#201 Missing Crypto API types and defines (AES & HMAC)

closed-fixed
nobody
w32api (251)
2004-08-11
2004-07-30
Ed Schaller
No

BLOBHEADER:
-----------

Typdef for _PUBLICKEYSTRUC which is defined already.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/blobheader.asp

AES defines for algorithms and providers:
-----------------------------------------

The defines for CALG_AES* depend on the ALG_SID_AES*.
ALG_SID_AES*
seem to be undocumented on msdn (at least the search
for them returns
nothing although we all know how useful msdn's search
is). Also,
MS_ENH_RSA_AES_PROV according to Microsoft is
"Microsoft Enhanced RSA and
AES Cryptographic Provider". It may be that in win2003
server (which I do
not have access to) but it is certainly not in winxp. I
have defined it
in the patch to be "Microsoft Enhanced RSA and AES
Cryptographic Provider
(Prototype)" which is what it is defined as in winxp.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/microsoft_aes_cryptographic_provider.asp

HMAC_INFO HP_HMAC_INFO:
-----------------------

Used to do HMACs. Not that MS's implementation is
usable for me (key
has to be a symmetric session key of a symmetric
algorithm and therefore
is limited in it's possible sizes). I have a hmac
implementation that
uses MS's hashes if anyone wants it.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/hmac_info.asp

CALG_SHA1:
----------

Same as CALG_SHA.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/cryptcreatehash.asp

Discussion

  • Danny Smith

    Danny Smith - 2004-08-02

    Logged In: YES
    user_id=11494

    Thanks

    Please have a look at the Changlog and submit a changelog
    entry in that style.

    Danny

     
  • Ed Schaller

    Ed Schaller - 2004-08-03

    patch with changelog addition

     
  • Ed Schaller

    Ed Schaller - 2004-08-03

    Logged In: YES
    user_id=2001

    Ok, I've added to the changelog and created a new patch. The
    patch is
    against cvs btw. I hope that the format is right. GNU isn't
    exactly very
    informative on the exact format.

     
  • Danny Smith

    Danny Smith - 2004-08-04

    Logged In: YES
    user_id=11494

    You wrote:
    Also MS_ENH_RSA_AES_PROV according to Microsoft is
    "Microsoft Enhanced RSA and AES Cryptographic Provider". It
    may be that in win2003 server (which I do
    not have access to) but it is certainly not in winxp. I
    have defined it in the patch to be "Microsoft Enhanced RSA
    and AES Cryptographic Provider
    (Prototype)" which is what it is defined as in winxp

    I would prefer to use the documented string in header.
    Do you have evidence that the documented define breaks
    anything?

    Danny

     
  • Ed Schaller

    Ed Schaller - 2004-08-04

    Logged In: YES
    user_id=2001

    Yes, there is such evidence. I can write some sample test
    cases if you would like. If you use the documented string it
    will not work in XP. I'm not sure what the best way to do
    this would be. The AES CSP does not exist in any version
    other than XP and 2003 server. If you follow the
    documentation, it will not function in XP. I can only hope
    that it does in 2003 server.

    How about a solution like this:

    #define MS_ENH_RSA_AES_PROV_XP ...
    #define MS_ENH_RSA_AES_PROV_2003 ...
    #define MS_ENH_RSA_AES_PROV MS_ENH_RSA_AES_PROV_2003

    That way the default case will follow the docs, but the
    other cases are still availible if desired and can be tested
    for with a #ifdef.

    I don't really know what the policy is when the
    documentation is wrong/insufficient.

     
  • Danny Smith

    Danny Smith - 2004-08-11
    • status: open --> closed-fixed
     
  • Danny Smith

    Danny Smith - 2004-08-11

    Logged In: YES
    user_id=11494

    Applied. I modified by making the MS_ENH_RSA_AES_PROV
    define conditional on _WIN32_WINNT.

    Thanks

    Danny