bcrypt: Set pubkey from privkey in key_asymmetric_import().

e1fb6316 · Paul Gofman · Alexandre Julliard · 6f455e10 · e1fb6316
Commit e1fb6316 authored Dec 14, 2022 by Paul Gofman Committed by Alexandre Julliard Dec 15, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 9 deletions

gnutls.c dlls/bcrypt/gnutls.c +30 -9

No files found.
--- a/dlls/bcrypt/gnutls.c
+++ b/dlls/bcrypt/gnutls.c
@@ -713,8 +713,6 @@ static NTSTATUS key_export_rsa_public( struct key *key, UCHAR *buf, ULONG len, U
    if (key_data(key)->a.pubkey)
        ret = pgnutls_pubkey_export_rsa_raw( key_data(key)->a.pubkey, &m, &e );
-    else if (key_data(key)->a.privkey)
-        ret = pgnutls_privkey_export_rsa_raw( key_data(key)->a.privkey, &m, &e, NULL, NULL, NULL, NULL, NULL, NULL );
    else
        return STATUS_INVALID_PARAMETER;
@@ -781,8 +779,6 @@ static NTSTATUS key_export_ecc_public( struct key *key, UCHAR *buf, ULONG len, U
    if (key_data(key)->a.pubkey)
        ret = pgnutls_pubkey_export_ecc_raw( key_data(key)->a.pubkey, &curve, &x, &y );
-    else if (key_data(key)->a.privkey)
-        ret = pgnutls_privkey_export_ecc_raw( key_data(key)->a.privkey, &curve, &x, &y, NULL );
    else
        return STATUS_INVALID_PARAMETER;
@@ -831,8 +827,6 @@ static NTSTATUS key_export_dsa_public( struct key *key, UCHAR *buf, ULONG len, U
    if (key_data(key)->a.pubkey)
        ret = pgnutls_pubkey_export_dsa_raw( key_data(key)->a.pubkey, &p, &q, &g, &y );
-    else if (key_data(key)->a.privkey)
-        ret = pgnutls_privkey_export_dsa_raw( key_data(key)->a.privkey, &p, &q, &g, &y, NULL );
    else
        return STATUS_INVALID_PARAMETER;
@@ -1574,6 +1568,8 @@ static NTSTATUS key_asymmetric_import( void *args )
    const struct key_asymmetric_import_params *params = args;
    struct key *key = params->key;
    unsigned flags = params->flags;
+    gnutls_pubkey_t pubkey;
+    NTSTATUS ret;
    switch (key->alg_id)
    {
@@ -1583,13 +1579,15 @@ static NTSTATUS key_asymmetric_import( void *args )
    case ALG_ID_ECDSA_P384:
        if (flags & KEY_IMPORT_FLAG_PUBLIC)
            return key_import_ecc_public( key, params->buf, params->len );
-        return key_import_ecc( key, params->buf, params->len );
+        ret = key_import_ecc( key, params->buf, params->len );
+        break;
    case ALG_ID_RSA:
    case ALG_ID_RSA_SIGN:
        if (flags & KEY_IMPORT_FLAG_PUBLIC)
            return key_import_rsa_public( key, params->buf, params->len );
-        return key_import_rsa( key, params->buf, params->len );
+        ret = key_import_rsa( key, params->buf, params->len );
+        break;
    case ALG_ID_DSA:
        if (flags & KEY_IMPORT_FLAG_PUBLIC)
@@ -1599,7 +1597,10 @@ static NTSTATUS key_asymmetric_import( void *args )
            return key_import_dsa_public( key, params->buf, params->len );
        }
        if (key->u.a.flags & KEY_FLAG_LEGACY_DSA_V2)
-            return key_import_dsa_capi( key, params->buf, params->len );
+        {
+            ret = key_import_dsa_capi( key, params->buf, params->len );
+            break;
+        }
        FIXME( "DSA private key not supported\n" );
        return STATUS_NOT_IMPLEMENTED;
@@ -1607,6 +1608,26 @@ static NTSTATUS key_asymmetric_import( void *args )
        FIXME( "algorithm %u not yet supported\n", key->alg_id );
        return STATUS_NOT_IMPLEMENTED;
    }
+    if (ret) return ret;
+    if ((ret = pgnutls_pubkey_init( &pubkey )))
+    {
+        pgnutls_perror( ret );
+        return STATUS_INTERNAL_ERROR;
+    }
+    if (pgnutls_pubkey_import_privkey( pubkey, key_data(params->key)->a.privkey, 0, 0 ))
+    {
+        /* Imported private key may be legitimately missing public key, so ignore the failure here. */
+        pgnutls_pubkey_deinit( pubkey );
+    }
+    else
+    {
+        if (key_data(key)->a.pubkey) pgnutls_pubkey_deinit( key_data(key)->a.pubkey );
+        key_data(key)->a.pubkey = pubkey;
+    }
+    return STATUS_SUCCESS;
 }
 static NTSTATUS prepare_gnutls_signature_dsa( struct key *key, UCHAR *signature, ULONG signature_len,