2 * WPA Supplicant / Crypto wrapper for Microsoft CryptoAPI
3 * Copyright (c) 2005-2006, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
22 #ifndef MS_ENH_RSA_AES_PROV
24 #define MS_ENH_RSA_AES_PROV \
25 L"Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
27 #define MS_ENH_RSA_AES_PROV \
28 "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
30 #endif /* MS_ENH_RSA_AES_PROV */
33 #define CALG_HMAC (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_HMAC)
36 #ifdef CONFIG_TLS_INTERNAL
37 #ifdef __MINGW32_VERSION
39 * MinGW does not yet include all the needed definitions for CryptoAPI, so
40 * define here whatever extra is needed.
43 static PCCERT_CONTEXT WINAPI
44 (*CertCreateCertificateContext)(DWORD dwCertEncodingType,
45 const BYTE *pbCertEncoded,
47 = NULL; /* to be loaded from crypt32.dll */
50 (*CryptImportPublicKeyInfo)(HCRYPTPROV hCryptProv, DWORD dwCertEncodingType,
51 PCERT_PUBLIC_KEY_INFO pInfo, HCRYPTKEY *phKey)
52 = NULL; /* to be loaded from crypt32.dll */
55 static int mingw_load_crypto_func(void)
59 /* MinGW does not yet have full CryptoAPI support, so load the needed
62 if (CertCreateCertificateContext)
65 dll = LoadLibrary("crypt32");
67 wpa_printf(MSG_DEBUG, "CryptoAPI: Could not load crypt32 "
72 CertCreateCertificateContext = (void *) GetProcAddress(
73 dll, "CertCreateCertificateContext");
74 if (CertCreateCertificateContext == NULL) {
75 wpa_printf(MSG_DEBUG, "CryptoAPI: Could not get "
76 "CertCreateCertificateContext() address from "
81 CryptImportPublicKeyInfo = GetProcAddress(
82 dll, "CryptImportPublicKeyInfo");
83 if (CryptImportPublicKeyInfo == NULL) {
84 wpa_printf(MSG_DEBUG, "CryptoAPI: Could not get "
85 "CryptImportPublicKeyInfo() address from "
93 #else /* __MINGW32_VERSION */
95 static int mingw_load_crypto_func(void)
100 #endif /* __MINGW32_VERSION */
101 #endif /* CONFIG_TLS_INTERNAL */
104 static void cryptoapi_report_error(const char *msg)
107 DWORD err = GetLastError();
109 if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER |
110 FORMAT_MESSAGE_FROM_SYSTEM,
111 NULL, err, 0, (LPTSTR) &s, 0, NULL) == 0) {
112 wpa_printf(MSG_DEBUG, "CryptoAPI: %s: %d", msg, (int) err);
117 if (*pos == '\n' || *pos == '\r') {
124 wpa_printf(MSG_DEBUG, "CryptoAPI: %s: %d: (%s)", msg, (int) err, s);
129 int cryptoapi_hash_vector(ALG_ID alg, size_t hash_len, size_t num_elem,
130 const u8 *addr[], const size_t *len, u8 *mac)
138 if (!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, 0)) {
139 cryptoapi_report_error("CryptAcquireContext");
143 if (!CryptCreateHash(prov, alg, 0, 0, &hash)) {
144 cryptoapi_report_error("CryptCreateHash");
145 CryptReleaseContext(prov, 0);
149 for (i = 0; i < num_elem; i++) {
150 if (!CryptHashData(hash, (BYTE *) addr[i], len[i], 0)) {
151 cryptoapi_report_error("CryptHashData");
152 CryptDestroyHash(hash);
153 CryptReleaseContext(prov, 0);
158 if (!CryptGetHashParam(hash, HP_HASHVAL, mac, &hlen, 0)) {
159 cryptoapi_report_error("CryptGetHashParam");
163 CryptDestroyHash(hash);
164 CryptReleaseContext(prov, 0);
170 void md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
172 cryptoapi_hash_vector(CALG_MD4, 16, num_elem, addr, len, mac);
176 void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
188 DWORD mode = CRYPT_MODE_ECB;
190 key_blob.hdr.bType = PLAINTEXTKEYBLOB;
191 key_blob.hdr.bVersion = CUR_BLOB_VERSION;
192 key_blob.hdr.reserved = 0;
193 key_blob.hdr.aiKeyAlg = CALG_DES;
196 /* Add parity bits to the key */
198 for (i = 0; i < 7; i++) {
200 key_blob.key[i] = (tmp >> i) | next | 1;
201 next = tmp << (7 - i);
203 key_blob.key[i] = next | 1;
205 if (!CryptAcquireContext(&prov, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL,
206 CRYPT_VERIFYCONTEXT)) {
207 wpa_printf(MSG_DEBUG, "CryptoAPI: CryptAcquireContext failed: "
208 "%d", (int) GetLastError());
212 if (!CryptImportKey(prov, (BYTE *) &key_blob, sizeof(key_blob), 0, 0,
214 wpa_printf(MSG_DEBUG, "CryptoAPI: CryptImportKey failed: %d",
215 (int) GetLastError());
216 CryptReleaseContext(prov, 0);
220 if (!CryptSetKeyParam(ckey, KP_MODE, (BYTE *) &mode, 0)) {
221 wpa_printf(MSG_DEBUG, "CryptoAPI: CryptSetKeyParam(KP_MODE) "
222 "failed: %d", (int) GetLastError());
223 CryptDestroyKey(ckey);
224 CryptReleaseContext(prov, 0);
228 os_memcpy(cypher, clear, 8);
230 if (!CryptEncrypt(ckey, 0, FALSE, 0, cypher, &dlen, 8)) {
231 wpa_printf(MSG_DEBUG, "CryptoAPI: CryptEncrypt failed: %d",
232 (int) GetLastError());
233 os_memset(cypher, 0, 8);
236 CryptDestroyKey(ckey);
237 CryptReleaseContext(prov, 0);
242 void md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
244 cryptoapi_hash_vector(CALG_MD5, 16, num_elem, addr, len, mac);
248 void sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
250 cryptoapi_hash_vector(CALG_SHA, 20, num_elem, addr, len, mac);
260 void * aes_encrypt_init(const u8 *key, size_t len)
262 struct aes_context *akey;
268 DWORD mode = CRYPT_MODE_ECB;
273 key_blob.hdr.bType = PLAINTEXTKEYBLOB;
274 key_blob.hdr.bVersion = CUR_BLOB_VERSION;
275 key_blob.hdr.reserved = 0;
276 key_blob.hdr.aiKeyAlg = CALG_AES_128;
278 os_memcpy(key_blob.key, key, len);
280 akey = os_zalloc(sizeof(*akey));
284 if (!CryptAcquireContext(&akey->prov, NULL,
285 MS_ENH_RSA_AES_PROV, PROV_RSA_AES,
286 CRYPT_VERIFYCONTEXT)) {
287 wpa_printf(MSG_DEBUG, "CryptoAPI: CryptAcquireContext failed: "
288 "%d", (int) GetLastError());
293 if (!CryptImportKey(akey->prov, (BYTE *) &key_blob, sizeof(key_blob),
294 0, 0, &akey->ckey)) {
295 wpa_printf(MSG_DEBUG, "CryptoAPI: CryptImportKey failed: %d",
296 (int) GetLastError());
297 CryptReleaseContext(akey->prov, 0);
302 if (!CryptSetKeyParam(akey->ckey, KP_MODE, (BYTE *) &mode, 0)) {
303 wpa_printf(MSG_DEBUG, "CryptoAPI: CryptSetKeyParam(KP_MODE) "
304 "failed: %d", (int) GetLastError());
305 CryptDestroyKey(akey->ckey);
306 CryptReleaseContext(akey->prov, 0);
315 void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
317 struct aes_context *akey = ctx;
320 os_memcpy(crypt, plain, 16);
322 if (!CryptEncrypt(akey->ckey, 0, FALSE, 0, crypt, &dlen, 16)) {
323 wpa_printf(MSG_DEBUG, "CryptoAPI: CryptEncrypt failed: %d",
324 (int) GetLastError());
325 os_memset(crypt, 0, 16);
330 void aes_encrypt_deinit(void *ctx)
332 struct aes_context *akey = ctx;
334 CryptDestroyKey(akey->ckey);
335 CryptReleaseContext(akey->prov, 0);
341 void * aes_decrypt_init(const u8 *key, size_t len)
343 return aes_encrypt_init(key, len);
347 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
349 struct aes_context *akey = ctx;
352 os_memcpy(plain, crypt, 16);
355 if (!CryptDecrypt(akey->ckey, 0, FALSE, 0, plain, &dlen)) {
356 wpa_printf(MSG_DEBUG, "CryptoAPI: CryptDecrypt failed: %d",
357 (int) GetLastError());
362 void aes_decrypt_deinit(void *ctx)
364 aes_encrypt_deinit(ctx);
367 #ifdef CONFIG_TLS_INTERNAL
370 enum crypto_hash_alg alg;
377 struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key,
380 struct crypto_hash *ctx;
388 os_memset(&key_blob, 0, sizeof(key_blob));
390 case CRYPTO_HASH_ALG_MD5:
393 case CRYPTO_HASH_ALG_SHA1:
396 case CRYPTO_HASH_ALG_HMAC_MD5:
397 case CRYPTO_HASH_ALG_HMAC_SHA1:
399 key_blob.hdr.bType = PLAINTEXTKEYBLOB;
400 key_blob.hdr.bVersion = CUR_BLOB_VERSION;
401 key_blob.hdr.reserved = 0;
403 * Note: RC2 is not really used, but that can be used to
404 * import HMAC keys of up to 16 byte long.
405 * CRYPT_IPSEC_HMAC_KEY flag for CryptImportKey() is needed to
406 * be able to import longer keys (HMAC-SHA1 uses 20-byte key).
408 key_blob.hdr.aiKeyAlg = CALG_RC2;
409 key_blob.len = key_len;
410 if (key_len > sizeof(key_blob.key))
412 os_memcpy(key_blob.key, key, key_len);
418 ctx = os_zalloc(sizeof(*ctx));
424 if (!CryptAcquireContext(&ctx->prov, NULL, NULL, PROV_RSA_FULL, 0)) {
425 cryptoapi_report_error("CryptAcquireContext");
430 if (calg == CALG_HMAC) {
431 #ifndef CRYPT_IPSEC_HMAC_KEY
432 #define CRYPT_IPSEC_HMAC_KEY 0x00000100
434 if (!CryptImportKey(ctx->prov, (BYTE *) &key_blob,
435 sizeof(key_blob), 0, CRYPT_IPSEC_HMAC_KEY,
437 cryptoapi_report_error("CryptImportKey");
438 CryptReleaseContext(ctx->prov, 0);
444 if (!CryptCreateHash(ctx->prov, calg, ctx->key, 0, &ctx->hash)) {
445 cryptoapi_report_error("CryptCreateHash");
446 CryptReleaseContext(ctx->prov, 0);
451 if (calg == CALG_HMAC) {
453 os_memset(&info, 0, sizeof(info));
455 case CRYPTO_HASH_ALG_HMAC_MD5:
456 info.HashAlgid = CALG_MD5;
458 case CRYPTO_HASH_ALG_HMAC_SHA1:
459 info.HashAlgid = CALG_SHA;
466 if (!CryptSetHashParam(ctx->hash, HP_HMAC_INFO, (BYTE *) &info,
468 cryptoapi_report_error("CryptSetHashParam");
469 CryptDestroyHash(ctx->hash);
470 CryptReleaseContext(ctx->prov, 0);
480 void crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len)
482 if (ctx == NULL || ctx->error)
485 if (!CryptHashData(ctx->hash, (BYTE *) data, len, 0)) {
486 cryptoapi_report_error("CryptHashData");
492 int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len)
500 if (mac == NULL || len == NULL)
509 if (!CryptGetHashParam(ctx->hash, HP_HASHVAL, mac, &hlen, 0)) {
510 cryptoapi_report_error("CryptGetHashParam");
516 if (ctx->alg == CRYPTO_HASH_ALG_HMAC_SHA1 ||
517 ctx->alg == CRYPTO_HASH_ALG_HMAC_MD5)
518 CryptDestroyKey(ctx->key);
526 struct crypto_cipher {
532 struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
533 const u8 *iv, const u8 *key,
536 struct crypto_cipher *ctx;
542 DWORD mode = CRYPT_MODE_CBC;
544 key_blob.hdr.bType = PLAINTEXTKEYBLOB;
545 key_blob.hdr.bVersion = CUR_BLOB_VERSION;
546 key_blob.hdr.reserved = 0;
547 key_blob.len = key_len;
548 if (key_len > sizeof(key_blob.key))
550 os_memcpy(key_blob.key, key, key_len);
553 case CRYPTO_CIPHER_ALG_AES:
555 key_blob.hdr.aiKeyAlg = CALG_AES_256;
556 else if (key_len == 24)
557 key_blob.hdr.aiKeyAlg = CALG_AES_192;
559 key_blob.hdr.aiKeyAlg = CALG_AES_128;
561 case CRYPTO_CIPHER_ALG_3DES:
562 key_blob.hdr.aiKeyAlg = CALG_3DES;
564 case CRYPTO_CIPHER_ALG_DES:
565 key_blob.hdr.aiKeyAlg = CALG_DES;
567 case CRYPTO_CIPHER_ALG_RC2:
568 key_blob.hdr.aiKeyAlg = CALG_RC2;
570 case CRYPTO_CIPHER_ALG_RC4:
571 key_blob.hdr.aiKeyAlg = CALG_RC4;
577 ctx = os_zalloc(sizeof(*ctx));
581 if (!CryptAcquireContext(&ctx->prov, NULL, MS_ENH_RSA_AES_PROV,
582 PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
583 cryptoapi_report_error("CryptAcquireContext");
587 if (!CryptImportKey(ctx->prov, (BYTE *) &key_blob,
588 sizeof(key_blob), 0, 0, &ctx->key)) {
589 cryptoapi_report_error("CryptImportKey");
593 if (!CryptSetKeyParam(ctx->key, KP_MODE, (BYTE *) &mode, 0)) {
594 cryptoapi_report_error("CryptSetKeyParam(KP_MODE)");
598 if (iv && !CryptSetKeyParam(ctx->key, KP_IV, (BYTE *) iv, 0)) {
599 cryptoapi_report_error("CryptSetKeyParam(KP_IV)");
606 CryptDestroyKey(ctx->key);
608 CryptReleaseContext(ctx->prov, 0);
615 int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain,
616 u8 *crypt, size_t len)
620 os_memcpy(crypt, plain, len);
622 if (!CryptEncrypt(ctx->key, 0, FALSE, 0, crypt, &dlen, len)) {
623 cryptoapi_report_error("CryptEncrypt");
624 os_memset(crypt, 0, len);
632 int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
633 u8 *plain, size_t len)
637 os_memcpy(plain, crypt, len);
639 if (!CryptDecrypt(ctx->key, 0, FALSE, 0, plain, &dlen)) {
640 cryptoapi_report_error("CryptDecrypt");
648 void crypto_cipher_deinit(struct crypto_cipher *ctx)
650 CryptDestroyKey(ctx->key);
651 CryptReleaseContext(ctx->prov, 0);
656 struct crypto_public_key {
661 struct crypto_private_key {
667 struct crypto_public_key * crypto_public_key_import(const u8 *key, size_t len)
669 /* Use crypto_public_key_from_cert() instead. */
674 struct crypto_private_key * crypto_private_key_import(const u8 *key,
682 struct crypto_public_key * crypto_public_key_from_cert(const u8 *buf,
685 struct crypto_public_key *pk;
688 pk = os_zalloc(sizeof(*pk));
692 cc = CertCreateCertificateContext(X509_ASN_ENCODING |
693 PKCS_7_ASN_ENCODING, buf, len);
695 cryptoapi_report_error("CryptCreateCertificateContext");
700 if (!CryptAcquireContext(&pk->prov, NULL, MS_DEF_PROV, PROV_RSA_FULL,
702 cryptoapi_report_error("CryptAcquireContext");
704 CertFreeCertificateContext(cc);
708 if (!CryptImportPublicKeyInfo(pk->prov, X509_ASN_ENCODING |
710 &cc->pCertInfo->SubjectPublicKeyInfo,
712 cryptoapi_report_error("CryptImportPublicKeyInfo");
713 CryptReleaseContext(pk->prov, 0);
715 CertFreeCertificateContext(cc);
719 CertFreeCertificateContext(cc);
725 int crypto_public_key_encrypt_pkcs1_v15(struct crypto_public_key *key,
726 const u8 *in, size_t inlen,
727 u8 *out, size_t *outlen)
735 tmp = malloc(*outlen);
739 os_memcpy(tmp, in, inlen);
741 if (!CryptEncrypt(key->rsa, 0, TRUE, 0, tmp, &clen, *outlen)) {
742 wpa_printf(MSG_DEBUG, "CryptoAPI: Failed to encrypt using "
743 "public key: %d", (int) GetLastError());
750 /* Reverse the output */
751 for (i = 0; i < *outlen; i++)
752 out[i] = tmp[*outlen - 1 - i];
760 int crypto_private_key_sign_pkcs1(struct crypto_private_key *key,
761 const u8 *in, size_t inlen,
762 u8 *out, size_t *outlen)
769 void crypto_public_key_free(struct crypto_public_key *key)
772 CryptDestroyKey(key->rsa);
773 CryptReleaseContext(key->prov, 0);
779 void crypto_private_key_free(struct crypto_private_key *key)
782 CryptDestroyKey(key->rsa);
783 CryptReleaseContext(key->prov, 0);
789 int crypto_global_init(void)
791 return mingw_load_crypto_func();
795 void crypto_global_deinit(void)
799 #endif /* CONFIG_TLS_INTERNAL */
801 #endif /* EAP_TLS_FUNCS */