Commit 00dfa1bd authored by Paul Gofman's avatar Paul Gofman Committed by Alexandre Julliard

bcrypt: Fix ECC public key export.

parent b133b756
...@@ -91,6 +91,8 @@ static int (*pgnutls_cipher_add_auth)(gnutls_cipher_hd_t, const void *, size_t); ...@@ -91,6 +91,8 @@ static int (*pgnutls_cipher_add_auth)(gnutls_cipher_hd_t, const void *, size_t);
static gnutls_sign_algorithm_t (*pgnutls_pk_to_sign)(gnutls_pk_algorithm_t, gnutls_digest_algorithm_t); static gnutls_sign_algorithm_t (*pgnutls_pk_to_sign)(gnutls_pk_algorithm_t, gnutls_digest_algorithm_t);
static int (*pgnutls_pubkey_import_ecc_raw)(gnutls_pubkey_t, gnutls_ecc_curve_t, static int (*pgnutls_pubkey_import_ecc_raw)(gnutls_pubkey_t, gnutls_ecc_curve_t,
const gnutls_datum_t *, const gnutls_datum_t *); const gnutls_datum_t *, const gnutls_datum_t *);
static int (*pgnutls_pubkey_export_ecc_raw)(gnutls_pubkey_t key, gnutls_ecc_curve_t *curve,
gnutls_datum_t *x, gnutls_datum_t *y);
static int (*pgnutls_privkey_import_ecc_raw)(gnutls_privkey_t, gnutls_ecc_curve_t, const gnutls_datum_t *, static int (*pgnutls_privkey_import_ecc_raw)(gnutls_privkey_t, gnutls_ecc_curve_t, const gnutls_datum_t *,
const gnutls_datum_t *, const gnutls_datum_t *); const gnutls_datum_t *, const gnutls_datum_t *);
static int (*pgnutls_pubkey_verify_hash2)(gnutls_pubkey_t, gnutls_sign_algorithm_t, unsigned int, static int (*pgnutls_pubkey_verify_hash2)(gnutls_pubkey_t, gnutls_sign_algorithm_t, unsigned int,
...@@ -158,6 +160,12 @@ static int compat_gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_c ...@@ -158,6 +160,12 @@ static int compat_gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_c
return GNUTLS_E_UNKNOWN_PK_ALGORITHM; return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
} }
static int compat_gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_curve_t *curve,
gnutls_datum_t *x, gnutls_datum_t *y)
{
return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
}
static int compat_gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, gnutls_datum_t *m, gnutls_datum_t *e, static int compat_gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, gnutls_datum_t *m, gnutls_datum_t *e,
gnutls_datum_t *d, gnutls_datum_t *p, gnutls_datum_t *q, gnutls_datum_t *d, gnutls_datum_t *p, gnutls_datum_t *q,
gnutls_datum_t *u, gnutls_datum_t *e1, gnutls_datum_t *e2) gnutls_datum_t *u, gnutls_datum_t *e1, gnutls_datum_t *e2)
...@@ -292,6 +300,7 @@ static NTSTATUS gnutls_process_attach( void *args ) ...@@ -292,6 +300,7 @@ static NTSTATUS gnutls_process_attach( void *args )
LOAD_FUNCPTR_OPT(gnutls_cipher_tag) LOAD_FUNCPTR_OPT(gnutls_cipher_tag)
LOAD_FUNCPTR_OPT(gnutls_cipher_add_auth) LOAD_FUNCPTR_OPT(gnutls_cipher_add_auth)
LOAD_FUNCPTR_OPT(gnutls_pubkey_import_ecc_raw) LOAD_FUNCPTR_OPT(gnutls_pubkey_import_ecc_raw)
LOAD_FUNCPTR_OPT(gnutls_pubkey_export_ecc_raw)
LOAD_FUNCPTR_OPT(gnutls_privkey_export_rsa_raw) LOAD_FUNCPTR_OPT(gnutls_privkey_export_rsa_raw)
LOAD_FUNCPTR_OPT(gnutls_privkey_export_ecc_raw) LOAD_FUNCPTR_OPT(gnutls_privkey_export_ecc_raw)
LOAD_FUNCPTR_OPT(gnutls_privkey_import_ecc_raw) LOAD_FUNCPTR_OPT(gnutls_privkey_import_ecc_raw)
...@@ -673,7 +682,14 @@ static NTSTATUS key_export_ecc_public( struct key *key, UCHAR *buf, ULONG len, U ...@@ -673,7 +682,14 @@ static NTSTATUS key_export_ecc_public( struct key *key, UCHAR *buf, ULONG len, U
return STATUS_NOT_IMPLEMENTED; return STATUS_NOT_IMPLEMENTED;
} }
if ((ret = pgnutls_privkey_export_ecc_raw( key_data(key)->a.privkey, &curve, &x, &y, NULL ))) if (key_data(key)->a.pubkey)
ret = pgnutls_pubkey_export_ecc_raw( key_data(key)->a.pubkey, &curve, &x, &y );
else if (key_data(key)->a.privkey)
ret = pgnutls_privkey_export_ecc_raw( key_data(key)->a.privkey, &curve, &x, &y, NULL );
else
return STATUS_INVALID_PARAMETER;
if (ret)
{ {
pgnutls_perror( ret ); pgnutls_perror( ret );
return STATUS_INTERNAL_ERROR; return STATUS_INTERNAL_ERROR;
...@@ -910,6 +926,8 @@ static NTSTATUS key_export_ecc( struct key *key, UCHAR *buf, ULONG len, ULONG *r ...@@ -910,6 +926,8 @@ static NTSTATUS key_export_ecc( struct key *key, UCHAR *buf, ULONG len, ULONG *r
return STATUS_NOT_IMPLEMENTED; return STATUS_NOT_IMPLEMENTED;
} }
if (!key_data(key)->a.privkey) return STATUS_INVALID_PARAMETER;
if ((ret = pgnutls_privkey_export_ecc_raw( key_data(key)->a.privkey, &curve, &x, &y, &d ))) if ((ret = pgnutls_privkey_export_ecc_raw( key_data(key)->a.privkey, &curve, &x, &y, &d )))
{ {
pgnutls_perror( ret ); pgnutls_perror( ret );
......
...@@ -1860,6 +1860,16 @@ static void test_ECDSA(void) ...@@ -1860,6 +1860,16 @@ static void test_ECDSA(void)
status = BCryptImportKeyPair(alg, NULL, BCRYPT_ECCPUBLIC_BLOB, &key, buffer, size, 0); status = BCryptImportKeyPair(alg, NULL, BCRYPT_ECCPUBLIC_BLOB, &key, buffer, size, 0);
ok(!status, "BCryptImportKeyPair failed: %#lx\n", status); ok(!status, "BCryptImportKeyPair failed: %#lx\n", status);
memset(buffer, 0xcc, sizeof(buffer));
status = BCryptExportKey(key, NULL, BCRYPT_ECCPUBLIC_BLOB, buffer, sizeof(buffer), &size, 0);
ok(!status, "Got unexpected status %#lx\n", status);
ok(ecckey->dwMagic == BCRYPT_ECDSA_PUBLIC_P256_MAGIC, "Got unexpected magic %#lx.\n", ecckey->dwMagic);
ok(ecckey->cbKey == 32, "got %lu\n", ecckey->cbKey);
ok(!memcmp(ecckey + 1, eccPubkey, sizeof(eccPubkey)), "Got unexpected key data.\n");
status = BCryptExportKey(key, NULL, BCRYPT_ECCPRIVATE_BLOB, buffer, sizeof(buffer), &size, 0);
ok(status == STATUS_INVALID_PARAMETER, "Got unexpected status %#lx\n", status);
status = BCryptVerifySignature(key, NULL, certHash, sizeof(certHash) - 1, certSignature, sizeof(certSignature), 0); status = BCryptVerifySignature(key, NULL, certHash, sizeof(certHash) - 1, certSignature, sizeof(certSignature), 0);
ok(status == STATUS_INVALID_SIGNATURE, "Expected STATUS_INVALID_SIGNATURE, got %#lx\n", status); ok(status == STATUS_INVALID_SIGNATURE, "Expected STATUS_INVALID_SIGNATURE, got %#lx\n", status);
...@@ -1885,6 +1895,14 @@ static void test_ECDSA(void) ...@@ -1885,6 +1895,14 @@ static void test_ECDSA(void)
status = BCryptImportKeyPair(alg, NULL, BCRYPT_ECCPRIVATE_BLOB, &key, buffer, size, 0); status = BCryptImportKeyPair(alg, NULL, BCRYPT_ECCPRIVATE_BLOB, &key, buffer, size, 0);
ok(!status, "BCryptImportKeyPair failed: %#lx\n", status); ok(!status, "BCryptImportKeyPair failed: %#lx\n", status);
memset( buffer, 0xcc, sizeof(buffer) );
status = BCryptExportKey(key, NULL, BCRYPT_ECCPUBLIC_BLOB, buffer, sizeof(buffer), &size, 0);
ok(!status, "Got unexpected status %#lx\n", status);
ok(ecckey->dwMagic == BCRYPT_ECDSA_PUBLIC_P256_MAGIC, "got %#lx\n", ecckey->dwMagic);
ok(ecckey->cbKey == 32, "got %lu\n", ecckey->cbKey);
ok(!memcmp(ecckey + 1, eccPrivkey, sizeof(eccPubkey)), "Got unexpected key data.\n");
size = sizeof(BCRYPT_ECCKEY_BLOB) + sizeof(eccPrivkey);
memset( buffer, 0, sizeof(buffer) ); memset( buffer, 0, sizeof(buffer) );
status = BCryptExportKey(key, NULL, BCRYPT_ECCPRIVATE_BLOB, buffer, size, &size, 0); status = BCryptExportKey(key, NULL, BCRYPT_ECCPRIVATE_BLOB, buffer, size, &size, 0);
ok(status == STATUS_SUCCESS, "got %#lx\n", status); ok(status == STATUS_SUCCESS, "got %#lx\n", status);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment