3 * RSAENH - RSA encryption for Wine
5 * Copyright 2002 TransGaming Technologies (David Hammerton)
6 * Copyright 2004 Mike McCormack for CodeWeavers
7 * Copyright 2004, 2005 Michael Jung
8 * Copyright 2007 Vijay Kiran Kamuju
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
25 #define WIN32_NO_STATUS
27 #define COM_NO_WINDOWS_H
30 //#include "wine/port.h"
31 #include <wine/library.h>
32 #include <wine/debug.h>
38 //#include "winbase.h"
47 WINE_DEFAULT_DEBUG_CHANNEL(crypt
);
49 static HINSTANCE instance
;
51 /******************************************************************************
52 * CRYPTHASH - hash objects
54 #define RSAENH_MAGIC_HASH 0x85938417u
55 #define RSAENH_MAX_HASH_SIZE 104
56 #define RSAENH_HASHSTATE_HASHING 1
57 #define RSAENH_HASHSTATE_FINISHED 2
58 typedef struct _RSAENH_TLS1PRF_PARAMS
60 CRYPT_DATA_BLOB blobLabel
;
61 CRYPT_DATA_BLOB blobSeed
;
62 } RSAENH_TLS1PRF_PARAMS
;
64 typedef struct tagCRYPTHASH
73 BYTE abHashValue
[RSAENH_MAX_HASH_SIZE
];
75 RSAENH_TLS1PRF_PARAMS tpPRFParams
;
78 /******************************************************************************
79 * CRYPTKEY - key objects
81 #define RSAENH_MAGIC_KEY 0x73620457u
82 #define RSAENH_MAX_KEY_SIZE 64
83 #define RSAENH_MAX_BLOCK_SIZE 24
84 #define RSAENH_KEYSTATE_IDLE 0
85 #define RSAENH_KEYSTATE_ENCRYPTING 1
86 #define RSAENH_KEYSTATE_MASTERKEY 2
87 typedef struct _RSAENH_SCHANNEL_INFO
89 SCHANNEL_ALG saEncAlg
;
90 SCHANNEL_ALG saMACAlg
;
91 CRYPT_DATA_BLOB blobClientRandom
;
92 CRYPT_DATA_BLOB blobServerRandom
;
93 } RSAENH_SCHANNEL_INFO
;
95 typedef struct tagCRYPTKEY
104 DWORD dwEffectiveKeyLen
;
109 BYTE abKeyValue
[RSAENH_MAX_KEY_SIZE
];
110 BYTE abInitVector
[RSAENH_MAX_BLOCK_SIZE
];
111 BYTE abChainVector
[RSAENH_MAX_BLOCK_SIZE
];
112 RSAENH_SCHANNEL_INFO siSChannelInfo
;
113 CRYPT_DATA_BLOB blobHmacKey
;
116 /******************************************************************************
117 * KEYCONTAINER - key containers
119 #define RSAENH_PERSONALITY_BASE 0u
120 #define RSAENH_PERSONALITY_STRONG 1u
121 #define RSAENH_PERSONALITY_ENHANCED 2u
122 #define RSAENH_PERSONALITY_SCHANNEL 3u
123 #define RSAENH_PERSONALITY_AES 4u
125 #define RSAENH_MAGIC_CONTAINER 0x26384993u
126 typedef struct tagKEYCONTAINER
132 DWORD dwEnumContainersCtr
;
133 CHAR szName
[MAX_PATH
];
134 CHAR szProvName
[MAX_PATH
];
135 HCRYPTKEY hKeyExchangeKeyPair
;
136 HCRYPTKEY hSignatureKeyPair
;
139 /******************************************************************************
140 * Some magic constants
142 #define RSAENH_ENCRYPT 1
143 #define RSAENH_DECRYPT 0
144 #define RSAENH_HMAC_DEF_IPAD_CHAR 0x36
145 #define RSAENH_HMAC_DEF_OPAD_CHAR 0x5c
146 #define RSAENH_HMAC_DEF_PAD_LEN 64
147 #define RSAENH_HMAC_BLOCK_LEN 64
148 #define RSAENH_DES_EFFECTIVE_KEYLEN 56
149 #define RSAENH_DES_STORAGE_KEYLEN 64
150 #define RSAENH_3DES112_EFFECTIVE_KEYLEN 112
151 #define RSAENH_3DES112_STORAGE_KEYLEN 128
152 #define RSAENH_3DES_EFFECTIVE_KEYLEN 168
153 #define RSAENH_3DES_STORAGE_KEYLEN 192
154 #define RSAENH_MAGIC_RSA2 0x32415352
155 #define RSAENH_MAGIC_RSA1 0x31415352
156 #define RSAENH_PKC_BLOCKTYPE 0x02
157 #define RSAENH_SSL3_VERSION_MAJOR 3
158 #define RSAENH_SSL3_VERSION_MINOR 0
159 #define RSAENH_TLS1_VERSION_MAJOR 3
160 #define RSAENH_TLS1_VERSION_MINOR 1
161 #define RSAENH_REGKEY "Software\\Wine\\Crypto\\RSA\\%s"
163 #define RSAENH_MIN(a,b) ((a)<(b)?(a):(b))
164 /******************************************************************************
165 * aProvEnumAlgsEx - Defines the capabilities of the CSP personalities.
167 #define RSAENH_MAX_ENUMALGS 24
168 #define RSAENH_PCT1_SSL2_SSL3_TLS1 (CRYPT_FLAG_PCT1|CRYPT_FLAG_SSL2|CRYPT_FLAG_SSL3|CRYPT_FLAG_TLS1)
169 static const PROV_ENUMALGS_EX aProvEnumAlgsEx
[5][RSAENH_MAX_ENUMALGS
+1] =
172 {CALG_RC2
, 40, 40, 56,0, 4,"RC2", 24,"RSA Data Security's RC2"},
173 {CALG_RC4
, 40, 40, 56,0, 4,"RC4", 24,"RSA Data Security's RC4"},
174 {CALG_DES
, 56, 56, 56,0, 4,"DES", 31,"Data Encryption Standard (DES)"},
175 {CALG_SHA
, 160,160, 160,CRYPT_FLAG_SIGNING
, 6,"SHA-1", 30,"Secure Hash Algorithm (SHA-1)"},
176 {CALG_MD2
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD2", 23,"Message Digest 2 (MD2)"},
177 {CALG_MD4
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD4", 23,"Message Digest 4 (MD4)"},
178 {CALG_MD5
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD5", 23,"Message Digest 5 (MD5)"},
179 {CALG_SSL3_SHAMD5
,288,288,288,0, 12,"SSL3 SHAMD5",12,"SSL3 SHAMD5"},
180 {CALG_MAC
, 0, 0, 0,0, 4,"MAC", 28,"Message Authentication Code"},
181 {CALG_RSA_SIGN
, 512,384,16384,CRYPT_FLAG_SIGNING
|CRYPT_FLAG_IPSEC
,9,"RSA_SIGN",14,"RSA Signature"},
182 {CALG_RSA_KEYX
, 512,384, 1024,CRYPT_FLAG_SIGNING
|CRYPT_FLAG_IPSEC
,9,"RSA_KEYX",17,"RSA Key Exchange"},
183 {CALG_HMAC
, 0, 0, 0,0, 5,"HMAC", 18,"Hugo's MAC (HMAC)"},
184 {0, 0, 0, 0,0, 1,"", 1,""}
187 {CALG_RC2
, 128, 40, 128,0, 4,"RC2", 24,"RSA Data Security's RC2"},
188 {CALG_RC4
, 128, 40, 128,0, 4,"RC4", 24,"RSA Data Security's RC4"},
189 {CALG_DES
, 56, 56, 56,0, 4,"DES", 31,"Data Encryption Standard (DES)"},
190 {CALG_3DES_112
, 112,112, 112,0, 13,"3DES TWO KEY",19,"Two Key Triple DES"},
191 {CALG_3DES
, 168,168, 168,0, 5,"3DES", 21,"Three Key Triple DES"},
192 {CALG_SHA
, 160,160, 160,CRYPT_FLAG_SIGNING
, 6,"SHA-1", 30,"Secure Hash Algorithm (SHA-1)"},
193 {CALG_MD2
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD2", 23,"Message Digest 2 (MD2)"},
194 {CALG_MD4
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD4", 23,"Message Digest 4 (MD4)"},
195 {CALG_MD5
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD5", 23,"Message Digest 5 (MD5)"},
196 {CALG_SSL3_SHAMD5
,288,288,288,0, 12,"SSL3 SHAMD5",12,"SSL3 SHAMD5"},
197 {CALG_MAC
, 0, 0, 0,0, 4,"MAC", 28,"Message Authentication Code"},
198 {CALG_RSA_SIGN
,1024,384,16384,CRYPT_FLAG_SIGNING
|CRYPT_FLAG_IPSEC
,9,"RSA_SIGN",14,"RSA Signature"},
199 {CALG_RSA_KEYX
,1024,384,16384,CRYPT_FLAG_SIGNING
|CRYPT_FLAG_IPSEC
,9,"RSA_KEYX",17,"RSA Key Exchange"},
200 {CALG_HMAC
, 0, 0, 0,0, 5,"HMAC", 18,"Hugo's MAC (HMAC)"},
201 {0, 0, 0, 0,0, 1,"", 1,""}
204 {CALG_RC2
, 128, 40, 128,0, 4,"RC2", 24,"RSA Data Security's RC2"},
205 {CALG_RC4
, 128, 40, 128,0, 4,"RC4", 24,"RSA Data Security's RC4"},
206 {CALG_DES
, 56, 56, 56,0, 4,"DES", 31,"Data Encryption Standard (DES)"},
207 {CALG_3DES_112
, 112,112, 112,0, 13,"3DES TWO KEY",19,"Two Key Triple DES"},
208 {CALG_3DES
, 168,168, 168,0, 5,"3DES", 21,"Three Key Triple DES"},
209 {CALG_SHA
, 160,160, 160,CRYPT_FLAG_SIGNING
, 6,"SHA-1", 30,"Secure Hash Algorithm (SHA-1)"},
210 {CALG_MD2
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD2", 23,"Message Digest 2 (MD2)"},
211 {CALG_MD4
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD4", 23,"Message Digest 4 (MD4)"},
212 {CALG_MD5
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD5", 23,"Message Digest 5 (MD5)"},
213 {CALG_SSL3_SHAMD5
,288,288,288,0, 12,"SSL3 SHAMD5",12,"SSL3 SHAMD5"},
214 {CALG_MAC
, 0, 0, 0,0, 4,"MAC", 28,"Message Authentication Code"},
215 {CALG_RSA_SIGN
,1024,384,16384,CRYPT_FLAG_SIGNING
|CRYPT_FLAG_IPSEC
,9,"RSA_SIGN",14,"RSA Signature"},
216 {CALG_RSA_KEYX
,1024,384,16384,CRYPT_FLAG_SIGNING
|CRYPT_FLAG_IPSEC
,9,"RSA_KEYX",17,"RSA Key Exchange"},
217 {CALG_HMAC
, 0, 0, 0,0, 5,"HMAC", 18,"Hugo's MAC (HMAC)"},
218 {0, 0, 0, 0,0, 1,"", 1,""}
221 {CALG_RC2
, 128, 40, 128,RSAENH_PCT1_SSL2_SSL3_TLS1
, 4,"RC2", 24,"RSA Data Security's RC2"},
222 {CALG_RC4
, 128, 40, 128,RSAENH_PCT1_SSL2_SSL3_TLS1
, 4,"RC4", 24,"RSA Data Security's RC4"},
223 {CALG_DES
, 56, 56, 56,RSAENH_PCT1_SSL2_SSL3_TLS1
, 4,"DES", 31,"Data Encryption Standard (DES)"},
224 {CALG_3DES_112
, 112,112, 112,RSAENH_PCT1_SSL2_SSL3_TLS1
,13,"3DES TWO KEY",19,"Two Key Triple DES"},
225 {CALG_3DES
, 168,168, 168,RSAENH_PCT1_SSL2_SSL3_TLS1
, 5,"3DES", 21,"Three Key Triple DES"},
226 {CALG_SHA
,160,160,160,CRYPT_FLAG_SIGNING
|RSAENH_PCT1_SSL2_SSL3_TLS1
,6,"SHA-1",30,"Secure Hash Algorithm (SHA-1)"},
227 {CALG_MD5
,128,128,128,CRYPT_FLAG_SIGNING
|RSAENH_PCT1_SSL2_SSL3_TLS1
,4,"MD5",23,"Message Digest 5 (MD5)"},
228 {CALG_SSL3_SHAMD5
,288,288,288,0, 12,"SSL3 SHAMD5",12,"SSL3 SHAMD5"},
229 {CALG_MAC
, 0, 0, 0,0, 4,"MAC", 28,"Message Authentication Code"},
230 {CALG_RSA_SIGN
,1024,384,16384,CRYPT_FLAG_SIGNING
|RSAENH_PCT1_SSL2_SSL3_TLS1
,9,"RSA_SIGN",14,"RSA Signature"},
231 {CALG_RSA_KEYX
,1024,384,16384,CRYPT_FLAG_SIGNING
|RSAENH_PCT1_SSL2_SSL3_TLS1
,9,"RSA_KEYX",17,"RSA Key Exchange"},
232 {CALG_HMAC
, 0, 0, 0,0, 5,"HMAC", 18,"Hugo's MAC (HMAC)"},
233 {CALG_PCT1_MASTER
,128,128,128,CRYPT_FLAG_PCT1
, 12,"PCT1 MASTER",12,"PCT1 Master"},
234 {CALG_SSL2_MASTER
,40,40, 192,CRYPT_FLAG_SSL2
, 12,"SSL2 MASTER",12,"SSL2 Master"},
235 {CALG_SSL3_MASTER
,384,384,384,CRYPT_FLAG_SSL3
, 12,"SSL3 MASTER",12,"SSL3 Master"},
236 {CALG_TLS1_MASTER
,384,384,384,CRYPT_FLAG_TLS1
, 12,"TLS1 MASTER",12,"TLS1 Master"},
237 {CALG_SCHANNEL_MASTER_HASH
,0,0,-1,0, 16,"SCH MASTER HASH",21,"SChannel Master Hash"},
238 {CALG_SCHANNEL_MAC_KEY
,0,0,-1,0, 12,"SCH MAC KEY",17,"SChannel MAC Key"},
239 {CALG_SCHANNEL_ENC_KEY
,0,0,-1,0, 12,"SCH ENC KEY",24,"SChannel Encryption Key"},
240 {CALG_TLS1PRF
, 0, 0, -1,0, 9,"TLS1 PRF", 28,"TLS1 Pseudo Random Function"},
241 {0, 0, 0, 0,0, 1,"", 1,""}
244 {CALG_RC2
, 128, 40, 128,0, 4,"RC2", 24,"RSA Data Security's RC2"},
245 {CALG_RC4
, 128, 40, 128,0, 4,"RC4", 24,"RSA Data Security's RC4"},
246 {CALG_DES
, 56, 56, 56,0, 4,"DES", 31,"Data Encryption Standard (DES)"},
247 {CALG_3DES_112
, 112,112, 112,0, 13,"3DES TWO KEY",19,"Two Key Triple DES"},
248 {CALG_3DES
, 168,168, 168,0, 5,"3DES", 21,"Three Key Triple DES"},
249 {CALG_AES
, 128,128, 128,0, 4,"AES", 35,"Advanced Encryption Standard (AES)"},
250 {CALG_AES_128
, 128,128, 128,0, 8,"AES-128", 39,"Advanced Encryption Standard (AES-128)"},
251 {CALG_AES_192
, 192,192, 192,0, 8,"AES-192", 39,"Advanced Encryption Standard (AES-192)"},
252 {CALG_AES_256
, 256,256, 256,0, 8,"AES-256", 39,"Advanced Encryption Standard (AES-256)"},
253 {CALG_SHA
, 160,160, 160,CRYPT_FLAG_SIGNING
, 6,"SHA-1", 30,"Secure Hash Algorithm (SHA-1)"},
254 {CALG_SHA_256
, 256,256, 256,CRYPT_FLAG_SIGNING
, 6,"SHA-256", 30,"Secure Hash Algorithm (SHA-256)"},
255 {CALG_SHA_384
, 384,384, 384,CRYPT_FLAG_SIGNING
, 6,"SHA-384", 30,"Secure Hash Algorithm (SHA-284)"},
256 {CALG_SHA_512
, 512,512, 512,CRYPT_FLAG_SIGNING
, 6,"SHA-512", 30,"Secure Hash Algorithm (SHA-512)"},
257 {CALG_MD2
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD2", 23,"Message Digest 2 (MD2)"},
258 {CALG_MD4
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD4", 23,"Message Digest 4 (MD4)"},
259 {CALG_MD5
, 128,128, 128,CRYPT_FLAG_SIGNING
, 4,"MD5", 23,"Message Digest 5 (MD5)"},
260 {CALG_SSL3_SHAMD5
,288,288,288,0, 12,"SSL3 SHAMD5",12,"SSL3 SHAMD5"},
261 {CALG_MAC
, 0, 0, 0,0, 4,"MAC", 28,"Message Authentication Code"},
262 {CALG_RSA_SIGN
,1024,384,16384,CRYPT_FLAG_SIGNING
|CRYPT_FLAG_IPSEC
,9,"RSA_SIGN",14,"RSA Signature"},
263 {CALG_RSA_KEYX
,1024,384,16384,CRYPT_FLAG_SIGNING
|CRYPT_FLAG_IPSEC
,9,"RSA_KEYX",17,"RSA Key Exchange"},
264 {CALG_HMAC
, 0, 0, 0,0, 5,"HMAC", 18,"Hugo's MAC (HMAC)"},
265 {0, 0, 0, 0,0, 1,"", 1,""}
269 /******************************************************************************
270 * API forward declarations
273 RSAENH_CPGetKeyParam(
304 RSAENH_CPSetHashParam(
308 BYTE
*pbData
, DWORD dwFlags
312 RSAENH_CPGetHashParam(
322 RSAENH_CPDestroyHash(
327 static BOOL
crypt_export_key(
337 static BOOL
import_key(
356 /******************************************************************************
357 * CSP's handle table (used by all acquired key containers)
359 static struct handle_table handle_table
;
361 /******************************************************************************
364 * Initializes and destroys the handle table for the CSP's handles.
366 BOOL WINAPI
DllMain(HINSTANCE hInstance
, DWORD fdwReason
, PVOID reserved
)
370 case DLL_PROCESS_ATTACH
:
371 instance
= hInstance
;
372 DisableThreadLibraryCalls(hInstance
);
373 init_handle_table(&handle_table
);
376 case DLL_PROCESS_DETACH
:
378 destroy_handle_table(&handle_table
);
384 /******************************************************************************
385 * copy_param [Internal]
387 * Helper function that supports the standard WINAPI protocol for querying data
391 * pbBuffer [O] Buffer where the queried parameter is copied to, if it is large enough.
392 * May be NUL if the required buffer size is to be queried only.
393 * pdwBufferSize [I/O] In: Size of the buffer at pbBuffer
394 * Out: Size of parameter pbParam
395 * pbParam [I] Parameter value.
396 * dwParamSize [I] Size of pbParam
399 * Success: TRUE (pbParam was copied into pbBuffer or pbBuffer is NULL)
400 * Failure: FALSE (pbBuffer is not large enough to hold pbParam). Last error: ERROR_MORE_DATA
402 static inline BOOL
copy_param(BYTE
*pbBuffer
, DWORD
*pdwBufferSize
, const BYTE
*pbParam
,
407 if (dwParamSize
> *pdwBufferSize
)
409 SetLastError(ERROR_MORE_DATA
);
410 *pdwBufferSize
= dwParamSize
;
413 memcpy(pbBuffer
, pbParam
, dwParamSize
);
415 *pdwBufferSize
= dwParamSize
;
419 /******************************************************************************
420 * get_algid_info [Internal]
422 * Query CSP capabilities for a given crypto algorithm.
425 * hProv [I] Handle to a key container of the CSP whose capabilities are to be queried.
426 * algid [I] Identifier of the crypto algorithm about which information is requested.
429 * Success: Pointer to a PROV_ENUMALGS_EX struct containing information about the crypto algorithm.
430 * Failure: NULL (algid not supported)
432 static inline const PROV_ENUMALGS_EX
* get_algid_info(HCRYPTPROV hProv
, ALG_ID algid
) {
433 const PROV_ENUMALGS_EX
*iterator
;
434 KEYCONTAINER
*pKeyContainer
;
436 if (!lookup_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
, (OBJECTHDR
**)&pKeyContainer
)) {
437 SetLastError(NTE_BAD_UID
);
441 for (iterator
= aProvEnumAlgsEx
[pKeyContainer
->dwPersonality
]; iterator
->aiAlgid
; iterator
++) {
442 if (iterator
->aiAlgid
== algid
) return iterator
;
445 SetLastError(NTE_BAD_ALGID
);
449 /******************************************************************************
450 * copy_data_blob [Internal]
452 * deeply copies a DATA_BLOB
455 * dst [O] That's where the blob will be copied to
456 * src [I] Source blob
460 * Failure: FALSE (GetLastError() == NTE_NO_MEMORY
463 * Use free_data_blob to release resources occupied by copy_data_blob.
465 static inline BOOL
copy_data_blob(PCRYPT_DATA_BLOB dst
, const PCRYPT_DATA_BLOB src
)
467 dst
->pbData
= HeapAlloc(GetProcessHeap(), 0, src
->cbData
);
469 SetLastError(NTE_NO_MEMORY
);
472 dst
->cbData
= src
->cbData
;
473 memcpy(dst
->pbData
, src
->pbData
, src
->cbData
);
477 /******************************************************************************
478 * concat_data_blobs [Internal]
480 * Concatenates two blobs
483 * dst [O] The new blob will be copied here
484 * src1 [I] Prefix blob
485 * src2 [I] Appendix blob
489 * Failure: FALSE (GetLastError() == NTE_NO_MEMORY)
492 * Release resources occupied by concat_data_blobs with free_data_blobs
494 static inline BOOL
concat_data_blobs(PCRYPT_DATA_BLOB dst
, const PCRYPT_DATA_BLOB src1
,
495 const PCRYPT_DATA_BLOB src2
)
497 dst
->cbData
= src1
->cbData
+ src2
->cbData
;
498 dst
->pbData
= HeapAlloc(GetProcessHeap(), 0, dst
->cbData
);
500 SetLastError(NTE_NO_MEMORY
);
503 memcpy(dst
->pbData
, src1
->pbData
, src1
->cbData
);
504 memcpy(dst
->pbData
+ src1
->cbData
, src2
->pbData
, src2
->cbData
);
508 /******************************************************************************
509 * free_data_blob [Internal]
511 * releases resource occupied by a dynamically allocated CRYPT_DATA_BLOB
514 * pBlob [I] Heap space occupied by pBlob->pbData is released
516 static inline void free_data_blob(PCRYPT_DATA_BLOB pBlob
) {
517 HeapFree(GetProcessHeap(), 0, pBlob
->pbData
);
520 /******************************************************************************
521 * init_data_blob [Internal]
523 static inline void init_data_blob(PCRYPT_DATA_BLOB pBlob
) {
524 pBlob
->pbData
= NULL
;
528 /******************************************************************************
529 * free_hmac_info [Internal]
531 * Deeply free an HMAC_INFO struct.
534 * hmac_info [I] Pointer to the HMAC_INFO struct to be freed.
537 * See Internet RFC 2104 for details on the HMAC algorithm.
539 static inline void free_hmac_info(PHMAC_INFO hmac_info
) {
540 if (!hmac_info
) return;
541 HeapFree(GetProcessHeap(), 0, hmac_info
->pbInnerString
);
542 HeapFree(GetProcessHeap(), 0, hmac_info
->pbOuterString
);
543 HeapFree(GetProcessHeap(), 0, hmac_info
);
546 /******************************************************************************
547 * copy_hmac_info [Internal]
549 * Deeply copy an HMAC_INFO struct
552 * dst [O] Pointer to a location where the pointer to the HMAC_INFO copy will be stored.
553 * src [I] Pointer to the HMAC_INFO struct to be copied.
560 * See Internet RFC 2104 for details on the HMAC algorithm.
562 static BOOL
copy_hmac_info(PHMAC_INFO
*dst
, const HMAC_INFO
*src
) {
563 if (!src
) return FALSE
;
564 *dst
= HeapAlloc(GetProcessHeap(), 0, sizeof(HMAC_INFO
));
565 if (!*dst
) return FALSE
;
567 (*dst
)->pbInnerString
= NULL
;
568 (*dst
)->pbOuterString
= NULL
;
569 if ((*dst
)->cbInnerString
== 0) (*dst
)->cbInnerString
= RSAENH_HMAC_DEF_PAD_LEN
;
570 (*dst
)->pbInnerString
= HeapAlloc(GetProcessHeap(), 0, (*dst
)->cbInnerString
);
571 if (!(*dst
)->pbInnerString
) {
572 free_hmac_info(*dst
);
575 if (src
->cbInnerString
)
576 memcpy((*dst
)->pbInnerString
, src
->pbInnerString
, src
->cbInnerString
);
578 memset((*dst
)->pbInnerString
, RSAENH_HMAC_DEF_IPAD_CHAR
, RSAENH_HMAC_DEF_PAD_LEN
);
579 if ((*dst
)->cbOuterString
== 0) (*dst
)->cbOuterString
= RSAENH_HMAC_DEF_PAD_LEN
;
580 (*dst
)->pbOuterString
= HeapAlloc(GetProcessHeap(), 0, (*dst
)->cbOuterString
);
581 if (!(*dst
)->pbOuterString
) {
582 free_hmac_info(*dst
);
585 if (src
->cbOuterString
)
586 memcpy((*dst
)->pbOuterString
, src
->pbOuterString
, src
->cbOuterString
);
588 memset((*dst
)->pbOuterString
, RSAENH_HMAC_DEF_OPAD_CHAR
, RSAENH_HMAC_DEF_PAD_LEN
);
592 /******************************************************************************
593 * destroy_hash [Internal]
595 * Destructor for hash objects
598 * pCryptHash [I] Pointer to the hash object to be destroyed.
599 * Will be invalid after function returns!
601 static void destroy_hash(OBJECTHDR
*pObject
)
603 CRYPTHASH
*pCryptHash
= (CRYPTHASH
*)pObject
;
605 free_hmac_info(pCryptHash
->pHMACInfo
);
606 free_data_blob(&pCryptHash
->tpPRFParams
.blobLabel
);
607 free_data_blob(&pCryptHash
->tpPRFParams
.blobSeed
);
608 HeapFree(GetProcessHeap(), 0, pCryptHash
);
611 /******************************************************************************
612 * init_hash [Internal]
614 * Initialize (or reset) a hash object
617 * pCryptHash [I] The hash object to be initialized.
619 static inline BOOL
init_hash(CRYPTHASH
*pCryptHash
) {
622 switch (pCryptHash
->aiAlgid
)
625 if (pCryptHash
->pHMACInfo
) {
626 const PROV_ENUMALGS_EX
*pAlgInfo
;
628 pAlgInfo
= get_algid_info(pCryptHash
->hProv
, pCryptHash
->pHMACInfo
->HashAlgid
);
629 if (!pAlgInfo
) return FALSE
;
630 pCryptHash
->dwHashSize
= pAlgInfo
->dwDefaultLen
>> 3;
631 init_hash_impl(pCryptHash
->pHMACInfo
->HashAlgid
, &pCryptHash
->context
);
632 update_hash_impl(pCryptHash
->pHMACInfo
->HashAlgid
, &pCryptHash
->context
,
633 pCryptHash
->pHMACInfo
->pbInnerString
,
634 pCryptHash
->pHMACInfo
->cbInnerString
);
639 dwLen
= sizeof(DWORD
);
640 RSAENH_CPGetKeyParam(pCryptHash
->hProv
, pCryptHash
->hKey
, KP_BLOCKLEN
,
641 (BYTE
*)&pCryptHash
->dwHashSize
, &dwLen
, 0);
642 pCryptHash
->dwHashSize
>>= 3;
646 return init_hash_impl(pCryptHash
->aiAlgid
, &pCryptHash
->context
);
650 /******************************************************************************
651 * update_hash [Internal]
653 * Hashes the given data and updates the hash object's state accordingly
656 * pCryptHash [I] Hash object to be updated.
657 * pbData [I] Pointer to data stream to be hashed.
658 * dwDataLen [I] Length of data stream.
660 static inline void update_hash(CRYPTHASH
*pCryptHash
, const BYTE
*pbData
, DWORD dwDataLen
)
664 switch (pCryptHash
->aiAlgid
)
667 if (pCryptHash
->pHMACInfo
)
668 update_hash_impl(pCryptHash
->pHMACInfo
->HashAlgid
, &pCryptHash
->context
,
673 pbTemp
= HeapAlloc(GetProcessHeap(), 0, dwDataLen
);
675 memcpy(pbTemp
, pbData
, dwDataLen
);
676 RSAENH_CPEncrypt(pCryptHash
->hProv
, pCryptHash
->hKey
, 0, FALSE
, 0,
677 pbTemp
, &dwDataLen
, dwDataLen
);
678 HeapFree(GetProcessHeap(), 0, pbTemp
);
682 update_hash_impl(pCryptHash
->aiAlgid
, &pCryptHash
->context
, pbData
, dwDataLen
);
686 /******************************************************************************
687 * finalize_hash [Internal]
689 * Finalizes the hash, after all data has been hashed with update_hash.
690 * No additional data can be hashed afterwards until the hash gets initialized again.
693 * pCryptHash [I] Hash object to be finalized.
695 static inline void finalize_hash(CRYPTHASH
*pCryptHash
) {
698 switch (pCryptHash
->aiAlgid
)
701 if (pCryptHash
->pHMACInfo
) {
702 BYTE abHashValue
[RSAENH_MAX_HASH_SIZE
];
704 finalize_hash_impl(pCryptHash
->pHMACInfo
->HashAlgid
, &pCryptHash
->context
,
705 pCryptHash
->abHashValue
);
706 memcpy(abHashValue
, pCryptHash
->abHashValue
, pCryptHash
->dwHashSize
);
707 init_hash_impl(pCryptHash
->pHMACInfo
->HashAlgid
, &pCryptHash
->context
);
708 update_hash_impl(pCryptHash
->pHMACInfo
->HashAlgid
, &pCryptHash
->context
,
709 pCryptHash
->pHMACInfo
->pbOuterString
,
710 pCryptHash
->pHMACInfo
->cbOuterString
);
711 update_hash_impl(pCryptHash
->pHMACInfo
->HashAlgid
, &pCryptHash
->context
,
712 abHashValue
, pCryptHash
->dwHashSize
);
713 finalize_hash_impl(pCryptHash
->pHMACInfo
->HashAlgid
, &pCryptHash
->context
,
714 pCryptHash
->abHashValue
);
720 RSAENH_CPEncrypt(pCryptHash
->hProv
, pCryptHash
->hKey
, 0, TRUE
, 0,
721 pCryptHash
->abHashValue
, &dwDataLen
, pCryptHash
->dwHashSize
);
725 finalize_hash_impl(pCryptHash
->aiAlgid
, &pCryptHash
->context
, pCryptHash
->abHashValue
);
729 /******************************************************************************
730 * destroy_key [Internal]
732 * Destructor for key objects
735 * pCryptKey [I] Pointer to the key object to be destroyed.
736 * Will be invalid after function returns!
738 static void destroy_key(OBJECTHDR
*pObject
)
740 CRYPTKEY
*pCryptKey
= (CRYPTKEY
*)pObject
;
742 free_key_impl(pCryptKey
->aiAlgid
, &pCryptKey
->context
);
743 free_data_blob(&pCryptKey
->siSChannelInfo
.blobClientRandom
);
744 free_data_blob(&pCryptKey
->siSChannelInfo
.blobServerRandom
);
745 free_data_blob(&pCryptKey
->blobHmacKey
);
746 HeapFree(GetProcessHeap(), 0, pCryptKey
);
749 /******************************************************************************
750 * setup_key [Internal]
752 * Initialize (or reset) a key object
755 * pCryptKey [I] The key object to be initialized.
757 static inline void setup_key(CRYPTKEY
*pCryptKey
) {
758 pCryptKey
->dwState
= RSAENH_KEYSTATE_IDLE
;
759 memcpy(pCryptKey
->abChainVector
, pCryptKey
->abInitVector
, sizeof(pCryptKey
->abChainVector
));
760 setup_key_impl(pCryptKey
->aiAlgid
, &pCryptKey
->context
, pCryptKey
->dwKeyLen
,
761 pCryptKey
->dwEffectiveKeyLen
, pCryptKey
->dwSaltLen
,
762 pCryptKey
->abKeyValue
);
765 /******************************************************************************
768 * Creates a new key object without assigning the actual binary key value.
769 * This is done by CPDeriveKey, CPGenKey or CPImportKey, which call this function.
772 * hProv [I] Handle to the provider to which the created key will belong.
773 * aiAlgid [I] The new key shall use the crypto algorithm identified by aiAlgid.
774 * dwFlags [I] Upper 16 bits give the key length.
775 * Lower 16 bits: CRYPT_EXPORTABLE, CRYPT_CREATE_SALT,
777 * ppCryptKey [O] Pointer to the created key
780 * Success: Handle to the created key.
781 * Failure: INVALID_HANDLE_VALUE
783 static HCRYPTKEY
new_key(HCRYPTPROV hProv
, ALG_ID aiAlgid
, DWORD dwFlags
, CRYPTKEY
**ppCryptKey
)
787 DWORD dwKeyLen
= HIWORD(dwFlags
);
788 const PROV_ENUMALGS_EX
*peaAlgidInfo
;
793 * Retrieve the CSP's capabilities for the given ALG_ID value
795 peaAlgidInfo
= get_algid_info(hProv
, aiAlgid
);
796 if (!peaAlgidInfo
) return (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
798 TRACE("alg = %s, dwKeyLen = %d\n", debugstr_a(peaAlgidInfo
->szName
),
801 * Assume the default key length, if none is specified explicitly
803 if (dwKeyLen
== 0) dwKeyLen
= peaAlgidInfo
->dwDefaultLen
;
806 * Check if the requested key length is supported by the current CSP.
807 * Adjust key length's for DES algorithms.
811 if (dwKeyLen
== RSAENH_DES_EFFECTIVE_KEYLEN
) {
812 dwKeyLen
= RSAENH_DES_STORAGE_KEYLEN
;
814 if (dwKeyLen
!= RSAENH_DES_STORAGE_KEYLEN
) {
815 SetLastError(NTE_BAD_FLAGS
);
816 return (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
821 if (dwKeyLen
== RSAENH_3DES112_EFFECTIVE_KEYLEN
) {
822 dwKeyLen
= RSAENH_3DES112_STORAGE_KEYLEN
;
824 if (dwKeyLen
!= RSAENH_3DES112_STORAGE_KEYLEN
) {
825 SetLastError(NTE_BAD_FLAGS
);
826 return (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
831 if (dwKeyLen
== RSAENH_3DES_EFFECTIVE_KEYLEN
) {
832 dwKeyLen
= RSAENH_3DES_STORAGE_KEYLEN
;
834 if (dwKeyLen
!= RSAENH_3DES_STORAGE_KEYLEN
) {
835 SetLastError(NTE_BAD_FLAGS
);
836 return (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
841 /* Avoid the key length check for HMAC keys, which have unlimited
848 dwKeyLen
> peaAlgidInfo
->dwMaxLen
||
849 dwKeyLen
< peaAlgidInfo
->dwMinLen
)
851 TRACE("key len %d out of bounds (%d, %d)\n", dwKeyLen
,
852 peaAlgidInfo
->dwMinLen
, peaAlgidInfo
->dwMaxLen
);
853 SetLastError(NTE_BAD_DATA
);
854 return (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
858 hCryptKey
= new_object(&handle_table
, sizeof(CRYPTKEY
), RSAENH_MAGIC_KEY
,
859 destroy_key
, (OBJECTHDR
**)&pCryptKey
);
860 if (hCryptKey
!= (HCRYPTKEY
)INVALID_HANDLE_VALUE
)
862 pCryptKey
->aiAlgid
= aiAlgid
;
863 pCryptKey
->hProv
= hProv
;
864 pCryptKey
->dwModeBits
= 0;
865 pCryptKey
->dwPermissions
= CRYPT_ENCRYPT
| CRYPT_DECRYPT
| CRYPT_READ
| CRYPT_WRITE
|
867 if (dwFlags
& CRYPT_EXPORTABLE
)
868 pCryptKey
->dwPermissions
|= CRYPT_EXPORT
;
869 pCryptKey
->dwKeyLen
= dwKeyLen
>> 3;
870 pCryptKey
->dwEffectiveKeyLen
= 0;
871 if ((dwFlags
& CRYPT_CREATE_SALT
) || (dwKeyLen
== 40 && !(dwFlags
& CRYPT_NO_SALT
)))
872 pCryptKey
->dwSaltLen
= 16 /*FIXME*/ - pCryptKey
->dwKeyLen
;
874 pCryptKey
->dwSaltLen
= 0;
875 memset(pCryptKey
->abKeyValue
, 0, sizeof(pCryptKey
->abKeyValue
));
876 memset(pCryptKey
->abInitVector
, 0, sizeof(pCryptKey
->abInitVector
));
877 memset(&pCryptKey
->siSChannelInfo
.saEncAlg
, 0, sizeof(pCryptKey
->siSChannelInfo
.saEncAlg
));
878 memset(&pCryptKey
->siSChannelInfo
.saMACAlg
, 0, sizeof(pCryptKey
->siSChannelInfo
.saMACAlg
));
879 init_data_blob(&pCryptKey
->siSChannelInfo
.blobClientRandom
);
880 init_data_blob(&pCryptKey
->siSChannelInfo
.blobServerRandom
);
881 init_data_blob(&pCryptKey
->blobHmacKey
);
885 case CALG_PCT1_MASTER
:
886 case CALG_SSL2_MASTER
:
887 case CALG_SSL3_MASTER
:
888 case CALG_TLS1_MASTER
:
890 pCryptKey
->dwBlockLen
= 0;
891 pCryptKey
->dwMode
= 0;
898 pCryptKey
->dwBlockLen
= 8;
899 pCryptKey
->dwMode
= CRYPT_MODE_CBC
;
906 pCryptKey
->dwBlockLen
= 16;
907 pCryptKey
->dwMode
= CRYPT_MODE_ECB
;
912 pCryptKey
->dwBlockLen
= dwKeyLen
>> 3;
913 pCryptKey
->dwMode
= 0;
917 pCryptKey
->dwBlockLen
= 0;
918 pCryptKey
->dwMode
= 0;
922 *ppCryptKey
= pCryptKey
;
928 /******************************************************************************
929 * map_key_spec_to_key_pair_name [Internal]
931 * Returns the name of the registry value associated with a key spec.
934 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
937 * Success: Name of registry value.
940 static LPCSTR
map_key_spec_to_key_pair_name(DWORD dwKeySpec
)
947 szValueName
= "KeyExchangeKeyPair";
950 szValueName
= "SignatureKeyPair";
953 WARN("invalid key spec %d\n", dwKeySpec
);
959 /******************************************************************************
960 * store_key_pair [Internal]
962 * Stores a key pair to the registry
965 * hCryptKey [I] Handle to the key to be stored
966 * hKey [I] Registry key where the key pair is to be stored
967 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
968 * dwFlags [I] Flags for protecting the key
970 static void store_key_pair(HCRYPTKEY hCryptKey
, HKEY hKey
, DWORD dwKeySpec
, DWORD dwFlags
)
973 DATA_BLOB blobIn
, blobOut
;
978 if (!(szValueName
= map_key_spec_to_key_pair_name(dwKeySpec
)))
980 if (lookup_handle(&handle_table
, hCryptKey
, RSAENH_MAGIC_KEY
,
983 if (crypt_export_key(pKey
, 0, PRIVATEKEYBLOB
, 0, TRUE
, 0, &dwLen
))
985 pbKey
= HeapAlloc(GetProcessHeap(), 0, dwLen
);
988 if (crypt_export_key(pKey
, 0, PRIVATEKEYBLOB
, 0, TRUE
, pbKey
,
991 blobIn
.pbData
= pbKey
;
992 blobIn
.cbData
= dwLen
;
994 if (CryptProtectData(&blobIn
, NULL
, NULL
, NULL
, NULL
,
997 RegSetValueExA(hKey
, szValueName
, 0, REG_BINARY
,
998 blobOut
.pbData
, blobOut
.cbData
);
999 LocalFree(blobOut
.pbData
);
1002 HeapFree(GetProcessHeap(), 0, pbKey
);
1008 /******************************************************************************
1009 * map_key_spec_to_permissions_name [Internal]
1011 * Returns the name of the registry value associated with the permissions for
1015 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
1018 * Success: Name of registry value.
1021 static LPCSTR
map_key_spec_to_permissions_name(DWORD dwKeySpec
)
1027 case AT_KEYEXCHANGE
:
1028 szValueName
= "KeyExchangePermissions";
1031 szValueName
= "SignaturePermissions";
1034 WARN("invalid key spec %d\n", dwKeySpec
);
1040 /******************************************************************************
1041 * store_key_permissions [Internal]
1043 * Stores a key's permissions to the registry
1046 * hCryptKey [I] Handle to the key whose permissions are to be stored
1047 * hKey [I] Registry key where the key permissions are to be stored
1048 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
1050 static void store_key_permissions(HCRYPTKEY hCryptKey
, HKEY hKey
, DWORD dwKeySpec
)
1055 if (!(szValueName
= map_key_spec_to_permissions_name(dwKeySpec
)))
1057 if (lookup_handle(&handle_table
, hCryptKey
, RSAENH_MAGIC_KEY
,
1058 (OBJECTHDR
**)&pKey
))
1059 RegSetValueExA(hKey
, szValueName
, 0, REG_DWORD
,
1060 (BYTE
*)&pKey
->dwPermissions
,
1061 sizeof(pKey
->dwPermissions
));
1064 /******************************************************************************
1065 * create_container_key [Internal]
1067 * Creates the registry key for a key container's persistent storage.
1070 * pKeyContainer [I] Pointer to the key container
1071 * sam [I] Desired registry access
1072 * phKey [O] Returned key
1074 static BOOL
create_container_key(KEYCONTAINER
*pKeyContainer
, REGSAM sam
, HKEY
*phKey
)
1076 CHAR szRSABase
[MAX_PATH
];
1079 sprintf(szRSABase
, RSAENH_REGKEY
, pKeyContainer
->szName
);
1081 if (pKeyContainer
->dwFlags
& CRYPT_MACHINE_KEYSET
)
1082 hRootKey
= HKEY_LOCAL_MACHINE
;
1084 hRootKey
= HKEY_CURRENT_USER
;
1086 /* @@ Wine registry key: HKLM\Software\Wine\Crypto\RSA */
1087 /* @@ Wine registry key: HKCU\Software\Wine\Crypto\RSA */
1088 return RegCreateKeyExA(hRootKey
, szRSABase
, 0, NULL
,
1089 REG_OPTION_NON_VOLATILE
, sam
, NULL
, phKey
, NULL
)
1093 /******************************************************************************
1094 * open_container_key [Internal]
1096 * Opens a key container's persistent storage for reading.
1099 * pszContainerName [I] Name of the container to be opened. May be the empty
1100 * string if the parent key of all containers is to be
1102 * dwFlags [I] Flags indicating which keyset to be opened.
1103 * phKey [O] Returned key
1105 static BOOL
open_container_key(LPCSTR pszContainerName
, DWORD dwFlags
, REGSAM access
, HKEY
*phKey
)
1107 CHAR szRSABase
[MAX_PATH
];
1110 sprintf(szRSABase
, RSAENH_REGKEY
, pszContainerName
);
1112 if (dwFlags
& CRYPT_MACHINE_KEYSET
)
1113 hRootKey
= HKEY_LOCAL_MACHINE
;
1115 hRootKey
= HKEY_CURRENT_USER
;
1117 /* @@ Wine registry key: HKLM\Software\Wine\Crypto\RSA */
1118 /* @@ Wine registry key: HKCU\Software\Wine\Crypto\RSA */
1119 return RegOpenKeyExA(hRootKey
, szRSABase
, 0, access
, phKey
) ==
1123 /******************************************************************************
1124 * delete_container_key [Internal]
1126 * Deletes a key container's persistent storage.
1129 * pszContainerName [I] Name of the container to be opened.
1130 * dwFlags [I] Flags indicating which keyset to be opened.
1132 static BOOL
delete_container_key(LPCSTR pszContainerName
, DWORD dwFlags
)
1134 CHAR szRegKey
[MAX_PATH
];
1136 if (snprintf(szRegKey
, MAX_PATH
, RSAENH_REGKEY
, pszContainerName
) >= MAX_PATH
) {
1137 SetLastError(NTE_BAD_KEYSET_PARAM
);
1141 if (dwFlags
& CRYPT_MACHINE_KEYSET
)
1142 hRootKey
= HKEY_LOCAL_MACHINE
;
1144 hRootKey
= HKEY_CURRENT_USER
;
1145 if (!RegDeleteKeyA(hRootKey
, szRegKey
)) {
1146 SetLastError(ERROR_SUCCESS
);
1149 SetLastError(NTE_BAD_KEYSET
);
1155 /******************************************************************************
1156 * store_key_container_keys [Internal]
1158 * Stores key container's keys in a persistent location.
1161 * pKeyContainer [I] Pointer to the key container whose keys are to be saved
1163 static void store_key_container_keys(KEYCONTAINER
*pKeyContainer
)
1168 /* On WinXP, persistent keys are stored in a file located at:
1169 * $AppData$\\Microsoft\\Crypto\\RSA\\$SID$\\some_hex_string
1172 if (pKeyContainer
->dwFlags
& CRYPT_MACHINE_KEYSET
)
1173 dwFlags
= CRYPTPROTECT_LOCAL_MACHINE
;
1177 if (create_container_key(pKeyContainer
, KEY_WRITE
, &hKey
))
1179 store_key_pair(pKeyContainer
->hKeyExchangeKeyPair
, hKey
,
1180 AT_KEYEXCHANGE
, dwFlags
);
1181 store_key_pair(pKeyContainer
->hSignatureKeyPair
, hKey
,
1182 AT_SIGNATURE
, dwFlags
);
1187 /******************************************************************************
1188 * store_key_container_permissions [Internal]
1190 * Stores key container's key permissions in a persistent location.
1193 * pKeyContainer [I] Pointer to the key container whose key permissions are to
1196 static void store_key_container_permissions(KEYCONTAINER
*pKeyContainer
)
1200 if (create_container_key(pKeyContainer
, KEY_WRITE
, &hKey
))
1202 store_key_permissions(pKeyContainer
->hKeyExchangeKeyPair
, hKey
,
1204 store_key_permissions(pKeyContainer
->hSignatureKeyPair
, hKey
,
1210 /******************************************************************************
1211 * release_key_container_keys [Internal]
1213 * Releases key container's keys.
1216 * pKeyContainer [I] Pointer to the key container whose keys are to be released.
1218 static void release_key_container_keys(KEYCONTAINER
*pKeyContainer
)
1220 release_handle(&handle_table
, pKeyContainer
->hKeyExchangeKeyPair
,
1222 release_handle(&handle_table
, pKeyContainer
->hSignatureKeyPair
,
1226 /******************************************************************************
1227 * destroy_key_container [Internal]
1229 * Destructor for key containers.
1232 * pObjectHdr [I] Pointer to the key container to be destroyed.
1234 static void destroy_key_container(OBJECTHDR
*pObjectHdr
)
1236 KEYCONTAINER
*pKeyContainer
= (KEYCONTAINER
*)pObjectHdr
;
1238 if (!(pKeyContainer
->dwFlags
& CRYPT_VERIFYCONTEXT
))
1240 store_key_container_keys(pKeyContainer
);
1241 store_key_container_permissions(pKeyContainer
);
1242 release_key_container_keys(pKeyContainer
);
1245 release_key_container_keys(pKeyContainer
);
1246 HeapFree( GetProcessHeap(), 0, pKeyContainer
);
1249 /******************************************************************************
1250 * new_key_container [Internal]
1252 * Create a new key container. The personality (RSA Base, Strong or Enhanced CP)
1253 * of the CSP is determined via the pVTable->pszProvName string.
1256 * pszContainerName [I] Name of the key container.
1257 * pVTable [I] Callback functions and context info provided by the OS
1260 * Success: Handle to the new key container.
1261 * Failure: INVALID_HANDLE_VALUE
1263 static HCRYPTPROV
new_key_container(PCCH pszContainerName
, DWORD dwFlags
, const VTableProvStruc
*pVTable
)
1265 KEYCONTAINER
*pKeyContainer
;
1266 HCRYPTPROV hKeyContainer
;
1268 hKeyContainer
= new_object(&handle_table
, sizeof(KEYCONTAINER
), RSAENH_MAGIC_CONTAINER
,
1269 destroy_key_container
, (OBJECTHDR
**)&pKeyContainer
);
1270 if (hKeyContainer
!= (HCRYPTPROV
)INVALID_HANDLE_VALUE
)
1272 lstrcpynA(pKeyContainer
->szName
, pszContainerName
, MAX_PATH
);
1273 pKeyContainer
->dwFlags
= dwFlags
;
1274 pKeyContainer
->dwEnumAlgsCtr
= 0;
1275 pKeyContainer
->hKeyExchangeKeyPair
= (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
1276 pKeyContainer
->hSignatureKeyPair
= (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
1277 if (pVTable
&& pVTable
->pszProvName
) {
1278 lstrcpynA(pKeyContainer
->szProvName
, pVTable
->pszProvName
, MAX_PATH
);
1279 if (!strcmp(pVTable
->pszProvName
, MS_DEF_PROV_A
)) {
1280 pKeyContainer
->dwPersonality
= RSAENH_PERSONALITY_BASE
;
1281 } else if (!strcmp(pVTable
->pszProvName
, MS_ENHANCED_PROV_A
)) {
1282 pKeyContainer
->dwPersonality
= RSAENH_PERSONALITY_ENHANCED
;
1283 } else if (!strcmp(pVTable
->pszProvName
, MS_DEF_RSA_SCHANNEL_PROV_A
)) {
1284 pKeyContainer
->dwPersonality
= RSAENH_PERSONALITY_SCHANNEL
;
1285 } else if (!strcmp(pVTable
->pszProvName
, MS_ENH_RSA_AES_PROV_A
)) {
1286 pKeyContainer
->dwPersonality
= RSAENH_PERSONALITY_AES
;
1288 pKeyContainer
->dwPersonality
= RSAENH_PERSONALITY_STRONG
;
1292 /* The new key container has to be inserted into the CSP immediately
1293 * after creation to be available for CPGetProvParam's PP_ENUMCONTAINERS. */
1294 if (!(dwFlags
& CRYPT_VERIFYCONTEXT
)) {
1297 if (create_container_key(pKeyContainer
, KEY_WRITE
, &hKey
))
1302 return hKeyContainer
;
1305 /******************************************************************************
1306 * read_key_value [Internal]
1308 * Reads a key pair value from the registry
1311 * hKeyContainer [I] Crypt provider to use to import the key
1312 * hKey [I] Registry key from which to read the key pair
1313 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
1314 * dwFlags [I] Flags for unprotecting the key
1315 * phCryptKey [O] Returned key
1317 static BOOL
read_key_value(HCRYPTPROV hKeyContainer
, HKEY hKey
, DWORD dwKeySpec
, DWORD dwFlags
, HCRYPTKEY
*phCryptKey
)
1320 DWORD dwValueType
, dwLen
;
1322 DATA_BLOB blobIn
, blobOut
;
1325 if (!(szValueName
= map_key_spec_to_key_pair_name(dwKeySpec
)))
1327 if (RegQueryValueExA(hKey
, szValueName
, 0, &dwValueType
, NULL
, &dwLen
) ==
1330 pbKey
= HeapAlloc(GetProcessHeap(), 0, dwLen
);
1333 if (RegQueryValueExA(hKey
, szValueName
, 0, &dwValueType
, pbKey
, &dwLen
) ==
1336 blobIn
.pbData
= pbKey
;
1337 blobIn
.cbData
= dwLen
;
1339 if (CryptUnprotectData(&blobIn
, NULL
, NULL
, NULL
, NULL
,
1342 ret
= import_key(hKeyContainer
, blobOut
.pbData
, blobOut
.cbData
, 0, 0,
1344 LocalFree(blobOut
.pbData
);
1347 HeapFree(GetProcessHeap(), 0, pbKey
);
1354 if (lookup_handle(&handle_table
, *phCryptKey
, RSAENH_MAGIC_KEY
,
1355 (OBJECTHDR
**)&pKey
))
1357 if ((szValueName
= map_key_spec_to_permissions_name(dwKeySpec
)))
1359 dwLen
= sizeof(pKey
->dwPermissions
);
1360 RegQueryValueExA(hKey
, szValueName
, 0, NULL
,
1361 (BYTE
*)&pKey
->dwPermissions
, &dwLen
);
1368 /******************************************************************************
1369 * read_key_container [Internal]
1371 * Tries to read the persistent state of the key container (mainly the signature
1372 * and key exchange private keys) given by pszContainerName.
1375 * pszContainerName [I] Name of the key container to read from the registry
1376 * pVTable [I] Pointer to context data provided by the operating system
1379 * Success: Handle to the key container read from the registry
1380 * Failure: INVALID_HANDLE_VALUE
1382 static HCRYPTPROV
read_key_container(PCHAR pszContainerName
, DWORD dwFlags
, const VTableProvStruc
*pVTable
)
1385 KEYCONTAINER
*pKeyContainer
;
1386 HCRYPTPROV hKeyContainer
;
1387 HCRYPTKEY hCryptKey
;
1389 if (!open_container_key(pszContainerName
, dwFlags
, KEY_READ
, &hKey
))
1391 SetLastError(NTE_BAD_KEYSET
);
1392 return (HCRYPTPROV
)INVALID_HANDLE_VALUE
;
1395 hKeyContainer
= new_key_container(pszContainerName
, dwFlags
, pVTable
);
1396 if (hKeyContainer
!= (HCRYPTPROV
)INVALID_HANDLE_VALUE
)
1398 DWORD dwProtectFlags
= (dwFlags
& CRYPT_MACHINE_KEYSET
) ?
1399 CRYPTPROTECT_LOCAL_MACHINE
: 0;
1401 if (!lookup_handle(&handle_table
, hKeyContainer
, RSAENH_MAGIC_CONTAINER
,
1402 (OBJECTHDR
**)&pKeyContainer
))
1403 return (HCRYPTPROV
)INVALID_HANDLE_VALUE
;
1405 /* read_key_value calls import_key, which calls import_private_key,
1406 * which implicitly installs the key value into the appropriate key
1407 * container key. Thus the ref count is incremented twice, once for
1408 * the output key value, and once for the implicit install, and needs
1409 * to be decremented to balance the two.
1411 if (read_key_value(hKeyContainer
, hKey
, AT_KEYEXCHANGE
,
1412 dwProtectFlags
, &hCryptKey
))
1413 release_handle(&handle_table
, hCryptKey
, RSAENH_MAGIC_KEY
);
1414 if (read_key_value(hKeyContainer
, hKey
, AT_SIGNATURE
,
1415 dwProtectFlags
, &hCryptKey
))
1416 release_handle(&handle_table
, hCryptKey
, RSAENH_MAGIC_KEY
);
1419 return hKeyContainer
;
1422 /******************************************************************************
1423 * build_hash_signature [Internal]
1425 * Builds a padded version of a hash to match the length of the RSA key modulus.
1428 * pbSignature [O] The padded hash object is stored here.
1429 * dwLen [I] Length of the pbSignature buffer.
1430 * aiAlgid [I] Algorithm identifier of the hash to be padded.
1431 * abHashValue [I] The value of the hash object.
1432 * dwHashLen [I] Length of the hash value.
1433 * dwFlags [I] Selection of padding algorithm.
1437 * Failure: FALSE (NTE_BAD_ALGID)
1439 static BOOL
build_hash_signature(BYTE
*pbSignature
, DWORD dwLen
, ALG_ID aiAlgid
,
1440 const BYTE
*abHashValue
, DWORD dwHashLen
, DWORD dwFlags
)
1442 /* These prefixes are meant to be concatenated with hash values of the
1443 * respective kind to form a PKCS #7 DigestInfo. */
1444 static const struct tagOIDDescriptor
{
1447 const BYTE abOID
[19];
1448 } aOIDDescriptor
[] = {
1449 { CALG_MD2
, 18, { 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48,
1450 0x86, 0xf7, 0x0d, 0x02, 0x02, 0x05, 0x00, 0x04, 0x10 } },
1451 { CALG_MD4
, 18, { 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48,
1452 0x86, 0xf7, 0x0d, 0x02, 0x04, 0x05, 0x00, 0x04, 0x10 } },
1453 { CALG_MD5
, 18, { 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48,
1454 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10 } },
1455 { CALG_SHA
, 15, { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03,
1456 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 } },
1457 { CALG_SHA_256
, 19, { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
1458 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
1459 0x05, 0x00, 0x04, 0x20 } },
1460 { CALG_SHA_384
, 19, { 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
1461 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
1462 0x05, 0x00, 0x04, 0x30 } },
1463 { CALG_SHA_384
, 19, { 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
1464 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
1465 0x05, 0x00, 0x04, 0x40 } },
1466 { CALG_SSL3_SHAMD5
, 0, { 0 } },
1469 DWORD dwIdxOID
, i
, j
;
1471 for (dwIdxOID
= 0; aOIDDescriptor
[dwIdxOID
].aiAlgid
; dwIdxOID
++) {
1472 if (aOIDDescriptor
[dwIdxOID
].aiAlgid
== aiAlgid
) break;
1475 if (!aOIDDescriptor
[dwIdxOID
].aiAlgid
) {
1476 SetLastError(NTE_BAD_ALGID
);
1480 /* Build the padded signature */
1481 if (dwFlags
& CRYPT_X931_FORMAT
) {
1482 pbSignature
[0] = 0x6b;
1483 for (i
=1; i
< dwLen
- dwHashLen
- 3; i
++) {
1484 pbSignature
[i
] = 0xbb;
1486 pbSignature
[i
++] = 0xba;
1487 for (j
=0; j
< dwHashLen
; j
++, i
++) {
1488 pbSignature
[i
] = abHashValue
[j
];
1490 pbSignature
[i
++] = 0x33;
1491 pbSignature
[i
++] = 0xcc;
1493 pbSignature
[0] = 0x00;
1494 pbSignature
[1] = 0x01;
1495 if (dwFlags
& CRYPT_NOHASHOID
) {
1496 for (i
=2; i
< dwLen
- 1 - dwHashLen
; i
++) {
1497 pbSignature
[i
] = 0xff;
1499 pbSignature
[i
++] = 0x00;
1501 for (i
=2; i
< dwLen
- 1 - aOIDDescriptor
[dwIdxOID
].dwLen
- dwHashLen
; i
++) {
1502 pbSignature
[i
] = 0xff;
1504 pbSignature
[i
++] = 0x00;
1505 for (j
=0; j
< aOIDDescriptor
[dwIdxOID
].dwLen
; j
++) {
1506 pbSignature
[i
++] = aOIDDescriptor
[dwIdxOID
].abOID
[j
];
1509 for (j
=0; j
< dwHashLen
; j
++) {
1510 pbSignature
[i
++] = abHashValue
[j
];
1517 /******************************************************************************
1520 * This is an implementation of the 'P_hash' helper function for TLS1's PRF.
1521 * It is used exclusively by tls1_prf. For details see RFC 2246, chapter 5.
1522 * The pseudo random stream generated by this function is exclusive or'ed with
1523 * the data in pbBuffer.
1526 * hHMAC [I] HMAC object, which will be used in pseudo random generation
1527 * pblobSeed [I] Seed value
1528 * pbBuffer [I/O] Pseudo random stream will be xor'ed to the provided data
1529 * dwBufferLen [I] Number of pseudo random bytes desired
1535 static BOOL
tls1_p(HCRYPTHASH hHMAC
, const PCRYPT_DATA_BLOB pblobSeed
, BYTE
*pbBuffer
,
1539 BYTE abAi
[RSAENH_MAX_HASH_SIZE
];
1542 if (!lookup_handle(&handle_table
, hHMAC
, RSAENH_MAGIC_HASH
, (OBJECTHDR
**)&pHMAC
)) {
1543 SetLastError(NTE_BAD_HASH
);
1547 /* compute A_1 = HMAC(seed) */
1549 update_hash(pHMAC
, pblobSeed
->pbData
, pblobSeed
->cbData
);
1550 finalize_hash(pHMAC
);
1551 memcpy(abAi
, pHMAC
->abHashValue
, pHMAC
->dwHashSize
);
1554 /* compute HMAC(A_i + seed) */
1556 update_hash(pHMAC
, abAi
, pHMAC
->dwHashSize
);
1557 update_hash(pHMAC
, pblobSeed
->pbData
, pblobSeed
->cbData
);
1558 finalize_hash(pHMAC
);
1560 /* pseudo random stream := CONCAT_{i=1..n} ( HMAC(A_i + seed) ) */
1562 if (i
>= dwBufferLen
) break;
1563 pbBuffer
[i
] ^= pHMAC
->abHashValue
[i
% pHMAC
->dwHashSize
];
1565 } while (i
% pHMAC
->dwHashSize
);
1567 /* compute A_{i+1} = HMAC(A_i) */
1569 update_hash(pHMAC
, abAi
, pHMAC
->dwHashSize
);
1570 finalize_hash(pHMAC
);
1571 memcpy(abAi
, pHMAC
->abHashValue
, pHMAC
->dwHashSize
);
1572 } while (i
< dwBufferLen
);
1577 /******************************************************************************
1578 * tls1_prf [Internal]
1580 * TLS1 pseudo random function as specified in RFC 2246, chapter 5
1583 * hProv [I] Key container used to compute the pseudo random stream
1584 * hSecret [I] Key that holds the (pre-)master secret
1585 * pblobLabel [I] Descriptive label
1586 * pblobSeed [I] Seed value
1587 * pbBuffer [O] Pseudo random numbers will be stored here
1588 * dwBufferLen [I] Number of pseudo random bytes desired
1594 static BOOL
tls1_prf(HCRYPTPROV hProv
, HCRYPTPROV hSecret
, const PCRYPT_DATA_BLOB pblobLabel
,
1595 const PCRYPT_DATA_BLOB pblobSeed
, BYTE
*pbBuffer
, DWORD dwBufferLen
)
1597 HMAC_INFO hmacInfo
= { 0, NULL
, 0, NULL
, 0 };
1598 HCRYPTHASH hHMAC
= (HCRYPTHASH
)INVALID_HANDLE_VALUE
;
1599 HCRYPTKEY hHalfSecret
= (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
1600 CRYPTKEY
*pHalfSecret
, *pSecret
;
1601 DWORD dwHalfSecretLen
;
1602 BOOL result
= FALSE
;
1603 CRYPT_DATA_BLOB blobLabelSeed
;
1605 TRACE("(hProv=%08lx, hSecret=%08lx, pblobLabel=%p, pblobSeed=%p, pbBuffer=%p, dwBufferLen=%d)\n",
1606 hProv
, hSecret
, pblobLabel
, pblobSeed
, pbBuffer
, dwBufferLen
);
1608 if (!lookup_handle(&handle_table
, hSecret
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pSecret
)) {
1609 SetLastError(NTE_FAIL
);
1613 dwHalfSecretLen
= (pSecret
->dwKeyLen
+1)/2;
1615 /* concatenation of the label and the seed */
1616 if (!concat_data_blobs(&blobLabelSeed
, pblobLabel
, pblobSeed
)) goto exit
;
1618 /* zero out the buffer, since two random streams will be xor'ed into it. */
1619 memset(pbBuffer
, 0, dwBufferLen
);
1621 /* build a 'fake' key, to hold the secret. CALG_SSL2_MASTER is used since it provides
1622 * the biggest range of valid key lengths. */
1623 hHalfSecret
= new_key(hProv
, CALG_SSL2_MASTER
, MAKELONG(0,dwHalfSecretLen
*8), &pHalfSecret
);
1624 if (hHalfSecret
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
) goto exit
;
1626 /* Derive an HMAC_MD5 hash and call the helper function. */
1627 memcpy(pHalfSecret
->abKeyValue
, pSecret
->abKeyValue
, dwHalfSecretLen
);
1628 if (!RSAENH_CPCreateHash(hProv
, CALG_HMAC
, hHalfSecret
, 0, &hHMAC
)) goto exit
;
1629 hmacInfo
.HashAlgid
= CALG_MD5
;
1630 if (!RSAENH_CPSetHashParam(hProv
, hHMAC
, HP_HMAC_INFO
, (BYTE
*)&hmacInfo
, 0)) goto exit
;
1631 if (!tls1_p(hHMAC
, &blobLabelSeed
, pbBuffer
, dwBufferLen
)) goto exit
;
1633 /* Reconfigure to HMAC_SHA hash and call helper function again. */
1634 memcpy(pHalfSecret
->abKeyValue
, pSecret
->abKeyValue
+ (pSecret
->dwKeyLen
/2), dwHalfSecretLen
);
1635 hmacInfo
.HashAlgid
= CALG_SHA
;
1636 if (!RSAENH_CPSetHashParam(hProv
, hHMAC
, HP_HMAC_INFO
, (BYTE
*)&hmacInfo
, 0)) goto exit
;
1637 if (!tls1_p(hHMAC
, &blobLabelSeed
, pbBuffer
, dwBufferLen
)) goto exit
;
1641 release_handle(&handle_table
, hHalfSecret
, RSAENH_MAGIC_KEY
);
1642 if (hHMAC
!= (HCRYPTHASH
)INVALID_HANDLE_VALUE
) RSAENH_CPDestroyHash(hProv
, hHMAC
);
1643 free_data_blob(&blobLabelSeed
);
1647 /******************************************************************************
1648 * pad_data [Internal]
1650 * Helper function for data padding according to PKCS1 #2
1653 * abData [I] The data to be padded
1654 * dwDataLen [I] Length of the data
1655 * abBuffer [O] Padded data will be stored here
1656 * dwBufferLen [I] Length of the buffer (also length of padded data)
1657 * dwFlags [I] Padding format (CRYPT_SSL2_FALLBACK)
1661 * Failure: FALSE (NTE_BAD_LEN, too much data to pad)
1663 static BOOL
pad_data(const BYTE
*abData
, DWORD dwDataLen
, BYTE
*abBuffer
, DWORD dwBufferLen
,
1668 /* Ensure there is enough space for PKCS1 #2 padding */
1669 if (dwDataLen
> dwBufferLen
-11) {
1670 SetLastError(NTE_BAD_LEN
);
1674 memmove(abBuffer
+ dwBufferLen
- dwDataLen
, abData
, dwDataLen
);
1677 abBuffer
[1] = RSAENH_PKC_BLOCKTYPE
;
1678 for (i
=2; i
< dwBufferLen
- dwDataLen
- 1; i
++)
1679 do gen_rand_impl(&abBuffer
[i
], 1); while (!abBuffer
[i
]);
1680 if (dwFlags
& CRYPT_SSL2_FALLBACK
)
1681 for (i
-=8; i
< dwBufferLen
- dwDataLen
- 1; i
++)
1688 /******************************************************************************
1689 * unpad_data [Internal]
1691 * Remove the PKCS1 padding from RSA decrypted data
1694 * abData [I] The padded data
1695 * dwDataLen [I] Length of the padded data
1696 * abBuffer [O] Data without padding will be stored here
1697 * dwBufferLen [I/O] I: Length of the buffer, O: Length of unpadded data
1698 * dwFlags [I] Currently none defined
1702 * Failure: FALSE, (NTE_BAD_DATA, no valid PKCS1 padding or buffer too small)
1704 static BOOL
unpad_data(const BYTE
*abData
, DWORD dwDataLen
, BYTE
*abBuffer
, DWORD
*dwBufferLen
,
1711 SetLastError(NTE_BAD_DATA
);
1714 for (i
=2; i
<dwDataLen
; i
++)
1718 if ((i
== dwDataLen
) || (*dwBufferLen
< dwDataLen
- i
- 1) ||
1719 (abData
[0] != 0x00) || (abData
[1] != RSAENH_PKC_BLOCKTYPE
))
1721 SetLastError(NTE_BAD_DATA
);
1725 *dwBufferLen
= dwDataLen
- i
- 1;
1726 memmove(abBuffer
, abData
+ i
+ 1, *dwBufferLen
);
1730 /******************************************************************************
1731 * CPAcquireContext (RSAENH.@)
1733 * Acquire a handle to the key container specified by pszContainer
1736 * phProv [O] Pointer to the location the acquired handle will be written to.
1737 * pszContainer [I] Name of the desired key container. See Notes
1738 * dwFlags [I] Flags. See Notes.
1739 * pVTable [I] Pointer to a PVTableProvStruct containing callbacks.
1746 * If pszContainer is NULL or points to a zero length string the user's login
1747 * name will be used as the key container name.
1749 * If the CRYPT_NEW_KEYSET flag is set in dwFlags a new keyset will be created.
1750 * If a keyset with the given name already exists, the function fails and sets
1751 * last error to NTE_EXISTS. If CRYPT_NEW_KEYSET is not set and the specified
1752 * key container does not exist, function fails and sets last error to
1755 BOOL WINAPI
RSAENH_CPAcquireContext(HCRYPTPROV
*phProv
, LPSTR pszContainer
,
1756 DWORD dwFlags
, PVTableProvStruc pVTable
)
1758 CHAR szKeyContainerName
[MAX_PATH
];
1760 TRACE("(phProv=%p, pszContainer=%s, dwFlags=%08x, pVTable=%p)\n", phProv
,
1761 debugstr_a(pszContainer
), dwFlags
, pVTable
);
1763 if (pszContainer
&& *pszContainer
)
1765 lstrcpynA(szKeyContainerName
, pszContainer
, MAX_PATH
);
1769 DWORD dwLen
= sizeof(szKeyContainerName
);
1770 if (!GetUserNameA(szKeyContainerName
, &dwLen
)) return FALSE
;
1773 switch (dwFlags
& (CRYPT_NEWKEYSET
|CRYPT_VERIFYCONTEXT
|CRYPT_DELETEKEYSET
))
1776 *phProv
= read_key_container(szKeyContainerName
, dwFlags
, pVTable
);
1779 case CRYPT_DELETEKEYSET
:
1780 return delete_container_key(szKeyContainerName
, dwFlags
);
1782 case CRYPT_NEWKEYSET
:
1783 *phProv
= read_key_container(szKeyContainerName
, dwFlags
, pVTable
);
1784 if (*phProv
!= (HCRYPTPROV
)INVALID_HANDLE_VALUE
)
1786 release_handle(&handle_table
, *phProv
, RSAENH_MAGIC_CONTAINER
);
1787 TRACE("Can't create new keyset, already exists\n");
1788 SetLastError(NTE_EXISTS
);
1791 *phProv
= new_key_container(szKeyContainerName
, dwFlags
, pVTable
);
1794 case CRYPT_VERIFYCONTEXT
|CRYPT_NEWKEYSET
:
1795 case CRYPT_VERIFYCONTEXT
:
1796 if (pszContainer
&& *pszContainer
) {
1797 TRACE("pszContainer should be empty\n");
1798 SetLastError(NTE_BAD_FLAGS
);
1801 *phProv
= new_key_container("", dwFlags
, pVTable
);
1805 *phProv
= (HCRYPTPROV
)INVALID_HANDLE_VALUE
;
1806 SetLastError(NTE_BAD_FLAGS
);
1810 if (*phProv
!= (HCRYPTPROV
)INVALID_HANDLE_VALUE
) {
1811 SetLastError(ERROR_SUCCESS
);
1818 /******************************************************************************
1819 * CPCreateHash (RSAENH.@)
1821 * CPCreateHash creates and initializes a new hash object.
1824 * hProv [I] Handle to the key container to which the new hash will belong.
1825 * Algid [I] Identifies the hash algorithm, which will be used for the hash.
1826 * hKey [I] Handle to a session key applied for keyed hashes.
1827 * dwFlags [I] Currently no flags defined. Must be zero.
1828 * phHash [O] Points to the location where a handle to the new hash will be stored.
1835 * hKey is a handle to a session key applied in keyed hashes like MAC and HMAC.
1836 * If a normal hash object is to be created (like e.g. MD2 or SHA1) hKey must be zero.
1838 BOOL WINAPI
RSAENH_CPCreateHash(HCRYPTPROV hProv
, ALG_ID Algid
, HCRYPTKEY hKey
, DWORD dwFlags
,
1841 CRYPTKEY
*pCryptKey
;
1842 CRYPTHASH
*pCryptHash
;
1843 const PROV_ENUMALGS_EX
*peaAlgidInfo
;
1845 TRACE("(hProv=%08lx, Algid=%08x, hKey=%08lx, dwFlags=%08x, phHash=%p)\n", hProv
, Algid
, hKey
,
1848 peaAlgidInfo
= get_algid_info(hProv
, Algid
);
1849 if (!peaAlgidInfo
) return FALSE
;
1853 SetLastError(NTE_BAD_FLAGS
);
1857 if (Algid
== CALG_MAC
|| Algid
== CALG_HMAC
|| Algid
== CALG_SCHANNEL_MASTER_HASH
||
1858 Algid
== CALG_TLS1PRF
)
1860 if (!lookup_handle(&handle_table
, hKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pCryptKey
)) {
1861 SetLastError(NTE_BAD_KEY
);
1865 if ((Algid
== CALG_MAC
) && (GET_ALG_TYPE(pCryptKey
->aiAlgid
) != ALG_TYPE_BLOCK
)) {
1866 SetLastError(NTE_BAD_KEY
);
1870 if ((Algid
== CALG_SCHANNEL_MASTER_HASH
|| Algid
== CALG_TLS1PRF
) &&
1871 (pCryptKey
->aiAlgid
!= CALG_TLS1_MASTER
))
1873 SetLastError(NTE_BAD_KEY
);
1876 if (Algid
== CALG_SCHANNEL_MASTER_HASH
&&
1877 ((!pCryptKey
->siSChannelInfo
.blobClientRandom
.cbData
) ||
1878 (!pCryptKey
->siSChannelInfo
.blobServerRandom
.cbData
)))
1880 SetLastError(ERROR_INVALID_PARAMETER
);
1884 if ((Algid
== CALG_TLS1PRF
) && (pCryptKey
->dwState
!= RSAENH_KEYSTATE_MASTERKEY
)) {
1885 SetLastError(NTE_BAD_KEY_STATE
);
1890 *phHash
= new_object(&handle_table
, sizeof(CRYPTHASH
), RSAENH_MAGIC_HASH
,
1891 destroy_hash
, (OBJECTHDR
**)&pCryptHash
);
1892 if (!pCryptHash
) return FALSE
;
1894 pCryptHash
->aiAlgid
= Algid
;
1895 pCryptHash
->hKey
= hKey
;
1896 pCryptHash
->hProv
= hProv
;
1897 pCryptHash
->dwState
= RSAENH_HASHSTATE_HASHING
;
1898 pCryptHash
->pHMACInfo
= NULL
;
1899 pCryptHash
->dwHashSize
= peaAlgidInfo
->dwDefaultLen
>> 3;
1900 init_data_blob(&pCryptHash
->tpPRFParams
.blobLabel
);
1901 init_data_blob(&pCryptHash
->tpPRFParams
.blobSeed
);
1903 if (Algid
== CALG_SCHANNEL_MASTER_HASH
) {
1904 static const char keyex
[] = "key expansion";
1905 BYTE key_expansion
[sizeof keyex
];
1906 CRYPT_DATA_BLOB blobRandom
, blobKeyExpansion
= { 13, key_expansion
};
1908 memcpy( key_expansion
, keyex
, sizeof keyex
);
1910 if (pCryptKey
->dwState
!= RSAENH_KEYSTATE_MASTERKEY
) {
1911 static const char msec
[] = "master secret";
1912 BYTE master_secret
[sizeof msec
];
1913 CRYPT_DATA_BLOB blobLabel
= { 13, master_secret
};
1914 BYTE abKeyValue
[48];
1916 memcpy( master_secret
, msec
, sizeof msec
);
1918 /* See RFC 2246, chapter 8.1 */
1919 if (!concat_data_blobs(&blobRandom
,
1920 &pCryptKey
->siSChannelInfo
.blobClientRandom
,
1921 &pCryptKey
->siSChannelInfo
.blobServerRandom
))
1925 tls1_prf(hProv
, hKey
, &blobLabel
, &blobRandom
, abKeyValue
, 48);
1926 pCryptKey
->dwState
= RSAENH_KEYSTATE_MASTERKEY
;
1927 memcpy(pCryptKey
->abKeyValue
, abKeyValue
, 48);
1928 free_data_blob(&blobRandom
);
1931 /* See RFC 2246, chapter 6.3 */
1932 if (!concat_data_blobs(&blobRandom
,
1933 &pCryptKey
->siSChannelInfo
.blobServerRandom
,
1934 &pCryptKey
->siSChannelInfo
.blobClientRandom
))
1938 tls1_prf(hProv
, hKey
, &blobKeyExpansion
, &blobRandom
, pCryptHash
->abHashValue
,
1939 RSAENH_MAX_HASH_SIZE
);
1940 free_data_blob(&blobRandom
);
1943 return init_hash(pCryptHash
);
1946 /******************************************************************************
1947 * CPDestroyHash (RSAENH.@)
1949 * Releases the handle to a hash object. The object is destroyed if its reference
1950 * count reaches zero.
1953 * hProv [I] Handle to the key container to which the hash object belongs.
1954 * hHash [I] Handle to the hash object to be released.
1960 BOOL WINAPI
RSAENH_CPDestroyHash(HCRYPTPROV hProv
, HCRYPTHASH hHash
)
1962 TRACE("(hProv=%08lx, hHash=%08lx)\n", hProv
, hHash
);
1964 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
1966 SetLastError(NTE_BAD_UID
);
1970 if (!release_handle(&handle_table
, hHash
, RSAENH_MAGIC_HASH
))
1972 SetLastError(NTE_BAD_HASH
);
1979 /******************************************************************************
1980 * CPDestroyKey (RSAENH.@)
1982 * Releases the handle to a key object. The object is destroyed if its reference
1983 * count reaches zero.
1986 * hProv [I] Handle to the key container to which the key object belongs.
1987 * hKey [I] Handle to the key object to be released.
1993 BOOL WINAPI
RSAENH_CPDestroyKey(HCRYPTPROV hProv
, HCRYPTKEY hKey
)
1995 TRACE("(hProv=%08lx, hKey=%08lx)\n", hProv
, hKey
);
1997 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
1999 SetLastError(NTE_BAD_UID
);
2003 if (!release_handle(&handle_table
, hKey
, RSAENH_MAGIC_KEY
))
2005 SetLastError(NTE_BAD_KEY
);
2012 /******************************************************************************
2013 * CPDuplicateHash (RSAENH.@)
2015 * Clones a hash object including its current state.
2018 * hUID [I] Handle to the key container the hash belongs to.
2019 * hHash [I] Handle to the hash object to be cloned.
2020 * pdwReserved [I] Reserved. Must be NULL.
2021 * dwFlags [I] No flags are currently defined. Must be 0.
2022 * phHash [O] Handle to the cloned hash object.
2028 BOOL WINAPI
RSAENH_CPDuplicateHash(HCRYPTPROV hUID
, HCRYPTHASH hHash
, DWORD
*pdwReserved
,
2029 DWORD dwFlags
, HCRYPTHASH
*phHash
)
2031 CRYPTHASH
*pSrcHash
, *pDestHash
;
2033 TRACE("(hUID=%08lx, hHash=%08lx, pdwReserved=%p, dwFlags=%08x, phHash=%p)\n", hUID
, hHash
,
2034 pdwReserved
, dwFlags
, phHash
);
2036 if (!is_valid_handle(&handle_table
, hUID
, RSAENH_MAGIC_CONTAINER
))
2038 SetLastError(NTE_BAD_UID
);
2042 if (!lookup_handle(&handle_table
, hHash
, RSAENH_MAGIC_HASH
, (OBJECTHDR
**)&pSrcHash
))
2044 SetLastError(NTE_BAD_HASH
);
2048 if (!phHash
|| pdwReserved
|| dwFlags
)
2050 SetLastError(ERROR_INVALID_PARAMETER
);
2054 *phHash
= new_object(&handle_table
, sizeof(CRYPTHASH
), RSAENH_MAGIC_HASH
,
2055 destroy_hash
, (OBJECTHDR
**)&pDestHash
);
2056 if (*phHash
!= (HCRYPTHASH
)INVALID_HANDLE_VALUE
)
2058 *pDestHash
= *pSrcHash
;
2059 duplicate_hash_impl(pSrcHash
->aiAlgid
, &pSrcHash
->context
, &pDestHash
->context
);
2060 copy_hmac_info(&pDestHash
->pHMACInfo
, pSrcHash
->pHMACInfo
);
2061 copy_data_blob(&pDestHash
->tpPRFParams
.blobLabel
, &pSrcHash
->tpPRFParams
.blobLabel
);
2062 copy_data_blob(&pDestHash
->tpPRFParams
.blobSeed
, &pSrcHash
->tpPRFParams
.blobSeed
);
2065 return *phHash
!= (HCRYPTHASH
)INVALID_HANDLE_VALUE
;
2068 /******************************************************************************
2069 * CPDuplicateKey (RSAENH.@)
2071 * Clones a key object including its current state.
2074 * hUID [I] Handle to the key container the hash belongs to.
2075 * hKey [I] Handle to the key object to be cloned.
2076 * pdwReserved [I] Reserved. Must be NULL.
2077 * dwFlags [I] No flags are currently defined. Must be 0.
2078 * phHash [O] Handle to the cloned key object.
2084 BOOL WINAPI
RSAENH_CPDuplicateKey(HCRYPTPROV hUID
, HCRYPTKEY hKey
, DWORD
*pdwReserved
,
2085 DWORD dwFlags
, HCRYPTKEY
*phKey
)
2087 CRYPTKEY
*pSrcKey
, *pDestKey
;
2089 TRACE("(hUID=%08lx, hKey=%08lx, pdwReserved=%p, dwFlags=%08x, phKey=%p)\n", hUID
, hKey
,
2090 pdwReserved
, dwFlags
, phKey
);
2092 if (!is_valid_handle(&handle_table
, hUID
, RSAENH_MAGIC_CONTAINER
))
2094 SetLastError(NTE_BAD_UID
);
2098 if (!lookup_handle(&handle_table
, hKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pSrcKey
))
2100 SetLastError(NTE_BAD_KEY
);
2104 if (!phKey
|| pdwReserved
|| dwFlags
)
2106 SetLastError(ERROR_INVALID_PARAMETER
);
2110 *phKey
= new_object(&handle_table
, sizeof(CRYPTKEY
), RSAENH_MAGIC_KEY
, destroy_key
,
2111 (OBJECTHDR
**)&pDestKey
);
2112 if (*phKey
!= (HCRYPTKEY
)INVALID_HANDLE_VALUE
)
2114 *pDestKey
= *pSrcKey
;
2115 copy_data_blob(&pDestKey
->siSChannelInfo
.blobServerRandom
,
2116 &pSrcKey
->siSChannelInfo
.blobServerRandom
);
2117 copy_data_blob(&pDestKey
->siSChannelInfo
.blobClientRandom
,
2118 &pSrcKey
->siSChannelInfo
.blobClientRandom
);
2119 duplicate_key_impl(pSrcKey
->aiAlgid
, &pSrcKey
->context
, &pDestKey
->context
);
2128 /******************************************************************************
2129 * CPEncrypt (RSAENH.@)
2134 * hProv [I] The key container hKey and hHash belong to.
2135 * hKey [I] The key used to encrypt the data.
2136 * hHash [I] An optional hash object for parallel hashing. See notes.
2137 * Final [I] Indicates if this is the last block of data to encrypt.
2138 * dwFlags [I] Currently no flags defined. Must be zero.
2139 * pbData [I/O] Pointer to the data to encrypt. Encrypted data will also be stored there.
2140 * pdwDataLen [I/O] I: Length of data to encrypt, O: Length of encrypted data.
2141 * dwBufLen [I] Size of the buffer at pbData.
2148 * If a hash object handle is provided in hHash, it will be updated with the plaintext.
2149 * This is useful for message signatures.
2151 * This function uses the standard WINAPI protocol for querying data of dynamic length.
2153 BOOL WINAPI
RSAENH_CPEncrypt(HCRYPTPROV hProv
, HCRYPTKEY hKey
, HCRYPTHASH hHash
, BOOL Final
,
2154 DWORD dwFlags
, BYTE
*pbData
, DWORD
*pdwDataLen
, DWORD dwBufLen
)
2156 CRYPTKEY
*pCryptKey
;
2157 BYTE
*in
, out
[RSAENH_MAX_BLOCK_SIZE
], o
[RSAENH_MAX_BLOCK_SIZE
];
2158 DWORD dwEncryptedLen
, i
, j
, k
;
2160 TRACE("(hProv=%08lx, hKey=%08lx, hHash=%08lx, Final=%d, dwFlags=%08x, pbData=%p, "
2161 "pdwDataLen=%p, dwBufLen=%d)\n", hProv
, hKey
, hHash
, Final
, dwFlags
, pbData
, pdwDataLen
,
2164 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
2166 SetLastError(NTE_BAD_UID
);
2172 SetLastError(NTE_BAD_FLAGS
);
2176 if (!lookup_handle(&handle_table
, hKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pCryptKey
))
2178 SetLastError(NTE_BAD_KEY
);
2182 if (pCryptKey
->dwState
== RSAENH_KEYSTATE_IDLE
)
2183 pCryptKey
->dwState
= RSAENH_KEYSTATE_ENCRYPTING
;
2185 if (pCryptKey
->dwState
!= RSAENH_KEYSTATE_ENCRYPTING
)
2187 SetLastError(NTE_BAD_DATA
);
2191 if (is_valid_handle(&handle_table
, hHash
, RSAENH_MAGIC_HASH
)) {
2192 if (!RSAENH_CPHashData(hProv
, hHash
, pbData
, *pdwDataLen
, 0)) return FALSE
;
2195 if (GET_ALG_TYPE(pCryptKey
->aiAlgid
) == ALG_TYPE_BLOCK
) {
2196 if (!Final
&& (*pdwDataLen
% pCryptKey
->dwBlockLen
)) {
2197 SetLastError(NTE_BAD_DATA
);
2201 dwEncryptedLen
= (*pdwDataLen
/pCryptKey
->dwBlockLen
+(Final
?1:0))*pCryptKey
->dwBlockLen
;
2203 if (pbData
== NULL
) {
2204 *pdwDataLen
= dwEncryptedLen
;
2207 else if (dwEncryptedLen
> dwBufLen
) {
2208 *pdwDataLen
= dwEncryptedLen
;
2209 SetLastError(ERROR_MORE_DATA
);
2213 /* Pad final block with length bytes */
2214 for (i
=*pdwDataLen
; i
<dwEncryptedLen
; i
++) pbData
[i
] = dwEncryptedLen
- *pdwDataLen
;
2215 *pdwDataLen
= dwEncryptedLen
;
2217 for (i
=0, in
=pbData
; i
<*pdwDataLen
; i
+=pCryptKey
->dwBlockLen
, in
+=pCryptKey
->dwBlockLen
) {
2218 switch (pCryptKey
->dwMode
) {
2219 case CRYPT_MODE_ECB
:
2220 encrypt_block_impl(pCryptKey
->aiAlgid
, 0, &pCryptKey
->context
, in
, out
,
2224 case CRYPT_MODE_CBC
:
2225 for (j
=0; j
<pCryptKey
->dwBlockLen
; j
++) in
[j
] ^= pCryptKey
->abChainVector
[j
];
2226 encrypt_block_impl(pCryptKey
->aiAlgid
, 0, &pCryptKey
->context
, in
, out
,
2228 memcpy(pCryptKey
->abChainVector
, out
, pCryptKey
->dwBlockLen
);
2231 case CRYPT_MODE_CFB
:
2232 for (j
=0; j
<pCryptKey
->dwBlockLen
; j
++) {
2233 encrypt_block_impl(pCryptKey
->aiAlgid
, 0, &pCryptKey
->context
,
2234 pCryptKey
->abChainVector
, o
, RSAENH_ENCRYPT
);
2235 out
[j
] = in
[j
] ^ o
[0];
2236 for (k
=0; k
<pCryptKey
->dwBlockLen
-1; k
++)
2237 pCryptKey
->abChainVector
[k
] = pCryptKey
->abChainVector
[k
+1];
2238 pCryptKey
->abChainVector
[k
] = out
[j
];
2243 SetLastError(NTE_BAD_ALGID
);
2246 memcpy(in
, out
, pCryptKey
->dwBlockLen
);
2248 } else if (GET_ALG_TYPE(pCryptKey
->aiAlgid
) == ALG_TYPE_STREAM
) {
2249 if (pbData
== NULL
) {
2250 *pdwDataLen
= dwBufLen
;
2253 encrypt_stream_impl(pCryptKey
->aiAlgid
, &pCryptKey
->context
, pbData
, *pdwDataLen
);
2254 } else if (GET_ALG_TYPE(pCryptKey
->aiAlgid
) == ALG_TYPE_RSA
) {
2255 if (pCryptKey
->aiAlgid
== CALG_RSA_SIGN
) {
2256 SetLastError(NTE_BAD_KEY
);
2260 *pdwDataLen
= pCryptKey
->dwBlockLen
;
2263 if (dwBufLen
< pCryptKey
->dwBlockLen
) {
2264 SetLastError(ERROR_MORE_DATA
);
2267 if (!pad_data(pbData
, *pdwDataLen
, pbData
, pCryptKey
->dwBlockLen
, dwFlags
)) return FALSE
;
2268 encrypt_block_impl(pCryptKey
->aiAlgid
, PK_PUBLIC
, &pCryptKey
->context
, pbData
, pbData
, RSAENH_ENCRYPT
);
2269 *pdwDataLen
= pCryptKey
->dwBlockLen
;
2272 SetLastError(NTE_BAD_TYPE
);
2276 if (Final
) setup_key(pCryptKey
);
2281 /******************************************************************************
2282 * CPDecrypt (RSAENH.@)
2287 * hProv [I] The key container hKey and hHash belong to.
2288 * hKey [I] The key used to decrypt the data.
2289 * hHash [I] An optional hash object for parallel hashing. See notes.
2290 * Final [I] Indicates if this is the last block of data to decrypt.
2291 * dwFlags [I] Currently no flags defined. Must be zero.
2292 * pbData [I/O] Pointer to the data to decrypt. Plaintext will also be stored there.
2293 * pdwDataLen [I/O] I: Length of ciphertext, O: Length of plaintext.
2300 * If a hash object handle is provided in hHash, it will be updated with the plaintext.
2301 * This is useful for message signatures.
2303 * This function uses the standard WINAPI protocol for querying data of dynamic length.
2305 BOOL WINAPI
RSAENH_CPDecrypt(HCRYPTPROV hProv
, HCRYPTKEY hKey
, HCRYPTHASH hHash
, BOOL Final
,
2306 DWORD dwFlags
, BYTE
*pbData
, DWORD
*pdwDataLen
)
2308 CRYPTKEY
*pCryptKey
;
2309 BYTE
*in
, out
[RSAENH_MAX_BLOCK_SIZE
], o
[RSAENH_MAX_BLOCK_SIZE
];
2313 TRACE("(hProv=%08lx, hKey=%08lx, hHash=%08lx, Final=%d, dwFlags=%08x, pbData=%p, "
2314 "pdwDataLen=%p)\n", hProv
, hKey
, hHash
, Final
, dwFlags
, pbData
, pdwDataLen
);
2316 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
2318 SetLastError(NTE_BAD_UID
);
2324 SetLastError(NTE_BAD_FLAGS
);
2328 if (!lookup_handle(&handle_table
, hKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pCryptKey
))
2330 SetLastError(NTE_BAD_KEY
);
2334 if (pCryptKey
->dwState
== RSAENH_KEYSTATE_IDLE
)
2335 pCryptKey
->dwState
= RSAENH_KEYSTATE_ENCRYPTING
;
2337 if (pCryptKey
->dwState
!= RSAENH_KEYSTATE_ENCRYPTING
)
2339 SetLastError(NTE_BAD_DATA
);
2345 if (GET_ALG_TYPE(pCryptKey
->aiAlgid
) == ALG_TYPE_BLOCK
) {
2346 for (i
=0, in
=pbData
; i
<*pdwDataLen
; i
+=pCryptKey
->dwBlockLen
, in
+=pCryptKey
->dwBlockLen
) {
2347 switch (pCryptKey
->dwMode
) {
2348 case CRYPT_MODE_ECB
:
2349 encrypt_block_impl(pCryptKey
->aiAlgid
, 0, &pCryptKey
->context
, in
, out
,
2353 case CRYPT_MODE_CBC
:
2354 encrypt_block_impl(pCryptKey
->aiAlgid
, 0, &pCryptKey
->context
, in
, out
,
2356 for (j
=0; j
<pCryptKey
->dwBlockLen
; j
++) out
[j
] ^= pCryptKey
->abChainVector
[j
];
2357 memcpy(pCryptKey
->abChainVector
, in
, pCryptKey
->dwBlockLen
);
2360 case CRYPT_MODE_CFB
:
2361 for (j
=0; j
<pCryptKey
->dwBlockLen
; j
++) {
2362 encrypt_block_impl(pCryptKey
->aiAlgid
, 0, &pCryptKey
->context
,
2363 pCryptKey
->abChainVector
, o
, RSAENH_ENCRYPT
);
2364 out
[j
] = in
[j
] ^ o
[0];
2365 for (k
=0; k
<pCryptKey
->dwBlockLen
-1; k
++)
2366 pCryptKey
->abChainVector
[k
] = pCryptKey
->abChainVector
[k
+1];
2367 pCryptKey
->abChainVector
[k
] = in
[j
];
2372 SetLastError(NTE_BAD_ALGID
);
2375 memcpy(in
, out
, pCryptKey
->dwBlockLen
);
2378 if (pbData
[*pdwDataLen
-1] &&
2379 pbData
[*pdwDataLen
-1] <= pCryptKey
->dwBlockLen
&&
2380 pbData
[*pdwDataLen
-1] <= *pdwDataLen
) {
2381 BOOL padOkay
= TRUE
;
2383 /* check that every bad byte has the same value */
2384 for (i
= 1; padOkay
&& i
< pbData
[*pdwDataLen
-1]; i
++)
2385 if (pbData
[*pdwDataLen
- i
- 1] != pbData
[*pdwDataLen
- 1])
2388 *pdwDataLen
-= pbData
[*pdwDataLen
-1];
2390 SetLastError(NTE_BAD_DATA
);
2391 setup_key(pCryptKey
);
2396 SetLastError(NTE_BAD_DATA
);
2397 setup_key(pCryptKey
);
2402 } else if (GET_ALG_TYPE(pCryptKey
->aiAlgid
) == ALG_TYPE_STREAM
) {
2403 encrypt_stream_impl(pCryptKey
->aiAlgid
, &pCryptKey
->context
, pbData
, *pdwDataLen
);
2404 } else if (GET_ALG_TYPE(pCryptKey
->aiAlgid
) == ALG_TYPE_RSA
) {
2405 if (pCryptKey
->aiAlgid
== CALG_RSA_SIGN
) {
2406 SetLastError(NTE_BAD_KEY
);
2409 encrypt_block_impl(pCryptKey
->aiAlgid
, PK_PRIVATE
, &pCryptKey
->context
, pbData
, pbData
, RSAENH_DECRYPT
);
2410 if (!unpad_data(pbData
, pCryptKey
->dwBlockLen
, pbData
, pdwDataLen
, dwFlags
)) return FALSE
;
2413 SetLastError(NTE_BAD_TYPE
);
2417 if (Final
) setup_key(pCryptKey
);
2419 if (is_valid_handle(&handle_table
, hHash
, RSAENH_MAGIC_HASH
)) {
2420 if (*pdwDataLen
>dwMax
||
2421 !RSAENH_CPHashData(hProv
, hHash
, pbData
, *pdwDataLen
, 0)) return FALSE
;
2427 static BOOL
crypt_export_simple(CRYPTKEY
*pCryptKey
, CRYPTKEY
*pPubKey
,
2428 DWORD dwFlags
, BYTE
*pbData
, DWORD
*pdwDataLen
)
2430 BLOBHEADER
*pBlobHeader
= (BLOBHEADER
*)pbData
;
2431 ALG_ID
*pAlgid
= (ALG_ID
*)(pBlobHeader
+1);
2434 if (!(GET_ALG_CLASS(pCryptKey
->aiAlgid
)&(ALG_CLASS_DATA_ENCRYPT
|ALG_CLASS_MSG_ENCRYPT
))) {
2435 SetLastError(NTE_BAD_KEY
); /* FIXME: error code? */
2439 dwDataLen
= sizeof(BLOBHEADER
) + sizeof(ALG_ID
) + pPubKey
->dwBlockLen
;
2441 if (*pdwDataLen
< dwDataLen
) {
2442 SetLastError(ERROR_MORE_DATA
);
2443 *pdwDataLen
= dwDataLen
;
2447 pBlobHeader
->bType
= SIMPLEBLOB
;
2448 pBlobHeader
->bVersion
= CUR_BLOB_VERSION
;
2449 pBlobHeader
->reserved
= 0;
2450 pBlobHeader
->aiKeyAlg
= pCryptKey
->aiAlgid
;
2452 *pAlgid
= pPubKey
->aiAlgid
;
2454 if (!pad_data(pCryptKey
->abKeyValue
, pCryptKey
->dwKeyLen
, (BYTE
*)(pAlgid
+1),
2455 pPubKey
->dwBlockLen
, dwFlags
))
2460 encrypt_block_impl(pPubKey
->aiAlgid
, PK_PUBLIC
, &pPubKey
->context
, (BYTE
*)(pAlgid
+1),
2461 (BYTE
*)(pAlgid
+1), RSAENH_ENCRYPT
);
2463 *pdwDataLen
= dwDataLen
;
2467 static BOOL
crypt_export_public_key(CRYPTKEY
*pCryptKey
, BYTE
*pbData
,
2470 BLOBHEADER
*pBlobHeader
= (BLOBHEADER
*)pbData
;
2471 RSAPUBKEY
*pRSAPubKey
= (RSAPUBKEY
*)(pBlobHeader
+1);
2474 if ((pCryptKey
->aiAlgid
!= CALG_RSA_KEYX
) && (pCryptKey
->aiAlgid
!= CALG_RSA_SIGN
)) {
2475 SetLastError(NTE_BAD_KEY
);
2479 dwDataLen
= sizeof(BLOBHEADER
) + sizeof(RSAPUBKEY
) + pCryptKey
->dwKeyLen
;
2481 if (*pdwDataLen
< dwDataLen
) {
2482 SetLastError(ERROR_MORE_DATA
);
2483 *pdwDataLen
= dwDataLen
;
2487 pBlobHeader
->bType
= PUBLICKEYBLOB
;
2488 pBlobHeader
->bVersion
= CUR_BLOB_VERSION
;
2489 pBlobHeader
->reserved
= 0;
2490 pBlobHeader
->aiKeyAlg
= pCryptKey
->aiAlgid
;
2492 pRSAPubKey
->magic
= RSAENH_MAGIC_RSA1
;
2493 pRSAPubKey
->bitlen
= pCryptKey
->dwKeyLen
<< 3;
2495 export_public_key_impl((BYTE
*)(pRSAPubKey
+1), &pCryptKey
->context
,
2496 pCryptKey
->dwKeyLen
, &pRSAPubKey
->pubexp
);
2498 *pdwDataLen
= dwDataLen
;
2502 static BOOL
crypt_export_private_key(CRYPTKEY
*pCryptKey
, BOOL force
,
2503 BYTE
*pbData
, DWORD
*pdwDataLen
)
2505 BLOBHEADER
*pBlobHeader
= (BLOBHEADER
*)pbData
;
2506 RSAPUBKEY
*pRSAPubKey
= (RSAPUBKEY
*)(pBlobHeader
+1);
2509 if ((pCryptKey
->aiAlgid
!= CALG_RSA_KEYX
) && (pCryptKey
->aiAlgid
!= CALG_RSA_SIGN
)) {
2510 SetLastError(NTE_BAD_KEY
);
2513 if (!force
&& !(pCryptKey
->dwPermissions
& CRYPT_EXPORT
))
2515 SetLastError(NTE_BAD_KEY_STATE
);
2519 dwDataLen
= sizeof(BLOBHEADER
) + sizeof(RSAPUBKEY
) +
2520 2 * pCryptKey
->dwKeyLen
+ 5 * ((pCryptKey
->dwKeyLen
+ 1) >> 1);
2522 if (*pdwDataLen
< dwDataLen
) {
2523 SetLastError(ERROR_MORE_DATA
);
2524 *pdwDataLen
= dwDataLen
;
2528 pBlobHeader
->bType
= PRIVATEKEYBLOB
;
2529 pBlobHeader
->bVersion
= CUR_BLOB_VERSION
;
2530 pBlobHeader
->reserved
= 0;
2531 pBlobHeader
->aiKeyAlg
= pCryptKey
->aiAlgid
;
2533 pRSAPubKey
->magic
= RSAENH_MAGIC_RSA2
;
2534 pRSAPubKey
->bitlen
= pCryptKey
->dwKeyLen
<< 3;
2536 export_private_key_impl((BYTE
*)(pRSAPubKey
+1), &pCryptKey
->context
,
2537 pCryptKey
->dwKeyLen
, &pRSAPubKey
->pubexp
);
2539 *pdwDataLen
= dwDataLen
;
2543 static BOOL
crypt_export_plaintext_key(CRYPTKEY
*pCryptKey
, BYTE
*pbData
,
2546 BLOBHEADER
*pBlobHeader
= (BLOBHEADER
*)pbData
;
2547 DWORD
*pKeyLen
= (DWORD
*)(pBlobHeader
+1);
2548 BYTE
*pbKey
= (BYTE
*)(pKeyLen
+1);
2551 dwDataLen
= sizeof(BLOBHEADER
) + sizeof(DWORD
) + pCryptKey
->dwKeyLen
;
2553 if (*pdwDataLen
< dwDataLen
) {
2554 SetLastError(ERROR_MORE_DATA
);
2555 *pdwDataLen
= dwDataLen
;
2559 pBlobHeader
->bType
= PLAINTEXTKEYBLOB
;
2560 pBlobHeader
->bVersion
= CUR_BLOB_VERSION
;
2561 pBlobHeader
->reserved
= 0;
2562 pBlobHeader
->aiKeyAlg
= pCryptKey
->aiAlgid
;
2564 *pKeyLen
= pCryptKey
->dwKeyLen
;
2565 memcpy(pbKey
, pCryptKey
->abKeyValue
, pCryptKey
->dwKeyLen
);
2567 *pdwDataLen
= dwDataLen
;
2570 /******************************************************************************
2571 * crypt_export_key [Internal]
2573 * Export a key into a binary large object (BLOB). Called by CPExportKey and
2574 * by store_key_pair.
2577 * pCryptKey [I] Key to be exported.
2578 * hPubKey [I] Key used to encrypt sensitive BLOB data.
2579 * dwBlobType [I] SIMPLEBLOB, PUBLICKEYBLOB or PRIVATEKEYBLOB.
2580 * dwFlags [I] Currently none defined.
2581 * force [I] If TRUE, the key is written no matter what the key's
2582 * permissions are. Otherwise the key's permissions are
2583 * checked before exporting.
2584 * pbData [O] Pointer to a buffer where the BLOB will be written to.
2585 * pdwDataLen [I/O] I: Size of buffer at pbData, O: Size of BLOB
2591 static BOOL
crypt_export_key(CRYPTKEY
*pCryptKey
, HCRYPTKEY hPubKey
,
2592 DWORD dwBlobType
, DWORD dwFlags
, BOOL force
,
2593 BYTE
*pbData
, DWORD
*pdwDataLen
)
2597 if (dwFlags
& CRYPT_SSL2_FALLBACK
) {
2598 if (pCryptKey
->aiAlgid
!= CALG_SSL2_MASTER
) {
2599 SetLastError(NTE_BAD_KEY
);
2604 switch ((BYTE
)dwBlobType
)
2607 if (!lookup_handle(&handle_table
, hPubKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pPubKey
)){
2608 SetLastError(NTE_BAD_PUBLIC_KEY
); /* FIXME: error_code? */
2611 return crypt_export_simple(pCryptKey
, pPubKey
, dwFlags
, pbData
,
2615 if (is_valid_handle(&handle_table
, hPubKey
, RSAENH_MAGIC_KEY
)) {
2616 SetLastError(NTE_BAD_KEY
); /* FIXME: error code? */
2620 return crypt_export_public_key(pCryptKey
, pbData
, pdwDataLen
);
2622 case PRIVATEKEYBLOB
:
2623 return crypt_export_private_key(pCryptKey
, force
, pbData
, pdwDataLen
);
2625 case PLAINTEXTKEYBLOB
:
2626 return crypt_export_plaintext_key(pCryptKey
, pbData
, pdwDataLen
);
2629 SetLastError(NTE_BAD_TYPE
); /* FIXME: error code? */
2634 /******************************************************************************
2635 * CPExportKey (RSAENH.@)
2637 * Export a key into a binary large object (BLOB).
2640 * hProv [I] Key container from which a key is to be exported.
2641 * hKey [I] Key to be exported.
2642 * hPubKey [I] Key used to encrypt sensitive BLOB data.
2643 * dwBlobType [I] SIMPLEBLOB, PUBLICKEYBLOB or PRIVATEKEYBLOB.
2644 * dwFlags [I] Currently none defined.
2645 * pbData [O] Pointer to a buffer where the BLOB will be written to.
2646 * pdwDataLen [I/O] I: Size of buffer at pbData, O: Size of BLOB
2652 BOOL WINAPI
RSAENH_CPExportKey(HCRYPTPROV hProv
, HCRYPTKEY hKey
, HCRYPTKEY hPubKey
,
2653 DWORD dwBlobType
, DWORD dwFlags
, BYTE
*pbData
, DWORD
*pdwDataLen
)
2655 CRYPTKEY
*pCryptKey
;
2657 TRACE("(hProv=%08lx, hKey=%08lx, hPubKey=%08lx, dwBlobType=%08x, dwFlags=%08x, pbData=%p,"
2658 "pdwDataLen=%p)\n", hProv
, hKey
, hPubKey
, dwBlobType
, dwFlags
, pbData
, pdwDataLen
);
2660 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
2662 SetLastError(NTE_BAD_UID
);
2666 if (!lookup_handle(&handle_table
, hKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pCryptKey
))
2668 SetLastError(NTE_BAD_KEY
);
2672 return crypt_export_key(pCryptKey
, hPubKey
, dwBlobType
, dwFlags
, FALSE
,
2673 pbData
, pdwDataLen
);
2676 /******************************************************************************
2677 * release_and_install_key [Internal]
2679 * Release an existing key, if present, and replaces it with a new one.
2682 * hProv [I] Key container into which the key is to be imported.
2683 * src [I] Key which will replace *dest
2684 * dest [I] Points to key to be released and replaced with src
2685 * fStoreKey [I] If TRUE, the newly installed key is stored to the registry.
2687 static void release_and_install_key(HCRYPTPROV hProv
, HCRYPTKEY src
,
2688 HCRYPTKEY
*dest
, DWORD fStoreKey
)
2690 RSAENH_CPDestroyKey(hProv
, *dest
);
2691 copy_handle(&handle_table
, src
, RSAENH_MAGIC_KEY
, dest
);
2694 KEYCONTAINER
*pKeyContainer
;
2696 if (lookup_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
,
2697 (OBJECTHDR
**)&pKeyContainer
))
2699 store_key_container_keys(pKeyContainer
);
2700 store_key_container_permissions(pKeyContainer
);
2705 /******************************************************************************
2706 * import_private_key [Internal]
2708 * Import a BLOB'ed private key into a key container.
2711 * hProv [I] Key container into which the private key is to be imported.
2712 * pbData [I] Pointer to a buffer which holds the private key BLOB.
2713 * dwDataLen [I] Length of data in buffer at pbData.
2714 * dwFlags [I] One of:
2715 * CRYPT_EXPORTABLE: the imported key is marked exportable
2716 * fStoreKey [I] If TRUE, the imported key is stored to the registry.
2717 * phKey [O] Handle to the imported key.
2721 * Assumes the caller has already checked the BLOBHEADER at pbData to ensure
2722 * it's a PRIVATEKEYBLOB.
2728 static BOOL
import_private_key(HCRYPTPROV hProv
, const BYTE
*pbData
, DWORD dwDataLen
,
2729 DWORD dwFlags
, BOOL fStoreKey
, HCRYPTKEY
*phKey
)
2731 KEYCONTAINER
*pKeyContainer
;
2732 CRYPTKEY
*pCryptKey
;
2733 const BLOBHEADER
*pBlobHeader
= (const BLOBHEADER
*)pbData
;
2734 const RSAPUBKEY
*pRSAPubKey
= (const RSAPUBKEY
*)(pBlobHeader
+1);
2737 if (dwFlags
& CRYPT_IPSEC_HMAC_KEY
)
2739 FIXME("unimplemented for CRYPT_IPSEC_HMAC_KEY\n");
2740 SetLastError(NTE_BAD_FLAGS
);
2743 if (!lookup_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
,
2744 (OBJECTHDR
**)&pKeyContainer
))
2746 SetLastError(NTE_BAD_UID
);
2750 if ((dwDataLen
< sizeof(BLOBHEADER
) + sizeof(RSAPUBKEY
)))
2752 ERR("datalen %d not long enough for a BLOBHEADER + RSAPUBKEY\n",
2754 SetLastError(NTE_BAD_DATA
);
2757 if (pRSAPubKey
->magic
!= RSAENH_MAGIC_RSA2
)
2759 ERR("unexpected magic %08x\n", pRSAPubKey
->magic
);
2760 SetLastError(NTE_BAD_DATA
);
2763 if ((dwDataLen
< sizeof(BLOBHEADER
) + sizeof(RSAPUBKEY
) +
2764 (pRSAPubKey
->bitlen
>> 3) + (5 * ((pRSAPubKey
->bitlen
+8)>>4))))
2766 DWORD expectedLen
= sizeof(BLOBHEADER
) + sizeof(RSAPUBKEY
) +
2767 (pRSAPubKey
->bitlen
>> 3) + (5 * ((pRSAPubKey
->bitlen
+8)>>4));
2769 ERR("blob too short for pub key: expect %d, got %d\n",
2770 expectedLen
, dwDataLen
);
2771 SetLastError(NTE_BAD_DATA
);
2775 *phKey
= new_key(hProv
, pBlobHeader
->aiKeyAlg
, MAKELONG(0,pRSAPubKey
->bitlen
), &pCryptKey
);
2776 if (*phKey
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
) return FALSE
;
2777 setup_key(pCryptKey
);
2778 ret
= import_private_key_impl((const BYTE
*)(pRSAPubKey
+1), &pCryptKey
->context
,
2779 pRSAPubKey
->bitlen
/8, dwDataLen
, pRSAPubKey
->pubexp
);
2781 if (dwFlags
& CRYPT_EXPORTABLE
)
2782 pCryptKey
->dwPermissions
|= CRYPT_EXPORT
;
2783 switch (pBlobHeader
->aiKeyAlg
)
2787 TRACE("installing signing key\n");
2788 release_and_install_key(hProv
, *phKey
, &pKeyContainer
->hSignatureKeyPair
,
2791 case AT_KEYEXCHANGE
:
2793 TRACE("installing key exchange key\n");
2794 release_and_install_key(hProv
, *phKey
, &pKeyContainer
->hKeyExchangeKeyPair
,
2802 /******************************************************************************
2803 * import_public_key [Internal]
2805 * Import a BLOB'ed public key into a key container.
2808 * hProv [I] Key container into which the public key is to be imported.
2809 * pbData [I] Pointer to a buffer which holds the public key BLOB.
2810 * dwDataLen [I] Length of data in buffer at pbData.
2811 * dwFlags [I] One of:
2812 * CRYPT_EXPORTABLE: the imported key is marked exportable
2813 * fStoreKey [I] If TRUE, the imported key is stored to the registry.
2814 * phKey [O] Handle to the imported key.
2818 * Assumes the caller has already checked the BLOBHEADER at pbData to ensure
2819 * it's a PUBLICKEYBLOB.
2825 static BOOL
import_public_key(HCRYPTPROV hProv
, const BYTE
*pbData
, DWORD dwDataLen
,
2826 DWORD dwFlags
, BOOL fStoreKey
, HCRYPTKEY
*phKey
)
2828 KEYCONTAINER
*pKeyContainer
;
2829 CRYPTKEY
*pCryptKey
;
2830 const BLOBHEADER
*pBlobHeader
= (const BLOBHEADER
*)pbData
;
2831 const RSAPUBKEY
*pRSAPubKey
= (const RSAPUBKEY
*)(pBlobHeader
+1);
2835 if (dwFlags
& CRYPT_IPSEC_HMAC_KEY
)
2837 FIXME("unimplemented for CRYPT_IPSEC_HMAC_KEY\n");
2838 SetLastError(NTE_BAD_FLAGS
);
2841 if (!lookup_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
,
2842 (OBJECTHDR
**)&pKeyContainer
))
2844 SetLastError(NTE_BAD_UID
);
2848 if ((dwDataLen
< sizeof(BLOBHEADER
) + sizeof(RSAPUBKEY
)) ||
2849 (pRSAPubKey
->magic
!= RSAENH_MAGIC_RSA1
) ||
2850 (dwDataLen
< sizeof(BLOBHEADER
) + sizeof(RSAPUBKEY
) + (pRSAPubKey
->bitlen
>> 3)))
2852 SetLastError(NTE_BAD_DATA
);
2856 /* Since this is a public key blob, only the public key is
2857 * available, so only signature verification is possible.
2859 algID
= pBlobHeader
->aiKeyAlg
;
2860 *phKey
= new_key(hProv
, algID
, MAKELONG(0,pRSAPubKey
->bitlen
), &pCryptKey
);
2861 if (*phKey
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
) return FALSE
;
2862 setup_key(pCryptKey
);
2863 ret
= import_public_key_impl((const BYTE
*)(pRSAPubKey
+1), &pCryptKey
->context
,
2864 pRSAPubKey
->bitlen
>> 3, pRSAPubKey
->pubexp
);
2866 if (dwFlags
& CRYPT_EXPORTABLE
)
2867 pCryptKey
->dwPermissions
|= CRYPT_EXPORT
;
2868 switch (pBlobHeader
->aiKeyAlg
)
2870 case AT_KEYEXCHANGE
:
2872 TRACE("installing public key\n");
2873 release_and_install_key(hProv
, *phKey
, &pKeyContainer
->hKeyExchangeKeyPair
,
2881 /******************************************************************************
2882 * import_symmetric_key [Internal]
2884 * Import a BLOB'ed symmetric key into a key container.
2887 * hProv [I] Key container into which the symmetric key is to be imported.
2888 * pbData [I] Pointer to a buffer which holds the symmetric key BLOB.
2889 * dwDataLen [I] Length of data in buffer at pbData.
2890 * hPubKey [I] Key used to decrypt sensitive BLOB data.
2891 * dwFlags [I] One of:
2892 * CRYPT_EXPORTABLE: the imported key is marked exportable
2893 * phKey [O] Handle to the imported key.
2897 * Assumes the caller has already checked the BLOBHEADER at pbData to ensure
2898 * it's a SIMPLEBLOB.
2904 static BOOL
import_symmetric_key(HCRYPTPROV hProv
, const BYTE
*pbData
, DWORD dwDataLen
,
2905 HCRYPTKEY hPubKey
, DWORD dwFlags
, HCRYPTKEY
*phKey
)
2907 CRYPTKEY
*pCryptKey
, *pPubKey
;
2908 const BLOBHEADER
*pBlobHeader
= (const BLOBHEADER
*)pbData
;
2909 const ALG_ID
*pAlgid
= (const ALG_ID
*)(pBlobHeader
+1);
2910 const BYTE
*pbKeyStream
= (const BYTE
*)(pAlgid
+ 1);
2914 if (dwFlags
& CRYPT_IPSEC_HMAC_KEY
)
2916 FIXME("unimplemented for CRYPT_IPSEC_HMAC_KEY\n");
2917 SetLastError(NTE_BAD_FLAGS
);
2920 if (!lookup_handle(&handle_table
, hPubKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pPubKey
) ||
2921 pPubKey
->aiAlgid
!= CALG_RSA_KEYX
)
2923 SetLastError(NTE_BAD_PUBLIC_KEY
); /* FIXME: error code? */
2927 if (dwDataLen
< sizeof(BLOBHEADER
)+sizeof(ALG_ID
)+pPubKey
->dwBlockLen
)
2929 SetLastError(NTE_BAD_DATA
); /* FIXME: error code */
2933 pbDecrypted
= HeapAlloc(GetProcessHeap(), 0, pPubKey
->dwBlockLen
);
2934 if (!pbDecrypted
) return FALSE
;
2935 encrypt_block_impl(pPubKey
->aiAlgid
, PK_PRIVATE
, &pPubKey
->context
, pbKeyStream
, pbDecrypted
,
2938 dwKeyLen
= RSAENH_MAX_KEY_SIZE
;
2939 if (!unpad_data(pbDecrypted
, pPubKey
->dwBlockLen
, pbDecrypted
, &dwKeyLen
, dwFlags
)) {
2940 HeapFree(GetProcessHeap(), 0, pbDecrypted
);
2944 *phKey
= new_key(hProv
, pBlobHeader
->aiKeyAlg
, dwKeyLen
<<19, &pCryptKey
);
2945 if (*phKey
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
)
2947 HeapFree(GetProcessHeap(), 0, pbDecrypted
);
2950 memcpy(pCryptKey
->abKeyValue
, pbDecrypted
, dwKeyLen
);
2951 HeapFree(GetProcessHeap(), 0, pbDecrypted
);
2952 setup_key(pCryptKey
);
2953 if (dwFlags
& CRYPT_EXPORTABLE
)
2954 pCryptKey
->dwPermissions
|= CRYPT_EXPORT
;
2958 /******************************************************************************
2959 * import_plaintext_key [Internal]
2961 * Import a plaintext key into a key container.
2964 * hProv [I] Key container into which the symmetric key is to be imported.
2965 * pbData [I] Pointer to a buffer which holds the plaintext key BLOB.
2966 * dwDataLen [I] Length of data in buffer at pbData.
2967 * dwFlags [I] One of:
2968 * CRYPT_EXPORTABLE: the imported key is marked exportable
2969 * phKey [O] Handle to the imported key.
2973 * Assumes the caller has already checked the BLOBHEADER at pbData to ensure
2974 * it's a PLAINTEXTKEYBLOB.
2980 static BOOL
import_plaintext_key(HCRYPTPROV hProv
, const BYTE
*pbData
, DWORD dwDataLen
,
2981 DWORD dwFlags
, HCRYPTKEY
*phKey
)
2983 CRYPTKEY
*pCryptKey
;
2984 const BLOBHEADER
*pBlobHeader
= (const BLOBHEADER
*)pbData
;
2985 const DWORD
*pKeyLen
= (const DWORD
*)(pBlobHeader
+ 1);
2986 const BYTE
*pbKeyStream
= (const BYTE
*)(pKeyLen
+ 1);
2988 if (dwDataLen
< sizeof(BLOBHEADER
)+sizeof(DWORD
)+*pKeyLen
)
2990 SetLastError(NTE_BAD_DATA
); /* FIXME: error code */
2994 if (dwFlags
& CRYPT_IPSEC_HMAC_KEY
)
2996 *phKey
= new_key(hProv
, CALG_HMAC
, 0, &pCryptKey
);
2997 if (*phKey
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
)
2999 if (*pKeyLen
<= RSAENH_MIN(sizeof(pCryptKey
->abKeyValue
), RSAENH_HMAC_BLOCK_LEN
))
3001 memcpy(pCryptKey
->abKeyValue
, pbKeyStream
, *pKeyLen
);
3002 pCryptKey
->dwKeyLen
= *pKeyLen
;
3006 CRYPT_DATA_BLOB blobHmacKey
= { *pKeyLen
, (BYTE
*)pbKeyStream
};
3008 /* In order to initialize an HMAC key, the key material is hashed,
3009 * and the output of the hash function is used as the key material.
3010 * Unfortunately, the way the Crypto API is designed, we don't know
3011 * the hash algorithm yet, so we have to copy the entire key
3014 if (!copy_data_blob(&pCryptKey
->blobHmacKey
, &blobHmacKey
))
3016 release_handle(&handle_table
, *phKey
, RSAENH_MAGIC_KEY
);
3017 *phKey
= (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
3021 setup_key(pCryptKey
);
3022 if (dwFlags
& CRYPT_EXPORTABLE
)
3023 pCryptKey
->dwPermissions
|= CRYPT_EXPORT
;
3027 *phKey
= new_key(hProv
, pBlobHeader
->aiKeyAlg
, *pKeyLen
<<19, &pCryptKey
);
3028 if (*phKey
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
)
3030 memcpy(pCryptKey
->abKeyValue
, pbKeyStream
, *pKeyLen
);
3031 setup_key(pCryptKey
);
3032 if (dwFlags
& CRYPT_EXPORTABLE
)
3033 pCryptKey
->dwPermissions
|= CRYPT_EXPORT
;
3038 /******************************************************************************
3039 * import_key [Internal]
3041 * Import a BLOB'ed key into a key container, optionally storing the key's
3042 * value to the registry.
3045 * hProv [I] Key container into which the key is to be imported.
3046 * pbData [I] Pointer to a buffer which holds the BLOB.
3047 * dwDataLen [I] Length of data in buffer at pbData.
3048 * hPubKey [I] Key used to decrypt sensitive BLOB data.
3049 * dwFlags [I] One of:
3050 * CRYPT_EXPORTABLE: the imported key is marked exportable
3051 * fStoreKey [I] If TRUE, the imported key is stored to the registry.
3052 * phKey [O] Handle to the imported key.
3058 static BOOL
import_key(HCRYPTPROV hProv
, const BYTE
*pbData
, DWORD dwDataLen
, HCRYPTKEY hPubKey
,
3059 DWORD dwFlags
, BOOL fStoreKey
, HCRYPTKEY
*phKey
)
3061 KEYCONTAINER
*pKeyContainer
;
3062 const BLOBHEADER
*pBlobHeader
= (const BLOBHEADER
*)pbData
;
3064 if (!lookup_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
,
3065 (OBJECTHDR
**)&pKeyContainer
))
3067 SetLastError(NTE_BAD_UID
);
3071 if (dwDataLen
< sizeof(BLOBHEADER
) ||
3072 pBlobHeader
->bVersion
!= CUR_BLOB_VERSION
||
3073 pBlobHeader
->reserved
!= 0)
3075 TRACE("bVersion = %d, reserved = %d\n", pBlobHeader
->bVersion
,
3076 pBlobHeader
->reserved
);
3077 SetLastError(NTE_BAD_DATA
);
3081 /* If this is a verify-only context, the key is not persisted regardless of
3082 * fStoreKey's original value.
3084 fStoreKey
= fStoreKey
&& !(dwFlags
& CRYPT_VERIFYCONTEXT
);
3085 TRACE("blob type: %x\n", pBlobHeader
->bType
);
3086 switch (pBlobHeader
->bType
)
3088 case PRIVATEKEYBLOB
:
3089 return import_private_key(hProv
, pbData
, dwDataLen
, dwFlags
,
3093 return import_public_key(hProv
, pbData
, dwDataLen
, dwFlags
,
3097 return import_symmetric_key(hProv
, pbData
, dwDataLen
, hPubKey
,
3100 case PLAINTEXTKEYBLOB
:
3101 return import_plaintext_key(hProv
, pbData
, dwDataLen
, dwFlags
,
3105 SetLastError(NTE_BAD_TYPE
); /* FIXME: error code? */
3110 /******************************************************************************
3111 * CPImportKey (RSAENH.@)
3113 * Import a BLOB'ed key into a key container.
3116 * hProv [I] Key container into which the key is to be imported.
3117 * pbData [I] Pointer to a buffer which holds the BLOB.
3118 * dwDataLen [I] Length of data in buffer at pbData.
3119 * hPubKey [I] Key used to decrypt sensitive BLOB data.
3120 * dwFlags [I] One of:
3121 * CRYPT_EXPORTABLE: the imported key is marked exportable
3122 * phKey [O] Handle to the imported key.
3128 BOOL WINAPI
RSAENH_CPImportKey(HCRYPTPROV hProv
, const BYTE
*pbData
, DWORD dwDataLen
,
3129 HCRYPTKEY hPubKey
, DWORD dwFlags
, HCRYPTKEY
*phKey
)
3131 TRACE("(hProv=%08lx, pbData=%p, dwDataLen=%d, hPubKey=%08lx, dwFlags=%08x, phKey=%p)\n",
3132 hProv
, pbData
, dwDataLen
, hPubKey
, dwFlags
, phKey
);
3134 return import_key(hProv
, pbData
, dwDataLen
, hPubKey
, dwFlags
, TRUE
, phKey
);
3137 /******************************************************************************
3138 * CPGenKey (RSAENH.@)
3140 * Generate a key in the key container
3143 * hProv [I] Key container for which a key is to be generated.
3144 * Algid [I] Crypto algorithm identifier for the key to be generated.
3145 * dwFlags [I] Upper 16 bits: Binary length of key. Lower 16 bits: Flags. See Notes
3146 * phKey [O] Handle to the generated key.
3153 * Flags currently not considered.
3156 * Private key-exchange- and signature-keys can be generated with Algid AT_KEYEXCHANGE
3157 * and AT_SIGNATURE values.
3159 BOOL WINAPI
RSAENH_CPGenKey(HCRYPTPROV hProv
, ALG_ID Algid
, DWORD dwFlags
, HCRYPTKEY
*phKey
)
3161 KEYCONTAINER
*pKeyContainer
;
3162 CRYPTKEY
*pCryptKey
;
3164 TRACE("(hProv=%08lx, aiAlgid=%d, dwFlags=%08x, phKey=%p)\n", hProv
, Algid
, dwFlags
, phKey
);
3166 if (!lookup_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
,
3167 (OBJECTHDR
**)&pKeyContainer
))
3169 /* MSDN: hProv not containing valid context handle */
3170 SetLastError(NTE_BAD_UID
);
3178 *phKey
= new_key(hProv
, CALG_RSA_SIGN
, dwFlags
, &pCryptKey
);
3180 new_key_impl(pCryptKey
->aiAlgid
, &pCryptKey
->context
, pCryptKey
->dwKeyLen
);
3181 setup_key(pCryptKey
);
3182 release_and_install_key(hProv
, *phKey
,
3183 &pKeyContainer
->hSignatureKeyPair
,
3188 case AT_KEYEXCHANGE
:
3190 *phKey
= new_key(hProv
, CALG_RSA_KEYX
, dwFlags
, &pCryptKey
);
3192 new_key_impl(pCryptKey
->aiAlgid
, &pCryptKey
->context
, pCryptKey
->dwKeyLen
);
3193 setup_key(pCryptKey
);
3194 release_and_install_key(hProv
, *phKey
,
3195 &pKeyContainer
->hKeyExchangeKeyPair
,
3209 case CALG_PCT1_MASTER
:
3210 case CALG_SSL2_MASTER
:
3211 case CALG_SSL3_MASTER
:
3212 case CALG_TLS1_MASTER
:
3213 *phKey
= new_key(hProv
, Algid
, dwFlags
, &pCryptKey
);
3215 gen_rand_impl(pCryptKey
->abKeyValue
, RSAENH_MAX_KEY_SIZE
);
3217 case CALG_SSL3_MASTER
:
3218 pCryptKey
->abKeyValue
[0] = RSAENH_SSL3_VERSION_MAJOR
;
3219 pCryptKey
->abKeyValue
[1] = RSAENH_SSL3_VERSION_MINOR
;
3222 case CALG_TLS1_MASTER
:
3223 pCryptKey
->abKeyValue
[0] = RSAENH_TLS1_VERSION_MAJOR
;
3224 pCryptKey
->abKeyValue
[1] = RSAENH_TLS1_VERSION_MINOR
;
3227 setup_key(pCryptKey
);
3232 /* MSDN: Algorithm not supported specified by Algid */
3233 SetLastError(NTE_BAD_ALGID
);
3237 return *phKey
!= (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
3240 /******************************************************************************
3241 * CPGenRandom (RSAENH.@)
3243 * Generate a random byte stream.
3246 * hProv [I] Key container that is used to generate random bytes.
3247 * dwLen [I] Specifies the number of requested random data bytes.
3248 * pbBuffer [O] Random bytes will be stored here.
3254 BOOL WINAPI
RSAENH_CPGenRandom(HCRYPTPROV hProv
, DWORD dwLen
, BYTE
*pbBuffer
)
3256 TRACE("(hProv=%08lx, dwLen=%d, pbBuffer=%p)\n", hProv
, dwLen
, pbBuffer
);
3258 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
3260 /* MSDN: hProv not containing valid context handle */
3261 SetLastError(NTE_BAD_UID
);
3265 return gen_rand_impl(pbBuffer
, dwLen
);
3268 /******************************************************************************
3269 * CPGetHashParam (RSAENH.@)
3271 * Query parameters of an hash object.
3274 * hProv [I] The kea container, which the hash belongs to.
3275 * hHash [I] The hash object that is to be queried.
3276 * dwParam [I] Specifies the parameter that is to be queried.
3277 * pbData [I] Pointer to the buffer where the parameter value will be stored.
3278 * pdwDataLen [I/O] I: Buffer length at pbData, O: Length of the parameter value.
3279 * dwFlags [I] None currently defined.
3286 * Valid dwParams are: HP_ALGID, HP_HASHSIZE, HP_HASHVALUE. The hash will be
3287 * finalized if HP_HASHVALUE is queried.
3289 BOOL WINAPI
RSAENH_CPGetHashParam(HCRYPTPROV hProv
, HCRYPTHASH hHash
, DWORD dwParam
, BYTE
*pbData
,
3290 DWORD
*pdwDataLen
, DWORD dwFlags
)
3292 CRYPTHASH
*pCryptHash
;
3294 TRACE("(hProv=%08lx, hHash=%08lx, dwParam=%08x, pbData=%p, pdwDataLen=%p, dwFlags=%08x)\n",
3295 hProv
, hHash
, dwParam
, pbData
, pdwDataLen
, dwFlags
);
3297 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
3299 SetLastError(NTE_BAD_UID
);
3305 SetLastError(NTE_BAD_FLAGS
);
3309 if (!lookup_handle(&handle_table
, hHash
, RSAENH_MAGIC_HASH
,
3310 (OBJECTHDR
**)&pCryptHash
))
3312 SetLastError(NTE_BAD_HASH
);
3318 SetLastError(ERROR_INVALID_PARAMETER
);
3325 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&pCryptHash
->aiAlgid
,
3329 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&pCryptHash
->dwHashSize
,
3333 if (pCryptHash
->aiAlgid
== CALG_TLS1PRF
) {
3334 return tls1_prf(hProv
, pCryptHash
->hKey
, &pCryptHash
->tpPRFParams
.blobLabel
,
3335 &pCryptHash
->tpPRFParams
.blobSeed
, pbData
, *pdwDataLen
);
3338 if ( pbData
== NULL
) {
3339 *pdwDataLen
= pCryptHash
->dwHashSize
;
3343 if (pbData
&& (pCryptHash
->dwState
!= RSAENH_HASHSTATE_FINISHED
))
3345 finalize_hash(pCryptHash
);
3346 pCryptHash
->dwState
= RSAENH_HASHSTATE_FINISHED
;
3349 return copy_param(pbData
, pdwDataLen
, pCryptHash
->abHashValue
,
3350 pCryptHash
->dwHashSize
);
3353 SetLastError(NTE_BAD_TYPE
);
3358 /******************************************************************************
3359 * CPSetKeyParam (RSAENH.@)
3361 * Set a parameter of a key object
3364 * hProv [I] The key container to which the key belongs.
3365 * hKey [I] The key for which a parameter is to be set.
3366 * dwParam [I] Parameter type. See Notes.
3367 * pbData [I] Pointer to the parameter value.
3368 * dwFlags [I] Currently none defined.
3375 * Defined dwParam types are:
3376 * - KP_MODE: Values MODE_CBC, MODE_ECB, MODE_CFB.
3377 * - KP_MODE_BITS: Shift width for cipher feedback mode. (Currently ignored by MS CSP's)
3378 * - KP_PERMISSIONS: Or'ed combination of CRYPT_ENCRYPT, CRYPT_DECRYPT,
3379 * CRYPT_EXPORT, CRYPT_READ, CRYPT_WRITE, CRYPT_MAC
3380 * - KP_IV: Initialization vector
3382 BOOL WINAPI
RSAENH_CPSetKeyParam(HCRYPTPROV hProv
, HCRYPTKEY hKey
, DWORD dwParam
, BYTE
*pbData
,
3385 CRYPTKEY
*pCryptKey
;
3387 TRACE("(hProv=%08lx, hKey=%08lx, dwParam=%08x, pbData=%p, dwFlags=%08x)\n", hProv
, hKey
,
3388 dwParam
, pbData
, dwFlags
);
3390 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
3392 SetLastError(NTE_BAD_UID
);
3397 SetLastError(NTE_BAD_FLAGS
);
3401 if (!lookup_handle(&handle_table
, hKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pCryptKey
))
3403 SetLastError(NTE_BAD_KEY
);
3409 /* The MS providers only support PKCS5_PADDING */
3410 if (*(DWORD
*)pbData
!= PKCS5_PADDING
) {
3411 SetLastError(NTE_BAD_DATA
);
3417 pCryptKey
->dwMode
= *(DWORD
*)pbData
;
3421 pCryptKey
->dwModeBits
= *(DWORD
*)pbData
;
3424 case KP_PERMISSIONS
:
3426 DWORD perms
= *(DWORD
*)pbData
;
3428 if ((perms
& CRYPT_EXPORT
) &&
3429 !(pCryptKey
->dwPermissions
& CRYPT_EXPORT
))
3431 SetLastError(NTE_BAD_DATA
);
3434 else if (!(perms
& CRYPT_EXPORT
) &&
3435 (pCryptKey
->dwPermissions
& CRYPT_EXPORT
))
3437 /* Clearing the export permission appears to be ignored,
3440 perms
|= CRYPT_EXPORT
;
3442 pCryptKey
->dwPermissions
= perms
;
3447 memcpy(pCryptKey
->abInitVector
, pbData
, pCryptKey
->dwBlockLen
);
3448 setup_key(pCryptKey
);
3452 switch (pCryptKey
->aiAlgid
) {
3457 SetLastError(ERROR_INVALID_PARAMETER
);
3460 /* MSDN: the base provider always sets eleven bytes of
3463 memcpy(pCryptKey
->abKeyValue
+ pCryptKey
->dwKeyLen
,
3465 pCryptKey
->dwSaltLen
= 11;
3466 setup_key(pCryptKey
);
3467 /* Strange but true: salt length reset to 0 after setting
3470 pCryptKey
->dwSaltLen
= 0;
3473 SetLastError(NTE_BAD_KEY
);
3480 CRYPT_INTEGER_BLOB
*blob
= (CRYPT_INTEGER_BLOB
*)pbData
;
3482 /* salt length can't be greater than 184 bits = 24 bytes */
3483 if (blob
->cbData
> 24)
3485 SetLastError(NTE_BAD_DATA
);
3488 memcpy(pCryptKey
->abKeyValue
+ pCryptKey
->dwKeyLen
, blob
->pbData
,
3490 pCryptKey
->dwSaltLen
= blob
->cbData
;
3491 setup_key(pCryptKey
);
3495 case KP_EFFECTIVE_KEYLEN
:
3496 switch (pCryptKey
->aiAlgid
) {
3500 SetLastError(ERROR_INVALID_PARAMETER
);
3503 else if (!*(DWORD
*)pbData
|| *(DWORD
*)pbData
> 1024)
3505 SetLastError(NTE_BAD_DATA
);
3510 pCryptKey
->dwEffectiveKeyLen
= *(DWORD
*)pbData
;
3511 setup_key(pCryptKey
);
3515 SetLastError(NTE_BAD_TYPE
);
3520 case KP_SCHANNEL_ALG
:
3521 switch (((PSCHANNEL_ALG
)pbData
)->dwUse
) {
3522 case SCHANNEL_ENC_KEY
:
3523 memcpy(&pCryptKey
->siSChannelInfo
.saEncAlg
, pbData
, sizeof(SCHANNEL_ALG
));
3526 case SCHANNEL_MAC_KEY
:
3527 memcpy(&pCryptKey
->siSChannelInfo
.saMACAlg
, pbData
, sizeof(SCHANNEL_ALG
));
3531 SetLastError(NTE_FAIL
); /* FIXME: error code */
3536 case KP_CLIENT_RANDOM
:
3537 return copy_data_blob(&pCryptKey
->siSChannelInfo
.blobClientRandom
, (PCRYPT_DATA_BLOB
)pbData
);
3539 case KP_SERVER_RANDOM
:
3540 return copy_data_blob(&pCryptKey
->siSChannelInfo
.blobServerRandom
, (PCRYPT_DATA_BLOB
)pbData
);
3543 SetLastError(NTE_BAD_TYPE
);
3548 /******************************************************************************
3549 * CPGetKeyParam (RSAENH.@)
3551 * Query a key parameter.
3554 * hProv [I] The key container, which the key belongs to.
3555 * hHash [I] The key object that is to be queried.
3556 * dwParam [I] Specifies the parameter that is to be queried.
3557 * pbData [I] Pointer to the buffer where the parameter value will be stored.
3558 * pdwDataLen [I/O] I: Buffer length at pbData, O: Length of the parameter value.
3559 * dwFlags [I] None currently defined.
3566 * Defined dwParam types are:
3567 * - KP_MODE: Values MODE_CBC, MODE_ECB, MODE_CFB.
3568 * - KP_MODE_BITS: Shift width for cipher feedback mode.
3569 * (Currently ignored by MS CSP's - always eight)
3570 * - KP_PERMISSIONS: Or'ed combination of CRYPT_ENCRYPT, CRYPT_DECRYPT,
3571 * CRYPT_EXPORT, CRYPT_READ, CRYPT_WRITE, CRYPT_MAC
3572 * - KP_IV: Initialization vector.
3573 * - KP_KEYLEN: Bitwidth of the key.
3574 * - KP_BLOCKLEN: Size of a block cipher block.
3575 * - KP_SALT: Salt value.
3577 BOOL WINAPI
RSAENH_CPGetKeyParam(HCRYPTPROV hProv
, HCRYPTKEY hKey
, DWORD dwParam
, BYTE
*pbData
,
3578 DWORD
*pdwDataLen
, DWORD dwFlags
)
3580 CRYPTKEY
*pCryptKey
;
3583 TRACE("(hProv=%08lx, hKey=%08lx, dwParam=%08x, pbData=%p, pdwDataLen=%p dwFlags=%08x)\n",
3584 hProv
, hKey
, dwParam
, pbData
, pdwDataLen
, dwFlags
);
3586 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
3588 SetLastError(NTE_BAD_UID
);
3593 SetLastError(NTE_BAD_FLAGS
);
3597 if (!lookup_handle(&handle_table
, hKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pCryptKey
))
3599 SetLastError(NTE_BAD_KEY
);
3606 return copy_param(pbData
, pdwDataLen
, pCryptKey
->abInitVector
,
3607 pCryptKey
->dwBlockLen
);
3610 switch (pCryptKey
->aiAlgid
) {
3613 return copy_param(pbData
, pdwDataLen
,
3614 &pCryptKey
->abKeyValue
[pCryptKey
->dwKeyLen
],
3615 pCryptKey
->dwSaltLen
);
3617 SetLastError(NTE_BAD_KEY
);
3622 dwValue
= PKCS5_PADDING
;
3623 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwValue
, sizeof(DWORD
));
3626 dwValue
= pCryptKey
->dwKeyLen
<< 3;
3627 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwValue
, sizeof(DWORD
));
3629 case KP_EFFECTIVE_KEYLEN
:
3630 if (pCryptKey
->dwEffectiveKeyLen
)
3631 dwValue
= pCryptKey
->dwEffectiveKeyLen
;
3633 dwValue
= pCryptKey
->dwKeyLen
<< 3;
3634 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwValue
, sizeof(DWORD
));
3637 dwValue
= pCryptKey
->dwBlockLen
<< 3;
3638 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwValue
, sizeof(DWORD
));
3641 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&pCryptKey
->dwMode
, sizeof(DWORD
));
3644 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&pCryptKey
->dwModeBits
,
3647 case KP_PERMISSIONS
:
3648 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&pCryptKey
->dwPermissions
,
3652 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&pCryptKey
->aiAlgid
, sizeof(DWORD
));
3655 SetLastError(NTE_BAD_TYPE
);
3660 /******************************************************************************
3661 * CPGetProvParam (RSAENH.@)
3663 * Query a CSP parameter.
3666 * hProv [I] The key container that is to be queried.
3667 * dwParam [I] Specifies the parameter that is to be queried.
3668 * pbData [I] Pointer to the buffer where the parameter value will be stored.
3669 * pdwDataLen [I/O] I: Buffer length at pbData, O: Length of the parameter value.
3670 * dwFlags [I] CRYPT_FIRST: Start enumeration (for PP_ENUMALGS{_EX}).
3676 * Defined dwParam types:
3677 * - PP_CONTAINER: Name of the key container.
3678 * - PP_NAME: Name of the cryptographic service provider.
3679 * - PP_SIG_KEYSIZE_INC: RSA signature keywidth granularity in bits.
3680 * - PP_KEYX_KEYSIZE_INC: RSA key-exchange keywidth granularity in bits.
3681 * - PP_ENUMALGS{_EX}: Query provider capabilities.
3682 * - PP_KEYSET_SEC_DESCR: Retrieve security descriptor on container.
3684 BOOL WINAPI
RSAENH_CPGetProvParam(HCRYPTPROV hProv
, DWORD dwParam
, BYTE
*pbData
,
3685 DWORD
*pdwDataLen
, DWORD dwFlags
)
3687 KEYCONTAINER
*pKeyContainer
;
3688 PROV_ENUMALGS provEnumalgs
;
3692 /* This is for dwParam PP_CRYPT_COUNT_KEY_USE.
3693 * IE6 SP1 asks for it in the 'About' dialog.
3694 * Returning this BLOB seems to satisfy IE. The marked 0x00 seem
3695 * to be 'don't care's. If you know anything more specific about
3696 * this provider parameter, please report to wine-devel@winehq.org */
3697 static const BYTE abWTF
[96] = {
3698 0xb0, 0x25, 0x63, 0x86, 0x9c, 0xab, 0xb6, 0x37,
3699 0xe8, 0x82, /**/0x00,/**/ 0x72, 0x06, 0xb2, /**/0x00,/**/ 0x3b,
3700 0x60, 0x35, /**/0x00,/**/ 0x3b, 0x88, 0xce, /**/0x00,/**/ 0x82,
3701 0xbc, 0x7a, /**/0x00,/**/ 0xb7, 0x4f, 0x7e, /**/0x00,/**/ 0xde,
3702 0x92, 0xf1, /**/0x00,/**/ 0x83, 0xea, 0x5e, /**/0x00,/**/ 0xc8,
3703 0x12, 0x1e, 0xd4, 0x06, 0xf7, 0x66, /**/0x00,/**/ 0x01,
3704 0x29, 0xa4, /**/0x00,/**/ 0xf8, 0x24, 0x0c, /**/0x00,/**/ 0x33,
3705 0x06, 0x80, /**/0x00,/**/ 0x02, 0x46, 0x0b, /**/0x00,/**/ 0x6d,
3706 0x5b, 0xca, /**/0x00,/**/ 0x9a, 0x10, 0xf0, /**/0x00,/**/ 0x05,
3707 0x19, 0xd0, /**/0x00,/**/ 0x2c, 0xf6, 0x27, /**/0x00,/**/ 0xaa,
3708 0x7c, 0x6f, /**/0x00,/**/ 0xb9, 0xd8, 0x72, /**/0x00,/**/ 0x03,
3709 0xf3, 0x81, /**/0x00,/**/ 0xfa, 0xe8, 0x26, /**/0x00,/**/ 0xca
3712 TRACE("(hProv=%08lx, dwParam=%08x, pbData=%p, pdwDataLen=%p, dwFlags=%08x)\n",
3713 hProv
, dwParam
, pbData
, pdwDataLen
, dwFlags
);
3716 SetLastError(ERROR_INVALID_PARAMETER
);
3720 if (!lookup_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
,
3721 (OBJECTHDR
**)&pKeyContainer
))
3723 /* MSDN: hProv not containing valid context handle */
3724 SetLastError(NTE_BAD_UID
);
3731 case PP_UNIQUE_CONTAINER
:/* MSDN says we can return the same value as PP_CONTAINER */
3732 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)pKeyContainer
->szName
,
3733 strlen(pKeyContainer
->szName
)+1);
3736 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)pKeyContainer
->szProvName
,
3737 strlen(pKeyContainer
->szProvName
)+1);
3740 dwTemp
= PROV_RSA_FULL
;
3741 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwTemp
, sizeof(dwTemp
));
3744 dwTemp
= AT_SIGNATURE
| AT_KEYEXCHANGE
;
3745 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwTemp
, sizeof(dwTemp
));
3747 case PP_KEYSET_TYPE
:
3748 dwTemp
= pKeyContainer
->dwFlags
& CRYPT_MACHINE_KEYSET
;
3749 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwTemp
, sizeof(dwTemp
));
3752 dwTemp
= CRYPT_SEC_DESCR
;
3753 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwTemp
, sizeof(dwTemp
));
3755 case PP_SIG_KEYSIZE_INC
:
3756 case PP_KEYX_KEYSIZE_INC
:
3758 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwTemp
, sizeof(dwTemp
));
3761 dwTemp
= CRYPT_IMPL_SOFTWARE
;
3762 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwTemp
, sizeof(dwTemp
));
3765 dwTemp
= 0x00000200;
3766 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&dwTemp
, sizeof(dwTemp
));
3768 case PP_ENUMCONTAINERS
:
3769 if ((dwFlags
& CRYPT_FIRST
) == CRYPT_FIRST
) pKeyContainer
->dwEnumContainersCtr
= 0;
3772 *pdwDataLen
= (DWORD
)MAX_PATH
+ 1;
3776 if (!open_container_key("", dwFlags
, KEY_READ
, &hKey
))
3778 SetLastError(ERROR_NO_MORE_ITEMS
);
3782 dwTemp
= *pdwDataLen
;
3783 switch (RegEnumKeyExA(hKey
, pKeyContainer
->dwEnumContainersCtr
, (LPSTR
)pbData
, &dwTemp
,
3784 NULL
, NULL
, NULL
, NULL
))
3786 case ERROR_MORE_DATA
:
3787 *pdwDataLen
= (DWORD
)MAX_PATH
+ 1;
3790 pKeyContainer
->dwEnumContainersCtr
++;
3794 case ERROR_NO_MORE_ITEMS
:
3796 SetLastError(ERROR_NO_MORE_ITEMS
);
3802 case PP_ENUMALGS_EX
:
3803 if (((pKeyContainer
->dwEnumAlgsCtr
>= RSAENH_MAX_ENUMALGS
-1) ||
3804 (!aProvEnumAlgsEx
[pKeyContainer
->dwPersonality
]
3805 [pKeyContainer
->dwEnumAlgsCtr
+1].aiAlgid
)) &&
3806 ((dwFlags
& CRYPT_FIRST
) != CRYPT_FIRST
))
3808 SetLastError(ERROR_NO_MORE_ITEMS
);
3812 if (dwParam
== PP_ENUMALGS
) {
3813 if (pbData
&& (*pdwDataLen
>= sizeof(PROV_ENUMALGS
)))
3814 pKeyContainer
->dwEnumAlgsCtr
= ((dwFlags
& CRYPT_FIRST
) == CRYPT_FIRST
) ?
3815 0 : pKeyContainer
->dwEnumAlgsCtr
+1;
3817 provEnumalgs
.aiAlgid
= aProvEnumAlgsEx
3818 [pKeyContainer
->dwPersonality
][pKeyContainer
->dwEnumAlgsCtr
].aiAlgid
;
3819 provEnumalgs
.dwBitLen
= aProvEnumAlgsEx
3820 [pKeyContainer
->dwPersonality
][pKeyContainer
->dwEnumAlgsCtr
].dwDefaultLen
;
3821 provEnumalgs
.dwNameLen
= aProvEnumAlgsEx
3822 [pKeyContainer
->dwPersonality
][pKeyContainer
->dwEnumAlgsCtr
].dwNameLen
;
3823 memcpy(provEnumalgs
.szName
, aProvEnumAlgsEx
3824 [pKeyContainer
->dwPersonality
][pKeyContainer
->dwEnumAlgsCtr
].szName
,
3827 return copy_param(pbData
, pdwDataLen
, (const BYTE
*)&provEnumalgs
,
3828 sizeof(PROV_ENUMALGS
));
3830 if (pbData
&& (*pdwDataLen
>= sizeof(PROV_ENUMALGS_EX
)))
3831 pKeyContainer
->dwEnumAlgsCtr
= ((dwFlags
& CRYPT_FIRST
) == CRYPT_FIRST
) ?
3832 0 : pKeyContainer
->dwEnumAlgsCtr
+1;
3834 return copy_param(pbData
, pdwDataLen
,
3835 (const BYTE
*)&aProvEnumAlgsEx
3836 [pKeyContainer
->dwPersonality
][pKeyContainer
->dwEnumAlgsCtr
],
3837 sizeof(PROV_ENUMALGS_EX
));
3840 case PP_CRYPT_COUNT_KEY_USE
: /* Asked for by IE About dialog */
3841 return copy_param(pbData
, pdwDataLen
, abWTF
, sizeof(abWTF
));
3843 case PP_KEYSET_SEC_DESCR
:
3845 SECURITY_DESCRIPTOR
*sd
;
3846 DWORD err
, len
, flags
= (pKeyContainer
->dwFlags
& CRYPT_MACHINE_KEYSET
);
3848 if (!open_container_key(pKeyContainer
->szName
, flags
, KEY_READ
, &hKey
))
3850 SetLastError(NTE_BAD_KEYSET
);
3854 err
= GetSecurityInfo(hKey
, SE_REGISTRY_KEY
, dwFlags
, NULL
, NULL
, NULL
, NULL
, (void **)&sd
);
3862 len
= GetSecurityDescriptorLength(sd
);
3863 if (*pdwDataLen
>= len
) memcpy(pbData
, sd
, len
);
3864 else SetLastError(ERROR_INSUFFICIENT_BUFFER
);
3872 /* MSDN: Unknown parameter number in dwParam */
3873 SetLastError(NTE_BAD_TYPE
);
3878 /******************************************************************************
3879 * CPDeriveKey (RSAENH.@)
3881 * Derives a key from a hash value.
3884 * hProv [I] Key container for which a key is to be generated.
3885 * Algid [I] Crypto algorithm identifier for the key to be generated.
3886 * hBaseData [I] Hash from whose value the key will be derived.
3887 * dwFlags [I] See Notes.
3888 * phKey [O] The generated key.
3896 * - CRYPT_EXPORTABLE: Key can be exported.
3897 * - CRYPT_NO_SALT: No salt is used for 40 bit keys.
3898 * - CRYPT_CREATE_SALT: Use remaining bits as salt value.
3900 BOOL WINAPI
RSAENH_CPDeriveKey(HCRYPTPROV hProv
, ALG_ID Algid
, HCRYPTHASH hBaseData
,
3901 DWORD dwFlags
, HCRYPTKEY
*phKey
)
3903 CRYPTKEY
*pCryptKey
, *pMasterKey
;
3904 CRYPTHASH
*pCryptHash
;
3905 BYTE abHashValue
[RSAENH_MAX_HASH_SIZE
*2];
3908 TRACE("(hProv=%08lx, Algid=%d, hBaseData=%08lx, dwFlags=%08x phKey=%p)\n", hProv
, Algid
,
3909 hBaseData
, dwFlags
, phKey
);
3911 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
3913 SetLastError(NTE_BAD_UID
);
3917 if (!lookup_handle(&handle_table
, hBaseData
, RSAENH_MAGIC_HASH
,
3918 (OBJECTHDR
**)&pCryptHash
))
3920 SetLastError(NTE_BAD_HASH
);
3926 SetLastError(ERROR_INVALID_PARAMETER
);
3930 switch (GET_ALG_CLASS(Algid
))
3932 case ALG_CLASS_DATA_ENCRYPT
:
3933 *phKey
= new_key(hProv
, Algid
, dwFlags
, &pCryptKey
);
3934 if (*phKey
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
) return FALSE
;
3937 * We derive the key material from the hash.
3938 * If the hash value is not large enough for the claimed key, we have to construct
3939 * a larger binary value based on the hash. This is documented in MSDN: CryptDeriveKey.
3941 dwLen
= RSAENH_MAX_HASH_SIZE
;
3942 RSAENH_CPGetHashParam(pCryptHash
->hProv
, hBaseData
, HP_HASHVAL
, abHashValue
, &dwLen
, 0);
3944 if (dwLen
< pCryptKey
->dwKeyLen
) {
3945 BYTE pad1
[RSAENH_HMAC_DEF_PAD_LEN
], pad2
[RSAENH_HMAC_DEF_PAD_LEN
];
3946 BYTE old_hashval
[RSAENH_MAX_HASH_SIZE
];
3949 memcpy(old_hashval
, pCryptHash
->abHashValue
, RSAENH_MAX_HASH_SIZE
);
3951 for (i
=0; i
<RSAENH_HMAC_DEF_PAD_LEN
; i
++) {
3952 pad1
[i
] = RSAENH_HMAC_DEF_IPAD_CHAR
^ (i
<dwLen
? abHashValue
[i
] : 0);
3953 pad2
[i
] = RSAENH_HMAC_DEF_OPAD_CHAR
^ (i
<dwLen
? abHashValue
[i
] : 0);
3956 init_hash(pCryptHash
);
3957 update_hash(pCryptHash
, pad1
, RSAENH_HMAC_DEF_PAD_LEN
);
3958 finalize_hash(pCryptHash
);
3959 memcpy(abHashValue
, pCryptHash
->abHashValue
, pCryptHash
->dwHashSize
);
3961 init_hash(pCryptHash
);
3962 update_hash(pCryptHash
, pad2
, RSAENH_HMAC_DEF_PAD_LEN
);
3963 finalize_hash(pCryptHash
);
3964 memcpy(abHashValue
+pCryptHash
->dwHashSize
, pCryptHash
->abHashValue
,
3965 pCryptHash
->dwHashSize
);
3967 memcpy(pCryptHash
->abHashValue
, old_hashval
, RSAENH_MAX_HASH_SIZE
);
3970 memcpy(pCryptKey
->abKeyValue
, abHashValue
,
3971 RSAENH_MIN(pCryptKey
->dwKeyLen
, sizeof(pCryptKey
->abKeyValue
)));
3974 case ALG_CLASS_MSG_ENCRYPT
:
3975 if (!lookup_handle(&handle_table
, pCryptHash
->hKey
, RSAENH_MAGIC_KEY
,
3976 (OBJECTHDR
**)&pMasterKey
))
3978 SetLastError(NTE_FAIL
); /* FIXME error code */
3984 /* See RFC 2246, chapter 6.3 Key calculation */
3985 case CALG_SCHANNEL_ENC_KEY
:
3986 if (!pMasterKey
->siSChannelInfo
.saEncAlg
.Algid
||
3987 !pMasterKey
->siSChannelInfo
.saEncAlg
.cBits
)
3989 SetLastError(NTE_BAD_FLAGS
);
3992 *phKey
= new_key(hProv
, pMasterKey
->siSChannelInfo
.saEncAlg
.Algid
,
3993 MAKELONG(LOWORD(dwFlags
),pMasterKey
->siSChannelInfo
.saEncAlg
.cBits
),
3995 if (*phKey
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
) return FALSE
;
3996 memcpy(pCryptKey
->abKeyValue
,
3997 pCryptHash
->abHashValue
+ (
3998 2 * (pMasterKey
->siSChannelInfo
.saMACAlg
.cBits
/ 8) +
3999 ((dwFlags
& CRYPT_SERVER
) ?
4000 (pMasterKey
->siSChannelInfo
.saEncAlg
.cBits
/ 8) : 0)),
4001 pMasterKey
->siSChannelInfo
.saEncAlg
.cBits
/ 8);
4002 memcpy(pCryptKey
->abInitVector
,
4003 pCryptHash
->abHashValue
+ (
4004 2 * (pMasterKey
->siSChannelInfo
.saMACAlg
.cBits
/ 8) +
4005 2 * (pMasterKey
->siSChannelInfo
.saEncAlg
.cBits
/ 8) +
4006 ((dwFlags
& CRYPT_SERVER
) ? pCryptKey
->dwBlockLen
: 0)),
4007 pCryptKey
->dwBlockLen
);
4010 case CALG_SCHANNEL_MAC_KEY
:
4011 *phKey
= new_key(hProv
, Algid
,
4012 MAKELONG(LOWORD(dwFlags
),pMasterKey
->siSChannelInfo
.saMACAlg
.cBits
),
4014 if (*phKey
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
) return FALSE
;
4015 memcpy(pCryptKey
->abKeyValue
,
4016 pCryptHash
->abHashValue
+ ((dwFlags
& CRYPT_SERVER
) ?
4017 pMasterKey
->siSChannelInfo
.saMACAlg
.cBits
/ 8 : 0),
4018 pMasterKey
->siSChannelInfo
.saMACAlg
.cBits
/ 8);
4022 SetLastError(NTE_BAD_ALGID
);
4028 SetLastError(NTE_BAD_ALGID
);
4032 setup_key(pCryptKey
);
4036 /******************************************************************************
4037 * CPGetUserKey (RSAENH.@)
4039 * Returns a handle to the user's private key-exchange- or signature-key.
4042 * hProv [I] The key container from which a user key is requested.
4043 * dwKeySpec [I] AT_KEYEXCHANGE or AT_SIGNATURE
4044 * phUserKey [O] Handle to the requested key or INVALID_HANDLE_VALUE in case of failure.
4051 * A newly created key container does not contain private user key. Create them with CPGenKey.
4053 BOOL WINAPI
RSAENH_CPGetUserKey(HCRYPTPROV hProv
, DWORD dwKeySpec
, HCRYPTKEY
*phUserKey
)
4055 KEYCONTAINER
*pKeyContainer
;
4057 TRACE("(hProv=%08lx, dwKeySpec=%08x, phUserKey=%p)\n", hProv
, dwKeySpec
, phUserKey
);
4059 if (!lookup_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
,
4060 (OBJECTHDR
**)&pKeyContainer
))
4062 /* MSDN: hProv not containing valid context handle */
4063 SetLastError(NTE_BAD_UID
);
4069 case AT_KEYEXCHANGE
:
4070 copy_handle(&handle_table
, pKeyContainer
->hKeyExchangeKeyPair
, RSAENH_MAGIC_KEY
,
4075 copy_handle(&handle_table
, pKeyContainer
->hSignatureKeyPair
, RSAENH_MAGIC_KEY
,
4080 *phUserKey
= (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
4083 if (*phUserKey
== (HCRYPTKEY
)INVALID_HANDLE_VALUE
)
4085 /* MSDN: dwKeySpec parameter specifies nonexistent key */
4086 SetLastError(NTE_NO_KEY
);
4093 /******************************************************************************
4094 * CPHashData (RSAENH.@)
4096 * Updates a hash object with the given data.
4099 * hProv [I] Key container to which the hash object belongs.
4100 * hHash [I] Hash object which is to be updated.
4101 * pbData [I] Pointer to data with which the hash object is to be updated.
4102 * dwDataLen [I] Length of the data.
4103 * dwFlags [I] Currently none defined.
4110 * The actual hash value is queried with CPGetHashParam, which will finalize
4111 * the hash. Updating a finalized hash will fail with a last error NTE_BAD_HASH_STATE.
4113 BOOL WINAPI
RSAENH_CPHashData(HCRYPTPROV hProv
, HCRYPTHASH hHash
, const BYTE
*pbData
,
4114 DWORD dwDataLen
, DWORD dwFlags
)
4116 CRYPTHASH
*pCryptHash
;
4118 TRACE("(hProv=%08lx, hHash=%08lx, pbData=%p, dwDataLen=%d, dwFlags=%08x)\n",
4119 hProv
, hHash
, pbData
, dwDataLen
, dwFlags
);
4121 if (dwFlags
& ~CRYPT_USERDATA
)
4123 SetLastError(NTE_BAD_FLAGS
);
4127 if (!lookup_handle(&handle_table
, hHash
, RSAENH_MAGIC_HASH
,
4128 (OBJECTHDR
**)&pCryptHash
))
4130 SetLastError(NTE_BAD_HASH
);
4134 if (!get_algid_info(hProv
, pCryptHash
->aiAlgid
) || pCryptHash
->aiAlgid
== CALG_SSL3_SHAMD5
)
4136 SetLastError(NTE_BAD_ALGID
);
4140 if (pCryptHash
->dwState
!= RSAENH_HASHSTATE_HASHING
)
4142 SetLastError(NTE_BAD_HASH_STATE
);
4146 update_hash(pCryptHash
, pbData
, dwDataLen
);
4150 /******************************************************************************
4151 * CPHashSessionKey (RSAENH.@)
4153 * Updates a hash object with the binary representation of a symmetric key.
4156 * hProv [I] Key container to which the hash object belongs.
4157 * hHash [I] Hash object which is to be updated.
4158 * hKey [I] The symmetric key, whose binary value will be added to the hash.
4159 * dwFlags [I] CRYPT_LITTLE_ENDIAN, if the binary key value shall be interpreted as little endian.
4165 BOOL WINAPI
RSAENH_CPHashSessionKey(HCRYPTPROV hProv
, HCRYPTHASH hHash
, HCRYPTKEY hKey
,
4168 BYTE abKeyValue
[RSAENH_MAX_KEY_SIZE
], bTemp
;
4172 TRACE("(hProv=%08lx, hHash=%08lx, hKey=%08lx, dwFlags=%08x)\n", hProv
, hHash
, hKey
, dwFlags
);
4174 if (!lookup_handle(&handle_table
, hKey
, RSAENH_MAGIC_KEY
, (OBJECTHDR
**)&pKey
) ||
4175 (GET_ALG_CLASS(pKey
->aiAlgid
) != ALG_CLASS_DATA_ENCRYPT
))
4177 SetLastError(NTE_BAD_KEY
);
4181 if (dwFlags
& ~CRYPT_LITTLE_ENDIAN
) {
4182 SetLastError(NTE_BAD_FLAGS
);
4186 memcpy(abKeyValue
, pKey
->abKeyValue
, pKey
->dwKeyLen
);
4187 if (!(dwFlags
& CRYPT_LITTLE_ENDIAN
)) {
4188 for (i
=0; i
<pKey
->dwKeyLen
/2; i
++) {
4189 bTemp
= abKeyValue
[i
];
4190 abKeyValue
[i
] = abKeyValue
[pKey
->dwKeyLen
-i
-1];
4191 abKeyValue
[pKey
->dwKeyLen
-i
-1] = bTemp
;
4195 return RSAENH_CPHashData(hProv
, hHash
, abKeyValue
, pKey
->dwKeyLen
, 0);
4198 /******************************************************************************
4199 * CPReleaseContext (RSAENH.@)
4201 * Release a key container.
4204 * hProv [I] Key container to be released.
4205 * dwFlags [I] Currently none defined.
4211 BOOL WINAPI
RSAENH_CPReleaseContext(HCRYPTPROV hProv
, DWORD dwFlags
)
4213 TRACE("(hProv=%08lx, dwFlags=%08x)\n", hProv
, dwFlags
);
4215 if (!release_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
4217 /* MSDN: hProv not containing valid context handle */
4218 SetLastError(NTE_BAD_UID
);
4223 SetLastError(NTE_BAD_FLAGS
);
4230 /******************************************************************************
4231 * CPSetHashParam (RSAENH.@)
4233 * Set a parameter of a hash object
4236 * hProv [I] The key container to which the key belongs.
4237 * hHash [I] The hash object for which a parameter is to be set.
4238 * dwParam [I] Parameter type. See Notes.
4239 * pbData [I] Pointer to the parameter value.
4240 * dwFlags [I] Currently none defined.
4247 * Currently only the HP_HMAC_INFO dwParam type is defined.
4248 * The HMAC_INFO struct will be deep copied into the hash object.
4249 * See Internet RFC 2104 for details on the HMAC algorithm.
4251 BOOL WINAPI
RSAENH_CPSetHashParam(HCRYPTPROV hProv
, HCRYPTHASH hHash
, DWORD dwParam
,
4252 BYTE
*pbData
, DWORD dwFlags
)
4254 CRYPTHASH
*pCryptHash
;
4255 CRYPTKEY
*pCryptKey
;
4258 TRACE("(hProv=%08lx, hHash=%08lx, dwParam=%08x, pbData=%p, dwFlags=%08x)\n",
4259 hProv
, hHash
, dwParam
, pbData
, dwFlags
);
4261 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
4263 SetLastError(NTE_BAD_UID
);
4268 SetLastError(NTE_BAD_FLAGS
);
4272 if (!lookup_handle(&handle_table
, hHash
, RSAENH_MAGIC_HASH
,
4273 (OBJECTHDR
**)&pCryptHash
))
4275 SetLastError(NTE_BAD_HASH
);
4281 free_hmac_info(pCryptHash
->pHMACInfo
);
4282 if (!copy_hmac_info(&pCryptHash
->pHMACInfo
, (PHMAC_INFO
)pbData
)) return FALSE
;
4284 if (!lookup_handle(&handle_table
, pCryptHash
->hKey
, RSAENH_MAGIC_KEY
,
4285 (OBJECTHDR
**)&pCryptKey
))
4287 SetLastError(NTE_FAIL
); /* FIXME: correct error code? */
4291 if (pCryptKey
->aiAlgid
== CALG_HMAC
&& !pCryptKey
->dwKeyLen
) {
4292 HCRYPTHASH hKeyHash
;
4295 if (!RSAENH_CPCreateHash(hProv
, ((PHMAC_INFO
)pbData
)->HashAlgid
, 0, 0,
4298 if (!RSAENH_CPHashData(hProv
, hKeyHash
, pCryptKey
->blobHmacKey
.pbData
,
4299 pCryptKey
->blobHmacKey
.cbData
, 0))
4301 RSAENH_CPDestroyHash(hProv
, hKeyHash
);
4304 keyLen
= sizeof(pCryptKey
->abKeyValue
);
4305 if (!RSAENH_CPGetHashParam(hProv
, hKeyHash
, HP_HASHVAL
, pCryptKey
->abKeyValue
,
4308 RSAENH_CPDestroyHash(hProv
, hKeyHash
);
4311 pCryptKey
->dwKeyLen
= keyLen
;
4312 RSAENH_CPDestroyHash(hProv
, hKeyHash
);
4314 for (i
=0; i
<RSAENH_MIN(pCryptKey
->dwKeyLen
,pCryptHash
->pHMACInfo
->cbInnerString
); i
++) {
4315 pCryptHash
->pHMACInfo
->pbInnerString
[i
] ^= pCryptKey
->abKeyValue
[i
];
4317 for (i
=0; i
<RSAENH_MIN(pCryptKey
->dwKeyLen
,pCryptHash
->pHMACInfo
->cbOuterString
); i
++) {
4318 pCryptHash
->pHMACInfo
->pbOuterString
[i
] ^= pCryptKey
->abKeyValue
[i
];
4321 init_hash(pCryptHash
);
4325 memcpy(pCryptHash
->abHashValue
, pbData
, pCryptHash
->dwHashSize
);
4326 pCryptHash
->dwState
= RSAENH_HASHSTATE_FINISHED
;
4329 case HP_TLS1PRF_SEED
:
4330 return copy_data_blob(&pCryptHash
->tpPRFParams
.blobSeed
, (PCRYPT_DATA_BLOB
)pbData
);
4332 case HP_TLS1PRF_LABEL
:
4333 return copy_data_blob(&pCryptHash
->tpPRFParams
.blobLabel
, (PCRYPT_DATA_BLOB
)pbData
);
4336 SetLastError(NTE_BAD_TYPE
);
4341 /******************************************************************************
4342 * CPSetProvParam (RSAENH.@)
4344 BOOL WINAPI
RSAENH_CPSetProvParam(HCRYPTPROV hProv
, DWORD dwParam
, BYTE
*pbData
, DWORD dwFlags
)
4346 KEYCONTAINER
*pKeyContainer
;
4349 TRACE("(hProv=%08lx, dwParam=%08x, pbData=%p, dwFlags=%08x)\n", hProv
, dwParam
, pbData
, dwFlags
);
4351 if (!lookup_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
, (OBJECTHDR
**)&pKeyContainer
))
4353 SetLastError(NTE_BAD_UID
);
4359 case PP_KEYSET_SEC_DESCR
:
4361 SECURITY_DESCRIPTOR
*sd
= (SECURITY_DESCRIPTOR
*)pbData
;
4362 DWORD err
, flags
= (pKeyContainer
->dwFlags
& CRYPT_MACHINE_KEYSET
);
4364 REGSAM access
= WRITE_DAC
| WRITE_OWNER
| ACCESS_SYSTEM_SECURITY
;
4365 PSID owner
= NULL
, group
= NULL
;
4366 PACL dacl
= NULL
, sacl
= NULL
;
4368 if (!open_container_key(pKeyContainer
->szName
, flags
, access
, &hKey
))
4370 SetLastError(NTE_BAD_KEYSET
);
4374 if ((dwFlags
& OWNER_SECURITY_INFORMATION
&& !GetSecurityDescriptorOwner(sd
, &owner
, &def
)) ||
4375 (dwFlags
& GROUP_SECURITY_INFORMATION
&& !GetSecurityDescriptorGroup(sd
, &group
, &def
)) ||
4376 (dwFlags
& DACL_SECURITY_INFORMATION
&& !GetSecurityDescriptorDacl(sd
, &present
, &dacl
, &def
)) ||
4377 (dwFlags
& SACL_SECURITY_INFORMATION
&& !GetSecurityDescriptorSacl(sd
, &present
, &sacl
, &def
)))
4383 err
= SetSecurityInfo(hKey
, SE_REGISTRY_KEY
, dwFlags
, owner
, group
, dacl
, sacl
);
4393 FIXME("unimplemented parameter %08x\n", dwParam
);
4398 /******************************************************************************
4399 * CPSignHash (RSAENH.@)
4401 * Sign a hash object
4404 * hProv [I] The key container, to which the hash object belongs.
4405 * hHash [I] The hash object to be signed.
4406 * dwKeySpec [I] AT_SIGNATURE or AT_KEYEXCHANGE: Key used to generate the signature.
4407 * sDescription [I] Should be NULL for security reasons.
4408 * dwFlags [I] 0, CRYPT_NOHASHOID or CRYPT_X931_FORMAT: Format of the signature.
4409 * pbSignature [O] Buffer, to which the signature will be stored. May be NULL to query SigLen.
4410 * pdwSigLen [I/O] Size of the buffer (in), Length of the signature (out)
4416 BOOL WINAPI
RSAENH_CPSignHash(HCRYPTPROV hProv
, HCRYPTHASH hHash
, DWORD dwKeySpec
,
4417 LPCWSTR sDescription
, DWORD dwFlags
, BYTE
*pbSignature
,
4420 HCRYPTKEY hCryptKey
= (HCRYPTKEY
)INVALID_HANDLE_VALUE
;
4421 CRYPTKEY
*pCryptKey
;
4423 BYTE abHashValue
[RSAENH_MAX_HASH_SIZE
];
4427 TRACE("(hProv=%08lx, hHash=%08lx, dwKeySpec=%08x, sDescription=%s, dwFlags=%08x, "
4428 "pbSignature=%p, pdwSigLen=%p)\n", hProv
, hHash
, dwKeySpec
, debugstr_w(sDescription
),
4429 dwFlags
, pbSignature
, pdwSigLen
);
4431 if (dwFlags
& ~(CRYPT_NOHASHOID
|CRYPT_X931_FORMAT
)) {
4432 SetLastError(NTE_BAD_FLAGS
);
4436 if (!RSAENH_CPGetUserKey(hProv
, dwKeySpec
, &hCryptKey
)) return FALSE
;
4438 if (!lookup_handle(&handle_table
, hCryptKey
, RSAENH_MAGIC_KEY
,
4439 (OBJECTHDR
**)&pCryptKey
))
4441 SetLastError(NTE_NO_KEY
);
4446 *pdwSigLen
= pCryptKey
->dwKeyLen
;
4450 if (pCryptKey
->dwKeyLen
> *pdwSigLen
)
4452 SetLastError(ERROR_MORE_DATA
);
4453 *pdwSigLen
= pCryptKey
->dwKeyLen
;
4456 *pdwSigLen
= pCryptKey
->dwKeyLen
;
4459 if (!RSAENH_CPHashData(hProv
, hHash
, (const BYTE
*)sDescription
,
4460 (DWORD
)lstrlenW(sDescription
)*sizeof(WCHAR
), 0))
4466 dwHashLen
= sizeof(DWORD
);
4467 if (!RSAENH_CPGetHashParam(hProv
, hHash
, HP_ALGID
, (BYTE
*)&aiAlgid
, &dwHashLen
, 0)) goto out
;
4469 dwHashLen
= RSAENH_MAX_HASH_SIZE
;
4470 if (!RSAENH_CPGetHashParam(hProv
, hHash
, HP_HASHVAL
, abHashValue
, &dwHashLen
, 0)) goto out
;
4473 if (!build_hash_signature(pbSignature
, *pdwSigLen
, aiAlgid
, abHashValue
, dwHashLen
, dwFlags
)) {
4477 ret
= encrypt_block_impl(pCryptKey
->aiAlgid
, PK_PRIVATE
, &pCryptKey
->context
, pbSignature
, pbSignature
, RSAENH_ENCRYPT
);
4479 RSAENH_CPDestroyKey(hProv
, hCryptKey
);
4483 /******************************************************************************
4484 * CPVerifySignature (RSAENH.@)
4486 * Verify the signature of a hash object.
4489 * hProv [I] The key container, to which the hash belongs.
4490 * hHash [I] The hash for which the signature is verified.
4491 * pbSignature [I] The binary signature.
4492 * dwSigLen [I] Length of the signature BLOB.
4493 * hPubKey [I] Public key used to verify the signature.
4494 * sDescription [I] Should be NULL for security reasons.
4495 * dwFlags [I] 0, CRYPT_NOHASHOID or CRYPT_X931_FORMAT: Format of the signature.
4498 * Success: TRUE (Signature is valid)
4499 * Failure: FALSE (GetLastError() == NTE_BAD_SIGNATURE, if signature is invalid)
4501 BOOL WINAPI
RSAENH_CPVerifySignature(HCRYPTPROV hProv
, HCRYPTHASH hHash
, const BYTE
*pbSignature
,
4502 DWORD dwSigLen
, HCRYPTKEY hPubKey
, LPCWSTR sDescription
,
4505 BYTE
*pbConstructed
= NULL
, *pbDecrypted
= NULL
;
4506 CRYPTKEY
*pCryptKey
;
4509 BYTE abHashValue
[RSAENH_MAX_HASH_SIZE
];
4512 TRACE("(hProv=%08lx, hHash=%08lx, pbSignature=%p, dwSigLen=%d, hPubKey=%08lx, sDescription=%s, "
4513 "dwFlags=%08x)\n", hProv
, hHash
, pbSignature
, dwSigLen
, hPubKey
, debugstr_w(sDescription
),
4516 if (dwFlags
& ~(CRYPT_NOHASHOID
|CRYPT_X931_FORMAT
)) {
4517 SetLastError(NTE_BAD_FLAGS
);
4521 if (!is_valid_handle(&handle_table
, hProv
, RSAENH_MAGIC_CONTAINER
))
4523 SetLastError(NTE_BAD_UID
);
4527 if (!lookup_handle(&handle_table
, hPubKey
, RSAENH_MAGIC_KEY
,
4528 (OBJECTHDR
**)&pCryptKey
))
4530 SetLastError(NTE_BAD_KEY
);
4534 /* in Microsoft implementation, the signature length is checked before
4535 * the signature pointer.
4537 if (dwSigLen
!= pCryptKey
->dwKeyLen
)
4539 SetLastError(NTE_BAD_SIGNATURE
);
4543 if (!hHash
|| !pbSignature
)
4545 SetLastError(ERROR_INVALID_PARAMETER
);
4550 if (!RSAENH_CPHashData(hProv
, hHash
, (const BYTE
*)sDescription
,
4551 (DWORD
)lstrlenW(sDescription
)*sizeof(WCHAR
), 0))
4557 dwHashLen
= sizeof(DWORD
);
4558 if (!RSAENH_CPGetHashParam(hProv
, hHash
, HP_ALGID
, (BYTE
*)&aiAlgid
, &dwHashLen
, 0)) return FALSE
;
4560 dwHashLen
= RSAENH_MAX_HASH_SIZE
;
4561 if (!RSAENH_CPGetHashParam(hProv
, hHash
, HP_HASHVAL
, abHashValue
, &dwHashLen
, 0)) return FALSE
;
4563 pbConstructed
= HeapAlloc(GetProcessHeap(), 0, dwSigLen
);
4564 if (!pbConstructed
) {
4565 SetLastError(NTE_NO_MEMORY
);
4569 pbDecrypted
= HeapAlloc(GetProcessHeap(), 0, dwSigLen
);
4571 SetLastError(NTE_NO_MEMORY
);
4575 if (!encrypt_block_impl(pCryptKey
->aiAlgid
, PK_PUBLIC
, &pCryptKey
->context
, pbSignature
, pbDecrypted
,
4581 if (build_hash_signature(pbConstructed
, dwSigLen
, aiAlgid
, abHashValue
, dwHashLen
, dwFlags
) &&
4582 !memcmp(pbDecrypted
, pbConstructed
, dwSigLen
)) {
4587 if (!(dwFlags
& CRYPT_NOHASHOID
) &&
4588 build_hash_signature(pbConstructed
, dwSigLen
, aiAlgid
, abHashValue
, dwHashLen
, dwFlags
|CRYPT_NOHASHOID
) &&
4589 !memcmp(pbDecrypted
, pbConstructed
, dwSigLen
)) {
4594 SetLastError(NTE_BAD_SIGNATURE
);
4597 HeapFree(GetProcessHeap(), 0, pbConstructed
);
4598 HeapFree(GetProcessHeap(), 0, pbDecrypted
);
4602 /******************************************************************************
4603 * DllRegisterServer (RSAENH.@)
4605 HRESULT WINAPI
DllRegisterServer(void)
4607 return __wine_register_resources( instance
);
4610 /******************************************************************************
4611 * DllUnregisterServer (RSAENH.@)
4613 HRESULT WINAPI
DllUnregisterServer(void)
4615 return __wine_unregister_resources( instance
);