static void test_incorrect_api_usage(void)
{
BOOL result;
HCRYPTPROV hProv, hProv2;
HCRYPTHASH hHash, hHash2;
HCRYPTKEY hKey, hKey2;
BYTE temp;
DWORD dwLen, dwTemp;
/* This is to document incorrect api usage in the
* "Uru - Ages beyond Myst Demo" installer as reported by Paul Vriens.
*
* The installer destroys a hash object after having released the context
* with which the hash was created. This is not allowed according to MSDN,
* since CryptReleaseContext destroys all hash and key objects belonging to
* the respective context. However, while wine used to crash, Windows is more
* robust here and returns an ERROR_INVALID_PARAMETER code.
*/
result = pCryptAcquireContextA(&hProv, szBadKeySet, szRsaBaseProv,
PROV_RSA_FULL, CRYPT_NEWKEYSET);
ok (result, "%08x\n", GetLastError());
if (!result) return;
result = pCryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash);
ok (result, "%d\n", GetLastError());
if (!result) return;
pCryptDestroyHash(hHash);
result = pCryptGenKey(hProv, CALG_RC4, 0, &hKey);
ok (result, "%d\n", GetLastError());
if (!result) return;
result = pCryptGenKey(hProv, CALG_RC4, 0, &hKey2);
ok (result, "%d\n", GetLastError());
if (!result) return;
result = pCryptDestroyKey(hKey2);
ok (result, "%d\n", GetLastError());
dwTemp = CRYPT_MODE_ECB;
result = pCryptSetKeyParam(hKey2, KP_MODE, (BYTE*)&dwTemp, sizeof(DWORD));
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptAcquireContextA(&hProv2, szBadKeySet, NULL, PROV_RSA_FULL,
CRYPT_DELETEKEYSET);
ok (result, "%d\n", GetLastError());
if (!result) return;
result = pCryptReleaseContext(hProv, 0);
ok (result, "%d\n", GetLastError());
if (!result) return;
result = pCryptReleaseContext(hProv, 0);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptGenRandom(hProv, 1, &temp);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
#ifdef CRASHES_ON_NT40
result = pCryptContextAddRef(hProv, NULL, 0);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
#endif
result = pCryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash2);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
dwLen = 1;
result = pCryptDecrypt(hKey, 0, TRUE, 0, &temp, &dwLen);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
dwLen = 1;
result = pCryptEncrypt(hKey, 0, TRUE, 0, &temp, &dwLen, 1);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptDeriveKey(hProv, CALG_RC4, hHash, 0, &hKey2);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
#ifdef CRASHES_ON_NT40
result = pCryptDuplicateHash(hHash, NULL, 0, &hHash2);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptDuplicateKey(hKey, NULL, 0, &hKey2);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
#endif
dwLen = 1;
result = pCryptExportKey(hKey, 0, 0, 0, &temp, &dwLen);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptGenKey(hProv, CALG_RC4, 0, &hKey2);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
dwLen = 1;
result = pCryptGetHashParam(hHash, 0, &temp, &dwLen, 0);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
dwLen = 1;
result = pCryptGetKeyParam(hKey, 0, &temp, &dwLen, 0);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
dwLen = 1;
result = pCryptGetProvParam(hProv, 0, &temp, &dwLen, 0);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptGetUserKey(hProv, 0, &hKey2);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptHashData(hHash, &temp, 1, 0);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptHashSessionKey(hHash, hKey, 0);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptImportKey(hProv, &temp, 1, 0, 0, &hKey2);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
if (pCryptSignHashW)
{
dwLen = 1;
result = pCryptSignHashW(hHash, 0, NULL, 0, &temp, &dwLen);
ok (!result && (GetLastError() == ERROR_INVALID_PARAMETER ||
GetLastError() == ERROR_CALL_NOT_IMPLEMENTED), "%d\n", GetLastError());
}
else
win_skip("CryptSignHashW is not available\n");
result = pCryptSetKeyParam(hKey, 0, &temp, 1);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptSetHashParam(hHash, 0, &temp, 1);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptSetProvParam(hProv, 0, &temp, 1);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
if (pCryptVerifySignatureW)
{
result = pCryptVerifySignatureW(hHash, &temp, 1, hKey, NULL, 0);
ok (!result && (GetLastError() == ERROR_INVALID_PARAMETER ||
GetLastError() == ERROR_CALL_NOT_IMPLEMENTED), "%d\n", GetLastError());
}
else
win_skip("CryptVerifySignatureW is not available\n");
result = pCryptDestroyHash(hHash);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
result = pCryptDestroyKey(hKey);
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError());
}
static void test_verify_sig(void)
{
BOOL ret;
HCRYPTPROV prov;
HCRYPTKEY key;
HCRYPTHASH hash;
BYTE bogus[] = { 0 };
if (!pCryptVerifySignatureW)
{
win_skip("CryptVerifySignatureW is not available\n");
return;
}
SetLastError(0xdeadbeef);
ret = pCryptVerifySignatureW(0, NULL, 0, 0, NULL, 0);
if (!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED)
{
win_skip("CryptVerifySignatureW is not implemented\n");
return;
}
ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER,
"Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError());
ret = pCryptAcquireContextA(&prov, szKeySet, NULL, PROV_RSA_FULL,
CRYPT_NEWKEYSET);
if (!ret && GetLastError() == NTE_EXISTS)
ret = pCryptAcquireContextA(&prov, szKeySet, NULL, PROV_RSA_FULL, 0);
ok(ret, "CryptAcquireContextA failed: %08x\n", GetLastError());
ret = pCryptImportKey(prov, (LPBYTE)privKey, sizeof(privKey), 0, 0, &key);
ok(ret, "CryptImportKey failed: %08x\n", GetLastError());
ret = pCryptCreateHash(prov, CALG_MD5, 0, 0, &hash);
ok(ret, "CryptCreateHash failed: %08x\n", GetLastError());
SetLastError(0xdeadbeef);
ret = pCryptVerifySignatureW(hash, NULL, 0, 0, NULL, 0);
ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER,
"Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError());
SetLastError(0xdeadbeef);
ret = pCryptVerifySignatureW(0, NULL, 0, key, NULL, 0);
ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER,
"Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError());
SetLastError(0xdeadbeef);
ret = pCryptVerifySignatureW(hash, NULL, 0, key, NULL, 0);
ok(!ret && (GetLastError() == NTE_BAD_SIGNATURE ||
GetLastError() == ERROR_INVALID_PARAMETER),
"Expected NTE_BAD_SIGNATURE or ERROR_INVALID_PARAMETER, got %08x\n",
GetLastError());
SetLastError(0xdeadbeef);
ret = pCryptVerifySignatureW(hash, NULL, sizeof(bogus), key, NULL, 0);
ok(!ret && (GetLastError() == NTE_BAD_SIGNATURE ||
GetLastError() == ERROR_INVALID_PARAMETER),
"Expected NTE_BAD_SIGNATURE or ERROR_INVALID_PARAMETER, got %08x\n",
GetLastError());
SetLastError(0xdeadbeef);
ret = pCryptVerifySignatureW(hash, bogus, 0, key, NULL, 0);
ok(!ret && GetLastError() == NTE_BAD_SIGNATURE,
"Expected NTE_BAD_SIGNATURE, got %08x\n", GetLastError());
SetLastError(0xdeadbeef);
ret = pCryptVerifySignatureW(hash, bogus, sizeof(bogus), key, NULL, 0);
ok(!ret && GetLastError() == NTE_BAD_SIGNATURE,
"Expected NTE_BAD_SIGNATURE, got %08x\n", GetLastError());
pCryptDestroyKey(key);
pCryptDestroyHash(hash);
pCryptReleaseContext(prov, 0);
}
static void test_rc2_keylen(void)
{
struct KeyBlob
{
BLOBHEADER header;
DWORD key_size;
BYTE key_data[2048];
} key_blob;
HCRYPTPROV provider;
HCRYPTKEY hkey = 0;
BOOL ret;
SetLastError(0xdeadbeef);
ret = pCryptAcquireContextA(&provider, NULL, NULL,
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
ok(ret, "CryptAcquireContext error %u\n", GetLastError());
if (ret)
{
key_blob.header.bType = PLAINTEXTKEYBLOB;
key_blob.header.bVersion = CUR_BLOB_VERSION;
key_blob.header.reserved = 0;
key_blob.header.aiKeyAlg = CALG_RC2;
key_blob.key_size = sizeof(key);
memcpy(key_blob.key_data, key, key_length);
/* Importing a 16-byte key works with the default provider. */
SetLastError(0xdeadbeef);
ret = pCryptImportKey(provider, (BYTE*)&key_blob,
sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size,
0, CRYPT_IPSEC_HMAC_KEY, &hkey);
/* CRYPT_IPSEC_HMAC_KEY is not supported on W2K and lower */
ok(ret ||
broken(!ret && GetLastError() == NTE_BAD_FLAGS),
"CryptImportKey error %08x\n", GetLastError());
if (ret)
pCryptDestroyKey(hkey);
pCryptReleaseContext(provider, 0);
}
SetLastError(0xdeadbeef);
ret = pCryptAcquireContextA(&provider, NULL, MS_DEF_PROV_A,
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
ok(ret, "CryptAcquireContext error %08x\n", GetLastError());
if (ret)
{
/* Importing a 16-byte key doesn't work with the base provider.. */
SetLastError(0xdeadbeef);
ret = pCryptImportKey(provider, (BYTE*)&key_blob,
sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size,
0, 0, &hkey);
ok(!ret && (GetLastError() == NTE_BAD_DATA ||
GetLastError() == NTE_BAD_LEN || /* Win7 */
GetLastError() == NTE_BAD_TYPE || /* W2K */
GetLastError() == NTE_PERM), /* Win9x, WinMe and NT4 */
"unexpected error %08x\n", GetLastError());
/* but importing an 56-bit (7-byte) key does.. */
key_blob.key_size = 7;
SetLastError(0xdeadbeef);
ret = pCryptImportKey(provider, (BYTE*)&key_blob,
sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size,
0, 0, &hkey);
ok(ret ||
broken(!ret && GetLastError() == NTE_BAD_TYPE) || /* W2K */
broken(!ret && GetLastError() == NTE_PERM), /* Win9x, WinMe and NT4 */
"CryptAcquireContext error %08x\n", GetLastError());
if (ret)
pCryptDestroyKey(hkey);
/* as does importing a 16-byte key with the base provider when
* CRYPT_IPSEC_HMAC_KEY is specified.
*/
key_blob.key_size = sizeof(key);
SetLastError(0xdeadbeef);
ret = pCryptImportKey(provider, (BYTE*)&key_blob,
sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size,
0, CRYPT_IPSEC_HMAC_KEY, &hkey);
/* CRYPT_IPSEC_HMAC_KEY is not supported on W2K and lower */
ok(ret ||
broken(!ret && GetLastError() == NTE_BAD_FLAGS),
"CryptImportKey error %08x\n", GetLastError());
if (ret)
pCryptDestroyKey(hkey);
pCryptReleaseContext(provider, 0);
}
key_blob.key_size = sizeof(key);
SetLastError(0xdeadbeef);
ret = pCryptAcquireContextA(&provider, NULL, NULL,
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
ok(ret, "CryptAcquireContext error %08x\n", GetLastError());
if (ret)
{
/* Importing a 16-byte key also works with the default provider when
* CRYPT_IPSEC_HMAC_KEY is specified.
*/
SetLastError(0xdeadbeef);
ret = pCryptImportKey(provider, (BYTE*)&key_blob,
sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size,
0, CRYPT_IPSEC_HMAC_KEY, &hkey);
ok(ret ||
broken(!ret && GetLastError() == NTE_BAD_FLAGS),
"CryptImportKey error %08x\n", GetLastError());
if (ret)
pCryptDestroyKey(hkey);
/* There is no apparent limit to the size of the input key when
* CRYPT_IPSEC_HMAC_KEY is specified.
*/
key_blob.key_size = sizeof(key_blob.key_data);
SetLastError(0xdeadbeef);
ret = pCryptImportKey(provider, (BYTE*)&key_blob,
sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size,
0, CRYPT_IPSEC_HMAC_KEY, &hkey);
ok(ret ||
broken(!ret && GetLastError() == NTE_BAD_FLAGS),
"CryptImportKey error %08x\n", GetLastError());
if (ret)
pCryptDestroyKey(hkey);
pCryptReleaseContext(provider, 0);
}
}
