static void test_rc2_keylen(void) { struct KeyBlob { BLOBHEADER header; DWORD key_size; BYTE key_data[2048]; } key_blob; HCRYPTPROV provider; HCRYPTKEY hkey = 0; BOOL ret; SetLastError(0xdeadbeef); ret = pCryptAcquireContextA(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); ok(ret, "CryptAcquireContext error %u\n", GetLastError()); if (ret) { key_blob.header.bType = PLAINTEXTKEYBLOB; key_blob.header.bVersion = CUR_BLOB_VERSION; key_blob.header.reserved = 0; key_blob.header.aiKeyAlg = CALG_RC2; key_blob.key_size = sizeof(key); memcpy(key_blob.key_data, key, key_length); /* Importing a 16-byte key works with the default provider. */ SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, CRYPT_IPSEC_HMAC_KEY, &hkey); /* CRYPT_IPSEC_HMAC_KEY is not supported on W2K and lower */ ok(ret || broken(!ret && GetLastError() == NTE_BAD_FLAGS), "CryptImportKey error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); pCryptReleaseContext(provider, 0); } SetLastError(0xdeadbeef); ret = pCryptAcquireContextA(&provider, NULL, MS_DEF_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); ok(ret, "CryptAcquireContext error %08x\n", GetLastError()); if (ret) { /* Importing a 16-byte key doesn't work with the base provider.. */ SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, 0, &hkey); ok(!ret && (GetLastError() == NTE_BAD_DATA || GetLastError() == NTE_BAD_LEN || /* Win7 */ GetLastError() == NTE_BAD_TYPE || /* W2K */ GetLastError() == NTE_PERM), /* Win9x, WinMe and NT4 */ "unexpected error %08x\n", GetLastError()); /* but importing an 56-bit (7-byte) key does.. */ key_blob.key_size = 7; SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, 0, &hkey); ok(ret || broken(!ret && GetLastError() == NTE_BAD_TYPE) || /* W2K */ broken(!ret && GetLastError() == NTE_PERM), /* Win9x, WinMe and NT4 */ "CryptAcquireContext error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); /* as does importing a 16-byte key with the base provider when * CRYPT_IPSEC_HMAC_KEY is specified. */ key_blob.key_size = sizeof(key); SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, CRYPT_IPSEC_HMAC_KEY, &hkey); /* CRYPT_IPSEC_HMAC_KEY is not supported on W2K and lower */ ok(ret || broken(!ret && GetLastError() == NTE_BAD_FLAGS), "CryptImportKey error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); pCryptReleaseContext(provider, 0); } key_blob.key_size = sizeof(key); SetLastError(0xdeadbeef); ret = pCryptAcquireContextA(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); ok(ret, "CryptAcquireContext error %08x\n", GetLastError()); if (ret) { /* Importing a 16-byte key also works with the default provider when * CRYPT_IPSEC_HMAC_KEY is specified. */ SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, CRYPT_IPSEC_HMAC_KEY, &hkey); ok(ret || broken(!ret && GetLastError() == NTE_BAD_FLAGS), "CryptImportKey error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); /* There is no apparent limit to the size of the input key when * CRYPT_IPSEC_HMAC_KEY is specified. */ key_blob.key_size = sizeof(key_blob.key_data); SetLastError(0xdeadbeef); ret = pCryptImportKey(provider, (BYTE*)&key_blob, sizeof(BLOBHEADER)+sizeof(DWORD)+key_blob.key_size, 0, CRYPT_IPSEC_HMAC_KEY, &hkey); ok(ret || broken(!ret && GetLastError() == NTE_BAD_FLAGS), "CryptImportKey error %08x\n", GetLastError()); if (ret) pCryptDestroyKey(hkey); pCryptReleaseContext(provider, 0); } }
static void test_verify_sig(void) { BOOL ret; HCRYPTPROV prov; HCRYPTKEY key; HCRYPTHASH hash; BYTE bogus[] = { 0 }; if (!pCryptVerifySignatureW) { win_skip("CryptVerifySignatureW is not available\n"); return; } SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(0, NULL, 0, 0, NULL, 0); if (!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED) { win_skip("CryptVerifySignatureW is not implemented\n"); return; } ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); ret = pCryptAcquireContextA(&prov, szKeySet, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); if (!ret && GetLastError() == NTE_EXISTS) ret = pCryptAcquireContextA(&prov, szKeySet, NULL, PROV_RSA_FULL, 0); ok(ret, "CryptAcquireContextA failed: %08x\n", GetLastError()); ret = pCryptImportKey(prov, (LPBYTE)privKey, sizeof(privKey), 0, 0, &key); ok(ret, "CryptImportKey failed: %08x\n", GetLastError()); ret = pCryptCreateHash(prov, CALG_MD5, 0, 0, &hash); ok(ret, "CryptCreateHash failed: %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, NULL, 0, 0, NULL, 0); ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(0, NULL, 0, key, NULL, 0); ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, NULL, 0, key, NULL, 0); ok(!ret && (GetLastError() == NTE_BAD_SIGNATURE || GetLastError() == ERROR_INVALID_PARAMETER), "Expected NTE_BAD_SIGNATURE or ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, NULL, sizeof(bogus), key, NULL, 0); ok(!ret && (GetLastError() == NTE_BAD_SIGNATURE || GetLastError() == ERROR_INVALID_PARAMETER), "Expected NTE_BAD_SIGNATURE or ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, bogus, 0, key, NULL, 0); ok(!ret && GetLastError() == NTE_BAD_SIGNATURE, "Expected NTE_BAD_SIGNATURE, got %08x\n", GetLastError()); SetLastError(0xdeadbeef); ret = pCryptVerifySignatureW(hash, bogus, sizeof(bogus), key, NULL, 0); ok(!ret && GetLastError() == NTE_BAD_SIGNATURE, "Expected NTE_BAD_SIGNATURE, got %08x\n", GetLastError()); pCryptDestroyKey(key); pCryptDestroyHash(hash); pCryptReleaseContext(prov, 0); }
static void test_incorrect_api_usage(void) { BOOL result; HCRYPTPROV hProv, hProv2; HCRYPTHASH hHash, hHash2; HCRYPTKEY hKey, hKey2; BYTE temp; DWORD dwLen, dwTemp; /* This is to document incorrect api usage in the * "Uru - Ages beyond Myst Demo" installer as reported by Paul Vriens. * * The installer destroys a hash object after having released the context * with which the hash was created. This is not allowed according to MSDN, * since CryptReleaseContext destroys all hash and key objects belonging to * the respective context. However, while wine used to crash, Windows is more * robust here and returns an ERROR_INVALID_PARAMETER code. */ result = pCryptAcquireContextA(&hProv, szBadKeySet, szRsaBaseProv, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok (result, "%08x\n", GetLastError()); if (!result) return; result = pCryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash); ok (result, "%d\n", GetLastError()); if (!result) return; pCryptDestroyHash(hHash); result = pCryptGenKey(hProv, CALG_RC4, 0, &hKey); ok (result, "%d\n", GetLastError()); if (!result) return; result = pCryptGenKey(hProv, CALG_RC4, 0, &hKey2); ok (result, "%d\n", GetLastError()); if (!result) return; result = pCryptDestroyKey(hKey2); ok (result, "%d\n", GetLastError()); dwTemp = CRYPT_MODE_ECB; result = pCryptSetKeyParam(hKey2, KP_MODE, (BYTE*)&dwTemp, sizeof(DWORD)); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptAcquireContextA(&hProv2, szBadKeySet, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); ok (result, "%d\n", GetLastError()); if (!result) return; result = pCryptReleaseContext(hProv, 0); ok (result, "%d\n", GetLastError()); if (!result) return; result = pCryptReleaseContext(hProv, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptGenRandom(hProv, 1, &temp); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); #ifdef CRASHES_ON_NT40 result = pCryptContextAddRef(hProv, NULL, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); #endif result = pCryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptDecrypt(hKey, 0, TRUE, 0, &temp, &dwLen); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptEncrypt(hKey, 0, TRUE, 0, &temp, &dwLen, 1); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptDeriveKey(hProv, CALG_RC4, hHash, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); #ifdef CRASHES_ON_NT40 result = pCryptDuplicateHash(hHash, NULL, 0, &hHash2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptDuplicateKey(hKey, NULL, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); #endif dwLen = 1; result = pCryptExportKey(hKey, 0, 0, 0, &temp, &dwLen); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptGenKey(hProv, CALG_RC4, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptGetHashParam(hHash, 0, &temp, &dwLen, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptGetKeyParam(hKey, 0, &temp, &dwLen, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); dwLen = 1; result = pCryptGetProvParam(hProv, 0, &temp, &dwLen, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptGetUserKey(hProv, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptHashData(hHash, &temp, 1, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptHashSessionKey(hHash, hKey, 0); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptImportKey(hProv, &temp, 1, 0, 0, &hKey2); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); if (pCryptSignHashW) { dwLen = 1; result = pCryptSignHashW(hHash, 0, NULL, 0, &temp, &dwLen); ok (!result && (GetLastError() == ERROR_INVALID_PARAMETER || GetLastError() == ERROR_CALL_NOT_IMPLEMENTED), "%d\n", GetLastError()); } else win_skip("CryptSignHashW is not available\n"); result = pCryptSetKeyParam(hKey, 0, &temp, 1); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptSetHashParam(hHash, 0, &temp, 1); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptSetProvParam(hProv, 0, &temp, 1); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); if (pCryptVerifySignatureW) { result = pCryptVerifySignatureW(hHash, &temp, 1, hKey, NULL, 0); ok (!result && (GetLastError() == ERROR_INVALID_PARAMETER || GetLastError() == ERROR_CALL_NOT_IMPLEMENTED), "%d\n", GetLastError()); } else win_skip("CryptVerifySignatureW is not available\n"); result = pCryptDestroyHash(hHash); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); result = pCryptDestroyKey(hKey); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "%d\n", GetLastError()); }
static void testAcquireSecurityContext(void) { SECURITY_STATUS st; CredHandle cred; TimeStamp exp; SCHANNEL_CRED schanCred; PCCERT_CONTEXT certs[2]; HCRYPTPROV csp; static CHAR unisp_name_a[] = UNISP_NAME_A; WCHAR ms_def_prov_w[MAX_PATH]; BOOL ret; HCRYPTKEY key; CRYPT_KEY_PROV_INFO keyProvInfo; if (!pAcquireCredentialsHandleA || !pCertCreateCertificateContext || !pFreeCredentialsHandle || !pCryptAcquireContextW) { skip("Needed functions are not available\n"); return; } lstrcpyW(ms_def_prov_w, MS_DEF_PROV_W); keyProvInfo.pwszContainerName = cspNameW; keyProvInfo.pwszProvName = ms_def_prov_w; keyProvInfo.dwProvType = PROV_RSA_FULL; keyProvInfo.dwFlags = 0; keyProvInfo.cProvParam = 0; keyProvInfo.rgProvParam = NULL; keyProvInfo.dwKeySpec = AT_SIGNATURE; certs[0] = pCertCreateCertificateContext(X509_ASN_ENCODING, bigCert, sizeof(bigCert)); certs[1] = pCertCreateCertificateContext(X509_ASN_ENCODING, selfSignedCert, sizeof(selfSignedCert)); pCryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_DELETEKEYSET); st = pAcquireCredentialsHandleA(NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_SECPKG_NOT_FOUND, "Expected SEC_E_SECPKG_NOT_FOUND, got %08x\n", st); if (0) { /* Crashes on Win2K */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, 0, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); } st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_BOTH, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); if (0) { /* Crashes */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, NULL, NULL); } st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); memset(&cred, 0, sizeof(cred)); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, &cred, &exp); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); /* expriy is indeterminate in win2k3 */ trace("expiry: %08lx%08lx\n", exp.HighPart, exp.LowPart); pFreeCredentialsHandle(&cred); /* Bad version in SCHANNEL_CRED */ memset(&schanCred, 0, sizeof(schanCred)); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_INTERNAL_ERROR, "Expected SEC_E_INTERNAL_ERROR, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_INTERNAL_ERROR, "Expected SEC_E_INTERNAL_ERROR, got %08x\n", st); /* No cert in SCHANNEL_CRED succeeds for outbound.. */ schanCred.dwVersion = SCHANNEL_CRED_VERSION; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); /* but fails for inbound. */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); if (0) { /* Crashes with bad paCred pointer */ schanCred.cCreds = 1; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); } /* Bogus cert in SCHANNEL_CRED. Windows fails with * SEC_E_UNKNOWN_CREDENTIALS, but I'll accept SEC_E_NO_CREDENTIALS too. */ schanCred.cCreds = 1; schanCred.paCred = &certs[0]; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || SEC_E_NO_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_NO_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || SEC_E_NO_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_NO_CREDENTIALS, got %08x\n", st); /* Good cert, but missing private key. Windows fails with * SEC_E_NO_CREDENTIALS, but I'll accept SEC_E_UNKNOWN_CREDENTIALS too. */ schanCred.cCreds = 1; schanCred.paCred = &certs[1]; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || SEC_E_NO_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_NO_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || SEC_E_NO_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_NO_CREDENTIALS, got %08x\n", st); /* Good cert, with CRYPT_KEY_PROV_INFO set before it's had a key loaded. */ if (pCertSetCertificateContextProperty) { ret = pCertSetCertificateContextProperty(certs[1], CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo); schanCred.dwVersion = SCH_CRED_V3; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); } ret = pCryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(ret, "CryptAcquireContextW failed: %08x\n", GetLastError()); ret = 0; if (pCryptImportKey) { ret = pCryptImportKey(csp, privKey, sizeof(privKey), 0, 0, &key); ok(ret, "CryptImportKey failed: %08x\n", GetLastError()); } if (ret) { PCCERT_CONTEXT tmp; if (0) { /* Crashes */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); } /* Good cert with private key, bogus version */ schanCred.dwVersion = SCH_CRED_V1; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR, "Expected SEC_E_INTERNAL_ERROR, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR, "Expected SEC_E_INTERNAL_ERROR, got %08x\n", st); schanCred.dwVersion = SCH_CRED_V2; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR, "Expected SEC_E_INTERNAL_ERROR, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR, "Expected SEC_E_INTERNAL_ERROR, got %08x\n", st); /* Succeeds on V3 or higher */ schanCred.dwVersion = SCH_CRED_V3; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK || st == SEC_E_UNKNOWN_CREDENTIALS, /* win2k3 */ "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); schanCred.dwVersion = SCHANNEL_CRED_VERSION; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK || st == SEC_E_UNKNOWN_CREDENTIALS, /* win2k3 */ "AcquireCredentialsHandleA failed: %08x\n", st); if (st == SEC_E_OK) test_strength(&cred); pFreeCredentialsHandle(&cred); /* How about more than one cert? */ schanCred.cCreds = 2; schanCred.paCred = certs; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); tmp = certs[0]; certs[0] = certs[1]; certs[1] = tmp; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); /* FIXME: what about two valid certs? */ if (pCryptDestroyKey) pCryptDestroyKey(key); } if (pCryptReleaseContext) pCryptReleaseContext(csp, 0); pCryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_DELETEKEYSET); if (pCertFreeCertificateContext) { pCertFreeCertificateContext(certs[0]); pCertFreeCertificateContext(certs[1]); } }
static void testAcquireSecurityContext(void) { BOOL has_schannel = FALSE; SecPkgInfoA *package_info; ULONG i; SECURITY_STATUS st; CredHandle cred; SecPkgCredentials_NamesA names; TimeStamp exp; SCHANNEL_CRED schanCred; PCCERT_CONTEXT certs[2]; HCRYPTPROV csp; WCHAR ms_def_prov_w[MAX_PATH]; BOOL ret; HCRYPTKEY key; CRYPT_KEY_PROV_INFO keyProvInfo; if (!pAcquireCredentialsHandleA || !pCertCreateCertificateContext || !pEnumerateSecurityPackagesA || !pFreeContextBuffer || !pFreeCredentialsHandle || !pCryptAcquireContextW) { win_skip("Needed functions are not available\n"); return; } if (SUCCEEDED(pEnumerateSecurityPackagesA(&i, &package_info))) { while(i--) { if (!strcmp(package_info[i].Name, unisp_name_a)) { has_schannel = TRUE; break; } } pFreeContextBuffer(package_info); } if (!has_schannel) { skip("Schannel not available\n"); return; } lstrcpyW(ms_def_prov_w, MS_DEF_PROV_W); keyProvInfo.pwszContainerName = cspNameW; keyProvInfo.pwszProvName = ms_def_prov_w; keyProvInfo.dwProvType = PROV_RSA_FULL; keyProvInfo.dwFlags = 0; keyProvInfo.cProvParam = 0; keyProvInfo.rgProvParam = NULL; keyProvInfo.dwKeySpec = AT_SIGNATURE; certs[0] = pCertCreateCertificateContext(X509_ASN_ENCODING, bigCert, sizeof(bigCert)); certs[1] = pCertCreateCertificateContext(X509_ASN_ENCODING, selfSignedCert, sizeof(selfSignedCert)); SetLastError(0xdeadbeef); ret = pCryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_DELETEKEYSET); if (!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED) { /* WinMe would crash on some tests */ win_skip("CryptAcquireContextW is not implemented\n"); return; } st = pAcquireCredentialsHandleA(NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_SECPKG_NOT_FOUND, "Expected SEC_E_SECPKG_NOT_FOUND, got %08x\n", st); if (0) { /* Crashes on Win2K */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, 0, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); /* Crashes on WinNT */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_BOTH, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL, NULL, NULL); ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n", st); /* Crashes */ pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, NULL, NULL); } st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); if(st == SEC_E_OK) pFreeCredentialsHandle(&cred); memset(&cred, 0, sizeof(cred)); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, &cred, &exp); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); /* expriy is indeterminate in win2k3 */ trace("expiry: %08x%08x\n", exp.HighPart, exp.LowPart); st = pQueryCredentialsAttributesA(&cred, SECPKG_CRED_ATTR_NAMES, &names); ok(st == SEC_E_NO_CREDENTIALS || st == SEC_E_UNSUPPORTED_FUNCTION /* before Vista */, "expected SEC_E_NO_CREDENTIALS, got %08x\n", st); pFreeCredentialsHandle(&cred); /* Bad version in SCHANNEL_CRED */ memset(&schanCred, 0, sizeof(schanCred)); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */ || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */ || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); /* No cert in SCHANNEL_CRED succeeds for outbound.. */ schanCred.dwVersion = SCHANNEL_CRED_VERSION; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); /* but fails for inbound. */ st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_NO_CREDENTIALS || st == SEC_E_OK /* Vista/win2k8 */, "Expected SEC_E_NO_CREDENTIALS or SEC_E_OK, got %08x\n", st); if (0) { /* Crashes with bad paCred pointer */ schanCred.cCreds = 1; pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); } /* Bogus cert in SCHANNEL_CRED. Windows fails with * SEC_E_UNKNOWN_CREDENTIALS, but I'll accept SEC_E_NO_CREDENTIALS too. */ schanCred.cCreds = 1; schanCred.paCred = &certs[0]; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); /* Good cert, but missing private key. Windows fails with * SEC_E_NO_CREDENTIALS, but I'll accept SEC_E_UNKNOWN_CREDENTIALS too. */ schanCred.cCreds = 1; schanCred.paCred = &certs[1]; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INTERNAL_ERROR, /* win2k */ "Expected SEC_E_UNKNOWN_CREDENTIALS, SEC_E_NO_CREDENTIALS " "or SEC_E_INTERNAL_ERROR, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INTERNAL_ERROR, /* win2k */ "Expected SEC_E_UNKNOWN_CREDENTIALS, SEC_E_NO_CREDENTIALS " "or SEC_E_INTERNAL_ERROR, got %08x\n", st); /* Good cert, with CRYPT_KEY_PROV_INFO set before it's had a key loaded. */ if (pCertSetCertificateContextProperty) { ret = pCertSetCertificateContextProperty(certs[1], CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo); schanCred.dwVersion = SCH_CRED_V3; ok(ret, "CertSetCertificateContextProperty failed: %08x\n", GetLastError()); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_INTERNAL_ERROR /* WinNT */, "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_INTERNAL_ERROR, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_INTERNAL_ERROR /* WinNT */, "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_INTERNAL_ERROR, got %08x\n", st); } ret = pCryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(ret, "CryptAcquireContextW failed: %08x\n", GetLastError()); ret = 0; if (pCryptImportKey) { ret = pCryptImportKey(csp, privKey, sizeof(privKey), 0, 0, &key); ok(ret, "CryptImportKey failed: %08x\n", GetLastError()); } if (ret) { PCCERT_CONTEXT tmp; if (0) { /* Crashes */ pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, NULL, NULL); /* Crashes on WinNT */ /* Good cert with private key, bogus version */ schanCred.dwVersion = SCH_CRED_V1; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */, "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */, "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); schanCred.dwVersion = SCH_CRED_V2; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */, "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_INTERNAL_ERROR || st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */, "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); } /* Succeeds on V3 or higher */ schanCred.dwVersion = SCH_CRED_V3; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK || st == SEC_E_UNKNOWN_CREDENTIALS, /* win2k3 */ "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); schanCred.dwVersion = SCHANNEL_CRED_VERSION; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st); pFreeCredentialsHandle(&cred); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_OK || st == SEC_E_UNKNOWN_CREDENTIALS, /* win2k3 */ "AcquireCredentialsHandleA failed: %08x\n", st); if (st == SEC_E_OK) test_strength(&cred); pFreeCredentialsHandle(&cred); /* How about more than one cert? */ schanCred.cCreds = 2; schanCred.paCred = certs; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS /* Vista/win2k8 */ || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); tmp = certs[0]; certs[0] = certs[1]; certs[1] = tmp; st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS || st == SEC_E_INVALID_TOKEN /* WinNT */, "st = %08x\n", st); st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND, NULL, &schanCred, NULL, NULL, &cred, NULL); ok(st == SEC_E_UNKNOWN_CREDENTIALS, "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st); /* FIXME: what about two valid certs? */ if (pCryptDestroyKey) pCryptDestroyKey(key); } if (pCryptReleaseContext) pCryptReleaseContext(csp, 0); pCryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_DELETEKEYSET); if (pCertFreeCertificateContext) { pCertFreeCertificateContext(certs[0]); pCertFreeCertificateContext(certs[1]); } }
/* メッセージの復号化 */ BOOL TRecvDlg::DecryptMsg() { HCRYPTKEY hKey=0, hExKey=0; char *capa_hex, *skey_hex, *msg_hex, *p; BYTE skey[MAX_BUF]; int len, msgLen; HCRYPTPROV target_csp; if ((capa_hex = separate_token(msg.msgBuf, ':', &p)) == NULL) return FALSE; cryptCapa = strtoul(capa_hex, 0, 16); target_csp = (cryptCapa & IPMSG_RSA_1024) && cfg->pubKey.Key() ? cfg->hCsp : cfg->hSmallCsp; hExKey = target_csp == cfg->hCsp ? cfg->hPrivKey : cfg->hSmallPrivKey; if ((skey_hex = separate_token(NULL, ':', &p)) == NULL) return FALSE; if ((msg_hex = separate_token(NULL, 0, &p)) == NULL) return FALSE; if (cryptCapa & IPMSG_BLOWFISH_128) { // blowfish hexstr2bin_bigendian(skey_hex, skey, sizeof(skey), &len); // 公開鍵取得 if (!pCryptDecrypt(hExKey, 0, TRUE, 0, (BYTE *)skey, (DWORD *)&len)) return wsprintf(msg.msgBuf, "CryptDecrypt Err(%X)", GetLastError()), FALSE; CBlowFish bl(skey, len); hexstr2bin(msg_hex, (BYTE *)msg.msgBuf, sizeof(msg.msgBuf), &msgLen); bl.Decrypt((BYTE *)msg.msgBuf, (BYTE *)msg.msgBuf, msgLen); } else { // RC2 // Skey Blob を作る skey[0] = SIMPLEBLOB; skey[1] = CUR_BLOB_VERSION; *(WORD *)(skey + 2) = 0; *(ALG_ID *)(skey + 4) = CALG_RC2; *(ALG_ID *)(skey + 8) = CALG_RSA_KEYX; hexstr2bin_bigendian(skey_hex, skey + SKEY_HEADER_SIZE, sizeof(skey) - SKEY_HEADER_SIZE, &len); // セッションキーの import if (!pCryptImportKey(target_csp, skey, len + SKEY_HEADER_SIZE, hExKey, 0, &hKey)) return wsprintf(msg.msgBuf, "CryptImportKey Err(%X)", GetLastError()), FALSE; // メッセージの Decrypt hexstr2bin(msg_hex, (BYTE *)msg.msgBuf, sizeof(msg.msgBuf), &msgLen); if (!pCryptDecrypt(hKey, 0, TRUE, 0, (BYTE *)msg.msgBuf, (DWORD *)&msgLen)) return wsprintf(msg.msgBuf, "CryptDecrypt Err(%X)", GetLastError()), FALSE; pCryptDestroyKey(hKey); } // UNIX 形式の改行を変換 if (cryptCapa & (IPMSG_BLOWFISH_128|IPMSG_RC2_40)) MsgMng::UnixNewLineToLocal(msg.msgBuf, msg.msgBuf, sizeof(msg.msgBuf)); if ((msg.command & IPMSG_UTF8OPT) == 0) { char *u8buf = AtoU8(msg.msgBuf); int u8len = strlen(u8buf), diff=0; u8len = min(u8len, MAX_UDPBUF-1); int dif = u8len - strlen(msg.msgBuf); if (msg.exOffset && diff > 0) { memmove(msg.msgBuf + msg.exOffset + diff, msg.msgBuf + msg.exOffset, diff); } strncpyz(msg.msgBuf, u8buf, u8len+1); } return TRUE; }