CryptAcquireContext Failure, default/Type 024 requested

Vijay Kiran Kamuju infyquest at gmail.com
Fri Nov 9 14:49:55 CST 2007


Hi Juan

On Nov 9, 2007 2:21 PM, Juan Lang <juan.lang at gmail.com> wrote:
> Hi Vijay,
>
> you forgot aes.c in your patch - please remember to git add it, then
> commit it along with the rest of the changes.
>
> From what you've sent, your patch looks pretty good so far.  A few comments:
>
> @@ -161,6 +162,10 @@ static const PROV_ENUMALGS_EX
> aProvEnumAlgsEx[4][RSAENH_MAX_ENUMALGS+1] =
>    {CALG_RC2,       40, 40,   56,0,                    4,"RC2",
> 24,"RSA Data Security's RC2"},
>    {CALG_RC4,       40, 40,   56,0,                    4,"RC4",
> 24,"RSA Data Security's RC4"},
>    {CALG_DES,       56, 56,   56,0,                    4,"DES",
> 31,"Data Encryption Standard (DES)"},
> +  {CALG_AES,      128,128,  128,0,                    4,"AES",
> 35,"Advanced Encryption Standard (AES)"},
> +  {CALG_AES_128,  128,128,  128,0,                    8,"AES-128",
> 39,"Advanced Encryption Standard (AES-128)"},
> +  {CALG_AES_192,  192,192,  192,0,                    8,"AES-192",
> 39,"Advanced Encryption Standard (AES-192)"},
> +  {CALG_AES_256,  256,256,  256,0,                    8,"AES-256",
> 39,"Advanced Encryption Standard (AES-256)"},
>
> I'm not sure AES support should be included in every "personality" of
> rsaenh.  Specifically, some cryptographic providers don't support it.
> Here's a blog that mentions how the MS_ENHANCED_PROV provider doesn't
> support it, but the MS_ENH_RSA_AES_PROV does:
> http://sys.cs.rice.edu/~sethn/wordpress/?p=19
I think I'll split the patch into 3 parts
1) basic AES implementation in rsaenh
2) Add AES provider info with registering  MS_ENH_RSA_AES_PROV.
    I have to make aProvEnumAlgsEx[4][RSAENH_MAX_ENUMALGS+1] to
aProvEnumAlgsEx[5][RSAENH_MAX_ENUMALGS+1]
and add the new algorithms, can you help me what algo's should I add
to the new one.
Add the registering code for type24 provider.
3) Tests

>
> +    if (!result) {
> +        /* rsaenh compiled without OpenSSL */
> +        ok(GetLastError()==NTE_BAD_ALGID, "%08x\n", GetLastError());
> +        return;
> +    }
>
> Our rsaenh hasn't built against OpenSSL in some time, so this test
> should be removed from existing tests.  You don't need to do that if
> you don't want, but don't bother adding it to new tests.
>
> +    result = CryptEncrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwLen, 16);
> +    ok(result, "%08x\n", GetLastError());
> +
> +    result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwLen);
> +    ok(result, "%08x\n", GetLastError());
>
> You should check that the encrypted output matches some expected
> value, and that the decrypted output matches the plaintext input.
Well, I have tested the decrypted output by putting printf's.
I will make sure we have good tests for it.
Will send new patch set soon.
>
> Thanks very much for getting this started.
> --Juan
>



More information about the wine-devel mailing list