALG_ID_RSA_SIGN:
1527 {
1528 BCRYPT_PKCS1_PADDING_INFO *info = params->padding;
1529
1530 if (!(flags & BCRYPT_PAD_PKCS1) || !info) return STATUS_INVALID_PARAMETER;
1531 if (!info->pszAlgId) return STATUS_INVALID_SIGNATURE;
1532
1533 if ((hash_alg = get_digest_from_id(info->pszAlgId)) == -1)
1534 {
1535 FIXME( "hash algorithm %s not supported\n", debugstr_w(info->pszAlgId) );
1536 return STATUS_NOT_SUPPORTED;
1537 }
1538 pk_alg = GNUTLS_PK_RSA;
1539 break;
1540 }
1541 case ALG_ID_DSA:
1542 {
1543 if (flags) FIXME( "flags %08x not supported\n", flags );
1544 if (params->hash_len != 20)
1545 {
1546 FIXME( "hash size %u not supported\n", params->hash_len );
1547 return STATUS_INVALID_PARAMETER;
1548 }
1549 hash_alg = GNUTLS_DIG_SHA1;
1550 pk_alg = GNUTLS_PK_DSA;
1551 break;
1552 }
1553 default:
1554 FIXME( "algorithm %u not yet supported\n", key->alg_id );
1555 return STATUS_NOT_IMPLEMENTED;
1556 }
1557
1558 if ((sign_alg = pgnutls_pk_to_sign( pk_alg, hash_alg )) == GNUTLS_SIGN_UNKNOWN)
1559 {
1560 FIXME("GnuTLS does not support algorithm %u with hash len %u\n", key->alg_id, params->hash_len );
1561 return STATUS_NOT_IMPLEMENTED;
1562 }
1563
1564 if ((status = import_gnutls_pubkey( key, &gnutls_key ))) return status;
1565 if ((status = prepare_gnutls_signature( key, params->signature, params->signature_len, &gnutls_signature )))
1566 {
1567 pgnutls_pubkey_deinit( gnutls_key );
1568 return status;
1569 }
1570
1571 gnutls_hash.data = params->hash;
1572 gnutls_hash.size = params->hash_len;
1573 ret = pgnutls_pubkey_verify_hash2( gnutls_key, sign_alg, 0, &gnutls_hash, &gnutls_signature );
1574
1575 if (gnutls_signature.data != params->signature) free( gnutls_signature.data );
1576 pgnutls_pubkey_deinit( gnutls_key );
1577 return (ret < 0) ? STATUS_INVALID_SIGNATURE : STATUS_SUCCESS;
1578 }
1579
1580 static unsigned int get_signature_length( enum alg_id id )
1581 {
1582 switch (id)
1583 {
1584 case ALG_ID_ECDSA_P256: return 64;
1585 case ALG_ID_ECDSA_P384: return 96;
1586 case ALG_ID_DSA: return 40;
1587 default:
1588 FIXME( "unhandled algorithm %u\n", id );
1589 return 0;
1590 }
1591 }
1592
1593 static NTSTATUS format_gnutls_signature( enum alg_id type, gnutls_datum_t signature,
1594 UCHAR *output, ULONG output_len, ULONG *ret_len )
1595 {
1596 switch (type)
1597 {
1598 case ALG_ID_RSA:
1599 case ALG_ID_RSA_SIGN:
1600 {
1601 *ret_len = signature.size;
1602 if (output_len < signature.size) return STATUS_BUFFER_TOO_SMALL;
1603 if (output) memcpy( output, signature.data, signature.size );
1604 return STATUS_SUCCESS;
1605 }
1606 case ALG_ID_ECDSA_P256:
1607 case ALG_ID_ECDSA_P384:
1608 case ALG_ID_DSA:
1609 {
1610 int err;
1611 unsigned int sig_len = get_signature_length( type );
1612 gnutls_datum_t r, s; /* format as r||s */
1613
1614 if ((err = pgnutls_decode_rs_value( &signature, &r, &s )))
1615 {
1616 pgnutls_perror( err );
1617 return STATUS_INTERNAL_ERROR;
1618 }
1619
1620 *ret_len = sig_len;
1621 if (output_len < sig_len) return STATUS_BUFFER_TOO_SMALL;
1622
1623 if (r.size > sig_len / 2 + 1 || s.size > sig_len / 2 + 1)
1624 {
1625 ERR( "we didn't get a correct signature\n" );
1626 return STATUS_INTERNAL_ERROR;
1627 }
1628
1629 if (output)
1630 {
1631 export_gnutls_datum( output, sig_len / 2, &r, 1 );
1632 export_gnutls_datum( output + sig_len / 2, sig_len / 2, &s, 1 );
1633 }
1634
1635 free( r.data ); free( s.data );
1636 return STATUS_SUCCESS;
1637 }
1638 default:
1639 return STATUS_INTERNAL_ERROR;
1640 }
1641 }
1642
1643 static NTSTATUS key_asymmetric_sign( void *args )
1644 {
1645 const struct key_asymmetric_sign_params *params = args;
1646 struct key *key = params->key;
1647 ULONG flags = params->flags;
1648 BCRYPT_PKCS1_PADDING_INFO *pad = params->padding;
1649 gnutls_datum_t hash, signature;
1650 gnutls_digest_algorithm_t hash_alg;
1651 NTSTATUS status;
1652 int ret;
1653
1654 if (key->alg_id == ALG_ID_ECDSA_P256 || key->alg_id == ALG_ID_ECDSA_P384)
1655 {
1656 /* With ECDSA, we find the digest algorithm from the hash length, and verify it */
1657 switch (params->input_len)
1658 {
1659 case 20: hash_alg = GNUTLS_DIG_SHA1; break;
1660 case 32: hash_alg = GNUTLS_DIG_SHA256; break;
1661 case 48: hash_alg = GNUTLS_DIG_SHA384; break;
1662 case 64: hash_alg = GNUTLS_DIG_SHA512; break;
1663
1664 default:
1665 FIXME( "hash size %u not yet supported\n", params->input_len );
1666 return STATUS_INVALID_PARAMETER;
1667 }
1668
1669 if (flags == BCRYPT_PAD_PKCS1 && pad && pad->pszAlgId && get_digest_from_id( pad->pszAlgId ) != hash_alg)
1670 {
1671 WARN( "incorrect hashing algorithm %s, expected %u\n", debugstr_w(pad->pszAlgId), hash_alg );
1672 return STATUS_INVALID_PARAMETER;
1673 }
1674 }
1675 else if (key->alg_id == ALG_ID_DSA)
1676 {
1677 if (flags) FIXME( "flags %08x not supported\n", flags );
1678 if (params->input_len != 20)
1679 {
1680 FIXME( "hash size %u not supported\n", params->input_len );
1681 return STATUS_INVALID_PARAMETER;
1682 }
1683 hash_alg = GNUTLS_DIG_SHA1;
1684 }
1685 else if (flags == BCRYPT_PAD_PKCS1)
1686 {
1687 if (!pad || !pad->pszAlgId)
1688 {
1689 WARN( "padding info not found\n" );
1690 return STATUS_INVALID_PARAMETER;
1691 }
1692
1693 if ((hash_alg = get_digest_from_id( pad->pszAlgId )) == -1)
1694 {
1695 FIXME( "hash algorithm %s not recognized\n", debugstr_w(pad->pszAlgId) );
1696 return STATUS_NOT_SUPPORTED;
1697 }
1698 }
1699 else if (!flags)
1700 {
1701 WARN( "invalid flags %08x\n", flags );
1702 return STATUS_INVALID_PARAMETER;
1703 }
1704 else
1705 {
1706 FIXME( "flags %08x not implemented\n", flags );
1707 return STATUS_NOT_IMPLEMENTED;
1708 }
1709
1710 if (!params->input)
1711 {
1712 *params->ret_len = key->u.a.bitlen / 8;
1713 return STATUS_SUCCESS;
1714 }
1715 if (!key_data(key)->privkey) return STATUS_INVALID_PARAMETER;
1716
1717 hash.data = params->input;
1718 hash.size = params->input_len;
1719
1720 signature.data = NULL;
1721 signature.size = 0;
1722
1723 if ((ret = pgnutls_privkey_sign_hash( key_data(key)->privkey, hash_alg, 0, &hash, &signature )))
1724 {
1725 pgnutls_perror( ret );
1726 return STATUS_INTERNAL_ERROR;
1727 }
1728
1729 status = format_gnutls_signature( key->alg_id, signature, params->output,
1730 params->output_len, params->ret_len );
1731
1732 free( signature.data );
1733 return status;
1734 }
1735
1736 static NTSTATUS key_asymmetric_destroy( void *args )
1737 {
1738 struct key *key = args;
1739
1740 if (key_data(key)->privkey) pgnutls_privkey_deinit( key_data(key)->privkey );
1741 return STATUS_SUCCESS;
1742 }
1743
1744 static NTSTATUS key_asymmetric_duplicate( void *args )
1745 {
1746 const struct key_asymmetric_duplicate_params *params = args;
1747 struct key *key_orig = params->key_orig;
1748 struct key *key_copy = params->key_copy;
1749 int ret;
1750
1751 if (!key_data(key_orig)->privkey) return STATUS_SUCCESS;
1752
1753 if ((ret = pgnutls_privkey_init( &key_data(key_copy)->privkey )))
1754 {
1755 pgnutls_perror( ret );
1756 return STATUS_INTERNAL_ERROR;
1757 }
1758
1759 switch (key_orig->alg_id)
1760 {
1761 case ALG_ID_RSA:
1762 case ALG_ID_RSA_SIGN:
1763 {
1764 gnutls_datum_t m, e, d, p, q, u, e1, e2;
1765 if ((ret = pgnutls_privkey_export_rsa_raw( key_data(key_orig)->privkey, &m, &e, &d, &p, &q, &u, &e1, &e2 )))
1766 {
1767 pgnutls_perror( ret );
1768 return STATUS_INTERNAL_ERROR;
1769 }
1770 ret = pgnutls_privkey_import_rsa_raw( key_data(key_copy)->privkey, &m, &e, &d, &p, &q, &u, &e1, &e2 );
1771 free( m.data ); free( e.data ); free( d.data ); free( p.data ); free( q.data ); free( u.data );
1772 free( e1.data ); free( e2.data );
1773 if (ret)
1774 {
1775 pgnutls_perror( ret );
1776 return STATUS_INTERNAL_ERROR;
1777 }
1778 break;
1779 }
1780 case ALG_ID_DSA:
1781 {
1782 gnutls_datum_t p, q, g, y, x;
1783 if ((ret = pgnutls_privkey_export_dsa_raw( key_data(key_orig)->privkey, &p, &q, &g, &y, &x )))
1784 {
1785 pgnutls_perror( ret );
1786 return STATUS_INTERNAL_ERROR;
1787 }
1788 ret = pgnutls_privkey_import_dsa_raw( key_data(key_copy)->privkey, &p, &q, &g, &y, &x );
1789 free( p.data ); free( q.data ); free( g.data ); free( y.data ); free( x.data );
1790 if (ret)
1791 {
1792 pgnutls_perror( ret );
1793 return STATUS_INTERNAL_ERROR;
1794 }
1795 break;
1796 }
1797 case ALG_ID_ECDH_P256:
1798 case ALG_ID_ECDSA_P256:
1799 case ALG_ID_ECDSA_P384:
1800 {
1801 gnutls_ecc_curve_t curve;
1802 gnutls_datum_t x, y, k;
1803 if ((ret = pgnutls_privkey_export_ecc_raw( key_data(key_orig)->privkey, &curve, &x, &y, &k )))
1804 {
1805 pgnutls_perror( ret );
1806 return STATUS_INTERNAL_ERROR;
1807 }
1808 ret = pgnutls_privkey_import_ecc_raw( key_data(key_copy)->privkey, curve, &x, &y, &k );
1809 free( x.data ); free( y.data ); free( k.data );
1810 if (ret)
1811 {
1812 pgnutls_perror( ret );
1813 return STATUS_INTERNAL_ERROR;
1814 }
1815 break;
1816 }
1817 default:
1818 ERR( "unhandled algorithm %u\n", key_orig->alg_id );
1819 return STATUS_INTERNAL_ERROR;
1820 }
1821
1822 return STATUS_SUCCESS;
1823 }
1824
1825 static NTSTATUS key_asymmetric_decrypt( void *args )
1826 {
1827 const struct key_asymmetric_decrypt_params *params = args;
1828 gnutls_datum_t e, d = { 0 };
1829 NTSTATUS status = STATUS_SUCCESS;
1830 int ret;
1831
1832 e.data = params->input;
1833 e.size = params->input_len;
1834 if ((ret = pgnutls_privkey_decrypt_data( key_data(params->key)->privkey, 0, &e, &d )))
1835 {
1836 pgnutls_perror( ret );
1837 return STATUS_INTERNAL_ERROR;
1838 }
1839
1840 *params->ret_len = d.size;
1841 if (params->output_len >= d.size) memcpy( params->output, d.data, *params->ret_len );
1842 else status = STATUS_BUFFER_TOO_SMALL;
1843
1844 free( d.data );
1845 return status;
1846 }
1847
1848 const unixlib_entry_t __wine_unix_call_funcs[] =
1849 {
1850 gnutls_process_attach,
1851 gnutls_process_detach,
1852 key_symmetric_vector_reset,
1853 key_symmetric_set_auth_data,
1854 key_symmetric_encrypt,
1855 key_symmetric_decrypt,
1856 key_symmetric_get_tag,
1857 key_symmetric_destroy,
1858 key_asymmetric_generate,
1859 key_asymmetric_decrypt,
1860 key_asymmetric_duplicate,
1861 key_asymmetric_sign,
1862 key_asymmetric_verify,
1863 key_asymmetric_destroy,
1864 key_export_dsa_capi,
1865 key_export_ecc,
1866 key_export_rsa,
1867 key_import_dsa_capi,
1868 key_import_ecc,
1869 key_import_rsa
1870 };
1871
1872 #ifdef _WIN64
1873
1874 typedef ULONG PTR32;
1875
1876 struct key_symmetric32
1877 {
1878 enum mode_id mode;
1879 ULONG block_size;
1880 PTR32 vector;
1881 ULONG vector_len;
1882 PTR32 secret;
1883 ULONG secret_len;
1884 ULONG __cs[6];
1885 };
1886
1887 struct key_asymmetric32
1888 {
1889 ULONG bitlen; /* ignored for ECC keys */
1890 ULONG flags;
1891 PTR32 pubkey;
1892 ULONG pubkey_len;
1893 DSSSEED dss_seed;
1894 };
1895
1896 struct key32
1897 {
1898 struct object hdr;
1899 enum alg_id alg_id;
1900 UINT64 private[2]; /* private data for backend */
1901 union
1902 {
1903 struct key_symmetric32 s;
1904 struct key_asymmetric32 a;
1905 } u;
1906 };
1907
1908 static struct key *get_symmetric_key( struct key32 *key32, struct key *key )
1909 {
1910 key->hdr = key32->hdr;
1911 key->alg_id = key32->alg_id;
1912 key->private[0] = key32->private[0];
1913 key->private[1] = key32->private[1];
1914 key->u.s.mode = key32->u.s.mode;
1915 key->u.s.block_size = key32->u.s.block_size;
1916 key->u.s.vector = ULongToPtr(key32->u.s.vector);
1917 key->u.s.vector_len = key32->u.s.vector_len;
1918 key->u.s.secret = ULongToPtr(key32->u.s.secret);
1919 key->u.s.secret_len = key32->u.s.secret_len;
1920 return key;
1921 }
1922
1923 static struct key *get_asymmetric_key( struct key32 *key32, struct key *key )
1924 {
1925 key->hdr = key32->hdr;
1926 key->alg_id = key32->alg_id;
1927 key->private[0] = key32->private[0];
1928 key->private[1] = key32->private[1];
1929 key->u.a.bitlen = key32->u.a.bitlen;
1930 key->u.a.flags = key32->u.a.flags;
1931 key->u.a.pubkey = ULongToPtr(key32->u.a.pubkey);
1932 key->u.a.pubkey_len = key32->u.a.pubkey_len;
1933 key->u.a.dss_seed = key32->u.a.dss_seed;
1934 return key;
1935 }
1936
1937 static void put_symmetric_key32( struct key *key, struct key32 *key32 )
1938 {
1939 key32->private[0] = key->private[0];
1940 key32->private[1] = key->private[1];
1941 }
1942
1943 static void put_asymmetric_key32( struct key *key, struct key32 *key32 )
1944 {
1945 key32->private[0] = key->private[0];
1946 key32->private[1] = key->private[1];
1947 key32->u.a.flags = key->u.a.flags;
1948 key32->u.a.pubkey_len = key->u.a.pubkey_len;
1949 key32->u.a.dss_seed = key->u.a.dss_seed;
1950 }
1951
1952 static NTSTATUS wow64_key_symmetric_vector_reset( void *args )
1953 {
1954 NTSTATUS ret;
1955 struct key key;
1956 struct key32 *key32 = args;
1957
1958 ret = key_symmetric_vector_reset( get_symmetric_key( key32, &key ));
1959 put_symmetric_key32( &key, key32 );
1960 return ret;
1961 }
1962
1963 static NTSTATUS wow64_key_symmetric_set_auth_data( void *args )
1964 {
1965 struct
1966 {
1967 PTR32 key;
1968 PTR32 auth_data;
1969 ULONG len;
1970 } const *params32 = args;
1971
1972 NTSTATUS ret;
1973 struct key key;
1974 struct key32 *key32 = ULongToPtr( params32->key );
1975 struct key_symmetric_set_auth_data_params params =
1976 {
1977 get_symmetric_key( key32, &key ),
1978 ULongToPtr(params32->auth_data),
1979 params32->len
1980 };
1981
1982 ret = key_symmetric_set_auth_data( &params );
1983 put_symmetric_key32( &key, key32 );
1984 return ret;
1985 }
1986
1987 static NTSTATUS wow64_key_symmetric_encrypt( void *args )
1988 {
1989 struct
1990 {
1991 PTR32 key;
1992 PTR32 input;
1993 ULONG input_len;
1994 PTR32 output;
1995 ULONG output_len;
1996 } const *params32 = args;
1997
1998 NTSTATUS ret;
1999 struct key key;
2000 struct key32 *key32 = ULongToPtr( params32->key );
2001 struct key_symmetric_encrypt_params params =
2002 {
2003 get_symmetric_key( key32, &key ),
2004 ULongToPtr(params32->input),
2005 params32->input_len,
2006 ULongToPtr(params32->output),
2007 params32->output_len
2008 };
2009
2010 ret = key_symmetric_encrypt( &params );
2011 put_symmetric_key32( &key, key32 );
2012 return ret;
2013 }
2014
2015 static NTSTATUS wow64_key_symmetric_decrypt( void *args )
2016 {
2017 struct
2018 {
2019 PTR32 key;
2020 PTR32 input;
2021 ULONG input_len;
2022 PTR32 output;
2023 ULONG output_len;
2024 } const *params32 = args;
2025
2026 NTSTATUS ret;
2027 struct key key;
2028 struct key32 *key32 = ULongToPtr( params32->key );
2029 struct key_symmetric_decrypt_params params =
2030 {
2031 get_symmetric_key( key32, &key ),
2032 ULongToPtr(params32->input),
2033 params32->input_len,
2034 ULongToPtr(params32->output),
2035 params32->output_len
2036 };
2037
2038 ret = key_symmetric_decrypt( &params );
2039 put_symmetric_key32( &key, key32 );
2040 return ret;
2041 }
2042
2043 static NTSTATUS wow64_key_symmetric_get_tag( void *args )
2044 {
2045 struct
2046 {
2047 PTR32 key;
2048 PTR32 tag;
2049 ULONG len;
2050 } const *params32 = args;
2051
2052 NTSTATUS ret;
2053 struct key key;
2054 struct key32 *key32 = ULongToPtr( params32->key );
2055 struct key_symmetric_get_tag_params params =
2056 {
2057 get_symmetric_key( key32, &key ),
2058 ULongToPtr(params32->tag),
2059 params32->len
2060 };
2061
2062 ret = key_symmetric_get_tag( &params );
2063 put_symmetric_key32( &key, key32 );
2064 return ret;
2065 }
2066
2067 static NTSTATUS wow64_key_symmetric_destroy( void *args )
2068 {
2069 struct key32 *key32 = args;
2070 struct key key;
2071
2072 return key_symmetric_destroy( get_symmetric_key( key32, &key ));
2073 }
2074
2075 static NTSTATUS wow64_key_asymmetric_generate( void *args )
2076 {
2077 struct key32 *key32 = args;
2078 struct key key;
2079 NTSTATUS ret;
2080
2081 ret = key_asymmetric_generate( get_asymmetric_key( key32, &key ));
2082 put_asymmetric_key32( &key, key32 );
2083 return ret;
2084 }
2085
2086 static NTSTATUS wow64_key_asymmetric_decrypt( void *args )
2087 {
2088 struct
2089 {
2090 PTR32 key;
2091 PTR32 input;
2092 ULONG input_len;
2093 PTR32 output;
2094 ULONG output_len;
2095 PTR32 ret_len;
2096 } const *params32 = args;
2097
2098 NTSTATUS ret;
2099 struct key key;
2100 struct key32 *key32 = ULongToPtr( params32->key );
2101 struct key_asymmetric_decrypt_params params =
2102 {
2103 get_asymmetric_key( key32, &key ),
2104 ULongToPtr(params32->input),
2105 params32->input_len,
2106 ULongToPtr(params32->output),
2107 params32->output_len,
2108 ULongToPtr(params32->ret_len)
2109 };
2110
2111 ret = key_asymmetric_decrypt( &params );
2112 put_asymmetric_key32( &key, key32 );
2113 return ret;
2114 }
2115
2116 static NTSTATUS wow64_key_asymmetric_duplicate( void *args )
2117 {
2118 struct
2119 {
2120 PTR32 key_orig;
2121 PTR32 key_copy;
2122 } const *params32 = args;
2123
2124 NTSTATUS ret;
2125 struct key key_orig, key_copy;
2126 struct key32 *key_orig32 = ULongToPtr( params32->key_orig );
2127 struct key32 *key_copy32 = ULongToPtr( params32->key_copy );
2128 struct key_asymmetric_duplicate_params params =
2129 {
2130 get_asymmetric_key( key_orig32, &key_orig ),
2131 get_asymmetric_key( key_copy32, &key_copy )
2132 };
2133
2134 ret = key_asymmetric_duplicate( &params );
2135 put_asymmetric_key32( &key_copy, key_copy32 );
2136 return ret;
2137 }
2138
2139 static NTSTATUS wow64_key_asymmetric_sign( void *args )
2140 {
2141 struct
2142 {
2143 PTR32 key;
2144 PTR32 padding;
2145 PTR32 input;
2146 ULONG input_len;
2147 PTR32 output;
2148 ULONG output_len;
2149 PTR32 ret_len;
2150 ULONG flags;
2151 } const *params32 = args;
2152
2153 NTSTATUS ret;
2154 struct key key;
2155 BCRYPT_PKCS1_PADDING_INFO padding;
2156 struct key32 *key32 = ULongToPtr( params32->key );
2157 struct key_asymmetric_sign_params params =
2158 {
2159 get_asymmetric_key( key32, &key ),
2160 NULL, /* padding */
2161 ULongToPtr(params32->input),
2162 params32->input_len,
2163 ULongToPtr(params32->output),
2164 params32->output_len,
2165 ULongToPtr(params32->ret_len),
2166 params32->flags
2167 };
2168
2169 if (params32->flags & BCRYPT_PAD_PKCS1)
2170 {
2171 PTR32 *info = ULongToPtr( params32->padding );
2172 if (!info) return STATUS_INVALID_PARAMETER;
2173 padding.pszAlgId = ULongToPtr( *info );
2174 params.padding = &padding;
2175 }
2176
2177 ret = key_asymmetric_sign( &params );
2178 put_asymmetric_key32( &key, key32 );
2179 return ret;
2180 }
2181
2182 static NTSTATUS wow64_key_asymmetric_verify( void *args )
2183 {
2184 struct
2185 {
2186 PTR32 key;
2187 PTR32 padding;
2188 PTR32 hash;
2189 ULONG hash_len;
2190 PTR32 signature;
2191 ULONG signature_len;
2192 ULONG flags;
2193 } const *params32 = args;
2194
2195 NTSTATUS ret;
2196 struct key key;
2197 BCRYPT_PKCS1_PADDING_INFO padding;
2198 struct key32 *key32 = ULongToPtr( params32->key );
2199 struct key_asymmetric_verify_params params =
2200 {
2201 get_asymmetric_key( key32, &key ),
2202 NULL, /* padding */
2203 ULongToPtr(params32->hash),
2204 params32->hash_len,
2205 ULongToPtr(params32->signature),
2206 params32->signature_len,
2207 params32->flags
2208 };
2209
2210 if (params32->flags & BCRYPT_PAD_PKCS1)
2211 {
2212 PTR32 *info = ULongToPtr( params32->padding );
2213 if (!info) return STATUS_INVALID_PARAMETER;
2214 padding.pszAlgId = ULongToPtr( *info );
2215 params.padding = &padding;
2216 }
2217
2218 ret = key_asymmetric_verify( &params );
2219 put_asymmetric_key32( &key, key32 );
2220 return ret;
2221 }
2222
2223 static NTSTATUS wow64_key_asymmetric_destroy( void *args )
2224 {
2225 struct key32 *key32 = args;
2226 struct key key;
2227
2228 return key_asymmetric_destroy( get_asymmetric_key( key32, &key ));
2229 }
2230
2231 static NTSTATUS wow64_key_export_dsa_capi( void *args )
2232 {
2233 struct
2234 {
2235 PTR32 key;
2236 PTR32 buf;
2237 ULONG len;
2238 PTR32 ret_len;
2239 } const *params32 = args;
2240
2241 NTSTATUS ret;
2242 struct key key;
2243 struct key32 *key32 = ULongToPtr( params32->key );
2244 struct key_export_params params =
2245 {
2246 get_asymmetric_key( key32, &key ),
2247 ULongToPtr(params32->buf),
2248 params32->len,
2249 ULongToPtr(params32->ret_len)
2250 };
2251
2252 ret = key_export_dsa_capi( &params );
2253 put_asymmetric_key32( &key, key32 );
2254 return ret;
2255 }
2256
2257 static NTSTATUS wow64_key_export_ecc( void *args )
2258 {
2259 struct
2260 {
2261 PTR32 key;
2262 PTR32 buf;
2263 ULONG len;
2264 PTR32 ret_len;
2265 } const *params32 = args;
2266
2267 NTSTATUS ret;
2268 struct key key;
2269 struct key32 *key32 = ULongToPtr( params32->key );
2270 struct key_export_params params =
2271 {
2272 get_asymmetric_key( key32, &key ),
2273 ULongToPtr(params32->buf),
2274 params32->len,
2275 ULongToPtr(params32->ret_len)
2276 };
2277
2278 ret = key_export_ecc( &params );
2279 put_asymmetric_key32( &key, key32 );
2280 return ret;
2281 }
2282
2283 static NTSTATUS wow64_key_import_dsa_capi( void *args )
2284 {
2285 struct
2286 {
2287 PTR32 key;
2288 PTR32 buf;
2289 ULONG len;
2290 } const *params32 = args;
2291
2292 NTSTATUS ret;
2293 struct key key;
2294 struct key32 *key32 = ULongToPtr( params32->key );
2295 struct key_import_params params =
2296 {
2297 get_asymmetric_key( key32, &key ),
2298 ULongToPtr(params32->buf),
2299 params32->len
2300 };
2301
2302 ret = key_import_dsa_capi( &params );
2303 put_asymmetric_key32( &key, key32 );
2304 return ret;
2305 }
2306
2307 static NTSTATUS wow64_key_import_ecc( void *args )
2308 {
2309 struct
2310 {
2311 PTR32 key;
2312 PTR32 buf;
2313 ULONG len;
2314 } const *params32 = args;
2315
2316 NTSTATUS ret;
2317 struct key key;
2318 struct key32 *key32 = ULongToPtr( params32->key );
2319 struct key_import_params params =
2320 {
2321 get_asymmetric_key( key32, &key ),
2322 ULongToPtr(params32->buf),
2323 params32->len
2324 };
2325
2326 ret = key_import_ecc( &params );
2327 put_asymmetric_key32( &key, key32 );
2328 return ret;
2329 }
2330
2331 static NTSTATUS wow64_key_export_rsa( void *args )
2332 {
2333 struct
2334 {
2335 PTR32 key;
2336 PTR32 buf;
2337 ULONG len;
2338 PTR32 ret_len;
2339 BOOL full;
2340 } const *params32 = args;
2341
2342 NTSTATUS ret;
2343 struct key key;
2344 struct key32 *key32 = ULongToPtr( params32->key );
2345 struct key_export_params params =
2346 {
2347 get_asymmetric_key( key32, &key ),
2348 ULongToPtr(params32->buf),
2349 params32->len,
2350 ULongToPtr(params32->ret_len),
2351 params32->full
2352 };
2353
2354 ret = key_export_rsa( &params );
2355 put_asymmetric_key32( &key, key32 );
2356 return ret;
2357 }
2358
2359 static NTSTATUS wow64_key_import_rsa( void *args )
2360 {
2361 struct
2362 {
2363 PTR32 key;
2364 PTR32 buf;
2365 ULONG len;
2366 } const *params32 = args;
2367
2368 NTSTATUS ret;
2369 struct key key;
2370 struct key32 *key32 = ULongToPtr( params32->key );
2371 struct key_import_params params =
2372 {
2373 get_asymmetric_key( key32, &key ),
2374 ULongToPtr(params32->buf),
2375 params32->len
2376 };
2377
2378 ret = key_import_rsa( &params );
2379 put_asymmetric_key32( &key, key32 );
2380 return ret;
2381 }
2382
2383 const unixlib_entry_t __wine_unix_call_wow64_funcs[] =
2384 {
2385 gnutls_process_attach,
2386 gnutls_process_detach,
2387 wow64_key_symmetric_vector_reset,
2388 wow64_key_symmetric_set_auth_data,
2389 wow64_key_symmetric_encrypt,
2390 wow64_key_symmetric_decrypt,
2391 wow64_key_symmetric_get_tag,
2392 wow64_key_symmetric_destroy,
2393 wow64_key_asymmetric_generate,
2394 wow64_key_asymmetric_decrypt,
2395 wow64_key_asymmetric_duplicate,
2396 wow64_key_asymmetric_sign,
2397 wow64_key_asymmetric_verify,
2398 wow64_key_asymmetric_destroy,
2399 wow64_key_export_dsa_capi,
2400 wow64_key_export_ecc,
2401 wow64_key_export_rsa,
2402 wow64_key_import_dsa_capi,
2403 wow64_key_import_ecc,
2404 wow64_key_import_rsa
2405 };
2406
2407 #endif /* _WIN64 */
2408
2409 #endif /* HAVE_GNUTLS_CIPHER_INIT */
Windows API implementation