Wine currently supports types 001 and 012, but I have a new game attempting to use type 024 (Software\Microsoft\Cryptography\Defaults \Provider Types\Type 024). I've googled, as well as searched MSDN, for a reference as to what the crypt provider type 024 even is with no success. Does anyone know?
Looking through the advapi32.dll code, this looks like it might be a serious undertaking to implement. Is that estimation accurate? Does anyone have any tips or pointers about implementing an entire CSP in wine?
I appreciate any help, keep up the good work all!
Rob
Never fails, ask a question and you'll find the answer with your next google.. I found the wincrypt.h #define line that says what type 024 is: #define PROV_RSA_AES 24. Sorry for not having that information before the first e-mail.
Rob
---------- Forwarded message ---------- From: Rob Seger [email protected] Date: Sep 23, 2007 4:52 AM Subject: CryptAcquireContext Failure, default/Type 024 requested To: [email protected]
Wine currently supports types 001 and 012, but I have a new game attempting to use type 024 (Software\Microsoft\Cryptography\Defaults \Provider Types\Type 024). I've googled, as well as searched MSDN, for a reference as to what the crypt provider type 024 even is with no success. Does anyone know?
Looking through the advapi32.dll code, this looks like it might be a serious undertaking to implement. Is that estimation accurate? Does anyone have any tips or pointers about implementing an entire CSP in wine?
I appreciate any help, keep up the good work all!
Rob
I found the wincrypt.h #define line that says what type 024 is: #define PROV_RSA_AES 24.
In that case, it should be straightforward enough to add an AES implementation to Wine's rsaenh.dll. There's free (as in speech) source available for it. Take a look at rsaenh.c and implglue.c in dlls/rsaenh; you'd want to add it as a new block cipher.
--Juan
Sweet! Thanks!
I'll see what I can do and probably end up asking some more specific questions later ;)
Rob
On 9/24/07, Juan Lang [email protected] wrote:
I found the wincrypt.h #define line that says what type 024 is: #define PROV_RSA_AES 24.
In that case, it should be straightforward enough to add an AES implementation to Wine's rsaenh.dll. There's free (as in speech) source available for it. Take a look at rsaenh.c and implglue.c in dlls/rsaenh; you'd want to add it as a new block cipher.
--Juan
Hi,
I have implemented the AES support for rsaenh.dll Please test the attached patch.
Thanks, VJ
On Sep 24, 2007 12:04 PM, Rob Seger [email protected] wrote:
Sweet! Thanks!
I'll see what I can do and probably end up asking some more specific questions later ;)
Rob
On 9/24/07, Juan Lang [email protected] wrote:
I found the wincrypt.h #define line that says what type 024 is: #define PROV_RSA_AES 24.
In that case, it should be straightforward enough to add an AES implementation to Wine's rsaenh.dll. There's free (as in speech) source available for it. Take a look at rsaenh.c and implglue.c in dlls/rsaenh; you'd want to add it as a new block cipher.
--Juan
Hi Vijay,
you forgot aes.c in your patch - please remember to git add it, then commit it along with the rest of the changes.
From what you've sent, your patch looks pretty good so far. A few comments:
@@ -161,6 +162,10 @@ static const PROV_ENUMALGS_EX aProvEnumAlgsEx[4][RSAENH_MAX_ENUMALGS+1] = {CALG_RC2, 40, 40, 56,0, 4,"RC2", 24,"RSA Data Security's RC2"}, {CALG_RC4, 40, 40, 56,0, 4,"RC4", 24,"RSA Data Security's RC4"}, {CALG_DES, 56, 56, 56,0, 4,"DES", 31,"Data Encryption Standard (DES)"}, + {CALG_AES, 128,128, 128,0, 4,"AES", 35,"Advanced Encryption Standard (AES)"}, + {CALG_AES_128, 128,128, 128,0, 8,"AES-128", 39,"Advanced Encryption Standard (AES-128)"}, + {CALG_AES_192, 192,192, 192,0, 8,"AES-192", 39,"Advanced Encryption Standard (AES-192)"}, + {CALG_AES_256, 256,256, 256,0, 8,"AES-256", 39,"Advanced Encryption Standard (AES-256)"},
I'm not sure AES support should be included in every "personality" of rsaenh. Specifically, some cryptographic providers don't support it. Here's a blog that mentions how the MS_ENHANCED_PROV provider doesn't support it, but the MS_ENH_RSA_AES_PROV does: http://sys.cs.rice.edu/~sethn/wordpress/?p=19
+ if (!result) { + /* rsaenh compiled without OpenSSL */ + ok(GetLastError()==NTE_BAD_ALGID, "%08x\n", GetLastError()); + return; + }
Our rsaenh hasn't built against OpenSSL in some time, so this test should be removed from existing tests. You don't need to do that if you don't want, but don't bother adding it to new tests.
+ result = CryptEncrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwLen, 16); + ok(result, "%08x\n", GetLastError()); + + result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwLen); + ok(result, "%08x\n", GetLastError());
You should check that the encrypted output matches some expected value, and that the decrypted output matches the plaintext input.
Thanks very much for getting this started. --Juan
Hi Juan
On Nov 9, 2007 2:21 PM, Juan Lang [email protected] wrote:
Hi Vijay,
you forgot aes.c in your patch - please remember to git add it, then commit it along with the rest of the changes.
From what you've sent, your patch looks pretty good so far. A few comments:
@@ -161,6 +162,10 @@ static const PROV_ENUMALGS_EX aProvEnumAlgsEx[4][RSAENH_MAX_ENUMALGS+1] = {CALG_RC2, 40, 40, 56,0, 4,"RC2", 24,"RSA Data Security's RC2"}, {CALG_RC4, 40, 40, 56,0, 4,"RC4", 24,"RSA Data Security's RC4"}, {CALG_DES, 56, 56, 56,0, 4,"DES", 31,"Data Encryption Standard (DES)"},
- {CALG_AES, 128,128, 128,0, 4,"AES",
35,"Advanced Encryption Standard (AES)"},
- {CALG_AES_128, 128,128, 128,0, 8,"AES-128",
39,"Advanced Encryption Standard (AES-128)"},
- {CALG_AES_192, 192,192, 192,0, 8,"AES-192",
39,"Advanced Encryption Standard (AES-192)"},
- {CALG_AES_256, 256,256, 256,0, 8,"AES-256",
39,"Advanced Encryption Standard (AES-256)"},
I'm not sure AES support should be included in every "personality" of rsaenh. Specifically, some cryptographic providers don't support it. Here's a blog that mentions how the MS_ENHANCED_PROV provider doesn't support it, but the MS_ENH_RSA_AES_PROV does: http://sys.cs.rice.edu/~sethn/wordpress/?p=19
I think I'll split the patch into 3 parts 1) basic AES implementation in rsaenh 2) Add AES provider info with registering MS_ENH_RSA_AES_PROV. I have to make aProvEnumAlgsEx[4][RSAENH_MAX_ENUMALGS+1] to aProvEnumAlgsEx[5][RSAENH_MAX_ENUMALGS+1] and add the new algorithms, can you help me what algo's should I add to the new one. Add the registering code for type24 provider. 3) Tests
- if (!result) {
/* rsaenh compiled without OpenSSL */
ok(GetLastError()==NTE_BAD_ALGID, "%08x\n", GetLastError());
return;
- }
Our rsaenh hasn't built against OpenSSL in some time, so this test should be removed from existing tests. You don't need to do that if you don't want, but don't bother adding it to new tests.
- result = CryptEncrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwLen, 16);
- ok(result, "%08x\n", GetLastError());
- result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwLen);
- ok(result, "%08x\n", GetLastError());
You should check that the encrypted output matches some expected value, and that the decrypted output matches the plaintext input.
Well, I have tested the decrypted output by putting printf's. I will make sure we have good tests for it. Will send new patch set soon.
Thanks very much for getting this started. --Juan
Hi,
I am sending two patches one is the old patch. The new patch contains the missing aes.c implementation and provider implementation for AES. Tests are failing for me. Could you please tell why its failng? I will improve my tests once the failures are resolved.
Thanks, VJ
On Nov 9, 2007 2:49 PM, Vijay Kiran Kamuju [email protected] wrote:
Hi Juan
On Nov 9, 2007 2:21 PM, Juan Lang [email protected] wrote:
Hi Vijay,
you forgot aes.c in your patch - please remember to git add it, then commit it along with the rest of the changes.
From what you've sent, your patch looks pretty good so far. A few comments:
@@ -161,6 +162,10 @@ static const PROV_ENUMALGS_EX aProvEnumAlgsEx[4][RSAENH_MAX_ENUMALGS+1] = {CALG_RC2, 40, 40, 56,0, 4,"RC2", 24,"RSA Data Security's RC2"}, {CALG_RC4, 40, 40, 56,0, 4,"RC4", 24,"RSA Data Security's RC4"}, {CALG_DES, 56, 56, 56,0, 4,"DES", 31,"Data Encryption Standard (DES)"},
- {CALG_AES, 128,128, 128,0, 4,"AES",
35,"Advanced Encryption Standard (AES)"},
- {CALG_AES_128, 128,128, 128,0, 8,"AES-128",
39,"Advanced Encryption Standard (AES-128)"},
- {CALG_AES_192, 192,192, 192,0, 8,"AES-192",
39,"Advanced Encryption Standard (AES-192)"},
- {CALG_AES_256, 256,256, 256,0, 8,"AES-256",
39,"Advanced Encryption Standard (AES-256)"},
I'm not sure AES support should be included in every "personality" of rsaenh. Specifically, some cryptographic providers don't support it. Here's a blog that mentions how the MS_ENHANCED_PROV provider doesn't support it, but the MS_ENH_RSA_AES_PROV does: http://sys.cs.rice.edu/~sethn/wordpress/?p=19
I think I'll split the patch into 3 parts
- basic AES implementation in rsaenh
- Add AES provider info with registering MS_ENH_RSA_AES_PROV. I have to make aProvEnumAlgsEx[4][RSAENH_MAX_ENUMALGS+1] to
aProvEnumAlgsEx[5][RSAENH_MAX_ENUMALGS+1] and add the new algorithms, can you help me what algo's should I add to the new one. Add the registering code for type24 provider. 3) Tests
- if (!result) {
/* rsaenh compiled without OpenSSL */
ok(GetLastError()==NTE_BAD_ALGID, "%08x\n", GetLastError());
return;
- }
Our rsaenh hasn't built against OpenSSL in some time, so this test should be removed from existing tests. You don't need to do that if you don't want, but don't bother adding it to new tests.
- result = CryptEncrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwLen, 16);
- ok(result, "%08x\n", GetLastError());
- result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwLen);
- ok(result, "%08x\n", GetLastError());
You should check that the encrypted output matches some expected value, and that the decrypted output matches the plaintext input.
Well, I have tested the decrypted output by putting printf's. I will make sure we have good tests for it. Will send new patch set soon.
Thanks very much for getting this started. --Juan