ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Incorporated LibTomCrypt code into rsaenh to get rid of OpenSSL 

dependencies.
This commit is contained in:
Michael Jung 2004-11-30 17:43:59 +00:00 committed by Alexandre Julliard
parent c50d8743fa
commit ca371a48b2
12 changed files with 7714 additions and 732 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
dlls/rsaenh/Makefile.in
View File

@ -7,8 +7,14 @@ MODULE = rsaenh.dll
IMPORTS = advapi32 kernel32
C_SRCS = \
des.c \
handle.c \
implossl.c \
implglue.c \
md2.c \
mpi.c \
rc2.c \
rc4.c \
rsa.c \
rsaenh.c
SUBDIRS = tests

1496
dlls/rsaenh/des.c Normal file
View File

File diff suppressed because it is too large Load Diff

442
dlls/rsaenh/implglue.c Normal file
View File

@ -0,0 +1,442 @@
/*
* dlls/rsaenh/implglue.c
* Glueing the RSAENH specific code to the crypto library
*
* Copyright (c) 2004 Michael Jung
*
* based on code by Mike McCormack and David Hammerton
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "config.h"
#include "wine/port.h"
#include "wine/library.h"
#include "wine/debug.h"
#include "windef.h"
#include "wincrypt.h"
#include "implglue.h"
#include <stdio.h>
WINE_DEFAULT_DEBUG_CHANNEL(crypt);
/* Function prototypes copied from dlls/advapi32/crypt_md4.c */
VOID WINAPI MD4Init( MD4_CTX *ctx );
VOID WINAPI MD4Update( MD4_CTX *ctx, const unsigned char *buf, unsigned int len );
VOID WINAPI MD4Final( MD4_CTX *ctx );
/* Function prototypes copied from dlls/advapi32/crypt_md5.c */
VOID WINAPI MD5Init( MD5_CTX *ctx );
VOID WINAPI MD5Update( MD5_CTX *ctx, const unsigned char *buf, unsigned int len );
VOID WINAPI MD5Final( MD5_CTX *ctx );
/* Function prototypes copied from dlls/advapi32/crypt_sha.c */
VOID WINAPI A_SHAInit(PSHA_CTX Context);
VOID WINAPI A_SHAUpdate(PSHA_CTX Context, PCHAR Buffer, UINT BufferSize);
VOID WINAPI A_SHAFinal(PSHA_CTX Context, PULONG Result);
BOOL init_hash_impl(ALG_ID aiAlgid, HASH_CONTEXT *pHashContext)
{
switch (aiAlgid)
{
case CALG_MD2:
md2_init(&pHashContext->md2);
break;
case CALG_MD4:
MD4Init(&pHashContext->md4);
break;
case CALG_MD5:
MD5Init(&pHashContext->md5);
break;
case CALG_SHA:
A_SHAInit(&pHashContext->sha);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL update_hash_impl(ALG_ID aiAlgid, HASH_CONTEXT *pHashContext, CONST BYTE *pbData,
DWORD dwDataLen)
{
switch (aiAlgid)
{
case CALG_MD2:
md2_process(&pHashContext->md2, pbData, dwDataLen);
break;
case CALG_MD4:
MD4Update(&pHashContext->md4, pbData, dwDataLen);
break;
case CALG_MD5:
MD5Update(&pHashContext->md5, pbData, dwDataLen);
break;
case CALG_SHA:
A_SHAUpdate(&pHashContext->sha, (PCHAR)pbData, dwDataLen);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL finalize_hash_impl(ALG_ID aiAlgid, HASH_CONTEXT *pHashContext, BYTE *pbHashValue)
{
switch (aiAlgid)
{
case CALG_MD2:
md2_done(&pHashContext->md2, pbHashValue);
break;
case CALG_MD4:
MD4Final(&pHashContext->md4);
memcpy(pbHashValue, pHashContext->md4.digest, 16);
break;
case CALG_MD5:
MD5Final(&pHashContext->md5);
memcpy(pbHashValue, pHashContext->md5.digest, 16);
break;
case CALG_SHA:
A_SHAFinal(&pHashContext->sha, (PULONG)pbHashValue);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL duplicate_hash_impl(ALG_ID aiAlgid, CONST HASH_CONTEXT *pSrcHashContext,
HASH_CONTEXT *pDestHashContext)
{
memcpy(pDestHashContext, pSrcHashContext, sizeof(HASH_CONTEXT));
return TRUE;
}
BOOL new_key_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen)
{
switch (aiAlgid)
{
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
if (rsa_make_key((int)dwKeyLen, 65537, &pKeyContext->rsa) == CRYPT_OK) {
return TRUE;
} else {
printf("Error generating rsakey of len %ld!\n", dwKeyLen);
return FALSE;
}
}
return TRUE;
}
BOOL free_key_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext)
{
switch (aiAlgid)
{
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
rsa_free(&pKeyContext->rsa);
}
return TRUE;
}
BOOL setup_key_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen, DWORD dwSaltLen,
BYTE *abKeyValue)
{
switch (aiAlgid)
{
case CALG_RC4:
rc4_start(&pKeyContext->rc4);
rc4_add_entropy(abKeyValue, dwKeyLen + dwSaltLen, &pKeyContext->rc4);
rc4_ready(&pKeyContext->rc4);
break;
case CALG_RC2:
rc2_setup(abKeyValue, dwKeyLen + dwSaltLen, dwKeyLen << 3, 0, &pKeyContext->rc2);
break;
case CALG_3DES:
des3_setup(abKeyValue, 24, 0, &pKeyContext->des3);
break;
case CALG_3DES_112:
memcpy(abKeyValue+16, abKeyValue, 8);
des3_setup(abKeyValue, 24, 0, &pKeyContext->des3);
break;
case CALG_DES:
des_setup(abKeyValue, 8, 0, &pKeyContext->des);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL duplicate_key_impl(ALG_ID aiAlgid, CONST KEY_CONTEXT *pSrcKeyContext,
KEY_CONTEXT *pDestKeyContext)
{
switch (aiAlgid)
{
case CALG_RC4:
case CALG_RC2:
case CALG_3DES:
case CALG_3DES_112:
case CALG_DES:
memcpy(pDestKeyContext, pSrcKeyContext, sizeof(KEY_CONTEXT));
break;
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
pDestKeyContext->rsa.type = pSrcKeyContext->rsa.type;
mp_init_copy(&pDestKeyContext->rsa.e, &pSrcKeyContext->rsa.e);
mp_init_copy(&pDestKeyContext->rsa.d, &pSrcKeyContext->rsa.d);
mp_init_copy(&pDestKeyContext->rsa.N, &pSrcKeyContext->rsa.N);
mp_init_copy(&pDestKeyContext->rsa.p, &pSrcKeyContext->rsa.p);
mp_init_copy(&pDestKeyContext->rsa.q, &pSrcKeyContext->rsa.q);
mp_init_copy(&pDestKeyContext->rsa.qP, &pSrcKeyContext->rsa.qP);
mp_init_copy(&pDestKeyContext->rsa.dP, &pSrcKeyContext->rsa.dP);
mp_init_copy(&pDestKeyContext->rsa.dQ, &pSrcKeyContext->rsa.dQ);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
static inline void reverse_bytes(BYTE *pbData, DWORD dwLen) {
BYTE swap;
DWORD i;
for (i=0; i<dwLen/2; i++) {
swap = pbData[i];
pbData[i] = pbData[dwLen-i-1];
pbData[dwLen-i-1] = swap;
}
}
BOOL encrypt_block_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, CONST BYTE *in, BYTE *out,
DWORD enc)
{
unsigned long inlen, outlen;
switch (aiAlgid) {
case CALG_RC2:
if (enc) {
rc2_ecb_encrypt(in, out, &pKeyContext->rc2);
} else {
rc2_ecb_decrypt(in, out, &pKeyContext->rc2);
}
break;
case CALG_3DES:
case CALG_3DES_112:
if (enc) {
des3_ecb_encrypt(in, out, &pKeyContext->des3);
} else {
des3_ecb_decrypt(in, out, &pKeyContext->des3);
}
break;
case CALG_DES:
if (enc) {
des_ecb_encrypt(in, out, &pKeyContext->des);
} else {
des_ecb_decrypt(in, out, &pKeyContext->des);
}
break;
case CALG_RSA_KEYX:
outlen = inlen = (mp_count_bits(&pKeyContext->rsa.N)+7)/8;
if (enc) {
rsa_exptmod(in, inlen, out, &outlen, PK_PUBLIC, &pKeyContext->rsa);
reverse_bytes((BYTE*)in, inlen);
} else {
reverse_bytes((BYTE*)in, inlen);
rsa_exptmod(in, inlen, out, &outlen, PK_PRIVATE, &pKeyContext->rsa);
}
break;
case CALG_RSA_SIGN:
outlen = inlen = (mp_count_bits(&pKeyContext->rsa.N)+7)/8;
if (enc) {
rsa_exptmod(in, inlen, out, &outlen, PK_PRIVATE, &pKeyContext->rsa);
reverse_bytes((BYTE*)in, inlen);
} else {
reverse_bytes((BYTE*)in, inlen);
rsa_exptmod(in, inlen, out, &outlen, PK_PUBLIC, &pKeyContext->rsa);
}
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL encrypt_stream_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, BYTE *stream, DWORD dwLen)
{
switch (aiAlgid) {
case CALG_RC4:
rc4_read(stream, dwLen, &pKeyContext->rc4);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL gen_rand_impl(BYTE *pbBuffer, DWORD dwLen)
{
int dev_random;
/* FIXME: /dev/urandom does not provide random numbers of a sufficient
* quality for cryptographic applications. /dev/random is much better,
* but it blocks if the kernel has not yet collected enough entropy for
* the request, which will suspend the calling thread for an indefinite
* amount of time. */
dev_random = open("/dev/urandom", O_RDONLY);
if (dev_random != -1)
{
if (read(dev_random, pbBuffer, dwLen) == (ssize_t)dwLen)
{
close(dev_random);
return TRUE;
}
close(dev_random);
}
SetLastError(NTE_FAIL);
return FALSE;
}
BOOL export_public_key_impl(BYTE *pbDest, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,DWORD *pdwPubExp)
{
mp_to_unsigned_bin(&pKeyContext->rsa.N, pbDest);
reverse_bytes(pbDest, dwKeyLen);
*pdwPubExp = (DWORD)mp_get_int(&pKeyContext->rsa.e);
return TRUE;
}
BOOL import_public_key_impl(CONST BYTE *pbSrc, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD dwPubExp)
{
BYTE *pbTemp;
pbTemp = (BYTE*)HeapAlloc(GetProcessHeap(), 0, dwKeyLen);
if (!pbTemp) return FALSE;
memcpy(pbTemp, pbSrc, dwKeyLen);
pKeyContext->rsa.type = PK_PUBLIC;
reverse_bytes(pbTemp, dwKeyLen);
mp_read_unsigned_bin(&pKeyContext->rsa.N, pbTemp, dwKeyLen);
HeapFree(GetProcessHeap(), 0, pbTemp);
mp_set_int(&pKeyContext->rsa.e, dwPubExp);
return TRUE;
}
BOOL export_private_key_impl(BYTE *pbDest, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD *pdwPubExp)
{
mp_to_unsigned_bin(&pKeyContext->rsa.N, pbDest);
reverse_bytes(pbDest, dwKeyLen);
pbDest += dwKeyLen;
mp_to_unsigned_bin(&pKeyContext->rsa.p, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(&pKeyContext->rsa.q, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(&pKeyContext->rsa.dP, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(&pKeyContext->rsa.dQ, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(&pKeyContext->rsa.qP, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
mp_to_unsigned_bin(&pKeyContext->rsa.d, pbDest);
reverse_bytes(pbDest, dwKeyLen);
*pdwPubExp = (DWORD)mp_get_int(&pKeyContext->rsa.e);
return TRUE;
}
BOOL import_private_key_impl(CONST BYTE *pbSrc, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD dwPubExp)
{
BYTE *pbTemp, *pbBigNum;
pbTemp = HeapAlloc(GetProcessHeap(), 0, 2*dwKeyLen+5*((dwKeyLen+1)>>1));
if (!pbTemp) return FALSE;
memcpy(pbTemp, pbSrc, 2*dwKeyLen+5*((dwKeyLen+1)>>1));
pbBigNum = pbTemp;
pKeyContext->rsa.type = PK_PRIVATE;
reverse_bytes(pbBigNum, dwKeyLen);
mp_read_unsigned_bin(&pKeyContext->rsa.N, pbBigNum, dwKeyLen);
pbBigNum += dwKeyLen;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(&pKeyContext->rsa.p, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(&pKeyContext->rsa.q, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(&pKeyContext->rsa.dP, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(&pKeyContext->rsa.dQ, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
mp_read_unsigned_bin(&pKeyContext->rsa.qP, pbBigNum, (dwKeyLen+1)>>1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, dwKeyLen);
mp_read_unsigned_bin(&pKeyContext->rsa.d, pbBigNum, dwKeyLen);
mp_set_int(&pKeyContext->rsa.e, dwPubExp);
HeapFree(GetProcessHeap(), 0, pbTemp);
return TRUE;
}

54
dlls/rsaenh/implossl.h → dlls/rsaenh/implglue.h
View File

@ -1,6 +1,6 @@
/*
* dlls/rsaenh/implossl.h
* Encapsulating the OpenSSL dependend parts of RSABASE
* dlls/rsaenh/implglue.h
* Glueing the RSAENH specific code to the crypto library
*
* Copyright (c) 2004 Michael Jung
*
@ -21,28 +21,10 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#ifndef __WINE_IMPLOSSL_H
#define __WINE_IMPLOSSL_H
#ifndef __WINE_IMPLGLUE_H
#define __WINE_IMPLGLUE_H
#ifdef HAVE_OPENSSL_MD2_H
#include <openssl/md2.h>
#endif
#ifdef HAVE_OPENSSL_RC2_H
#include <openssl/rc2.h>
#endif
#ifdef HAVE_OPENSSL_RC4_H
#include <openssl/rc4.h>
#endif
#ifdef HAVE_OPENSSL_DES_H
#include <openssl/des.h>
#endif
#ifdef HAVE_OPENSSL_RSA_H
#include <openssl/rsa.h>
#endif
#include "tomcrypt.h"
/* Next typedef copied from dlls/advapi32/crypt_md4.c */
typedef struct tagMD4_CTX {
@ -71,32 +53,20 @@ typedef struct tagSHA_CTX
} SHA_CTX, *PSHA_CTX;
typedef union tagHASH_CONTEXT {
#ifdef HAVE_OPENSSL_MD2_H
MD2_CTX md2;
#endif
md2_state md2;
MD4_CTX md4;
MD5_CTX md5;
SHA_CTX sha;
} HASH_CONTEXT;
typedef union tagKEY_CONTEXT {
#ifdef HAVE_OPENSSL_RC2_H
RC2_KEY rc2;
#endif
#ifdef HAVE_OPENSSL_RC4_H
RC4_KEY rc4;
#endif
#ifdef HAVE_OPENSSL_DES_H
DES_key_schedule des[3];
#endif
#ifdef HAVE_OPENSSL_RSA_H
RSA *rsa;
#endif
DWORD dwDummy;
rc2_key rc2;
des_key des;
des3_key des3;
prng_state rc4;
rsa_key rsa;
} KEY_CONTEXT;
BOOL load_lib(void);
BOOL init_hash_impl(ALG_ID aiAlgid, HASH_CONTEXT *pHashContext);
BOOL update_hash_impl(ALG_ID aiAlgid, HASH_CONTEXT *pHashContext, CONST BYTE *pbData,
DWORD dwDataLen);
@ -126,4 +96,4 @@ BOOL import_private_key_impl(CONST BYTE* pbSrc, KEY_CONTEXT *pKeyContext, DWORD
BOOL gen_rand_impl(BYTE *pbBuffer, DWORD dwLen);
#endif /* __WINE_IMPLOSSL_H */
#endif /* __WINE_IMPLGLUE_H */

683
dlls/rsaenh/implossl.c
View File

@ -1,683 +0,0 @@
/*
* dlls/rsaenh/implossl.c
* Encapsulating the OpenSSL dependend parts of RSAENH
*
* Copyright (c) 2004 Michael Jung
*
* based on code by Mike McCormack and David Hammerton
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "config.h"
#include "wine/port.h"
#include "wine/library.h"
#include "wine/debug.h"
#include "windef.h"
#include "wincrypt.h"
#include "implossl.h"
#include <stdio.h>
WINE_DEFAULT_DEBUG_CHANNEL(crypt);
#ifndef SONAME_LIBCRYPTO
#define SONAME_LIBCRYPTO "libcrypto.so"
#endif
static void *libcrypto;
#define MAKE_FUNCPTR(f) static typeof(f) * p##f
/* OpenSSL funtions that we use */
#ifdef HAVE_OPENSSL_MD2_H
MAKE_FUNCPTR(MD2_Init);
MAKE_FUNCPTR(MD2_Update);
MAKE_FUNCPTR(MD2_Final);
#endif
#ifdef HAVE_OPENSSL_RC2_H
MAKE_FUNCPTR(RC2_set_key);
MAKE_FUNCPTR(RC2_ecb_encrypt);
#endif
#ifdef HAVE_OPENSSL_RC4_H
MAKE_FUNCPTR(RC4_set_key);
MAKE_FUNCPTR(RC4);
#endif
#ifdef HAVE_OPENSSL_DES_H
MAKE_FUNCPTR(DES_set_odd_parity);
MAKE_FUNCPTR(DES_set_key_unchecked);
MAKE_FUNCPTR(DES_ecb_encrypt);
MAKE_FUNCPTR(DES_ecb3_encrypt);
#endif
#ifdef HAVE_OPENSSL_RSA_H
MAKE_FUNCPTR(RSA_generate_key);
MAKE_FUNCPTR(RSA_free);
MAKE_FUNCPTR(RSA_size);
MAKE_FUNCPTR(RSA_check_key);
MAKE_FUNCPTR(RSA_public_encrypt);
MAKE_FUNCPTR(RSA_private_encrypt);
MAKE_FUNCPTR(RSAPrivateKey_dup);
MAKE_FUNCPTR(BN_bn2bin);
MAKE_FUNCPTR(BN_bin2bn);
MAKE_FUNCPTR(BN_get_word);
MAKE_FUNCPTR(BN_set_word);
MAKE_FUNCPTR(BN_num_bits);
#endif
/* Function prototypes copied from dlls/advapi32/crypt_md4.c */
VOID WINAPI MD4Init( MD4_CTX *ctx );
VOID WINAPI MD4Update( MD4_CTX *ctx, const unsigned char *buf, unsigned int len );
VOID WINAPI MD4Final( MD4_CTX *ctx );
/* Function prototypes copied from dlls/advapi32/crypt_md5.c */
VOID WINAPI MD5Init( MD5_CTX *ctx );
VOID WINAPI MD5Update( MD5_CTX *ctx, const unsigned char *buf, unsigned int len );
VOID WINAPI MD5Final( MD5_CTX *ctx );
/* Function prototypes copied from dlls/advapi32/crypt_sha.c */
VOID WINAPI A_SHAInit(PSHA_CTX Context);
VOID WINAPI A_SHAUpdate(PSHA_CTX Context, PCHAR Buffer, UINT BufferSize);
VOID WINAPI A_SHAFinal(PSHA_CTX Context, PULONG Result);
BOOL load_lib( void )
{
/* FIXME: Is this portable? */
#if defined HAVE_OPENSSL_MD2_H || defined HAVE_OPENSSL_RC2_H || defined HAVE_OPENSSL_RC4_H || \
defined HAVE_OPENSSL_DES_H || defined HAVE_OPENSSL_RSA_H
libcrypto = wine_dlopen(SONAME_LIBCRYPTO, RTLD_NOW, NULL, 0);
if (!libcrypto)
{
MESSAGE("Couldn't load %s, RSA encryption not available.\n", SONAME_LIBCRYPTO);
MESSAGE("Install the openssl package if you're have problems.\n");
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
#define GETFUNC(x) p##x = wine_dlsym(libcrypto, #x, NULL, 0);
#ifdef HAVE_OPENSSL_MD2_H
GETFUNC(MD2_Init);
GETFUNC(MD2_Update);
GETFUNC(MD2_Final);
#endif
#ifdef HAVE_OPENSSL_RC2_H
GETFUNC(RC2_set_key);
GETFUNC(RC2_ecb_encrypt);
#endif
#ifdef HAVE_OPENSSL_RC4_H
GETFUNC(RC4_set_key);
GETFUNC(RC4);
#endif
#ifdef HAVE_OPENSSL_DES_H
GETFUNC(DES_set_odd_parity);
GETFUNC(DES_set_key_unchecked);
GETFUNC(DES_ecb_encrypt);
GETFUNC(DES_ecb3_encrypt);
#endif
#ifdef HAVE_OPENSSL_RSA_H
GETFUNC(RSA_generate_key);
GETFUNC(RSA_free);
GETFUNC(RSA_size);
GETFUNC(RSA_check_key);
GETFUNC(RSA_public_encrypt);
GETFUNC(RSA_private_encrypt);
GETFUNC(RSAPrivateKey_dup);
GETFUNC(BN_bn2bin);
GETFUNC(BN_bin2bn);
GETFUNC(BN_get_word);
GETFUNC(BN_set_word);
GETFUNC(BN_num_bits);
#endif
#endif /* ifdef have any openssl header */
return TRUE;
}
BOOL init_hash_impl(ALG_ID aiAlgid, HASH_CONTEXT *pHashContext)
{
switch (aiAlgid)
{
#ifdef HAVE_OPENSSL_MD2_H
case CALG_MD2:
if (!pMD2_Init)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pMD2_Init(&pHashContext->md2);
break;
#endif
case CALG_MD4:
MD4Init(&pHashContext->md4);
break;
case CALG_MD5:
MD5Init(&pHashContext->md5);
break;
case CALG_SHA:
A_SHAInit(&pHashContext->sha);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL update_hash_impl(ALG_ID aiAlgid, HASH_CONTEXT *pHashContext, CONST BYTE *pbData,
DWORD dwDataLen)
{
switch (aiAlgid)
{
#ifdef HAVE_OPENSSL_MD2_H
case CALG_MD2:
if (!pMD2_Update)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pMD2_Update(&pHashContext->md2, pbData, dwDataLen);
break;
#endif
case CALG_MD4:
MD4Update(&pHashContext->md4, pbData, dwDataLen);
break;
case CALG_MD5:
MD5Update(&pHashContext->md5, pbData, dwDataLen);
break;
case CALG_SHA:
A_SHAUpdate(&pHashContext->sha, (PCHAR)pbData, dwDataLen);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL finalize_hash_impl(ALG_ID aiAlgid, HASH_CONTEXT *pHashContext, BYTE *pbHashValue)
{
switch (aiAlgid)
{
#ifdef HAVE_OPENSSL_MD2_H
case CALG_MD2:
if (!pMD2_Final)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pMD2_Final(pbHashValue, &pHashContext->md2);
break;
#endif
case CALG_MD4:
MD4Final(&pHashContext->md4);
memcpy(pbHashValue, pHashContext->md4.digest, 16);
break;
case CALG_MD5:
MD5Final(&pHashContext->md5);
memcpy(pbHashValue, pHashContext->md5.digest, 16);
break;
case CALG_SHA:
A_SHAFinal(&pHashContext->sha, (PULONG)pbHashValue);
break;
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL duplicate_hash_impl(ALG_ID aiAlgid, CONST HASH_CONTEXT *pSrcHashContext,
HASH_CONTEXT *pDestHashContext)
{
memcpy(pDestHashContext, pSrcHashContext, sizeof(HASH_CONTEXT));
return TRUE;
}
BOOL new_key_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen)
{
switch (aiAlgid)
{
#ifdef HAVE_OPENSSL_RSA_H
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
if (!pRSA_generate_key)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pKeyContext->rsa = pRSA_generate_key((int)dwKeyLen*8, 65537, NULL, NULL);
break;
#endif
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL free_key_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext)
{
switch (aiAlgid)
{
#ifdef HAVE_OPENSSL_RSA_H
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
if (!pRSA_free)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
if (pKeyContext->rsa) pRSA_free(pKeyContext->rsa);
break;
#endif
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL setup_key_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen, DWORD dwSaltLen,
BYTE *abKeyValue)
{
switch (aiAlgid)
{
#ifdef HAVE_OPENSSL_RC4_H
case CALG_RC4:
if (!pRC4_set_key)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pRC4_set_key(&pKeyContext->rc4, dwKeyLen + dwSaltLen, abKeyValue);
break;
#endif
#ifdef HAVE_OPENSSL_RC2_H
case CALG_RC2:
if (!pRC2_set_key)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pRC2_set_key(&pKeyContext->rc2, dwKeyLen + dwSaltLen, abKeyValue, dwKeyLen * 8);
break;
#endif
#ifdef HAVE_OPENSSL_DES_H
case CALG_3DES:
if (!pDES_set_odd_parity || !pDES_set_key_unchecked)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pDES_set_odd_parity(&((DES_cblock*)abKeyValue)[2]);
pDES_set_key_unchecked(&((DES_cblock*)abKeyValue)[2], &pKeyContext->des[2]);
case CALG_3DES_112:
if (!pDES_set_odd_parity || !pDES_set_key_unchecked)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pDES_set_odd_parity(&((DES_cblock*)abKeyValue)[1]);
pDES_set_key_unchecked(&((DES_cblock*)abKeyValue)[1], &pKeyContext->des[1]);
case CALG_DES:
if (!pDES_set_odd_parity || !pDES_set_key_unchecked)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pDES_set_odd_parity((DES_cblock*)abKeyValue);
pDES_set_key_unchecked((DES_cblock*)abKeyValue, &pKeyContext->des[0]);
break;
#endif
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL duplicate_key_impl(ALG_ID aiAlgid, CONST KEY_CONTEXT *pSrcKeyContext,
KEY_CONTEXT *pDestKeyContext)
{
switch (aiAlgid)
{
case CALG_RC4:
case CALG_RC2:
case CALG_3DES:
case CALG_3DES_112:
case CALG_DES:
memcpy(pDestKeyContext, pSrcKeyContext, sizeof(KEY_CONTEXT));
break;
#ifdef HAVE_OPENSSL_RSA_H
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
if (!pRSAPrivateKey_dup)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pDestKeyContext->rsa = pRSAPrivateKey_dup(pSrcKeyContext->rsa);
break;
#endif
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
#ifdef HAVE_OPENSSL_RSA_H
static inline void reverse_bytes(BYTE *pbData, DWORD dwLen) {
BYTE swap;
DWORD i;
for (i=0; i<dwLen/2; i++) {
swap = pbData[i];
pbData[i] = pbData[dwLen-i-1];
pbData[dwLen-i-1] = swap;
}
}
#endif
BOOL encrypt_block_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, CONST BYTE *in, BYTE *out,
DWORD enc)
{
#ifdef HAVE_OPENSSL_RSA_H
int cLen;
#endif
switch (aiAlgid) {
#ifdef HAVE_OPENSSL_RC2_H
case CALG_RC2:
if (!pRC2_ecb_encrypt)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pRC2_ecb_encrypt(in, out, &pKeyContext->rc2, enc ? RC2_ENCRYPT : RC2_DECRYPT);
break;
#endif
#ifdef HAVE_OPENSSL_DES_H
case CALG_DES:
if (!pDES_ecb_encrypt)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pDES_ecb_encrypt((const_DES_cblock*)in, (DES_cblock*)out, &pKeyContext->des[0],
enc ? DES_ENCRYPT : DES_DECRYPT);
break;
case CALG_3DES_112:
if (!pDES_ecb3_encrypt)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pDES_ecb3_encrypt((const_DES_cblock*)in, (DES_cblock*)out,
&pKeyContext->des[0], &pKeyContext->des[1], &pKeyContext->des[0],
enc ? DES_ENCRYPT : DES_DECRYPT);
break;
case CALG_3DES:
if (!pDES_ecb3_encrypt)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pDES_ecb3_encrypt((const_DES_cblock*)in, (DES_cblock*)out,
&pKeyContext->des[0], &pKeyContext->des[1], &pKeyContext->des[2],
enc ? DES_ENCRYPT : DES_DECRYPT);
break;
#endif
#ifdef HAVE_OPENSSL_RSA_H
case CALG_RSA_KEYX:
if (!pBN_num_bits || !pRSA_public_encrypt || !pRSA_private_encrypt)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
cLen = pBN_num_bits(pKeyContext->rsa->n)/8;
if (enc) {
pRSA_public_encrypt(cLen, in, out, pKeyContext->rsa, RSA_NO_PADDING);
reverse_bytes((BYTE*)in, cLen);
} else {
reverse_bytes((BYTE*)in, cLen);
pRSA_private_encrypt(cLen, in, out, pKeyContext->rsa, RSA_NO_PADDING);
}
break;
case CALG_RSA_SIGN:
if (!pBN_num_bits || !pRSA_public_encrypt || !pRSA_private_encrypt)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
cLen = pBN_num_bits(pKeyContext->rsa->n)/8;
if (enc) {
pRSA_private_encrypt(cLen, in, out, pKeyContext->rsa, RSA_NO_PADDING);
reverse_bytes((BYTE*)in, cLen);
} else {
reverse_bytes((BYTE*)in, cLen);
pRSA_public_encrypt(cLen, in, out, pKeyContext->rsa, RSA_NO_PADDING);
}
break;
#endif
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL encrypt_stream_impl(ALG_ID aiAlgid, KEY_CONTEXT *pKeyContext, BYTE *stream, DWORD dwLen)
{
switch (aiAlgid) {
#ifdef HAVE_OPENSSL_RC4_H
case CALG_RC4:
if (!pRC4)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pRC4(&pKeyContext->rc4, (unsigned long)dwLen, stream, stream);
break;
#endif
default:
SetLastError(NTE_BAD_ALGID);
return FALSE;
}
return TRUE;
}
BOOL gen_rand_impl(BYTE *pbBuffer, DWORD dwLen)
{
FILE *dev_random;
/* FIXME: /dev/urandom does not provide random numbers of a sufficient
* quality for cryptographic applications. /dev/random is much better,
* but it blocks if the kernel has not yet collected enough entropy for
* the request, which will suspend the calling thread for an indefinite
* amount of time. */
dev_random = fopen("/dev/urandom", "r");
if (dev_random)
{
if (fread(pbBuffer, (size_t)dwLen, 1, dev_random) == 1)
{
fclose(dev_random);
return TRUE;
}
fclose(dev_random);
}
SetLastError(NTE_FAIL);
return FALSE;
}
BOOL export_public_key_impl(BYTE *pbDest, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,DWORD *pdwPubExp)
{
#ifdef HAVE_OPENSSL_RSA_H
if (!pBN_bn2bin || !pBN_get_word)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pBN_bn2bin(pKeyContext->rsa->n, pbDest);
reverse_bytes(pbDest, dwKeyLen);
*pdwPubExp = (DWORD)pBN_get_word(pKeyContext->rsa->e);
return TRUE;
#else
SetLastError(NTE_FAIL);
return FALSE;
#endif
}
BOOL import_public_key_impl(CONST BYTE *pbSrc, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD dwPubExp)
{
#ifdef HAVE_OPENSSL_RSA_H
BYTE *pbTemp;
if (!pBN_bin2bn || !pBN_set_word)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pbTemp = (BYTE*)HeapAlloc(GetProcessHeap(), 0, dwKeyLen);
if (!pbTemp) return FALSE;
memcpy(pbTemp, pbSrc, dwKeyLen);
reverse_bytes(pbTemp, dwKeyLen);
pBN_bin2bn(pbTemp, dwKeyLen, pKeyContext->rsa->n);
HeapFree(GetProcessHeap(), 0, pbTemp);
pBN_set_word(pKeyContext->rsa->e, (BN_ULONG)dwPubExp);
return TRUE;
#else
SetLastError(NTE_FAIL);
return FALSE;
#endif
}
BOOL export_private_key_impl(BYTE *pbDest, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD *pdwPubExp)
{
#ifdef HAVE_OPENSSL_RSA_H
if (!pBN_bn2bin || !pBN_get_word)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pBN_bn2bin(pKeyContext->rsa->n, pbDest);
reverse_bytes(pbDest, dwKeyLen);
pbDest += dwKeyLen;
pBN_bn2bin(pKeyContext->rsa->p, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
pBN_bn2bin(pKeyContext->rsa->q, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
pBN_bn2bin(pKeyContext->rsa->dmp1, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
pBN_bn2bin(pKeyContext->rsa->dmq1, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
pBN_bn2bin(pKeyContext->rsa->iqmp, pbDest);
reverse_bytes(pbDest, (dwKeyLen+1)>>1);
pbDest += (dwKeyLen+1)>>1;
pBN_bn2bin(pKeyContext->rsa->d, pbDest);
reverse_bytes(pbDest, dwKeyLen);
*pdwPubExp = (DWORD)pBN_get_word(pKeyContext->rsa->e);
return TRUE;
#else
SetLastError(NTE_FAIL);
return FALSE;
#endif
}
BOOL import_private_key_impl(CONST BYTE *pbSrc, KEY_CONTEXT *pKeyContext, DWORD dwKeyLen,
DWORD dwPubExp)
{
#ifdef HAVE_OPENSSL_RSA_H
BYTE *pbTemp, *pbBigNum;
if (!pBN_bin2bn || !pBN_set_word)
{
SetLastError(NTE_PROVIDER_DLL_FAIL);
return FALSE;
}
pbTemp = HeapAlloc(GetProcessHeap(), 0, 2*dwKeyLen+5*((dwKeyLen+1)>>1));
if (!pbTemp) return FALSE;
memcpy(pbTemp, pbSrc, 2*dwKeyLen+5*((dwKeyLen+1)>>1));
pbBigNum = pbTemp;
reverse_bytes(pbBigNum, dwKeyLen);
pBN_bin2bn(pbBigNum, dwKeyLen, pKeyContext->rsa->n);
pbBigNum += dwKeyLen;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
pBN_bin2bn(pbBigNum, (dwKeyLen+1)>>1, pKeyContext->rsa->p);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
pBN_bin2bn(pbBigNum, (dwKeyLen+1)>>1, pKeyContext->rsa->q);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
pBN_bin2bn(pbBigNum, (dwKeyLen+1)>>1, pKeyContext->rsa->dmp1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
pBN_bin2bn(pbBigNum, (dwKeyLen+1)>>1, pKeyContext->rsa->dmq1);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, (dwKeyLen+1)>>1);
pBN_bin2bn(pbBigNum, (dwKeyLen+1)>>1, pKeyContext->rsa->iqmp);
pbBigNum += (dwKeyLen+1)>>1;
reverse_bytes(pbBigNum, dwKeyLen);
pBN_bin2bn(pbBigNum, dwKeyLen, pKeyContext->rsa->d);
pBN_set_word(pKeyContext->rsa->e, (BN_ULONG)dwPubExp);
HeapFree(GetProcessHeap(), 0, pbTemp);
return TRUE;
#else
SetLastError(NTE_FAIL);
return FALSE;
#endif
}

151
dlls/rsaenh/md2.c Normal file
View File

@ -0,0 +1,151 @@
/*
* dlls/rsaenh/md2.c
* MD2 (RFC 1319) hash function implementation by Tom St Denis
*
* Copyright 2004 Michael Jung
* Based on public domain code by Tom St Denis (tomstdenis@iahu.ca)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* This file contains code from the LibTomCrypt cryptographic
* library written by Tom St Denis (tomstdenis@iahu.ca). LibTomCrypt
* is in the public domain. The code in this file is tailored to
* special requirements. Take a look at http://libtomcrypt.org for the
* original version.
*/
#include "tomcrypt.h"
static const unsigned char PI_SUBST[256] = {
41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
31, 26, 219, 153, 141, 51, 159, 17, 131, 20
};
/* adds 16 bytes to the checksum */
static void md2_update_chksum(md2_state *md2)
{
int j;
unsigned char L;
L = md2->chksum[15];
for (j = 0; j < 16; j++) {
/* caution, the RFC says its "C[j] = S[M[i*16+j] xor L]" but the reference source code [and test vectors] say
otherwise.
*/
L = (md2->chksum[j] ^= PI_SUBST[(int)(md2->buf[j] ^ L)] & 255);
}
}
static void md2_compress(md2_state *md2)
{
int j, k;
unsigned char t;
/* copy block */
for (j = 0; j < 16; j++) {
md2->X[16+j] = md2->buf[j];
md2->X[32+j] = md2->X[j] ^ md2->X[16+j];
}
t = (unsigned char)0;
/* do 18 rounds */
for (j = 0; j < 18; j++) {
for (k = 0; k < 48; k++) {
t = (md2->X[k] ^= PI_SUBST[(int)(t & 255)]);
}
t = (t + (unsigned char)j) & 255;
}
}
int md2_init(md2_state *md2)
{
/* MD2 uses a zero'ed state... */
memset(md2->X, 0, sizeof(md2->X));
memset(md2->chksum, 0, sizeof(md2->chksum));
memset(md2->buf, 0, sizeof(md2->buf));
md2->curlen = 0;
return CRYPT_OK;
}
int md2_process(md2_state *md2, const unsigned char *buf, unsigned long len)
{
unsigned long n;
if (md2->curlen > sizeof(md2->buf)) {
return CRYPT_INVALID_ARG;
}
while (len > 0) {
n = MIN(len, (16 - md2->curlen));
memcpy(md2->buf + md2->curlen, buf, (size_t)n);
md2->curlen += n;
buf += n;
len -= n;
/* is 16 bytes full? */
if (md2->curlen == 16) {
md2_compress(md2);
md2_update_chksum(md2);
md2->curlen = 0;
}
}
return CRYPT_OK;
}
int md2_done(md2_state * md2, unsigned char *hash)
{
unsigned long i, k;
if (md2->curlen >= sizeof(md2->buf)) {
return CRYPT_INVALID_ARG;
}
/* pad the message */
k = 16 - md2->curlen;
for (i = md2->curlen; i < 16; i++) {
md2->buf[i] = (unsigned char)k;
}
/* hash and update */
md2_compress(md2);
md2_update_chksum(md2);
/* hash checksum */
memcpy(md2->buf, md2->chksum, 16);
md2_compress(md2);
/* output is lower 16 bytes of X */
memcpy(hash, md2->X, 16);
return CRYPT_OK;
}

4422
dlls/rsaenh/mpi.c Normal file
View File

File diff suppressed because it is too large Load Diff

203
dlls/rsaenh/rc2.c Normal file
View File

@ -0,0 +1,203 @@
/*
* dlls/rsaen/rc2.c
* RC2 functions
*
* Copyright 2004 Michael Jung
* Based on public domain code by Tom St Denis (tomstdenis@iahu.ca)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* This file contains code from the LibTomCrypt cryptographic
* library written by Tom St Denis (tomstdenis@iahu.ca). LibTomCrypt
* is in the public domain. The code in this file is tailored to
* special requirements. Take a look at http://libtomcrypt.org for the
* original version.
*/
#include "tomcrypt.h"
/* 256-entry permutation table, probably derived somehow from pi */
static const unsigned char permute[256] = {
217,120,249,196, 25,221,181,237, 40,233,253,121, 74,160,216,157,
198,126, 55,131, 43,118, 83,142, 98, 76,100,136, 68,139,251,162,
23,154, 89,245,135,179, 79, 19, 97, 69,109,141, 9,129,125, 50,
189,143, 64,235,134,183,123, 11,240,149, 33, 34, 92,107, 78,130,
84,214,101,147,206, 96,178, 28,115, 86,192, 20,167,140,241,220,
18,117,202, 31, 59,190,228,209, 66, 61,212, 48,163, 60,182, 38,
111,191, 14,218, 70,105, 7, 87, 39,242, 29,155,188,148, 67, 3,
248, 17,199,246,144,239, 62,231, 6,195,213, 47,200,102, 30,215,
8,232,234,222,128, 82,238,247,132,170,114,172, 53, 77,106, 42,
150, 26,210,113, 90, 21, 73,116, 75,159,208, 94, 4, 24,164,236,
194,224, 65,110, 15, 81,203,204, 36,145,175, 80,161,244,112, 57,
153,124, 58,133, 35,184,180,122,252, 2, 54, 91, 37, 85,151, 49,
45, 93,250,152,227,138,146,174, 5,223, 41, 16,103,108,186,201,
211, 0,230,207,225,158,168, 44, 99, 22, 1, 63, 88,226,137,169,
13, 56, 52, 27,171, 51,255,176,187, 72, 12, 95,185,177,205, 46,
197,243,219, 71,229,165,156,119, 10,166, 32,104,254,127,193,173
};
int rc2_setup(const unsigned char *key, int keylen, int bits, int rounds, rc2_key *rc2)
{
unsigned *xkey = rc2->xkey;
unsigned char tmp[128];
unsigned T8, TM;
int i;
if (keylen < 5 || keylen > 128) {
return CRYPT_INVALID_KEYSIZE;
}
if (rounds != 0 && rounds != 16) {
return CRYPT_INVALID_ROUNDS;
}
/* Following comment is from Eric Young's rc2 code: */
/* It has come to my attention that there are 2 versions of the RC2
* key schedule. One which is normal, and anther which has a hook to
* use a reduced key length.
* BSAFE uses the 'retarded' version. What I previously shipped is
* the same as specifying 1024 for the 'bits' parameter. Bsafe uses
* a version where the bits parameter is the same as len*8 */
/* Seems like MS uses the 'retarded' version, too.
* Adjust effective keylen bits */
if (bits <= 0) bits = keylen << 3;
if (bits > 1024) bits = 1024;
for (i = 0; i < keylen; i++) {
tmp[i] = key[i] & 255;
}
/* Phase 1: Expand input key to 128 bytes */
if (keylen < 128) {
for (i = keylen; i < 128; i++) {
tmp[i] = permute[(tmp[i - 1] + tmp[i - keylen]) & 255];
}
}
/* Phase 2 - reduce effective key size to "bits" */
/*bits = keylen<<3; */
T8 = (unsigned)(bits+7)>>3;
TM = (255 >> (unsigned)(7 & -bits));
tmp[128 - T8] = permute[tmp[128 - T8] & TM];
for (i = 127 - T8; i >= 0; i--) {
tmp[i] = permute[tmp[i + 1] ^ tmp[i + T8]];
}
/* Phase 3 - copy to xkey in little-endian order */
for (i = 0; i < 64; i++) {
xkey[i] = (unsigned)tmp[2*i] + ((unsigned)tmp[2*i+1] << 8);
}
return CRYPT_OK;
}
/**********************************************************************\
* Encrypt an 8-byte block of plaintext using the given key. *
\**********************************************************************/
void rc2_ecb_encrypt( const unsigned char *plain,
unsigned char *cipher,
rc2_key *rc2)
{
unsigned *xkey;
unsigned x76, x54, x32, x10, i;
xkey = rc2->xkey;
x76 = ((unsigned)plain[7] << 8) + (unsigned)plain[6];
x54 = ((unsigned)plain[5] << 8) + (unsigned)plain[4];
x32 = ((unsigned)plain[3] << 8) + (unsigned)plain[2];
x10 = ((unsigned)plain[1] << 8) + (unsigned)plain[0];
for (i = 0; i < 16; i++) {
x10 = (x10 + (x32 & ~x76) + (x54 & x76) + xkey[4*i+0]) & 0xFFFF;
x10 = ((x10 << 1) | (x10 >> 15));
x32 = (x32 + (x54 & ~x10) + (x76 & x10) + xkey[4*i+1]) & 0xFFFF;
x32 = ((x32 << 2) | (x32 >> 14));
x54 = (x54 + (x76 & ~x32) + (x10 & x32) + xkey[4*i+2]) & 0xFFFF;
x54 = ((x54 << 3) | (x54 >> 13));
x76 = (x76 + (x10 & ~x54) + (x32 & x54) + xkey[4*i+3]) & 0xFFFF;
x76 = ((x76 << 5) | (x76 >> 11));
if (i == 4 || i == 10) {
x10 = (x10 + xkey[x76 & 63]) & 0xFFFF;
x32 = (x32 + xkey[x10 & 63]) & 0xFFFF;
x54 = (x54 + xkey[x32 & 63]) & 0xFFFF;
x76 = (x76 + xkey[x54 & 63]) & 0xFFFF;
}
}
cipher[0] = (unsigned char)x10;
cipher[1] = (unsigned char)(x10 >> 8);
cipher[2] = (unsigned char)x32;
cipher[3] = (unsigned char)(x32 >> 8);
cipher[4] = (unsigned char)x54;
cipher[5] = (unsigned char)(x54 >> 8);
cipher[6] = (unsigned char)x76;
cipher[7] = (unsigned char)(x76 >> 8);
}
/**********************************************************************\
* Decrypt an 8-byte block of ciphertext using the given key. *
\**********************************************************************/
void rc2_ecb_decrypt( const unsigned char *cipher,
unsigned char *plain,
rc2_key *rc2)
{
unsigned x76, x54, x32, x10;
unsigned *xkey;
int i;
xkey = rc2->xkey;
x76 = ((unsigned)cipher[7] << 8) + (unsigned)cipher[6];
x54 = ((unsigned)cipher[5] << 8) + (unsigned)cipher[4];
x32 = ((unsigned)cipher[3] << 8) + (unsigned)cipher[2];
x10 = ((unsigned)cipher[1] << 8) + (unsigned)cipher[0];
for (i = 15; i >= 0; i--) {
if (i == 4 || i == 10) {
x76 = (x76 - xkey[x54 & 63]) & 0xFFFF;
x54 = (x54 - xkey[x32 & 63]) & 0xFFFF;
x32 = (x32 - xkey[x10 & 63]) & 0xFFFF;
x10 = (x10 - xkey[x76 & 63]) & 0xFFFF;
}
x76 = ((x76 << 11) | (x76 >> 5));
x76 = (x76 - ((x10 & ~x54) + (x32 & x54) + xkey[4*i+3])) & 0xFFFF;
x54 = ((x54 << 13) | (x54 >> 3));
x54 = (x54 - ((x76 & ~x32) + (x10 & x32) + xkey[4*i+2])) & 0xFFFF;
x32 = ((x32 << 14) | (x32 >> 2));
x32 = (x32 - ((x54 & ~x10) + (x76 & x10) + xkey[4*i+1])) & 0xFFFF;
x10 = ((x10 << 15) | (x10 >> 1));
x10 = (x10 - ((x32 & ~x76) + (x54 & x76) + xkey[4*i+0])) & 0xFFFF;
}
plain[0] = (unsigned char)x10;
plain[1] = (unsigned char)(x10 >> 8);
plain[2] = (unsigned char)x32;
plain[3] = (unsigned char)(x32 >> 8);
plain[4] = (unsigned char)x54;
plain[5] = (unsigned char)(x54 >> 8);
plain[6] = (unsigned char)x76;
plain[7] = (unsigned char)(x76 >> 8);
}

108
dlls/rsaenh/rc4.c Normal file
View File

@ -0,0 +1,108 @@
/*
* dlls/rsaenh/rc4.c
* RC4 functions
*
* Copyright 2004 Michael Jung
* Based on public domain code by Tom St Denis (tomstdenis@iahu.ca)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* This file contains code from the LibTomCrypt cryptographic
* library written by Tom St Denis (tomstdenis@iahu.ca). LibTomCrypt
* is in the public domain. The code in this file is tailored to
* special requirements. Take a look at http://libtomcrypt.org for the
* original version.
*/
#include "tomcrypt.h"
int rc4_start(prng_state *prng)
{
/* set keysize to zero */
prng->rc4.x = 0;
return CRYPT_OK;
}
int rc4_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng)
{
/* trim as required */
if (prng->rc4.x + len > 256) {
if (prng->rc4.x == 256) {
/* I can't possibly accept another byte, ok maybe a mint wafer... */
return CRYPT_OK;
} else {
/* only accept part of it */
len = 256 - prng->rc4.x;
}
}
while (len--) {
prng->rc4.buf[prng->rc4.x++] = *buf++;
}
return CRYPT_OK;
}
int rc4_ready(prng_state *prng)
{
unsigned char key[256], tmp, *s;
int keylen, x, y, j;
/* extract the key */
s = prng->rc4.buf;
memcpy(key, s, 256);
keylen = prng->rc4.x;
/* make RC4 perm and shuffle */
for (x = 0; x < 256; x++) {
s[x] = x;
}
for (j = x = y = 0; x < 256; x++) {
y = (y + prng->rc4.buf[x] + key[j++]) & 255;
if (j == keylen) {
j = 0;
}
tmp = s[x]; s[x] = s[y]; s[y] = tmp;
}
prng->rc4.x = 0;
prng->rc4.y = 0;
return CRYPT_OK;
}
unsigned long rc4_read(unsigned char *buf, unsigned long len, prng_state *prng)
{
unsigned char x, y, *s, tmp;
unsigned long n;
n = len;
x = prng->rc4.x;
y = prng->rc4.y;
s = prng->rc4.buf;
while (len--) {
x = (x + 1) & 255;
y = (y + s[x]) & 255;
tmp = s[x]; s[x] = s[y]; s[y] = tmp;
tmp = (s[x] + s[y]) & 255;
*buf++ ^= s[tmp];
}
prng->rc4.x = x;
prng->rc4.y = y;
return n;
}

246
dlls/rsaenh/rsa.c Normal file
View File

@ -0,0 +1,246 @@
/*
* dlls/rsaenh/rsa.c
* RSA public key cryptographic functions
*
* Copyright 2004 Michael Jung
* Based on public domain code by Tom St Denis (tomstdenis@iahu.ca)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* This file contains code from the LibTomCrypt cryptographic
* library written by Tom St Denis (tomstdenis@iahu.ca). LibTomCrypt
* is in the public domain. The code in this file is tailored to
* special requirements. Take a look at http://libtomcrypt.org for the
* original version.
*/
#include "tomcrypt.h"
static const struct {
int mpi_code, ltc_code;
} mpi_to_ltc_codes[] = {
{ MP_OKAY , CRYPT_OK},
{ MP_MEM , CRYPT_MEM},
{ MP_VAL , CRYPT_INVALID_ARG},
};
/* convert a MPI error to a LTC error (Possibly the most powerful function ever! Oh wait... no) */
int mpi_to_ltc_error(int err)
{
int x;
for (x = 0; x < (int)(sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0])); x++) {
if (err == mpi_to_ltc_codes[x].mpi_code) {
return mpi_to_ltc_codes[x].ltc_code;
}
}
return CRYPT_ERROR;
}
extern int gen_rand_impl(unsigned char *dst, unsigned int len);
static int rand_prime_helper(unsigned char *dst, int len, void *dat)
{
return gen_rand_impl(dst, len) ? len : 0;
}
int rand_prime(mp_int *N, long len)
{
int type;
/* allow sizes between 2 and 256 bytes for a prime size */
if (len < 16 || len > 8192) {
printf("Invalid prime size!\n");
return CRYPT_INVALID_PRIME_SIZE;
}
/* get type */
if (len < 0) {
type = LTM_PRIME_BBS;
len = -len;
} else {
type = 0;
}
/* New prime generation makes the code even more cryptoish-insane. Do you know what this means!!!
-- Gir: Yeah, oh wait, er, no.
*/
return mpi_to_ltc_error(mp_prime_random_ex(N, mp_prime_rabin_miller_trials(len), len, type, rand_prime_helper, NULL));
}
int rsa_make_key(int size, long e, rsa_key *key)
{
mp_int p, q, tmp1, tmp2, tmp3;
int err;
if ((size < (MIN_RSA_SIZE/8)) || (size > (MAX_RSA_SIZE/8))) {
return CRYPT_INVALID_KEYSIZE;
}
if ((e < 3) || ((e & 1) == 0)) {
return CRYPT_INVALID_ARG;
}
if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != MP_OKAY) {
return mpi_to_ltc_error(err);
}
/* make primes p and q (optimization provided by Wayne Scott) */
if ((err = mp_set_int(&tmp3, e)) != MP_OKAY) { goto error; } /* tmp3 = e */
/* make prime "p" */
do {
if ((err = rand_prime(&p, size*4)) != CRYPT_OK) { goto done; }
if ((err = mp_sub_d(&p, 1, &tmp1)) != MP_OKAY) { goto error; } /* tmp1 = p-1 */
if ((err = mp_gcd(&tmp1, &tmp3, &tmp2)) != MP_OKAY) { goto error; } /* tmp2 = gcd(p-1, e) */
} while (mp_cmp_d(&tmp2, 1) != 0); /* while e divides p-1 */
/* make prime "q" */
do {
if ((err = rand_prime(&q, size*4)) != CRYPT_OK) { goto done; }
if ((err = mp_sub_d(&q, 1, &tmp1)) != MP_OKAY) { goto error; } /* tmp1 = q-1 */
if ((err = mp_gcd(&tmp1, &tmp3, &tmp2)) != MP_OKAY) { goto error; } /* tmp2 = gcd(q-1, e) */
} while (mp_cmp_d(&tmp2, 1) != 0); /* while e divides q-1 */
/* tmp1 = lcm(p-1, q-1) */
if ((err = mp_sub_d(&p, 1, &tmp2)) != MP_OKAY) { goto error; } /* tmp2 = p-1 */
/* tmp1 = q-1 (previous do/while loop) */
if ((err = mp_lcm(&tmp1, &tmp2, &tmp1)) != MP_OKAY) { goto error; } /* tmp1 = lcm(p-1, q-1) */
/* make key */
if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP,
&key->qP, &key->p, &key->q, NULL)) != MP_OKAY) {
goto error;
}
if ((err = mp_set_int(&key->e, e)) != MP_OKAY) { goto error2; } /* key->e = e */
if ((err = mp_invmod(&key->e, &tmp1, &key->d)) != MP_OKAY) { goto error2; } /* key->d = 1/e mod lcm(p-1,q-1) */
if ((err = mp_mul(&p, &q, &key->N)) != MP_OKAY) { goto error2; } /* key->N = pq */
/* optimize for CRT now */
/* find d mod q-1 and d mod p-1 */
if ((err = mp_sub_d(&p, 1, &tmp1)) != MP_OKAY) { goto error2; } /* tmp1 = q-1 */
if ((err = mp_sub_d(&q, 1, &tmp2)) != MP_OKAY) { goto error2; } /* tmp2 = p-1 */
if ((err = mp_mod(&key->d, &tmp1, &key->dP)) != MP_OKAY) { goto error2; } /* dP = d mod p-1 */
if ((err = mp_mod(&key->d, &tmp2, &key->dQ)) != MP_OKAY) { goto error2; } /* dQ = d mod q-1 */
if ((err = mp_invmod(&q, &p, &key->qP)) != MP_OKAY) { goto error2; } /* qP = 1/q mod p */
if ((err = mp_copy(&p, &key->p)) != MP_OKAY) { goto error2; }
if ((err = mp_copy(&q, &key->q)) != MP_OKAY) { goto error2; }
/* shrink ram required */
if ((err = mp_shrink(&key->e)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->d)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->N)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->dQ)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->dP)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->qP)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->p)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->q)) != MP_OKAY) { goto error2; }
/* set key type (in this case it's CRT optimized) */
key->type = PK_PRIVATE;
/* return ok and free temps */
err = CRYPT_OK;
goto done;
error2:
mp_clear_multi(&key->d, &key->e, &key->N, &key->dQ, &key->dP,
&key->qP, &key->p, &key->q, NULL);
error:
err = mpi_to_ltc_error(err);
done:
mp_clear_multi(&tmp3, &tmp2, &tmp1, &p, &q, NULL);
return err;
}
void rsa_free(rsa_key *key)
{
mp_clear_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP,
&key->qP, &key->p, &key->q, NULL);
}
/* compute an RSA modular exponentiation */
int rsa_exptmod(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen, int which,
rsa_key *key)
{
mp_int tmp, tmpa, tmpb;
unsigned long x;
int err;
/* is the key of the right type for the operation? */
if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) {
return CRYPT_PK_NOT_PRIVATE;
}
/* must be a private or public operation */
if (which != PK_PRIVATE && which != PK_PUBLIC) {
return CRYPT_PK_INVALID_TYPE;
}
/* init and copy into tmp */
if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != MP_OKAY) { return mpi_to_ltc_error(err); }
if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, (int)inlen)) != MP_OKAY) { goto error; }
/* sanity check on the input */
if (mp_cmp(&key->N, &tmp) == MP_LT) {
err = CRYPT_PK_INVALID_SIZE;
goto done;
}
/* are we using the private exponent and is the key optimized? */
if (which == PK_PRIVATE) {
/* tmpa = tmp^dP mod p */
if ((err = mpi_to_ltc_error(mp_exptmod(&tmp, &key->dP, &key->p, &tmpa))) != MP_OKAY) { goto error; }
/* tmpb = tmp^dQ mod q */
if ((err = mpi_to_ltc_error(mp_exptmod(&tmp, &key->dQ, &key->q, &tmpb))) != MP_OKAY) { goto error; }
/* tmp = (tmpa - tmpb) * qInv (mod p) */
if ((err = mp_sub(&tmpa, &tmpb, &tmp)) != MP_OKAY) { goto error; }
if ((err = mp_mulmod(&tmp, &key->qP, &key->p, &tmp)) != MP_OKAY) { goto error; }
/* tmp = tmpb + q * tmp */
if ((err = mp_mul(&tmp, &key->q, &tmp)) != MP_OKAY) { goto error; }
if ((err = mp_add(&tmp, &tmpb, &tmp)) != MP_OKAY) { goto error; }
} else {
/* exptmod it */
if ((err = mp_exptmod(&tmp, &key->e, &key->N, &tmp)) != MP_OKAY) { goto error; }
}
/* read it back */
x = (unsigned long)mp_unsigned_bin_size(&key->N);
if (x > *outlen) {
err = CRYPT_BUFFER_OVERFLOW;
goto done;
}
*outlen = x;
/* convert it */
memset(out, 0, x);
if ((err = mp_to_unsigned_bin(&tmp, out+(x-mp_unsigned_bin_size(&tmp)))) != MP_OKAY) { goto error; }
/* clean up and return */
err = CRYPT_OK;
goto done;
error:
err = mpi_to_ltc_error(err);
done:
mp_clear_multi(&tmp, &tmpa, &tmpb, NULL);
return err;
}

15
dlls/rsaenh/rsaenh.c
View File

@ -35,7 +35,7 @@
#include "wincrypt.h"
#include "lmcons.h"
#include "handle.h"
#include "implossl.h"
#include "implglue.h"
WINE_DEFAULT_DEBUG_CHANNEL(crypt);
@ -939,8 +939,6 @@ BOOL WINAPI RSAENH_CPAcquireContext(HCRYPTPROV *phProv, LPSTR pszContainer,
debugstr_a(pszContainer), dwFlags, pVTable);
SetLastError(ERROR_SUCCESS);
if (!load_lib()) return FALSE;
if (pszContainer ? strlen(pszContainer) : 0)
{
@ -1787,18 +1785,23 @@ BOOL WINAPI RSAENH_CPGenKey(HCRYPTPROV hProv, ALG_ID Algid, DWORD dwFlags, HCRYP
case AT_SIGNATURE:
RSAENH_CPDestroyKey(hProv, pKeyContainer->hSignatureKeyPair);
pKeyContainer->hSignatureKeyPair =
new_key(hProv, CALG_RSA_SIGN, dwFlags, abKeyValue, 0);
new_key(hProv, CALG_RSA_SIGN, dwFlags, NULL, 0);
copy_handle(&handle_table, pKeyContainer->hSignatureKeyPair, RSAENH_MAGIC_KEY,
(unsigned int*)phKey);
break;
case AT_KEYEXCHANGE:
RSAENH_CPDestroyKey(hProv, pKeyContainer->hKeyExchangeKeyPair);
pKeyContainer->hKeyExchangeKeyPair = new_key(hProv, CALG_RSA_KEYX, dwFlags, abKeyValue, 0);
pKeyContainer->hKeyExchangeKeyPair = new_key(hProv, CALG_RSA_KEYX, dwFlags, NULL, 0);
copy_handle(&handle_table, pKeyContainer->hKeyExchangeKeyPair, RSAENH_MAGIC_KEY,
(unsigned int*)phKey);
break;
case CALG_RSA_SIGN:
case CALG_RSA_KEYX:
*phKey = new_key(hProv, Algid, dwFlags, NULL, 0);
break;
case CALG_RC2:
case CALG_RC4:
case CALG_DES:

618
dlls/rsaenh/tomcrypt.h Normal file
View File

@ -0,0 +1,618 @@
/*
* dlls/rsaenh/tomcrypt.h
* Function prototypes, type definitions and constant definitions
* for LibTomCrypt code.
*
* Copyright 2004 Michael Jung
* Based on public domain code by Tom St Denis (tomstdenis@iahu.ca)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* This file contains code from the LibTomCrypt cryptographic
* library written by Tom St Denis (tomstdenis@iahu.ca). LibTomCrypt
* is in the public domain. The code in this file is tailored to
* special requirements. Take a look at http://libtomcrypt.org for the
* original version.
*/
#ifndef __WINE_TOMCRYPT_H_
#define __WINE_TOMCRYPT_H_
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <limits.h>
#include "basetsd.h"
/* error codes [will be expanded in future releases] */
enum {
CRYPT_OK=0, /* Result OK */
CRYPT_ERROR, /* Generic Error */
CRYPT_NOP, /* Not a failure but no operation was performed */
CRYPT_INVALID_KEYSIZE, /* Invalid key size given */
CRYPT_INVALID_ROUNDS, /* Invalid number of rounds */
CRYPT_FAIL_TESTVECTOR, /* Algorithm failed test vectors */
CRYPT_BUFFER_OVERFLOW, /* Not enough space for output */
CRYPT_INVALID_PACKET, /* Invalid input packet given */
CRYPT_INVALID_PRNGSIZE, /* Invalid number of bits for a PRNG */
CRYPT_ERROR_READPRNG, /* Could not read enough from PRNG */
CRYPT_INVALID_CIPHER, /* Invalid cipher specified */
CRYPT_INVALID_HASH, /* Invalid hash specified */
CRYPT_INVALID_PRNG, /* Invalid PRNG specified */
CRYPT_MEM, /* Out of memory */
CRYPT_PK_TYPE_MISMATCH, /* Not equivalent types of PK keys */
CRYPT_PK_NOT_PRIVATE, /* Requires a private PK key */
CRYPT_INVALID_ARG, /* Generic invalid argument */
CRYPT_FILE_NOTFOUND, /* File Not Found */
CRYPT_PK_INVALID_TYPE, /* Invalid type of PK key */
CRYPT_PK_INVALID_SYSTEM,/* Invalid PK system specified */
CRYPT_PK_DUP, /* Duplicate key already in key ring */
CRYPT_PK_NOT_FOUND, /* Key not found in keyring */
CRYPT_PK_INVALID_SIZE, /* Invalid size input for PK parameters */
CRYPT_INVALID_PRIME_SIZE/* Invalid size of prime requested */
};
#define CONST64(a,b) ((((ULONG64)(a)) << 32) | (b))
typedef ULONG64 ulong64;
/* this is the "32-bit at least" data type
* Re-define it to suit your platform but it must be at least 32-bits
*/
typedef ULONG32 ulong32;
/* ---- HELPER MACROS ---- */
#define STORE32H(x, y) \
{ (y)[0] = (unsigned char)(((x)>>24)&255); (y)[1] = (unsigned char)(((x)>>16)&255); \
(y)[2] = (unsigned char)(((x)>>8)&255); (y)[3] = (unsigned char)((x)&255); }
#define LOAD32H(x, y) \
{ x = ((unsigned long)((y)[0] & 255)<<24) | \
((unsigned long)((y)[1] & 255)<<16) | \
((unsigned long)((y)[2] & 255)<<8) | \
((unsigned long)((y)[3] & 255)); }
#if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) && !defined(INTEL_CC)
static inline unsigned ROR(unsigned word, int i)
{
__asm__("rorl %%cl,%0"
:"=r" (word)
:"0" (word),"c" (i));
return word;
}
#else
/* rotates the hard way */
#define ROR(x, y) ( ((((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)((y)&31)) | \
((unsigned long)(x)<<(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
#endif
#undef MIN
#define MIN(x, y) ( ((x)<(y))?(x):(y) )
#define byte(x, n) (((x) >> (8 * (n))) & 255)
typedef struct tag_rc2_key {
unsigned xkey[64];
} rc2_key;
typedef struct tag_des_key {
ulong32 ek[32], dk[32];
} des_key;
typedef struct tag_des3_key {
ulong32 ek[3][32], dk[3][32];
} des3_key;
int rc2_setup(const unsigned char *key, int keylen, int bits, int num_rounds, rc2_key *skey);
void rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, rc2_key *key);
void rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, rc2_key *key);
int des_setup(const unsigned char *key, int keylen, int num_rounds, des_key *skey);
void des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, des_key *key);
void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, des_key *key);
int des3_setup(const unsigned char *key, int keylen, int num_rounds, des3_key *skey);
void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, des3_key *key);
void des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, des3_key *key);
typedef struct tag_md2_state {
unsigned char chksum[16], X[48], buf[16];
unsigned long curlen;
} md2_state;
int md2_init(md2_state * md);
int md2_process(md2_state * md, const unsigned char *buf, unsigned long len);
int md2_done(md2_state * md, unsigned char *hash);
struct rc4_prng {
int x, y;
unsigned char buf[256];
};
typedef union Prng_state {
struct rc4_prng rc4;
} prng_state;
int rc4_start(prng_state *prng);
int rc4_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng);
int rc4_ready(prng_state *prng);
unsigned long rc4_read(unsigned char *buf, unsigned long len, prng_state *prng);
/* some default configurations.
*
* A "mp_digit" must be able to hold DIGIT_BIT + 1 bits
* A "mp_word" must be able to hold 2*DIGIT_BIT + 1 bits
*
* At the very least a mp_digit must be able to hold 7 bits
* [any size beyond that is ok provided it doesn't overflow the data type]
*/
typedef unsigned long mp_digit;
typedef ulong64 mp_word;
#define DIGIT_BIT 28
#define MP_DIGIT_BIT DIGIT_BIT
#define MP_MASK ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1))
#define MP_DIGIT_MAX MP_MASK
/* equalities */
#define MP_LT -1 /* less than */
#define MP_EQ 0 /* equal to */
#define MP_GT 1 /* greater than */
#define MP_ZPOS 0 /* positive integer */
#define MP_NEG 1 /* negative */
#define MP_OKAY 0 /* ok result */
#define MP_MEM -2 /* out of mem */
#define MP_VAL -3 /* invalid input */
#define MP_RANGE MP_VAL
#define MP_YES 1 /* yes response */
#define MP_NO 0 /* no response */
/* Primality generation flags */
#define LTM_PRIME_BBS 0x0001 /* BBS style prime */
#define LTM_PRIME_SAFE 0x0002 /* Safe prime (p-1)/2 == prime */
#define LTM_PRIME_2MSB_OFF 0x0004 /* force 2nd MSB to 0 */
#define LTM_PRIME_2MSB_ON 0x0008 /* force 2nd MSB to 1 */
typedef int mp_err;
/* you'll have to tune these... */
extern int KARATSUBA_MUL_CUTOFF,
KARATSUBA_SQR_CUTOFF;
/* define this to use lower memory usage routines (exptmods mostly) */
/* #define MP_LOW_MEM */
#define MP_PREC 64 /* default digits of precision */
/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2) */
#define MP_WARRAY (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
/* the infamous mp_int structure */
typedef struct {
int used, alloc, sign;
mp_digit *dp;
} mp_int;
/* callback for mp_prime_random, should fill dst with random bytes and return how many read [upto len] */
typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
#define DIGIT(m,k) ((m)->dp[(k)])
/* error code to char* string */
char *mp_error_to_string(int code);
/* ---> init and deinit bignum functions <--- */
/* init a bignum */
int mp_init(mp_int *a);
/* free a bignum */
void mp_clear(mp_int *a);
/* init a null terminated series of arguments */
int mp_init_multi(mp_int *mp, ...);
/* clear a null terminated series of arguments */
void mp_clear_multi(mp_int *mp, ...);
/* exchange two ints */
void mp_exch(mp_int *a, mp_int *b);
/* shrink ram required for a bignum */
int mp_shrink(mp_int *a);
/* grow an int to a given size */
int mp_grow(mp_int *a, int size);
/* init to a given number of digits */
int mp_init_size(mp_int *a, int size);
/* ---> Basic Manipulations <--- */
#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO)
#define mp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? MP_YES : MP_NO)
#define mp_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? MP_YES : MP_NO)
/* set to zero */
void mp_zero(mp_int *a);
/* set to a digit */
void mp_set(mp_int *a, mp_digit b);
/* set a 32-bit const */
int mp_set_int(mp_int *a, unsigned long b);
/* get a 32-bit value */
unsigned long mp_get_int(mp_int * a);
/* initialize and set a digit */
int mp_init_set (mp_int * a, mp_digit b);
/* initialize and set 32-bit value */
int mp_init_set_int (mp_int * a, unsigned long b);
/* copy, b = a */
int mp_copy(const mp_int *a, mp_int *b);
/* inits and copies, a = b */
int mp_init_copy(mp_int *a, const mp_int *b);
/* trim unused digits */
void mp_clamp(mp_int *a);
/* ---> digit manipulation <--- */
/* right shift by "b" digits */
void mp_rshd(mp_int *a, int b);
/* left shift by "b" digits */
int mp_lshd(mp_int *a, int b);
/* c = a / 2**b */
int mp_div_2d(mp_int *a, int b, mp_int *c, mp_int *d);
/* b = a/2 */
int mp_div_2(mp_int *a, mp_int *b);
/* c = a * 2**b */
int mp_mul_2d(mp_int *a, int b, mp_int *c);
/* b = a*2 */
int mp_mul_2(mp_int *a, mp_int *b);
/* c = a mod 2**d */
int mp_mod_2d(mp_int *a, int b, mp_int *c);
/* computes a = 2**b */
int mp_2expt(mp_int *a, int b);
/* Counts the number of lsbs which are zero before the first zero bit */
int mp_cnt_lsb(mp_int *a);
/* I Love Earth! */
/* makes a pseudo-random int of a given size */
int mp_rand(mp_int *a, int digits);
/* ---> binary operations <--- */
/* c = a XOR b */
int mp_xor(mp_int *a, mp_int *b, mp_int *c);
/* c = a OR b */
int mp_or(mp_int *a, mp_int *b, mp_int *c);
/* c = a AND b */
int mp_and(mp_int *a, mp_int *b, mp_int *c);
/* ---> Basic arithmetic <--- */
/* b = -a */
int mp_neg(mp_int *a, mp_int *b);
/* b = |a| */
int mp_abs(mp_int *a, mp_int *b);
/* compare a to b */
int mp_cmp(mp_int *a, mp_int *b);
/* compare |a| to |b| */
int mp_cmp_mag(mp_int *a, mp_int *b);
/* c = a + b */
int mp_add(mp_int *a, mp_int *b, mp_int *c);
/* c = a - b */
int mp_sub(mp_int *a, mp_int *b, mp_int *c);
/* c = a * b */
int mp_mul(mp_int *a, mp_int *b, mp_int *c);
/* b = a*a */
int mp_sqr(mp_int *a, mp_int *b);
/* a/b => cb + d == a */
int mp_div(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
/* c = a mod b, 0 <= c < b */
int mp_mod(mp_int *a, mp_int *b, mp_int *c);
/* ---> single digit functions <--- */
/* compare against a single digit */
int mp_cmp_d(mp_int *a, mp_digit b);
/* c = a + b */
int mp_add_d(mp_int *a, mp_digit b, mp_int *c);
/* c = a - b */
int mp_sub_d(mp_int *a, mp_digit b, mp_int *c);
/* c = a * b */
int mp_mul_d(mp_int *a, mp_digit b, mp_int *c);
/* a/b => cb + d == a */
int mp_div_d(mp_int *a, mp_digit b, mp_int *c, mp_digit *d);
/* a/3 => 3c + d == a */
int mp_div_3(mp_int *a, mp_int *c, mp_digit *d);
/* c = a**b */
int mp_expt_d(mp_int *a, mp_digit b, mp_int *c);
/* c = a mod b, 0 <= c < b */
int mp_mod_d(mp_int *a, mp_digit b, mp_digit *c);
/* ---> number theory <--- */
/* d = a + b (mod c) */
int mp_addmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
/* d = a - b (mod c) */
int mp_submod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
/* d = a * b (mod c) */
int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
/* c = a * a (mod b) */
int mp_sqrmod(mp_int *a, mp_int *b, mp_int *c);
/* c = 1/a (mod b) */
int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
/* c = (a, b) */
int mp_gcd(mp_int *a, mp_int *b, mp_int *c);
/* produces value such that U1*a + U2*b = U3 */
int mp_exteuclid(mp_int *a, mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3);
/* c = [a, b] or (a*b)/(a, b) */
int mp_lcm(mp_int *a, mp_int *b, mp_int *c);
/* finds one of the b'th root of a, such that |c|**b <= |a|
*
* returns error if a < 0 and b is even
*/
int mp_n_root(mp_int *a, mp_digit b, mp_int *c);
/* special sqrt algo */
int mp_sqrt(mp_int *arg, mp_int *ret);
/* is number a square? */
int mp_is_square(mp_int *arg, int *ret);
/* computes the jacobi c = (a | n) (or Legendre if b is prime) */
int mp_jacobi(mp_int *a, mp_int *n, int *c);
/* used to setup the Barrett reduction for a given modulus b */
int mp_reduce_setup(mp_int *a, mp_int *b);
/* Barrett Reduction, computes a (mod b) with a precomputed value c
*
* Assumes that 0 < a <= b*b, note if 0 > a > -(b*b) then you can merely
* compute the reduction as -1 * mp_reduce(mp_abs(a)) [pseudo code].
*/
int mp_reduce(mp_int *a, mp_int *b, mp_int *c);
/* setups the montgomery reduction */
int mp_montgomery_setup(mp_int *a, mp_digit *mp);
/* computes a = B**n mod b without division or multiplication useful for
* normalizing numbers in a Montgomery system.
*/
int mp_montgomery_calc_normalization(mp_int *a, mp_int *b);
/* computes x/R == x (mod N) via Montgomery Reduction */
int mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp);
/* returns 1 if a is a valid DR modulus */
int mp_dr_is_modulus(mp_int *a);
/* sets the value of "d" required for mp_dr_reduce */
void mp_dr_setup(mp_int *a, mp_digit *d);
/* reduces a modulo b using the Diminished Radix method */
int mp_dr_reduce(mp_int *a, mp_int *b, mp_digit mp);
/* returns true if a can be reduced with mp_reduce_2k */
int mp_reduce_is_2k(mp_int *a);
/* determines k value for 2k reduction */
int mp_reduce_2k_setup(mp_int *a, mp_digit *d);
/* reduces a modulo b where b is of the form 2**p - k [0 <= a] */
int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
/* d = a**b (mod c) */
int mp_exptmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
/* ---> Primes <--- */
/* number of primes */
#define PRIME_SIZE 256
/* table of first PRIME_SIZE primes */
extern const mp_digit __prime_tab[];
/* result=1 if a is divisible by one of the first PRIME_SIZE primes */
int mp_prime_is_divisible(mp_int *a, int *result);
/* performs one Fermat test of "a" using base "b".
* Sets result to 0 if composite or 1 if probable prime
*/
int mp_prime_fermat(mp_int *a, mp_int *b, int *result);
/* performs one Miller-Rabin test of "a" using base "b".
* Sets result to 0 if composite or 1 if probable prime
*/
int mp_prime_miller_rabin(mp_int *a, mp_int *b, int *result);
/* This gives [for a given bit size] the number of trials required
* such that Miller-Rabin gives a prob of failure lower than 2^-96
*/
int mp_prime_rabin_miller_trials(int size);
/* performs t rounds of Miller-Rabin on "a" using the first
* t prime bases. Also performs an initial sieve of trial
* division. Determines if "a" is prime with probability
* of error no more than (1/4)**t.
*
* Sets result to 1 if probably prime, 0 otherwise
*/
int mp_prime_is_prime(mp_int *a, int t, int *result);
/* finds the next prime after the number "a" using "t" trials
* of Miller-Rabin.
*
* bbs_style = 1 means the prime must be congruent to 3 mod 4
*/
int mp_prime_next_prime(mp_int *a, int t, int bbs_style);
/* makes a truly random prime of a given size (bytes),
* call with bbs = 1 if you want it to be congruent to 3 mod 4
*
* You have to supply a callback which fills in a buffer with random bytes. "dat" is a parameter you can
* have passed to the callback (e.g. a state or something). This function doesn't use "dat" itself
* so it can be NULL
*
* The prime generated will be larger than 2^(8*size).
*/
#define mp_prime_random(a, t, size, bbs, cb, dat) mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat)
/* makes a truly random prime of a given size (bits),
*
* Flags are as follows:
*
* LTM_PRIME_BBS - make prime congruent to 3 mod 4
* LTM_PRIME_SAFE - make sure (p-1)/2 is prime as well (implies LTM_PRIME_BBS)
* LTM_PRIME_2MSB_OFF - make the 2nd highest bit zero
* LTM_PRIME_2MSB_ON - make the 2nd highest bit one
*
* You have to supply a callback which fills in a buffer with random bytes. "dat" is a parameter you can
* have passed to the callback (e.g. a state or something). This function doesn't use "dat" itself
* so it can be NULL
*
*/
int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback cb, void *dat);
/* ---> radix conversion <--- */
int mp_count_bits(mp_int *a);
int mp_unsigned_bin_size(mp_int *a);
int mp_read_unsigned_bin(mp_int *a, unsigned char *b, int c);
int mp_to_unsigned_bin(mp_int *a, unsigned char *b);
int mp_signed_bin_size(mp_int *a);
int mp_read_signed_bin(mp_int *a, unsigned char *b, int c);
int mp_to_signed_bin(mp_int *a, unsigned char *b);
int mp_read_radix(mp_int *a, char *str, int radix);
int mp_toradix(mp_int *a, char *str, int radix);
int mp_toradix_n(mp_int * a, char *str, int radix, int maxlen);
int mp_radix_size(mp_int *a, int radix, int *size);
int mp_fread(mp_int *a, int radix, FILE *stream);
int mp_fwrite(mp_int *a, int radix, FILE *stream);
#define mp_read_raw(mp, str, len) mp_read_signed_bin((mp), (str), (len))
#define mp_raw_size(mp) mp_signed_bin_size(mp)
#define mp_toraw(mp, str) mp_to_signed_bin((mp), (str))
#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len))
#define mp_mag_size(mp) mp_unsigned_bin_size(mp)
#define mp_tomag(mp, str) mp_to_unsigned_bin((mp), (str))
#define mp_tobinary(M, S) mp_toradix((M), (S), 2)
#define mp_tooctal(M, S) mp_toradix((M), (S), 8)
#define mp_todecimal(M, S) mp_toradix((M), (S), 10)
#define mp_tohex(M, S) mp_toradix((M), (S), 16)
/* lowlevel functions, do not call! */
int s_mp_add(mp_int *a, mp_int *b, mp_int *c);
int s_mp_sub(mp_int *a, mp_int *b, mp_int *c);
#define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1)
int fast_s_mp_mul_digs(mp_int *a, mp_int *b, mp_int *c, int digs);
int s_mp_mul_digs(mp_int *a, mp_int *b, mp_int *c, int digs);
int fast_s_mp_mul_high_digs(mp_int *a, mp_int *b, mp_int *c, int digs);
int s_mp_mul_high_digs(mp_int *a, mp_int *b, mp_int *c, int digs);
int fast_s_mp_sqr(mp_int *a, mp_int *b);
int s_mp_sqr(mp_int *a, mp_int *b);
int mp_karatsuba_mul(mp_int *a, mp_int *b, mp_int *c);
int mp_toom_mul(mp_int *a, mp_int *b, mp_int *c);
int mp_karatsuba_sqr(mp_int *a, mp_int *b);
int mp_toom_sqr(mp_int *a, mp_int *b);
int fast_mp_invmod(mp_int *a, mp_int *b, mp_int *c);
int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c);
int fast_mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp);
int mp_exptmod_fast(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int mode);
int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
void bn_reverse(unsigned char *s, int len);
extern const char *mp_s_rmap;
#define PK_PRIVATE 0 /* PK private keys */
#define PK_PUBLIC 1 /* PK public keys */
/* Min and Max RSA key sizes (in bits) */
#define MIN_RSA_SIZE 384
#define MAX_RSA_SIZE 16384
typedef struct Rsa_key {
int type;
mp_int e, d, N, p, q, qP, dP, dQ;
} rsa_key;
int rsa_make_key(int size, long e, rsa_key *key);
int rsa_exptmod(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen, int which,
rsa_key *key);
void rsa_free(rsa_key *key);
#endif /* __WINE_TOMCRYPT_H_ */