wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2025-04-13 14:42:51 -07:00
Code Issues Packages Projects Releases Wiki Activity

Rebase against 866eec810e7342630d47887f8ad7e1fbb5a0e788.

Browse Source
This commit is contained in:
Sebastian Lackner
2017-08-17 20:17:02 +02:00
parent f6565eb6af
commit 0e27dc7034
9 changed files with 57 additions and 962 deletions
Download Patch File Download Diff File Expand all files Collapse all files

610
patches/bcrypt-Improvements/0001-bcrypt-Add-AES-provider.patch
View File

File diff suppressed because it is too large Load Diff

26
patches/bcrypt-Improvements/0001-include-Add-missing-BCRYPT_CHAIN_MODE-definitions.patch Normal file
View File

@@ -0,0 +1,26 @@
From 1678dc51bead9b84a2670e122c87f70d1c023935 Mon Sep 17 00:00:00 2001
From: Hans Leidekker <hans@codeweavers.com>
Date: Thu, 17 Aug 2017 18:02:53 +0200
Subject: include: Add missing BCRYPT_CHAIN_MODE definitions.
---
include/bcrypt.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/include/bcrypt.h b/include/bcrypt.h
index 9e193da5de5..34ffc100d6b 100644
--- a/include/bcrypt.h
+++ b/include/bcrypt.h
@@ -74,6 +74,9 @@ typedef LONG NTSTATUS;
#define BCRYPT_CHAIN_MODE_NA (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','N','/','A',0}
#define BCRYPT_CHAIN_MODE_CBC (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','C','B','C',0}
#define BCRYPT_CHAIN_MODE_ECB (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','E','C','B',0}
+#define BCRYPT_CHAIN_MODE_CFB (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','C','F','B',0}
+#define BCRYPT_CHAIN_MODE_CCM (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','C','C','M',0}
+#define BCRYPT_CHAIN_MODE_GCM (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','G','C','M',0}
typedef struct _BCRYPT_ALGORITHM_IDENTIFIER
{
--
2.13.1

111
patches/bcrypt-Improvements/0006-bcrypt-Fix-handling-of-padding-when-input-size-equal.patch
View File

@@ -1,111 +0,0 @@
From 026aff5aa7c66fdc8e8c724dc73217585e8edf91 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Wed, 21 Dec 2016 04:09:03 +0100
Subject: bcrypt: Fix handling of padding when input size equals block size for
AES.
---
dlls/bcrypt/bcrypt_main.c | 14 ++++++++------
dlls/bcrypt/tests/bcrypt.c | 33 ++++++++++++++++++++++++++++++++-
2 files changed, 40 insertions(+), 7 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 944a9ea..f53ea1c 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -997,11 +997,12 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if ((status = key_set_params( key, iv, iv_len ))) return status;
*ret_len = input_len;
- if (input_len & (key->block_size - 1))
- {
- if (!(flags & BCRYPT_BLOCK_PADDING)) return STATUS_INVALID_BUFFER_SIZE;
- *ret_len = (input_len + key->block_size - 1) & ~(key->block_size - 1);
- }
+
+ if (flags & BCRYPT_BLOCK_PADDING)
+ *ret_len = (input_len + key->block_size) & ~(key->block_size - 1);
+ else if (input_len & (key->block_size - 1))
+ return STATUS_INVALID_BUFFER_SIZE;
+
if (!output) return STATUS_SUCCESS;
if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
@@ -1014,7 +1015,8 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
src += key->block_size;
dst += key->block_size;
}
- if (bytes_left)
+
+ if (flags & BCRYPT_BLOCK_PADDING)
{
if (!(buf = HeapAlloc( GetProcessHeap(), 0, key->block_size ))) return STATUS_NO_MEMORY;
memcpy( buf, src, bytes_left );
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 2668153..64a4625 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -918,14 +918,21 @@ static void test_BCryptEncrypt(void)
{0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
static UCHAR data[] =
{0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10};
+ static UCHAR data2[] =
+ {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+ 0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10};
static UCHAR expected[] =
{0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79};
static UCHAR expected2[] =
{0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
0x28,0x73,0x3d,0xef,0x84,0x8f,0xb0,0xa6,0x5d,0x1a,0x51,0xb7,0xec,0x8f,0xea,0xe9};
+ static UCHAR expected3[] =
+ {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
+ 0xb1,0xa2,0x92,0x73,0xbe,0x2c,0x42,0x07,0xa5,0xac,0xe3,0x93,0x39,0x8c,0xb6,0xfb,
+ 0x87,0x5d,0xea,0xa3,0x7e,0x0f,0xde,0xfa,0xd9,0xec,0x6c,0x4e,0x3c,0x76,0x86,0xe4};
BCRYPT_ALG_HANDLE aes;
BCRYPT_KEY_HANDLE key;
- UCHAR *buf, ciphertext[32], ivbuf[16];
+ UCHAR *buf, ciphertext[48], ivbuf[16];
ULONG size, len, i;
NTSTATUS ret;
@@ -982,6 +989,23 @@ static void test_BCryptEncrypt(void)
for (i = 0; i < 32; i++)
ok(ciphertext[i] == expected2[i], "%u: %02x != %02x\n", i, ciphertext[i], expected2[i]);
+ /* input size is a multiple of block size, block padding set */
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ ret = pBCryptEncrypt(key, data2, 32, NULL, ivbuf, 16, NULL, 0, &size, BCRYPT_BLOCK_PADDING);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(size == 48, "got %u\n", size);
+
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ memset(ciphertext, 0, sizeof(ciphertext));
+ ret = pBCryptEncrypt(key, data2, 32, NULL, ivbuf, 16, ciphertext, 48, &size, BCRYPT_BLOCK_PADDING);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(size == 48, "got %u\n", size);
+ ok(!memcmp(ciphertext, expected3, sizeof(expected3)), "wrong data\n");
+ for (i = 0; i < 48; i++)
+ ok(ciphertext[i] == expected3[i], "%u: %02x != %02x\n", i, ciphertext[i], expected3[i]);
+
/* output size too small */
size = 0;
memcpy(ivbuf, iv, sizeof(iv));
@@ -990,6 +1014,13 @@ static void test_BCryptEncrypt(void)
ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
ok(size == 32, "got %u\n", size);
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ memset(ciphertext, 0, sizeof(ciphertext));
+ ret = pBCryptEncrypt(key, data2, 32, NULL, ivbuf, 16, ciphertext, 32, &size, BCRYPT_BLOCK_PADDING);
+ ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
+ ok(size == 48, "got %u\n", size);
+
ret = pBCryptDestroyKey(key);
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
HeapFree(GetProcessHeap(), 0, buf);
--
2.9.0

165
patches/bcrypt-Improvements/0007-bcrypt-Properly-handle-padding-in-AES-decryption.patch
View File

@@ -1,165 +0,0 @@
From 6a57c0b62866b751a5140d35ae7b131bd895745f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Wed, 21 Dec 2016 05:12:06 +0100
Subject: bcrypt: Properly handle padding in AES decryption.
---
dlls/bcrypt/bcrypt_main.c | 39 +++++++++++++++++++++++++++--
dlls/bcrypt/tests/bcrypt.c | 62 +++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 98 insertions(+), 3 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index f97638f..653301b 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -1032,6 +1032,8 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
ULONG output_len, ULONG *ret_len, ULONG flags )
{
struct key *key = handle;
+ ULONG bytes_left = input_len;
+ UCHAR *buf, *src, *dst;
NTSTATUS status;
TRACE( "%p, %p, %u, %p, %p, %u, %p, %u, %p, %08x\n", handle, input, input_len,
@@ -1052,11 +1054,44 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if ((status = key_set_params( key, iv, iv_len ))) return status;
*ret_len = input_len;
+
if (input_len & (key->block_size - 1)) return STATUS_INVALID_BUFFER_SIZE;
if (!output) return STATUS_SUCCESS;
- if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
+ if (flags & BCRYPT_BLOCK_PADDING)
+ {
+ if (output_len + key->block_size < *ret_len) return STATUS_BUFFER_TOO_SMALL;
+ if (input_len < key->block_size) return STATUS_BUFFER_TOO_SMALL;
+ bytes_left -= key->block_size;
+ }
+ else if (output_len < *ret_len)
+ return STATUS_BUFFER_TOO_SMALL;
- return key_decrypt( key, input, input_len, output, output_len );
+ src = input;
+ dst = output;
+ while (bytes_left >= key->block_size)
+ {
+ if ((status = key_decrypt( key, src, key->block_size, dst, key->block_size ))) return status;
+ bytes_left -= key->block_size;
+ src += key->block_size;
+ dst += key->block_size;
+ }
+
+ if (flags & BCRYPT_BLOCK_PADDING)
+ {
+ if (!(buf = HeapAlloc( GetProcessHeap(), 0, key->block_size ))) return STATUS_NO_MEMORY;
+ status = key_decrypt( key, src, key->block_size, buf, key->block_size );
+ if (!status && buf[ key->block_size - 1 ] <= key->block_size)
+ {
+ *ret_len -= buf[ key->block_size - 1 ];
+ if (output_len < *ret_len) status = STATUS_BUFFER_TOO_SMALL;
+ else memcpy( dst, buf, key->block_size - buf[ key->block_size - 1 ] );
+ }
+ else
+ status = STATUS_UNSUCCESSFUL; /* FIXME: invalid padding */
+ HeapFree( GetProcessHeap(), 0, buf );
+ }
+
+ return status;
}
BOOL WINAPI DllMain( HINSTANCE hinst, DWORD reason, LPVOID reserved )
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 64a4625..997b298 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -1037,12 +1037,24 @@ static void test_BCryptDecrypt(void)
{0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
static UCHAR expected[] =
{0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
+ static UCHAR expected2[] =
+ {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10};
+ static UCHAR expected3[] =
+ {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+ 0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10};
static UCHAR ciphertext[32] =
{0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
0x28,0x73,0x3d,0xef,0x84,0x8f,0xb0,0xa6,0x5d,0x1a,0x51,0xb7,0xec,0x8f,0xea,0xe9};
+ static UCHAR ciphertext2[] =
+ {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
+ 0x28,0x73,0x3d,0xef,0x84,0x8f,0xb0,0xa6,0x5d,0x1a,0x51,0xb7,0xec,0x8f,0xea,0xe9};
+ static UCHAR ciphertext3[] =
+ {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
+ 0xb1,0xa2,0x92,0x73,0xbe,0x2c,0x42,0x07,0xa5,0xac,0xe3,0x93,0x39,0x8c,0xb6,0xfb,
+ 0x87,0x5d,0xea,0xa3,0x7e,0x0f,0xde,0xfa,0xd9,0xec,0x6c,0x4e,0x3c,0x76,0x86,0xe4};
BCRYPT_ALG_HANDLE aes;
BCRYPT_KEY_HANDLE key;
- UCHAR *buf, plaintext[32], ivbuf[16];
+ UCHAR *buf, plaintext[48], ivbuf[16];
ULONG size, len;
NTSTATUS ret;
@@ -1073,6 +1085,36 @@ static void test_BCryptDecrypt(void)
ok(size == 32, "got %u\n", size);
ok(!memcmp(plaintext, expected, sizeof(expected)), "wrong data\n");
+ /* test with padding smaller than block size */
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ ret = pBCryptDecrypt(key, ciphertext2, 32, NULL, ivbuf, 16, NULL, 0, &size, 0);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(size == 32, "got %u\n", size);
+
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ memset(plaintext, 0, sizeof(plaintext));
+ ret = pBCryptDecrypt(key, ciphertext2, 32, NULL, ivbuf, 16, plaintext, 17, &size, BCRYPT_BLOCK_PADDING);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(size == 17, "got %u\n", size);
+ ok(!memcmp(plaintext, expected2, sizeof(expected2)), "wrong data\n");
+
+ /* test with padding of block size */
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ ret = pBCryptDecrypt(key, ciphertext3, 48, NULL, ivbuf, 16, NULL, 0, &size, 0);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(size == 48, "got %u\n", size);
+
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ memset(plaintext, 0, sizeof(plaintext));
+ ret = pBCryptDecrypt(key, ciphertext3, 48, NULL, ivbuf, 16, plaintext, 32, &size, BCRYPT_BLOCK_PADDING);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(size == 32, "got %u\n", size);
+ ok(!memcmp(plaintext, expected3, sizeof(expected3)), "wrong data\n");
+
/* output size too small */
size = 0;
memcpy(ivbuf, iv, sizeof(iv));
@@ -1080,6 +1122,24 @@ static void test_BCryptDecrypt(void)
ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
ok(size == 32, "got %u\n", size);
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ ret = pBCryptDecrypt(key, ciphertext2, 32, NULL, ivbuf, 16, plaintext, 15, &size, BCRYPT_BLOCK_PADDING);
+ ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
+ ok(size == 32, "got %u\n", size);
+
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ ret = pBCryptDecrypt(key, ciphertext2, 32, NULL, ivbuf, 16, plaintext, 16, &size, BCRYPT_BLOCK_PADDING);
+ ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
+ ok(size == 17, "got %u\n", size);
+
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ ret = pBCryptDecrypt(key, ciphertext3, 48, NULL, ivbuf, 16, plaintext, 31, &size, BCRYPT_BLOCK_PADDING);
+ ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
+ ok(size == 48, "got %u\n", size);
+
/* input size is not a multiple of block size */
size = 0;
memcpy(ivbuf, iv, sizeof(iv));
--
2.9.0

39
patches/bcrypt-Improvements/0008-bcrypt-Fix-use-after-free-in-key_init.patch
View File

@@ -1,39 +0,0 @@
From f7dc69131cc016917b31c5deedf97da31b11c597 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 02:43:39 +0100
Subject: bcrypt: Fix use-after-free in key_init.
---
dlls/bcrypt/bcrypt_main.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 09bf6c30..a9006a4 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -791,6 +791,8 @@ static ULONG get_block_size( enum alg_id alg )
static NTSTATUS key_init( struct key *key, enum alg_id id, UCHAR *secret, ULONG secret_len )
{
+ UCHAR *buffer;
+
if (!libgnutls_handle) return STATUS_INTERNAL_ERROR;
switch (id)
@@ -804,10 +806,12 @@ static NTSTATUS key_init( struct key *key, enum alg_id id, UCHAR *secret, ULONG
}
if (!(key->block_size = get_block_size( id ))) return STATUS_INVALID_PARAMETER;
+ if (!(buffer = HeapAlloc( GetProcessHeap(), 0, secret_len ))) return STATUS_NO_MEMORY;
+ memcpy( buffer, secret, secret_len );
key->alg_id = id;
key->handle = 0; /* initialized on first use */
- key->secret = secret;
+ key->secret = buffer;
key->secret_len = secret_len;
return STATUS_SUCCESS;
--
2.9.0

16
patches/bcrypt-Improvements/0012-bcrypt-Pass-object-to-get_-alg-hash-_property-instea.patch
View File

@@ -1,4 +1,4 @@
From a93745453350f9eabcab0f49528c3f027a303c24 Mon Sep 17 00:00:00 2001
From 5cfd49e478e1f4d432cfa7140265c15813939fe5 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 26 Dec 2016 06:18:01 +0100
Subject: bcrypt: Pass object to get_{alg,hash}_property instead of alg_id.
@@ -8,7 +8,7 @@ Subject: bcrypt: Pass object to get_{alg,hash}_property instead of alg_id.
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index d0a1b074b50..deab6f28bd9 100644
index 7a935150778..4869206ab49 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -440,15 +440,15 @@ static NTSTATUS generic_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *
@@ -59,7 +59,7 @@ index d0a1b074b50..deab6f28bd9 100644
}
default:
WARN( "unknown magic %08x\n", object->magic );
@@ -697,34 +697,34 @@ struct key
@@ -696,34 +696,34 @@ struct key
ULONG secret_len;
};
@@ -71,8 +71,8 @@ index d0a1b074b50..deab6f28bd9 100644
return ret;
}
-static NTSTATUS key_init( struct key *key, enum alg_id id, UCHAR *secret, ULONG secret_len )
+static NTSTATUS key_init( struct key *key, struct algorithm *alg, UCHAR *secret, ULONG secret_len )
-static NTSTATUS key_init( struct key *key, enum alg_id id, const UCHAR *secret, ULONG secret_len )
+static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
{
UCHAR *buffer;
@@ -100,7 +100,7 @@ index d0a1b074b50..deab6f28bd9 100644
key->handle = 0; /* initialized on first use */
key->secret = buffer;
key->secret_len = secret_len;
@@ -820,7 +820,7 @@ struct key
@@ -819,7 +819,7 @@ struct key
ULONG block_size;
};
@@ -109,7 +109,7 @@ index d0a1b074b50..deab6f28bd9 100644
{
ERR( "support for keys not available at build time\n" );
return STATUS_NOT_IMPLEMENTED;
@@ -869,7 +869,7 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
@@ -868,7 +868,7 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
if (!(key = HeapAlloc( GetProcessHeap(), 0, sizeof(*key) ))) return STATUS_NO_MEMORY;
key->hdr.magic = MAGIC_KEY;
@@ -119,5 +119,5 @@ index d0a1b074b50..deab6f28bd9 100644
HeapFree( GetProcessHeap(), 0, key );
return status;
--
2.11.0
2.13.1

12
patches/bcrypt-Improvements/0013-bcrypt-Implement-BCryptSetProperty-for-algorithms.patch
View File

@@ -1,4 +1,4 @@
From 2f57d906c55bdc99f476b6547f67d864e7210f16 Mon Sep 17 00:00:00 2001
From b1132f420bf61b9a6f44ee62ea8f90a239010541 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 06:08:33 +0100
Subject: bcrypt: Implement BCryptSetProperty for algorithms.
@@ -9,7 +9,7 @@ Subject: bcrypt: Implement BCryptSetProperty for algorithms.
2 files changed, 67 insertions(+), 5 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index deab6f28bd9..595d36d7dbe 100644
index 4869206ab49..07c3f8b8d74 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -153,6 +153,12 @@ enum alg_id
@@ -82,9 +82,9 @@ index deab6f28bd9..595d36d7dbe 100644
static NTSTATUS get_hash_property( const struct hash *hash, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
{
NTSTATUS status;
@@ -524,8 +566,28 @@ NTSTATUS WINAPI BCryptGetProperty( BCRYPT_HANDLE handle, LPCWSTR prop, UCHAR *bu
NTSTATUS WINAPI BCryptSetProperty( BCRYPT_HANDLE handle, const WCHAR *prop, UCHAR *value,
ULONG size, ULONG flags )
@@ -523,8 +565,28 @@ NTSTATUS WINAPI BCryptGetProperty( BCRYPT_HANDLE handle, LPCWSTR prop, UCHAR *bu
NTSTATUS WINAPI BCryptSetProperty( BCRYPT_HANDLE handle, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
{
- FIXME( "%p, %s, %p, %u, %08x\n", handle, debugstr_w(prop), value, size, flags );
- return STATUS_NOT_IMPLEMENTED;
@@ -145,5 +145,5 @@ index abf59c8404d..08a83aaf7a5 100644
buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
--
2.11.0
2.13.1

28
patches/bcrypt-Improvements/0019-bcrypt-Add-support-for-computing-comparing-cipher-ta.patch
View File

@@ -1,4 +1,4 @@
From ec780b6b895ed5d9cd7bad5a2f24a822c3ae0e33 Mon Sep 17 00:00:00 2001
From cb5fa7e822dcd6105f189507ab648eacc86ab91a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 08:02:36 +0100
Subject: bcrypt: Add support for computing/comparing cipher tag.
@@ -9,11 +9,11 @@ Subject: bcrypt: Add support for computing/comparing cipher tag.
2 files changed, 45 insertions(+), 6 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index c41524d..8a2df46 100644
index 97c437a20c0..0ff461adc91 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -49,6 +49,9 @@ static HINSTANCE instance;
#if defined(HAVE_GNUTLS_HASH) && !defined(HAVE_COMMONCRYPTO_COMMONDIGEST_H)
#if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONDIGEST_H)
WINE_DECLARE_DEBUG_CHANNEL(winediag);
+/* Not present in gnutls version < 3.0 */
@@ -21,7 +21,7 @@ index c41524d..8a2df46 100644
+
static void *libgnutls_handle;
#define MAKE_FUNCPTR(f) static typeof(f) * p##f
MAKE_FUNCPTR(gnutls_cipher_init);
MAKE_FUNCPTR(gnutls_cipher_decrypt2);
@@ -68,6 +71,11 @@ MAKE_FUNCPTR(gnutls_perror);
#define GNUTLS_CIPHER_AES_256_GCM 94
#endif
@@ -47,7 +47,7 @@ index c41524d..8a2df46 100644
if ((ret = pgnutls_global_init()) != GNUTLS_E_SUCCESS)
{
pgnutls_perror( ret );
@@ -979,6 +993,19 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
@@ -892,6 +906,19 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
return STATUS_SUCCESS;
}
@@ -67,7 +67,7 @@ index c41524d..8a2df46 100644
static NTSTATUS key_destroy( struct key *key )
{
if (key->handle) pgnutls_cipher_deinit( key->handle );
@@ -1019,6 +1046,12 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
@@ -934,6 +961,12 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
return STATUS_NOT_IMPLEMENTED;
}
@@ -80,7 +80,7 @@ index c41524d..8a2df46 100644
static NTSTATUS key_destroy( struct key *key )
{
ERR( "support for keys not available at build time\n" );
@@ -1103,7 +1136,7 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1018,7 +1051,7 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if ((status = key_encrypt( key, input, input_len, output, output_len )))
return status;
@@ -89,7 +89,7 @@ index c41524d..8a2df46 100644
}
if ((status = key_set_params( key, iv, iv_len ))) return status;
@@ -1162,6 +1195,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1077,6 +1110,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if (key->mode == MODE_ID_GCM)
{
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO *auth_info = padding;
@@ -97,7 +97,7 @@ index c41524d..8a2df46 100644
if (!auth_info) return STATUS_INVALID_PARAMETER;
if (!auth_info->pbNonce) return STATUS_INVALID_PARAMETER;
@@ -1179,6 +1213,11 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1094,6 +1128,11 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if ((status = key_decrypt( key, input, input_len, output, output_len )))
return status;
@@ -110,10 +110,10 @@ index c41524d..8a2df46 100644
}
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 3a1bc00..5d8447c 100644
index 79e8c4c36d3..14725a52b7a 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -1131,11 +1131,11 @@ static void test_BCryptEncrypt(void)
@@ -1018,11 +1018,11 @@ static void test_BCryptEncrypt(void)
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
ok(size == 32, "got %u\n", size);
ok(!memcmp(ciphertext, expected4, sizeof(expected4)), "wrong data\n");
@@ -127,7 +127,7 @@ index 3a1bc00..5d8447c 100644
/* input size is not multiple of block size */
size = 0;
@@ -1146,11 +1146,11 @@ static void test_BCryptEncrypt(void)
@@ -1033,11 +1033,11 @@ static void test_BCryptEncrypt(void)
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
ok(size == 24, "got %u\n", size);
ok(!memcmp(ciphertext, expected4, 24), "wrong data\n");
@@ -141,7 +141,7 @@ index 3a1bc00..5d8447c 100644
/* test with padding */
memcpy(ivbuf, iv, sizeof(iv));
@@ -1344,7 +1344,7 @@ static void test_BCryptDecrypt(void)
@@ -1231,7 +1231,7 @@ static void test_BCryptDecrypt(void)
memcpy(ivbuf, iv, sizeof(iv));
auth_info.pbTag = iv; /* wrong tag */
ret = pBCryptDecrypt(key, ciphertext4, 32, &auth_info, ivbuf, 16, plaintext, 32, &size, 0);
@@ -151,5 +151,5 @@ index 3a1bc00..5d8447c 100644
ret = pBCryptDestroyKey(key);
--
2.9.0
2.13.1

12
patches/patchinstall.sh
View File

@@ -52,7 +52,7 @@ usage()
# Get the upstream commit sha
upstream_commit()
{
echo "ae2d6e836b98440cdc938718226dc89592a64eda"
echo "866eec810e7342630d47887f8ad7e1fbb5a0e788"
}
# Show version information
@@ -3502,10 +3502,7 @@ fi
# | include/bcrypt.h, include/ntstatus.h
# |
if test "$enable_bcrypt_Improvements" -eq 1; then
patch_apply bcrypt-Improvements/0001-bcrypt-Add-AES-provider.patch
patch_apply bcrypt-Improvements/0006-bcrypt-Fix-handling-of-padding-when-input-size-equal.patch
patch_apply bcrypt-Improvements/0007-bcrypt-Properly-handle-padding-in-AES-decryption.patch
patch_apply bcrypt-Improvements/0008-bcrypt-Fix-use-after-free-in-key_init.patch
patch_apply bcrypt-Improvements/0001-include-Add-missing-BCRYPT_CHAIN_MODE-definitions.patch
patch_apply bcrypt-Improvements/0010-bcrypt-tests-Add-test-for-bugs-in-BCryptGetProperty.patch
patch_apply bcrypt-Improvements/0011-bcrypt-tests-Add-tests-for-AES-GCM-mode.patch
patch_apply bcrypt-Improvements/0012-bcrypt-Pass-object-to-get_-alg-hash-_property-instea.patch
@@ -3527,10 +3524,7 @@ if test "$enable_bcrypt_Improvements" -eq 1; then
patch_apply bcrypt-Improvements/0028-bcrypt-Partial-implementation-of-BCryptImportKey-and.patch
patch_apply bcrypt-Improvements/0029-bcrypt-Add-support-for-192-and-256-bit-aes-keys.patch
(
printf '%s\n' '+ { "Hans Leidekker", "bcrypt: Add AES provider.", 1 },';
printf '%s\n' '+ { "Michael Müller", "bcrypt: Fix handling of padding when input size equals block size for AES.", 1 },';
printf '%s\n' '+ { "Michael Müller", "bcrypt: Properly handle padding in AES decryption.", 1 },';
printf '%s\n' '+ { "Michael Müller", "bcrypt: Fix use-after-free in key_init.", 1 },';
printf '%s\n' '+ { "Hans Leidekker", "include: Add missing BCRYPT_CHAIN_MODE definitions.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "bcrypt/tests: Add test for bugs in BCryptGetProperty.", 1 },';
printf '%s\n' '+ { "Michael Müller", "bcrypt/tests: Add tests for AES GCM mode.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "bcrypt: Pass object to get_{alg,hash}_property instead of alg_id.", 1 },';