[PATCH v3 4/5] ncrypt: Implement NCryptCreatePersistedKey.
Hans Leidekker
hans at codeweavers.com
Tue Mar 8 04:16:30 CST 2022
On Mon, 2022-03-07 at 20:57 -0300, Santino Mazza wrote:
> Signed-off-by: Santino Mazza <mazzasantino1206 at gmail.com>
> ---
> dlls/ncrypt/main.c | 62 ++++++++++++++++++++++++++++++-----
> dlls/ncrypt/ncrypt_internal.h | 6 ++++
> dlls/ncrypt/tests/ncrypt.c | 8 +++--
> 3 files changed, 66 insertions(+), 10 deletions(-)
>
> diff --git a/dlls/ncrypt/main.c b/dlls/ncrypt/main.c
> index 1f0ff3f5752..d4248e76c45 100644
> --- a/dlls/ncrypt/main.c
> +++ b/dlls/ncrypt/main.c
> @@ -30,14 +30,6 @@
[...]
> -SECURITY_STATUS WINAPI NCryptCreatePersistedKey(NCRYPT_PROV_HANDLE provider, NCRYPT_KEY_HANDLE *key,
> - const WCHAR *algid, const WCHAR *name, DWORD keyspec, DWORD flags)
> -{
> - FIXME("(%#Ix, %p, %s, %s, %#lx, %#lx): stub\n", provider, key, wine_dbgstr_w(algid),
> - wine_dbgstr_w(name), keyspec, flags);
> - return NTE_NOT_SUPPORTED;
> -}
> -
> SECURITY_STATUS WINAPI NCryptDecrypt(NCRYPT_KEY_HANDLE key, BYTE *input, DWORD insize, void *padding,
> BYTE *output, DWORD outsize, DWORD *result, DWORD flags)
> {
> @@ -357,6 +349,60 @@ SECURITY_STATUS WINAPI NCryptSetProperty(NCRYPT_HANDLE handle, const WCHAR *name
> return set_object_property(object, name, input, insize);
> }
>
> +SECURITY_STATUS WINAPI NCryptCreatePersistedKey(NCRYPT_PROV_HANDLE provider, NCRYPT_KEY_HANDLE *key,
> + const WCHAR *algid, const WCHAR *name, DWORD keyspec, DWORD flags)
> +{
> + struct object *key_object;
> + TRACE("(%#Ix, %p, %s, %s, %#lx, %#lx)\n", provider, key, wine_dbgstr_w(algid),
> + wine_dbgstr_w(name), keyspec, flags);
> +
> + if (!provider) return NTE_INVALID_HANDLE;
> + if (!algid) return HRESULT_FROM_WIN32(RPC_X_NULL_REF_POINTER);
> + if (name) FIXME("Persistant keys not supported\n");
> +
> + if (!(key_object = allocate_object(KEY)))
> + {
> + ERR("Error allocating memory\n");
> + return NTE_NO_MEMORY;
> + }
> +
> + if (!lstrcmpiW(algid, BCRYPT_RSA_ALGORITHM))
> + {
> + NTSTATUS ret = BCryptOpenAlgorithmProvider(&key_object->key.alg_prov, BCRYPT_RSA_ALGORITHM, NULL, 0);
> + DWORD default_bitlength = 1024;
This could use a test to confirm that 1024 is the default.
> +
> + if (ret != ERROR_SUCCESS)
> + {
> + ERR("Error opening algorithm provider\n");
> + free(key_object);
> + return NTE_INTERNAL_ERROR;
> + }
> +
> + ret = BCryptGenerateKeyPair(key_object->key.alg_prov, &key_object->key.bcrypt_key, 1024, 0);
> + if (ret != ERROR_SUCCESS)
> + {
> + ERR("Error generating key pair\n");
> + BCryptCloseAlgorithmProvider(key_object->key.alg_prov, 0);
> + free(key_object);
> + return NTE_INTERNAL_ERROR;
> + }
> +
> + key_object->key.type = ASYMMETRIC;
> + set_object_property(key_object, NCRYPT_PROVIDER_HANDLE_PROPERTY, (BYTE *)&provider, sizeof(NCRYPT_PROV_HANDLE));
> + set_object_property(key_object, NCRYPT_ALGORITHM_GROUP_PROPERTY, (BYTE *)BCRYPT_RSA_ALGORITHM, sizeof(BCRYPT_RSA_ALGORITHM));
> + set_object_property(key_object, NCRYPT_LENGTH_PROPERTY, (BYTE *)&default_bitlength, sizeof(default_bitlength));
> + }
> + else
> + {
> + FIXME("Algorithm not handled %s\n", wine_dbgstr_w(algid));
> + free(key_object);
> + return NTE_NOT_SUPPORTED;
> + }
> +
> + *key = (NCRYPT_KEY_HANDLE)key_object;
> + return ERROR_SUCCESS;
> +}
> +
There's no reason to move this function. It also has so much in common with
NCryptImportKey() that they should share a helper.
> SECURITY_STATUS WINAPI NCryptVerifySignature(NCRYPT_KEY_HANDLE handle, void *padding, BYTE *hash, DWORD hash_size,
> BYTE *signature, DWORD signature_size, DWORD flags)
> {
> diff --git a/dlls/ncrypt/ncrypt_internal.h b/dlls/ncrypt/ncrypt_internal.h
> index 05f2f6835de..f480667b29e 100644
> --- a/dlls/ncrypt/ncrypt_internal.h
> +++ b/dlls/ncrypt/ncrypt_internal.h
> @@ -18,8 +18,14 @@
>
> #include <bcrypt.h>
>
> +enum key_type {
> + SYMMETRIC,
> + ASYMMETRIC
> +};
> +
> struct key
> {
> + enum key_type type;
It would be better to store an algorithm id from which the symmetric/asymmetric
distinction can be derived.
More information about the wine-devel
mailing list