2021-09-30 15:34:59 -07:00
|
|
|
From 528d7188ba7d6e68622d1b4f95608e68f26e1852 Mon Sep 17 00:00:00 2001
|
2020-02-26 00:17:43 -08:00
|
|
|
From: Derek Lesho <dlesho@codeweavers.com>
|
2020-10-03 01:48:06 -07:00
|
|
|
Date: Fri, 2 Oct 2020 12:11:49 -0500
|
2020-02-26 00:17:43 -08:00
|
|
|
Subject: [PATCH] bcrypt: Implement BCryptSecretAgreement with libgcrypt.
|
|
|
|
|
|
|
|
Signed-off-by: Derek Lesho <dlesho@codeweavers.com>
|
|
|
|
---
|
|
|
|
configure.ac | 14 ++
|
|
|
|
dlls/bcrypt/Makefile.in | 1 +
|
2020-10-03 01:48:06 -07:00
|
|
|
dlls/bcrypt/bcrypt_internal.h | 4 +
|
|
|
|
dlls/bcrypt/bcrypt_main.c | 55 ++++++-
|
2020-12-15 13:30:41 -08:00
|
|
|
dlls/bcrypt/gcrypt.c | 292 ++++++++++++++++++++++++++++++++++
|
2020-10-03 01:48:06 -07:00
|
|
|
dlls/bcrypt/gnutls.c | 3 +-
|
2020-02-26 00:17:43 -08:00
|
|
|
dlls/bcrypt/tests/bcrypt.c | 2 +-
|
2020-12-16 05:23:52 -08:00
|
|
|
dlls/bcrypt/unixlib.c | 13 +-
|
2021-09-30 15:34:59 -07:00
|
|
|
8 files changed, 376 insertions(+), 8 deletions(-)
|
2020-02-26 00:17:43 -08:00
|
|
|
create mode 100644 dlls/bcrypt/gcrypt.c
|
|
|
|
|
|
|
|
diff --git a/configure.ac b/configure.ac
|
2021-09-30 15:34:59 -07:00
|
|
|
index f2401734035..b47f8d016e0 100644
|
2020-02-26 00:17:43 -08:00
|
|
|
--- a/configure.ac
|
|
|
|
+++ b/configure.ac
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -47,6 +47,7 @@ AC_ARG_WITH(faudio, AS_HELP_STRING([--without-faudio],[do not use FAudio (XAu
|
2020-02-26 00:17:43 -08:00
|
|
|
AC_ARG_WITH(float-abi, AS_HELP_STRING([--with-float-abi=abi],[specify the ABI (soft|softfp|hard) for ARM platforms]))
|
|
|
|
AC_ARG_WITH(fontconfig,AS_HELP_STRING([--without-fontconfig],[do not use fontconfig]))
|
|
|
|
AC_ARG_WITH(freetype, AS_HELP_STRING([--without-freetype],[do not use the FreeType library]))
|
|
|
|
+AC_ARG_WITH(gcrypt, AS_HELP_STRING([--without-gcrypt],[do not use libgcrypt]))
|
|
|
|
AC_ARG_WITH(gettext, AS_HELP_STRING([--without-gettext],[do not use gettext]))
|
|
|
|
AC_ARG_WITH(gettextpo, AS_HELP_STRING([--with-gettextpo],[use the GetTextPO library to rebuild po files]),
|
|
|
|
[if test "x$withval" = "xno"; then ac_cv_header_gettext_po_h=no; fi])
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -1954,6 +1955,19 @@ WINE_NOTICE_WITH(vkd3d,[test "x$ac_cv_lib_soname_vkd3d" = "x"],
|
2020-02-26 00:17:43 -08:00
|
|
|
[vkd3d ${notice_platform}development files not found (or too old), Direct3D 12 won't be supported.])
|
|
|
|
test "x$ac_cv_lib_soname_vkd3d" != "x" || enable_d3d12=${enable_d3d12:-no}
|
|
|
|
|
|
|
|
+dnl **** Check for gcrypt ****
|
|
|
|
+if test "x$with_gcrypt" != "xno"
|
|
|
|
+then
|
|
|
|
+ WINE_PACKAGE_FLAGS(GCRYPT,[libgcrypt],,,,
|
|
|
|
+ [AC_CHECK_HEADERS([gcrypt.h])
|
|
|
|
+ if test "$ac_cv_header_gcrypt_h" = "yes"
|
|
|
|
+ then
|
|
|
|
+ WINE_CHECK_SONAME(gcrypt,gcry_sexp_build,,,[$GCRYPT_LIBS])
|
|
|
|
+ fi])
|
|
|
|
+fi
|
|
|
|
+WINE_NOTICE_WITH(gcrypt,[test "x$ac_cv_lib_soname_gcrypt" = "x"],
|
|
|
|
+ [libgcrypt ${notice_platform}development files not found, GCRYPT won't be supported.])
|
|
|
|
+
|
|
|
|
dnl **** Check for gcc specific options ****
|
|
|
|
|
|
|
|
AC_SUBST(EXTRACFLAGS,"")
|
|
|
|
diff --git a/dlls/bcrypt/Makefile.in b/dlls/bcrypt/Makefile.in
|
2021-09-30 15:34:59 -07:00
|
|
|
index 6dd3066d4a5..5336c8fc66b 100644
|
2020-02-26 00:17:43 -08:00
|
|
|
--- a/dlls/bcrypt/Makefile.in
|
|
|
|
+++ b/dlls/bcrypt/Makefile.in
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -5,6 +5,7 @@ EXTRAINCL = $(GNUTLS_CFLAGS)
|
2020-02-26 00:17:43 -08:00
|
|
|
|
|
|
|
C_SRCS = \
|
|
|
|
bcrypt_main.c \
|
|
|
|
+ gcrypt.c \
|
|
|
|
gnutls.c \
|
|
|
|
md2.c \
|
2021-09-30 15:34:59 -07:00
|
|
|
sha256.c \
|
2020-02-26 00:17:43 -08:00
|
|
|
diff --git a/dlls/bcrypt/bcrypt_internal.h b/dlls/bcrypt/bcrypt_internal.h
|
2021-09-30 15:34:59 -07:00
|
|
|
index d0697ed807e..66898c58cd2 100644
|
2020-02-26 00:17:43 -08:00
|
|
|
--- a/dlls/bcrypt/bcrypt_internal.h
|
|
|
|
+++ b/dlls/bcrypt/bcrypt_internal.h
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -193,6 +193,8 @@ struct key
|
2020-07-20 17:55:28 -07:00
|
|
|
struct secret
|
|
|
|
{
|
|
|
|
struct object hdr;
|
2020-02-26 00:17:43 -08:00
|
|
|
+ UCHAR *data;
|
|
|
|
+ ULONG len;
|
2020-07-20 17:55:28 -07:00
|
|
|
};
|
|
|
|
|
2020-10-03 01:48:06 -07:00
|
|
|
struct key_funcs
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -217,9 +219,11 @@ struct key_funcs
|
2020-10-03 01:48:06 -07:00
|
|
|
NTSTATUS (CDECL *key_import_dsa_capi)( struct key *, UCHAR *, ULONG );
|
|
|
|
NTSTATUS (CDECL *key_import_ecc)( struct key *, UCHAR *, ULONG );
|
2020-12-03 15:53:09 -08:00
|
|
|
NTSTATUS (CDECL *key_import_rsa)( struct key *, UCHAR *, ULONG );
|
2020-10-03 01:48:06 -07:00
|
|
|
+ NTSTATUS (CDECL *key_compute_secret_ecc)( unsigned char *privkey_in, struct key *pubkey_in, struct secret *secret );
|
|
|
|
};
|
|
|
|
|
|
|
|
struct key_funcs *gnutls_lib_init(DWORD reason);
|
|
|
|
struct key_funcs *macos_lib_init(DWORD reason);
|
|
|
|
+struct key_funcs *gcrypt_lib_init(DWORD reason);
|
2020-02-26 00:17:43 -08:00
|
|
|
|
2020-10-03 01:48:06 -07:00
|
|
|
#endif /* __BCRYPT_INTERNAL_H */
|
2020-02-26 00:17:43 -08:00
|
|
|
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
|
2021-09-30 15:34:59 -07:00
|
|
|
index 5eb50cd616b..570f452d78e 100644
|
2020-02-26 00:17:43 -08:00
|
|
|
--- a/dlls/bcrypt/bcrypt_main.c
|
|
|
|
+++ b/dlls/bcrypt/bcrypt_main.c
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -1925,9 +1925,12 @@ NTSTATUS WINAPI BCryptSecretAgreement(BCRYPT_KEY_HANDLE privatekey, BCRYPT_KEY_H
|
2020-10-03 01:48:06 -07:00
|
|
|
{
|
2020-07-20 17:55:28 -07:00
|
|
|
struct key *privkey = privatekey;
|
|
|
|
struct key *pubkey = publickey;
|
2020-10-03 01:48:06 -07:00
|
|
|
+ UCHAR *privkey_blob = NULL;
|
|
|
|
+ ULONG privkey_len;
|
2020-07-20 17:55:28 -07:00
|
|
|
struct secret *secret;
|
2020-02-26 00:17:43 -08:00
|
|
|
+ NTSTATUS status;
|
|
|
|
|
2020-07-20 17:55:28 -07:00
|
|
|
- FIXME( "%p, %p, %p, %08x\n", privatekey, publickey, handle, flags );
|
|
|
|
+ TRACE( "%p, %p, %p, %08x\n", privatekey, publickey, handle, flags );
|
2020-02-26 00:17:43 -08:00
|
|
|
|
2020-07-20 17:55:28 -07:00
|
|
|
if (!privkey || privkey->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
|
|
|
|
if (!pubkey || pubkey->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -1936,18 +1939,39 @@ NTSTATUS WINAPI BCryptSecretAgreement(BCRYPT_KEY_HANDLE privatekey, BCRYPT_KEY_H
|
2020-07-20 17:55:28 -07:00
|
|
|
if (!(secret = heap_alloc_zero( sizeof(*secret) ))) return STATUS_NO_MEMORY;
|
|
|
|
secret->hdr.magic = MAGIC_SECRET;
|
|
|
|
|
2020-10-03 01:48:06 -07:00
|
|
|
+ if ((status = key_funcs->key_export_ecc( privkey, NULL, 0, &privkey_len)))
|
|
|
|
+ goto done;
|
|
|
|
+
|
|
|
|
+ privkey_blob = heap_alloc(privkey_len);
|
|
|
|
+ if ((status = key_funcs->key_export_ecc( privkey, privkey_blob, privkey_len, &privkey_len)))
|
|
|
|
+ goto done;
|
|
|
|
+
|
|
|
|
+ if ((status = key_funcs->key_compute_secret_ecc( privkey_blob, pubkey, secret )))
|
|
|
|
+ goto done;
|
|
|
|
+
|
|
|
|
+done:
|
|
|
|
+ if (privkey_blob)
|
|
|
|
+ heap_free(privkey_blob);
|
|
|
|
+
|
|
|
|
+ if (status)
|
2020-02-26 00:17:43 -08:00
|
|
|
+ {
|
2020-10-03 01:48:06 -07:00
|
|
|
+ heap_free(secret);
|
|
|
|
+ secret = NULL;
|
2020-02-26 00:17:43 -08:00
|
|
|
+ }
|
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
*handle = secret;
|
|
|
|
- return STATUS_SUCCESS;
|
|
|
|
+ return status;
|
2020-02-26 00:17:43 -08:00
|
|
|
}
|
|
|
|
|
2020-10-03 01:48:06 -07:00
|
|
|
NTSTATUS WINAPI BCryptDestroySecret(BCRYPT_SECRET_HANDLE handle)
|
2020-02-26 00:17:43 -08:00
|
|
|
{
|
2020-07-20 17:55:28 -07:00
|
|
|
struct secret *secret = handle;
|
|
|
|
|
|
|
|
- FIXME( "%p\n", handle );
|
|
|
|
+ TRACE( "%p\n", handle );
|
|
|
|
|
|
|
|
if (!secret || secret->hdr.magic != MAGIC_SECRET) return STATUS_INVALID_HANDLE;
|
|
|
|
secret->hdr.magic = 0;
|
|
|
|
+ heap_free( secret->data );
|
|
|
|
heap_free( secret );
|
2020-02-26 00:17:43 -08:00
|
|
|
return STATUS_SUCCESS;
|
|
|
|
}
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -1957,12 +1981,33 @@ NTSTATUS WINAPI BCryptDeriveKey(BCRYPT_SECRET_HANDLE handle, LPCWSTR kdf, BCrypt
|
2020-02-26 00:17:43 -08:00
|
|
|
{
|
2020-07-20 17:55:28 -07:00
|
|
|
struct secret *secret = handle;
|
|
|
|
|
2020-02-26 00:17:43 -08:00
|
|
|
- FIXME( "%p, %s, %p, %p, %d, %p, %08x\n", secret, debugstr_w(kdf), parameter, derived, derived_size, result, flags );
|
2020-07-20 17:55:28 -07:00
|
|
|
+ TRACE( "%p, %s, %p, %p, %d, %p, %08x\n", secret, debugstr_w(kdf), parameter, derived, derived_size, result, flags );
|
|
|
|
|
|
|
|
if (!secret || secret->hdr.magic != MAGIC_SECRET) return STATUS_INVALID_HANDLE;
|
|
|
|
if (!kdf) return STATUS_INVALID_PARAMETER;
|
|
|
|
|
2020-02-26 00:17:43 -08:00
|
|
|
- return STATUS_INTERNAL_ERROR;
|
2020-10-03 01:48:06 -07:00
|
|
|
+ if (!(lstrcmpW( kdf, BCRYPT_KDF_RAW_SECRET )))
|
2020-02-26 00:17:43 -08:00
|
|
|
+ {
|
|
|
|
+ ULONG n;
|
|
|
|
+ ULONG secret_length = secret->len;
|
|
|
|
+
|
|
|
|
+ if (!derived)
|
|
|
|
+ {
|
|
|
|
+ *result = secret_length;
|
|
|
|
+ return STATUS_SUCCESS;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* outputs in little endian for some reason */
|
|
|
|
+ for (n = 0; n < secret_length && n < derived_size; n++)
|
|
|
|
+ {
|
|
|
|
+ derived[n] = secret->data[secret_length - n - 1];
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ *result = n;
|
|
|
|
+ return STATUS_SUCCESS;
|
|
|
|
+ }
|
2020-07-20 17:55:28 -07:00
|
|
|
+ FIXME( "Derivation function %s not supported.\n", debugstr_w(kdf) );
|
2020-02-26 00:17:43 -08:00
|
|
|
+ return STATUS_NOT_IMPLEMENTED;
|
|
|
|
}
|
|
|
|
|
|
|
|
BOOL WINAPI DllMain( HINSTANCE hinst, DWORD reason, LPVOID reserved )
|
|
|
|
diff --git a/dlls/bcrypt/gcrypt.c b/dlls/bcrypt/gcrypt.c
|
|
|
|
new file mode 100644
|
2021-09-30 15:34:59 -07:00
|
|
|
index 00000000000..e72c27feb51
|
2020-02-26 00:17:43 -08:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/dlls/bcrypt/gcrypt.c
|
2020-12-15 13:30:41 -08:00
|
|
|
@@ -0,0 +1,292 @@
|
2020-10-03 01:48:06 -07:00
|
|
|
+#if 0
|
|
|
|
+#pragma makedep unix
|
|
|
|
+#endif
|
|
|
|
+
|
2020-02-26 00:17:43 -08:00
|
|
|
+#include "config.h"
|
|
|
|
+#include "wine/port.h"
|
|
|
|
+
|
2020-10-09 15:06:27 -07:00
|
|
|
+#include <stdarg.h>
|
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
+#ifdef HAVE_GCRYPT_H
|
|
|
|
+
|
|
|
|
+#include <gcrypt.h>
|
2020-02-26 00:17:43 -08:00
|
|
|
+
|
|
|
|
+#include "ntstatus.h"
|
|
|
|
+#define WIN32_NO_STATUS
|
|
|
|
+#include "windef.h"
|
|
|
|
+#include "winbase.h"
|
2020-10-03 01:48:06 -07:00
|
|
|
+#include "winternl.h"
|
2020-02-26 00:17:43 -08:00
|
|
|
+#include "bcrypt.h"
|
|
|
|
+
|
|
|
|
+#include "bcrypt_internal.h"
|
|
|
|
+
|
|
|
|
+#include "wine/debug.h"
|
|
|
|
+#include "wine/heap.h"
|
|
|
|
+#include "wine/unicode.h"
|
|
|
|
+
|
|
|
|
+WINE_DEFAULT_DEBUG_CHANNEL(bcrypt);
|
|
|
|
+WINE_DECLARE_DEBUG_CHANNEL(winediag);
|
|
|
|
+
|
|
|
|
+static void *libgcrypt_handle;
|
|
|
|
+#define MAKE_FUNCPTR(f) static typeof(f) * p##f
|
|
|
|
+MAKE_FUNCPTR(gcry_check_version);
|
|
|
|
+MAKE_FUNCPTR(gcry_sexp_build);
|
|
|
|
+MAKE_FUNCPTR(gcry_pk_encrypt);
|
|
|
|
+MAKE_FUNCPTR(gcry_mpi_new);
|
|
|
|
+MAKE_FUNCPTR(gcry_mpi_print);
|
|
|
|
+MAKE_FUNCPTR(gcry_sexp_release);
|
|
|
|
+MAKE_FUNCPTR(gcry_mpi_release);
|
|
|
|
+MAKE_FUNCPTR(gcry_strsource);
|
|
|
|
+MAKE_FUNCPTR(gcry_strerror);
|
|
|
|
+MAKE_FUNCPTR(gcry_sexp_find_token);
|
|
|
|
+MAKE_FUNCPTR(gcry_sexp_nth_mpi);
|
|
|
|
+#undef MAKE_FUNCPTR
|
|
|
|
+
|
|
|
|
+BOOL gcrypt_initialize(void)
|
|
|
|
+{
|
2020-04-07 16:15:39 -07:00
|
|
|
+ if (!(libgcrypt_handle = dlopen( SONAME_LIBGCRYPT, RTLD_NOW)))
|
2020-02-26 00:17:43 -08:00
|
|
|
+ {
|
|
|
|
+ ERR_(winediag)( "failed to load libgcrypt, no support for diffie hellman key exchange\n" );
|
|
|
|
+ return FALSE;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+#define LOAD_FUNCPTR(f) \
|
2020-04-07 16:15:39 -07:00
|
|
|
+ if (!(p##f = dlsym( libgcrypt_handle, #f))) \
|
2020-02-26 00:17:43 -08:00
|
|
|
+ { \
|
|
|
|
+ ERR( "failed to load %s\n", #f ); \
|
|
|
|
+ goto fail; \
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ LOAD_FUNCPTR(gcry_check_version);
|
|
|
|
+ LOAD_FUNCPTR(gcry_sexp_build);
|
|
|
|
+ LOAD_FUNCPTR(gcry_pk_encrypt);
|
|
|
|
+ LOAD_FUNCPTR(gcry_mpi_new);
|
|
|
|
+ LOAD_FUNCPTR(gcry_mpi_print);
|
|
|
|
+ LOAD_FUNCPTR(gcry_sexp_release);
|
|
|
|
+ LOAD_FUNCPTR(gcry_mpi_release);
|
|
|
|
+ LOAD_FUNCPTR(gcry_strsource);
|
|
|
|
+ LOAD_FUNCPTR(gcry_strerror);
|
|
|
|
+ LOAD_FUNCPTR(gcry_sexp_find_token);
|
|
|
|
+ LOAD_FUNCPTR(gcry_sexp_nth_mpi);
|
|
|
|
+#undef LOAD_FUNCPTR
|
|
|
|
+
|
|
|
|
+ return TRUE;
|
|
|
|
+
|
|
|
|
+fail:
|
2020-04-07 16:15:39 -07:00
|
|
|
+ dlclose( libgcrypt_handle);
|
2020-02-26 00:17:43 -08:00
|
|
|
+ libgcrypt_handle = NULL;
|
|
|
|
+ return FALSE;
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
+static void gcrypt_uninitialize(void)
|
2020-02-26 00:17:43 -08:00
|
|
|
+{
|
2020-10-03 01:48:06 -07:00
|
|
|
+ if (libgcrypt_handle)
|
|
|
|
+ {
|
|
|
|
+ dlclose( libgcrypt_handle);
|
|
|
|
+ libgcrypt_handle = NULL;
|
|
|
|
+ }
|
2020-02-26 00:17:43 -08:00
|
|
|
+}
|
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
+static NTSTATUS extract_result_into_secret(gcry_sexp_t result, struct secret *secret)
|
2020-02-26 00:17:43 -08:00
|
|
|
+{
|
|
|
|
+ NTSTATUS status = STATUS_SUCCESS;
|
|
|
|
+ gcry_mpi_t fullcoords = NULL;
|
|
|
|
+ gcry_sexp_t fragment = NULL;
|
|
|
|
+ UCHAR *tmp_buffer = NULL;
|
|
|
|
+ gcry_error_t err;
|
|
|
|
+ size_t size;
|
|
|
|
+
|
|
|
|
+ fragment = pgcry_sexp_find_token(result, "s", 0);
|
|
|
|
+ if (!fragment)
|
|
|
|
+ {
|
|
|
|
+ status = STATUS_NO_MEMORY;
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ fullcoords = pgcry_sexp_nth_mpi(fragment, 1, GCRYMPI_FMT_USG);
|
|
|
|
+ if (!fullcoords)
|
|
|
|
+ {
|
|
|
|
+ status = STATUS_NO_MEMORY;
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if ((err = pgcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &size, fullcoords)))
|
|
|
|
+ {
|
|
|
|
+ ERR("Error = %s/%s.\n", pgcry_strsource(err), pgcry_strerror(err));
|
|
|
|
+ status = STATUS_INTERNAL_ERROR;
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
+ tmp_buffer = malloc(size);
|
2020-02-26 00:17:43 -08:00
|
|
|
+ if ((err = pgcry_mpi_print(GCRYMPI_FMT_STD, tmp_buffer, size, NULL, fullcoords)))
|
|
|
|
+ {
|
|
|
|
+ ERR("Error = %s/%s.\n", pgcry_strsource(err), pgcry_strerror(err));
|
|
|
|
+ status = STATUS_INTERNAL_ERROR;
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
+ secret->data = RtlAllocateHeap(GetProcessHeap(), 0, size / 2);
|
2020-02-26 00:17:43 -08:00
|
|
|
+ memcpy(secret->data, tmp_buffer + size % 2, size / 2);
|
|
|
|
+ secret->len = size / 2;
|
|
|
|
+
|
|
|
|
+done:
|
2020-10-03 01:48:06 -07:00
|
|
|
+ free(tmp_buffer);
|
2020-02-26 00:17:43 -08:00
|
|
|
+
|
|
|
|
+ pgcry_mpi_release(fullcoords);
|
|
|
|
+ pgcry_sexp_release(fragment);
|
|
|
|
+
|
|
|
|
+ return status;
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+/* this is necessary since GNUTLS doesn't support ECDH public key encryption, maybe we can replace this when it does:
|
|
|
|
+ https://github.com/gnutls/gnutls/blob/cdc4fc288d87f91f974aa23b6e8595a53970ce00/lib/nettle/pk.c#L495 */
|
2020-10-03 01:48:06 -07:00
|
|
|
+static NTSTATUS CDECL key_compute_secret_ecc(unsigned char *privkey_in, struct key *pubkey_in, struct secret *secret)
|
2020-02-26 00:17:43 -08:00
|
|
|
+{
|
|
|
|
+ const char *pubkey_format;
|
|
|
|
+ DWORD key_size;
|
|
|
|
+ gcry_sexp_t pubkey = NULL;
|
|
|
|
+ gcry_sexp_t privkey = NULL;
|
|
|
|
+ gcry_sexp_t xchg_result = NULL;
|
|
|
|
+ gcry_error_t err;
|
|
|
|
+ NTSTATUS status = STATUS_SUCCESS;
|
|
|
|
+
|
|
|
|
+ if (!libgcrypt_handle)
|
|
|
|
+ {
|
|
|
|
+ ERR("Secrets not supported without gcrypt\n");
|
|
|
|
+ return STATUS_INTERNAL_ERROR;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ switch (pubkey_in->alg_id)
|
|
|
|
+ {
|
|
|
|
+ case ALG_ID_ECDH_P256:
|
|
|
|
+ pubkey_format = "NIST P-256";
|
|
|
|
+ key_size = 32;
|
|
|
|
+ break;
|
|
|
|
+ default:
|
|
|
|
+ FIXME("Unsupported algorithm id: %u\n", pubkey_in->alg_id);
|
|
|
|
+ return STATUS_INTERNAL_ERROR;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* import public key -
|
|
|
|
+ copy public key into temporary buffer so we can prepend 0x04 (to indicate it is uncompressed) */
|
|
|
|
+ {
|
2020-10-03 01:48:06 -07:00
|
|
|
+ UCHAR *public_key_raw = malloc((key_size * 2) + 1);
|
2020-02-26 00:17:43 -08:00
|
|
|
+ public_key_raw[0] = 0x04;
|
|
|
|
+ memcpy(public_key_raw + 1, pubkey_in->u.a.pubkey + sizeof(BCRYPT_ECCKEY_BLOB), key_size * 2);
|
|
|
|
+
|
|
|
|
+ err = pgcry_sexp_build(&pubkey, NULL,
|
|
|
|
+ "(key-data(public-key(ecdh(curve %s)(q %b))))",
|
|
|
|
+ pubkey_format,
|
|
|
|
+ (key_size * 2) + 1,
|
|
|
|
+ public_key_raw);
|
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
+ free(public_key_raw);
|
2020-02-26 00:17:43 -08:00
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (err)
|
|
|
|
+ {
|
|
|
|
+ ERR("Failed to build gcrypt public key\n");
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* import private key */
|
|
|
|
+ /* extract private key from blob structure */
|
2020-10-03 01:48:06 -07:00
|
|
|
+ err = pgcry_sexp_build(&privkey, NULL,
|
|
|
|
+ "(data(flags raw)(value %b))",
|
|
|
|
+ key_size,
|
|
|
|
+ privkey_in + sizeof(BCRYPT_ECCKEY_BLOB) + key_size * 2);
|
2020-02-26 00:17:43 -08:00
|
|
|
+
|
|
|
|
+ if (err)
|
|
|
|
+ {
|
|
|
|
+ ERR("Failed to build gcrypt private key data\n");
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if ((err = pgcry_pk_encrypt(&xchg_result, privkey, pubkey)))
|
|
|
|
+ {
|
|
|
|
+ ERR("Failed to perform key exchange\n");
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ status = extract_result_into_secret(xchg_result, secret);
|
|
|
|
+ if (status)
|
|
|
|
+ {
|
|
|
|
+ ERR("Failed to extract secret key\n");
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (secret->len != key_size)
|
|
|
|
+ {
|
|
|
|
+ ERR("got secret size %u, expected %u\n", secret->len, key_size);
|
|
|
|
+ status = STATUS_INTERNAL_ERROR;
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ done:
|
|
|
|
+ pgcry_sexp_release(pubkey);
|
|
|
|
+ pgcry_sexp_release(privkey);
|
|
|
|
+ pgcry_sexp_release(xchg_result);
|
|
|
|
+
|
|
|
|
+ if (status)
|
|
|
|
+ {
|
|
|
|
+ return status;
|
|
|
|
+ }
|
|
|
|
+ if (err)
|
|
|
|
+ {
|
|
|
|
+ ERR("Error = %s/%s\n", pgcry_strsource (err), pgcry_strerror (err));
|
|
|
|
+ return STATUS_INTERNAL_ERROR;
|
|
|
|
+ }
|
|
|
|
+ return STATUS_SUCCESS;
|
|
|
|
+}
|
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
+static struct key_funcs key_funcs =
|
2020-02-26 00:17:43 -08:00
|
|
|
+{
|
2020-10-03 01:48:06 -07:00
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
2020-10-26 16:38:43 -07:00
|
|
|
+ NULL,
|
2020-12-15 13:30:41 -08:00
|
|
|
+ NULL,
|
|
|
|
+ NULL,
|
2020-10-03 01:48:06 -07:00
|
|
|
+ key_compute_secret_ecc
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+struct key_funcs * gcrypt_lib_init( DWORD reason )
|
|
|
|
+{
|
|
|
|
+ switch (reason)
|
|
|
|
+ {
|
|
|
|
+ case DLL_PROCESS_ATTACH:
|
|
|
|
+ if (!gcrypt_initialize()) return NULL;
|
|
|
|
+ return &key_funcs;
|
|
|
|
+ case DLL_PROCESS_DETACH:
|
|
|
|
+ gcrypt_uninitialize();
|
|
|
|
+ }
|
|
|
|
+ return NULL;
|
2020-02-26 00:17:43 -08:00
|
|
|
+}
|
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
+#else
|
|
|
|
+#include "ntstatus.h"
|
|
|
|
+#define WIN32_NO_STATUS
|
|
|
|
+#include "windef.h"
|
|
|
|
+#include "winbase.h"
|
|
|
|
+#include "winternl.h"
|
2020-02-27 13:19:41 -08:00
|
|
|
+
|
2020-10-03 01:48:06 -07:00
|
|
|
+struct key_funcs * gcrypt_lib_init( DWORD reason )
|
2020-02-27 13:19:41 -08:00
|
|
|
+{
|
2020-10-03 01:48:06 -07:00
|
|
|
+ return NULL;
|
2020-02-27 13:19:41 -08:00
|
|
|
+}
|
2020-10-03 01:48:06 -07:00
|
|
|
+#endif
|
|
|
|
diff --git a/dlls/bcrypt/gnutls.c b/dlls/bcrypt/gnutls.c
|
2021-09-30 15:34:59 -07:00
|
|
|
index 66845ffc8cf..64825f5b99b 100644
|
2020-10-03 01:48:06 -07:00
|
|
|
--- a/dlls/bcrypt/gnutls.c
|
|
|
|
+++ b/dlls/bcrypt/gnutls.c
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -1894,7 +1894,8 @@ static const struct key_funcs key_funcs =
|
2020-10-03 01:48:06 -07:00
|
|
|
key_export_ecc,
|
|
|
|
key_import_dsa_capi,
|
2020-12-03 15:53:09 -08:00
|
|
|
key_import_ecc,
|
|
|
|
- key_import_rsa
|
|
|
|
+ key_import_rsa,
|
2020-10-03 01:48:06 -07:00
|
|
|
+ NULL
|
|
|
|
};
|
|
|
|
|
|
|
|
struct key_funcs * gnutls_lib_init( DWORD reason )
|
2020-02-26 00:17:43 -08:00
|
|
|
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
|
2021-09-30 15:34:59 -07:00
|
|
|
index fb5ac03b039..894473d5346 100644
|
2020-02-26 00:17:43 -08:00
|
|
|
--- a/dlls/bcrypt/tests/bcrypt.c
|
|
|
|
+++ b/dlls/bcrypt/tests/bcrypt.c
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -2248,7 +2248,7 @@ static void test_ECDH(void)
|
2020-02-26 00:17:43 -08:00
|
|
|
goto raw_secret_end;
|
|
|
|
}
|
|
|
|
|
|
|
|
- todo_wine ok(status == STATUS_SUCCESS, "got %08x\n", status);
|
|
|
|
+ ok(status == STATUS_SUCCESS, "got %08x\n", status);
|
|
|
|
|
|
|
|
if (status != STATUS_SUCCESS)
|
|
|
|
{
|
2020-10-03 01:48:06 -07:00
|
|
|
diff --git a/dlls/bcrypt/unixlib.c b/dlls/bcrypt/unixlib.c
|
2021-09-30 15:34:59 -07:00
|
|
|
index 1937a8172a4..e684a608eb5 100644
|
2020-10-03 01:48:06 -07:00
|
|
|
--- a/dlls/bcrypt/unixlib.c
|
|
|
|
+++ b/dlls/bcrypt/unixlib.c
|
2020-12-16 05:23:52 -08:00
|
|
|
@@ -142,6 +142,12 @@ static NTSTATUS CDECL key_import_rsa( struct key *key, UCHAR *input, ULONG input
|
|
|
|
return STATUS_NOT_IMPLEMENTED;
|
2020-10-03 01:48:06 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
+static NTSTATUS CDECL key_compute_secret_ecc (unsigned char *privkey_in, struct key *pubkey_in, struct secret *secret)
|
|
|
|
+{
|
|
|
|
+ FIXME( "not implemented\n" );
|
|
|
|
+ return STATUS_NOT_IMPLEMENTED;
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
static struct key_funcs key_funcs =
|
|
|
|
{
|
|
|
|
key_set_property,
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -164,17 +170,21 @@ static struct key_funcs key_funcs =
|
2020-10-03 01:48:06 -07:00
|
|
|
key_import_dsa_capi,
|
2020-12-16 05:23:52 -08:00
|
|
|
key_import_ecc,
|
|
|
|
key_import_rsa,
|
|
|
|
+ key_compute_secret_ecc,
|
2020-10-03 01:48:06 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
NTSTATUS CDECL __wine_init_unix_lib( HMODULE module, DWORD reason, const void *ptr_in, void *ptr_out )
|
|
|
|
{
|
|
|
|
struct key_funcs *gnutls_funcs = gnutls_lib_init(reason);
|
|
|
|
+ struct key_funcs *gcrypt_funcs = gcrypt_lib_init(reason);
|
|
|
|
|
|
|
|
if (reason == DLL_PROCESS_ATTACH)
|
|
|
|
{
|
2021-09-30 15:34:59 -07:00
|
|
|
#define RESOLVE_FUNC(name) \
|
2020-10-03 01:48:06 -07:00
|
|
|
if (gnutls_funcs && gnutls_funcs->key_##name) \
|
|
|
|
- key_funcs.key_##name = gnutls_funcs->key_##name;
|
|
|
|
+ key_funcs.key_##name = gnutls_funcs->key_##name; \
|
|
|
|
+ if (gcrypt_funcs && gcrypt_funcs->key_##name) \
|
|
|
|
+ key_funcs.key_##name = gcrypt_funcs->key_##name;
|
|
|
|
|
|
|
|
RESOLVE_FUNC(set_property)
|
|
|
|
RESOLVE_FUNC(symmetric_init)
|
2021-09-30 15:34:59 -07:00
|
|
|
@@ -196,6 +206,7 @@ NTSTATUS CDECL __wine_init_unix_lib( HMODULE module, DWORD reason, const void *p
|
2020-10-03 01:48:06 -07:00
|
|
|
RESOLVE_FUNC(import_dsa_capi)
|
|
|
|
RESOLVE_FUNC(import_ecc)
|
2020-12-16 05:23:52 -08:00
|
|
|
RESOLVE_FUNC(import_rsa)
|
2020-10-03 01:48:06 -07:00
|
|
|
+ RESOLVE_FUNC(compute_secret_ecc)
|
|
|
|
|
|
|
|
#undef RESOLVE_FUNC
|
|
|
|
|
2020-02-26 00:17:43 -08:00
|
|
|
--
|
2021-09-30 15:34:59 -07:00
|
|
|
2.33.0
|
2020-02-26 00:17:43 -08:00
|
|
|
|