http://bugs.winehq.org/show_bug.cgi?id=20340
--- Comment #7 from Juan Lang juan_lang@yahoo.com 2009-10-21 17:16:01 --- Here's a little more from a +crypt log: trace:crypt:CryptImportKey (0x1528c8, 0xca8270, 28, 0x0, 00000100, 0xca67d8) trace:crypt:RSAENH_CPImportKey (hProv=00000001, pbData=0xca8270, dwDataLen=28, hPubKey=00000000, dwFlags=00000100, phKey=0x152abc) trace:crypt:import_key blob type: 8 trace:crypt:new_key alg = "RC2", dwKeyLen = 128 trace:crypt:CryptCreateHash (0x1528c8, 0x8009, 0x152ab8, 00000000, 0xca67d4)
x8009 is CALG_HMAC in CryptCreateHash.
The blob type is 8, which is PLAINTEXTKEYBLOB. This code in rsaenh.c's import_plaintext_key is incorrect when CRYPT_IPSEC_HMAC_KEY is passed: memcpy(pCryptKey->abKeyValue, pbKeyStream, *pKeyLen);
The reason is abKeyValue is declared as: BYTE abKeyValue[RSAENH_MAX_KEY_SIZE];
and RSAENH_MAX_KEY_SIZE is: #define RSAENH_MAX_KEY_SIZE 48
This is fine for the current key length of 128 bits, but not for the largest the app passes (640 = 80 bytes). Testing on Windows showed that there is no key length limit when CRYPT_IPSEC_HMAC_KEY is passed, so I think CRYPT_IPSEC_HMAC_KEY implies the data are passed to an HMAC stream, rather than imported directly.