blautenb 2003/10/11 18:29:46
Modified: c/src/enc/OpenSSL OpenSSLCryptoSymmetricKey.cpp
c/src/enc/WinCAPI WinCAPICryptoHashHMAC.cpp
WinCAPICryptoKeyHMAC.cpp WinCAPICryptoKeyHMAC.hpp
WinCAPICryptoProvider.cpp WinCAPICryptoProvider.hpp
Log:
Updated to start handling keys in Windows with their own context
Revision Changes Path
1.5 +5 -1
xml-security/c/src/enc/OpenSSL/OpenSSLCryptoSymmetricKey.cpp
Index: OpenSSLCryptoSymmetricKey.cpp
===================================================================
RCS file:
/home/cvs/xml-security/c/src/enc/OpenSSL/OpenSSLCryptoSymmetricKey.cpp,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- OpenSSLCryptoSymmetricKey.cpp 3 Oct 2003 09:54:46 -0000 1.4
+++ OpenSSLCryptoSymmetricKey.cpp 12 Oct 2003 01:29:46 -0000 1.5
@@ -74,6 +74,8 @@
#include <xsec/framework/XSECError.hpp>
#include <xsec/enc/XSECCryptoException.hpp>
+#if defined (HAVE_OPENSSL)
+
#include <string.h>
#include <openssl/rand.h>
@@ -507,3 +509,5 @@
return outl;
}
+
+#endif /* HAVE_OPENSSL */
1.4 +3 -2 xml-security/c/src/enc/WinCAPI/WinCAPICryptoHashHMAC.cpp
Index: WinCAPICryptoHashHMAC.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoHashHMAC.cpp,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- WinCAPICryptoHashHMAC.cpp 5 Jul 2003 10:30:33 -0000 1.3
+++ WinCAPICryptoHashHMAC.cpp 12 Oct 2003 01:29:46 -0000 1.4
@@ -199,10 +199,11 @@
if (strEquals(key->getProviderName(),
DSIGConstants::s_unicodeStrPROVWinCAPI) &&
((WinCAPICryptoKeyHMAC *) key)->getWinKey() != 0) {
+ HCRYPTPROV p = ((WinCAPICryptoKeyHMAC *) key)->getWinKeyProv();
HCRYPTKEY k = ((WinCAPICryptoKeyHMAC *) key)->getWinKey();
fResult = CryptCreateHash(
- mp_ownerProvider->getProviderRSA(),
+ p,
CALG_HMAC,
k,
0,
1.4 +32 -2 xml-security/c/src/enc/WinCAPI/WinCAPICryptoKeyHMAC.cpp
Index: WinCAPICryptoKeyHMAC.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoKeyHMAC.cpp,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- WinCAPICryptoKeyHMAC.cpp 5 Jul 2003 10:30:33 -0000 1.3
+++ WinCAPICryptoKeyHMAC.cpp 12 Oct 2003 01:29:46 -0000 1.4
@@ -70,12 +70,14 @@
#include <xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.hpp>
#include <xsec/framework/XSECError.hpp>
+#include <xsec/enc/XSECCryptoException.hpp>
WinCAPICryptoKeyHMAC::WinCAPICryptoKeyHMAC() :m_keyBuf("") {
m_keyBuf.isSensitive();
m_keyLen = 0;
m_k = 0;
+ m_p = 0;
};
@@ -102,6 +104,27 @@
ret->m_keyBuf = m_keyBuf;
ret->m_keyLen = m_keyLen;
+ ret->m_p = m_p;
+
+ if (m_k != 0) {
+#if (_WIN32_WINNT > 0x0400)
+ if (CryptDuplicateKey(m_k,
+ 0,
+ 0,
+ &(ret->m_k)) == 0 ) {
+
+ throw XSECCryptoException(XSECCryptoException::MDError,
+ "WinCAPI:KeyHMAC Error attempting to clone key
parameters");
+
+ }
+#else
+ throw XSECCryptoException(XSECCryptoException::MDError,
+ "Unable to clone keys in Windows NT 4.0 and below");
+#endif
+ }
+ else
+ ret->m_k = 0;
+
return ret;
}
@@ -110,7 +133,7 @@
// Windows Specific Keys
//
--------------------------------------------------------------------------------
-void WinCAPICryptoKeyHMAC::setWinKey(HCRYPTKEY k) {
+void WinCAPICryptoKeyHMAC::setWinKey(HCRYPTPROV p, HCRYPTKEY k) {
if (m_k != 0) {
@@ -119,11 +142,18 @@
}
m_k = k;
+ m_p = p;
}
HCRYPTKEY WinCAPICryptoKeyHMAC::getWinKey(void) {
return m_k;
+
+}
+
+HCRYPTPROV WinCAPICryptoKeyHMAC::getWinKeyProv(void) {
+
+ return m_p;
}
1.4 +17 -2 xml-security/c/src/enc/WinCAPI/WinCAPICryptoKeyHMAC.hpp
Index: WinCAPICryptoKeyHMAC.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoKeyHMAC.hpp,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- WinCAPICryptoKeyHMAC.hpp 5 Jul 2003 10:30:33 -0000 1.3
+++ WinCAPICryptoKeyHMAC.hpp 12 Oct 2003 01:29:46 -0000 1.4
@@ -178,10 +178,13 @@
* Set a Windows Crypto key that has been either derived via the
* various Crypt functions or has been loaded from an encrypted BLOB
*
+ * @param p Handle to provider context used to create this key. Note
+ * it is the responsibility of the caller to release the context.
* @param k Windows CAPI key to load
+ * Note that the library now owns this key (and will destroy it).
*/
- void setWinKey(HCRYPTKEY k);
+ void setWinKey(HCRYPTPROV p, HCRYPTKEY k);
/**
* \brief Get a windows key
@@ -194,6 +197,17 @@
HCRYPTKEY getWinKey(void);
+ /**
+ * \brief Get a windows key provider
+ *
+ * Used by WinCAPICryptoHashHMAC to retrieve the provider handle
associated
+ * with an HMAC key in order to load it into the HMAC function.
+ *
+ * @returns The key to use or 0 if this object does not hold one
+ */
+
+ HCRYPTPROV getWinKeyProv(void);
+
//@}
private:
@@ -202,6 +216,7 @@
unsigned int m_keyLen;
HCRYPTKEY m_k;
+ HCRYPTPROV m_p;
};
#endif /* WINCAPICRYPTOKEYHMAC_INCLUDE */
1.7 +22 -16 xml-security/c/src/enc/WinCAPI/WinCAPICryptoProvider.cpp
Index: WinCAPICryptoProvider.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoProvider.cpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- WinCAPICryptoProvider.cpp 3 Oct 2003 09:54:46 -0000 1.6
+++ WinCAPICryptoProvider.cpp 12 Oct 2003 01:29:46 -0000 1.7
@@ -85,22 +85,12 @@
XSEC_USING_XERCES(ArrayJanitor);
WinCAPICryptoProvider::WinCAPICryptoProvider(
- HCRYPTPROV provDSS,
- HCRYPTPROV provRSA) {
+ LPCSTR provDSSName,
+ LPCSTR provRSAName) {
- // Copy parameters for later use
-
- m_provDSS = provDSS;
- m_provRSA = provRSA;
-
-}
-
-WinCAPICryptoProvider::WinCAPICryptoProvider() {
-
- // Obtain default PROV_DSS and PROV_RSA_FULL, with default user key
containers
if (!CryptAcquireContext(&m_provDSS,
NULL,
- NULL,
+ provDSSName,
PROV_DSS,
CRYPT_VERIFYCONTEXT))
{
@@ -110,17 +100,33 @@
if (!CryptAcquireContext(&m_provRSA,
NULL,
- NULL,
+ provRSAName,
PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT))
{
throw XSECException(XSECException::InternalError,
"WinCAPICryptoProvider() - Error obtaining default
PROV_RSA_FULL");
}
-}
+ // Copy parameters for later use
+
+ if (provDSSName != NULL)
+ m_provDSSName = strdup(provDSSName);
+ else
+ m_provDSSName = NULL;
+
+ if (provRSAName != NULL)
+ m_provRSAName = strdup(provRSAName);
+ else
+ m_provRSAName = NULL;
+
+}
WinCAPICryptoProvider::~WinCAPICryptoProvider() {
+
+
+ CryptReleaseContext(m_provRSA, 0);
+ CryptReleaseContext(m_provDSS, 0);
}
1.8 +9 -16 xml-security/c/src/enc/WinCAPI/WinCAPICryptoProvider.hpp
Index: WinCAPICryptoProvider.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoProvider.hpp,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- WinCAPICryptoProvider.hpp 3 Oct 2003 09:54:46 -0000 1.7
+++ WinCAPICryptoProvider.hpp 12 Oct 2003 01:29:46 -0000 1.8
@@ -119,24 +119,15 @@
* \brief Create a Windows CAPI interface layer
*
* Windows CSPs work under a provider model. The user should specify
- * which CSP to use and which key container to use.
+ * which CSP to use.
*
- * @param provDSS DSS provider - must be of type PROV_DSS
- * @param provRSA RSA provider - must be of type PROV_RSA_FULL
+ * @param provDSSName Name of DSS provider - must be of type PROV_DSS.
+ * Will use the default Windows DSS provider if nothing passed in.
+ * @param provRSAName RSA provider - must be of type PROV_RSA_FULL.
+ * Will use the default RSA_FULL provider if nothing passed in
*/
- WinCAPICryptoProvider(HCRYPTPROV provDSS, HCRYPTPROV provRSA);
-
- /**
- * \brief Create a Windows CAPI interface layer.
- *
- * The default constructor will use the default providers and containers
- *
- * @note This call will fail if the user has not generated keys in the
- * default DSS and RSA provider containers
- */
-
- WinCAPICryptoProvider();
+ WinCAPICryptoProvider(LPCSTR provDSSName = NULL, LPCSTR provRSAName =
NULL);
virtual ~WinCAPICryptoProvider();
@@ -338,6 +329,8 @@
HCRYPTPROV m_provDSS;
HCRYPTPROV m_provRSA;
+ LPCSTR m_provDSSName;
+ LPCSTR m_provRSAName;
};
