BOOL kuhl_m_dpapi_vault_key_type(PKULL_M_CRED_VAULT_CREDENTIAL_ATTRIBUTE attribute, HCRYPTPROV hProv, BYTE aes128[AES_128_KEY_SIZE], BYTE aes256[AES_256_KEY_SIZE], HCRYPTKEY *hKey, BOOL *isAttr) { BOOL status = FALSE; DWORD mode = CRYPT_MODE_CBC, calgId, keyLen; LPCVOID key; *isAttr = attribute->id && (attribute->id < 100); if(*isAttr) { calgId = CALG_AES_128; key = aes128; keyLen = AES_128_KEY_SIZE; } else { calgId = CALG_AES_256; key = aes256; keyLen = AES_256_KEY_SIZE; } if(status = kull_m_crypto_hkey(hProv, calgId, key, keyLen, 0, hKey, NULL)) { CryptSetKeyParam(*hKey, KP_MODE, (LPCBYTE) &mode, 0); if(attribute->szIV && attribute->IV) CryptSetKeyParam(*hKey, KP_IV, attribute->IV, 0); } return status; }
BOOL kull_m_crypto_hmac(DWORD calgid, LPCVOID key, DWORD keyLen, LPCVOID message, DWORD messageLen, LPVOID hash, DWORD hashWanted) // for keyLen > 1 { BOOL status = FALSE; DWORD hashLen; HCRYPTPROV hProv; HCRYPTKEY hKey; HCRYPTHASH hHash; HMAC_INFO HmacInfo = {calgid, NULL, 0, NULL, 0}; PBYTE buffer; if(CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) { if(kull_m_crypto_hkey(hProv, CALG_RC2, key, keyLen, CRYPT_IPSEC_HMAC_KEY, &hKey, NULL)) { if(CryptCreateHash(hProv, CALG_HMAC, hKey, 0, &hHash)) { if(CryptSetHashParam(hHash, HP_HMAC_INFO, (LPCBYTE) &HmacInfo, 0)) if(CryptHashData(hHash, (LPCBYTE) message, messageLen, 0)) if(CryptGetHashParam(hHash, HP_HASHVAL, NULL, &hashLen, 0)) { if(buffer = (PBYTE) LocalAlloc(LPTR, hashLen)) { status = CryptGetHashParam(hHash, HP_HASHVAL, buffer, &hashLen, 0); RtlCopyMemory(hash, buffer, KIWI_MINIMUM(hashLen, hashWanted)); LocalFree(buffer); } } CryptDestroyHash(hHash); } CryptDestroyKey(hKey); } CryptReleaseContext(hProv, 0); } return status; }