WinCAPI WinCAPICryptoHash.cpp WinCAPICryptoHashHMAC.cpp WinCAPICryptoKeyDSA.cpp WinCAPICryptoProvider.cpp WinCAPICryptoProvider.hpp WinCAPICryptoX509.cpp

blautenb 11 Apr 2003 12:24:42 -0000

blautenb    2003/04/11 05:24:41


  Modified:    c/src/enc/WinCAPI WinCAPICryptoHash.cpp
                        WinCAPICryptoHashHMAC.cpp WinCAPICryptoKeyDSA.cpp
                        WinCAPICryptoProvider.cpp WinCAPICryptoProvider.hpp
                        WinCAPICryptoX509.cpp
  Log:
  Full implementation of WinCAPI
  
  Revision  Changes    Path
  1.2       +7 -2      xml-security/c/src/enc/WinCAPI/WinCAPICryptoHash.cpp
  
  Index: WinCAPICryptoHash.cpp
  ===================================================================
  RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoHash.cpp,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- WinCAPICryptoHash.cpp     7 Apr 2003 12:13:35 -0000       1.1
  +++ WinCAPICryptoHash.cpp     11 Apr 2003 12:24:41 -0000      1.2
  @@ -113,6 +113,11 @@
                alg_id = CALG_SHA;
                break;
   
  +     case (XSECCryptoHash::HASH_MD5) :
  +     
  +             alg_id = CALG_MD5;
  +             break;
  +
        default :
   
                alg_id = 0;
  @@ -126,7 +131,7 @@
        }
   
        fResult = CryptCreateHash(
  -             mp_ownerProvider->getProvider(),
  +             mp_ownerProvider->getProviderDSS(),
                alg_id,
                0,
                0,
  
  
  
  1.2       +37 -8     xml-security/c/src/enc/WinCAPI/WinCAPICryptoHashHMAC.cpp
  
  Index: WinCAPICryptoHashHMAC.cpp
  ===================================================================
  RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoHashHMAC.cpp,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- WinCAPICryptoHashHMAC.cpp 7 Apr 2003 12:13:35 -0000       1.1
  +++ WinCAPICryptoHashHMAC.cpp 11 Apr 2003 12:24:41 -0000      1.2
  @@ -80,7 +80,7 @@
   //           IPAD/OPAD definitions
   // 
--------------------------------------------------------------------------------
   
  -unsigned char ipad[] = {
  +static unsigned char ipad[] = {
   
        0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
        0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
  @@ -92,7 +92,7 @@
        0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
   };
   
  -unsigned char opad[] = {
  +static unsigned char opad[] = {
   
        0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 
        0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 
  @@ -121,6 +121,11 @@
                m_algId = CALG_SHA;
                break;
   
  +     case (XSECCryptoHash::HASH_MD5) :
  +     
  +             m_algId = CALG_MD5;
  +             break;
  +
        default :
   
                m_algId = 0;
  @@ -197,17 +202,41 @@
                HCRYPTKEY k = ((WinCAPICryptoKeyHMAC *) key)->getWinKey();
   
                fResult = CryptCreateHash(
  -                     mp_ownerProvider->getProvider(),
  -                     m_algId,
  +                     mp_ownerProvider->getProviderRSA(),
  +                     CALG_HMAC,
                        k,
                        0,
                        &m_h);
   
                if (fResult == 0 || m_h == 0) {
  +                     DWORD error = GetLastError();
                        throw XSECCryptoException(XSECCryptoException::MDError,
                                "WinCAPI:Hash::setKey - Error creating 
internally keyed hash object"); 
                }
   
  +             // Set the HMAC algorithm
  +             HMAC_INFO hi;
  +
  +             hi.HashAlgid = m_algId;
  +             hi.pbInnerString = NULL;                // Use default inner 
and outer strings
  +             hi.cbInnerString = 0;
  +             hi.pbOuterString = NULL;
  +             hi.cbOuterString = 0;
  +
  +             fResult = CryptSetHashParam(
  +                     m_h,
  +                     HP_HMAC_INFO,
  +                     (BYTE *) &hi,
  +                     0);
  +
  +             if (fResult == 0 || m_h == 0) {
  +                     DWORD error = GetLastError();
  +                     throw XSECCryptoException(XSECCryptoException::MDError,
  +                             "WinCAPI:Hash::setKey - Error setting HASH_INFO 
object"); 
  +             }
  +
  +
  +
                return;
   
        }
  @@ -222,7 +251,7 @@
                HCRYPTHASH h;
   
                fResult = CryptCreateHash(
  -                     mp_ownerProvider->getProvider(),
  +                     mp_ownerProvider->getProviderDSS(),
                        m_algId,
                        0,
                        0,
  @@ -277,7 +306,7 @@
   
        // Now create the hash object, and start with the ipad operation
        fResult = CryptCreateHash(
  -             mp_ownerProvider->getProvider(),
  +             mp_ownerProvider->getProviderDSS(),
                m_algId,
                0,
                0,
  @@ -349,7 +378,7 @@
        // Perform the opad operation
        HCRYPTHASH h;
        fResult = CryptCreateHash(
  -             mp_ownerProvider->getProvider(),
  +             mp_ownerProvider->getProviderDSS(),
                m_algId,
                0,
                0,
  
  
  
  1.2       +11 -16    xml-security/c/src/enc/WinCAPI/WinCAPICryptoKeyDSA.cpp
  
  Index: WinCAPICryptoKeyDSA.cpp
  ===================================================================
  RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoKeyDSA.cpp,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- WinCAPICryptoKeyDSA.cpp   7 Apr 2003 12:13:35 -0000       1.1
  +++ WinCAPICryptoKeyDSA.cpp   11 Apr 2003 12:24:41 -0000      1.2
  @@ -78,11 +78,6 @@
   
   XSEC_USING_XERCES(ArrayJanitor);
   
  -#define BLOBHEADERLEN        0x08
  -#define DSSPUBKEYLEN 0x08
  -#define DSSSEEDLEN           0x18
  -
  -
   WinCAPICryptoKeyDSA::WinCAPICryptoKeyDSA(WinCAPICryptoProvider * owner) {
   
        // Create a new key to be loaded as we go
  @@ -228,7 +223,7 @@
   
        // First build a buffer to hold everything
        BYTE * blobBuffer;
  -     unsigned int blobBufferLen = BLOBHEADERLEN + DSSPUBKEYLEN + (3 * 
m_PLen) + 0x14 + DSSSEEDLEN;
  +     unsigned int blobBufferLen = WINCAPI_BLOBHEADERLEN + 
WINCAPI_DSSPUBKEYLEN + (3 * m_PLen) + 0x14 + WINCAPI_DSSSEEDLEN;
        XSECnew(blobBuffer, BYTE[blobBufferLen]);
        ArrayJanitor<BYTE> j_blobBuffer(blobBuffer);
   
  @@ -241,14 +236,14 @@
        header->aiKeyAlg = CALG_DSS_SIGN;
   
        // Now the public key header
  -     DSSPUBKEY * pubkey = (DSSPUBKEY *) (blobBuffer + BLOBHEADERLEN);
  +     DSSPUBKEY * pubkey = (DSSPUBKEY *) (blobBuffer + WINCAPI_BLOBHEADERLEN);
   
        pubkey->magic = 0x31535344;             // ASCII encoding of DSS1
        pubkey->bitlen = m_PLen * 8;            // Number of bits in prime 
modulus
   
        // Now copy in each of the keys
        BYTE * i = (BYTE *) (pubkey);
  -     i += DSSPUBKEYLEN;
  +     i += WINCAPI_DSSPUBKEYLEN;
   
        memcpy(i, mp_P, m_PLen);
        i+= m_PLen;
  @@ -277,12 +272,12 @@
                *i++ = 0;
   
        // Set seed to 0
  -     for (j = 0; j < DSSSEEDLEN; ++j)
  +     for (j = 0; j < WINCAPI_DSSSEEDLEN; ++j)
                *i++ = 0xFF;    // SEED Counter set to 0xFFFFFFFF will cause 
seed to be ignored
   
        // Now that we have the blob, import
        BOOL fResult = CryptImportKey(
  -                                     mp_ownerProvider->getProvider(),
  +                                     mp_ownerProvider->getProviderDSS(),
                                        blobBuffer,
                                        blobBufferLen,
                                        0,                              // Not 
signed
  @@ -351,7 +346,7 @@
        // Have to create a Windows hash object and feed in the hash
        BOOL fResult;
        HCRYPTHASH h;
  -     fResult = CryptCreateHash(mp_ownerProvider->getProvider(), 
  +     fResult = CryptCreateHash(mp_ownerProvider->getProviderDSS(), 
                                        CALG_SHA1, 
                                        0, 
                                        0,
  @@ -431,7 +426,7 @@
        // Have to create a Windows hash object and feed in the hash
        BOOL fResult;
        HCRYPTHASH h;
  -     fResult = CryptCreateHash(mp_ownerProvider->getProvider(), 
  +     fResult = CryptCreateHash(mp_ownerProvider->getProviderDSS(), 
                                        CALG_SHA1, 
                                        0, 
                                        0,
  @@ -517,7 +512,7 @@
                CryptExportKey(m_key, 0, PUBLICKEYBLOB, 0, keyBuf, &keyBufLen);
   
                // Now re-import
  -             CryptImportKey(mp_ownerProvider->getProvider(), keyBuf, 
keyBufLen, NULL, 0, &ret->m_key);
  +             CryptImportKey(mp_ownerProvider->getProviderDSS(), keyBuf, 
keyBufLen, NULL, 0, &ret->m_key);
        }
   
        ret->m_PLen = m_PLen;
  @@ -601,13 +596,13 @@
                        "WinCAPI:DSA - Error exporting public key");
        }
   
  -     DSSPUBKEY * pk = (DSSPUBKEY *) ( blob + BLOBHEADERLEN );
  +     DSSPUBKEY * pk = (DSSPUBKEY *) ( blob + WINCAPI_BLOBHEADERLEN );
        DWORD keyLen = pk->bitlen / 8;
   
        // Copy the keys
        
        BYTE * i = (BYTE *) ( pk );
  -     i += DSSPUBKEYLEN;
  +     i += WINCAPI_DSSPUBKEYLEN;
        if (mp_P != NULL)
                delete[] mp_P;
   
  
  
  
  1.2       +52 -16    xml-security/c/src/enc/WinCAPI/WinCAPICryptoProvider.cpp
  
  Index: WinCAPICryptoProvider.cpp
  ===================================================================
  RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoProvider.cpp,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- WinCAPICryptoProvider.cpp 7 Apr 2003 12:13:35 -0000       1.1
  +++ WinCAPICryptoProvider.cpp 11 Apr 2003 12:24:41 -0000      1.2
  @@ -74,33 +74,49 @@
   #include <xsec/enc/WinCAPI/WinCAPICryptoProvider.hpp>
   #include <xsec/enc/WinCAPI/WinCAPICryptoX509.hpp>
   #include <xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.hpp>
  +#include <xsec/enc/WinCAPI/WinCAPICryptoKeyRSA.hpp>
   #include <xsec/enc/WinCAPI/WinCAPICryptoHash.hpp>
   #include <xsec/enc/WinCAPI/WinCAPICryptoHashHMAC.hpp>
   #include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>
   #include <xsec/enc/XSECCryptoException.hpp>
   
  - /*
  - * For now, we rely on OpenSSL for many functions as we
  - * build the interface
  - */
  -
  -#include <xsec/enc/OpenSSL/OpenSSLCryptoProvider.hpp>
  -#include <xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp>
  -
   #include <xercesc/util/Janitor.hpp>
   
   XSEC_USING_XERCES(ArrayJanitor);
   
   WinCAPICryptoProvider::WinCAPICryptoProvider(
  -                                             HCRYPTPROV provDSS) {
  -
  -     OpenSSL_add_all_digests();              // Initialise Openssl
  -     SSLeay_add_all_algorithms();
  +                                             HCRYPTPROV provDSS,
  +                                             HCRYPTPROV provRSA) {
   
        // Copy parameters for later use
   
        m_provDSS = provDSS; 
  +     m_provRSA = provRSA;
  +
  +}
  +
  +WinCAPICryptoProvider::WinCAPICryptoProvider() {
   
  +     // Obtain default PROV_DSS and PROV_RSA_FULL, with default user key 
containers
  +     if (!CryptAcquireContext(&m_provDSS,
  +             NULL,
  +             NULL,
  +             PROV_DSS,
  +             0)) 
  +     {
  +             throw XSECException(XSECException::InternalError,
  +                     "WinCAPICryptoProvider() - Error obtaining default 
PROV_DSS");
  +     }
  +
  +     if (!CryptAcquireContext(&m_provRSA,
  +             NULL,
  +             NULL,
  +             PROV_RSA_FULL,
  +             0)) 
  +     {
  +             throw XSECException(XSECException::InternalError,
  +                     "WinCAPICryptoProvider() - Error obtaining default 
PROV_RSA_FULL");
  +     }
   }
   
   
  @@ -130,6 +146,26 @@
   
   }
   
  +XSECCryptoHash       * WinCAPICryptoProvider::hashMD5() {
  +
  +     WinCAPICryptoHash * ret;
  +
  +     XSECnew(ret, WinCAPICryptoHash(this, XSECCryptoHash::HASH_MD5));
  +
  +     return ret;
  +
  +}
  +
  +XSECCryptoHash * WinCAPICryptoProvider::hashHMACMD5() {
  +
  +     WinCAPICryptoHashHMAC * ret;
  +
  +     XSECnew(ret, WinCAPICryptoHashHMAC(this, XSECCryptoHash::HASH_MD5));
  +
  +     return ret;
  +
  +}
  +
   XSECCryptoKeyDSA * WinCAPICryptoProvider::keyDSA() {
        
        WinCAPICryptoKeyDSA * ret;
  @@ -142,9 +178,9 @@
   
   XSECCryptoKeyRSA * WinCAPICryptoProvider::keyRSA() {
        
  -     OpenSSLCryptoKeyRSA * ret;
  +     WinCAPICryptoKeyRSA * ret;
   
  -     XSECnew(ret, OpenSSLCryptoKeyRSA());
  +     XSECnew(ret, WinCAPICryptoKeyRSA(this));
   
        return ret;
   
  @@ -225,7 +261,7 @@
        
        unsigned char * b64;
        // Naieve length calculation
  -     unsigned int bufLen = nLen * 2;
  +     unsigned int bufLen = nLen * 2 + 4;
   
        XSECnew(b64, unsigned char[bufLen]);
        ArrayJanitor<unsigned char> j_b64(b64);
  
  
  
  1.2       +24 -9     xml-security/c/src/enc/WinCAPI/WinCAPICryptoProvider.hpp
  
  Index: WinCAPICryptoProvider.hpp
  ===================================================================
  RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoProvider.hpp,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- WinCAPICryptoProvider.hpp 7 Apr 2003 12:13:35 -0000       1.1
  +++ WinCAPICryptoProvider.hpp 11 Apr 2003 12:24:41 -0000      1.2
  @@ -78,7 +78,10 @@
   #include <wincrypt.h>
   
   
  -// Required for windows functions
  +#define WINCAPI_BLOBHEADERLEN        0x08
  +#define WINCAPI_DSSPUBKEYLEN 0x08
  +#define WINCAPI_DSSSEEDLEN           0x18
  +#define WINCAPI_RSAPUBKEYLEN 0x0C
   
   
   /**
  @@ -102,17 +105,30 @@
         * Windows CSPs work under a provider model.  The user should specify
         * which CSP to use and which key container to use.
         *
  -      * @param pszContainer Key container (NULL for default)
  -      * @param pszProvider Cryptographic provider (NULL for default)
  +      * @param provDSS DSS provider - must be of type PROV_DSS
  +      * @param provRSA RSA provider - must be of type PROV_RSA_FULL
         */
        
  -     WinCAPICryptoProvider(HCRYPTPROV provDSS);
  +     WinCAPICryptoProvider(HCRYPTPROV provDSS, HCRYPTPROV provRSA);
  +
  +     /**
  +      * \brief Create a Windows CAPI interface layer.
  +      *
  +      * The default constructor will use the default providers and containers
  +      * 
  +      * @note This call will fail if the user has not generated keys in the
  +      * default DSS and RSA provider containers
  +      */
  +
  +     WinCAPICryptoProvider();
   
        virtual ~WinCAPICryptoProvider();
   
        // Hashing classes
        virtual XSECCryptoHash                  * hashSHA1();
        virtual XSECCryptoHash                  * hashHMACSHA1();
  +     virtual XSECCryptoHash                  * hashMD5();
  +     virtual XSECCryptoHash                  * hashHMACMD5();
   
        // Encode/Decode
        virtual XSECCryptoBase64                * base64();
  @@ -126,7 +142,8 @@
   
   
        // WinCAPI Unique
  -     HCRYPTPROV getProvider(void) {return m_provDSS;}
  +     HCRYPTPROV getProviderDSS(void) {return m_provDSS;}
  +     HCRYPTPROV getProviderRSA(void) {return m_provRSA;}
   
        /**
         * \brief Translate B64 I2OS integer to a WinCAPI int.
  @@ -159,10 +176,8 @@
   
   private:
   
  -     // Default constructor not used
  -     WinCAPICryptoProvider();
  -
        HCRYPTPROV              m_provDSS;
  +     HCRYPTPROV              m_provRSA;
   
   };
   
  
  
  
  1.2       +28 -4     xml-security/c/src/enc/WinCAPI/WinCAPICryptoX509.cpp
  
  Index: WinCAPICryptoX509.cpp
  ===================================================================
  RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoX509.cpp,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- WinCAPICryptoX509.cpp     7 Apr 2003 12:13:35 -0000       1.1
  +++ WinCAPICryptoX509.cpp     11 Apr 2003 12:24:41 -0000      1.2
  @@ -73,7 +73,7 @@
   #include <xsec/enc/WinCAPI/WinCAPICryptoProvider.hpp>
   #include <xsec/enc/WinCAPI/WinCAPICryptoX509.hpp>
   #include <xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.hpp>
  -//#include <xsec/enc/WinCAPI/WinCAPICryptoKeyRSA.hpp>
  +#include <xsec/enc/WinCAPI/WinCAPICryptoKeyRSA.hpp>
   #include <xsec/enc/XSECCryptoException.hpp>
   #include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>
   
  @@ -139,7 +139,7 @@
        if 
(lstrcmp(mp_certContext->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId, 
CRYPTO_OID_DSA) == 0)
                return XSECCryptoKey::KEY_DSA_PUBLIC;
   
  -     if 
(lstrcmp(mp_certContext->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId, 
"RSA") == 0)
  +     if 
(lstrcmp(mp_certContext->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId, 
szOID_RSA_RSA) == 0)
                return XSECCryptoKey::KEY_RSA_PUBLIC;
   
        return XSECCryptoKey::KEY_NONE;
  @@ -164,7 +164,7 @@
        if (getPublicKeyType() == XSECCryptoKey::KEY_DSA_PUBLIC) {
   
                fResult= CryptImportPublicKeyInfo(
  -                        mp_ownerProvider->getProvider(),
  +                        mp_ownerProvider->getProviderDSS(),
                           X509_ASN_ENCODING,
                           &(mp_certContext->pCertInfo->SubjectPublicKeyInfo),
                           &key);
  @@ -180,6 +180,30 @@
   
                WinCAPICryptoKeyDSA * ret;
                XSECnew(ret, WinCAPICryptoKeyDSA(mp_ownerProvider, key));
  +
  +             return ret;
  +
  +     }
  +
  +     if (getPublicKeyType() == XSECCryptoKey::KEY_RSA_PUBLIC) {
  +
  +             fResult= CryptImportPublicKeyInfo(
  +                        mp_ownerProvider->getProviderRSA(),
  +                        X509_ASN_ENCODING,
  +                        &(mp_certContext->pCertInfo->SubjectPublicKeyInfo),
  +                        &key);
  +                 
  +
  +             if (fResult == FALSE) {
  +                     throw 
XSECCryptoException(XSECCryptoException::X509Error,
  +                             "WinCAPI:X509 - Error loading public key info 
from certificate");
  +             }
  +
  +             // Now that we have a handle for the DSA key, create a DSA Key 
object to
  +             // wrap it in
  +
  +             WinCAPICryptoKeyRSA * ret;
  +             XSECnew(ret, WinCAPICryptoKeyRSA(mp_ownerProvider, key));
   
                return ret;

cvs commit: xml-security/c/src/enc/WinCAPI WinCAPICryptoHash.cpp WinCAPICryptoHashHMAC.cpp WinCAPICryptoKeyDSA.cpp WinCAPICryptoProvider.cpp WinCAPICryptoProvider.hpp WinCAPICryptoX509.cpp

Reply via email to