static void test_incorrect_api_usage(void) { BOOL result; HCRYPTPROV hProv, hProv2; HCRYPTHASH hHash, hHash2; HCRYPTKEY hKey, hKey2; BYTE temp; DWORD dwLen, dwTemp; /* This is to document incorrect api usage in the * "Uru - Ages beyond Myst Demo" installer as reported by Paul Vriens. * * The installer destroys a hash object after having released the context * with which the hash was created. This is not allowed according to MSDN, * since CryptReleaseContext destroys all hash and key objects belonging to * the respective context. However, while wine used to crash, Windows is more * robust here and returns an ERROR_INVALID_PARAMETER code. */ result = pCryptAcquireContextA(&hProv, szBadKeySet, szRsaBaseProv, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok (result, "%08x\n", GetLastError()); if (!result) return; result = pCryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash); ok (result, "%d\n", GetLastError()); if (!result) return; pCryptDestroyHash(hHash); result = pCryptGenKey(hProv, CALG_RC4, 0, &hKey); ok (result, "%d\n", GetLastError()); if (!result) return; result = pCryptGenKey(hProv, CALG_RC4, 0, &hKey2); ok (result, "%d\n", GetLastError()); if (!result) return; result = pCryptDestroyKey(hKey2); ok (result, "%d\n", GetLastError()); dwTemp = CRYPT_MODE_ECB; result = pCryptSetKeyParam(hKey2, KP_MODE, (BYTE*)&dwTemp, sizeof(DWORD)); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptAcquireContextA(&hProv2, szBadKeySet, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); ok (result, "%d\n", GetLastError()); if (!result) return; result = pCryptReleaseContext(hProv, 0); ok (result, "%d\n", GetLastError()); if (!result) return; result = pCryptReleaseContext(hProv, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptGenRandom(hProv, 1, &temp); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); #ifdef CRASHES_ON_NT40 result = pCryptContextAddRef(hProv, NULL, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); #endif result = pCryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptDecrypt(hKey, 0, TRUE, 0, &temp, &dwLen); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptEncrypt(hKey, 0, TRUE, 0, &temp, &dwLen, 1); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptDeriveKey(hProv, CALG_RC4, hHash, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); #ifdef CRASHES_ON_NT40 result = pCryptDuplicateHash(hHash, NULL, 0, &hHash2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptDuplicateKey(hKey, NULL, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); #endif dwLen = 1; result = pCryptExportKey(hKey, 0, 0, 0, &temp, &dwLen); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptGenKey(hProv, CALG_RC4, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptGetHashParam(hHash, 0, &temp, &dwLen, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptGetKeyParam(hKey, 0, &temp, &dwLen, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptGetProvParam(hProv, 0, &temp, &dwLen, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptGetUserKey(hProv, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptHashData(hHash, &temp, 1, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptHashSessionKey(hHash, hKey, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptImportKey(hProv, &temp, 1, 0, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); if (pCryptSignHashW) { dwLen = 1; result = pCryptSignHashW(hHash, 0, NULL, 0, &temp, &dwLen); ok (!result && (GetLastError() == ERROR_INVALID_PARAMETER || GetLastError() == ERROR_CALL_NOT_IMPLEMENTED), "%d\n", GetLastError()); } else win_skip("CryptSignHashW is not available\n"); result = pCryptSetKeyParam(hKey, 0, &temp, 1); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptSetHashParam(hHash, 0, &temp, 1); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptSetProvParam(hProv, 0, &temp, 1); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); if (pCryptVerifySignatureW) { result = pCryptVerifySignatureW(hHash, &temp, 1, hKey, NULL, 0); ok (!result && (GetLastError() == ERROR_INVALID_PARAMETER || GetLastError() == ERROR_CALL_NOT_IMPLEMENTED), "%d\n", GetLastError()); } else win_skip("CryptVerifySignatureW is not available\n"); result = pCryptDestroyHash(hHash); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptDestroyKey(hKey); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); }
static void test_verify_sig(void) { BOOL ret; HCRYPTPROV prov; HCRYPTKEY key; HCRYPTHASH hash; BYTE bogus[] = { 0 }; if (!pCryptVerifySignatureW) { win_skip("CryptVerifySignatureW is not available\n"); return; } SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(0, NULL, 0, 0, NULL, 0); if (!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED) { win_skip("CryptVerifySignatureW is not implemented\n"); return; } ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); ret = pCryptAcquireContextA(&prov, szKeySet, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); if (!ret && GetLastError() == NTE_EXISTS) ret = pCryptAcquireContextA(&prov, szKeySet, NULL, PROV_RSA_FULL, 0); ok(ret, "CryptAcquireContextA failed: %08x\n", GetLastError()); ret = pCryptImportKey(prov, (LPBYTE)privKey, sizeof(privKey), 0, 0, &key); ok(ret, "CryptImportKey failed: %08x\n", GetLastError()); ret = pCryptCreateHash(prov, CALG_MD5, 0, 0, &hash); ok(ret, "CryptCreateHash failed: %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, NULL, 0, 0, NULL, 0); ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(0, NULL, 0, key, NULL, 0); ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, NULL, 0, key, NULL, 0); ok(!ret && (GetLastError() == NTE_BAD_SIGNATURE || GetLastError() == ERROR_INVALID_PARAMETER), "Expected NTE_BAD_SIGNATURE or ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, NULL, sizeof(bogus), key, NULL, 0); ok(!ret && (GetLastError() == NTE_BAD_SIGNATURE || GetLastError() == ERROR_INVALID_PARAMETER), "Expected NTE_BAD_SIGNATURE or ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, bogus, 0, key, NULL, 0); ok(!ret && GetLastError() == NTE_BAD_SIGNATURE, "Expected NTE_BAD_SIGNATURE, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, bogus, sizeof(bogus), key, NULL, 0); ok(!ret && GetLastError() == NTE_BAD_SIGNATURE, "Expected NTE_BAD_SIGNATURE, got %08x\n", GetLastError()); pCryptDestroyKey(key); pCryptDestroyHash(hash); pCryptReleaseContext(prov, 0); }
static void test_rc2_keylen(void) { struct KeyBlob { BLOBHEADER header; DWORD key_size; BYTE key_data[2048]; } key_blob; HCRYPTPROV provider; HCRYPTKEY hkey = 0; BOOL ret; SetLastError(0xdeadbeef); ret = pCryptAcquireContextA(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); ok(ret, "CryptAcquireContext error %u\n", GetLastError()); if (ret) { key_blob.header.bType = PLAINTEXTKEYBLOB; key_blob.header.bVersion = CUR_BLOB_VERSION; key_blob.header.reserved = 0; key_blob.header.aiKeyAlg = CALG_RC2; key_blob.key_size = sizeof(key); memcpy(key_blob.key_data, key, key_length); /* Importing a 16-byte key works with the default provider. */ SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, CRYPT_IPSEC_HMAC_KEY, &hkey); /* CRYPT_IPSEC_HMAC_KEY is not supported on W2K and lower */ ok(ret || broken(!ret && GetLastError() == NTE_BAD_FLAGS), "CryptImportKey error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); pCryptReleaseContext(provider, 0); } SetLastError(0xdeadbeef); ret = pCryptAcquireContextA(&provider, NULL, MS_DEF_PROV_A, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); ok(ret, "CryptAcquireContext error %08x\n", GetLastError()); if (ret) { /* Importing a 16-byte key doesn't work with the base provider.. */ SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, 0, &hkey); ok(!ret && (GetLastError() == NTE_BAD_DATA || GetLastError() == NTE_BAD_LEN || /* Win7 */ GetLastError() == NTE_BAD_TYPE || /* W2K */ GetLastError() == NTE_PERM), /* Win9x, WinMe and NT4 */ "unexpected error %08x\n", GetLastError()); /* but importing an 56-bit (7-byte) key does.. */ key_blob.key_size = 7; SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, 0, &hkey); ok(ret || broken(!ret && GetLastError() == NTE_BAD_TYPE) || /* W2K */ broken(!ret && GetLastError() == NTE_PERM), /* Win9x, WinMe and NT4 */ "CryptAcquireContext error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); /* as does importing a 16-byte key with the base provider when * CRYPT_IPSEC_HMAC_KEY is specified. */ key_blob.key_size = sizeof(key); SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, CRYPT_IPSEC_HMAC_KEY, &hkey); /* CRYPT_IPSEC_HMAC_KEY is not supported on W2K and lower */ ok(ret || broken(!ret && GetLastError() == NTE_BAD_FLAGS), "CryptImportKey error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); pCryptReleaseContext(provider, 0); } key_blob.key_size = sizeof(key); SetLastError(0xdeadbeef); ret = pCryptAcquireContextA(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); ok(ret, "CryptAcquireContext error %08x\n", GetLastError()); if (ret) { /* Importing a 16-byte key also works with the default provider when * CRYPT_IPSEC_HMAC_KEY is specified. */ SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, CRYPT_IPSEC_HMAC_KEY, &hkey); ok(ret || broken(!ret && GetLastError() == NTE_BAD_FLAGS), "CryptImportKey error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); /* There is no apparent limit to the size of the input key when * CRYPT_IPSEC_HMAC_KEY is specified. */ key_blob.key_size = sizeof(key_blob.key_data); SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, CRYPT_IPSEC_HMAC_KEY, &hkey); ok(ret || broken(!ret && GetLastError() == NTE_BAD_FLAGS), "CryptImportKey error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); pCryptReleaseContext(provider, 0); } }