rsaenh: Test and correct the maximum allowable salt length.

2008-07-28 20:15:37 -07:00 · 2008-07-28 20:15:37 -07:00 · 408f3d96c5
parent 469e4a5c94
commit 408f3d96c5
2 changed files with 33 additions and 3 deletions
--- a/dlls/rsaenh/rsaenh.c
+++ b/dlls/rsaenh/rsaenh.c
@ -2826,10 +2826,10 @@ BOOL WINAPI RSAENH_CPSetKeyParam(HCRYPTPROV hProv, HCRYPTKEY hKey, DWORD dwParam
        {
            CRYPT_INTEGER_BLOB *blob = (CRYPT_INTEGER_BLOB *)pbData;

-            /* salt length can't be greater than 128 bits = 16 bytes */
-            if (blob->cbData > 16)
+            /* salt length can't be greater than 184 bits = 24 bytes */
+            if (blob->cbData > 24)
            {
-                SetLastError(ERROR_INVALID_PARAMETER);
+                SetLastError(NTE_BAD_DATA);
                return FALSE;
            }
            memcpy(pCryptKey->abKeyValue + pCryptKey->dwKeyLen, blob->pbData,
--- a/dlls/rsaenh/tests/rsaenh.c
+++ b/dlls/rsaenh/tests/rsaenh.c
@ -749,6 +749,8 @@ static void test_rc2(void)
    if (!result) {
        ok(GetLastError()==NTE_BAD_ALGID, "%08x\n", GetLastError());
    } else {
+        CRYPT_INTEGER_BLOB salt;
+
        result = CryptHashData(hHash, (BYTE*)pbData, sizeof(pbData), 0);
        ok(result, "%08x\n", GetLastError());

@ -812,6 +814,19 @@ static void test_rc2(void)
        result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwDataLen);
        ok(result, "%08x\n", GetLastError());

+        /* What sizes salt can I set? */
+        salt.pbData = pbData;
+        for (i=0; i<24; i++)
+        {
+            salt.cbData = i;
+            result = CryptSetKeyParam(hKey, KP_SALT_EX, (BYTE *)&salt, 0);
+            ok(result, "setting salt failed for size %d: %08x\n", i, GetLastError());
+        }
+        salt.cbData = 25;
+        SetLastError(0xdeadbeef);
+        result = CryptSetKeyParam(hKey, KP_SALT_EX, (BYTE *)&salt, 0);
+        ok(!result && GetLastError() == NTE_BAD_DATA, "%08x\n", GetLastError());
+
        result = CryptDestroyKey(hKey);
        ok(result, "%08x\n", GetLastError());
    }
@ -901,6 +916,8 @@ static void test_rc4(void)
        /* rsaenh compiled without OpenSSL */
        ok(GetLastError() == NTE_BAD_ALGID, "%08x\n", GetLastError());
    } else {
+        CRYPT_INTEGER_BLOB salt;
+
        result = CryptHashData(hHash, (BYTE*)pbData, sizeof(pbData), 0);
           ok(result, "%08x\n", GetLastError());

@ -949,6 +966,19 @@ static void test_rc4(void)
        result = CryptDecrypt(hKey, (HCRYPTHASH)NULL, TRUE, 0, pbData, &dwDataLen);
        ok(result, "%08x\n", GetLastError());

+        /* What sizes salt can I set? */
+        salt.pbData = pbData;
+        for (i=0; i<24; i++)
+        {
+            salt.cbData = i;
+            result = CryptSetKeyParam(hKey, KP_SALT_EX, (BYTE *)&salt, 0);
+            ok(result, "setting salt failed for size %d: %08x\n", i, GetLastError());
+        }
+        salt.cbData = 25;
+        SetLastError(0xdeadbeef);
+        result = CryptSetKeyParam(hKey, KP_SALT_EX, (BYTE *)&salt, 0);
+        ok(!result && GetLastError() == NTE_BAD_DATA, "%08x\n", GetLastError());
+
        result = CryptDestroyKey(hKey);
        ok(result, "%08x\n", GetLastError());
    }