2 * dlls/rsaenh/implglue.c
3 * Glueing the RSAENH specific code to the crypto library
5 * Copyright (c) 2004, 2005 Michael Jung
6 * Copyright (c) 2007 Vijay Kiran Kamuju
8 * based on code by Mike McCormack and David Hammerton
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
26 #include "wine/port.h"
27 #include "wine/library.h"
36 /* Function prototype copied from dlls/advapi32/crypt.c */
37 BOOL WINAPI
SystemFunction036(PVOID pbBuffer
, ULONG dwLen
);
39 BOOL
init_hash_impl(ALG_ID aiAlgid
, HASH_CONTEXT
*pHashContext
)
41 BCRYPT_ALG_HANDLE provider
;
47 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_MD2_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
51 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_MD4_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
55 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_MD5_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
59 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_SHA1_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
63 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_SHA256_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
67 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_SHA384_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
71 status
= BCryptOpenAlgorithmProvider(&provider
, BCRYPT_SHA512_ALGORITHM
, MS_PRIMITIVE_PROVIDER
, 0);
78 if (status
) return FALSE
;
80 status
= BCryptCreateHash(provider
, &pHashContext
->bcrypt_hash
, NULL
, 0, NULL
, 0, 0);
81 BCryptCloseAlgorithmProvider(provider
, 0);
85 BOOL
update_hash_impl(HASH_CONTEXT
*pHashContext
, const BYTE
*pbData
, DWORD dwDataLen
)
87 BCryptHashData(pHashContext
->bcrypt_hash
, (UCHAR
*)pbData
, dwDataLen
, 0);
91 BOOL
finalize_hash_impl(HASH_CONTEXT
*pHashContext
, BYTE
*pbHashValue
)
93 BCryptFinishHash(pHashContext
->bcrypt_hash
, pbHashValue
, RSAENH_MAX_HASH_SIZE
, 0);
94 BCryptDestroyHash(pHashContext
->bcrypt_hash
);
98 BOOL
duplicate_hash_impl(const HASH_CONTEXT
*pSrcHashContext
, HASH_CONTEXT
*pDestHashContext
)
100 return !BCryptDuplicateHash(pSrcHashContext
->bcrypt_hash
, &pDestHashContext
->bcrypt_hash
, NULL
, 0, 0);
103 BOOL
new_key_impl(ALG_ID aiAlgid
, KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
)
109 if (rsa_make_key((int)dwKeyLen
, 65537, &pKeyContext
->rsa
) != CRYPT_OK
) {
110 SetLastError(NTE_FAIL
);
119 BOOL
free_key_impl(ALG_ID aiAlgid
, KEY_CONTEXT
*pKeyContext
)
125 rsa_free(&pKeyContext
->rsa
);
131 BOOL
setup_key_impl(ALG_ID aiAlgid
, KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,
132 DWORD dwEffectiveKeyLen
, DWORD dwSaltLen
, BYTE
*abKeyValue
)
137 rc4_start(&pKeyContext
->rc4
);
138 rc4_add_entropy(abKeyValue
, dwKeyLen
+ dwSaltLen
, &pKeyContext
->rc4
);
139 rc4_ready(&pKeyContext
->rc4
);
143 rc2_setup(abKeyValue
, dwKeyLen
+ dwSaltLen
, dwEffectiveKeyLen
?
144 dwEffectiveKeyLen
: dwKeyLen
<< 3, 0, &pKeyContext
->rc2
);
148 des3_setup(abKeyValue
, 24, 0, &pKeyContext
->des3
);
152 memcpy(abKeyValue
+16, abKeyValue
, 8);
153 des3_setup(abKeyValue
, 24, 0, &pKeyContext
->des3
);
157 des_setup(abKeyValue
, 8, 0, &pKeyContext
->des
);
162 aes_setup(abKeyValue
, 16, 0, &pKeyContext
->aes
);
166 aes_setup(abKeyValue
, 24, 0, &pKeyContext
->aes
);
170 aes_setup(abKeyValue
, 32, 0, &pKeyContext
->aes
);
177 BOOL
duplicate_key_impl(ALG_ID aiAlgid
, const KEY_CONTEXT
*pSrcKeyContext
,
178 KEY_CONTEXT
*pDestKeyContext
)
191 *pDestKeyContext
= *pSrcKeyContext
;
195 pDestKeyContext
->rsa
.type
= pSrcKeyContext
->rsa
.type
;
196 mp_init_copy(&pDestKeyContext
->rsa
.e
, &pSrcKeyContext
->rsa
.e
);
197 mp_init_copy(&pDestKeyContext
->rsa
.d
, &pSrcKeyContext
->rsa
.d
);
198 mp_init_copy(&pDestKeyContext
->rsa
.N
, &pSrcKeyContext
->rsa
.N
);
199 mp_init_copy(&pDestKeyContext
->rsa
.p
, &pSrcKeyContext
->rsa
.p
);
200 mp_init_copy(&pDestKeyContext
->rsa
.q
, &pSrcKeyContext
->rsa
.q
);
201 mp_init_copy(&pDestKeyContext
->rsa
.qP
, &pSrcKeyContext
->rsa
.qP
);
202 mp_init_copy(&pDestKeyContext
->rsa
.dP
, &pSrcKeyContext
->rsa
.dP
);
203 mp_init_copy(&pDestKeyContext
->rsa
.dQ
, &pSrcKeyContext
->rsa
.dQ
);
207 SetLastError(NTE_BAD_ALGID
);
214 static inline void reverse_bytes(BYTE
*pbData
, DWORD dwLen
) {
218 for (i
=0; i
<dwLen
/2; i
++) {
220 pbData
[i
] = pbData
[dwLen
-i
-1];
221 pbData
[dwLen
-i
-1] = swap
;
225 BOOL
encrypt_block_impl(ALG_ID aiAlgid
, DWORD dwKeySpec
, KEY_CONTEXT
*pKeyContext
, const BYTE
*in
,
226 BYTE
*out
, DWORD enc
)
228 unsigned long inlen
, outlen
;
229 BYTE
*in_reversed
= NULL
;
234 rc2_ecb_encrypt(in
, out
, &pKeyContext
->rc2
);
236 rc2_ecb_decrypt(in
, out
, &pKeyContext
->rc2
);
243 des3_ecb_encrypt(in
, out
, &pKeyContext
->des3
);
245 des3_ecb_decrypt(in
, out
, &pKeyContext
->des3
);
251 des_ecb_encrypt(in
, out
, &pKeyContext
->des
);
253 des_ecb_decrypt(in
, out
, &pKeyContext
->des
);
262 aes_ecb_encrypt(in
, out
, &pKeyContext
->aes
);
264 aes_ecb_decrypt(in
, out
, &pKeyContext
->aes
);
270 case CALG_SSL3_SHAMD5
:
271 outlen
= inlen
= (mp_count_bits(&pKeyContext
->rsa
.N
)+7)/8;
273 if (rsa_exptmod(in
, inlen
, out
, &outlen
, dwKeySpec
, &pKeyContext
->rsa
) != CRYPT_OK
) {
274 SetLastError(NTE_FAIL
);
277 reverse_bytes(out
, outlen
);
279 in_reversed
= HeapAlloc(GetProcessHeap(), 0, inlen
);
281 SetLastError(NTE_NO_MEMORY
);
284 memcpy(in_reversed
, in
, inlen
);
285 reverse_bytes(in_reversed
, inlen
);
286 if (rsa_exptmod(in_reversed
, inlen
, out
, &outlen
, dwKeySpec
, &pKeyContext
->rsa
) != CRYPT_OK
) {
287 HeapFree(GetProcessHeap(), 0, in_reversed
);
288 SetLastError(NTE_FAIL
);
291 HeapFree(GetProcessHeap(), 0, in_reversed
);
296 SetLastError(NTE_BAD_ALGID
);
303 BOOL
encrypt_stream_impl(ALG_ID aiAlgid
, KEY_CONTEXT
*pKeyContext
, BYTE
*stream
, DWORD dwLen
)
307 rc4_read(stream
, dwLen
, &pKeyContext
->rc4
);
311 SetLastError(NTE_BAD_ALGID
);
318 BOOL
gen_rand_impl(BYTE
*pbBuffer
, DWORD dwLen
)
320 return SystemFunction036(pbBuffer
, dwLen
);
323 BOOL
export_public_key_impl(BYTE
*pbDest
, const KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,DWORD
*pdwPubExp
)
325 mp_to_unsigned_bin(&pKeyContext
->rsa
.N
, pbDest
);
326 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.N
));
327 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.N
) < dwKeyLen
)
328 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.N
), 0,
329 dwKeyLen
- mp_unsigned_bin_size(&pKeyContext
->rsa
.N
));
330 *pdwPubExp
= (DWORD
)mp_get_int(&pKeyContext
->rsa
.e
);
334 BOOL
import_public_key_impl(const BYTE
*pbSrc
, KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,
339 if (mp_init_multi(&pKeyContext
->rsa
.e
, &pKeyContext
->rsa
.d
, &pKeyContext
->rsa
.N
,
340 &pKeyContext
->rsa
.dQ
,&pKeyContext
->rsa
.dP
,&pKeyContext
->rsa
.qP
,
341 &pKeyContext
->rsa
.p
, &pKeyContext
->rsa
.q
, NULL
) != MP_OKAY
)
343 SetLastError(NTE_FAIL
);
347 pbTemp
= HeapAlloc(GetProcessHeap(), 0, dwKeyLen
);
348 if (!pbTemp
) return FALSE
;
349 memcpy(pbTemp
, pbSrc
, dwKeyLen
);
351 pKeyContext
->rsa
.type
= PK_PUBLIC
;
352 reverse_bytes(pbTemp
, dwKeyLen
);
353 mp_read_unsigned_bin(&pKeyContext
->rsa
.N
, pbTemp
, dwKeyLen
);
354 HeapFree(GetProcessHeap(), 0, pbTemp
);
355 mp_set_int(&pKeyContext
->rsa
.e
, dwPubExp
);
360 BOOL
export_private_key_impl(BYTE
*pbDest
, const KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,
363 mp_to_unsigned_bin(&pKeyContext
->rsa
.N
, pbDest
);
364 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.N
));
365 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.N
) < dwKeyLen
)
366 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.N
), 0,
367 dwKeyLen
- mp_unsigned_bin_size(&pKeyContext
->rsa
.N
));
369 mp_to_unsigned_bin(&pKeyContext
->rsa
.p
, pbDest
);
370 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.p
));
371 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.p
) < (dwKeyLen
+1)>>1)
372 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.p
), 0,
373 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.p
));
374 pbDest
+= (dwKeyLen
+1)>>1;
375 mp_to_unsigned_bin(&pKeyContext
->rsa
.q
, pbDest
);
376 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.q
));
377 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.q
) < (dwKeyLen
+1)>>1)
378 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.q
), 0,
379 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.q
));
380 pbDest
+= (dwKeyLen
+1)>>1;
381 mp_to_unsigned_bin(&pKeyContext
->rsa
.dP
, pbDest
);
382 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.dP
));
383 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.dP
) < (dwKeyLen
+1)>>1)
384 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.dP
), 0,
385 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.dP
));
386 pbDest
+= (dwKeyLen
+1)>>1;
387 mp_to_unsigned_bin(&pKeyContext
->rsa
.dQ
, pbDest
);
388 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.dQ
));
389 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.dQ
) < (dwKeyLen
+1)>>1)
390 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.dQ
), 0,
391 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.dQ
));
392 pbDest
+= (dwKeyLen
+1)>>1;
393 mp_to_unsigned_bin(&pKeyContext
->rsa
.qP
, pbDest
);
394 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.qP
));
395 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.qP
) < (dwKeyLen
+1)>>1)
396 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.qP
), 0,
397 ((dwKeyLen
+1)>>1) - mp_unsigned_bin_size(&pKeyContext
->rsa
.qP
));
398 pbDest
+= (dwKeyLen
+1)>>1;
399 mp_to_unsigned_bin(&pKeyContext
->rsa
.d
, pbDest
);
400 reverse_bytes(pbDest
, mp_unsigned_bin_size(&pKeyContext
->rsa
.d
));
401 if (mp_unsigned_bin_size(&pKeyContext
->rsa
.d
) < dwKeyLen
)
402 memset(pbDest
+ mp_unsigned_bin_size(&pKeyContext
->rsa
.d
), 0,
403 dwKeyLen
- mp_unsigned_bin_size(&pKeyContext
->rsa
.d
));
404 *pdwPubExp
= (DWORD
)mp_get_int(&pKeyContext
->rsa
.e
);
409 BOOL
import_private_key_impl(const BYTE
*pbSrc
, KEY_CONTEXT
*pKeyContext
, DWORD dwKeyLen
,
410 DWORD dwDataLen
, DWORD dwPubExp
)
412 BYTE
*pbTemp
, *pbBigNum
;
414 if (mp_init_multi(&pKeyContext
->rsa
.e
, &pKeyContext
->rsa
.d
, &pKeyContext
->rsa
.N
,
415 &pKeyContext
->rsa
.dQ
,&pKeyContext
->rsa
.dP
,&pKeyContext
->rsa
.qP
,
416 &pKeyContext
->rsa
.p
, &pKeyContext
->rsa
.q
, NULL
) != MP_OKAY
)
418 SetLastError(NTE_FAIL
);
422 pbTemp
= HeapAlloc(GetProcessHeap(), 0, 2*dwKeyLen
+5*((dwKeyLen
+1)>>1));
423 if (!pbTemp
) return FALSE
;
424 memcpy(pbTemp
, pbSrc
, min(dwDataLen
, 2*dwKeyLen
+5*((dwKeyLen
+1)>>1)));
427 pKeyContext
->rsa
.type
= PK_PRIVATE
;
428 reverse_bytes(pbBigNum
, dwKeyLen
);
429 mp_read_unsigned_bin(&pKeyContext
->rsa
.N
, pbBigNum
, dwKeyLen
);
430 pbBigNum
+= dwKeyLen
;
431 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
432 mp_read_unsigned_bin(&pKeyContext
->rsa
.p
, pbBigNum
, (dwKeyLen
+1)>>1);
433 pbBigNum
+= (dwKeyLen
+1)>>1;
434 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
435 mp_read_unsigned_bin(&pKeyContext
->rsa
.q
, pbBigNum
, (dwKeyLen
+1)>>1);
436 pbBigNum
+= (dwKeyLen
+1)>>1;
437 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
438 mp_read_unsigned_bin(&pKeyContext
->rsa
.dP
, pbBigNum
, (dwKeyLen
+1)>>1);
439 pbBigNum
+= (dwKeyLen
+1)>>1;
440 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
441 mp_read_unsigned_bin(&pKeyContext
->rsa
.dQ
, pbBigNum
, (dwKeyLen
+1)>>1);
442 pbBigNum
+= (dwKeyLen
+1)>>1;
443 reverse_bytes(pbBigNum
, (dwKeyLen
+1)>>1);
444 mp_read_unsigned_bin(&pKeyContext
->rsa
.qP
, pbBigNum
, (dwKeyLen
+1)>>1);
445 pbBigNum
+= (dwKeyLen
+1)>>1;
446 /* The size of the private exponent d is inferred from the remaining
449 dwKeyLen
= min(dwKeyLen
, dwDataLen
- (pbBigNum
- pbTemp
));
450 reverse_bytes(pbBigNum
, dwKeyLen
);
451 mp_read_unsigned_bin(&pKeyContext
->rsa
.d
, pbBigNum
, dwKeyLen
);
452 mp_set_int(&pKeyContext
->rsa
.e
, dwPubExp
);
454 HeapFree(GetProcessHeap(), 0, pbTemp
);