Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
650fe1fd
Commit
650fe1fd
authored
Jun 29, 2023
by
Paul Gofman
Committed by
Alexandre Julliard
Jun 30, 2023
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
crypt32: Support CNG keys in CDecodeSignedMsg_VerifySignatureWithKey().
parent
8436f038
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
42 additions
and
8 deletions
+42
-8
cert.c
dlls/crypt32/cert.c
+1
-1
crypt32_private.h
dlls/crypt32/crypt32_private.h
+2
-0
msg.c
dlls/crypt32/msg.c
+37
-5
msg.c
dlls/crypt32/tests/msg.c
+2
-2
No files found.
dlls/crypt32/cert.c
View file @
650fe1fd
...
@@ -2810,7 +2810,7 @@ static BOOL CNG_PrepareSignatureECC(BYTE *encoded_sig, DWORD encoded_size, BYTE
...
@@ -2810,7 +2810,7 @@ static BOOL CNG_PrepareSignatureECC(BYTE *encoded_sig, DWORD encoded_size, BYTE
return
TRUE
;
return
TRUE
;
}
}
static
BOOL
cng_prepare_signature
(
const
char
*
alg_oid
,
BYTE
*
encoded_sig
,
DWORD
encoded_sig_len
,
BOOL
cng_prepare_signature
(
const
char
*
alg_oid
,
BYTE
*
encoded_sig
,
DWORD
encoded_sig_len
,
BYTE
**
sig_value
,
DWORD
*
sig_len
)
BYTE
**
sig_value
,
DWORD
*
sig_len
)
{
{
if
(
!
strcmp
(
alg_oid
,
szOID_ECC_PUBLIC_KEY
))
if
(
!
strcmp
(
alg_oid
,
szOID_ECC_PUBLIC_KEY
))
...
...
dlls/crypt32/crypt32_private.h
View file @
650fe1fd
...
@@ -23,6 +23,8 @@
...
@@ -23,6 +23,8 @@
#include "wine/unixlib.h"
#include "wine/unixlib.h"
BOOL
CNG_ImportPubKey
(
CERT_PUBLIC_KEY_INFO
*
pubKeyInfo
,
BCRYPT_KEY_HANDLE
*
key
)
DECLSPEC_HIDDEN
;
BOOL
CNG_ImportPubKey
(
CERT_PUBLIC_KEY_INFO
*
pubKeyInfo
,
BCRYPT_KEY_HANDLE
*
key
)
DECLSPEC_HIDDEN
;
BOOL
cng_prepare_signature
(
const
char
*
alg_oid
,
BYTE
*
encoded_sig
,
DWORD
encoded_sig_len
,
BYTE
**
sig_value
,
DWORD
*
sig_len
)
DECLSPEC_HIDDEN
;
/* a few asn.1 tags we need */
/* a few asn.1 tags we need */
#define ASN_BOOL (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x01)
#define ASN_BOOL (ASN_UNIVERSAL | ASN_PRIMITIVE | 0x01)
...
...
dlls/crypt32/msg.c
View file @
650fe1fd
...
@@ -3316,24 +3316,56 @@ static BOOL CDecodeHashMsg_VerifyHash(CDecodeMsg *msg)
...
@@ -3316,24 +3316,56 @@ static BOOL CDecodeHashMsg_VerifyHash(CDecodeMsg *msg)
return
ret
;
return
ret
;
}
}
static
BOOL
cng_verify_msg_signature
(
CMSG_CMS_SIGNER_INFO
*
signer
,
HCRYPTHASH
hash
,
CERT_PUBLIC_KEY_INFO
*
key_info
)
{
BYTE
*
hash_value
,
*
sig_value
=
NULL
;
DWORD
hash_len
,
sig_len
;
BCRYPT_KEY_HANDLE
key
;
BOOL
ret
=
FALSE
;
NTSTATUS
status
;
if
(
!
CryptImportPublicKeyInfoEx2
(
X509_ASN_ENCODING
,
key_info
,
0
,
NULL
,
&
key
))
return
FALSE
;
if
(
!
extract_hash
(
hash
,
&
hash_value
,
&
hash_len
))
goto
done
;
if
(
!
cng_prepare_signature
(
key_info
->
Algorithm
.
pszObjId
,
signer
->
EncryptedHash
.
pbData
,
signer
->
EncryptedHash
.
cbData
,
&
sig_value
,
&
sig_len
))
goto
done
;
status
=
BCryptVerifySignature
(
key
,
NULL
,
hash_value
,
hash_len
,
sig_value
,
sig_len
,
0
);
if
(
status
)
{
FIXME
(
"Failed to verify signature: %08lx.
\n
"
,
status
);
SetLastError
(
RtlNtStatusToDosError
(
status
));
}
ret
=
!
status
;
done:
CryptMemFree
(
sig_value
);
CryptMemFree
(
hash_value
);
BCryptDestroyKey
(
key
);
return
ret
;
}
static
BOOL
CDecodeSignedMsg_VerifySignatureWithKey
(
CDecodeMsg
*
msg
,
static
BOOL
CDecodeSignedMsg_VerifySignatureWithKey
(
CDecodeMsg
*
msg
,
HCRYPTPROV
prov
,
DWORD
signerIndex
,
PCERT_PUBLIC_KEY_INFO
keyInfo
)
HCRYPTPROV
prov
,
DWORD
signerIndex
,
PCERT_PUBLIC_KEY_INFO
keyInfo
)
{
{
HCRYPTHASH
hash
;
HCRYPTKEY
key
;
HCRYPTKEY
key
;
BOOL
ret
;
BOOL
ret
;
ALG_ID
alg_id
=
0
;
if
(
msg
->
u
.
signed_data
.
info
->
rgSignerInfo
[
signerIndex
].
AuthAttrs
.
cAttr
)
hash
=
msg
->
u
.
signed_data
.
signerHandles
[
signerIndex
].
authAttrHash
;
else
hash
=
msg
->
u
.
signed_data
.
signerHandles
[
signerIndex
].
contentHash
;
if
(
keyInfo
->
Algorithm
.
pszObjId
)
alg_id
=
CertOIDToAlgId
(
keyInfo
->
Algorithm
.
pszObjId
);
if
(
alg_id
==
CALG_OID_INFO_PARAMETERS
||
alg_id
==
CALG_OID_INFO_CNG_ONLY
)
return
cng_verify_msg_signature
(
&
msg
->
u
.
signed_data
.
info
->
rgSignerInfo
[
signerIndex
],
hash
,
keyInfo
);
if
(
!
prov
)
if
(
!
prov
)
prov
=
msg
->
crypt_prov
;
prov
=
msg
->
crypt_prov
;
ret
=
CryptImportPublicKeyInfo
(
prov
,
X509_ASN_ENCODING
,
keyInfo
,
&
key
);
ret
=
CryptImportPublicKeyInfo
(
prov
,
X509_ASN_ENCODING
,
keyInfo
,
&
key
);
if
(
ret
)
if
(
ret
)
{
{
HCRYPTHASH
hash
;
CRYPT_HASH_BLOB
reversedHash
;
CRYPT_HASH_BLOB
reversedHash
;
if
(
msg
->
u
.
signed_data
.
info
->
rgSignerInfo
[
signerIndex
].
AuthAttrs
.
cAttr
)
hash
=
msg
->
u
.
signed_data
.
signerHandles
[
signerIndex
].
authAttrHash
;
else
hash
=
msg
->
u
.
signed_data
.
signerHandles
[
signerIndex
].
contentHash
;
ret
=
CRYPT_ConstructBlob
(
&
reversedHash
,
ret
=
CRYPT_ConstructBlob
(
&
reversedHash
,
&
msg
->
u
.
signed_data
.
info
->
rgSignerInfo
[
signerIndex
].
EncryptedHash
);
&
msg
->
u
.
signed_data
.
info
->
rgSignerInfo
[
signerIndex
].
EncryptedHash
);
if
(
ret
)
if
(
ret
)
...
...
dlls/crypt32/tests/msg.c
View file @
650fe1fd
...
@@ -3608,12 +3608,12 @@ static void test_verify_ecc_signature(void)
...
@@ -3608,12 +3608,12 @@ static void test_verify_ecc_signature(void)
BCryptDestroyKey
(
bkey
);
BCryptDestroyKey
(
bkey
);
bret
=
CryptMsgControl
(
msg
,
0
,
CMSG_CTRL_VERIFY_SIGNATURE
,
cert
->
pCertInfo
);
bret
=
CryptMsgControl
(
msg
,
0
,
CMSG_CTRL_VERIFY_SIGNATURE
,
cert
->
pCertInfo
);
todo_wine
ok
(
bret
,
"failed, error %#lx.
\n
"
,
GetLastError
());
ok
(
bret
,
"failed, error %#lx.
\n
"
,
GetLastError
());
verify_para
.
dwSignerType
=
CMSG_VERIFY_SIGNER_CERT
;
verify_para
.
dwSignerType
=
CMSG_VERIFY_SIGNER_CERT
;
verify_para
.
pvSigner
=
(
void
*
)
cert
;
verify_para
.
pvSigner
=
(
void
*
)
cert
;
bret
=
CryptMsgControl
(
msg
,
0
,
CMSG_CTRL_VERIFY_SIGNATURE_EX
,
&
verify_para
);
bret
=
CryptMsgControl
(
msg
,
0
,
CMSG_CTRL_VERIFY_SIGNATURE_EX
,
&
verify_para
);
todo_wine
ok
(
bret
,
"failed, error %#lx.
\n
"
,
GetLastError
());
ok
(
bret
,
"failed, error %#lx.
\n
"
,
GetLastError
());
free
(
signer_info
);
free
(
signer_info
);
free
(
cert_info
);
free
(
cert_info
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment