25#define WIN32_NO_STATUS
27#define COM_NO_WINDOWS_H
55#define RSAENH_MAGIC_HASH 0x85938417u
56#define RSAENH_MAX_HASH_SIZE 104
57#define RSAENH_HASHSTATE_HASHING 1
58#define RSAENH_HASHSTATE_FINISHED 2
82#define RSAENH_MAGIC_KEY 0x73620457u
83#define RSAENH_MAX_KEY_SIZE 64
84#define RSAENH_MAX_BLOCK_SIZE 24
85#define RSAENH_KEYSTATE_IDLE 0
86#define RSAENH_KEYSTATE_ENCRYPTING 1
87#define RSAENH_KEYSTATE_MASTERKEY 2
120#define RSAENH_PERSONALITY_BASE 0u
121#define RSAENH_PERSONALITY_STRONG 1u
122#define RSAENH_PERSONALITY_ENHANCED 2u
123#define RSAENH_PERSONALITY_SCHANNEL 3u
124#define RSAENH_PERSONALITY_AES 4u
126#define RSAENH_MAGIC_CONTAINER 0x26384993u
143#define RSAENH_ENCRYPT 1
144#define RSAENH_DECRYPT 0
145#define RSAENH_HMAC_DEF_IPAD_CHAR 0x36
146#define RSAENH_HMAC_DEF_OPAD_CHAR 0x5c
147#define RSAENH_HMAC_DEF_PAD_LEN 64
148#define RSAENH_HMAC_BLOCK_LEN 64
149#define RSAENH_DES_EFFECTIVE_KEYLEN 56
150#define RSAENH_DES_STORAGE_KEYLEN 64
151#define RSAENH_3DES112_EFFECTIVE_KEYLEN 112
152#define RSAENH_3DES112_STORAGE_KEYLEN 128
153#define RSAENH_3DES_EFFECTIVE_KEYLEN 168
154#define RSAENH_3DES_STORAGE_KEYLEN 192
155#define RSAENH_MAGIC_RSA2 0x32415352
156#define RSAENH_MAGIC_RSA1 0x31415352
157#define RSAENH_PKC_BLOCKTYPE 0x02
158#define RSAENH_SSL3_VERSION_MAJOR 3
159#define RSAENH_SSL3_VERSION_MINOR 0
160#define RSAENH_TLS1_VERSION_MAJOR 3
161#define RSAENH_TLS1_VERSION_MINOR 1
162#define RSAENH_REGKEY "Software\\Wine\\Crypto\\RSA\\%s"
164#define RSAENH_MIN(a,b) ((a)<(b)?(a):(b))
168#define RSAENH_MAX_ENUMALGS 24
169#define RSAENH_PCT1_SSL2_SSL3_TLS1 (CRYPT_FLAG_PCT1|CRYPT_FLAG_SSL2|CRYPT_FLAG_SSL3|CRYPT_FLAG_TLS1)
173 {
CALG_RC2, 40, 40, 56,0, 4,
"RC2", 24,
"RSA Data Security's RC2"},
174 {
CALG_RC4, 40, 40, 56,0, 4,
"RC4", 24,
"RSA Data Security's RC4"},
175 {
CALG_DES, 56, 56, 56,0, 4,
"DES", 31,
"Data Encryption Standard (DES)"},
181 {
CALG_MAC, 0, 0, 0,0, 4,
"MAC", 28,
"Message Authentication Code"},
184 {
CALG_HMAC, 0, 0, 0,0, 5,
"HMAC", 18,
"Hugo's MAC (HMAC)"},
185 {0, 0, 0, 0,0, 1,
"", 1,
""}
188 {
CALG_RC2, 128, 40, 128,0, 4,
"RC2", 24,
"RSA Data Security's RC2"},
189 {
CALG_RC4, 128, 40, 128,0, 4,
"RC4", 24,
"RSA Data Security's RC4"},
190 {
CALG_DES, 56, 56, 56,0, 4,
"DES", 31,
"Data Encryption Standard (DES)"},
191 {
CALG_3DES_112, 112,112, 112,0, 13,
"3DES TWO KEY",19,
"Two Key Triple DES"},
192 {
CALG_3DES, 168,168, 168,0, 5,
"3DES", 21,
"Three Key Triple DES"},
198 {
CALG_MAC, 0, 0, 0,0, 4,
"MAC", 28,
"Message Authentication Code"},
201 {
CALG_HMAC, 0, 0, 0,0, 5,
"HMAC", 18,
"Hugo's MAC (HMAC)"},
202 {0, 0, 0, 0,0, 1,
"", 1,
""}
205 {
CALG_RC2, 128, 40, 128,0, 4,
"RC2", 24,
"RSA Data Security's RC2"},
206 {
CALG_RC4, 128, 40, 128,0, 4,
"RC4", 24,
"RSA Data Security's RC4"},
207 {
CALG_DES, 56, 56, 56,0, 4,
"DES", 31,
"Data Encryption Standard (DES)"},
208 {
CALG_3DES_112, 112,112, 112,0, 13,
"3DES TWO KEY",19,
"Two Key Triple DES"},
209 {
CALG_3DES, 168,168, 168,0, 5,
"3DES", 21,
"Three Key Triple DES"},
215 {
CALG_MAC, 0, 0, 0,0, 4,
"MAC", 28,
"Message Authentication Code"},
218 {
CALG_HMAC, 0, 0, 0,0, 5,
"HMAC", 18,
"Hugo's MAC (HMAC)"},
219 {0, 0, 0, 0,0, 1,
"", 1,
""}
230 {
CALG_MAC, 0, 0, 0,0, 4,
"MAC", 28,
"Message Authentication Code"},
233 {
CALG_HMAC, 0, 0, 0,0, 5,
"HMAC", 18,
"Hugo's MAC (HMAC)"},
241 {
CALG_TLS1PRF, 0, 0, -1,0, 9,
"TLS1 PRF", 28,
"TLS1 Pseudo Random Function"},
242 {0, 0, 0, 0,0, 1,
"", 1,
""}
245 {
CALG_RC2, 128, 40, 128,0, 4,
"RC2", 24,
"RSA Data Security's RC2"},
246 {
CALG_RC4, 128, 40, 128,0, 4,
"RC4", 24,
"RSA Data Security's RC4"},
247 {
CALG_DES, 56, 56, 56,0, 4,
"DES", 31,
"Data Encryption Standard (DES)"},
248 {
CALG_3DES_112, 112,112, 112,0, 13,
"3DES TWO KEY",19,
"Two Key Triple DES"},
249 {
CALG_3DES, 168,168, 168,0, 5,
"3DES", 21,
"Three Key Triple DES"},
250 {
CALG_AES, 128,128, 128,0, 4,
"AES", 35,
"Advanced Encryption Standard (AES)"},
251 {
CALG_AES_128, 128,128, 128,0, 8,
"AES-128", 39,
"Advanced Encryption Standard (AES-128)"},
252 {
CALG_AES_192, 192,192, 192,0, 8,
"AES-192", 39,
"Advanced Encryption Standard (AES-192)"},
253 {
CALG_AES_256, 256,256, 256,0, 8,
"AES-256", 39,
"Advanced Encryption Standard (AES-256)"},
262 {
CALG_MAC, 0, 0, 0,0, 4,
"MAC", 28,
"Message Authentication Code"},
265 {
CALG_HMAC, 0, 0, 0,0, 5,
"HMAC", 18,
"Hugo's MAC (HMAC)"},
266 {0, 0, 0, 0,0, 1,
"", 1,
""}
408 if (dwParamSize > *pdwBufferSize)
411 *pdwBufferSize = dwParamSize;
414 memcpy(pbBuffer, pbParam, dwParamSize);
416 *pdwBufferSize = dwParamSize;
430 return pKeyContainer;
483 dst->cbData =
src->cbData;
551 if (!hmac_info)
return;
578 (*dst)->pbInnerString =
NULL;
579 (*dst)->pbOuterString =
NULL;
582 if (!(*dst)->pbInnerString) {
586 if (
src->cbInnerString)
587 memcpy((*dst)->pbInnerString,
src->pbInnerString,
src->cbInnerString);
592 if (!(*dst)->pbOuterString) {
596 if (
src->cbOuterString)
597 memcpy((*dst)->pbOuterString,
src->pbOuterString,
src->cbOuterString);
640 if (!pAlgInfo)
return FALSE;
650 dwLen =
sizeof(
DWORD);
688 pbTemp, &dwDataLen, dwDataLen);
814 if (dwKeyLen == 0) dwKeyLen = peaAlgidInfo->
dwDefaultLen;
860 TRACE(
"missing key len for CALG_AES\n");
867 dwKeyLen > peaAlgidInfo->
dwMaxLen ||
868 dwKeyLen < peaAlgidInfo->dwMinLen)
870 TRACE(
"key len %d out of bounds (%d, %d)\n", dwKeyLen,
889 pCryptKey->
dwKeyLen = dwKeyLen >> 3;
951 *ppCryptKey = pCryptKey;
976 szValueName =
"KeyExchangeKeyPair";
979 szValueName =
"SignatureKeyPair";
982 WARN(
"invalid key spec %d\n", dwKeySpec);
1057 szValueName =
"KeyExchangePermissions";
1060 szValueName =
"SignaturePermissions";
1063 WARN(
"invalid key spec %d\n", dwKeySpec);
1090 sizeof(
pKey->dwPermissions));
1332 return hKeyContainer;
1350 DWORD dwValueType, dwLen;
1389 dwLen =
sizeof(
pKey->dwPermissions);
1391 (
BYTE *)&
pKey->dwPermissions, &dwLen);
1442 dwProtectFlags, &hCryptKey))
1445 dwProtectFlags, &hCryptKey))
1449 return hKeyContainer;
1474 static const struct tagOIDDescriptor {
1477 const BYTE abOID[19];
1478 } aOIDDescriptor[] = {
1479 {
CALG_MD2, 18, { 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48,
1480 0x86, 0xf7, 0x0d, 0x02, 0x02, 0x05, 0x00, 0x04, 0x10 } },
1481 {
CALG_MD4, 18, { 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48,
1482 0x86, 0xf7, 0x0d, 0x02, 0x04, 0x05, 0x00, 0x04, 0x10 } },
1483 {
CALG_MD5, 18, { 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48,
1484 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10 } },
1485 {
CALG_SHA, 15, { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03,
1486 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 } },
1487 {
CALG_SHA_256, 19, { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
1488 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
1489 0x05, 0x00, 0x04, 0x20 } },
1490 {
CALG_SHA_384, 19, { 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
1491 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02,
1492 0x05, 0x00, 0x04, 0x30 } },
1493 {
CALG_SHA_512, 19, { 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
1494 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
1495 0x05, 0x00, 0x04, 0x40 } },
1501 for (dwIdxOID = 0; aOIDDescriptor[dwIdxOID].aiAlgid; dwIdxOID++) {
1502 if (aOIDDescriptor[dwIdxOID].aiAlgid == aiAlgid)
break;
1505 if (!aOIDDescriptor[dwIdxOID].aiAlgid) {
1512 pbSignature[0] = 0x6b;
1513 for (
i=1;
i < dwLen - dwHashLen - 3;
i++) {
1514 pbSignature[
i] = 0xbb;
1516 pbSignature[
i++] = 0xba;
1517 for (
j=0;
j < dwHashLen;
j++,
i++) {
1518 pbSignature[
i] = abHashValue[
j];
1520 pbSignature[
i++] = 0x33;
1521 pbSignature[
i++] = 0xcc;
1523 pbSignature[0] = 0x00;
1524 pbSignature[1] = 0x01;
1526 for (
i=2;
i < dwLen - 1 - dwHashLen;
i++) {
1527 pbSignature[
i] = 0xff;
1529 pbSignature[
i++] = 0x00;
1531 for (
i=2;
i < dwLen - 1 - aOIDDescriptor[dwIdxOID].dwLen - dwHashLen;
i++) {
1532 pbSignature[
i] = 0xff;
1534 pbSignature[
i++] = 0x00;
1535 for (
j=0;
j < aOIDDescriptor[dwIdxOID].dwLen;
j++) {
1536 pbSignature[
i++] = aOIDDescriptor[dwIdxOID].abOID[
j];
1539 for (
j=0;
j < dwHashLen;
j++) {
1540 pbSignature[
i++] = abHashValue[
j];
1592 if (
i >= dwBufferLen)
break;
1602 }
while (
i < dwBufferLen);
1631 DWORD dwHalfSecretLen;
1635 TRACE(
"(hProv=%08lx, hSecret=%08lx, pblobLabel=%p, pblobSeed=%p, pbBuffer=%p, dwBufferLen=%d)\n",
1636 hProv, hSecret, pblobLabel, pblobSeed, pbBuffer, dwBufferLen);
1643 dwHalfSecretLen = (pSecret->
dwKeyLen+1)/2;
1649 memset(pbBuffer, 0, dwBufferLen);
1661 if (!
tls1_p(hHMAC, &blobLabelSeed, pbBuffer, dwBufferLen))
goto exit;
1667 if (!
tls1_p(hHMAC, &blobLabelSeed, pbBuffer, dwBufferLen))
goto exit;
1699 if (dwDataLen > dwBufferLen-11) {
1704 memmove(abBuffer + dwBufferLen - dwDataLen, abData, dwDataLen);
1708 for (
i=2;
i < dwBufferLen - dwDataLen - 1;
i++)
1711 for (
i-=8;
i < dwBufferLen - dwDataLen - 1;
i++)
1744 for (
i=2;
i<dwDataLen;
i++)
1748 if ((
i == dwDataLen) || (*dwBufferLen < dwDataLen -
i - 1) ||
1755 *dwBufferLen = dwDataLen -
i - 1;
1756 memmove(abBuffer, abData +
i + 1, *dwBufferLen);
1790 TRACE(
"(phProv=%p, pszContainer=%s, dwFlags=%08x, pVTable=%p)\n", phProv,
1793 if (pszContainer && *pszContainer)
1799 DWORD dwLen =
sizeof(szKeyContainerName);
1817 TRACE(
"Can't create new keyset, already exists\n");
1826 if (pszContainer && *pszContainer) {
1827 TRACE(
"pszContainer should be empty\n");
1875 TRACE(
"(hProv=%08lx, Algid=%08x, hKey=%08lx, dwFlags=%08x, phHash=%p)\n",
hProv, Algid,
hKey,
1879 if (!peaAlgidInfo)
return FALSE;
1907 ((!pCryptKey->siSChannelInfo.blobClientRandom.cbData) ||
1908 (!pCryptKey->siSChannelInfo.blobServerRandom.cbData)))
1922 if (!pCryptHash)
return FALSE;
1934 static const char keyex[] =
"key expansion";
1935 BYTE key_expansion[
sizeof keyex];
1938 memcpy( key_expansion, keyex,
sizeof keyex );
1941 static const char msec[] =
"master secret";
1942 BYTE master_secret[
sizeof msec];
1944 BYTE abKeyValue[48];
1946 memcpy( master_secret, msec,
sizeof msec );
2063 TRACE(
"(hUID=%08lx, hHash=%08lx, pdwReserved=%p, dwFlags=%08x, phHash=%p)\n", hUID,
hHash,
2088 *pDestHash = *pSrcHash;
2119 TRACE(
"(hUID=%08lx, hKey=%08lx, pdwReserved=%p, dwFlags=%08x, phKey=%p)\n", hUID,
hKey,
2144 *pDestKey = *pSrcKey;
2190 TRACE(
"(hProv=%08lx, hKey=%08lx, hHash=%08lx, Final=%d, dwFlags=%08x, pbData=%p, "
2237 else if (dwEncryptedLen >
dwBufLen) {
2248 switch (pCryptKey->
dwMode) {
2293 if (dwBufLen < pCryptKey->dwBlockLen) {
2343 TRACE(
"(hProv=%08lx, hKey=%08lx, hHash=%08lx, Final=%d, dwFlags=%08x, pbData=%p, "
2377 switch (pCryptKey->
dwMode) {
2634 switch ((
BYTE)dwBlobType)
2687 TRACE(
"(hProv=%08lx, hKey=%08lx, hPubKey=%08lx, dwBlobType=%08x, dwFlags=%08x, pbData=%p,"
2768 FIXME(
"unimplemented for CRYPT_IPSEC_HMAC_KEY\n");
2777 ERR(
"datalen %d not long enough for a BLOBHEADER + RSAPUBKEY\n",
2784 ERR(
"unexpected magic %08x\n", pRSAPubKey->
magic);
2789 (pRSAPubKey->
bitlen >> 3) + (5 * ((pRSAPubKey->
bitlen+8)>>4))))
2792 (pRSAPubKey->
bitlen >> 3) + (5 * ((pRSAPubKey->
bitlen+8)>>4));
2794 ERR(
"blob too short for pub key: expect %d, got %d\n",
2795 expectedLen, dwDataLen);
2812 TRACE(
"installing signing key\n");
2818 TRACE(
"installing key exchange key\n");
2860 FIXME(
"unimplemented for CRYPT_IPSEC_HMAC_KEY\n");
2918 const BYTE *pbKeyStream = (
const BYTE*)(pAlgid + 1);
2924 FIXME(
"unimplemented for CRYPT_IPSEC_HMAC_KEY\n");
2942 if (!pbDecrypted)
return FALSE;
2993 const DWORD *pKeyLen = (
const DWORD *)(pBlobHeader + 1);
2994 const BYTE *pbKeyStream = (
const BYTE*)(pKeyLen + 1);
3079 TRACE(
"bVersion = %d, reserved = %d\n", pBlobHeader->
bVersion,
3089 TRACE(
"blob type: %x\n", pBlobHeader->
bType);
3090 switch (pBlobHeader->
bType)
3135 TRACE(
"(hProv=%08lx, pbData=%p, dwDataLen=%d, hPubKey=%08lx, dwFlags=%08x, phKey=%p)\n",
3168 TRACE(
"(hProv=%08lx, aiAlgid=%d, dwFlags=%08x, phKey=%p)\n",
hProv, Algid,
dwFlags, phKey);
3258 TRACE(
"(hProv=%08lx, dwLen=%d, pbBuffer=%p)\n",
hProv, dwLen, pbBuffer);
3296 TRACE(
"(hProv=%08lx, hHash=%08lx, dwParam=%08x, pbData=%p, pdwDataLen=%p, dwFlags=%08x)\n",
3389 TRACE(
"(hProv=%08lx, hKey=%08lx, dwParam=%08x, pbData=%p, dwFlags=%08x)\n",
hProv,
hKey,
3489 if (
blob->cbData > 24)
3505 DWORD keylen, deflen;
3515 if (!keylen || keylen > 1024)
3528 && keylen != deflen)
3607 TRACE(
"(hProv=%08lx, hKey=%08lx, dwParam=%08x, pbData=%p, pdwDataLen=%p dwFlags=%08x)\n",
3650 dwValue = pCryptKey->
dwKeyLen << 3;
3657 dwValue = pCryptKey->
dwKeyLen << 3;
3721 static const BYTE abWTF[96] = {
3722 0xb0, 0x25, 0x63, 0x86, 0x9c, 0xab, 0xb6, 0x37,
3723 0xe8, 0x82, 0x00, 0x72, 0x06, 0xb2, 0x00, 0x3b,
3724 0x60, 0x35, 0x00, 0x3b, 0x88, 0xce, 0x00, 0x82,
3725 0xbc, 0x7a, 0x00, 0xb7, 0x4f, 0x7e, 0x00, 0xde,
3726 0x92, 0xf1, 0x00, 0x83, 0xea, 0x5e, 0x00, 0xc8,
3727 0x12, 0x1e, 0xd4, 0x06, 0xf7, 0x66, 0x00, 0x01,
3728 0x29, 0xa4, 0x00, 0xf8, 0x24, 0x0c, 0x00, 0x33,
3729 0x06, 0x80, 0x00, 0x02, 0x46, 0x0b, 0x00, 0x6d,
3730 0x5b, 0xca, 0x00, 0x9a, 0x10, 0xf0, 0x00, 0x05,
3731 0x19, 0xd0, 0x00, 0x2c, 0xf6, 0x27, 0x00, 0xaa,
3732 0x7c, 0x6f, 0x00, 0xb9, 0xd8, 0x72, 0x00, 0x03,
3733 0xf3, 0x81, 0x00, 0xfa, 0xe8, 0x26, 0x00, 0xca
3736 TRACE(
"(hProv=%08lx, dwParam=%08x, pbData=%p, pdwDataLen=%p, dwFlags=%08x)\n",
3787 dwTemp = 0x00000200;
3930 TRACE(
"(hProv=%08lx, Algid=%d, hBaseData=%08lx, dwFlags=%08x phKey=%p)\n",
hProv, Algid,
3956 int need_padding, copy_len;
3977 if (dwLen == 16 || dwLen == 20)
3983 need_padding = dwLen < pCryptKey->
dwKeyLen;
4039 if (!pMasterKey->siSChannelInfo.saEncAlg.Algid ||
4040 !pMasterKey->siSChannelInfo.saEncAlg.cBits)
4045 *phKey =
new_key(
hProv, pMasterKey->siSChannelInfo.saEncAlg.Algid,
4051 2 * (pMasterKey->siSChannelInfo.saMACAlg.cBits / 8) +
4053 (pMasterKey->siSChannelInfo.saEncAlg.cBits / 8) : 0)),
4054 pMasterKey->siSChannelInfo.saEncAlg.cBits / 8);
4057 2 * (pMasterKey->siSChannelInfo.saMACAlg.cBits / 8) +
4058 2 * (pMasterKey->siSChannelInfo.saEncAlg.cBits / 8) +
4070 pMasterKey->siSChannelInfo.saMACAlg.cBits / 8 : 0),
4071 pMasterKey->siSChannelInfo.saMACAlg.cBits / 8);
4110 TRACE(
"(hProv=%08lx, dwKeySpec=%08x, phUserKey=%p)\n",