bcrypt: Fix RSA public key export when we don't have a private key handle.
Signed-off-by: Hans Leidekker <hans@codeweavers.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
parent
e47fe70084
commit
5b860a44a0
|
@ -107,6 +107,7 @@ static int (*pgnutls_pubkey_import_dsa_raw)(gnutls_pubkey_t, const gnutls_datum_
|
||||||
static int (*pgnutls_pubkey_import_privkey)(gnutls_pubkey_t, gnutls_privkey_t, unsigned int, unsigned int);
|
static int (*pgnutls_pubkey_import_privkey)(gnutls_pubkey_t, gnutls_privkey_t, unsigned int, unsigned int);
|
||||||
|
|
||||||
/* Not present in gnutls version < 3.3.0 */
|
/* Not present in gnutls version < 3.3.0 */
|
||||||
|
static int (*pgnutls_pubkey_export_rsa_raw)(gnutls_pubkey_t, gnutls_datum_t *, gnutls_datum_t *);
|
||||||
static int (*pgnutls_privkey_export_ecc_raw)(gnutls_privkey_t, gnutls_ecc_curve_t *,
|
static int (*pgnutls_privkey_export_ecc_raw)(gnutls_privkey_t, gnutls_ecc_curve_t *,
|
||||||
gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *);
|
gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *);
|
||||||
static int (*pgnutls_privkey_export_rsa_raw)(gnutls_privkey_t, gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *,
|
static int (*pgnutls_privkey_export_rsa_raw)(gnutls_privkey_t, gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *,
|
||||||
|
@ -166,6 +167,11 @@ static int compat_gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_c
|
||||||
return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
|
return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int compat_gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key, gnutls_datum_t *m, gnutls_datum_t *e)
|
||||||
|
{
|
||||||
|
return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
|
||||||
|
}
|
||||||
|
|
||||||
static int compat_gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, gnutls_datum_t *m, gnutls_datum_t *e,
|
static int compat_gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, gnutls_datum_t *m, gnutls_datum_t *e,
|
||||||
gnutls_datum_t *d, gnutls_datum_t *p, gnutls_datum_t *q,
|
gnutls_datum_t *d, gnutls_datum_t *p, gnutls_datum_t *q,
|
||||||
gnutls_datum_t *u, gnutls_datum_t *e1, gnutls_datum_t *e2)
|
gnutls_datum_t *u, gnutls_datum_t *e1, gnutls_datum_t *e2)
|
||||||
|
@ -299,8 +305,9 @@ static NTSTATUS gnutls_process_attach( void *args )
|
||||||
|
|
||||||
LOAD_FUNCPTR_OPT(gnutls_cipher_tag)
|
LOAD_FUNCPTR_OPT(gnutls_cipher_tag)
|
||||||
LOAD_FUNCPTR_OPT(gnutls_cipher_add_auth)
|
LOAD_FUNCPTR_OPT(gnutls_cipher_add_auth)
|
||||||
LOAD_FUNCPTR_OPT(gnutls_pubkey_import_ecc_raw)
|
|
||||||
LOAD_FUNCPTR_OPT(gnutls_pubkey_export_ecc_raw)
|
LOAD_FUNCPTR_OPT(gnutls_pubkey_export_ecc_raw)
|
||||||
|
LOAD_FUNCPTR_OPT(gnutls_pubkey_export_rsa_raw)
|
||||||
|
LOAD_FUNCPTR_OPT(gnutls_pubkey_import_ecc_raw)
|
||||||
LOAD_FUNCPTR_OPT(gnutls_privkey_export_rsa_raw)
|
LOAD_FUNCPTR_OPT(gnutls_privkey_export_rsa_raw)
|
||||||
LOAD_FUNCPTR_OPT(gnutls_privkey_export_ecc_raw)
|
LOAD_FUNCPTR_OPT(gnutls_privkey_export_ecc_raw)
|
||||||
LOAD_FUNCPTR_OPT(gnutls_privkey_import_ecc_raw)
|
LOAD_FUNCPTR_OPT(gnutls_privkey_import_ecc_raw)
|
||||||
|
@ -633,7 +640,14 @@ static NTSTATUS key_export_rsa_public( struct key *key, UCHAR *buf, ULONG len, U
|
||||||
UCHAR *dst;
|
UCHAR *dst;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
if ((ret = pgnutls_privkey_export_rsa_raw( key_data(key)->a.privkey, &m, &e, NULL, NULL, NULL, NULL, NULL, NULL )))
|
if (key_data(key)->a.pubkey)
|
||||||
|
ret = pgnutls_pubkey_export_rsa_raw( key_data(key)->a.pubkey, &m, &e );
|
||||||
|
else if (key_data(key)->a.privkey)
|
||||||
|
ret = pgnutls_privkey_export_rsa_raw( key_data(key)->a.privkey, &m, &e, NULL, NULL, NULL, NULL, NULL, NULL );
|
||||||
|
else
|
||||||
|
return STATUS_INVALID_PARAMETER;
|
||||||
|
|
||||||
|
if (ret)
|
||||||
{
|
{
|
||||||
pgnutls_perror( ret );
|
pgnutls_perror( ret );
|
||||||
return STATUS_INTERNAL_ERROR;
|
return STATUS_INTERNAL_ERROR;
|
||||||
|
@ -1017,6 +1031,8 @@ static NTSTATUS key_export_rsa( struct key *key, ULONG flags, UCHAR *buf, ULONG
|
||||||
UCHAR *dst;
|
UCHAR *dst;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
if (!key_data(key)->a.privkey) return STATUS_INVALID_PARAMETER;
|
||||||
|
|
||||||
if ((ret = pgnutls_privkey_export_rsa_raw( key_data(key)->a.privkey, &m, &e, &d, &p, &q, &u, &e1, &e2 )))
|
if ((ret = pgnutls_privkey_export_rsa_raw( key_data(key)->a.privkey, &m, &e, &d, &p, &q, &u, &e1, &e2 )))
|
||||||
{
|
{
|
||||||
pgnutls_perror( ret );
|
pgnutls_perror( ret );
|
||||||
|
|
|
@ -2212,7 +2212,7 @@ static void test_RSA_SIGN(void)
|
||||||
BCRYPT_RSAKEY_BLOB *rsablob;
|
BCRYPT_RSAKEY_BLOB *rsablob;
|
||||||
NTSTATUS ret;
|
NTSTATUS ret;
|
||||||
ULONG size, size2;
|
ULONG size, size2;
|
||||||
BYTE *buf;
|
BYTE *buf, buf2[sizeof(BCRYPT_RSAKEY_BLOB) + sizeof(rsaPublicBlob)];
|
||||||
|
|
||||||
ret = BCryptOpenAlgorithmProvider(&alg, BCRYPT_RSA_SIGN_ALGORITHM, NULL, 0);
|
ret = BCryptOpenAlgorithmProvider(&alg, BCRYPT_RSA_SIGN_ALGORITHM, NULL, 0);
|
||||||
if (ret)
|
if (ret)
|
||||||
|
@ -2224,6 +2224,22 @@ static void test_RSA_SIGN(void)
|
||||||
ret = BCryptImportKeyPair(alg, NULL, BCRYPT_RSAPUBLIC_BLOB, &key, rsaPublicBlob, sizeof(rsaPublicBlob), 0);
|
ret = BCryptImportKeyPair(alg, NULL, BCRYPT_RSAPUBLIC_BLOB, &key, rsaPublicBlob, sizeof(rsaPublicBlob), 0);
|
||||||
ok(!ret, "BCryptImportKeyPair failed: %#lx\n", ret);
|
ok(!ret, "BCryptImportKeyPair failed: %#lx\n", ret);
|
||||||
|
|
||||||
|
memset(buf2, 0xcc, sizeof(buf2));
|
||||||
|
ret = BCryptExportKey(key, NULL, BCRYPT_RSAPUBLIC_BLOB, buf2, sizeof(buf2), &size, 0);
|
||||||
|
ok(!ret, "got %#lx\n", ret);
|
||||||
|
rsablob = (BCRYPT_RSAKEY_BLOB *)buf2;
|
||||||
|
ok(rsablob->Magic == BCRYPT_RSAPUBLIC_MAGIC, "got %#lx\n", rsablob->Magic);
|
||||||
|
ok(rsablob->BitLength == 2048, "got %lu\n", rsablob->BitLength);
|
||||||
|
ok(rsablob->cbPublicExp == 3, "got %lu\n", rsablob->cbPublicExp);
|
||||||
|
ok(rsablob->cbModulus == 256, "got %lu\n", rsablob->cbModulus);
|
||||||
|
ok(rsablob->cbPrime1 == 0, "got %lu\n", rsablob->cbPrime1);
|
||||||
|
ok(rsablob->cbPrime2 == 0, "got %lu\n", rsablob->cbPrime2);
|
||||||
|
size2 = sizeof(*rsablob) + rsablob->cbPublicExp + rsablob->cbModulus + rsablob->cbPrime1 + rsablob->cbPrime2;
|
||||||
|
ok(size == size2, "got %lu expected %lu\n", size2, size);
|
||||||
|
|
||||||
|
ret = BCryptExportKey(key, NULL, BCRYPT_RSAPRIVATE_BLOB, buf2, sizeof(buf2), &size, 0);
|
||||||
|
ok(ret == STATUS_INVALID_PARAMETER, "got %#lx\n", ret);
|
||||||
|
|
||||||
pad.pszAlgId = BCRYPT_SHA1_ALGORITHM;
|
pad.pszAlgId = BCRYPT_SHA1_ALGORITHM;
|
||||||
ret = BCryptVerifySignature(key, &pad, rsaHash, sizeof(rsaHash), rsaSignature, sizeof(rsaSignature), BCRYPT_PAD_PKCS1);
|
ret = BCryptVerifySignature(key, &pad, rsaHash, sizeof(rsaHash), rsaSignature, sizeof(rsaSignature), BCRYPT_PAD_PKCS1);
|
||||||
ok(!ret, "BCryptVerifySignature failed: %#lx\n", ret);
|
ok(!ret, "BCryptVerifySignature failed: %#lx\n", ret);
|
||||||
|
|
Loading…
Reference in New Issue