From 857094ef3120ababc55b197439e189af9410de36 Mon Sep 17 00:00:00 2001 From: alashkova Date: Thu, 26 Dec 2024 14:43:18 +0300 Subject: [PATCH] =?UTF-8?q?SUPPORT-8821.=20=D0=94=D0=BE=D0=B1=D0=B0=D0=B2?= =?UTF-8?q?=D0=BB=D0=B5=D0=BD=D0=B0=20=D1=84=D1=83=D0=BD=D0=BA=D1=86=D0=B8?= =?UTF-8?q?=D1=8F=20=D0=BF=D0=BE=D0=BB=D1=83=D1=87=D0=B5=D0=BD=D0=B8=D1=8F?= =?UTF-8?q?=20=D1=80=D0=B0=D0=BD=D0=B4=D0=BE=D0=BC=D0=BD=D0=BE=D0=B3=D0=BE?= =?UTF-8?q?=20=D1=87=D0=B8=D1=81=D0=BB=D0=B0=20=D1=81=D1=80=D0=B5=D0=B4?= =?UTF-8?q?=D1=81=D1=82=D0=B2=D0=B0=D0=BC=D0=B8=20=D0=9A=D1=80=D0=B8=D0=BF?= =?UTF-8?q?=D1=82=D0=BE=D0=9F=D1=80=D0=BE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/utils/capi.c | 1 + src/utils/capi.h | 8 ++++++++ src/utils/cryptopro.c | 35 ++++++++++++++++++++++++++++++++++- src/utils/cryptopro.h | 2 ++ 4 files changed, 45 insertions(+), 1 deletion(-) diff --git a/src/utils/capi.c b/src/utils/capi.c index c6458e7..5cc5f8a 100644 --- a/src/utils/capi.c +++ b/src/utils/capi.c @@ -31,6 +31,7 @@ capi_function_list_init(library_t *lib, capi_function_list_t *fl) LIBRARY_RESOLVE(fl->CertGetCertificateChain, lib, "CertGetCertificateChain"); LIBRARY_RESOLVE(fl->CertVerifyCertificateChainPolicy, lib, "CertVerifyCertificateChainPolicy"); LIBRARY_RESOLVE(fl->CertFreeCertificateChain, lib, "CertFreeCertificateChain"); + LIBRARY_RESOLVE(fl->CryptGenRandom, lib, "CryptGenRandom"); #ifdef UNICODE LIBRARY_RESOLVE(fl->CryptSignHash, lib, "CryptSignHashW"); diff --git a/src/utils/capi.h b/src/utils/capi.h index 71fe5c4..ba5ed09 100644 --- a/src/utils/capi.h +++ b/src/utils/capi.h @@ -200,6 +200,13 @@ DECLARE_FN(WINADVAPI, CERT_FREE_CERTIFICATE_CHAIN, (PCCERT_CHAIN_CONTEXT pChainContext)); +DECLARE_FN(WINADVAPI, + BOOL, + CRYPT_GEN_RANDOM, + (HCRYPTPROV hProv, + DWORD dwLen, + BYTE *pbBuffer)); + #ifdef UNICODE #define CRYPT_SIGN_HASH_FN CRYPT_SIGN_HASH_W_FN #define CRYPT_VERIFY_SIGNATURE_FN CRYPT_VERIFY_SIGNATURE_W_FN @@ -233,6 +240,7 @@ typedef struct { CERT_GET_CERTIFICATE_CHAIN_FN CertGetCertificateChain; CERT_VERIFY_CERTIFICATE_CHAIN_POLICY_FN CertVerifyCertificateChainPolicy; CERT_FREE_CERTIFICATE_CHAIN_FN CertFreeCertificateChain; + CRYPT_GEN_RANDOM_FN CryptGenRandom; } capi_function_list_t; diff --git a/src/utils/cryptopro.c b/src/utils/cryptopro.c index acaa949..ba533cd 100644 --- a/src/utils/cryptopro.c +++ b/src/utils/cryptopro.c @@ -253,7 +253,7 @@ sign_hash_data(const cryptopro_context_t *ctx, const str_t *data, /*out*/ str_t } if (!cp_function_list.CryptAcquireCertificatePrivateKey( - pSignerCert, + pSignerCert, CRYPT_ACQUIRE_SILENT_FLAG, NULL, &hCryptProv, @@ -663,3 +663,36 @@ exit: return rc; } + +int +cryptopro_gen_random(unsigned char* data, size_t len) +{ + HCRYPTPROV hCryptProv = 0; + + LOG_TRACE("cryptopro_gen_random enter"); + + if (!cp_function_list.CryptAcquireContext(&hCryptProv, NULL, CP_KC1_GR3410_2001_PROV, + PROV_GOST_2001_DH, CRYPT_VERIFYCONTEXT)) { + LOG_ERROR("CryptAcquireContext() failed"); + goto error; + } + + if (!cp_function_list.CryptGenRandom(hCryptProv, len, data)) { + LOG_ERROR("CryptGenRandom() failed"); + goto error; + } + + cp_function_list.CryptReleaseContext(hCryptProv, 0); + + LOG_TRACE("cryptopro_gen_random exit"); + return 0; + +error: + if (hCryptProv) { + cp_function_list.CryptReleaseContext(hCryptProv, 0); + } + + LOG_ERROR("cryptopro_gen_random exit with error. Last error code: 0x%08x", + cp_function_list.GetLastError()); + return -1; +} \ No newline at end of file diff --git a/src/utils/cryptopro.h b/src/utils/cryptopro.h index cd3e1d8..6aed9b0 100644 --- a/src/utils/cryptopro.h +++ b/src/utils/cryptopro.h @@ -29,4 +29,6 @@ int cryptopro_sign(const cryptopro_context_t *ctx, const str_t *data, /*out*/ st int cryptopro_verify(const str_t* cert_thumbprint, const str_t* alg, const str_t *data, const str_t *sign, bool* is_verified, char** verify_error); +int cryptopro_gen_random(unsigned char* data, size_t len); + #endif // CRYPTOPRO_H_INCLUDED