From 24914ab84bc4bfc27b0899b8311d590fc76d337a Mon Sep 17 00:00:00 2001 From: Santino Mazza Date: Mon, 28 Mar 2022 11:52:03 +0200 Subject: [PATCH] ncrypt: Implement NCryptVerifySignature. Signed-off-by: Santino Mazza Signed-off-by: Hans Leidekker Signed-off-by: Alexandre Julliard --- dlls/ncrypt/main.c | 25 +++++++++++++++++++++---- dlls/ncrypt/tests/ncrypt.c | 8 +++----- 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/dlls/ncrypt/main.c b/dlls/ncrypt/main.c index f8fb3135f56..cc979a539d2 100644 --- a/dlls/ncrypt/main.c +++ b/dlls/ncrypt/main.c @@ -36,8 +36,11 @@ static SECURITY_STATUS map_ntstatus(NTSTATUS status) { switch (status) { - case STATUS_INVALID_HANDLE: return NTE_INVALID_HANDLE; - case NTE_BAD_DATA: return NTE_BAD_DATA; + case STATUS_INVALID_HANDLE: return NTE_INVALID_HANDLE; + case STATUS_INVALID_SIGNATURE: return NTE_BAD_SIGNATURE; + case STATUS_SUCCESS: return ERROR_SUCCESS; + case STATUS_INVALID_PARAMETER: return NTE_INVALID_PARAMETER; + case NTE_BAD_DATA: return NTE_BAD_DATA; default: FIXME("unhandled status %#lx\n", status); return NTE_INTERNAL_ERROR; @@ -458,7 +461,21 @@ SECURITY_STATUS WINAPI NCryptSetProperty(NCRYPT_HANDLE handle, const WCHAR *name SECURITY_STATUS WINAPI NCryptVerifySignature(NCRYPT_KEY_HANDLE handle, void *padding, BYTE *hash, DWORD hash_size, BYTE *signature, DWORD signature_size, DWORD flags) { - FIXME("(%#Ix, %p, %p, %lu, %p, %lu, %#lx): stub\n", handle, padding, hash, hash_size, signature, + struct object *key_object = (struct object *)handle; + + TRACE("(%#Ix, %p, %p, %lu, %p, %lu, %#lx)\n", handle, padding, hash, hash_size, signature, signature_size, flags); - return ERROR_SUCCESS; + + if (!hash_size || !signature_size) return NTE_INVALID_PARAMETER; + if (!hash || !signature) return HRESULT_FROM_WIN32(RPC_X_NULL_REF_POINTER); + if (!handle || key_object->type != KEY) return NTE_INVALID_HANDLE; + + if (key_object->key.algid < RSA) + { + FIXME("Symmetric keys not supported.\n"); + return NTE_NOT_SUPPORTED; + } + + return map_ntstatus(BCryptVerifySignature(key_object->key.bcrypt_key, padding, hash, hash_size, signature, + signature_size, flags)); } diff --git a/dlls/ncrypt/tests/ncrypt.c b/dlls/ncrypt/tests/ncrypt.c index e8de441876b..7fb8b2cb4c5 100644 --- a/dlls/ncrypt/tests/ncrypt.c +++ b/dlls/ncrypt/tests/ncrypt.c @@ -428,7 +428,6 @@ static void test_verify_signature(void) sizeof(signature_pkcs1_sha256), NCRYPT_PAD_PKCS1_FLAG); ok(ret == ERROR_SUCCESS, "got %#lx\n", ret); - todo_wine { ret = NCryptVerifySignature(key, &padinfo, sha256_hash, sizeof(sha256_hash), invalid_signature, sizeof(invalid_signature), NCRYPT_PAD_PKCS1_FLAG); ok(ret == NTE_BAD_SIGNATURE, "got %#lx\n", ret); @@ -447,7 +446,7 @@ static void test_verify_signature(void) ret = NCryptVerifySignature(key, &padinfo, sha256_hash, 4, signature_pkcs1_sha256, sizeof(signature_pkcs1_sha256), NCRYPT_PAD_PKCS1_FLAG); - ok(ret == NTE_INVALID_PARAMETER, "got %#lx\n", ret); + todo_wine ok(ret == NTE_INVALID_PARAMETER, "got %#lx\n", ret); ret = NCryptVerifySignature(key, &padinfo, sha256_hash, sizeof(sha256_hash), NULL, sizeof(signature_pkcs1_sha256), NCRYPT_PAD_PKCS1_FLAG); @@ -455,13 +454,12 @@ static void test_verify_signature(void) ret = NCryptVerifySignature(key, &padinfo, sha256_hash, sizeof(sha256_hash), signature_pkcs1_sha256, 4, NCRYPT_PAD_PKCS1_FLAG); - ok(ret == NTE_INVALID_PARAMETER, "got %#lx\n", ret); + todo_wine ok(ret == NTE_INVALID_PARAMETER, "got %#lx\n", ret); invalid_padinfo.pszAlgId = BCRYPT_MD5_ALGORITHM; ret = NCryptVerifySignature(key, &invalid_padinfo, sha256_hash, sizeof(sha256_hash), signature_pkcs1_sha256, sizeof(signature_pkcs1_sha256), NCRYPT_PAD_PKCS1_FLAG); - ok(ret == NTE_INVALID_PARAMETER, "got %#lx\n", ret); - } + todo_wine ok(ret == NTE_INVALID_PARAMETER, "got %#lx\n", ret); NCryptFreeObject(key); NCryptFreeObject(prov);