Alexandre Julliard : bcrypt: Add separate backend functions for destroying symmetric/asymmetric keys.

Alexandre Julliard julliard at winehq.org
Tue Sep 29 15:20:38 CDT 2020 

Module: wine
Branch: master
Commit: f0e13847779fe058b655c8ec1a20f61b431f7df2
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=f0e13847779fe058b655c8ec1a20f61b431f7df2

Author: Alexandre Julliard <julliard at winehq.org>
Date:   Tue Sep 29 14:16:17 2020 +0200

bcrypt: Add separate backend functions for destroying symmetric/asymmetric keys.

Signed-off-by: Alexandre Julliard <julliard at winehq.org>

---

 dlls/bcrypt/bcrypt_internal.h |  4 ++--
 dlls/bcrypt/bcrypt_main.c     | 32 +++++++++++++++++++++-----------
 dlls/bcrypt/gnutls.c          | 21 +++++++--------------
 dlls/bcrypt/macos.c           | 15 ++++++++-------
 4 files changed, 38 insertions(+), 34 deletions(-)

diff --git a/dlls/bcrypt/bcrypt_internal.h b/dlls/bcrypt/bcrypt_internal.h
index 2b26fbbc9c..ca48d20f77 100644
--- a/dlls/bcrypt/bcrypt_internal.h
+++ b/dlls/bcrypt/bcrypt_internal.h
@@ -265,12 +265,12 @@ NTSTATUS key_symmetric_set_auth_data( struct key *, UCHAR *, ULONG ) DECLSPEC_HI
 NTSTATUS key_symmetric_encrypt( struct key *, const UCHAR *, ULONG, UCHAR *, ULONG ) DECLSPEC_HIDDEN;
 NTSTATUS key_symmetric_decrypt( struct key *, const UCHAR *, ULONG, UCHAR *, ULONG ) DECLSPEC_HIDDEN;
 NTSTATUS key_symmetric_get_tag( struct key *, UCHAR *, ULONG ) DECLSPEC_HIDDEN;
+void     key_symmetric_destroy( struct key * ) DECLSPEC_HIDDEN;
 NTSTATUS key_asymmetric_init( struct key * ) DECLSPEC_HIDDEN;
 NTSTATUS key_asymmetric_generate( struct key * ) DECLSPEC_HIDDEN;
 NTSTATUS key_asymmetric_sign( struct key *, void *, UCHAR *, ULONG, UCHAR *, ULONG, ULONG *, ULONG ) DECLSPEC_HIDDEN;
 NTSTATUS key_asymmetric_verify( struct key *, void *, UCHAR *, ULONG, UCHAR *, ULONG, DWORD ) DECLSPEC_HIDDEN;
-NTSTATUS key_destroy( struct key * ) DECLSPEC_HIDDEN;
-BOOL key_is_symmetric( struct key * ) DECLSPEC_HIDDEN;
+void     key_asymmetric_destroy( struct key * ) DECLSPEC_HIDDEN;
 NTSTATUS key_export_dsa_capi( struct key *, UCHAR *, ULONG, ULONG * ) DECLSPEC_HIDDEN;
 NTSTATUS key_export_ecc( struct key *, UCHAR *, ULONG, ULONG * ) DECLSPEC_HIDDEN;
 NTSTATUS key_import_dsa_capi( struct key *, UCHAR *, ULONG ) DECLSPEC_HIDDEN;
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index d0fc02b776..c6d2266083 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -886,12 +886,12 @@ static NTSTATUS key_asymmetric_create( struct key **ret_key, struct algorithm *a
     return STATUS_SUCCESS;
 }
 
-#if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
-BOOL key_is_symmetric( struct key *key )
+static BOOL key_is_symmetric( struct key *key )
 {
     return builtin_algorithms[key->alg_id].class == BCRYPT_CIPHER_INTERFACE;
 }
 
+#if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
 static BOOL is_zero_vector( const UCHAR *vector, ULONG len )
 {
     ULONG i;
@@ -1335,12 +1335,6 @@ NTSTATUS key_symmetric_init( struct key *key )
     return STATUS_NOT_IMPLEMENTED;
 }
 
-BOOL key_is_symmetric( struct key *key )
-{
-    ERR( "support for keys not available at build time\n" );
-    return FALSE;
-}
-
 NTSTATUS key_set_property( struct key *key, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
 {
     ERR( "support for keys not available at build time\n" );
@@ -1392,10 +1386,14 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
     return STATUS_NOT_IMPLEMENTED;
 }
 
-NTSTATUS key_destroy( struct key *key )
+void key_symmetric_destroy( struct key *key )
+{
+    ERR( "support for keys not available at build time\n" );
+}
+
+void key_asymmetric_destroy( struct key *key )
 {
     ERR( "support for keys not available at build time\n" );
-    return STATUS_NOT_IMPLEMENTED;
 }
 
 static NTSTATUS key_encrypt( struct key *key,  UCHAR *input, ULONG input_len, void *padding, UCHAR *iv,
@@ -1628,8 +1626,20 @@ NTSTATUS WINAPI BCryptDestroyKey( BCRYPT_KEY_HANDLE handle )
     TRACE( "%p\n", handle );
 
     if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
+    if (key_is_symmetric( key ))
+    {
+        key_symmetric_destroy( key );
+        heap_free( key->u.s.vector );
+        heap_free( key->u.s.secret );
+    }
+    else
+    {
+        key_asymmetric_destroy( key );
+        heap_free( key->u.a.pubkey );
+    }
     key->hdr.magic = 0;
-    return key_destroy( key );
+    heap_free( key );
+    return STATUS_SUCCESS;
 }
 
 NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG input_len, void *padding, UCHAR *iv,
diff --git a/dlls/bcrypt/gnutls.c b/dlls/bcrypt/gnutls.c
index 222861c18b..341089c127 100644
--- a/dlls/bcrypt/gnutls.c
+++ b/dlls/bcrypt/gnutls.c
@@ -593,6 +593,11 @@ NTSTATUS key_symmetric_get_tag( struct key *key, UCHAR *tag, ULONG len )
     return STATUS_SUCCESS;
 }
 
+void key_symmetric_destroy( struct key *key )
+{
+    if (key->u.s.handle) pgnutls_cipher_deinit( key->u.s.handle );
+}
+
 static NTSTATUS export_gnutls_pubkey_rsa( gnutls_privkey_t gnutls_key, ULONG bitlen, UCHAR **pubkey, ULONG *pubkey_len )
 {
     BCRYPT_RSAKEY_BLOB *rsa_blob;
@@ -1543,20 +1548,8 @@ NTSTATUS key_asymmetric_sign( struct key *key, void *padding, UCHAR *input, ULON
     return status;
 }
 
-NTSTATUS key_destroy( struct key *key )
+void key_asymmetric_destroy( struct key *key )
 {
-    if (key_is_symmetric( key ))
-    {
-        if (key->u.s.handle) pgnutls_cipher_deinit( key->u.s.handle );
-        heap_free( key->u.s.vector );
-        heap_free( key->u.s.secret );
-    }
-    else
-    {
-        if (key->u.a.handle) pgnutls_privkey_deinit( key->u.a.handle );
-        heap_free( key->u.a.pubkey );
-    }
-    heap_free( key );
-    return STATUS_SUCCESS;
+    if (key->u.a.handle) pgnutls_privkey_deinit( key->u.a.handle );
 }
 #endif
diff --git a/dlls/bcrypt/macos.c b/dlls/bcrypt/macos.c
index 26af5faa0c..1a9bb88880 100644
--- a/dlls/bcrypt/macos.c
+++ b/dlls/bcrypt/macos.c
@@ -184,6 +184,12 @@ NTSTATUS key_symmetric_get_tag( struct key *key, UCHAR *tag, ULONG len )
     return STATUS_NOT_IMPLEMENTED;
 }
 
+void key_symmetric_destroy( struct key *key )
+{
+    if (key->u.s.ref_encrypt) CCCryptorRelease( key->u.s.ref_encrypt );
+    if (key->u.s.ref_decrypt) CCCryptorRelease( key->u.s.ref_decrypt );
+}
+
 NTSTATUS key_asymmetric_init( struct key *key )
 {
     FIXME( "not implemented on Mac\n" );
@@ -234,13 +240,8 @@ NTSTATUS key_asymmetric_generate( struct key *key )
     return STATUS_NOT_IMPLEMENTED;
 }
 
-NTSTATUS key_destroy( struct key *key )
+void key_asymmetric_destroy( struct key *key )
 {
-    if (key->u.s.ref_encrypt) CCCryptorRelease( key->u.s.ref_encrypt );
-    if (key->u.s.ref_decrypt) CCCryptorRelease( key->u.s.ref_decrypt );
-    heap_free( key->u.s.vector );
-    heap_free( key->u.s.secret );
-    heap_free( key );
-    return STATUS_SUCCESS;
+    FIXME( "not implemented on Mac\n" );
 }
 #endif

More information about the wine-cvs mailing list