Updated bcrypt-ECDHSecretAgreement patchset

2025-09-12 18:50:20 -07:00 · 2020-10-03 18:48:06 +10:00
parent aa7895faf6
commit 194669052e
5 changed files with 586 additions and 170 deletions
--- a/patches/bcrypt-ECDHSecretAgreement/0001-bcrypt-Allow-multiple-backends-to-coexist.patch
+++ b/patches/bcrypt-ECDHSecretAgreement/0001-bcrypt-Allow-multiple-backends-to-coexist.patch
@@ -0,0 +1,339 @@
+From 104e3d8f36af9bc2179f7878b4f99b7417f59376 Mon Sep 17 00:00:00 2001
+From: Derek Lesho <dlesho@codeweavers.com>
+Date: Fri, 2 Oct 2020 11:29:24 -0500
+Subject: [PATCH] bcrypt: Allow multiple backends to coexist.
+
+Signed-off-by: Derek Lesho <dlesho@codeweavers.com>
+---
+ dlls/bcrypt/Makefile.in       |   3 +-
+ dlls/bcrypt/bcrypt_internal.h |   3 +
+ dlls/bcrypt/gnutls.c          |  34 +++++--
+ dlls/bcrypt/macos.c           |  20 +++-
+ dlls/bcrypt/unixlib.c         | 186 ++++++++++++++++++++++++++++++++++
+ 5 files changed, 229 insertions(+), 17 deletions(-)
+ create mode 100644 dlls/bcrypt/unixlib.c
+
+diff --git a/dlls/bcrypt/Makefile.in b/dlls/bcrypt/Makefile.in
+index 24803fb2d7c..46a20d473dd 100644
+--- a/dlls/bcrypt/Makefile.in
+++ b/dlls/bcrypt/Makefile.in
+@@ -11,6 +11,7 @@ C_SRCS = \
+ 	macos.c \
+ 	md2.c \
+ 	sha256.c \
+-	sha512.c
+	sha512.c \
+	unixlib.c
+ 
+ RC_SRCS = version.rc
+diff --git a/dlls/bcrypt/bcrypt_internal.h b/dlls/bcrypt/bcrypt_internal.h
+index 5edc9e6c9c6..29db7210b59 100644
+--- a/dlls/bcrypt/bcrypt_internal.h
+++ b/dlls/bcrypt/bcrypt_internal.h
+@@ -210,4 +210,7 @@ struct key_funcs
+     NTSTATUS (CDECL *key_import_ecc)( struct key *, UCHAR *, ULONG );
+ };
+ 
+struct key_funcs *gnutls_lib_init(DWORD reason);
+struct key_funcs *macos_lib_init(DWORD reason);
+
+ #endif /* __BCRYPT_INTERNAL_H */
+diff --git a/dlls/bcrypt/gnutls.c b/dlls/bcrypt/gnutls.c
+index 21520bb4a84..b761c732acf 100644
+--- a/dlls/bcrypt/gnutls.c
+++ b/dlls/bcrypt/gnutls.c
+@@ -332,9 +332,12 @@ fail:
+ 
+ static void gnutls_uninitialize(void)
+ {
+-    pgnutls_global_deinit();
+-    dlclose( libgnutls_handle );
+-    libgnutls_handle = NULL;
+    if (libgnutls_handle)
+    {
+        pgnutls_global_deinit();
+        dlclose( libgnutls_handle );
+        libgnutls_handle = NULL;
+    }
+ }
+ 
+ struct buffer
+@@ -1568,7 +1571,7 @@ static void CDECL key_asymmetric_destroy( struct key *key )
+     if (key_data(key)->privkey) pgnutls_privkey_deinit( key_data(key)->privkey );
+ }
+ 
+-static const struct key_funcs key_funcs =
+static struct key_funcs key_funcs =
+ {
+     key_set_property,
+     key_symmetric_init,
+@@ -1589,19 +1592,28 @@ static const struct key_funcs key_funcs =
+     key_import_ecc
+ };
+ 
+-NTSTATUS CDECL __wine_init_unix_lib( HMODULE module, DWORD reason, const void *ptr_in, void *ptr_out )
+struct key_funcs * gnutls_lib_init( DWORD reason )
+ {
+     switch (reason)
+     {
+     case DLL_PROCESS_ATTACH:
+-        if (!gnutls_initialize()) return STATUS_DLL_NOT_FOUND;
+-        *(const struct key_funcs **)ptr_out = &key_funcs;
+-        break;
+        if (!gnutls_initialize()) return NULL;
+        return &key_funcs;
+     case DLL_PROCESS_DETACH:
+         gnutls_uninitialize();
+-        break;
+     }
+-    return STATUS_SUCCESS;
+    return NULL;
+ }
+ 
+-#endif /* HAVE_GNUTLS_CIPHER_INIT */
+#else /* HAVE_GNUTLS_CIPHER_INIT */
+#include "ntstatus.h"
+#define WIN32_NO_STATUS
+#include "windef.h"
+#include "winbase.h"
+#include "winternl.h"
+
+struct key_funcs * gnutls_lib_init( DWORD reason )
+{
+    return NULL;
+}
+#endif
+diff --git a/dlls/bcrypt/macos.c b/dlls/bcrypt/macos.c
+index 37615e97689..5868b445625 100644
+--- a/dlls/bcrypt/macos.c
+++ b/dlls/bcrypt/macos.c
+@@ -259,7 +259,7 @@ static void CDECL key_asymmetric_destroy( struct key *key )
+ {
+ }
+ 
+-static const struct key_funcs key_funcs =
+static struct key_funcs key_funcs =
+ {
+     key_set_property,
+     key_symmetric_init,
+@@ -280,11 +280,21 @@ static const struct key_funcs key_funcs =
+     key_import_ecc
+ };
+ 
+-NTSTATUS CDECL __wine_init_unix_lib( HMODULE module, DWORD reason, const void *ptr_in, void *ptr_out )
+struct key_funcs * macos_lib_init( DWORD reason )
+ {
+-    if (reason != DLL_PROCESS_ATTACH) return STATUS_SUCCESS;
+-    *(const struct key_funcs **)ptr_out = &key_funcs;
+-    return STATUS_SUCCESS;
+    if (reason != DLL_PROCESS_ATTACH) return NULL;
+    return &key_funcs;
+ }
+ 
+#else
+#include "ntstatus.h"
+#define WIN32_NO_STATUS
+#include "windef.h"
+#include "winbase.h"
+#include "winternl.h"
+
+struct key_funcs * macos_lib_init( DWORD reason )
+{
+    return NULL;
+}
+ #endif
+diff --git a/dlls/bcrypt/unixlib.c b/dlls/bcrypt/unixlib.c
+new file mode 100644
+index 00000000000..791b5d54188
+--- /dev/null
+++ b/dlls/bcrypt/unixlib.c
+@@ -0,0 +1,186 @@
+#if 0
+#pragma makedep unix
+#endif
+
+#include "config.h"
+#include "wine/port.h"
+
+#include <stdarg.h>
+
+#include "ntstatus.h"
+#define WIN32_NO_STATUS
+#include "windef.h"
+#include "winbase.h"
+#include "ntsecapi.h"
+#include "bcrypt.h"
+
+#include "bcrypt_internal.h"
+
+#include "wine/debug.h"
+#include "wine/unicode.h"
+
+#if defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080 || defined(HAVE_GNUTLS_CIPHER_INIT)
+WINE_DEFAULT_DEBUG_CHANNEL(bcrypt);
+
+static NTSTATUS CDECL key_set_property( struct key *key, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_symmetric_init( struct key *key )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static void CDECL key_symmetric_vector_reset( struct key *key )
+{
+    FIXME( "not implemented\n" );
+}
+
+static NTSTATUS CDECL key_symmetric_set_auth_data( struct key *key, UCHAR *auth_data, ULONG len )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_symmetric_encrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output, ULONG output_len  )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_symmetric_decrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output, ULONG output_len )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_symmetric_get_tag( struct key *key, UCHAR *tag, ULONG len )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static void CDECL key_symmetric_destroy( struct key *key )
+{
+    FIXME( "not implemented\n" );
+}
+
+static NTSTATUS CDECL key_asymmetric_init( struct key *key )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_asymmetric_sign( struct key *key, void *padding, UCHAR *input, ULONG input_len, UCHAR *output,
+                                           ULONG output_len, ULONG *ret_len, ULONG flags )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_asymmetric_verify( struct key *key, void *padding, UCHAR *hash, ULONG hash_len,
+                                             UCHAR *signature, ULONG signature_len, DWORD flags )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_export_dsa_capi( struct key *key, UCHAR *buf, ULONG len, ULONG *ret_len )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_export_ecc( struct key *key, UCHAR *output, ULONG len, ULONG *ret_len )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_import_dsa_capi( struct key *key, UCHAR *buf, ULONG len )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_import_ecc( struct key *key, UCHAR *input, ULONG len )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS CDECL key_asymmetric_generate( struct key *key )
+{
+    FIXME( "not implemented\n" );
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+static void CDECL key_asymmetric_destroy( struct key *key )
+{
+    FIXME( "not implemented\n" );
+}
+
+static struct key_funcs key_funcs =
+{
+    key_set_property,
+    key_symmetric_init,
+    key_symmetric_vector_reset,
+    key_symmetric_set_auth_data,
+    key_symmetric_encrypt,
+    key_symmetric_decrypt,
+    key_symmetric_get_tag,
+    key_symmetric_destroy,
+    key_asymmetric_init,
+    key_asymmetric_generate,
+    key_asymmetric_sign,
+    key_asymmetric_verify,
+    key_asymmetric_destroy,
+    key_export_dsa_capi,
+    key_export_ecc,
+    key_import_dsa_capi,
+    key_import_ecc
+};
+
+NTSTATUS CDECL __wine_init_unix_lib( HMODULE module, DWORD reason, const void *ptr_in, void *ptr_out )
+{
+    struct key_funcs *gnutls_funcs = gnutls_lib_init(reason);
+    struct key_funcs *macos_funcs = macos_lib_init(reason);
+
+    if (reason == DLL_PROCESS_ATTACH)
+    {
+#define RESOLVE_FUNC(name) \
+        if (macos_funcs && macos_funcs->key_##name) \
+            key_funcs.key_##name = macos_funcs->key_##name; \
+        if (gnutls_funcs && gnutls_funcs->key_##name) \
+            key_funcs.key_##name = gnutls_funcs->key_##name;
+
+        RESOLVE_FUNC(set_property)
+        RESOLVE_FUNC(symmetric_init)
+        RESOLVE_FUNC(symmetric_vector_reset)
+        RESOLVE_FUNC(symmetric_set_auth_data)
+        RESOLVE_FUNC(symmetric_encrypt)
+        RESOLVE_FUNC(symmetric_decrypt)
+        RESOLVE_FUNC(symmetric_get_tag)
+        RESOLVE_FUNC(symmetric_destroy)
+        RESOLVE_FUNC(asymmetric_init)
+        RESOLVE_FUNC(asymmetric_generate)
+        RESOLVE_FUNC(asymmetric_sign)
+        RESOLVE_FUNC(asymmetric_verify)
+        RESOLVE_FUNC(asymmetric_destroy)
+        RESOLVE_FUNC(export_dsa_capi)
+        RESOLVE_FUNC(export_ecc)
+        RESOLVE_FUNC(import_dsa_capi)
+        RESOLVE_FUNC(import_ecc)
+
+#undef RESOLVE_FUNC
+
+        *(struct key_funcs **)ptr_out = &key_funcs;
+    }
+
+    return STATUS_SUCCESS;
+}
+
+#endif
+-- 
+2.28.0
+
--- a/patches/bcrypt-ECDHSecretAgreement/0002-bcrypt-Implement-BCryptSecretAgreement-with-libgcryp.patch
+++ b/patches/bcrypt-ECDHSecretAgreement/0002-bcrypt-Implement-BCryptSecretAgreement-with-libgcryp.patch
--- a/patches/bcrypt-ECDHSecretAgreement/0003-bcrypt-Implement-BCRYPT_KDF_HASH.patch
+++ b/patches/bcrypt-ECDHSecretAgreement/0003-bcrypt-Implement-BCRYPT_KDF_HASH.patch
@@ -1,4 +1,4 @@
-From d232882c571a14f4da8a134071a2125805ebd41f Mon Sep 17 00:00:00 2001
+From 01530fae68970b0c0af8811c5f6c5ea85c14372c Mon Sep 17 00:00:00 2001
 From: Derek Lesho <dlesho@codeweavers.com>
 Date: Tue, 7 Jan 2020 14:22:49 -0600
 Subject: [PATCH] bcrypt: Implement BCRYPT_KDF_HASH.
@@ -7,21 +7,21 @@ Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=47699
 Signed-off-by: Derek Lesho <dlesho at codeweavers.com>
 ---
 dlls/bcrypt/bcrypt_main.c  | 108 ++++++++++++++++++++++++++++++++++++-
- dlls/bcrypt/tests/bcrypt.c |   2 +-
- 2 files changed, 108 insertions(+), 2 deletions(-)
+ dlls/bcrypt/tests/bcrypt.c |   3 +-
+ 2 files changed, 108 insertions(+), 3 deletions(-)

 diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
-index 65c28ca63e2..6e7b52e93b0 100644
+index 8dae41a2e2e..67be417aa61 100644
 --- a/dlls/bcrypt/bcrypt_main.c
 +++ b/dlls/bcrypt/bcrypt_main.c
-@@ -1891,7 +1891,113 @@ NTSTATUS WINAPI BCryptDeriveKey(BCRYPT_SECRET_HANDLE handle, LPCWSTR kdf, BCrypt
+@@ -1837,7 +1837,113 @@ NTSTATUS WINAPI BCryptDeriveKey(BCRYPT_SECRET_HANDLE handle, LPCWSTR kdf, BCrypt
     if (!secret || secret->hdr.magic != MAGIC_SECRET) return STATUS_INVALID_HANDLE;
     if (!kdf) return STATUS_INVALID_PARAMETER;
 
-    if (!(strcmpW( kdf, BCRYPT_KDF_RAW_SECRET )))
+-    if (!(lstrcmpW( kdf, BCRYPT_KDF_RAW_SECRET )))
 +    if (flags) FIXME("flags ignored: %08x\n", flags);
 +
-+    if (!(strcmpW( kdf, BCRYPT_KDF_HASH )))
+    if (!(lstrcmpW( kdf, BCRYPT_KDF_HASH )))
 +    {
 +        unsigned int i;
 +        BCryptBuffer *hash_algorithm = NULL;
@@ -67,7 +67,7 @@ index 65c28ca63e2..6e7b52e93b0 100644
 +        {
 +            for (i = 0; i < ARRAY_SIZE( builtin_algorithms ); i++)
 +            {
-+                if (!strcmpW( hash_algorithm->pvBuffer, builtin_algorithms[i].name))
+                if (!lstrcmpW( hash_algorithm->pvBuffer, builtin_algorithms[i].name))
 +                {
 +                    hash_alg_id = i;
 +                    break;
@@ -125,15 +125,15 @@ index 65c28ca63e2..6e7b52e93b0 100644
 +
 +        return STATUS_SUCCESS;
 +    }
-+    else if (!(strcmpW( kdf, BCRYPT_KDF_RAW_SECRET )))
+    else if (!(lstrcmpW( kdf, BCRYPT_KDF_RAW_SECRET )))
     {
         ULONG n;
         ULONG secret_length = secret->len;
 diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
-index a351aacf1f5..5333b879817 100644
+index 5701a0a30ce..d4ffb3fe69c 100644
 --- a/dlls/bcrypt/tests/bcrypt.c
 +++ b/dlls/bcrypt/tests/bcrypt.c
-@@ -2085,7 +2085,7 @@ static void test_ECDH(void)
+@@ -2132,7 +2132,7 @@ static void test_ECDH(void)
     raw_secret_end:
 
     status = pBCryptDeriveKey(secret, BCRYPT_KDF_HASH, &hash_params, NULL, 0, &size, 0);
@@ -142,6 +142,14 @@ index a351aacf1f5..5333b879817 100644
 
     if (status != STATUS_SUCCESS)
     {
+@@ -2666,7 +2666,6 @@ static void test_SecretAgreement(void)
+     ok(status == STATUS_INVALID_PARAMETER, "got %08x\n", status);
+ 
+     status = pBCryptDeriveKey(secret, L"HASH", NULL, NULL, 0, &size, 0);
+-    todo_wine
+     ok(status == STATUS_SUCCESS, "got %08x\n", status);
+ 
+     status = pBCryptDestroyHash(secret);
 -- 
-2.27.0
+2.28.0

--- a/patches/bcrypt-ECDHSecretAgreement/definition
+++ b/patches/bcrypt-ECDHSecretAgreement/definition
@@ -2,4 +2,4 @@ Fixes: [47699] Multiple games fail to connect to online services (missing BCrypt
 # Needs to be moved to the unix lib, but that's a nontrivial amount of work, and
 # using gcrypt is the wrong way forward (we should expose the missing APIs from
 # gnutls instead).
-Disabled: true
+#Disabled: true
--- a/patches/patchinstall.sh
+++ b/patches/patchinstall.sh
@@ -88,6 +88,7 @@ patch_enable_all ()
 	enable_advapi32_LsaLookupPrivilegeName="$1"
 	enable_api_ms_win_Stub_DLLs="$1"
 	enable_atl_AtlAxDialogBox="$1"
+	enable_bcrypt_ECDHSecretAgreement="$1"
 	enable_cmd_launch_association="$1"
 	enable_color_sRGB_profile="$1"
 	enable_comctl32_Listview_DrawItem="$1"
@@ -353,6 +354,9 @@ patch_enable ()
 		atl-AtlAxDialogBox)
 			enable_atl_AtlAxDialogBox="$2"
 			;;
+		bcrypt-ECDHSecretAgreement)
+			enable_bcrypt_ECDHSecretAgreement="$2"
+			;;
 		cmd-launch-association)
 			enable_cmd_launch_association="$2"
 			;;
@@ -1785,6 +1789,22 @@ if test "$enable_atl_AtlAxDialogBox" -eq 1; then
 	patch_apply atl-AtlAxDialogBox/0001-atl-Implement-AtlAxDialogBox-A-W.patch
 fi

+# Patchset bcrypt-ECDHSecretAgreement
+# |
+# | This patchset fixes the following Wine bugs:
+# |   *	[#47699] Multiple games fail to connect to online services (missing BCryptSecretAgreement / BCryptDeriveKey
+# | 	implementation)
+# |
+# | Modified files:
+# |   *	configure.ac, dlls/bcrypt/Makefile.in, dlls/bcrypt/bcrypt_internal.h, dlls/bcrypt/bcrypt_main.c, dlls/bcrypt/gcrypt.c,
+# | 	dlls/bcrypt/gnutls.c, dlls/bcrypt/macos.c, dlls/bcrypt/tests/bcrypt.c, dlls/bcrypt/unixlib.c
+# |
+if test "$enable_bcrypt_ECDHSecretAgreement" -eq 1; then
+	patch_apply bcrypt-ECDHSecretAgreement/0001-bcrypt-Allow-multiple-backends-to-coexist.patch
+	patch_apply bcrypt-ECDHSecretAgreement/0002-bcrypt-Implement-BCryptSecretAgreement-with-libgcryp.patch
+	patch_apply bcrypt-ECDHSecretAgreement/0003-bcrypt-Implement-BCRYPT_KDF_HASH.patch
+fi
+
 # Patchset cmd-launch-association
 # |
 # | This patchset fixes the following Wine bugs: