2 * dlls/rsaenh/implglue.c
3 * Glueing the RSAENH specific code to the crypto library
5 * Copyright (c) 2004, 2005 Michael Jung
6 * Copyright (c) 2007 Vijay Kiran Kamuju
8 * based on code by Mike McCormack and David Hammerton
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
26 #include "wine/port.h"
27 #include "wine/library.h"
36 /* Function prototypes copied from dlls/advapi32/crypt_md4.c */
37 VOID WINAPI
MD4Init( MD4_CTX
*ctx
);
38 VOID WINAPI
MD4Update( MD4_CTX
*ctx
, const unsigned char *buf
, unsigned int len
);
39 VOID WINAPI
MD4Final( MD4_CTX
*ctx
);
40 /* Function prototypes copied from dlls/advapi32/crypt_md5.c */
41 VOID WINAPI
MD5Init( MD5_CTX
*ctx
);
42 VOID WINAPI
MD5Update( MD5_CTX
*ctx
, const unsigned char *buf
, unsigned int len
);
43 VOID WINAPI
MD5Final( MD5_CTX
*ctx
);
44 /* Function prototypes copied from dlls/advapi32/crypt_sha.c */
45 VOID WINAPI
A_SHAInit(PSHA_CTX Context
);
46 VOID WINAPI
A_SHAUpdate(PSHA_CTX Context
, const unsigned char *Buffer
, UINT BufferSize
);
47 VOID WINAPI
A_SHAFinal(PSHA_CTX Context
, PULONG Result
);
48 /* Function prototype copied from dlls/advapi32/crypt.c */
49 BOOL WINAPI
SystemFunction036(PVOID pbBuffer
, ULONG dwLen
);
51 BOOL
init_hash_impl(ALG_ID aiAlgid
, HASH_CONTEXT
*pHashContext
)
53 BCRYPT_ALG_HANDLE provider
;
59 md2_init(&pHashContext
->md2
);
63 MD4Init(&pHashContext
->md4
);
67 MD5Init(&pHashContext
->md5
);
71 A_SHAInit(&pHashContext
->sha
);
75 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_SHA256_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
79 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_SHA384_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
83 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_SHA512_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
90 if (status
) return FALSE
;
92 status
= BCryptCreateHash(provider
, &pHashContext
->bcrypt_hash
, NULL
, 0, NULL
, 0, 0);
93 BCryptCloseAlgorithmProvider(provider
, 0);
97 BOOL
update_hash_impl(ALG_ID aiAlgid
, HASH_CONTEXT
*pHashContext
, const BYTE
*pbData
,
103 md2_process(&pHashContext
->md2
, pbData
, dwDataLen
);
107 MD4Update(&pHashContext
->md4
, pbData
, dwDataLen
);
111 MD5Update(&pHashContext
->md5
, pbData
, dwDataLen
);
115 A_SHAUpdate(&pHashContext
->sha
, pbData
, dwDataLen
);
119 BCryptHashData(pHashContext
->bcrypt_hash
, (UCHAR
*)pbData
, dwDataLen
, 0);
125 BOOL
finalize_hash_impl(ALG_ID aiAlgid
, HASH_CONTEXT
*pHashContext
, BYTE
*pbHashValue
)
130 md2_done(&pHashContext
->md2
, pbHashValue
);
134 MD4Final(&pHashContext
->md4
);
135 memcpy(pbHashValue
, pHashContext
->md4
.digest
, 16);
139 MD5Final(&pHashContext
->md5
);
140 memcpy(pbHashValue
, pHashContext
->md5
.digest
, 16);
144 A_SHAFinal(&pHashContext
->sha
, (PULONG
)pbHashValue
);
148 BCryptFinishHash(pHashContext
->bcrypt_hash
, pbHashValue
, RSAENH_MAX_HASH_SIZE
, 0);
149 BCryptDestroyHash(pHashContext
->bcrypt_hash
);
156 BOOL
duplicate_hash_impl(ALG_ID aiAlgid
, const HASH_CONTEXT
*pSrcHashContext
,
157 HASH_CONTEXT
*pDestHashContext
)
165 *pDestHashContext
= *pSrcHashContext
;
168 return !BCryptDuplicateHash(pSrcHashContext
->bcrypt_hash
, &pDestHashContext
->bcrypt_hash
, NULL
, 0, 0);
172 BOOL
new_key_impl(ALG_ID aiAlgid
, KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
)
178 if (rsa_make_key((int)dwKeyLen
, 65537, &pKeyContext
->rsa
) != CRYPT_OK
) {
179 SetLastError(NTE_FAIL
);
188 BOOL
free_key_impl(ALG_ID aiAlgid
, KEY_CONTEXT
*pKeyContext
)
194 rsa_free(&pKeyContext
->rsa
);
200 BOOL
setup_key_impl(ALG_ID aiAlgid
, KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,
201 DWORD dwEffectiveKeyLen
, DWORD dwSaltLen
, BYTE
*abKeyValue
)
206 rc4_start(&pKeyContext
->rc4
);
207 rc4_add_entropy(abKeyValue
, dwKeyLen
+ dwSaltLen
, &pKeyContext
->rc4
);
208 rc4_ready(&pKeyContext
->rc4
);
212 rc2_setup(abKeyValue
, dwKeyLen
+ dwSaltLen
, dwEffectiveKeyLen
?
213 dwEffectiveKeyLen
: dwKeyLen
<< 3, 0, &pKeyContext
->rc2
);
217 des3_setup(abKeyValue
, 24, 0, &pKeyContext
->des3
);
221 memcpy(abKeyValue
+16, abKeyValue
, 8);
222 des3_setup(abKeyValue
, 24, 0, &pKeyContext
->des3
);
226 des_setup(abKeyValue
, 8, 0, &pKeyContext
->des
);
231 aes_setup(abKeyValue
, 16, 0, &pKeyContext
->aes
);
235 aes_setup(abKeyValue
, 24, 0, &pKeyContext
->aes
);
239 aes_setup(abKeyValue
, 32, 0, &pKeyContext
->aes
);
246 BOOL
duplicate_key_impl(ALG_ID aiAlgid
, const KEY_CONTEXT
*pSrcKeyContext
,
247 KEY_CONTEXT
*pDestKeyContext
)
260 *pDestKeyContext
= *pSrcKeyContext
;
264 pDestKeyContext
->rsa
.type
= pSrcKeyContext
->rsa
.type
;
265 mp_init_copy(&pDestKeyContext
->rsa
.e
, &pSrcKeyContext
->rsa
.e
);
266 mp_init_copy(&pDestKeyContext
->rsa
.d
, &pSrcKeyContext
->rsa
.d
);
267 mp_init_copy(&pDestKeyContext
->rsa
.N
, &pSrcKeyContext
->rsa
.N
);
268 mp_init_copy(&pDestKeyContext
->rsa
.p
, &pSrcKeyContext
->rsa
.p
);
269 mp_init_copy(&pDestKeyContext
->rsa
.q
, &pSrcKeyContext
->rsa
.q
);
270 mp_init_copy(&pDestKeyContext
->rsa
.qP
, &pSrcKeyContext
->rsa
.qP
);
271 mp_init_copy(&pDestKeyContext
->rsa
.dP
, &pSrcKeyContext
->rsa
.dP
);
272 mp_init_copy(&pDestKeyContext
->rsa
.dQ
, &pSrcKeyContext
->rsa
.dQ
);
276 SetLastError(NTE_BAD_ALGID
);
283 static inline void reverse_bytes(BYTE
*pbData
, DWORD dwLen
) {
287 for (i
=0; i
<dwLen
/2; i
++) {
289 pbData
[i
] = pbData
[dwLen
-i
-1];
290 pbData
[dwLen
-i
-1] = swap
;
294 BOOL
encrypt_block_impl(ALG_ID aiAlgid
, DWORD dwKeySpec
, KEY_CONTEXT
*pKeyContext
, const BYTE
*in
,
295 BYTE
*out
, DWORD enc
)
297 unsigned long inlen
, outlen
;
298 BYTE
*in_reversed
= NULL
;
303 rc2_ecb_encrypt(in
, out
, &pKeyContext
->rc2
);
305 rc2_ecb_decrypt(in
, out
, &pKeyContext
->rc2
);
312 des3_ecb_encrypt(in
, out
, &pKeyContext
->des3
);
314 des3_ecb_decrypt(in
, out
, &pKeyContext
->des3
);
320 des_ecb_encrypt(in
, out
, &pKeyContext
->des
);
322 des_ecb_decrypt(in
, out
, &pKeyContext
->des
);
331 aes_ecb_encrypt(in
, out
, &pKeyContext
->aes
);
333 aes_ecb_decrypt(in
, out
, &pKeyContext
->aes
);
339 case CALG_SSL3_SHAMD5
:
340 outlen
= inlen
= (mp_count_bits(&pKeyContext
->rsa
.N
)+7)/8;
342 if (rsa_exptmod(in
, inlen
, out
, &outlen
, dwKeySpec
, &pKeyContext
->rsa
) != CRYPT_OK
) {
343 SetLastError(NTE_FAIL
);
346 reverse_bytes(out
, outlen
);
348 in_reversed
= HeapAlloc(GetProcessHeap(), 0, inlen
);
350 SetLastError(NTE_NO_MEMORY
);
353 memcpy(in_reversed
, in
, inlen
);
354 reverse_bytes(in_reversed
, inlen
);
355 if (rsa_exptmod(in_reversed
, inlen
, out
, &outlen
, dwKeySpec
, &pKeyContext
->rsa
) != CRYPT_OK
) {
356 HeapFree(GetProcessHeap(), 0, in_reversed
);
357 SetLastError(NTE_FAIL
);
360 HeapFree(GetProcessHeap(), 0, in_reversed
);
365 SetLastError(NTE_BAD_ALGID
);
372 BOOL
encrypt_stream_impl(ALG_ID aiAlgid
, KEY_CONTEXT
*pKeyContext
, BYTE
*stream
, DWORD dwLen
)
376 rc4_read(stream
, dwLen
, &pKeyContext
->rc4
);
380 SetLastError(NTE_BAD_ALGID
);
387 BOOL
gen_rand_impl(BYTE
*pbBuffer
, DWORD dwLen
)
389 return SystemFunction036(pbBuffer
, dwLen
);
392 BOOL
export_public_key_impl(BYTE
*pbDest
, const KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,DWORD
*pdwPubExp
)
394 mp_to_unsigned_bin(&pKeyContext
->rsa
.N
, pbDest
);
395 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.N
));
396 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.N
) < dwKeyLen
)
397 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.N
), 0,
398 dwKeyLen
- mp_unsigned_bin_size(&pKeyContext
->rsa
.N
));
399 *pdwPubExp
= (DWORD
)mp_get_int(&pKeyContext
->rsa
.e
);
403 BOOL
import_public_key_impl(const BYTE
*pbSrc
, KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,
408 if (mp_init_multi(&pKeyContext
->rsa
.e
, &pKeyContext
->rsa
.d
, &pKeyContext
->rsa
.N
,
409 &pKeyContext
->rsa
.dQ
,&pKeyContext
->rsa
.dP
,&pKeyContext
->rsa
.qP
,
410 &pKeyContext
->rsa
.p
, &pKeyContext
->rsa
.q
, NULL
) != MP_OKAY
)
412 SetLastError(NTE_FAIL
);
416 pbTemp
= HeapAlloc(GetProcessHeap(), 0, dwKeyLen
);
417 if (!pbTemp
) return FALSE
;
418 memcpy(pbTemp
, pbSrc
, dwKeyLen
);
420 pKeyContext
->rsa
.type
= PK_PUBLIC
;
421 reverse_bytes(pbTemp
, dwKeyLen
);
422 mp_read_unsigned_bin(&pKeyContext
->rsa
.N
, pbTemp
, dwKeyLen
);
423 HeapFree(GetProcessHeap(), 0, pbTemp
);
424 mp_set_int(&pKeyContext
->rsa
.e
, dwPubExp
);
429 BOOL
export_private_key_impl(BYTE
*pbDest
, const KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,
432 mp_to_unsigned_bin(&pKeyContext
->rsa
.N
, pbDest
);
433 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.N
));
434 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.N
) < dwKeyLen
)
435 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.N
), 0,
436 dwKeyLen
- mp_unsigned_bin_size(&pKeyContext
->rsa
.N
));
438 mp_to_unsigned_bin(&pKeyContext
->rsa
.p
, pbDest
);
439 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.p
));
440 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.p
) < (dwKeyLen
+1)>>1)
441 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.p
), 0,
442 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.p
));
443 pbDest
+= (dwKeyLen
+1)>>1;
444 mp_to_unsigned_bin(&pKeyContext
->rsa
.q
, pbDest
);
445 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.q
));
446 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.q
) < (dwKeyLen
+1)>>1)
447 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.q
), 0,
448 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.q
));
449 pbDest
+= (dwKeyLen
+1)>>1;
450 mp_to_unsigned_bin(&pKeyContext
->rsa
.dP
, pbDest
);
451 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.dP
));
452 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.dP
) < (dwKeyLen
+1)>>1)
453 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.dP
), 0,
454 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.dP
));
455 pbDest
+= (dwKeyLen
+1)>>1;
456 mp_to_unsigned_bin(&pKeyContext
->rsa
.dQ
, pbDest
);
457 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.dQ
));
458 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.dQ
) < (dwKeyLen
+1)>>1)
459 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.dQ
), 0,
460 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.dQ
));
461 pbDest
+= (dwKeyLen
+1)>>1;
462 mp_to_unsigned_bin(&pKeyContext
->rsa
.qP
, pbDest
);
463 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.qP
));
464 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.qP
) < (dwKeyLen
+1)>>1)
465 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.qP
), 0,
466 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.qP
));
467 pbDest
+= (dwKeyLen
+1)>>1;
468 mp_to_unsigned_bin(&pKeyContext
->rsa
.d
, pbDest
);
469 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.d
));
470 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.d
) < dwKeyLen
)
471 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.d
), 0,
472 dwKeyLen
- mp_unsigned_bin_size(&pKeyContext
->rsa
.d
));
473 *pdwPubExp
= (DWORD
)mp_get_int(&pKeyContext
->rsa
.e
);
478 BOOL
import_private_key_impl(const BYTE
*pbSrc
, KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,
479 DWORD dwDataLen
, DWORD dwPubExp
)
481 BYTE
*pbTemp
, *pbBigNum
;
483 if (mp_init_multi(&pKeyContext
->rsa
.e
, &pKeyContext
->rsa
.d
, &pKeyContext
->rsa
.N
,
484 &pKeyContext
->rsa
.dQ
,&pKeyContext
->rsa
.dP
,&pKeyContext
->rsa
.qP
,
485 &pKeyContext
->rsa
.p
, &pKeyContext
->rsa
.q
, NULL
) != MP_OKAY
)
487 SetLastError(NTE_FAIL
);
491 pbTemp
= HeapAlloc(GetProcessHeap(), 0, 2*dwKeyLen
+5*((dwKeyLen
+1)>>1));
492 if (!pbTemp
) return FALSE
;
493 memcpy(pbTemp
, pbSrc
, min(dwDataLen
, 2*dwKeyLen
+5*((dwKeyLen
+1)>>1)));
496 pKeyContext
->rsa
.type
= PK_PRIVATE
;
497 reverse_bytes(pbBigNum
, dwKeyLen
);
498 mp_read_unsigned_bin(&pKeyContext
->rsa
.N
, pbBigNum
, dwKeyLen
);
499 pbBigNum
+= dwKeyLen
;
500 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
501 mp_read_unsigned_bin(&pKeyContext
->rsa
.p
, pbBigNum
, (dwKeyLen
+1)>>1);
502 pbBigNum
+= (dwKeyLen
+1)>>1;
503 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
504 mp_read_unsigned_bin(&pKeyContext
->rsa
.q
, pbBigNum
, (dwKeyLen
+1)>>1);
505 pbBigNum
+= (dwKeyLen
+1)>>1;
506 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
507 mp_read_unsigned_bin(&pKeyContext
->rsa
.dP
, pbBigNum
, (dwKeyLen
+1)>>1);
508 pbBigNum
+= (dwKeyLen
+1)>>1;
509 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
510 mp_read_unsigned_bin(&pKeyContext
->rsa
.dQ
, pbBigNum
, (dwKeyLen
+1)>>1);
511 pbBigNum
+= (dwKeyLen
+1)>>1;
512 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
513 mp_read_unsigned_bin(&pKeyContext
->rsa
.qP
, pbBigNum
, (dwKeyLen
+1)>>1);
514 pbBigNum
+= (dwKeyLen
+1)>>1;
515 /* The size of the private exponent d is inferred from the remaining
518 dwKeyLen
= min(dwKeyLen
, dwDataLen
- (pbBigNum
- pbTemp
));
519 reverse_bytes(pbBigNum
, dwKeyLen
);
520 mp_read_unsigned_bin(&pKeyContext
->rsa
.d
, pbBigNum
, dwKeyLen
);
521 mp_set_int(&pKeyContext
->rsa
.e
, dwPubExp
);
523 HeapFree(GetProcessHeap(), 0, pbTemp
);