1 /* $NetBSD: evp-crypt.c,v 1.2 2017/01/28 21:31:47 christos Exp $ */
2
3 /*
4 * Copyright (c) 2008 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 /* Windows crypto provider plugin, sample */
37
38 #include <config.h>
39 #include <krb5/roken.h>
40
41 #define HC_DEPRECATED
42
43 #include <assert.h>
44
45 #include <evp.h>
46
47 #include <crypt.h>
48
49
50 static HCRYPTPROV hCryptProv = NULL;
51
52 /*
53 *
54 */
55
56 struct generic_key {
57 HCRYPTKEY *hKey;
58 };
59
60 static int
generic_cbc_do_cipher(EVP_CIPHER_CTX * ctx,unsigned char * out,const unsigned char * in,unsigned int size)61 generic_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
62 unsigned char *out,
63 const unsigned char *in,
64 unsigned int size)
65 {
66 struct generic_key *gk = ctx->cipher_data;
67 BOOL bResult;
68 DWORD length = size;
69
70 bResult = CryptSetKeyParam(gk->hKey, KP_IV, ctx->iv, 0);
71 _ASSERT(bResult);
72
73 memcpy(out, in, size);
74
75 if (ctx->encrypt)
76 bResult = CryptEncrypt(gk->hKey, 0, TRUE, 0, out, &length, size);
77 else
78 bResult = CryptDecrypt(gk->hKey, 0, TRUE, 0, out, &length);
79 _ASSERT(bResult);
80
81 return 1;
82 }
83
84 static int
generic_cleanup(EVP_CIPHER_CTX * ctx)85 generic_cleanup(EVP_CIPHER_CTX *ctx)
86 {
87 struct generic_key *gk = ctx->cipher_data;
88 CryptDestroyKey(gk->hKey);
89 gk->hKey = NULL;
90 return 1;
91 }
92
93 static HCRYPTKEY
import_key(int alg,const unsigned char * key,size_t keylen)94 import_key(int alg, const unsigned char *key, size_t keylen)
95 {
96 struct {
97 BLOBHEADER hdr;
98 DWORD len;
99 BYTE key[1];
100 } *key_blob;
101 size_t bloblen = sizeof(*key_blob) - 1 + keylen;
102
103 key_blob = malloc(bloblen);
104
105 key_blob->hdr.bType = PLAINTEXTKEYBLOB;
106 key_blob->hdr.bVersion = CUR_BLOB_VERSION;
107 key_blob->hdr.reserved = 0;
108 key_blob->hdr.aiKeyAlg = alg;
109 key_blob->len = 24;
110 memcpy(key_blob->key, key, keylen);
111
112 bResult = CryptImportKey(hCryptProv,
113 (void *)key_blob, bloblen, 0, 0,
114 &gk->hKey);
115 free(key_blob);
116 _ASSERT(bResult);
117
118 return hKey;
119 }
120
121 static int
crypto_des_ede3_cbc_init(EVP_CIPHER_CTX * ctx,const unsigned char * key,const unsigned char * iv,int encp)122 crypto_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
123 const unsigned char * key,
124 const unsigned char * iv,
125 int encp)
126 {
127 struct generic_key *gk = ctx->cipher_data;
128 DWORD paramData;
129
130 gk->hKey = import_key(CALG_3DES,
131 key->key->keyvalue.data,
132 key->key->keyvalue.len);
133
134 return 1;
135 }
136
137 /**
138 * The triple DES cipher type (Micrsoft crypt provider)
139 *
140 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
141 *
142 * @ingroup hcrypto_evp
143 */
144
145 const EVP_CIPHER *
EVP_wincrypt_des_ede3_cbc(void)146 EVP_wincrypt_des_ede3_cbc(void)
147 {
148 static const EVP_CIPHER des_ede3_cbc = {
149 0,
150 8,
151 24,
152 8,
153 EVP_CIPH_CBC_MODE,
154 crypto_des_ede3_cbc_init,
155 generic_cbc_do_cipher,
156 generic_cleanup,
157 sizeof(struct generic_key),
158 NULL,
159 NULL,
160 NULL,
161 NULL
162 };
163 return &des_ede3_cbc;
164 }
165
166 /*
167 *
168 */
169
170 struct generic_hash {
171 HCRYPTHASH hHash;
172 };
173
174 static void
175 crypto_md5_init(struct generic_hash *m);
176 {
177 BOOL bResult;
178 bResult = CryptCreateHash(hCryptProv, CALG_MD5, 0, 0, &m->hHash);
179 _ASSERT(bResult);
180 }
181
182 static void
generic_hash_update(struct generic_hash * m,const void * p,size_t len)183 generic_hash_update (struct generic_hash *m, const void *p, size_t len)
184 {
185 BOOL bResult;
186 bResult = CryptHashData(m->hHash, data, ( DWORD )len, 0 );
187 _ASSERT(bResult);
188 }
189
190 static void
191 generic_hash_final (void *res, struct generic_hash *m);
192 {
193 DWORD length;
194 BOOL bResult;
195 bResult = CryptGetHashParam(m->hHash, HP_HASHVAL, res, &length, 0)
196 _ASSERT(bResult);
197 }
198
199 static void
generic_hash_cleanup(struct generic_hash * m)200 generic_hash_cleanup(struct generic_hash *m)
201 {
202 CryptDestroyHash(m->hHash);
203 m->hHash = NULL;
204 }
205
206 const EVP_MD *
EVP_wincrypt_md5(void)207 EVP_wincrypt_md5(void)
208 {
209 static const struct hc_evp_md md5 = {
210 16,
211 64,
212 sizeof(struct generic_hash),
213 (hc_evp_md_init)crypto_md5_init,
214 (hc_evp_md_update)generic_hash_update,
215 (hc_evp_md_final)generic_hash_final,
216 (hc_evp_md_cleanup)generic_hash_cleanup
217 };
218 return &md5;
219 }
220