/** * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ /* * XSEC * * WinCAPICryptoKeyDSA := DSA Keys * * Author(s): Berin Lautenbach * * $Id$ * */ #include <xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.hpp> #include <xsec/enc/WinCAPI/WinCAPICryptoProvider.hpp> #include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp> #include <xsec/enc/XSECCryptoException.hpp> #include <xsec/enc/XSECCryptoUtils.hpp> #include <xsec/framework/XSECError.hpp> #if defined (XSEC_HAVE_WINCAPI) #include <xercesc/util/Janitor.hpp> XSEC_USING_XERCES(ArrayJanitor); WinCAPICryptoKeyDSA::WinCAPICryptoKeyDSA(HCRYPTPROV prov) { // Create a new key to be loaded as we go m_key = 0; m_p = prov; m_keySpec = 0; mp_P = NULL; mp_Q = NULL; mp_G = NULL; mp_Y = NULL; }; // "Hidden" WinCAPI constructor WinCAPICryptoKeyDSA::WinCAPICryptoKeyDSA(HCRYPTPROV prov, HCRYPTKEY k) : m_p(prov) { m_key = k; // NOTE - We OWN this handle m_keySpec = 0; mp_P = mp_Q = mp_G = mp_Y = NULL; m_PLen = m_QLen = m_GLen = m_YLen = 0; } WinCAPICryptoKeyDSA::WinCAPICryptoKeyDSA(HCRYPTPROV prov, DWORD keySpec, bool isPrivate) : m_p(prov) { if (isPrivate == false) { throw XSECCryptoException(XSECCryptoException::DSAError, "Public keys defined via keySpec ctor not yet supported"); } m_key = 0; m_keySpec = keySpec; mp_P = mp_Q = mp_G = mp_Y = NULL; m_PLen = m_QLen = m_GLen = m_YLen = 0; } WinCAPICryptoKeyDSA::~WinCAPICryptoKeyDSA() { // If we have a DSA, delete it if (m_key != 0) CryptDestroyKey(m_key); if (mp_P != NULL) delete[] mp_P; if (mp_Q != NULL) delete[] mp_Q; if (mp_G != NULL) delete[] mp_G; if (mp_Y != NULL) delete[] mp_Y; }; const XMLCh * WinCAPICryptoKeyDSA::getProviderName() const { return DSIGConstants::s_unicodeStrPROVWinCAPI; } // Generic key functions XSECCryptoKey::KeyType WinCAPICryptoKeyDSA::getKeyType() const { // Find out what we have if (m_key == NULL) { // For now we don't really understand Private Windows keys if (m_keySpec != 0) return KEY_DSA_PRIVATE; // Check if we have parameters loaded if (mp_P == NULL || mp_Q == NULL || mp_G == NULL || mp_Y == NULL) return KEY_NONE; else return KEY_DSA_PUBLIC; } if (m_keySpec != 0) return KEY_DSA_PAIR; // If we have m_key - it must be public return KEY_DSA_PUBLIC; } void WinCAPICryptoKeyDSA::loadPBase64BigNums(const char * b64, unsigned int len) { if (mp_P != NULL) { delete[] mp_P; mp_P = NULL; // In case we get an exception } mp_P = WinCAPICryptoProvider::b642WinBN(b64, len, m_PLen); } void WinCAPICryptoKeyDSA::loadQBase64BigNums(const char * b64, unsigned int len) { if (mp_Q != NULL) { delete[] mp_Q; mp_Q = NULL; // In case we get an exception } mp_Q = WinCAPICryptoProvider::b642WinBN(b64, len, m_QLen); } void WinCAPICryptoKeyDSA::loadGBase64BigNums(const char * b64, unsigned int len) { if (mp_G != NULL) { delete[] mp_G; mp_G = NULL; // In case we get an exception } mp_G = WinCAPICryptoProvider::b642WinBN(b64, len, m_GLen); } void WinCAPICryptoKeyDSA::loadYBase64BigNums(const char * b64, unsigned int len) { if (mp_Y != NULL) { delete[] mp_Y; mp_Y = NULL; // In case we get an exception } mp_Y = WinCAPICryptoProvider::b642WinBN(b64, len, m_YLen); } void WinCAPICryptoKeyDSA::loadJBase64BigNums(const char * b64, unsigned int len) { /* Do nothing */ } // -------------------------------------------------------------------------------- // Verify a signature encoded as a Base64 string // -------------------------------------------------------------------------------- void WinCAPICryptoKeyDSA::importKey(void) const { if (m_key != 0 || mp_P == NULL || mp_Q == NULL || mp_G == NULL || mp_Y == NULL) return; // Do some basic checks if ((m_QLen > 20) | (m_GLen > m_PLen) | (m_YLen > m_PLen)) { throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Parameter lengths inconsistent"); } // Create a DSS Public-Key blob // First build a buffer to hold everything BYTE * blobBuffer; unsigned int blobBufferLen = WINCAPI_BLOBHEADERLEN + WINCAPI_DSSPUBKEYLEN + (3 * m_PLen) + 0x14 + WINCAPI_DSSSEEDLEN; XSECnew(blobBuffer, BYTE[blobBufferLen]); ArrayJanitor<BYTE> j_blobBuffer(blobBuffer); // Blob header BLOBHEADER * header = (BLOBHEADER *) blobBuffer; header->bType = PUBLICKEYBLOB; header->bVersion = 0x02; // We are using a version 2 blob header->reserved = 0; header->aiKeyAlg = CALG_DSS_SIGN; // Now the public key header DSSPUBKEY * pubkey = (DSSPUBKEY *) (blobBuffer + WINCAPI_BLOBHEADERLEN); pubkey->magic = 0x31535344; // ASCII encoding of DSS1 pubkey->bitlen = m_PLen * 8; // Number of bits in prime modulus // Now copy in each of the keys BYTE * i = (BYTE *) (pubkey); i += WINCAPI_DSSPUBKEYLEN; memcpy(i, mp_P, m_PLen); i+= m_PLen; // Q memcpy(i, mp_Q, m_QLen); i += m_QLen; // Pad with 0s unsigned int j; for (j = m_QLen; j < 20 ; ++j) *i++ = 0; // Generator memcpy(i, mp_G, m_GLen); i += m_GLen; // Pad for (j = m_GLen; j < m_PLen ; ++j) *i++ = 0; // Public key memcpy(i, mp_Y, m_YLen); i += m_YLen; // Pad for (j = m_YLen; j < m_PLen ; ++j) *i++ = 0; // Set seed to 0 for (j = 0; j < WINCAPI_DSSSEEDLEN; ++j) *i++ = 0xFF; // SEED Counter set to 0xFFFFFFFF will cause seed to be ignored // Now that we have the blob, import BOOL fResult = CryptImportKey( m_p, blobBuffer, blobBufferLen, 0, // Not signed 0, // No flags &m_key); if (fResult == 0) { throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA Error attempting to import key parameters"); } } bool WinCAPICryptoKeyDSA::verifyBase64Signature(unsigned char * hashBuf, unsigned int hashLen, char * base64Signature, unsigned int sigLen) const { // Use the currently loaded key to validate the Base64 encoded signature if (m_key == 0) { // Try to import from the parameters importKey(); if (m_key == 0) { throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Attempt to validate signature with empty key"); } } // Decode the signature unsigned char * rawSig; DWORD rawSigLen; XSECnew(rawSig, BYTE [sigLen]); ArrayJanitor<BYTE> j_rawSig(rawSig); // Decode the signature XSCryptCryptoBase64 b64; b64.decodeInit(); rawSigLen = b64.decode((unsigned char *) base64Signature, sigLen, rawSig, sigLen); rawSigLen += b64.decodeFinish(&rawSig[rawSigLen], sigLen - rawSigLen); // Reverse the sig - Windows stores integers as octet streams in little endian // order. The I2OSP algorithm used by XMLDSig to store integers is big endian BYTE rawSigFinal[40]; BYTE * j, *k, *l, *m; unsigned char rb[20]; unsigned char sb[20]; if (rawSigLen == 40) { j = rawSig; k = rawSig + 20; } else if (rawSigLen == 46 && ASN2DSASig(rawSig, rb, sb) == true) { j = rb; k = sb; } else { throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA::VerifyBase64Signature - Expect 40 bytes in a DSA signature"); } l = rawSigFinal + 19; m = rawSigFinal + 39; while (l >= rawSigFinal) { *l-- = *j++; *m-- = *k++; } // Have to create a Windows hash object and feed in the hash BOOL fResult; HCRYPTHASH h; fResult = CryptCreateHash(m_p, CALG_SHA1, 0, 0, &h); if (!fResult) { throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Error creating Windows Hash Object"); } // Feed the hash value into the newly created hash object fResult = CryptSetHashParam( h, HP_HASHVAL, hashBuf, 0); if (!fResult) { if (h) CryptDestroyHash(h); throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Error Setting Hash Value in Windows Hash object"); } // Now validate fResult = CryptVerifySignature( h, rawSigFinal, 40, m_key, NULL, 0); if (!fResult) { DWORD error = GetLastError(); /* For some reason, the default Microsoft DSS provider generally returns * NTE_FAIL (which denotes an internal failure in the provider) for a * failed signature rather than NTE_BAD_SIGNATURE */ if (error != NTE_BAD_SIGNATURE && error != NTE_FAIL) { if (h) CryptDestroyHash(h); throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Error occurred in DSA validation"); } if (h) CryptDestroyHash(h); return false; } if (h) CryptDestroyHash(h); return true; } // -------------------------------------------------------------------------------- // Sign and encode result as a Base64 string // -------------------------------------------------------------------------------- unsigned int WinCAPICryptoKeyDSA::signBase64Signature(unsigned char * hashBuf, unsigned int hashLen, char * base64SignatureBuf, unsigned int base64SignatureBufLen) const { // Sign a pre-calculated hash using this key if (m_keySpec == 0) { throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Attempt to sign data a public or non-existent key"); } // Have to create a Windows hash object and feed in the hash BOOL fResult; HCRYPTHASH h; fResult = CryptCreateHash(m_p, CALG_SHA1, 0, 0, &h); if (!fResult) { throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Error creating Windows Hash Object"); } // Feed the hash value into the newly created hash object fResult = CryptSetHashParam( h, HP_HASHVAL, hashBuf, 0); if (!fResult) { if (h) CryptDestroyHash(h); throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Error Setting Hash Value in Windows Hash object"); } // Now sign BYTE rawSig[50]; DWORD rawSigLen = 50; fResult = CryptSignHash( h, m_keySpec, NULL, 0, rawSig, &rawSigLen); if (!fResult || rawSigLen != 40) { if (h) CryptDestroyHash(h); throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Error occurred in DSA signing"); } if (h) CryptDestroyHash(h); // Now encode into a signature block BYTE rawSigFinal[40]; BYTE * i, * j, * m, * n; i = rawSig; j = rawSig + 20; m = rawSigFinal + 19; n = rawSigFinal + 39; while (m >= rawSigFinal) { *m-- = *i++; *n-- = *j++; } // Now encode XSCryptCryptoBase64 b64; b64.encodeInit(); unsigned int ret = b64.encode(rawSigFinal, 40, (unsigned char *) base64SignatureBuf, base64SignatureBufLen); ret += b64.encodeFinish((unsigned char *) &base64SignatureBuf[ret], base64SignatureBufLen - ret); return ret; } // -------------------------------------------------------------------------------- // Clone key // -------------------------------------------------------------------------------- XSECCryptoKey * WinCAPICryptoKeyDSA::clone() const { WinCAPICryptoKeyDSA * ret; XSECnew(ret, WinCAPICryptoKeyDSA(m_p)); if (m_key != 0) { // CryptDuplicateKey is not supported in Windows NT, so we need to export and then // reimport the key to get a copy BYTE keyBuf[2048]; DWORD keyBufLen = 2048; CryptExportKey(m_key, 0, PUBLICKEYBLOB, 0, keyBuf, &keyBufLen); // Now re-import CryptImportKey(m_p, keyBuf, keyBufLen, NULL, 0, &ret->m_key); } ret->m_PLen = m_PLen; if (mp_P != NULL) { XSECnew(ret->mp_P, BYTE[m_PLen]); memcpy(ret->mp_P, mp_P, m_PLen); } else ret->mp_P = NULL; ret->m_QLen = m_QLen; if (mp_Q != NULL) { XSECnew(ret->mp_Q, BYTE[m_QLen]); memcpy(ret->mp_Q, mp_Q, m_QLen); } else ret->mp_Q = NULL; ret->m_GLen = m_GLen; if (mp_G != NULL) { XSECnew(ret->mp_G, BYTE[m_GLen]); memcpy(ret->mp_G, mp_G, m_GLen); } else ret->mp_G = NULL; ret->m_YLen = m_YLen; if (mp_Y != NULL) { XSECnew(ret->mp_Y, BYTE[m_YLen]); memcpy(ret->mp_Y, mp_Y, m_YLen); } else ret->mp_Y = NULL; return ret; } // -------------------------------------------------------------------------------- // Some utility functions // -------------------------------------------------------------------------------- void WinCAPICryptoKeyDSA::loadParamsFromKey(void) { if (m_key == 0) { if (m_keySpec == 0) return; // See of we can get the user key if (!CryptGetUserKey(m_p, m_keySpec, &m_key)) return; } // Export key into a keyblob BOOL fResult; DWORD blobLen; fResult = CryptExportKey( m_key, 0, PUBLICKEYBLOB, 0, NULL, &blobLen); if (fResult == 0 || blobLen < 1) { throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Error exporting public key"); } BYTE * blob; XSECnew(blob, BYTE[blobLen]); ArrayJanitor<BYTE> j_blob(blob); fResult = CryptExportKey( m_key, 0, PUBLICKEYBLOB, 0, blob, &blobLen); if (fResult == 0 || blobLen < 1) { throw XSECCryptoException(XSECCryptoException::DSAError, "WinCAPI:DSA - Error exporting public key"); } DSSPUBKEY * pk = (DSSPUBKEY *) ( blob + WINCAPI_BLOBHEADERLEN ); DWORD keyLen = pk->bitlen / 8; // Copy the keys BYTE * i = (BYTE *) ( pk ); i += WINCAPI_DSSPUBKEYLEN; if (mp_P != NULL) delete[] mp_P; XSECnew(mp_P, BYTE[keyLen]); memcpy(mp_P, i, keyLen); m_PLen = keyLen; i+=keyLen; if (mp_Q != NULL) delete[] mp_Q; m_QLen = 20; while (i[m_QLen - 1] == 0 && m_QLen > 0) m_QLen--; XSECnew(mp_Q, BYTE[m_QLen]); memcpy(mp_Q, i, m_QLen); i+=20; if (mp_G != NULL) delete[] mp_G; m_GLen = keyLen; while(i[m_GLen - 1] == 0 && m_GLen > 0) m_GLen--; XSECnew(mp_G, BYTE[m_GLen]); memcpy(mp_G, i, m_GLen); i+=keyLen; if (mp_Y != NULL) delete[] mp_Y; m_YLen = keyLen; while (i[m_YLen] == 0 && m_YLen > 0) m_YLen--; XSECnew(mp_Y, BYTE[m_YLen]); memcpy(mp_Y, i, m_YLen); } unsigned int WinCAPICryptoKeyDSA::getPBase64BigNums(char * b64, unsigned int len) { if (m_key == 0 && m_keySpec == 0 && mp_P == NULL) { return 0; // Nothing we can do } if (mp_P == NULL) { loadParamsFromKey(); } unsigned int bLen; unsigned char * b = WinCAPICryptoProvider::WinBN2b64(mp_P, m_PLen, bLen); if (bLen > len) bLen = len; memcpy(b64, b, bLen); delete[] b; return bLen; } unsigned int WinCAPICryptoKeyDSA::getQBase64BigNums(char * b64, unsigned int len) { if (m_key == 0 && m_keySpec == 0 && mp_Q == NULL) { return 0; // Nothing we can do } if (mp_Q == NULL) { loadParamsFromKey(); } unsigned int bLen; unsigned char * b = WinCAPICryptoProvider::WinBN2b64(mp_Q, m_QLen, bLen); if (bLen > len) bLen = len; memcpy(b64, b, bLen); delete[] b; return bLen; } unsigned int WinCAPICryptoKeyDSA::getGBase64BigNums(char * b64, unsigned int len) { if (m_key == 0 && m_keySpec == 0 && mp_G == NULL) { return 0; // Nothing we can do } if (mp_G == NULL) { loadParamsFromKey(); } unsigned int bLen; unsigned char * b = WinCAPICryptoProvider::WinBN2b64(mp_G, m_GLen, bLen); if (bLen > len) bLen = len; memcpy(b64, b, bLen); delete[] b; return bLen; } unsigned int WinCAPICryptoKeyDSA::getYBase64BigNums(char * b64, unsigned int len) { if (m_key == 0 && m_keySpec == 0 && mp_Y == NULL) { return 0; // Nothing we can do } if (mp_Y == NULL) { loadParamsFromKey(); } unsigned int bLen; unsigned char * b = WinCAPICryptoProvider::WinBN2b64(mp_Y, m_YLen, bLen); if (bLen > len) bLen = len; memcpy(b64, b, bLen); delete[] b; return bLen; } #endif /* XSEC_HAVE_WINCAPI */