tdf#76142 libxmlsec: implement SHA-256 support in the mscrypto backend

The only tricky part is PROV_RSA_FULL -> PROV_RSA_AES, otherwise SHA-256
is not recognized as a valid algo. MSDN documentation for PROV_RSA_FULL
at
<https://msdn.microsoft.com/en-us/library/windows/desktop/aa387448%28v=vs.85%29.aspx>
and PROV_RSA_AES at
<https://msdn.microsoft.com/en-us/library/windows/desktop/aa387447%28v=vs.85%29.aspx>
say that AES is a superset of full, so should be no
backwards-compatibility issue. I tested this on Windows 7, but according
to the documentation, it should be no problem on Windows XP, either --
provided that the latest SP is installed.

Change-Id: I3ae196679c2cbf0e9e55fab10584d9c46a480659
(cherry picked from commit e2ccc96482e770edb57edffbf653c18d3a0c4c23)

2 files changed, 309 insertions, 0 deletions

diff --git a/external/libxmlsec/UnpackedTarball_xmlsec.mk b/external/libxmlsec/UnpackedTarball_xmlsec.mk
index 68fb8d1619f9..18a93084f87f 100644
--- a/external/libxmlsec/UnpackedTarball_xmlsec.mk
+++ b/external/libxmlsec/UnpackedTarball_xmlsec.mk
@@ -28,6 +28,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,xmlsec,\
 	external/libxmlsec/xmlsec1-update-config.guess.patch.1 \
 	external/libxmlsec/xmlsec1-ooxml.patch.1 \
 	external/libxmlsec/xmlsec1-nss-sha256.patch.1 \
+	external/libxmlsec/xmlsec1-mscrypto-sha256.patch.1 \
 ))
 
 $(eval $(call gb_UnpackedTarball_add_file,xmlsec,include/xmlsec/mscrypto/akmngr.h,external/libxmlsec/include/akmngr_mscrypto.h))
diff --git a/external/libxmlsec/xmlsec1-mscrypto-sha256.patch.1 b/external/libxmlsec/xmlsec1-mscrypto-sha256.patch.1
new file mode 100644
index 000000000000..13577b789872
--- /dev/null
+++ b/external/libxmlsec/xmlsec1-mscrypto-sha256.patch.1
@@ -0,0 +1,308 @@
+From 1562c2ee1f30ec9983e2f7e5a7bf4a89b594d706 Mon Sep 17 00:00:00 2001
+From: Miklos Vajna <vmiklos@collabora.co.uk>
+Date: Tue, 2 Feb 2016 15:49:10 +0100
+Subject: [PATCH] mscrypto glue layer: add SHA-256 support
+
+---
+ include/xmlsec/mscrypto/crypto.h | 27 ++++++++++++++++
+ src/mscrypto/certkeys.c          |  2 +-
+ src/mscrypto/crypto.c            |  4 +++
+ src/mscrypto/digests.c           | 70 ++++++++++++++++++++++++++++++++++++++++
+ src/mscrypto/signatures.c        | 64 ++++++++++++++++++++++++++++++++++++
+ 5 files changed, 166 insertions(+), 1 deletion(-)
+
+diff --git a/include/xmlsec/mscrypto/crypto.h b/include/xmlsec/mscrypto/crypto.h
+index 28d792a..96aaa78 100644
+--- a/include/xmlsec/mscrypto/crypto.h
++++ b/include/xmlsec/mscrypto/crypto.h
+@@ -133,6 +133,16 @@ XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecMSCryptoKeyDataRsaGetKlass(void);
+ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaSha1GetKlass(void);
+ 
+ /**
++ * xmlSecMSCryptoTransformRsaSha256Id:
++ *
++ * The RSA-SHA256 signature transform klass.
++ */
++
++#define xmlSecMSCryptoTransformRsaSha256Id	\
++	xmlSecMSCryptoTransformRsaSha256GetKlass()
++XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaSha256GetKlass(void);
++
++/**
+  * xmlSecMSCryptoTransformRsaPkcs1Id:
+  * 
+  * The RSA PKCS1 key transport transform klass.
+@@ -172,6 +182,23 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformSha1GetKlass(void)
+ 
+ /********************************************************************
+  *
++ * SHA256 transform
++ *
++ *******************************************************************/
++#ifndef XMLSEC_NO_SHA256
++
++/**
++ * xmlSecMSCryptoTransformSha256Id:
++ *
++ * The SHA256 digest transform klass.
++ */
++#define xmlSecMSCryptoTransformSha256Id \
++	xmlSecMSCryptoTransformSha256GetKlass()
++XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformSha256GetKlass(void);
++#endif /* XMLSEC_NO_SHA256 */
++
++/********************************************************************
++ *
+  * GOSTR3411_94 transform
+  *
+  *******************************************************************/
+diff --git a/src/mscrypto/certkeys.c b/src/mscrypto/certkeys.c
+index 73a6c26..e0b4f47 100644
+--- a/src/mscrypto/certkeys.c
++++ b/src/mscrypto/certkeys.c
+@@ -1009,7 +1009,7 @@ xmlSecMSCryptoKeyDataRsaInitialize(xmlSecKeyDataPtr data) {
+     xmlSecAssert2(ctx != NULL, -1);
+ 
+     ctx->providerName = MS_ENHANCED_PROV;
+-    ctx->providerType = PROV_RSA_FULL;
++    ctx->providerType = PROV_RSA_AES;
+     
+     return(0);
+ }
+diff --git a/src/mscrypto/crypto.c b/src/mscrypto/crypto.c
+index d60d3c6..b2fde85 100644
+--- a/src/mscrypto/crypto.c
++++ b/src/mscrypto/crypto.c
+@@ -105,6 +105,7 @@ xmlSecCryptoGetFunctions_mscrypto(void) {
+ 
+ #ifndef XMLSEC_NO_RSA
+     gXmlSecMSCryptoFunctions->transformRsaSha1GetKlass 		= xmlSecMSCryptoTransformRsaSha1GetKlass;
++    gXmlSecMSCryptoFunctions->transformRsaSha256GetKlass	= xmlSecMSCryptoTransformRsaSha256GetKlass;
+     gXmlSecMSCryptoFunctions->transformRsaPkcs1GetKlass 	= xmlSecMSCryptoTransformRsaPkcs1GetKlass;
+ #endif /* XMLSEC_NO_RSA */
+ 
+@@ -119,6 +120,9 @@ xmlSecCryptoGetFunctions_mscrypto(void) {
+ #ifndef XMLSEC_NO_SHA1    
+     gXmlSecMSCryptoFunctions->transformSha1GetKlass 		= xmlSecMSCryptoTransformSha1GetKlass;
+ #endif /* XMLSEC_NO_SHA1 */
++#ifndef XMLSEC_NO_SHA256
++    gXmlSecMSCryptoFunctions->transformSha256GetKlass 		= xmlSecMSCryptoTransformSha256GetKlass;
++#endif /* XMLSEC_NO_SHA256 */
+ 
+ #ifndef XMLSEC_NO_GOST    
+     gXmlSecMSCryptoFunctions->transformGostR3411_94GetKlass 		= xmlSecMSCryptoTransformGostR3411_94GetKlass;
+diff --git a/src/mscrypto/digests.c b/src/mscrypto/digests.c
+index 19acc65..2b466b7 100644
+--- a/src/mscrypto/digests.c
++++ b/src/mscrypto/digests.c
+@@ -66,6 +66,11 @@ xmlSecMSCryptoDigestCheckId(xmlSecTransformPtr transform) {
+ 	return(1);
+     }
+ #endif /* XMLSEC_NO_SHA1 */    
++#ifndef XMLSEC_NO_SHA256
++    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha256Id)) {
++	return(1);
++    }
++#endif /* XMLSEC_NO_SHA256 */
+     
+ #ifndef XMLSEC_NO_GOST
+     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGostR3411_94Id)) {
+@@ -94,6 +99,11 @@ xmlSecMSCryptoDigestInitialize(xmlSecTransformPtr transform) {
+ 	ctx->alg_id = CALG_SHA;
+     } else 
+ #endif /* XMLSEC_NO_SHA1 */    
++#ifndef XMLSEC_NO_SHA256
++    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha256Id)) {
++	ctx->alg_id = CALG_SHA_256;
++    } else
++#endif /* XMLSEC_NO_SHA256 */
+ 
+ #ifndef XMLSEC_NO_GOST
+     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGostR3411_94Id)) {
+@@ -124,6 +134,8 @@ xmlSecMSCryptoDigestInitialize(xmlSecTransformPtr transform) {
+     }
+ 
+     /* TODO: Check what provider is best suited here.... */
++    if (ctx->alg_id != CALG_SHA_256)
++    {
+     if (!CryptAcquireContext(&ctx->provider, NULL, MS_STRONG_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
+     	if (!CryptAcquireContext(&ctx->provider, NULL, MS_ENHANCED_PROV,PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
+ 		xmlSecError(XMLSEC_ERRORS_HERE, 
+@@ -134,6 +146,20 @@ xmlSecMSCryptoDigestInitialize(xmlSecTransformPtr transform) {
+ 		return(-1);
+ 	}
+     }
++    }
++    else
++    {
++	    // SHA-256
++	    if (!CryptAcquireContext(&ctx->provider, NULL, MS_ENH_RSA_AES_PROV, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
++	    {
++		    xmlSecError(XMLSEC_ERRORS_HERE,
++				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++				"CryptAcquireContext",
++				XMLSEC_ERRORS_R_CRYPTO_FAILED,
++				XMLSEC_ERRORS_NO_MESSAGE);
++		    return(-1);
++	    }
++    }
+ 
+     return(0);
+ }
+@@ -367,6 +393,50 @@ xmlSecMSCryptoTransformSha1GetKlass(void) {
+ }
+ #endif /* XMLSEC_NO_SHA1 */
+ 
++#ifndef XMLSEC_NO_SHA256
++/******************************************************************************
++ *
++ * SHA256
++ *
++ *****************************************************************************/
++static xmlSecTransformKlass xmlSecMSCryptoSha256Klass = {
++    /* klass/object sizes */
++    sizeof(xmlSecTransformKlass),		/* size_t klassSize */
++    xmlSecMSCryptoDigestSize,			/* size_t objSize */
++
++    xmlSecNameSha256,				/* const xmlChar* name; */
++    xmlSecHrefSha256, 				/* const xmlChar* href; */
++    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
++    xmlSecMSCryptoDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
++    xmlSecMSCryptoDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
++    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
++    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
++    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
++    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
++    xmlSecMSCryptoDigestVerify,			/* xmlSecTransformVerifyMethod verify; */
++    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
++    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
++    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
++    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
++    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
++    xmlSecMSCryptoDigestExecute,		/* xmlSecTransformExecuteMethod execute; */
++    NULL,					/* void* reserved0; */
++    NULL,					/* void* reserved1; */
++};
++
++/**
++ * xmlSecMSCryptoTransformSha256GetKlass:
++ *
++ * SHA-256 digest transform klass.
++ *
++ * Returns: pointer to SHA-256 digest transform klass.
++ */
++xmlSecTransformId
++xmlSecMSCryptoTransformSha256GetKlass(void) {
++    return(&xmlSecMSCryptoSha256Klass);
++}
++#endif /* XMLSEC_NO_SHA256 */
++
+ #ifndef XMLSEC_NO_GOST
+ /******************************************************************************
+  *
+diff --git a/src/mscrypto/signatures.c b/src/mscrypto/signatures.c
+index a567db7..bc69b44 100644
+--- a/src/mscrypto/signatures.c
++++ b/src/mscrypto/signatures.c
+@@ -97,6 +97,9 @@ static int xmlSecMSCryptoSignatureCheckId(xmlSecTransformPtr transform) {
+     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha1Id)) {
+ 	return(1);
+     }
++    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha256Id)) {
++	return(1);
++    }
+ #endif /* XMLSEC_NO_RSA */
+ 
+     return(0);
+@@ -118,6 +121,10 @@ static int xmlSecMSCryptoSignatureInitialize(xmlSecTransformPtr transform) {
+ 	ctx->digestAlgId    = CALG_SHA1;
+ 	ctx->keyId	    = xmlSecMSCryptoKeyDataRsaId;
+     } else 
++    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha256Id)) {
++	ctx->digestAlgId    = CALG_SHA_256;
++	ctx->keyId	    = xmlSecMSCryptoKeyDataRsaId;
++    } else
+ #endif /* XMLSEC_NO_RSA */
+ 
+ #ifndef XMLSEC_NO_GOST
+@@ -282,6 +289,12 @@ static int xmlSecMSCryptoSignatureVerify(xmlSecTransformPtr transform,
+ 	while (l >= tmpBuf) {
+ 	    *l-- = *j++;
+ 	}
++    } else if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha256Id))  {
++	j = (BYTE *)data;
++	l = tmpBuf + dataSize - 1;
++	while (l >= tmpBuf) {
++	    *l-- = *j++;
++	}
+     } else {
+ 	xmlSecError(XMLSEC_ERRORS_HERE, 
+ 		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+@@ -487,6 +500,13 @@ xmlSecMSCryptoSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTra
+ 		while (j >= outBuf) {
+ 		    *j-- = *i++;
+ 		}
++	    } else if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha256Id)) {
++		i = tmpBuf;
++		j = outBuf + dwSigLen - 1;
++
++		while (j >= outBuf) {
++		    *j-- = *i++;
++		}
+ 	    } else {
+ 		/* We shouldn't get at this place */
+ 		xmlSecError(XMLSEC_ERRORS_HERE, 
+@@ -563,6 +583,50 @@ xmlSecMSCryptoTransformRsaSha1GetKlass(void) {
+     return(&xmlSecMSCryptoRsaSha1Klass);
+ }
+ 
++/****************************************************************************
++ *
++ * RSA-SHA256 signature transform
++ *
++ ***************************************************************************/
++static xmlSecTransformKlass xmlSecMSCryptoRsaSha256Klass = {
++    /* klass/object sizes */
++    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
++    xmlSecMSCryptoSignatureSize,		/* xmlSecSize objSize */
++
++    xmlSecNameRsaSha256,			/* const xmlChar* name; */
++    xmlSecHrefRsaSha256, 			/* const xmlChar* href; */
++    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
++
++    xmlSecMSCryptoSignatureInitialize,		/* xmlSecTransformInitializeMethod initialize; */
++    xmlSecMSCryptoSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
++    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
++    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
++    xmlSecMSCryptoSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
++    xmlSecMSCryptoSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
++    xmlSecMSCryptoSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
++    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
++    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
++    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
++    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
++    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
++    xmlSecMSCryptoSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
++
++    NULL,					/* void* reserved0; */
++    NULL,					/* void* reserved1; */
++};
++
++/**
++ * xmlSecMSCryptoTransformRsaSha256GetKlass:
++ *
++ * The RSA-SHA1 signature transform klass.
++ *
++ * Returns: RSA-SHA1 signature transform klass.
++ */
++xmlSecTransformId
++xmlSecMSCryptoTransformRsaSha256GetKlass(void) {
++    return(&xmlSecMSCryptoRsaSha256Klass);
++}
++
+ #endif /* XMLSEC_NO_RSA */
+ 
+ #ifndef XMLSEC_NO_DSA
+-- 
+2.4.5
+