Module: wine Branch: master Commit: f0e13847779fe058b655c8ec1a20f61b431f7df2 URL: https://source.winehq.org/git/wine.git/?a=commit;h=f0e13847779fe058b655c8ec1...
Author: Alexandre Julliard julliard@winehq.org Date: Tue Sep 29 14:16:17 2020 +0200
bcrypt: Add separate backend functions for destroying symmetric/asymmetric keys.
Signed-off-by: Alexandre Julliard julliard@winehq.org
---
dlls/bcrypt/bcrypt_internal.h | 4 ++-- dlls/bcrypt/bcrypt_main.c | 32 +++++++++++++++++++++----------- dlls/bcrypt/gnutls.c | 21 +++++++-------------- dlls/bcrypt/macos.c | 15 ++++++++------- 4 files changed, 38 insertions(+), 34 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_internal.h b/dlls/bcrypt/bcrypt_internal.h index 2b26fbbc9c..ca48d20f77 100644 --- a/dlls/bcrypt/bcrypt_internal.h +++ b/dlls/bcrypt/bcrypt_internal.h @@ -265,12 +265,12 @@ NTSTATUS key_symmetric_set_auth_data( struct key *, UCHAR *, ULONG ) DECLSPEC_HI NTSTATUS key_symmetric_encrypt( struct key *, const UCHAR *, ULONG, UCHAR *, ULONG ) DECLSPEC_HIDDEN; NTSTATUS key_symmetric_decrypt( struct key *, const UCHAR *, ULONG, UCHAR *, ULONG ) DECLSPEC_HIDDEN; NTSTATUS key_symmetric_get_tag( struct key *, UCHAR *, ULONG ) DECLSPEC_HIDDEN; +void key_symmetric_destroy( struct key * ) DECLSPEC_HIDDEN; NTSTATUS key_asymmetric_init( struct key * ) DECLSPEC_HIDDEN; NTSTATUS key_asymmetric_generate( struct key * ) DECLSPEC_HIDDEN; NTSTATUS key_asymmetric_sign( struct key *, void *, UCHAR *, ULONG, UCHAR *, ULONG, ULONG *, ULONG ) DECLSPEC_HIDDEN; NTSTATUS key_asymmetric_verify( struct key *, void *, UCHAR *, ULONG, UCHAR *, ULONG, DWORD ) DECLSPEC_HIDDEN; -NTSTATUS key_destroy( struct key * ) DECLSPEC_HIDDEN; -BOOL key_is_symmetric( struct key * ) DECLSPEC_HIDDEN; +void key_asymmetric_destroy( struct key * ) DECLSPEC_HIDDEN; NTSTATUS key_export_dsa_capi( struct key *, UCHAR *, ULONG, ULONG * ) DECLSPEC_HIDDEN; NTSTATUS key_export_ecc( struct key *, UCHAR *, ULONG, ULONG * ) DECLSPEC_HIDDEN; NTSTATUS key_import_dsa_capi( struct key *, UCHAR *, ULONG ) DECLSPEC_HIDDEN; diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c index d0fc02b776..c6d2266083 100644 --- a/dlls/bcrypt/bcrypt_main.c +++ b/dlls/bcrypt/bcrypt_main.c @@ -886,12 +886,12 @@ static NTSTATUS key_asymmetric_create( struct key **ret_key, struct algorithm *a return STATUS_SUCCESS; }
-#if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080 -BOOL key_is_symmetric( struct key *key ) +static BOOL key_is_symmetric( struct key *key ) { return builtin_algorithms[key->alg_id].class == BCRYPT_CIPHER_INTERFACE; }
+#if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080 static BOOL is_zero_vector( const UCHAR *vector, ULONG len ) { ULONG i; @@ -1335,12 +1335,6 @@ NTSTATUS key_symmetric_init( struct key *key ) return STATUS_NOT_IMPLEMENTED; }
-BOOL key_is_symmetric( struct key *key ) -{ - ERR( "support for keys not available at build time\n" ); - return FALSE; -} - NTSTATUS key_set_property( struct key *key, const WCHAR *prop, UCHAR *value, ULONG size, ULONG flags ) { ERR( "support for keys not available at build time\n" ); @@ -1392,10 +1386,14 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U return STATUS_NOT_IMPLEMENTED; }
-NTSTATUS key_destroy( struct key *key ) +void key_symmetric_destroy( struct key *key ) +{ + ERR( "support for keys not available at build time\n" ); +} + +void key_asymmetric_destroy( struct key *key ) { ERR( "support for keys not available at build time\n" ); - return STATUS_NOT_IMPLEMENTED; }
static NTSTATUS key_encrypt( struct key *key, UCHAR *input, ULONG input_len, void *padding, UCHAR *iv, @@ -1628,8 +1626,20 @@ NTSTATUS WINAPI BCryptDestroyKey( BCRYPT_KEY_HANDLE handle ) TRACE( "%p\n", handle );
if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE; + if (key_is_symmetric( key )) + { + key_symmetric_destroy( key ); + heap_free( key->u.s.vector ); + heap_free( key->u.s.secret ); + } + else + { + key_asymmetric_destroy( key ); + heap_free( key->u.a.pubkey ); + } key->hdr.magic = 0; - return key_destroy( key ); + heap_free( key ); + return STATUS_SUCCESS; }
NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG input_len, void *padding, UCHAR *iv, diff --git a/dlls/bcrypt/gnutls.c b/dlls/bcrypt/gnutls.c index 222861c18b..341089c127 100644 --- a/dlls/bcrypt/gnutls.c +++ b/dlls/bcrypt/gnutls.c @@ -593,6 +593,11 @@ NTSTATUS key_symmetric_get_tag( struct key *key, UCHAR *tag, ULONG len ) return STATUS_SUCCESS; }
+void key_symmetric_destroy( struct key *key ) +{ + if (key->u.s.handle) pgnutls_cipher_deinit( key->u.s.handle ); +} + static NTSTATUS export_gnutls_pubkey_rsa( gnutls_privkey_t gnutls_key, ULONG bitlen, UCHAR **pubkey, ULONG *pubkey_len ) { BCRYPT_RSAKEY_BLOB *rsa_blob; @@ -1543,20 +1548,8 @@ NTSTATUS key_asymmetric_sign( struct key *key, void *padding, UCHAR *input, ULON return status; }
-NTSTATUS key_destroy( struct key *key ) +void key_asymmetric_destroy( struct key *key ) { - if (key_is_symmetric( key )) - { - if (key->u.s.handle) pgnutls_cipher_deinit( key->u.s.handle ); - heap_free( key->u.s.vector ); - heap_free( key->u.s.secret ); - } - else - { - if (key->u.a.handle) pgnutls_privkey_deinit( key->u.a.handle ); - heap_free( key->u.a.pubkey ); - } - heap_free( key ); - return STATUS_SUCCESS; + if (key->u.a.handle) pgnutls_privkey_deinit( key->u.a.handle ); } #endif diff --git a/dlls/bcrypt/macos.c b/dlls/bcrypt/macos.c index 26af5faa0c..1a9bb88880 100644 --- a/dlls/bcrypt/macos.c +++ b/dlls/bcrypt/macos.c @@ -184,6 +184,12 @@ NTSTATUS key_symmetric_get_tag( struct key *key, UCHAR *tag, ULONG len ) return STATUS_NOT_IMPLEMENTED; }
+void key_symmetric_destroy( struct key *key ) +{ + if (key->u.s.ref_encrypt) CCCryptorRelease( key->u.s.ref_encrypt ); + if (key->u.s.ref_decrypt) CCCryptorRelease( key->u.s.ref_decrypt ); +} + NTSTATUS key_asymmetric_init( struct key *key ) { FIXME( "not implemented on Mac\n" ); @@ -234,13 +240,8 @@ NTSTATUS key_asymmetric_generate( struct key *key ) return STATUS_NOT_IMPLEMENTED; }
-NTSTATUS key_destroy( struct key *key ) +void key_asymmetric_destroy( struct key *key ) { - if (key->u.s.ref_encrypt) CCCryptorRelease( key->u.s.ref_encrypt ); - if (key->u.s.ref_decrypt) CCCryptorRelease( key->u.s.ref_decrypt ); - heap_free( key->u.s.vector ); - heap_free( key->u.s.secret ); - heap_free( key ); - return STATUS_SUCCESS; + FIXME( "not implemented on Mac\n" ); } #endif