ReceiveTempSMS/Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

rsaenh: Disallow creating schannel master hashes before setting the client random and server random.

Browse Source
This commit is contained in:
Juan Lang 2011-02-10 09:40:14 -08:00 committed by Alexandre Julliard
parent b0ae8ca7c7
commit ea43c5989c
2 changed files with 7 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
dlls/rsaenh/rsaenh.c
View File

@ -1857,6 +1857,13 @@ BOOL WINAPI RSAENH_CPCreateHash(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey,
SetLastError(NTE_BAD_KEY); SetLastError(NTE_BAD_KEY);
return FALSE; return FALSE;
} }
if (Algid == CALG_SCHANNEL_MASTER_HASH &&
((!pCryptKey->siSChannelInfo.blobClientRandom.cbData) ||
(!pCryptKey->siSChannelInfo.blobServerRandom.cbData)))
{
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
if ((Algid == CALG_TLS1PRF) && (pCryptKey->dwState != RSAENH_KEYSTATE_MASTERKEY)) { if ((Algid == CALG_TLS1PRF) && (pCryptKey->dwState != RSAENH_KEYSTATE_MASTERKEY)) {
SetLastError(NTE_BAD_KEY_STATE); SetLastError(NTE_BAD_KEY_STATE);

14
dlls/rsaenh/tests/rsaenh.c
View File

@ -2346,22 +2346,8 @@ static void test_schannel_provider(void)
* random or server random set. * random or server random set.
*/ */
result = CryptCreateHash(hProv, CALG_SCHANNEL_MASTER_HASH, hMasterSecret, 0, &hMasterHash); result = CryptCreateHash(hProv, CALG_SCHANNEL_MASTER_HASH, hMasterSecret, 0, &hMasterHash);
todo_wine
ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, ok (!result && GetLastError() == ERROR_INVALID_PARAMETER,
"expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); "expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError());
if (result)
{
CryptDestroyHash(hMasterHash);
/* Reimporting the master secret is necessary under Wine until creating
* the hash fails as it should.
*/
CryptDestroyKey(hMasterSecret);
dwLen = (DWORD)sizeof(abTLS1Master);
result = CryptImportKey(hProv, abTLS1Master, dwLen, hRSAKey, 0, &hMasterSecret);
ok (result, "%08x\n", GetLastError());
if (!result) return;
}
/* Setting the TLS1 client and server random parameters, as well as the /* Setting the TLS1 client and server random parameters, as well as the
* MAC and encryption algorithm parameters. */ * MAC and encryption algorithm parameters. */