On Mon, 2022-03-07 at 20:57 -0300, Santino Mazza wrote:
Signed-off-by: Santino Mazza <mazzasantino1206(a)gmail.com> --- dlls/ncrypt/main.c | 62 ++++++++++++++++++++++++++++++----- dlls/ncrypt/ncrypt_internal.h | 6 ++++ dlls/ncrypt/tests/ncrypt.c | 8 +++-- 3 files changed, 66 insertions(+), 10 deletions(-)
diff --git a/dlls/ncrypt/main.c b/dlls/ncrypt/main.c index 1f0ff3f5752..d4248e76c45 100644 --- a/dlls/ncrypt/main.c +++ b/dlls/ncrypt/main.c @@ -30,14 +30,6 @@
[...]
-SECURITY_STATUS WINAPI NCryptCreatePersistedKey(NCRYPT_PROV_HANDLE provider, NCRYPT_KEY_HANDLE *key, - const WCHAR *algid, const WCHAR *name, DWORD keyspec, DWORD flags) -{ - FIXME("(%#Ix, %p, %s, %s, %#lx, %#lx): stub\n", provider, key, wine_dbgstr_w(algid), - wine_dbgstr_w(name), keyspec, flags); - return NTE_NOT_SUPPORTED; -} - SECURITY_STATUS WINAPI NCryptDecrypt(NCRYPT_KEY_HANDLE key, BYTE *input, DWORD insize, void *padding, BYTE *output, DWORD outsize, DWORD *result, DWORD flags) { @@ -357,6 +349,60 @@ SECURITY_STATUS WINAPI NCryptSetProperty(NCRYPT_HANDLE handle, const WCHAR *name return set_object_property(object, name, input, insize); }
+SECURITY_STATUS WINAPI NCryptCreatePersistedKey(NCRYPT_PROV_HANDLE provider, NCRYPT_KEY_HANDLE *key, + const WCHAR *algid, const WCHAR *name, DWORD keyspec, DWORD flags) +{ + struct object *key_object; + TRACE("(%#Ix, %p, %s, %s, %#lx, %#lx)\n", provider, key, wine_dbgstr_w(algid), + wine_dbgstr_w(name), keyspec, flags); + + if (!provider) return NTE_INVALID_HANDLE; + if (!algid) return HRESULT_FROM_WIN32(RPC_X_NULL_REF_POINTER); + if (name) FIXME("Persistant keys not supported\n"); + + if (!(key_object = allocate_object(KEY))) + { + ERR("Error allocating memory\n"); + return NTE_NO_MEMORY; + } + + if (!lstrcmpiW(algid, BCRYPT_RSA_ALGORITHM)) + { + NTSTATUS ret = BCryptOpenAlgorithmProvider(&key_object->key.alg_prov, BCRYPT_RSA_ALGORITHM, NULL, 0); + DWORD default_bitlength = 1024;
This could use a test to confirm that 1024 is the default.
+ + if (ret != ERROR_SUCCESS) + { + ERR("Error opening algorithm provider\n"); + free(key_object); + return NTE_INTERNAL_ERROR; + } + + ret = BCryptGenerateKeyPair(key_object->key.alg_prov, &key_object->key.bcrypt_key, 1024, 0); + if (ret != ERROR_SUCCESS) + { + ERR("Error generating key pair\n"); + BCryptCloseAlgorithmProvider(key_object->key.alg_prov, 0); + free(key_object); + return NTE_INTERNAL_ERROR; + } + + key_object->key.type = ASYMMETRIC; + set_object_property(key_object, NCRYPT_PROVIDER_HANDLE_PROPERTY, (BYTE *)&provider, sizeof(NCRYPT_PROV_HANDLE)); + set_object_property(key_object, NCRYPT_ALGORITHM_GROUP_PROPERTY, (BYTE *)BCRYPT_RSA_ALGORITHM, sizeof(BCRYPT_RSA_ALGORITHM)); + set_object_property(key_object, NCRYPT_LENGTH_PROPERTY, (BYTE *)&default_bitlength, sizeof(default_bitlength)); + } + else + { + FIXME("Algorithm not handled %s\n", wine_dbgstr_w(algid)); + free(key_object); + return NTE_NOT_SUPPORTED; + } + + *key = (NCRYPT_KEY_HANDLE)key_object; + return ERROR_SUCCESS; +} +
There's no reason to move this function. It also has so much in common with NCryptImportKey() that they should share a helper.
SECURITY_STATUS WINAPI NCryptVerifySignature(NCRYPT_KEY_HANDLE handle, void *padding, BYTE *hash, DWORD hash_size, BYTE *signature, DWORD signature_size, DWORD flags) { diff --git a/dlls/ncrypt/ncrypt_internal.h b/dlls/ncrypt/ncrypt_internal.h index 05f2f6835de..f480667b29e 100644 --- a/dlls/ncrypt/ncrypt_internal.h +++ b/dlls/ncrypt/ncrypt_internal.h @@ -18,8 +18,14 @@
#include <bcrypt.h>
+enum key_type { + SYMMETRIC, + ASYMMETRIC +}; + struct key { + enum key_type type;
It would be better to store an algorithm id from which the symmetric/asymmetric distinction can be derived.