diff options
author | Jung-uk Kim <jkim@FreeBSD.org> | 2015-10-30 20:51:33 +0000 |
---|---|---|
committer | Jung-uk Kim <jkim@FreeBSD.org> | 2015-10-30 20:51:33 +0000 |
commit | 7bded2db17780f5b59bc532689d8a9541f06901e (patch) | |
tree | e8d8b5ada49f5cdbf70d1e455c13f2625fdcdd45 /crypto/openssl/engines/e_capi.c | |
parent | 50657fd342bcf1886e5b6d2c74605bbdd6b91bed (diff) | |
parent | e9fcefce9bb70f20c272a996443928c5f6ab8cd8 (diff) | |
download | src-7bded2db17780f5b59bc532689d8a9541f06901e.tar.gz src-7bded2db17780f5b59bc532689d8a9541f06901e.zip |
Merge OpenSSL 1.0.2d.
Notes
Notes:
svn path=/head/; revision=290207
Diffstat (limited to 'crypto/openssl/engines/e_capi.c')
-rw-r--r-- | crypto/openssl/engines/e_capi.c | 142 |
1 files changed, 110 insertions, 32 deletions
diff --git a/crypto/openssl/engines/e_capi.c b/crypto/openssl/engines/e_capi.c index 43dd3106c1cb..f4cd2ffe7fa1 100644 --- a/crypto/openssl/engines/e_capi.c +++ b/crypto/openssl/engines/e_capi.c @@ -54,22 +54,27 @@ #include <stdio.h> #include <string.h> +#include <stdlib.h> + #include <openssl/crypto.h> -#include <openssl/buffer.h> -#include <openssl/bn.h> #ifdef OPENSSL_SYS_WIN32 # ifndef OPENSSL_NO_CAPIENG +# include <openssl/buffer.h> +# include <openssl/bn.h> # include <openssl/rsa.h> -# include <windows.h> - # ifndef _WIN32_WINNT # define _WIN32_WINNT 0x0400 # endif +# include <windows.h> # include <wincrypt.h> +# include <malloc.h> +# ifndef alloca +# define alloca _alloca +# endif /* * This module uses several "new" interfaces, among which is @@ -832,7 +837,7 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len, /* Finally sign it */ slen = RSA_size(rsa); - if (!CryptSignHashA(hash, capi_key->keyspec, NULL, 0, sigret, &slen)) { + if (!CryptSignHash(hash, capi_key->keyspec, NULL, 0, sigret, &slen)) { CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_ERROR_SIGNING_HASH); capi_addlasterror(); goto err; @@ -956,7 +961,7 @@ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen, /* Finally sign it */ slen = sizeof(csigbuf); - if (!CryptSignHashA(hash, capi_key->keyspec, NULL, 0, csigbuf, &slen)) { + if (!CryptSignHash(hash, capi_key->keyspec, NULL, 0, csigbuf, &slen)) { CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_ERROR_SIGNING_HASH); capi_addlasterror(); goto err; @@ -1025,7 +1030,7 @@ static void capi_adderror(DWORD err) ERR_add_error_data(2, "Error code= 0x", errstr); } -static char *wide_to_asc(LPWSTR wstr) +static char *wide_to_asc(LPCWSTR wstr) { char *str; int len_0, sz; @@ -1054,10 +1059,10 @@ static char *wide_to_asc(LPWSTR wstr) static int capi_get_provname(CAPI_CTX * ctx, LPSTR * pname, DWORD * ptype, DWORD idx) { - LPSTR name; DWORD len, err; + LPTSTR name; CAPI_trace(ctx, "capi_get_provname, index=%d\n", idx); - if (!CryptEnumProvidersA(idx, NULL, 0, ptype, NULL, &len)) { + if (!CryptEnumProviders(idx, NULL, 0, ptype, NULL, &len)) { err = GetLastError(); if (err == ERROR_NO_MORE_ITEMS) return 2; @@ -1065,8 +1070,11 @@ static int capi_get_provname(CAPI_CTX * ctx, LPSTR * pname, DWORD * ptype, capi_adderror(err); return 0; } - name = OPENSSL_malloc(len); - if (!CryptEnumProvidersA(idx, NULL, 0, ptype, name, &len)) { + if (sizeof(TCHAR) != sizeof(char)) + name = alloca(len); + else + name = OPENSSL_malloc(len); + if (!CryptEnumProviders(idx, NULL, 0, ptype, name, &len)) { err = GetLastError(); if (err == ERROR_NO_MORE_ITEMS) return 2; @@ -1074,8 +1082,11 @@ static int capi_get_provname(CAPI_CTX * ctx, LPSTR * pname, DWORD * ptype, capi_adderror(err); return 0; } - *pname = name; - CAPI_trace(ctx, "capi_get_provname, returned name=%s, type=%d\n", name, + if (sizeof(TCHAR) != sizeof(char)) + *pname = wide_to_asc((WCHAR *)name); + else + *pname = (char *)name; + CAPI_trace(ctx, "capi_get_provname, returned name=%s, type=%d\n", *pname, *ptype); return 1; @@ -1106,10 +1117,26 @@ static int capi_list_containers(CAPI_CTX * ctx, BIO *out) HCRYPTPROV hprov; DWORD err, idx, flags, buflen = 0, clen; LPSTR cname; + LPTSTR cspname = NULL; + CAPI_trace(ctx, "Listing containers CSP=%s, type = %d\n", ctx->cspname, ctx->csptype); - if (!CryptAcquireContextA - (&hprov, NULL, ctx->cspname, ctx->csptype, CRYPT_VERIFYCONTEXT)) { + if (ctx->cspname && sizeof(TCHAR) != sizeof(char)) { + if ((clen = + MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, NULL, 0))) { + cspname = alloca(clen * sizeof(WCHAR)); + MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, (WCHAR *)cspname, + clen); + } + if (!cspname) { + CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE); + capi_addlasterror(); + return 0; + } + } else + cspname = (TCHAR *)ctx->cspname; + if (!CryptAcquireContext + (&hprov, NULL, cspname, ctx->csptype, CRYPT_VERIFYCONTEXT)) { CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_CRYPTACQUIRECONTEXT_ERROR); capi_addlasterror(); @@ -1139,7 +1166,8 @@ static int capi_list_containers(CAPI_CTX * ctx, BIO *out) flags = CRYPT_FIRST; else flags = 0; - if (!CryptGetProvParam(hprov, PP_ENUMCONTAINERS, cname, &clen, flags)) { + if (!CryptGetProvParam + (hprov, PP_ENUMCONTAINERS, (BYTE *) cname, &clen, flags)) { err = GetLastError(); if (err == ERROR_NO_MORE_ITEMS) goto done; @@ -1326,7 +1354,6 @@ int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *id) CertFreeCertificateContext(cert); } else { for (idx = 0;; idx++) { - LPWSTR fname = NULL; cert = CertEnumCertificatesInStore(hstore, cert); if (!cert) break; @@ -1371,18 +1398,30 @@ static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id, } } -static CAPI_KEY *capi_get_key(CAPI_CTX * ctx, const char *contname, - char *provname, DWORD ptype, DWORD keyspec) +static CAPI_KEY *capi_get_key(CAPI_CTX * ctx, const TCHAR *contname, + TCHAR *provname, DWORD ptype, DWORD keyspec) { CAPI_KEY *key; DWORD dwFlags = 0; key = OPENSSL_malloc(sizeof(CAPI_KEY)); - CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", - contname, provname, ptype); + if (sizeof(TCHAR) == sizeof(char)) + CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", + contname, provname, ptype); + else if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) { + /* above 'if' is optimization to minimize malloc-ations */ + char *_contname = wide_to_asc((WCHAR *)contname); + char *_provname = wide_to_asc((WCHAR *)provname); + + CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", + _contname, _provname, ptype); + if (_provname) + OPENSSL_free(_provname); + if (_contname) + OPENSSL_free(_contname); + } if (ctx->store_flags & CERT_SYSTEM_STORE_LOCAL_MACHINE) dwFlags = CRYPT_MACHINE_KEYSET; - if (!CryptAcquireContextA - (&key->hprov, contname, provname, ptype, dwFlags)) { + if (!CryptAcquireContext(&key->hprov, contname, provname, ptype, dwFlags)) { CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR); capi_addlasterror(); goto err; @@ -1410,12 +1449,18 @@ static CAPI_KEY *capi_get_cert_key(CAPI_CTX * ctx, PCCERT_CONTEXT cert) pinfo = capi_get_prov_info(ctx, cert); if (!pinfo) goto err; - provname = wide_to_asc(pinfo->pwszProvName); - contname = wide_to_asc(pinfo->pwszContainerName); - if (!provname || !contname) - goto err; - key = capi_get_key(ctx, contname, provname, - pinfo->dwProvType, pinfo->dwKeySpec); + if (sizeof(TCHAR) != sizeof(char)) + key = capi_get_key(ctx, (TCHAR *)pinfo->pwszContainerName, + (TCHAR *)pinfo->pwszProvName, + pinfo->dwProvType, pinfo->dwKeySpec); + else { + provname = wide_to_asc(pinfo->pwszProvName); + contname = wide_to_asc(pinfo->pwszContainerName); + if (!provname || !contname) + goto err; + key = capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname, + pinfo->dwProvType, pinfo->dwKeySpec); + } err: if (pinfo) @@ -1447,7 +1492,29 @@ CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id) break; case CAPI_LU_CONTNAME: - key = capi_get_key(ctx, id, ctx->cspname, ctx->csptype, ctx->keytype); + if (sizeof(TCHAR) != sizeof(char)) { + WCHAR *contname, *provname; + DWORD len; + + if ((len = MultiByteToWideChar(CP_ACP, 0, id, -1, NULL, 0)) && + (contname = alloca(len * sizeof(WCHAR)), + MultiByteToWideChar(CP_ACP, 0, id, -1, contname, len)) && + (len = + MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, NULL, 0)) + && (provname = + alloca(len * sizeof(WCHAR)), MultiByteToWideChar(CP_ACP, + 0, + ctx->cspname, + -1, + provname, + len))) + key = + capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname, + ctx->csptype, ctx->keytype); + } else + key = capi_get_key(ctx, (TCHAR *)id, + (TCHAR *)ctx->cspname, + ctx->csptype, ctx->keytype); break; } @@ -1512,8 +1579,19 @@ static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type, CAPI_trace(ctx, "capi_ctx_set_provname, name=%s, type=%d\n", pname, type); if (check) { HCRYPTPROV hprov; - if (!CryptAcquireContextA(&hprov, NULL, pname, type, - CRYPT_VERIFYCONTEXT)) { + LPTSTR name = NULL; + + if (sizeof(TCHAR) != sizeof(char)) { + DWORD len; + if ((len = MultiByteToWideChar(CP_ACP, 0, pname, -1, NULL, 0))) { + name = alloca(len * sizeof(WCHAR)); + MultiByteToWideChar(CP_ACP, 0, pname, -1, (WCHAR *)name, len); + } + } else + name = (TCHAR *)pname; + + if (!name || !CryptAcquireContext(&hprov, NULL, name, type, + CRYPT_VERIFYCONTEXT)) { CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, CAPI_R_CRYPTACQUIRECONTEXT_ERROR); capi_addlasterror(); |