qtlskey__schannel_8cpp_source.html

 /****************************************************************************

 **

 ** Copyright (C) 2021 The Qt Company Ltd.

 ** Contact: https://www.qt.io/licensing/

 **

 ** This file is part of the QtNetwork module of the Qt Toolkit.

 **

 ** $QT_BEGIN_LICENSE:LGPL$

 ** Commercial License Usage

 ** Licensees holding valid commercial Qt licenses may use this file in

 ** accordance with the commercial license agreement provided with the

 ** Software or, alternatively, in accordance with the terms contained in

 ** a written agreement between you and The Qt Company. For licensing terms

 ** and conditions see https://www.qt.io/terms-conditions. For further

 ** information use the contact form at https://www.qt.io/contact-us.

 **

 ** GNU Lesser General Public License Usage

 ** Alternatively, this file may be used under the terms of the GNU Lesser

 ** General Public License version 3 as published by the Free Software

 ** Foundation and appearing in the file LICENSE.LGPL3 included in the

 ** packaging of this file. Please review the following information to

 ** ensure the GNU Lesser General Public License version 3 requirements

 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.

 **

 ** GNU General Public License Usage

 ** Alternatively, this file may be used under the terms of the GNU

 ** General Public License version 2.0 or (at your option) the GNU General

 ** Public license version 3 or any later version approved by the KDE Free

 ** Qt Foundation. The licenses are as published by the Free Software

 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3

 ** included in the packaging of this file. Please review the following

 ** information to ensure the GNU General Public License requirements will

 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and

 ** https://www.gnu.org/licenses/gpl-3.0.html.

 **

 ** $QT_END_LICENSE$

 **

 ****************************************************************************/


 #include <QtNetwork/private/qssl_p.h>


 #include "qtlsbackend_schannel_p.h"

 #include "qtlskey_schannel_p.h"


 #include "../shared/qwincrypt_p.h"


 #include <QtNetwork/private/qtlsbackend_p.h>

 #include <QtNetwork/private/qsslkey_p.h>


 #include <QtNetwork/qsslkey.h>


 #include <QtCore/qscopeguard.h>

 #include <QtCore/qbytearray.h>


 QT_BEGIN_NAMESPACE


 namespace {

 const wchar_t *getName(QSslKeyPrivate::Cipher cipher)

 {

     switch (cipher) {

     case QTlsPrivate::Cipher::DesCbc:

         return BCRYPT_DES_ALGORITHM;

     case QTlsPrivate::Cipher::DesEde3Cbc:

         return BCRYPT_3DES_ALGORITHM;

     case QTlsPrivate::Cipher::Rc2Cbc:

         return BCRYPT_RC2_ALGORITHM;

     case QTlsPrivate::Cipher::Aes128Cbc:

     case QTlsPrivate::Cipher::Aes192Cbc:

     case QTlsPrivate::Cipher::Aes256Cbc:

         return BCRYPT_AES_ALGORITHM;

     }

     Q_UNREACHABLE();

 }


 BCRYPT_ALG_HANDLE getHandle(QSslKeyPrivate::Cipher cipher)

 {

     BCRYPT_ALG_HANDLE handle;

     NTSTATUS status = BCryptOpenAlgorithmProvider(

             &handle, // phAlgorithm

             getName(cipher), // pszAlgId

             nullptr, // pszImplementation

             0 // dwFlags

     );

     if (status < 0) {

         qCWarning(lcTlsBackendSchannel, "Failed to open algorithm handle (%ld)!", status);

         return nullptr;

     }


     return handle;

 }


 BCRYPT_KEY_HANDLE generateSymmetricKey(BCRYPT_ALG_HANDLE handle,

                                        const QByteArray &key)

 {

     BCRYPT_KEY_HANDLE keyHandle;

     NTSTATUS status = BCryptGenerateSymmetricKey(

             handle, // hAlgorithm

             &keyHandle, // phKey

             nullptr, // pbKeyObject (can ignore)

             0, // cbKeyObject (also ignoring)

             reinterpret_cast<unsigned char *>(const_cast<char *>(key.data())), // pbSecret

             ULONG(key.length()), // cbSecret

             0 // dwFlags

     );

     if (status < 0) {

         qCWarning(lcTlsBackendSchannel, "Failed to generate symmetric key (%ld)!", status);

         return nullptr;

     }


     status = BCryptSetProperty(

             keyHandle, // hObject

             BCRYPT_CHAINING_MODE, // pszProperty

             reinterpret_cast<UCHAR *>(const_cast<wchar_t *>(BCRYPT_CHAIN_MODE_CBC)), // pbInput

             ARRAYSIZE(BCRYPT_CHAIN_MODE_CBC), // cbInput

             0 // dwFlags

     );

     if (status < 0) {

         BCryptDestroyKey(keyHandle);

         qCWarning(lcTlsBackendSchannel, "Failed to change the symmetric key's chaining mode (%ld)!",

                   status);

         return nullptr;

     }

     return keyHandle;

 }


 QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data, const QByteArray &key,

                    const QByteArray &iv, bool encrypt)

 {

     BCRYPT_ALG_HANDLE handle = getHandle(cipher);

     if (!handle)

         return {};

     auto handleDealloc = qScopeGuard([&handle]() {

         BCryptCloseAlgorithmProvider(handle, 0);

     });


     BCRYPT_KEY_HANDLE keyHandle = generateSymmetricKey(handle, key);

     if (!keyHandle)

         return {};

     auto keyHandleDealloc = qScopeGuard([&keyHandle]() {

         BCryptDestroyKey(keyHandle);

     });


     QByteArray ivCopy = iv; // This gets modified, so we take a copy


     ULONG sizeNeeded = 0;

     QVarLengthArray<unsigned char> output;

     auto cryptFunction = encrypt ? BCryptEncrypt : BCryptDecrypt;

     for (int i = 0; i < 2; i++) {

         output.resize(int(sizeNeeded));

         auto input = reinterpret_cast<unsigned char *>(const_cast<char *>(data.data()));

         // Need to call it twice because the first iteration lets us know the size needed.

         NTSTATUS status = cryptFunction(

                 keyHandle, // hKey

                 input, // pbInput

                 ULONG(data.length()), // cbInput

                 nullptr, // pPaddingInfo

                 reinterpret_cast<unsigned char *>(ivCopy.data()), // pbIV

                 ULONG(ivCopy.length()), // cbIV

                 sizeNeeded ? output.data() : nullptr, // pbOutput

                 ULONG(output.length()), // cbOutput

                 &sizeNeeded, // pcbResult

                 BCRYPT_BLOCK_PADDING // dwFlags

         );

         if (status < 0) {

             qCWarning(lcTlsBackendSchannel, "%s failed (%ld)!", encrypt ? "Encrypt" : "Decrypt",

                       status);

             return {};

         }

     }


     return QByteArray(reinterpret_cast<const char *>(output.constData()), int(sizeNeeded));

 }

 } // anonymous namespace


 namespace QTlsPrivate {


 QByteArray TlsKeySchannel::decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key,

                                    const QByteArray &iv) const

 {

     return doCrypt(cipher, data, key, iv, false);

 }


 QByteArray TlsKeySchannel::encrypt(Cipher cipher, const QByteArray &data, const QByteArray &key,

                                    const QByteArray &iv) const

 {

     return doCrypt(cipher, data, key, iv, true);

 }


 } // namespace QTlsPrivate


 QT_END_NAMESPACE


i
small capitals from c petite p scientific i
[1]
Definition: afcover.h:80

QByteArray
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:85

QTlsPrivate::TlsKeySchannel::decrypt
QByteArray decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv) const override
Definition: qtlskey_schannel.cpp:177

QTlsPrivate::TlsKeySchannel::encrypt
QByteArray encrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv) const override
Definition: qtlskey_schannel.cpp:183

QVarLengthArray
Definition: qvarlengtharray.h:261

QVarLengthArray::resize
void resize(qsizetype sz)
Definition: qvarlengtharray.h:400

QVarLengthArray::data
T * data() noexcept
Definition: qvarlengtharray.h:119

QVarLengthArray::constData
const T * constData() const
Definition: qvarlengtharray.h:497

QVarLengthArray::length
qsizetype length() const
Definition: qvarlengtharray.h:382

QT_BEGIN_NAMESPACE
Definition: server.cpp:57

QT_BEGIN_NAMESPACE::getName
const wchar_t * getName(QSslKeyPrivate::Cipher cipher)
Definition: qtlskey_schannel.cpp:58

QT_BEGIN_NAMESPACE::doCrypt
QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv, bool encrypt)
Definition: qtlskey_schannel.cpp:126

QT_BEGIN_NAMESPACE::getHandle
BCRYPT_ALG_HANDLE getHandle(QSslKeyPrivate::Cipher cipher)
Definition: qtlskey_schannel.cpp:75

QT_BEGIN_NAMESPACE::generateSymmetricKey
BCRYPT_KEY_HANDLE generateSymmetricKey(BCRYPT_ALG_HANDLE handle, const QByteArray &key)
Definition: qtlskey_schannel.cpp:92

QT_END_NAMESPACE
Definition: qsharedpointer.cpp:1532

QTlsPrivate
Definition: qocspresponse.h:75

QTlsPrivate::Cipher
Cipher
Definition: qssl_p.h:65

QTlsPrivate::Cipher::DesEde3Cbc
@ DesEde3Cbc

QTlsPrivate::Cipher::DesCbc
@ DesCbc

QTlsPrivate::Cipher::Aes192Cbc
@ Aes192Cbc

QTlsPrivate::Cipher::Aes128Cbc
@ Aes128Cbc

QTlsPrivate::Cipher::Aes256Cbc
@ Aes256Cbc

QTlsPrivate::Cipher::Rc2Cbc
@ Rc2Cbc

QTlsPrivate::doCrypt
QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv, bool enc)
Definition: qtlskey_openssl.cpp:447

Q_UNREACHABLE
#define Q_UNREACHABLE()
Definition: qcompilerdetection.h:1305

QByteArray
typedef QByteArray(EGLAPIENTRYP PFNQGSGETDISPLAYSPROC)()

qCWarning
#define qCWarning(category,...)
Definition: qloggingcategory.h:173

handle
GLuint64 GLenum void * handle
Definition: qopengles2ext.h:1575

key
GLuint64 key
Definition: qopengles2ext.h:2268

data
GLint GLsizei GLsizei GLenum GLenum GLsizei void * data
Definition: qopengles2ext.h:206

input
GLenum GLenum GLenum input
Definition: qopenglext.h:10816

qScopeGuard
QScopeGuard< typename std::decay< F >::type > qScopeGuard(F &&f)
[qScopeGuard]
Definition: qscopeguard.h:93

qtlsbackend_schannel_p.h

qtlskey_schannel_p.h