| blob | f44db39865312813bcb083d17ca6d058e49df421 |
1 /*
2 * dlls/rsaenh/rsaenh.c
3 * RSAENH - RSA encryption for Wine
4 *
5 * Copyright 2002 TransGaming Technologies (David Hammerton)
6 * Copyright 2004 Mike McCormack for CodeWeavers
7 * Copyright 2004, 2005 Michael Jung
8 * Copyright 2007 Vijay Kiran Kamuju
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
23 */
30 #include <stdarg.h>
31 #include <stdio.h>
43 /******************************************************************************
44 * CRYPTHASH - hash objects
45 */
46 #define RSAENH_MAGIC_HASH 0x85938417u
47 #define RSAENH_MAX_HASH_SIZE 104
48 #define RSAENH_HASHSTATE_HASHING 1
49 #define RSAENH_HASHSTATE_FINISHED 2
51 {
52 CRYPT_DATA_BLOB blobLabel;
53 CRYPT_DATA_BLOB blobSeed;
57 {
58 OBJECTHDR header;
59 ALG_ID aiAlgid;
60 HCRYPTKEY hKey;
61 HCRYPTPROV hProv;
62 DWORD dwHashSize;
63 DWORD dwState;
64 HASH_CONTEXT context;
66 PHMAC_INFO pHMACInfo;
67 RSAENH_TLS1PRF_PARAMS tpPRFParams;
70 /******************************************************************************
71 * CRYPTKEY - key objects
72 */
73 #define RSAENH_MAGIC_KEY 0x73620457u
74 #define RSAENH_MAX_KEY_SIZE 48
75 #define RSAENH_MAX_BLOCK_SIZE 24
76 #define RSAENH_KEYSTATE_IDLE 0
77 #define RSAENH_KEYSTATE_ENCRYPTING 1
78 #define RSAENH_KEYSTATE_MASTERKEY 2
80 {
81 SCHANNEL_ALG saEncAlg;
82 SCHANNEL_ALG saMACAlg;
83 CRYPT_DATA_BLOB blobClientRandom;
84 CRYPT_DATA_BLOB blobServerRandom;
88 {
89 OBJECTHDR header;
90 ALG_ID aiAlgid;
91 HCRYPTPROV hProv;
92 DWORD dwMode;
93 DWORD dwModeBits;
94 DWORD dwPermissions;
95 DWORD dwKeyLen;
96 DWORD dwEffectiveKeyLen;
97 DWORD dwSaltLen;
98 DWORD dwBlockLen;
99 DWORD dwState;
100 KEY_CONTEXT context;
104 RSAENH_SCHANNEL_INFO siSChannelInfo;
107 /******************************************************************************
108 * KEYCONTAINER - key containers
109 */
110 #define RSAENH_PERSONALITY_BASE 0u
111 #define RSAENH_PERSONALITY_STRONG 1u
112 #define RSAENH_PERSONALITY_ENHANCED 2u
113 #define RSAENH_PERSONALITY_SCHANNEL 3u
114 #define RSAENH_PERSONALITY_AES 4u
116 #define RSAENH_MAGIC_CONTAINER 0x26384993u
118 {
119 OBJECTHDR header;
120 DWORD dwFlags;
121 DWORD dwPersonality;
122 DWORD dwEnumAlgsCtr;
123 DWORD dwEnumContainersCtr;
126 HCRYPTKEY hKeyExchangeKeyPair;
127 HCRYPTKEY hSignatureKeyPair;
130 /******************************************************************************
131 * Some magic constants
132 */
133 #define RSAENH_ENCRYPT 1
134 #define RSAENH_DECRYPT 0
135 #define RSAENH_HMAC_DEF_IPAD_CHAR 0x36
136 #define RSAENH_HMAC_DEF_OPAD_CHAR 0x5c
137 #define RSAENH_HMAC_DEF_PAD_LEN 64
138 #define RSAENH_DES_EFFECTIVE_KEYLEN 56
139 #define RSAENH_DES_STORAGE_KEYLEN 64
140 #define RSAENH_3DES112_EFFECTIVE_KEYLEN 112
141 #define RSAENH_3DES112_STORAGE_KEYLEN 128
142 #define RSAENH_3DES_EFFECTIVE_KEYLEN 168
143 #define RSAENH_3DES_STORAGE_KEYLEN 192
144 #define RSAENH_MAGIC_RSA2 0x32415352
145 #define RSAENH_MAGIC_RSA1 0x31415352
146 #define RSAENH_PKC_BLOCKTYPE 0x02
147 #define RSAENH_SSL3_VERSION_MAJOR 3
148 #define RSAENH_SSL3_VERSION_MINOR 0
149 #define RSAENH_TLS1_VERSION_MAJOR 3
150 #define RSAENH_TLS1_VERSION_MINOR 1
153 #define RSAENH_MIN(a,b) ((a)<(b)?(a):(b))
154 /******************************************************************************
155 * aProvEnumAlgsEx - Defines the capabilities of the CSP personalities.
156 */
157 #define RSAENH_MAX_ENUMALGS 24
158 #define RSAENH_PCT1_SSL2_SSL3_TLS1 (CRYPT_FLAG_PCT1|CRYPT_FLAG_SSL2|CRYPT_FLAG_SSL3|CRYPT_FLAG_TLS1)
160 {
161 {
171 {CALG_RSA_SIGN, 512,384,16384,CRYPT_FLAG_SIGNING|CRYPT_FLAG_IPSEC,9,"RSA_SIGN",14,"RSA Signature"},
172 {CALG_RSA_KEYX, 512,384, 1024,CRYPT_FLAG_SIGNING|CRYPT_FLAG_IPSEC,9,"RSA_KEYX",17,"RSA Key Exchange"},
175 },
176 {
188 {CALG_RSA_SIGN,1024,384,16384,CRYPT_FLAG_SIGNING|CRYPT_FLAG_IPSEC,9,"RSA_SIGN",14,"RSA Signature"},
189 {CALG_RSA_KEYX,1024,384,16384,CRYPT_FLAG_SIGNING|CRYPT_FLAG_IPSEC,9,"RSA_KEYX",17,"RSA Key Exchange"},
192 },
193 {
205 {CALG_RSA_SIGN,1024,384,16384,CRYPT_FLAG_SIGNING|CRYPT_FLAG_IPSEC,9,"RSA_SIGN",14,"RSA Signature"},
206 {CALG_RSA_KEYX,1024,384,16384,CRYPT_FLAG_SIGNING|CRYPT_FLAG_IPSEC,9,"RSA_KEYX",17,"RSA Key Exchange"},
209 },
210 {
213 {CALG_DES, 56, 56, 56,RSAENH_PCT1_SSL2_SSL3_TLS1, 4,"DES", 31,"Data Encryption Standard (DES)"},
214 {CALG_3DES_112, 112,112, 112,RSAENH_PCT1_SSL2_SSL3_TLS1,13,"3DES TWO KEY",19,"Two Key Triple DES"},
216 {CALG_SHA,160,160,160,CRYPT_FLAG_SIGNING|RSAENH_PCT1_SSL2_SSL3_TLS1,6,"SHA-1",30,"Secure Hash Algorithm (SHA-1)"},
217 {CALG_MD5,128,128,128,CRYPT_FLAG_SIGNING|RSAENH_PCT1_SSL2_SSL3_TLS1,4,"MD5",23,"Message Digest 5 (MD5)"},
220 {CALG_RSA_SIGN,1024,384,16384,CRYPT_FLAG_SIGNING|RSAENH_PCT1_SSL2_SSL3_TLS1,9,"RSA_SIGN",14,"RSA Signature"},
221 {CALG_RSA_KEYX,1024,384,16384,CRYPT_FLAG_SIGNING|RSAENH_PCT1_SSL2_SSL3_TLS1,9,"RSA_KEYX",17,"RSA Key Exchange"},
232 },
233 {
249 {CALG_RSA_SIGN,1024,384,16384,CRYPT_FLAG_SIGNING|CRYPT_FLAG_IPSEC,9,"RSA_SIGN",14,"RSA Signature"},
250 {CALG_RSA_KEYX,1024,384,16384,CRYPT_FLAG_SIGNING|CRYPT_FLAG_IPSEC,9,"RSA_KEYX",17,"RSA Key Exchange"},
253 }
254 };
256 /******************************************************************************
257 * API forward declarations
258 */
259 BOOL WINAPI
261 HCRYPTPROV hProv,
262 HCRYPTKEY hKey,
263 DWORD dwParam,
266 DWORD dwFlags
267 );
269 BOOL WINAPI
271 HCRYPTPROV hProv,
272 HCRYPTKEY hKey,
273 HCRYPTHASH hHash,
274 BOOL Final,
275 DWORD dwFlags,
278 DWORD dwBufLen
279 );
281 BOOL WINAPI
283 HCRYPTPROV hProv,
284 ALG_ID Algid,
285 HCRYPTKEY hKey,
286 DWORD dwFlags,
287 HCRYPTHASH *phHash
288 );
290 BOOL WINAPI
292 HCRYPTPROV hProv,
293 HCRYPTHASH hHash,
294 DWORD dwParam,
296 );
298 BOOL WINAPI
300 HCRYPTPROV hProv,
301 HCRYPTHASH hHash,
302 DWORD dwParam,
305 DWORD dwFlags
306 );
308 BOOL WINAPI
310 HCRYPTPROV hProv,
311 HCRYPTHASH hHash
312 );
316 HCRYPTKEY hPubKey,
317 DWORD dwBlobType,
318 DWORD dwFlags,
319 BOOL force,
321 DWORD *pdwDataLen
322 );
325 HCRYPTPROV hProv,
327 DWORD dwDataLen,
328 HCRYPTKEY hPubKey,
329 DWORD dwFlags,
330 BOOL fStoreKey,
331 HCRYPTKEY *phKey
332 );
334 BOOL WINAPI
336 HCRYPTPROV hProv,
337 HCRYPTHASH hHash,
339 DWORD dwDataLen,
340 DWORD dwFlags
341 );
343 /******************************************************************************
344 * CSP's handle table (used by all acquired key containers)
345 */
348 /******************************************************************************
349 * DllMain (RSAENH.@)
350 *
351 * Initializes and destroys the handle table for the CSP's handles.
352 */
354 {
356 {
365 }
367 }
369 /******************************************************************************
370 * copy_param [Internal]
371 *
372 * Helper function that supports the standard WINAPI protocol for querying data
373 * of dynamic size.
374 *
375 * PARAMS
376 * pbBuffer [O] Buffer where the queried parameter is copied to, if it is large enough.
377 * May be NUL if the required buffer size is to be queried only.
378 * pdwBufferSize [I/O] In: Size of the buffer at pbBuffer
379 * Out: Size of parameter pbParam
380 * pbParam [I] Parameter value.
381 * dwParamSize [I] Size of pbParam
382 *
383 * RETURN
384 * Success: TRUE (pbParam was copied into pbBuffer or pbBuffer is NULL)
385 * Failure: FALSE (pbBuffer is not large enough to hold pbParam). Last error: ERROR_MORE_DATA
386 */
389 {
391 {
393 {
397 }
399 }
402 }
404 /******************************************************************************
405 * get_algid_info [Internal]
406 *
407 * Query CSP capabilities for a given crypto algorithm.
408 *
409 * PARAMS
410 * hProv [I] Handle to a key container of the CSP whose capabilities are to be queried.
411 * algid [I] Identifier of the crypto algorithm about which information is requested.
412 *
413 * RETURNS
414 * Success: Pointer to a PROV_ENUMALGS_EX struct containing information about the crypto algorithm.
415 * Failure: NULL (algid not supported)
416 */
421 if (!lookup_handle(&handle_table, hProv, RSAENH_MAGIC_CONTAINER, (OBJECTHDR**)&pKeyContainer)) {
424 }
428 }
432 }
434 /******************************************************************************
435 * copy_data_blob [Internal]
436 *
437 * deeply copies a DATA_BLOB
438 *
439 * PARAMS
440 * dst [O] That's where the blob will be copied to
441 * src [I] Source blob
442 *
443 * RETURNS
444 * Success: TRUE
445 * Failure: FALSE (GetLastError() == NTE_NO_MEMORY
446 *
447 * NOTES
448 * Use free_data_blob to release resources occupied by copy_data_blob.
449 */
455 }
459 }
461 /******************************************************************************
462 * concat_data_blobs [Internal]
463 *
464 * Concatenates two blobs
465 *
466 * PARAMS
467 * dst [O] The new blob will be copied here
468 * src1 [I] Prefix blob
469 * src2 [I] Appendix blob
470 *
471 * RETURNS
472 * Success: TRUE
473 * Failure: FALSE (GetLastError() == NTE_NO_MEMORY)
474 *
475 * NOTES
476 * Release resources occupied by concat_data_blobs with free_data_blobs
477 */
479 CONST PCRYPT_DATA_BLOB src2)
480 {
486 }
490 }
492 /******************************************************************************
493 * free_data_blob [Internal]
494 *
495 * releases resource occupied by a dynamically allocated CRYPT_DATA_BLOB
496 *
497 * PARAMS
498 * pBlob [I] Heap space occupied by pBlob->pbData is released
499 */
502 }
504 /******************************************************************************
505 * init_data_blob [Internal]
506 */
510 }
512 /******************************************************************************
513 * free_hmac_info [Internal]
514 *
515 * Deeply free an HMAC_INFO struct.
516 *
517 * PARAMS
518 * hmac_info [I] Pointer to the HMAC_INFO struct to be freed.
519 *
520 * NOTES
521 * See Internet RFC 2104 for details on the HMAC algorithm.
522 */
528 }
530 /******************************************************************************
531 * copy_hmac_info [Internal]
532 *
533 * Deeply copy an HMAC_INFO struct
534 *
535 * PARAMS
536 * dst [O] Pointer to a location where the pointer to the HMAC_INFO copy will be stored.
537 * src [I] Pointer to the HMAC_INFO struct to be copied.
538 *
539 * RETURNS
540 * Success: TRUE
541 * Failure: FALSE
542 *
543 * NOTES
544 * See Internet RFC 2104 for details on the HMAC algorithm.
545 */
558 }
561 else
568 }
571 else
574 }
576 /******************************************************************************
577 * destroy_hash [Internal]
578 *
579 * Destructor for hash objects
580 *
581 * PARAMS
582 * pCryptHash [I] Pointer to the hash object to be destroyed.
583 * Will be invalid after function returns!
584 */
586 {
593 }
595 /******************************************************************************
596 * init_hash [Internal]
597 *
598 * Initialize (or reset) a hash object
599 *
600 * PARAMS
601 * pCryptHash [I] The hash object to be initialized.
602 */
604 DWORD dwLen;
607 {
619 }
631 }
632 }
634 /******************************************************************************
635 * update_hash [Internal]
636 *
637 * Hashes the given data and updates the hash object's state accordingly
638 *
639 * PARAMS
640 * pCryptHash [I] Hash object to be updated.
641 * pbData [I] Pointer to data stream to be hashed.
642 * dwDataLen [I] Length of data stream.
643 */
648 {
666 }
667 }
669 /******************************************************************************
670 * finalize_hash [Internal]
671 *
672 * Finalizes the hash, after all data has been hashed with update_hash.
673 * No additional data can be hashed afterwards until the hash gets initialized again.
674 *
675 * PARAMS
676 * pCryptHash [I] Hash object to be finalized.
677 */
679 DWORD dwDataLen;
682 {
698 }
709 }
710 }
712 /******************************************************************************
713 * destroy_key [Internal]
714 *
715 * Destructor for key objects
716 *
717 * PARAMS
718 * pCryptKey [I] Pointer to the key object to be destroyed.
719 * Will be invalid after function returns!
720 */
722 {
729 }
731 /******************************************************************************
732 * setup_key [Internal]
733 *
734 * Initialize (or reset) a key object
735 *
736 * PARAMS
737 * pCryptKey [I] The key object to be initialized.
738 */
745 }
747 /******************************************************************************
748 * new_key [Internal]
749 *
750 * Creates a new key object without assigning the actual binary key value.
751 * This is done by CPDeriveKey, CPGenKey or CPImportKey, which call this function.
752 *
753 * PARAMS
754 * hProv [I] Handle to the provider to which the created key will belong.
755 * aiAlgid [I] The new key shall use the crypto algorithm idenfied by aiAlgid.
756 * dwFlags [I] Upper 16 bits give the key length.
757 * Lower 16 bits: CRYPT_EXPORTABLE, CRYPT_CREATE_SALT,
758 * CRYPT_NO_SALT
759 * ppCryptKey [O] Pointer to the created key
760 *
761 * RETURNS
762 * Success: Handle to the created key.
763 * Failure: INVALID_HANDLE_VALUE
764 */
765 static HCRYPTKEY new_key(HCRYPTPROV hProv, ALG_ID aiAlgid, DWORD dwFlags, CRYPTKEY **ppCryptKey)
766 {
767 HCRYPTKEY hCryptKey;
774 /*
775 * Retrieve the CSP's capabilities for the given ALG_ID value
776 */
780 /*
781 * Assume the default key length, if none is specified explicitly
782 */
785 /*
786 * Check if the requested key length is supported by the current CSP.
787 * Adjust key length's for DES algorithms.
788 */
793 }
797 }
803 }
807 }
813 }
817 }
824 {
827 }
828 }
833 {
838 CRYPT_MAC;
845 else
853 {
884 }
887 }
890 }
892 /******************************************************************************
893 * map_key_spec_to_key_pair_name [Internal]
894 *
895 * Returns the name of the registry value associated with a key spec.
896 *
897 * PARAMS
898 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
899 *
900 * RETURNS
901 * Success: Name of registry value.
902 * Failure: NULL
903 */
905 {
906 LPCSTR szValueName;
909 {
919 }
921 }
923 /******************************************************************************
924 * store_key_pair [Internal]
925 *
926 * Stores a key pair to the registry
927 *
928 * PARAMS
929 * hCryptKey [I] Handle to the key to be stored
930 * hKey [I] Registry key where the key pair is to be stored
931 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
932 * dwFlags [I] Flags for protecting the key
933 */
935 {
936 LPCSTR szValueName;
939 DWORD dwLen;
946 {
948 {
951 {
954 {
960 {
964 }
965 }
967 }
968 }
969 }
970 }
972 /******************************************************************************
973 * map_key_spec_to_permissions_name [Internal]
974 *
975 * Returns the name of the registry value associated with the permissions for
976 * a key spec.
977 *
978 * PARAMS
979 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
980 *
981 * RETURNS
982 * Success: Name of registry value.
983 * Failure: NULL
984 */
986 {
987 LPCSTR szValueName;
990 {
1000 }
1002 }
1004 /******************************************************************************
1005 * store_key_permissions [Internal]
1006 *
1007 * Stores a key's permissions to the registry
1008 *
1009 * PARAMS
1010 * hCryptKey [I] Handle to the key whose permissions are to be stored
1011 * hKey [I] Registry key where the key permissions are to be stored
1012 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
1013 */
1015 {
1016 LPCSTR szValueName;
1026 }
1028 /******************************************************************************
1029 * create_container_key [Internal]
1030 *
1031 * Creates the registry key for a key container's persistent storage.
1032 *
1033 * PARAMS
1034 * pKeyContainer [I] Pointer to the key container
1035 * sam [I] Desired registry access
1036 * phKey [O] Returned key
1037 */
1039 {
1041 HKEY hRootKey;
1047 else
1050 /* @@ Wine registry key: HKLM\Software\Wine\Crypto\RSA */
1051 /* @@ Wine registry key: HKCU\Software\Wine\Crypto\RSA */
1055 }
1057 /******************************************************************************
1058 * open_container_key [Internal]
1059 *
1060 * Opens a key container's persistent storage for reading.
1061 *
1062 * PARAMS
1063 * pszContainerName [I] Name of the container to be opened. May be the empty
1064 * string if the parent key of all containers is to be
1065 * opened.
1066 * dwFlags [I] Flags indicating which keyset to be opened.
1067 * phKey [O] Returned key
1068 */
1070 {
1072 HKEY hRootKey;
1078 else
1081 /* @@ Wine registry key: HKLM\Software\Wine\Crypto\RSA */
1082 /* @@ Wine registry key: HKCU\Software\Wine\Crypto\RSA */
1084 ERROR_SUCCESS;
1085 }
1087 /******************************************************************************
1088 * delete_container_key [Internal]
1089 *
1090 * Deletes a key container's persistent storage.
1091 *
1092 * PARAMS
1093 * pszContainerName [I] Name of the container to be opened.
1094 * dwFlags [I] Flags indicating which keyset to be opened.
1095 */
1097 {
1104 HKEY hRootKey;
1107 else
1115 }
1116 }
1117 }
1119 /******************************************************************************
1120 * store_key_container_keys [Internal]
1121 *
1122 * Stores key container's keys in a persistent location.
1123 *
1124 * PARAMS
1125 * pKeyContainer [I] Pointer to the key container whose keys are to be saved
1126 */
1128 {
1129 HKEY hKey;
1130 DWORD dwFlags;
1132 /* On WinXP, persistent keys are stored in a file located at:
1133 * $AppData$\\Microsoft\\Crypto\\RSA\\$SID$\\some_hex_string
1134 */
1138 else
1142 {
1148 }
1149 }
1151 /******************************************************************************
1152 * store_key_container_permissions [Internal]
1153 *
1154 * Stores key container's key permissions in a persistent location.
1155 *
1156 * PARAMS
1157 * pKeyContainer [I] Pointer to the key container whose key permissions are to
1158 * be saved
1159 */
1161 {
1162 HKEY hKey;
1163 DWORD dwFlags;
1165 /* On WinXP, persistent keys are stored in a file located at:
1166 * $AppData$\\Microsoft\\Crypto\\RSA\\$SID$\\some_hex_string
1167 */
1171 else
1175 {
1177 AT_KEYEXCHANGE);
1179 AT_SIGNATURE);
1181 }
1182 }
1184 /******************************************************************************
1185 * release_key_container_keys [Internal]
1186 *
1187 * Releases key container's keys.
1188 *
1189 * PARAMS
1190 * pKeyContainer [I] Pointer to the key container whose keys are to be released.
1191 */
1193 {
1195 RSAENH_MAGIC_KEY);
1197 RSAENH_MAGIC_KEY);
1198 }
1200 /******************************************************************************
1201 * destroy_key_container [Internal]
1202 *
1203 * Destructor for key containers.
1204 *
1205 * PARAMS
1206 * pObjectHdr [I] Pointer to the key container to be destroyed.
1207 */
1209 {
1213 {
1217 }
1219 }
1221 /******************************************************************************
1222 * new_key_container [Internal]
1223 *
1224 * Create a new key container. The personality (RSA Base, Strong or Enhanced CP)
1225 * of the CSP is determined via the pVTable->pszProvName string.
1226 *
1227 * PARAMS
1228 * pszContainerName [I] Name of the key container.
1229 * pVTable [I] Callback functions and context info provided by the OS
1230 *
1231 * RETURNS
1232 * Success: Handle to the new key container.
1233 * Failure: INVALID_HANDLE_VALUE
1234 */
1235 static HCRYPTPROV new_key_container(PCCH pszContainerName, DWORD dwFlags, const VTableProvStruc *pVTable)
1236 {
1238 HCRYPTPROV hKeyContainer;
1243 {
1261 }
1262 }
1264 /* The new key container has to be inserted into the CSP immediately
1265 * after creation to be available for CPGetProvParam's PP_ENUMCONTAINERS. */
1267 HKEY hKey;
1271 }
1272 }
1275 }
1277 /******************************************************************************
1278 * read_key_value [Internal]
1279 *
1280 * Reads a key pair value from the registry
1281 *
1282 * PARAMS
1283 * hKeyContainer [I] Crypt provider to use to import the key
1284 * hKey [I] Registry key from which to read the key pair
1285 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
1286 * dwFlags [I] Flags for unprotecting the key
1287 * phCryptKey [O] Returned key
1288 */
1289 static BOOL read_key_value(HCRYPTPROV hKeyContainer, HKEY hKey, DWORD dwKeySpec, DWORD dwFlags, HCRYPTKEY *phCryptKey)
1290 {
1291 LPCSTR szValueName;
1300 ERROR_SUCCESS)
1301 {
1304 {
1306 ERROR_SUCCESS)
1307 {
1313 {
1317 }
1318 }
1320 }
1321 }
1323 {
1328 {
1330 {
1334 }
1335 }
1336 }
1338 }
1340 /******************************************************************************
1341 * read_key_container [Internal]
1342 *
1343 * Tries to read the persistent state of the key container (mainly the signature
1344 * and key exchange private keys) given by pszContainerName.
1345 *
1346 * PARAMS
1347 * pszContainerName [I] Name of the key container to read from the registry
1348 * pVTable [I] Pointer to context data provided by the operating system
1349 *
1350 * RETURNS
1351 * Success: Handle to the key container read from the registry
1352 * Failure: INVALID_HANDLE_VALUE
1353 */
1354 static HCRYPTPROV read_key_container(PCHAR pszContainerName, DWORD dwFlags, const VTableProvStruc *pVTable)
1355 {
1356 HKEY hKey;
1358 HCRYPTPROV hKeyContainer;
1359 HCRYPTKEY hCryptKey;
1362 {
1365 }
1369 {
1383 }
1386 }
1388 /******************************************************************************
1389 * build_hash_signature [Internal]
1390 *
1391 * Builds a padded version of a hash to match the length of the RSA key modulus.
1392 *
1393 * PARAMS
1394 * pbSignature [O] The padded hash object is stored here.
1395 * dwLen [I] Length of the pbSignature buffer.
1396 * aiAlgid [I] Algorithm identifier of the hash to be padded.
1397 * abHashValue [I] The value of the hash object.
1398 * dwHashLen [I] Length of the hash value.
1399 * dwFlags [I] Selection of padding algorithm.
1400 *
1401 * RETURNS
1402 * Success: TRUE
1403 * Failure: FALSE (NTE_BAD_ALGID)
1404 */
1407 {
1408 /* These prefixes are meant to be concatenated with hash values of the
1409 * respective kind to form a PKCS #7 DigestInfo. */
1411 ALG_ID aiAlgid;
1412 DWORD dwLen;
1424 };
1429 }
1434 }
1436 /* Build the padded signature */
1441 }
1445 }
1454 }
1459 }
1463 }
1464 }
1467 }
1468 }
1471 }
1473 /******************************************************************************
1474 * tls1_p [Internal]
1475 *
1476 * This is an implementation of the 'P_hash' helper function for TLS1's PRF.
1477 * It is used exclusively by tls1_prf. For details see RFC 2246, chapter 5.
1478 * The pseudo random stream generated by this function is exclusive or'ed with
1479 * the data in pbBuffer.
1480 *
1481 * PARAMS
1482 * hHMAC [I] HMAC object, which will be used in pseudo random generation
1483 * pblobSeed [I] Seed value
1484 * pbBuffer [I/O] Pseudo random stream will be xor'ed to the provided data
1485 * dwBufferLen [I] Number of pseudo random bytes desired
1486 *
1487 * RETURNS
1488 * Success: TRUE
1489 * Failure: FALSE
1490 */
1491 static BOOL tls1_p(HCRYPTHASH hHMAC, CONST PCRYPT_DATA_BLOB pblobSeed, PBYTE pbBuffer, DWORD dwBufferLen)
1492 {
1500 }
1502 /* compute A_1 = HMAC(seed) */
1509 /* compute HMAC(A_i + seed) */
1515 /* pseudo random stream := CONCAT_{i=1..n} ( HMAC(A_i + seed) ) */
1519 i++;
1522 /* compute A_{i+1} = HMAC(A_i) */
1530 }
1532 /******************************************************************************
1533 * tls1_prf [Internal]
1534 *
1535 * TLS1 pseudo random function as specified in RFC 2246, chapter 5
1536 *
1537 * PARAMS
1538 * hProv [I] Key container used to compute the pseudo random stream
1539 * hSecret [I] Key that holds the (pre-)master secret
1540 * pblobLabel [I] Descriptive label
1541 * pblobSeed [I] Seed value
1542 * pbBuffer [O] Pseudo random numbers will be stored here
1543 * dwBufferLen [I] Number of pseudo random bytes desired
1544 *
1545 * RETURNS
1546 * Success: TRUE
1547 * Failure: FALSE
1548 */
1551 {
1556 DWORD dwHalfSecretLen;
1558 CRYPT_DATA_BLOB blobLabelSeed;
1560 TRACE("(hProv=%08lx, hSecret=%08lx, pblobLabel=%p, pblobSeed=%p, pbBuffer=%p, dwBufferLen=%d)\n",
1566 }
1570 /* concatenation of the label and the seed */
1573 /* zero out the buffer, since two random streams will be xor'ed into it. */
1576 /* build a 'fake' key, to hold the secret. CALG_SSL2_MASTER is used since it provides
1577 * the biggest range of valid key lengths. */
1581 /* Derive an HMAC_MD5 hash and call the helper function. */
1588 /* Reconfigure to HMAC_SHA hash and call helper function again. */
1595 exit:
1600 }
1602 /******************************************************************************
1603 * pad_data [Internal]
1604 *
1605 * Helper function for data padding according to PKCS1 #2
1606 *
1607 * PARAMS
1608 * abData [I] The data to be padded
1609 * dwDataLen [I] Length of the data
1610 * abBuffer [O] Padded data will be stored here
1611 * dwBufferLen [I] Length of the buffer (also length of padded data)
1612 * dwFlags [I] Padding format (CRYPT_SSL2_FALLBACK)
1613 *
1614 * RETURN
1615 * Success: TRUE
1616 * Failure: FALSE (NTE_BAD_LEN, too much data to pad)
1617 */
1619 DWORD dwFlags)
1620 {
1621 DWORD i;
1623 /* Ensure there is enough space for PKCS1 #2 padding */
1627 }
1641 }
1643 /******************************************************************************
1644 * unpad_data [Internal]
1645 *
1646 * Remove the PKCS1 padding from RSA decrypted data
1647 *
1648 * PARAMS
1649 * abData [I] The padded data
1650 * dwDataLen [I] Length of the padded data
1651 * abBuffer [O] Data without padding will be stored here
1652 * dwBufferLen [I/O] I: Length of the buffer, O: Length of unpadded data
1653 * dwFlags [I] Currently none defined
1654 *
1655 * RETURNS
1656 * Success: TRUE
1657 * Failure: FALSE, (NTE_BAD_DATA, no valid PKCS1 padding or buffer too small)
1658 */
1659 static BOOL unpad_data(CONST BYTE *abData, DWORD dwDataLen, BYTE *abBuffer, DWORD *dwBufferLen,
1660 DWORD dwFlags)
1661 {
1662 DWORD i;
1670 {
1673 }
1678 }
1680 /******************************************************************************
1681 * CPAcquireContext (RSAENH.@)
1682 *
1683 * Acquire a handle to the key container specified by pszContainer
1684 *
1685 * PARAMS
1686 * phProv [O] Pointer to the location the acquired handle will be written to.
1687 * pszContainer [I] Name of the desired key container. See Notes
1688 * dwFlags [I] Flags. See Notes.
1689 * pVTable [I] Pointer to a PVTableProvStruct containing callbacks.
1690 *
1691 * RETURNS
1692 * Success: TRUE
1693 * Failure: FALSE
1694 *
1695 * NOTES
1696 * If pszContainer is NULL or points to a zero length string the user's login
1697 * name will be used as the key container name.
1698 *
1699 * If the CRYPT_NEW_KEYSET flag is set in dwFlags a new keyset will be created.
1700 * If a keyset with the given name already exists, the function fails and sets
1701 * last error to NTE_EXISTS. If CRYPT_NEW_KEYSET is not set and the specified
1702 * key container does not exist, function fails and sets last error to
1703 * NTE_BAD_KEYSET.
1704 */
1707 {
1714 {
1716 }
1717 else
1718 {
1721 }
1724 {
1735 {
1740 }
1750 }
1758 }
1765 }
1766 }
1768 /******************************************************************************
1769 * CPCreateHash (RSAENH.@)
1770 *
1771 * CPCreateHash creates and initalizes a new hash object.
1772 *
1773 * PARAMS
1774 * hProv [I] Handle to the key container to which the new hash will belong.
1775 * Algid [I] Identifies the hash algorithm, which will be used for the hash.
1776 * hKey [I] Handle to a session key applied for keyed hashes.
1777 * dwFlags [I] Currently no flags defined. Must be zero.
1778 * phHash [O] Points to the location where a handle to the new hash will be stored.
1779 *
1780 * RETURNS
1781 * Success: TRUE
1782 * Failure: FALSE
1783 *
1784 * NOTES
1785 * hKey is a handle to a session key applied in keyed hashes like MAC and HMAC.
1786 * If a normal hash object is to be created (like e.g. MD2 or SHA1) hKey must be zero.
1787 */
1790 {
1802 {
1805 }
1809 {
1813 }
1818 }
1822 {
1825 }
1830 }
1831 }
1861 /* See RFC 2246, chapter 8.1 */
1865 {
1867 }
1872 }
1874 /* See RFC 2246, chapter 6.3 */
1878 {
1880 }
1882 RSAENH_MAX_HASH_SIZE);
1884 }
1887 }
1889 /******************************************************************************
1890 * CPDestroyHash (RSAENH.@)
1891 *
1892 * Releases the handle to a hash object. The object is destroyed if it's reference
1893 * count reaches zero.
1894 *
1895 * PARAMS
1896 * hProv [I] Handle to the key container to which the hash object belongs.
1897 * hHash [I] Handle to the hash object to be released.
1898 *
1899 * RETURNS
1900 * Success: TRUE
1901 * Failure: FALSE
1902 */
1904 {
1908 {
1911 }
1914 {
1917 }
1920 }
1922 /******************************************************************************
1923 * CPDestroyKey (RSAENH.@)
1924 *
1925 * Releases the handle to a key object. The object is destroyed if it's reference
1926 * count reaches zero.
1927 *
1928 * PARAMS
1929 * hProv [I] Handle to the key container to which the key object belongs.
1930 * hKey [I] Handle to the key object to be released.
1931 *
1932 * RETURNS
1933 * Success: TRUE
1934 * Failure: FALSE
1935 */
1937 {
1941 {
1944 }
1947 {
1950 }
1953 }
1955 /******************************************************************************
1956 * CPDuplicateHash (RSAENH.@)
1957 *
1958 * Clones a hash object including it's current state.
1959 *
1960 * PARAMS
1961 * hUID [I] Handle to the key container the hash belongs to.
1962 * hHash [I] Handle to the hash object to be cloned.
1963 * pdwReserved [I] Reserved. Must be NULL.
1964 * dwFlags [I] No flags are currently defined. Must be 0.
1965 * phHash [O] Handle to the cloned hash object.
1966 *
1967 * RETURNS
1968 * Success: TRUE.
1969 * Failure: FALSE.
1970 */
1973 {
1980 {
1983 }
1986 {
1989 }
1992 {
1995 }
2000 {
2006 }
2009 }
2011 /******************************************************************************
2012 * CPDuplicateKey (RSAENH.@)
2013 *
2014 * Clones a key object including it's current state.
2015 *
2016 * PARAMS
2017 * hUID [I] Handle to the key container the hash belongs to.
2018 * hKey [I] Handle to the key object to be cloned.
2019 * pdwReserved [I] Reserved. Must be NULL.
2020 * dwFlags [I] No flags are currently defined. Must be 0.
2021 * phHash [O] Handle to the cloned key object.
2022 *
2023 * RETURNS
2024 * Success: TRUE.
2025 * Failure: FALSE.
2026 */
2029 {
2036 {
2039 }
2042 {
2045 }
2048 {
2051 }
2056 {
2064 }
2065 else
2066 {
2068 }
2069 }
2071 /******************************************************************************
2072 * CPEncrypt (RSAENH.@)
2073 *
2074 * Encrypt data.
2075 *
2076 * PARAMS
2077 * hProv [I] The key container hKey and hHash belong to.
2078 * hKey [I] The key used to encrypt the data.
2079 * hHash [I] An optional hash object for parallel hashing. See notes.
2080 * Final [I] Indicates if this is the last block of data to encrypt.
2081 * dwFlags [I] Currently no flags defined. Must be zero.
2082 * pbData [I/O] Pointer to the data to encrypt. Encrypted data will also be stored there.
2083 * pdwDataLen [I/O] I: Length of data to encrypt, O: Length of encrypted data.
2084 * dwBufLen [I] Size of the buffer at pbData.
2085 *
2086 * RETURNS
2087 * Success: TRUE.
2088 * Failure: FALSE.
2089 *
2090 * NOTES
2091 * If a hash object handle is provided in hHash, it will be updated with the plaintext.
2092 * This is useful for message signatures.
2093 *
2094 * This function uses the standard WINAPI protocol for querying data of dynamic length.
2095 */
2098 {
2105 dwBufLen);
2108 {
2111 }
2114 {
2117 }
2120 {
2123 }
2129 {
2132 }
2136 }
2142 }
2149 }
2154 }
2156 /* Pad final block with length bytes */
2164 RSAENH_ENCRYPT);
2170 RSAENH_ENCRYPT);
2182 }
2188 }
2190 }
2195 }
2201 }
2205 }
2209 }
2211 encrypt_block_impl(pCryptKey->aiAlgid, PK_PUBLIC, &pCryptKey->context, pbData, pbData, RSAENH_ENCRYPT);
2217 }
2222 }
2224 /******************************************************************************
2225 * CPDecrypt (RSAENH.@)
2226 *
2227 * Decrypt data.
2228 *
2229 * PARAMS
2230 * hProv [I] The key container hKey and hHash belong to.
2231 * hKey [I] The key used to decrypt the data.
2232 * hHash [I] An optional hash object for parallel hashing. See notes.
2233 * Final [I] Indicates if this is the last block of data to decrypt.
2234 * dwFlags [I] Currently no flags defined. Must be zero.
2235 * pbData [I/O] Pointer to the data to decrypt. Plaintext will also be stored there.
2236 * pdwDataLen [I/O] I: Length of ciphertext, O: Length of plaintext.
2237 *
2238 * RETURNS
2239 * Success: TRUE.
2240 * Failure: FALSE.
2241 *
2242 * NOTES
2243 * If a hash object handle is provided in hHash, it will be updated with the plaintext.
2244 * This is useful for message signatures.
2245 *
2246 * This function uses the standard WINAPI protocol for querying data of dynamic length.
2247 */
2250 {
2254 DWORD dwMax;
2260 {
2263 }
2266 {
2269 }
2272 {
2275 }
2281 {
2284 }
2293 RSAENH_DECRYPT);
2298 RSAENH_DECRYPT);
2311 }
2317 }
2319 }
2326 /* check that every bad byte has the same value */
2335 }
2336 }
2340 }
2341 }
2349 }
2350 encrypt_block_impl(pCryptKey->aiAlgid, PK_PRIVATE, &pCryptKey->context, pbData, pbData, RSAENH_DECRYPT);
2356 }
2363 }
2366 }
2370 {
2373 DWORD dwDataLen;
2378 }
2386 }
2397 {
2399 }
2403 }
2406 }
2410 {
2413 DWORD dwDataLen;
2418 }
2426 }
2438 }
2441 }
2445 {
2448 DWORD dwDataLen;
2453 }
2455 {
2458 }
2467 }
2479 }
2482 }
2484 /******************************************************************************
2485 * crypt_export_key [Internal]
2486 *
2487 * Export a key into a binary large object (BLOB). Called by CPExportKey and
2488 * by store_key_pair.
2489 *
2490 * PARAMS
2491 * pCryptKey [I] Key to be exported.
2492 * hPubKey [I] Key used to encrypt sensitive BLOB data.
2493 * dwBlobType [I] SIMPLEBLOB, PUBLICKEYBLOB or PRIVATEKEYBLOB.
2494 * dwFlags [I] Currently none defined.
2495 * force [I] If TRUE, the key is written no matter what the key's
2496 * permissions are. Otherwise the key's permissions are
2497 * checked before exporting.
2498 * pbData [O] Pointer to a buffer where the BLOB will be written to.
2499 * pdwDataLen [I/O] I: Size of buffer at pbData, O: Size of BLOB
2500 *
2501 * RETURNS
2502 * Success: TRUE.
2503 * Failure: FALSE.
2504 */
2508 {
2515 }
2516 }
2519 {
2524 }
2526 pdwDataLen);
2532 }
2542 }
2543 }
2545 /******************************************************************************
2546 * CPExportKey (RSAENH.@)
2547 *
2548 * Export a key into a binary large object (BLOB).
2549 *
2550 * PARAMS
2551 * hProv [I] Key container from which a key is to be exported.
2552 * hKey [I] Key to be exported.
2553 * hPubKey [I] Key used to encrypt sensitive BLOB data.
2554 * dwBlobType [I] SIMPLEBLOB, PUBLICKEYBLOB or PRIVATEKEYBLOB.
2555 * dwFlags [I] Currently none defined.
2556 * pbData [O] Pointer to a buffer where the BLOB will be written to.
2557 * pdwDataLen [I/O] I: Size of buffer at pbData, O: Size of BLOB
2558 *
2559 * RETURNS
2560 * Success: TRUE.
2561 * Failure: FALSE.
2562 */
2565 {
2572 {
2575 }
2578 {
2581 }
2585 }
2587 /******************************************************************************
2588 * release_and_install_key [Internal]
2589 *
2590 * Release an existing key, if present, and replaces it with a new one.
2591 *
2592 * PARAMS
2593 * hProv [I] Key container into which the key is to be imported.
2594 * src [I] Key which will replace *dest
2595 * dest [I] Points to key to be released and replaced with src
2596 * fStoreKey [I] If TRUE, the newly installed key is stored to the registry.
2597 */
2600 {
2604 {
2609 {
2612 }
2613 }
2614 }
2616 /******************************************************************************
2617 * import_private_key [Internal]
2618 *
2619 * Import a BLOB'ed private key into a key container.
2620 *
2621 * PARAMS
2622 * hProv [I] Key container into which the private key is to be imported.
2623 * pbData [I] Pointer to a buffer which holds the private key BLOB.
2624 * dwDataLen [I] Length of data in buffer at pbData.
2625 * dwFlags [I] One of:
2626 * CRYPT_EXPORTABLE: the imported key is marked exportable
2627 * fStoreKey [I] If TRUE, the imported key is stored to the registry.
2628 * phKey [O] Handle to the imported key.
2629 *
2630 *
2631 * NOTES
2632 * Assumes the caller has already checked the BLOBHEADER at pbData to ensure
2633 * it's a PRIVATEKEYBLOB.
2634 *
2635 * RETURNS
2636 * Success: TRUE.
2637 * Failure: FALSE.
2638 */
2641 {
2646 BOOL ret;
2650 {
2653 }
2659 {
2662 }
2673 {
2678 fStoreKey);
2684 fStoreKey);
2686 }
2687 }
2689 }
2691 /******************************************************************************
2692 * import_public_key [Internal]
2693 *
2694 * Import a BLOB'ed public key into a key container.
2695 *
2696 * PARAMS
2697 * hProv [I] Key container into which the public key is to be imported.
2698 * pbData [I] Pointer to a buffer which holds the public key BLOB.
2699 * dwDataLen [I] Length of data in buffer at pbData.
2700 * dwFlags [I] One of:
2701 * CRYPT_EXPORTABLE: the imported key is marked exportable
2702 * fStoreKey [I] If TRUE, the imported key is stored to the registry.
2703 * phKey [O] Handle to the imported key.
2704 *
2705 *
2706 * NOTES
2707 * Assumes the caller has already checked the BLOBHEADER at pbData to ensure
2708 * it's a PUBLICKEYBLOB.
2709 *
2710 * RETURNS
2711 * Success: TRUE.
2712 * Failure: FALSE.
2713 */
2716 {
2721 ALG_ID algID;
2722 BOOL ret;
2726 {
2729 }
2734 {
2737 }
2739 /* Since this is a public key blob, only the public key is
2740 * available, so only signature verification is possible.
2741 */
2752 {
2757 fStoreKey);
2759 }
2760 }
2762 }
2764 /******************************************************************************
2765 * import_symmetric_key [Internal]
2766 *
2767 * Import a BLOB'ed symmetric key into a key container.
2768 *
2769 * PARAMS
2770 * hProv [I] Key container into which the symmetric key is to be imported.
2771 * pbData [I] Pointer to a buffer which holds the symmetric key BLOB.
2772 * dwDataLen [I] Length of data in buffer at pbData.
2773 * hPubKey [I] Key used to decrypt sensitive BLOB data.
2774 * dwFlags [I] One of:
2775 * CRYPT_EXPORTABLE: the imported key is marked exportable
2776 * phKey [O] Handle to the imported key.
2777 *
2778 *
2779 * NOTES
2780 * Assumes the caller has already checked the BLOBHEADER at pbData to ensure
2781 * it's a SIMPLEBLOB.
2782 *
2783 * RETURNS
2784 * Success: TRUE.
2785 * Failure: FALSE.
2786 */
2790 {
2796 DWORD dwKeyLen;
2800 {
2803 }
2806 {
2809 }
2814 RSAENH_DECRYPT);
2820 }
2824 {
2827 }
2834 }
2836 /******************************************************************************
2837 * import_key [Internal]
2838 *
2839 * Import a BLOB'ed key into a key container, optionally storing the key's
2840 * value to the registry.
2841 *
2842 * PARAMS
2843 * hProv [I] Key container into which the key is to be imported.
2844 * pbData [I] Pointer to a buffer which holds the BLOB.
2845 * dwDataLen [I] Length of data in buffer at pbData.
2846 * hPubKey [I] Key used to decrypt sensitive BLOB data.
2847 * dwFlags [I] One of:
2848 * CRYPT_EXPORTABLE: the imported key is marked exportable
2849 * fStoreKey [I] If TRUE, the imported key is stored to the registry.
2850 * phKey [O] Handle to the imported key.
2851 *
2852 * RETURNS
2853 * Success: TRUE.
2854 * Failure: FALSE.
2855 */
2859 {
2865 {
2868 }
2873 {
2876 }
2878 /* If this is a verify-only context, the key is not persisted regardless of
2879 * fStoreKey's original value.
2880 */
2883 {
2899 }
2900 }
2902 /******************************************************************************
2903 * CPImportKey (RSAENH.@)
2904 *
2905 * Import a BLOB'ed key into a key container.
2906 *
2907 * PARAMS
2908 * hProv [I] Key container into which the key is to be imported.
2909 * pbData [I] Pointer to a buffer which holds the BLOB.
2910 * dwDataLen [I] Length of data in buffer at pbData.
2911 * hPubKey [I] Key used to decrypt sensitive BLOB data.
2912 * dwFlags [I] One of:
2913 * CRYPT_EXPORTABLE: the imported key is marked exportable
2914 * phKey [O] Handle to the imported key.
2915 *
2916 * RETURNS
2917 * Success: TRUE.
2918 * Failure: FALSE.
2919 */
2922 {
2927 }
2929 /******************************************************************************
2930 * CPGenKey (RSAENH.@)
2931 *
2932 * Generate a key in the key container
2933 *
2934 * PARAMS
2935 * hProv [I] Key container for which a key is to be generated.
2936 * Algid [I] Crypto algorithm identifier for the key to be generated.
2937 * dwFlags [I] Upper 16 bits: Binary length of key. Lower 16 bits: Flags. See Notes
2938 * phKey [O] Handle to the generated key.
2939 *
2940 * RETURNS
2941 * Success: TRUE.
2942 * Failure: FALSE.
2943 *
2944 * FIXME
2945 * Flags currently not considered.
2946 *
2947 * NOTES
2948 * Private key-exchange- and signature-keys can be generated with Algid AT_KEYEXCHANGE
2949 * and AT_SIGNATURE values.
2950 */
2952 {
2960 {
2961 /* MSDN: hProv not containing valid context handle */
2964 }
2967 {
2978 }
2979 }
2992 }
2993 }
3022 }
3024 }
3028 /* MSDN: Algorithm not supported specified by Algid */
3031 }
3034 }
3036 /******************************************************************************
3037 * CPGenRandom (RSAENH.@)
3038 *
3039 * Generate a random byte stream.
3040 *
3041 * PARAMS
3042 * hProv [I] Key container that is used to generate random bytes.
3043 * dwLen [I] Specifies the number of requested random data bytes.
3044 * pbBuffer [O] Random bytes will be stored here.
3045 *
3046 * RETURNS
3047 * Success: TRUE
3048 * Failure: FALSE
3049 */
3051 {
3055 {
3056 /* MSDN: hProv not containing valid context handle */
3059 }
3062 }
3064 /******************************************************************************
3065 * CPGetHashParam (RSAENH.@)
3066 *
3067 * Query parameters of an hash object.
3068 *
3069 * PARAMS
3070 * hProv [I] The kea container, which the hash belongs to.
3071 * hHash [I] The hash object that is to be queried.
3072 * dwParam [I] Specifies the parameter that is to be queried.
3073 * pbData [I] Pointer to the buffer where the parameter value will be stored.
3074 * pdwDataLen [I/O] I: Buffer length at pbData, O: Length of the parameter value.
3075 * dwFlags [I] None currently defined.
3076 *
3077 * RETURNS
3078 * Success: TRUE
3079 * Failure: FALSE
3080 *
3081 * NOTES
3082 * Valid dwParams are: HP_ALGID, HP_HASHSIZE, HP_HASHVALUE. The hash will be
3083 * finalized if HP_HASHVALUE is queried.
3084 */
3085 BOOL WINAPI RSAENH_CPGetHashParam(HCRYPTPROV hProv, HCRYPTHASH hHash, DWORD dwParam, BYTE *pbData,
3087 {
3094 {
3097 }
3100 {
3103 }
3107 {
3110 }
3113 {
3116 }
3119 {
3132 }
3137 }
3140 {
3143 }
3151 }
3152 }
3154 /******************************************************************************
3155 * CPSetKeyParam (RSAENH.@)
3156 *
3157 * Set a parameter of a key object
3158 *
3159 * PARAMS
3160 * hProv [I] The key container to which the key belongs.
3161 * hKey [I] The key for which a parameter is to be set.
3162 * dwParam [I] Parameter type. See Notes.
3163 * pbData [I] Pointer to the parameter value.
3164 * dwFlags [I] Currently none defined.
3165 *
3166 * RETURNS
3167 * Success: TRUE.
3168 * Failure: FALSE.
3169 *
3170 * NOTES:
3171 * Defined dwParam types are:
3172 * - KP_MODE: Values MODE_CBC, MODE_ECB, MODE_CFB.
3173 * - KP_MODE_BITS: Shift width for cipher feedback mode. (Currently ignored by MS CSP's)
3174 * - KP_PERMISSIONS: Or'ed combination of CRYPT_ENCRYPT, CRYPT_DECRYPT,
3175 * CRYPT_EXPORT, CRYPT_READ, CRYPT_WRITE, CRYPT_MAC
3176 * - KP_IV: Initialization vector
3177 */
3178 BOOL WINAPI RSAENH_CPSetKeyParam(HCRYPTPROV hProv, HCRYPTKEY hKey, DWORD dwParam, BYTE *pbData,
3179 DWORD dwFlags)
3180 {
3187 {
3190 }
3195 }
3198 {
3201 }
3205 /* The MS providers only support PKCS5_PADDING */
3209 }
3221 {
3226 {
3229 }
3232 {
3233 /* Clearing the export permission appears to be ignored,
3234 * see tests.
3235 */
3237 }
3240 }
3248 {
3251 /* salt length can't be greater than 184 bits = 24 bytes */
3253 {
3256 }
3262 }
3268 {
3271 }
3273 {
3276 }
3277 else
3278 {
3281 }
3286 }
3302 }
3314 }
3315 }
3317 /******************************************************************************
3318 * CPGetKeyParam (RSAENH.@)
3319 *
3320 * Query a key parameter.
3321 *
3322 * PARAMS
3323 * hProv [I] The key container, which the key belongs to.
3324 * hHash [I] The key object that is to be queried.
3325 * dwParam [I] Specifies the parameter that is to be queried.
3326 * pbData [I] Pointer to the buffer where the parameter value will be stored.
3327 * pdwDataLen [I/O] I: Buffer length at pbData, O: Length of the parameter value.
3328 * dwFlags [I] None currently defined.
3329 *
3330 * RETURNS
3331 * Success: TRUE
3332 * Failure: FALSE
3333 *
3334 * NOTES
3335 * Defined dwParam types are:
3336 * - KP_MODE: Values MODE_CBC, MODE_ECB, MODE_CFB.
3337 * - KP_MODE_BITS: Shift width for cipher feedback mode.
3338 * (Currently ignored by MS CSP's - always eight)
3339 * - KP_PERMISSIONS: Or'ed combination of CRYPT_ENCRYPT, CRYPT_DECRYPT,
3340 * CRYPT_EXPORT, CRYPT_READ, CRYPT_WRITE, CRYPT_MAC
3341 * - KP_IV: Initialization vector.
3342 * - KP_KEYLEN: Bitwidth of the key.
3343 * - KP_BLOCKLEN: Size of a block cipher block.
3344 * - KP_SALT: Salt value.
3345 */
3346 BOOL WINAPI RSAENH_CPGetKeyParam(HCRYPTPROV hProv, HCRYPTKEY hKey, DWORD dwParam, BYTE *pbData,
3348 {
3350 DWORD dwValue;
3356 {
3359 }
3364 }
3367 {
3370 }
3373 {
3393 else
3418 }
3419 }
3421 /******************************************************************************
3422 * CPGetProvParam (RSAENH.@)
3423 *
3424 * Query a CSP parameter.
3425 *
3426 * PARAMS
3427 * hProv [I] The key container that is to be queried.
3428 * dwParam [I] Specifies the parameter that is to be queried.
3429 * pbData [I] Pointer to the buffer where the parameter value will be stored.
3430 * pdwDataLen [I/O] I: Buffer length at pbData, O: Length of the parameter value.
3431 * dwFlags [I] CRYPT_FIRST: Start enumeration (for PP_ENUMALGS{_EX}).
3432 *
3433 * RETURNS
3434 * Success: TRUE
3435 * Failure: FALSE
3436 * NOTES:
3437 * Defined dwParam types:
3438 * - PP_CONTAINER: Name of the key container.
3439 * - PP_NAME: Name of the cryptographic service provider.
3440 * - PP_SIG_KEYSIZE_INC: RSA signature keywidth granularity in bits.
3441 * - PP_KEYX_KEYSIZE_INC: RSA key-exchange keywidth granularity in bits.
3442 * - PP_ENUMALGS{_EX}: Query provider capabilities.
3443 */
3446 {
3448 PROV_ENUMALGS provEnumalgs;
3449 DWORD dwTemp;
3450 HKEY hKey;
3452 /* This is for dwParam PP_CRYPT_COUNT_KEY_USE.
3453 * IE6 SP1 asks for it in the 'About' dialog.
3454 * Returning this BLOB seems to satisfy IE. The marked 0x00 seem
3455 * to be 'don't care's. If you know anything more specific about
3456 * this provider parameter, please report to wine-devel@winehq.org */
3470 };
3478 }
3482 {
3483 /* MSDN: hProv not containing valid context handle */
3486 }
3489 {
3534 }
3537 {
3540 }
3545 {
3559 }
3567 {
3570 }
3598 }
3604 /* MSDN: Unknown parameter number in dwParam */
3607 }
3608 }
3610 /******************************************************************************
3611 * CPDeriveKey (RSAENH.@)
3612 *
3613 * Derives a key from a hash value.
3614 *
3615 * PARAMS
3616 * hProv [I] Key container for which a key is to be generated.
3617 * Algid [I] Crypto algorithm identifier for the key to be generated.
3618 * hBaseData [I] Hash from whose value the key will be derived.
3619 * dwFlags [I] See Notes.
3620 * phKey [O] The generated key.
3621 *
3622 * RETURNS
3623 * Success: TRUE
3624 * Failure: FALSE
3625 *
3626 * NOTES
3627 * Defined flags:
3628 * - CRYPT_EXPORTABLE: Key can be exported.
3629 * - CRYPT_NO_SALT: No salt is used for 40 bit keys.
3630 * - CRYPT_CREATE_SALT: Use remaining bits as salt value.
3631 */
3634 {
3638 DWORD dwLen;
3644 {
3647 }
3651 {
3654 }
3657 {
3660 }
3663 {
3668 /*
3669 * We derive the key material from the hash.
3670 * If the hash value is not large enough for the claimed key, we have to construct
3671 * a larger binary value based on the hash. This is documented in MSDN: CryptDeriveKey.
3672 */
3679 DWORD i;
3686 }
3700 }
3709 {
3712 }
3715 {
3716 /* See RFC 2246, chapter 6.3 Key calculation */
3750 }
3756 }
3760 }
3762 /******************************************************************************
3763 * CPGetUserKey (RSAENH.@)
3764 *
3765 * Returns a handle to the user's private key-exchange- or signature-key.
3766 *
3767 * PARAMS
3768 * hProv [I] The key container from which a user key is requested.
3769 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
3770 * phUserKey [O] Handle to the requested key or INVALID_HANDLE_VALUE in case of failure.
3771 *
3772 * RETURNS
3773 * Success: TRUE.
3774 * Failure: FALSE.
3775 *
3776 * NOTE
3777 * A newly created key container does not contain private user key. Create them with CPGenKey.
3778 */
3780 {
3787 {
3788 /* MSDN: hProv not containing valid context handle */
3791 }
3794 {
3797 phUserKey);
3802 phUserKey);
3807 }
3810 {
3811 /* MSDN: dwKeySpec parameter specifies nonexistent key */
3814 }
3817 }
3819 /******************************************************************************
3820 * CPHashData (RSAENH.@)
3821 *
3822 * Updates a hash object with the given data.
3823 *
3824 * PARAMS
3825 * hProv [I] Key container to which the hash object belongs.
3826 * hHash [I] Hash object which is to be updated.
3827 * pbData [I] Pointer to data with which the hash object is to be updated.
3828 * dwDataLen [I] Length of the data.
3829 * dwFlags [I] Currently none defined.
3830 *
3831 * RETURNS
3832 * Success: TRUE.
3833 * Failure: FALSE.
3834 *
3835 * NOTES
3836 * The actual hash value is queried with CPGetHashParam, which will finalize
3837 * the hash. Updating a finalized hash will fail with a last error NTE_BAD_HASH_STATE.
3838 */
3841 {
3848 {
3851 }
3855 {
3858 }
3861 {
3864 }
3867 {
3870 }
3874 }
3876 /******************************************************************************
3877 * CPHashSessionKey (RSAENH.@)
3878 *
3879 * Updates a hash object with the binary representation of a symmetric key.
3880 *
3881 * PARAMS
3882 * hProv [I] Key container to which the hash object belongs.
3883 * hHash [I] Hash object which is to be updated.
3884 * hKey [I] The symmetric key, whose binary value will be added to the hash.
3885 * dwFlags [I] CRYPT_LITTLE_ENDIAN, if the binary key value shall be interpreted as little endian.
3886 *
3887 * RETURNS
3888 * Success: TRUE.
3889 * Failure: FALSE.
3890 */
3892 DWORD dwFlags)
3893 {
3896 DWORD i;
3902 {
3905 }
3910 }
3918 }
3919 }
3922 }
3924 /******************************************************************************
3925 * CPReleaseContext (RSAENH.@)
3926 *
3927 * Release a key container.
3928 *
3929 * PARAMS
3930 * hProv [I] Key container to be released.
3931 * dwFlags [I] Currently none defined.
3932 *
3933 * RETURNS
3934 * Success: TRUE
3935 * Failure: FALSE
3936 */
3938 {
3942 {
3943 /* MSDN: hProv not containing valid context handle */
3946 }
3951 }
3954 }
3956 /******************************************************************************
3957 * CPSetHashParam (RSAENH.@)
3958 *
3959 * Set a parameter of a hash object
3960 *
3961 * PARAMS
3962 * hProv [I] The key container to which the key belongs.
3963 * hHash [I] The hash object for which a parameter is to be set.
3964 * dwParam [I] Parameter type. See Notes.
3965 * pbData [I] Pointer to the parameter value.
3966 * dwFlags [I] Currently none defined.
3967 *
3968 * RETURNS
3969 * Success: TRUE.
3970 * Failure: FALSE.
3971 *
3972 * NOTES
3973 * Currently only the HP_HMAC_INFO dwParam type is defined.
3974 * The HMAC_INFO struct will be deep copied into the hash object.
3975 * See Internet RFC 2104 for details on the HMAC algorithm.
3976 */
3979 {
3982 DWORD i;
3988 {
3991 }
3996 }
4000 {
4003 }
4012 {
4015 }
4019 }
4022 }
4041 }
4042 }
4044 /******************************************************************************
4045 * CPSetProvParam (RSAENH.@)
4046 */
4047 BOOL WINAPI RSAENH_CPSetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, DWORD dwFlags)
4048 {
4051 }
4053 /******************************************************************************
4054 * CPSignHash (RSAENH.@)
4055 *
4056 * Sign a hash object
4057 *
4058 * PARAMS
4059 * hProv [I] The key container, to which the hash object belongs.
4060 * hHash [I] The hash object to be signed.
4061 * dwKeySpec [I] AT_SIGNATURE or AT_KEYEXCHANGE: Key used to generate the signature.
4062 * sDescription [I] Should be NULL for security reasons.
4063 * dwFlags [I] 0, CRYPT_NOHASHOID or CRYPT_X931_FORMAT: Format of the signature.
4064 * pbSignature [O] Buffer, to which the signature will be stored. May be NULL to query SigLen.
4065 * pdwSigLen [I/O] Size of the buffer (in), Length of the signature (out)
4066 *
4067 * RETURNS
4068 * Success: TRUE
4069 * Failure: FALSE
4070 */
4074 {
4075 HCRYPTKEY hCryptKey;
4077 DWORD dwHashLen;
4079 ALG_ID aiAlgid;
4088 }
4094 {
4097 }
4102 }
4104 {
4108 }
4114 {
4116 }
4117 }
4120 if (!RSAENH_CPGetHashParam(hProv, hHash, HP_ALGID, (BYTE*)&aiAlgid, &dwHashLen, 0)) return FALSE;
4123 if (!RSAENH_CPGetHashParam(hProv, hHash, HP_HASHVAL, abHashValue, &dwHashLen, 0)) return FALSE;
4126 if (!build_hash_signature(pbSignature, *pdwSigLen, aiAlgid, abHashValue, dwHashLen, dwFlags)) {
4128 }
4130 return encrypt_block_impl(pCryptKey->aiAlgid, PK_PRIVATE, &pCryptKey->context, pbSignature, pbSignature, RSAENH_ENCRYPT);
4131 }
4133 /******************************************************************************
4134 * CPVerifySignature (RSAENH.@)
4135 *
4136 * Verify the signature of a hash object.
4137 *
4138 * PARAMS
4139 * hProv [I] The key container, to which the hash belongs.
4140 * hHash [I] The hash for which the signature is verified.
4141 * pbSignature [I] The binary signature.
4142 * dwSigLen [I] Length of the signature BLOB.
4143 * hPubKey [I] Public key used to verify the signature.
4144 * sDescription [I] Should be NULL for security reasons.
4145 * dwFlags [I] 0, CRYPT_NOHASHOID or CRYPT_X931_FORMAT: Format of the signature.
4146 *
4147 * RETURNS
4148 * Success: TRUE (Signature is valid)
4149 * Failure: FALSE (GetLastError() == NTE_BAD_SIGNATURE, if signature is invalid)
4150 */
4151 BOOL WINAPI RSAENH_CPVerifySignature(HCRYPTPROV hProv, HCRYPTHASH hHash, CONST BYTE *pbSignature,
4153 DWORD dwFlags)
4154 {
4157 DWORD dwHashLen;
4158 ALG_ID aiAlgid;
4162 TRACE("(hProv=%08lx, hHash=%08lx, pbSignature=%p, dwSigLen=%d, hPubKey=%08lx, sDescription=%s, "
4164 dwFlags);
4169 }
4172 {
4175 }
4179 {
4182 }
4184 /* in Microsoft implementation, the signature length is checked before
4185 * the signature pointer.
4186 */
4188 {
4191 }
4194 {
4197 }
4202 {
4204 }
4205 }
4208 if (!RSAENH_CPGetHashParam(hProv, hHash, HP_ALGID, (BYTE*)&aiAlgid, &dwHashLen, 0)) return FALSE;
4211 if (!RSAENH_CPGetHashParam(hProv, hHash, HP_HASHVAL, abHashValue, &dwHashLen, 0)) return FALSE;
4217 }
4223 }
4225 if (!encrypt_block_impl(pCryptKey->aiAlgid, PK_PUBLIC, &pCryptKey->context, pbSignature, pbDecrypted,
4226 RSAENH_DECRYPT))
4227 {
4229 }
4231 if (!build_hash_signature(pbConstructed, dwSigLen, aiAlgid, abHashValue, dwHashLen, dwFlags)) {
4233 }
4238 }
4241 cleanup:
4245 }
4283 };
4297 };
4300 /******************************************************************************
4301 * DllRegisterServer (RSAENH.@)
4302 *
4303 * Dll self registration.
4304 *
4305 * PARAMS
4306 *
4307 * RETURNS
4308 * Success: S_OK.
4309 * Failure: != S_OK
4310 *
4311 * NOTES
4312 * Registers the following keys:
4313 * - HKLM\Software\Microsoft\Cryptography\Defaults\Provider\
4314 * Microsoft Base Cryptographic Provider v1.0
4315 * - HKLM\Software\Microsoft\Cryptography\Defaults\Provider\
4316 * Microsoft Enhanced Cryptographic Provider
4317 * - HKLM\Software\Microsoft\Cryptography\Defaults\Provider\
4318 * Microsoft Strong Cryptographpic Provider
4319 * - HKLM\Software\Microsoft\Cryptography\Defaults\Provider Types\Type 001
4320 */
4322 {
4323 HKEY key;
4324 DWORD dp;
4333 {
4335 {
4343 {
4354 }
4360 }
4362 }
4363 }
4369 {
4371 {
4397 }
4398 }
4400 }
4403 }
4405 /******************************************************************************
4406 * DllUnregisterServer (RSAENH.@)
4407 *
4408 * Dll self unregistration.
4409 *
4410 * PARAMS
4411 *
4412 * RETURNS
4413 * Success: S_OK
4414 *
4415 * NOTES
4416 * For the relevant keys see DllRegisterServer.
4417 */
4419 {
4430 }