secur32: Test and fix DecryptMessage for multiple data buffers.

This commit is contained in:
Kai Blin 2006-11-04 12:30:30 +01:00 committed by Alexandre Julliard
parent d3a1737dac
commit 3af72bec1e
2 changed files with 52 additions and 11 deletions

View File

@ -1308,6 +1308,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext,
ULONG fQOP = 0; ULONG fQOP = 0;
UINT i; UINT i;
int token_idx = -1; int token_idx = -1;
SECURITY_STATUS ret;
TRACE("%p %p %d %p\n", phContext, pMessage, MessageSeqNo, pfQOP); TRACE("%p %p %d %p\n", phContext, pMessage, MessageSeqNo, pfQOP);
if(!phContext) if(!phContext)
@ -1345,26 +1346,42 @@ static SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext,
if(helper->neg_flags & NTLMSSP_NEGOTIATE_SIGN) if(helper->neg_flags & NTLMSSP_NEGOTIATE_SIGN)
{ {
SecBufferDesc local_desc; SecBufferDesc local_desc;
SecBuffer local_buff[2]; PSecBuffer local_buff;
BYTE local_sig[16]; BYTE local_sig[16];
local_buff = HeapAlloc(GetProcessHeap(), 0, pMessage->cBuffers * sizeof(SecBuffer));
local_desc.ulVersion = SECBUFFER_VERSION; local_desc.ulVersion = SECBUFFER_VERSION;
local_desc.cBuffers = 2; local_desc.cBuffers = pMessage->cBuffers;
local_desc.pBuffers = local_buff; local_desc.pBuffers = local_buff;
local_buff[0].BufferType = SECBUFFER_TOKEN;
local_buff[0].cbBuffer = 16; for(i=0; i < pMessage->cBuffers; ++i)
local_buff[0].pvBuffer = local_sig; {
local_buff[1].BufferType = SECBUFFER_DATA; if(pMessage->pBuffers[i].BufferType == SECBUFFER_TOKEN)
local_buff[1].cbBuffer = pMessage->pBuffers[1].cbBuffer; {
local_buff[1].pvBuffer = pMessage->pBuffers[1].pvBuffer; local_buff[i].BufferType = SECBUFFER_TOKEN;
local_buff[i].cbBuffer = 16;
local_buff[i].pvBuffer = local_sig;
}
else
{
local_buff[i].BufferType = pMessage->pBuffers[i].BufferType;
local_buff[i].cbBuffer = pMessage->pBuffers[i].cbBuffer;
local_buff[i].pvBuffer = pMessage->pBuffers[i].pvBuffer;
}
}
ntlm_MakeSignature(phContext, fQOP, &local_desc, MessageSeqNo); ntlm_MakeSignature(phContext, fQOP, &local_desc, MessageSeqNo);
if(memcmp(((PBYTE)local_buff[0].pvBuffer) + 8, if(memcmp(((PBYTE)local_buff[token_idx].pvBuffer) + 8,
((PBYTE)pMessage->pBuffers[token_idx].pvBuffer) + 8, 8)) ((PBYTE)pMessage->pBuffers[token_idx].pvBuffer) + 8, 8))
return SEC_E_MESSAGE_ALTERED; ret = SEC_E_MESSAGE_ALTERED;
else
ret = SEC_E_OK;
return SEC_E_OK; HeapFree(GetProcessHeap(), 0, local_buff);
return ret;
} }
if(helper->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCHANGE) if(helper->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCHANGE)

View File

@ -137,6 +137,14 @@ static BYTE crypt_message_server[] =
{0xf6, 0xb7, 0x92, 0x0c, 0xac, 0xea, 0x98, 0xe6, 0xef, 0xa0, {0xf6, 0xb7, 0x92, 0x0c, 0xac, 0xea, 0x98, 0xe6, 0xef, 0xa0,
0x29, 0x66, 0xfd}; 0x29, 0x66, 0xfd};
static BYTE crypt_trailer_server2[] =
{0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xb1, 0x4e,
0x46, 0xb7, 0xca, 0xf7, 0x7f, 0xb3};
static BYTE crypt_message_server2[] =
{0xc8, 0xf2, 0x39, 0x7f, 0x0c, 0xaf, 0xf5, 0x5d, 0xef, 0x0c,
0x8b, 0x5f, 0x82};
static void InitFunctionPtrs(void) static void InitFunctionPtrs(void)
{ {
secdll = LoadLibraryA("secur32.dll"); secdll = LoadLibraryA("secur32.dll");
@ -846,6 +854,12 @@ static void testSignSeal()
ok(!memcmp(crypt.pBuffers[3].pvBuffer, message_signature, ok(!memcmp(crypt.pBuffers[3].pvBuffer, message_signature,
crypt.pBuffers[3].cbBuffer), "Signature is not as expected.\n"); crypt.pBuffers[3].cbBuffer), "Signature is not as expected.\n");
/* Being a dummy signature, it will verify right away, as if the server
* sent it */
sec_status = pVerifySignature(client.ctxt, &crypt, 0, &qop);
ok(sec_status == SEC_E_OK, "VerifySignature returned %s, not SEC_E_OK\n",
getSecError(sec_status));
sec_status = pEncryptMessage(client.ctxt, 0, &crypt, 0); sec_status = pEncryptMessage(client.ctxt, 0, &crypt, 0);
ok(sec_status == SEC_E_OK, "EncryptMessage returned %s, not SEC_E_OK.\n", ok(sec_status == SEC_E_OK, "EncryptMessage returned %s, not SEC_E_OK.\n",
getSecError(sec_status)); getSecError(sec_status));
@ -856,6 +870,14 @@ static void testSignSeal()
ok(!memcmp(crypt.pBuffers[1].pvBuffer, crypt_message_client2, ok(!memcmp(crypt.pBuffers[1].pvBuffer, crypt_message_client2,
crypt.pBuffers[1].cbBuffer), "Crypt message not as expected.\n"); crypt.pBuffers[1].cbBuffer), "Crypt message not as expected.\n");
memcpy(complex_data[1].pvBuffer, crypt_message_server2, complex_data[1].cbBuffer);
memcpy(complex_data[3].pvBuffer, crypt_trailer_server2, complex_data[3].cbBuffer);
sec_status = pDecryptMessage(client.ctxt, &crypt, 0, &qop);
ok(sec_status == SEC_E_OK, "DecryptMessage returned %s, not SEC_E_OK.\n",
getSecError(sec_status));
end: end:
cleanupBuffers(&client); cleanupBuffers(&client);
cleanupBuffers(&server); cleanupBuffers(&server);
@ -867,6 +889,8 @@ end:
HeapFree(GetProcessHeap(), 0, fake_data[1].pvBuffer); HeapFree(GetProcessHeap(), 0, fake_data[1].pvBuffer);
HeapFree(GetProcessHeap(), 0, data[0].pvBuffer); HeapFree(GetProcessHeap(), 0, data[0].pvBuffer);
HeapFree(GetProcessHeap(), 0, data[1].pvBuffer); HeapFree(GetProcessHeap(), 0, data[1].pvBuffer);
HeapFree(GetProcessHeap(), 0, complex_data[1].pvBuffer);
HeapFree(GetProcessHeap(), 0, complex_data[3].pvBuffer);
} }
else else
{ {