diff --git a/dlls/crypt32/tests/msg.c b/dlls/crypt32/tests/msg.c index d2d94888b97..250ac9f9986 100644 --- a/dlls/crypt32/tests/msg.c +++ b/dlls/crypt32/tests/msg.c @@ -1061,9 +1061,125 @@ static void test_signed_msg_open(void) PROV_RSA_FULL, CRYPT_DELETEKEYSET); } +static const BYTE privKey[] = { + 0x07, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x52, 0x53, 0x41, 0x32, 0x00, + 0x02, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x79, 0x10, 0x1c, 0xd0, 0x6b, 0x10, + 0x18, 0x30, 0x94, 0x61, 0xdc, 0x0e, 0xcb, 0x96, 0x4e, 0x21, 0x3f, 0x79, 0xcd, + 0xa9, 0x17, 0x62, 0xbc, 0xbb, 0x61, 0x4c, 0xe0, 0x75, 0x38, 0x6c, 0xf3, 0xde, + 0x60, 0x86, 0x03, 0x97, 0x65, 0xeb, 0x1e, 0x6b, 0xdb, 0x53, 0x85, 0xad, 0x68, + 0x21, 0xf1, 0x5d, 0xe7, 0x1f, 0xe6, 0x53, 0xb4, 0xbb, 0x59, 0x3e, 0x14, 0x27, + 0xb1, 0x83, 0xa7, 0x3a, 0x54, 0xe2, 0x8f, 0x65, 0x8e, 0x6a, 0x4a, 0xcf, 0x3b, + 0x1f, 0x65, 0xff, 0xfe, 0xf1, 0x31, 0x3a, 0x37, 0x7a, 0x8b, 0xcb, 0xc6, 0xd4, + 0x98, 0x50, 0x36, 0x67, 0xe4, 0xa1, 0xe8, 0x7e, 0x8a, 0xc5, 0x23, 0xf2, 0x77, + 0xf5, 0x37, 0x61, 0x49, 0x72, 0x59, 0xe8, 0x3d, 0xf7, 0x60, 0xb2, 0x77, 0xca, + 0x78, 0x54, 0x6d, 0x65, 0x9e, 0x03, 0x97, 0x1b, 0x61, 0xbd, 0x0c, 0xd8, 0x06, + 0x63, 0xe2, 0xc5, 0x48, 0xef, 0xb3, 0xe2, 0x6e, 0x98, 0x7d, 0xbd, 0x4e, 0x72, + 0x91, 0xdb, 0x31, 0x57, 0xe3, 0x65, 0x3a, 0x49, 0xca, 0xec, 0xd2, 0x02, 0x4e, + 0x22, 0x7e, 0x72, 0x8e, 0xf9, 0x79, 0x84, 0x82, 0xdf, 0x7b, 0x92, 0x2d, 0xaf, + 0xc9, 0xe4, 0x33, 0xef, 0x89, 0x5c, 0x66, 0x99, 0xd8, 0x80, 0x81, 0x47, 0x2b, + 0xb1, 0x66, 0x02, 0x84, 0x59, 0x7b, 0xc3, 0xbe, 0x98, 0x45, 0x4a, 0x3d, 0xdd, + 0xea, 0x2b, 0xdf, 0x4e, 0xb4, 0x24, 0x6b, 0xec, 0xe7, 0xd9, 0x0c, 0x45, 0xb8, + 0xbe, 0xca, 0x69, 0x37, 0x92, 0x4c, 0x38, 0x6b, 0x96, 0x6d, 0xcd, 0x86, 0x67, + 0x5c, 0xea, 0x54, 0x94, 0xa4, 0xca, 0xa4, 0x02, 0xa5, 0x21, 0x4d, 0xae, 0x40, + 0x8f, 0x9d, 0x51, 0x83, 0xf2, 0x3f, 0x33, 0xc1, 0x72, 0xb4, 0x1d, 0x94, 0x6e, + 0x7d, 0xe4, 0x27, 0x3f, 0xea, 0xff, 0xe5, 0x9b, 0xa7, 0x5e, 0x55, 0x8e, 0x0d, + 0x69, 0x1c, 0x7a, 0xff, 0x81, 0x9d, 0x53, 0x52, 0x97, 0x9a, 0x76, 0x79, 0xda, + 0x93, 0x32, 0x16, 0xec, 0x69, 0x51, 0x1a, 0x4e, 0xc3, 0xf1, 0x72, 0x80, 0x78, + 0x5e, 0x66, 0x4a, 0x8d, 0x85, 0x2f, 0x3f, 0xb2, 0xa7 }; + +static void test_signed_msg_update(void) +{ + HCRYPTMSG msg; + BOOL ret; + CMSG_SIGNED_ENCODE_INFO signInfo = { sizeof(signInfo), 0 }; + CMSG_SIGNER_ENCODE_INFO signer = { sizeof(signer), 0 }; + CERT_INFO certInfo = { 0 }; + HCRYPTKEY key; + char oid_rsa_md5[] = szOID_RSA_MD5; + + certInfo.SerialNumber.cbData = sizeof(serialNum); + certInfo.SerialNumber.pbData = serialNum; + certInfo.Issuer.cbData = sizeof(encodedCommonName); + certInfo.Issuer.pbData = encodedCommonName; + signer.pCertInfo = &certInfo; + signer.HashAlgorithm.pszObjId = oid_rsa_md5; + signInfo.cSigners = 1; + signInfo.rgSigners = &signer; + ret = CryptAcquireContextW(&signer.hCryptProv, cspNameW, NULL, + PROV_RSA_FULL, CRYPT_NEWKEYSET); + if (!ret && GetLastError() == NTE_EXISTS) + ret = CryptAcquireContextW(&signer.hCryptProv, cspNameW, NULL, + PROV_RSA_FULL, 0); + ok(ret, "CryptAcquireContextW failed: %x\n", GetLastError()); + msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, + CMSG_DETACHED_FLAG, CMSG_SIGNED, &signInfo, NULL, NULL); + ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError()); + /* CMSG_SIGNED allows non-final updates. */ + ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE); + todo_wine + ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError()); + /* CMSG_SIGNED also allows non-final updates with no data. */ + ret = CryptMsgUpdate(msg, NULL, 0, FALSE); + todo_wine + ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError()); + /* The final update requires a private key in the hCryptProv, in order to + * generate the signature. + */ + SetLastError(0xdeadbeef); + ret = CryptMsgUpdate(msg, NULL, 0, TRUE); + todo_wine + ok(!ret && GetLastError() == NTE_BAD_KEYSET, + "Expected NTE_BAD_KEYSET, got %x\n", GetLastError()); + ret = CryptImportKey(signer.hCryptProv, (LPBYTE)privKey, sizeof(privKey), + 0, 0, &key); + ok(ret, "CryptImportKey failed: %08x\n", GetLastError()); + /* The final update should be able to succeed now that a key exists, but + * the previous (invalid) final update prevents it. + */ + SetLastError(0xdeadbeef); + ret = CryptMsgUpdate(msg, NULL, 0, TRUE); + ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR, + "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError()); + CryptMsgClose(msg); + + msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, + CMSG_DETACHED_FLAG, CMSG_SIGNED, &signInfo, NULL, NULL); + ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError()); + /* CMSG_SIGNED allows non-final updates. */ + ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE); + todo_wine + ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError()); + /* CMSG_SIGNED also allows non-final updates with no data. */ + ret = CryptMsgUpdate(msg, NULL, 0, FALSE); + todo_wine + ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError()); + /* Now that the private key exists, the final update can succeed (even + * with no data.) + */ + ret = CryptMsgUpdate(msg, NULL, 0, TRUE); + todo_wine + ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError()); + /* But no updates are allowed after the final update. */ + SetLastError(0xdeadbeef); + ret = CryptMsgUpdate(msg, NULL, 0, FALSE); + ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR, + "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError()); + SetLastError(0xdeadbeef); + ret = CryptMsgUpdate(msg, NULL, 0, TRUE); + ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR, + "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError()); + CryptMsgClose(msg); + + CryptDestroyKey(key); + CryptReleaseContext(signer.hCryptProv, 0); + CryptAcquireContextW(&signer.hCryptProv, cspNameW, NULL, PROV_RSA_FULL, + CRYPT_DELETEKEYSET); +} + static void test_signed_msg(void) { test_signed_msg_open(); + test_signed_msg_update(); } static CRYPT_DATA_BLOB b4 = { 0, NULL };