Replace Windows APIs that are banned in Windows Store apps
CryptGenRandom and lstrlenW are not permitted in Windows Store apps, meaning apps that use mbedTLS can't ship in the Windows Store. Instead, use BCryptGenRandom and wcslen, respectively, which are permitted. Also make sure conversions between size_t, ULONG, and int are always done safely; on a 64-bit platform, these types are different sizes. Also suppress macro redefinition warning for intsafe.h: Visual Studio 2010 and earlier generates C4005 when including both <intsafe.h> and <stdint.h> because a number of <TYPE>_MAX constants are redefined. This is fixed in later versions of Visual Studio. The constants are guaranteed to be the same between both files, however, so we can safely suppress the warning when including intsafe.h. Signed-off-by: Kevin Kane <kkane@microsoft.com>
This commit is contained in:
Kevin Kane
Minos Galanakis
parent
87fe99627f
commit
0ec1e68548
9 changed files with 73 additions and 12 deletions
|
|
@ -50,26 +50,41 @@
|
|||
|
||||
#include <windows.h>
|
||||
#if _WIN32_WINNT >= 0x0501 /* _WIN32_WINNT_WINXP */
|
||||
#include <wincrypt.h>
|
||||
#include <bcrypt.h>
|
||||
#if _MSC_VER <= 1600
|
||||
/* Visual Studio 2010 and earlier issue a warning when both <stdint.h> and <intsafe.h> are included, as they
|
||||
* redefine a number of <TYPE>_MAX constants. These constants are guaranteed to be the same, though, so
|
||||
* we suppress the warning when including intsafe.h.
|
||||
*/
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4005 )
|
||||
#endif
|
||||
#include <intsafe.h>
|
||||
#if _MSC_VER <= 1600
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len,
|
||||
size_t *olen)
|
||||
{
|
||||
HCRYPTPROV provider;
|
||||
ULONG len_as_ulong = 0;
|
||||
((void) data);
|
||||
*olen = 0;
|
||||
|
||||
if (CryptAcquireContext(&provider, NULL, NULL,
|
||||
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) == FALSE) {
|
||||
return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
|
||||
/*
|
||||
* BCryptGenRandom takes ULONG for size, which is smaller than size_t on 64-bit platforms.
|
||||
* Ensure len's value can be safely converted into a ULONG.
|
||||
*/
|
||||
if ( FAILED( SizeTToULong( len, &len_as_ulong ) ) )
|
||||
{
|
||||
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
||||
}
|
||||
|
||||
if (CryptGenRandom(provider, (DWORD) len, output) == FALSE) {
|
||||
CryptReleaseContext(provider, 0);
|
||||
return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
|
||||
if ( !BCRYPT_SUCCESS( BCryptGenRandom( NULL, output, len_as_ulong, BCRYPT_USE_SYSTEM_PREFERRED_RNG ) ) )
|
||||
{
|
||||
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
||||
}
|
||||
|
||||
CryptReleaseContext(provider, 0);
|
||||
*olen = len;
|
||||
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -61,6 +61,18 @@
|
|||
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
|
||||
#define WIN32_LEAN_AND_MEAN
|
||||
#include <windows.h>
|
||||
#if _MSC_VER <= 1600
|
||||
/* Visual Studio 2010 and earlier issue a warning when both <stdint.h> and <intsafe.h> are included, as they
|
||||
* redefine a number of <TYPE>_MAX constants. These constants are guaranteed to be the same, though, so
|
||||
* we suppress the warning when including intsafe.h.
|
||||
*/
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4005 )
|
||||
#endif
|
||||
#include <intsafe.h>
|
||||
#if _MSC_VER <= 1600
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
#else
|
||||
#include <time.h>
|
||||
#endif
|
||||
|
|
@ -1541,6 +1553,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path)
|
|||
char filename[MAX_PATH];
|
||||
char *p;
|
||||
size_t len = strlen(path);
|
||||
int lengthAsInt = 0;
|
||||
|
||||
WIN32_FIND_DATAW file_data;
|
||||
HANDLE hFind;
|
||||
|
|
@ -1556,6 +1569,9 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path)
|
|||
p = filename + len;
|
||||
filename[len++] = '*';
|
||||
|
||||
if (FAILED (SizeTToInt(len, &lengthAsInt)))
|
||||
return(MBEDTLS_ERR_X509_FILE_IO_ERROR);
|
||||
|
||||
w_ret = MultiByteToWideChar(CP_ACP, 0, filename, (int) len, szDir,
|
||||
MAX_PATH - 3);
|
||||
if (w_ret == 0) {
|
||||
|
|
@ -1579,6 +1595,9 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path)
|
|||
-1,
|
||||
p, (int) len,
|
||||
NULL, NULL);
|
||||
if (FAILED(SizeTToInt(wcslen(file_data.cFileName), &lengthAsInt)))
|
||||
return(MBEDTLS_ERR_X509_FILE_IO_ERROR);
|
||||
|
||||
if (w_ret == 0) {
|
||||
ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
|
||||
goto cleanup;
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
if(MSVC)
|
||||
set(libs ${libs} bcrypt)
|
||||
endif()
|
||||
|
||||
set(executables_mbedtls
|
||||
dh_client
|
||||
dh_server
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
if(MSVC)
|
||||
set(libs ${libs} bcrypt)
|
||||
endif()
|
||||
|
||||
set(executables
|
||||
gen_entropy
|
||||
gen_random_ctr_drbg
|
||||
|
|
|
|||
|
|
@ -5,6 +5,10 @@ set(libs
|
|||
${mbedtls_target}
|
||||
)
|
||||
|
||||
if(MSVC)
|
||||
set(libs ${libs} bcrypt)
|
||||
endif()
|
||||
|
||||
set(executables
|
||||
dtls_client
|
||||
dtls_server
|
||||
|
|
|
|||
|
|
@ -2,6 +2,10 @@ set(libs
|
|||
${mbedtls_target}
|
||||
)
|
||||
|
||||
if(MSVC)
|
||||
set(libs ${libs} bcrypt)
|
||||
endif()
|
||||
|
||||
set(executables_libs
|
||||
query_included_headers
|
||||
selftest
|
||||
|
|
|
|||
|
|
@ -1,6 +1,9 @@
|
|||
set(libs
|
||||
${mbedx509_target}
|
||||
)
|
||||
if(MSVC)
|
||||
set(libs ${libs} bcrypt)
|
||||
endif()
|
||||
|
||||
set(executables
|
||||
cert_app
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ INCLUDE_DIRECTORIES
|
|||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalDependencies>bcrypt.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
<ProjectReference>
|
||||
|
|
@ -118,7 +118,7 @@ INCLUDE_DIRECTORIES
|
|||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalDependencies>bcrypt.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
<ProjectReference>
|
||||
|
|
@ -142,7 +142,7 @@ INCLUDE_DIRECTORIES
|
|||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
|
||||
<AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalDependencies>bcrypt.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
|
|
|
|||
|
|
@ -91,6 +91,9 @@ INCLUDE_DIRECTORIES
|
|||
<Link>
|
||||
<SubSystem>Windows</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<ShowProgress>NotSet</ShowProgress>
|
||||
<AdditionalDependencies>bcrypt.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
|
|
@ -106,6 +109,9 @@ INCLUDE_DIRECTORIES
|
|||
<Link>
|
||||
<SubSystem>Windows</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<ShowProgress>NotSet</ShowProgress>
|
||||
<AdditionalDependencies>bcrypt.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
|
||||
|
|
@ -124,6 +130,8 @@ INCLUDE_DIRECTORIES
|
|||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
|
||||
<AdditionalDependencies>bcrypt.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
|
|
|
|||
Loading…
Reference in a new issue