0

I'm using WinHttp and WinHttpQueryOption API in particular to ensure that my connection employs strong https encryption. For that I'm doing the following:

DWORD dwHttpSecurityFlags = 0;
DWORD dwcbSzSec = sizeof(dwHttpSecurityFlags);
if(WinHttpQueryOption(hRequest, WINHTTP_OPTION_SECURITY_FLAGS, &dwHttpSecurityFlags, &dwcbSzSec))
{
    //Check security -- for connection to employ 128-bit encryption
    if((dwHttpSecurityFlags & SECURITY_FLAG_SECURE) &&
    (dwHttpSecurityFlags & (SECURITY_FLAG_STRENGTH_WEAK | 
        SECURITY_FLAG_STRENGTH_MEDIUM | 
        SECURITY_FLAG_STRENGTH_STRONG)) == SECURITY_FLAG_STRENGTH_STRONG)
    {
        //Passed security check
    }
    else
    {
        //Security check failed
    }
}
else
{
    //API Failed
}

But I'm not very clear how SECURITY_FLAG_STRENGTH_* flags are used -- as bitwise flags, or as one-only values?

If I look in a header file, they are defined as such:

#define SECURITY_FLAG_SECURE                    0x00000001 // can query only
#define SECURITY_FLAG_STRENGTH_WEAK             0x10000000
#define SECURITY_FLAG_STRENGTH_MEDIUM           0x40000000
#define SECURITY_FLAG_STRENGTH_STRONG           0x20000000

which hints at bitwise use, but it doesn't make sense for a connection to use both 40-bit and 128-bit strong encryption.

Can someone clarify this? Is my code above correct?

c00000fd
  • 20,994
  • 29
  • 177
  • 400

1 Answers1

1

As clearly stated in the documentation, it is a bitwise flag field:

WINHTTP_OPTION_SECURITY_FLAGS

Sets or retrieves an unsigned long integer value that contains the security flags for a handle. It can be a combination of these values.

If you need to check for 128-bit encryption specifically, then this is the right code:

if (dwHttpSecurityFlags & SECURITY_FLAG_STRENGTH_STRONG) {
   // Passed security check
}

as SECURITY_FLAG_STRENGTH_STRONG means 128-bit encryption:

SECURITY_FLAG_STRENGTH_STRONG

Uses strong (128-bit) encryption. This is only returned in a call to WinHttpQueryOption.

EDIT:

The documentation is not 100% clear which flag is going to be set in which situation. After looking at the source code of Wine it becomes clear that SECURITY_FLAG_STRENGTH_* flags are mutually exclusive. But other flags, like SECURITY_FLAG_SECURE could be set together with one of the SECURITY_FLAG_STRENGTH_* (which is exactly what documentation is saying).

torvin
  • 6,515
  • 1
  • 37
  • 52
  • What would it "clearly" mean if both `SECURITY_FLAG_STRENGTH_WEAK` and `SECURITY_FLAG_STRENGTH_STRONG` flags are set then? – c00000fd Sep 24 '15 at 08:38
  • They won't be set both, but `SECURITY_FLAG_STRENGTH_STRONG` could easily be combined with other flags. So you should not be guessing which flags could be combined and just use the code provided above. It will work in any case. – torvin Sep 24 '15 at 22:04
  • Do you have any references to that? If what you said is true, this contradicts the definition of the `bitwise flag field`: https://en.wikipedia.org/wiki/Bit_field and that's why I'm asking this question. – c00000fd Sep 25 '15 at 00:21
  • What exactly do you find contradicting the bit field definition? – torvin Sep 25 '15 at 00:52
  • Not in a bit field definition, [your explanation](http://stackoverflow.com/questions/32751415/trying-to-resolve-ambiguity-concerning-security-flag-strength-flags/32753122?noredirect=1#comment53382397_32753122) is contradictory: `"They won't be set both"` – c00000fd Sep 25 '15 at 00:54
  • OK, finally I understood what is bothering you. I'll update my answer – torvin Sep 25 '15 at 01:03
  • OK. Appreciate the Wine link. – c00000fd Sep 25 '15 at 04:27