Alexandre Julliard : bcrypt: Add separate backend functions for destroying symmetric/asymmetric keys.
Alexandre Julliard
julliard at winehq.org
Tue Sep 29 15:20:38 CDT 2020
Module: wine
Branch: master
Commit: f0e13847779fe058b655c8ec1a20f61b431f7df2
URL: https://source.winehq.org/git/wine.git/?a=commit;h=f0e13847779fe058b655c8ec1a20f61b431f7df2
Author: Alexandre Julliard <julliard at winehq.org>
Date: Tue Sep 29 14:16:17 2020 +0200
bcrypt: Add separate backend functions for destroying symmetric/asymmetric keys.
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/bcrypt/bcrypt_internal.h | 4 ++--
dlls/bcrypt/bcrypt_main.c | 32 +++++++++++++++++++++-----------
dlls/bcrypt/gnutls.c | 21 +++++++--------------
dlls/bcrypt/macos.c | 15 ++++++++-------
4 files changed, 38 insertions(+), 34 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_internal.h b/dlls/bcrypt/bcrypt_internal.h
index 2b26fbbc9c..ca48d20f77 100644
--- a/dlls/bcrypt/bcrypt_internal.h
+++ b/dlls/bcrypt/bcrypt_internal.h
@@ -265,12 +265,12 @@ NTSTATUS key_symmetric_set_auth_data( struct key *, UCHAR *, ULONG ) DECLSPEC_HI
NTSTATUS key_symmetric_encrypt( struct key *, const UCHAR *, ULONG, UCHAR *, ULONG ) DECLSPEC_HIDDEN;
NTSTATUS key_symmetric_decrypt( struct key *, const UCHAR *, ULONG, UCHAR *, ULONG ) DECLSPEC_HIDDEN;
NTSTATUS key_symmetric_get_tag( struct key *, UCHAR *, ULONG ) DECLSPEC_HIDDEN;
+void key_symmetric_destroy( struct key * ) DECLSPEC_HIDDEN;
NTSTATUS key_asymmetric_init( struct key * ) DECLSPEC_HIDDEN;
NTSTATUS key_asymmetric_generate( struct key * ) DECLSPEC_HIDDEN;
NTSTATUS key_asymmetric_sign( struct key *, void *, UCHAR *, ULONG, UCHAR *, ULONG, ULONG *, ULONG ) DECLSPEC_HIDDEN;
NTSTATUS key_asymmetric_verify( struct key *, void *, UCHAR *, ULONG, UCHAR *, ULONG, DWORD ) DECLSPEC_HIDDEN;
-NTSTATUS key_destroy( struct key * ) DECLSPEC_HIDDEN;
-BOOL key_is_symmetric( struct key * ) DECLSPEC_HIDDEN;
+void key_asymmetric_destroy( struct key * ) DECLSPEC_HIDDEN;
NTSTATUS key_export_dsa_capi( struct key *, UCHAR *, ULONG, ULONG * ) DECLSPEC_HIDDEN;
NTSTATUS key_export_ecc( struct key *, UCHAR *, ULONG, ULONG * ) DECLSPEC_HIDDEN;
NTSTATUS key_import_dsa_capi( struct key *, UCHAR *, ULONG ) DECLSPEC_HIDDEN;
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index d0fc02b776..c6d2266083 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -886,12 +886,12 @@ static NTSTATUS key_asymmetric_create( struct key **ret_key, struct algorithm *a
return STATUS_SUCCESS;
}
-#if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
-BOOL key_is_symmetric( struct key *key )
+static BOOL key_is_symmetric( struct key *key )
{
return builtin_algorithms[key->alg_id].class == BCRYPT_CIPHER_INTERFACE;
}
+#if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
static BOOL is_zero_vector( const UCHAR *vector, ULONG len )
{
ULONG i;
@@ -1335,12 +1335,6 @@ NTSTATUS key_symmetric_init( struct key *key )
return STATUS_NOT_IMPLEMENTED;
}
-BOOL key_is_symmetric( struct key *key )
-{
- ERR( "support for keys not available at build time\n" );
- return FALSE;
-}
-
NTSTATUS key_set_property( struct key *key, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags )
{
ERR( "support for keys not available at build time\n" );
@@ -1392,10 +1386,14 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
return STATUS_NOT_IMPLEMENTED;
}
-NTSTATUS key_destroy( struct key *key )
+void key_symmetric_destroy( struct key *key )
+{
+ ERR( "support for keys not available at build time\n" );
+}
+
+void key_asymmetric_destroy( struct key *key )
{
ERR( "support for keys not available at build time\n" );
- return STATUS_NOT_IMPLEMENTED;
}
static NTSTATUS key_encrypt( struct key *key, UCHAR *input, ULONG input_len, void *padding, UCHAR *iv,
@@ -1628,8 +1626,20 @@ NTSTATUS WINAPI BCryptDestroyKey( BCRYPT_KEY_HANDLE handle )
TRACE( "%p\n", handle );
if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
+ if (key_is_symmetric( key ))
+ {
+ key_symmetric_destroy( key );
+ heap_free( key->u.s.vector );
+ heap_free( key->u.s.secret );
+ }
+ else
+ {
+ key_asymmetric_destroy( key );
+ heap_free( key->u.a.pubkey );
+ }
key->hdr.magic = 0;
- return key_destroy( key );
+ heap_free( key );
+ return STATUS_SUCCESS;
}
NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG input_len, void *padding, UCHAR *iv,
diff --git a/dlls/bcrypt/gnutls.c b/dlls/bcrypt/gnutls.c
index 222861c18b..341089c127 100644
--- a/dlls/bcrypt/gnutls.c
+++ b/dlls/bcrypt/gnutls.c
@@ -593,6 +593,11 @@ NTSTATUS key_symmetric_get_tag( struct key *key, UCHAR *tag, ULONG len )
return STATUS_SUCCESS;
}
+void key_symmetric_destroy( struct key *key )
+{
+ if (key->u.s.handle) pgnutls_cipher_deinit( key->u.s.handle );
+}
+
static NTSTATUS export_gnutls_pubkey_rsa( gnutls_privkey_t gnutls_key, ULONG bitlen, UCHAR **pubkey, ULONG *pubkey_len )
{
BCRYPT_RSAKEY_BLOB *rsa_blob;
@@ -1543,20 +1548,8 @@ NTSTATUS key_asymmetric_sign( struct key *key, void *padding, UCHAR *input, ULON
return status;
}
-NTSTATUS key_destroy( struct key *key )
+void key_asymmetric_destroy( struct key *key )
{
- if (key_is_symmetric( key ))
- {
- if (key->u.s.handle) pgnutls_cipher_deinit( key->u.s.handle );
- heap_free( key->u.s.vector );
- heap_free( key->u.s.secret );
- }
- else
- {
- if (key->u.a.handle) pgnutls_privkey_deinit( key->u.a.handle );
- heap_free( key->u.a.pubkey );
- }
- heap_free( key );
- return STATUS_SUCCESS;
+ if (key->u.a.handle) pgnutls_privkey_deinit( key->u.a.handle );
}
#endif
diff --git a/dlls/bcrypt/macos.c b/dlls/bcrypt/macos.c
index 26af5faa0c..1a9bb88880 100644
--- a/dlls/bcrypt/macos.c
+++ b/dlls/bcrypt/macos.c
@@ -184,6 +184,12 @@ NTSTATUS key_symmetric_get_tag( struct key *key, UCHAR *tag, ULONG len )
return STATUS_NOT_IMPLEMENTED;
}
+void key_symmetric_destroy( struct key *key )
+{
+ if (key->u.s.ref_encrypt) CCCryptorRelease( key->u.s.ref_encrypt );
+ if (key->u.s.ref_decrypt) CCCryptorRelease( key->u.s.ref_decrypt );
+}
+
NTSTATUS key_asymmetric_init( struct key *key )
{
FIXME( "not implemented on Mac\n" );
@@ -234,13 +240,8 @@ NTSTATUS key_asymmetric_generate( struct key *key )
return STATUS_NOT_IMPLEMENTED;
}
-NTSTATUS key_destroy( struct key *key )
+void key_asymmetric_destroy( struct key *key )
{
- if (key->u.s.ref_encrypt) CCCryptorRelease( key->u.s.ref_encrypt );
- if (key->u.s.ref_decrypt) CCCryptorRelease( key->u.s.ref_decrypt );
- heap_free( key->u.s.vector );
- heap_free( key->u.s.secret );
- heap_free( key );
- return STATUS_SUCCESS;
+ FIXME( "not implemented on Mac\n" );
}
#endif
More information about the wine-cvs
mailing list