SUPPORT-8821. Добавлена функция получения рандомного числа средствами КриптоПро

2024-12-26 14:43:18 +03:00 · 2024-12-26 14:43:18 +03:00 · 857094ef31
commit 857094ef31
parent 0a3f5eef66
4 changed files with 45 additions and 1 deletions
--- a/src/utils/capi.c
+++ b/src/utils/capi.c
@ -31,6 +31,7 @@ capi_function_list_init(library_t *lib, capi_function_list_t *fl)
    LIBRARY_RESOLVE(fl->CertGetCertificateChain, lib, "CertGetCertificateChain");
    LIBRARY_RESOLVE(fl->CertVerifyCertificateChainPolicy, lib, "CertVerifyCertificateChainPolicy");
    LIBRARY_RESOLVE(fl->CertFreeCertificateChain, lib, "CertFreeCertificateChain");
+    LIBRARY_RESOLVE(fl->CryptGenRandom, lib, "CryptGenRandom");

 #ifdef UNICODE
    LIBRARY_RESOLVE(fl->CryptSignHash, lib, "CryptSignHashW");
--- a/src/utils/capi.h
+++ b/src/utils/capi.h
@ -200,6 +200,13 @@ DECLARE_FN(WINADVAPI,
           CERT_FREE_CERTIFICATE_CHAIN,
           (PCCERT_CHAIN_CONTEXT pChainContext));

+DECLARE_FN(WINADVAPI,
+            BOOL,
+            CRYPT_GEN_RANDOM,
+            (HCRYPTPROV hProv,
+            DWORD dwLen,
+            BYTE *pbBuffer));
+
 #ifdef UNICODE
 #define CRYPT_SIGN_HASH_FN          CRYPT_SIGN_HASH_W_FN
 #define CRYPT_VERIFY_SIGNATURE_FN   CRYPT_VERIFY_SIGNATURE_W_FN
@ -233,6 +240,7 @@ typedef struct {
    CERT_GET_CERTIFICATE_CHAIN_FN CertGetCertificateChain;
    CERT_VERIFY_CERTIFICATE_CHAIN_POLICY_FN CertVerifyCertificateChainPolicy;
    CERT_FREE_CERTIFICATE_CHAIN_FN CertFreeCertificateChain;
+    CRYPT_GEN_RANDOM_FN CryptGenRandom;

 } capi_function_list_t;

--- a/src/utils/cryptopro.c
+++ b/src/utils/cryptopro.c
@ -253,7 +253,7 @@ sign_hash_data(const cryptopro_context_t *ctx, const str_t *data, /*out*/ str_t
    }

    if (!cp_function_list.CryptAcquireCertificatePrivateKey(
-	        pSignerCert,
+            pSignerCert,
            CRYPT_ACQUIRE_SILENT_FLAG,
            NULL,
            &hCryptProv,
@ -663,3 +663,36 @@ exit:

    return rc;  
 }
+
+int 
+cryptopro_gen_random(unsigned char* data, size_t len)
+{
+    HCRYPTPROV   hCryptProv = 0;
+
+    LOG_TRACE("cryptopro_gen_random enter");
+
+    if (!cp_function_list.CryptAcquireContext(&hCryptProv, NULL, CP_KC1_GR3410_2001_PROV,
+                                                PROV_GOST_2001_DH, CRYPT_VERIFYCONTEXT)) {
+        LOG_ERROR("CryptAcquireContext() failed");
+        goto error;
+    }
+
+    if (!cp_function_list.CryptGenRandom(hCryptProv, len, data)) {
+        LOG_ERROR("CryptGenRandom() failed");
+        goto error;
+    }
+
+    cp_function_list.CryptReleaseContext(hCryptProv, 0);
+
+    LOG_TRACE("cryptopro_gen_random exit");
+    return 0;
+
+error:
+    if (hCryptProv) {
+        cp_function_list.CryptReleaseContext(hCryptProv, 0);
+    }
+
+    LOG_ERROR("cryptopro_gen_random exit with error. Last error code: 0x%08x", 
+                cp_function_list.GetLastError());
+    return -1;
+}
--- a/src/utils/cryptopro.h
+++ b/src/utils/cryptopro.h
@ -29,4 +29,6 @@ int cryptopro_sign(const cryptopro_context_t *ctx, const str_t *data, /*out*/ st
 int cryptopro_verify(const str_t* cert_thumbprint, const str_t* alg, const str_t *data, 
                        const str_t *sign, bool* is_verified, char** verify_error);

+int cryptopro_gen_random(unsigned char* data, size_t len);
+
 #endif // CRYPTOPRO_H_INCLUDED