wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2024-11-21 16:46:54 -08:00
Code Issues Packages Projects Releases Wiki Activity

bcrypt-Improvements: Fix Mac build.

Browse Source 
Also fix some test failures.
This commit is contained in:
Zebediah Figura 2018-03-03 14:17:08 -06:00
parent 1fdaf4c4e5
commit d854a14e64
12 changed files with 487 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
patches/bcrypt-Improvements/0012-bcrypt-Pass-object-to-get_-alg-hash-_property-instea.patch
View File

@ -1,15 +1,15 @@
From bfaaaeedacdf5ee92bee8048c6bb6ac85be3ecd0 Mon Sep 17 00:00:00 2001
From 2d4fc0dc7d0c64fb45683af54d659832493e2a7e Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 26 Dec 2016 06:18:01 +0100
Subject: [PATCH 12/36] bcrypt: Pass object to get_{alg,hash}_property instead
of alg_id.
---
dlls/bcrypt/bcrypt_main.c | 42 ++++++++++++++++++++++--------------------
1 file changed, 22 insertions(+), 20 deletions(-)
dlls/bcrypt/bcrypt_main.c | 40 ++++++++++++++++++++--------------------
1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 6e47349de4..73a5c36fed 100644
index 6e47349..8af43c8 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -510,15 +510,15 @@ static NTSTATUS generic_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *
@ -60,13 +60,7 @@ index 6e47349de4..73a5c36fed 100644
}
default:
WARN( "unknown magic %08x\n", object->magic );
@@ -794,11 +794,13 @@ struct key
{
struct object hdr;
ULONG block_size;
+ UCHAR *secret;
+ ULONG secret_len;
};
@@ -798,7 +798,7 @@ struct key
#endif
#if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
@ -75,7 +69,7 @@ index 6e47349de4..73a5c36fed 100644
{
ULONG ret = 0, size = sizeof(ret);
get_alg_property( alg, BCRYPT_BLOCK_LENGTH, (UCHAR *)&ret, sizeof(ret), &size );
@@ -827,27 +829,27 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
@@ -827,27 +827,27 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
#endif
#if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
@ -108,7 +102,7 @@ index 6e47349de4..73a5c36fed 100644
key->handle = 0; /* initialized on first use */
key->secret = buffer;
key->secret_len = secret_len;
@@ -937,25 +939,25 @@ static NTSTATUS key_destroy( struct key *key )
@@ -937,25 +937,25 @@ static NTSTATUS key_destroy( struct key *key )
return STATUS_SUCCESS;
}
#elif defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
@ -130,7 +124,7 @@ index 6e47349de4..73a5c36fed 100644
}
- if (!(key->block_size = get_block_size( id ))) return STATUS_INVALID_PARAMETER;
+ if (!(key->block_size = get_block_size( arg ))) return STATUS_INVALID_PARAMETER;
+ if (!(key->block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
if (!(buffer = heap_alloc( secret_len ))) return STATUS_NO_MEMORY;
memcpy( buffer, secret, secret_len );
@ -139,7 +133,7 @@ index 6e47349de4..73a5c36fed 100644
key->ref_encrypt = NULL; /* initialized on first use */
key->ref_decrypt = NULL;
key->secret = buffer;
@@ -1034,7 +1036,7 @@ static NTSTATUS key_destroy( struct key *key )
@@ -1034,7 +1034,7 @@ static NTSTATUS key_destroy( struct key *key )
return STATUS_SUCCESS;
}
#else
@ -148,7 +142,7 @@ index 6e47349de4..73a5c36fed 100644
{
ERR( "support for keys not available at build time\n" );
return STATUS_NOT_IMPLEMENTED;
@@ -1089,7 +1091,7 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
@@ -1089,7 +1089,7 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
if (!(key = heap_alloc( sizeof(*key) ))) return STATUS_NO_MEMORY;
key->hdr.magic = MAGIC_KEY;
@ -158,5 +152,5 @@ index 6e47349de4..73a5c36fed 100644
heap_free( key );
return status;
--
2.16.1
2.7.4

67
patches/bcrypt-Improvements/0017-bcrypt-Implement-BCryptEncrypt-for-AES-GCM-mode.patch
View File

@ -1,15 +1,15 @@
From 23ce1e2c23629e0f406fad6cf5ff1855c379ad0c Mon Sep 17 00:00:00 2001
From d056be40dd9cd96ec2ef6efa85fe9a630948a305 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 07:46:57 +0100
Subject: [PATCH 17/36] bcrypt: Implement BCryptEncrypt for AES GCM mode.
---
dlls/bcrypt/bcrypt_main.c | 48 ++++++++++++++++++++++++++++++++++++++--------
dlls/bcrypt/tests/bcrypt.c | 18 ++++++++---------
2 files changed, 49 insertions(+), 17 deletions(-)
dlls/bcrypt/bcrypt_main.c | 60 +++++++++++++++++++++++++++++++++++++++-------
dlls/bcrypt/tests/bcrypt.c | 18 +++++++-------
2 files changed, 61 insertions(+), 17 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 9e9e357634..387f448516 100644
index fa80318..dfdb7b2 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -63,6 +63,12 @@ MAKE_FUNCPTR(gnutls_global_set_log_level);
@ -33,7 +33,23 @@ index 9e9e357634..387f448516 100644
ULONG block_size;
gnutls_cipher_hd_t handle;
UCHAR *secret;
@@ -925,6 +932,7 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
@@ -858,6 +865,7 @@ struct key
{
struct object hdr;
enum alg_id alg_id;
+ enum mode_id mode;
ULONG block_size;
CCCryptorRef ref_encrypt;
CCCryptorRef ref_decrypt;
@@ -868,6 +876,7 @@ struct key
struct key
{
struct object hdr;
+ enum mode_id mode;
ULONG block_size;
};
#endif
@@ -923,6 +932,7 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
memcpy( buffer, secret, secret_len );
key->alg_id = alg->id;
@ -41,7 +57,7 @@ index 9e9e357634..387f448516 100644
key->handle = 0; /* initialized on first use */
key->secret = buffer;
key->secret_len = secret_len;
@@ -937,9 +945,13 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
@@ -935,9 +945,13 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
switch (key->alg_id)
{
case ALG_ID_AES:
@ -58,7 +74,38 @@ index 9e9e357634..387f448516 100644
default:
FIXME( "algorithm %u not supported\n", key->alg_id );
return GNUTLS_CIPHER_UNKNOWN;
@@ -1262,17 +1274,37 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1019,6 +1033,14 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
switch (alg->id)
{
case ALG_ID_AES:
+ switch (alg->mode)
+ {
+ case MODE_ID_CBC:
+ break;
+ default:
+ FIXME( "mode %u not supported\n", alg->mode );
+ return STATUS_NOT_SUPPORTED;
+ }
break;
default:
@@ -1031,6 +1053,7 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
memcpy( buffer, secret, secret_len );
key->alg_id = alg->id;
+ key->mode = alg->mode;
key->ref_encrypt = NULL; /* initialized on first use */
key->ref_decrypt = NULL;
key->secret = buffer;
@@ -1112,6 +1135,7 @@ static NTSTATUS key_destroy( struct key *key )
static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
{
ERR( "support for keys not available at build time\n" );
+ key->mode = MODE_ID_CBC;
return STATUS_NOT_IMPLEMENTED;
}
@@ -1260,17 +1284,37 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
padding, iv, iv_len, output, output_len, ret_len, flags );
if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
@ -102,7 +149,7 @@ index 9e9e357634..387f448516 100644
*ret_len = input_len;
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 70d9e0c246..355a414bca 100644
index 70d9e0c..355a414 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -751,12 +751,12 @@ static void test_BCryptEncrypt(void)
@ -149,5 +196,5 @@ index 70d9e0c246..355a414bca 100644
ret = pBCryptDestroyKey(key);
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
--
2.16.1
2.7.4

33
patches/bcrypt-Improvements/0019-bcrypt-Add-support-for-computing-comparing-cipher-ta.patch
View File

@ -1,15 +1,15 @@
From f3115ed9d937156ec03bd00e136268a53a7b383e Mon Sep 17 00:00:00 2001
From a511e42c71c2c04ee257f78cece073d08a51d32d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 08:02:36 +0100
Subject: [PATCH 19/36] bcrypt: Add support for computing/comparing cipher tag.
---
dlls/bcrypt/bcrypt_main.c | 41 ++++++++++++++++++++++++++++++++++++++++-
dlls/bcrypt/bcrypt_main.c | 47 +++++++++++++++++++++++++++++++++++++++++++++-
dlls/bcrypt/tests/bcrypt.c | 10 +++++-----
2 files changed, 45 insertions(+), 6 deletions(-)
2 files changed, 51 insertions(+), 6 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 17cc92dded..e518d315c3 100644
index 02a0106..5daddff 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -50,6 +50,9 @@ static HINSTANCE instance;
@ -67,7 +67,20 @@ index 17cc92dded..e518d315c3 100644
static NTSTATUS key_destroy( struct key *key )
{
if (key->handle) pgnutls_cipher_deinit( key->handle );
@@ -1149,6 +1176,12 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
@@ -1123,6 +1150,12 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
return STATUS_SUCCESS;
}
+static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
+{
+ FIXME( "not implemented on Mac\n" );
+ return STATUS_NOT_IMPLEMENTED;
+}
+
static NTSTATUS key_destroy( struct key *key )
{
if (key->ref_encrypt) CCCryptorRelease( key->ref_encrypt );
@@ -1159,6 +1192,12 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
return STATUS_NOT_IMPLEMENTED;
}
@ -80,7 +93,7 @@ index 17cc92dded..e518d315c3 100644
static NTSTATUS key_destroy( struct key *key )
{
ERR( "support for keys not available at build time\n" );
@@ -1302,7 +1335,7 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1312,7 +1351,7 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if ((status = key_encrypt( key, input, input_len, output, output_len )))
return status;
@ -89,7 +102,7 @@ index 17cc92dded..e518d315c3 100644
}
if ((status = key_set_params( key, iv, iv_len ))) return status;
@@ -1361,6 +1394,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1371,6 +1410,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if (key->mode == MODE_ID_GCM)
{
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO *auth_info = padding;
@ -97,7 +110,7 @@ index 17cc92dded..e518d315c3 100644
if (!auth_info) return STATUS_INVALID_PARAMETER;
if (!auth_info->pbNonce) return STATUS_INVALID_PARAMETER;
@@ -1378,6 +1412,11 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1388,6 +1428,11 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if ((status = key_decrypt( key, input, input_len, output, output_len )))
return status;
@ -110,7 +123,7 @@ index 17cc92dded..e518d315c3 100644
}
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 89a3c40850..18cd2a2713 100644
index 89a3c40..18cd2a2 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -754,11 +754,11 @@ static void test_BCryptEncrypt(void)
@ -151,5 +164,5 @@ index 89a3c40850..18cd2a2713 100644
ret = pBCryptDestroyKey(key);
--
2.16.1
2.7.4

44
patches/bcrypt-Improvements/0020-bcrypt-Implement-BCryptDuplicateKey.patch
View File

@ -1,16 +1,16 @@
From 20c4886fc456f7994e96ac41759b0d22cabb0e0a Mon Sep 17 00:00:00 2001
From 622e4b47bdabcdae3deab7347a73d0b3ea804fca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 08:28:24 +0100
Subject: [PATCH 20/36] bcrypt: Implement BCryptDuplicateKey.
---
dlls/bcrypt/bcrypt.spec | 2 +-
dlls/bcrypt/bcrypt_main.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++
dlls/bcrypt/bcrypt_main.c | 68 +++++++++++++++++++++++++++++++++++++++++++++++
dlls/ncrypt/ncrypt.spec | 2 +-
3 files changed, 51 insertions(+), 2 deletions(-)
3 files changed, 70 insertions(+), 2 deletions(-)
diff --git a/dlls/bcrypt/bcrypt.spec b/dlls/bcrypt/bcrypt.spec
index 21b54b4934..28c2394ce4 100644
index 21b54b4..28c2394 100644
--- a/dlls/bcrypt/bcrypt.spec
+++ b/dlls/bcrypt/bcrypt.spec
@@ -12,7 +12,7 @@
@ -23,7 +23,7 @@ index 21b54b4934..28c2394ce4 100644
@ stdcall BCryptEnumAlgorithms(long ptr ptr long)
@ stub BCryptEnumContextFunctionProviders
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index e518d315c3..7111788b55 100644
index 5daddff..e72a8fd 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -954,6 +954,24 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
@ -51,7 +51,33 @@ index e518d315c3..7111788b55 100644
static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
{
switch (key->alg_id)
@@ -1156,6 +1174,13 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
@@ -1089,6 +1107,25 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
return STATUS_SUCCESS;
}
+static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
+{
+ UCHAR *buffer;
+
+ if (!(buffer = HeapAlloc( GetProcessHeap(), 0, key_orig->secret_len ))) return STATUS_NO_MEMORY;
+ memcpy( buffer, key_orig->secret, key_orig->secret_len );
+
+ key_copy->hdr = key_orig->hdr;
+ key_copy->alg_id = key_orig->alg_id;
+ key_copy->mode = key_orig->mode;
+ key_copy->block_size = key_orig->block_size;
+ key_copy->ref_encrypt = NULL;
+ key_copy->ref_decrypt = NULL;
+ key_copy->secret = buffer;
+ key_copy->secret_len = key_orig->secret_len;
+
+ return STATUS_SUCCESS;
+}
+
static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
{
CCCryptorStatus status;
@@ -1172,6 +1209,13 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
return STATUS_NOT_IMPLEMENTED;
}
@ -65,7 +91,7 @@ index e518d315c3..7111788b55 100644
static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
{
ERR( "support for keys not available at build time\n" );
@@ -1284,6 +1309,30 @@ NTSTATUS WINAPI BCryptExportKey(BCRYPT_KEY_HANDLE export_key, BCRYPT_KEY_HANDLE
@@ -1300,6 +1344,30 @@ NTSTATUS WINAPI BCryptExportKey(BCRYPT_KEY_HANDLE export_key, BCRYPT_KEY_HANDLE
return key_export( key, type, output, output_len, size );
}
@ -97,7 +123,7 @@ index e518d315c3..7111788b55 100644
{
struct key *key = handle;
diff --git a/dlls/ncrypt/ncrypt.spec b/dlls/ncrypt/ncrypt.spec
index 5d5fae0b5c..d0f0f56cc4 100644
index 5d5fae0..d0f0f56 100644
--- a/dlls/ncrypt/ncrypt.spec
+++ b/dlls/ncrypt/ncrypt.spec
@@ -14,7 +14,7 @@
@ -110,5 +136,5 @@ index 5d5fae0b5c..d0f0f56cc4 100644
@ stdcall BCryptEnumAlgorithms(long ptr ptr long) bcrypt.BCryptEnumAlgorithms
@ stub BCryptEnumContextFunctionProviders
--
2.16.1
2.7.4

27
patches/bcrypt-Improvements/0022-bcrypt-Allow-to-call-BCryptSetProperty-on-key-object.patch
View File

@ -1,15 +1,15 @@
From 8568e6743e9249a11584b7744df4f8ec116a100f Mon Sep 17 00:00:00 2001
From b41fdf5830cdaf31108cbdf82585f130882a0fb7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 08:41:31 +0100
Subject: [PATCH 22/36] bcrypt: Allow to call BCryptSetProperty on key objects.
---
dlls/bcrypt/bcrypt_main.c | 38 ++++++++++++++++++++++++++++++++++++--
dlls/bcrypt/bcrypt_main.c | 44 ++++++++++++++++++++++++++++++++++++++++++--
dlls/bcrypt/tests/bcrypt.c | 4 ++++
2 files changed, 40 insertions(+), 2 deletions(-)
2 files changed, 46 insertions(+), 2 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 7111788b55..dc6aa82b81 100644
index e72a8fd..f027eea 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -246,6 +246,9 @@ struct algorithm
@ -65,7 +65,20 @@ index 7111788b55..dc6aa82b81 100644
static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
{
switch (key->alg_id)
@@ -1181,6 +1209,12 @@ static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
@@ -1126,6 +1154,12 @@ static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
return STATUS_SUCCESS;
}
+static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
+{
+ FIXME( "not implemented on Mac\n" );
+ return STATUS_NOT_IMPLEMENTED;
+}
+
static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
{
CCCryptorStatus status;
@@ -1216,6 +1250,12 @@ static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
return STATUS_NOT_IMPLEMENTED;
}
@ -79,7 +92,7 @@ index 7111788b55..dc6aa82b81 100644
{
ERR( "support for keys not available at build time\n" );
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 6ec429e309..baf5b638f9 100644
index 6ec429e..baf5b63 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -526,6 +526,10 @@ static void test_BCryptGenerateSymmetricKey(void)
@ -94,5 +107,5 @@ index 6ec429e309..baf5b638f9 100644
ret = pBCryptEncrypt(key, NULL, 0, NULL, NULL, 0, NULL, 0, &size, 0);
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
--
2.16.1
2.7.4

46
patches/bcrypt-Improvements/0023-bcrypt-Add-support-for-auth-data-in-AES-GCM-mode.patch
View File

@ -1,14 +1,14 @@
From 7ecc8c3e96519eb53f0442981bd711b719cebfab Mon Sep 17 00:00:00 2001
From d11095de823d25cd44a80bbdab2745c560db9521 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Mon, 26 Dec 2016 15:01:19 +0100
Subject: [PATCH 23/36] bcrypt: Add support for auth data in AES GCM mode.
---
dlls/bcrypt/bcrypt_main.c | 41 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 40 insertions(+), 1 deletion(-)
dlls/bcrypt/bcrypt_main.c | 42 +++++++++++++++++++++++++++++++++++++++++-
1 file changed, 41 insertions(+), 1 deletion(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index dc6aa82b81..e4ebcf91ed 100644
index f027eea..da9cb02 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -52,6 +52,7 @@ WINE_DECLARE_DEBUG_CHANNEL(winediag);
@ -33,24 +33,19 @@ index dc6aa82b81..e4ebcf91ed 100644
{
return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
}
@@ -127,6 +133,16 @@ static BOOL gnutls_initialize(void)
pgnutls_global_set_log_level( 4 );
pgnutls_global_set_log_function( gnutls_log );
@@ -115,6 +121,11 @@ static BOOL gnutls_initialize(void)
WARN("gnutls_cipher_tag not found\n");
pgnutls_cipher_tag = compat_gnutls_cipher_tag;
}
+ if (!(pgnutls_cipher_tag = wine_dlsym( libgnutls_handle, "gnutls_cipher_tag", NULL, 0 )))
+ {
+ WARN("gnutls_cipher_tag not found\n");
+ pgnutls_cipher_tag = compat_gnutls_cipher_tag;
+ }
+ if (!(pgnutls_cipher_add_auth = wine_dlsym( libgnutls_handle, "gnutls_cipher_add_auth", NULL, 0 )))
+ {
+ WARN("gnutls_cipher_add_auth not found\n");
+ pgnutls_cipher_add_auth = compat_gnutls_cipher_add_auth;
+ }
return TRUE;
@@ -1050,6 +1066,19 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
if ((ret = pgnutls_global_init()) != GNUTLS_E_SUCCESS)
{
@@ -1050,6 +1061,19 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
return STATUS_SUCCESS;
}
@ -70,7 +65,20 @@ index dc6aa82b81..e4ebcf91ed 100644
static NTSTATUS key_encrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
ULONG output_len )
{
@@ -1221,6 +1250,12 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
@@ -1193,6 +1217,12 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
return STATUS_SUCCESS;
}
+static NTSTATUS key_set_auth_data( struct key *key, UCHAR *auth_data, ULONG len )
+{
+ FIXME( "not implemented on Mac\n" );
+ return STATUS_NOT_IMPLEMENTED;
+}
+
static NTSTATUS key_encrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
ULONG output_len )
{
@@ -1262,6 +1292,12 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
return STATUS_NOT_IMPLEMENTED;
}
@ -83,7 +91,7 @@ index dc6aa82b81..e4ebcf91ed 100644
static NTSTATUS key_encrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
ULONG output_len )
{
@@ -1415,6 +1450,8 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1456,6 +1492,8 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if (!output) return STATUS_SUCCESS;
if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
@ -92,7 +100,7 @@ index dc6aa82b81..e4ebcf91ed 100644
if ((status = key_encrypt( key, input, input_len, output, output_len )))
return status;
@@ -1492,6 +1529,8 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1533,6 +1571,8 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if (!output) return STATUS_SUCCESS;
if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
@ -102,5 +110,5 @@ index dc6aa82b81..e4ebcf91ed 100644
return status;
--
2.16.1
2.7.4

17
patches/bcrypt-Improvements/0025-bcrypt-Avoid-crash-in-tests-when-compiling-without-g.patch
View File

@ -1,23 +1,24 @@
From b9fd0d5d4e698d60126714217a950295914e6680 Mon Sep 17 00:00:00 2001
From 0fbdf39c6714848c3186882ef01111c08174afa1 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 26 Dec 2016 16:20:57 +0100
Subject: [PATCH 25/36] bcrypt: Avoid crash in tests when compiling without
gnutls support.
---
dlls/bcrypt/bcrypt_main.c | 11 +++++++++++
1 file changed, 11 insertions(+)
dlls/bcrypt/bcrypt_main.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index e4ebcf91ed..98c49e7331 100644
index da9cb02..1839edc 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -1302,12 +1302,19 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
@@ -1344,12 +1344,19 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
if (object) FIXME( "ignoring object buffer\n" );
- if (!(key = heap_alloc( sizeof(*key) ))) return STATUS_NO_MEMORY;
+
if (!(key = heap_alloc( sizeof(*key) ))) return STATUS_NO_MEMORY;
+ if (!(key = heap_alloc( sizeof(*key) )))
+ {
+ *handle = NULL;
+ return STATUS_NO_MEMORY;
@ -32,7 +33,7 @@ index e4ebcf91ed..98c49e7331 100644
return status;
}
@@ -1390,11 +1397,15 @@ NTSTATUS WINAPI BCryptDuplicateKey( BCRYPT_KEY_HANDLE handle, BCRYPT_KEY_HANDLE
@@ -1432,11 +1439,15 @@ NTSTATUS WINAPI BCryptDuplicateKey( BCRYPT_KEY_HANDLE handle, BCRYPT_KEY_HANDLE
if (!key_orig || key_orig->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
if (!handle_copy) return STATUS_INVALID_PARAMETER;
if (!(key_copy = HeapAlloc( GetProcessHeap(), 0, sizeof(*key_copy) )))
@ -49,5 +50,5 @@ index e4ebcf91ed..98c49e7331 100644
}
--
2.16.1
2.7.4

28
patches/bcrypt-Improvements/0026-bcrypt-Implement-support-for-ECB-chain-mode.patch
View File

@ -1,4 +1,4 @@
From a58d04dc5cb0ee6344c596eb5b6ac99fb0dd6c7f Mon Sep 17 00:00:00 2001
From e0586d6d6fcfeb9e49e53eb3470678131bc0b469 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Sun, 5 Mar 2017 23:18:03 +0100
Subject: [PATCH 26/36] bcrypt: Implement support for ECB chain mode.
@ -9,10 +9,10 @@ Subject: [PATCH 26/36] bcrypt: Implement support for ECB chain mode.
2 files changed, 244 insertions(+), 9 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 98c49e7331..cbd38f57d6 100644
index 1839edc..8dc1e7b 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -230,6 +230,7 @@ enum alg_id
@@ -225,6 +225,7 @@ enum alg_id
enum mode_id
{
@ -20,7 +20,7 @@ index 98c49e7331..cbd38f57d6 100644
MODE_ID_CBC,
MODE_ID_GCM
};
@@ -582,8 +583,9 @@ static NTSTATUS get_alg_property( const struct algorithm *alg, const WCHAR *prop
@@ -577,8 +578,9 @@ static NTSTATUS get_alg_property( const struct algorithm *alg, const WCHAR *prop
const WCHAR *mode;
switch (alg->mode)
{
@ -31,7 +31,7 @@ index 98c49e7331..cbd38f57d6 100644
default: return STATUS_NOT_IMPLEMENTED;
}
@@ -636,7 +638,12 @@ static NTSTATUS set_alg_property( struct algorithm *alg, const WCHAR *prop, UCHA
@@ -631,7 +633,12 @@ static NTSTATUS set_alg_property( struct algorithm *alg, const WCHAR *prop, UCHA
case ALG_ID_AES:
if (!strcmpW( prop, BCRYPT_CHAINING_MODE ))
{
@ -45,7 +45,7 @@ index 98c49e7331..cbd38f57d6 100644
{
alg->mode = MODE_ID_CBC;
return STATUS_SUCCESS;
@@ -995,7 +1002,12 @@ static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *val
@@ -990,7 +997,12 @@ static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *val
{
if (!strcmpW( prop, BCRYPT_CHAINING_MODE ))
{
@ -59,7 +59,7 @@ index 98c49e7331..cbd38f57d6 100644
{
key->mode = MODE_ID_CBC;
return STATUS_SUCCESS;
@@ -1025,6 +1037,7 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
@@ -1020,6 +1032,7 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
switch (key->mode)
{
case MODE_ID_GCM: return GNUTLS_CIPHER_AES_128_GCM;
@ -67,7 +67,7 @@ index 98c49e7331..cbd38f57d6 100644
case MODE_ID_CBC:
default: return GNUTLS_CIPHER_AES_128_CBC;
}
@@ -1036,6 +1049,7 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
@@ -1031,6 +1044,7 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
{
@ -75,7 +75,7 @@ index 98c49e7331..cbd38f57d6 100644
gnutls_cipher_algorithm_t cipher;
gnutls_datum_t secret, vector;
int ret;
@@ -1049,15 +1063,18 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
@@ -1044,15 +1058,18 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
if ((cipher = get_gnutls_cipher( key )) == GNUTLS_CIPHER_UNKNOWN)
return STATUS_NOT_SUPPORTED;
@ -100,7 +100,7 @@ index 98c49e7331..cbd38f57d6 100644
{
pgnutls_perror( ret );
return STATUS_INTERNAL_ERROR;
@@ -1481,11 +1498,15 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1523,11 +1540,15 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if (!output) return STATUS_SUCCESS;
if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
@ -116,7 +116,7 @@ index 98c49e7331..cbd38f57d6 100644
bytes_left -= key->block_size;
src += key->block_size;
dst += key->block_size;
@@ -1568,11 +1589,15 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1610,11 +1631,15 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
else if (output_len < *ret_len)
return STATUS_BUFFER_TOO_SMALL;
@ -133,7 +133,7 @@ index 98c49e7331..cbd38f57d6 100644
src += key->block_size;
dst += key->block_size;
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index bd22b80d9a..ade8058724 100644
index bd22b80..81345a5 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -634,6 +634,15 @@ static void test_BCryptEncrypt(void)
@ -368,12 +368,12 @@ index bd22b80d9a..ade8058724 100644
+ HeapFree(GetProcessHeap(), 0, buf);
+
+ ret = pBCryptDestroyKey(key);
+ ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ ok(ret == STATUS_INVALID_HANDLE, "got %08x\n", ret);
+ HeapFree(GetProcessHeap(), 0, buf);
+
ret = pBCryptCloseAlgorithmProvider(aes, 0);
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
}
--
2.16.1
2.7.4

14
patches/bcrypt-Improvements/0029-bcrypt-Add-support-for-192-and-256-bit-aes-keys.patch
View File

@ -1,4 +1,4 @@
From 236c6617a0142f7d7adae2683ece3789bb46782e Mon Sep 17 00:00:00 2001
From da83888b40c6a37740e3ff3ba1b0f2d3e2b9008c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Sun, 13 Aug 2017 05:04:21 +0200
Subject: [PATCH 28/36] bcrypt: Add support for 192 and 256 bit aes keys.
@ -9,10 +9,10 @@ Subject: [PATCH 28/36] bcrypt: Add support for 192 and 256 bit aes keys.
2 files changed, 44 insertions(+), 2 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index f19a90e6bf..165718c63a 100644
index dbd8152..227c007 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -1036,11 +1036,21 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
@@ -1031,11 +1031,21 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
WARN( "handle block size\n" );
switch (key->mode)
{
@ -37,7 +37,7 @@ index f19a90e6bf..165718c63a 100644
FIXME( "algorithm %u not supported\n", key->alg_id );
return GNUTLS_CIPHER_UNKNOWN;
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 159be44714..a0906e9904 100644
index 2381fdf..2bf8b1b 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -615,6 +615,9 @@ static void test_BCryptEncrypt(void)
@ -61,7 +61,7 @@ index 159be44714..a0906e9904 100644
static UCHAR expected_tag[] =
{0x89,0xb3,0x92,0x00,0x39,0x20,0x09,0xb4,0x6a,0xd6,0xaf,0xca,0x4b,0x5b,0xfd,0xd0};
static UCHAR expected_tag2[] =
@@ -873,6 +880,31 @@ static void test_BCryptEncrypt(void)
@@ -753,6 +760,31 @@ static void test_BCryptEncrypt(void)
ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
HeapFree(GetProcessHeap(), 0, buf);
@ -91,8 +91,8 @@ index 159be44714..a0906e9904 100644
+ HeapFree(GetProcessHeap(), 0, buf);
+
/******************
* AES - ECB mode *
* AES - GCM mode *
******************/
--
2.16.1
2.7.4

256
patches/bcrypt-Improvements/0030-bcrypt-Preparation-for-asymmetric-keys.patch
View File

@ -1,17 +1,17 @@
From d0f72018a4759730734560b2c9aebf5733123166 Mon Sep 17 00:00:00 2001
From d4255af99adc2fb09940feae4a7836fdd7e45a8e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Fri, 29 Sep 2017 18:31:55 +0200
Subject: [PATCH 29/36] bcrypt: Preparation for asymmetric keys.
---
dlls/bcrypt/bcrypt_main.c | 269 ++++++++++++++++++++++++++++------------------
1 file changed, 165 insertions(+), 104 deletions(-)
dlls/bcrypt/bcrypt_main.c | 368 ++++++++++++++++++++++++++++------------------
1 file changed, 227 insertions(+), 141 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 165718c63a..5d4a5b5992 100644
index 227c007..9b1ac80 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -243,16 +243,17 @@ static const struct {
@@ -238,16 +238,17 @@ static const struct {
ULONG hash_length;
ULONG block_bits;
const WCHAR *alg_name;
@ -38,7 +38,7 @@ index 165718c63a..5d4a5b5992 100644
};
struct algorithm
@@ -890,27 +891,45 @@ NTSTATUS WINAPI BCryptHash( BCRYPT_ALG_HANDLE algorithm, UCHAR *secret, ULONG se
@@ -885,21 +886,28 @@ NTSTATUS WINAPI BCryptHash( BCRYPT_ALG_HANDLE algorithm, UCHAR *secret, ULONG se
}
#if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
@ -70,27 +70,40 @@ index 165718c63a..5d4a5b5992 100644
+#elif defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
+struct key_symmetric
+{
+ enum mode_id mode;
enum mode_id mode;
ULONG block_size;
CCCryptorRef ref_encrypt;
CCCryptorRef ref_decrypt;
@@ -907,16 +915,56 @@ struct key
UCHAR *secret;
ULONG secret_len;
};
-#else
+
+struct key
+{
struct key
{
- struct object hdr;
+ struct object hdr;
+ enum alg_id alg_id;
+ union
+ {
+ struct key_symmetric s;
+ } u;
+}
#else
struct key
{
@@ -922,6 +941,28 @@ struct key
+};
+#else
+struct key_symmetric
+{
enum mode_id mode;
ULONG block_size;
};
+
+struct key
+{
+ struct object hdr;
+ union
+ {
+ struct key_symmetric s;
+ } u;
+};
#endif
#if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
@ -119,7 +132,7 @@ index 165718c63a..5d4a5b5992 100644
static ULONG get_block_size( struct algorithm *alg )
{
ULONG ret = 0, size = sizeof(ret);
@@ -933,15 +974,15 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
@@ -928,25 +976,43 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
if (!strcmpW( type, BCRYPT_KEY_DATA_BLOB ))
{
BCRYPT_KEY_DATA_BLOB_HEADER *header = (BCRYPT_KEY_DATA_BLOB_HEADER *)output;
@ -138,7 +151,27 @@ index 165718c63a..5d4a5b5992 100644
return STATUS_SUCCESS;
}
@@ -951,7 +992,7 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
FIXME( "unsupported key type %s\n", debugstr_w(type) );
return STATUS_NOT_IMPLEMENTED;
}
+#else
+static inline BOOL key_is_symmetric( struct key *key )
+{
+ ERR( "support for keys not available at build time\n" );
+ return FALSE;
+}
+
+static NTSTATUS key_symmetric_get_mode( struct key *key, enum mode_id *mode )
+{
+ *mode = key->u.s.mode;
+ return STATUS_SUCCESS;
+}
+
+static NTSTATUS key_symmetric_get_blocksize( struct key *key, ULONG *size )
+{
+ ERR( "support for keys not available at build time\n" );
+ return STATUS_NOT_IMPLEMENTED;
+}
#endif
#if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
@ -147,7 +180,7 @@ index 165718c63a..5d4a5b5992 100644
{
UCHAR *buffer;
@@ -967,15 +1008,15 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
@@ -962,15 +1028,15 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
return STATUS_NOT_SUPPORTED;
}
@ -169,7 +202,7 @@ index 165718c63a..5d4a5b5992 100644
return STATUS_SUCCESS;
}
@@ -984,16 +1025,24 @@ static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
@@ -979,16 +1045,24 @@ static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
{
UCHAR *buffer;
@ -177,11 +210,6 @@ index 165718c63a..5d4a5b5992 100644
- memcpy( buffer, key_orig->secret, key_orig->secret_len );
+ key_copy->hdr = key_orig->hdr;
+ key_copy->alg_id = key_orig->alg_id;
+
+ if (key_is_symmetric(key_orig))
+ {
+ if (!(buffer = HeapAlloc( GetProcessHeap(), 0, key_orig->u.s.secret_len ))) return STATUS_NO_MEMORY;
+ memcpy( buffer, key_orig->u.s.secret, key_orig->u.s.secret_len );
- key_copy->hdr = key_orig->hdr;
- key_copy->alg_id = key_orig->alg_id;
@ -190,6 +218,11 @@ index 165718c63a..5d4a5b5992 100644
- key_copy->handle = NULL;
- key_copy->secret = buffer;
- key_copy->secret_len = key_orig->secret_len;
+ if (key_is_symmetric(key_orig))
+ {
+ if (!(buffer = HeapAlloc( GetProcessHeap(), 0, key_orig->u.s.secret_len ))) return STATUS_NO_MEMORY;
+ memcpy( buffer, key_orig->u.s.secret, key_orig->u.s.secret_len );
+
+ key_copy->u.s.mode = key_orig->u.s.mode;
+ key_copy->u.s.block_size = key_orig->u.s.block_size;
+ key_copy->u.s.handle = NULL;
@ -203,7 +236,7 @@ index 165718c63a..5d4a5b5992 100644
return STATUS_SUCCESS;
}
@@ -1004,17 +1053,17 @@ static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *val
@@ -999,17 +1073,17 @@ static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *val
{
if (!strncmpW( (WCHAR *)value, BCRYPT_CHAIN_MODE_ECB, size ))
{
@ -224,7 +257,7 @@ index 165718c63a..5d4a5b5992 100644
return STATUS_SUCCESS;
}
else
@@ -1034,22 +1083,22 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
@@ -1029,22 +1103,22 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
{
case ALG_ID_AES:
WARN( "handle block size\n" );
@ -254,7 +287,7 @@ index 165718c63a..5d4a5b5992 100644
return GNUTLS_CIPHER_UNKNOWN;
default:
FIXME( "algorithm %u not supported\n", key->alg_id );
@@ -1057,17 +1106,17 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
@@ -1052,17 +1126,17 @@ static gnutls_cipher_algorithm_t get_gnutls_cipher( const struct key *key )
}
}
@ -276,7 +309,7 @@ index 165718c63a..5d4a5b5992 100644
}
if ((cipher = get_gnutls_cipher( key )) == GNUTLS_CIPHER_UNKNOWN)
@@ -1079,12 +1128,12 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
@@ -1074,12 +1148,12 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
iv_len = sizeof(zero_iv);
}
@ -292,7 +325,7 @@ index 165718c63a..5d4a5b5992 100644
{
pgnutls_perror( ret );
return STATUS_INTERNAL_ERROR;
@@ -1093,11 +1142,11 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
@@ -1088,11 +1162,11 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
return STATUS_SUCCESS;
}
@ -306,7 +339,7 @@ index 165718c63a..5d4a5b5992 100644
{
pgnutls_perror( ret );
return STATUS_INTERNAL_ERROR;
@@ -1106,12 +1155,12 @@ static NTSTATUS key_set_auth_data( struct key *key, UCHAR *auth_data, ULONG len
@@ -1101,12 +1175,12 @@ static NTSTATUS key_set_auth_data( struct key *key, UCHAR *auth_data, ULONG len
return STATUS_SUCCESS;
}
@ -321,7 +354,7 @@ index 165718c63a..5d4a5b5992 100644
{
pgnutls_perror( ret );
return STATUS_INTERNAL_ERROR;
@@ -1125,7 +1174,7 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
@@ -1120,7 +1194,7 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
{
int ret;
@ -330,7 +363,7 @@ index 165718c63a..5d4a5b5992 100644
{
pgnutls_perror( ret );
return STATUS_INTERNAL_ERROR;
@@ -1138,7 +1187,7 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
@@ -1133,7 +1207,7 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
{
int ret;
@ -339,7 +372,7 @@ index 165718c63a..5d4a5b5992 100644
{
pgnutls_perror( ret );
return STATUS_INTERNAL_ERROR;
@@ -1149,13 +1198,13 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
@@ -1144,13 +1218,13 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
static NTSTATUS key_destroy( struct key *key )
{
@ -356,25 +389,144 @@ index 165718c63a..5d4a5b5992 100644
{
UCHAR *buffer;
@@ -1182,7 +1231,7 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
@@ -1172,16 +1246,16 @@ static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *s
return STATUS_NOT_SUPPORTED;
}
- if (!(key->block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
+ if (!(key->u.s.block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
if (!(buffer = heap_alloc( secret_len ))) return STATUS_NO_MEMORY;
memcpy( buffer, secret, secret_len );
- key->alg_id = alg->id;
- key->mode = alg->mode;
- key->ref_encrypt = NULL; /* initialized on first use */
- key->ref_decrypt = NULL;
- key->secret = buffer;
- key->secret_len = secret_len;
+ key->alg_id = alg->id;
+ key->u.s.mode = alg->mode;
+ key->u.s.ref_encrypt = NULL; /* initialized on first use */
+ key->u.s.ref_decrypt = NULL;
+ key->u.s.secret = buffer;
+ key->u.s.secret_len = secret_len;
return STATUS_SUCCESS;
}
@@ -1190,17 +1264,17 @@ static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
{
UCHAR *buffer;
- if (!(buffer = HeapAlloc( GetProcessHeap(), 0, key_orig->secret_len ))) return STATUS_NO_MEMORY;
- memcpy( buffer, key_orig->secret, key_orig->secret_len );
+ if (!(buffer = HeapAlloc( GetProcessHeap(), 0, key_orig->u.s.secret_len ))) return STATUS_NO_MEMORY;
+ memcpy( buffer, key_orig->u.s.secret, key_orig->u.s.secret_len );
- key_copy->hdr = key_orig->hdr;
- key_copy->alg_id = key_orig->alg_id;
- key_copy->mode = key_orig->mode;
- key_copy->block_size = key_orig->block_size;
- key_copy->ref_encrypt = NULL;
- key_copy->ref_decrypt = NULL;
- key_copy->secret = buffer;
- key_copy->secret_len = key_orig->secret_len;
+ key_copy->hdr = key_orig->hdr;
+ key_copy->alg_id = key_orig->alg_id;
+ key_copy->u.s.mode = key_orig->u.s.mode;
+ key_copy->u.s.block_size = key_orig->u.s.block_size;
+ key_copy->u.s.ref_encrypt = NULL;
+ key_copy->u.s.ref_decrypt = NULL;
+ key_copy->u.s.secret = buffer;
+ key_copy->u.s.secret_len = key_orig->u.s.secret_len;
return STATUS_SUCCESS;
}
@@ -1211,51 +1285,51 @@ static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *val
return STATUS_NOT_IMPLEMENTED;
}
-static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
+static NTSTATUS key_symmetric_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
{
CCCryptorStatus status;
@@ -1215,7 +1264,7 @@ static NTSTATUS key_set_params( struct key *key, UCHAR *iv, ULONG iv_len )
- if (key->ref_encrypt)
+ if (key->u.s.ref_encrypt)
{
- CCCryptorRelease( key->ref_encrypt );
- key->ref_encrypt = NULL;
+ CCCryptorRelease( key->u.s.ref_encrypt );
+ key->u.s.ref_encrypt = NULL;
}
- if (key->ref_decrypt)
+ if (key->u.s.ref_decrypt)
{
- CCCryptorRelease( key->ref_decrypt );
- key->ref_decrypt = NULL;
+ CCCryptorRelease( key->u.s.ref_decrypt );
+ key->u.s.ref_decrypt = NULL;
}
if ((status = CCCryptorCreateWithMode( kCCEncrypt, kCCModeCBC, kCCAlgorithmAES128, ccNoPadding, iv,
- key->secret, key->secret_len, NULL, 0, 0, 0, &key->ref_encrypt )) != kCCSuccess)
+ key->u.s.secret, key->u.s.secret_len, NULL, 0, 0, 0, &key->u.s.ref_encrypt )) != kCCSuccess)
{
WARN( "CCCryptorCreateWithMode failed %d\n", status );
return STATUS_INTERNAL_ERROR;
}
if ((status = CCCryptorCreateWithMode( kCCDecrypt, kCCModeCBC, kCCAlgorithmAES128, ccNoPadding, iv,
- key->secret, key->secret_len, NULL, 0, 0, 0, &key->ref_decrypt )) != kCCSuccess)
+ key->u.s.secret, key->u.s.secret_len, NULL, 0, 0, 0, &key->u.s.ref_decrypt )) != kCCSuccess)
{
WARN( "CCCryptorCreateWithMode failed %d\n", status );
- CCCryptorRelease( key->ref_encrypt );
- key->ref_encrypt = NULL;
+ CCCryptorRelease( key->u.s.ref_encrypt );
+ key->u.s.ref_encrypt = NULL;
return STATUS_INTERNAL_ERROR;
}
return STATUS_SUCCESS;
}
-static NTSTATUS key_set_auth_data( struct key *key, UCHAR *auth_data, ULONG len )
+static NTSTATUS key_symmetric_set_auth_data( struct key *key, UCHAR *auth_data, ULONG len )
{
FIXME( "not implemented on Mac\n" );
return STATUS_NOT_IMPLEMENTED;
}
-static NTSTATUS key_encrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
+static NTSTATUS key_symmetric_encrypt( struct key *key, const UCHAR *input, ULONG input_len, UCHAR *output,
ULONG output_len )
{
CCCryptorStatus status;
@@ -1252,7 +1301,7 @@ static NTSTATUS key_destroy( struct key *key )
- if ((status = CCCryptorUpdate( key->ref_encrypt, input, input_len, output, output_len, NULL )) != kCCSuccess)
+ if ((status = CCCryptorUpdate( key->u.s.ref_encrypt, input, input_len, output, output_len, NULL )) != kCCSuccess)
{
WARN( "CCCryptorUpdate failed %d\n", status );
return STATUS_INTERNAL_ERROR;
@@ -1269,7 +1343,7 @@ static NTSTATUS key_decrypt( struct key *key, const UCHAR *input, ULONG input_le
{
CCCryptorStatus status;
- if ((status = CCCryptorUpdate( key->ref_decrypt, input, input_len, output, output_len, NULL )) != kCCSuccess)
+ if ((status = CCCryptorUpdate( key->u.s.ref_decrypt, input, input_len, output, output_len, NULL )) != kCCSuccess)
{
WARN( "CCCryptorUpdate failed %d\n", status );
return STATUS_INTERNAL_ERROR;
@@ -1286,24 +1360,24 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
static NTSTATUS key_destroy( struct key *key )
{
- if (key->ref_encrypt) CCCryptorRelease( key->ref_encrypt );
- if (key->ref_decrypt) CCCryptorRelease( key->ref_decrypt );
- heap_free( key->secret );
+ if (key->u.s.ref_encrypt) CCCryptorRelease( key->u.s.ref_encrypt );
+ if (key->u.s.ref_decrypt) CCCryptorRelease( key->u.s.ref_decrypt );
+ heap_free( key->u.s.secret );
heap_free( key );
return STATUS_SUCCESS;
}
#else
@ -382,8 +534,20 @@ index 165718c63a..5d4a5b5992 100644
+static NTSTATUS key_symmetric_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
{
ERR( "support for keys not available at build time\n" );
- key->mode = MODE_ID_CBC;
+ key->u.s.mode = MODE_ID_CBC;
return STATUS_NOT_IMPLEMENTED;
@@ -1271,19 +1320,19 @@ static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *val
}
static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
{
ERR( "support for keys not available at build time\n" );
- key_copy->mode = MODE_ID_CBC;
+ key_copy->u.s.mode = MODE_ID_CBC;
return STATUS_NOT_IMPLEMENTED;
}
@@ -1313,19 +1387,19 @@ static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *val
return STATUS_NOT_IMPLEMENTED;
}
@ -406,7 +570,7 @@ index 165718c63a..5d4a5b5992 100644
ULONG output_len )
{
ERR( "support for keys not available at build time\n" );
@@ -1338,7 +1387,7 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
@@ -1380,7 +1454,7 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
key->hdr.magic = MAGIC_KEY;
@ -415,7 +579,7 @@ index 165718c63a..5d4a5b5992 100644
{
heap_free( key );
*handle = NULL;
@@ -1457,19 +1506,30 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1499,19 +1573,30 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
struct key *key = handle;
ULONG bytes_left = input_len;
UCHAR *buf, *src, *dst;
@ -447,7 +611,7 @@ index 165718c63a..5d4a5b5992 100644
{
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO *auth_info = padding;
@@ -1480,7 +1540,7 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1522,7 +1607,7 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if (auth_info->dwFlags & BCRYPT_AUTH_MODE_CHAIN_CALLS_FLAG)
FIXME( "call chaining not implemented\n" );
@ -456,7 +620,7 @@ index 165718c63a..5d4a5b5992 100644
return status;
*ret_len = input_len;
@@ -1488,46 +1548,47 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1530,46 +1615,47 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if (input && !output) return STATUS_SUCCESS;
if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
@ -519,7 +683,7 @@ index 165718c63a..5d4a5b5992 100644
heap_free( buf );
}
@@ -1553,7 +1614,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1595,7 +1681,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
return STATUS_NOT_IMPLEMENTED;
}
@ -528,7 +692,7 @@ index 165718c63a..5d4a5b5992 100644
{
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO *auth_info = padding;
UCHAR tag[16];
@@ -1563,7 +1624,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1605,7 +1691,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if (!auth_info->pbTag) return STATUS_INVALID_PARAMETER;
if (auth_info->cbTag < 12 || auth_info->cbTag > 16) return STATUS_INVALID_PARAMETER;
@ -537,7 +701,7 @@ index 165718c63a..5d4a5b5992 100644
return status;
*ret_len = input_len;
@@ -1571,7 +1632,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1613,7 +1699,7 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
if (!output) return STATUS_SUCCESS;
if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
@ -546,7 +710,7 @@ index 165718c63a..5d4a5b5992 100644
return status;
if ((status = key_decrypt( key, input, input_len, output, output_len )))
return status;
@@ -1584,44 +1645,44 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -1626,44 +1712,44 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
return STATUS_SUCCESS;
}
@ -609,5 +773,5 @@ index 165718c63a..5d4a5b5992 100644
else
status = STATUS_UNSUCCESSFUL; /* FIXME: invalid padding */
--
2.16.1
2.7.4

86
patches/bcrypt-Improvements/0033-bcrypt-Implement-importing-of-ecdsa-keys.patch
View File

@ -1,17 +1,17 @@
From 291dbb0125d68f708ed5ff575281d4104b6ddc62 Mon Sep 17 00:00:00 2001
From 6bd5e33916b76195ecf5ce743de346bb9874295b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Fri, 29 Sep 2017 19:18:58 +0200
Subject: [PATCH 32/36] bcrypt: Implement importing of ecdsa keys.
---
dlls/bcrypt/bcrypt.spec | 4 +-
dlls/bcrypt/bcrypt_main.c | 161 +++++++++++++++++++++++++++++++++++++++++++--
dlls/bcrypt/bcrypt_main.c | 168 +++++++++++++++++++++++++++++++++++++++++++--
dlls/bcrypt/tests/bcrypt.c | 6 +-
include/bcrypt.h | 2 +
4 files changed, 162 insertions(+), 11 deletions(-)
4 files changed, 170 insertions(+), 10 deletions(-)
diff --git a/dlls/bcrypt/bcrypt.spec b/dlls/bcrypt/bcrypt.spec
index 28c2394ce4..78824d73b3 100644
index 28c2394..78824d7 100644
--- a/dlls/bcrypt/bcrypt.spec
+++ b/dlls/bcrypt/bcrypt.spec
@@ -32,7 +32,7 @@
@ -33,10 +33,10 @@ index 28c2394ce4..78824d73b3 100644
@ stub GetCipherInterface
@ stub GetHashInterface
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 5d4a5b5992..edea4571b0 100644
index 9b1ac80..9efa132 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -225,7 +225,9 @@ enum alg_id
@@ -220,7 +220,9 @@ enum alg_id
ALG_ID_SHA1,
ALG_ID_SHA256,
ALG_ID_SHA384,
@ -47,7 +47,7 @@ index 5d4a5b5992..edea4571b0 100644
};
enum mode_id
@@ -253,7 +255,9 @@ static const struct {
@@ -248,7 +250,9 @@ static const struct {
/* ALG_ID_SHA1 */ { 278, 20, 512, BCRYPT_SHA1_ALGORITHM, FALSE },
/* ALG_ID_SHA256 */ { 286, 32, 512, BCRYPT_SHA256_ALGORITHM, FALSE },
/* ALG_ID_SHA384 */ { 382, 48, 1024, BCRYPT_SHA384_ALGORITHM, FALSE },
@ -58,7 +58,7 @@ index 5d4a5b5992..edea4571b0 100644
};
struct algorithm
@@ -332,6 +336,8 @@ NTSTATUS WINAPI BCryptOpenAlgorithmProvider( BCRYPT_ALG_HANDLE *handle, LPCWSTR
@@ -327,6 +331,8 @@ NTSTATUS WINAPI BCryptOpenAlgorithmProvider( BCRYPT_ALG_HANDLE *handle, LPCWSTR
else if (!strcmpW( id, BCRYPT_SHA256_ALGORITHM )) alg_id = ALG_ID_SHA256;
else if (!strcmpW( id, BCRYPT_SHA384_ALGORITHM )) alg_id = ALG_ID_SHA384;
else if (!strcmpW( id, BCRYPT_SHA512_ALGORITHM )) alg_id = ALG_ID_SHA512;
@ -67,7 +67,7 @@ index 5d4a5b5992..edea4571b0 100644
else
{
FIXME( "algorithm %s not supported\n", debugstr_w(id) );
@@ -900,6 +906,12 @@ struct key_symmetric
@@ -895,6 +901,12 @@ struct key_symmetric
ULONG secret_len;
};
@ -80,7 +80,7 @@ index 5d4a5b5992..edea4571b0 100644
struct key
{
struct object hdr;
@@ -907,6 +919,7 @@ struct key
@@ -902,6 +914,7 @@ struct key
union
{
struct key_symmetric s;
@ -88,7 +88,7 @@ index 5d4a5b5992..edea4571b0 100644
} u;
};
@@ -921,6 +934,12 @@ struct key_symmetric
@@ -916,6 +929,12 @@ struct key_symmetric
ULONG secret_len;
};
@ -101,19 +101,31 @@ index 5d4a5b5992..edea4571b0 100644
struct key
{
struct object hdr;
@@ -928,6 +947,7 @@ struct key
@@ -923,6 +942,7 @@ struct key
union
{
struct key_symmetric s;
+ struct key_asymmetric a;
} u;
}
};
#else
@@ -989,6 +1009,33 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
FIXME( "unsupported key type %s\n", debugstr_w(type) );
return STATUS_NOT_IMPLEMENTED;
@@ -998,6 +1018,12 @@ static inline BOOL key_is_symmetric( struct key *key )
return FALSE;
}
+static inline BOOL key_is_asymmetric( struct key *key )
+{
+ ERR( "support for keys not available at build time\n" );
+ return FALSE;
+}
+
static NTSTATUS key_symmetric_get_mode( struct key *key, enum mode_id *mode )
{
*mode = key->u.s.mode;
@@ -1041,6 +1067,33 @@ static NTSTATUS key_symmetric_init( struct key *key, struct algorithm *alg, cons
return STATUS_SUCCESS;
}
+static NTSTATUS key_asymmetric_init( struct key *key, struct algorithm *alg, const UCHAR *pubkey, ULONG pubkey_len )
+{
+ UCHAR *buffer;
@ -140,10 +152,11 @@ index 5d4a5b5992..edea4571b0 100644
+
+ return STATUS_SUCCESS;
+}
#endif
#if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
@@ -1041,7 +1088,13 @@ static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
+
static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
{
UCHAR *buffer;
@@ -1061,7 +1114,13 @@ static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
}
else
{
@ -158,7 +171,7 @@ index 5d4a5b5992..edea4571b0 100644
}
return STATUS_SUCCESS;
@@ -1198,8 +1251,13 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
@@ -1218,8 +1277,13 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
static NTSTATUS key_destroy( struct key *key )
{
@ -174,19 +187,20 @@ index 5d4a5b5992..edea4571b0 100644
heap_free( key );
return STATUS_SUCCESS;
}
@@ -1296,7 +1354,10 @@ static NTSTATUS key_destroy( struct key *key )
{
if (key->ref_encrypt) CCCryptorRelease( key->ref_encrypt );
if (key->ref_decrypt) CCCryptorRelease( key->ref_decrypt );
- heap_free( key->secret );
+ if(key_is_symmetric(key))
+ heap_free( key->u.s.secret );
+ else
+ heap_free( key->u.a.pubkey );
heap_free( key );
@@ -1260,6 +1324,12 @@ static NTSTATUS key_symmetric_init( struct key *key, struct algorithm *alg, cons
return STATUS_SUCCESS;
}
@@ -1307,6 +1368,12 @@ static NTSTATUS key_symmetric_init( struct key *key, struct algorithm *alg, cons
+static NTSTATUS key_asymmetric_init( struct key *key, struct algorithm *alg, const UCHAR *pubkey, ULONG pubkey_len )
+{
+ FIXME( "not implemented on Mac\n" );
+ return STATUS_NOT_IMPLEMENTED;
+}
+
static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
{
UCHAR *buffer;
@@ -1374,6 +1444,12 @@ static NTSTATUS key_symmetric_init( struct key *key, struct algorithm *alg, cons
return STATUS_NOT_IMPLEMENTED;
}
@ -199,7 +213,7 @@ index 5d4a5b5992..edea4571b0 100644
static NTSTATUS key_duplicate( struct key *key_orig, struct key *key_copy )
{
ERR( "support for keys not available at build time\n" );
@@ -1489,6 +1556,88 @@ NTSTATUS WINAPI BCryptDuplicateKey( BCRYPT_KEY_HANDLE handle, BCRYPT_KEY_HANDLE
@@ -1556,6 +1632,88 @@ NTSTATUS WINAPI BCryptDuplicateKey( BCRYPT_KEY_HANDLE handle, BCRYPT_KEY_HANDLE
return STATUS_SUCCESS;
}
@ -289,7 +303,7 @@ index 5d4a5b5992..edea4571b0 100644
{
struct key *key = handle;
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 9b04f62df2..3525fd9913 100644
index 1c2700d..aaa187e 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -1404,7 +1404,7 @@ static void test_ECDSA(void)
@ -315,7 +329,7 @@ index 9b04f62df2..3525fd9913 100644
pBCryptDestroyKey(key);
pBCryptCloseAlgorithmProvider(alg, 0);
diff --git a/include/bcrypt.h b/include/bcrypt.h
index bf47576ab0..6804f2bff5 100644
index bf47576..6804f2b 100644
--- a/include/bcrypt.h
+++ b/include/bcrypt.h
@@ -210,8 +210,10 @@ NTSTATUS WINAPI BCryptGetFipsAlgorithmMode(BOOLEAN *);
@ -330,5 +344,5 @@ index bf47576ab0..6804f2bff5 100644
#endif /* __WINE_BCRYPT_H */
--
2.16.1
2.7.4

34
patches/bcrypt-Improvements/0034-bcrypt-Implement-BCryptVerifySignature-for-ecdsa-sig.patch
View File

@ -1,16 +1,16 @@
From bfcb00982177dd52b1727c0b6e32ed7297883f8b Mon Sep 17 00:00:00 2001
From d10899e701ce7fd4463b30c90ad8c2656a6adead Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Fri, 29 Sep 2017 20:31:00 +0200
Subject: [PATCH 33/36] bcrypt: Implement BCryptVerifySignature for ecdsa
signatures.
---
dlls/bcrypt/bcrypt_main.c | 336 +++++++++++++++++++++++++++++++++++++++++++--
dlls/bcrypt/bcrypt_main.c | 343 +++++++++++++++++++++++++++++++++++++++++++--
dlls/bcrypt/tests/bcrypt.c | 4 +-
2 files changed, 330 insertions(+), 10 deletions(-)
2 files changed, 337 insertions(+), 10 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index edea4571b0..d7a6435581 100644
index 9efa132..082474b 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -27,6 +27,7 @@
@ -104,7 +104,7 @@ index edea4571b0..d7a6435581 100644
#undef LOAD_FUNCPTR
if (!(pgnutls_cipher_tag = wine_dlsym( libgnutls_handle, "gnutls_cipher_tag", NULL, 0 )))
@@ -127,6 +166,21 @@ static BOOL gnutls_initialize(void)
@@ -132,6 +171,21 @@ static BOOL gnutls_initialize(void)
pgnutls_perror( ret );
goto fail;
}
@ -126,7 +126,7 @@ index edea4571b0..d7a6435581 100644
if (TRACE_ON( bcrypt ))
{
@@ -1249,6 +1303,264 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
@@ -1275,6 +1329,264 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
return STATUS_SUCCESS;
}
@ -391,7 +391,21 @@ index edea4571b0..d7a6435581 100644
static NTSTATUS key_destroy( struct key *key )
{
if(key_is_symmetric(key))
@@ -1419,6 +1731,13 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
@@ -1428,6 +1740,13 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
return STATUS_NOT_IMPLEMENTED;
}
+static NTSTATUS key_asymmetric_verify( struct key *key, void *padding, UCHAR *hash, ULONG hash_len,
+ UCHAR *signature, ULONG signature_len, DWORD flags )
+{
+ FIXME( "not implemented on Mac\n" );
+ return STATUS_NOT_IMPLEMENTED;
+}
+
static NTSTATUS key_destroy( struct key *key )
{
if (key->u.s.ref_encrypt) CCCryptorRelease( key->u.s.ref_encrypt );
@@ -1495,6 +1814,13 @@ static NTSTATUS key_get_tag( struct key *key, UCHAR *tag, ULONG len )
return STATUS_NOT_IMPLEMENTED;
}
@ -405,7 +419,7 @@ index edea4571b0..d7a6435581 100644
static NTSTATUS key_destroy( struct key *key )
{
ERR( "support for keys not available at build time\n" );
@@ -1629,13 +1948,14 @@ NTSTATUS WINAPI BCryptVerifySignature( BCRYPT_KEY_HANDLE handle, void *padding,
@@ -1705,13 +2031,14 @@ NTSTATUS WINAPI BCryptVerifySignature( BCRYPT_KEY_HANDLE handle, void *padding,
{
struct key *key = handle;
@ -423,7 +437,7 @@ index edea4571b0..d7a6435581 100644
NTSTATUS WINAPI BCryptDestroyKey( BCRYPT_KEY_HANDLE handle )
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 3525fd9913..047ffb4e6f 100644
index aaa187e..6b62fb3 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -1420,10 +1420,10 @@ static void test_ECDSA(void)
@ -440,5 +454,5 @@ index 3525fd9913..047ffb4e6f 100644
pBCryptDestroyKey(key);
pBCryptCloseAlgorithmProvider(alg, 0);
--
2.16.1
2.7.4