1 /* $NetBSD: evp-crypt.c,v 1.2 2017/01/28 21:31:47 christos Exp $ */ 2 3 /* 4 * Copyright (c) 2008 Kungliga Tekniska Högskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 /* Windows crypto provider plugin, sample */ 37 38 #include <config.h> 39 #include <krb5/roken.h> 40 41 #define HC_DEPRECATED 42 43 #include <assert.h> 44 45 #include <evp.h> 46 47 #include <crypt.h> 48 49 50 static HCRYPTPROV hCryptProv = NULL; 51 52 /* 53 * 54 */ 55 56 struct generic_key { 57 HCRYPTKEY *hKey; 58 }; 59 60 static int 61 generic_cbc_do_cipher(EVP_CIPHER_CTX *ctx, 62 unsigned char *out, 63 const unsigned char *in, 64 unsigned int size) 65 { 66 struct generic_key *gk = ctx->cipher_data; 67 BOOL bResult; 68 DWORD length = size; 69 70 bResult = CryptSetKeyParam(gk->hKey, KP_IV, ctx->iv, 0); 71 _ASSERT(bResult); 72 73 memcpy(out, in, size); 74 75 if (ctx->encrypt) 76 bResult = CryptEncrypt(gk->hKey, 0, TRUE, 0, out, &length, size); 77 else 78 bResult = CryptDecrypt(gk->hKey, 0, TRUE, 0, out, &length); 79 _ASSERT(bResult); 80 81 return 1; 82 } 83 84 static int 85 generic_cleanup(EVP_CIPHER_CTX *ctx) 86 { 87 struct generic_key *gk = ctx->cipher_data; 88 CryptDestroyKey(gk->hKey); 89 gk->hKey = NULL; 90 return 1; 91 } 92 93 static HCRYPTKEY 94 import_key(int alg, const unsigned char *key, size_t keylen) 95 { 96 struct { 97 BLOBHEADER hdr; 98 DWORD len; 99 BYTE key[1]; 100 } *key_blob; 101 size_t bloblen = sizeof(*key_blob) - 1 + keylen; 102 103 key_blob = malloc(bloblen); 104 105 key_blob->hdr.bType = PLAINTEXTKEYBLOB; 106 key_blob->hdr.bVersion = CUR_BLOB_VERSION; 107 key_blob->hdr.reserved = 0; 108 key_blob->hdr.aiKeyAlg = alg; 109 key_blob->len = 24; 110 memcpy(key_blob->key, key, keylen); 111 112 bResult = CryptImportKey(hCryptProv, 113 (void *)key_blob, bloblen, 0, 0, 114 &gk->hKey); 115 free(key_blob); 116 _ASSERT(bResult); 117 118 return hKey; 119 } 120 121 static int 122 crypto_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, 123 const unsigned char * key, 124 const unsigned char * iv, 125 int encp) 126 { 127 struct generic_key *gk = ctx->cipher_data; 128 DWORD paramData; 129 130 gk->hKey = import_key(CALG_3DES, 131 key->key->keyvalue.data, 132 key->key->keyvalue.len); 133 134 return 1; 135 } 136 137 /** 138 * The triple DES cipher type (Micrsoft crypt provider) 139 * 140 * @return the DES-EDE3-CBC EVP_CIPHER pointer. 141 * 142 * @ingroup hcrypto_evp 143 */ 144 145 const EVP_CIPHER * 146 EVP_wincrypt_des_ede3_cbc(void) 147 { 148 static const EVP_CIPHER des_ede3_cbc = { 149 0, 150 8, 151 24, 152 8, 153 EVP_CIPH_CBC_MODE, 154 crypto_des_ede3_cbc_init, 155 generic_cbc_do_cipher, 156 generic_cleanup, 157 sizeof(struct generic_key), 158 NULL, 159 NULL, 160 NULL, 161 NULL 162 }; 163 return &des_ede3_cbc; 164 } 165 166 /* 167 * 168 */ 169 170 struct generic_hash { 171 HCRYPTHASH hHash; 172 }; 173 174 static void 175 crypto_md5_init(struct generic_hash *m); 176 { 177 BOOL bResult; 178 bResult = CryptCreateHash(hCryptProv, CALG_MD5, 0, 0, &m->hHash); 179 _ASSERT(bResult); 180 } 181 182 static void 183 generic_hash_update (struct generic_hash *m, const void *p, size_t len) 184 { 185 BOOL bResult; 186 bResult = CryptHashData(m->hHash, data, ( DWORD )len, 0 ); 187 _ASSERT(bResult); 188 } 189 190 static void 191 generic_hash_final (void *res, struct generic_hash *m); 192 { 193 DWORD length; 194 BOOL bResult; 195 bResult = CryptGetHashParam(m->hHash, HP_HASHVAL, res, &length, 0) 196 _ASSERT(bResult); 197 } 198 199 static void 200 generic_hash_cleanup(struct generic_hash *m) 201 { 202 CryptDestroyHash(m->hHash); 203 m->hHash = NULL; 204 } 205 206 const EVP_MD * 207 EVP_wincrypt_md5(void) 208 { 209 static const struct hc_evp_md md5 = { 210 16, 211 64, 212 sizeof(struct generic_hash), 213 (hc_evp_md_init)crypto_md5_init, 214 (hc_evp_md_update)generic_hash_update, 215 (hc_evp_md_final)generic_hash_final, 216 (hc_evp_md_cleanup)generic_hash_cleanup 217 }; 218 return &md5; 219 } 220