ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

rsaenh: Test and correct the maximum allowable salt length.

This commit is contained in:
Juan Lang 2008-07-28 20:15:37 -07:00 committed by Alexandre Julliard
parent 469e4a5c94
commit 408f3d96c5
2 changed files with 33 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
dlls/rsaenh/rsaenh.c
View File

@ -2826,10 +2826,10 @@ BOOL WINAPI RSAENH_CPSetKeyParam(HCRYPTPROV hProv, HCRYPTKEY hKey, DWORD dwParam
{ {
CRYPT_INTEGER_BLOB *blob = (CRYPT_INTEGER_BLOB *)pbData; CRYPT_INTEGER_BLOB *blob = (CRYPT_INTEGER_BLOB *)pbData;
/* salt length can't be greater than 128 bits = 16 bytes */ /* salt length can't be greater than 184 bits = 24 bytes */
if (blob->cbData > 16) if (blob->cbData > 24)
{ {
SetLastError(ERROR_INVALID_PARAMETER); SetLastError(NTE_BAD_DATA);
return FALSE; return FALSE;
} }
memcpy(pCryptKey->abKeyValue + pCryptKey->dwKeyLen, blob->pbData, memcpy(pCryptKey->abKeyValue + pCryptKey->dwKeyLen, blob->pbData,

30
dlls/rsaenh/tests/rsaenh.c
View File

@ -749,6 +749,8 @@ static void test_rc2(void)
if (!result) { if (!result) {
ok(GetLastError()==NTE_BAD_ALGID, "%08x\n", GetLastError()); ok(GetLastError()==NTE_BAD_ALGID, "%08x\n", GetLastError());
} else { } else {
CRYPT_INTEGER_BLOB salt;
result = CryptHashData(hHash, (BYTE*)pbData, sizeof(pbData), 0); result = CryptHashData(hHash, (BYTE*)pbData, sizeof(pbData), 0);
ok(result, "%08x\n", GetLastError()); ok(result, "%08x\n", GetLastError());
@ -812,6 +814,19 @@ static void test_rc2(void)
result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwDataLen); result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwDataLen);
ok(result, "%08x\n", GetLastError()); ok(result, "%08x\n", GetLastError());
/* What sizes salt can I set? */
salt.pbData = pbData;
for (i=0; i<24; i++)
{
salt.cbData = i;
result = CryptSetKeyParam(hKey, KP_SALT_EX, (BYTE *)&salt, 0);
ok(result, "setting salt failed for size %d: %08x\n", i, GetLastError());
}
salt.cbData = 25;
SetLastError(0xdeadbeef);
result = CryptSetKeyParam(hKey, KP_SALT_EX, (BYTE *)&salt, 0);
ok(!result && GetLastError() == NTE_BAD_DATA, "%08x\n", GetLastError());
result = CryptDestroyKey(hKey); result = CryptDestroyKey(hKey);
ok(result, "%08x\n", GetLastError()); ok(result, "%08x\n", GetLastError());
} }
@ -901,6 +916,8 @@ static void test_rc4(void)
/* rsaenh compiled without OpenSSL */ /* rsaenh compiled without OpenSSL */
ok(GetLastError() == NTE_BAD_ALGID, "%08x\n", GetLastError()); ok(GetLastError() == NTE_BAD_ALGID, "%08x\n", GetLastError());
} else { } else {
CRYPT_INTEGER_BLOB salt;
result = CryptHashData(hHash, (BYTE*)pbData, sizeof(pbData), 0); result = CryptHashData(hHash, (BYTE*)pbData, sizeof(pbData), 0);
ok(result, "%08x\n", GetLastError()); ok(result, "%08x\n", GetLastError());
@ -949,6 +966,19 @@ static void test_rc4(void)
result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwDataLen); result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwDataLen);
ok(result, "%08x\n", GetLastError()); ok(result, "%08x\n", GetLastError());
/* What sizes salt can I set? */
salt.pbData = pbData;
for (i=0; i<24; i++)
{
salt.cbData = i;
result = CryptSetKeyParam(hKey, KP_SALT_EX, (BYTE *)&salt, 0);
ok(result, "setting salt failed for size %d: %08x\n", i, GetLastError());
}
salt.cbData = 25;
SetLastError(0xdeadbeef);
result = CryptSetKeyParam(hKey, KP_SALT_EX, (BYTE *)&salt, 0);
ok(!result && GetLastError() == NTE_BAD_DATA, "%08x\n", GetLastError());
result = CryptDestroyKey(hKey); result = CryptDestroyKey(hKey);
ok(result, "%08x\n", GetLastError()); ok(result, "%08x\n", GetLastError());
} }