rsaenh: fix critical bug in read_key_container
Mounir IDRASSI
mounir.idrassi at idrix.fr
Mon May 7 11:53:30 CDT 2007
Hi,
This patch corrects a bug in rsaenh dll that prevents
CryptAcquireContext from correctly loading the keys associated with the
container from the registry. It also adds a test that demonstrate this bug.
Mounir IDRASSI
IDRIX - Cryptography and IT Security Experts
http://www.idrix.fr
-------------- next part --------------
>From 3d90c39d48ad54487205f5572517ef4a089768e5 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi at idrix.fr>
Date: Mon, 7 May 2007 18:51:21 +0200
Subject: rsaenh: fix critical bug in read_key_container
---
dlls/rsaenh/rsaenh.c | 13 ++++++++-----
dlls/rsaenh/tests/rsaenh.c | 20 ++++++++++++++++++++
2 files changed, 28 insertions(+), 5 deletions(-)
diff --git a/dlls/rsaenh/rsaenh.c b/dlls/rsaenh/rsaenh.c
index 2ace2d5..66fa9f5 100644
--- a/dlls/rsaenh/rsaenh.c
+++ b/dlls/rsaenh/rsaenh.c
@@ -1050,7 +1050,8 @@ static HCRYPTPROV read_key_container(PCHAR pszContainerName, DWORD dwFlags, PVTa
KEYCONTAINER *pKeyContainer;
HCRYPTPROV hKeyContainer;
DATA_BLOB blobIn, blobOut;
-
+ HCRYPTKEY hCryptKey;
+
sprintf(szRSABase, RSAENH_REGKEY, pszContainerName);
if (dwFlags & CRYPT_MACHINE_KEYSET) {
@@ -1089,8 +1090,9 @@ static HCRYPTPROV read_key_container(PCHAR pszContainerName, DWORD dwFlags, PVTa
if (CryptUnprotectData(&blobIn, NULL, NULL, NULL, NULL,
(dwFlags & CRYPT_MACHINE_KEYSET) ? CRYPTPROTECT_LOCAL_MACHINE : 0, &blobOut))
{
- RSAENH_CPImportKey(hKeyContainer, blobOut.pbData, blobOut.cbData, 0, 0,
- &pKeyContainer->hKeyExchangeKeyPair);
+ if(RSAENH_CPImportKey(hKeyContainer, blobOut.pbData, blobOut.cbData, 0, 0,
+ &hCryptKey))
+ pKeyContainer->hKeyExchangeKeyPair = hCryptKey;
HeapFree(GetProcessHeap(), 0, blobOut.pbData);
}
}
@@ -1113,8 +1115,9 @@ static HCRYPTPROV read_key_container(PCHAR pszContainerName, DWORD dwFlags, PVTa
if (CryptUnprotectData(&blobIn, NULL, NULL, NULL, NULL,
(dwFlags & CRYPT_MACHINE_KEYSET) ? CRYPTPROTECT_LOCAL_MACHINE : 0, &blobOut))
{
- RSAENH_CPImportKey(hKeyContainer, blobOut.pbData, blobOut.cbData, 0, 0,
- &pKeyContainer->hSignatureKeyPair);
+ if(RSAENH_CPImportKey(hKeyContainer, blobOut.pbData, blobOut.cbData, 0, 0,
+ &hCryptKey))
+ pKeyContainer->hSignatureKeyPair = hCryptKey;
HeapFree(GetProcessHeap(), 0, blobOut.pbData);
}
}
diff --git a/dlls/rsaenh/tests/rsaenh.c b/dlls/rsaenh/tests/rsaenh.c
index fe27f4b..6d33663 100644
--- a/dlls/rsaenh/tests/rsaenh.c
+++ b/dlls/rsaenh/tests/rsaenh.c
@@ -1603,6 +1603,26 @@ static void test_null_provider(void)
CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL,
CRYPT_DELETEKEYSET);
+
+
+ /* test for the bug in accessing the user key in a container
+ */
+ result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL,
+ CRYPT_NEWKEYSET);
+ ok(result, "CryptAcquireContext failed: %08x\n", GetLastError());
+ result = CryptGenKey(prov, AT_KEYEXCHANGE, 0, &key);
+ ok(result, "CryptGenKey with AT_KEYEXCHANGE failed with error %08x\n", GetLastError());
+ CryptDestroyKey(key);
+ CryptReleaseContext(prov,0);
+ result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL,0);
+ ok(result, "CryptAcquireContext failed: 0x%08x\n", GetLastError());
+ result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &key);
+ ok (result, "CryptGetUserKey failed with error %08x\n", GetLastError());
+ CryptDestroyKey(key);
+
+ CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL,
+ CRYPT_DELETEKEYSET);
+
}
START_TEST(rsaenh)
--
1.4.4.2
More information about the wine-patches
mailing list