wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2025-09-12 18:50:20 -07:00
Code Issues Packages Projects Releases Wiki Activity

Rebase against ae5d0b22291d866a49f293e782b43ba025ab77ec

Browse Source
This commit is contained in:
Alistair Leslie-Hughes
2018-03-20 10:57:56 +11:00
parent 495f9db49c
commit b05c091935
12 changed files with 147 additions and 924 deletions
Download Patch File Download Diff File Expand all files Collapse all files

263
patches/bcrypt-Improvements/0011-bcrypt-tests-Add-tests-for-AES-GCM-mode.patch
View File

@@ -1,263 +0,0 @@
From 82785fee09e7d5cfce76ca4cc08291ecba19d393 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 05:37:02 +0100
Subject: [PATCH] bcrypt/tests: Add tests for AES GCM mode.
---
dlls/bcrypt/tests/bcrypt.c | 155 ++++++++++++++++++++++++++++++++++++++++++++-
include/bcrypt.h | 24 ++++++-
2 files changed, 177 insertions(+), 2 deletions(-)
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 6e28348..6cefe13 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -564,6 +564,8 @@ static void test_BCryptGenerateSymmetricKey(void)
static void test_BCryptEncrypt(void)
{
+ static UCHAR nonce[] =
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60};
static UCHAR secret[] =
{0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
static UCHAR iv[] =
@@ -582,15 +584,28 @@ static void test_BCryptEncrypt(void)
{0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
0xb1,0xa2,0x92,0x73,0xbe,0x2c,0x42,0x07,0xa5,0xac,0xe3,0x93,0x39,0x8c,0xb6,0xfb,
0x87,0x5d,0xea,0xa3,0x7e,0x0f,0xde,0xfa,0xd9,0xec,0x6c,0x4e,0x3c,0x76,0x86,0xe4};
+ static UCHAR expected4[] =
+ {0xe1,0x82,0xc3,0xc0,0x24,0xfb,0x86,0x85,0xf3,0xf1,0x2b,0x7d,0x09,0xb4,0x73,0x67,
+ 0x86,0x64,0xc3,0xfe,0xa3,0x07,0x61,0xf8,0x16,0xc9,0x78,0x7f,0xe7,0xb1,0xc4,0x94};
+ static UCHAR expected_tag[] =
+ {0x89,0xb3,0x92,0x00,0x39,0x20,0x09,0xb4,0x6a,0xd6,0xaf,0xca,0x4b,0x5b,0xfd,0xd0};
+ static UCHAR expected_tag2[] =
+ {0x9a,0x92,0x32,0x2c,0x61,0x2a,0xae,0xef,0x66,0x2a,0xfb,0x55,0xe9,0x48,0xdf,0xbd};
+ BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO auth_info;
+ UCHAR *buf, ciphertext[48], ivbuf[16], tag[16];
+ BCRYPT_AUTH_TAG_LENGTHS_STRUCT tag_length;
BCRYPT_ALG_HANDLE aes;
BCRYPT_KEY_HANDLE key;
- UCHAR *buf, ciphertext[48], ivbuf[16];
ULONG size, len, i;
NTSTATUS ret;
ret = pBCryptOpenAlgorithmProvider(&aes, BCRYPT_AES_ALGORITHM, NULL, 0);
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ /******************
+ * AES - CBC mode *
+ ******************/
+
len = 0xdeadbeef;
size = sizeof(len);
ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
@@ -677,12 +692,101 @@ static void test_BCryptEncrypt(void)
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
HeapFree(GetProcessHeap(), 0, buf);
+ /******************
+ * AES - GCM mode *
+ ******************/
+
+ size = 0;
+ ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, NULL, 0, &size, 0);
+ todo_wine ok(ret == STATUS_NOT_SUPPORTED, "got %08x\n", ret);
+
+ ret = BCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR*)BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM), 0);
+ todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+
+ size = 0;
+ ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, NULL, 0, &size, 0);
+ todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ todo_wine ok(size == sizeof(tag_length), "got %u\n", size);
+
+ size = 0;
+ memset(&tag_length, 0, sizeof(tag_length));
+ ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, (UCHAR*)&tag_length, sizeof(tag_length), &size, 0);
+ todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ todo_wine ok(size == sizeof(tag_length), "got %u\n", size);
+ todo_wine ok(tag_length.dwMinLength == 12, "Expected 12, got %d\n", tag_length.dwMinLength);
+ todo_wine ok(tag_length.dwMaxLength == 16, "Expected 16, got %d\n", tag_length.dwMaxLength);
+ todo_wine ok(tag_length.dwIncrement == 1, "Expected 1, got %d\n", tag_length.dwIncrement);
+
+ len = 0xdeadbeef;
+ size = sizeof(len);
+ ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+
+ buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
+ ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+
+ memset(&auth_info, 0, sizeof(auth_info));
+ auth_info.cbSize = sizeof(auth_info);
+ auth_info.dwInfoVersion = 1;
+ auth_info.pbNonce = nonce;
+ auth_info.cbNonce = sizeof(nonce);
+ auth_info.pbTag = tag;
+ auth_info.cbTag = sizeof(tag);
+
+ /* input size is a multiple of block size */
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ memset(ciphertext, 0xff, sizeof(ciphertext));
+ memset(tag, 0xff, sizeof(tag));
+ ret = pBCryptEncrypt(key, data2, 32, &auth_info, ivbuf, 16, ciphertext, 32, &size, 0);
+ todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ todo_wine ok(size == 32, "got %u\n", size);
+ todo_wine ok(!memcmp(ciphertext, expected4, sizeof(expected4)), "wrong data\n");
+ todo_wine ok(!memcmp(tag, expected_tag, sizeof(expected_tag)), "wrong tag\n");
+ for (i = 0; i < 32; i++)
+ todo_wine ok(ciphertext[i] == expected4[i], "%u: %02x != %02x\n", i, ciphertext[i], expected4[i]);
+ for (i = 0; i < 16; i++)
+ todo_wine ok(tag[i] == expected_tag[i], "%u: %02x != %02x\n", i, tag[i], expected_tag[i]);
+
+ /* input size is not multiple of block size */
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ memset(ciphertext, 0xff, sizeof(ciphertext));
+ memset(tag, 0xff, sizeof(tag));
+ ret = pBCryptEncrypt(key, data2, 24, &auth_info, ivbuf, 16, ciphertext, 24, &size, 0);
+ todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ todo_wine ok(size == 24, "got %u\n", size);
+ todo_wine ok(!memcmp(ciphertext, expected4, 24), "wrong data\n");
+ todo_wine ok(!memcmp(tag, expected_tag2, sizeof(expected_tag2)), "wrong tag\n");
+ for (i = 0; i < 24; i++)
+ todo_wine ok(ciphertext[i] == expected4[i], "%u: %02x != %02x\n", i, ciphertext[i], expected4[i]);
+ for (i = 0; i < 16; i++)
+ todo_wine ok(tag[i] == expected_tag2[i], "%u: %02x != %02x\n", i, tag[i], expected_tag2[i]);
+
+ /* test with padding */
+ memcpy(ivbuf, iv, sizeof(iv));
+ memset(ciphertext, 0, sizeof(ciphertext));
+ ret = pBCryptEncrypt(key, data2, 32, &auth_info, ivbuf, 16, ciphertext, 32, &size, BCRYPT_BLOCK_PADDING);
+ todo_wine ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
+
+ memcpy(ivbuf, iv, sizeof(iv));
+ memset(ciphertext, 0, sizeof(ciphertext));
+ ret = pBCryptEncrypt(key, data2, 32, &auth_info, ivbuf, 16, ciphertext, 48, &size, BCRYPT_BLOCK_PADDING);
+ todo_wine ok(ret == STATUS_INVALID_PARAMETER, "got %08x\n", ret);
+
+ ret = pBCryptDestroyKey(key);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ HeapFree(GetProcessHeap(), 0, buf);
+
ret = pBCryptCloseAlgorithmProvider(aes, 0);
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
}
static void test_BCryptDecrypt(void)
{
+ static UCHAR nonce[] =
+ {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60};
static UCHAR secret[] =
{0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
static UCHAR iv[] =
@@ -704,6 +808,12 @@ static void test_BCryptDecrypt(void)
{0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
0xb1,0xa2,0x92,0x73,0xbe,0x2c,0x42,0x07,0xa5,0xac,0xe3,0x93,0x39,0x8c,0xb6,0xfb,
0x87,0x5d,0xea,0xa3,0x7e,0x0f,0xde,0xfa,0xd9,0xec,0x6c,0x4e,0x3c,0x76,0x86,0xe4};
+ static UCHAR ciphertext4[] =
+ {0xe1,0x82,0xc3,0xc0,0x24,0xfb,0x86,0x85,0xf3,0xf1,0x2b,0x7d,0x09,0xb4,0x73,0x67,
+ 0x86,0x64,0xc3,0xfe,0xa3,0x07,0x61,0xf8,0x16,0xc9,0x78,0x7f,0xe7,0xb1,0xc4,0x94};
+ static UCHAR tag[] =
+ {0x89,0xb3,0x92,0x00,0x39,0x20,0x09,0xb4,0x6a,0xd6,0xaf,0xca,0x4b,0x5b,0xfd,0xd0};
+ BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO auth_info;
BCRYPT_KEY_LENGTHS_STRUCT key_lengths;
BCRYPT_ALG_HANDLE aes;
BCRYPT_KEY_HANDLE key;
@@ -723,6 +833,10 @@ static void test_BCryptDecrypt(void)
ok(key_lengths.dwMaxLength == 256, "Expected 256, got %d\n", key_lengths.dwMaxLength);
ok(key_lengths.dwIncrement == 64, "Expected 64, got %d\n", key_lengths.dwIncrement);
+ /******************
+ * AES - CBC mode *
+ ******************/
+
len = 0xdeadbeef;
size = sizeof(len);
ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
@@ -820,6 +934,45 @@ static void test_BCryptDecrypt(void)
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
HeapFree(GetProcessHeap(), 0, buf);
+ /******************
+ * AES - GCM mode *
+ ******************/
+
+ ret = BCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR*)BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM), 0);
+ todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+
+ buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
+ ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+
+ memset(&auth_info, 0, sizeof(auth_info));
+ auth_info.cbSize = sizeof(auth_info);
+ auth_info.dwInfoVersion = 1;
+ auth_info.pbNonce = nonce;
+ auth_info.cbNonce = sizeof(nonce);
+ auth_info.pbTag = tag;
+ auth_info.cbTag = sizeof(tag);
+
+ /* input size is a multiple of block size */
+ size = 0;
+ memcpy(ivbuf, iv, sizeof(iv));
+ memset(plaintext, 0, sizeof(plaintext));
+ ret = pBCryptDecrypt(key, ciphertext4, 32, &auth_info, ivbuf, 16, plaintext, 32, &size, 0);
+ todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ todo_wine ok(size == 32, "got %u\n", size);
+ todo_wine ok(!memcmp(plaintext, expected3, sizeof(expected3)), "wrong data\n");
+
+ /* test with wrong tag */
+ memcpy(ivbuf, iv, sizeof(iv));
+ auth_info.pbTag = iv; /* wrong tag */
+ ret = pBCryptDecrypt(key, ciphertext4, 32, &auth_info, ivbuf, 16, plaintext, 32, &size, 0);
+ todo_wine ok(ret == STATUS_AUTH_TAG_MISMATCH, "got %08x\n", ret);
+ todo_wine ok(size == 32, "got %u\n", size);
+
+ ret = pBCryptDestroyKey(key);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ HeapFree(GetProcessHeap(), 0, buf);
+
ret = pBCryptCloseAlgorithmProvider(aes, 0);
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
}
diff --git a/include/bcrypt.h b/include/bcrypt.h
index 1be9b85..d0b29c7 100644
--- a/include/bcrypt.h
+++ b/include/bcrypt.h
@@ -96,7 +96,29 @@ typedef struct __BCRYPT_KEY_LENGTHS_STRUCT
ULONG dwMinLength;
ULONG dwMaxLength;
ULONG dwIncrement;
-} BCRYPT_KEY_LENGTHS_STRUCT;
+} BCRYPT_KEY_LENGTHS_STRUCT, BCRYPT_AUTH_TAG_LENGTHS_STRUCT;
+
+typedef struct _BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO
+{
+ ULONG cbSize;
+ ULONG dwInfoVersion;
+ UCHAR *pbNonce;
+ ULONG cbNonce;
+ UCHAR *pbAuthData;
+ ULONG cbAuthData;
+ UCHAR *pbTag;
+ ULONG cbTag;
+ UCHAR *pbMacContext;
+ ULONG cbMacContext;
+ ULONG cbAAD;
+ ULONGLONG cbData;
+ ULONG dwFlags;
+} BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO, *PBCRYPT_AUTHENTICATED_CIPHER_MODE_INFO;
+
+#define BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO_VERSION 1
+
+#define BCRYPT_AUTH_MODE_CHAIN_CALLS_FLAG 0x00000001
+#define BCRYPT_AUTH_MODE_IN_PROGRESS_FLAG 0x00000002
typedef struct _CRYPT_INTERFACE_REG
{
--
1.9.1

156
patches/bcrypt-Improvements/0012-bcrypt-Pass-object-to-get_-alg-hash-_property-instea.patch
View File

@@ -1,156 +0,0 @@
From 2d4fc0dc7d0c64fb45683af54d659832493e2a7e Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 26 Dec 2016 06:18:01 +0100
Subject: [PATCH 12/36] bcrypt: Pass object to get_{alg,hash}_property instead
of alg_id.
---
dlls/bcrypt/bcrypt_main.c | 40 ++++++++++++++++++++--------------------
1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 6e47349..8af43c8 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -510,15 +510,15 @@ static NTSTATUS generic_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *
return STATUS_NOT_IMPLEMENTED;
}
-static NTSTATUS get_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
+static NTSTATUS get_alg_property( const struct algorithm *alg, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
{
NTSTATUS status;
- status = generic_alg_property( id, prop, buf, size, ret_size );
+ status = generic_alg_property( alg->id, prop, buf, size, ret_size );
if (status != STATUS_NOT_IMPLEMENTED)
return status;
- switch (id)
+ switch (alg->id)
{
case ALG_ID_AES:
if (!strcmpW( prop, BCRYPT_BLOCK_LENGTH ))
@@ -567,11 +567,11 @@ static NTSTATUS get_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *buf,
return STATUS_NOT_IMPLEMENTED;
}
-static NTSTATUS get_hash_property( enum alg_id id, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
+static NTSTATUS get_hash_property( const struct hash *hash, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
{
NTSTATUS status;
- status = generic_alg_property( id, prop, buf, size, ret_size );
+ status = generic_alg_property( hash->alg_id, prop, buf, size, ret_size );
if (status == STATUS_NOT_IMPLEMENTED)
FIXME( "unsupported property %s\n", debugstr_w(prop) );
return status;
@@ -591,12 +591,12 @@ NTSTATUS WINAPI BCryptGetProperty( BCRYPT_HANDLE handle, LPCWSTR prop, UCHAR *bu
case MAGIC_ALG:
{
const struct algorithm *alg = (const struct algorithm *)object;
- return get_alg_property( alg->id, prop, buffer, count, res );
+ return get_alg_property( alg, prop, buffer, count, res );
}
case MAGIC_HASH:
{
const struct hash *hash = (const struct hash *)object;
- return get_hash_property( hash->alg_id, prop, buffer, count, res );
+ return get_hash_property( hash, prop, buffer, count, res );
}
default:
WARN( "unknown magic %08x\n", object->magic );
@@ -798,7 +798,7 @@ struct key
#endif
#if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
-static ULONG get_block_size( enum alg_id alg )
+static ULONG get_block_size( struct algorithm *alg )
{
ULONG ret = 0, size = sizeof(ret);
get_alg_property( alg, BCRYPT_BLOCK_LENGTH, (UCHAR *)&ret, sizeof(ret), &size );
@@ -827,27 +827,27 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
#endif
#if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
-static NTSTATUS key_init( struct key *key, enum alg_id id, const UCHAR *secret, ULONG secret_len )
+static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
{
UCHAR *buffer;
if (!libgnutls_handle) return STATUS_INTERNAL_ERROR;
- switch (id)
+ switch (alg->id)
{
case ALG_ID_AES:
break;
default:
- FIXME( "algorithm %u not supported\n", id );
+ FIXME( "algorithm %u not supported\n", alg->id );
return STATUS_NOT_SUPPORTED;
}
- if (!(key->block_size = get_block_size( id ))) return STATUS_INVALID_PARAMETER;
+ if (!(key->block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
if (!(buffer = heap_alloc( secret_len ))) return STATUS_NO_MEMORY;
memcpy( buffer, secret, secret_len );
- key->alg_id = id;
+ key->alg_id = alg->id;
key->handle = 0; /* initialized on first use */
key->secret = buffer;
key->secret_len = secret_len;
@@ -937,25 +937,25 @@ static NTSTATUS key_destroy( struct key *key )
return STATUS_SUCCESS;
}
#elif defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
-static NTSTATUS key_init( struct key *key, enum alg_id id, const UCHAR *secret, ULONG secret_len )
+static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
{
UCHAR *buffer;
- switch (id)
+ switch (alg->id)
{
case ALG_ID_AES:
break;
default:
- FIXME( "algorithm %u not supported\n", id );
+ FIXME( "algorithm %u not supported\n", alg->id );
return STATUS_NOT_SUPPORTED;
}
- if (!(key->block_size = get_block_size( id ))) return STATUS_INVALID_PARAMETER;
+ if (!(key->block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
if (!(buffer = heap_alloc( secret_len ))) return STATUS_NO_MEMORY;
memcpy( buffer, secret, secret_len );
- key->alg_id = id;
+ key->alg_id = alg->id;
key->ref_encrypt = NULL; /* initialized on first use */
key->ref_decrypt = NULL;
key->secret = buffer;
@@ -1034,7 +1034,7 @@ static NTSTATUS key_destroy( struct key *key )
return STATUS_SUCCESS;
}
#else
-static NTSTATUS key_init( struct key *key, enum alg_id id, const UCHAR *secret, ULONG secret_len )
+static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
{
ERR( "support for keys not available at build time\n" );
return STATUS_NOT_IMPLEMENTED;
@@ -1089,7 +1089,7 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
if (!(key = heap_alloc( sizeof(*key) ))) return STATUS_NO_MEMORY;
key->hdr.magic = MAGIC_KEY;
- if ((status = key_init( key, alg->id, secret, secret_len )))
+ if ((status = key_init( key, alg, secret, secret_len )))
{
heap_free( key );
return status;
--
2.7.4

149
patches/bcrypt-Improvements/0013-bcrypt-Implement-BCryptSetProperty-for-algorithms.patch
View File

@@ -1,149 +0,0 @@
From d0252a03c82c8b3c3e6bb8bed0007e844b10301c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 06:08:33 +0100
Subject: [PATCH 13/36] bcrypt: Implement BCryptSetProperty for algorithms.
---
dlls/bcrypt/bcrypt_main.c | 66 ++++++++++++++++++++++++++++++++++++++++++++--
dlls/bcrypt/tests/bcrypt.c | 6 ++---
2 files changed, 67 insertions(+), 5 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 73a5c36fed..cbf7576860 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -192,6 +192,12 @@ enum alg_id
ALG_ID_SHA512
};
+enum mode_id
+{
+ MODE_ID_CBC,
+ MODE_ID_GCM
+};
+
#define MAX_HASH_OUTPUT_BYTES 64
#define MAX_HASH_BLOCK_BITS 1024
@@ -216,6 +222,7 @@ struct algorithm
{
struct object hdr;
enum alg_id id;
+ enum mode_id mode;
BOOL hmac;
};
@@ -298,6 +305,7 @@ NTSTATUS WINAPI BCryptOpenAlgorithmProvider( BCRYPT_ALG_HANDLE *handle, LPCWSTR
if (!(alg = heap_alloc( sizeof(*alg) ))) return STATUS_NO_MEMORY;
alg->hdr.magic = MAGIC_ALG;
alg->id = alg_id;
+ alg->mode = MODE_ID_CBC;
alg->hmac = flags & BCRYPT_ALG_HANDLE_HMAC_FLAG;
*handle = alg;
@@ -567,6 +575,40 @@ static NTSTATUS get_alg_property( const struct algorithm *alg, const WCHAR *prop
return STATUS_NOT_IMPLEMENTED;
}
+static NTSTATUS set_alg_property( struct algorithm *alg, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
+{
+ switch (alg->id)
+ {
+ case ALG_ID_AES:
+ if (!strcmpW( prop, BCRYPT_CHAINING_MODE ))
+ {
+ if (size == sizeof(BCRYPT_CHAIN_MODE_CBC) &&
+ !strncmpW( (WCHAR *)value, BCRYPT_CHAIN_MODE_CBC, size ))
+ {
+ alg->mode = MODE_ID_CBC;
+ return STATUS_SUCCESS;
+ }
+ else if (size == sizeof(BCRYPT_CHAIN_MODE_GCM) &&
+ !strncmpW( (WCHAR *)value, BCRYPT_CHAIN_MODE_GCM, size ))
+ {
+ alg->mode = MODE_ID_GCM;
+ return STATUS_SUCCESS;
+ }
+ else
+ {
+ FIXME( "unsupported mode %s\n", debugstr_wn( (WCHAR *)value, size ) );
+ return STATUS_NOT_IMPLEMENTED;
+ }
+ }
+ FIXME( "unsupported aes algorithm property %s\n", debugstr_w(prop) );
+ return STATUS_NOT_IMPLEMENTED;
+
+ default:
+ FIXME( "unsupported algorithm %u\n", alg->id );
+ return STATUS_NOT_IMPLEMENTED;
+ }
+}
+
static NTSTATUS get_hash_property( const struct hash *hash, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
{
NTSTATUS status;
@@ -606,8 +648,28 @@ NTSTATUS WINAPI BCryptGetProperty( BCRYPT_HANDLE handle, LPCWSTR prop, UCHAR *bu
NTSTATUS WINAPI BCryptSetProperty( BCRYPT_HANDLE handle, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
{
- FIXME( "%p, %s, %p, %u, %08x\n", handle, debugstr_w(prop), value, size, flags );
- return STATUS_NOT_IMPLEMENTED;
+ struct object *object = handle;
+
+ TRACE( "%p, %s, %p, %u, %08x\n", handle, debugstr_w(prop), value, size, flags );
+
+ if (!object) return STATUS_INVALID_HANDLE;
+
+ switch (object->magic)
+ {
+ case MAGIC_ALG:
+ {
+ struct algorithm *alg = (struct algorithm *)object;
+ return set_alg_property( alg, prop, value, size, flags );
+ }
+ case MAGIC_KEY:
+ {
+ FIXME( "keys not implemented yet\n" );
+ return STATUS_NOT_IMPLEMENTED;
+ }
+ default:
+ WARN( "unknown magic %08x\n", object->magic );
+ return STATUS_INVALID_HANDLE;
+ }
}
NTSTATUS WINAPI BCryptCreateHash( BCRYPT_ALG_HANDLE algorithm, BCRYPT_HASH_HANDLE *handle, UCHAR *object, ULONG objectlen,
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 6cefe13226..75c25d0929 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -512,7 +512,7 @@ static void test_BCryptGenerateSymmetricKey(void)
ret = pBCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR *)BCRYPT_CHAIN_MODE_CBC,
sizeof(BCRYPT_CHAIN_MODE_CBC), 0);
- todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
size = 0xdeadbeef;
ret = pBCryptEncrypt(key, NULL, 0, NULL, NULL, 0, NULL, 0, &size, 0);
@@ -701,7 +701,7 @@ static void test_BCryptEncrypt(void)
todo_wine ok(ret == STATUS_NOT_SUPPORTED, "got %08x\n", ret);
ret = BCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR*)BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM), 0);
- todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
size = 0;
ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, NULL, 0, &size, 0);
@@ -939,7 +939,7 @@ static void test_BCryptDecrypt(void)
******************/
ret = BCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR*)BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM), 0);
- todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
--
2.16.1

45
patches/bcrypt-Improvements/0014-bcrypt-Implement-BCryptGetProperty-for-BCRYPT_CHAINI.patch
View File

@@ -1,45 +0,0 @@
From 6aa0794091b1ea7ef5f4bf686d4b7fbcab12d213 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 06:46:11 +0100
Subject: [PATCH 14/36] bcrypt: Implement BCryptGetProperty for
BCRYPT_CHAINING_MODE.
---
dlls/bcrypt/bcrypt_main.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index cbf7576860..186e619d5f 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -540,17 +540,18 @@ static NTSTATUS get_alg_property( const struct algorithm *alg, const WCHAR *prop
}
if (!strcmpW( prop, BCRYPT_CHAINING_MODE ))
{
- if (size >= sizeof(BCRYPT_CHAIN_MODE_CBC) * sizeof(WCHAR))
+ const WCHAR *mode;
+ switch (alg->mode)
{
- memcpy(buf, BCRYPT_CHAIN_MODE_CBC, sizeof(BCRYPT_CHAIN_MODE_CBC));
- *ret_size = sizeof(BCRYPT_CHAIN_MODE_CBC) * sizeof(WCHAR);
- return STATUS_SUCCESS;
- }
- else
- {
- *ret_size = sizeof(BCRYPT_CHAIN_MODE_CBC) * sizeof(WCHAR);
- return STATUS_BUFFER_TOO_SMALL;
+ case MODE_ID_GCM: mode = BCRYPT_CHAIN_MODE_GCM; break;
+ case MODE_ID_CBC: mode = BCRYPT_CHAIN_MODE_CBC; break;
+ default: return STATUS_NOT_IMPLEMENTED;
}
+
+ *ret_size = 64;
+ if (size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
+ memcpy( buf, mode, (strlenW(mode) + 1) * sizeof(WCHAR) );
+ return STATUS_SUCCESS;
}
if (!strcmpW( prop, BCRYPT_KEY_LENGTHS ))
{
--
2.16.1

76
patches/bcrypt-Improvements/0015-bcrypt-Implement-BCryptGetProperty-for-BCRYPT_AUTH_T.patch
View File

@@ -1,76 +0,0 @@
From 35d3ff46ea1c10f5c3d78ff4ea3abd91a6778bf0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 06:50:28 +0100
Subject: [PATCH 15/36] bcrypt: Implement BCryptGetProperty for
BCRYPT_AUTH_TAG_LENGTH.
---
dlls/bcrypt/bcrypt_main.c | 14 ++++++++++++++
dlls/bcrypt/tests/bcrypt.c | 16 ++++++++--------
2 files changed, 22 insertions(+), 8 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 186e619d5f..47ed8e0533 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -566,6 +566,20 @@ static NTSTATUS get_alg_property( const struct algorithm *alg, const WCHAR *prop
}
return STATUS_SUCCESS;
}
+ if (!strcmpW( prop, BCRYPT_AUTH_TAG_LENGTH ))
+ {
+ BCRYPT_AUTH_TAG_LENGTHS_STRUCT *tag_length = (void *)buf;
+ if (alg->mode != MODE_ID_GCM) return STATUS_NOT_SUPPORTED;
+ *ret_size = sizeof(*tag_length);
+ if (tag_length && size < *ret_size) return STATUS_BUFFER_TOO_SMALL;
+ if (tag_length)
+ {
+ tag_length->dwMinLength = 12;
+ tag_length->dwMaxLength = 16;
+ tag_length->dwIncrement = 1;
+ }
+ return STATUS_SUCCESS;
+ }
break;
default:
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 75c25d0929..27feabb5f4 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -698,24 +698,24 @@ static void test_BCryptEncrypt(void)
size = 0;
ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, NULL, 0, &size, 0);
- todo_wine ok(ret == STATUS_NOT_SUPPORTED, "got %08x\n", ret);
+ ok(ret == STATUS_NOT_SUPPORTED, "got %08x\n", ret);
ret = BCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR*)BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM), 0);
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
size = 0;
ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, NULL, 0, &size, 0);
- todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
- todo_wine ok(size == sizeof(tag_length), "got %u\n", size);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(size == sizeof(tag_length), "got %u\n", size);
size = 0;
memset(&tag_length, 0, sizeof(tag_length));
ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, (UCHAR*)&tag_length, sizeof(tag_length), &size, 0);
- todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
- todo_wine ok(size == sizeof(tag_length), "got %u\n", size);
- todo_wine ok(tag_length.dwMinLength == 12, "Expected 12, got %d\n", tag_length.dwMinLength);
- todo_wine ok(tag_length.dwMaxLength == 16, "Expected 16, got %d\n", tag_length.dwMaxLength);
- todo_wine ok(tag_length.dwIncrement == 1, "Expected 1, got %d\n", tag_length.dwIncrement);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(size == sizeof(tag_length), "got %u\n", size);
+ ok(tag_length.dwMinLength == 12, "Expected 12, got %d\n", tag_length.dwMinLength);
+ ok(tag_length.dwMaxLength == 16, "Expected 16, got %d\n", tag_length.dwMaxLength);
+ ok(tag_length.dwIncrement == 1, "Expected 1, got %d\n", tag_length.dwIncrement);
len = 0xdeadbeef;
size = sizeof(len);
--
2.16.1

56
patches/bcrypt-Improvements/0016-bcrypt-Fix-string-comparison-in-set_alg_property.patch
View File

@@ -1,56 +0,0 @@
From 8959d51b23f1f001670662ea19bd5b65ed477719 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 26 Dec 2016 07:21:27 +0100
Subject: [PATCH 16/36] bcrypt: Fix string comparison in set_alg_property.
---
dlls/bcrypt/bcrypt_main.c | 6 ++----
dlls/bcrypt/tests/bcrypt.c | 11 +++++++++++
2 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 47ed8e0533..9e9e357634 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -597,14 +597,12 @@ static NTSTATUS set_alg_property( struct algorithm *alg, const WCHAR *prop, UCHA
case ALG_ID_AES:
if (!strcmpW( prop, BCRYPT_CHAINING_MODE ))
{
- if (size == sizeof(BCRYPT_CHAIN_MODE_CBC) &&
- !strncmpW( (WCHAR *)value, BCRYPT_CHAIN_MODE_CBC, size ))
+ if (!strncmpW( (WCHAR *)value, BCRYPT_CHAIN_MODE_CBC, size ))
{
alg->mode = MODE_ID_CBC;
return STATUS_SUCCESS;
}
- else if (size == sizeof(BCRYPT_CHAIN_MODE_GCM) &&
- !strncmpW( (WCHAR *)value, BCRYPT_CHAIN_MODE_GCM, size ))
+ else if (!strncmpW( (WCHAR *)value, BCRYPT_CHAIN_MODE_GCM, size ))
{
alg->mode = MODE_ID_GCM;
return STATUS_SUCCESS;
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 27feabb5f4..70d9e0c246 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -475,6 +475,17 @@ static void test_aes(void)
ok(key_lengths.dwMaxLength == 256, "Expected 256, got %d\n", key_lengths.dwMaxLength);
ok(key_lengths.dwIncrement == 64, "Expected 64, got %d\n", key_lengths.dwIncrement);
+ memcpy(mode, BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM));
+ ret = pBCryptSetProperty(alg, BCRYPT_CHAINING_MODE, mode, sizeof(mode), 0);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+
+ size = 0;
+ memset(mode, 0, sizeof(mode));
+ ret = pBCryptGetProperty(alg, BCRYPT_CHAINING_MODE, mode, sizeof(mode), &size, 0);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(!lstrcmpW((const WCHAR *)mode, BCRYPT_CHAIN_MODE_GCM), "got %s\n", mode);
+ ok(size == 64, "got %u\n", size);
+
test_alg_name(alg, "AES");
ret = pBCryptCloseAlgorithmProvider(alg, 0);
--
2.16.1