brunodev85/wine
1
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine.git synced 2025-08-28 18:23:54 +02:00
Code Issues Projects Releases Packages Wiki Activity
wine/dlls/rsaenh/implglue.c
Hans Leidekker 16a8d64421 rsaenh: Use TomCrypt for hash implementations. 
Some apps unload bcrypt which causes a crash if rsaenh is used afterwards.
2025-08-22 10:11:28 +02:00

470 lines
15 KiB
C
Raw Permalink Blame History

/*
* dlls/rsaenh/implglue.c
* Glueing the RSAENH specific code to the crypto library
*
* Copyright (c) 2004, 2005 Michael Jung
* Copyright (c) 2007 Vijay Kiran Kamuju
*
* based on code by Mike McCormack and David Hammerton
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <stdarg.h>
#include <stdlib.h>
#include <stdio.h>
#include "windef.h"
#include "winbase.h"
#include "wincrypt.h"
#include "implglue.h"
prng_state prng = { 0 };
int wprng = 0;
BOOL init_hash_impl( ALG_ID algid, struct hash *hash )
{
memset( hash, 0, sizeof(*hash) );
switch (algid)
{
case CALG_MD2:
hash->desc = &md2_desc;
break;
case CALG_MD4:
hash->desc = &md4_desc;
break;
case CALG_MD5:
hash->desc = &md5_desc;
break;
case CALG_SHA:
hash->desc = &sha1_desc;
break;
case CALG_SHA_256:
hash->desc = &sha256_desc;
break;
case CALG_SHA_384:
hash->desc = &sha384_desc;
break;
case CALG_SHA_512:
hash->desc = &sha512_desc;
break;
default:
return TRUE;
}
hash->desc->init( &hash->state );
return TRUE;
}
BOOL update_hash_impl( struct hash *hash, const BYTE *data, DWORD len )
{
hash->desc->process( &hash->state, data, len );
return TRUE;
}
BOOL finalize_hash_impl( struct hash *hash, BYTE *hash_value, DWORD hash_size )
{
hash->desc->done( &hash->state, hash_value );
return TRUE;
}
BOOL new_key_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen)
{
switch (aiAlgid)
{
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
if (rsa_make_key( &prng, wprng, dwKeyLen, 65537, &pKeyContext->rsa ) != CRYPT_OK) {
SetLastError(NTE_FAIL);
return FALSE;
}
return TRUE;
}
return TRUE;
}
BOOL free_key_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext)
{
switch (aiAlgid)
{
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
rsa_free(&pKeyContext->rsa);
}
return TRUE;
}
BOOL setup_key_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD dwEffectiveKeyLen, DWORD dwSaltLen, BYTE *abKeyValue)
{
switch (aiAlgid)
{
case CALG_RC4:
rc4_start(&pKeyContext->prng);
rc4_add_entropy(abKeyValue, dwKeyLen + dwSaltLen, &pKeyContext->prng);
/* bypass rc4_ready() to avoid the workaround for the Fluhrer, Mantin and Shamir attack,
* since Windows doesn't do that */
/* rc4_ready(&pKeyContext->prng); */
{
unsigned char buf[256];
ULONG len = MIN(pKeyContext->prng.rc4.s.x, sizeof(buf));
memcpy(buf, pKeyContext->prng.rc4.s.buf, sizeof(buf));
rc4_stream_setup(&pKeyContext->prng.rc4.s, buf, len);
pKeyContext->prng.ready = 1;
}
break;
case CALG_RC2:
rc2_setup_ex(abKeyValue, dwKeyLen + dwSaltLen, dwEffectiveKeyLen ?
dwEffectiveKeyLen : dwKeyLen << 3, 0, &pKeyContext->key);
break;
case CALG_3DES:
des3_setup(abKeyValue, 24, 0, &pKeyContext->key);
break;
case CALG_3DES_112:
memcpy(abKeyValue+16, abKeyValue, 8);
des3_setup(abKeyValue, 24, 0, &pKeyContext->key);
break;
case CALG_DES:
des_setup(abKeyValue, 8, 0, &pKeyContext->key);
break;
case CALG_AES:
case CALG_AES_128:
aes_setup(abKeyValue, 16, 0, &pKeyContext->key);
break;
case CALG_AES_192:
aes_setup(abKeyValue, 24, 0, &pKeyContext->key);
break;
case CALG_AES_256:
aes_setup(abKeyValue, 32, 0, &pKeyContext->key);
break;
}
return TRUE;
}
BOOL duplicate_key_impl(ALG_ID aiAlgid, const KEY_CONTEXT *pSrcKeyContext,
KEY_CONTEXT *pDestKeyContext)
{
switch (aiAlgid)
{
case CALG_RC4:
case CALG_RC2:
case CALG_3DES:
case CALG_3DES_112:
case CALG_DES:
case CALG_AES:
case CALG_AES_128:
case CALG_AES_192:
case CALG_AES_256:
*pDestKeyContext = *pSrcKeyContext;
break;
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
pDestKeyContext->rsa.type = pSrcKeyContext->rsa.type;
mp_init_copy(&pDestKeyContext->rsa.e, pSrcKeyContext->rsa.e);
mp_init_copy(&pDestKeyContext->rsa.d, pSrcKeyContext->rsa.d);
mp_init_copy(&pDestKeyContext->rsa.N, pSrcKeyContext->rsa.N);
mp_init_copy(&pDestKeyContext->rsa.p, pSrcKeyContext->rsa.p);
mp_init_copy(&pDestKeyContext->rsa.q, pSrcKeyContext->rsa.q);
mp_init_copy(&pDestKeyContext->rsa.qP, pSrcKeyContext->rsa.qP);
mp_init_copy(&pDestKeyContext->rsa.dP, pSrcKeyContext->rsa.dP);
mp_init_copy(&pDestKeyContext->rsa.dQ, pSrcKeyContext->rsa.dQ);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
static inline void reverse_bytes(BYTE *pbData, DWORD dwLen) {
BYTE swap;
DWORD i;
for (i=0; i<dwLen/2; i++) {
swap = pbData[i];
pbData[i] = pbData[dwLen-i-1];
pbData[dwLen-i-1] = swap;
}
}
BOOL encrypt_block_impl(ALG_ID aiAlgid, DWORD dwKeySpec, KEY_CONTEXT *pKeyContext, const BYTE *in,
BYTE *out)
{
unsigned long inlen, outlen;
switch (aiAlgid) {
case CALG_RC2:
rc2_ecb_encrypt(in, out, &pKeyContext->key);
break;
case CALG_3DES:
case CALG_3DES_112:
des3_ecb_encrypt(in, out, &pKeyContext->key);
break;
case CALG_DES:
des_ecb_encrypt(in, out, &pKeyContext->key);
break;
case CALG_AES:
case CALG_AES_128:
case CALG_AES_192:
case CALG_AES_256:
aes_ecb_encrypt(in, out, &pKeyContext->key);
break;
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
case CALG_SSL3_SHAMD5:
outlen = inlen = (mp_count_bits(pKeyContext->rsa.N)+7)/8;
if (rsa_exptmod(in, inlen, out, &outlen, dwKeySpec, &pKeyContext->rsa) != CRYPT_OK) {
SetLastError(NTE_FAIL);
return FALSE;
}
reverse_bytes(out, outlen);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL decrypt_block_impl(ALG_ID aiAlgid, DWORD dwKeySpec, KEY_CONTEXT *pKeyContext, const BYTE *in,
BYTE *out)
{
unsigned long inlen, outlen;
BYTE *in_reversed;
switch (aiAlgid) {
case CALG_RC2:
rc2_ecb_decrypt(in, out, &pKeyContext->key);
break;
case CALG_3DES:
case CALG_3DES_112:
des3_ecb_decrypt(in, out, &pKeyContext->key);
break;
case CALG_DES:
des_ecb_decrypt(in, out, &pKeyContext->key);
break;
case CALG_AES:
case CALG_AES_128:
case CALG_AES_192:
case CALG_AES_256:
aes_ecb_decrypt(in, out, &pKeyContext->key);
break;
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
case CALG_SSL3_SHAMD5:
outlen = inlen = (mp_count_bits(pKeyContext->rsa.N)+7)/8;
in_reversed = malloc(inlen);
if (!in_reversed) {
SetLastError(NTE_NO_MEMORY);
return FALSE;
}
memcpy(in_reversed, in, inlen);
reverse_bytes(in_reversed, inlen);
if (rsa_exptmod(in_reversed, inlen, out, &outlen, dwKeySpec, &pKeyContext->rsa) != CRYPT_OK) {
free(in_reversed);
SetLastError(NTE_FAIL);
return FALSE;
}
free(in_reversed);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL encrypt_stream_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, BYTE *stream, DWORD dwLen)
{
switch (aiAlgid) {
case CALG_RC4:
rc4_stream_crypt(&pKeyContext->prng.rc4.s, stream, dwLen, stream);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL export_public_key_impl(BYTE *pbDest, const KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,DWORD *pdwPubExp)
{
mp_to_unsigned_bin(pKeyContext->rsa.N, pbDest);
reverse_bytes(pbDest, mp_unsigned_bin_size(pKeyContext->rsa.N));
if (mp_unsigned_bin_size(pKeyContext->rsa.N) < dwKeyLen)
memset(pbDest + mp_unsigned_bin_size(pKeyContext->rsa.N), 0,
dwKeyLen - mp_unsigned_bin_size(pKeyContext->rsa.N));
*pdwPubExp = (DWORD)mp_get_int(pKeyContext->rsa.e);
return TRUE;
}
BOOL import_public_key_impl(const BYTE *pbSrc, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD dwPubExp)
{
BYTE *pbTemp;
if (mp_init_multi(&pKeyContext->rsa.e, &pKeyContext->rsa.d, &pKeyContext->rsa.N,
&pKeyContext->rsa.dQ,&pKeyContext->rsa.dP,&pKeyContext->rsa.qP,
&pKeyContext->rsa.p, &pKeyContext->rsa.q, NULL))
{
SetLastError(NTE_FAIL);
return FALSE;
}
pbTemp = malloc(dwKeyLen);
if (!pbTemp) return FALSE;
memcpy(pbTemp, pbSrc, dwKeyLen);
pKeyContext->rsa.type = PK_PUBLIC;
reverse_bytes(pbTemp, dwKeyLen);
mp_read_unsigned_bin(pKeyContext->rsa.N, pbTemp, dwKeyLen);
free(pbTemp);
mp_set_int(pKeyContext->rsa.e, dwPubExp);
return TRUE;
}
BOOL export_private_key_impl(BYTE *pbDest, const KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD *pdwPubExp)
{
mp_to_unsigned_bin(pKeyContext->rsa.N, pbDest);
reverse_bytes(pbDest, mp_unsigned_bin_size(pKeyContext->rsa.N));
if (mp_unsigned_bin_size(pKeyContext->rsa.N) < dwKeyLen)
memset(pbDest + mp_unsigned_bin_size(pKeyContext->rsa.N), 0,
dwKeyLen - mp_unsigned_bin_size(pKeyContext->rsa.N));
pbDest += dwKeyLen;
mp_to_unsigned_bin(pKeyContext->rsa.p, pbDest);
reverse_bytes(pbDest, mp_unsigned_bin_size(pKeyContext->rsa.p));
if (mp_unsigned_bin_size(pKeyContext->rsa.p) < (dwKeyLen+1)>>1)
memset(pbDest + mp_unsigned_bin_size(pKeyContext->rsa.p), 0,
((dwKeyLen+1)>>1) - mp_unsigned_bin_size(pKeyContext->rsa.p));
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(pKeyContext->rsa.q, pbDest);
reverse_bytes(pbDest, mp_unsigned_bin_size(pKeyContext->rsa.q));
if (mp_unsigned_bin_size(pKeyContext->rsa.q) < (dwKeyLen+1)>>1)
memset(pbDest + mp_unsigned_bin_size(pKeyContext->rsa.q), 0,
((dwKeyLen+1)>>1) - mp_unsigned_bin_size(pKeyContext->rsa.q));
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(pKeyContext->rsa.dP, pbDest);
reverse_bytes(pbDest, mp_unsigned_bin_size(pKeyContext->rsa.dP));
if (mp_unsigned_bin_size(pKeyContext->rsa.dP) < (dwKeyLen+1)>>1)
memset(pbDest + mp_unsigned_bin_size(pKeyContext->rsa.dP), 0,
((dwKeyLen+1)>>1) - mp_unsigned_bin_size(pKeyContext->rsa.dP));
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(pKeyContext->rsa.dQ, pbDest);
reverse_bytes(pbDest, mp_unsigned_bin_size(pKeyContext->rsa.dQ));
if (mp_unsigned_bin_size(pKeyContext->rsa.dQ) < (dwKeyLen+1)>>1)
memset(pbDest + mp_unsigned_bin_size(pKeyContext->rsa.dQ), 0,
((dwKeyLen+1)>>1) - mp_unsigned_bin_size(pKeyContext->rsa.dQ));
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(pKeyContext->rsa.qP, pbDest);
reverse_bytes(pbDest, mp_unsigned_bin_size(pKeyContext->rsa.qP));
if (mp_unsigned_bin_size(pKeyContext->rsa.qP) < (dwKeyLen+1)>>1)
memset(pbDest + mp_unsigned_bin_size(pKeyContext->rsa.qP), 0,
((dwKeyLen+1)>>1) - mp_unsigned_bin_size(pKeyContext->rsa.qP));
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(pKeyContext->rsa.d, pbDest);
reverse_bytes(pbDest, mp_unsigned_bin_size(pKeyContext->rsa.d));
if (mp_unsigned_bin_size(pKeyContext->rsa.d) < dwKeyLen)
memset(pbDest + mp_unsigned_bin_size(pKeyContext->rsa.d), 0,
dwKeyLen - mp_unsigned_bin_size(pKeyContext->rsa.d));
*pdwPubExp = (DWORD)mp_get_int(pKeyContext->rsa.e);
return TRUE;
}
BOOL import_private_key_impl(const BYTE *pbSrc, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD dwDataLen, DWORD dwPubExp)
{
BYTE *pbTemp, *pbBigNum;
if (mp_init_multi(&pKeyContext->rsa.e, &pKeyContext->rsa.d, &pKeyContext->rsa.N,
&pKeyContext->rsa.dQ,&pKeyContext->rsa.dP,&pKeyContext->rsa.qP,
&pKeyContext->rsa.p, &pKeyContext->rsa.q, NULL))
{
SetLastError(NTE_FAIL);
return FALSE;
}
pbTemp = malloc(2*dwKeyLen+5*((dwKeyLen+1)>>1));
if (!pbTemp) return FALSE;
memcpy(pbTemp, pbSrc, min(dwDataLen, 2*dwKeyLen+5*((dwKeyLen+1)>>1)));
pbBigNum = pbTemp;
pKeyContext->rsa.type = PK_PRIVATE;
reverse_bytes(pbBigNum, dwKeyLen);
mp_read_unsigned_bin(pKeyContext->rsa.N, pbBigNum, dwKeyLen);
pbBigNum += dwKeyLen;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(pKeyContext->rsa.p, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(pKeyContext->rsa.q, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(pKeyContext->rsa.dP, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(pKeyContext->rsa.dQ, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(pKeyContext->rsa.qP, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
/* The size of the private exponent d is inferred from the remaining
* data length.
*/
dwKeyLen = min(dwKeyLen, dwDataLen - (pbBigNum - pbTemp));
reverse_bytes(pbBigNum, dwKeyLen);
mp_read_unsigned_bin(pKeyContext->rsa.d, pbBigNum, dwKeyLen);
mp_set_int(pKeyContext->rsa.e, dwPubExp);
free(pbTemp);
return TRUE;
}
Reference in a new issue View git blame Copy permalink